b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge staging-next into staging

Browse source
This commit is contained in:
github-actions[bot] 2023-07-28 18:01:52 +00:00 committed by GitHub
parent 70b2728636 3460ec6a31
commit 039200b6c4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
38 changed files with 289 additions and 205 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.github/PULL_REQUEST_TEMPLATE.md vendored
View file

@ -1,11 +1,11 @@
###### Description of changes
## Description of changes
<!--
For package updates please link to a changelog or describe changes, this helps your fellow maintainers discover breaking updates.
For new packages please briefly describe the package or provide a link to its homepage.
-->
###### Things done
## Things done
<!-- Please check what applies. Note that these are not hard requirements but merely serve as information for reviewers. -->

7
nixos/modules/services/networking/hostapd.nix
View file

@ -921,9 +921,7 @@ in {
};
config = let
bss = bssSubmod.name;
bssCfg = bssSubmod.config;
pairwiseCiphers =
concatStringsSep " " (unique (bssCfg.authentication.pairwiseCiphers
++ optionals bssCfg.authentication.enableRecommendedPairwiseCiphers ["CCMP" "CCMP-256" "GCMP" "GCMP-256"]));
@ -964,9 +962,9 @@ in {
} // optionalAttrs (bssCfg.bssid != null) {
bssid = bssCfg.bssid;
} // optionalAttrs (bssCfg.macAllow != [] || bssCfg.macAllowFile != null || bssCfg.authentication.saeAddToMacAllow) {
accept_mac_file = "/run/hostapd/${bss}.mac.allow";
accept_mac_file = "/run/hostapd/${bssCfg._module.args.name}.mac.allow";
} // optionalAttrs (bssCfg.macDeny != [] || bssCfg.macDenyFile != null) {
deny_mac_file = "/run/hostapd/${bss}.mac.deny";
deny_mac_file = "/run/hostapd/${bssCfg._module.args.name}.mac.deny";
} // optionalAttrs (bssCfg.authentication.mode == "none") {
wpa = mkDefault 0;
} // optionalAttrs (bssCfg.authentication.mode == "wpa3-sae") {
@ -1051,7 +1049,6 @@ in {
};
config.settings = let
radio = radioSubmod.name;
radioCfg = radioSubmod.config;
in {
driver = radioCfg.driver;

10
nixos/modules/services/wayland/cage.nix
View file

@ -23,6 +23,15 @@ in {
example = ["-d"];
};
options.services.cage.environment = mkOption {
type = types.attrsOf types.str;
default = {};
example = {
WLR_LIBINPUT_NO_DEVICES = "1";
};
description = lib.mdDoc "Additional environment variables to pass to Cage.";
};
options.services.cage.program = mkOption {
type = types.path;
default = "${pkgs.xterm}/bin/xterm";
@ -79,6 +88,7 @@ in {
# Set up a full (custom) user session for the user, required by Cage.
PAMName = "cage";
};
environment = cfg.environment;
};
security.polkit.enable = true;

4
nixos/modules/services/web-servers/nginx/default.nix
View file

@ -362,7 +362,9 @@ let
redirectListen = filter (x: !x.ssl) defaultListen;
acmeLocation = optionalString (vhost.enableACME || vhost.useACMEHost != null) ''
# The acme-challenge location doesn't need to be added if we are not using any automated
# certificate provisioning and can also be omitted when we use a certificate obtained via a DNS-01 challenge
acmeLocation = optionalString (vhost.enableACME || (vhost.useACMEHost != null && config.security.acme.certs.${vhost.useACMEHost}.dnsProvider == null)) ''
# Rule for legitimate ACME Challenge requests (like /.well-known/acme-challenge/xxxxxxxxx)
# We use ^~ here, so that we don't check any regexes (which could
# otherwise easily override this intended match accidentally).

5
nixos/modules/system/boot/loader/grub/grub.nix
View file

@ -40,7 +40,10 @@ let
backgroundColor = f cfg.backgroundColor;
entryOptions = f cfg.entryOptions;
subEntryOptions = f cfg.subEntryOptions;
grub = f grub;
# PC platforms (like x86_64-linux) have a non-EFI target (`grubTarget`), but other platforms
# (like aarch64-linux) have an undefined `grubTarget`. Avoid providing the path to a non-EFI
# GRUB on those platforms.
grub = f (if (grub.grubTarget or "") != "" then grub else "");
grubTarget = f (grub.grubTarget or "");
shell = "${pkgs.runtimeShell}";
fullName = lib.getName realGrub;

27
nixos/tests/gitea.nix
View file

@ -37,9 +37,25 @@ let
package = giteaPackage;
settings.service.DISABLE_REGISTRATION = true;
settings."repository.signing".SIGNING_KEY = signingPrivateKeyId;
settings.actions.ENABLED = true;
};
environment.systemPackages = [ giteaPackage pkgs.gnupg pkgs.jq ];
services.openssh.enable = true;
specialisation.runner = {
inheritParentConfig = true;
configuration.services.gitea-actions-runner.instances."test" = {
enable = true;
name = "ci";
url = "http://localhost:3000";
labels = [
# don't require docker/podman
"native:host"
];
tokenFile = "/var/lib/gitea/runner_token";
};
};
};
client1 = { config, pkgs, ... }: {
environment.systemPackages = [ pkgs.git ];
@ -49,8 +65,9 @@ let
};
};
testScript = let
testScript = { nodes, ... }: let
inherit (import ./ssh-keys.nix pkgs) snakeOilPrivateKey snakeOilPublicKey;
serverSystem = nodes.server.system.build.toplevel;
in ''
GIT_SSH_COMMAND = "ssh -i $HOME/.ssh/privk -o StrictHostKeyChecking=no"
REPO = "gitea@server:test/repo"
@ -125,6 +142,14 @@ let
'test "$(curl http://localhost:3000/api/v1/repos/test/repo/commits '
+ '-H "Accept: application/json" | jq length)" = "1"'
)
with subtest("Testing runner registration"):
server.succeed(
"su -l gitea -c 'GITEA_WORK_DIR=/var/lib/gitea gitea actions generate-runner-token' | sed 's/^/TOKEN=/' | tee /var/lib/gitea/runner_token"
)
server.succeed("${serverSystem}/specialisation/runner/bin/switch-to-configuration test")
server.wait_for_unit("gitea-runner-test.service")
server.succeed("journalctl -o cat -u gitea-runner-test.service | grep -q 'Runner registered successfully'")
'';
});
in

