cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

Merge master into staging-next

Browse source
This commit is contained in:
github-actions[bot] 2022-01-27 00:01:24 +00:00 committed by GitHub
commit edd0d17072
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
44 changed files with 178 additions and 683 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
nixos/doc/manual/development/running-nixos-tests-interactively.section.md
View file

@ -5,7 +5,7 @@ when developing or debugging a test:
```ShellSession
$ nix-build . -A nixosTests.login.driverInteractive
$ ./result/bin/nixos-test-driver --interactive
$ ./result/bin/nixos-test-driver
[...]
>>>
```
@ -28,7 +28,7 @@ You can re-use the VM states coming from a previous run by setting the
`--keep-vm-state` flag.
```ShellSession
$ ./result/bin/nixos-test-driver --interactive --keep-vm-state
$ ./result/bin/nixos-test-driver --keep-vm-state
```
The machine state is stored in the `$TMPDIR/vm-state-machinename`

4
nixos/doc/manual/from_md/development/running-nixos-tests-interactively.section.xml
View file

@ -6,7 +6,7 @@
</para>
<programlisting>
$ nix-build . -A nixosTests.login.driverInteractive
$ ./result/bin/nixos-test-driver --interactive
$ ./result/bin/nixos-test-driver
[...]
&gt;&gt;&gt;
</programlisting>
@ -30,7 +30,7 @@ $ ./result/bin/nixos-test-driver --interactive
the <literal>--keep-vm-state</literal> flag.
</para>
<programlisting>
$ ./result/bin/nixos-test-driver --interactive --keep-vm-state
$ ./result/bin/nixos-test-driver --keep-vm-state
</programlisting>
<para>
The machine state is stored in the

2
nixos/lib/test-driver/test_driver/__init__.py
View file

@ -61,7 +61,7 @@ def main() -> None:
"-I",
"--interactive",
help="drop into a python repl and run the tests interactively",
action="store_true",
action=argparse.BooleanOptionalAction,
)
arg_parser.add_argument(
"--start-scripts",

7
nixos/lib/testing-python.nix
View file

@ -30,7 +30,7 @@ rec {
# effectively mute the XMLLogger
export LOGFILE=/dev/null
${driver}/bin/nixos-test-driver
${driver}/bin/nixos-test-driver -o $out
'';
passthru = driver.passthru // {
@ -51,6 +51,7 @@ rec {
, enableOCR ? false
, skipLint ? false
, passthru ? {}
, interactive ? false
}:
let
# Reifies and correctly wraps the python test driver for
@ -139,7 +140,8 @@ rec {
wrapProgram $out/bin/nixos-test-driver \
--set startScripts "''${vmStartScripts[*]}" \
--set testScript "$out/test-script" \
--set vlans '${toString vlans}'
--set vlans '${toString vlans}' \
${lib.optionalString (interactive) "--add-flags --interactive"}
'');
# Make a full-blown test
@ -217,6 +219,7 @@ rec {
testName = name;
qemu_pkg = pkgs.qemu;
nodes = nodes pkgs.qemu;
interactive = true;
};
test =

35
nixos/modules/config/xdg/portal.nix
View file

@ -1,4 +1,4 @@
{ config, pkgs ,lib ,... }:
{ config, pkgs, lib, ... }:
with lib;
@ -13,13 +13,13 @@ with lib;
options.xdg.portal = {
enable =
mkEnableOption "<link xlink:href='https://github.com/flatpak/xdg-desktop-portal'>xdg desktop integration</link>"//{
mkEnableOption "<link xlink:href='https://github.com/flatpak/xdg-desktop-portal'>xdg desktop integration</link>" // {
default = false;
};
extraPortals = mkOption {
type = types.listOf types.package;
default = [];
default = [ ];
description = ''
List of additional portals to add to path. Portals allow interaction
with system, like choosing files or taking screenshots. At minimum,
@ -46,25 +46,36 @@ with lib;
let
cfg = config.xdg.portal;
packages = [ pkgs.xdg-desktop-portal ] ++ cfg.extraPortals;
joinedPortals = pkgs.symlinkJoin {
joinedPortals = pkgs.buildEnv {
name = "xdg-portals";
paths = cfg.extraPortals;
paths = packages;
pathsToLink = [ "/share/xdg-desktop-portal/portals" "/share/applications" ];
};
in mkIf cfg.enable {
in
mkIf cfg.enable {
assertions = [
{ assertion = (cfg.gtkUsePortal -> cfg.extraPortals != []);
message = "Setting xdg.portal.gtkUsePortal to true requires a portal implementation in xdg.portal.extraPortals such as xdg-desktop-portal-gtk or xdg-desktop-portal-kde.";
{
assertion = cfg.extraPortals != [ ];
message = "Setting xdg.portal.enable to true requires a portal implementation in xdg.portal.extraPortals such as xdg-desktop-portal-gtk or xdg-desktop-portal-kde.";
}
];
services.dbus.packages = packages;
services.dbus.packages = packages;
systemd.packages = packages;
environment.sessionVariables = {
GTK_USE_PORTAL = mkIf cfg.gtkUsePortal "1";
XDG_DESKTOP_PORTAL_DIR = "${joinedPortals}/share/xdg-desktop-portal/portals";
environment = {
# fixes screen sharing on plasmawayland on non-chromium apps by linking
# share/applications/*.desktop files
# see https://github.com/NixOS/nixpkgs/issues/145174
systemPackages = [ joinedPortals ];
pathsToLink = [ "/share/applications" ];
sessionVariables = {
GTK_USE_PORTAL = mkIf cfg.gtkUsePortal "1";
XDG_DESKTOP_PORTAL_DIR = "${joinedPortals}/share/xdg-desktop-portal/portals";
};
};
};
}

1
nixos/modules/module-list.nix
View file

@ -852,7 +852,6 @@
./services/networking/quassel.nix
./services/networking/quorum.nix
./services/networking/quicktun.nix
./services/networking/racoon.nix
./services/networking/radicale.nix
./services/networking/radvd.nix
./services/networking/rdnssd.nix

3
nixos/modules/rename.nix
View file

@ -80,6 +80,9 @@ with lib;
libinput and synaptics.
'')
(mkRemovedOptionModule [ "virtualisation" "rkt" ] "The rkt module has been removed, it was archived by upstream")
(mkRemovedOptionModule [ "services" "racoon" ] ''
The racoon module has been removed, because the software project was abandoned upstream.
'')
# Do NOT add any option renames here, see top of the file
];

