diff --git a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
index d54ea4c83bca..0f0509b4e609 100644
--- a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
+++ b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
@@ -235,6 +235,23 @@
removed due to it being an outdated version.
+
+
+ The DHCP server (services.dhcpd4,
+ services.dhcpd6) has been hardened. The
+ service is now using the systemd’s
+ DynamicUser mechanism to run as an
+ unprivileged dynamically-allocated user with limited
+ capabilities. The dhcpd state files are now always stored in
+ /var/lib/dhcpd{4,6} and the
+ services.dhcpd4.stateDir and
+ service.dhcpd6.stateDir options have been
+ removed. If you were depending on root privileges or
+ set{uid,gid,cap} binaries in dhcpd shell hooks, you may give
+ dhcpd more capabilities with e.g.
+ systemd.services.dhcpd6.serviceConfig.AmbientCapabilities.
+
+
The mailpile email webclient
@@ -435,6 +452,20 @@
directly.
+
+
+ The existing pkgs.opentelemetry-collector
+ has been moved to
+ pkgs.opentelemetry-collector-contrib to
+ match the actual source being the contrib
+ edition. pkgs.opentelemetry-collector is
+ now the actual core release of opentelemetry-collector. If you
+ use the community contributions you should change the package
+ you refer to. If you don’t need them update your commands from
+ otelcontribcol to
+ otelcorecol and enjoy a 7x smaller binary.
+
+
pkgs.noto-fonts-cjk is now deprecated in
diff --git a/nixos/doc/manual/release-notes/rl-2205.section.md b/nixos/doc/manual/release-notes/rl-2205.section.md
index 0f2ad10ac9ac..748837d1d9a0 100644
--- a/nixos/doc/manual/release-notes/rl-2205.section.md
+++ b/nixos/doc/manual/release-notes/rl-2205.section.md
@@ -81,6 +81,11 @@ In addition to numerous new and upgraded packages, this release has the followin
- `services.kubernetes.addons.dashboard` was removed due to it being an outdated version.
+- The DHCP server (`services.dhcpd4`, `services.dhcpd6`) has been hardened.
+ The service is now using the systemd's `DynamicUser` mechanism to run as an unprivileged dynamically-allocated user with limited capabilities.
+ The dhcpd state files are now always stored in `/var/lib/dhcpd{4,6}` and the `services.dhcpd4.stateDir` and `service.dhcpd6.stateDir` options have been removed.
+ If you were depending on root privileges or set{uid,gid,cap} binaries in dhcpd shell hooks, you may give dhcpd more capabilities with e.g. `systemd.services.dhcpd6.serviceConfig.AmbientCapabilities`.
+
- The `mailpile` email webclient (`services.mailpile`) has been removed due to its reliance on python2.
- The MoinMoin wiki engine (`services.moinmoin`) has been removed, because Python 2 is being retired from nixpkgs.
@@ -133,11 +138,20 @@ In addition to numerous new and upgraded packages, this release has the followin
- MultiMC has been replaced with the fork PolyMC due to upstream developers being hostile to 3rd party package maintainers. PolyMC removes all MultiMC branding and is aimed at providing proper 3rd party packages like the one contained in Nixpkgs. This change affects the data folder where game instances and other save and configuration files are stored. Users with existing installations should rename `~/.local/share/multimc` to `~/.local/share/polymc`. The main config file's path has also moved from `~/.local/share/multimc/multimc.cfg` to `~/.local/share/polymc/polymc.cfg`.
+
- The terraform 0.12 compatibility has been removed and the `terraform.withPlugins` and `terraform-providers.mkProvider` implementations simplified. Providers now need to be stored under
`$out/libexec/terraform-providers/////_/terraform-provider-_v` (which mkProvider does).
This breaks back-compat so it's not possible to mix-and-match with previous versions of nixpkgs. In exchange, it now becomes possible to use the providers from [nixpkgs-terraform-providers-bin](https://github.com/numtide/nixpkgs-terraform-providers-bin) directly.
+- The existing `pkgs.opentelemetry-collector` has been moved to
+ `pkgs.opentelemetry-collector-contrib` to match the actual source being the
+ "contrib" edition. `pkgs.opentelemetry-collector` is now the actual core
+ release of opentelemetry-collector. If you use the community contributions
+ you should change the package you refer to. If you don't need them update your
+ commands from `otelcontribcol` to `otelcorecol` and enjoy a 7x smaller binary.
+
+
- `pkgs.noto-fonts-cjk` is now deprecated in favor of `pkgs.noto-fonts-cjk-sans`
and `pkgs.noto-fonts-cjk-serif` because they each have different release
schedules. To maintain compatibility with prior releases of Nixpkgs,
diff --git a/nixos/modules/hardware/all-firmware.nix b/nixos/modules/hardware/all-firmware.nix
index 24d5b7bc2b29..99bdb11b0112 100644
--- a/nixos/modules/hardware/all-firmware.nix
+++ b/nixos/modules/hardware/all-firmware.nix
@@ -57,7 +57,6 @@ in {
rtl8723bs-firmware
rtl8761b-firmware
rtw88-firmware
- rtw89-firmware
zd1211fw
alsa-firmware
sof-firmware
@@ -65,6 +64,8 @@ in {
] ++ optional (pkgs.stdenv.hostPlatform.isAarch32 || pkgs.stdenv.hostPlatform.isAarch64) raspberrypiWirelessFirmware
++ optionals (versionOlder config.boot.kernelPackages.kernel.version "4.13") [
rtl8723bs-firmware
+ ] ++ optionals (versionOlder config.boot.kernelPackages.kernel.version "5.16") [
+ rtw89-firmware
];
hardware.wirelessRegulatoryDatabase = true;
})
diff --git a/nixos/modules/services/networking/dhcpd.nix b/nixos/modules/services/networking/dhcpd.nix
index 54e4f9002859..3c4c0069dfd0 100644
--- a/nixos/modules/services/networking/dhcpd.nix
+++ b/nixos/modules/services/networking/dhcpd.nix
@@ -28,38 +28,45 @@ let
}
'';
- dhcpdService = postfix: cfg: optionalAttrs cfg.enable {
- "dhcpd${postfix}" = {
- description = "DHCPv${postfix} server";
- wantedBy = [ "multi-user.target" ];
- after = [ "network.target" ];
+ dhcpdService = postfix: cfg:
+ let
+ configFile =
+ if cfg.configFile != null
+ then cfg.configFile
+ else writeConfig cfg;
+ leaseFile = "/var/lib/dhcpd${postfix}/dhcpd.leases";
+ args = [
+ "@${pkgs.dhcp}/sbin/dhcpd" "dhcpd${postfix}" "-${postfix}"
+ "-pf" "/run/dhcpd${postfix}/dhcpd.pid"
+ "-cf" configFile
+ "-lf" leaseFile
+ ] ++ cfg.extraFlags
+ ++ cfg.interfaces;
+ in
+ optionalAttrs cfg.enable {
+ "dhcpd${postfix}" = {
+ description = "DHCPv${postfix} server";
+ wantedBy = [ "multi-user.target" ];
+ after = [ "network.target" ];
- preStart = ''
- mkdir -m 755 -p ${cfg.stateDir}
- chown dhcpd:nogroup ${cfg.stateDir}
- touch ${cfg.stateDir}/dhcpd.leases
- '';
-
- serviceConfig =
- let
- configFile = if cfg.configFile != null then cfg.configFile else writeConfig cfg;
- args = [ "@${pkgs.dhcp}/sbin/dhcpd" "dhcpd${postfix}" "-${postfix}"
- "-pf" "/run/dhcpd${postfix}/dhcpd.pid"
- "-cf" "${configFile}"
- "-lf" "${cfg.stateDir}/dhcpd.leases"
- "-user" "dhcpd" "-group" "nogroup"
- ] ++ cfg.extraFlags
- ++ cfg.interfaces;
-
- in {
- ExecStart = concatMapStringsSep " " escapeShellArg args;
- Type = "forking";
- Restart = "always";
- RuntimeDirectory = [ "dhcpd${postfix}" ];
- PIDFile = "/run/dhcpd${postfix}/dhcpd.pid";
+ preStart = "touch ${leaseFile}";
+ serviceConfig = {
+ ExecStart = concatMapStringsSep " " escapeShellArg args;
+ Type = "forking";
+ Restart = "always";
+ DynamicUser = true;
+ User = "dhcpd";
+ Group = "dhcpd";
+ AmbientCapabilities = [
+ "CAP_NET_RAW" # to send ICMP messages
+ "CAP_NET_BIND_SERVICE" # to bind on DHCP port (67)
+ ];
+ StateDirectory = "dhcpd${postfix}";
+ RuntimeDirectory = "dhcpd${postfix}";
+ PIDFile = "/run/dhcpd${postfix}/dhcpd.pid";
+ };
};
- };
- };
+ };
machineOpts = { ... }: {
@@ -102,15 +109,6 @@ let
'';
};
- stateDir = mkOption {
- type = types.path;
- # We use /var/lib/dhcp for DHCPv4 to save backwards compatibility.
