From 876cc63e8756c610d1f151436bb7d3baf06d0076 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sat, 12 Feb 2022 09:44:10 +0000 Subject: [PATCH 01/92] libipt: 2.0.4 -> 2.0.5 --- pkgs/development/libraries/libipt/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libipt/default.nix b/pkgs/development/libraries/libipt/default.nix index 15a677b3188..2cef20fdcbd 100644 --- a/pkgs/development/libraries/libipt/default.nix +++ b/pkgs/development/libraries/libipt/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "libipt"; - version = "2.0.4"; + version = "2.0.5"; src = fetchFromGitHub { owner = "intel"; repo = "libipt"; rev = "v${version}"; - sha256 = "sha256-KhRmRoIHvpx5rV7roCnUH+a7JtPb6UqD41Wi4wHSR1c="; + sha256 = "sha256-W7Hvc2zkmR6FdPGsymWXtm66BiHLcW9r7mywHjabeLc="; }; nativeBuildInputs = [ cmake ]; From d5cf13f483e7805b4a8aa9b703d7d5d86dda631a Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Sat, 21 May 2022 18:26:37 +0200 Subject: [PATCH 02/92] avahi: format the expression - Use `nixpkgs-fmt`. - Order attributes according to common convention. - Use `enableFeature` consistently. --- pkgs/development/libraries/avahi/default.nix | 106 +++++++++++++------ 1 file changed, 74 insertions(+), 32 deletions(-) diff --git a/pkgs/development/libraries/avahi/default.nix b/pkgs/development/libraries/avahi/default.nix index 1732b5df04e..e3e959b56ef 100644 --- a/pkgs/development/libraries/avahi/default.nix +++ b/pkgs/development/libraries/avahi/default.nix @@ -1,14 +1,28 @@ -{ fetchurl, fetchpatch, lib, stdenv, pkg-config, libdaemon, dbus, perlPackages -, expat, gettext, intltool, glib, libiconv, writeShellScriptBin, libevent +{ fetchurl +, fetchpatch +, lib +, stdenv +, pkg-config +, libdaemon +, dbus +, perlPackages +, expat +, gettext +, intltool +, glib +, libiconv +, libevent , nixosTests -, gtk3Support ? false, gtk3 ? null +, gtk3Support ? false +, gtk3 ? null , qt4 ? null , qt4Support ? false , qt5 ? null , qt5Support ? false , withLibdnssdCompat ? false , python ? null -, withPython ? false }: +, withPython ? false +}: assert qt4Support -> qt4 != null; @@ -26,46 +40,74 @@ stdenv.mkDerivation rec { sha256 = "1npdixwxxn3s9q1f365x9n9rc5xgfz39hxf23faqvlrklgbhj0q6"; }; - prePatch = '' - substituteInPlace configure \ - --replace pkg-config "$PKG_CONFIG" - ''; - patches = [ ./no-mkdir-localstatedir.patch + (fetchpatch { url = "https://github.com/lathiat/avahi/commit/9d31939e55280a733d930b15ac9e4dda4497680c.patch"; sha256 = "sha256-BXWmrLWUvDxKPoIPRFBpMS3T4gijRw0J+rndp6iDybU="; }) ]; - buildInputs = [ libdaemon dbus glib expat libiconv libevent ] - ++ (with perlPackages; [ perl XMLParser ]) - ++ (lib.optional gtk3Support gtk3) - ++ (lib.optional qt4Support qt4) - ++ (lib.optional qt5Support qt5); + nativeBuildInputs = [ + pkg-config + pkg-config-helper + gettext + glib + ]; - propagatedBuildInputs = - lib.optionals withPython (with python.pkgs; [ python pygobject3 dbus-python ]); + buildInputs = [ + libdaemon + dbus + glib + expat + libiconv + libevent + ] ++ (with perlPackages; [ + perl + XMLParser + ]) ++ lib.optionals gtk3Support [ + gtk3 + ] ++ lib.optionals qt4Support [ + qt4 + ] ++ lib.optionals qt5Support [ + qt5 + ]; - nativeBuildInputs = [ pkg-config