45
nixos/modules/services/networking/racoon.nix
View file

@ -1,45 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.racoon;
in {
options.services.racoon = {
enable = mkEnableOption "racoon";
config = mkOption {
description = "Contents of racoon configuration file.";
default = "";
type = types.str;
};
configPath = mkOption {
description = "Location of racoon config if config is not provided.";
default = "/etc/racoon/racoon.conf";
type = types.path;
};
};
config = mkIf cfg.enable {
systemd.services.racoon = {
description = "Racoon Daemon";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
ExecStart = "${pkgs.ipsecTools}/bin/racoon -f ${
if (cfg.config != "") then pkgs.writeText "racoon.conf" cfg.config
else cfg.configPath
}";
ExecReload = "${pkgs.ipsecTools}/bin/racoonctl reload-config";
PIDFile = "/run/racoon.pid";
Type = "forking";
Restart = "always";
};
preStart = ''
rm /run/racoon.pid || true
mkdir -p /var/racoon
'';
};
};
}

61
nixos/modules/virtualisation/openvswitch.nix
View file

@ -36,17 +36,6 @@ in {
Open vSwitch package to use.
'';
};
ipsec = mkOption {
type = types.bool;
default = false;
description = ''
Whether to start racoon service for openvswitch.
Supported only if openvswitch version is less than 2.6.0.
Use <literal>virtualisation.vswitch.package = pkgs.openvswitch-lts</literal>
for a version that supports ipsec over GRE.
'';
};
};
config = mkIf cfg.enable (let
@ -65,7 +54,7 @@ in {
installPhase = "mkdir -p $out";
};
in (mkMerge [{
in {
environment.systemPackages = [ cfg.package ];
boot.kernelModules = [ "tun" "openvswitch" ];
@ -142,48 +131,14 @@ in {
};
};
}
(mkIf (cfg.ipsec && (versionOlder cfg.package.version "2.6.0")) {
environment.systemPackages = [ pkgs.ipsecTools ];
});
services.racoon.enable = true;
services.racoon.configPath = "${runDir}/ipsec/etc/racoon/racoon.conf";
networking.firewall.extraCommands = ''
iptables -I INPUT -t mangle -p esp -j MARK --set-mark 1/1
iptables -I INPUT -t mangle -p udp --dport 4500 -j MARK --set-mark 1/1
'';
systemd.services.ovs-monitor-ipsec = {
description = "Open_vSwitch Ipsec Daemon";
wantedBy = [ "multi-user.target" ];
requires = [ "ovsdb.service" ];
before = [ "vswitchd.service" "racoon.service" ];
environment.UNIXCTLPATH = "/tmp/ovsdb.ctl.sock";
serviceConfig = {
ExecStart = ''
${cfg.package}/bin/ovs-monitor-ipsec \
--root-prefix ${runDir}/ipsec \
--pidfile /run/openvswitch/ovs-monitor-ipsec.pid \
--monitor --detach \
unix:/run/openvswitch/db.sock
'';
PIDFile = "/run/openvswitch/ovs-monitor-ipsec.pid";
# Use service type 'forking' to correctly determine when ovs-monitor-ipsec is ready.
Type = "forking";
};
preStart = ''
rm -r ${runDir}/ipsec/etc/racoon/certs || true
mkdir -p ${runDir}/ipsec/{etc/racoon,etc/init.d/,usr/sbin/}
ln -fs ${pkgs.ipsecTools}/bin/setkey ${runDir}/ipsec/usr/sbin/setkey
ln -fs ${pkgs.writeScript "racoon-restart" ''
#!${pkgs.runtimeShell}
/run/current-system/sw/bin/systemctl $1 racoon
''} ${runDir}/ipsec/etc/init.d/racoon
'';
};
})]));
imports = [
(mkRemovedOptionModule [ "virtualisation" "vswitch" "ipsec" ] ''
OpenVSwitch IPSec functionality has been removed, because it depended on racoon,
which was removed from nixpkgs, because it was abanoded upstream.
'')
];
meta.maintainers = with maintainers; [ netixx ];

4
nixos/tests/teeworlds.nix
View file

@ -36,12 +36,12 @@ in {
client1.wait_for_x()
client2.wait_for_x()
client1.execute("teeworlds 'player_name Alice;connect server'&")
client1.execute("teeworlds 'player_name Alice;connect server' >&2 &")
server.wait_until_succeeds(
'journalctl -u teeworlds -e | grep --extended-regexp -q "team_join player=\'[0-9]:Alice"'
)
client2.execute("teeworlds 'player_name Bob;connect server'&")
client2.execute("teeworlds 'player_name Bob;connect server' >&2 &")
server.wait_until_succeeds(
'journalctl -u teeworlds -e | grep --extended-regexp -q "team_join player=\'[0-9]:Bob"'
)

29
pkgs/applications/networking/ids/zeek/default.nix
View file

@ -21,16 +21,33 @@
stdenv.mkDerivation rec {
pname = "zeek";
version = "4.1.1";
version = "4.2.0";
src = fetchurl {
url = "https://download.zeek.org/zeek-${version}.tar.gz";
sha256 = "0wq3kjc3zc5ikzwix7k7gr92v75rg6283kx5fzvc3lcdkaczq2lc";
sha256 = "sha256-jZoCjKn+x61KnkinY+KWBSOEz0AupM03FXe/8YPCdFE=";
};
nativeBuildInputs = [ cmake flex bison file ];
buildInputs = [ openssl libpcap zlib curl libmaxminddb gperftools python3 swig ncurses ]
++ lib.optionals stdenv.isDarwin [ gettext ];
nativeBuildInputs = [
bison
cmake
file
flex
];
buildInputs = [
curl
gperftools
libmaxminddb
libpcap
ncurses
openssl
python3
swig
zlib
] ++ lib.optionals stdenv.isDarwin [
gettext
];
outputs = [ "out" "lib" "py" ];
@ -54,7 +71,7 @@ stdenv.mkDerivation rec {
'';
meta = with lib; {
description = "Powerful network analysis framework much different from a typical IDS";
description = "Network analysis framework much different from a typical IDS";
homepage = "https://www.zeek.org";
changelog = "https://github.com/zeek/zeek/blob/v${version}/CHANGES";
license = licenses.bsd3;

8
pkgs/applications/networking/mullvad-vpn/default.nix
View file

@ -2,6 +2,7 @@
, alsa-lib, atk, cairo, cups, dbus, expat, fontconfig, freetype
, gdk-pixbuf, glib, gnome2, pango, nspr, nss, gtk3, mesa
, xorg, autoPatchelfHook, systemd, libnotify, libappindicator
, makeWrapper
}:
let deps = [
@ -53,6 +54,7 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [
autoPatchelfHook
dpkg
makeWrapper
];
buildInputs = deps;
@ -73,12 +75,14 @@ stdenv.mkDerivation rec {
mv usr/bin/* $out/bin
mv opt/Mullvad\ VPN/* $out/share/mullvad
sed -i 's|"\/opt\/Mullvad.*VPN|env MULLVAD_DISABLE_UPDATE_NOTIFICATION=1 "'$out'/bin|g' $out/share/applications/mullvad-vpn.desktop
ln -s $out/share/mullvad/mullvad-{gui,vpn} $out/bin/
ln -s $out/share/mullvad/resources/mullvad-daemon $out/bin/mullvad-daemon
ln -sf $out/share/mullvad/resources/mullvad-problem-report $out/bin/mullvad-problem-report
wrapProgram $out/bin/mullvad-vpn --set MULLVAD_DISABLE_UPDATE_NOTIFICATION 1
sed -i "s|Exec.*$|Exec=$out/bin/mullvad-vpn $U|" $out/share/applications/mullvad-vpn.desktop
runHook postInstall
'';