- default = "/var/lib/dhcp${if postfix == "4" then "" else postfix}";
- description = ''
- State directory for the DHCP server.
- '';
- };
-
extraConfig = mkOption {
type = types.lines;
default = "";
@@ -194,7 +192,13 @@ in
imports = [
(mkRenamedOptionModule [ "services" "dhcpd" ] [ "services" "dhcpd4" ])
- ];
+ ] ++ flip map [ "4" "6" ] (postfix:
+ mkRemovedOptionModule [ "services" "dhcpd${postfix}" "stateDir" ] ''
+ The DHCP server state directory is now managed with the systemd's DynamicUser mechanism.
+ This means the directory is named after the service (dhcpd${postfix}), created under
+ /var/lib/private/ and symlinked to /var/lib/.
+ ''
+ );
###### interface
@@ -210,15 +214,6 @@ in
config = mkIf (cfg4.enable || cfg6.enable) {
- users = {
- users.dhcpd = {
- isSystemUser = true;
- group = "dhcpd";
- description = "DHCP daemon user";
- };
- groups.dhcpd = {};
- };
-
systemd.services = dhcpdService "4" cfg4 // dhcpdService "6" cfg6;
};
diff --git a/nixos/tests/systemd-networkd-ipv6-prefix-delegation.nix b/nixos/tests/systemd-networkd-ipv6-prefix-delegation.nix
index 68836c730729..37a89fc21e44 100644
--- a/nixos/tests/systemd-networkd-ipv6-prefix-delegation.nix
+++ b/nixos/tests/systemd-networkd-ipv6-prefix-delegation.nix
@@ -36,19 +36,10 @@ import ./make-test-python.nix ({pkgs, ...}: {
};
# Since we want to program the routes that we delegate to the "customer"
- # into our routing table we must have a way to gain the required privs.
- # This security wrapper will do in our test setup.
- #
- # DO NOT COPY THIS TO PRODUCTION AS IS. Think about it at least twice.
- # Everyone on the "isp" machine will be able to add routes to the kernel.
- security.wrappers.add-dhcpd-lease = {
- owner = "root";
- group = "root";
- source = pkgs.writeShellScript "add-dhcpd-lease" ''
- exec ${pkgs.iproute2}/bin/ip -6 route replace "$1" via "$2"
- '';
- capabilities = "cap_net_admin+ep";
- };
+ # into our routing table we must give dhcpd the required privs.
+ systemd.services.dhcpd6.serviceConfig.AmbientCapabilities =
+ [ "CAP_NET_ADMIN" ];
+
services = {
# Configure the DHCPv6 server
#
@@ -80,7 +71,7 @@ import ./make-test-python.nix ({pkgs, ...}: {
set Prefix = pick-first-value(binary-to-ascii(16, 16, ":", suffix(option dhcp6.ia-pd, 16)), "n/a");
set PrefixLength = pick-first-value(binary-to-ascii(10, 8, ":", substring(suffix(option dhcp6.ia-pd, 17), 0, 1)), "n/a");
log(concat(IP, " ", Prefix, " ", PrefixLength));
- execute("/run/wrappers/bin/add-dhcpd-lease", concat(Prefix,"/",PrefixLength), IP);
+ execute("${pkgs.iproute2}/bin/ip", "-6", "route", "replace", concat(Prefix,"/",PrefixLength), "via", IP);
}
'';
};
diff --git a/pkgs/applications/blockchains/erigon.nix b/pkgs/applications/blockchains/erigon.nix
index 41eb1b9ca5e7..56114ed72a83 100644
--- a/pkgs/applications/blockchains/erigon.nix
+++ b/pkgs/applications/blockchains/erigon.nix
@@ -11,7 +11,7 @@ buildGoModule rec {
sha256 = "0l0w1badhvlh1rgqzvlmy5k7xhb1nf4f5dmhkl935a5ila08aak3";
};
- vendorSha256 = "sha256-kA7pOSP4wkzKuFmUqhZmjXJ0ao64cIgZMrQtQ0bQ++U=";
+ vendorSha256 = "sha256-i8BaT9C39tmHU3GGgd0hUB1PHXnoAdNYRIqZA1ggbjQ=";
proxyVendor = true;
# Build errors in mdbx when format hardening is enabled:
diff --git a/pkgs/applications/misc/expenses/default.nix b/pkgs/applications/misc/expenses/default.nix
index 2c31f24b6b1b..e838bd3eda2a 100644
--- a/pkgs/applications/misc/expenses/default.nix
+++ b/pkgs/applications/misc/expenses/default.nix
@@ -16,7 +16,7 @@ buildGoModule rec {
sha256 = "sha256-sqsogF2swMvYZL7Kj+ealrB1AAgIe7ZXXDLRdHL6Q+0=";
};
- vendorSha256 = "sha256-Ac3f17Ws3Ne8Zo0vT+qlaMm/rhak9ua2jh5jlT6jF2Y=";
+ vendorSha256 = "sha256-rIcwZUOi6bdfiWZEsRF4kl1reNPPQNuBPHDOo7RQgYo=";
# package does not contain any tests as of v0.2.3
doCheck = false;
diff --git a/pkgs/applications/misc/mepo/default.nix b/pkgs/applications/misc/mepo/default.nix
index e65a5219ab7f..72e05d19bbda 100644
--- a/pkgs/applications/misc/mepo/default.nix
+++ b/pkgs/applications/misc/mepo/default.nix
@@ -5,32 +5,28 @@
, zig
, curl
, SDL2
+, SDL2_gfx
, SDL2_image
, SDL2_ttf
}:
stdenv.mkDerivation rec {
pname = "mepo";
- version = "0.2";
+ version = "0.3";
src = fetchFromSourcehut {
owner = "~mil";
repo = pname;
rev = version;
- hash = "sha256-ECq748GpjOjvchzAWlGA7H7HBvKNxY9d43+PTOWopiM=";
+ hash = "sha256-B7BOAFhiOTILUdzh49hTMrNNHZpCNRDLW2uekXyptqQ=";
};
nativeBuildInputs = [ pkg-config zig ];
- buildInputs = [ curl SDL2 SDL2_image SDL2_ttf ];
-
- buildPhase = ''
- runHook preBuild
+ buildInputs = [ curl SDL2 SDL2_gfx SDL2_image SDL2_ttf ];
+ preBuild = ''
export HOME=$TMPDIR
- zig build -Drelease-safe=true -Dcpu=baseline
-
- runHook postBuild
'';
doCheck = true;
@@ -45,8 +41,7 @@ stdenv.mkDerivation rec {
installPhase = ''
runHook preInstall
- install -Dm755 zig-out/bin/mepo -t $out/bin
- install -Dm755 scripts/mepo_* $out/bin
+ zig build -Drelease-safe=true -Dcpu=baseline --prefix $out install
runHook postInstall
'';
diff --git a/pkgs/applications/misc/remarkable/rmapi/default.nix b/pkgs/applications/misc/remarkable/rmapi/default.nix
index 6a4beec6a5ec..0c1d9cf20e9c 100644
--- a/pkgs/applications/misc/remarkable/rmapi/default.nix
+++ b/pkgs/applications/misc/remarkable/rmapi/default.nix
@@ -2,13 +2,13 @@
buildGoModule rec {
pname = "rmapi";
- version = "0.0.18";
+ version = "0.0.19";
src = fetchFromGitHub {
owner = "juruen";
repo = "rmapi";
rev = "v${version}";
- sha256 = "sha256-Yrq21eiyNem9P219FxuQMHpagKQDaNsASwi2REaDAgk=";
+ sha256 = "sha256-HXWE6688jhRQQEiZuPfuJStSQeueqoWwwa+PfneHprw=";
};
vendorSha256 = "sha256-gu+BU2tL/xZ7D6lZ1ueO/9IB9H3NNm4mloCZaGqZskU=";
diff --git a/pkgs/applications/version-management/git-and-tools/glab/default.nix b/pkgs/applications/version-management/git-and-tools/glab/default.nix
index 7cefd485d144..69e950867631 100644
--- a/pkgs/applications/version-management/git-and-tools/glab/default.nix
+++ b/pkgs/applications/version-management/git-and-tools/glab/default.nix
@@ -11,7 +11,7 @@ buildGoModule rec {
sha256 = "sha256-7w6cbeZYhmV0EXXcWlXFq2pQGGxc5Ok4bba0g3fcgmE=";
};
- vendorSha256 = "sha256-P7gHCyFafjWOYLEtK9Eh2S2KA0e2hzc1G/ZqVaEWWB0=";
+ vendorSha256 = "sha256-hGpJXCs5lZ6QQHr6LW1fCT+CVtOaUpYXJPchDPDdbaM=";
ldflags = [
"-X main.version=${version}"
diff --git a/pkgs/build-support/docker/default.nix b/pkgs/build-support/docker/default.nix
