diff --git a/doc/stdenv/cross-compilation.chapter.md b/doc/stdenv/cross-compilation.chapter.md index 3b6e5c34d54..7b8f2b4ce6c 100644 --- a/doc/stdenv/cross-compilation.chapter.md +++ b/doc/stdenv/cross-compilation.chapter.md @@ -153,6 +153,24 @@ Add the following to your `mkDerivation` invocation. doCheck = stdenv.hostPlatform == stdenv.buildPlatform; ``` +#### Package using Meson needs to run binaries for the host platform during build. {#cross-meson-runs-host-code} + +Add `mesonEmulatorHook` cross conditionally to `nativeBuildInputs`. + +e.g. + +``` +nativeBuildInputs = [ + meson +] ++ lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ + mesonEmulatorHook +]; +``` + +Example of an error which this fixes. + +`[Errno 8] Exec format error: './gdk3-scan'` + ## Cross-building packages {#sec-cross-usage} Nixpkgs can be instantiated with `localSystem` alone, in which case there is no cross-compiling and everything is built by and for that system, or also with `crossSystem`, in which case packages run on the latter, but all building happens on the former. Both parameters take the same schema as the 3 (build, host, and target) platforms defined in the previous section. As mentioned above, `lib.systems.examples` has some platforms which are used as arguments for these parameters in practice. You can use them programmatically, or on the command line: diff --git a/pkgs/applications/graphics/sane/backends/default.nix b/pkgs/applications/graphics/sane/backends/default.nix index d3c5b1c0b75..8c45f3a62ff 100644 --- a/pkgs/applications/graphics/sane/backends/default.nix +++ b/pkgs/applications/graphics/sane/backends/default.nix @@ -83,7 +83,7 @@ stdenv.mkDerivation { in '' mkdir -p $out/etc/udev/rules.d/ - ./tools/sane-desc -m udev > $out/etc/udev/rules.d/49-libsane.rules || \ + ./tools/sane-desc -m udev+hwdb -s doc/descriptions:doc/descriptions-external > $out/etc/udev/rules.d/49-libsane.rules || \ cp tools/udev/libsane.rules $out/etc/udev/rules.d/49-libsane.rules # the created 49-libsane references /bin/sh substituteInPlace $out/etc/udev/rules.d/49-libsane.rules \ diff --git a/pkgs/applications/networking/instant-messengers/teams/default.nix b/pkgs/applications/networking/instant-messengers/teams/default.nix index d7831d3fd53..dd4e104aa66 100644 --- a/pkgs/applications/networking/instant-messengers/teams/default.nix +++ b/pkgs/applications/networking/instant-messengers/teams/default.nix @@ -58,7 +58,12 @@ let ]; preFixup = '' - gappsWrapperArgs+=(--prefix PATH : "${coreutils}/bin:${gawk}/bin") + gappsWrapperArgs+=( + --prefix PATH : "${coreutils}/bin:${gawk}/bin" + + # fix for https://docs.microsoft.com/en-us/answers/questions/298724/open-teams-meeting-link-on-linux-doens39t-work.html?childToView=309406#comment-309406 + --append-flags '--disable-namespace-sandbox --disable-setuid-sandbox' + ) ''; @@ -119,15 +124,6 @@ let echo "Adding runtime dependencies to RPATH of Node module $mod" patchelf --set-rpath "$runtime_rpath:$mod_rpath" "$mod" done; - - # fix for https://docs.microsoft.com/en-us/answers/questions/298724/open-teams-meeting-link-on-linux-doens39t-work.html?childToView=309406#comment-309406 - wrapped=$out/bin/.teams-old - mv "$out/bin/teams" "$wrapped" - cat > "$out/bin/teams" << EOF - #! ${runtimeShell} - exec $wrapped "\$@" --disable-namespace-sandbox --disable-setuid-sandbox - EOF - chmod +x "$out/bin/teams" ''; }; diff --git a/pkgs/applications/science/logic/coq/default.nix b/pkgs/applications/science/logic/coq/default.nix index f91b336cbf6..bb92e2d7492 100644 --- a/pkgs/applications/science/logic/coq/default.nix +++ b/pkgs/applications/science/logic/coq/default.nix @@ -41,15 +41,15 @@ let "8.12.0".sha256 = "18dc7k0piv6v064zgdadpw6mkkxk7j663hb3svgj5236fihjr0cz"; "8.12.1".sha256 = "1rkcyjjrzcqw9xk93hsq0vvji4f8r5iq0f739mghk60bghkpnb7q"; "8.12.2".sha256 = "18gscfm039pqhq4msq01nraig5dm9ab98bjca94zldf8jvdv0x2n"; - "8.13.0".sha256 = "0sjbqmz6qcvnz0hv87xha80qbhvmmyd675wyc5z4rgr34j2l1ymd"; - "8.13.1".sha256 = "0xx2ns84mlip9bg2mkahy3pmc5zfcgrjxsviq9yijbzy1r95wf0n"; - "8.13.2".sha256 = "1884vbmwmqwn9ngibax6dhnqh4cc02l0s2ajc6jb1xgr0i60whjk"; - "8.14.0".sha256 = "04y2z0qyvag66zanfyc3f9agvmzbn4lsr0p1l7ck6yjhqx7vbm17"; - "8.14.1".sha256 = "0sx78pgx0qw8v7v2r32zzy3l161zipzq95iacda628girim7psnl"; - "8.15.0".sha256 = "sha256:1ma76wfrpfsl72yh10w1ys2a0vi0mdc2jc79kdc8nrmxkhpw1nxx"; - "8.15.1".sha256 = "sha256:1dsa04jzkx5pw69pmxn0l55q4w88lg6fvz7clbga0bazzsfnsgd6"; - "8.15.2".sha256 = "sha256:0gn8dz69scxnxaq6ycb3x34bjfk9wlp1y2xn8w69kg9fm4b6gkc7"; - "8.16+rc1".sha256 = "sha256-dU+E0Mz7MVntbQIeG9I59ANBaHaXXSrjCRdoqZ5TO60="; + "8.13.0".sha256 = "1l2c63vskp8kiyxiyi5rpgbmnv67ysn3y4lybd6nj0li5llibifi"; + "8.13.1".sha256 = "15drjcqhsgwqnv02bbidyhk316ypyhz1pxfz2gwsalci9svhkz0v"; + "8.13.2".sha256 = "14d4alp35hngvga9m7cfp5d1nl62xdj0nm4811f2jjblk86gxxk4"; + "8.14.0".sha256 = "0yxjx9kq9bfpk31dc1c6a0pz0827fz7jmrcwwd4n7dc07yi0arq8"; + "8.14.1".sha256 = "0xdqiabgm4lrm6d7lw544zd8xwb1cdcavsxvwwlqq6yid2rl2yli"; + "8.15.0".sha256 = "sha256:0q7jl3bn0d1v9cwdkxykw4frccww6wbh1p8hdrfqw489mkxmh5jh"; + "8.15.1".sha256 = "sha256:1janvmnk3czimp0j5qmnfwx6509vhpjc2q7lcza1bc6dm6kn8n42"; + "8.15.2".sha256 = "sha256:0qibbvzrhsvs6w3zpkhyclndp29jnr6bs9i5skjlpp431jdjjfqd"; + "8.16+rc1".sha256 = "sha256-hmZQ6rFIOZJwnAh23nKScJ3Nn+xqDRn5q2Tn82igpYE="; }; releaseRev = v: "V${v}"; fetched = import ../../../../build-support/coq/meta-fetch/default.nix diff --git a/pkgs/build-support/cc-wrapper/add-clang-cc-cflags-before.sh b/pkgs/build-support/cc-wrapper/add-clang-cc-cflags-before.sh new file mode 100644 index 00000000000..f943b850468 --- /dev/null +++ b/pkgs/build-support/cc-wrapper/add-clang-cc-cflags-before.sh @@ -0,0 +1,11 @@ +needsTarget=true + +for p in "${params[@]}"; do + case "$p" in + -target | --target=*) needsTarget=false ;; + esac +done + +if $needsTarget; then + extraBefore+=(-target @defaultTarget@) +fi diff --git a/pkgs/build-support/cc-wrapper/cc-wrapper.sh b/pkgs/build-support/cc-wrapper/cc-wrapper.sh index 1220841162c..83b6817798f 100644 --- a/pkgs/build-support/cc-wrapper/cc-wrapper.sh +++ b/pkgs/build-support/cc-wrapper/cc-wrapper.sh @@ -38,36 +38,23 @@ nParams=${#params[@]} while (( "$n" < "$nParams" )); do p=${params[n]} p2=${params[n+1]:-} # handle `p` being last one - if [ "$p" = -c ]; then - dontLink=1 - elif [ "$p" = -S ]; then - dontLink=1 - elif [ "$p" = -E ]; then - dontLink=1 - elif [ "$p" = -E ]; then - dontLink=1 - elif [ "$p" = -M ]; then - dontLink=1 - elif [ "$p" = -MM ]; then - dontLink=1 - elif [[ "$p" = -x && "$p2" = *-header ]]; then - dontLink=1 - elif [[ "$p" = -x && "$p2" = c++* && "$isCxx" = 0 ]]; then - isCxx=1 - elif [ "$p" = -nostdlib ]; then - cxxLibrary=0 - elif [ "$p" = -nostdinc ]; then - cInclude=0 - cxxInclude=0 - elif [ "$p" = -nostdinc++ ]; then - cxxInclude=0 - elif [[ "$p" != -?* ]]; then - # A dash alone signifies standard input; it is not a flag - nonFlagArgs=1 - elif [ "$p" = -cc1 ]; then - cc1=1 - fi n+=1 + + case "$p" in + -[cSEM] | -MM) dontLink=1 ;; + -cc1) cc1=1 ;; + -nostdinc) cInclude=0 cxxInclude=0 ;; + -nostdinc++) cxxInclude=0 ;; + -nostdlib) cxxLibrary=0 ;; + -x) + case "$p2" in + *-header) dontLink=1 ;; + c++*) isCxx=1 ;; + esac + ;; + -?*) ;; + *) nonFlagArgs=1 ;; # Includes a solitary dash (`-`) which signifies standard input; it is not a flag + esac done # If we pass a flag like -Wl, then gcc will call the linker unless it @@ -81,29 +68,31 @@ fi # Optionally filter out paths not refering to the store. if [[ "${NIX_ENFORCE_PURITY:-}" = 1 && -n "$NIX_STORE" ]]; then - rest=() + kept=() nParams=${#params[@]} declare -i n=0 while (( "$n" < "$nParams" )); do p=${params[n]} p2=${params[n+1]:-} # handle `p` being last one - if [ "${p:0:3}" = -L/ ] && badPath "${p:2}"; then - skip "${p:2}" - elif [ "$p" = -L ] && badPath "$p2"; then - n+=1; skip "$p2" - elif [ "${p:0:3}" = -I/ ] && badPath "${p:2}"; then - skip "${p:2}" - elif [ "$p" = -I ] && badPath "$p2"; then - n+=1; skip "$p2" - elif [ "$p" = -isystem ] && badPath "$p2"; then - n+=1; skip "$p2" - else - rest+=("$p") - fi n+=1 + + skipNext=false + path="" + case "$p" in + -[IL]/*) path=${p:2} ;; + -[IL] | -isystem) path=$p2 skipNext=true ;; + esac + + if [[ -n $path ]] && badPath "$path"; then + skip "$path" + $skipNext && n+=1 + continue + fi + + kept+=("$p") done # Old bash empty array hack - params=(${rest+"${rest[@]}"}) + params=(${kept+"${kept[@]}"}) fi # Flirting with a layer violation here. @@ -118,17 +107,17 @@ fi # Clear march/mtune=native -- they bring impurity. if [ "$NIX_ENFORCE_NO_NATIVE_@suffixSalt@" = 1 ]; then - rest=() + kept=() # Old bash empty array hack for p in ${params+"${params[@]}"}; do if [[ "$p" = -m*=native ]]; then skip "$p" else - rest+=("$p") + kept+=("$p") fi done # Old bash empty array hack - params=(${rest+"${rest[@]}"}) + params=(${kept+"${kept[@]}"}) fi if [[ "$isCxx" = 1 ]]; then @@ -170,6 +159,10 @@ if [ "$dontLink" != 1 ]; then export NIX_LINK_TYPE_@suffixSalt@=$linkType fi +if [[ -e @out@/nix-support/add-local-cc-cflags-before.sh ]]; then + source @out@/nix-support/add-local-cc-cflags-before.sh +fi + # As a very special hack, if the arguments are just `-v', then don't # add anything. This is to prevent `gcc -v' (which normally prints # out the version number and returns exit code 0) from printing out diff --git a/pkgs/build-support/cc-wrapper/default.nix b/pkgs/build-support/cc-wrapper/default.nix index ceba14ef92a..d74d0490b40 100644 --- a/pkgs/build-support/cc-wrapper/default.nix +++ b/pkgs/build-support/cc-wrapper/default.nix @@ -297,14 +297,6 @@ stdenv.mkDerivation { fi '' - ## - ## General Clang support - ## - + optionalString isClang '' - - echo "-target ${targetPlatform.config}" >> $out/nix-support/cc-cflags - '' - ## ## GCC libs for non-GCC support ## @@ -524,6 +516,15 @@ stdenv.mkDerivation { substituteAll ${../wrapper-common/utils.bash} $out/nix-support/utils.bash '' + ## + ## General Clang support + ## Needs to go after ^ because the for loop eats \n and makes this file an invalid script + ## + + optionalString isClang '' + export defaultTarget=${targetPlatform.config} + substituteAll ${./add-clang-cc-cflags-before.sh} $out/nix-support/add-local-cc-cflags-before.sh + '' + ## ## Extra custom steps ## diff --git a/pkgs/build-support/fetchzip/default.nix b/pkgs/build-support/fetchzip/default.nix index 98c41037074..10142134792 100644 --- a/pkgs/build-support/fetchzip/default.nix +++ b/pkgs/build-support/fetchzip/default.nix @@ -5,7 +5,7 @@ # (e.g. due to minor changes in the compression algorithm, or changes # in timestamps). -{ lib, fetchurl, unzip }: +{ lib, fetchurl, unzip, glibcLocalesUtf8 }: { # Optionally move the contents of the unpacked tree up one level. stripRoot ? true @@ -35,7 +35,10 @@ in { downloadToTemp = true; - nativeBuildInputs = [ unzip ] ++ nativeBuildInputs; + # Have to pull in glibcLocalesUtf8 for unzip in setup-hook.sh to handle + # UTF-8 aware locale: + # https://github.com/NixOS/nixpkgs/issues/176225#issuecomment-1146617263 + nativeBuildInputs = [ unzip glibcLocalesUtf8 ] ++ nativeBuildInputs; postFetch = '' diff --git a/pkgs/build-support/setup-hooks/make-binary-wrapper/make-binary-wrapper.sh b/pkgs/build-support/setup-hooks/make-binary-wrapper/make-binary-wrapper.sh index 6b8f5d60eb6..5f759d323cf 100644 --- a/pkgs/build-support/setup-hooks/make-binary-wrapper/make-binary-wrapper.sh +++ b/pkgs/build-support/setup-hooks/make-binary-wrapper/make-binary-wrapper.sh @@ -15,17 +15,19 @@ assertExecutable() { # makeWrapper EXECUTABLE OUT_PATH ARGS # ARGS: -# --argv0 NAME : set the name of the executed process to NAME -# (if unset or empty, defaults to EXECUTABLE) -# --inherit-argv0 : the executable inherits argv0 from the wrapper. -# (use instead of --argv0 '$0') -# --set VAR VAL : add VAR with value VAL to the executable's environment -# --set-default VAR VAL : like --set, but only adds VAR if not already set in -# the environment -# --unset VAR : remove VAR from the environment -# --chdir DIR : change working directory (use instead of --run "cd DIR") -# --add-flags FLAGS : add FLAGS to invocation of executable -# TODO(@ncfavier): --append-flags +# --argv0 NAME : set the name of the executed process to NAME +# (if unset or empty, defaults to EXECUTABLE) +# --inherit-argv0 : the executable inherits argv0 from the wrapper. +# (use instead of --argv0 '$0') +# --set VAR VAL : add VAR with value VAL to the executable's environment +# --set-default VAR VAL : like --set, but only adds VAR if not already set in +# the environment +# --unset VAR : remove VAR from the environment +# --chdir DIR : change working directory (use instead of --run "cd DIR") +# --add-flags ARGS : prepend ARGS to the invocation of the executable +# (that is, *before* any arguments passed on the command line) +# --append-flags ARGS : append ARGS to the invocation of the executable +# (that is, *after* any arguments passed on the command line) # --prefix ENV SEP VAL : suffix/prefix ENV with VAL, separated by SEP # --suffix @@ -83,7 +85,7 @@ makeDocumentedCWrapper() { # makeCWrapper EXECUTABLE ARGS # ARGS: same as makeWrapper makeCWrapper() { - local argv0 inherit_argv0 n params cmd main flagsBefore flags executable length + local argv0 inherit_argv0 n params cmd main flagsBefore flagsAfter flags executable length local uses_prefix uses_suffix uses_assert uses_assert_success uses_stdio uses_asprintf executable=$(escapeStringLiteral "$1") params=("$@") @@ -150,6 +152,13 @@ makeCWrapper() { n=$((n + 1)) [ $n -ge "$length" ] && main="$main#error makeCWrapper: $p takes 1 argument"$'\n' ;; + --append-flags) + flags="${params[n + 1]}" + flagsAfter="$flagsAfter $flags" + uses_assert=1 + n=$((n + 1)) + [ $n -ge "$length" ] && main="$main#error makeCWrapper: $p takes 1 argument"$'\n' + ;; --argv0) argv0=$(escapeStringLiteral "${params[n + 1]}") inherit_argv0= @@ -165,8 +174,7 @@ makeCWrapper() { ;; esac done - # shellcheck disable=SC2086 - [ -z "$flagsBefore" ] || main="$main"${main:+$'\n'}$(addFlags $flagsBefore)$'\n'$'\n' + [[ -z "$flagsBefore" && -z "$flagsAfter" ]] || main="$main"${main:+$'\n'}$(addFlags "$flagsBefore" "$flagsAfter")$'\n'$'\n' [ -z "$inherit_argv0" ] && main="${main}argv[0] = \"${argv0:-${executable}}\";"$'\n' main="${main}return execv(\"${executable}\", argv);"$'\n' @@ -184,21 +192,25 @@ makeCWrapper() { } addFlags() { - local result n flag flags var + local n flag before after var + # shellcheck disable=SC2086 + before=($1) after=($2) var="argv_tmp" - flags=("$@") - for ((n = 0; n < ${#flags[*]}; n += 1)); do - flag=$(escapeStringLiteral "${flags[$n]}") - result="$result${var}[$((n+1))] = \"$flag\";"$'\n' - done - printf '%s\n' "char **$var = calloc($((n+1)) + argc, sizeof(*$var));" + printf '%s\n' "char **$var = calloc(${#before[@]} + argc + ${#after[@]} + 1, sizeof(*$var));" printf '%s\n' "assert($var != NULL);" printf '%s\n' "${var}[0] = argv[0];" - printf '%s' "$result" + for ((n = 0; n < ${#before[@]}; n += 1)); do + flag=$(escapeStringLiteral "${before[n]}") + printf '%s\n' "${var}[$((n + 1))] = \"$flag\";" + done printf '%s\n' "for (int i = 1; i < argc; ++i) {" - printf '%s\n' " ${var}[$n + i] = argv[i];" + printf '%s\n' " ${var}[${#before[@]} + i] = argv[i];" printf '%s\n' "}" - printf '%s\n' "${var}[$n + argc] = NULL;" + for ((n = 0; n < ${#after[@]}; n += 1)); do + flag=$(escapeStringLiteral "${after[n]}") + printf '%s\n' "${var}[${#before[@]} + argc + $n] = \"$flag\";" + done + printf '%s\n' "${var}[${#before[@]} + argc + ${#after[@]}] = NULL;" printf '%s\n' "argv = $var;" } @@ -366,6 +378,10 @@ formatArgs() { formatArgsLine 1 "$@" shift 1 ;; + --append-flags) + formatArgsLine 1 "$@" + shift 1 + ;; --argv0) formatArgsLine 1 "$@" shift 1 diff --git a/pkgs/build-support/setup-hooks/make-wrapper.sh b/pkgs/build-support/setup-hooks/make-wrapper.sh index 8a38c39efc4..84e5ecee290 100644 --- a/pkgs/build-support/setup-hooks/make-wrapper.sh +++ b/pkgs/build-support/setup-hooks/make-wrapper.sh @@ -11,18 +11,20 @@ assertExecutable() { # makeWrapper EXECUTABLE OUT_PATH ARGS # ARGS: -# --argv0 NAME : set the name of the executed process to NAME -# (if unset or empty, defaults to EXECUTABLE) -# --inherit-argv0 : the executable inherits argv0 from the wrapper. -# (use instead of --argv0 '$0') -# --set VAR VAL : add VAR with value VAL to the executable's environment -# --set-default VAR VAL : like --set, but only adds VAR if not already set in -# the environment -# --unset VAR : remove VAR from the environment -# --chdir DIR : change working directory (use instead of --run "cd DIR") -# --run COMMAND : run command before the executable -# --add-flags FLAGS : add FLAGS to invocation of executable -# TODO(@ncfavier): --append-flags +# --argv0 NAME : set the name of the executed process to NAME +# (if unset or empty, defaults to EXECUTABLE) +# --inherit-argv0 : the executable inherits argv0 from the wrapper. +# (use instead of --argv0 '$0') +# --set VAR VAL : add VAR with value VAL to the executable's environment +# --set-default VAR VAL : like --set, but only adds VAR if not already set in +# the environment +# --unset VAR : remove VAR from the environment +# --chdir DIR : change working directory (use instead of --run "cd DIR") +# --run COMMAND : run command before the executable +# --add-flags ARGS : prepend ARGS to the invocation of the executable +# (that is, *before* any arguments passed on the command line) +# --append-flags ARGS : append ARGS to the invocation of the executable +# (that is, *after* any arguments passed on the command line) # --prefix ENV SEP VAL : suffix/prefix ENV with VAL, separated by SEP # --suffix @@ -36,7 +38,7 @@ makeShellWrapper() { local original="$1" local wrapper="$2" local params varName value command separator n fileNames - local argv0 flagsBefore flags + local argv0 flagsBefore flagsAfter flags assertExecutable "$original" @@ -165,6 +167,10 @@ makeShellWrapper() { flags="${params[$((n + 1))]}" n=$((n + 1)) flagsBefore="$flagsBefore $flags" + elif [[ "$p" == "--append-flags" ]]; then + flags="${params[$((n + 1))]}" + n=$((n + 1)) + flagsAfter="$flagsAfter $flags" elif [[ "$p" == "--argv0" ]]; then argv0="${params[$((n + 1))]}" n=$((n + 1)) @@ -177,7 +183,7 @@ makeShellWrapper() { done echo exec ${argv0:+-a \"$argv0\"} \""$original"\" \ - "$flagsBefore" '"$@"' >> "$wrapper" + "$flagsBefore" '"$@"' "$flagsAfter" >> "$wrapper" chmod +x "$wrapper" } diff --git a/pkgs/data/fonts/eduli/default.nix b/pkgs/data/fonts/eduli/default.nix index 7ff2ad4446c..beb89d49fc3 100644 --- a/pkgs/data/fonts/eduli/default.nix +++ b/pkgs/data/fonts/eduli/default.nix @@ -8,7 +8,7 @@ stdenvNoCC.mkDerivation rec { name = "${pname}-${version}"; url = "http://language.moe.gov.tw/001/Upload/Files/site_content/M0001/MoeLI-3.0.zip"; - sha256 = "0vpmm2qb429npng0aqkafwgs7cjibq8a3f7bbn9hysbm2lndwxwd"; + sha256 = "0b4kjdk0h0hx446swi0wzawia0mf16qh9b6v4h4nqg8qx0p2sd3c"; }; installPhase = '' diff --git a/pkgs/development/compilers/vala/default.nix b/pkgs/development/compilers/vala/default.nix index 546160ba5e3..0a468023616 100644 --- a/pkgs/development/compilers/vala/default.nix +++ b/pkgs/development/compilers/vala/default.nix @@ -1,5 +1,5 @@ { stdenv, lib, fetchurl, fetchpatch, pkg-config, flex, bison, libxslt, autoconf, autoreconfHook -, gnome, graphviz, glib, libiconv, libintl, libtool, expat, substituteAll +, gnome, graphviz, glib, libiconv, libintl, libtool, expat, substituteAll, vala }: let @@ -49,7 +49,9 @@ let # so that it can be used to regenerate documentation. patches = lib.optionals disableGraphviz [ graphvizPatch ./gvc-compat.patch ]; configureFlags = lib.optional disableGraphviz "--disable-graphviz"; - preBuild = lib.optionalString disableGraphviz "buildFlagsArray+=(\"VALAC=$(pwd)/compiler/valac\")"; + # when cross-compiling ./compiler/valac is valac for host + # so add the build vala in nativeBuildInputs + preBuild = lib.optionalString (disableGraphviz && (stdenv.buildPlatform == stdenv.hostPlatform)) "buildFlagsArray+=(\"VALAC=$(pwd)/compiler/valac\")"; outputs = [ "out" "devdoc" ]; @@ -57,6 +59,7 @@ let pkg-config flex bison libxslt ] ++ lib.optional (stdenv.isDarwin && (lib.versionAtLeast version "0.38")) expat ++ lib.optional disableGraphviz autoreconfHook # if we changed our ./configure script, need to reconfigure + ++ lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ vala ] ++ extraNativeBuildInputs; buildInputs = [ diff --git a/pkgs/development/go-modules/generic/default.nix b/pkgs/development/go-modules/generic/default.nix index 7cab5d38c7b..b0c587ea471 100644 --- a/pkgs/development/go-modules/generic/default.nix +++ b/pkgs/development/go-modules/generic/default.nix @@ -39,6 +39,8 @@ # IE: programs coupled with the compiler , allowGoReference ? false +, CGO_ENABLED ? go.CGO_ENABLED + , meta ? {} # Not needed with buildGoModule @@ -141,6 +143,7 @@ let GO111MODULE = "on"; GOFLAGS = lib.optionals (!proxyVendor) [ "-mod=vendor" ] ++ lib.optionals (!allowGoReference) [ "-trimpath" ]; + inherit CGO_ENABLED; configurePhase = args.configurePhase or '' runHook preConfigure diff --git a/pkgs/development/interpreters/python/default.nix b/pkgs/development/interpreters/python/default.nix index 307633fc5d6..b3775c3d42a 100644 --- a/pkgs/development/interpreters/python/default.nix +++ b/pkgs/development/interpreters/python/default.nix @@ -133,10 +133,10 @@ with pkgs; sourceVersion = { major = "3"; minor = "10"; - patch = "4"; + patch = "5"; suffix = ""; }; - sha256 = "sha256-gL+SX1cdpDazUhCIbPefbrX6XWxXExa3NWg0NFH3ehk="; + sha256 = "sha256-hDfv1bEG7wp1qr+/I9iAYlEgpzqGoireTS4uaNe3RIY="; }; }; diff --git a/pkgs/development/interpreters/python/hooks/python-relax-deps-hook.sh b/pkgs/development/interpreters/python/hooks/python-relax-deps-hook.sh index 7e1cfe51724..82231ee3adc 100644 --- a/pkgs/development/interpreters/python/hooks/python-relax-deps-hook.sh +++ b/pkgs/development/interpreters/python/hooks/python-relax-deps-hook.sh @@ -59,23 +59,26 @@ _pythonRemoveDeps() { pythonRelaxDepsHook() { pushd dist - local -r package="$pname-$version" + # See https://peps.python.org/pep-0491/#escaping-and-unicode + local -r pkg_name="${pname//[^[:alnum:].]/_}-$version" local -r unpack_dir="unpacked" - local -r metadata_file="$unpack_dir/$package/$package.dist-info/METADATA" - local -r wheel=$(echo "$package"*".whl") + local -r metadata_file="$unpack_dir/$pkg_name/$pkg_name.dist-info/METADATA" - @pythonInterpreter@ -m wheel unpack --dest "$unpack_dir" "$wheel" - rm -rf "$wheel" + # We generally shouldn't have multiple wheel files, but let's be safer here + for wheel in "$pkg_name"*".whl"; do + @pythonInterpreter@ -m wheel unpack --dest "$unpack_dir" "$wheel" + rm -rf "$wheel" - _pythonRelaxDeps "$metadata_file" - _pythonRemoveDeps "$metadata_file" + _pythonRelaxDeps "$metadata_file" + _pythonRemoveDeps "$metadata_file" - if (( "${NIX_DEBUG:-0}" >= 1 )); then - echo "pythonRelaxDepsHook: resulting METADATA:" - cat "$unpack_dir/$package/$package.dist-info/METADATA" - fi + if (( "${NIX_DEBUG:-0}" >= 1 )); then + echo "pythonRelaxDepsHook: resulting METADATA for '$wheel':" + cat "$unpack_dir/$pkg_name/$pkg_name.dist-info/METADATA" + fi - @pythonInterpreter@ -m wheel pack "$unpack_dir/$package" + @pythonInterpreter@ -m wheel pack "$unpack_dir/$pkg_name" + done popd } diff --git a/pkgs/development/interpreters/ruby/default.nix b/pkgs/development/interpreters/ruby/default.nix index 07349cf4f91..4381e6b6ddd 100644 --- a/pkgs/development/interpreters/ruby/default.nix +++ b/pkgs/development/interpreters/ruby/default.nix @@ -137,6 +137,10 @@ let (lib.enableFeature docSupport "install-doc") (lib.withFeature jemallocSupport "jemalloc") (lib.withFeatureAs docSupport "ridir" "${placeholder "devdoc"}/share/ri") + # ruby enables -O3 for gcc, however our compiler hardening wrapper + # overrides that by enabling `-O2` which is the minimum optimization + # needed for `_FORTIFY_SOURCE`. + ] ++ lib.optional stdenv.cc.isGNU "CFLAGS=-O3" ++ [ ] ++ ops stdenv.isDarwin [ # on darwin, we have /usr/include/tk.h -- so the configure script detects # that tk is installed diff --git a/pkgs/development/libraries/avahi/default.nix b/pkgs/development/libraries/avahi/default.nix index 1732b5df04e..e2421743455 100644 --- a/pkgs/development/libraries/avahi/default.nix +++ b/pkgs/development/libraries/avahi/default.nix @@ -1,21 +1,25 @@ -{ fetchurl, fetchpatch, lib, stdenv, pkg-config, libdaemon, dbus, perlPackages -, expat, gettext, intltool, glib, libiconv, writeShellScriptBin, libevent +{ fetchurl +, fetchpatch +, lib +, stdenv +, pkg-config +, libdaemon +, dbus +, perlPackages +, expat +, gettext +, glib +, libiconv +, libevent , nixosTests -, gtk3Support ? false, gtk3 ? null -, qt4 ? null -, qt4Support ? false +, gtk3Support ? false +, gtk3 ? null , qt5 ? null , qt5Support ? false , withLibdnssdCompat ? false , python ? null -, withPython ? false }: - -assert qt4Support -> qt4 != null; - -let - # despite the configure script claiming it supports $PKG_CONFIG, it doesnt respect it - pkg-config-helper = writeShellScriptBin "pkg-config" ''exec $PKG_CONFIG "$@"''; -in +, withPython ? false +}: stdenv.mkDerivation rec { pname = "avahi${lib.optionalString withLibdnssdCompat "-compat"}"; @@ -26,45 +30,72 @@ stdenv.mkDerivation rec { sha256 = "1npdixwxxn3s9q1f365x9n9rc5xgfz39hxf23faqvlrklgbhj0q6"; }; - prePatch = '' - substituteInPlace configure \ - --replace pkg-config "$PKG_CONFIG" - ''; - patches = [ - ./no-mkdir-localstatedir.patch (fetchpatch { url = "https://github.com/lathiat/avahi/commit/9d31939e55280a733d930b15ac9e4dda4497680c.patch"; sha256 = "sha256-BXWmrLWUvDxKPoIPRFBpMS3T4gijRw0J+rndp6iDybU="; }) ]; - buildInputs = [ libdaemon dbus glib expat libiconv libevent ] - ++ (with perlPackages; [ perl XMLParser ]) - ++ (lib.optional gtk3Support gtk3) - ++ (lib.optional qt4Support qt4) - ++ (lib.optional qt5Support qt5); + depsBuildBuild = [ + pkg-config + ]; - propagatedBuildInputs = - lib.optionals withPython (with python.pkgs; [ python pygobject3 dbus-python ]); + nativeBuildInputs = [ + pkg-config + gettext + glib + ]; - nativeBuildInputs = [ pkg-config pkg-config-helper gettext intltool glib ]; + buildInputs = [ + libdaemon + dbus + glib + expat + libiconv + libevent + ] ++ (with perlPackages; [ + perl + XMLParser + ]) ++ lib.optionals gtk3Support [ + gtk3 + ] ++ lib.optionals qt5Support [ + qt5 + ]; - configureFlags = - [ "--disable-qt3" "--disable-gdbm" "--disable-mono" - "--disable-gtk" "--with-dbus-sys=${placeholder "out"}/share/dbus-1/system.d" - (lib.enableFeature gtk3Support "gtk3") - "--${if qt4Support then "enable" else "disable"}-qt4" - "--${if qt5Support then "enable" else "disable"}-qt5" - (lib.enableFeature withPython "python") - "--localstatedir=/var" "--with-distro=none" - # A systemd unit is provided by the avahi-daemon NixOS module - "--with-systemdsystemunitdir=no" ] - ++ lib.optional withLibdnssdCompat "--enable-compat-libdns_sd" + propagatedBuildInputs = lib.optionals withPython (with python.pkgs; [ + python + pygobject3 + dbus-python + ]); + + configureFlags = [ + "--disable-gdbm" + "--disable-mono" + # Use non-deprecated path https://github.com/lathiat/avahi/pull/376 + "--with-dbus-sys=${placeholder "out"}/share/dbus-1/system.d" + (lib.enableFeature gtk3Support "gtk3") + (lib.enableFeature qt5Support "qt5") + (lib.enableFeature withPython "python") + "--localstatedir=/var" + "--runstatedir=/run" + "--sysconfdir=/etc" + "--with-distro=none" + # A systemd unit is provided by the avahi-daemon NixOS module + "--with-systemdsystemunitdir=no" + ] ++ lib.optionals withLibdnssdCompat [ + "--enable-compat-libdns_sd" + ] ++ lib.optionals stdenv.isDarwin [ # autoipd won't build on darwin - ++ lib.optional stdenv.isDarwin "--disable-autoipd"; + "--disable-autoipd" + ]; - NIX_CFLAGS_COMPILE = "-DAVAHI_SERVICE_DIR=\"/etc/avahi/services\""; + installFlags = [ + # Override directories to install into the package. + # Replace with runstatedir once is merged https://github.com/lathiat/avahi/pull/377 + "avahi_runtime_dir=${placeholder "out"}/run" + "sysconfdir=${placeholder "out"}/etc" + ]; preBuild = lib.optionalString stdenv.isDarwin '' sed -i '20 i\ @@ -73,14 +104,10 @@ stdenv.mkDerivation rec { ''; postInstall = - # Maintain compat for mdnsresponder and howl + # Maintain compat for mdnsresponder lib.optionalString withLibdnssdCompat '' ln -s avahi-compat-libdns_sd/dns_sd.h "$out/include/dns_sd.h" ''; - /* # these don't exist (anymore?) - ln -s avahi-compat-howl $out/include/howl - ln -s avahi-compat-howl.pc $out/lib/pkgconfig/howl.pc - */ passthru.tests = { smoke-test = nixosTests.avahi; @@ -89,9 +116,9 @@ stdenv.mkDerivation rec { meta = with lib; { description = "mDNS/DNS-SD implementation"; - homepage = "http://avahi.org"; - license = licenses.lgpl2Plus; - platforms = platforms.unix; + homepage = "http://avahi.org"; + license = licenses.lgpl2Plus; + platforms = platforms.unix; maintainers = with maintainers; [ lovek323 globin ]; longDescription = '' diff --git a/pkgs/development/libraries/avahi/no-mkdir-localstatedir.patch b/pkgs/development/libraries/avahi/no-mkdir-localstatedir.patch deleted file mode 100644 index 72965c9f028..00000000000 --- a/pkgs/development/libraries/avahi/no-mkdir-localstatedir.patch +++ /dev/null @@ -1,12 +0,0 @@ -Don't "mkdir $(localstatedir)" since we can't do it (/var). - ---- a/avahi-daemon/Makefile.in -+++ b/avahi-daemon/Makefile.in -@@ -1625,7 +1625,6 @@ xmllint: - done - - install-data-local: -- test -z "$(avahi_runtime_dir)" || $(MKDIR_P) "$(DESTDIR)$(avahi_runtime_dir)" - - update-systemd: - curl http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.c > sd-daemon.c diff --git a/pkgs/development/libraries/fontconfig/default.nix b/pkgs/development/libraries/fontconfig/default.nix index 64e6f9a2476..6c0b8899a3f 100644 --- a/pkgs/development/libraries/fontconfig/default.nix +++ b/pkgs/development/libraries/fontconfig/default.nix @@ -1,6 +1,5 @@ -{ lib, stdenv -, fetchpatch -, substituteAll +{ stdenv +, lib , fetchurl , pkg-config , python3 @@ -15,23 +14,15 @@ stdenv.mkDerivation rec { pname = "fontconfig"; - version = "2.13.94"; + version = "2.14.0"; + + outputs = [ "bin" "dev" "lib" "out" ]; # $out contains all the config src = fetchurl { url = "https://www.freedesktop.org/software/fontconfig/release/${pname}-${version}.tar.xz"; - sha256 = "0g004r0bkkqz00mpm3svnnxn7d83158q0yb9ggxryizxfg5m5w55"; + sha256 = "3L64TJx0u/2xM9U1/hx77cnyIhqNrzkUuYTETFIOm6w="; }; - patches = [ - # Fix font style detection - (fetchpatch { - url = "https://gitlab.freedesktop.org/fontconfig/fontconfig/-/commit/92fbf14b0d7c4737ffe1e8326b7ab8ffae5548c3.patch"; - sha256 = "1wmyax2151hg3m11q61mv25k45zk2w3xapb4p1r6wzk91zjlsgyr"; - }) - ]; - - outputs = [ "bin" "dev" "lib" "out" ]; # $out contains all the config - nativeBuildInputs = [ autoreconfHook gperf diff --git a/pkgs/development/libraries/freeimage/default.nix b/pkgs/development/libraries/freeimage/default.nix index b132b3fae8c..807e96669c6 100644 --- a/pkgs/development/libraries/freeimage/default.nix +++ b/pkgs/development/libraries/freeimage/default.nix @@ -15,8 +15,13 @@ stdenv.mkDerivation { sourceRoot = "svn-r1900/FreeImage/trunk"; # Ensure that the bundled libraries are not used at all - prePatch = "rm -rf Source/Lib* Source/OpenEXR Source/ZLib"; - patches = [ ./unbundle.diff ]; + prePatch = '' + rm -rf Source/Lib* Source/OpenEXR Source/ZLib + ''; + patches = [ + ./unbundle.diff + ./libtiff-4.4.0.diff + ]; postPatch = '' # To support cross compilation, use the correct `pkg-config`. diff --git a/pkgs/development/libraries/freeimage/libtiff-4.4.0.diff b/pkgs/development/libraries/freeimage/libtiff-4.4.0.diff new file mode 100644 index 00000000000..13abd5dd708 --- /dev/null +++ b/pkgs/development/libraries/freeimage/libtiff-4.4.0.diff @@ -0,0 +1,15 @@ +Fix build with libtiff 4.4.0 by not using a private libtiff API. +Patch by Kurt Schwehr: https://sourceforge.net/p/freeimage/discussion/36109/thread/2018fdc6e7/ + +diff -ru a/Source/Metadata/XTIFF.cpp b/Source/Metadata/XTIFF.cpp +--- a/Source/Metadata/XTIFF.cpp ++++ b/Source/Metadata/XTIFF.cpp +@@ -749,7 +749,7 @@ + continue; + } + // type of storage may differ (e.g. rationnal array vs float array type) +- if((unsigned)_TIFFDataSize(tif_tag_type) != FreeImage_TagDataWidth(tag_type)) { ++ if((unsigned)TIFFFieldSetGetSize(fld) != FreeImage_TagDataWidth(tag_type)) { + // skip tag or _TIFFmemcpy will fail + continue; + } diff --git a/pkgs/development/libraries/gnutls/default.nix b/pkgs/development/libraries/gnutls/default.nix index 627e5f46f72..f6c6aca19a2 100644 --- a/pkgs/development/libraries/gnutls/default.nix +++ b/pkgs/development/libraries/gnutls/default.nix @@ -5,7 +5,8 @@ , guileBindings ? config.gnutls.guile or false, guile , tpmSupport ? false, trousers, which, nettools, libunistring , withP11-kit ? !stdenv.hostPlatform.isStatic, p11-kit -, withSecurity ? false, Security # darwin Security.framework +, withSecurity ? true, Security # darwin Security.framework +# certificate compression - only zlib now, more possible: zstd, brotli }: assert guileBindings -> guile != null; @@ -21,11 +22,11 @@ in stdenv.mkDerivation rec { pname = "gnutls"; - version = "3.7.3"; + version = "3.7.6"; src = fetchurl { url = "mirror://gnupg/gnutls/v${lib.versions.majorMinor version}/gnutls-${version}.tar.xz"; - sha256 = "16n4yvw3792gcdxkikjmhddr6cbs4wlk027zfxlhmchsqcxw8ngw"; + sha256 = "1zv2097v9f6f4c66q7yn3c6gggjk9jz38095ma7v3gs5lccmf1kp"; }; outputs = [ "bin" "dev" "out" "man" "devdoc" ]; @@ -35,6 +36,8 @@ stdenv.mkDerivation rec { patches = [ ./nix-ssl-cert-file.patch ] # Disable native add_system_trust. + # FIXME: apparently it's not enough to drop the framework anymore; maybe related to + # https://gitlab.com/gnutls/gnutls/-/commit/c19cb93d492e45141bfef9b926dfeba36003261c ++ lib.optional (isDarwin && !withSecurity) ./no-security-framework.patch; # Skip some tests: @@ -73,7 +76,6 @@ stdenv.mkDerivation rec { buildInputs = [ lzo lzip libtasn1 libidn2 zlib gmp libunistring unbound gettext libiconv ] ++ lib.optional (withP11-kit) p11-kit - ++ lib.optional (isDarwin && withSecurity) Security ++ lib.optional (tpmSupport && stdenv.isLinux) trousers ++ lib.optional guileBindings guile; @@ -81,7 +83,9 @@ stdenv.mkDerivation rec { ++ lib.optionals (isDarwin && !withSecurity) [ autoconf automake ] ++ lib.optionals doCheck [ which nettools util-linux ]; - propagatedBuildInputs = [ nettle ]; + propagatedBuildInputs = [ nettle ] + # Builds dynamically linking against gnutls seem to need the framework now. + ++ lib.optional (isDarwin && withSecurity) Security; inherit doCheck; # stdenv's `NIX_SSL_CERT_FILE=/no-cert-file.crt` breaks tests. diff --git a/pkgs/development/libraries/gobject-introspection/default.nix b/pkgs/development/libraries/gobject-introspection/default.nix index b457331983a..82be84e1f1d 100644 --- a/pkgs/development/libraries/gobject-introspection/default.nix +++ b/pkgs/development/libraries/gobject-introspection/default.nix @@ -17,6 +17,8 @@ , cairo , gnome , substituteAll +, buildPackages +, gobject-introspection-unwrapped , nixStoreDir ? builtins.storeDir , x11Support ? true }: @@ -67,7 +69,7 @@ stdenv.mkDerivation rec { docbook_xml_dtd_45 python3 setupHook # move .gir files - ]; + ] ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ gobject-introspection-unwrapped ]; buildInputs = [ python3 @@ -86,7 +88,11 @@ stdenv.mkDerivation rec { "--datadir=${placeholder "dev"}/share" "-Ddoctool=disabled" "-Dcairo=disabled" - "-Dgtk_doc=true" + "-Dgtk_doc=${lib.boolToString (stdenv.hostPlatform == stdenv.buildPlatform)}" + ] ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ + "-Dgi_cross_ldd_wrapper=${buildPackages.prelink}/bin/prelink-rtld" + "-Dgi_cross_use_prebuilt_gi=true" + "-Dgi_cross_binary_wrapper=${stdenv.hostPlatform.emulator buildPackages}" ]; doCheck = !stdenv.isAarch64; @@ -97,6 +103,10 @@ stdenv.mkDerivation rec { patchShebangs tools/* ''; + postInstall = lib.optionalString (stdenv.hostPlatform != stdenv.buildPlatform) '' + cp -r ${buildPackages.gobject-introspection-unwrapped.devdoc} $devdoc + ''; + preCheck = '' # Our gobject-introspection patches make the shared library paths absolute # in the GIR files. When running tests, the library is not yet installed, @@ -122,7 +132,7 @@ stdenv.mkDerivation rec { meta = with lib; { description = "A middleware layer between C libraries and language bindings"; homepage = "https://gi.readthedocs.io/"; - maintainers = teams.gnome.members ++ (with maintainers; [ lovek323 ]); + maintainers = teams.gnome.members ++ (with maintainers; [ lovek323 artturin ]); platforms = platforms.unix; license = with licenses; [ gpl2 lgpl2 ]; diff --git a/pkgs/development/libraries/gobject-introspection/wrapper.nix b/pkgs/development/libraries/gobject-introspection/wrapper.nix new file mode 100644 index 00000000000..44d31540e64 --- /dev/null +++ b/pkgs/development/libraries/gobject-introspection/wrapper.nix @@ -0,0 +1,29 @@ +{ lib +, stdenv +, buildPackages +, gobject-introspection-unwrapped +, targetPackages +}: + +# to build, run +# `nix build ".#pkgsCross.aarch64-multiplatform.buildPackages.gobject-introspection"` +gobject-introspection-unwrapped.overrideAttrs (_previousAttrs: { + pname = "gobject-introspection-wrapped"; + postFixup = '' + mv $dev/bin/g-ir-compiler $dev/bin/.g-ir-compiler-wrapped + mv $dev/bin/g-ir-scanner $dev/bin/.g-ir-scanner-wrapped + + ( + export bash="${buildPackages.bash}/bin/bash" + export emulator=${lib.escapeShellArg (stdenv.targetPlatform.emulator buildPackages)} + export buildprelink="${buildPackages.prelink}/bin/prelink-rtld" + + export targetgir="${lib.getDev targetPackages.gobject-introspection-unwrapped}" + + substituteAll "${./wrappers/g-ir-compiler.sh}" "$dev/bin/g-ir-compiler" + substituteAll "${./wrappers/g-ir-scanner.sh}" "$dev/bin/g-ir-scanner" + chmod +x "$dev/bin/g-ir-compiler" + chmod +x "$dev/bin/g-ir-scanner" + ) + ''; +}) diff --git a/pkgs/development/libraries/gobject-introspection/wrappers/g-ir-compiler.sh b/pkgs/development/libraries/gobject-introspection/wrappers/g-ir-compiler.sh new file mode 100644 index 00000000000..fde3dcfe0c0 --- /dev/null +++ b/pkgs/development/libraries/gobject-introspection/wrappers/g-ir-compiler.sh @@ -0,0 +1,4 @@ +#! @bash@ +# shellcheck shell=bash + +exec @emulator@ @targetgir@/bin/g-ir-compiler "$@" diff --git a/pkgs/development/libraries/gobject-introspection/wrappers/g-ir-scanner.sh b/pkgs/development/libraries/gobject-introspection/wrappers/g-ir-scanner.sh new file mode 100644 index 00000000000..0825f10e166 --- /dev/null +++ b/pkgs/development/libraries/gobject-introspection/wrappers/g-ir-scanner.sh @@ -0,0 +1,7 @@ +#! @bash@ +# shellcheck shell=bash + +exec @dev@/bin/.g-ir-scanner-wrapped \ + --use-binary-wrapper=@emulator@ \ + --use-ldd-wrapper=@buildprelink@ \ + "$@" diff --git a/pkgs/development/libraries/gumbo/default.nix b/pkgs/development/libraries/gumbo/default.nix index 0948b5d01fa..b8cfef1f324 100644 --- a/pkgs/development/libraries/gumbo/default.nix +++ b/pkgs/development/libraries/gumbo/default.nix @@ -11,8 +11,8 @@ stdenv.mkDerivation rec { sha256 = "0xslckwdh2i0g2qjsb6rnm8mjmbagvziz0hjlf7d1lbljfms1iw1"; }; - nativeBuildInputs = [ autoconf automake ]; - buildInputs = [ libtool ]; + strictDeps = true; + nativeBuildInputs = [ autoconf automake libtool ]; preConfigure = "./autogen.sh"; diff --git a/pkgs/development/libraries/libaom/default.nix b/pkgs/development/libraries/libaom/default.nix index 3a3866911b8..f6921091bea 100644 --- a/pkgs/development/libraries/libaom/default.nix +++ b/pkgs/development/libraries/libaom/default.nix @@ -1,4 +1,7 @@ -{ lib, stdenv, fetchzip, yasm, perl, cmake, pkg-config, python3 }: +{ lib, stdenv, fetchzip, yasm, perl, cmake, pkg-config, python3 +, enableButteraugli ? false, libjxl # Broken +, enableVmaf ? true, libvmaf +}: stdenv.mkDerivation rec { pname = "libaom"; @@ -16,6 +19,9 @@ stdenv.mkDerivation rec { yasm perl cmake pkg-config python3 ]; + propagatedBuildInputs = lib.optional enableButteraugli libjxl + ++ lib.optional enableVmaf libvmaf; + preConfigure = '' # build uses `git describe` to set the build version cat > $NIX_BUILD_TOP/git << "EOF" @@ -32,6 +38,10 @@ stdenv.mkDerivation rec { cmakeFlags = [ "-DBUILD_SHARED_LIBS=ON" "-DENABLE_TESTS=OFF" + ] ++ lib.optionals enableButteraugli [ + "-DCONFIG_TUNE_BUTTERAUGLI=1" + ] ++ lib.optionals enableVmaf [ + "-DCONFIG_TUNE_VMAF=1" ] ++ lib.optionals (stdenv.isDarwin && stdenv.isAarch64) [ # CPU detection isn't supported on Darwin and breaks the aarch64-darwin build: "-DCONFIG_RUNTIME_CPU_DETECT=0" @@ -58,7 +68,7 @@ stdenv.mkDerivation rec { ''; homepage = "https://aomedia.org/av1-features/get-started/"; changelog = "https://aomedia.googlesource.com/aom/+/refs/tags/v${version}/CHANGELOG"; - maintainers = with maintainers; [ primeos kiloreux ]; + maintainers = with maintainers; [ primeos kiloreux dandellion ]; platforms = platforms.all; license = licenses.bsd2; }; diff --git a/pkgs/development/libraries/libdrm/default.nix b/pkgs/development/libraries/libdrm/default.nix index e08a4673248..90963cf516b 100644 --- a/pkgs/development/libraries/libdrm/default.nix +++ b/pkgs/development/libraries/libdrm/default.nix @@ -5,11 +5,11 @@ stdenv.mkDerivation rec { pname = "libdrm"; - version = "2.4.110"; + version = "2.4.111"; src = fetchurl { url = "https://dri.freedesktop.org/${pname}/${pname}-${version}.tar.xz"; - sha256 = "0dwpry9m5l27dlhq48j4bsiqwm0247cxdqwv3b7ddmkynk2f9kpf"; + sha256 = "1adjg96mz0ghjzsgp9hrdr622shrvqmjcz5sxksfcka2fx7idmqs"; }; outputs = [ "out" "dev" "bin" ]; diff --git a/pkgs/development/libraries/libffi/default.nix b/pkgs/development/libraries/libffi/default.nix index 0971091d8a1..4c3e00150ab 100644 --- a/pkgs/development/libraries/libffi/default.nix +++ b/pkgs/development/libraries/libffi/default.nix @@ -29,6 +29,8 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; + configurePlatforms = [ "build" "host" ]; + configureFlags = [ "--with-gcc-arch=generic" # no detection of -march= or -mtune= "--enable-pax_emutramp" diff --git a/pkgs/development/libraries/libidn2/default.nix b/pkgs/development/libraries/libidn2/default.nix index 02809486863..724778999f5 100644 --- a/pkgs/development/libraries/libidn2/default.nix +++ b/pkgs/development/libraries/libidn2/default.nix @@ -17,6 +17,7 @@ stdenv.mkDerivation rec { }; strictDeps = true; + # Beware: non-bootstrap libidn2 is overridden by ./hack.nix outputs = [ "bin" "dev" "out" "info" "devdoc" ]; patches = optional stdenv.isDarwin ./fix-error-darwin.patch; diff --git a/pkgs/development/libraries/libidn2/no-bootstrap-reference.nix b/pkgs/development/libraries/libidn2/no-bootstrap-reference.nix new file mode 100644 index 00000000000..e5922073437 --- /dev/null +++ b/pkgs/development/libraries/libidn2/no-bootstrap-reference.nix @@ -0,0 +1,30 @@ +{ stdenv, lib, libidn2, libunistring, runCommandLocal, patchelf }: +# Construct a copy of libidn2.