15
pkgs/applications/science/misc/tulip/default.nix
View file

@ -1,19 +1,20 @@
{ fetchurl, lib, stdenv, libxml2, freetype, libGLU, libGL, glew, qt4
, cmake, makeWrapper, libjpeg, python2 }:
{ fetchurl, lib, stdenv, libxml2, freetype, libGLU, libGL, glew
, qtbase, wrapQtAppsHook, python3
, cmake, libjpeg }:
let version = "5.2.1"; in
stdenv.mkDerivation rec {
pname = "tulip";
inherit version;
version = "5.6.1";
src = fetchurl {
url = "mirror://sourceforge/auber/${pname}-${version}_src.tar.gz";
sha256 = "0bqmqy6sri87a8xv5xf7ffaq5zin4hiaa13g0l64b84i7yckfwky";
sha256 = "1fy3nvgxv3igwc1d23zailcgigj1d0f2kkh7a5j24c0dyqz5zxmw";
};
buildInputs = [ libxml2 freetype glew libGLU libGL qt4 libjpeg python2 ];
buildInputs = [ libxml2 freetype glew libGLU libGL libjpeg qtbase python3 ];
nativeBuildInputs = [ cmake wrapQtAppsHook ];
nativeBuildInputs = [ cmake makeWrapper ];
qtWrapperArgs = [ ''--prefix PATH : ${lib.makeBinPath [ python3 ]}'' ];
# FIXME: "make check" needs Docbook's DTD 4.4, among other things.
doCheck = false;

2
pkgs/applications/video/vlc/default.nix
View file

@ -155,7 +155,7 @@ stdenv.mkDerivation rec {
xcbutilkeysyms
xlibsWrapper
])
++ optional (!hostIsAarch) live555
++ optional (!hostIsAarch && !onlyLibVLC) live555
++ optional jackSupport libjack2
++ optionals chromecastSupport [ libmicrodns protobuf ]
++ optionals skins2Support (with xorg; [

4
pkgs/applications/virtualization/crun/default.nix
View file

@ -37,13 +37,13 @@ let
in
stdenv.mkDerivation rec {
pname = "crun";
version = "1.4.1";
version = "1.4.2";
src = fetchFromGitHub {
owner = "containers";
repo = pname;
rev = version;
sha256 = "sha256-j2+ga+jnKnjnFGmrOOym99keLALg7wR7Jk+jjesiMc4=";
sha256 = "sha256-zGtHO8CgpbXTh8nZ6WA0ocakzLjL/PW2IULI5QSEPVI=";
fetchSubmodules = true;
};

4
pkgs/applications/virtualization/xen/generic.nix
View file

@ -254,5 +254,9 @@ stdenv.mkDerivation (rec {
platforms = [ "x86_64-linux" ];
maintainers = with lib.maintainers; [ eelco tstrobel oxij ];
license = lib.licenses.gpl2;
# https://xenbits.xen.org/docs/unstable/support-matrix.html
knownVulnerabilities = lib.optionals (lib.versionOlder version "4.13") [
"This version of Xen has reached its end of life. See https://xenbits.xen.org/docs/unstable/support-matrix.html"
];
} // (config.meta or {});
} // removeAttrs config [ "xenfiles" "buildInputs" "patches" "postPatch" "meta" ])

4
pkgs/development/libraries/imath/default.nix
View file

@ -6,13 +6,13 @@
stdenv.mkDerivation rec {
pname = "imath";
version = "3.1.3";
version = "3.1.4";
src = fetchFromGitHub {
owner = "AcademySoftwareFoundation";
repo = "imath";
rev = "v${version}";
sha256 = "sha256-LoyV1Wtugva6MTpREstP2rYMrHW2xR0qfEAIV1Fo1Ns=";
sha256 = "sha256-FZXIIzAxhd0QlJAV0q7spEa1pNFXutI0WFZbT3izN4M=";
};
nativeBuildInputs = [ cmake ];

4
pkgs/development/python-modules/aiogithubapi/default.nix
View file

@ -12,7 +12,7 @@
buildPythonPackage rec {
pname = "aiogithubapi";
version = "22.1.0";
version = "22.1.2";
format = "setuptools";
disabled = pythonOlder "3.8";
@ -21,7 +21,7 @@ buildPythonPackage rec {
owner = "ludeeus";
repo = pname;
rev = version;
sha256 = "sha256-rzZtf3xrbNg9VaOAOM6ux1A9S1WqUKBMKxWfHDo7/VM=";
sha256 = "sha256-n6OkyMh3HxsFY2zXqbpdvbv5NdFC+J30tW/tLEEaSeU=";
};
propagatedBuildInputs = [

4
pkgs/development/python-modules/dask-ml/default.nix
View file

@ -17,13 +17,13 @@
}:
buildPythonPackage rec {
version = "2021.11.30";
version = "2022.1.22";
pname = "dask-ml";
disabled = pythonOlder "3.6"; # >= 3.6
src = fetchPypi {
inherit pname version;
sha256 = "4f73306b5ee56e9b41b133697062d0028d30b1ece883ac6b56532fea5bd3e94a";
sha256 = "21a128e9f4f10e3b39cf82b36266eae28b17d16f2f6aa351bd73eb361e49326a";
};
nativeBuildInputs = [

22
pkgs/development/python-modules/entrypoint2/default.nix
View file

@ -1,31 +1,17 @@
{ lib, buildPythonPackage, fetchPypi, EasyProcess, pathpy, pytest }:
{ lib, buildPythonPackage, fetchPypi, EasyProcess, pathpy, pytestCheckHook }:
buildPythonPackage rec {
pname = "entrypoint2";
version = "0.2.4";
version = "1.0";
src = fetchPypi {
inherit pname version;
sha256 = "4770c3afcf3865c606a6e5f7cfcc5c59212f555fcee9b2540270399149c1dde3";
sha256 = "sha256-Z+kG9q2VjYP0i07ewo192CZw6SYZiPa0prY6vJ+zvlY=";
};
propagatedBuildInputs = [ ];
pythonImportsCheck = [ "entrypoint2" ];
# argparse is part of the standardlib
prePatch = ''
substituteInPlace setup.py --replace "argparse" ""
'';
checkInputs = [ EasyProcess pathpy pytest ];
# 0.2.1 has incompatible pycache files included
# https://github.com/ponty/entrypoint2/issues/8
checkPhase = ''
rm -rf tests/__pycache__
pytest tests
'';
checkInputs = [ EasyProcess pathpy pytestCheckHook ];
meta = with lib; {
description = "Easy to use command-line interface for python modules";

