From 9b067c31fc4a5b9a3a26448bfc98eaa594dba99d Mon Sep 17 00:00:00 2001 From: Noah Fontes Date: Fri, 2 Sep 2022 22:04:25 -0700 Subject: [PATCH 01/13] maintainers: add impl --- maintainers/maintainer-list.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index 3efd6efcefaa..2a4db2937cac 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -5625,6 +5625,16 @@ githubId = 510202; name = "Ismaƫl Bouya"; }; + impl = { + email = "noah@noahfontes.com"; + matrix = "@impl:matrix.org"; + github = "impl"; + githubId = 41129; + name = "Noah Fontes"; + keys = [{ + fingerprint = "F5B2 BE1B 9AAD 98FE 2916 5597 3665 FFF7 9D38 7BAA"; + }]; + }; imsofi = { email = "sofi+git@mailbox.org"; github = "imsofi"; From 6f8378e6fa60209c733703dd25365687217d2581 Mon Sep 17 00:00:00 2001 From: Noah Fontes Date: Thu, 1 Sep 2022 21:26:04 -0700 Subject: [PATCH 02/13] jam: fix cross compilation This change makes sure that the cross-compiler target prefix gets passed to both the Makefile (for bootstrapping) and Jamfile (for the second-phase build). --- .../tools/build-managers/jam/default.nix | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/pkgs/development/tools/build-managers/jam/default.nix b/pkgs/development/tools/build-managers/jam/default.nix index c4d73785db49..4d8f82d1a337 100644 --- a/pkgs/development/tools/build-managers/jam/default.nix +++ b/pkgs/development/tools/build-managers/jam/default.nix @@ -11,17 +11,12 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ bison ]; + # Jambase expects ar to have flags. preConfigure = '' - unset AR + export AR="$AR rc" ''; - buildPhase = '' - runHook preBuild - - make jam0 - - runHook postBuild - ''; + makeFlags = [ "CC=${stdenv.cc.targetPrefix}cc" ]; installPhase = '' runHook preInstall @@ -39,7 +34,7 @@ stdenv.mkDerivation rec { homepage = "https://www.perforce.com/resources/documentation/jam"; license = licenses.free; description = "Just Another Make"; - maintainers = with maintainers; [ orivej ]; + maintainers = with maintainers; [ impl orivej ]; platforms = platforms.unix; }; } From 3c0eaeb84cf5d2516f152beae399212771bed2ec Mon Sep 17 00:00:00 2001 From: Noah Fontes Date: Thu, 1 Sep 2022 22:14:12 -0700 Subject: [PATCH 03/13] ftjam: unify build steps with jam There are only a few minor differences between the way ftjam and jam work from a build perspective, so we can use a common base for them. --- .../tools/build-managers/jam/default.nix | 93 +++++++++++++------ .../tools/build-managers/jam/ftjam.nix | 53 ----------- pkgs/top-level/all-packages.nix | 6 +- 3 files changed, 66 insertions(+), 86 deletions(-) delete mode 100644 pkgs/development/tools/build-managers/jam/ftjam.nix diff --git a/pkgs/development/tools/build-managers/jam/default.nix b/pkgs/development/tools/build-managers/jam/default.nix index 4d8f82d1a337..0156b60660ca 100644 --- a/pkgs/development/tools/build-managers/jam/default.nix +++ b/pkgs/development/tools/build-managers/jam/default.nix @@ -1,40 +1,73 @@ { lib, stdenv, fetchurl, bison }: -stdenv.mkDerivation rec { - pname = "jam"; - version = "2.6.1"; +let + mkJam = { meta ? { }, ... } @ args: stdenv.mkDerivation (args // { + nativeBuildInputs = [ bison ]; - src = fetchurl { - url = "https://swarm.workshop.perforce.com/projects/perforce_software-jam/download/main/${pname}-${version}.tar"; - sha256 = "19xkvkpycxfsncxvin6yqrql3x3z9ypc1j8kzls5k659q4kv5rmc"; + # Jambase expects ar to have flags. + preConfigure = '' + export AR="$AR rc" + ''; + + installPhase = '' + runHook preInstall + + ./jam0 -j$NIX_BUILD_CORES -sBINDIR=$out/bin install + mkdir -p $out/doc/jam + cp *.html $out/doc/jam + + runHook postInstall + ''; + + enableParallelBuilding = true; + + meta = with lib; meta // { + license = licenses.free; + mainProgram = "jam"; + platforms = platforms.unix; + }; + }); +in +{ + jam = let + pname = "jam"; + version = "2.6.1"; + in mkJam { + inherit pname version; + + makeFlags = [ "CC=${stdenv.cc.targetPrefix}cc" ]; + + src = fetchurl { + url = "https://swarm.workshop.perforce.com/projects/perforce_software-jam/download/main/${pname}-${version}.tar"; + sha256 = "19xkvkpycxfsncxvin6yqrql3x3z9ypc1j8kzls5k659q4kv5rmc"; + }; + + meta = with lib; { + description = "Just Another Make"; + homepage = "https://www.perforce.com/resources/documentation/jam"; + maintainers = with maintainers; [ impl orivej ]; + }; }; - nativeBuildInputs = [ bison ]; + ftjam = let + pname = "ftjam"; + version = "2.5.2"; + in mkJam { + inherit pname version; - # Jambase expects ar to have flags. - preConfigure = '' - export AR="$AR rc" - ''; + postPatch = '' + substituteInPlace Jamfile --replace strip ${stdenv.cc.targetPrefix}strip + ''; - makeFlags = [ "CC=${stdenv.cc.targetPrefix}cc" ]; + src = fetchurl { + url = "https://downloads.sourceforge.net/project/freetype/${pname}/${version}/${pname}-${version}.tar.bz2"; + hash = "sha256-6JdzUAqSkS3pGOn+v/q+S2vOedaa8ZRDX04DK4ptZqM="; + }; - installPhase = '' - runHook preInstall - - ./jam0 -j$NIX_BUILD_CORES -sBINDIR=$out/bin install - mkdir -p $out/doc/jam - cp *.html $out/doc/jam - - runHook postInstall - ''; - - enableParallelBuilding = true; - - meta = with lib; { - homepage = "https://www.perforce.com/resources/documentation/jam"; - license = licenses.free; - description = "Just Another Make"; - maintainers = with maintainers; [ impl orivej ]; - platforms = platforms.unix; + meta = with lib; { + description = "FreeType's enhanced, backwards-compatible Jam clone"; + homepage = "https://freetype.org/jam/"; + maintainers = with maintainers; [ AndersonTorres impl ]; + }; }; } diff --git a/pkgs/development/tools/build-managers/jam/ftjam.nix b/pkgs/development/tools/build-managers/jam/ftjam.nix deleted file mode 100644 index 1f106401c0d1..000000000000 --- a/pkgs/development/tools/build-managers/jam/ftjam.nix +++ /dev/null @@ -1,53 +0,0 @@ -{ lib -, stdenv -, fetchurl -, bison -}: - -stdenv.mkDerivation rec { - pname = "ftjam"; - version = "2.5.2"; - - src = fetchurl { - url = "https://downloads.sourceforge.net/project/freetype/${pname}/${version}/${pname}-${version}.tar.bz2"; - hash = "sha256-6JdzUAqSkS3pGOn+v/q+S2vOedaa8ZRDX04DK4ptZqM="; - }; - - nativeBuildInputs = [ - bison - ]; - - preConfigure = '' - unset AR - ''; - - buildPhase = '' - runHook preBuild - - make jam0 - - runHook postBuild - ''; - - installPhase = '' - runHook preInstall - - ./jam0 -j$NIX_BUILD_CORES -sBINDIR=$out/bin install - mkdir -p $out/doc/jam - cp *.html $out/doc/jam - - runHook postInstall - ''; - - enableParallelBuilding = true; - - meta = with lib; { - description = "Freetype's enhanced, backwards-compatible Jam clone"; - homepage = "https://freetype.org/jam/"; - license = licenses.free; - maintainers = with maintainers; [ AndersonTorres ]; - mainProgram = "jam"; - platforms = platforms.unix; - }; -} -# TODO: setup hook for Jam diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 8ff267fbc334..8f510c26884d 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -16461,9 +16461,9 @@ with pkgs; itstool = callPackage ../development/tools/misc/itstool { }; - jam = callPackage ../development/tools/build-managers/jam { }; - - ftjam = callPackage ../development/tools/build-managers/jam/ftjam.nix { }; + inherit (callPackage ../development/tools/build-managers/jam { }) + jam + ftjam; javacc = callPackage ../development/tools/parsing/javacc { jdk = jdk8; From be09c1638d116b477c312ec61d55c304f1beb3ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Thu, 1 Sep 2022 12:11:54 +0200 Subject: [PATCH 04/13] doc/contributing: enforce full commit hashes on github --- doc/contributing/coding-conventions.chapter.