Merge remote-tracking branch 'origin/master' into staging-next

Conflicts:
  nixos/doc/manual/release-notes/rl-2105.xml
  pkgs/tools/security/sequoia/default.nix
This commit is contained in:
Jonathan Ringer 2021-05-19 10:39:54 -07:00
commit c1f8a15dac
No known key found for this signature in database
GPG key ID: 5C841D3CFDFEC4E0
126 changed files with 2445 additions and 1530 deletions

View file

@ -3591,6 +3591,12 @@
githubId = 606000;
name = "Gabriel Adomnicai";
};
Gabriel439 = {
email = "Gabriel439@gmail.com";
github = "Gabriel439";
githubId = 1313787;
name = "Gabriel Gonzalez";
};
gal_bolle = {
email = "florent.becker@ens-lyon.org";
github = "FlorentBecker";

View file

@ -17,6 +17,7 @@ Because step 1) is quite expensive and takes roughly ~5 minutes the result is ca
{-# LANGUAGE BlockArguments #-}
{-# LANGUAGE DeriveAnyClass #-}
{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DerivingStrategies #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE LambdaCase #-}
{-# LANGUAGE MultiWayIf #-}
@ -36,8 +37,6 @@ import Data.Aeson (
encodeFile,
)
import Data.Foldable (Foldable (toList), foldl')
import Data.Function ((&))
import Data.Functor ((<&>))
import Data.List.NonEmpty (NonEmpty, nonEmpty)
import qualified Data.List.NonEmpty as NonEmpty
import Data.Map.Strict (Map)
@ -71,7 +70,6 @@ import System.Directory (XdgDirectory (XdgCache), getXdgDirectory)
import System.Environment (getArgs)
import System.Process (readProcess)
import Prelude hiding (id)
import qualified Prelude
newtype JobsetEvals = JobsetEvals
{ evals :: Seq Eval
@ -132,30 +130,117 @@ getBuildReports = runReq defaultHttpConfig do
hydraEvalCommand :: FilePath
hydraEvalCommand = "hydra-eval-jobs"
hydraEvalParams :: [String]
hydraEvalParams = ["-I", ".", "pkgs/top-level/release-haskell.nix"]
handlesCommand :: FilePath
handlesCommand = "nix-instantiate"
handlesParams :: [String]
handlesParams = ["--eval", "--strict", "--json", "-"]
handlesExpression :: String
handlesExpression = "with import ./. {}; with lib; zipAttrsWith (_: builtins.head) (mapAttrsToList (_: v: if v ? github then { \"${v.email}\" = v.github; } else {}) (import maintainers/maintainer-list.nix))"
newtype Maintainers = Maintainers {maintainers :: Maybe Text} deriving (Generic, ToJSON, FromJSON)
-- | This newtype is used to parse a Hydra job output from @hydra-eval-jobs@.
-- The only field we are interested in is @maintainers@, which is why this
-- is just a newtype.
--
-- Note that there are occassionally jobs that don't have a maintainers
-- field, which is why this has to be @Maybe Text@.
newtype Maintainers = Maintainers { maintainers :: Maybe Text }
deriving stock (Generic, Show)
deriving anyclass (FromJSON, ToJSON)
-- | This is a 'Map' from Hydra job name to maintainer email addresses.
--
-- It has values similar to the following:
--
-- @@
-- fromList
-- [ ("arion.aarch64-linux", Maintainers (Just "robert@example.com"))
-- , ("bench.x86_64-linux", Maintainers (Just ""))
-- , ("conduit.x86_64-linux", Maintainers (Just "snoy@man.com, web@ber.com"))
-- , ("lens.x86_64-darwin", Maintainers (Just "ek@category.com"))
-- ]
-- @@
--
-- Note that Hydra jobs without maintainers will have an empty string for the
-- maintainer list.
type HydraJobs = Map Text Maintainers
-- | Map of email addresses to GitHub handles.
-- This is built from the file @../../maintainer-list.nix@.
--
-- It has values similar to the following:
--
-- @@
-- fromList
-- [ ("robert@example.com", "rob22")
-- , ("ek@category.com", "edkm")
-- ]
-- @@
type EmailToGitHubHandles = Map Text Text
-- | Map of Hydra jobs to maintainer GitHub handles.
--
-- It has values similar to the following:
--
-- @@
-- fromList
-- [ ("arion.aarch64-linux", ["rob22"])
-- , ("conduit.x86_64-darwin", ["snoyb", "webber"])
-- ]
-- @@
type MaintainerMap = Map Text (NonEmpty Text)
-- | Generate a mapping of Hydra job names to maintainer GitHub handles.
getMaintainerMap :: IO MaintainerMap
getMaintainerMap = do
hydraJobs :: HydraJobs <- get hydraEvalCommand hydraEvalParams "" "Failed to decode hydra-eval-jobs output: "
handlesMap :: Map Text Text <- get handlesCommand handlesParams handlesExpression "Failed to decode nix output for lookup of github handles: "
pure $ hydraJobs & Map.mapMaybe (nonEmpty . mapMaybe (`Map.lookup` handlesMap) . Text.splitOn ", " . fromMaybe "" . maintainers)
where
get c p i e = readProcess c p i <&> \x -> either (error . (<> " Raw:'" <> take 1000 x <> "'") . (e <>)) Prelude.id . eitherDecodeStrict' . encodeUtf8 . Text.pack $ x
hydraJobs :: HydraJobs <-
readJSONProcess hydraEvalCommand hydraEvalParams "" "Failed to decode hydra-eval-jobs output: "
handlesMap :: EmailToGitHubHandles <-
readJSONProcess handlesCommand handlesParams handlesExpression "Failed to decode nix output for lookup of github handles: "
pure $ Map.mapMaybe (splitMaintainersToGitHubHandles handlesMap) hydraJobs
where
-- Split a comma-spearated string of Maintainers into a NonEmpty list of
-- GitHub handles.
splitMaintainersToGitHubHandles
:: EmailToGitHubHandles -> Maintainers -> Maybe (NonEmpty Text)
splitMaintainersToGitHubHandles handlesMap (Maintainers maint) =
nonEmpty . mapMaybe (`Map.lookup` handlesMap) . Text.splitOn ", " $ fromMaybe "" maint
-- | Run a process that produces JSON on stdout and and decode the JSON to a
-- data type.
--
-- If the JSON-decoding fails, throw the JSON-decoding error.
readJSONProcess
:: FromJSON a
=> FilePath -- ^ Filename of executable.
-> [String] -- ^ Arguments
-> String -- ^ stdin to pass to the process
-> String -- ^ String to prefix to JSON-decode error.
-> IO a
readJSONProcess exe args input err = do
output <- readProcess exe args input
let eitherDecodedOutput = eitherDecodeStrict' . encodeUtf8 . Text.pack $ output
case eitherDecodedOutput of
Left decodeErr -> error $ err <> decodeErr <> "\nRaw: '" <> take 1000 output <> "'"
Right decodedOutput -> pure decodedOutput
-- BuildStates are sorted by subjective importance/concerningness
data BuildState = Failed | DependencyFailed | OutputLimitExceeded | Unknown (Maybe Int) | TimedOut | Canceled | HydraFailure | Unfinished | Success deriving (Show, Eq, Ord)
data BuildState
= Failed
| DependencyFailed
| OutputLimitExceeded
| Unknown (Maybe Int)
| TimedOut
| Canceled
| HydraFailure
| Unfinished
| Success
deriving stock (Show, Eq, Ord)
icon :: BuildState -> Text
icon = \case
@ -243,7 +328,7 @@ printJob evalId name (Table mapping, maintainers) =
printSingleRow set = "- [ ] " <> printState set <> " " <> makeJobSearchLink set (makePkgName set) <> " " <> maintainers
makePkgName set = (if Text.null set then "" else set <> ".") <> name
printState set = Text.intercalate " " $ map (\pf -> maybe "" (label pf) $ Map.lookup (set, pf) mapping) platforms
makeJobSearchLink set linkLabel= makeSearchLink evalId linkLabel (makePkgName set <> ".") -- Append '.' to the search query to prevent e.g. "hspec." matching "hspec-golden.x86_64-linux"
makeJobSearchLink set linkLabel= makeSearchLink evalId linkLabel (makePkgName set)
sets = toList $ Set.fromList (fst <$> Map.keys mapping)
platforms = toList $ Set.fromList (snd <$> Map.keys mapping)
label pf (BuildResult s i) = "[[" <> platformIcon pf <> icon s <> "]](https://hydra.nixos.org/build/" <> showT i <> ")"

View file

@ -84,12 +84,12 @@ nixpkgs https://nixos.org/channels/nixpkgs-unstable</screen>
</para>
<para>
You'll need <literal>nixos-generate-config</literal> and
<literal>nixos-install</literal> and we'll throw in some man pages and
<literal>nixos-enter</literal> just in case you want to chroot into your
NixOS partition. They are installed by default on NixOS, but you don't have
<literal>nixos-install</literal>, but this also makes some man pages
and <literal>nixos-enter</literal> available, just in case you want to chroot into your
NixOS partition. NixOS installs these by default, but you don't have
NixOS yet..
</para>
<screen><prompt>$ </prompt>nix-env -f '&lt;nixpkgs/nixos&gt;' --arg configuration {} -iA config.system.build.{nixos-generate-config,nixos-install,nixos-enter,manual.manpages}</screen>
<screen><prompt>$ </prompt>nix-env -f '&lt;nixpkgs>' -iA nixos-install-tools</screen>
</listitem>
<listitem>
<note>

View file

@ -112,6 +112,19 @@
it is deprecated.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://libreswan.org/">Libreswan</link> has been updated
to version 4.4. The package now includes example configurations and manual
pages by default. The NixOS module has been changed to use the upstream
systemd units and write the configuration in the <literal>/etc/ipsec.d/
</literal> directory. In addition, two new options have been added to
specify connection policies
(<xref linkend="opt-services.libreswan.policies"/>)
and disable send/receive redirects
(<xref linkend="opt-services.libreswan.disableRedirects"/>).
</para>
</listitem>
</itemizedlist>
</section>

View file

@ -233,14 +233,15 @@ in {
{
User = "${cfg.user}";
ExecStart = "${pkgs.mpd}/bin/mpd --no-daemon /run/mpd/mpd.conf";
ExecStartPre = pkgs.writeShellScript "mpd-start-pre" ''
ExecStartPre = pkgs.writeShellScript "mpd-start-pre" (''
set -euo pipefail
install -m 600 ${mpdConf} /run/mpd/mpd.conf
${optionalString (cfg.credentials != [])
"${pkgs.replace}/bin/replace-literal -fe ${
concatStringsSep " -a " (imap0 (i: c: "\"{{password-${toString i}}}\" \"$(cat ${c.passwordFile})\"") cfg.credentials)
} /run/mpd/mpd.conf"}
'';
'' + optionalString (cfg.credentials != [])
(concatStringsSep "\n"
(imap0
(i: c: ''${pkgs.replace-secret}/bin/replace-secret '{{password-${toString i}}}' '${c.passwordFile}' /run/mpd/mpd.conf'')
cfg.credentials))
);
RuntimeDirectory = "mpd";
Type = "notify";
LimitRTPRIO = 50;

View file

@ -59,7 +59,7 @@ let
replaceSecret = secretFile: placeholder: targetFile:
optionalString (secretFile != null) ''
${pkgs.replace}/bin/replace-literal -ef ${placeholder} "$(cat ${secretFile})" ${targetFile}'';
${pkgs.replace-secret}/bin/replace-secret '${placeholder}' '${secretFile}' '${targetFile}' '';
preStart = pkgs.writeShellScript "mpdscribble-pre-start" ''
cp -f "${cfgTemplate}" "${cfgFile}"

View file

@ -15,18 +15,6 @@ in {
options = {
services.flatpak = {
enable = mkEnableOption "flatpak";
guiPackages = mkOption {
internal = true;
type = types.listOf types.package;
default = [];
example = literalExample "[ pkgs.gnome.gnome-software ]";
description = ''
Packages that provide an interface for flatpak
(like gnome-software) that will be automatically available
to all users when flatpak is enabled.
'';
};
};
};
@ -40,7 +28,7 @@ in {
}
];
environment.systemPackages = [ pkgs.flatpak ] ++ cfg.guiPackages;
environment.systemPackages = [ pkgs.flatpak ];
services.dbus.packages = [ pkgs.flatpak ];

View file

@ -952,7 +952,7 @@ in {
path = with pkgs; [
jq
openssl
replace
replace-secret
git
];
serviceConfig = {
@ -994,8 +994,7 @@ in {
${optionalString cfg.smtp.enable ''
install -m u=rw ${smtpSettings} ${cfg.statePath}/config/initializers/smtp_settings.rb
${optionalString (cfg.smtp.passwordFile != null) ''
smtp_password=$(<'${cfg.smtp.passwordFile}')
replace-literal -e '@smtpPassword@' "$smtp_password" '${cfg.statePath}/config/initializers/smtp_settings.rb'
replace-secret '@smtpPassword@' '${cfg.smtp.passwordFile}' '${cfg.statePath}/config/initializers/smtp_settings.rb'
''}
''}

View file

@ -86,7 +86,9 @@ account_threepid_delegates:
${optionalString (cfg.account_threepid_delegates.email != null) "email: ${cfg.account_threepid_delegates.email}"}
${optionalString (cfg.account_threepid_delegates.msisdn != null) "msisdn: ${cfg.account_threepid_delegates.msisdn}"}
room_invite_state_types: ${builtins.toJSON cfg.room_invite_state_types}
room_prejoin_state:
disable_default_event_types: ${boolToString cfg.room_prejoin_state.disable_default_event_types}
additional_event_types: ${builtins.toJSON cfg.room_prejoin_state.additional_event_types}
${optionalString (cfg.macaroon_secret_key != null) ''
macaroon_secret_key: "${cfg.macaroon_secret_key}"
''}
@ -577,11 +579,28 @@ in {
Delegate SMS sending to this local process (https://localhost:8090)
'';
};
room_invite_state_types = mkOption {
room_prejoin_state.additional_event_types = mkOption {
default = [];
type = types.listOf types.str;
default = ["m.room.join_rules" "m.room.canonical_alias" "m.room.avatar" "m.room.name"];
description = ''
A list of event types that will be included in the room_invite_state
Additional events to share with users who received an invite.
'';
};
room_prejoin_state.disable_default_event_types = mkOption {
default = false;
type = types.bool;
description = ''
Whether to disable the default state-event types for users invited to a room.
These are:
<itemizedlist>
<listitem><para>m.room.join_rules</para></listitem>
<listitem><para>m.room.canonical_alias</para></listitem>
<listitem><para>m.room.avatar</para></listitem>
<listitem><para>m.room.encryption</para></listitem>
<listitem><para>m.room.name</para></listitem>
<listitem><para>m.room.create</para></listitem>
</itemizedlist>
'';
};
macaroon_secret_key = mkOption {
@ -728,6 +747,12 @@ in {
<nixpkgs/nixos/tests/matrix-synapse.nix>
'')
(mkRemovedOptionModule [ "services" "matrix-synapse" "web_client" ] "")
(mkRemovedOptionModule [ "services" "matrix-synapse" "room_invite_state_types" ] ''
You may add additional event types via
`services.matrix-synapse.room_prejoin_state.additional_event_types` and
disable the default events via
`services.matrix-synapse.room_prejoin_state.disable_default_event_types`.
'')
];
meta.doc = ./matrix-synapse.xml;

View file

@ -42,6 +42,9 @@ let
AUTH_ANONYMOUS_ENABLED = boolToString cfg.auth.anonymous.enable;
AUTH_ANONYMOUS_ORG_NAME = cfg.auth.anonymous.org_name;
AUTH_ANONYMOUS_ORG_ROLE = cfg.auth.anonymous.org_role;
AUTH_GOOGLE_ENABLED = boolToString cfg.auth.google.enable;
AUTH_GOOGLE_ALLOW_SIGN_UP = boolToString cfg.auth.google.allowSignUp;
AUTH_GOOGLE_CLIENT_ID = cfg.auth.google.clientId;
ANALYTICS_REPORTING_ENABLED = boolToString cfg.analytics.reporting.enable;
@ -528,23 +531,46 @@ in {
};
};
auth.anonymous = {
enable = mkOption {
description = "Whether to allow anonymous access.";
default = false;
type = types.bool;
auth = {
anonymous = {
enable = mkOption {
description = "Whether to allow anonymous access.";
default = false;
type = types.bool;
};
org_name = mkOption {
description = "Which organization to allow anonymous access to.";
default = "Main Org.";
type = types.str;
};
org_role = mkOption {
description = "Which role anonymous users have in the organization.";
default = "Viewer";
type = types.str;
};
};
org_name = mkOption {
description = "Which organization to allow anonymous access to.";
default = "Main Org.";
type = types.str;
google = {
enable = mkOption {
description = "Whether to allow Google OAuth2.";
default = false;
type = types.bool;
};
allowSignUp = mkOption {
description = "Whether to allow sign up with Google OAuth2.";
default = false;
type = types.bool;
};
clientId = mkOption {
description = "Google OAuth2 client ID.";
default = "";
type = types.str;
};
clientSecretFile = mkOption {
description = "Google OAuth2 client secret.";
default = null;
type = types.nullOr types.path;
};
};
org_role = mkOption {
description = "Which role anonymous users have in the organization.";
default = "Viewer";
type = types.str;
};
};
analytics.reporting = {
@ -609,6 +635,9 @@ in {
QT_QPA_PLATFORM = "offscreen";
} // mapAttrs' (n: v: nameValuePair "GF_${n}" (toString v)) envOptions;
script = ''
${optionalString (cfg.auth.google.clientSecretFile != null) ''
export GF_AUTH_GOOGLE_CLIENT_SECRET="$(cat ${escapeShellArg cfg.auth.google.clientSecretFile})"
''}
${optionalString (cfg.database.passwordFile != null) ''
export GF_DATABASE_PASSWORD="$(cat ${escapeShellArg cfg.database.passwordFile})"
''}