4
pkgs/development/python-modules/hahomematic/default.nix
View file

@ -14,7 +14,7 @@
buildPythonPackage rec {
pname = "hahomematic";
version = "0.27.0";
version = "0.27.2";
format = "setuptools";
disabled = pythonOlder "3.9";
@ -23,7 +23,7 @@ buildPythonPackage rec {
owner = "danielperna84";
repo = pname;
rev = version;
sha256 = "sha256-RPUj0We1nsKgAl1DTpa3pCD7gMm590N00+xwOVFIOaw=";
sha256 = "sha256-XBGA3wRZdl8rJ1hLLPPLK7E87Ggoly+kePbLY4x9/ZE=";
};
propagatedBuildInputs = [

4
pkgs/development/python-modules/openai/default.nix
View file

@ -17,7 +17,7 @@
buildPythonPackage rec {
pname = "openai";
version = "0.12.0";
version = "0.13.0";
disabled = pythonOlder "3.7.1";
@ -26,7 +26,7 @@ buildPythonPackage rec {
owner = "openai";
repo = "openai-python";
rev = "v${version}";
sha256 = "12qkbaw1gyqhs6qwyj65g6l8v5xxnilwgk0gxlwnlzrr82q458ia";
sha256 = "sha256-y1ewaVwCcJGACwupGoh7zcKxE9qVXRjMf7k3q/hFhDE=";
};
propagatedBuildInputs = [

21
pkgs/development/python-modules/pubnub/default.nix
View file

@ -8,18 +8,21 @@
, pytest-vcr
, pytest-asyncio
, requests
, six
, pythonOlder
}:
buildPythonPackage rec {
pname = "pubnub";
version = "5.5.0";
version = "6.0.0";
format = "setuptools";
disabled = pythonOlder "3.7";
src = fetchFromGitHub {
owner = pname;
repo = "python";
rev = "v${version}";
sha256 = "133sis24jd40yq4sgp8lmg2kac5wiiccisjpkhm50rb9wdbpn6kh";
hash = "sha256-ktwPut4FBkPMukUk00I1xNOuTvSJkbskPOjoYDJN5Eg=";
};
propagatedBuildInputs = [
@ -27,22 +30,24 @@ buildPythonPackage rec {
cbor2
pycryptodomex
requests
six
];
checkInputs = [
pytest-asyncio
pytestCheckHook
pytest-vcr
pytestCheckHook
];
# Some tests don't pass with recent releases of twisted
disabledTestPaths = [
# Tests require network access
"tests/integrational"
"tests/manual/asyncio"
"tests/manual"
"tests/functional/push"
];
pythonImportsCheck = [ "pubnub" ];
pythonImportsCheck = [
"pubnub"
];
meta = with lib; {
description = "Python-based APIs for PubNub";

10
pkgs/development/python-modules/pydeconz/default.nix
View file

@ -10,14 +10,16 @@
buildPythonPackage rec {
pname = "pydeconz";
version = "85";
version = "86";
format = "setuptools";
disabled = pythonOlder "3.7";
src = fetchFromGitHub {
owner = "Kane610";
repo = "deconz";
rev = "v${version}";
sha256 = "sha256-6GTMG3BfHcfLMoyabFbhsJFVDHmEICuzf32603+jyZ4=";
sha256 = "sha256-NqNXbF5rGMCbugzZY+AQPPHYmQx/RrSwqtnoF1shSSU=";
};
propagatedBuildInputs = [
@ -30,7 +32,9 @@ buildPythonPackage rec {
pytestCheckHook
];
pythonImportsCheck = [ "pydeconz" ];
pythonImportsCheck = [
"pydeconz"
];
meta = with lib; {
description = "Python library wrapping the Deconz REST API";

4
pkgs/development/python-modules/pykrakenapi/default.nix
View file

@ -7,13 +7,13 @@
buildPythonPackage rec {
pname = "pykrakenapi";
version = "0.2.3";
version = "0.2.4";
src = fetchFromGitHub {
owner = "dominiktraxl";
repo = "pykrakenapi";
rev = "v${version}";
sha256 = "0yvhgk5wyklwqd67hfajnd7ims79h4h89pp65xb3x5mcmdcfz4ss";
hash = "sha256-i2r6t+JcL6INI8Y26gvVvNjv6XxMj4G+pF9Xf/hsx1A=";
};
propagatedBuildInputs = [

16
pkgs/development/python-modules/regenmaschine/default.nix
View file

@ -14,15 +14,16 @@
buildPythonPackage rec {
pname = "regenmaschine";
version = "2021.10.0";
version = "2022.01.0";
format = "pyproject";
disabled = pythonOlder "3.6";
disabled = pythonOlder "3.8";
src = fetchFromGitHub {
owner = "bachya";
repo = pname;
rev = version;
sha256 = "sha256-vMXDnnIQiRuyLvem1JKop6FJ0fhwR8xP0276PdZi/QI=";
sha256 = "sha256-TPiz3d1GbcIWCKRz3Hq4JU9+df/Fw4dUXQkIM6QO1Fs=";
};
nativeBuildInputs = [
@ -42,7 +43,14 @@ buildPythonPackage rec {
pytestCheckHook
];
pythonImportsCheck = [ "regenmaschine" ];
disabledTestPaths = [
# Examples are prefix with test_
"examples/"
];
pythonImportsCheck = [
"regenmaschine"
];
__darwinAllowLocalNetworking = true;

8
pkgs/development/python-modules/rokuecp/default.nix
View file

@ -2,6 +2,7 @@
, aiohttp
, aresponses
, buildPythonPackage
, cachetools
, fetchFromGitHub
, pytest-asyncio
, pytestCheckHook
@ -12,20 +13,21 @@
buildPythonPackage rec {
pname = "rokuecp";
version = "0.8.4";
version = "0.11.0";
format = "setuptools";
disabled = pythonOlder "3.7";
disabled = pythonOlder "3.8";
src = fetchFromGitHub {
owner = "ctalkington";
repo = "python-rokuecp";
rev = version;
sha256 = "sha256-vwXBYwiDQZBxEZDwLX9if6dt7tKQQOLyKL5m0q/3eUw=";
sha256 = "sha256-Y4Ge7IOR7//MJ0w7kdOgchLWFGR1qJbY0PSpJrjucaQ=";
};
propagatedBuildInputs = [
aiohttp
cachetools
xmltodict
yarl
];

