Commit graph

1114 commits

Author SHA1 Message Date
taku0
08e41f7a58 firefox-bin: update to version 36.0.1 (close #6691) 2015-03-07 14:51:17 +01:00
Ricardo M. Correia
02b91f93c4 firefox: Update from 36.0 -> 36.0.1 2015-03-06 05:13:58 +01:00
Aistis Raulinaitis
23506c2888 Updating Opera 12.12 to 12.16 2015-03-04 09:53:31 -08:00
Ricardo M. Correia
1e4287645c firefox: Fix hash 2015-02-26 19:02:34 +01:00
taku0
2e8f2d6477 firefox-bin: update to version 36.0; thunderbird-bin: update to version 31.5.0 2015-02-25 22:42:05 +09:00
Domen Kožar
9214859fd2 Revert "Mark many packages (mostly python) broken because of broken dependencies."
This reverts commit bf86758a42.

See 71a9aa10ca25f5659a657d8910e11f36c3439a36
2015-02-25 09:23:31 +01:00
Eelco Dolstra
8196962097 firefox: Update to 36.0 2015-02-24 18:50:15 +01:00
Peter Simons
bf86758a42 Mark many packages (mostly python) broken because of broken dependencies. 2015-02-23 14:06:24 +01:00
aszlig
089bdce621
Re-re-revert "chromium: remove preferLocalBuild".
This reverts commit 0696b0ef78.

Okay, now finally, let's get this straight. We actually *want*
preferLocalBuild, *because* we have improved the source splitup in
c92dbffeac.

The idea is to use local builds in order to prevent the source being
pushed to a remote machine, splitted up there (and thus copied again)
and then being copied *again* FROM the remote machine.

"DOH!" - as @edolstra or @rbvermaa would call it... and good d^Hnight.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-02-22 08:31:25 +01:00
aszlig
0696b0ef78
Re-revert "chromium: remove preferLocalBuild".
This reverts commit 26f024626c.

I actually wasn't reading the "remove" in the commit message, so sorry
for the brainfart/noise.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-02-22 08:07:23 +01:00
aszlig
26f024626c
Revert "chromium: remove preferLocalBuild"
This reverts commit fdb5cf8107.

The reason I'm reverting this is that the implications this had on the
IO load of Hydra are fixed by c92dbffeac.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-02-22 07:55:33 +01:00
aszlig
c92dbffeac
chromium: Split up the source tarball on the fly.
So far we've done the source code split up by using the generic
unpackPhase and copying it all over into the different outputs.

However, this had the problem of generating the I/O load of about three
times the size of the source tree: First at fetchurl of the tarball
(although it's not as much because it's compressed), second at
unpackPhase and third at installPhase.

Now we don't use installPhase anymore and directly unpack into the
output paths, which unfortunately becomes quite a bit more complex
because we need to transform the paths of the tar file on the fly.

I've also tried using GNU Tar's --to-command option to even untar *and*
patch it at the same time, but forking for every single file in the
tarball gets REALLY slow and also gets even more complex than this two
stage approach because you need to make sure that the patch file is
applied correctly, for example for files that don't yet exist but are to
be created by the patch file.

We're using --anchored and --no-wildcards-match-slash here to prevent
accidentally excluding files we don't want to exclude. One example is
something like v8/tools/gyp/v8.gyp.

So the current approach is some compromise between complexity and speed
and should hopefully get rid of the Hydra build timeouts by lowering I/O
load.

See here for examples of builds having this issue:

http://hydra.nixos.org/build/19045023
http://hydra.nixos.org/build/19044973
http://hydra.nixos.org/build/19044968
http://hydra.nixos.org/build/19045019

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-02-22 07:52:53 +01:00
aszlig
0aad4b7ee4
chromium: Update all channels to latest versions.
Overview of the updated versions:

stable: 40.0.2214.91 -> 40.0.2214.115
beta:   41.0.2272.16 -> 41.0.2272.64
dev:    41.0.2272.16 -> 42.0.2305.3

Introduces 42.0.2305.3 as the new dev version, which no longer requires
our user namespaces sandbox patch. Thanks to everyone participating in
https://crbug.com/312380 for finally having this upstream.

In the course of supporting the official namespace sandbox (that's what
the user namespace sandbox is called), a few things needed to be fixed
for version 42:

 * Add an updated nix_plugin_paths.patch, because the old
   one tries to patch the path for libpdf, which is now natively included
   in Chromium.

 * Don't copy libpdf.so to libexec path for version 42, it's no longer
   needed as it's completely built-in now.