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/doc/contributing/coding-conventions.chapter.md b/doc/contributing/coding-conventions.chapter.md index 6473fa151a43..585b8d3679c9 100644 --- a/doc/contributing/coding-conventions.chapter.md +++ b/doc/contributing/coding-conventions.chapter.md @@ -453,6 +453,9 @@ In the file `pkgs/top-level/all-packages.nix` you can find fetch helpers, these } ``` +When fetching from GitHub, commits must always be referenced by their full commit hash. This is because GitHub shares commit hashes among all forks and returns `404 Not Found` when a short commit hash is ambiguous. It already happens for some short, 6-character commit hashes in `nixpkgs`. +It is a practical vector for a denial-of-service attack by pushing large amounts of auto generated commits into forks and was already [demonstrated against GitHub Actions Beta](https://blog.teddykatz.com/2019/11/12/github-actions-dos.html). + Find the value to put as `sha256` by running `nix-shell -p nix-prefetch-github --run "nix-prefetch-github --rev 1f795f9f44607cc5bec70d1300150bfefcef2aae NixOS nix"`. ## Obtaining source hash {#sec-source-hashes} From 68eee3cd52b08dfac63341966c91a5db5907251f Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sun, 4 Sep 2022 16:05:54 +0000 Subject: [PATCH 05/13] gopass-jsonapi: 1.14.3 -> 1.14.5 --- pkgs/tools/security/gopass/jsonapi.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/security/gopass/jsonapi.nix b/pkgs/tools/security/gopass/jsonapi.nix index 5f6dab2e9069..c4f73630257a 100644 --- a/pkgs/tools/security/gopass/jsonapi.nix +++ b/pkgs/tools/security/gopass/jsonapi.nix @@ -8,16 +8,16 @@ buildGoModule rec { pname = "gopass-jsonapi"; - version = "1.14.3"; + version = "1.14.5"; src = fetchFromGitHub { owner = "gopasspw"; repo = pname; rev = "v${version}"; - sha256 = "sha256-uLsKxx2Yr0g3vf2AQqRqRzNsBX2D4+6wwxM+czthL+I="; + sha256 = "sha256-zEyzoIl5LiVbNSRebbcE70HxhOGYaZvArdHQqgvi1ns="; }; - vendorSha256 = "sha256-QEqtyHb+/tpbbHLCSBw7uafAtKzKkmxoFGqFVHSR03I="; + vendorSha256 = "sha256-mcI8ys+Vs46BEaETzsf0f1f2CgjEIV4iwSF4FWgNjUY="; subPackages = [ "." ]; From b48882773a5c0d2b2345996e88417617029df8f5 Mon Sep 17 00:00:00 2001 From: AndersonTorres Date: Sun, 4 Sep 2022 20:55:35 -0300 Subject: [PATCH 06/13] ventoy-bin: 1.0.78 -> 1.0.79 --- .../cd-dvd/ventoy-bin/000-sanitize.patch | 214 ++++++++++++++++++ pkgs/tools/cd-dvd/ventoy-bin/default.nix | 38 ++-- pkgs/top-level/all-packages.nix | 4 +- 3 files changed, 235 insertions(+), 21 deletions(-) create mode 100644 pkgs/tools/cd-dvd/ventoy-bin/000-sanitize.patch diff --git a/pkgs/tools/cd-dvd/ventoy-bin/000-sanitize.patch b/pkgs/tools/cd-dvd/ventoy-bin/000-sanitize.patch new file mode 100644 index 000000000000..18e837e58c62 --- /dev/null +++ b/pkgs/tools/cd-dvd/ventoy-bin/000-sanitize.patch @@ -0,0 +1,214 @@ +Author: DuckSoft + +I just cannot stand such a dirty package. +Let me do some optimisations. + +If you are interested to improve this patch, welcome to mail me. + +diff -rup old/tool/ventoy_lib.sh new/tool/ventoy_lib.sh +--- tool/ventoy_lib.sh 2021-12-02 16:59:42.148650182 +0100 ++++ tool/ventoy_lib.sh 2021-12-02 17:01:17.214720518 +0100 +@@ -29,7 +29,7 @@ vterr() { + } + + vtdebug() { +- echo "$*" >> ./log.txt ++ echo "$*" >>/var/log/ventoy.log + } + + vtoy_gen_uuid() { +@@ -52,30 +52,6 @@ vtoy_gen_uuid() { + + check_tool_work_ok() { + +- if echo 1 | hexdump > /dev/null; then +- vtdebug "hexdump test ok ..." +- else +- vtdebug "hexdump test fail ..." +- ventoy_false +- return +- fi +- +- if mkexfatfs -V > /dev/null; then +- vtdebug "mkexfatfs test ok ..." +- else +- vtdebug "mkexfatfs test fail ..." +- ventoy_false +- return +- fi +- +- if vtoycli fat -T; then +- vtdebug "vtoycli fat test ok ..." +- else +- vtdebug "vtoycli fat test fail ..." +- ventoy_false +- return +- fi +- + vtdebug "tool check success ..." + ventoy_true + } +@@ -311,7 +287,7 @@ format_ventoy_disk_mbr() { + else + vtdebug "format disk by fdisk ..." + +-fdisk $DISK >>./log.txt 2>&1 <>/var/log/ventoy.log 2>&1 <> ./log.txt +-date >> ./log.txt +- +-#decompress tool +-echo "decompress tools" >> ./log.txt +-cd ./tool/$TOOLDIR +- +-ls *.xz > /dev/null 2>&1 +-if [ $? -eq 0 ]; then +- [ -f ./xzcat ] && chmod +x ./xzcat +- +- for file in $(ls *.xz); do +- echo "decompress $file" >> ./log.txt +- xzcat $file > ${file%.xz} +- [ -f ./${file%.xz} ] && chmod +x ./${file%.xz} +- [ -f ./$file ] && rm -f ./$file +- done +-fi +- +-cd ../../ +-chmod +x -R ./tool/$TOOLDIR +- +- +-if [ -f /bin/bash ]; then +- /bin/bash ./tool/VentoyWorker.sh $* +-else +- ash ./tool/VentoyWorker.sh $* +-fi +- +-if [ -n "$OLDDIR" ]; then +- CURDIR=$(pwd) +- if [ "$CURDIR" != "$OLDDIR" ]; then +- cd "$OLDDIR" +- fi +-fi ++./tool/VentoyWorker.sh $* +diff -rup old/VentoyPlugson.sh new/VentoyPlugson.sh +--- VentoyPlugson.sh 2021-12-02 17:54:36.055868878 +0100 ++++ VentoyPlugson.sh 2021-12-02 18:04:40.919633986 +0100 +@@ -25,8 +19,6 @@ if echo $machine | egrep -q 'aarch64|arm + TOOLDIR=aarch64 + elif echo $machine | egrep -q 'x86_64|amd64'; then + TOOLDIR=x86_64 +-elif echo $machine | egrep -q 'mips64'; then +- TOOLDIR=mips64el + elif echo $machine | egrep -q 'i[3-6]86'; then + TOOLDIR=i386 + else +@@ -35,38 +27,6 @@ else + fi + + +-if ! [ -f "$OLDDIR/tool/plugson.tar.xz" ]; then +- echo "Please run under the correct directory!" +- exit 1 +-fi +- +-echo "############# VentoyPlugson $* [$TOOLDIR] ################" >> ./VentoyPlugson.log +-date >> ./VentoyPlugson.log +- +-echo "decompress tools" >> ./VentoyPlugson.log +-cd ./tool/$TOOLDIR +- +-ls *.xz > /dev/null 2>&1 +-if [ $? -eq 0 ]; then +- [ -f ./xzcat ] && chmod +x ./xzcat +- +- for file in $(ls *.xz); do +- echo "decompress $file" >> ./VentoyPlugson.log +- xzcat $file > ${file%.xz} +- [ -f ./${file%.xz} ] && chmod +x ./${file%.xz} +- [ -f ./$file ] && rm -f ./$file +- done +-fi +- +-cd ../../ +-chmod +x -R ./tool/$TOOLDIR +- +-if ! [ -f "$OLDDIR/tool/$TOOLDIR/Plugson" ]; then +- echo "$OLDDIR/tool/$TOOLDIR/Plugson does not exist!" +- exit 1 +-fi +- +- + PATH=./tool/$TOOLDIR:$PATH + + HOST="127.0.0.1" +@@ -208,11 +168,3 @@ if [ -f /proc/$wID/maps ]; then + + wait $wID + fi +- +- +-if [ -n "$OLDDIR" ]; then +- CURDIR=$(pwd) +- if [ "$CURDIR" != "$OLDDIR" ]; then +- cd "$OLDDIR" +- fi +-fi +diff -rup old/VentoyWeb.sh new/VentoyWeb.sh +--- VentoyWeb.sh 2021-12-02 16:58:51.885612627 +0100 ++++ VentoyWeb.sh 2021-12-02 17:04:43.437871014 +0100 +@@ -15,12 +15,6 @@ print_err() { + echo "" + } + +-uid=$(id -u) +-if [ $uid -ne 0 ]; then +- print_err "Please use sudo or run the script as root." +- exit 1 +-fi +- + OLDDIR=$(pwd) + + if uname -m | egrep -q 'aarch64|arm64'; then +@@ -85,8 +79,8 @@ if ps -ef | grep "V2DServer.*$HOST.