cafkafk/nixpkgs
cafkafk/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
78627 commits 1 branch 0 tags 3.7 GiB
Commit graph

78627 commits

This branch
This branch
All branches
Author SHA1 Message Date
Franz Pletz
baee91ec60 cc-wrapper: Check if ld supports -z, fixes darwin 2016-03-07 21:40:20 +01:00
Franz Pletz
b2b499e6c4 cc-wrapper: Increase number of functions for stackprotector 2016-03-07 01:30:40 +01:00
Franz Pletz
ab1092875a cc-wrapper: Disable pie for linking static libs 2016-03-07 01:30:39 +01:00
Franz Pletz
63f60b6a13 cc-wrapper: Disable pie when linking shared libraries 2016-03-07 01:30:39 +01:00
Robin Gloster
2013614e1d vim-configurable: Disable hardening flag fortify 
Fortify hardening detects a probable buffer overflow in vim at runtime. This
has to be fixed upstream.

Debian also disables fortify:

  https://anonscm.debian.org/cgit/pkg-vim/vim.git/tree/debian/rules#n6
 2016-03-06 16:57:34 +00:00
Robin Gloster
1b4ec4b495 linuxPackages.virtualbox: disable fortify/pic/stackprotector 2016-03-06 15:48:16 +00:00
Franz Pletz
1fb09c1e7d dhcpcd: enable PIE hardening 2016-03-06 00:15:49 +01:00
Franz Pletz
6473000edd opendkim: enable PIE hardening 2016-03-06 00:15:35 +01:00
Franz Pletz
fb57bfbd4f php: enable PIE hardening 2016-03-06 00:15:18 +01:00
Franz Pletz
05a02c53a0 cc-wrapper: -pie is a ldflag 2016-03-06 00:14:55 +01:00
Franz Pletz
0cad2e7af1 vim: Disable hardening flag fortify 
Fortify hardening detects a probable buffer overflow in vim at runtime. This
has to be fixed upstream.

Debian also disables fortify:

  https://anonscm.debian.org/cgit/pkg-vim/vim.git/tree/debian/rules#n6
 2016-03-05 21:45:04 +01:00
Franz Pletz
034b2ec2ed glibc: stackprotector is already disabled in default.nix 
This overwrites the hardeningDisable attribute and removes disabling the
fortify flag.
 2016-03-05 19:47:04 +01:00
Franz Pletz
cb3d27df93 Merge remote-tracking branch 'origin/master' into hardened-stdenv 2016-03-05 18:55:30 +01:00
Franz Pletz
aff1f4ab94 Use general hardening flag toggle lists 
The following parameters are now available:

  * hardeningDisable
    To disable specific hardening flags
  * hardeningEnable
    To enable specific hardening flags

Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.

cc-wrapper supports the following flags:

  * fortify
  * stackprotector
  * pie (disabled by default)
  * pic
  * strictoverflow
  * format
  * relro
  * bindnow
 2016-03-05 18:55:26 +01:00
Franz Pletz
a2e449e43e coreutils: Skip some tests (filenames too long) 2016-03-05 18:55:26 +01:00
Christoph Hrdinka
4e8853ca8d Merge pull request #13544 from leenaars/vapor 
vapor: init at 0.2.3
 2016-03-05 18:36:58 +01:00
Michiel Leenaars
af35cd2513 vapor: init at 0.2.3 2016-03-05 17:59:30 +01:00
Frederik Rietdijk
36506df7fe Merge pull request #13448 from lancelotsix/use_recent_sqlalchemy_as_default 
pythonPackages.sqlalchemy: follows upstream, use "sqlalchemy7" for lecagy
 2016-03-05 11:07:50 -05:00
Franz Pletz
d4ece75fd6 haskellPackages.epanet-haskell: Turn format hardening off 2016-03-05 16:53:38 +01:00
Nikolay Amiantov
0865d19ccd haskellPackages.Agda: use older unordered-containers to fix build 
Fixes #13594.
 2016-03-05 17:58:48 +03:00
joachifm
60046c64b4 Merge pull request #13687 from 4z3/master 
exim: 4.86 -> 4.86.2
 2016-03-05 13:38:45 +00:00
joachifm
932b47ff52 Merge pull request #12752 from simonvandel/hunspellWithDicts 
Hunspell: add wrapper to include dictionaries
 2016-03-05 13:26:43 +00:00
joachifm
02327d3a44 Merge pull request #13431 from igsha/i3pystatus 
i3pystatus: 3.33 -> 3.34
 2016-03-05 13:12:10 +00:00
Christoph Hrdinka
c5f4000040 Merge pull request #13539 from leenaars/orthorobot 
orthorobot: init at 1.0
 2016-03-05 13:42:21 +01:00
joachifm
bcafef2df4 Merge pull request #13681 from matthiasbeyer/add-tasksh 
tasksh: init at 1.0.0
 2016-03-05 12:11:40 +00:00
joachifm
5eb0613634 Merge pull request #13678 from therealpxc/ds4drv 
ds4drv: init at 0.5.0
 2016-03-05 12:11:28 +00:00
Michiel Leenaars
390effeb6e orthorobot: init at unversioned 2016-03-05 12:59:37 +01:00
Tuomas Tynkkynen
8b8369373b Merge pull request #13683 from aneeshusa/use-yacc-to-generate-as31-parser 
as31: use yacc to generate parser.c file
 2016-03-05 13:03:07 +02:00
Tuomas Tynkkynen
676019bd85 utillinux: Restore utillinuxCurses alias 
This got removed by eead3bc536. Reintroduce the alias to avoid
breaking users' configurations.
 2016-03-05 12:34:26 +02:00
tv
fdf22fb5bb exim: 4.86 -> 4.86.2 2016-03-05 11:26:33 +01:00
Nikolay Amiantov
9e9a2f1096 unrar: 5.3.9 -> 5.3.11 
Also build shared library.
 2016-03-05 09:34:33 +03:00
Aneesh Agrawal
3b5ff2761c as31: use yacc to generate parser.c file 
The source includes a generated parser.c file which is out of date and
causes errors on x86_64 in certain cases. Delete this file so that make
will use yacc to generate a correct parser.c file.