* where all (transitive) libc references (in .bin) +# get replaced by a new one, so that there's no reference to bootstrap tools. +runCommandLocal + "${libidn2.pname}-${libidn2.version}" + { + outputs = [ "bin" "dev" "out" ]; + passthru = { + inherit (libidn2) out info devdoc; # no need to touch these store paths + }; + } + '' + cp -r '${libidn2.bin}' "$bin" + chmod +w "$bin"/bin/* + patchelf \ + --set-interpreter '${stdenv.cc.bintools.dynamicLinker}' \ + --set-rpath '${lib.concatMapStringsSep ":" (p: lib.getLib p + "/lib") + [ stdenv.cc.libc libunistring libidn2 ]}' \ + "$bin"/bin/* + + cp -r '${libidn2.dev}' "$dev" + chmod +w "$dev"/nix-support/propagated-build-inputs + substituteInPlace "$dev"/nix-support/propagated-build-inputs \ + --replace '${libidn2.bin}' "$bin" + substituteInPlace "$dev"/lib/pkgconfig/libidn2.pc \ + --replace '${libidn2.dev}' "$dev" + + ln -s '${libidn2.out}' "$out" # it's hard to be without any $out + '' + diff --git a/pkgs/development/libraries/libinput/default.nix b/pkgs/development/libraries/libinput/default.nix index 9cc8395b9c2..38deb7fbcc0 100644 --- a/pkgs/development/libraries/libinput/default.nix +++ b/pkgs/development/libraries/libinput/default.nix @@ -45,7 +45,7 @@ in stdenv.mkDerivation rec { pname = "libinput"; - version = "1.20.1"; + version = "1.21.0"; outputs = [ "bin" "out" "dev" ]; @@ -54,7 +54,7 @@ stdenv.mkDerivation rec { owner = "libinput"; repo = "libinput"; rev = version; - sha256 = "eujnabUaeNEJC/tPPhwcNS9sqDIorF52RjfqKBotbmc="; + sha256 = "R94BdrjI4szNbVtQ+ydRNUg9clR8mkRL7+GE9b2FcDs="; }; patches = [ diff --git a/pkgs/development/libraries/libipt/default.nix b/pkgs/development/libraries/libipt/default.nix index 15a677b3188..2cef20fdcbd 100644 --- a/pkgs/development/libraries/libipt/default.nix +++ b/pkgs/development/libraries/libipt/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "libipt"; - version = "2.0.4"; + version = "2.0.5"; src = fetchFromGitHub { owner = "intel"; repo = "libipt"; rev = "v${version}"; - sha256 = "sha256-KhRmRoIHvpx5rV7roCnUH+a7JtPb6UqD41Wi4wHSR1c="; + sha256 = "sha256-W7Hvc2zkmR6FdPGsymWXtm66BiHLcW9r7mywHjabeLc="; }; nativeBuildInputs = [ cmake ]; diff --git a/pkgs/development/libraries/libjxl/default.nix b/pkgs/development/libraries/libjxl/default.nix index 049d79c7025..2017fc66d70 100644 --- a/pkgs/development/libraries/libjxl/default.nix +++ b/pkgs/development/libraries/libjxl/default.nix @@ -1,10 +1,7 @@ { stdenv, lib, fetchFromGitHub , fetchpatch -, asciidoc , brotli , cmake -, graphviz -, doxygen , giflib , gperftools , gtest @@ -14,8 +11,12 @@ , libwebp , openexr , pkg-config -, python3 , zlib +, buildDocs ? true +, asciidoc +, graphviz +, doxygen +, python3 }: stdenv.mkDerivation rec { @@ -50,13 +51,14 @@ stdenv.mkDerivation rec { ]; nativeBuildInputs = [ - asciidoc # for docs cmake - graphviz # for docs via doxygen component `dot` - doxygen # for docs gtest pkg-config - python3 # for docs + ] ++ lib.optionals buildDocs [ + asciidoc + graphviz + doxygen + python3 ]; # Functionality not currently provided by this package @@ -76,10 +78,8 @@ stdenv.mkDerivation rec { # conclusively in its README or otherwise; they can best be determined # by checking the CMake output for "Could NOT find". buildInputs = [ - brotli giflib gperftools # provides `libtcmalloc` - libhwy libjpeg libpng libwebp @@ -87,6 +87,11 @@ stdenv.mkDerivation rec { zlib ]; + propagatedBuildInputs = [ + brotli + libhwy + ]; + cmakeFlags = [ # For C dependencies like brotli, which are dynamically linked, # we want to use the system libraries, so that we don't have to care about diff --git a/pkgs/development/libraries/libnetfilter_cthelper/default.nix b/pkgs/development/libraries/libnetfilter_cthelper/default.nix index 294f776192d..5d221bed34a 100644 --- a/pkgs/development/libraries/libnetfilter_cthelper/default.nix +++ b/pkgs/development/libraries/libnetfilter_cthelper/default.nix @@ -2,13 +2,15 @@ stdenv.mkDerivation rec { pname = "libnetfilter_cthelper"; - version = "1.0.0"; + version = "1.0.1"; src = fetchurl { url = "https://netfilter.org/projects/libnetfilter_cthelper/files/${pname}-${version}.tar.bz2"; - sha256 = "07618e71c4d9a6b6b3dc1986540486ee310a9838ba754926c7d14a17d8fccf3d"; + sha256 = "sha256-FAc9VIcjOJc1XT/wTdwcjQPMW6jSNWI2qogWGp8tyRI="; }; + outputs = [ "out" "dev" ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ libmnl ]; diff --git a/pkgs/development/libraries/libnetfilter_cttimeout/default.nix b/pkgs/development/libraries/libnetfilter_cttimeout/default.nix index a8d0c2680df..d4b53a18187 100644 --- a/pkgs/development/libraries/libnetfilter_cttimeout/default.nix +++ b/pkgs/development/libraries/libnetfilter_cttimeout/default.nix @@ -2,13 +2,15 @@ stdenv.mkDerivation rec { pname = "libnetfilter_cttimeout"; - version = "1.0.0"; + version = "1.0.1"; src = fetchurl { url = "https://netfilter.org/projects/libnetfilter_cttimeout/files/${pname}-${version}.tar.bz2"; - sha256 = "aeab12754f557cba3ce2950a2029963d817490df7edb49880008b34d7ff8feba"; + sha256 = "sha256-C1naLzIE4cgMuF0fbXIoX8B7AaL1Z4q/Xcz7vv1lAyU="; }; + outputs = [ "out" "dev" ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ libmnl ]; diff --git a/pkgs/development/libraries/librsvg/default.nix b/pkgs/development/libraries/librsvg/default.nix index fe097b6c667..91e0033cd27 100644 --- a/pkgs/development/libraries/librsvg/default.nix +++ b/pkgs/development/libraries/librsvg/default.nix @@ -27,7 +27,7 @@ stdenv.mkDerivation rec { pname = "librsvg"; - version = "2.54.3"; + version = "2.54.4"; outputs = [ "out" "dev" "installedTests" ] ++ lib.optionals withIntrospection [ "devdoc" @@ -35,7 +35,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "mirror://gnome/sources/${pname}/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz"; - sha256 = "ZhWPLvRt3iYAJoRsTaEC5KndTlKTAQ8wlJxswm3W7+g="; + sha256 = "6hUqJD9qQ8DgNqKMcN4/y83qVmTGgRx4WSvCKezCSDM="; }; cargoVendorDir = "vendor"; diff --git a/pkgs/development/libraries/libseccomp/default.nix b/pkgs/development/libraries/libseccomp/default.nix index fbc8a026af5..7cea80696a9 100644 --- a/pkgs/development/libraries/libseccomp/default.nix +++ b/pkgs/development/libraries/libseccomp/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "libseccomp"; - version = "2.5.3"; + version = "2.5.4"; src = fetchurl { url = "https://github.com/seccomp/libseccomp/releases/download/v${version}/libseccomp-${version}.tar.gz"; - sha256 = "sha256-WQZchzM2RyXpchukjDqZu8Uq+SHa9I30seAS+8exCnY="; + sha256 = "sha256-2CkCQAQFzwBoV07z3B/l9ZJiB1Q7oa5vjnoVdjUdy9s="; }; outputs = [ "out" "lib" "dev" "man" "pythonsrc" ]; diff --git a/pkgs/development/libraries/libtiff/default.nix b/pkgs/development/libraries/libtiff/default.nix index 410447a7832..4c7ea02d8aa 100644 --- a/pkgs/development/libraries/libtiff/default.nix +++ b/pkgs/development/libraries/libtiff/default.nix @@ -25,11 +25,11 @@ stdenv.mkDerivation rec { pname = "libtiff"; - version = "4.3.0"; + version = "4.4.0"; src = fetchurl { url = "https://download.osgeo.org/libtiff/tiff-${version}.tar.gz"; - sha256 = "1j3snghqjbhwmnm5vz3dr1zm68dj15mgbx1wqld7vkl7n2nfaihf"; + sha256 = "1vdbk3sc497c58kxmp02irl6nqkfm9rjs3br7g59m59qfnrj6wli"; }; patches = [ @@ -38,61 +38,6 @@ stdenv.mkDerivation rec { # libc++abi 11 has an `#include `, this picks up files name # `version` in the project's include paths ./rename-version.patch - (fetchpatch { - name = "CVE-2022-22844.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/03047a26952a82daaa0792957ce211e0aa51bc64.patch"; - sha256 = "0cfih55f5qpc84mvlwsffik80bgz6drkflkhrdyqq8m84jw3mbwb"; - }) - (fetchpatch { - name = "CVE-2022-0561.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef.patch"; - sha256 = "0m57fdxyvhhr9cc260lvkkn2g4zr4n4v9nricc6lf9h6diagd7mk"; - }) - (fetchpatch { - name = "CVE-2022-0562.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b.patch"; - sha256 = "0ycirjjc1vigj03kwjb92n6jszsl9p17ccw5hry7lli9gxyyr0an"; - }) - (fetchpatch { - name = "CVE-2022-0891.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/46dc8fcd4d38c3b6f35ab28e532aee80e6f609d6.patch"; - sha256 = "1zn2pgsmbrjx3g2bpdggvwwbp6i348mikwlx4ws482h2379vmyj1"; - }) - (fetchpatch { - name = "CVE-2022-0865.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/5e18004500cda10d9074bdb6166b054e95b659ed.patch"; - sha256 = "131b9ial6avl2agwk31wp2jkrx59955f4r0dikx1jdaywqb7zhd1"; - }) - (fetchpatch { - name = "CVE-2022-0924.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/408976c44ef0aad975e0d1b6c6dc80d60f9dc665.patch"; - sha256 = "1aqaynp74ijxr3rizvbyz23ncs71pbbcw5src1zv46473sy55s8p"; - }) - (fetchpatch { - name = "CVE-2022-0907.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/f2b656e2e64adde07a6cffd5c8e96bd81a850fea.patch"; - sha256 = "0nsplq671qx0f35qww9mx27raqp3nvslz8iv7f3hxdgldylmh2vs"; - }) - (fetchpatch { - name = "CVE-2022-0909.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/f8d0f9aa1ba04c9ae3bfe869a18141a8b8117ad7.patch"; - sha256 = "1plhk6ildl16bp0k3wvzfd4a97hqfqfbbn7vjinsaasf4v0x3q5j"; - }) - (fetchpatch { - name = "CVE-2022-0908.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/a95b799f65064e4ba2e2dfc206808f86faf93e85.patch"; - sha256 = "0i61kkjaixdn2p933lpma9s6i0772vhxjxxcwyqagw96lmszrcm7"; - }) - (fetchpatch { - name = "CVE-2022-1354.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/87f580f39011109b3bb5f6eca13fac543a542798.patch"; - sha256 = "0171c662xiv3295x4wsq6qq0v90js51j54vsl7wm043kjkrp1fsb"; - }) - (fetchpatch { - name = "CVE-2022-1355.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/c1ae29f9ebacd29b7c3e0c7db671af7db3584bc2.patch"; - sha256 = "1y75c72s41pl39d5zr5pmkiyfrancllv8fbl10zvc67pg3qjq4v8"; - }) ]; postPatch = '' diff --git a/pkgs/development/libraries/libxkbcommon/default.nix b/pkgs/development/libraries/libxkbcommon/default.nix index 5c632009bee..ca7feb996f7 100644 --- a/pkgs/development/libraries/libxkbcommon/default.nix +++ b/pkgs/development/libraries/libxkbcommon/default.nix @@ -21,11 +21,11 @@ stdenv.mkDerivation rec { pname = "libxkbcommon"; - version = "1.4.0"; + version = "1.4.1"; src = fetchurl { url = "https://xkbcommon.org/download/${pname}-${version}.tar.xz"; - sha256 = "0ca00awfzvxiznvd4mgwgxyqxiwvi07j5xxmg5z0l47rcd9fqv0h"; + sha256 = "0fbb2dyjvf71p42y2jmwdcylsvj03w52f5rb23c2d00rwahhfg4l"; }; outputs = [ "out" "dev" "doc" ]; diff --git a/pkgs/development/libraries/oniguruma/default.nix b/pkgs/development/libraries/oniguruma/default.nix index e50750d58ec..bc084829e7b 100644 --- a/pkgs/development/libraries/oniguruma/default.nix +++ b/pkgs/development/libraries/oniguruma/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "onig"; - version = "6.9.7.1"; + version = "6.9.8"; src = fetchFromGitHub { owner = "kkos"; repo = "oniguruma"; rev = "v${version}"; - sha256 = "sha256-IBWxmzmVdKTkHbfy7V8ejpeIdfOU/adGwpUTCMdLU3w="; + sha256 = "sha256-8aFZdhh6ovLCR0A17rvWq/Oif66rSMnHcCYHjClNElw="; }; nativeBuildInputs = [ autoreconfHook ]; diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix index 39d5ace0d91..8f586a033ae 100644 --- a/pkgs/development/libraries/openssl/default.nix +++ b/pkgs/development/libraries/openssl/default.nix @@ -186,8 +186,8 @@ in { openssl_1_1 = common rec { - version = "1.1.1o"; - sha256 = "sha256-k4SisFcN2ANYhBRkZ3EV33he25QccSEfdQdtcv5rQ48="; + version = "1.1.1p"; + sha256 = "sha256-v2G2Kqpmx8djmUKpTeTJroKAwI8X1OrC5EZE2fyKzm8="; patches = [ ./1.1/nix-ssl-cert-file.patch @@ -201,8 +201,8 @@ in { }; openssl_3 = common { - version = "3.0.3"; - sha256 = "sha256-7gB4rc7x3l8APGLIDMllJ3IWCcbzu0K3eV3zH4tVjAs="; + version = "3.0.4"; + sha256 = "sha256-KDGEPppmigq0eOcCCtY9LWXlH3KXdHLcc+/O+6/AwA8="; patches = [ ./3.0/nix-ssl-cert-file.patch diff --git a/pkgs/development/libraries/p11-kit/default.nix b/pkgs/development/libraries/p11-kit/default.nix