View file

@ -9,21 +9,22 @@ let
libexec = "${pkgs.libreswan}/libexec/ipsec";
ipsec = "${pkgs.libreswan}/sbin/ipsec";
trim = chars: str: let
nonchars = filter (x : !(elem x.value chars))
(imap0 (i: v: {ind = i; value = v;}) (stringToCharacters str));
in
if length nonchars == 0 then ""
else substring (head nonchars).ind (add 1 (sub (last nonchars).ind (head nonchars).ind)) str;
trim = chars: str:
let
nonchars = filter (x : !(elem x.value chars))
(imap0 (i: v: {ind = i; value = v;}) (stringToCharacters str));
in
if length nonchars == 0 then ""
else substring (head nonchars).ind (add 1 (sub (last nonchars).ind (head nonchars).ind)) str;
indent = str: concatStrings (concatMap (s: [" " (trim [" " "\t"] s) "\n"]) (splitString "\n" str));
configText = indent (toString cfg.configSetup);
connectionText = concatStrings (mapAttrsToList (n: v:
''
conn ${n}
${indent v}
'') cfg.connections);
configFile = pkgs.writeText "ipsec.conf"
configFile = pkgs.writeText "ipsec-nixos.conf"
''
config setup
${configText}
@ -31,6 +32,11 @@ let
${connectionText}
'';
policyFiles = mapAttrs' (name: text:
{ name = "ipsec.d/policies/${name}";
value.source = pkgs.writeText "ipsec-policy-${name}" text;
}) cfg.policies;
in
{
@ -41,41 +47,71 @@ in
services.libreswan = {
enable = mkEnableOption "libreswan ipsec service";
enable = mkEnableOption "Libreswan IPsec service";
configSetup = mkOption {
type = types.lines;
default = ''
protostack=netkey
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v4:100.64.0.0/10,%v6:fd00::/8,%v6:fe80::/10
'';
example = ''
secretsfile=/root/ipsec.secrets
protostack=netkey
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v4:100.64.0.0/10,%v6:fd00::/8,%v6:fe80::/10
'';
description = "Options to go in the 'config setup' section of the libreswan ipsec configuration";
description = "Options to go in the 'config setup' section of the Libreswan IPsec configuration";
};
connections = mkOption {
type = types.attrsOf types.lines;
default = {};
example = {
myconnection = ''
auto=add
left=%defaultroute
leftid=@user
example = literalExample ''
{ myconnection = '''
auto=add
left=%defaultroute
leftid=@user
right=my.vpn.com
right=my.vpn.com
ikev2=no
ikelifetime=8h
'';
};
description = "A set of connections to define for the libreswan ipsec service";
ikev2=no
ikelifetime=8h
''';
}
'';
description = "A set of connections to define for the Libreswan IPsec service";
};
policies = mkOption {
type = types.attrsOf types.lines;
default = {};
example = literalExample ''
{ private-or-clear = '''
# Attempt opportunistic IPsec for the entire Internet
0.0.0.0/0
::/0
''';
}
'';
description = ''
A set of policies to apply to the IPsec connections.
<note><para>
The policy name must match the one of connection it needs to apply to.
</para></note>
'';
};
disableRedirects = mkOption {
type = types.bool;
default = true;
description = ''
Whether to disable send and accept redirects for all nework interfaces.
See the Libreswan <link xlink:href="https://libreswan.org/wiki/FAQ#Why_is_it_recommended_to_disable_send_redirects_in_.2Fproc.2Fsys.2Fnet_.3F">
FAQ</link> page for why this is recommended.
'';
};
};
};
@ -85,43 +121,38 @@ in
config = mkIf cfg.enable {
# Install package, systemd units, etc.
environment.systemPackages = [ pkgs.libreswan pkgs.iproute2 ];
systemd.packages = [ pkgs.libreswan ];
systemd.tmpfiles.packages = [ pkgs.libreswan ];
# Install configuration files
environment.etc = {
"ipsec.secrets".source = "${pkgs.libreswan}/etc/ipsec.secrets";
"ipsec.conf".source = "${pkgs.libreswan}/etc/ipsec.conf";
"ipsec.d/01-nixos.conf".source = configFile;
} // policyFiles;
# Create NSS database directory
systemd.tmpfiles.rules = [ "d /var/lib/ipsec/nss 755 root root -" ];
systemd.services.ipsec = {
description = "Internet Key Exchange (IKE) Protocol Daemon for IPsec";
path = [
"${pkgs.libreswan}"
"${pkgs.iproute2}"
"${pkgs.procps}"
"${pkgs.nssTools}"
"${pkgs.iptables}"
"${pkgs.nettools}"
];
wants = [ "network-online.target" ];
after = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "simple";
Restart = "always";
EnvironmentFile = "-${pkgs.libreswan}/etc/sysconfig/pluto";
ExecStartPre = [
"${libexec}/addconn --config ${configFile} --checkconfig"
"${libexec}/_stackmanager start"
"${ipsec} --checknss"
"${ipsec} --checknflog"
];
ExecStart = "${libexec}/pluto --config ${configFile} --nofork \$PLUTO_OPTIONS";
ExecStop = "${libexec}/whack --shutdown";
ExecStopPost = [
"${pkgs.iproute2}/bin/ip xfrm policy flush"
"${pkgs.iproute2}/bin/ip xfrm state flush"
"${ipsec} --stopnflog"
];
ExecReload = "${libexec}/whack --listen";
};
restartTriggers = [ configFile ] ++ mapAttrsToList (n: v: v.source) policyFiles;
path = with pkgs; [
libreswan
iproute2
procps
nssTools
iptables
nettools
];
preStart = optionalString cfg.disableRedirects ''
# Disable send/receive redirects
echo 0 | tee /proc/sys/net/ipv4/conf/*/send_redirects
echo 0 | tee /proc/sys/net/ipv{4,6}/conf/*/accept_redirects
'';
};
};

View file

@ -661,7 +661,7 @@ in
];
path = cfg.package.runtimeDeps ++ [
postgresqlPackage
pkgs.replace
pkgs.replace-secret
cfg.package.rake
];
environment = cfg.package.runtimeEnv // {
@ -688,10 +688,7 @@ in
mkSecretReplacement = file:
lib.optionalString (file != null) ''
(
password=$(<'${file}')
replace-literal -fe '${file}' "$password" /run/discourse/config/discourse.conf
)
replace-secret '${file}' '${file}' /run/discourse/config/discourse.conf
'';
in ''
set -o errexit -o pipefail -o nounset -o errtrace
@ -713,11 +710,12 @@ in
cfg.siteSettings
"/run/discourse/config/nixos_site_settings.json"
}
install -T -m 0400 -o discourse ${discourseConf} /run/discourse/config/discourse.conf
install -T -m 0600 -o discourse ${discourseConf} /run/discourse/config/discourse.conf
${mkSecretReplacement cfg.database.passwordFile}
${mkSecretReplacement cfg.mail.outgoing.passwordFile}
${mkSecretReplacement cfg.redis.passwordFile}
${mkSecretReplacement cfg.secretKeyBaseFile}
chmod 0400 /run/discourse/config/discourse.conf
)
discourse-rake db:migrate >>/var/log/discourse/db_migration.log

View file

@ -633,6 +633,9 @@ in
after = databaseServices;
bindsTo = databaseServices;
wantedBy = [ "multi-user.target" ];
path = with pkgs; [
replace-secret
];
environment = {
JBOSS_LOG_DIR = "/var/log/keycloak";
JBOSS_BASE_DIR = "/run/keycloak";
@ -653,8 +656,7 @@ in
install -m 0600 ${cfg.package}/standalone/configuration/*.properties /run/keycloak/configuration
install -T -m 0600 ${keycloakConfig} /run/keycloak/configuration/standalone.xml
db_password="$(</run/keycloak/secrets/db_password)"
${pkgs.replace}/bin/replace-literal -fe '@db-password@' "$db_password" /run/keycloak/configuration/standalone.xml
replace-secret '@db-password@' '/run/keycloak/secrets/db_password' /run/keycloak/configuration/standalone.xml
export JAVA_OPTS=-Djboss.server.config.user.dir=/run/keycloak/configuration
${cfg.package}/bin/add-user-keycloak.sh -u admin -p '${cfg.initialAdminPassword}'

View file

@ -292,11 +292,6 @@ in
# If gnome is installed, build vim for gtk3 too.
nixpkgs.config.vim.gui = "gtk3";
# Install gnome-software if flatpak is enabled
services.flatpak.guiPackages = [
pkgs.gnome.gnome-software
];
})
(mkIf flashbackEnabled {
@ -467,31 +462,39 @@ in
# Adapt from https://gitlab.gnome.org/GNOME/gnome-build-meta/blob/gnome-3-38/elements/core/meta-gnome-core-utilities.bst
(mkIf serviceCfg.core-utilities.enable {
environment.systemPackages = (with pkgs.gnome; removePackagesByName [
baobab
cheese
eog
epiphany
gedit
gnome-calculator
gnome-calendar
gnome-characters
gnome-clocks
gnome-contacts
gnome-font-viewer
gnome-logs
gnome-maps
gnome-music
pkgs.gnome-photos
gnome-screenshot
gnome-system-monitor
gnome-weather
nautilus
pkgs.gnome-connections
simple-scan
totem
yelp
] config.environment.gnome.excludePackages);
environment.systemPackages =
with pkgs.gnome;
removePackagesByName
([
baobab
cheese
eog
epiphany
gedit
gnome-calculator
gnome-calendar
gnome-characters
gnome-clocks
gnome-contacts
gnome-font-viewer
gnome-logs
gnome-maps
gnome-music
pkgs.gnome-photos
gnome-screenshot
gnome-system-monitor
gnome-weather
nautilus
pkgs.gnome-connections
simple-scan
totem
yelp
] ++ lib.optionals config.services.flatpak.enable [
# Since PackageKit Nix support is not there yet,
# only install gnome-software if flatpak is enabled.
gnome-software
])
config.environment.gnome.excludePackages;
# Enable default program modules
# Since some of these have a corresponding package, we only

View file

@ -30,9 +30,12 @@ in {
systemd.services.qemu-guest-agent = {
description = "Run the QEMU Guest Agent";
serviceConfig = {
ExecStart = "${cfg.package}/bin/qemu-ga";
ExecStart = "${cfg.package}/bin/qemu-ga --statedir /run/qemu-ga";
Restart = "always";
RestartSec = 0;
# Runtime directory and mode
RuntimeDirectory = "qemu-ga";
RuntimeDirectoryMode = "0755";
};
};
}

View file

@ -217,6 +217,7 @@ in
latestKernel.login = handleTest ./login.nix { latestKernel = true; };
leaps = handleTest ./leaps.nix {};
lidarr = handleTest ./lidarr.nix {};
libreswan = handleTest ./libreswan.nix {};
lightdm = handleTest ./lightdm.nix {};
limesurvey = handleTest ./limesurvey.nix {};
locate = handleTest ./locate.nix {};

View file

@ -33,7 +33,7 @@ in
hardware.opengl.enable = true;
programs.xwayland.enable = true;
environment.systemPackages = [ pkgs.cagebreak pkgs.wallutils ];
environment.systemPackages = [ pkgs.cagebreak pkgs.wayland-utils ];
virtualisation.memorySize = 1024;
# Need to switch to a different VGA card / GPU driver than the default one (std) so that Cagebreak can launch:
@ -51,7 +51,7 @@ in
machine.wait_for_file("${XDG_RUNTIME_DIR}/wayland-0")
with subtest("ensure wayland works with wayinfo from wallutils"):
print(machine.succeed("env XDG_RUNTIME_DIR=${XDG_RUNTIME_DIR} wayinfo"))
print(machine.succeed("env XDG_RUNTIME_DIR=${XDG_RUNTIME_DIR} wayland-info"))
# TODO: Fix the XWayland test (log the cagebreak output to debug):
# with subtest("ensure xwayland works with xterm"):

134
nixos/tests/libreswan.nix Normal file
View file

@ -0,0 +1,134 @@
# This test sets up a host-to-host IPsec VPN between Alice and Bob, each on its
# own network and with Eve as the only route between each other. We check that
# Eve can eavesdrop the plaintext traffic between Alice and Bob, but once they
# enable the secure tunnel Eve's spying becomes ineffective.
import ./make-test-python.nix ({ lib, pkgs, ... }:
let
# IPsec tunnel between Alice and Bob
tunnelConfig = {
services.libreswan.enable = true;
services.libreswan.connections.tunnel =
''
leftid=@alice
left=fd::a
rightid=@bob
right=fd::b
authby=secret
auto=add
'';
environment.etc."ipsec.d/tunnel.secrets" =
{ text = ''@alice @bob : PSK "j1JbIi9WY07rxwcNQ6nbyThKCf9DGxWOyokXIQcAQUnafsNTUJxfsxwk9WYK8fHj"'';
mode = "600";
};
};
# Common network setup
baseNetwork = {
# shared hosts file
extraHosts = lib.mkVMOverride ''
fd::a alice
fd::b bob
fd::e eve
'';
# remove all automatic addresses
useDHCP = false;
interfaces.eth1.ipv4.addresses = lib.mkVMOverride [];
interfaces.eth2.ipv4.addresses = lib.mkVMOverride [];
# open a port for testing
firewall.allowedUDPPorts = [ 1234 ];
};
# Adds an address and route from a to b via Eve
addRoute = a: b: {
interfaces.eth1.ipv6.addresses =
[ { address = a; prefixLength = 64; } ];
interfaces.eth1.ipv6.routes =
[ { address = b; prefixLength = 128; via = "fd::e"; } ];
};
in
{
name = "libreswan";
meta = with lib.maintainers; {
maintainers = [ rnhmjoj ];
};
# Our protagonist
nodes.alice = { ... }: {
virtualisation.vlans = [ 1 ];
networking = baseNetwork // addRoute "fd::a" "fd::b";
} // tunnelConfig;
# Her best friend
nodes.bob = { ... }: {
virtualisation.vlans = [ 2 ];
networking = baseNetwork // addRoute "fd::b" "fd::a";
} // tunnelConfig;
# The malicious network operator
nodes.eve = { ... }: {
virtualisation.vlans = [ 1 2 ];
networking = lib.mkMerge
[ baseNetwork
{ interfaces.br0.ipv6.addresses =
[ { address = "fd::e"; prefixLength = 64; } ];
bridges.br0.interfaces = [ "eth1" "eth2" ];
}
];
environment.systemPackages = [ pkgs.tcpdump ];
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = true;
};
testScript =
''
def alice_to_bob(msg: str):
"""
Sends a message as Alice to Bob
"""
bob.execute("nc -lu ::0 1234 >/tmp/msg &")
alice.sleep(1)
alice.succeed(f"echo '{msg}' | nc -uw 0 bob 1234")
bob.succeed(f"grep '{msg}' /tmp/msg")
def eavesdrop():
"""
Starts eavesdropping on Alice and Bob
"""
match = "src host alice and dst host bob"
eve.execute(f"tcpdump -i br0 -c 1 -Avv {match} >/tmp/log &")
start_all()
with subtest("Network is up"):
alice.wait_until_succeeds("ping -c1 bob")
with subtest("Eve can eavesdrop cleartext traffic"):
eavesdrop()
alice_to_bob("I secretly love turnip")
eve.sleep(1)
eve.succeed("grep turnip /tmp/log")
with subtest("Libreswan is ready"):
alice.wait_for_unit("ipsec")
bob.wait_for_unit("ipsec")
alice.succeed("ipsec verify 1>&2")
with subtest("Alice and Bob can start the tunnel"):
alice.execute("ipsec auto --start tunnel &")
bob.succeed("ipsec auto --start tunnel")
# apparently this is needed to "wake" the tunnel
bob.execute("ping -c1 alice")
with subtest("Eve no longer can eavesdrop"):
eavesdrop()
alice_to_bob("Just kidding, I actually like rhubarb")
eve.sleep(1)
eve.fail("grep rhubarb /tmp/log")
'';
})

View file

@ -8,7 +8,6 @@
, python3
, pkg-config
, glib
, cmake
, libhandy
, gtk3
, appstream-glib
@ -53,7 +52,6 @@ stdenv.mkDerivation rec {
buildInputs = [
appstream-glib
cmake
desktop-file-utils
glib
gtk3

View file

@ -8,7 +8,7 @@
let
pname = "trezor-suite";
version = "21.4.1";
version = "21.5.1";
name = "${pname}-${version}";
suffix = {
@ -18,9 +18,10 @@ let
src = fetchurl {
url = "https://github.com/trezor/${pname}/releases/download/v${version}/Trezor-Suite-${version}-${suffix}.AppImage";
sha256 = {
aarch64-linux = "51ea8a5210f008d13a729ac42085563b5e8b971b17ed766f84d69d76dcb2db0c";
x86_64-linux = "9219168a504356152b3b807e1e7282e21952461d277596c6b82ddfe81ac2419c";
# sha512 hashes are obtained from latest-linux-arm64.yml and latest-linux.yml
sha512 = {
aarch64-linux = "sha512-nqwfonWySc+wBSJjC8BW9vm+v5zHbKqbbrTTRmoZdEYBJg2SthMtTULNLVpXaX9NHxr6guZnOWdBlzVk2dQkfQ==";
x86_64-linux = "sha512-tfvdNXsjMe8YXJwTuujz4tKTdfsCuR/9VECF8EkcRP95YM7vuDV8dumru1jKtdiv0gaS1GT3SPEeAfmczY5jGg==";
}.${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}");
};

View file

@ -1,7 +1,7 @@
{ mkDerivation, lib, stdenv, makeWrapper, fetchurl, cmake, extra-cmake-modules
, karchive, kconfig, kwidgetsaddons, kcompletion, kcoreaddons
, kguiaddons, ki18n, kitemmodels, kitemviews, kwindowsystem
, kio, kcrash
, kio, kcrash, breeze-icons
, boost, libraw, fftw, eigen, exiv2, libheif, lcms2, gsl, openexr, giflib
, openjpeg, opencolorio, vc, poppler, curl, ilmbase
, qtmultimedia, qtx11extras, quazip
@ -21,7 +21,7 @@ mkDerivation rec {
buildInputs = [
karchive kconfig kwidgetsaddons kcompletion kcoreaddons kguiaddons
ki18n kitemmodels kitemviews kwindowsystem kio kcrash
ki18n kitemmodels kitemviews kwindowsystem kio kcrash breeze-icons
boost libraw fftw eigen exiv2 lcms2 gsl openexr libheif giflib
openjpeg opencolorio poppler curl ilmbase
qtmultimedia qtx11extras quazip

View file

@ -7,7 +7,7 @@
, curl
, doxygen
, fetchFromGitHub
, ffmpeg
#, ffmpeg
, libmediainfo
, libraw
, libsodium
@ -52,7 +52,8 @@ mkDerivation rec {
c-ares
cryptopp
curl
ffmpeg
# temporarily disable until patched for ffmpeg 4.4
#ffmpeg
libmediainfo
libraw
libsodium
@ -94,7 +95,8 @@ mkDerivation rec {
"--with-cares"
"--with-cryptopp"
"--with-curl"
"--with-ffmpeg"
# temporarily disable until patched for ffmpeg 4.4
#"--with-ffmpeg"
"--without-freeimage" # unreferenced even when found
"--without-readline"
"--without-termcap"

View file

@ -10,7 +10,7 @@ stdenv.mkDerivation {
buildInputs = [ libX11 mesa_glu libspnav ];
configureFlags = [ "--disable-debug" ];
makeFlags = [ "CC=${stdenv.cc.targetPrefix}cc" ];
installPhase = ''
runHook preInstall