4
nixos/tests/jenkins.nix
View file

@ -73,8 +73,8 @@ import ./make-test-python.nix ({ pkgs, ...} : {
testScript = { nodes, ... }:
let
configWithoutJobs = "${nodes.master.config.system.build.toplevel}/specialisation/noJenkinsJobs";
jenkinsPort = nodes.master.config.services.jenkins.port;
configWithoutJobs = "${nodes.master.system.build.toplevel}/specialisation/noJenkinsJobs";
jenkinsPort = nodes.master.services.jenkins.port;
jenkinsUrl = "http://localhost:${toString jenkinsPort}";
in ''
start_all()

1
nixos/tests/kernel-generic.nix
View file

@ -31,7 +31,6 @@ let
linux_5_10_hardened
linux_5_15_hardened
linux_6_1_hardened
linux_6_3_hardened
linux_6_4_hardened
linux_rt_5_4
linux_rt_5_10

1
nixos/tests/wpa_supplicant.nix
View file

@ -34,6 +34,7 @@ import ./make-test-python.nix ({ pkgs, lib, ...}:
ssid = "nixos-test-mixed";
authentication = {
mode = "wpa3-sae-transition";
saeAddToMacAllow = true;
saePasswordsFile = pkgs.writeText "password" "reproducibility";
wpaPasswordFile = pkgs.writeText "password" "reproducibility";
};

4
pkgs/applications/audio/bitwig-studio/bitwig-studio5.nix
View file

@ -27,11 +27,11 @@
stdenv.mkDerivation rec {
pname = "bitwig-studio";
version = "5.0";
version = "5.0.4";
src = fetchurl {
url = "https://downloads.bitwig.com/stable/${version}/${pname}-${version}.deb";
sha256 = "sha256-0/S/aNoQA1nAdnr8nUWVLwzrDm+MHqmGIIjPW5YIr7s=";
sha256 = "sha256-IkhUkKO+Ay1WceZNekII6aHLOmgcgGfx0hGo5ldFE5Y=";
};
nativeBuildInputs = [ dpkg makeWrapper wrapGAppsHook ];

8
pkgs/applications/networking/cluster/k3s/1_27/versions.nix
View file

@ -1,8 +1,8 @@
{
k3sVersion = "1.27.3+k3s1";
k3sCommit = "fe9604cac119216e67f8bd5f14eb5608e3bcd3cf";
k3sRepoSha256 = "09j940fcyg34ip04jjiwh5sv2l802jgvkpvlbnz4g6hdi7gipd8g";
k3sVendorSha256 = "sha256-kodrl6fEsKPkxpOCfwzEONU2zhCHwg/xdyd+ajP26jc=";
k3sVersion = "1.27.4+k3s1";
k3sCommit = "36645e7311e9bdbbf2adb79ecd8bd68556bc86f6";
k3sRepoSha256 = "0nvh66c4c01kcz63vk2arh0cd9kcss7c83r92ds6f15x1fxv1w3z";
k3sVendorSha256 = "sha256-azHl2jv/ioI7FVWpgtp7a1dmO9Dlr4CnRmGCIh5Biyg=";
chartVersions = import ./chart-versions.nix;
k3sRootVersion = "0.12.2";
k3sRootSha256 = "1gjynvr350qni5mskgm7pcc7alss4gms4jmkiv453vs8mmma9c9k";

59
pkgs/applications/networking/instant-messengers/telegram/telegram-cli/default.nix
View file

@ -1,59 +0,0 @@
{ stdenv, fetchFromGitHub, fetchpatch, jansson, lib, libconfig, libevent, libgcrypt, lua, lua53Packages
, makeWrapper, openssl, pkg-config, python3, readline, zlib
}:
stdenv.mkDerivation rec {
pname = "telegram-cli";
version = "20200106";
src = fetchFromGitHub {
owner = "kenorb-contrib";
repo = "tg";
rev = "refs/tags/${version}";
sha256 = "sha256-wYBPr2b8IOycO9y/CNyGjnRsyGyYl3oiXYtTzwTurVA=";
fetchSubmodules = true;
};
patches = [
# Pull patch pending upstream upstream inclusion for -fno-common toolchains:
# https://github.com/kenorb-contrib/tg/pull/61
(fetchpatch {
name = "fno-common.patch";
url = "https://github.com/kenorb-contrib/tg/commit/aad2e644fffa16066b227741d54de31bddb04ff8.patch";
sha256 = "sha256-LAa5J4BVj3QCiDSs+p2bynDroMSIqCeexQvrgaDl6OE=";
})
];
buildInputs = [
jansson
libconfig
libevent
libgcrypt
lua
lua53Packages.lgi
openssl
python3
readline
zlib
];
nativeBuildInputs = [
pkg-config
makeWrapper
];
installPhase = ''
runHook preInstall
install -Dm755 ./bin/telegram-cli $out/bin/telegram-cli-keyless
install -Dm644 ./tg-server.pub -t $out/share/telegram-cli
makeWrapper $out/bin/telegram-cli-keyless $out/bin/telegram-cli \
--add-flags "-k $out/share/telegram-cli/tg-server.pub"
runHook postInstall
'';
meta = with lib; {
description = "Command-line interface for Telegram, that uses readline interface, it's a client implementation of TGL library";
downloadPage = "https://github.com/kenorb-contrib/tg";
license = licenses.gpl2Only;
maintainers = with maintainers; [ ];
};
}