4
pkgs/development/python-modules/zha-quirks/default.nix
View file

@ -9,13 +9,13 @@
buildPythonPackage rec {
pname = "zha-quirks";
version = "0.0.65";
version = "0.0.66";
src = fetchFromGitHub {
owner = "zigpy";
repo = "zha-device-handlers";
rev = version;
sha256 = "sha256-3Lcmc95KotFMlL44zDugIQkHtplMMlyWjSb+SLehaqs=";
sha256 = "18g0i6b60ndfmbvdsx5pniq56fyc5k39ylp3sjhrfjcj434wvbvc";
};
propagatedBuildInputs = [

88
pkgs/development/tools/build-managers/cmake/2.8.nix
View file

@ -1,88 +0,0 @@
{ lib, stdenv, fetchurl, fetchpatch, curl, expat, zlib, bzip2
, useNcurses ? false, ncurses, useQt4 ? false, qt4, ps
}:
with lib;
assert stdenv ? cc;
assert stdenv.cc ? libc;
let
os = lib.optionalString;
majorVersion = "2.8";
minorVersion = "12.2";
version = "${majorVersion}.${minorVersion}";
in
stdenv.mkDerivation rec {
pname = "cmake${os useNcurses "-cursesUI"}${os useQt4 "-qt4UI"}";
inherit version;
inherit majorVersion;
src = fetchurl {
url = "${meta.homepage}files/v${majorVersion}/cmake-${version}.tar.gz";
sha256 = "0phf295a9cby0v7zqdswr238v5aiy3rb2fs6dz39zjxbmzlp8rcc";
};
enableParallelBuilding = true;
patches =
[(fetchpatch { # see https://www.cmake.org/Bug/view.php?id=13959
name = "FindFreetype-2.5.patch";
url = "https://public.kitware.com/Bug/file/4660/0001-Support-finding-freetype2-using-pkg-config.patch";
sha256 = "136z63ff83hnwd247cq4m8m8164pklzyl5i2csf5h6wd8p01pdkj";
})] ++
# Don't search in non-Nix locations such as /usr, but do search in our libc.
[ ./search-path-2.8.patch ] ++
optional (stdenv.hostPlatform != stdenv.buildPlatform) (fetchurl {
name = "fix-darwin-cross-compile.patch";
url = "https://public.kitware.com/Bug/file_download.php?"
+ "file_id=4981&type=bug";
sha256 = "16acmdr27adma7gs9rs0dxdiqppm15vl3vv3agy7y8s94wyh4ybv";
});
postPatch = ''
substituteInPlace Utilities/cmlibarchive/CMakeLists.txt \
--replace '"-framework CoreServices"' '""'
'';
buildInputs = [ setupHook curl expat zlib bzip2 ]
++ optional useNcurses ncurses
++ optional useQt4 qt4;
propagatedBuildInputs = [ ps ];
CMAKE_PREFIX_PATH = concatStringsSep ":"
(concatMap (p: [ (p.dev or p) (p.out or p) ]) buildInputs);
configureFlags = [
"--docdir=/share/doc/${pname}-${version}"
"--mandir=/share/man"
"--system-libs"
"--no-system-libarchive"
] ++ lib.optional useQt4 "--qt-gui";
setupHook = ./setup-hook.sh;
dontUseCmakeConfigure = true;
preConfigure = with stdenv; ''
fixCmakeFiles .
substituteInPlace Modules/Platform/UnixPaths.cmake \
--subst-var-by libc_bin ${getBin cc.libc} \
--subst-var-by libc_dev ${getDev cc.libc} \
--subst-var-by libc_lib ${getLib cc.libc}
configureFlags="--parallel=''${NIX_BUILD_CORES:-1} $configureFlags"
'';
hardeningDisable = [ "format" ];
meta = {
homepage = "https://cmake.org";
description = "Cross-Platform Makefile Generator";
platforms = if useQt4 then qt4.meta.platforms else lib.platforms.unix;
maintainers = with lib.maintainers; [ xfix ];
license = lib.licenses.bsd3;
};
}

92
pkgs/development/tools/build-managers/cmake/search-path-2.8.patch
View file

@ -1,92 +0,0 @@
diff -ru3 cmake-2.8.12.2/Modules/Platform/Linux.cmake cmake-2.8.12.2-new/Modules/Platform/Linux.cmake
--- cmake-2.8.12.2/Modules/Platform/Linux.cmake 2014-01-16 21:15:08.000000000 +0400
+++ cmake-2.8.12.2-new/Modules/Platform/Linux.cmake 2016-04-13 22:00:32.928575740 +0300
@@ -36,22 +36,11 @@
# checking the platform every time. This option is advanced enough
# that only package maintainers should need to adjust it. They are
# capable of providing a setting on the command line.
- if(EXISTS "/etc/debian_version")
- set(CMAKE_INSTALL_SO_NO_EXE 1 CACHE INTERNAL
- "Install .so files without execute permission.")
- else()
- set(CMAKE_INSTALL_SO_NO_EXE 0 CACHE INTERNAL
- "Install .so files without execute permission.")
- endif()
+ set(CMAKE_INSTALL_SO_NO_EXE 0 CACHE INTERNAL
+ "Install .so files without execute permission.")
endif()
# Match multiarch library directory names.
set(CMAKE_LIBRARY_ARCHITECTURE_REGEX "[a-z0-9_]+(-[a-z0-9_]+)?-linux-gnu[a-z0-9_]*")
include(Platform/UnixPaths)
-
-# Debian has lib64 paths only for compatibility so they should not be
-# searched.
-if(EXISTS "/etc/debian_version")
- set_property(GLOBAL PROPERTY FIND_LIBRARY_USE_LIB64_PATHS FALSE)
-endif()
diff -ru3 cmake-2.8.12.2/Modules/Platform/UnixPaths.cmake cmake-2.8.12.2-new/Modules/Platform/UnixPaths.cmake
--- cmake-2.8.12.2/Modules/Platform/UnixPaths.cmake 2014-01-16 21:15:08.000000000 +0400
+++ cmake-2.8.12.2-new/Modules/Platform/UnixPaths.cmake 2016-04-14 00:09:10.106362636 +0300
@@ -32,9 +32,6 @@
# List common installation prefixes. These will be used for all
# search types.
list(APPEND CMAKE_SYSTEM_PREFIX_PATH
- # Standard
- /usr/local /usr /
-
# CMake install location
"${_CMAKE_INSTALL_DIR}"
@@ -44,44 +41,26 @@
# List common include file locations not under the common prefixes.
list(APPEND CMAKE_SYSTEM_INCLUDE_PATH
- # Windows API on Cygwin
- /usr/include/w32api
-
- # X11
- /usr/X11R6/include /usr/include/X11
-
- # Other
- /usr/pkg/include
- /opt/csw/include /opt/include
- /usr/openwin/include
+ @libc_dev@/include
)
list(APPEND CMAKE_SYSTEM_LIBRARY_PATH
- # Windows API on Cygwin
- /usr/lib/w32api
-
- # X11
- /usr/X11R6/lib /usr/lib/X11
-
- # Other
- /usr/pkg/lib
- /opt/csw/lib /opt/lib
- /usr/openwin/lib
+ @libc_lib@/lib
)
list(APPEND CMAKE_SYSTEM_PROGRAM_PATH
- /usr/pkg/bin
+ @libc_bin@/bin
)
list(APPEND CMAKE_PLATFORM_IMPLICIT_LINK_DIRECTORIES
- /lib /usr/lib /usr/lib32 /usr/lib64
+ @libc_lib@/lib
)
list(APPEND CMAKE_C_IMPLICIT_INCLUDE_DIRECTORIES
- /usr/include
+ @libc_dev@/include
)
list(APPEND CMAKE_CXX_IMPLICIT_INCLUDE_DIRECTORIES
- /usr/include
+ @libc_dev@/include
)
# Enable use of lib64 search path variants by default.