View file

@ -19,13 +19,13 @@ let
in
buildGoModule rec {
pname = "argo";
version = "3.0.3";
version = "3.0.4";
src = fetchFromGitHub {
owner = "argoproj";
repo = "argo";
rev = "v${version}";
sha256 = "sha256-6w0FwVmzICsjWH7lE2ZnIhictNFTpo8pQ2Wvsyn925A=";
sha256 = "sha256-zswX6nt7AxxTMznbY4Rk0A8j2PpSNht+gbTMbDr2yuY=";
};
vendorSha256 = "sha256-YjVAoMyGKMHLGEPeOOkCKCzeWFiUsXfJIKcw5GYoljg=";

View file

@ -12,13 +12,13 @@
mkDerivation rec {
pname = "kdeltachat";
version = "unstable-2021-05-16";
version = "unstable-2021-05-18";
src = fetchFromSourcehut {
owner = "~link2xt";
repo = "kdeltachat";
rev = "670960e18a7e9a1d994f26af27a12c73a7413c9a";
sha256 = "1k065pvz1p2wm1rvw4nlcmknc4z10ya4qfch5kz77bbhkf9vfw2l";
rev = "837336dc93b66912d48a3b7a2e8c1991b4d3650f";
sha256 = "17ms6dcfdz0y24285fqpmgvw391bxrkagsiiy4g5cyp8gfppkgaj";
};
nativeBuildInputs = [

View file

@ -2,10 +2,10 @@
popt, itstool, libxml2 }:
stdenv.mkDerivation rec {
name = "etherape-0.9.19";
name = "etherape-0.9.20";
src = fetchurl {
url = "mirror://sourceforge/etherape/${name}.tar.gz";
sha256 = "0w63vg2q6if3wvy2md66in8b6cdw9q40hny5xy6yrxky58l4kmg7";
sha256 = "sha256-9UsQtWOXB1yYofGS4rMIF+ISWBsJKd0DBOFfqOr1n5Y=";
};
nativeBuildInputs = [ itstool pkg-config (lib.getBin libxml2) ];

View file

@ -1,6 +1,10 @@
{ lib, stdenv, fetchFromGitHub, python3Packages, readline, bc }:
with lib;
{ lib
, stdenv
, fetchFromGitHub
, readline
, bc
, python3Packages
}:
stdenv.mkDerivation rec {
pname = "bcal";
@ -13,23 +17,21 @@ stdenv.mkDerivation rec {
sha256 = "4vR5rcbNkoEdSRNoMH9qMHP3iWFxejkVfXNiYfwbo/A=";
};
nativeBuildInputs = [ python3Packages.pytest ];
buildInputs = [ readline ];
installFlags = [ "PREFIX=$(out)" ];
doCheck = true;
checkInputs = [ bc ];
checkPhase = ''
python3 -m pytest test.py
'';
installFlags = [ "DESTDIR=$(out)" "PREFIX=" ];
checkInputs = [ bc python3Packages.pytestCheckHook ];
meta = {
pytestFlagsArray = [ "test.py" ];
meta = with lib; {
description = "Storage conversion and expression calculator";
homepage = "https://github.com/jarun/bcal";
license = licenses.gpl3Only;
platforms = [ "aarch64-linux" "x86_64-darwin" "x86_64-linux" ];
platforms = platforms.unix;
maintainers = with maintainers; [ jfrankenau ];
};
}

View file

@ -12,14 +12,23 @@ assert withThread -> libpthreadstubs != null;
stdenv.mkDerivation rec {
pname = "pari";
version = "2.11.4";
version = "2.13.1";
src = fetchurl {
# Versions with current majorMinor values are at http://pari.math.u-bordeaux.fr/pub/pari/unix/${pname}-${version}.tar.gz
url = "https://pari.math.u-bordeaux.fr/pub/pari/OLD/${lib.versions.majorMinor version}/${pname}-${version}.tar.gz";
sha256 = "sha256-v8iPxPc1L0hA5uNSxy8DacvqikVAOxg0piafNwmXCxw=";
urls = [
"https://pari.math.u-bordeaux.fr/pub/pari/unix/${pname}-${version}.tar.gz"
# old versions are at the url below
"https://pari.math.u-bordeaux.fr/pub/pari/OLD/${lib.versions.majorMinor version}/${pname}-${version}.tar.gz"
];
sha256 = "sha256-gez31wzNquIwFlz/Ynyc4uwpe48i+fQHQiedhfht/LE=";
};
patches = [
# rebased version of 3edb98db78, see
# https://pari.math.u-bordeaux.fr/cgi-bin/bugreport.cgi?bug=2284
./rnfdisc.patch
];
buildInputs = [
gmp
readline

View file

@ -0,0 +1,51 @@
commit 0d8a3ac970291c62b56104172418b3f2ca30927c
Author: Bill Allombert <Bill.Allombert@math.u-bordeaux.fr>
Date: Sun Mar 28 13:27:24 2021 +0200
rnfdisc_factored: remove spurious Q_primpart [#2284]
diff --git a/src/basemath/base2.c b/src/basemath/base2.c
index 7e7d0db9d..c461826f4 100644
--- a/src/basemath/base2.c
+++ b/src/basemath/base2.c
@@ -3582,7 +3582,7 @@ rnfdisc_factored(GEN nf, GEN pol, GEN *pd)
nf = checknf(nf);
pol = rnfdisc_get_T(nf, pol, &lim);
- disc = nf_to_scalar_or_basis(nf, nfX_disc(nf, Q_primpart(pol)));
+ disc = nf_to_scalar_or_basis(nf, nfX_disc(nf, pol));
pol = nfX_to_monic(nf, pol, NULL);
fa = idealfactor_partial(nf, disc, lim);
P = gel(fa,1); l = lg(P);
diff --git a/src/test/32/rnf b/src/test/32/rnf
index 1e743f415..c016dce00 100644
--- a/src/test/32/rnf
+++ b/src/test/32/rnf
@@ -853,9 +853,10 @@ error("inconsistent dimensions in idealtwoelt.")
0
0
1
-[[7361, 3786, 318, 5823; 0, 1, 0, 0; 0, 0, 1, 0; 0, 0, 0, 1], [-3, 6, -2, 0]
-~]
-[2, -1]
+[[433, 322, 318, 1318/17; 0, 1, 0, 12/17; 0, 0, 1, 5/17; 0, 0, 0, 1/17], [25
+/17, -12/17, 12/17, 16/17]~]
+[1, -1]
+[[12, 0, 0, 0; 0, 12, 4, 0; 0, 0, 4, 0; 0, 0, 0, 4], [6, 5, -1, 2]~]
*** at top-level: rnfdedekind(nf,P,pr2,1)
*** ^-----------------------
*** rnfdedekind: sorry, Dedekind in the difficult case is not yet implemented.
diff --git a/src/test/in/rnf b/src/test/in/rnf
index 7851ae291..318d5349e 100644
--- a/src/test/in/rnf
+++ b/src/test/in/rnf
@@ -212,6 +212,9 @@ k = nfinit(y^4 + 10*y^2 + 17);
rnfdisc(k, x^2 - x + 1/Mod(y,k.pol))
rnfdisc(k, x^2 - x + 1/2)
+k = nfinit(y^4 - 10*y^2 + 1);
+rnfdisc(k,x^2-(y^3/2+y^2-5*y/2+1))
+
\\ ERRORS, keep at end of file
rnfdedekind(nf, P, pr2, 1)
rnfdedekind(nf, P)

View file

@ -78,6 +78,18 @@ stdenv.mkDerivation rec {
# ignore a deprecation warning for usage of `cmp` in the attrs library in the doctests
./patches/ignore-cmp-deprecation.patch
# https://trac.sagemath.org/ticket/30801. this patch has
# positive_review but has not been merged upstream yet, so we
# don't use fetchSageDiff because it returns a file that contains
# each commit as a separate patch instead of a single diff, and
# some commits from the pari update branch are already in 9.3.rc5
# (auto-resolvable merge conflicts).
(fetchpatch {
name = "pari-2.13.1.patch";
url = "https://github.com/sagemath/sagetrac-mirror/compare/d6c5cd9be78cc448ee4c54bac93385b1244a234c...10a4531721d2700fd717e2b3a1364508ffd971c3.diff";
sha256 = "sha256-zMjRMEReoiTvmt+vvV0Ij1jtyLSLwSXBEVXqgvmq1D4=";
})
];
patches = nixPatches ++ bugfixPatches ++ packageUpgradePatches;

View file

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "gh";
version = "1.10.0";
version = "1.10.1";
src = fetchFromGitHub {
owner = "cli";
repo = "cli";
rev = "v${version}";
sha256 = "sha256-nQc10uTb7yQoH9rlMQiexttdAnnPRGaHCrzZNqkZcIc=";
sha256 = "sha256-ESwgG1sMkR44KpO7k5HNR3gPBgOqIADpS6fSOqqNn2Q=";
};
vendorSha256 = "sha256-A7Bo0HQ5Z2SXY32jWCYgwvvInD3xYLSXvipzeaQTDiM=";

View file

@ -1,12 +1,19 @@
{ lib, buildPythonApplication, fetchPypi, pyyaml }:
{ lib, buildPythonApplication, fetchFromGitHub, pyyaml }:
buildPythonApplication rec {
version = "0.1.5";
version = "0.2.0pre-2021-05-18";
pname = "podman-compose";
src = fetchPypi {
inherit pname version;
sha256 = "1sgbc889zq127qhxa9frhswa1mid19fs5qnyzfihx648y5i968pv";
# "This project is still under development." -- README.md
#
# As of May 2021, the latest release (0.1.5) has fewer than half of all
# commits. This project seems to have no release management, so the last
# commit is the best one until proven otherwise.
src = fetchFromGitHub {
repo = "podman-compose";
owner = "containers";
rev = "62d2024feecf312e9591cc145f49cee9c70ab4fe";
sha256 = "17992imkvi6129wvajsp0iz5iicfmh53i20qy2mzz17kcz30r2pp";
};
propagatedBuildInputs = [ pyyaml ];

View file

@ -16,13 +16,13 @@
buildGoPackage rec {
pname = "runc";
version = "1.0.0-rc94";
version = "1.0.0-rc95";
src = fetchFromGitHub {
owner = "opencontainers";
repo = "runc";
rev = "v${version}";
sha256 = "sha256-53P48jNSfC6ELpZNI30yAf7kofUsrJpNY96u0UT+ITg=";
sha256 = "sha256-q4sXcvJO9gyo7m0vlaMrwh7ZZHYa58FJy3GatWndS6M=";
};
goPackagePath = "github.com/opencontainers/runc";

View file

@ -0,0 +1,35 @@
{ stdenv, lib, python3 }:
stdenv.mkDerivation {
name = "replace-secret";
buildInputs = [ python3 ];
phases = [ "installPhase" "checkPhase" ];
installPhase = ''
install -D ${./replace-secret.py} $out/bin/replace-secret
patchShebangs $out
'';
doCheck = true;
checkPhase = ''
install -m 0600 ${./test/input_file} long_test
$out/bin/replace-secret "replace this" ${./test/passwd} long_test
$out/bin/replace-secret "and this" ${./test/rsa} long_test
diff ${./test/expected_long_output} long_test
install -m 0600 ${./test/input_file} short_test
$out/bin/replace-secret "replace this" <(echo "a") short_test
$out/bin/replace-secret "and this" <(echo "b") short_test
diff ${./test/expected_short_output} short_test
'';
meta = with lib; {
platforms = platforms.all;
maintainers = with maintainers; [ talyz ];
license = licenses.mit;
description = "Replace a string in one file with a secret from a second file";
longDescription = ''
Replace a string in one file with a secret from a second file.
Since the secret is read from a file, it won't be leaked through
'/proc/<pid>/cmdline', unlike when 'sed' or 'replace' is used.
'';
};
}

View file

@ -0,0 +1,28 @@
#!/usr/bin/env python
import argparse
from argparse import RawDescriptionHelpFormatter
description = """
Replace a string in one file with a secret from a second file.
Since the secret is read from a file, it won't be leaked through
'/proc/<pid>/cmdline', unlike when 'sed' or 'replace' is used.
"""
parser = argparse.ArgumentParser(
description=description,
formatter_class=RawDescriptionHelpFormatter
)
parser.add_argument("string_to_replace", help="the string to replace")
parser.add_argument("secret_file", help="the file containing the secret")
parser.add_argument("file", help="the file to perform the replacement on")
args = parser.parse_args()
with open(args.secret_file) as sf, open(args.file, 'r+') as f:
old = f.read()
secret = sf.read().strip("\n")
new_content = old.replace(args.string_to_replace, secret)
f.seek(0)
f.write(new_content)
f.truncate()

View file

@ -0,0 +1,30 @@
beginning
middle $6$UcbJUl5g$HRMfKNKsLTfVbcQb.P5o0bmZUfHDYkWseMSuZ8F5jSIGZZcI3Jnit23f8ZeZOGi4KL86HVM9RYqrpYySOu/fl0 not this
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAzrru6v5tfwQl6L+rOUjtLo8kbhMUlCLXP7TYngSGrkzPMWe+
0gB04UAmiPZXfBmvj5fPqYiFjIaEDHE/SD41vJB/RJKKtId2gCAIHhBLkbr+4+60
yEbLkJci5i4kJC1dt8OKFEzXkaVnwOSgjH+0NwO3bstZ+E70zMXS9+NS71qGsIEb
5J1TnacwW/u6CdFyakLljWOXOR14rLIpiPBBFLf+oZiepjIhlWXWHqsxZOb7zMI0
T4W5WJ2dwGFsJ8rkYaGZ+A5qzYbi/KmHqaSPaNDsyoi7yJhAhKPByALJU916+8QO
xOnqZxWGki3PDzCslRwW4i3mGbZlBQMnlfbN3QIDAQABAoIBAHDn1W7QkFrLmCy6
6bf6pVdFZF8d2qJhOPAZRClhTXFKj+pqv+QPzcXr9F/fMr6bhK/G+Oqdnlq2aM4m
16oMF+spe+impEyeo1CsreJFghBQcb9o8qFjUPBiKvROBP0hLcscZ4BYy29HSBgo
harWYEWfqQJA251q+fYQoP0z0WrZKddOZbRRnJ0ICRxAE7IEtDT6EYt8R9oGi2j4
/rpdW+rYGjW3TcmzdR7lpVMJRLlbMbSdR8n6cI6rnfySygcoE5tFX5t/YZSNbBPg
GebKCbEHYNTTG8bC1qjUyzlbEQ6XYWvFO7HTKU7105XpjYTQFByeo0IVkin0o5KW
t7eQWb0CgYEA6zZUWsYoQ13nXEU6Ky89Q9uhesMfaJ/F2X5ikQSRqRvrR3QR+ULe
eNnCl10O9SiFpR4b5gSbLSHMffxGN60P1nEO4CiIKE+gOii8Kdk5htIJFy/dcZUc
PuPM+zD9/6Is5sAWUZo45bnT6685h6EjM2+6zNZtx/XMjSfWbHaY+HMCgYEA4QAy
6ZEgd6FHnNfM/q2o8XU3d6OCdhcu26u6ydnCalbSpPSKWOi6gnHK4ZnGdryXgIYw
hRkvYINfiONkShYytotIh4YxUbgpwdvJRyKa2ZdWhcMmtFzZOcEVzQTKBasFT74C
Wo0iybZ++XZh3M0+n7oyyx39aR7diZ+/zq6PnG8CgYB8B1QH4cHNdDDRqPd5WhmW
NLQ7xbREOSvc+hYDnkMoxz4TmZL4u1gQpdNEeZ+visSeQvg3HGqvK8lnDaYBKdLW
IxvS+8yAZSx6PoyqDI+XFh4RCf5dLGGOkBTAyB7Hs761lsiuEwK5sHmdJ/LQIBot
v1bjOJb/AA/yxvT8kLUtHQKBgGIA9iwqXJv/EfRNQytDdS0HQ4vHGtJZMr3YRVoa
kcZD3yieo4wqguLCsf4mPv4FE3CWAphW6f39+yTi9xIWLSy56nOtjdnsf7PDCh8E
AbL5amSFJly1fKDda6OLjHt/jKa5Osk6ZIa8CP6cA/BrLfXg4rL6cyDQouqJPMDH
5CHdAoGBAIChjbTyoYvANkoANCK4SuqLUYeiYREfiM3sqHe1xirK1PPHw03ZLITl
ltjo9qE6kPXWcTBVckTKGFlntyCT283FC0/vMmHo8dTdtxF4/wSbkqs3ORuJ3p5J
cNtLYGD3vgwLmg6tTur4U60XN+tYDzWGteez8J9GwTMfKJmuS9af
-----END RSA PRIVATE KEY-----
end

View file

@ -0,0 +1,4 @@
beginning
middle a not this
b
end

View file

@ -0,0 +1,4 @@
beginning
middle replace this not this
and this
end

View file

@ -0,0 +1 @@
$6$UcbJUl5g$HRMfKNKsLTfVbcQb.P5o0bmZUfHDYkWseMSuZ8F5jSIGZZcI3Jnit23f8ZeZOGi4KL86HVM9RYqrpYySOu/fl0

View file

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAzrru6v5tfwQl6L+rOUjtLo8kbhMUlCLXP7TYngSGrkzPMWe+
0gB04UAmiPZXfBmvj5fPqYiFjIaEDHE/SD41vJB/RJKKtId2gCAIHhBLkbr+4+60
yEbLkJci5i4kJC1dt8OKFEzXkaVnwOSgjH+0NwO3bstZ+E70zMXS9+NS71qGsIEb
5J1TnacwW/u6CdFyakLljWOXOR14rLIpiPBBFLf+oZiepjIhlWXWHqsxZOb7zMI0
T4W5WJ2dwGFsJ8rkYaGZ+A5qzYbi/KmHqaSPaNDsyoi7yJhAhKPByALJU916+8QO
xOnqZxWGki3PDzCslRwW4i3mGbZlBQMnlfbN3QIDAQABAoIBAHDn1W7QkFrLmCy6
6bf6pVdFZF8d2qJhOPAZRClhTXFKj+pqv+QPzcXr9F/fMr6bhK/G+Oqdnlq2aM4m
16oMF+spe+impEyeo1CsreJFghBQcb9o8qFjUPBiKvROBP0hLcscZ4BYy29HSBgo
harWYEWfqQJA251q+fYQoP0z0WrZKddOZbRRnJ0ICRxAE7IEtDT6EYt8R9oGi2j4
/rpdW+rYGjW3TcmzdR7lpVMJRLlbMbSdR8n6cI6rnfySygcoE5tFX5t/YZSNbBPg
GebKCbEHYNTTG8bC1qjUyzlbEQ6XYWvFO7HTKU7105XpjYTQFByeo0IVkin0o5KW
t7eQWb0CgYEA6zZUWsYoQ13nXEU6Ky89Q9uhesMfaJ/F2X5ikQSRqRvrR3QR+ULe
eNnCl10O9SiFpR4b5gSbLSHMffxGN60P1nEO4CiIKE+gOii8Kdk5htIJFy/dcZUc
PuPM+zD9/6Is5sAWUZo45bnT6685h6EjM2+6zNZtx/XMjSfWbHaY+HMCgYEA4QAy
6ZEgd6FHnNfM/q2o8XU3d6OCdhcu26u6ydnCalbSpPSKWOi6gnHK4ZnGdryXgIYw
hRkvYINfiONkShYytotIh4YxUbgpwdvJRyKa2ZdWhcMmtFzZOcEVzQTKBasFT74C
Wo0iybZ++XZh3M0+n7oyyx39aR7diZ+/zq6PnG8CgYB8B1QH4cHNdDDRqPd5WhmW
NLQ7xbREOSvc+hYDnkMoxz4TmZL4u1gQpdNEeZ+visSeQvg3HGqvK8lnDaYBKdLW
IxvS+8yAZSx6PoyqDI+XFh4RCf5dLGGOkBTAyB7Hs761lsiuEwK5sHmdJ/LQIBot
v1bjOJb/AA/yxvT8kLUtHQKBgGIA9iwqXJv/EfRNQytDdS0HQ4vHGtJZMr3YRVoa
kcZD3yieo4wqguLCsf4mPv4FE3CWAphW6f39+yTi9xIWLSy56nOtjdnsf7PDCh8E
AbL5amSFJly1fKDda6OLjHt/jKa5Osk6ZIa8CP6cA/BrLfXg4rL6cyDQouqJPMDH
5CHdAoGBAIChjbTyoYvANkoANCK4SuqLUYeiYREfiM3sqHe1xirK1PPHw03ZLITl
ltjo9qE6kPXWcTBVckTKGFlntyCT283FC0/vMmHo8dTdtxF4/wSbkqs3ORuJ3p5J
cNtLYGD3vgwLmg6tTur4U60XN+tYDzWGteez8J9GwTMfKJmuS9af
-----END RSA PRIVATE KEY-----