Change taken from comments at https://aur.archlinux.org/packages/as31/.
 2016-03-04 21:54:24 -05:00
Benjamin Staffin
560c3bb9a9 Merge pull request #13578 from Baughn/prometheus 
Prometheus: Misc updates
 2016-03-04 18:25:33 -08:00
aszlig
c3d82f0fbf
chromium/updater: Fix eval error on stdenv.is32bit 
There is no stdenv.is32bit, so let's just use !stdenv.is64bit.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2016-03-05 03:16:26 +01:00
aszlig
8d5accb691
chromium/updater: Fix getting latest versions 
Comparing the current version with the version in sources list and
accidentally swapping the version arguments isn't going to get very far
because every new version that will come up will then be treated as "we
already have that version".

So we're now using versionOlder and also a check whether the version is
the *same* as the one in sources.nix.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2016-03-05 02:55:00 +01:00
Patrick Callahan
9c10e2933a ds4drv: init at 0.5.0 2016-03-04 17:59:38 -07:00
Svein Ove Aas
c1fb541421 prometheus-node-exporter: Bump to 0.11.0 2016-03-04 23:10:53 +00:00
Svein Ove Aas
9ccb248e49 prometheus-alertmanager: Bump to 0.1.0 2016-03-04 23:10:45 +00:00
Svein Ove Aas
36fbab1374 prometheus: Bump to 0.17.0 2016-03-04 23:04:05 +00:00
joachifm
b0f70e2ebb Merge pull request #10863 from aboseley/spice-vdagent 
spice-vdagentd service : init at version 0.16.0
 2016-03-04 22:14:22 +00:00
Peter Simons
288d01fe2b stellarium: update to 0.14.2 
This patch also fixes https://github.com/NixOS/nixpkgs/issues/13582.
 2016-03-04 23:05:48 +01:00
Adam Boseley
5b83791207 spice-vdagentd service : initial at 0.16.0 2016-03-05 07:56:47 +10:00
Peter Simons
798a14d22c haskell-generic-stack-builder: strip trailing whitespace 2016-03-04 22:18:08 +01:00
Peter Simons
86d0a9c420 haskell.lib: fix use of callPackage 2016-03-04 22:17:53 +01:00
Peter Simons
f103e0ac03 Add LTS Haskell version 5.5. 2016-03-04 22:11:25 +01:00
Peter Simons
0cf589e072 python-packages.nix: fix Emacs syntax highlighting (cosmetic) 2016-03-04 22:10:18 +01:00
Frederik Rietdijk
f355b39943 Merge pull request #13616 from kevinmarsh/master 
Django: minor security update (to 1.9.3 and 1.8.10)
 2016-03-04 16:00:02 -05:00
Matthias Beyer
abea96a28d tasksh: init at 1.0.0 2016-03-04 21:59:01 +01:00
Peter Simons
ad3221c98b Merge pull request #11687 from mboes/stack-env-support 
Add library function for building Stack projects.
 2016-03-04 21:51:42 +01:00
Mathieu Boespflug
7fedb7c992 Move buildStackProject to haskell.lib. 2016-03-04 21:24:42 +01:00