4
pkgs/development/tools/metal-cli/default.nix
View file

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "metal-cli";
version = "0.7.0";
version = "0.7.1";
src = fetchFromGitHub {
owner = "equinix";
repo = pname;
rev = "v${version}";
sha256 = "sha256-Zl0OuyqF+bNsp1AqnS8jhQlY7l4U6OjHHgth7pRPwEc=";
sha256 = "sha256-Ekwucff12FIjaZ8qDvonhTdz7+DRpPLMGz2yqaCy+Bc=";
};
vendorSha256 = "sha256-F8d5i9jvjY11Pv6w0ZXI3jr0Wix++B/w9oRTuJGpQfE=";

16
pkgs/os-specific/linux/ipsec-tools/CVE-2015-4047.patch
View file

@ -1,16 +0,0 @@
Index: pkg-ipsec-tools/src/racoon/gssapi.c
===================================================================
--- pkg-ipsec-tools.orig/src/racoon/gssapi.c
+++ pkg-ipsec-tools/src/racoon/gssapi.c
@@ -192,6 +192,11 @@ gssapi_init(struct ph1handle *iph1)
gss_name_t princ, canon_princ;
OM_uint32 maj_stat, min_stat;
+ if (iph1->rmconf == NULL) {
+ plog(LLV_ERROR, LOCATION, NULL, "no remote config\n");
+ return -1;
+ }
+
gps = racoon_calloc(1, sizeof (struct gssapi_ph1_state));
if (gps == NULL) {
plog(LLV_ERROR, LOCATION, NULL, "racoon_calloc failed\n");

193
pkgs/os-specific/linux/ipsec-tools/CVE-2016-10396.patch
View file

@ -1,193 +0,0 @@
From: Antoine_Beaupre <anarcat@orangeseeds.org>
Acked-by: Jiri Bohac <jbohac@suse.cz>
Subject: PR/51682: Avoid DoS with fragment out of order insertion; keep fragments sorted in the list.
References: bsc#1047443, CVE-2016-10396
Index: a/src/racoon/handler.h
===================================================================
--- a/src/racoon/handler.h.orig 2018-01-26 18:05:21.114764376 +0100
+++ a/src/racoon/handler.h 2018-01-26 18:05:33.986741103 +0100
@@ -141,6 +141,7 @@ struct ph1handle {
#endif
#ifdef ENABLE_FRAG
int frag; /* IKE phase 1 fragmentation */
+ int frag_last_index;
struct isakmp_frag_item *frag_chain; /* Received fragments */
#endif
Index: a/src/racoon/isakmp.c
===================================================================
--- a/src/racoon/isakmp.c.orig 2018-01-26 18:05:21.118764369 +0100
+++ a/src/racoon/isakmp.c 2018-01-26 18:05:33.986741103 +0100
@@ -1069,6 +1069,7 @@ isakmp_ph1begin_i(rmconf, remote, local)
iph1->frag = 1;
else
iph1->frag = 0;
+ iph1->frag_last_index = 0;
iph1->frag_chain = NULL;
#endif
iph1->approval = NULL;
@@ -1173,6 +1174,7 @@ isakmp_ph1begin_r(msg, remote, local, et
#endif
#ifdef ENABLE_FRAG
iph1->frag = 0;
+ iph1->frag_last_index = 0;
iph1->frag_chain = NULL;
#endif
iph1->approval = NULL;
Index: a/src/racoon/isakmp_frag.c
===================================================================
--- a/src/racoon/isakmp_frag.c.orig 2018-01-26 18:05:21.118764369 +0100
+++ a/src/racoon/isakmp_frag.c 2018-01-26 18:05:33.986741103 +0100
@@ -173,6 +173,43 @@ vendorid_frag_cap(gen)
return ntohl(hp[MD5_DIGEST_LENGTH / sizeof(*hp)]);
}
+static int
+isakmp_frag_insert(struct ph1handle *iph1, struct isakmp_frag_item *item)
+{
+ struct isakmp_frag_item *pitem = NULL;
+ struct isakmp_frag_item *citem = iph1->frag_chain;
+
+ /* no frag yet, just insert at beginning of list */
+ if (iph1->frag_chain == NULL) {
+ iph1->frag_chain = item;
+ return 0;
+ }
+
+ do {
+ /* duplicate fragment number, abort (CVE-2016-10396) */
+ if (citem->frag_num == item->frag_num)
+ return -1;
+
+ /* need to insert before current item */
+ if (citem->frag_num > item->frag_num) {
+ if (pitem != NULL)
+ pitem->frag_next = item;
+ else
+ /* insert at the beginning of the list */
+ iph1->frag_chain = item;
+ item->frag_next = citem;
+ return 0;
+ }
+
+ pitem = citem;
+ citem = citem->frag_next;
+ } while (citem != NULL);
+
+ /* we reached the end of the list, insert */
+ pitem->frag_next = item;
+ return 0;
+}
+
int
isakmp_frag_extract(iph1, msg)
struct ph1handle *iph1;
@@ -224,39 +261,43 @@ isakmp_frag_extract(iph1, msg)
item->frag_next = NULL;
item->frag_packet = buf;
- /* Look for the last frag while inserting the new item in the chain */
- if (item->frag_last)
- last_frag = item->frag_num;
+ /* Check for the last frag before inserting the new item in the chain */
+ if (item->frag_last) {
+ /* if we have the last fragment, indices must match */
+ if (iph1->frag_last_index != 0 &&
+ item->frag_last != iph1->frag_last_index) {
+ plog(LLV_ERROR, LOCATION, NULL,
+ "Repeated last fragment index mismatch\n");
+ racoon_free(item);
+ vfree(buf);
+ return -1;
+ }
- if (iph1->frag_chain == NULL) {
- iph1->frag_chain = item;
- } else {
- struct isakmp_frag_item *current;
+ last_frag = iph1->frag_last_index = item->frag_num;
+ }
- current = iph1->frag_chain;
- while (current->frag_next) {
- if (current->frag_last)
- last_frag = item->frag_num;
- current = current->frag_next;
- }
- current->frag_next = item;
+ /* insert fragment into chain */
+ if (isakmp_frag_insert(iph1, item) == -1) {
+ plog(LLV_ERROR, LOCATION, NULL,
+ "Repeated fragment index mismatch\n");
+ racoon_free(item);
+ vfree(buf);
+ return -1;
}
- /* If we saw the last frag, check if the chain is complete */
+ /* If we saw the last frag, check if the chain is complete
+ * we have a sorted list now, so just walk through */
if (last_frag != 0) {
+ item = iph1->frag_chain;
for (i = 1; i <= last_frag; i++) {
- item = iph1->frag_chain;
- do {
- if (item->frag_num == i)
- break;
- item = item->frag_next;
- } while (item != NULL);
-
+ if (item->frag_num != i)
+ break;
+ item = item->frag_next;
if (item == NULL) /* Not found */
break;
}
- if (item != NULL) /* It is complete */
+ if (i > last_frag) /* It is complete */
return 1;
}
@@ -291,15 +332,9 @@ isakmp_frag_reassembly(iph1)
}
data = buf->v;
+ item = iph1->frag_chain;
for (i = 1; i <= frag_count; i++) {
- item = iph1->frag_chain;
- do {
- if (item->frag_num == i)
- break;
- item = item->frag_next;
- } while (item != NULL);
-
- if (item == NULL) {
+ if (item->frag_num != i) {
plog(LLV_ERROR, LOCATION, NULL,
"Missing fragment #%d\n", i);
vfree(buf);
@@ -308,6 +343,7 @@ isakmp_frag_reassembly(iph1)
}
memcpy(data, item->frag_packet->v, item->frag_packet->l);
data += item->frag_packet->l;
+ item = item->frag_next;
}
out:
diff -u -p -r1.50 -r1.51
--- a/src/racoon/isakmp_inf.c 2013/04/12 09:53:10 1.50
+++ a/src/racoon/isakmp_inf.c 2017/01/24 19:23:56 1.51
@@ -720,6 +720,7 @@ isakmp_info_send_nx(isakmp, remote, loca
#endif
#ifdef ENABLE_FRAG
iph1->frag = 0;
+ iph1->frag_last_index = 0;
iph1->frag_chain = NULL;
#endif