index 1b6c340f7f0c..5718cadd4ffa 100644
--- a/pkgs/build-support/docker/default.nix
+++ b/pkgs/build-support/docker/default.nix
@@ -827,6 +827,8 @@ rec {
# this on, but tooling may disable this to insert the store paths more
# efficiently via other means, such as bind mounting the host store.
includeStorePaths ? true
+ , # Passthru arguments for the underlying derivation.
+ passthru ? {}
,
}:
assert
@@ -987,7 +989,7 @@ rec {
result = runCommand "stream-${baseName}"
{
inherit (conf) imageName;
- passthru = {
+ passthru = passthru // {
inherit (conf) imageTag;
# Distinguish tarballs and exes at the Nix level so functions that
diff --git a/pkgs/desktops/gnome/games/tali/default.nix b/pkgs/desktops/gnome/games/tali/default.nix
index a940a6f2cd63..936fe62c259b 100644
--- a/pkgs/desktops/gnome/games/tali/default.nix
+++ b/pkgs/desktops/gnome/games/tali/default.nix
@@ -20,11 +20,11 @@
stdenv.mkDerivation rec {
pname = "tali";
- version = "40.4";
+ version = "40.5";
src = fetchurl {
url = "mirror://gnome/sources/tali/${lib.versions.major version}/${pname}-${version}.tar.xz";
- sha256 = "AsrMdvTuQjD2eqAK2hlOnFSPidJ6DnLyANi9U67nGhc=";
+ sha256 = "Y6CcVeRqGhl1a/XglXyvmUMA+tq9umvaYC5mjfzfcSI=";
};
nativeBuildInputs = [
diff --git a/pkgs/development/python-modules/afsapi/default.nix b/pkgs/development/python-modules/afsapi/default.nix
index b37c04a91779..4bc3532f5b57 100644
--- a/pkgs/development/python-modules/afsapi/default.nix
+++ b/pkgs/development/python-modules/afsapi/default.nix
@@ -11,7 +11,7 @@
buildPythonPackage rec {
pname = "afsapi";
- version = "0.2.1";
+ version = "0.2.2";
format = "setuptools";
disabled = pythonOlder "3.8";
@@ -20,7 +20,7 @@ buildPythonPackage rec {
owner = "wlcrs";
repo = "python-afsapi";
rev = version;
- hash = "sha256-LBK32CwiYEa+R5VhcpVzMYklPAgombxl05rM/KWRyIU=";
+ hash = "sha256-C4rxlkylWGsDsnMPuecrC2ELj1PvP6EelZ/kzTn4Brk=";
};
SETUPTOOLS_SCM_PRETEND_VERSION = version;
diff --git a/pkgs/development/python-modules/environs/default.nix b/pkgs/development/python-modules/environs/default.nix
index a0a4fb88e0cd..4a8987b16346 100644
--- a/pkgs/development/python-modules/environs/default.nix
+++ b/pkgs/development/python-modules/environs/default.nix
@@ -12,7 +12,7 @@
buildPythonPackage rec {
pname = "environs";
- version = "9.4.0";
+ version = "9.5.0";
format = "setuptools";
disabled = pythonOlder "3.6";
@@ -21,7 +21,7 @@ buildPythonPackage rec {
owner = "sloria";
repo = pname;
rev = version;
- sha256 = "sha256-LPD46kxzQ/oTC7XjJn/SXaLQgX613ZoCrJuaRng57Gw=";
+ sha256 = "sha256-hucApIn7ul7+MC2W811VTxZNO8Pqb6HDXz9VRcEdmIc=";
};
propagatedBuildInputs = [
diff --git a/pkgs/development/python-modules/exchangelib/default.nix b/pkgs/development/python-modules/exchangelib/default.nix
index 154742638b05..3550f1e17361 100644
--- a/pkgs/development/python-modules/exchangelib/default.nix
+++ b/pkgs/development/python-modules/exchangelib/default.nix
@@ -26,7 +26,7 @@
buildPythonPackage rec {
pname = "exchangelib";
- version = "4.7.1";
+ version = "4.7.2";
format = "setuptools";
disabled = pythonOlder "3.7";
@@ -35,7 +35,7 @@ buildPythonPackage rec {
owner = "ecederstrand";
repo = pname;
rev = "v${version}";
- sha256 = "1kwb5ixlmxg0xxm4wms5r4kym220vbncr9afi9qc25g8npkbs860";
+ sha256 = "sha256-fdYc+fJEePgCzAkUWz7pmL/CI/O9zm5G9xh1f4bhrH4=";
};
propagatedBuildInputs = [
diff --git a/pkgs/development/python-modules/lupupy/default.nix b/pkgs/development/python-modules/lupupy/default.nix
index 23ec7c33c205..ed31228dfdee 100644
--- a/pkgs/development/python-modules/lupupy/default.nix
+++ b/pkgs/development/python-modules/lupupy/default.nix
@@ -9,14 +9,14 @@
buildPythonPackage rec {
pname = "lupupy";
- version = "0.1.1";
+ version = "0.1.3";
format = "setuptools";
disabled = pythonOlder "3.6";
src = fetchPypi {
inherit pname version;
- sha256 = "sha256-bWBiM+u5wl9fWqL8k+R2IaYXSNnc4IxgWgUzyJVxkKk=";
+ sha256 = "sha256-oKc2x0T8KSSv9OB6U79QacBbvATDPecZFFKhFeBG39E=";
};
propagatedBuildInputs = [
diff --git a/pkgs/development/python-modules/md-toc/default.nix b/pkgs/development/python-modules/md-toc/default.nix
index 58670c49a90b..a37e82a62d34 100644
--- a/pkgs/development/python-modules/md-toc/default.nix
+++ b/pkgs/development/python-modules/md-toc/default.nix
@@ -8,7 +8,7 @@
buildPythonPackage rec {
pname = "md-toc";
- version = "8.1.0";
+ version = "8.1.1";
format = "setuptools";
disabled = pythonOlder "3.5";
@@ -17,7 +17,7 @@ buildPythonPackage rec {
owner = "frnmst";
repo = pname;
rev = version;
- sha256 = "sha256-FTvHPV/QIpKRF7wcZ6yuik4GzPrwyg4Oxc5/cdCs6Qo=";
+ sha256 = "sha256-Dlqia+B7WJZlFGlIhgUWdND1qhSS/FOPoFH+uim6i8I=";
};
propagatedBuildInputs = [
diff --git a/pkgs/development/python-modules/meross-iot/default.nix b/pkgs/development/python-modules/meross-iot/default.nix
index 6bc9635a66aa..064d8a8d203b 100644
--- a/pkgs/development/python-modules/meross-iot/default.nix
+++ b/pkgs/development/python-modules/meross-iot/default.nix
@@ -11,7 +11,7 @@
buildPythonPackage rec {
pname = "meross-iot";
- version = "0.4.4.3";
+ version = "0.4.4.4";
format = "setuptools";
disabled = pythonOlder "3.7";
@@ -20,7 +20,7 @@ buildPythonPackage rec {
owner = "albertogeniola";
repo = "MerossIot";
rev = version;
- sha256 = "sha256-qff8dB8q4NS7ZYQDIzD1dXOZL/UBGACSBuPDla1okA8=";
+ sha256 = "sha256-bazAhCsxr8UNV51UnaGbP7kTC6mcDNM7N78f0jy26ew=";
};
propagatedBuildInputs = [
diff --git a/pkgs/development/python-modules/meshtastic/default.nix b/pkgs/development/python-modules/meshtastic/default.nix