12
pkgs/applications/terminal-emulators/foot/default.nix
View file

@ -2,6 +2,7 @@
, lib
, fetchFromGitea
, fetchurl
, fetchpatch
, runCommand
, fcft
, freetype
@ -101,6 +102,17 @@ stdenv.mkDerivation rec {
hash = "sha256-YCwmPSn+XtF7HkMOFJft7j/2vr+8UE59yu/iGZ1dT8A=";
};
patches = [
# Check viewporter protocol support before using it, fixes crash under Mir
# Remove when https://codeberg.org/dnkl/foot/pulls/1445 in version > 1.15.1
(fetchpatch {
name = "0001-foot-dont-try-to-use-a-non-existing-viewporter-interface.patch";
url = "https://codeberg.org/dnkl/foot/commit/9d75c551465fa3dbb3cd20ae87d6de294fcebce1.patch";
excludes = [ "CHANGELOG.md" ];
hash = "sha256-sVfGbudsmwh7phbbobBgSXoGe1lKJ8s1UdyBnVLmLYQ=";
})
];
depsBuildBuild = [
pkg-config
];

8
pkgs/applications/virtualization/OVMF/default.nix
View file

@ -1,5 +1,7 @@
{ stdenv, nixosTests, lib, edk2, util-linux, nasm, acpica-tools, llvmPackages
, csmSupport ? false, seabios ? null
, fdSize2MB ? csmSupport
, fdSize4MB ? false
, secureBoot ? false
, httpSupport ? false
, tpmSupport ? false
@ -49,7 +51,9 @@ edk2.mkDerivation projectDscPath (finalAttrs: {
++ lib.optionals debug [ "-D DEBUG_ON_SERIAL_PORT=TRUE" ]
++ lib.optionals sourceDebug [ "-D SOURCE_DEBUG_ENABLE=TRUE" ]
++ lib.optionals secureBoot [ "-D SECURE_BOOT_ENABLE=TRUE" ]
++ lib.optionals csmSupport [ "-D CSM_ENABLE" "-D FD_SIZE_2MB" ]
++ lib.optionals csmSupport [ "-D CSM_ENABLE" ]
++ lib.optionals fdSize2MB ["-D FD_SIZE_2MB"]
++ lib.optionals fdSize4MB ["-D FD_SIZE_4MB"]
++ lib.optionals httpSupport [ "-D NETWORK_HTTP_ENABLE=TRUE" "-D NETWORK_HTTP_BOOT_ENABLE=TRUE" ]
++ lib.optionals tlsSupport [ "-D NETWORK_TLS_ENABLE=TRUE" ]
++ lib.optionals tpmSupport [ "-D TPM_ENABLE" "-D TPM2_ENABLE" "-D TPM2_CONFIG_ENABLE"];
@ -100,6 +104,6 @@ edk2.mkDerivation projectDscPath (finalAttrs: {
homepage = "https://github.com/tianocore/tianocore.github.io/wiki/OVMF";
license = lib.licenses.bsd2;
inherit (edk2.meta) platforms;
maintainers = [ lib.maintainers.raitobezarius ];
maintainers = with lib.maintainers; [ adamcstephens raitobezarius ];
};
})

6
pkgs/development/libraries/freetype/default.nix
View file

@ -61,10 +61,12 @@ stdenv.mkDerivation (finalAttrs: {
doCheck = true;
postInstall = glib.flattenInclude + ''
postInstall = glib.flattenInclude
# pkgsCross.mingwW64.pkg-config doesn't build
# makeWrapper doesn't cross-compile to windows #120726
+ lib.optionalString (!stdenv.hostPlatform.isMinGW) ''
substituteInPlace $dev/bin/freetype-config \
--replace ${buildPackages.pkg-config} ${pkgsHostHost.pkg-config}
'' + lib.optionalString (!stdenv.hostPlatform.isWindows) ''
wrapProgram "$dev/bin/freetype-config" \
--set PKG_CONFIG_PATH "$PKG_CONFIG_PATH:$dev/lib/pkgconfig"

66
pkgs/development/libraries/hnswlib/default.nix Normal file
View file

@ -0,0 +1,66 @@
{ lib
, stdenv
, fetchFromGitHub
, cmake
, python3
}:
let
python = python3.withPackages(ps: with ps; [
numpy
]);
in
stdenv.mkDerivation (finalAttrs: {
pname = "hnswlib";
version = "0.7.0";
src = fetchFromGitHub {
owner = "nmslib";
repo = "hnswlib";
rev = "refs/tags/v${finalAttrs.version}";
hash = "sha256-XXz0NIQ5dCGwcX2HtbK5NFTalP0TjLO6ll6TmH3oflI=";
};
# this is a header-only library, so we don't need to build it
# we need `cmake` only to run tests
nativeBuildInputs = lib.optionals finalAttrs.doCheck [
cmake
python
];
# we only want to run buildPhase when we run tests
dontBuild = !finalAttrs.doCheck;
installPhase = ''
runHook preInstall
install -Dm644 $src/hnswlib/*.h -t $out/include/hnswlib
runHook postInstall
'';
doCheck = true;
preCheck = ''
pushd ../tests/cpp
${python.interpreter} update_gen_data.py
popd
'';
checkPhase = ''
runHook preCheck
./test_updates
runHook postCheck
'';
meta = with lib; {
description = "Header-only C++/python library for fast approximate nearest neighbors";
homepage = "https://github.com/nmslib/hnswlib";
changelog = "https://github.com/nmslib/hnswlib/releases/tag/${finalAttrs.src.rev}";
license = licenses.asl20;
maintainers = with maintainers; [ natsukium ];
platforms = platforms.unix;
};
})

4
pkgs/development/tools/continuous-integration/jenkins/default.nix
View file

@ -4,11 +4,11 @@
stdenv.mkDerivation rec {
pname = "jenkins";
version = "2.401.2";
version = "2.401.3";
src = fetchurl {
url = "https://get.jenkins.io/war-stable/${version}/jenkins.war";
hash = "sha256-hr2OCytRB1yZsA1DYDwoWEQL8BHs0Imlx5HQyWTUBoI=";
hash = "sha256-p5igxUgaj/sDINkSH2z0ncV1w2kCjarhek3TmLaeAA0=";
};
nativeBuildInputs = [ makeWrapper ];