index df6e364d2e9..fee4a2e8259 100644 --- a/pkgs/development/libraries/p11-kit/default.nix +++ b/pkgs/development/libraries/p11-kit/default.nix @@ -59,9 +59,10 @@ stdenv.mkDerivation rec { "--sysconfdir=/etc" "--localstatedir=/var" "--with-trust-paths=${lib.concatStringsSep ":" [ - "/etc/ssl/trust-source" # p11-kit trust source - "/etc/ssl/certs/ca-certificates.crt" # NixOS + Debian/Ubuntu/Arch/Gentoo... - "/etc/pki/tls/certs/ca-bundle.crt" # Fedora/CentOS + "/etc/ssl/trust-source" # p11-kit trust source + "/etc/ssl/certs/ca-certificates.crt" # NixOS + Debian/Ubuntu/Arch/Gentoo... + "/etc/pki/tls/certs/ca-bundle.crt" # Fedora/CentOS + "/var/lib/ca-certificates/ca-bundle.pem" # openSUSE ]}" ]; diff --git a/pkgs/development/python-modules/aws-sam-translator/default.nix b/pkgs/development/python-modules/aws-sam-translator/default.nix index ca01e35a3c5..1f0a38584d5 100644 --- a/pkgs/development/python-modules/aws-sam-translator/default.nix +++ b/pkgs/development/python-modules/aws-sam-translator/default.nix @@ -5,6 +5,7 @@ , jsonschema , mock , parameterized +, pytest-env , pytestCheckHook , pythonOlder , pyyaml @@ -13,7 +14,7 @@ buildPythonPackage rec { pname = "aws-sam-translator"; - version = "1.42.0"; + version = "1.46.0"; format = "setuptools"; disabled = pythonOlder "3.6"; @@ -22,7 +23,7 @@ buildPythonPackage rec { owner = "aws"; repo = "serverless-application-model"; rev = "v${version}"; - sha256 = "sha256-pjcRsmxPL4lbgDopW+wKQRkRcqebLPTd95JTL8PiWtc="; + sha256 = "sha256-SLGxpRbTuK+Lxww45dfHIMwwxV5vhlnYyG4WqG45aNg="; }; propagatedBuildInputs = [ @@ -41,6 +42,7 @@ buildPythonPackage rec { checkInputs = [ mock parameterized + pytest-env pytestCheckHook pyyaml ]; diff --git a/pkgs/development/python-modules/bottle/default.nix b/pkgs/development/python-modules/bottle/default.nix index eeaf34a44eb..6532312ab71 100644 --- a/pkgs/development/python-modules/bottle/default.nix +++ b/pkgs/development/python-modules/bottle/default.nix @@ -1,21 +1,38 @@ -{ lib, buildPythonPackage, fetchPypi, setuptools }: +{ lib +, buildPythonPackage +, fetchPypi +, pytestCheckHook +}: buildPythonPackage rec { pname = "bottle"; - version = "0.12.19"; + version = "0.12.21"; + + format = "setuptools"; src = fetchPypi { inherit pname version; - sha256 = "a9d73ffcbc6a1345ca2d7949638db46349f5b2b77dac65d6494d45c23628da2c"; + sha256 = "787c61b6cc02b9c229bf2663011fac53dd8fc197f7f8ad2eeede29d888d7887e"; }; - propagatedBuildInputs = [ setuptools ]; + checkInputs = [ + pytestCheckHook + ]; + + preCheck = '' + cd test + ''; + + disabledTests = [ + "test_delete_cookie" + "test_error" + "test_error_in_generator_callback" + ]; meta = with lib; { - homepage = "http://bottlepy.org"; + homepage = "https://bottlepy.org/"; description = "A fast and simple micro-framework for small web-applications"; license = licenses.mit; - platforms = platforms.all; maintainers = with maintainers; [ koral ]; }; } diff --git a/pkgs/development/python-modules/hatchling/default.nix b/pkgs/development/python-modules/hatchling/default.nix index 6385b32a48c..d2d212f5417 100644 --- a/pkgs/development/python-modules/hatchling/default.nix +++ b/pkgs/development/python-modules/hatchling/default.nix @@ -15,13 +15,12 @@ , build , python , requests -, toml , virtualenv }: let pname = "hatchling"; - version = "0.25.0"; + version = "1.0.0"; in buildPythonPackage { inherit pname version; @@ -29,7 +28,7 @@ buildPythonPackage { src = fetchPypi { inherit pname version; - hash = "sha256-k/bjZvGaOjZshVr6w3Jb7XaC1dAOlIaraFQKCth2ZII="; + sha256 = "d235a5fa8aff89e8d9d6d4033594aa4c3bc00ec5e31d3e80c153bfcf951b4f98"; }; # listed in backend/src/hatchling/ouroboros.py @@ -38,9 +37,10 @@ buildPythonPackage { packaging pathspec pluggy - tomli ] ++ lib.optionals (pythonOlder "3.8") [ importlib-metadata + ] ++ lib.optionals (pythonOlder "3.11") [ + tomli ]; pythonImportsCheck = [ @@ -56,7 +56,6 @@ buildPythonPackage { build packaging requests - toml virtualenv ]; @@ -72,7 +71,7 @@ buildPythonPackage { meta = with lib; { description = "Modern, extensible Python build backend"; - homepage = "https://ofek.dev/hatch/latest/"; + homepage = "https://hatch.pypa.io/latest/"; license = licenses.mit; maintainers = with maintainers; [ hexa ofek ]; }; diff --git a/pkgs/development/python-modules/ipython/default.nix b/pkgs/development/python-modules/ipython/default.nix index 0a39950689d..b5e99fe4a7d 100644 --- a/pkgs/development/python-modules/ipython/default.nix +++ b/pkgs/development/python-modules/ipython/default.nix @@ -5,7 +5,7 @@ , pythonOlder # Build dependencies -, glibcLocales +, setuptools # Runtime dependencies , appnope @@ -27,17 +27,17 @@ buildPythonPackage rec { pname = "ipython"; - version = "8.2.0"; + version = "8.4.0"; format = "pyproject"; disabled = pythonOlder "3.8"; src = fetchPypi { inherit pname version; - sha256 = "sha256-cOXrEyysWUo0tfeZvSUliQCZBfBRBHKK6mpAPsJRncE="; + sha256 = "f2db3a10254241d9b447232cec8b424847f338d9d36f9a577a6192c332a46abd"; }; - buildInputs = [ - glibcLocales + nativeBuildInputs = [ + setuptools ]; propagatedBuildInputs = [ @@ -55,8 +55,6 @@ buildPythonPackage rec { appnope ]; - LC_ALL="en_US.UTF-8"; - pythonImportsCheck = [ "IPython" ]; @@ -74,7 +72,10 @@ buildPythonPackage rec { testpath ]; - disabledTests = lib.optionals (stdenv.isDarwin) [ + disabledTests = [ + # UnboundLocalError: local variable 'child' referenced before assignment + "test_system_interrupt" + ] ++ lib.optionals (stdenv.isDarwin) [ # FileNotFoundError: [Errno 2] No such file or directory: 'pbpaste' "test_clipboard_get" ]; @@ -82,6 +83,7 @@ buildPythonPackage rec { meta = with lib; { description = "IPython: Productive Interactive Computing"; homepage = "https://ipython.org/"; + changelog = "https://github.com/ipython/ipython/blob/${version}/docs/source/whatsnew/version${lib.versions.major version}.rst"; license = licenses.bsd3; maintainers = with maintainers; [ bjornfor fridh ]; }; diff --git a/pkgs/development/python-modules/pillow/default.nix b/pkgs/development/python-modules/pillow/default.nix index e482cd75e1a..a061f53b6ca 100644 --- a/pkgs/development/python-modules/pillow/default.nix +++ b/pkgs/development/python-modules/pillow/default.nix @@ -1,5 +1,6 @@ { lib , stdenv +, fetchpatch , buildPythonPackage , pythonOlder , fetchPypi @@ -22,6 +23,14 @@ import ./generic.nix (rec { sha256 = "sha256-dQJTmTm1PXVl89Edh8eOfskA08cpRdTuDi8lDVmDCaA="; }; + patches = [ + # Fix failing test with libtiff 4.4.0 + (fetchpatch { + url = "https://github.com/python-pillow/Pillow/commit/40a918d274182b7d7c063d7797fb77d967982c4a.patch"; + sha256 = "sha256-f8m3Xt3V3pHggK1JEc2tnPmrTVPFjfV4YJqwE1KM1pA="; + }) + ]; + passthru.tests = { inherit imageio matplotlib pilkit pydicom reportlab; }; diff --git a/pkgs/development/python-modules/pillow/generic.nix b/pkgs/development/python-modules/pillow/generic.nix index 97c67fd5fa4..ec4f0526382 100644 --- a/pkgs/development/python-modules/pillow/generic.nix +++ b/pkgs/development/python-modules/pillow/generic.nix @@ -2,6 +2,7 @@ , version , disabled , src +, patches ? [] , meta , passthru ? {} , ... @@ -10,7 +11,7 @@ with args; buildPythonPackage rec { - inherit pname version src meta passthru; + inherit pname version src meta passthru patches; # Disable imagefont tests, because they don't work well with infinality: # https://github.com/python-pillow/Pillow/issues/1259 diff --git a/pkgs/development/python-modules/pip/default.nix b/pkgs/development/python-modules/pip/default.nix index 239c91fb88a..9956b6038d1 100644 --- a/pkgs/development/python-modules/pip/default.nix +++ b/pkgs/development/python-modules/pip/default.nix @@ -14,14 +14,14 @@ buildPythonPackage rec { pname = "pip"; - version = "22.0.4"; + version = "22.1.2"; format = "other"; src = fetchFromGitHub { owner = "pypa"; repo = pname; rev = version; - sha256 = "sha256-gtDaopeFVpVFXpBtHDzBuZuXUrJciSSIppYXBx1anu4="; + sha256 = "sha256-Id/oz0e59WWpafR1cIYIogvOgxKGKVqrwNON32BU9zU="; name = "${pname}-${version}-source"; }; diff --git a/pkgs/development/python-modules/pysigma-backend-insightidr/default.nix b/pkgs/development/python-modules/pysigma-backend-insightidr/default.nix index b9d82584a50..50b1e40852a 100644 --- a/pkgs/development/python-modules/pysigma-backend-insightidr/default.nix +++ b/pkgs/development/python-modules/pysigma-backend-insightidr/default.nix @@ -5,6 +5,7 @@ , pysigma , pytestCheckHook , pythonOlder +, pythonRelaxDepsHook }: buildPythonPackage rec { @@ -23,12 +24,17 @@ buildPythonPackage rec { nativeBuildInputs = [ poetry-core + pythonRelaxDepsHook ]; propagatedBuildInputs = [ pysigma ]; + pythonRelaxDeps = [ + "pysigma" + ]; + checkInputs = [ pytestCheckHook ]; diff --git a/pkgs/development/python-modules/requests/default.nix b/pkgs/development/python-modules/requests/default.nix index be996151f98..b87be59bad8 100644 --- a/pkgs/development/python-modules/requests/default.nix +++ b/pkgs/development/python-modules/requests/default.nix @@ -1,7 +1,5 @@ { lib , stdenv -, pythonOlder -, brotli , brotlicffi , buildPythonPackage , certifi @@ -9,24 +7,22 @@ , charset-normalizer , fetchPypi , idna -, isPy27 -, isPy3k , pysocks , pytest-mock , pytest-xdist , pytestCheckHook +, pythonOlder , urllib3 }: buildPythonPackage rec { pname = "requests"; - version = "2.27.1"; - + version = "2.28.0"; disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - hash = "sha256-aNfFb9WomZiHco7zBKbRLtx7508c+kdxT8i0FFJcmmE="; + hash = "sha256-1WhyOn69JYddjR6vXfoGjNL8gZSy5IPXsffIGRjb7Gs="; }; patches = [ @@ -59,9 +55,6 @@ buildPythonPackage rec { ] ++ passthru.optional-dependencies.socks; - # AttributeError: 'KeywordMapping' object has no attribute 'get' - doCheck = !isPy27; - disabledTests = [ # Disable tests that require network access and use httpbin "requests.api.request" diff --git a/pkgs/development/python-modules/setuptools/default.nix b/pkgs/development/python-modules/setuptools/default.nix index 1d9592022d1..772d9c79c2b 100644 --- a/pkgs/development/python-modules/setuptools/default.nix +++ b/pkgs/development/python-modules/setuptools/default.nix @@ -1,6 +1,7 @@ { stdenv , buildPythonPackage , fetchFromGitHub +, fetchpatch , python , bootstrapped-pip , lib @@ -27,6 +28,14 @@ let patches = [ ./tag-date.patch ./setuptools-distutils-C++.patch + # Use sysconfigdata to find headers. Fixes cross-compilation of extension modules. + # https://github.com/pypa/distutils/pull/145 + (fetchpatch { + url = "https://github.com/pypa/distutils/commit/aed7294b7b0c228cc0666a8b04f2959bf310ab57.patch"; + hash = "sha256-/9+TKv0nllBfnj48zcXLrOgyBj52dBIVbrpnIaQ4O84="; + stripLen = 2; + extraPrefix = "setuptools/_distutils/"; + }) ]; buildPhase = '' diff --git a/pkgs/development/python-modules/sphinx/default.nix b/pkgs/development/python-modules/sphinx/default.nix index 753b3b6c377..40f17f10cfc 100644 --- a/pkgs/development/python-modules/sphinx/default.nix +++ b/pkgs/development/python-modules/sphinx/default.nix @@ -52,7 +52,7 @@ buildPythonPackage rec { substituteInPlace setup.py \ --replace "docutils>=0.14,<0.18" "docutils>=0.14" - # remove impurity caused by date inclusion + # remove impurity caused by date inclusion # https://github.com/sphinx-doc/sphinx/blob/master/setup.cfg#L4-L6 substituteInPlace setup.cfg \ --replace "tag_build = .dev" "" \ diff --git a/pkgs/development/python-modules/uharfbuzz/default.nix b/pkgs/development/python-modules/uharfbuzz/default.nix index f545acb9761..ac0fd9fb66b 100644 --- a/pkgs/development/python-modules/uharfbuzz/default.nix +++ b/pkgs/development/python-modules/uharfbuzz/default.nix @@ -6,6 +6,7 @@ , cython , setuptools-scm , pytestCheckHook +, ApplicationServices }: buildPythonPackage rec { @@ -31,6 +32,8 @@ buildPythonPackage rec { setuptools-scm ]; + buildInputs = lib.optionals stdenv.isDarwin [ ApplicationServices ]; + checkInputs = [ pytestCheckHook ]; @@ -42,6 +45,5 @@ buildPythonPackage rec { homepage = "https://github.com/harfbuzz/uharfbuzz"; license = licenses.asl20; maintainers = with maintainers; [ wolfangaukang ]; - broken = stdenv.isDarwin; }; } diff --git a/pkgs/development/tools/analysis/valgrind/default.nix b/pkgs/development/tools/analysis/valgrind/default.nix index 6f631045f00..e602339303f 100644 --- a/pkgs/development/tools/analysis/valgrind/default.nix +++ b/pkgs/development/tools/analysis/valgrind/default.nix @@ -20,6 +20,20 @@ stdenv.mkDerivation rec { url = "https://bugsfiles.kde.org/attachment.cgi?id=148912"; sha256 = "Za+7K93pgnuEUQ+jDItEzWlN0izhbynX2crSOXBBY/I="; }) + # Fix build on armv7l. + # https://bugs.kde.org/show_bug.cgi?id=454346 + (fetchpatch { + url = "https://bugsfiles.kde.org/attachment.cgi?id=149172"; + sha256 = "sha256-4MASLsEK8wcshboR4YOc6mIt7AvAgDPvqIZyHqlvTEs="; + }) + (fetchpatch { + url = "https://bugsfiles.kde.org/attachment.cgi?id=149173"; + sha256 = "sha256-jX9hD4utWRebbXMJYZ5mu9jecvdrNP05E5J+PnKRTyQ="; + }) + (fetchpatch { + url = "https://bugsfiles.kde.org/attachment.cgi?id=149174"; + sha256 = "sha256-f1YIFIhWhXYVw3/UNEWewDak2mvbAd3aGzK4B+wTlys="; + }) ]; outputs = [ "out" "dev" "man" "doc" ]; diff --git a/pkgs/development/tools/aws-sam-cli/default.nix b/pkgs/development/tools/aws-sam-cli/default.nix index c4fdb203c34..af2685681f1 100644 --- a/pkgs/development/tools/aws-sam-cli/default.nix +++ b/pkgs/development/tools/aws-sam-cli/default.nix @@ -5,11 +5,11 @@ python3.pkgs.buildPythonApplication rec { pname = "aws-sam-cli"; - version = "1.37.0"; + version = "1.52.0"; src = python3.pkgs.fetchPypi { inherit pname version; - hash = "sha256-XE3g2mKwAiaJvi0ShVScnCKrmz7ujaQgOeFXuYwtP4g="; + hash = "sha256-ldr0X+I5+Nfb+WBDOe0m202WOuccGUI5HFL3fpbBNPo="; }; propagatedBuildInputs = with python3.pkgs; [ @@ -36,15 +36,23 @@ python3.pkgs.buildPythonApplication rec { wrapProgram $out/bin/sam --set SAM_CLI_TELEMETRY 0 ''; + patches = [ + # Click 8.1 removed `get_terminal_size`, recommending + # `shutil.get_terminal_size` instead. + # (https://github.com/pallets/click/pull/2130) + ./support-click-8-1.patch + ]; + # fix over-restrictive version bounds postPatch = '' substituteInPlace requirements/base.txt \ --replace "aws_lambda_builders==" "aws-lambda-builders #" \ - --replace "click~=7.1" "click~=8.0" \ + --replace "click~=7.1" "click~=8.1" \ --replace "dateparser~=1.0" "dateparser>=0.7" \ --replace "docker~=4.2.0" "docker>=4.2.0" \ --replace "Flask~=1.1.2" "Flask~=2.0" \ --replace "jmespath~=0.10.0" "jmespath" \ + --replace "MarkupSafe==2.0.1" "MarkupSafe #" \ --replace "PyYAML~=5.3" "PyYAML #" \ --replace "regex==" "regex #" \ --replace "requests==" "requests #" \ diff --git a/pkgs/development/tools/aws-sam-cli/support-click-8-1.patch b/pkgs/development/tools/aws-sam-cli/support-click-8-1.patch new file mode 100644 index 00000000000..dc7af080ac6 --- /dev/null +++ b/pkgs/development/tools/aws-sam-cli/support-click-8-1.patch @@ -0,0 +1,21 @@ +diff --git a/samcli/commands/_utils/table_print.py b/samcli/commands/_utils/table_print.py +index de63af29..a9d0f2fe 100644 +--- a/samcli/commands/_utils/table_print.py ++++ b/samcli/commands/_utils/table_print.py +@@ -7,6 +7,7 @@ from functools import wraps + from typing import Sized + + import click ++import shutil + + MIN_OFFSET = 20 + +@@ -30,7 +31,7 @@ def pprint_column_names( + + def pprint_wrap(func): + # Calculate terminal width, number of columns in the table +- width, _ = click.get_terminal_size() ++ width, _ = shutil.get_terminal_size() + # For UX purposes, set a minimum width for the table to be usable + # and usable_width keeps margins in mind. + width = max(width, min_width) diff --git a/pkgs/development/tools/build-managers/meson/emulator-hook.sh b/pkgs/development/tools/build-managers/meson/emulator-hook.sh new file mode 100644 index 00000000000..4f08087cf5f --- /dev/null +++ b/pkgs/development/tools/build-managers/meson/emulator-hook.sh @@ -0,0 +1,5 @@ +add_meson_exe_wrapper_cross_flag() { + mesonFlagsArray+=(--cross-file=@crossFile@) +} + +preConfigureHooks+=(add_meson_exe_wrapper_cross_flag) diff --git a/pkgs/development/tools/misc/autoconf/2.64.nix b/pkgs/development/tools/misc/autoconf/2.64.nix index 8c6e104e11b..daf026dc3a5 100644 --- a/pkgs/development/tools/misc/autoconf/2.64.nix +++ b/pkgs/development/tools/misc/autoconf/2.64.nix @@ -9,7 +9,9 @@ stdenv.mkDerivation rec { sha256 = "0j3jdjpf5ly39dlp0bg70h72nzqr059k0x8iqxvaxf106chpgn9j"; }; - buildInputs = [ m4 perl ]; + strictDeps = true; + nativeBuildInputs = [ m4 perl ]; + buildInputs = [ m4 ]; # Work around a known issue in Cygwin. See # http://thread.gmane.org/gmane.comp.sysutils.autoconf.bugs/6822 for diff --git a/pkgs/development/tools/misc/automake/automake-1.11.x.nix b/pkgs/development/tools/misc/automake/automake-1.11.x.nix index 02d9f4c4872..4f9a92d362b 100644 --- a/pkgs/development/tools/misc/automake/automake-1.11.x.nix +++ b/pkgs/development/tools/misc/automake/automake-1.11.x.nix @@ -18,7 +18,9 @@ stdenv.mkDerivation rec { patches = [ ./fix-test-autoconf-2.69.patch ./fix-perl-5.26.patch ]; - buildInputs = [ perl autoconf ]; + strictDeps = true; + nativeBuildInputs = [ perl autoconf ]; + buildInputs = [ autoconf ]; # Disable indented log output from Make, otherwise "make.test" will # fail. diff --git a/pkgs/development/tools/misc/help2man/default.nix b/pkgs/development/tools/misc/help2man/default.nix index c432aaa82e1..1d25dc8c6e0 100644 --- a/pkgs/development/tools/misc/help2man/default.nix +++ b/pkgs/development/tools/misc/help2man/default.nix @@ -7,11 +7,11 @@ stdenv.mkDerivation rec { pname = "help2man"; - version = "1.49.1"; + version = "1.49.2"; src = fetchurl { url = "mirror://gnu/${pname}/${pname}-${version}.tar.xz"; - sha256 = "sha256-/ZmmZOxL6ahqDdiXGZifFPNnqcB5110OHXHhinu1GwM="; + sha256 = "sha256-ni4OITp+CjYkTu1iBNkCtlBGAqV4tuzRUmixRU3q3TY="; }; strictDeps = true; diff --git a/pkgs/development/tools/misc/lsof/default.nix b/pkgs/development/tools/misc/lsof/default.nix index 94e3722598b..f3f29cc1acd 100644 --- a/pkgs/development/tools/misc/lsof/default.nix +++ b/pkgs/development/tools/misc/lsof/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, buildPackages, ncurses }: +{ lib, stdenv, fetchFromGitHub, fetchpatch, buildPackages, ncurses }: let dialect = with lib; last (splitString "-" stdenv.hostPlatform.system); in @@ -16,7 +16,17 @@ stdenv.mkDerivation rec { sha256 = "0yxv2jg6rnzys49lyrz9yjb4knamah4xvlqj596y6ix3vm4k3chp"; }; - patches = [ ./no-build-info.patch ]; + patches = [ + ./no-build-info.patch + + # Pull upstream fix for -fno-common toolchains: + # https://github.com/lsof-org/lsof/pull/221 + (fetchpatch { + name = "fno-common.patch"; + url = "https://github.com/lsof-org/lsof/commit/80e7c890585deec02c527dbcf42bc0e5d8d7c534.patch"; + sha256 = "17xshi7j7af9nli1zjk1m5f4il2ajvvhw7lii8g8d27rkkgyb8g6"; + }) + ]; postPatch = lib.optionalString stdenv.hostPlatform.isMusl '' substituteInPlace dialects/linux/dlsof.h --replace "defined(__UCLIBC__)" 1 diff --git a/pkgs/development/tools/misc/prelink/default.nix b/pkgs/development/tools/misc/prelink/default.nix index 2fbee4ca5f5..384829daadf 100644 --- a/pkgs/development/tools/misc/prelink/default.nix +++ b/pkgs/development/tools/misc/prelink/default.nix @@ -1,22 +1,54 @@ -{ lib, stdenv, fetchurl, libelf }: +{ stdenv +, lib +, fetchgit +, autoreconfHook +, libelf +, libiberty +}: stdenv.mkDerivation rec { pname = "prelink"; - version = "20130503"; + version = "unstable-2019-06-24"; - buildInputs = [ - libelf stdenv.cc.libc (lib.getOutput "static" stdenv.cc.libc) + src = fetchgit { + url = "https://git.yoctoproject.org/git/prelink-cross"; + branchName = "cross_prelink"; + rev = "f9975537dbfd9ade0fc813bd5cf5fcbe41753a37"; + sha256 = "sha256-O9/oZooLRyUBBZX3SFcB6LFMmi2vQqkUlqtZnrq5oZc="; + }; + + strictDeps = true; + + configurePlatforms = [ "build" "host" ]; + + nativeBuildInputs = [ + autoreconfHook ]; - src = fetchurl { - url = "https://people.redhat.com/jakub/prelink/prelink-${version}.tar.bz2"; - sha256 = "1w20f6ilqrz8ca51qhrn1n13h7q1r34k09g33d6l2vwvbrhcffb3"; - }; + buildInputs = [ + stdenv.cc.libc + libelf + libiberty + ]; - meta = { - homepage = "https://people.redhat.com/jakub/prelink/"; - license = "GPL"; + # Disable some tests because they're failing + preCheck = '' + for f in reloc2 layout1 unprel1 tls3 cxx2 cxx3 quick1 quick2 deps1 deps2; do + echo '#' > testsuite/''${f}.sh + done + patchShebangs --build testsuite + ''; + + # most tests fail + doCheck = !stdenv.isAarch64; + + enableParallelBuilding = true; + + meta = with lib;{ description = "ELF prelinking utility to speed up dynamic linking"; - platforms = lib.platforms.linux; + homepage = "https://wiki.yoctoproject.org/wiki/Cross-Prelink"; + license = licenses.gpl2Plus; + platforms = platforms.linux; + maintainers = with maintainers; [ artturin ]; }; } diff --git a/pkgs/development/tools/rust/cbindgen/default.nix b/pkgs/development/tools/rust/cbindgen/default.nix index 555ed3a080d..61553ffad86 100644 --- a/pkgs/development/tools/rust/cbindgen/default.nix +++ b/pkgs/development/tools/rust/cbindgen/default.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "rust-cbindgen"; - version = "0.24.2"; + version = "0.24.3"; src = fetchFromGitHub { owner = "eqrion"; repo = "cbindgen"; rev = "v${version}"; - hash = "sha256-7nl2VHw4l0hUVLs4fAnmkVaxTFRe3OcUwHXMqf/cH40="; + hash = "sha256-v5g6/ul6mJtzC4O4WlNopPtFUSbx2Jv79mZL72mucws="; }; - cargoSha256 = "sha256:0q99vy5k57phi80viqhkw8cyw7kglap1yf6m8n25n4knf7z9l119"; + cargoSha256 = "sha256-j3/2cFjSDkx0TXCaxYSCLrBbAHrJfJ6hwBcXlDedwh8="; buildInputs = lib.optional stdenv.isDarwin Security; diff --git a/pkgs/games/srb2/default.nix b/pkgs/games/srb2/default.nix index ff5e0f43036..1a4862904ab 100644 --- a/pkgs/games/srb2/default.nix +++ b/pkgs/games/srb2/default.nix @@ -6,7 +6,7 @@ , cmake , curl , nasm -, openmpt123 +, libopenmpt , p7zip , libgme , libpng @@ -50,7 +50,7 @@ in stdenv.mkDerivation rec { curl libgme libpng - openmpt123 + libopenmpt SDL2 SDL2_mixer zlib @@ -59,7 +59,7 @@ in stdenv.mkDerivation rec { cmakeFlags = [ "-DSRB2_ASSET_DIRECTORY=/build/source/assets" "-DGME_INCLUDE_DIR=${libgme}/include" - "-DOPENMPT_INCLUDE_DIR=${openmpt123}/include" + "-DOPENMPT_INCLUDE_DIR=${libopenmpt.dev}/include" "-DSDL2_MIXER_INCLUDE_DIR=${SDL2_mixer}/include/SDL2" "-DSDL2_INCLUDE_DIR=${SDL2.dev}/include/SDL2" ]; diff --git a/pkgs/os-specific/linux/fuse/default.nix b/pkgs/os-specific/linux/fuse/default.nix index b1d9d3dc41e..6aa3e46d4e1 100644 --- a/pkgs/os-specific/linux/fuse/default.nix +++ b/pkgs/os-specific/linux/fuse/default.nix @@ -11,7 +11,7 @@ in { }; fuse_3 = mkFuse { - version = "3.10.5"; - sha256Hash = "1yxh85m8fnn3w21f6g6vza7k2giizmyhcbkms4rmkcd2dd2rzk3y"; + version = "3.11.0"; + sha256Hash = "1wx80xxlvjn0wxhmkr1g91vwrgxssyzds1hizzxc2xrd4kjh9dfb"; }; } diff --git a/pkgs/os-specific/linux/iptables/default.nix b/pkgs/os-specific/linux/iptables/default.nix index c6dc10f32ba..d76bba1c37d 100644 --- a/pkgs/os-specific/linux/iptables/default.nix +++ b/pkgs/os-specific/linux/iptables/default.nix @@ -1,19 +1,33 @@ { lib, stdenv, fetchurl, pkg-config, pruneLibtoolFiles, flex, bison , libmnl, libnetfilter_conntrack, libnfnetlink, libnftnl, libpcap , nftablesCompat ? true +, fetchpatch }: -with lib; - stdenv.mkDerivation rec { - version = "1.8.7"; + version = "1.8.8"; pname = "iptables"; src = fetchurl { url = "https://www.netfilter.org/projects/${pname}/files/${pname}-${version}.tar.bz2"; - sha256 = "1w6qx3sxzkv80shk21f63rq41c84irpx68k62m2cv629n1mwj2f1"; + sha256 = "sha256-ccdYidxxBnZjFVPrFRHaAXe7qvG1USZbkS0jbD9RhZ8="; }; + patches = [ + # xshared: Fix build for -Werror=format-security + (fetchpatch { + url = "https://git.netfilter.org/iptables/patch/?id=b72eb12ea5a61df0655ad99d5048994e916be83a"; + sha256 = "sha256-pnamqOagwNWoiwlxPnKCqSc2N7MP/eZlT7JiE09c8OE="; + }) + # treewide: use uint* instead of u_int* + (fetchpatch { + url = "https://git.netfilter.org/iptables/patch/?id=f319389525b066b7dc6d389c88f16a0df3b8f189"; + sha256 = "sha256-rOxCEWZoI8Ac5fQDp286YHAwvreUAoDVAbomboKrGyM="; + }) + ]; + + outputs = [ "out" "dev" "man" ]; + nativeBuildInputs = [ pkg-config pruneLibtoolFiles flex bison ]; buildInputs = [ libmnl libnetfilter_conntrack libnfnetlink libnftnl libpcap ]; @@ -28,11 +42,9 @@ stdenv.mkDerivation rec { "--enable-libipq" "--enable-nfsynproxy" "--enable-shared" - ] ++ optional (!nftablesCompat) "--disable-nftables"; + ] ++ lib.optional (!nftablesCompat) "--disable-nftables"; - outputs = [ "out" "dev" ]; - - postInstall = optionalString nftablesCompat '' + postInstall = lib.optionalString nftablesCompat '' rm $out/sbin/{iptables,iptables-restore,iptables-save,ip6tables,ip6tables-restore,ip6tables-save} ln -sv xtables-nft-multi $out/bin/iptables ln -sv xtables-nft-multi $out/bin/iptables-restore @@ -42,7 +54,7 @@ stdenv.mkDerivation rec { ln -sv xtables-nft-multi $out/bin/ip6tables-save ''; - meta = { + meta = with lib; { description = "A program to configure the Linux IP packet filtering ruleset"; homepage = "https://www.netfilter.org/projects/iptables/index.html"; platforms = platforms.linux; diff --git a/pkgs/os-specific/linux/kernel-headers/default.nix b/pkgs/os-specific/linux/kernel-headers/default.nix index d07c9073e6a..5b2fb62cb95 100644 --- a/pkgs/os-specific/linux/kernel-headers/default.nix +++ b/pkgs/os-specific/linux/kernel-headers/default.nix @@ -93,6 +93,9 @@ in { }; patches = [ ./no-relocs.patch # for building x86 kernel headers on non-ELF platforms + + # 5.19 backport. Can be removed on update. + ./restore-__bitwise__.patch ]; }; } diff --git a/pkgs/os-specific/linux/kernel-headers/restore-__bitwise__.patch b/pkgs/os-specific/linux/kernel-headers/restore-__bitwise__.patch new file mode 100644 index 00000000000..67d2af8fc3b --- /dev/null +++ b/pkgs/os-specific/linux/kernel-headers/restore-__bitwise__.patch @@ -0,0 +1,15 @@ +https://github.com/torvalds/linux/commit/caa28984163cb63ea0be4cb8dbf05defdc7303f9 + +Fixes openiscsi build. +--- a/include/uapi/linux/types.h ++++ b/include/uapi/linux/types.h +@@ -26,6 +26,9 @@ + #define __bitwise + #endif + ++/* The kernel doesn't use this legacy form, but user space does */ ++#define __bitwise__ __bitwise ++ + typedef __u16 __bitwise __le16; + typedef __u16 __bitwise __be16; + typedef __u32 __bitwise __le32; diff --git a/pkgs/os-specific/linux/uclibc/default.nix b/pkgs/os-specific/linux/uclibc-ng/default.nix similarity index 62% rename from pkgs/os-specific/linux/uclibc/default.nix rename to pkgs/os-specific/linux/uclibc-ng/default.nix index 1d4166e4083..f7cd34a458c 100644 --- a/pkgs/os-specific/linux/uclibc/default.nix +++ b/pkgs/os-specific/linux/uclibc-ng/default.nix @@ -1,9 +1,14 @@ -{ lib, stdenv, buildPackages -, fetchurl, linuxHeaders, libiconvReal +{ lib +, stdenv +, buildPackages +, fetchurl +, linuxHeaders +, libiconvReal , extraConfig ? "" }: let + isCross = (stdenv.buildPlatform != stdenv.hostPlatform); configParser = '' function parseconfig { set -x @@ -36,12 +41,13 @@ let UCLIBC_HAS_RPC y DO_C99_MATH y UCLIBC_HAS_PROGRAM_INVOCATION_NAME y + UCLIBC_HAS_RESOLVER_SUPPORT y UCLIBC_SUSV4_LEGACY y UCLIBC_HAS_THREADS_NATIVE y KERNEL_HEADERS "${linuxHeaders}/include" '' + lib.optionalString (stdenv.hostPlatform.gcc.float or "" == "soft") '' UCLIBC_HAS_FPU n - '' + lib.optionalString (stdenv.isAarch32 && stdenv.buildPlatform != stdenv.hostPlatform) '' + '' + lib.optionalString (stdenv.isAarch32 && isCross) '' CONFIG_ARM_EABI y ARCH_WANTS_BIG_ENDIAN