49
pkgs/os-specific/linux/ipsec-tools/default.nix
View file

@ -1,49 +0,0 @@
{ lib, stdenv, fetchurl, fetchpatch, linuxHeaders, readline, openssl, flex, libkrb5, pam }:
# TODO: These tools are supposed to work under NetBSD and FreeBSD as
# well, so I guess it's not appropriate to place this expression in
# "os-specific/linux/ipsec-tools". Since I cannot verify that the
# expression actually builds on those platforms, I'll leave it here for
# the time being.
stdenv.mkDerivation rec {
pname = "ipsec-tools";
version = "0.8.2";
src = fetchurl {
url = "mirror://sourceforge/ipsec-tools/ipsec-tools-${version}.tar.bz2";
sha256 = "0b9gfbz78k2nj0k7jdlm5kajig628ja9qm0z5yksiwz22s3v7dlf";
};
buildInputs = [ readline openssl flex libkrb5 pam ];
patches = [
./dont-create-localstatedir-during-install.patch
./CVE-2015-4047.patch
./CVE-2016-10396.patch
];
# fix build with newer gcc versions
preConfigure = ''substituteInPlace configure --replace "-Werror" "" '';
configureFlags = [
"--sysconfdir=/etc --localstatedir=/var"
"--with-kernel-headers=${linuxHeaders}/include"
"--disable-security-context"
"--enable-adminport"
"--enable-dpd"
"--enable-frag"
"--enable-gssapi"
"--enable-hybrid"
"--enable-natt"
"--enable-shared"
"--enable-stats"
];
meta = with lib; {
homepage = "http://ipsec-tools.sourceforge.net/";
description = "Port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation";
license = licenses.bsd3;
platforms = platforms.linux;
};
}

13
pkgs/os-specific/linux/ipsec-tools/dont-create-localstatedir-during-install.patch
View file

@ -1,13 +0,0 @@
diff -ubr ipsec-tools-0.8.0-orig/src/racoon/Makefile.in ipsec-tools-0.8.0/src/racoon/Makefile.in
--- ipsec-tools-0.8.0-orig/src/racoon/Makefile.in 2012-10-20 13:01:07.700903316 +0200
+++ ipsec-tools-0.8.0/src/racoon/Makefile.in 2012-10-20 13:01:13.177832616 +0200
@@ -1085,9 +1085,6 @@
uninstall-sbinPROGRAMS
-install-exec-local:
- ${mkinstalldirs} $(DESTDIR)${adminsockdir}
-
# special object rules
crypto_openssl_test.o: crypto_openssl.c
$(COMPILE) -DEAYDEBUG -o crypto_openssl_test.o -c $(srcdir)/crypto_openssl.c

30
pkgs/os-specific/linux/kernel/hardened/patches.json
View file

@ -22,31 +22,31 @@
"5.10": {
"patch": {
"extra": "-hardened1",
"name": "linux-hardened-5.10.92-hardened1.patch",
"sha256": "08vhk7vzwd9r76mphyphc5n718kdpg3l2i0smrr92w5mx19pvs8g",
"url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.92-hardened1/linux-hardened-5.10.92-hardened1.patch"
"name": "linux-hardened-5.10.93-hardened1.patch",
"sha256": "0ka3vnd1pwdjkz10hpn4jpxbg6s00kf5jj47847vhbi7fmbgvbg5",
"url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.93-hardened1/linux-hardened-5.10.93-hardened1.patch"
},
"sha256": "0lmvdskxk1r18p6rn2dhw23wj8g3a8blar6xn5x1sgqxln006xfm",
"version": "5.10.92"
"sha256": "1jxv7can60rc5i2yjgj8frcjvwi1jnba1jl8i3070xmb1d1qqy56",
"version": "5.10.93"
},
"5.15": {
"patch": {
"extra": "-hardened1",
"name": "linux-hardened-5.15.15-hardened1.patch",
"sha256": "0js9fz2xx8gshxb5dc6ycmgycmcfqpxdkbpbmx92d397qdnj0460",
"url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.15-hardened1/linux-hardened-5.15.15-hardened1.patch"
"name": "linux-hardened-5.15.16-hardened1.patch",
"sha256": "0a8cdxw2s0jr39j072pn7xr5j8zfdmrbsfl5rbvcjqrfnj4ijc15",
"url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.16-hardened1/linux-hardened-5.15.16-hardened1.patch"
},
"sha256": "0nisr3i9sxpp0s25wg6sb45287l0v9vmsgnz6d4igbvih37mfg0x",
"version": "5.15.15"
"sha256": "150pzxra564z9xaaclmbbd29x4x9il8y78zz7szi50lzx0a0l2ms",
"version": "5.15.16"
},
"5.4": {
"patch": {
"extra": "-hardened1",
"name": "linux-hardened-5.4.172-hardened1.patch",
"sha256": "124l2b3km1278dc4lgm35f50jfxnbdia1127j27w3b3dhs37baw9",
"url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.172-hardened1/linux-hardened-5.4.172-hardened1.patch"
"name": "linux-hardened-5.4.173-hardened1.patch",
"sha256": "1zpczgxyh76lazsjgf7n1872aayaxg660x6phyr6db667wa8x3r4",
"url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.173-hardened1/linux-hardened-5.4.173-hardened1.patch"
},
"sha256": "1r3ci123dmijk0n3z91xqri89rbvnk51hd9d4q430ag8cw5qk7mi",
"version": "5.4.172"
"sha256": "0ff2jvwxj55547wvwp94a8bsd610s72906d4nsyhiirrn9sy5s4r",
"version": "5.4.173"
}
}