4
pkgs/development/tools/continuous-integration/woodpecker/common.nix
View file

@ -1,7 +1,7 @@
{ lib, fetchFromGitHub }:
let
version = "0.15.8";
srcHash = "sha256-7CTRx7I47VEKfPvkWhmpyHV3hkeLyHymFMrkyYQ1wl8=";
version = "0.15.11";
srcHash = "sha256-iDcEkaR1ZvH7Q68sxbwOiP1WKbkiDhCOtkuipbjXHKM=";
yarnHash = "sha256-PY0BIBbjyi2DG+n5x/IPc0AwrFSwII4huMDU+FeZ/Sc=";
in
{

2
pkgs/games/steam/fhsenv.nix
View file

@ -140,6 +140,7 @@ in buildFHSEnv rec {
# SteamVR
udev
dbus
# Other things from runtime
glib
@ -199,7 +200,6 @@ in buildFHSEnv rec {
# screeps dependencies
gtk3
dbus
zlib
atk
cairo

10
pkgs/os-specific/linux/kernel/hardened/patches.json
View file

@ -59,16 +59,6 @@
"sha256": "1f45j3ch1ljbacjlg8q45iva9lvwys938rdg0s516mznzlifxpac",
"version": "6.1.39"
},
"6.3": {
"patch": {
"extra": "-hardened1",
"name": "linux-hardened-6.3.13-hardened1.patch",
"sha256": "1iy95awbkrdk5529w9s07axb21l2snab4kifbzjghhz9vwzx22rp",
"url": "https://github.com/anthraxx/linux-hardened/releases/download/6.3.13-hardened1/linux-hardened-6.3.13-hardened1.patch"
},
"sha256": "1ywijjhf19bciip75ppzjjh7bkadd449jr64yg2j5049w9h0aipa",
"version": "6.3.13"
},
"6.4": {
"patch": {
"extra": "-hardened1",

18
pkgs/os-specific/linux/kernel/linux-6.3.nix
View file

@ -1,18 +0,0 @@
{ lib, fetchurl, buildLinux, ... } @ args:
with lib;
buildLinux (args // rec {
version = "6.3.13";
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = versions.pad 3 version;
# branchVersion needs to be x.y
extraMeta.branch = versions.majorMinor version;
src = fetchurl {
url = "mirror://kernel/linux/kernel/v6.x/linux-${version}.tar.xz";
sha256 = "1ywijjhf19bciip75ppzjjh7bkadd449jr64yg2j5049w9h0aipa";
};
} // (args.argsOverride or { }))

5
pkgs/os-specific/linux/zfs/stable.nix
View file

@ -15,10 +15,7 @@ callPackage ./generic.nix args {
if stdenv'.isx86_64 || removeLinuxDRM
then kernel.kernelOlder "6.4"
else kernel.kernelOlder "6.2";
latestCompatibleLinuxPackages = if stdenv'.isx86_64 || removeLinuxDRM then
linuxKernel.packages.linux_6_3
else
linuxKernel.packages.linux_6_1;
latestCompatibleLinuxPackages = linuxKernel.packages.linux_6_1;
# this package should point to the latest release.
version = "2.1.12";

8
pkgs/os-specific/linux/zfs/unstable.nix
View file

@ -11,17 +11,11 @@ let
in
callPackage ./generic.nix args {
# check the release notes for compatible kernels
# NOTE:
# zfs-2.1.9<=x<=2.1.10 is broken with aarch64-linux-6.2
# for future releases, please delete this condition.
kernelCompatible = if stdenv'.isx86_64 || removeLinuxDRM
then kernel.kernelOlder "6.4"
else kernel.kernelOlder "6.2";
latestCompatibleLinuxPackages = if stdenv'.isx86_64 || removeLinuxDRM then
linuxKernel.packages.linux_6_3
else
linuxKernel.packages.linux_6_1;
latestCompatibleLinuxPackages = linuxKernel.packages.linux_6_1;
# this package should point to a version / git revision compatible with the latest kernel release
# IMPORTANT: Always use a tagged release candidate or commits from the

4
pkgs/servers/sql/mysql/8.0.x.nix
View file

@ -6,11 +6,11 @@
let
self = stdenv.mkDerivation rec {
pname = "mysql";
version = "8.0.33";
version = "8.0.34";
src = fetchurl {
url = "https://dev.mysql.com/get/Downloads/MySQL-${self.mysqlVersion}/${pname}-${version}.tar.gz";
hash = "sha256-liAC9dkG9C9AsnejnS25OTEkjB8H/49DEsKI5jgD3RI=";
hash = "sha256-5l0Do8QmGLX7+ZBCrtMyCUAumyeqYsfIdD/9R4jY2x0=";
};
nativeBuildInputs = [ bison cmake pkg-config ]