View file

@ -1,5 +1,27 @@
{ lib, nixosTest, path, writeText, hello, figlet, stdenvNoCC }:
{ lib, nixosTest, pkgs, writeText, hello, figlet, stdenvNoCC }:
# -------------------------------------------------------------------------- #
#
# trivial-builders test
#
# -------------------------------------------------------------------------- #
#
# This file can be run independently (quick):
#
# $ pkgs/build-support/trivial-builders/test.sh
#
# or in the build sandbox with a ~20s VM overhead
#
# $ nix-build -A tests.trivial-builders
#
# -------------------------------------------------------------------------- #
let
invokeSamples = file:
lib.concatStringsSep " " (
lib.attrValues (import file { inherit pkgs; })
);
in
nixosTest {
name = "nixpkgs-trivial-builders";
nodes.machine = { ... }: {
@ -10,11 +32,22 @@ nixosTest {
environment.etc."pre-built-paths".source = writeText "pre-built-paths" (
builtins.toJSON [hello figlet stdenvNoCC]
);
environment.variables = {
SAMPLE = invokeSamples ./test/sample.nix;
REFERENCES = invokeSamples ./test/invoke-writeReferencesToFile.nix;
DIRECT_REFS = invokeSamples ./test/invoke-writeDirectReferencesToFile.nix;
};
};
testScript = ''
machine.succeed("""
cd ${lib.cleanSource path}
./pkgs/build-support/trivial-builders/test.sh 2>/dev/console
${./test.sh} 2>/dev/console
""")
'';
meta = {
license = lib.licenses.mit; # nixpkgs license
maintainers = with lib.maintainers; [
roberth
];
description = "Run the Nixpkgs trivial builders tests";
};
}

View file

@ -25,33 +25,32 @@ set -euo pipefail
cd "$(dirname ${BASH_SOURCE[0]})" # nixpkgs root
testDirectReferences() {
expr="$1"
if [[ -z ${SAMPLE:-} ]]; then
sample=( `nix-build test/sample.nix` )
directRefs=( `nix-build test/invoke-writeDirectReferencesToFile.nix` )
references=( `nix-build test/invoke-writeReferencesToFile.nix` )
else
# Injected by Nix (to avoid evaluating in a derivation)
# turn them into arrays
sample=($SAMPLE)
directRefs=($DIRECT_REFS)
references=($REFERENCES)
fi
echo >&2 Testing direct references...
for i in "${!sample[@]}"; do
echo >&2 Checking '#'$i ${sample[$i]} ${directRefs[$i]}
diff -U3 \
<(sort <$(nix-build --no-out-link --expr "with import ../../.. {}; writeDirectReferencesToFile ($expr)")) \
<(nix-store -q --references $(nix-build --no-out-link --expr "with import ../../.. {}; ($expr)") | sort)
}
<(sort <${directRefs[$i]}) \
<(nix-store -q --references ${sample[$i]} | sort)
done
testDirectReferences 'hello'
testDirectReferences 'figlet'
testDirectReferences 'writeText "hi" "hello"'
testDirectReferences 'writeText "hi" "hello ${hello}"'
testDirectReferences 'writeText "hi" "hello ${hello} ${figlet}"'
testClosure() {
expr="$1"
echo >&2 Testing closure...
for i in "${!sample[@]}"; do
echo >&2 Checking '#'$i ${sample[$i]} ${references[$i]}
diff -U3 \
<(sort <$(nix-build --no-out-link --expr "with import ../../.. {}; writeReferencesToFile ($expr)")) \
<(nix-store -q --requisites $(nix-build --no-out-link --expr "with import ../../.. {}; ($expr)") | sort)
}
testClosure 'hello'
testClosure 'figlet'
testClosure 'writeText "hi" "hello"'
testClosure 'writeText "hi" "hello ${hello}"'
testClosure 'writeText "hi" "hello ${hello} ${figlet}"'
<(sort <${references[$i]}) \
<(nix-store -q --requisites ${sample[$i]} | sort)
done
echo 'OK!'

View file

@ -0,0 +1,4 @@
{ pkgs ? import ../../../.. { config = {}; overlays = []; } }:
pkgs.lib.mapAttrs
(k: v: pkgs.writeDirectReferencesToFile v)
(import ./sample.nix { inherit pkgs; })

View file

@ -0,0 +1,4 @@
{ pkgs ? import ../../../.. { config = {}; overlays = []; } }:
pkgs.lib.mapAttrs
(k: v: pkgs.writeReferencesToFile v)
(import ./sample.nix { inherit pkgs; })

View file

@ -0,0 +1,15 @@
{ pkgs ? import ../../../.. { config = {}; overlays = []; } }:
let
inherit (pkgs)
figlet
hello
writeText
;
in
{
hello = hello;
figlet = figlet;
norefs = writeText "hi" "hello";
helloRef = writeText "hi" "hello ${hello}";
helloFigletRef = writeText "hi" "hello ${hello} ${figlet}";
}

View file

@ -1,6 +1,6 @@
{
"commit": "b963dde27c24394c4be0031039dae4cb6a363aed",
"url": "https://github.com/commercialhaskell/all-cabal-hashes/archive/b963dde27c24394c4be0031039dae4cb6a363aed.tar.gz",
"sha256": "1yr9j4ldpi2p2zgdq4mky6y5yh7nilasdmskapbdxp9fxwba2r0x",
"msg": "Update from Hackage at 2021-05-10T22:01:59Z"
"commit": "2295bd36e0d36af6e862dfdb7b0694fba2e7cb58",
"url": "https://github.com/commercialhaskell/all-cabal-hashes/archive/2295bd36e0d36af6e862dfdb7b0694fba2e7cb58.tar.gz",
"sha256": "1bzqy6kbw0i1ryg3ia5spg6m62zkc46xhhn0h76pfq7mfmm3fqf8",
"msg": "Update from Hackage at 2021-05-12T11:46:04Z"
}

View file

@ -1,14 +1,24 @@
{ mkDerivation, lib, fetchFromGitHub, nix-update-script, cmake, ninja, qtbase, pantheon }:
{ mkDerivation
, stdenv
, lib
, fetchFromGitHub
, nix-update-script
, cmake
, ninja
, qtbase
, qt5
, xorg
}:
mkDerivation rec {
pname = "adwaita-qt";
version = "1.1.4";
version = "1.3.0";
src = fetchFromGitHub {
owner = "FedoraQt";
repo = pname;
rev = version;
sha256 = "19s97wm96g3828dp8m85j3lsn1n6h5h2zqk4652hcqcgq6xb6gv5";
sha256 = "1fkivdiz4al84nhgg1srj33l109j9si63biw3asy339cyyzj28c9";
};
nativeBuildInputs = [
@ -18,11 +28,14 @@ mkDerivation rec {
buildInputs = [
qtbase
qt5.qtx11extras
] ++ lib.optionals stdenv.isLinux [
xorg.libxcb
];
postPatch = ''
# Fix plugin dir
substituteInPlace style/CMakeLists.txt \
substituteInPlace src/style/CMakeLists.txt \
--replace "DESTINATION \"\''${QT_PLUGINS_DIR}/styles" "DESTINATION \"$qtPluginPrefix/styles"
'';
@ -37,6 +50,6 @@ mkDerivation rec {
homepage = "https://github.com/FedoraQt/adwaita-qt";
license = licenses.gpl2Plus;
maintainers = teams.gnome.members ++ (with maintainers; [ ]);
platforms = platforms.linux;
platforms = platforms.all;
};
}

View file

@ -2,21 +2,19 @@
stdenv.mkDerivation rec {
pname = "gnome-shell-extension-fuzzy-app-search";
version = "4";
version = "4.0.1";
src = fetchFromGitLab {
owner = "Czarlie";
repo = "gnome-fuzzy-app-search";
rev = "da9c15d39958d9c3b38df3b616fd40b85aed24e5";
sha256 = "1r3qha530s97x818znn1wi76f4x9bhlgi7jlxfwjnrwys62cv5fn";
rev = "v${version}";
sha256 = "127n3jc5d6cl0yrpjf8acdj76br97knks1wx4f6jcswkx9x47w0a";
};
uuid = "gnome-fuzzy-app-search@gnome-shell-extensions.Czarlie.gitlab.com";
nativeBuildInputs = [ glib ];
patches = [ ./fix-desktop-file-paths.patch ];
makeFlags = [ "INSTALL_PATH=$(out)/share/gnome-shell/extensions" ];
meta = with lib; {

View file

@ -1,50 +0,0 @@
diff --git a/applicationsUtils.js b/applicationsUtils.js
index 728223b..aa9f291 100644
--- a/applicationsUtils.js
+++ b/applicationsUtils.js
@@ -44,27 +44,24 @@ var Search = new Lang.Class({
* @return {Void}
*/
_init: function () {
- let dir = [
- "/usr/share/applications",
- GLib.get_home_dir() + "/.local/share/applications",
- ];
-
- // listen object - file/monitor list
- this._listen = dir.map((path) => {
- let file = Gio.File.new_for_path(path);
- let monitor = file.monitor(Gio.FileMonitorFlags.NONE, null);
-
- // refresh on each directory change
- monitor.connect(
- "changed",
- Lang.bind(this, this._handleMonitorChanged)
- );
-
- return {
- file: file,
- monitor: monitor,
- };
- });
+ this._listen = [...new Set(GLib.get_system_data_dirs())]
+ .filter((path) => path.endsWith("/share"))
+ .map((path) => Gio.File.new_for_path(path + "/applications"))
+ .filter((file) => file.query_exists(null))
+ .map((file) => {
+ let monitor = file.monitor(Gio.FileMonitorFlags.NONE, null);
+
+ // refresh on each directory change
+ monitor.connect(
+ "changed",
+ Lang.bind(this, this._handleMonitorChanged)
+ );
+
+ return {
+ file: file,
+ monitor: monitor,
+ };
+ });
this._interval = null;
this._data = {};

View file

@ -135,6 +135,9 @@ in buildPythonApplication rec {
postPatch = ''
substitute platformio/package/manifest/schema.py platformio/package/manifest/schema.py \
--subst-var-by SPDX_LICENSE_LIST_DATA '${spdx-license-list-data}'
substituteInPlace setup.py \
--replace "zeroconf==0.28.*" "zeroconf"
'';
meta = with lib; {

View file

@ -10,7 +10,9 @@
, # GHC can be built with system libffi or a bundled one.
libffi ? null
, enableDwarf ? !stdenv.targetPlatform.isDarwin &&
# Libdw.c only supports x86_64, i686 and s390x
, enableDwarf ? stdenv.targetPlatform.isx86 &&
!stdenv.targetPlatform.isDarwin &&
!stdenv.targetPlatform.isWindows
, elfutils # for DWARF support
@ -259,6 +261,8 @@ stdenv.mkDerivation (rec {
description = "The Glasgow Haskell Compiler";
maintainers = with lib.maintainers; [ marcweber andres peti ];
inherit (ghc.meta) license platforms;
# ghcHEAD times out on aarch64-linux on Hydra.
hydraPlatforms = builtins.filter (p: p != "aarch64-linux") ghc.meta.platforms;
};
dontStrip = (targetPlatform.useAndroidPrebuilt || targetPlatform.isWasm);

View file

@ -62,6 +62,30 @@ self: super: {
hsemail-ns = dontCheck super.hsemail-ns;
openapi3 = dontCheck super.openapi3;
strict-writer = dontCheck super.strict-writer;
xml-html-qq = dontCheck super.xml-html-qq;
static = dontCheck super.static;
hhp = dontCheck super.hhp;
groupBy = dontCheck super.groupBy;
greskell = dontCheck super.greskell;
html-validator-cli = dontCheck super.html-validator-cli;
hw-fingertree-strict = dontCheck super.hw-fingertree-strict;
hw-prim = dontCheck super.hw-prim;
hw-packed-vector = dontCheck super.hw-packed-vector;
hw-xml = dontCheck super.hw-xml;
lens-regex = dontCheck super.lens-regex;
meep = dontCheck super.meep;
ranged-list = dontCheck super.ranged-list;
rank2classes = dontCheck super.rank2classes;
schedule = dontCheck super.schedule;
twiml = dontCheck super.twiml;
twitter-conduit = dontCheck super.twitter-conduit;
validationt = dontCheck super.validationt;
vgrep = dontCheck super.vgrep;
vulkan-utils = dontCheck super.vulkan-utils;
yaml-combinators = dontCheck super.yaml-combinators;
yesod-paginator = dontCheck super.yesod-paginator;
grammatical-parsers = dontCheck super.grammatical-parsers;
construct = dontCheck super.construct;
# https://github.com/ekmett/half/issues/35
half = dontCheck super.half;

View file

@ -170,18 +170,39 @@ self: super: {
# base bound
digit = doJailbreak super.digit;
# 2020-06-05: HACK: does not pass own build suite - `dontCheck`
hnix = generateOptparseApplicativeCompletion "hnix"
(overrideCabal super.hnix (drv: {
# 2020-06-05: HACK: does not pass own build suite - `dontCheck`
doCheck = false;
prePatch = ''
# fix encoding problems when patching
${pkgs.dos2unix}/bin/dos2unix hnix.cabal
'' + (drv.prePatch or "");
# 2021-05-12: Revert a few dependency cleanups which depend on release
# that are not in stackage yet:
# * Depend on semialign-indexed for Data.Semialign.Indexed
# (remove when semialign >= 1.2 in stackage)
# * Readd dependencies to text and unordered-containers.
# (remove when relude >= 1.0.0.0 is in stackage, see
# https://github.com/haskell-nix/hnix/issues/933)
libraryHaskellDepends = [
self.semialign-indexed
] ++ drv.libraryHaskellDepends;
patches = [
# support ref-tf in hnix 0.12.0.1, can be removed after
# https://github.com/haskell-nix/hnix/pull/918
./patches/hnix-ref-tf-0.5-support.patch
# depend on semialign-indexed again
(pkgs.fetchpatch {
url = "https://github.com/haskell-nix/hnix/commit/16fc342a4f2974f855968472252cd9274609f177.patch";
sha256 = "0gm4gy3jpn4dqnrhnqlsavfpw9c1j1xa8002v54knnlw6vpk9niy";
revert = true;
})
# depend on text again
(pkgs.fetchpatch {
url = "https://github.com/haskell-nix/hnix/commit/73057618576e86bb87dfd42f62b855d24bbdf469.patch";
sha256 = "03cyk96d5ad362i1pnz9bs8ifr84kpv8phnr628gys4j6a0bqwzc";
revert = true;
})
# depend on unordered-containers again
(pkgs.fetchpatch {
url = "https://github.com/haskell-nix/hnix/commit/70643481883ed448b51221a030a76026fb5eb731.patch";
sha256 = "0pqmijfkysjixg3gb4kmrqdif7s2saz8qi6k337jf15i0npzln8d";
revert = true;
})
] ++ (drv.patches or []);
}));
@ -922,7 +943,16 @@ self: super: {
# https://github.com/commercialhaskell/stackage/issues/5795
# This issue can be mitigated with 'dontCheck' which skips the tests and their compilation.
dhall-json = generateOptparseApplicativeCompletions ["dhall-to-json" "dhall-to-yaml"] (dontCheck super.dhall-json);
dhall-nix = generateOptparseApplicativeCompletion "dhall-to-nix" super.dhall-nix;
# dhall-nix, dhall-nixpkgs: pull updated cabal files with updated bounds.
# Remove at next hackage update.
dhall-nix = generateOptparseApplicativeCompletion "dhall-to-nix" (overrideCabal super.dhall-nix {
revision = "2";
editedCabalFile = "1w90jrkzmbv5nasafkkv0kyfmnqkngldx2lr891113h2mqbbr3wx";
});
dhall-nixpkgs = overrideCabal super.dhall-nixpkgs {
revision = "1";
editedCabalFile = "1y08jxg51sbxx0i7ra45ii2v81plzf4hssmwlrw35l8n5gib1vcg";
};
dhall-yaml = generateOptparseApplicativeCompletions ["dhall-to-yaml-ng" "yaml-to-dhall"] super.dhall-yaml;
# https://github.com/haskell-hvr/netrc/pull/2#issuecomment-469526558
@ -1378,6 +1408,15 @@ self: super: {
# 2021-04-09: test failure
# PR pending https://github.com/expipiplus1/update-nix-fetchgit/pull/60
doCheck = false;
patches = [
# 2021-05-17 compile with hnix >= 0.13
# https://github.com/expipiplus1/update-nix-fetchgit/pull/64
(pkgs.fetchpatch {
url = "https://github.com/expipiplus1/update-nix-fetchgit/commit/bc28c8b26c38093aa950574802012c0cd8447ce8.patch";
sha256 = "1dwd1jdsrx3ss6ql1bk2ch7ln74mkq6jy9ms8vi8kmf3gbg8l9fg";
})
] ++ (drv.patches or []);
}));
# Our quickcheck-instances is too old for the newer binary-instances, but
@ -1897,4 +1936,8 @@ EOT
network = self.network-bsd;
}) "-f-_old_network";
# 2021-05-14: Testsuite is failing.
# https://github.com/kcsongor/generic-lens/issues/133
generic-optics = dontCheck super.generic-optics;
} // import ./configuration-tensorflow.nix {inherit pkgs haskellLib;} self super