index 36656281675c..35ed3e06b729 100644
--- a/pkgs/development/python-modules/meshtastic/default.nix
+++ b/pkgs/development/python-modules/meshtastic/default.nix
@@ -18,7 +18,7 @@
buildPythonPackage rec {
pname = "meshtastic";
- version = "1.2.77";
+ version = "1.2.78";
format = "setuptools";
disabled = pythonOlder "3.6";
@@ -27,7 +27,7 @@ buildPythonPackage rec {
owner = "meshtastic";
repo = "Meshtastic-python";
rev = version;
- sha256 = "sha256-Z5YwZccyQ3LOuOf9NFuRQc8lYr6mbPp38Y4iIpD02CI=";
+ sha256 = "sha256-8P6K8sQ91kbd4o3mlHel12BFPFODcG/U0EnXJaxmknk=";
};
propagatedBuildInputs = [
diff --git a/pkgs/development/python-modules/pontos/default.nix b/pkgs/development/python-modules/pontos/default.nix
index dda98f7a8b78..1e641d79ec08 100644
--- a/pkgs/development/python-modules/pontos/default.nix
+++ b/pkgs/development/python-modules/pontos/default.nix
@@ -7,12 +7,13 @@
, colorful
, tomlkit
, git
+, packaging
, requests
}:
buildPythonPackage rec {
pname = "pontos";
- version = "22.1.1";
+ version = "22.1.3";
format = "pyproject";
disabled = pythonOlder "3.7";
@@ -21,7 +22,7 @@ buildPythonPackage rec {
owner = "greenbone";
repo = pname;
rev = "v${version}";
- sha256 = "sha256-p7E86McHeijsXpaByD5qLHYQLnSImLwHn15INyxWiZc=";
+ hash = "sha256-u/Mvk2/Wg0dB0OyTXllgV5sEV1h01HGZKLacPUxmeMA=";
};
nativeBuildInputs = [
@@ -31,6 +32,7 @@ buildPythonPackage rec {
propagatedBuildInputs = [
colorful
tomlkit
+ packaging
requests
];
@@ -39,6 +41,11 @@ buildPythonPackage rec {
pytestCheckHook
];
+ postPatch = ''
+ substituteInPlace pyproject.toml \
+ --replace 'packaging = "^20.3"' 'packaging = "*"'
+ '';
+
disabledTests = [
# Signing fails
"test_find_no_signing_key"
@@ -48,7 +55,9 @@ buildPythonPackage rec {
"test_missing_cmd"
];
- pythonImportsCheck = [ "pontos" ];
+ pythonImportsCheck = [
+ "pontos"
+ ];
meta = with lib; {
description = "Collection of Python utilities, tools, classes and functions";
diff --git a/pkgs/development/tools/database/sqlfluff/default.nix b/pkgs/development/tools/database/sqlfluff/default.nix
index f312b522add3..2d1548bd86e0 100644
--- a/pkgs/development/tools/database/sqlfluff/default.nix
+++ b/pkgs/development/tools/database/sqlfluff/default.nix
@@ -5,13 +5,13 @@
python3.pkgs.buildPythonApplication rec {
pname = "sqlfluff";
- version = "0.9.3";
+ version = "0.9.4";
src = fetchFromGitHub {
owner = pname;
repo = pname;
rev = version;
- hash = "sha256-Cg85NdbbZs0tkBy2kq5ZRKDuQwLIixdhggOBSFpUM04=";
+ hash = "sha256-KNYxHBtPRsxEFrBJsfz5G7ZRZpVQxOph9UUKKhbHA9Y=";
};
propagatedBuildInputs = with python3.pkgs; [
diff --git a/pkgs/development/tools/electron/generic.nix b/pkgs/development/tools/electron/generic.nix
index f70767a05919..004774334b91 100644
--- a/pkgs/development/tools/electron/generic.nix
+++ b/pkgs/development/tools/electron/generic.nix
@@ -19,7 +19,7 @@
version: hashes:
let
- name = "electron-${version}";
+ pname = "electron";
meta = with lib; {
description = "Cross platform desktop application shell";
@@ -54,7 +54,7 @@ let
"Unsupported system: ${platform.system}";
common = platform: {
- inherit name version meta;
+ inherit pname version meta;
src = fetcher version (get tags platform) (get hashes platform);
passthru.headers = headersFetcher version hashes.headers;
};
diff --git a/pkgs/development/tools/evans/default.nix b/pkgs/development/tools/evans/default.nix
index 4648942d709b..29dadf243043 100644
--- a/pkgs/development/tools/evans/default.nix
+++ b/pkgs/development/tools/evans/default.nix
@@ -13,7 +13,7 @@ buildGoModule rec {
subPackages = [ "." ];
- vendorSha256 = "sha256-bFTmr/xQ12cboH1MGvHDUpLM0dMkxMeLgwG0VbhMEnc=";
+ vendorSha256 = "sha256-ICGnjI9sFwt81rZCnap/rggfSs4+pZNmLouoTY7CYKw=";
meta = with lib; {
description = "More expressive universal gRPC client";
diff --git a/pkgs/development/tools/go-swagger/default.nix b/pkgs/development/tools/go-swagger/default.nix
index 4f3a32fc3995..f96683322443 100644
--- a/pkgs/development/tools/go-swagger/default.nix
+++ b/pkgs/development/tools/go-swagger/default.nix
@@ -11,7 +11,7 @@ buildGoModule rec {
sha256 = "sha256-sahInHXv1GtylsY8kpw1dDjKiENmq4myx+7mq60vJAI=";
};
- vendorSha256 = "sha256-DL2eN277cXfsw1dDvIbzkJRuKThgqFOzIufPQVpUzmU=";
+ vendorSha256 = "sha256-KLV6ABo1K+KtAzAQ4FcFiK1LAZEsKup+BtgjRJfonAY=";
doCheck = false;
diff --git a/pkgs/development/tools/gokart/default.nix b/pkgs/development/tools/gokart/default.nix
index 7722e0b36afe..f7d0857580ef 100644
--- a/pkgs/development/tools/gokart/default.nix
+++ b/pkgs/development/tools/gokart/default.nix
@@ -5,16 +5,16 @@
buildGoModule rec {
pname = "gokart";
- version = "0.3.0";
+ version = "0.4.0";
src = fetchFromGitHub {
owner = "praetorian-inc";
repo = pname;
rev = "v${version}";
- sha256 = "sha256-iXdPQkKTRE2BE2yG2KKThpj7HrxXWwBFv2TobEwGLQQ=";
+ sha256 = "sha256-HsjLNY5Z5UidsLDWSP+1bu3jrfn3oAERPrPV/AkTH8I=";
};
- vendorSha256 = "0l5aj7j9m412bgm9n553m2sh9fy9dpzd0bi3qn21gj7bfdcpagnd";
+ vendorSha256 = "sha256-S3RukCKAJnPH1KGVdnkgAJQKEDTZYpcMMdoQ4OnHZVg=";
# Would need files to scan which are not shipped by the project
doCheck = false;
diff --git a/pkgs/development/tools/rnix-lsp/default.nix b/pkgs/development/tools/rnix-lsp/default.nix
index f1e21641c35f..ccc8e88dec8b 100644
--- a/pkgs/development/tools/rnix-lsp/default.nix
+++ b/pkgs/development/tools/rnix-lsp/default.nix
@@ -1,19 +1,19 @@
-{ lib, fetchFromGitHub, rustPlatform, nix }:
+{ stdenv, lib, fetchFromGitHub, rustPlatform, nix }:
rustPlatform.buildRustPackage rec {
pname = "rnix-lsp";
- version = "0.2.3";