57
pkgs/tools/admin/ibmcloud-cli/default.nix Normal file
View file

@ -0,0 +1,57 @@
{ lib
, stdenv
, fetchurl
, installShellFiles
}:
let
arch = with stdenv.hostPlatform; if isx86_64 then "amd64"
else if isAarch64 then "arm64"
else if isi686 then "386"
else if isPower64 && isLittleEndian then "ppc64le"
else if isS390x then "s390x"
else throw "Unsupported arch: ${stdenv.hostPlatform.system}";
platform = if stdenv.hostPlatform.isDarwin && stdenv.hostPlatform.isAarch64 then "macos_arm64"
else if stdenv.hostPlatform.isDarwin then "macos"
else "linux_${arch}";
in
stdenv.mkDerivation (finalAttrs: {
pname = "ibmcloud-cli";
version = "2.17.0";
src = fetchurl {
url = "https://download.clis.cloud.ibm.com/ibm-cloud-cli/${finalAttrs.version}/binaries/IBM_Cloud_CLI_${finalAttrs.version}_${platform}.tgz";
sha256 = {
"x86_64-darwin" = "18f0dylgwwn9p1jmchqhq061s435n85qr2872i532whbrziwwjf3";
"aarch64-darwin" = "1rid6rv601z4ayd3yi5srqbfn5bspypxarikvm563ygxawh1bxyi";
"x86_64-linux" = "0ry8ix5id2zk04w9d9581g127f9jpj7bwg3x0pk3n9yfwn61g96d";
"aarch64-linux" = "0s5jaqhyl234670q1mg89in2g5b9w3gzvnzl8qmlmgqkaxvzxj94";
"i686-linux" = "0iw8y7iy9yx7y8v8b2wfl24f2rv9r20yj7l4sislxspfyvqv54p2";
"powerpc64le-linux" = "19ac0na163l9h7ygbf3jwwv7zf0wagqvn6kcdh871c690i86wg9z";
"s390x-linux" = "1zvy28jpxijzgdbr9q4rfyx6mk295mqp4nk8z299nm9ryk4q81lv";
}.${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}");
};
nativeBuildInputs = [ installShellFiles ];
installPhase = ''
runHook preInstall
install -D ibmcloud $out/bin/ibmcloud
mkdir -p $out/share/ibmcloud
cp CF_CLI_Notices.txt CF_CLI_SLC_Notices.txt LICENSE NOTICE $out/share/ibmcloud
export HOME=$(mktemp -d)
installShellCompletion --cmd ibmcloud --bash <($out/bin/ibmcloud --generate-bash-completion)
runHook postInstall
'';
meta = with lib; {
description = "Command line client for IBM Cloud";
homepage = "https://cloud.ibm.com/docs/cli";
license = licenses.asl20;
maintainers = with maintainers; [ emilytrau ];
platforms = [ "x86_64-linux" "aarch64-linux" "i686-linux" "powerpc64le-linux" "s390x-linux" ] ++ platforms.darwin;
sourceProvenance = with sourceTypes; [ binaryNativeCode ];
mainProgram = "ibmcloud";
};
})

12
pkgs/tools/admin/pgadmin/default.nix
View file

@ -14,14 +14,14 @@
let
pname = "pgadmin";
version = "7.4";
version = "7.5";
yarnSha256 = "sha256-rEKMUZksmR2jPwtXy6drNwAJktK/3Dee6EZVFHPngWs=";
src = fetchFromGitHub {
owner = "pgadmin-org";
repo = "pgadmin4";
rev = "REL-${lib.versions.major version}_${lib.versions.minor version}";
hash = "sha256-ksvSDySutTB9QX0Gh9jBjGlDyG/vEMhgadu91iNvznw=";
hash = "sha256-o8jPqp4jLF/lZ0frCzPDCSxCy51Nt0mbdeNB44ZwNHI=";
};
# keep the scope, as it is used throughout the derivation and tests
@ -63,9 +63,13 @@ pythonPackages.buildPythonApplication rec {
# relax dependencies
sed 's|==|>=|g' -i requirements.txt
#TODO: Can be removed once cryptography>=40 has been merged to master
#TODO: Can be removed once boto3>=1.28.0 and cryptography>=41 has been merged to master
substituteInPlace requirements.txt \
--replace "cryptography>=40.0.*" "cryptography>=39.0.*"
--replace "boto3>=1.28.*" "boto3>=1.26.*"
substituteInPlace requirements.txt \
--replace "botocore>=1.31.*" "botocore>=1.29.*"
substituteInPlace requirements.txt \
--replace "cryptography>=41.0.*" "cryptography>=40.0.*"
# fix extra_require error with "*" in match
sed 's|*|0|g' -i requirements.txt
substituteInPlace pkg/pip/setup_pip.py \

4
pkgs/tools/filesystems/xfsprogs/default.nix
View file

@ -5,11 +5,11 @@
stdenv.mkDerivation rec {
pname = "xfsprogs";
version = "6.3.0";
version = "6.4.0";
src = fetchurl {
url = "mirror://kernel/linux/utils/fs/xfs/xfsprogs/${pname}-${version}.tar.xz";
hash = "sha256-7Jh8nwvLLbKZG/+4DTUxULOJw6K3m2gwQR9wQq32mQw=";
hash = "sha256-wxhoQYv79Jo6nEf8cM3/3p2W9P8AUb0EoIgeZlRkgQQ=";
};
outputs = [ "bin" "dev" "out" "doc" ];

4
pkgs/tools/misc/memtest86+/default.nix
View file

@ -2,13 +2,13 @@
stdenv.mkDerivation (finalAttrs: {
pname = "memtest86+";
version = "6.10";
version = "6.20";
src = fetchFromGitHub {
owner = "memtest86plus";
repo = "memtest86plus";
rev = "v${finalAttrs.version}";
hash = "sha256-f40blxh/On/mC4m+eLNeWzdYzYoYpFOSBndVnREx68U=";
hash = "sha256-JzQJrAnPsa3GKNdy1PidOAZk7IQvRBi/YtmK2O9rWfM=";
};
# Binaries are booted directly by BIOS/UEFI or bootloader

4
pkgs/tools/networking/aria2/default.nix
View file

@ -1,5 +1,5 @@
{ lib, stdenv, fetchFromGitHub, pkg-config, autoreconfHook
, openssl, c-ares, libxml2, sqlite, zlib, libssh2
, gnutls, c-ares, libxml2, sqlite, zlib, libssh2
, cppunit, sphinx
, Security
}:
@ -18,7 +18,7 @@ stdenv.mkDerivation rec {
strictDeps = true;
nativeBuildInputs = [ pkg-config autoreconfHook sphinx ];
buildInputs = [ openssl c-ares libxml2 sqlite zlib libssh2 ] ++
buildInputs = [ gnutls c-ares libxml2 sqlite zlib libssh2 ] ++
lib.optional stdenv.isDarwin Security;
outputs = [ "bin" "dev" "out" "doc" "man" ];

6
pkgs/tools/security/cnspec/default.nix
View file

@ -5,17 +5,17 @@
buildGoModule rec {
pname = "cnspec";
version = "8.19.0";
version = "8.20.0";
src = fetchFromGitHub {
owner = "mondoohq";
repo = "cnspec";
rev = "refs/tags/v${version}";
hash = "sha256-0vRhEkkyZMcqA5CGq1oDnODCTSzstpkVOGv2WrPnuWY=";
hash = "sha256-VPXxeI4dO6bHUagS38l7358sXW3ot/v/j9MUrD/akNg=";
};
proxyVendor = true;
vendorHash = "sha256-UH46ejn6SfXjkyKaM3mX4IYgyNbt2mp9ycl2M+3xvU0=";
vendorHash = "sha256-LH9ts/hD16rF9VBJIfwTAQXq9MMAiBKBR3ulKGNrlow=";
subPackages = [
"apps/cnspec"