 * Disable SUID sandbox directly in the source instead of going the easy
   route of passing --disable-setuid-sandbox. The reason is that with
   the command line flag a nasty nagbar will appear.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-02-22 07:52:52 +01:00
Rickard Nilsson
da6abad31a vimb: Update from 2.8 to 2.9 2015-02-13 15:06:46 +01:00
Nathaniel Baxter
09fc276a11 flashplayer: Minor security update to 11.2.202.442 2015-02-07 11:04:48 +11:00
Luca Bruno
f53e18fc40 Fix luakit description 2015-02-06 14:50:39 +01:00
lethalman
4428076bd1 Merge pull request #5805 from matthiasbeyer/add-luakit
[WIP] Add package: luakit
2015-02-06 14:50:00 +01:00
Matthias Beyer
b5baa2c5e4 Add package: luakit
This patch adds the luakit browser. It has to be build using lua5.1, I
tried 5.2 but I couldn't run luakit due to a runtime error with it.

It also uses gtk3 here, override to use gtk2, which should also work.

Suggested-by: Benno Fünfstück <benno.fuenfstueck@gmail.com>
2015-02-06 14:19:16 +01:00
Domen Kožar
fdb5cf8107 chromium: remove preferLocalBuild due to intense IO in VM tests
(cherry picked from commit 84bd62da0a63e18fa285bacf0e648b82d601816e)
Signed-off-by: Domen Kožar <domen@dev.si>
2015-02-06 12:08:43 +01:00
Shea Levy
c45372f038 Merge commit 'cfb29ab882323d379aba20a95020c7c24f883eae'
Partial staging merge, including cc-wrapper fixes

Conflicts:
	pkgs/applications/audio/spotify/default.nix
	pkgs/build-support/cc-wrapper/default.nix
	pkgs/development/compilers/cryptol/1.8.x.nix
2015-02-02 21:14:28 -05:00
Andrey Arapov
79c5029f2e flashplayer: minor update (sha256 correction) 2015-01-31 12:21:08 +01:00
Pascal Wittmann
fcd3270737 Merge pull request #6011 from taku0/firefox-bin-35.0.1
Update firefox-bin to 35.0.1
2015-01-28 12:10:31 +01:00
taku0
c5079ee886 Update firefox-bin to 35.0.1 2015-01-28 09:49:33 +09:00
Ricardo M. Correia
f46a6c92c0 flashplayer: Update from 11.2.202.438 -> 11.2.202.440 2015-01-27 17:22:30 +01:00
Ricardo M. Correia
934ea63e8f firefox: Update from 35.0 -> 35.0.1 2015-01-27 04:39:45 +01:00
Eelco Dolstra
fa4d1e1b0a Merge pull request #5963 from ttuegel/firefox-mime
firefox: set mime-type in desktop entry
2015-01-26 12:10:35 +01:00
aszlig
9343f6f461
chromium: Ensure runtime deps for enabled plugins.
We're propagating the plugin flags by importing from another Nix
expression file, which in turn exports the Nix path to the wrapper. This
causes that the store path isn't referenced in the wrapper and the path
isn't recognized by scanning the wrapper script (only those already
referenced at build time are).

So let's add the activated plugins to the buildInputs of the wrapper.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-01-26 09:31:03 +01:00
aszlig
ced5afc38c
chromium: Update all channels to latest versions.
This brings a new stable version 40.0.2214.91 along with a beta update
to version 41.0.2272.16, the dev channel is still stuck at version
41.0.2272.12 and within the next days will jump to version 42.

For this reason, I've done some cheating here and brought the beta
channel in par with the dev channel, because dev is older than beta on
OmahaProxy.

Here's an overview of the channel upgrades:

stable: 39.0.2171.65 -> 40.0.2214.91 [1]
beta:   40.0.2214.10 -> 41.0.2272.16 [1] [2] [3]
dev:    41.0.2224.3  -> 41.0.2272.16 [1] [2] [3]

[1]: We needed to patch in locations of lib{pci,udev}.so, because
     Chromium tries to load them at runtime. For version 41 startup will
     fail if it is unable to load libudev, but it also has the advantage
     that this fixes GPU detection using libpci in the stable version,
     which in turn could fix a few bugs on NixOS.

[2]: The upstream Debian package for the binary plugins now uses XZ
     compression for the enclosed data tarball.

[3]: Chromium 41 needs {shapshot,natives}_blob.bin in order to start up,
     so let's cp it among with the .pak files to avoid adding a
     conditional for version 40.