+ version = "0.2.4";
src = fetchFromGitHub {
owner = "nix-community";
repo = "rnix-lsp";
rev = "v${version}";
- sha256 = "sha256-D2ItR8z4LqEH1IL53vq/wPh9Pfe3eB0KsA79aLM/BWM=";
+ sha256 = "sha256-MfD07ugYYbcRaNoLxOcH9+SPbRewNxbHJA5blCSb4EM=";
};
- cargoSha256 = "sha256-71vH8oc8DmwbwM2PgxjGmWAbyC4AByx7waHxLsr2koI=";
+ cargoSha256 = "sha256-23TJrJyfCuoOOOjZeWQnF/Ac0Xv2k6tZduuzapKvsgg=";
- checkInputs = [ nix ];
+ checkInputs = lib.optional (!stdenv.isDarwin) nix;
meta = with lib; {
description = "A work-in-progress language server for Nix, with syntax checking and basic completion";
diff --git a/pkgs/development/web/cypress/default.nix b/pkgs/development/web/cypress/default.nix
index aea8ba6b19aa..ec75f5854b23 100644
--- a/pkgs/development/web/cypress/default.nix
+++ b/pkgs/development/web/cypress/default.nix
@@ -17,11 +17,11 @@
stdenv.mkDerivation rec {
pname = "cypress";
- version = "9.2.0";
+ version = "9.3.1";
src = fetchzip {
url = "https://cdn.cypress.io/desktop/${version}/linux-x64/cypress.zip";
- sha256 = "sha256-NxmGMHAEVuFl/3YgcHSbg+yWHB2tRpVTWlP5p5nGtPc=";
+ sha256 = "0626i5nxymh9hh9kf1mkky165cynsrkfw402xqmf69pnyzbzn0h7";
};
# don't remove runtime deps
diff --git a/pkgs/misc/scrcpy/default.nix b/pkgs/misc/scrcpy/default.nix
index 594561593e5a..ef1d7b140144 100644
--- a/pkgs/misc/scrcpy/default.nix
+++ b/pkgs/misc/scrcpy/default.nix
@@ -10,10 +10,10 @@
}:
let
- version = "1.21";
+ version = "1.22";
prebuilt_server = fetchurl {
url = "https://github.com/Genymobile/scrcpy/releases/download/v${version}/scrcpy-server-v${version}";
- sha256 = "sha256-28zKtSPuJnluVeozZSZJ5LevSY7a6ap15NTXhpwKuEg=";
+ sha256 = "sha256-wF0nPux1M8DhBiguAlTPBOf16PDCkgyjlEiGX6sqQZs=";
};
in
stdenv.mkDerivation rec {
@@ -24,7 +24,7 @@ stdenv.mkDerivation rec {
owner = "Genymobile";
repo = pname;
rev = "v${version}";
- sha256 = "sha256-9MzOaQj+lR1F+E/yoxbL/HMOOuKOU82zkPVq7x6AH3c=";
+ sha256 = "sha256-bYLvrCw6NNCZqgLWIEObnytgD74cE9pm/Z7dgB8S5x0=";
};
# postPatch:
diff --git a/pkgs/misc/vscode-extensions/default.nix b/pkgs/misc/vscode-extensions/default.nix
index 8ff8fee2b1ef..dd6fcbd56c8c 100644
--- a/pkgs/misc/vscode-extensions/default.nix
+++ b/pkgs/misc/vscode-extensions/default.nix
@@ -1494,6 +1494,18 @@ let
};
};
+ roman.ayu-next = buildVscodeMarketplaceExtension {
+ mktplcRef = {
+ name = "ayu-next";
+ publisher = "roman";
+ version = "1.2.9";
+ sha256 = "sha256-rwZnqvHRmMquNq9PnU176vI4g8PtS6wSNvQaZ1BMa4I=";
+ };
+ meta = {
+ license = lib.licenses.mit;
+ };
+ };
+
rubbersheep.gi = buildVscodeMarketplaceExtension {
mktplcRef = {
name = "gi";
diff --git a/pkgs/tools/admin/fits-cloudctl/default.nix b/pkgs/tools/admin/fits-cloudctl/default.nix
index 322e3535b817..9f79db859283 100644
--- a/pkgs/tools/admin/fits-cloudctl/default.nix
+++ b/pkgs/tools/admin/fits-cloudctl/default.nix
@@ -14,7 +14,7 @@ buildGoModule rec {
sha256 = "sha256-GSdVwpYmJ3VnZaMQ8SjzcHpeefFjSaZXRcUAXEI9PKo=";
};
- vendorSha256 = "sha256-RZ4cy9XHpWRP85G4A1/qYPjt/4CZ7pgECf+rsViPjGE=";
+ vendorSha256 = "sha256-4iQxqhXMGeMgHarjVY/rCLr7Am1mniqxTkMxbcp3fGI=";
meta = with lib; {
description = "Command-line client for FI-TS Finance Cloud Native services";
diff --git a/pkgs/tools/inputmethods/kime/default.nix b/pkgs/tools/inputmethods/kime/default.nix
index 6cac37da7db2..68a91d2bfca7 100644
--- a/pkgs/tools/inputmethods/kime/default.nix
+++ b/pkgs/tools/inputmethods/kime/default.nix
@@ -16,18 +16,18 @@ let
in
stdenv.mkDerivation rec {
pname = "kime";
- version = "2.5.5";
+ version = "2.5.6";
src = fetchFromGitHub {
owner = "Riey";
repo = pname;
rev = "v${version}";
- sha256 = "sha256-u2CmehJipXSH1dey5oIyQf8CsRveeae5cSjpY8vWYRs=";
+ sha256 = "sha256-r5luI6B4IjNTbh2tzpqabokgwkmbyXrA61+F2HDEWuo=";
};
cargoDeps = rustPlatform.fetchCargoTarball {
inherit src;
- sha256 = "sha256-ROzEEfIPeWoWDi5McNwub5E/UCAeJpOx5nZS9r/q4K4=";
+ sha256 = "sha256-GvBnNPY51RPt+I73oet5tB/EE2UsEPKbelJZkSY3xNw=";
};
# Replace autostart path
diff --git a/pkgs/tools/misc/opentelemetry-collector/contrib.nix b/pkgs/tools/misc/opentelemetry-collector/contrib.nix
new file mode 100644
index 000000000000..b89868460e29
--- /dev/null
+++ b/pkgs/tools/misc/opentelemetry-collector/contrib.nix
@@ -0,0 +1,45 @@
+{ buildGoModule
+, fetchFromGitHub
+, lib
+}:
+
+buildGoModule rec {
+ pname = "opentelemetry-collector-contrib";
+ version = "0.43.0";
+
+ src = fetchFromGitHub {
+ owner = "open-telemetry";
+ repo = "opentelemetry-collector-contrib";
+ rev = "v${version}";
+ sha256 = "sha256-ktzP+ugG2sa0v8B1Zp47o8Bmpxv98zQyFyWf9QfQRoQ=";
+ };
+ # proxy vendor to avoid hash missmatches between linux and macOS
+ proxyVendor = true;
+ vendorSha256 = "sha256-0E52YSWlq1ebHA3kR9Qo/6ufug9R+z1cSD9AfbN/Mi0=";
+
+ subPackages = [ "cmd/otelcontribcol" ];
+
+ ldflags = [
+ "-s"
+ "-w"
+ "-X github.com/open-telemetry/opentelemetry-collector-contrib/internal/version.Version=v${version}"
+ ];
+
+ meta = with lib; {
+ homepage = "https://github.com/open-telemetry/opentelemetry-collector-contrib";
+ changelog = "https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/v${version}/CHANGELOG.md";
+ description = "OpenTelemetry Collector superset with additional community collectors";
+ longDescription = ''
+ The OpenTelemetry Collector offers a vendor-agnostic implementation on how
+ to receive, process and export telemetry data. In addition, it removes the
+ need to run, operate and maintain multiple agents/collectors in order to
+ support open-source telemetry data formats (e.g. Jaeger, Prometheus, etc.)