*$POR + exit 1 + fi + +-LOGFILE=log.txt +-#delete the log.txt if it's more than 8MB ++LOGFILE=/var/log/ventoy.log ++#delete the ventoy.log if it's more than 8MB + if [ -f $LOGFILE ]; then + logsize=$(stat -c '%s' $LOGFILE) + if [ $logsize -gt 8388608 ]; then diff --git a/pkgs/tools/cd-dvd/ventoy-bin/default.nix b/pkgs/tools/cd-dvd/ventoy-bin/default.nix index 361739e980e9..978eae33bc94 100644 --- a/pkgs/tools/cd-dvd/ventoy-bin/default.nix +++ b/pkgs/tools/cd-dvd/ventoy-bin/default.nix @@ -4,8 +4,8 @@ , fetchpatch , autoPatchelfHook , bash -, coreutils , copyDesktopItems +, coreutils , cryptsetup , dosfstools , e2fsprogs @@ -15,14 +15,15 @@ , gnused , gtk3 , hexdump -, makeWrapper , makeDesktopItem +, makeWrapper , ntfs3g , parted , procps -, qt5 +, qtbase , util-linux , which +, wrapQtAppsHook , xfsprogs , xz , defaultGuiType ? "" @@ -47,30 +48,24 @@ let }.${stdenv.hostPlatform.system} or (throw "Unsupported platform ${stdenv.hostPlatform.system}"); -in stdenv.mkDerivation rec { +in +stdenv.mkDerivation (finalAttrs: { pname = "ventoy-bin"; - version = "1.0.78"; + version = "1.0.79"; src = fetchurl { - url = "https://github.com/ventoy/Ventoy/releases/download/v${version}/ventoy-${version}-linux.tar.gz"; - hash = "sha256-vlSnnExtuh85yGFYUBeE7BRsVwl+kn7nSaIx2d3WICk="; + url = "https://github.com/ventoy/Ventoy/releases/download/v${finalAttrs.version}/ventoy-${finalAttrs.version}-linux.tar.gz"; + hash = "sha256-azkoDquN/i01QHsd1wJG79kdhHhBvXzPXIRnjKHAHNE="; }; patches = [ - (fetchpatch { - name = "sanitize.patch"; - url = "https://aur.archlinux.org/cgit/aur.git/plain/sanitize.patch?h=057f2d1eb496c7a3aaa8229e99a7f709428fa4c5"; - sha256 = "sha256-iAtLtM+Q4OsXDK83eCnPNomeNSEqdRLFfK2x7ybPSpk="; - }) + ./000-sanitize.patch ./001-add-mips64.diff ./002-fix-for-read-only-file-system.diff ]; patchFlags = [ "-p0" ]; - dontConfigure = true; - dontBuild = true; - postPatch = '' # Fix permissions. find -type f -name \*.sh -exec chmod a+x '{}' \; @@ -85,7 +80,7 @@ in stdenv.mkDerivation rec { makeWrapper ] ++ lib.optional (withQt5 || withGtk3) copyDesktopItems - ++ lib.optional withQt5 qt5.wrapQtAppsHook; + ++ lib.optional withQt5 wrapQtAppsHook; buildInputs = [ bash @@ -107,7 +102,7 @@ in stdenv.mkDerivation rec { ++ lib.optional withGtk3 gtk3 ++ lib.optional withNtfs ntfs3g ++ lib.optional withXfs xfsprogs - ++ lib.optional withQt5 qt5.qtbase; + ++ lib.optional withQt5 qtbase; desktopItems = [ (makeDesktopItem { @@ -121,6 +116,9 @@ in stdenv.mkDerivation rec { startupNotify = true; })]; + dontConfigure = true; + dontBuild = true; + installPhase = '' runHook preInstall @@ -159,7 +157,7 @@ in stdenv.mkDerivation rec { VentoyPlugson.sh_ventoy-plugson; do local bin="''${f%_*}" wrapper="''${f#*_}" makeWrapper "$VENTOY_PATH/$bin" "$out/bin/$wrapper" \ - --prefix PATH : "${lib.makeBinPath buildInputs}" \ + --prefix PATH : "${lib.makeBinPath finalAttrs.buildInputs}" \ --chdir "$VENTOY_PATH" done '' @@ -168,7 +166,7 @@ in stdenv.mkDerivation rec { + lib.optionalString (withGtk3 || withQt5) '' echo "${defaultGuiType}" > "$VENTOY_PATH/ventoy_gui_type" makeWrapper "$VENTOY_PATH/VentoyGUI.