View file

@ -1510,7 +1510,6 @@ broken-packages:
- generic-lens-labels
- generic-lucid-scaffold
- generic-maybe
- generic-optics
- generic-override-aeson
- generic-pretty
- genericserialize
@ -1676,6 +1675,7 @@ broken-packages:
- grasp
- gray-code
- greencard
- greenclip
- greg-client
- gremlin-haskell
- Grempa
@ -3037,6 +3037,7 @@ broken-packages:
- multext-east-msd
- multiaddr
- multiarg
- multi-except
- multihash
- multi-instance
- multilinear
@ -5155,6 +5156,7 @@ broken-packages:
- yampa-glut
- yampa-sdl2
- YampaSynth
- yampa-test
- yam-servant
- yandex-translate
- yaop

View file

@ -85,6 +85,8 @@ default-package-overrides:
- ghcide == 1.2.*
- hls-plugin-api == 1.1.0.0
- hls-explicit-imports-plugin < 1.0.0.2
# 2021-05-12: remove once versions >= 5.0.0 is in stackage
- futhark < 0.19.5
extra-packages:
- base16-bytestring < 1 # required for cabal-install etc.
@ -115,6 +117,97 @@ extra-packages:
- ShellCheck == 0.7.1 # 2021-05-09: haskell-ci 0.12.1 pins this version
package-maintainers:
abbradar:
- Agda
bdesham:
- pinboard-notes-backup
cdepillabout:
- password
- password-instances
- pretty-simple
- spago
- termonad
Gabriel439:
- annah
- bench
- break
- dhall-bash
- dhall-docs
- dhall-json
- dhall-lsp-server
- dhall-nix
- dhall-nixpkgs
- dhall-openapi
- dhall-text
- dhall-yaml
- dhall
- dirstream
- errors
- foldl
- index-core
- lens-tutorial
- list-transformer
- managed
- mmorph
- morte
- mvc-updates
- mvc
- nix-derivation
- nix-diff
- optional-args
- optparse-generic
- pipes-bytestring
- pipes-concurrency
- pipes-csv
- pipes-extras
- pipes-group
- pipes-http
- pipes-parse
- pipes-safe
- pipes
- server-generic
- total
- turtle
- typed-spreadsheet
gridaphobe:
- located-base
jb55:
# - bson-lens
- cased
- elm-export-persistent
# - pipes-mongodb
- streaming-wai
kiwi:
- config-schema
- config-value
- glirc
- irc-core
- matterhorn
- mattermost-api
- mattermost-api-qc
- Unique
maralorn:
- arbtt
- cabal-fmt
- generic-optics
- ghcup
- haskell-language-server
- hedgehog
- hmatrix
- iCalendar
- neuron
- optics
- reflex-dom
- releaser
- req
- shake-bench
- shh
- snap
- stm-containers
- streamly
- taskwarrior
pacien:
- ldgallery-compiler
peti:
- cabal-install
- cabal2nix
@ -140,31 +233,14 @@ package-maintainers:
- titlecase
- xmonad
- xmonad-contrib
gridaphobe:
- located-base
jb55:
# - bson-lens
- cased
- elm-export-persistent
# - pipes-mongodb
- streaming-wai
kiwi:
- config-schema
- config-value
- glirc
- irc-core
- matterhorn
- mattermost-api
- mattermost-api-qc
- Unique
poscat:
- hinit
psibi:
- path-pieces
- persistent
- persistent-sqlite
- persistent-template
- shakespeare
abbradar:
- Agda
roberth:
- arion-compose
- hercules-ci-agent
@ -174,22 +250,10 @@ package-maintainers:
- hercules-ci-cli
- hercules-ci-cnix-expr
- hercules-ci-cnix-store
cdepillabout:
- pretty-simple
- spago
terlar:
- nix-diff
maralorn:
- reflex-dom
- cabal-fmt
- shh
- neuron
- releaser
- taskwarrior
- haskell-language-server
- shake-bench
- iCalendar
- stm-containers
rvl:
- taffybar
- arbtt
- lentil
sorki:
- cayenne-lpp
- data-stm32
@ -200,20 +264,6 @@ package-maintainers:
- ttn-client
- update-nix-fetchgit
- zre
utdemir:
- nix-tree
turion:
- rhine
- rhine-gloss
- essence-of-live-coding
- essence-of-live-coding-gloss
- essence-of-live-coding-pulse
- essence-of-live-coding-quickcheck
- Agda
- dunai
- finite-typelits
- pulse-simple
- simple-affine-space
sternenseemann:
# also maintain upstream package
- spacecookie
@ -229,14 +279,22 @@ package-maintainers:
- yarn-lock
- yarn2nix
- large-hashable
poscat:
- hinit
bdesham:
- pinboard-notes-backup
rvl:
- taffybar
- arbtt
- lentil
terlar:
- nix-diff
turion:
- rhine
- rhine-gloss
- essence-of-live-coding
- essence-of-live-coding-gloss
- essence-of-live-coding-pulse
- essence-of-live-coding-quickcheck
- Agda
- dunai
- finite-typelits
- pulse-simple
- simple-affine-space
utdemir:
- nix-tree
unsupported-platforms:
Allure: [ x86_64-darwin ]
@ -248,6 +306,7 @@ unsupported-platforms:
bdcs-api: [ x86_64-darwin ]
bindings-directfb: [ x86_64-darwin ]
bindings-sane: [ x86_64-darwin ]
charsetdetect: [ aarch64-linux ] # not supported by vendored lib / not configured properly https://github.com/batterseapower/libcharsetdetect/issues/3
cut-the-crap: [ x86_64-darwin ]
d3d11binding: [ i686-linux, x86_64-linux, x86_64-darwin, aarch64-linux, armv7l-linux ]
DirectSound: [ i686-linux, x86_64-linux, x86_64-darwin, aarch64-linux, armv7l-linux ]
@ -255,11 +314,12 @@ unsupported-platforms:
dx9d3d: [ i686-linux, x86_64-linux, x86_64-darwin, aarch64-linux, armv7l-linux ]
dx9d3dx: [ i686-linux, x86_64-linux, x86_64-darwin, aarch64-linux, armv7l-linux ]
Euterpea: [ x86_64-darwin ]
follow-file: [ x86_64-darwin ]
freenect: [ x86_64-darwin ]
FTGL: [ x86_64-darwin ]
ghcjs-dom-hello: [ x86_64-darwin ]
gi-dbusmenu: [ x86_64-darwin ]
gi-dbusmenugtk3: [ x86_64-darwin ]
gi-dbusmenu: [ x86_64-darwin ]
gi-ggit: [ x86_64-darwin ]
gi-ibus: [ x86_64-darwin ]
gi-ostree: [ x86_64-darwin ]
@ -271,7 +331,9 @@ unsupported-platforms:
hcwiid: [ x86_64-darwin ]
HFuse: [ x86_64-darwin ]
hidapi: [ x86_64-darwin ]
hinotify-bytestring: [ x86_64-darwin ]
hommage-ds: [ i686-linux, x86_64-linux, x86_64-darwin, aarch64-linux, armv7l-linux ]
honk: [ x86_64-darwin ]
hpapi: [ x86_64-darwin ]
HSoM: [ x86_64-darwin ]
iwlib: [ x86_64-darwin ]
@ -283,16 +345,26 @@ unsupported-platforms:
libtelnet: [ x86_64-darwin ]
libzfs: [ x86_64-darwin ]
linearEqSolver: [ aarch64-linux ]
linux-evdev: [ x86_64-darwin ]
linux-file-extents: [ x86_64-darwin ]
linux-inotify: [ x86_64-darwin ]
linux-mount: [ x86_64-darwin ]
linux-namespaces: [ x86_64-darwin ]
lio-fs: [ x86_64-darwin ]
logging-facade-journald: [ x86_64-darwin ]
midi-alsa: [ x86_64-darwin ]
mpi-hs: [ aarch64-linux, x86_64-darwin ]
mpi-hs-binary: [ aarch64-linux, x86_64-darwin ]
mpi-hs-cereal: [ aarch64-linux, x86_64-darwin ]
mpi-hs-store: [ aarch64-linux, x86_64-darwin ]
mpi-hs: [ aarch64-linux, x86_64-darwin ]
mplayer-spot: [ aarch64-linux ]
netlink: [ x86_64-darwin ]
oculus: [ x86_64-darwin ]
pam: [ x86_64-darwin ]
parport: [ x86_64-darwin ]
password: [ aarch64-linux, armv7l-linux ] # uses scrypt, which requries x86
password-instances: [ aarch64-linux, armv7l-linux ] # uses scrypt, which requries x86
persist-state: [ aarch64-linux, armv7l-linux ] # https://github.com/minad/persist-state/blob/6fd68c0b8b93dec78218f6d5a1f4fa06ced4e896/src/Data/PersistState.hs#L122-L128
piyo: [ x86_64-darwin ]
PortMidi-simple: [ x86_64-darwin ]
PortMidi: [ x86_64-darwin ]
@ -305,6 +377,8 @@ unsupported-platforms:
rtlsdr: [ x86_64-darwin ]
rubberband: [ x86_64-darwin ]
sbv: [ aarch64-linux ]
scat: [ aarch64-linux, armv7l-linux ] # uses scrypt, which requries x86
scrypt: [ aarch64-linux, armv7l-linux ] # https://github.com/informatikr/scrypt/issues/8
sdl2-mixer: [ x86_64-darwin ]
sdl2-ttf: [ x86_64-darwin ]
synthesizer-alsa: [ x86_64-darwin ]
@ -312,22 +386,23 @@ unsupported-platforms:
termonad: [ x86_64-darwin ]
tokyotyrant-haskell: [ x86_64-darwin ]
udev: [ x86_64-darwin ]
Unixutils-shadow: [ x86_64-darwin ]
verifiable-expressions: [ aarch64-linux ]
vrpn: [ x86_64-darwin ]
vulkan-utils: [ x86_64-darwin ]
vulkan: [ i686-linux, armv7l-linux, x86_64-darwin ]
VulkanMemoryAllocator: [ i686-linux, armv7l-linux, x86_64-darwin ]
vulkan-utils: [ x86_64-darwin ]
webkit2gtk3-javascriptcore: [ x86_64-darwin ]
Win32-console: [ i686-linux, x86_64-linux, x86_64-darwin, aarch64-linux, armv7l-linux ]
Win32-dhcp-server: [ i686-linux, x86_64-linux, x86_64-darwin, aarch64-linux, armv7l-linux ]
Win32-errors: [ i686-linux, x86_64-linux, x86_64-darwin, aarch64-linux, armv7l-linux ]
Win32-extras: [ i686-linux, x86_64-linux, x86_64-darwin, aarch64-linux, armv7l-linux ]
Win32: [ i686-linux, x86_64-linux, x86_64-darwin, aarch64-linux, armv7l-linux ]
Win32-junction-point: [ i686-linux, x86_64-linux, x86_64-darwin, aarch64-linux, armv7l-linux ]
Win32-notify: [ i686-linux, x86_64-linux, x86_64-darwin, aarch64-linux, armv7l-linux ]
Win32-security: [ i686-linux, x86_64-linux, x86_64-darwin, aarch64-linux, armv7l-linux ]
Win32-services-wrapper: [ i686-linux, x86_64-linux, x86_64-darwin, aarch64-linux, armv7l-linux ]
Win32-services: [ i686-linux, x86_64-linux, x86_64-darwin, aarch64-linux, armv7l-linux ]
Win32: [ i686-linux, x86_64-linux, x86_64-darwin, aarch64-linux, armv7l-linux ]
Win32-services-wrapper: [ i686-linux, x86_64-linux, x86_64-darwin, aarch64-linux, armv7l-linux ]
xattr: [ x86_64-darwin ]
xgboost-haskell: [ aarch64-linux, armv7l-linux ]
XInput: [ i686-linux, x86_64-linux, x86_64-darwin, aarch64-linux, armv7l-linux ]

View file

@ -942,7 +942,6 @@ dont-distribute-packages:
- ghcjs-hplay
- ghc-mod
- ghc-tags-plugin
- ghcup
- ghc-vis
- ght
- gi-cairo-again
@ -3276,6 +3275,7 @@ dont-distribute-packages:
- yu-launch
- yuuko
- zasni-gerna
- Z-Botan
- zephyr
- zerobin
- zeromq3-conduit

View file

@ -485,7 +485,7 @@ self: super: builtins.intersectAttrs super {
# Compile manpages (which are in RST and are compiled with Sphinx).
futhark = with pkgs;
overrideCabal (addBuildTools super.futhark [makeWrapper python37Packages.sphinx])
overrideCabal (addBuildTools super.futhark [makeWrapper python3Packages.sphinx])
(_drv: {
postBuild = (_drv.postBuild or "") + ''
make -C docs man
@ -616,7 +616,7 @@ self: super: builtins.intersectAttrs super {
primitive_0_7_1_0 = dontCheck super.primitive_0_7_1_0;
cut-the-crap =
let path = pkgs.lib.makeBinPath [ pkgs.ffmpeg_3 pkgs.youtube-dl ];
let path = pkgs.lib.makeBinPath [ pkgs.ffmpeg pkgs.youtube-dl ];
in overrideCabal (addBuildTool super.cut-the-crap pkgs.makeWrapper) (_drv: {
postInstall = ''
wrapProgram $out/bin/cut-the-crap \
@ -747,6 +747,21 @@ self: super: builtins.intersectAttrs super {
platforms = pkgs.lib.platforms.x86;
};
# uses x86 intrinsics
blake3 = overrideCabal super.blake3 {
platforms = pkgs.lib.platforms.x86;
};
# uses x86 intrinsics, see also https://github.com/NixOS/nixpkgs/issues/122014
crc32c = overrideCabal super.crc32c {
platforms = pkgs.lib.platforms.x86;
};
# uses x86 intrinsics
seqalign = overrideCabal super.seqalign {
platforms = pkgs.lib.platforms.x86;
};
hls-brittany-plugin = overrideCabal super.hls-brittany-plugin (drv: {
testToolDepends = [ pkgs.git ];
preCheck = ''
@ -772,4 +787,20 @@ self: super: builtins.intersectAttrs super {
export HOME=$TMPDIR/home
'';
});
taglib = overrideCabal super.taglib (drv: {
librarySystemDepends = [
pkgs.zlib
] ++ (drv.librarySystemDepends or []);
});
# uses x86 assembler
inline-asm = overrideCabal super.inline-asm {
platforms = pkgs.lib.platforms.x86;
};
# uses x86 assembler in C bits
hw-prim-bits = overrideCabal super.hw-prim-bits {
platforms = pkgs.lib.platforms.x86;
};
}

File diff suppressed because it is too large Load diff

View file

@ -1,34 +0,0 @@
diff '--color=auto' '--color=never' -r --unified hnix-0.12.0.1/hnix.cabal hnix-patched/hnix.cabal
--- hnix-0.12.0.1/hnix.cabal 2001-09-09 03:46:40.000000000 +0200
+++ hnix-patched/hnix.cabal 2021-05-05 12:07:38.388267353 +0200
@@ -430,7 +430,7 @@
, parser-combinators >= 1.0.1 && < 1.3
, prettyprinter >= 1.7.0 && < 1.8
, process >= 1.6.3 && < 1.7
- , ref-tf >= 0.4.0 && < 0.5
+ , ref-tf >= 0.5
, regex-tdfa >= 1.2.3 && < 1.4
, scientific >= 0.3.6 && < 0.4
, semialign >= 1 && < 1.2
diff '--color=auto' '--color=never' -r --unified hnix-0.12.0.1/src/Nix/Fresh.hs hnix-patched/src/Nix/Fresh.hs
--- hnix-0.12.0.1/src/Nix/Fresh.hs 2001-09-09 03:46:40.000000000 +0200
+++ hnix-patched/src/Nix/Fresh.hs 2021-05-05 12:07:45.841267497 +0200
@@ -65,18 +65,3 @@
runFreshIdT :: Functor m => Var m i -> FreshIdT i m a -> m a
runFreshIdT i m = runReaderT (unFreshIdT m) i
-
--- Orphan instance needed by Infer.hs and Lint.hs
-
--- Since there's no forking, it's automatically atomic.
-instance MonadAtomicRef (ST s) where
- atomicModifyRef r f = do
- v <- readRef r
- let (a, b) = f v
- writeRef r a
- return b
- atomicModifyRef' r f = do
- v <- readRef r
- let (a, b) = f v
- writeRef r $! a
- return b

View file

@ -8,13 +8,13 @@
stdenv.mkDerivation rec {
pname = "gensio";
version = "2.2.4";
version = "2.2.5";
src = fetchFromGitHub {
owner = "cminyard";
repo = pname;
rev = "v${version}";
sha256 = "sha256-tdMdIudB8zZWXF+Q0YhFo9Q4VHjLJh3rdfQsYhgo2DU=";
sha256 = "sha256-QC07NGgZa++qHyGZY3fjosjJVuRFfc7HYmdGxQHAz4s=";
};
passthru = {

View file

@ -42,6 +42,12 @@ stdenv.mkDerivation rec {
url = "https://github.com/mono/gtk-sharp/commit/401df51bc461de93c1a78b6a7a0d5adc63cf186c.patch";
sha256 = "0hrkcr5a7wkixnyp60v4d6j3arsb63h54rd30lc5ajfjb3p92kcf";
})
# @see https://github.com/mono/gtk-sharp/pull/263
(fetchpatch {
name = "disambiguate_Gtk.Range.patch";
url = "https://github.com/mono/gtk-sharp/commit/a00552ad68ae349e89e440dca21b86dbd6bccd30.patch";
sha256 = "1ylplr9g9x7ybsgrydsgr6p3g7w6i46yng1hnl3afgn4vj45rag2";
})
];
dontStrip = true;

View file

@ -1,4 +1,4 @@
{ stdenv, lib, fetchFromGitHub, libX11}:
{ stdenv, lib, fetchFromGitHub, libX11, fixDarwinDylibNames }:
stdenv.mkDerivation rec {
version = "0.2.3";
@ -11,6 +11,7 @@ stdenv.mkDerivation rec {
sha256 = "098h1jhlj87axpza5zgy58prp0zn94wyrbch6x0s7q4mzh7dc8ba";
};
nativeBuildInputs = lib.optional stdenv.isDarwin fixDarwinDylibNames;
buildInputs = [ libX11 ];
configureFlags = [ "--disable-debug"];

View file

@ -11,14 +11,14 @@
buildPythonPackage rec {
pname = "brother";
version = "1.0.1";
version = "1.0.2";
disabled = pythonOlder "3.8";
src = fetchFromGitHub {
owner = "bieniu";
repo = pname;
rev = version;
sha256 = "sha256-Cfut6Y4Hln32g4V13xbOo5JdjPv2cH6FCDqvRRyijIA=";
sha256 = "sha256-xs/GIsJUuKKbDotV1BeT/ng86UVkNsH48uHR4i3vqow=";
};
nativeBuildInputs = [