4
pkgs/tools/security/pynitrokey/default.nix
View file

@ -10,12 +10,12 @@ with python3Packages;
buildPythonApplication rec {
pname = "pynitrokey";
version = "0.4.38";
version = "0.4.39";
format = "flit";
src = fetchPypi {
inherit pname version;
hash = "sha256-8TMDbkRyTkzULrBeO0SL/WXB240LD/iZLigE/zPum2A=";
hash = "sha256-KXYHeWwV9Tw1ZpO/vASHjDnceeb+1K0yIUohb7EcRAI=";
};
propagatedBuildInputs = [

38
pkgs/tools/security/ronin/Gemfile.lock
View file

@ -1,12 +1,12 @@
GEM
remote: https://rubygems.org/
specs:
activemodel (7.0.5.1)
activesupport (= 7.0.5.1)
activerecord (7.0.5.1)
activemodel (= 7.0.5.1)
activesupport (= 7.0.5.1)
activesupport (7.0.5.1)
activemodel (7.0.6)
activesupport (= 7.0.6)
activerecord (7.0.6)
activemodel (= 7.0.6)
activesupport (= 7.0.6)
activesupport (7.0.6)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 1.6, < 2)
minitest (>= 5.1)
@ -26,7 +26,7 @@ GEM
command_mapper (0.3.1)
concurrent-ruby (1.2.2)
connection_pool (2.4.1)
console (1.17.2)
console (1.18.0)
fiber-annotation
fiber-local
date (3.3.3)
@ -42,8 +42,8 @@ GEM
concurrent-ruby (~> 1.0)
io-console (0.6.0)
io-event (1.2.2)
irb (1.7.0)
reline (>= 0.3.0)
irb (1.7.4)
reline (>= 0.3.6)
mechanize (2.9.1)
addressable (~> 2.8)
domain_name (~> 0.5, >= 0.5.20190701)
@ -58,7 +58,7 @@ GEM
mime-types (3.4.1)
mime-types-data (~> 3.2015)
mime-types-data (3.2023.0218.1)
mini_portile2 (2.8.2)
mini_portile2 (2.8.4)
minitest (5.18.1)
mustermann (3.0.0)
ruby2_keywords (~> 0.0.1)
@ -77,7 +77,7 @@ GEM
timeout
net-smtp (0.3.3)
net-protocol
nokogiri (1.15.2)
nokogiri (1.15.3)
mini_portile2 (~> 2.8.2)
racc (~> 1.4)
nokogiri-diff (0.2.0)
@ -86,7 +86,7 @@ GEM
nokogiri-ext (0.1.0)
nokogiri (~> 1.0)
open_namespace (0.4.1)
public_suffix (5.0.1)
public_suffix (5.0.3)
racc (1.7.1)
rack (2.2.7)
rack-protection (3.0.6)
@ -94,14 +94,14 @@ GEM
rack-user_agent (0.5.3)
rack (>= 1.5)
woothee (>= 1.0.0)
reline (0.3.5)
reline (0.3.6)
io-console (~> 0.5)
ronin (2.0.3)
ronin (2.0.4)
async-io (~> 1.0)
open_namespace (~> 0.4)
ronin-code-asm (~> 1.0)
ronin-code-sql (~> 2.0)
ronin-core (~> 0.1, >= 0.1.1)
ronin-core (~> 0.1, >= 0.1.2)
ronin-db (~> 0.1)
ronin-exploits (~> 1.0, >= 1.0.1)
ronin-fuzzer (~> 0.1)
@ -111,12 +111,12 @@ GEM
ronin-vulns (~> 0.1, >= 0.1.2)
ronin-web (~> 1.0, >= 1.0.1)
rouge (~> 3.0)
wordlist (~> 1.0)
wordlist (~> 1.0, >= 1.0.2)
ronin-code-asm (1.0.0)
ruby-yasm (~> 0.3)
ronin-code-sql (2.1.0)
ronin-support (~> 1.0)
ronin-core (0.1.1)
ronin-core (0.1.2)
command_kit (~> 0.4)
irb (~> 1.0)
reline (~> 0.1)
@ -159,7 +159,7 @@ GEM
combinatorics (~> 0.4)
hexdump (~> 1.0)
uri-query_params (~> 0.8)
ronin-vulns (0.1.2)
ronin-vulns (0.1.3)
ronin-core (~> 0.1)
ronin-support (~> 1.0, >= 1.0.1)
ronin-web (1.0.2)
@ -212,7 +212,7 @@ GEM
webrick (1.8.1)
webrobots (0.1.2)
woothee (1.13.0)
wordlist (1.0.0)
wordlist (1.0.2)
PLATFORMS
ruby

5
pkgs/tools/security/ronin/default.nix
View file

@ -15,6 +15,11 @@ bundlerEnv {
};
};
postBuild = ''
shopt -s extglob
rm $out/bin/!(ronin*)
'';
passthru.updateScript = bundlerUpdateScript "ronin";
meta = with lib; {