$ARCH" "$out/bin/ventoy-gui" \ - --prefix PATH : "${lib.makeBinPath buildInputs}" \ + --prefix PATH : "${lib.makeBinPath finalAttrs.buildInputs}" \ --chdir "$VENTOY_PATH" mkdir "$out"/share/{applications,pixmaps} ln -s "$VENTOY_PATH"/WebUI/static/img/VentoyLogo.png "$out"/share/pixmaps/ @@ -210,4 +208,4 @@ in stdenv.mkDerivation rec { sourceProvenance = with sourceTypes; [ binaryNativeCode ]; mainProgram = "ventoy"; }; -} +}) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 59b2e9cc748a..a9287e0068bd 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1359,7 +1359,9 @@ with pkgs; veikk-linux-driver-gui = libsForQt5.callPackage ../tools/misc/veikk-linux-driver-gui { }; - ventoy-bin = callPackage ../tools/cd-dvd/ventoy-bin { }; + ventoy-bin = callPackage ../tools/cd-dvd/ventoy-bin { + inherit (libsForQt5) qtbase wrapQtAppsHook; + }; ventoy-bin-full = ventoy-bin.override { withCryptsetup = true; withXfs = true; From 4d4d4587ec31b1d722c8aa8074026144c5927b36 Mon Sep 17 00:00:00 2001 From: Noah Fontes Date: Sun, 4 Sep 2022 21:36:58 -0700 Subject: [PATCH 07/13] {jam,ftjam}: cross-compile without binfmt_misc Jam is bootstrapped and then recompiled, which requires us to customize the build as the upstream doesn't understand cross compilation. We first build the bootstrap under the build platform, then rebuild any source files again using the build platform, and finally build the target binary separately. --- .../tools/build-managers/jam/default.nix | 37 +++++++++++++------ 1 file changed, 26 insertions(+), 11 deletions(-) diff --git a/pkgs/development/tools/build-managers/jam/default.nix b/pkgs/development/tools/build-managers/jam/default.nix index 0156b60660ca..192c27682ab5 100644 --- a/pkgs/development/tools/build-managers/jam/default.nix +++ b/pkgs/development/tools/build-managers/jam/default.nix @@ -1,7 +1,8 @@ -{ lib, stdenv, fetchurl, bison }: +{ lib, stdenv, fetchurl, bison, buildPackages }: let mkJam = { meta ? { }, ... } @ args: stdenv.mkDerivation (args // { + depsBuildBuild = [ buildPackages.stdenv.cc ]; nativeBuildInputs = [ bison ]; # Jambase expects ar to have flags. @@ -9,13 +10,21 @@ let export AR="$AR rc" ''; + LOCATE_TARGET = "bin.unix"; + + buildPhase = '' + runHook preBuild + make $makeFlags jam0 + ./jam0 -j$NIX_BUILD_CORES -sCC=${buildPackages.stdenv.cc.targetPrefix}cc jambase.c + ./jam0 -j$NIX_BUILD_CORES + runHook postBuild + ''; + installPhase = '' runHook preInstall - - ./jam0 -j$NIX_BUILD_CORES -sBINDIR=$out/bin install - mkdir -p $out/doc/jam + mkdir -p $out/bin $out/doc/jam + cp bin.unix/jam $out/bin/jam cp *.html $out/doc/jam - runHook postInstall ''; @@ -35,8 +44,6 @@ in in mkJam { inherit pname version; - makeFlags = [ "CC=${stdenv.cc.targetPrefix}cc" ]; - src = fetchurl { url = "https://swarm.workshop.perforce.com/projects/perforce_software-jam/download/main/${pname}-${version}.tar"; sha256 = "19xkvkpycxfsncxvin6yqrql3x3z9ypc1j8kzls5k659q4kv5rmc"; @@ -55,15 +62,23 @@ in in mkJam { inherit pname version; - postPatch = '' - substituteInPlace Jamfile --replace strip ${stdenv.cc.targetPrefix}strip - ''; - src = fetchurl { url = "https://downloads.sourceforge.net/project/freetype/${pname}/${version}/${pname}-${version}.tar.bz2"; hash = "sha256-6JdzUAqSkS3pGOn+v/q+S2vOedaa8ZRDX04DK4ptZqM="; }; + postPatch = '' + substituteInPlace Jamfile --replace strip ${stdenv.cc.targetPrefix}strip + ''; + + # Doesn't understand how to cross compile once bootstrapped, so we'll just + # use the Makefile for the bootstrapping portion. + configurePlatforms = [ "build" "target" ]; + configureFlags = [ + "CC=${buildPackages.stdenv.cc.targetPrefix}cc" + "--host=${stdenv.buildPlatform.config}" + ]; + meta = with lib; { description = "FreeType's enhanced, backwards-compatible Jam clone"; homepage = "https://freetype.org/jam/"; From 6daa5d17c0a8f74f0241740ec657b1c0a5d55edf Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 5 Sep 2022 21:23:39 +0000 Subject: [PATCH 08/13] warpd: 1.3.2 -> 1.3.3 --- pkgs/applications/misc/warpd/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/misc/warpd/default.nix b/pkgs/applications/misc/warpd/default.nix