+ sending to multiple open-source or commercial back-ends. The Contrib
+ edition provides aditional vendor specific receivers/exporters and/or
+ components that are only useful to a relatively small number of users and
+ is multiple times larger as a result.
+ '';
+ license = licenses.asl20;
+ maintainers = with maintainers; [ uri-canva jk ];
+ };
+}
diff --git a/pkgs/tools/misc/opentelemetry-collector/default.nix b/pkgs/tools/misc/opentelemetry-collector/default.nix
index 6c83d72976d9..e0abe89359ed 100644
--- a/pkgs/tools/misc/opentelemetry-collector/default.nix
+++ b/pkgs/tools/misc/opentelemetry-collector/default.nix
@@ -1,30 +1,52 @@
{ buildGoModule
, fetchFromGitHub
, lib
+, writeScript
}:
+let
+ otelcontribcol = writeScript "otelcontribcol" ''
+ echo 'ERROR: otelcontribcol is now in `pkgs.opentelemetry-collector-contrib`, call the collector with `otelcorecol` or move to `pkgs.opentelemetry-collector-contrib`' >&2
+ exit 1
+ '';
+in
buildGoModule rec {
pname = "opentelemetry-collector";
- version = "0.40.0";
+ version = "0.43.1";
src = fetchFromGitHub {
owner = "open-telemetry";
- repo = "opentelemetry-collector-contrib";
+ repo = "opentelemetry-collector";
rev = "v${version}";
- sha256 = "sha256-YFgAS4WReyMnzb6FOeRUXHf1LUgknH5gWObiZNKMbv8=";
+ sha256 = "sha256-hYhJv5LbebUA9Sp8/admfKWXBoOVvXdr3Mzc3qG8GlM=";
};
+ # there is a nested go.mod
+ sourceRoot = "source/cmd/otelcorecol";
+ vendorSha256 = "sha256-w5uyAVZ1TrurD4CEWTTk1fWmdlQn8eAFWZrNpISB5Rk=";
- vendorSha256 = "sha256-DTZLYF3BoQGou59KaL56pkxySsoQ0xeJ5aF/SkewziE=";
- proxyVendor = true;
+ preBuild = ''
+ # set the build version, can't be done via ldflags
+ sed -i -E 's/Version:(\s*)".*"/Version:\1"${version}"/' main.go
+ '';
- CGO_ENABLED = 0;
+ ldflags = [ "-s" "-w" ];
- subPackages = [ "cmd/otelcontribcol" ];
+ postInstall = ''
+ cp ${otelcontribcol} $out/bin/otelcontribcol
+ '';
meta = with lib; {
homepage = "https://github.com/open-telemetry/opentelemetry-collector";
- description = "OpenTelemetry Collector";
+ changelog = "https://github.com/open-telemetry/opentelemetry-collector/blob/v${version}/CHANGELOG.md";
+ description = "OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data";
+ longDescription = ''
+ The OpenTelemetry Collector offers a vendor-agnostic implementation on how
+ to receive, process and export telemetry data. In addition, it removes the
+ need to run, operate and maintain multiple agents/collectors in order to
+ support open-source telemetry data formats (e.g. Jaeger, Prometheus, etc.)
+ sending to multiple open-source or commercial back-ends.
+ '';
license = licenses.asl20;
- maintainers = [ maintainers.uri-canva ];
+ maintainers = with maintainers; [ uri-canva jk ];
};
}
diff --git a/pkgs/tools/networking/godns/default.nix b/pkgs/tools/networking/godns/default.nix
index 8a5440f6b071..a20d63af233d 100644
--- a/pkgs/tools/networking/godns/default.nix
+++ b/pkgs/tools/networking/godns/default.nix
@@ -11,7 +11,7 @@ buildGoModule rec {
sha256 = "sha256-U8fmjcPeTcKlf721UIbA4/JYeM4l+OIyAPGNp8IPvSk=";
};
- vendorSha256 = "sha256-8fluCDKrMNnIAlJFlDAisk/P+IYHBCdl7hkSbQtgy1A=";
+ vendorSha256 = "sha256-OyqkjA90zcfqRL6pfISR/6WXbv5LwVhKDECBtlqords=";
# Some tests require internet access, broken in sandbox
doCheck = false;
diff --git a/pkgs/tools/networking/godspeed/default.nix b/pkgs/tools/networking/godspeed/default.nix
index 011d09848d8e..44cac245927f 100644
--- a/pkgs/tools/networking/godspeed/default.nix
+++ b/pkgs/tools/networking/godspeed/default.nix
@@ -15,7 +15,7 @@ buildGoModule rec {
sha256 = "sha256-y/mCfNWe5ShdxEz8IUQ8zUzgVkUy/+5lX6rcJ3r6KoI=";
};
- vendorSha256 = "sha256-MCr1ShhkxM9CeSmqqtgAW0qv0QaIPRSOzASj8gt2ZAg=";
+ vendorSha256 = "sha256-DCDAuKvov4tkf77nJNo9mQU/bAeQasp4VBQRtLX+U6c=";
buildInputs = [
libpcap
diff --git a/pkgs/tools/security/extrude/default.nix b/pkgs/tools/security/extrude/default.nix
index dbe9471bf2da..e8d2b0784117 100644
--- a/pkgs/tools/security/extrude/default.nix
+++ b/pkgs/tools/security/extrude/default.nix
@@ -14,7 +14,7 @@ buildGoModule rec {
hash = "sha256-7gCEBhnNU5CqC5n0KP4Dd/fmddPRwNqyMFXTrRrJjfU=";
};
- vendorSha256 = "sha256-auhRXKt5dcQ+gr3a9Wfen8/BISP17HVsIRP16sBmiZM=";
+ vendorSha256 = "sha256-8qjIYPkWtYTvl7wAnefpZAjbNSQLQFqRnGGccYZ8ZmU=";
meta = with lib; {
description = "Tool to analyse binaries for missing security features";
diff --git a/pkgs/tools/security/gau/default.nix b/pkgs/tools/security/gau/default.nix
index d744b8b5daa0..59dc202e694a 100644
--- a/pkgs/tools/security/gau/default.nix
+++ b/pkgs/tools/security/gau/default.nix
@@ -14,7 +14,7 @@ buildGoModule rec {
sha256 = "sha256-GkPAv6JrgzlblSw4oIvPvNSboOmvZCMKyFwAMD3W0fQ=";
};
- vendorSha256 = "sha256-u5ketxHPwZN2mV0uTgwJbY+ImusGZ9GTTmFAGvdH5yA=";
+ vendorSha256 = "sha256-HQATUCzYvhhlqe4HhNu9H4CqmY2IGLNJ9ydt3/igSmQ=";
meta = with lib; {
description = "Tool to fetch known URLs";
diff --git a/pkgs/tools/security/metasploit/Gemfile b/pkgs/tools/security/metasploit/Gemfile
index 4e770c3ead14..de625d4cb521 100644
--- a/pkgs/tools/security/metasploit/Gemfile
+++ b/pkgs/tools/security/metasploit/Gemfile
@@ -1,4 +1,4 @@
# frozen_string_literal: true
source "https://rubygems.org"
-gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.1.25"
+gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.1.27"
diff --git a/pkgs/tools/security/metasploit/Gemfile.lock b/pkgs/tools/security/metasploit/Gemfile.lock
index d7be1df5a86e..b25da2ff7e77 100644
--- a/pkgs/tools/security/metasploit/Gemfile.lock
+++ b/pkgs/tools/security/metasploit/Gemfile.lock
@@ -1,9 +1,9 @@
GIT
remote: https://github.com/rapid7/metasploit-framework
- revision: 4a1ba0f9095d5c6e954ba58bc71d02feefc411a5
- ref: refs/tags/6.1.25
+ revision: e8c59985fa8e2c65660f2103b75622018e99f6b3
+ ref: refs/tags/6.1.27
specs:
- metasploit-framework (6.1.25)
+ metasploit-framework (6.1.27)
actionpack (~> 6.0)
activerecord (~> 6.0)
activesupport (~> 6.0)