View file

@ -1,6 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, fetchFromGitHub
, setuptools
, pytz
, tzlocal
@ -10,15 +10,20 @@
, freezegun
, mock
, nose
, pytestCheckHook
, pytest-xdist
}:
buildPythonPackage rec {
pname = "clickhouse-driver";
version = "0.2.0";
src = fetchPypi {
inherit pname version;
sha256 = "62d37f93872d5a13eb6b0d52bab2b593ed0e14cf9200949aa2d02f9801064c0f";
# pypi source doesn't contain tests
src = fetchFromGitHub {
owner = "mymarilyn";
repo = "clickhouse-driver";
rev = "96b7ba448c63ca2670cc9aa70d4a0e08826fb650";
sha256 = "sha256-HFKUxJOlBCVlu7Ia8heGpwX6+HdKuwSy92s3v+GKGwE=";
};
propagatedBuildInputs = [
@ -34,9 +39,30 @@ buildPythonPackage rec {
freezegun
mock
nose
pytest-xdist
pytestCheckHook
];
doCheck = true;
postPatch = ''
substituteInPlace setup.py \
--replace "lz4<=3.0.1" "lz4<=4"
'';
# remove source to prevent pytest testing source instead of the build artifacts
# (the source doesn't contain the extension modules)
preCheck = ''
rm -rf clickhouse_driver
'';
# some test in test_buffered_reader.py doesn't seem to return
disabledTestPaths = [ "tests/test_buffered_reader.py" ];
pytestFlagsArray = [ "-n" "$NIX_BUILD_CORES" ];
# most tests require `clickhouse`
# TODO: enable tests after `clickhouse` unbroken
doCheck = false;
pythonImportsCheck = [ "clickhouse_driver" ];
meta = with lib; {

View file

@ -1,7 +1,6 @@
{ lib
, buildPythonPackage
, fetchPypi
, nose
, apispec
, colorama
, click
@ -27,15 +26,16 @@
buildPythonPackage rec {
pname = "flask-appbuilder";
version = "3.2.3";
version = "3.3.0";
src = fetchPypi {
pname = "Flask-AppBuilder";
inherit version;
sha256 = "sha256-+ZYrn2LnVORyYsnZtsH3JX+4XbGgAZZ/Eh6O5gUP+y4=";
sha256 = "00dsfv1apl6483wy20aj91f9h5ak2casbx5vcajv2nd3i7c7v8gx";
};
patches = [
# https://github.com/dpgaspar/Flask-AppBuilder/pull/1610
(fetchpatch {
name = "flask_jwt_extended-and-pyjwt-patch";
url = "https://github.com/dpgaspar/Flask-AppBuilder/commit/7097a7b133f27c78d2b54d2a46e4a4c24478a066.patch";
@ -75,7 +75,7 @@ buildPythonPackage rec {
--replace "marshmallow-sqlalchemy>=0.22.0, <0.24.0" "marshmallow-sqlalchemy >=0.22.0, <0.25.0"
'';
# majority of tests require network access or mongo
# Majority of tests require network access or mongo
doCheck = false;
pythonImportsCheck = [ "flask_appbuilder" ];

View file

@ -7,24 +7,19 @@
buildPythonPackage rec {
pname = "karton-asciimagic";
version = "1.0.0";
version = "1.0.1";
src = fetchFromGitHub {
owner = "CERT-Polska";
repo = pname;
rev = "v${version}";
sha256 = "0yvd0plpwy5qkd2jljpd6wm6dlj2g8csvj1q2md23vsgx7h7v2vm";
sha256 = "0d15fhb3y0jpwdfm4y11i6pmfa9szr943cm6slvf0ir31f9nznyz";
};
propagatedBuildInputs = [
karton-core
];
postPatch = ''
substituteInPlace requirements.txt \
--replace "karton.core==4.0.5" "karton-core"
'';
checkPhase = ''
runHook preCheck
${python.interpreter} -m unittest discover

View file

@ -9,13 +9,13 @@
buildPythonPackage rec {
pname = "karton-classifier";
version = "1.0.0";
version = "1.1.0";
src = fetchFromGitHub {
owner = "CERT-Polska";
repo = pname;
rev = "v${version}";
sha256 = "05pxv0smrzgmljykc6yx0rx8b85ck7fa09xjkjw0dd7lb6bb19a6";
sha256 = "0s09mzsw546klnvm59wzj9vdwd2hyzgxvapi20k86q3prs9ncds6";
};
propagatedBuildInputs = [
@ -27,7 +27,6 @@ buildPythonPackage rec {
postPatch = ''
substituteInPlace requirements.txt \
--replace "chardet==3.0.4" "chardet" \
--replace "karton-core==4.0.4" "karton-core" \
--replace "python-magic==0.4.18" "python-magic"
'';

View file

@ -7,13 +7,13 @@
buildPythonPackage rec {
pname = "karton-config-extractor";
version = "2.0.0";
version = "2.0.1";
src = fetchFromGitHub {
owner = "CERT-Polska";
repo = pname;
rev = "v${version}";
sha256 = "sha256-vijyqki2x813H2xbmz2JIXlh87J5l6NFoZcOu8xi61o=";
sha256 = "1kq0gbfz9y0n0bcblyrmwv4la3lcf86lf80794sdvyvn49g0brny";
};
propagatedBuildInputs = [

View file

@ -9,13 +9,13 @@
buildPythonPackage rec {
pname = "karton-dashboard";
version = "1.1.0";
version = "1.2.0";
src = fetchFromGitHub {
owner = "CERT-Polska";
repo = pname;
rev = "v${version}";
sha256 = "101qmx6nmiim0vrz2ldk973ns498hnxla1xy7nys9kh9wijg4msk";
sha256 = "0qygv9lkd1jad5b4l0zz6hsi7m8q0fmpwaa6hpp7p9x6ql7gnyl8";
};
propagatedBuildInputs = [
@ -27,8 +27,7 @@ buildPythonPackage rec {
postPatch = ''
substituteInPlace requirements.txt \
--replace "Flask==1.1.1" "Flask" \
--replace "karton-core==4.1.0" "karton-core"
--replace "Flask==1.1.1" "Flask"
'';
# Project has no tests. pythonImportsCheck requires MinIO configuration

View file

@ -7,13 +7,13 @@
buildPythonPackage rec {
pname = "karton-mwdb-reporter";
version = "1.0.0";
version = "1.0.1";
src = fetchFromGitHub {
owner = "CERT-Polska";
repo = pname;
rev = "v${version}";
sha256 = "0ks8jrc4v87q6zhwqg40w6xv2wfkzslmnfmsmmkfjj8mak8nk70f";
sha256 = "0jrn5c83nhcjny4bc879wrsgcr7mbazm51jzdkxmxyqf543cc841";
};
propagatedBuildInputs = [
@ -23,8 +23,7 @@ buildPythonPackage rec {
postPatch = ''
substituteInPlace requirements.txt \
--replace "karton-core==4.0.4" "karton-core" \
--replace "mwdblib==3.3.1" "mwdblib"
--replace "mwdblib==3.4.0" "mwdblib"
'';
# Project has no tests

View file

@ -12,14 +12,14 @@
buildPythonPackage rec {
pname = "pyflume";
version = "0.6.4";
version = "0.7.0";
disabled = pythonOlder "3.7";
src = fetchFromGitHub {
owner = "ChrisMandich";
repo = "PyFlume";
rev = "v${version}";
sha256 = "1dm560hh6fl1waiwsq8m31apmvvwhc3y95bfdb7449bs8k96dmxq";
sha256 = "129sz33a270v120bzl9l98nmvdzn7ns4cf9w2v18lmzlldbyz2vn";
};
prePatch = ''

View file

@ -14,7 +14,7 @@
buildPythonPackage rec {
pname = "pysonos";
version = "0.0.46";
version = "0.0.49";
disabled = !isPy3k;
@ -23,7 +23,7 @@ buildPythonPackage rec {
owner = "amelchio";
repo = pname;
rev = "v${version}";
sha256 = "sha256-5vQBSKDgzwdWkyGduq2cWa7Eq5l01gbs236H2Syc/Dc=";
sha256 = "sha256-f8MBf2E7kHzvdt7oBwdJZ91jlU6I5np1FhOmxgxbqYw=";
};
propagatedBuildInputs = [

View file

@ -2,8 +2,7 @@
, fetchPypi
, fetchNuGet
, buildPythonPackage
, python
, pytest
, pytestCheckHook
, pycparser
, psutil
, pkg-config
@ -15,29 +14,36 @@
let
UnmanagedExports127 = fetchNuGet {
baseName = "UnmanagedExports";
version = "1.2.7";
sha256 = "0bfrhpmq556p0swd9ssapw4f2aafmgp930jgf00sy89hzg2bfijf";
outputFiles = [ "*" ];
};
NUnit371 = fetchNuGet {
baseName = "NUnit";
version = "3.7.1";
sha256 = "1yc6dwaam4w2ss1193v735nnl79id78yswmpvmjr1w4bgcbdza4l";
outputFiles = [ "*" ];
};
dotnetPkgs = [
(fetchNuGet {
baseName = "UnmanagedExports";
version = "1.2.7";
sha256 = "0bfrhpmq556p0swd9ssapw4f2aafmgp930jgf00sy89hzg2bfijf";
outputFiles = [ "*" ];
})
(fetchNuGet {
baseName = "NUnit";
version = "3.12.0";
sha256 = "1880j2xwavi8f28vxan3hyvdnph4nlh5sbmh285s4lc9l0b7bdk2";
outputFiles = [ "*" ];
})
(fetchNuGet {
baseName = "System.ValueTuple";
version = "4.5.0";
sha256 = "00k8ja51d0f9wrq4vv5z2jhq8hy31kac2rg0rv06prylcybzl8cy";
outputFiles = [ "*" ];
})
];
in
buildPythonPackage rec {
pname = "pythonnet";
version = "2.4.0";
version = "2.5.2";
src = fetchPypi {
inherit pname version;
sha256 = "1ach9jic7a9rd3vmc4bphkr9fq01a0qk81f8a7gr9npwzmkqx8x3";
sha256 = "1qzdc6jd7i9j7p6bcihnr98y005gv1358xqdr1plpbpnl6078a5p";
};
postPatch = ''
@ -50,7 +56,6 @@ buildPythonPackage rec {
'';
nativeBuildInputs = [
pytest
pycparser
pkg-config
@ -59,13 +64,15 @@ buildPythonPackage rec {
mono
NUnit371
UnmanagedExports127
];
] ++ dotnetPkgs;
buildInputs = [
glib
mono
];
checkInputs = [
pytestCheckHook
psutil # needed for memory leak tests
];
@ -73,22 +80,21 @@ buildPythonPackage rec {
rm -rf packages
mkdir packages
ln -s ${NUnit371}/lib/dotnet/NUnit/ packages/NUnit.3.7.1
ln -s ${UnmanagedExports127}/lib/dotnet/NUnit/ packages/UnmanagedExports.1.2.7
${builtins.concatStringsSep "\n" (
builtins.map (
x: ''ln -s ${x}/lib/dotnet/${x.baseName} ./packages/${x.baseName}.${x.version}''
) dotnetPkgs)}
# Setting TERM=xterm fixes an issue with terminfo in mono: System.Exception: Magic number is wrong: 542
export TERM=xterm
'';
checkPhase = ''
${python.interpreter} -m pytest
'';
meta = with lib; {
description = ".Net and Mono integration for Python";
homepage = "https://pythonnet.github.io";
license = licenses.mit;
# <https://github.com/pythonnet/pythonnet/issues/898>
badPlatforms = [ "aarch64-linux" ];
maintainers = with maintainers; [ jraygauthier ];
broken = true;
};
}

View file

@ -1,28 +1,40 @@
{ lib
, buildPythonPackage
, fetchFromGitHub
, requests
, cryptography
, python
, requests
, pytestCheckHook
}:
buildPythonPackage rec {
pname = "requests-http-signature";
version = "0.1.0";
version = "0.2.0";
# .pem files for tests aren't present on PyPI
src = fetchFromGitHub {
owner = "pyauth";
repo = pname;
rev = "v${version}";
sha256 = "0y96wsbci296m1rcxx0ybx8r44rdvyb59p1jl27p7rgz7isr3kx1";
sha256 = "1jsplqrxadjsc86f0kb6dgpblgwplxrpi0ql1a714w8pbbz4z3h7";
};
propagatedBuildInputs = [ requests cryptography ];
propagatedBuildInputs = [
cryptography
requests
];
checkPhase = ''
${python.interpreter} test/test.py
'';
checkInputs = [
pytestCheckHook
];
pytestFlagsArray = [ "test/test.py" ];
disabledTests = [
# Test require network access
"test_readme_example"
];
pythonImportsCheck = [ "requests_http_signature" ];
meta = with lib; {
description = "A Requests auth module for HTTP Signature";

View file

@ -0,0 +1,28 @@
{ lib
, buildPythonPackage
, fetchPypi
, sphinx
, actdiag
, blockdiag
}:
buildPythonPackage rec {
pname = "sphinxcontrib-actdiag";
version = "2.0.0";
src = fetchPypi {
inherit pname version;
hash = "sha256-TtuFZOLkig4MULLndDQlrTTx8RiGw34MsjmXoPladMY=";
};
propagatedBuildInputs = [ sphinx actdiag blockdiag ];
pythonImportsCheck = [ "sphinxcontrib.actdiag" ];
meta = with lib; {
description = "Sphinx actdiag extension";
homepage = "https://github.com/blockdiag/sphinxcontrib-actdiag";
maintainers = with maintainers; [ davidtwco ];
license = licenses.bsd2;
};
}

View file

@ -0,0 +1,28 @@
{ lib
, buildPythonPackage
, fetchPypi
, sphinx
, blockdiag
, nwdiag
}:
buildPythonPackage rec {
pname = "sphinxcontrib-nwdiag";
version = "2.0.0";
src = fetchPypi {
inherit pname version;
hash = "sha256-bula1DutRv6NwfZRhciZfLHRZmXu42p+qvbeExN/+Fk=";
};
propagatedBuildInputs = [ sphinx blockdiag nwdiag ];
pythonImportsCheck = [ "sphinxcontrib.nwdiag" ];
meta = with lib; {
description = "Sphinx nwdiag extension";
homepage = "https://github.com/blockdiag/sphinxcontrib-nwdiag";
maintainers = with maintainers; [ davidtwco ];
license = licenses.bsd2;
};
}

View file

@ -0,0 +1,28 @@
{ lib
, buildPythonPackage
, fetchPypi
, sphinx
, blockdiag
, seqdiag
}:
buildPythonPackage rec {
pname = "sphinxcontrib-seqdiag";
version = "2.0.0";
src = fetchPypi {
inherit pname version;
hash = "sha256-THJ1ra/W2X/lQaDjGbL27VMn0lWPJApwgKMrPhL0JY0=";
};
propagatedBuildInputs = [ sphinx blockdiag seqdiag ];
pythonImportsCheck = [ "sphinxcontrib.seqdiag" ];
meta = with lib; {
description = "Sphinx seqdiag extension";
homepage = "https://github.com/blockdiag/sphinxcontrib-seqdiag";
maintainers = with maintainers; [ davidtwco ];
license = licenses.bsd2;
};
}

View file

@ -12,6 +12,8 @@ buildPythonPackage rec {
postPatch = ''
rm test/unit/installation.py
sed -i "/test.unit.installation/d" test/settings.cfg
# https://github.com/torproject/stem/issues/56
sed -i '/MOCK_VERSION/d' run_tests.py
'';
checkInputs = [ mock ];

View file

@ -9,12 +9,12 @@
buildPythonPackage rec {
pname = "zeroconf";
version = "0.30.0";
version = "0.31.0";
disabled = pythonOlder "3.6";
src = fetchPypi {
inherit pname version;
sha256 = "sha256-elpjZq4FpI2wTf1ciILumKE/LQ4fxtCaXxvQo9HRCcc=";
sha256 = "sha256-U6GAJIRxxvgb0f/8vOA+2T19jq8QkFyRIaweqZbRmEQ=";
};
propagatedBuildInputs = [ ifaddr ];

View file

@ -379,6 +379,7 @@ let
packagesWithBuildInputs = {
# sort -t '=' -k 2
gam = lib.optionals stdenv.isDarwin [ pkgs.libiconv ];
RcppArmadillo = lib.optionals stdenv.isDarwin [ pkgs.libiconv ];
quantreg = lib.optionals stdenv.isDarwin [ pkgs.libiconv ];
rmutil = lib.optionals stdenv.isDarwin [ pkgs.libiconv ];
robustbase = lib.optionals stdenv.isDarwin [ pkgs.libiconv ];

View file

@ -17,6 +17,7 @@
, containers
, hnix
, bytestring
, fetchpatch
}:
mkDerivation rec {
@ -36,10 +37,13 @@ mkDerivation rec {
executableHaskellDepends = [ streamly mtl path pretty-terminal text base aeson cmdargs containers hnix bytestring path-io ];
testHaskellDepends = [ tasty tasty-hunit tasty-th ];
# Relax upper bound on hnix https://github.com/Synthetica9/nix-linter/pull/46
postPatch = ''
substituteInPlace nix-linter.cabal --replace "hnix >=0.8 && < 0.11" "hnix >=0.8"
'';
patches = [
# Fix compatibility with hnix≥0.13.0 https://github.com/Synthetica9/nix-linter/pull/51
(fetchpatch {
url = "https://github.com/Synthetica9/nix-linter/commit/f73acacd8623dc25c9a35f8e04e4ff33cc596af8.patch";
sha256 = "139fm21hdg3vcw8hv35kxj4awd52bjqbb76mpzx191hzi9plj8qc";
})
];
description = "Linter for Nix(pkgs), based on hnix";
homepage = "https://github.com/Synthetica9/nix-linter";

View file

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "luaformatter";
version = "1.3.5";
version = "1.3.6";
src = fetchFromGitHub {
owner = "koihik";
repo = "luaformatter";
rev = version;
sha256 = "sha256-TMo6zRfhVAXVh0tIC0PecaJCKr0ev45jOKm2+reTtS4=";
sha256 = "0440kdab5i0vhlk71sbprdrhg362al8jqpy7w2vdhcz1fpi5cm0b";
fetchSubmodules = true;
};