index e296eec1b345..185ad94f1a5a 100644 --- a/pkgs/applications/misc/warpd/default.nix +++ b/pkgs/applications/misc/warpd/default.nix @@ -14,13 +14,13 @@ stdenv.mkDerivation rec { pname = "warpd"; - version = "1.3.2"; + version = "1.3.3"; src = fetchFromGitHub { owner = "rvaiya"; repo = "warpd"; rev = "v${version}"; - sha256 = "AR/uLgNX1VLPEcfUd8cnplMiaoEJlUxQ55Fst62RnbI="; + sha256 = "sha256-QzMtPzuFVN8b4O250G38HAxerZewEu8MV/MDib7gh5A="; leaveDotGit = true; }; From d6ff53dc47ab13e950ebeacefc329e7110104c25 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 5 Sep 2022 22:14:11 +0000 Subject: [PATCH 09/13] httm: 0.14.9 -> 0.14.10 --- pkgs/tools/filesystems/httm/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/filesystems/httm/default.nix b/pkgs/tools/filesystems/httm/default.nix index aa08aa7759d8..c5089515db4c 100644 --- a/pkgs/tools/filesystems/httm/default.nix +++ b/pkgs/tools/filesystems/httm/default.nix @@ -6,16 +6,16 @@ rustPlatform.buildRustPackage rec { pname = "httm"; - version = "0.14.9"; + version = "0.14.10"; src = fetchFromGitHub { owner = "kimono-koans"; repo = pname; rev = version; - sha256 = "sha256-nRvXAHvIAUmtP1Xny9RWNZsCLI2eiE7163h6qxS2v1I="; + sha256 = "sha256-izJMypTB7JCvSdTbsS85ez9HL7hM8DtPvnPXA0MvQC8="; }; - cargoSha256 = "sha256-gF9pPOhWT+aaZdk7qyyDIPvJ76s6pkjaeyOLYYrHxo4="; + cargoSha256 = "sha256-3B1+pV7FyOD/e9fIKiAheIbb1vSFooc2qdnbL7LmzdQ="; nativeBuildInputs = [ installShellFiles ]; From 6d0e82f11aeaef74f8f9adcf18c1c77df8c8e2c6 Mon Sep 17 00:00:00 2001 From: Brian Leung Date: Mon, 5 Sep 2022 03:05:30 -0700 Subject: [PATCH 10/13] emacs: use withPgtk option more - do not require X when withPgtk is true - make default settings and boolean logic consistent with withPgtk setting --- pkgs/applications/editors/emacs/generic.nix | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/pkgs/applications/editors/emacs/generic.nix b/pkgs/applications/editors/emacs/generic.nix index 6a1f199461ac..34853b890417 100644 --- a/pkgs/applications/editors/emacs/generic.nix +++ b/pkgs/applications/editors/emacs/generic.nix @@ -15,10 +15,10 @@ , libgccjit, targetPlatform, makeWrapper # native-comp params , fetchFromSavannah , systemd ? null -, withX ? !stdenv.isDarwin +, withX ? !stdenv.isDarwin && !withPgtk , withNS ? stdenv.isDarwin , withGTK2 ? false, gtk2-x11 ? null -, withGTK3 ? false, gtk3-x11 ? null, gsettings-desktop-schemas ? null +, withGTK3 ? withPgtk, gtk3-x11 ? null, gsettings-desktop-schemas ? null , withXwidgets ? false, webkitgtk ? null, wrapGAppsHook ? null, glib-networking ? null , withMotif ? false, motif ? null , withSQLite3 ? false @@ -29,7 +29,7 @@ , nativeComp ? true , withAthena ? false , withToolkitScrollBars ? true -, withPgtk ? false +, withPgtk ? false, gtk3 ? null , withXinput2 ? withX && lib.versionAtLeast version "29" , withImageMagick ? lib.versionOlder version "27" && (withX || withNS) , toolkit ? ( @@ -45,9 +45,10 @@ assert stdenv.isDarwin -> libXaw != null; # fails to link otherwise assert withNS -> !withX; assert withNS -> stdenv.isDarwin; assert (withGTK2 && !withNS) -> withX; -assert (withGTK3 && !withNS) -> withX; -assert withGTK2 -> !withGTK3 && gtk2-x11 != null; -assert withGTK3 -> !withGTK2 && gtk3-x11 != null; +assert (withGTK3 && !withNS) -> withX || withPgtk; +assert withGTK2 -> !withGTK3 && gtk2-x11 != null && !withPgtk; +assert withGTK3 -> !withGTK2 && ((gtk3-x11 != null) || withPgtk); +assert withPgtk -> withGTK3 && !withX && gtk3 != null; assert withXwidgets -> withGTK3 && webkitgtk != null; @@ -134,7 +135,9 @@ let emacs = stdenv.mkDerivation (lib.optionalAttrs