@@ -31,9 +31,9 @@ GIT
metasploit-concern
metasploit-credential
metasploit-model
- metasploit-payloads (= 2.0.66)
+ metasploit-payloads (= 2.0.70)
metasploit_data_models
- metasploit_payloads-mettle (= 1.0.17)
+ metasploit_payloads-mettle (= 1.0.18)
mqtt
msgpack
nessus_rest
@@ -47,7 +47,7 @@ GIT
openvas-omp
packetfu
patch_finder
- pcaprub (= 0.12.4)
+ pcaprub
pdf-reader
pg
puma
@@ -128,13 +128,13 @@ GEM
arel-helpers (2.14.0)
activerecord (>= 3.1.0, < 8)
aws-eventstream (1.2.0)
- aws-partitions (1.549.0)
+ aws-partitions (1.551.0)
aws-sdk-core (3.125.5)
aws-eventstream (~> 1, >= 1.0.2)
aws-partitions (~> 1, >= 1.525.0)
aws-sigv4 (~> 1.1)
jmespath (~> 1.0)
- aws-sdk-ec2 (1.294.0)
+ aws-sdk-ec2 (1.296.0)
aws-sdk-core (~> 3, >= 3.125.0)
aws-sigv4 (~> 1.1)
aws-sdk-iam (1.65.0)
@@ -143,7 +143,7 @@ GEM
aws-sdk-kms (1.53.0)
aws-sdk-core (~> 3, >= 3.125.0)
aws-sigv4 (~> 1.1)
- aws-sdk-s3 (1.111.1)
+ aws-sdk-s3 (1.111.3)
aws-sdk-core (~> 3, >= 3.125.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.4)
@@ -216,7 +216,7 @@ GEM
domain_name (~> 0.5)
http_parser.rb (0.8.0)
httpclient (2.8.3)
- i18n (1.8.11)
+ i18n (1.9.1)
concurrent-ruby (~> 1.0)
io-console (0.5.11)
irb (1.3.6)
@@ -251,7 +251,7 @@ GEM
activemodel (~> 6.0)
activesupport (~> 6.0)
railties (~> 6.0)
- metasploit-payloads (2.0.66)
+ metasploit-payloads (2.0.70)
metasploit_data_models (5.0.4)
activerecord (~> 6.0)
activesupport (~> 6.0)
@@ -262,12 +262,12 @@ GEM
railties (~> 6.0)
recog (~> 2.0)
webrick
- metasploit_payloads-mettle (1.0.17)
+ metasploit_payloads-mettle (1.0.18)
method_source (1.0.0)
mini_portile2 (2.7.1)
minitest (5.15.0)
mqtt (0.5.0)
- msgpack (1.4.3)
+ msgpack (1.4.4)
multi_json (1.15.0)
multipart-post (2.1.1)
mustermann (1.1.1)
@@ -291,16 +291,16 @@ GEM
packetfu (1.1.13)
pcaprub
patch_finder (1.0.2)
- pcaprub (0.12.4)
- pdf-reader (2.8.0)
+ pcaprub (0.13.1)
+ pdf-reader (2.9.0)
Ascii85 (~> 1.0)
afm (~> 0.2.1)
hashery (~> 2.0)
ruby-rc4
ttfunk
- pg (1.2.3)
+ pg (1.3.0)
public_suffix (4.0.6)
- puma (5.5.2)
+ puma (5.6.1)
nio4r (~> 2.0)
racc (1.6.0)
rack (2.2.3)
@@ -334,7 +334,7 @@ GEM
rex-core
rex-struct2
rex-text
- rex-core (0.1.20)
+ rex-core (0.1.25)
rex-encoder (0.1.6)
metasm
rex-arch
@@ -379,12 +379,12 @@ GEM
ruby-macho (3.0.0)
ruby-rc4 (0.1.5)
ruby2_keywords (0.0.5)
- ruby_smb (3.0.0)
+ ruby_smb (3.0.1)
bindata
openssl-ccm
openssl-cmac
rubyntlm
- windows_error
+ windows_error (>= 0.1.3)
rubyntlm (0.6.3)
rubyzip (2.3.2)
sawyer (0.8.2)
@@ -437,7 +437,7 @@ GEM
activesupport (>= 4.2, < 7.0)
xmlrpc (0.3.2)
webrick
- zeitwerk (2.5.3)
+ zeitwerk (2.5.4)
PLATFORMS
ruby
diff --git a/pkgs/tools/security/metasploit/default.nix b/pkgs/tools/security/metasploit/default.nix
index d9a508640ca9..8de94c7b59e3 100644
--- a/pkgs/tools/security/metasploit/default.nix
+++ b/pkgs/tools/security/metasploit/default.nix
@@ -15,13 +15,13 @@ let
};
in stdenv.mkDerivation rec {
pname = "metasploit-framework";
- version = "6.1.25";
+ version = "6.1.27";
src = fetchFromGitHub {
owner = "rapid7";
repo = "metasploit-framework";
rev = version;
- sha256 = "sha256-lfTueN3s7wsyQRrulsx7TKVMhOu6//4Z6DDjR/Lm6Vw=";
+ sha256 = "sha256-nc9Oxl5dLGU60jaQdkaErW51s4QsuD977bJubd9BA3A=";
};
nativeBuildInputs = [ makeWrapper ];
diff --git a/pkgs/tools/security/metasploit/gemset.nix b/pkgs/tools/security/metasploit/gemset.nix
index 56bc01387144..2652cd7dfb53 100644
--- a/pkgs/tools/security/metasploit/gemset.nix
+++ b/pkgs/tools/security/metasploit/gemset.nix
@@ -104,10 +104,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
- sha256 = "02d86hv5jfs27hszd9d92q31dz3wl3s1racimkhb7nx8xg0l9ldj";
+ sha256 = "0shhwh5wra3h5vibabdkx422vzs4bwp8kmvn1x46sqscmqk8hw9p";
type = "gem";
};
- version = "1.549.0";
+ version = "1.551.0";
};
aws-sdk-core = {
groups = ["default"];
@@ -124,10 +124,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
- sha256 = "0rzbd111n7pgzpgjabcxi2mpnkxf3fcxkvy4rqidyf80m4633gwy";
+ sha256 = "0f45py2sgai3d7k67kp4hb9ljf8khfz6wd33sj1pdvj55pcg7zai";
type = "gem";
};
- version = "1.294.0";
+ version = "1.296.0";
};
aws-sdk-iam = {
groups = ["default"];
@@ -154,10 +154,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
- sha256 = "1pgh6zd07r9sfzkdz4bf6piq4n8gzl0f76h68l2zxchc1g9z4lqw";
+ sha256 = "085nizd80w75djrch1c38g0xchw6hsyfcg039qp27aalwhxd44b4";
type = "gem";
};
- version = "1.111.1";
+ version = "1.111.3";
};
aws-sigv4 = {
groups = ["default"];
@@ -564,10 +564,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
- sha256 = "0vdd1kii40qhbr9n8qx71k2gskq6rkl8ygy8hw5hfj8bb5a364xf";
+ sha256 = "1nancdgq51wk3c1pkxps0rkjsfdwnkx60hzkm947m5rzsz8b2sw8";
type = "gem";
};
- version = "1.8.11";
+ version = "1.9.1";
};
io-console = {
groups = ["default"];
@@ -684,12 +684,12 @@
platforms = [];
source = {
fetchSubmodules = false;
- rev = "4a1ba0f9095d5c6e954ba58bc71d02feefc411a5";
- sha256 = "0p79wvr4gqrhx0czxzxsxf24r9acgg69dvhs84r0pvzcvmwfxx4m";
+ rev = "e8c59985fa8e2c65660f2103b75622018e99f6b3";
+ sha256 = "0w0387gnsvmjxmxkzf1chjrpavmdhi37d41ns8x6ab2xbv34xkwx";
type = "git";
url = "https://github.com/rapid7/metasploit-framework";
};
- version = "6.1.25";
+ version = "6.1.27";
};
metasploit-model = {
groups = ["default"];
@@ -706,10 +706,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
- sha256 = "0gpsxysd6lg4falybci1fwlxjmxazjx5birqppdyc9wkqha58j9r";
+ sha256 = "07vjb7kdgr2wi9b5jk7a9niapvbwi7xk4jx9a521fm6p1fhrnlnn";
type = "gem";
};
- version = "2.0.66";
+ version = "2.0.70";
};
metasploit_data_models = {
groups = ["default"];
@@ -726,10 +726,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
- sha256 = "06v72lyj08haqzs5a12ds6vadq6r2kxy50s7jxp1vxq5i2j4p2gm";
+ sha256 = "09mm8wbp7yaaqpz16bhsag3q5xd4aqx5l1n2p06zg55nph1dgy0s";
type = "gem";
};
- version = "1.0.17";
+ version = "1.0.18";
};
method_source = {
groups = ["default"];
@@ -776,10 +776,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
- sha256 = "14kg9wdfls7s63lds9blrd77n8mx780bzyh05dj8kn0aimw3l9dx";