View file

@ -3,7 +3,9 @@
, rustPlatform
, fetchFromGitHub
, installShellFiles
, libiconv
, Security
, CoreServices
}:
rustPlatform.buildRustPackage rec {
@ -23,7 +25,7 @@ rustPlatform.buildRustPackage rec {
nativeBuildInputs = [ installShellFiles ];
buildInputs = lib.optionals stdenv.isDarwin [ Security ];
buildInputs = lib.optionals stdenv.isDarwin [ libiconv Security CoreServices ];
postInstall = ''
installManPage texlab.1
@ -32,9 +34,9 @@ rustPlatform.buildRustPackage rec {
# links to the generated rlib and doesn't reference the dylib. I
# couldn't find any way to prevent building this by passing cargo flags.
# See https://gitlab.com/Kanedias/html2md/-/blob/0.2.10/Cargo.toml#L20
rm "$out/lib/libhtml2md.so"
rm "$out/lib/libhtml2md${stdenv.hostPlatform.extensions.sharedLibrary}"
rmdir "$out/lib"
'';
'';
meta = with lib; {
description = "An implementation of the Language Server Protocol for LaTeX";

View file

@ -2,7 +2,7 @@
if !lib.versionAtLeast ocaml.version "4.02"
|| lib.versionAtLeast ocaml.version "4.12"
then throw "dune is not available for OCaml ${ocaml.version}"
then throw "dune 1 is not available for OCaml ${ocaml.version}"
else
stdenv.mkDerivation rec {

View file

@ -1,7 +1,7 @@
{ lib, stdenv, fetchurl, ocaml, findlib }:
if lib.versionOlder ocaml.version "4.08"
then throw "dune is not available for OCaml ${ocaml.version}"
then throw "dune 2 is not available for OCaml ${ocaml.version}"
else
stdenv.mkDerivation rec {

View file

@ -1,7 +1,6 @@
{ lib, stdenv, fetchFromGitHub, jdk, gradleGen, makeDesktopItem, copyDesktopItems, perl, writeText, runtimeShell, makeWrapper, glib, wrapGAppsHook }:
{ lib, stdenv, fetchFromGitHub, jdk11, gradleGen, makeDesktopItem, copyDesktopItems, perl, writeText, runtimeShell, makeWrapper, glib, wrapGAppsHook }:
let
# The default one still uses jdk8 (#89731)
gradle = (gradleGen.override (old: { java = jdk; })).gradle_6_8;
gradle = (gradleGen.override (old: { java = jdk11; })).gradle_6_8;
pname = "scenebuilder";
version = "15.0.1";
@ -17,7 +16,7 @@ let
name = "${pname}-deps";
inherit src;
nativeBuildInputs = [ jdk perl gradle ];
nativeBuildInputs = [ jdk11 perl gradle ];
buildPhase = ''
export GRADLE_USER_HOME=$(mktemp -d);
@ -77,7 +76,7 @@ let
in stdenv.mkDerivation rec {
inherit pname src version;
nativeBuildInputs = [ jdk gradle makeWrapper glib wrapGAppsHook ];
nativeBuildInputs = [ jdk11 gradle makeWrapper glib wrapGAppsHook ];
dontWrapGApps = true; # prevent double wrapping
@ -101,7 +100,7 @@ in stdenv.mkDerivation rec {
'';
postFixup = ''
makeWrapper ${jdk}/bin/java $out/bin/${pname} --add-flags "-jar $out/share/${pname}/${pname}.jar" "''${gappsWrapperArgs[@]}"
makeWrapper ${jdk11}/bin/java $out/bin/${pname} --add-flags "-jar $out/share/${pname}/${pname}.jar" "''${gappsWrapperArgs[@]}"
'';
desktopItems = [ desktopItem ];

View file

@ -17,13 +17,13 @@
stdenv.mkDerivation rec {
pname = "cog";
version = "0.8.0";
version = "0.8.1";
src = fetchFromGitHub {
owner = "igalia";
repo = "cog";
rev = "v${version}";
sha256 = "sha256-E6rACj25rdV5dww91PzYEX1r2A9YLNgAVyiYceP1KI8=";
sha256 = "sha256-eF7rvOjZntcMmn622342yqfp4ksZ6R/FFBT36bYCViE=";
};
buildInputs = [

View file

@ -11,6 +11,7 @@
, CoreServices
, Metal
, Foundation
, QuartzCore
, librusty_v8 ? callPackage ./librusty_v8.nix { }
}:
@ -31,7 +32,8 @@ rustPlatform.buildRustPackage rec {
buildAndTestSubdir = "cli";
buildInputs = lib.optionals stdenv.isDarwin [ libiconv libobjc Security CoreServices Metal Foundation ];
buildInputs = lib.optionals stdenv.isDarwin
[ libiconv libobjc Security CoreServices Metal Foundation QuartzCore ];
# The rusty_v8 package will try to download a `librusty_v8.a` release at build time to our read-only filesystem
# To avoid this we pre-download the file and place it in the locations it will require it in advance

View file

@ -1,4 +1,4 @@
{ stdenv, lib, fetchFromGitHub, libX11 }:
{ stdenv, lib, fetchFromGitHub, fetchpatch, libX11, IOKit }:
stdenv.mkDerivation rec {
version = "0.8";
@ -11,9 +11,20 @@ stdenv.mkDerivation rec {
sha256 = "1zz0cm5cgvp9s5n4nzksl8rb11c7sw214bdafzra74smvqfjcjcf";
};
buildInputs = [ libX11 ];
patches = [
# Fixes Darwin: https://github.com/FreeSpacenav/spacenavd/pull/38
(fetchpatch {
url = "https://github.com/FreeSpacenav/spacenavd/commit/d6a25d5c3f49b9676d039775efc8bf854737c43c.patch";
sha256 = "02pdgcvaqc20qf9hi3r73nb9ds7yk2ps9nnxaj0x9p50xjnhfg5c";
})
];
configureFlags = [ "--disable-debug"];
buildInputs = [ libX11 ]
++ lib.optional stdenv.isDarwin IOKit;
configureFlags = [ "--disable-debug" ];
makeFlags = [ "CC=${stdenv.cc.targetPrefix}cc" ];
meta = with lib; {
homepage = "http://spacenav.sourceforge.net/";

View file

@ -1,4 +1,5 @@
{ lib, imagemagick, ffmpeg, rustPlatform, fetchFromGitHub, makeWrapper }:
{ lib, stdenv, imagemagick, ffmpeg, rustPlatform, fetchFromGitHub, makeWrapper
, libiconv, Foundation }:
let
binPath = lib.makeBinPath [
@ -17,8 +18,10 @@ rustPlatform.buildRustPackage rec {
sha256 = "InArrBqfhDrsonjmCIPTBVOA/s2vYml9Ay6cdrKLd7c=";
};
buildInputs = [ imagemagick ];
nativeBuildInputs = [ makeWrapper ];
buildInputs = [ imagemagick ]
++ lib.optionals stdenv.isDarwin [ libiconv Foundation ];
postInstall = ''
wrapProgram "$out/bin/t-rec" --prefix PATH : "${binPath}"
'';

View file

@ -3,13 +3,13 @@ vscode-utils.buildVscodeMarketplaceExtension rec {
mktplcRef = {
name = "terraform";
publisher = "hashicorp";
version = "2.10.2";
version = "2.11.0";
};
vsix = fetchurl {
name = "${mktplcRef.publisher}-${mktplcRef.name}.zip";
url = "https://github.com/hashicorp/vscode-terraform/releases/download/v${mktplcRef.version}/${mktplcRef.name}-${mktplcRef.version}.vsix";
sha256 = "0fkkjkybjshgzbkc933jscxyxqwmqnhq3718pnw9hsac8qv0grrz";
sha256 = "0wqdya353b415qxs8jczmis3q6d8fddv1pdd8jdd0w64s1ibv3sy";
};
patches = [ ./fix-terraform-ls.patch ];

View file

@ -1,11 +1,11 @@
diff --git a/out/extension.js b/out/extension.js
index e815393..aeade0e 100644
index e932d27..099126b 100644
--- a/out/extension.js
+++ b/out/extension.js
@@ -141,25 +141,6 @@ function updateLanguageServer() {
@@ -143,25 +143,6 @@ function updateLanguageServer() {
return __awaiter(this, void 0, void 0, function* () {
const delay = 1000 * 60 * 24;
setTimeout(updateLanguageServer, delay); // check for new updates every 24hrs
const delay = 1000 * 60 * 60 * 24;
languageServerUpdater.timeout(updateLanguageServer, delay); // check for new updates every 24hrs
- // skip install if a language server binary path is set
- if (!vscodeUtils_1.config('terraform').get('languageServer.pathToBinary')) {
- const installer = new languageServerInstaller_1.LanguageServerInstaller(installPath, reporter);
@ -28,7 +28,7 @@ index e815393..aeade0e 100644
return startClients(); // on repeat runs with no install, this will be a no-op
});
}
@@ -257,7 +238,7 @@ function pathToBinary() {
@@ -259,7 +240,7 @@ function pathToBinary() {
reporter.sendTelemetryEvent('usePathToBinary');
}
else {

View file

@ -1,302 +0,0 @@
# TODO gentoo removes some tools because there are xorg sources (?)
source $stdenv/setup
set -x
die(){ echo $@; exit 1; }
unzip $src
run_file=fglrx-$build/amd-driver-installer-$build-x86.x86_64.run
sh $run_file --extract .
for patch in $patches;do
patch -p1 < $patch
done
case "$system" in
x86_64-linux)
arch=x86_64
lib_arch=lib64
DIR_DEPENDING_ON_XORG_VERSION=xpic_64a
;;
i686-linux)
arch=x86
lib_arch=lib
DIR_DEPENDING_ON_XORG_VERSION=xpic
;;
*) exit 1;;
esac
# Handle/Build the kernel module.
if test -z "$libsOnly"; then
kernelVersion=$(cd ${kernelDir}/lib/modules && ls)
kernelBuild=$(echo ${kernelDir}/lib/modules/$kernelVersion/build)
linuxsources=$(echo ${kernelDir}/lib/modules/$kernelVersion/source)
# note: maybe the .config file should be used to determine this ?
# current kbuild infrastructure allows using CONFIG_* defines
# but ati sources don't use them yet..
# copy paste from make.sh
setSMP(){
linuxincludes=$kernelBuild/include
# copied and stripped. source: make.sh:
# 3
# linux/autoconf.h may contain this: #define CONFIG_SMP 1
# Before 2.6.33 autoconf.h is under linux/.
# For 2.6.33 and later autoconf.h is under generated/.
if [ -f $linuxincludes/generated/autoconf.h ]; then
autoconf_h=$linuxincludes/generated/autoconf.h
else
autoconf_h=$linuxincludes/linux/autoconf.h
fi
src_file=$autoconf_h
[ -e $src_file ] || die "$src_file not found"
if [ `cat $src_file | grep "#undef" | grep "CONFIG_SMP" -c` = 0 ]; then
SMP=`cat $src_file | grep CONFIG_SMP | cut -d' ' -f3`
echo "file $src_file says: SMP=$SMP"
fi
if [ "$SMP" = 0 ]; then
echo "assuming default: SMP=$SMP"
fi
# act on final result
if [ ! "$SMP" = 0 ]; then
smp="-SMP"
def_smp=-D__SMP__
fi
}
setModVersions(){
! grep CONFIG_MODVERSIONS=y $kernelBuild/.config ||
def_modversions="-DMODVERSIONS"
# make.sh contains much more code to determine this whether its enabled
}
# ==============================================================
# resolve if we are building for a kernel with a fix for CVE-2010-3081
# On kernels with the fix, use arch_compat_alloc_user_space instead
# of compat_alloc_user_space since the latter is GPL-only
COMPAT_ALLOC_USER_SPACE=arch_compat_alloc_user_space
for src_file in \
$kernelBuild/arch/x86/include/asm/compat.h \
$linuxsources/arch/x86/include/asm/compat.h \
$kernelBuild/include/asm-x86_64/compat.h \
$linuxsources/include/asm-x86_64/compat.h \
$kernelBuild/include/asm/compat.h;
do
if [ -e $src_file ];
then
break
fi
done
if [ ! -e $src_file ];
then
echo "Warning: x86 compat.h not found in kernel headers"
echo "neither arch/x86/include/asm/compat.h nor include/asm-x86_64/compat.h"
echo "could be found in $kernelBuild or $linuxsources"
echo ""
else
if [ `cat $src_file | grep -c arch_compat_alloc_user_space` -gt 0 ]
then
COMPAT_ALLOC_USER_SPACE=arch_compat_alloc_user_space
fi
echo "file $src_file says: COMPAT_ALLOC_USER_SPACE=$COMPAT_ALLOC_USER_SPACE"
fi
# make.sh contains some code figuring out whether to use these or not..
PAGE_ATTR_FIX=0
setSMP
setModVersions
CC=gcc
MODULE=fglrx
LIBIP_PREFIX=$TMP/arch/$arch/lib/modules/fglrx/build_mod
[ -d $LIBIP_PREFIX ]
GCC_MAJOR="`gcc --version | grep -o -e ") ." | head -1 | cut -d " " -f 2`"
{ # build .ko module
cd ./common/lib/modules/fglrx/build_mod/2.6.x
echo .lib${MODULE}_ip.a.GCC${GCC_MAJOR}.cmd
echo 'This is a dummy file created to suppress this warning: could not find /lib/modules/fglrx/build_mod/2.6.x/.libfglrx_ip.a.GCC4.cmd for /lib/modules/fglrx/build_mod/2.6.x/libfglrx_ip.a.GCC4' > lib${MODULE}_ip.a.GCC${GCC_MAJOR}.cmd
sed -i -e "s@COMPAT_ALLOC_USER_SPACE@$COMPAT_ALLOC_USER_SPACE@" ../kcl_ioctl.c
make CC=${CC} \
LIBIP_PREFIX=$(echo "$LIBIP_PREFIX" | sed -e 's|^\([^/]\)|../\1|') \
MODFLAGS="-DMODULE -DATI -DFGL -DPAGE_ATTR_FIX=$PAGE_ATTR_FIX -DCOMPAT_ALLOC_USER_SPACE=$COMPAT_ALLOC_USER_SPACE $def_smp $def_modversions" \
KVER=$kernelVersion \
KDIR=$kernelBuild \
PAGE_ATTR_FIX=$PAGE_ATTR_FIX \
-j4
cd $TMP
}
fi
{ # install
mkdir -p $out/lib/xorg
cp -r common/usr/include $out
cp -r common/usr/sbin $out
cp -r common/usr/share $out
mkdir $out/bin/
cp -f common/usr/X11R6/bin/* $out/bin/
# cp -r arch/$arch/lib $out/lib
# what are those files used for?
cp -r common/etc $out
cp -r $DIR_DEPENDING_ON_XORG_VERSION/usr/X11R6/$lib_arch/* $out/lib/xorg
# install kernel module
if test -z "$libsOnly"; then
t=$out/lib/modules/${kernelVersion}/kernel/drivers/misc
mkdir -p $t
cp ./common/lib/modules/fglrx/build_mod/2.6.x/fglrx.ko $t
fi
# should this be installed at all?
# its used by the example fglrx_gamma only
# don't use $out/lib/modules/dri because this will cause the kernel module
# aggregator code to see both: kernel version and the dri direcotry. It'll
# fail saying different kernel versions
cp -r $TMP/arch/$arch/usr/X11R6/$lib_arch/modules/dri $out/lib
cp -r $TMP/arch/$arch/usr/X11R6/$lib_arch/modules/dri/* $out/lib
cp -r $TMP/arch/$arch/usr/X11R6/$lib_arch/*.so* $out/lib
cp -r $TMP/arch/$arch/usr/X11R6/$lib_arch/fglrx/fglrx-libGL.so.1.2 $out/lib/fglrx-libGL.so.1.2
cp -r $TMP/arch/$arch/usr/$lib_arch/* $out/lib
ln -s libatiuki.so.1.0 $out/lib/libatiuki.so.1
ln -s fglrx-libGL.so.1.2 $out/lib/libGL.so.1
ln -s fglrx-libGL.so.1.2 $out/lib/libGL.so
# FIXME : This file is missing or has changed versions
#ln -s libfglrx_gamma.so.1.0 $out/lib/libfglrx_gamma.so.1
# make xorg use the ati version
ln -s $out/lib/xorg/modules/extensions/{fglrx/fglrx-libglx.so,libglx.so}
# Correct some paths that are hardcoded into binary libs.
if [ "$arch" == "x86_64" ]; then
for lib in \
xorg/modules/extensions/fglrx/fglrx-libglx.so \
xorg/modules/glesx.so \
dri/fglrx_dri.so \
fglrx_dri.so \
fglrx-libGL.so.1.2
do
oldPaths="/usr/X11R6/lib/modules/dri"
newPaths="/run/opengl-driver/lib/dri"
sed -i -e "s|$oldPaths|$newPaths|" $out/lib/$lib
done
else
oldPaths="/usr/X11R6/lib32/modules/dri\x00/usr/lib32/dri"
newPaths="/run/opengl-driver-32/lib/dri\x00/dev/null/dri"
sed -i -e "s|$oldPaths|$newPaths|" \
$out/lib/xorg/modules/extensions/fglrx/fglrx-libglx.so
for lib in \
dri/fglrx_dri.so \
fglrx_dri.so \
xorg/modules/glesx.so
do
oldPaths="/usr/X11R6/lib32/modules/dri/"
newPaths="/run/opengl-driver-32/lib/dri"
sed -i -e "s|$oldPaths|$newPaths|" $out/lib/$lib
done
oldPaths="/usr/X11R6/lib32/modules/dri\x00"
newPaths="/run/opengl-driver-32/lib/dri"
sed -i -e "s|$oldPaths|$newPaths|" $out/lib/fglrx-libGL.so.1.2
fi
# libstdc++ and gcc are needed by some libs
for pelib1 in \
fglrx_dri.so \
dri/fglrx_dri.so
do
patchelf --remove-needed libX11.so.6 $out/lib/$pelib1
done
for pelib2 in \
libatiadlxx.so \
xorg/modules/glesx.so \
dri/fglrx_dri.so \
fglrx_dri.so \
libaticaldd.so
do
patchelf --set-rpath $glibcDir/lib/:$libStdCxx/lib/ $out/lib/$pelib2
done
}
if test -z "$libsOnly"; then
{ # build samples
mkdir -p $out/bin
mkdir -p samples
cd samples
tar xfz ../common/usr/src/ati/fglrx_sample_source.tgz
eval "$patchPhaseSamples"
( # build and install fgl_glxgears
cd fgl_glxgears;
gcc -DGL_ARB_texture_multisample=1 -g \
-I$libGL/include -I$libGLU/include \
-I$out/include \
-L$libGL/lib -L$libGLU/lib -lGL -lGLU -lX11 -lm \
-o $out/bin/fgl_glxgears -Wall fgl_glxgears.c
)
true || ( # build and install
###
## FIXME ?
# doesn't build undefined reference to `FGLRX_X11SetGamma'
# which should be contained in -lfglrx_gamma
# This should create $out/lib/libfglrx_gamma.so.1.0 ? because there is
# a symlink named libfglrx_gamma.so.1 linking to libfglrx_gamma.so.1.0 in $out/lib/
cd programs/fglrx_gamma
gcc -fPIC -I${libXxf86vm.dev}/include \
-I${xorgproto}/include \
-I$out/X11R6/include \
-L$out/lib \
-Wall -lm -lfglrx_gamma -lX11 -lXext -o $out/bin/fglrx_xgamma fglrx_xgamma.c
)
{
# patch and copy statically linked qt libs used by amdcccle
patchelf --set-interpreter $(echo $glibcDir/lib/ld-linux*.so.2) $TMP/arch/$arch/usr/share/ati/$lib_arch/libQtCore.so.4 &&
patchelf --set-rpath $gcc/$lib_arch/ $TMP/arch/$arch/usr/share/ati/$lib_arch/libQtCore.so.4 &&
patchelf --set-rpath $gcc/$lib_arch/:$out/share/ati/:$libXrender/lib/:$libSM/lib/:$libICE/lib/:$libfontconfig/lib/:$libfreetype/lib/ $TMP/arch/$arch/usr/share/ati/$lib_arch/libQtGui.so.4 &&
mkdir -p $out/share/ati
cp -r $TMP/arch/$arch/usr/share/ati/$lib_arch/libQtCore.so.4 $out/share/ati/
cp -r $TMP/arch/$arch/usr/share/ati/$lib_arch/libQtGui.so.4 $out/share/ati/
# copy binaries and wrap them:
BIN=$TMP/arch/$arch/usr/X11R6/bin
patchelf --set-rpath $gcc/$lib_arch/:$out/share/ati/:$libXinerama/lib/:$libXrandr/lib/ $TMP/arch/$arch/usr/X11R6/bin/amdcccle
patchelf --set-rpath $libXrender/lib/:$libXrandr/lib/ $TMP/arch/$arch/usr/X11R6/bin/aticonfig
patchelf --shrink-rpath $BIN/amdcccle
for prog in $BIN/*; do
cp -f $prog $out/bin &&
patchelf --set-interpreter $(echo $glibcDir/lib/ld-linux*.so.2) $out/bin/$(basename $prog) &&
wrapProgram $out/bin/$(basename $prog) --prefix LD_LIBRARY_PATH : $out/lib/:$gcc/lib/:$out/share/ati/:$libXinerama/lib/:$libXrandr/lib/:$libfontconfig/lib/:$libfreetype/lib/${LD_LIBRARY_PATH:+:}$LD_LIBRARY_PATH
done
}
rm -f $out/lib/fglrx/switchlibglx && rm -f $out/lib/fglrx/switchlibGL
}
fi
for p in $extraDRIlibs; do
for lib in $p/lib/*.so*; do
ln -s $lib $out/lib/
done
done