4
pkgs/servers/mail/postfix/default.nix
View file

@ -24,11 +24,11 @@ let
in stdenv.mkDerivation rec {
pname = "postfix";
version = "3.6.3";
version = "3.6.4";
src = fetchurl {
url = "http://cdn.postfix.johnriley.me/mirrors/postfix-release/official/${pname}-${version}.tar.gz";
sha256 = "1g5ii5vvcr87qkabsbyg3n7kzy1g5k2n5gwa8468w5d0ava424hg";
hash = "sha256-jeBhnc8vp8IVqAz4S4KrcWMdTUciy6CUlyXOPhgDHU4=";
};
nativeBuildInputs = [ makeWrapper m4 ];

4
pkgs/tools/archivers/unrar/default.nix
View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "unrar";
version = "6.1.3";
version = "6.1.4";
src = fetchurl {
url = "https://www.rarlab.com/rar/unrarsrc-${version}.tar.gz";
sha256 = "sha256-0FAiRCAJICp5LliL7FiSHBI/8Eb8dV9/InKHGlvXljY=";
sha256 = "sha256-wO1YYpJDlhw/HskMCLEf+TJh5Wjb/c4r87dZ7npKO3w=";
};
postPatch = ''

4
pkgs/tools/misc/esphome/default.nix
View file

@ -17,14 +17,14 @@ let
in
with python.pkgs; buildPythonApplication rec {
pname = "esphome";
version = "2022.1.1";
version = "2022.1.2";
format = "setuptools";
src = fetchFromGitHub {
owner = pname;
repo = pname;
rev = version;
sha256 = "sha256-cqL+54Hjqql1YpsXEFLTD5UhxoEizFSr//4TZm7QEVU=";
sha256 = "sha256-hq+gYhDkEzIqgP4CcHRuA5A9694L3LeW9bditejfjm8=";
};
patches = [

1
pkgs/tools/networking/urlwatch/default.nix
View file

@ -17,6 +17,7 @@ python3Packages.buildPythonApplication rec {
propagatedBuildInputs = with python3Packages; [
appdirs
cssselect
jq
keyring
lxml
markdown2

14
pkgs/tools/security/rng-tools/default.nix
View file

@ -23,13 +23,6 @@ stdenv.mkDerivation rec {
sha256 = "sha256-qheJaeVX2zuv0mvKEd6wcbSHFjiJE0t5hVCJiRSKm3M=";
};
postPatch = ''
${optionalString withPkcs11 ''
substituteInPlace rngd.c \
--replace /usr/lib64/opensc-pkcs11.so ${opensc}/lib/opensc-pkcs11.so
''}
'';
nativeBuildInputs = [ autoreconfHook libtool pkg-config ];
configureFlags = [
@ -49,8 +42,11 @@ stdenv.mkDerivation rec {
enableParallelBuilding = true;
# For cross-compilation
makeFlags = [ "AR:=$(AR)" ];
makeFlags = [
"AR:=$(AR)" # For cross-compilation
] ++ optionals (withPkcs11) [
"PKCS11_ENGINE=${opensc}/lib/opensc-pkcs11.so" # Overrides configure script paths
];
doCheck = true;
preCheck = "patchShebangs tests/*.sh";

4
pkgs/tools/security/volatility3/default.nix
View file

@ -5,7 +5,7 @@
python3.pkgs.buildPythonApplication rec {
pname = "volatility3";
version = "1.0.1";
version = "2.0.0";
disabled = python3.pythonOlder "3.6";
@ -13,7 +13,7 @@ python3.pkgs.buildPythonApplication rec {
owner = "volatilityfoundation";
repo = pname;
rev = "v${version}";
sha256 = "1k56izgkla9mrjrkp1saavajdx9x1wkqpwmbpvxv9rw5k80m5a4a";
sha256 = "141n09cdc17pfdhs01aw8l4cvsqpcz8ji5l4gi7r88cyf4ix2lnz";
};
propagatedBuildInputs = with python3.pkgs; [

1
pkgs/top-level/aliases.nix
View file

@ -413,6 +413,7 @@ mapAliases ({
inotifyTools = inotify-tools;
inter-ui = inter; # added 2021-03-27
iproute = iproute2; # moved from top-level 2021-03-14
ipsecTools = throw "ipsecTools has benn removed, because it was no longer maintained upstream"; # added 2021-12-15
i-score = throw "i-score has been removed: abandoned upstream."; # added 2020-11-21
jack2Full = jack2; # moved from top-level 2021-03-14
jamomacore = throw "jamomacore has been removed: abandoned upstream."; # added 2020-11-21

11
pkgs/top-level/all-packages.nix
View file

@ -8641,11 +8641,6 @@ with pkgs;
pngout = callPackage ../tools/graphics/pngout { };
ipsecTools = callPackage ../os-specific/linux/ipsec-tools {
flex = flex_2_5_35;
openssl = openssl_1_0_2;
};
patch = gnupatch;
patchage = callPackage ../applications/audio/patchage { };
@ -14495,8 +14490,6 @@ with pkgs;
ctmg = callPackage ../tools/security/ctmg { };
cmake_2_8 = callPackage ../development/tools/build-managers/cmake/2.8.nix { };
cmake = libsForQt5.callPackage ../development/tools/build-managers/cmake {
inherit (darwin.apple_sdk.frameworks) SystemConfiguration;
};
@ -32633,9 +32626,7 @@ with pkgs;
astrolabe-generator = callPackage ../applications/science/astronomy/astrolabe-generator { };
tulip = callPackage ../applications/science/misc/tulip {
cmake = cmake_2_8;
};
tulip = libsForQt5.callPackage ../applications/science/misc/tulip { };
vite = callPackage ../applications/science/misc/vite { };