52
pkgs/tools/security/ronin/gemset.nix
View file

@ -5,10 +5,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "12f89hxs4s26ggsg4bnz9qxlcsclcgx9gdsl8dni5jc0gk47h14y";
sha256 = "072iv0d3vpbp0xijg4jj99sjil1rykmqfj9addxj76bm5mbzwcaj";
type = "gem";
};
version = "7.0.5.1";
version = "7.0.6";
};
activerecord = {
dependencies = ["activemodel" "activesupport"];
@ -16,10 +16,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1sfdq2slmsc0ygncl36dq1lmjww1y3b42izrnn62cyisiag28796";
sha256 = "1l0rn43bhyzlfa4wwcfz016vb4lkzvl0jf5zibkjy4sppxxixzrq";
type = "gem";
};
version = "7.0.5.1";
version = "7.0.6";
};
activesupport = {
dependencies = ["concurrent-ruby" "i18n" "minitest" "tzinfo"];
@ -27,10 +27,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0m1sa6djlm9cz6mz3lcbqqahvm6qj75dmq3phpn2ysyxnlz2hr0c";
sha256 = "1cjsf26656996hv48wgv2mkwxf0fy1qc68ikgzq7mzfq2mmvmayk";
type = "gem";
};
version = "7.0.5.1";
version = "7.0.6";
};
addressable = {
dependencies = ["public_suffix"];
@ -131,10 +131,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1kxcxm3ynrsv6d60r2pzbw6rzdbg506hn3536pflaf747c5y2db7";
sha256 = "133csy1c80wh144hzr0pwcwg7i553pqn2byzsdw6kq5s0kg0pg8m";
type = "gem";
};
version = "1.17.2";
version = "1.18.0";
};
date = {
groups = ["default"];
@ -245,10 +245,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0z7ksjik7phf6ygshg9bp6ldd38dfgxmgr73yipkpqq7b426hclq";
sha256 = "158ca10kj3qqnql5g8f1g2arsnhgdl79mg74manpf8ldkwjjn3n8";
type = "gem";
};
version = "1.7.0";
version = "1.7.4";
};
mechanize = {
dependencies = ["addressable" "domain_name" "http-cookie" "mime-types" "net-http-digest_auth" "net-http-persistent" "nokogiri" "rubyntlm" "webrick" "webrobots"];
@ -287,10 +287,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0z7f38iq37h376n9xbl4gajdrnwzq284c9v1py4imw3gri2d5cj6";
sha256 = "02mj8mpd6ck5gpcnsimx5brzggw5h5mmmpq2djdypfq16wcw82qq";
type = "gem";
};
version = "2.8.2";
version = "2.8.4";
};
minitest = {
groups = ["default"];
@ -395,10 +395,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1mr2ibfk874ncv0qbdkynay738w2mfinlkhnbd5lyk5yiw5q1p10";
sha256 = "1jw8a20a9k05fpz3q24im19b97idss3179z76yn5scc5b8lk2rl7";
type = "gem";
};
version = "1.15.2";
version = "1.15.3";
};
nokogiri-diff = {
dependencies = ["nokogiri" "tdiff"];
@ -437,10 +437,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0hz0bx2qs2pwb0bwazzsah03ilpf3aai8b7lk7s35jsfzwbkjq35";
sha256 = "0n9j7mczl15r3kwqrah09cxj8hxdfawiqxa60kga2bmxl9flfz9k";
type = "gem";
};
version = "5.0.1";
version = "5.0.3";
};
racc = {
groups = ["default"];
@ -490,10 +490,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0k5rqi4b7qnwxslc54k0nnfg97842i6hmjnyy79pqyydwwcjhj0i";
sha256 = "1rgsfxm3sb9mgsxa7gks40wy4sb41w33j30y6izmih70ss34x4dh";
type = "gem";
};
version = "0.3.5";
version = "0.3.6";
};
ronin = {
dependencies = ["async-io" "open_namespace" "ronin-code-asm" "ronin-code-sql" "ronin-core" "ronin-db" "ronin-exploits" "ronin-fuzzer" "ronin-payloads" "ronin-repos" "ronin-support" "ronin-vulns" "ronin-web" "rouge" "wordlist"];
@ -501,10 +501,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0z56vz0ndakxyngivpa6zn4ja2g5lzaz51aws9778bpcai5i300x";
sha256 = "1ssh8hijpiw4m9pazr3gqqrlsk8bsjk200fp0m15lbnjv4hc713b";
type = "gem";
};
version = "2.0.3";
version = "2.0.4";
};
ronin-code-asm = {
dependencies = ["ruby-yasm"];
@ -534,10 +534,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0l2244i8im55mm3mdj88fg98avlmzjq581aazrhcaxm7qv0cl6bh";
sha256 = "1s2hndkdh4pw6xppq4jqn30fk2b26gk08yym5gavlzkcg5k17vvd";
type = "gem";
};
version = "0.1.1";
version = "0.1.2";
};
ronin-db = {
dependencies = ["ronin-core" "ronin-db-activerecord" "ronin-support" "sqlite3"];
@ -633,10 +633,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "13yyn331cj8wip99s0km17v9vcx3gpyb9v4nkcmpzhg9rq5w4x57";
sha256 = "1xw029nfxnbjs9nhnb0fgyhksismswap393zm3cnjjw46d643jl8";
type = "gem";
};
version = "0.1.2";
version = "0.1.3";
};
ronin-web = {
dependencies = ["mechanize" "nokogiri" "nokogiri-diff" "nokogiri-ext" "open_namespace" "ronin-core" "ronin-support" "ronin-web-server" "ronin-web-spider" "ronin-web-user_agents"];
@ -883,9 +883,9 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "07h4kgycf72w9gbnf95d5h9zcdcgl3gjadfajjicl2xkiffvpcmf";
sha256 = "133v1v0b8l7v7vdvyhxa2szaf1nb4hsfcqflx1avax93ah3n7ikn";
type = "gem";
};
version = "1.0.0";
version = "1.0.2";
};
}

6
pkgs/tools/security/vault/default.nix
View file

@ -6,16 +6,16 @@
buildGoModule rec {
pname = "vault";
version = "1.14.0";
version = "1.14.1";
src = fetchFromGitHub {
owner = "hashicorp";
repo = "vault";
rev = "v${version}";
sha256 = "sha256-kx60OMIw7F9osF1u6GGp/xfUXo9XUhHmsrh3gCud0iI=";
sha256 = "sha256-3/oGuK+n0NGDdRYb+c0QNbJrCD2MBQDXWUDpdGsOY2k=";
};
vendorHash = "sha256-gQ+n/UtZn07lyi48sRCulZ7R4gtwKVu1tklFwRAUIZo=";
vendorHash = "sha256-W5XsUWb3uZGX7RAQQMy67j9LM3KiEl/+XZAGDKTRwd0=";
subPackages = [ "." ];