View file

@ -1,140 +0,0 @@
{ stdenv, lib, fetchurl, kernel ? null, which
, xorg, makeWrapper, glibc, patchelf, unzip
, fontconfig, freetype, libGLU, libGL # for fgl_glxgears
, # Whether to build the libraries only (i.e. not the kernel module or
# driver utils). Used to support 32-bit binaries on 64-bit
# Linux.
libsOnly ? false
}:
assert (!libsOnly) -> kernel != null;
with lib;
# This derivation requires a maximum of gcc49, Linux kernel 4.1 and xorg.xserver 1.17
# and will not build or run using versions newer
# If you want to use a different Xorg version probably
# DIR_DEPENDING_ON_XORG_VERSION in builder.sh has to be adopted (?)
# make sure libglx.so of ati is used. xorg.xorgserver does provide it as well
# which is a problem because it doesn't contain the xorgserver patch supporting
# the XORG_DRI_DRIVER_PATH env var.
# See https://marc.info/?l=nix-dev&m=139641585515351 for a
# workaround (TODO)
# The gentoo ebuild contains much more "magic" and is usually a great resource to
# find patches XD
# http://wiki.cchtml.com/index.php/Main_Page
# /usr/lib/dri/fglrx_dri.so must point to /run/opengl-driver/lib/fglrx_dri.so
# This is done in the builder script.
stdenv.mkDerivation rec {
version = "15.12";
pname = "ati-drivers";
build = "15.302";
linuxonly =
if stdenv.hostPlatform.system == "i686-linux" then
true
else if stdenv.hostPlatform.system == "x86_64-linux" then
true
else throw "ati-drivers are Linux only. Sorry. The build was stopped.";
name = pname + "-" + version + (optionalString (!libsOnly) "-${kernelDir.version}");
builder = ./builder.sh;
gcc = stdenv.cc.cc;
libXinerama = xorg.libXinerama;
libXrandr = xorg.libXrandr;
libXrender = xorg.libXrender;
libXxf86vm = xorg.libXxf86vm;
xorgproto = xorg.xorgproto;
libSM = xorg.libSM;
libICE = xorg.libICE;
libfreetype = freetype;
libfontconfig = fontconfig;
libStdCxx = stdenv.cc.cc.lib;
src = fetchurl {
url =
"https://www2.ati.com/drivers/linux/radeon-crimson-15.12-15.302-151217a-297685e.zip";
sha256 = "704f2dfc14681f76dae3b4120c87b1ded33cf43d5a1d800b6de5ca292bb61e58";
curlOpts = "--referer https://www.amd.com/en/support";
};
hardeningDisable = [ "pic" "format" ];
patchPhaseSamples = "patch -p2 < ${./patches/patch-samples.patch}";
patches = [
./patches/15.12-xstate-fp.patch
./patches/15.9-kcl_str.patch
./patches/15.9-mtrr.patch
./patches/15.9-preempt.patch
./patches/15.9-sep_printf.patch ]
++ optionals ( kernel != null &&
(lib.versionAtLeast kernel.version "4.6") )
[ ./patches/kernel-4.6-get_user_pages.patch
./patches/kernel-4.6-page_cache_release-put_page.patch ]
++ optionals ( kernel != null &&
(lib.versionAtLeast kernel.version "4.7") )
[ ./patches/4.7-arch-cpu_has_pge-v2.patch ]
++ optionals ( kernel != null &&
(lib.versionAtLeast kernel.version "4.9") )
[ ./patches/4.9-get_user_pages.patch ];
nativeBuildInputs = [ unzip ];
buildInputs =
[ xorg.libXrender xorg.libXext xorg.libX11 xorg.libXinerama xorg.libSM
xorg.libXrandr xorg.libXxf86vm xorg.xorgproto xorg.imake xorg.libICE
patchelf
libGLU libGL
fontconfig
freetype
makeWrapper
which
];
inherit libsOnly;
kernelDir = if libsOnly then null else kernel.dev;
# glibc only used for setting the binaries interpreter
glibcDir = glibc.out;
# outputs TODO: probably many fixes are needed;
LD_LIBRARY_PATH = makeLibraryPath
[ xorg.libXrender xorg.libXext xorg.libX11 xorg.libXinerama xorg.libSM
xorg.libXrandr xorg.libXxf86vm xorg.xorgproto xorg.imake xorg.libICE
libGLU libGL
fontconfig
freetype
stdenv.cc.cc
];
# without this some applications like blender don't start, but they start
# with nvidia. This causes them to be symlinked to $out/lib so that they
# appear in /run/opengl-driver/lib which get's added to LD_LIBRARY_PATH
extraDRIlibs = [ xorg.libXrandr.out xorg.libXrender.out xorg.libXext.out
xorg.libX11.out xorg.libXinerama.out xorg.libSM.out
xorg.libICE.out ];
inherit libGLU libGL; # only required to build the examples
enableParallelBuilding = true;
meta = with lib; {
description = "ATI Catalyst display drivers";
homepage = "http://support.amd.com/us/gpudownload/Pages/index.aspx";
license = licenses.unfree;
maintainers = with maintainers; [ marcweber offline jerith666 ];
platforms = platforms.linux;
hydraPlatforms = [];
# Copied from the nvidia default.nix to prevent a store collision.
priority = 4;
};
}

View file

@ -1,26 +0,0 @@
From: Krzysztof Kolasa <kkolasa@winsoft.pl>
Date: Thu, 26 Nov 2015 14:28:46 +0100
Subject: [PATCH] Patch for kernel 4.4.0-rc2
constant change of name XSTATE_XP to name XFEATURE_MASK_FP
---
firegl_public.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/common/lib/modules/fglrx/build_mod/firegl_public.c b/common/lib/modules/fglrx/build_mod/firegl_public.c
index 3626c7b..f071d42 100644
--- a/common/lib/modules/fglrx/build_mod/firegl_public.c
+++ b/common/lib/modules/fglrx/build_mod//firegl_public.c
@@ -6463,7 +6463,11 @@ static int KCL_fpu_save_init(struct task_struct *tsk)
if (!(fpu->state->xsave.xsave_hdr.xstate_bv & XSTATE_FP))
#else
copy_xregs_to_kernel(&fpu->state.xsave);
- if (!(fpu->state.xsave.header.xfeatures & XSTATE_FP))
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,4,0)
+ if (!(fpu->state.xsave.header.xfeatures & XFEATURE_MASK_FP))
+#else
+ if (!(fpu->state.xsave.header.xfeatures & XSTATE_FP))
+#endif
#endif
return 1;
} else if (static_cpu_has(X86_FEATURE_FXSR)) {

View file

@ -1,14 +0,0 @@
--- a/common/lib/modules/fglrx/build_mod/kcl_str.c 2015-09-13 13:47:30.000000000 -0400
+++ b/common/lib/modules/fglrx/build_mod/kcl_str.c 2015-09-13 13:49:42.000000000 -0400
@@ -169,7 +169,11 @@ int ATI_API_CALL KCL_STR_Strnicmp(const
const char* s2,
KCL_TYPE_SizeSigned count)
{
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4,0,0)
return strnicmp(s1, s2, count);
+#else
+ return strncasecmp(s1, s2, count);
+#endif
}
/** \brief Locate character in string

View file

@ -1,27 +0,0 @@
--- a/common/lib/modules/fglrx/build_mod/firegl_public.c 2015-09-19 23:43:22.000000000 -0400
+++ b/common/lib/modules/fglrx/build_mod/firegl_public.c 2015-09-19 23:52:07.000000000 -0400
@@ -3442,7 +3442,11 @@ int ATI_API_CALL KCL_MEM_MTRR_Support(vo
int ATI_API_CALL KCL_MEM_MTRR_AddRegionWc(unsigned long base, unsigned long size)
{
#ifdef CONFIG_MTRR
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,3,0)
+ return arch_phys_wc_add(base, size);
+#else
return mtrr_add(base, size, MTRR_TYPE_WRCOMB, 1);
+#endif
#else /* !CONFIG_MTRR */
return -EPERM;
#endif /* !CONFIG_MTRR */
@@ -3451,7 +3455,12 @@ int ATI_API_CALL KCL_MEM_MTRR_AddRegionW
int ATI_API_CALL KCL_MEM_MTRR_DeleteRegion(int reg, unsigned long base, unsigned long size)
{
#ifdef CONFIG_MTRR
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,3,0)
+ arch_phys_wc_del(reg);
+ return reg;
+#else
return mtrr_del(reg, base, size);
+#endif
#else /* !CONFIG_MTRR */
return -EPERM;
#endif /* !CONFIG_MTRR */

View file

@ -1,103 +0,0 @@
--- a/common/lib/modules/fglrx/build_mod/firegl_public.c 2015-08-30 17:36:02.000000000 -0400
+++ b/common/lib/modules/fglrx/build_mod/firegl_public.c 2015-08-30 17:39:36.000000000 -0400
@@ -21,6 +21,8 @@
!!! since it requires changes to linux/init/main.c.
#endif /* !MODULE */
+#include <linux/preempt.h>
+
// ============================================================
#include <linux/version.h>
@@ -4997,7 +4999,9 @@ static unsigned int kas_spin_unlock(kas_
unsigned long ATI_API_CALL KAS_GetExecutionLevel(void)
{
unsigned long ret;
+ preempt_disable();
ret = kas_GetExecutionLevel();
+ preempt_enable();
return ret;
}
@@ -5022,8 +5026,10 @@ unsigned int ATI_API_CALL KAS_Ih_Execute
KCL_DEBUG5(FN_FIREGL_KAS,"0x%08X, 0x%08X\n", ih_routine, ih_context);
//Prevent simultaneous entry on some SMP systems.
+ preempt_disable();
if (test_and_set_bit(0, (void *)&(kasContext.in_interrupts[smp_processor_id()])))
{
+ preempt_enable();
KCL_DEBUG1(FN_FIREGL_KAS, "The processor is handling the interrupt\n");
return IRQ_NONE;
}
@@ -5036,9 +5042,9 @@ unsigned int ATI_API_CALL KAS_Ih_Execute
kasSetExecutionLevel(orig_level);
spin_unlock(&kasContext.lock_ih);
-
clear_bit(0, (void *)&(kasContext.in_interrupts[smp_processor_id()]));
KCL_DEBUG5(FN_FIREGL_KAS,"%d\n", ret);
+ preempt_enable();
return ret;
}
@@ -5256,6 +5262,7 @@ unsigned int ATI_API_CALL KAS_Spinlock_A
KCL_DEBUG5(FN_FIREGL_KAS,"0x%08X\n", hSpinLock);
+ preempt_disable();
spin_lock_info.routine_type = spinlock_obj->routine_type;
spin_lock_info.plock = &(spinlock_obj->lock);
@@ -5263,6 +5270,7 @@ unsigned int ATI_API_CALL KAS_Spinlock_A
spinlock_obj->acquire_type = spin_lock_info.acquire_type;
spinlock_obj->flags = spin_lock_info.flags;
+ preempt_enable();
KCL_DEBUG5(FN_FIREGL_KAS,"%d\n", ret);
return ret;
@@ -6034,6 +6042,8 @@ unsigned int ATI_API_CALL KAS_Interlocke
KCL_DEBUG5(FN_FIREGL_KAS,"0x%08X, 0x%08X, 0x%08X\n", hListHead, hListEntry, phPrevEntry);
+ preempt_disable();
+
/* Protect the operation with spinlock */
spin_lock_info.routine_type = listhead_obj->routine_type;
spin_lock_info.plock = &(listhead_obj->lock);
@@ -6041,6 +6051,7 @@ unsigned int ATI_API_CALL KAS_Interlocke
if (!kas_spin_lock(&spin_lock_info))
{
KCL_DEBUG_ERROR("Unable to grab list spinlock\n");
+ preempt_enable();
return 0; /* No spinlock - no operation */
}
@@ -6065,6 +6076,7 @@ unsigned int ATI_API_CALL KAS_Interlocke
spin_unlock_info.flags = spin_lock_info.flags;
ret = kas_spin_unlock(&spin_unlock_info);
+ preempt_enable();
KCL_DEBUG5(FN_FIREGL_KAS,"%d", ret);
return ret;
}
@@ -6153,8 +6165,10 @@ unsigned int ATI_API_CALL KAS_Interlocke
spin_lock_info.routine_type = listhead_obj->routine_type;
spin_lock_info.plock = &(listhead_obj->lock);
+ preempt_disable();
if (!kas_spin_lock(&spin_lock_info))
{
+ preempt_enable();
KCL_DEBUG_ERROR("Unable to grab list spinlock");
return 0; /* No spinlock - no operation */
}
@@ -6178,6 +6192,7 @@ unsigned int ATI_API_CALL KAS_Interlocke
spin_unlock_info.flags = spin_lock_info.flags;
ret = kas_spin_unlock(&spin_unlock_info);
+ preempt_enable();
KCL_DEBUG5(FN_FIREGL_KAS,"%d", ret);
return ret;
}

View file

@ -1,11 +0,0 @@
--- a/common/lib/modules/fglrx/build_mod/firegl_public.c 2015-09-14 15:14:36.000000000 -0400
+++ b/common/lib/modules/fglrx/build_mod/firegl_public.c 2015-09-14 16:18:58.000000000 -0400
@@ -649,6 +649,8 @@ static int firegl_major_proc_read(struct
*eof = 1;
len = snprintf(buf, request, "%d\n", major);
+#elif LINUX_VERSION_CODE >= KERNEL_VERSION(4,3,0)
+ seq_printf(m, "%d\n", major);
#else
len = seq_printf(m, "%d\n", major);
#endif

View file

@ -1,70 +0,0 @@
diff -uNr 16.8/common/lib/modules/fglrx/build_mod/firegl_public.c 16.8b/common/lib/modules/fglrx/build_mod/firegl_public.c
--- 16.8/common/lib/modules/fglrx/build_mod/firegl_public.c 2015-12-18 19:47:41.000000000 +0100
+++ 16.8b/common/lib/modules/fglrx/build_mod/firegl_public.c 2016-08-15 15:09:37.228538907 +0200
@@ -4518,7 +4518,11 @@
write_cr0(cr0);
wbinvd();
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,7,0)
+ if (boot_cpu_has(X86_FEATURE_PGE))
+#else
if (cpu_has_pge)
+#endif
{
cr4 = READ_CR4();
WRITE_CR4(cr4 & ~X86_CR4_PGE);
@@ -4532,7 +4536,11 @@
wbinvd();
__flush_tlb();
write_cr0(cr0 & 0xbfffffff);
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,7,0)
+ if (boot_cpu_has(X86_FEATURE_PGE))
+#else
if (cpu_has_pge)
+#endif
{
WRITE_CR4(cr4);
}
@@ -4559,7 +4567,11 @@
write_cr0(cr0);
wbinvd();
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,7,0)
+ if (boot_cpu_has(X86_FEATURE_PGE))
+#else
if (cpu_has_pge)
+#endif
{
cr4 = READ_CR4();
WRITE_CR4(cr4 & ~X86_CR4_PGE);
@@ -4572,7 +4584,11 @@
wbinvd();
__flush_tlb();
write_cr0(cr0 & 0xbfffffff);
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,7,0)
+ if (boot_cpu_has(X86_FEATURE_PGE))
+#else
if (cpu_has_pge)
+#endif
{
WRITE_CR4(cr4);
}
diff -uNr 16.8/common/lib/modules/fglrx/build_mod/firegl_public.h 16.8b/common/lib/modules/fglrx/build_mod/firegl_public.h
--- 16.8/common/lib/modules/fglrx/build_mod/firegl_public.h 2015-12-18 19:47:41.000000000 +0100
+++ 16.8b/common/lib/modules/fglrx/build_mod/firegl_public.h 2016-08-15 15:09:05.815141238 +0200
@@ -650,9 +650,15 @@
#define cpu_has_pat test_bit(X86_FEATURE_PAT, (void *) &boot_cpu_data.x86_capability)
#endif
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,7,0)
+#ifndef boot_cpu_has(X86_FEATURE_PGE)
+#define boot_cpu_has(X86_FEATURE_PGE) test_bit(X86_FEATURE_PGE, &boot_cpu_data.x86_capability)
+#endif
+#else
#ifndef cpu_has_pge
#define cpu_has_pge test_bit(X86_FEATURE_PGE, &boot_cpu_data.x86_capability)
#endif
+#endif
/* 2.6.29 defines pgprot_writecombine as a macro which resolves to a
* GPL-only function with the same name. So we always use our own

Some files were not shown because too many files have changed in this diff Show more