+ sha256 = "0b98w2j7g89ihnc753hh3if68r5qrmdp9n2j6mvqy2yl73sbv739";
type = "gem";
};
- version = "1.4.3";
+ version = "1.4.4";
};
multi_json = {
groups = ["default"];
@@ -957,30 +957,30 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
- sha256 = "0pl4lqy7308185pfv0197n8b4v20fhd0zb3wlpz284rk8ssclkvz";
+ sha256 = "0886fcc5bi0kc0rbma5fj3wa3hbg2nl7ivnbi2j995yzg36zq7xy";
type = "gem";
};
- version = "0.12.4";
+ version = "0.13.1";
};
pdf-reader = {
groups = ["default"];
platforms = [];
source = {
remotes = ["https://rubygems.org"];
- sha256 = "18vsmybpvyi0favlabjipznpc8hgprsm7jpw3s7xr01c3lpjli7y";
+ sha256 = "1fh2pq3gk5fh18g71wir98k4bz4rvihhx8qmn8zi9fz6yfqx39qj";
type = "gem";
};
- version = "2.8.0";
+ version = "2.9.0";
};
pg = {
groups = ["default"];
platforms = [];
source = {
remotes = ["https://rubygems.org"];
- sha256 = "13mfrysrdrh8cka1d96zm0lnfs59i5x2g6ps49r2kz5p3q81xrzj";
+ sha256 = "0y16aa24ljnyhszqr6g3m0369rmx5xw6dgglipwhi6pn8dl678mr";
type = "gem";
};
- version = "1.2.3";
+ version = "1.3.0";
};
public_suffix = {
groups = ["default"];
@@ -997,10 +997,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
- sha256 = "1xblxnrs0c5m326v7kgr32k4m00cl2ipcf5m0qvyisrw62vd5dbn";
+ sha256 = "03blhf8snz59433zsv7apwqy1hg92yhkb5am9x2dpqr0c4i6hscs";
type = "gem";
};
- version = "5.5.2";
+ version = "5.6.1";
};
racc = {
groups = ["default"];
@@ -1147,10 +1147,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
- sha256 = "0hy7xrd3pwyfk2199zkgfa6kz1fsx7ngf6s512gpk8gadjc8hq6j";
+ sha256 = "04w1pknswnjs02fgsqcr8dx6cz3qjmx7hs83kbhn836s4yfpyv6a";
type = "gem";
};
- version = "0.1.20";
+ version = "0.1.25";
};
rex-encoder = {
groups = ["default"];
@@ -1357,10 +1357,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
- sha256 = "1klfrp56qid5fr1kzsi62bkhpp2yn6pbv0yg4ikf0lgzg5nq781w";
+ sha256 = "0mf3mzxq83y7i8nr6bcl5yacvfz6y5p3hdmvr1m6xq0l0i9a9axy";
type = "gem";
};
- version = "3.0.0";
+ version = "3.0.1";
};
rubyntlm = {
groups = ["default"];
@@ -1627,9 +1627,9 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
- sha256 = "0lmg9x683gr9mkrbq9df2m0zb0650mdfxqna0bs10js44inv7znx";
+ sha256 = "09bq7j2p6mkbxnsg71s253dm2463kg51xc7bmjcxgyblqbh4ln7m";
type = "gem";
};
- version = "2.5.3";
+ version = "2.5.4";
};
}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index dfeff4902585..274ddf695a12 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -325,7 +325,9 @@ with pkgs;
eclipse-mat = callPackage ../development/tools/eclipse-mat { };
- evans = callPackage ../development/tools/evans { };
+ evans = callPackage ../development/tools/evans {
+ buildGoModule = buildGo117Module;
+ };
firefly-desktop = callPackage ../applications/misc/firefly-desktop { };
@@ -1019,9 +1021,13 @@ with pkgs;
gofu = callPackage ../applications/misc/gofu { };
- godns = callPackage ../tools/networking/godns { };
+ godns = callPackage ../tools/networking/godns {
+ buildGoModule = buildGo117Module;
+ };
- godspeed = callPackage ../tools/networking/godspeed { };
+ godspeed = callPackage ../tools/networking/godspeed {
+ buildGoModule = buildGo117Module;
+ };
fwbuilder = libsForQt5.callPackage ../tools/security/fwbuilder { };
@@ -3010,7 +3016,9 @@ with pkgs;
eternal-terminal = callPackage ../tools/networking/eternal-terminal {};
- extrude = callPackage ../tools/security/extrude { };
+ extrude = callPackage ../tools/security/extrude {
+ buildGoModule = buildGo117Module;
+ };
f3 = callPackage ../tools/filesystems/f3 { };
@@ -3058,7 +3066,9 @@ with pkgs;
firestarter = callPackage ../applications/misc/firestarter { };
- fits-cloudctl = callPackage ../tools/admin/fits-cloudctl { };
+ fits-cloudctl = callPackage ../tools/admin/fits-cloudctl {
+ buildGoModule = buildGo117Module;
+ };
flitter = callPackage ../tools/misc/flitter { };
@@ -5605,7 +5615,9 @@ with pkgs;
garmintools = callPackage ../development/libraries/garmintools {};
- gau = callPackage ../tools/security/gau { };
+ gau = callPackage ../tools/security/gau {
+ buildGoModule = buildGo117Module;
+ };
gauge = callPackage ../development/tools/gauge { };
@@ -5920,7 +5932,9 @@ with pkgs;
gl2ps = callPackage ../development/libraries/gl2ps { };
- glab = callPackage ../applications/version-management/git-and-tools/glab { };
+ glab = callPackage ../applications/version-management/git-and-tools/glab {
+ buildGoModule = buildGo117Module;
+ };
glitter = callPackage ../applications/version-management/git-and-tools/glitter { };
@@ -8530,7 +8544,12 @@ with pkgs;
opae = callPackage ../development/libraries/opae { };
- opentelemetry-collector = callPackage ../tools/misc/opentelemetry-collector { };
+ opentelemetry-collector = callPackage ../tools/misc/opentelemetry-collector {
+ buildGoModule = buildGo117Module;
+ };
+ opentelemetry-collector-contrib = callPackage ../tools/misc/opentelemetry-collector/contrib.nix {
+ buildGoModule = buildGo117Module;
+ };
opentracing-cpp = callPackage ../development/libraries/opentracing-cpp { };
@@ -25359,7 +25378,9 @@ with pkgs;
exercism = callPackage ../applications/misc/exercism { };
- expenses = callPackage ../applications/misc/expenses { };
+ expenses = callPackage ../applications/misc/expenses {
+ buildGoModule = buildGo117Module;
+ };
fnott = callPackage ../applications/misc/fnott { };
@@ -30334,7 +30355,9 @@ with pkgs;
ergo = callPackage ../applications/blockchains/ergo { };
- erigon = callPackage ../applications/blockchains/erigon.nix { };
+ erigon = callPackage ../applications/blockchains/erigon.nix {
+ buildGoModule = buildGo117Module;
+ };
exodus = callPackage ../applications/blockchains/exodus { };
@@ -33806,7 +33829,9 @@ with pkgs;
go-swag = callPackage ../development/tools/go-swag { };
- go-swagger = callPackage ../development/tools/go-swagger { };
+ go-swagger = callPackage ../development/tools/go-swagger {
+ buildGoModule = buildGo117Module;
+ };
jx = callPackage ../applications/networking/cluster/jx {};