nativeComp { ++ lib.optionals withImageMagick [ imagemagick ] ++ lib.optionals (stdenv.isLinux && withX) [ m17n_lib libotf ] ++ lib.optional (withX && withGTK2) gtk2-x11 - ++ lib.optionals (withX && withGTK3) [ gtk3-x11 gsettings-desktop-schemas ] + ++ lib.optional (withX && withGTK3) gtk3-x11 + ++ lib.optional withGTK3 gsettings-desktop-schemas + ++ lib.optional withPgtk gtk3 ++ lib.optional (withX && withMotif) motif ++ lib.optional withSQLite3 sqlite ++ lib.optional withWebP libwebp From 7d62f9f40f6265f0c16de68eea18d8d387626ba5 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 6 Sep 2022 02:36:07 +0000 Subject: [PATCH 11/13] php80Packages.php-cs-fixer: 3.10.0 -> 3.11.0 --- pkgs/development/php-packages/php-cs-fixer/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/php-packages/php-cs-fixer/default.nix b/pkgs/development/php-packages/php-cs-fixer/default.nix index 596e5dd0c78f..0d297a35a83c 100644 --- a/pkgs/development/php-packages/php-cs-fixer/default.nix +++ b/pkgs/development/php-packages/php-cs-fixer/default.nix @@ -1,14 +1,14 @@ { mkDerivation, fetchurl, makeWrapper, lib, php }: let pname = "php-cs-fixer"; - version = "3.10.0"; + version = "3.11.0"; in mkDerivation { inherit pname version; src = fetchurl { url = "https://github.com/FriendsOfPHP/PHP-CS-Fixer/releases/download/v${version}/php-cs-fixer.phar"; - sha256 = "sha256-dhXktw9wctIwvIlME4c4yBw7qBffetiERt1C6QWCrQo="; + sha256 = "sha256-hnSHR/tDX1w/4SV6fafvUHg4JwTQJxfwKaKvEbUWJjs="; }; dontUnpack = true; From 7e6b294f4b96b36d2fa468bb9f3ef2ed8c9936ee Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 6 Sep 2022 03:51:37 +0000 Subject: [PATCH 12/13] python310Packages.faraday-agent-parameters-types: 1.0.3 -> 1.0.4 --- .../python-modules/faraday-agent-parameters-types/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/faraday-agent-parameters-types/default.nix b/pkgs/development/python-modules/faraday-agent-parameters-types/default.nix index 8649e0698271..dbf5b148b0f3 100644 --- a/pkgs/development/python-modules/faraday-agent-parameters-types/default.nix +++ b/pkgs/development/python-modules/faraday-agent-parameters-types/default.nix @@ -8,12 +8,12 @@ buildPythonPackage rec { pname = "faraday-agent-parameters-types"; - version = "1.0.3"; + version = "1.0.4"; src = fetchPypi { pname = "faraday_agent_parameters_types"; inherit version; - sha256 = "6155669db477c3330c0850814eabe231bbbadf9d2ec57b4f734994f76eaee0e7"; + sha256 = "sha256-ldGCn0VzoMRFekCPMprNLpaL5Jts5MRv5Ym1qoJwjXA="; }; propagatedBuildInputs = [ From bc392314c6d2772e80e2da5004097de463a9ec69 Mon Sep 17 00:00:00 2001 From: Yves Fischer Date: Tue, 6 Sep 2022 07:30:09 +0200 Subject: [PATCH 13/13] libxslt: fix cross compilation (#189766) * libxslt: fix cross compilation The derivation is already prepared to disable python if buildPlatform != targetPlatform. Additionally, the configure of libxslt needs to be told `--without-python` to not look for the python interpreter. Co-authored-by: Christoph Neidahl --- pkgs/development/libraries/libxslt/default.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libxslt/default.nix b/pkgs/development/libraries/libxslt/default.nix index a8ed68b088bd..0b7432136144 100644 --- a/pkgs/development/libraries/libxslt/default.nix +++ b/pkgs/development/libraries/libxslt/default.nix @@ -50,8 +50,7 @@ stdenv.mkDerivation rec { "--without-debug" "--without-mem-debug" "--without-debugger" - ] ++ lib.optionals pythonSupport [ - "--with-python=${python}" + (lib.withFeatureAs pythonSupport "python" python) ] ++ lib.optionals (!cryptoSupport) [ "--without-crypto" ];