The release annoucement of the stable channel update can be found here:

http://googlechromereleases.blogspot.de/2015/01/stable-update.html

Note that this release contains 62 security fixes(!) and I'm hereby
apologizing for the delay of this update.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-01-26 09:31:03 +01:00
Thomas Tuegel
3c15d2aa0d firefox: set mime-type in desktop entry 2015-01-25 14:43:42 -06:00
Ricardo M. Correia
f315b7d74a flashplayer: Update from 11.2.202.429 -> 11.2.202.438 2015-01-24 00:21:38 +01:00
Pascal Wittmann
c661352de2 gmtk: update from 1.0.8 to 1.0.9b 2015-01-20 13:02:45 +01:00
Peter Simons
ec6b82a0c2 Merge branch 'master' into staging. 2015-01-19 18:41:17 +01:00
koral
4cf2f41f01 New package: jumanji-20140622 2015-01-18 23:44:18 +03:00
Eric Seidel
f3c6827373 rename all occurrences of stdenv.cc.gcc to stdenv.cc.cc 2015-01-14 20:27:55 -08:00
taku0
9d2cf54c6a firefox-bin: update to version 35.0; thunderbird-bin: update to version 31.4.0 2015-01-15 09:43:10 +09:00
Vladimír Čunát
1072635cf0 firefox: major bump 34.0.5 -> 35.0 2015-01-13 19:58:11 +01:00
Ricardo M. Correia
7d1d89e532 flashplayer: Update from 11.2.202.425 -> 11.2.202.429 2015-01-13 18:11:48 +01:00
aszlig
536feffc68
chromium: Fix userns patch for kernel 3.18.2.
Writing the gid_map is already non-fatal, but the actual sandbox process
still tries to setresgid() to nogroup (usually 65534). This however
fails, because if user namespace sandboxing is present, the namespace
doesn't have CAP_SETGID at this point.

Fortunately, the effective GID is already 65534, so we just need to
check whether the target gid matches and only(!) setresgid() if it
doesn't.

So if someone would run a SUID version of the sandbox, it would still
work nonetheless without a negative impact on security.

Fixes #5730, thanks to @wizeman for reporting and initial debugging.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-01-13 06:18:10 +01:00
Michael Raskin
24faa6878b Midori now depends on sqlite 2015-01-06 22:36:17 +03:00
William A. Kennington III
afeef240dc kerberos: Use default kerberos instead of krb5 2014-12-30 00:05:12 -08:00
John Wiegley
28b6fb61e6 Change occurrences of gcc to the more general cc
This is done for the sake of Yosemite, which does not have gcc, and yet
this change is also compatible with Linux.
2014-12-26 11:06:21 -06:00
aszlig
597373bbd5
chromium: Precompile pycs instead of deleting.
This is more of an attempt rather than a real fix (or maybe it is? let's
see) for the corrupted .pyc files during build. I believe the reason we
get these are likely due to several instances of the Python interpreter
that run in parallel and one of these processes might still be writing
the .pyc file.

So, rather than deleting all .pyc files, we now precompile then in order
to avoid any build process trying to generate any .pyc file.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-25 07:10:12 +01:00
Michael Raskin
0e3e828d92 Add a mirror for midori 2014-12-18 12:48:06 +03:00
Pascal Wittmann
25ed904573 dwb: switch to a maintained fork
portix stopped developing and maintaining dwb
2014-12-15 15:57:33 +01:00
Michael Raskin
2c85888a04 Fix Firefox wrapper set-as-default functionality 2014-12-12 22:03:06 +03:00
Vladimír Čunát
15b9626a3d kde: fix CVE-2014-8600 by upstream patches
https://www.kde.org/info/security/advisory-20141113-1.txt
I couldn't find kio-extras, so I hope we don't have it disguised somewhere.
2014-12-10 19:38:50 +01:00
Ricardo M. Correia
e660a70872 flashplayer: Update from 11.2.202.424 -> 11.2.202.425 2014-12-09 18:10:21 +01:00
Domen Kožar
de99c9c955 Merge branch 'staging' 2014-12-08 16:28:45 +01:00
Benno Fünfstück
90c7b16fcf firefox-wrapper: add gstreamer plugins for h264 video support
These plugins are required by firefox for the h264 support in HTML5 <video> tags.
2014-12-07 20:37:17 +01:00
Domen Kožar
4124a0bd9c chromium: enable cups by default 2014-12-07 14:56:18 +01:00