n ARCH_BIG_ENDIAN n @@ -49,18 +55,14 @@ let ARCH_LITTLE_ENDIAN y UCLIBC_HAS_FPU n ''; - - version = "1.0.38"; in - -stdenv.mkDerivation { +stdenv.mkDerivation rec { pname = "uclibc-ng"; - inherit version; + version = "1.0.41"; src = fetchurl { - url = "https://downloads.uclibc-ng.org/releases/${version}/uClibc-ng-${version}.tar.bz2"; - # from "${url}.sha256"; - sha256 = "sha256-7wexvOOfDpIsM3XcdhHxESz7GsOW+ZkiA0dfiN5rHrU="; + url = "https://downloads.uclibc-ng.org/releases/${version}/uClibc-ng-${version}.tar.xz"; + sha256 = "sha256-syqSoCGNlZItaXZGTm71Hi66z7zbYFggRY2du4ph4CU="; }; # 'ftw' needed to build acl, a coreutils dependency @@ -78,7 +80,7 @@ stdenv.mkDerivation { hardeningDisable = [ "stackprotector" ]; # Cross stripping hurts. - dontStrip = stdenv.hostPlatform != stdenv.buildPlatform; + dontStrip = isCross; depsBuildBuild = [ buildPackages.stdenv.cc ]; @@ -86,7 +88,7 @@ stdenv.mkDerivation { "ARCH=${stdenv.hostPlatform.linuxArch}" "TARGET_ARCH=${stdenv.hostPlatform.linuxArch}" "VERBOSE=1" - ] ++ lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ + ] ++ lib.optionals (isCross) [ "CROSS=${stdenv.cc.targetPrefix}" ]; @@ -95,24 +97,45 @@ stdenv.mkDerivation { enableParallelBuilding = false; installPhase = '' + runHook preInstall + mkdir -p $out make $makeFlags PREFIX=$out VERBOSE=1 install (cd $out/include && ln -s $(ls -d ${linuxHeaders}/include/* | grep -v "scsi$") .) # libpthread.so may not exist, so I do || true sed -i s@/lib/@$out/lib/@g $out/lib/libc.so $out/lib/libpthread.so || true - ''; - passthru = { - # Derivations may check for the existance of this attribute, to know what to link to. - libiconv = libiconvReal; - }; + runHook postInstall + ''; meta = with lib; { homepage = "https://uclibc-ng.org"; - description = "A small implementation of the C library"; - maintainers = with maintainers; [ rasendubi ]; - license = licenses.lgpl2; + description = "Embedded C library"; + longDescription = '' + uClibc-ng is a small C library for developing embedded Linux systems. It + is much smaller than the GNU C Library, but nearly all applications + supported by glibc also work perfectly with uClibc-ng. + + Porting applications from glibc to uClibc-ng typically involves just + recompiling the source code. uClibc-ng supports shared libraries and + threading. It currently runs on standard Linux and MMU-less (also known as + uClinux) systems with support for Aarch64, Alpha, ARC, ARM, AVR32, + Blackfin, CRIS, C-Sky, C6X, FR-V, H8/300, HPPA, i386, IA64, KVX, LM32, + M68K/Coldfire, Metag, Microblaze, MIPS, MIPS64, NDS32, NIOS2, OpenRISC, + PowerPC, RISCV64, Sparc, Sparc64, SuperH, Tile, X86_64 and XTENSA + processors. Alpha, FR-V, HPPA, IA64, LM32, NIOS2, Tile and Sparc64 are + experimental and need more testing. + ''; + license = licenses.lgpl2Plus; + maintainers = with maintainers; [ rasendubi AndersonTorres ]; platforms = platforms.linux; - broken = stdenv.hostPlatform.isAarch32 || stdenv.hostPlatform.isAarch64; + badPlatforms = platforms.aarch64; }; + + passthru = { + # Derivations may check for the existance of this attribute, to know what to + # link to. + libiconv = libiconvReal; + }; + } diff --git a/pkgs/servers/dns/bind/default.nix b/pkgs/servers/dns/bind/default.nix index d2923ee2334..e5adfd24227 100644 --- a/pkgs/servers/dns/bind/default.nix +++ b/pkgs/servers/dns/bind/default.nix @@ -1,9 +1,8 @@ { config, stdenv, lib, fetchurl, fetchpatch , perl, pkg-config , libcap, libtool, libxml2, openssl, libuv, nghttp2, jemalloc -, enableGSSAPI ? true, libkrb5 , enablePython ? false, python3 -, enableSeccomp ? false, libseccomp +, enableGSSAPI ? true, libkrb5 , buildPackages, nixosTests }: @@ -25,7 +24,6 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ perl pkg-config ]; buildInputs = [ libtool libxml2 openssl libuv nghttp2 jemalloc ] ++ lib.optional stdenv.isLinux libcap - ++ lib.optional enableSeccomp libseccomp ++ lib.optional enableGSSAPI libkrb5 ++ lib.optional enablePython (python3.withPackages (ps: with ps; [ ply ])); @@ -33,25 +31,8 @@ stdenv.mkDerivation rec { configureFlags = [ "--localstatedir=/var" - "--with-libtool" - (if enablePython then "--with-python" else "--without-python") - "--without-atf" - "--without-dlopen" - "--without-docbook-xsl" - "--without-idn" - "--without-idnlib" "--without-lmdb" - "--without-libjson" - "--without-pkcs11" - "--without-purify" - "--with-randomdev=/dev/random" - "--with-ecdsa" - "--with-gost" - "--without-eddsa" - "--with-aes" - ] ++ lib.optional stdenv.isLinux "--with-libcap=${libcap.dev}" - ++ lib.optional enableSeccomp "--enable-seccomp" - ++ lib.optional enableGSSAPI "--with-gssapi=${libkrb5.dev}/bin/krb5-config" + ] ++ lib.optional enableGSSAPI "--with-gssapi=${libkrb5.dev}/bin/krb5-config" ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) "BUILD_CC=$(CC_FOR_BUILD)"; postInstall = '' diff --git a/pkgs/servers/home-assistant/default.nix b/pkgs/servers/home-assistant/default.nix index b1b731642b8..ee069f19b05 100644 --- a/pkgs/servers/home-assistant/default.nix +++ b/pkgs/servers/home-assistant/default.nix @@ -213,6 +213,7 @@ in python.pkgs.buildPythonApplication rec { "cryptography" "httpx" "PyJWT" + "requests" ]; in '' sed -r -i \ diff --git a/pkgs/servers/sql/postgresql/default.nix b/pkgs/servers/sql/postgresql/default.nix index bfbac087bc3..7c1ed8b6b37 100644 --- a/pkgs/servers/sql/postgresql/default.nix +++ b/pkgs/servers/sql/postgresql/default.nix @@ -239,9 +239,9 @@ in self: { }; postgresql_14 = self.callPackage generic { - version = "14.3"; + version = "14.4"; psqlSchema = "14"; - sha256 = "sha256-J5BXNov1mpGcBa2o+VxeBKu0PnS5oqacPUaiDgeprzg="; + sha256 = "sha256-wjtiN8UjHHkVEb3HkJhhfWhS6eO982Dv2LXRWho9j2o="; this = self.postgresql_14; thisAttr = "postgresql_14"; inherit self; diff --git a/pkgs/stdenv/generic/setup.sh b/pkgs/stdenv/generic/setup.sh index 40ffd9344e3..de8d13160f9 100644 --- a/pkgs/stdenv/generic/setup.sh +++ b/pkgs/stdenv/generic/setup.sh @@ -1026,15 +1026,15 @@ configurePhase() { # scripts with vendored libtool code. Preserve mtimes to # prevent some packages (e.g. libidn2) from spontaneously # autoreconf'ing themselves - CONFIGURE_MTIME_REFERENCE=$(mktemp configure.mtime.reference.XXX) + CONFIGURE_MTIME_REFERENCE=$(mktemp configure.mtime.reference.XXXXXX) find . \ -executable \ -type f \ -name configure \ - -execdir grep -l 'GNU Libtool is free software; you can redistribute it and/or modify' {} \; \ - -execdir touch -r {} "$CONFIGURE_MTIME_REFERENCE" \; \ - -execdir sed -i s_/usr/bin/file_file_g {} \; \ - -execdir touch -r "$CONFIGURE_MTIME_REFERENCE" {} \; + -exec grep -l 'GNU Libtool is free software; you can redistribute it and/or modify' {} \; \ + -exec touch -r {} "$CONFIGURE_MTIME_REFERENCE" \; \ + -exec sed -i s_/usr/bin/file_file_g {} \; \ + -exec touch -r "$CONFIGURE_MTIME_REFERENCE" {} \; rm -f "$CONFIGURE_MTIME_REFERENCE" fi diff --git a/pkgs/stdenv/linux/default.nix b/pkgs/stdenv/linux/default.nix index d625ab5b301..6475d7f2ca1 100644 --- a/pkgs/stdenv/linux/default.nix +++ b/pkgs/stdenv/linux/default.nix @@ -436,8 +436,16 @@ in inherit (prevStage) gzip bzip2 xz bash coreutils diffutils findutils gawk gnumake gnused gnutar gnugrep gnupatch patchelf - attr acl zlib pcre libunistring libidn2; + attr acl zlib pcre libunistring; ${localSystem.libc} = getLibc prevStage; + + # Hack: avoid libidn2.{bin,dev} referencing bootstrap tools. There's a logical cycle. + libidn2 = import ../../development/libraries/libidn2/no-bootstrap-reference.nix { + inherit lib; + inherit (prevStage) libidn2; + inherit (self) stdenv runCommandLocal patchelf libunistring; + }; + } // lib.optionalAttrs (super.stdenv.targetPlatform == localSystem) { # Need to get rid of these when cross-compiling. inherit (prevStage) binutils binutils-unwrapped; diff --git a/pkgs/test/make-binary-wrapper/add-flags.c b/pkgs/test/make-binary-wrapper/add-flags.c index 7ce682c6be6..3ae8678d442 100644 --- a/pkgs/test/make-binary-wrapper/add-flags.c +++ b/pkgs/test/make-binary-wrapper/add-flags.c @@ -3,7 +3,7 @@ #include int main(int argc, char **argv) { - char **argv_tmp = calloc(5 + argc, sizeof(*argv_tmp)); + char **argv_tmp = calloc(4 + argc + 2 + 1, sizeof(*argv_tmp)); assert(argv_tmp != NULL); argv_tmp[0] = argv[0]; argv_tmp[1] = "-x"; @@ -13,7 +13,9 @@ int main(int argc, char **argv) { for (int i = 1; i < argc; ++i) { argv_tmp[4 + i] = argv[i]; } - argv_tmp[4 + argc] = NULL; + argv_tmp[4 + argc + 0] = "-foo"; + argv_tmp[4 + argc + 1] = "-bar"; + argv_tmp[4 + argc + 2] = NULL; argv = argv_tmp; argv[0] = "/send/me/flags"; diff --git a/pkgs/test/make-binary-wrapper/add-flags.cmdline b/pkgs/test/make-binary-wrapper/add-flags.cmdline index f840c772e34..f42d26f3adf 100644 --- a/pkgs/test/make-binary-wrapper/add-flags.cmdline +++ b/pkgs/test/make-binary-wrapper/add-flags.cmdline @@ -1,2 +1,3 @@ + --append-flags "-foo -bar" \ --add-flags "-x -y -z" \ --add-flags -abc diff --git a/pkgs/test/make-binary-wrapper/add-flags.env b/pkgs/test/make-binary-wrapper/add-flags.env index 9b8d1fb9f6a..3626b8cf97b 100644 --- a/pkgs/test/make-binary-wrapper/add-flags.env +++ b/pkgs/test/make-binary-wrapper/add-flags.env @@ -4,3 +4,5 @@ SUBST_ARGV0 -y -z -abc +-foo +-bar diff --git a/pkgs/test/make-binary-wrapper/combination.c b/pkgs/test/make-binary-wrapper/combination.c index e9ce5f1d724..8ce8a4722a0 100644 --- a/pkgs/test/make-binary-wrapper/combination.c +++ b/pkgs/test/make-binary-wrapper/combination.c @@ -36,7 +36,7 @@ int main(int argc, char **argv) { set_env_suffix("PATH", ":", "/usr/local/bin/"); putenv("MESSAGE2=WORLD"); - char **argv_tmp = calloc(4 + argc, sizeof(*argv_tmp)); + char **argv_tmp = calloc(3 + argc + 0 + 1, sizeof(*argv_tmp)); assert(argv_tmp != NULL); argv_tmp[0] = argv[0]; argv_tmp[1] = "-x"; @@ -45,7 +45,7 @@ int main(int argc, char **argv) { for (int i = 1; i < argc; ++i) { argv_tmp[3 + i] = argv[i]; } - argv_tmp[3 + argc] = NULL; + argv_tmp[3 + argc + 0] = NULL; argv = argv_tmp; argv[0] = "my-wrapper"; diff --git a/pkgs/test/make-wrapper/default.nix b/pkgs/test/make-wrapper/default.nix index 62ccd272adf..5cc7cee5a86 100644 --- a/pkgs/test/make-wrapper/default.nix +++ b/pkgs/test/make-wrapper/default.nix @@ -62,7 +62,7 @@ runCommand "make-wrapper-test" (mkWrapperBinary { name = "test-unset"; args = [ "--unset" "VAR" ]; }) (mkWrapperBinary { name = "test-run"; args = [ "--run" "echo bar" ]; }) (mkWrapperBinary { name = "test-run-and-set"; args = [ "--run" "export VAR=foo" "--set" "VAR" "bar" ]; }) - (mkWrapperBinary { name = "test-args"; args = [ "--add-flags" "abc" ]; wrapped = wrappedBinaryArgs; }) + (mkWrapperBinary { name = "test-args"; args = [ "--add-flags" "abc" "--append-flags" "xyz" ]; wrapped = wrappedBinaryArgs; }) (mkWrapperBinary { name = "test-prefix"; args = [ "--prefix" "VAR" ":" "abc" ]; }) (mkWrapperBinary { name = "test-prefix-noglob"; args = [ "--prefix" "VAR" ":" "./*" ]; }) (mkWrapperBinary { name = "test-suffix"; args = [ "--suffix" "VAR" ":" "abc" ]; }) @@ -89,10 +89,10 @@ runCommand "make-wrapper-test" # --unset works + mkTest "VAR=foo test-unset" "VAR=" - # --add-flags works - + mkTest "test-args" "abc" - # given flags are appended - + mkTest "test-args foo" "abc foo" + # --add-flags and --append-flags work + + mkTest "test-args" "abc xyz" + # given flags are kept + + mkTest "test-args foo" "abc foo xyz" # --run works + mkTest "test-run" "bar\nVAR=" diff --git a/pkgs/tools/admin/awscli2/default.nix b/pkgs/tools/admin/awscli2/default.nix index fa61df14173..d772d1d16e4 100644 --- a/pkgs/tools/admin/awscli2/default.nix +++ b/pkgs/tools/admin/awscli2/default.nix @@ -29,7 +29,7 @@ let in with py.pkgs; buildPythonApplication rec { pname = "awscli2"; - version = "2.7.8"; # N.B: if you change this, check if overrides are still up-to-date + version = "2.7.9"; # N.B: if you change this, check if overrides are still up-to-date src = fetchFromGitHub { owner = "aws"; diff --git a/pkgs/tools/archivers/unzip/setup-hook.sh b/pkgs/tools/archivers/unzip/setup-hook.sh index 4055d2fab51..99c63f68e94 100644 --- a/pkgs/tools/archivers/unzip/setup-hook.sh +++ b/pkgs/tools/archivers/unzip/setup-hook.sh @@ -1,5 +1,11 @@ unpackCmdHooks+=(_tryUnzip) _tryUnzip() { if ! [[ "$curSrc" =~ \.zip$ ]]; then return 1; fi - unzip -qq "$curSrc" + + # UTF-8 locale is needed for unzip on glibc to handle UTF-8 symbols: + # https://github.com/NixOS/nixpkgs/issues/176225#issuecomment-1146617263 + # Otherwise unzip unpacks escaped file names as if '-U' options was in effect. + # + # Pick en_US.UTF-8 as most possible to be present on glibc, musl and darwin. + LANG=en_US.UTF-8 unzip -qq "$curSrc" } diff --git a/pkgs/tools/filesystems/f2fs-tools/default.nix b/pkgs/tools/filesystems/f2fs-tools/default.nix index df4d2e44e51..f7de571dc09 100644 --- a/pkgs/tools/filesystems/f2fs-tools/default.nix +++ b/pkgs/tools/filesystems/f2fs-tools/default.nix @@ -2,12 +2,12 @@ stdenv.mkDerivation rec { pname = "f2fs-tools"; - version = "1.14.0"; + version = "1.15.0"; src = fetchgit { url = "https://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs-tools.git"; rev = "refs/tags/v${version}"; - sha256 = "06ss05n87i1c3149qb3n7j1qp2scv3g2adx0v6ljkl59ab9b5saj"; + sha256 = "sha256-RSWvdC6kV0KfyJefK9qyFCWjlezFc7DBOOn+uy7S3Lk="; }; nativeBuildInputs = [ autoreconfHook pkg-config ]; diff --git a/pkgs/tools/misc/coreutils/default.nix b/pkgs/tools/misc/coreutils/default.nix index b7ee7967953..f6d2591716e 100644 --- a/pkgs/tools/misc/coreutils/default.nix +++ b/pkgs/tools/misc/coreutils/default.nix @@ -1,36 +1,46 @@ -{ stdenv, lib, buildPackages -, autoreconfHook, bison, texinfo, fetchurl, perl, xz, libiconv, gmp ? null -, aclSupport ? stdenv.isLinux, acl ? null -, attrSupport ? stdenv.isLinux, attr ? null -, selinuxSupport? false, libselinux ? null, libsepol ? null +{ lib +, stdenv +, fetchurl +, autoreconfHook +, buildPackages +, libiconv +, perl +, texinfo +, xz +, gmpSupport ? true, gmp +, aclSupport ? stdenv.isLinux, acl +, attrSupport ? stdenv.isLinux, attr +, selinuxSupport ? false, libselinux, libsepol # No openssl in default version, so openssl-induced rebuilds aren't too big. # It makes *sum functions significantly faster. -, minimal ? true, withOpenssl ? !minimal, openssl ? null +, minimal ? true +, withOpenssl ? !minimal, openssl , withPrefix ? false , singleBinary ? "symlinks" # you can also pass "shebangs" or false }: -# Note: this package is used for bootstrapping fetchurl, and thus -# cannot use fetchpatch! All mutable patches (generated by GitHub or -# cgit) that are needed here should be included directly in Nixpkgs as -# files. +# Note: this package is used for bootstrapping fetchurl, and thus cannot use +# fetchpatch! All mutable patches (generated by GitHub or cgit) that are needed +# here should be included directly in Nixpkgs as files. assert aclSupport -> acl != null; assert selinuxSupport -> libselinux != null && libsepol != null; -with lib; - -stdenv.mkDerivation (rec { - pname = "coreutils${optionalString (!minimal) "-full"}"; +let + inherit (lib) concatStringsSep isString optional optionals optionalString; + isCross = (stdenv.hostPlatform != stdenv.buildPlatform); +in +stdenv.mkDerivation rec { + pname = "coreutils" + (optionalString (!minimal) "-full"); version = "9.1"; src = fetchurl { url = "mirror://gnu/coreutils/coreutils-${version}.tar.xz"; - sha256 = "sha256:08q4b0w7mwfxbqjs712l6wrwl2ijs7k50kssgbryg9wbsw8g98b1"; + sha256 = "sha256-YaH0ENeLp+fzelpPUObRMgrKMzdUhKMlXt3xejhYBCM="; }; postPatch = '' - # The test tends to fail on btrfs,f2fs and maybe other unusual filesystems. + # The test tends to fail on btrfs, f2fs and maybe other unusual filesystems. sed '2i echo Skipping dd sparse test && exit 77' -i ./tests/dd/sparse.sh sed '2i echo Skipping du threshold test && exit 77' -i ./tests/du/threshold.sh sed '2i echo Skipping cp sparse test && exit 77' -i ./tests/cp/sparse.sh @@ -60,7 +70,7 @@ stdenv.mkDerivation (rec { # intermittent failures on builders, unknown reason sed '2i echo Skipping du basic test && exit 77' -i ./tests/du/basic.sh - '' + (optionalString (stdenv.hostPlatform.libc == "musl") (lib.concatStringsSep "\n" [ + '' + (optionalString (stdenv.hostPlatform.libc == "musl") (concatStringsSep "\n" [ '' echo "int main() { return 77; }" > gnulib-tests/test-parse-datetime.c echo "int main() { return 77; }" > gnulib-tests/test-getlogin.c @@ -75,43 +85,54 @@ stdenv.mkDerivation (rec { outputs = [ "out" "info" ]; separateDebugInfo = true; - nativeBuildInputs = [ perl xz.bin autoreconfHook ] # autoreconfHook is due to patch, normally only needed for cygwin - ++ optionals stdenv.hostPlatform.isCygwin [ texinfo ]; # due to patch + nativeBuildInputs = [ + # autoreconfHook is due to patch, normally only needed for cygwin + autoreconfHook + perl + xz.bin + ] + ++ optionals stdenv.hostPlatform.isCygwin [ + # due to patch + texinfo + ]; + + buildInputs = [ ] + ++ optional aclSupport acl + ++ optional attrSupport attr + ++ optional gmpSupport gmp + ++ optional withOpenssl openssl + ++ optionals selinuxSupport [ libselinux libsepol ] + # TODO(@Ericson2314): Investigate whether Darwin could benefit too + ++ optional (isCross && stdenv.hostPlatform.libc != "glibc") libiconv; + configureFlags = [ "--with-packager=https://nixos.org" ] ++ optional (singleBinary != false) ("--enable-single-binary" + optionalString (isString singleBinary) "=${singleBinary}") ++ optional withOpenssl "--with-openssl" ++ optional stdenv.hostPlatform.isSunOS "ac_cv_func_inotify_init=no" ++ optional withPrefix "--program-prefix=g" - ++ optional stdenv.isDarwin "--disable-nls" # the shipped configure script doesn't enable nls, but using autoreconfHook does so which breaks the build - ++ optionals (stdenv.hostPlatform != stdenv.buildPlatform && stdenv.hostPlatform.libc == "glibc") [ + # the shipped configure script doesn't enable nls, but using autoreconfHook + # does so which breaks the build + ++ optional stdenv.isDarwin "--disable-nls" + ++ optionals (isCross && stdenv.hostPlatform.libc == "glibc") [ # TODO(19b98110126fde7cbb1127af7e3fe1568eacad3d): Needed for fstatfs() I # don't know why it is not properly detected cross building with glibc. "fu_cv_sys_stat_statfs2_bsize=yes" ]; - - buildInputs = [ gmp ] - ++ optional aclSupport acl - ++ optional attrSupport attr - ++ optional withOpenssl openssl - ++ optionals selinuxSupport [ libselinux libsepol ] - # TODO(@Ericson2314): Investigate whether Darwin could benefit too - ++ optional (stdenv.hostPlatform != stdenv.buildPlatform && stdenv.hostPlatform.libc != "glibc") libiconv; - # The tests are known broken on Cygwin # (http://article.gmane.org/gmane.comp.gnu.core-utils.bugs/19025), # Darwin (http://article.gmane.org/gmane.comp.gnu.core-utils.bugs/19351), # and {Open,Free}BSD. # With non-standard storeDir: https://github.com/NixOS/nix/issues/512 # On aarch64+musl, test-init.sh fails due to a segfault in diff. - doCheck = stdenv.hostPlatform == stdenv.buildPlatform - && (stdenv.hostPlatform.libc == "glibc" || stdenv.hostPlatform.isMusl) - && !(stdenv.hostPlatform.isMusl && stdenv.hostPlatform.isAarch64) + doCheck = (!isCross) + && (stdenv.hostPlatform.libc == "glibc" || stdenv.hostPlatform.libc == "musl") + && !(stdenv.hostPlatform.libc == "musl" && stdenv.hostPlatform.isAarch64) && !stdenv.isAarch32; # Prevents attempts of running 'help2man' on cross-built binaries. - PERL = if stdenv.hostPlatform == stdenv.buildPlatform then null else "missing"; + PERL = if isCross then "missing" else null; enableParallelBuilding = true; @@ -124,11 +145,11 @@ stdenv.mkDerivation (rec { # Works around a bug with 8.26: # Makefile:3440: *** Recursive variable 'INSTALL' references itself (eventually). Stop. - preInstall = optionalString (stdenv.hostPlatform != stdenv.buildPlatform) '' + preInstall = optionalString isCross '' sed -i Makefile -e 's|^INSTALL =.*|INSTALL = ${buildPackages.coreutils}/bin/install -c|' ''; - postInstall = optionalString (stdenv.hostPlatform != stdenv.buildPlatform && !minimal) '' + postInstall = optionalString (isCross && !minimal) '' rm $out/share/man/man1/* cp ${buildPackages.coreutils-full}/share/man/man1/* $out/share/man/man1 '' @@ -137,18 +158,17 @@ stdenv.mkDerivation (rec { rm -r "$out/share" ''; - meta = { + meta = with lib; { homepage = "https://www.gnu.org/software/coreutils/"; - description = "The basic file, shell and text manipulation utilities of the GNU operating system"; + description = "The GNU Core Utilities"; longDescription = '' - The GNU Core Utilities are the basic file, shell and text - manipulation utilities of the GNU operating system. These are - the core utilities which are expected to exist on every - operating system. + The GNU Core Utilities are the basic file, shell and text manipulation + utilities of the GNU operating system. These are the core utilities which + are expected to exist on every operating system. ''; license = licenses.gpl3Plus; - platforms = platforms.unix ++ platforms.windows; + maintainers = with maintainers; [ das_j ]; + platforms = with platforms; unix ++ windows; priority = 10; - maintainers = [ maintainers.das_j ]; }; -}) +} diff --git a/pkgs/tools/misc/ethtool/default.nix b/pkgs/tools/misc/ethtool/default.nix index f80de50ea55..48d7a009c01 100644 --- a/pkgs/tools/misc/ethtool/default.nix +++ b/pkgs/tools/misc/ethtool/default.nix @@ -8,11 +8,11 @@ stdenv.mkDerivation rec { pname = "ethtool"; - version = "5.17"; + version = "5.18"; src = fetchurl { url = "mirror://kernel/software/network/${pname}/${pname}-${version}.tar.xz"; - sha256 = "sha256-ZKuRS5xrRQRyRdkfQLh2CycomSqeWvInF8ZEI46IkTM="; + sha256 = "sha256-lXey/7znELZZ+yOVmOySvO0cpADKDxKGdiv6ROR4QnA="; }; nativeBuildInputs = [ diff --git a/pkgs/tools/misc/file/default.nix b/pkgs/tools/misc/file/default.nix index 9b982f2c2ea..eb14a4a7142 100644 --- a/pkgs/tools/misc/file/default.nix +++ b/pkgs/tools/misc/file/default.nix @@ -7,14 +7,14 @@ stdenv.mkDerivation rec { pname = "file"; - version = "5.41"; + version = "5.42"; src = fetchurl { urls = [ - "ftp://ftp.astron.com/pub/file/${pname}-${version}.tar.gz" + "https://astron.com/pub/file/${pname}-${version}.tar.gz" "https://distfiles.macports.org/file/${pname}-${version}.tar.gz" ]; - sha256 = "sha256-E+Uyx7Nk99V+I9/uoxRxAxUMuQWTpXr4bBDk9uQRYD8="; + sha256 = "sha256-wHb7TQKcdAc/FcQzYe9XLPuGhAfTRxkLqDSvOxY5sOQ="; }; strictDeps = true; diff --git a/pkgs/tools/networking/unbound/default.nix b/pkgs/tools/networking/unbound/default.nix index b92fb23d64e..cf1c7f717e6 100644 --- a/pkgs/tools/networking/unbound/default.nix +++ b/pkgs/tools/networking/unbound/default.nix @@ -43,11 +43,11 @@ stdenv.mkDerivation rec { pname = "unbound"; - version = "1.14.0"; + version = "1.16.0"; src = fetchurl { url = "https://nlnetlabs.nl/downloads/unbound/unbound-${version}.tar.gz"; - sha256 = "sha256-bvkcvwLVKZ6rOTKMCFc5Pee0iFov5yM93+PBJP9aicg="; + hash = "sha256-ZwFTTJOOsBliZgEZHtxtAS/FNMCdJBjVuSgn2wy+SKU="; }; outputs = [ "out" "lib" "man" ]; # "dev" would only split ~20 kB diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 28b76e010dd..b0fc9015af9 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1,8 +1,8 @@ /* The top-level package collection of nixpkgs. - * It is sorted by categories corresponding to the folder names - * in the /pkgs folder. Inside the categories packages are roughly - * sorted by alphabet, but strict sorting has been long lost due - * to merges. Please use the full-text search of your editor. ;) + * It is sorted by categories corresponding to the folder names in the /pkgs + * folder. Inside the categories packages are roughly sorted by alphabet, but + * strict sorting has been long lost due to merges. Please use the full-text + * search of your editor. ;) * Hint: ### starts category names. */ { lib, noSysDirs, config, overlays }: @@ -4033,6 +4033,24 @@ with pkgs; meson = callPackage ../development/tools/build-managers/meson { }; + # while building documentation meson may want to run binaries for host + # which needs an emulator + # example of an error which this fixes + # [Errno 8] Exec format error: './gdk3-scan' + mesonEmulatorHook = + if (stdenv.buildPlatform != stdenv.targetPlatform) then + makeSetupHook + { + name = "mesonEmulatorHook"; + substitutions = { + crossFile = writeText "cross-file.conf" '' + [binaries] + exe_wrapper = ${lib.escapeShellArg (stdenv.targetPlatform.emulator buildPackages)} + ''; + }; + } ../development/tools/build-managers/meson/emulator-hook.sh + else throw "mesonEmulatorHook has to be in a cross conditional i.e. (stdenv.buildPlatform != stdenv.hostPlatform)"; + meson-tools = callPackage ../misc/meson-tools { }; metabase = callPackage ../servers/metabase { }; @@ -17697,7 +17715,14 @@ with pkgs; relibc = callPackage ../development/libraries/relibc { }; # Only supported on Linux - glibcLocales = if stdenv.hostPlatform.isLinux then callPackage ../development/libraries/glibc/locales.nix { } else null; + glibcLocales = + if stdenv.hostPlatform.isLinux + then callPackage ../development/libraries/glibc/locales.nix { } + else null; + glibcLocalesUtf8 = + if stdenv.hostPlatform.isLinux + then callPackage ../development/libraries/glibc/locales.nix { allLocales = false; } + else null; glibcInfo = callPackage ../development/libraries/glibc/info.nix { }; @@ -17763,7 +17788,10 @@ with pkgs; gns3-gui = gns3Packages.guiStable; gns3-server = gns3Packages.serverStable; - gobject-introspection = callPackage ../development/libraries/gobject-introspection { + gobject-introspection = if (stdenv.hostPlatform != stdenv.targetPlatform) + then callPackage ../development/libraries/gobject-introspection/wrapper.nix { } else gobject-introspection-unwrapped; + + gobject-introspection-unwrapped = callPackage ../development/libraries/gobject-introspection { nixStoreDir = config.nix.storeDir or builtins.storeDir; inherit (darwin) cctools; }; @@ -18372,7 +18400,10 @@ with pkgs; libantlr3c = callPackage ../development/libraries/libantlr3c {}; - libaom = callPackage ../development/libraries/libaom { }; + libaom = callPackage ../development/libraries/libaom { + # Remove circular dependency for libavif + libjxl = libjxl.override { buildDocs = false; }; + }; libappindicator-gtk2 = libappindicator.override { gtkVersion = "2"; }; libappindicator-gtk3 = libappindicator.override { gtkVersion = "3"; }; @@ -24196,12 +24227,16 @@ with pkgs; buildBarebox bareboxTools; - uclibc = callPackage ../os-specific/linux/uclibc { }; + uclibc-ng = callPackage ../os-specific/linux/uclibc-ng { }; - uclibcCross = callPackage ../os-specific/linux/uclibc { + uclibc-ng-cross = callPackage ../os-specific/linux/uclibc-ng { stdenv = crossLibcStdenv; }; + # Aliases + uclibc = uclibc-ng; + uclibcCross = uclibc-ng-cross; + eudev = callPackage ../os-specific/linux/eudev { util-linux = util-linuxMinimal; }; libudev0-shim = callPackage ../os-specific/linux/libudev0-shim { }; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 59cdb70f68d..61d7148b377 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -10848,7 +10848,9 @@ in { ueagle = callPackage ../development/python-modules/ueagle { }; - uharfbuzz = callPackage ../development/python-modules/uharfbuzz { }; + uharfbuzz = callPackage ../development/python-modules/uharfbuzz { + inherit (pkgs.darwin.apple_sdk.frameworks) ApplicationServices; + }; ujson = callPackage ../development/python-modules/ujson { };