1
pkgs/top-level/aliases.nix
View file

@ -1670,6 +1670,7 @@ mapAliases ({
tdesktop = telegram-desktop; # Added 2023-04-07
tdm = throw "tdm has been removed because nobody can figure out how to fix OpenAL integration. Use precompiled binary and `steam-run` instead";
teleconsole = throw "teleconsole is archived by upstream"; # Added 2022-04-05
telegram-cli = throw "telegram-cli was removed because it was broken and abandoned upstream"; # Added 2023-07-28
telepathy-qt = throw "telepathy-qt no longer supports Qt 4. Please use libsForQt5.telepathy instead"; # Added 2020-07-02
telepathy_farstream = throw "'telepathy_farstream' has been renamed to/replaced by 'telepathy-farstream'"; # Converted to throw 2022-02-22
telepathy_gabble = throw "'telepathy_gabble' has been renamed to/replaced by 'telepathy-gabble'"; # Converted to throw 2022-02-22

8
pkgs/top-level/all-packages.nix
View file

@ -21273,6 +21273,8 @@ with pkgs;
graphinder = callPackage ../tools/security/graphinder { };
hnswlib = callPackage ../development/libraries/hnswlib { };
httplib = callPackage ../development/libraries/httplib { };
icon-lang = callPackage ../development/interpreters/icon-lang { };
@ -27886,8 +27888,6 @@ with pkgs;
linux_5_15_hardened = linuxKernel.kernels.linux_5_15_hardened;
linuxPackages_6_1_hardened = linuxKernel.packages.linux_6_1_hardened;
linux_6_1_hardened = linuxKernel.kernels.linux_6_1_hardened;
linuxPackages_6_3_hardened = linuxKernel.packages.linux_6_3_hardened;
linux_6_3_hardened = linuxKernel.kernels.linux_6_3_hardened;
linuxPackages_6_4_hardened = linuxKernel.packages.linux_6_4_hardened;
linux_6_4_hardened = linuxKernel.kernels.linux_6_4_hardened;
@ -35351,8 +35351,6 @@ with pkgs;
tektoncd-cli = callPackage ../applications/networking/cluster/tektoncd-cli { };
telegram-cli = callPackage ../applications/networking/instant-messengers/telegram/telegram-cli { };
tg = python3Packages.callPackage ../applications/networking/instant-messengers/telegram/tg { };
telepathy-gabble = callPackage ../applications/networking/instant-messengers/telepathy/gabble { };
@ -37479,6 +37477,8 @@ with pkgs;
hyperrogue = callPackage ../games/hyperrogue { };
ibmcloud-cli = callPackage ../tools/admin/ibmcloud-cli { stdenv = stdenvNoCC; };
icbm3d = callPackage ../games/icbm3d { };
infra = callPackage ../tools/admin/infra { };

12
pkgs/top-level/linux-kernels.nix
View file

@ -175,13 +175,6 @@ in {
];
};
linux_6_3 = callPackage ../os-specific/linux/kernel/linux-6.3.nix {
kernelPatches = [
kernelPatches.bridge_stp_helper
kernelPatches.request_key_helper
];
};
linux_6_4 = callPackage ../os-specific/linux/kernel/linux-6.4.nix {
kernelPatches = [
kernelPatches.bridge_stp_helper
@ -266,7 +259,6 @@ in {
linux_5_10_hardened = hardenedKernelFor kernels.linux_5_10 { };
linux_5_15_hardened = hardenedKernelFor kernels.linux_5_15 { };
linux_6_1_hardened = hardenedKernelFor kernels.linux_6_1 { };
linux_6_3_hardened = hardenedKernelFor kernels.linux_6_3 { };
linux_6_4_hardened = hardenedKernelFor kernels.linux_6_4 { };
} // lib.optionalAttrs config.allowAliases {
@ -275,6 +267,7 @@ in {
linux_5_19 = throw "linux 5.19 was removed because it has reached its end of life upstream";
linux_6_0 = throw "linux 6.0 was removed because it has reached its end of life upstream";
linux_6_2 = throw "linux 6.2 was removed because it has reached its end of life upstream";
linux_6_3 = throw "linux 6.3 was removed because it has reached its end of life upstream";
linux_xanmod_tt = throw "linux_xanmod_tt was removed because upstream no longer offers this option";
@ -578,7 +571,6 @@ in {
linux_5_10 = recurseIntoAttrs (packagesFor kernels.linux_5_10);
linux_5_15 = recurseIntoAttrs (packagesFor kernels.linux_5_15);
linux_6_1 = recurseIntoAttrs (packagesFor kernels.linux_6_1);
linux_6_3 = recurseIntoAttrs (packagesFor kernels.linux_6_3);
linux_6_4 = recurseIntoAttrs (packagesFor kernels.linux_6_4);
} // lib.optionalAttrs config.allowAliases {
linux_4_9 = throw "linux 4.9 was removed because it will reach its end of life within 22.11"; # Added 2022-11-08
@ -586,6 +578,7 @@ in {
linux_5_19 = throw "linux 5.19 was removed because it reached its end of life upstream"; # Added 2022-11-01
linux_6_0 = throw "linux 6.0 was removed because it reached its end of life upstream"; # Added 2023-01-20
linux_6_2 = throw "linux 6.2 was removed because it reached its end of life upstream"; # Added 2023-05-26
linux_6_3 = throw "linux 6.3 was removed because it reached its end of life upstream"; # Added 2023-07-22
};
rtPackages = {
@ -617,7 +610,6 @@ in {
linux_5_10_hardened = recurseIntoAttrs (packagesFor kernels.linux_5_10_hardened);
linux_5_15_hardened = recurseIntoAttrs (packagesFor kernels.linux_5_15_hardened);
linux_6_1_hardened = recurseIntoAttrs (packagesFor kernels.linux_6_1_hardened);
linux_6_3_hardened = recurseIntoAttrs (packagesFor kernels.linux_6_3_hardened);
linux_6_4_hardened = recurseIntoAttrs (packagesFor kernels.linux_6_4_hardened);
linux_zen = recurseIntoAttrs (packagesFor kernels.linux_zen);