pkg-config-helper gettext intltool glib ]; + propagatedBuildInputs = lib.optionals withPython (with python.pkgs; [ + python + pygobject3 + dbus-python + ]); - configureFlags = - [ "--disable-qt3" "--disable-gdbm" "--disable-mono" - "--disable-gtk" "--with-dbus-sys=${placeholder "out"}/share/dbus-1/system.d" - (lib.enableFeature gtk3Support "gtk3") - "--${if qt4Support then "enable" else "disable"}-qt4" - "--${if qt5Support then "enable" else "disable"}-qt5" - (lib.enableFeature withPython "python") - "--localstatedir=/var" "--with-distro=none" - # A systemd unit is provided by the avahi-daemon NixOS module - "--with-systemdsystemunitdir=no" ] - ++ lib.optional withLibdnssdCompat "--enable-compat-libdns_sd" + configureFlags = [ + "--disable-qt3" + "--disable-gdbm" + "--disable-mono" + "--disable-gtk" + "--with-dbus-sys=${placeholder "out"}/share/dbus-1/system.d" + (lib.enableFeature gtk3Support "gtk3") + (lib.enableFeature qt4Support "qt4") + (lib.enableFeature qt5Support "qt5") + (lib.enableFeature withPython "python") + "--localstatedir=/var" + "--with-distro=none" + # A systemd unit is provided by the avahi-daemon NixOS module + "--with-systemdsystemunitdir=no" + ] ++ lib.optionals withLibdnssdCompat [ + "--enable-compat-libdns_sd" + ] ++ lib.optionals stdenv.isDarwin [ # autoipd won't build on darwin - ++ lib.optional stdenv.isDarwin "--disable-autoipd"; + "--disable-autoipd" + ]; NIX_CFLAGS_COMPILE = "-DAVAHI_SERVICE_DIR=\"/etc/avahi/services\""; + prePatch = '' + substituteInPlace configure \ + --replace pkg-config "$PKG_CONFIG" + ''; + preBuild = lib.optionalString stdenv.isDarwin '' sed -i '20 i\ #define __APPLE_USE_RFC_2292' \ @@ -89,9 +131,9 @@ stdenv.mkDerivation rec { meta = with lib; { description = "mDNS/DNS-SD implementation"; - homepage = "http://avahi.org"; - license = licenses.lgpl2Plus; - platforms = platforms.unix; + homepage = "http://avahi.org"; + license = licenses.lgpl2Plus; + platforms = platforms.unix; maintainers = with maintainers; [ lovek323 globin ]; longDescription = '' From c55e200bb0855b4276438c71a8730d184e73a573 Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Sat, 21 May 2022 18:17:49 +0200 Subject: [PATCH 03/92] avahi: drop intltool & outdated flags - intltool was replaced by vanilla gettext https://github.com/lathiat/avahi/commit/3d5a0c68057e2ed76187a0bb565baaa10d566003 - gtk2 and qt4 disabled by default https://github.com/lathiat/avahi/commit/f060abee2807c943821d88839c013ce15db17b58 - qt3 disabled by default https://github.com/lathiat/avahi/commit/6ae71484f4dcbc0240bc2bce002470c9704e6fec - howl-compat was disabled by default 17 years ago https://github.com/lathiat/avahi/commit/16d9e30dd7fa052bd7e6dd37927d7f27bec90ef1 --- pkgs/development/libraries/avahi/default.nix | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/pkgs/development/libraries/avahi/default.nix b/pkgs/development/libraries/avahi/default.nix index e3e959b56ef..3f0577705f3 100644 --- a/pkgs/development/libraries/avahi/default.nix +++ b/pkgs/development/libraries/avahi/default.nix @@ -8,7 +8,6 @@ , perlPackages , expat , gettext -, intltool , glib , libiconv , libevent @@ -81,10 +80,8 @@ stdenv.mkDerivation rec { ]); configureFlags = [ - "--disable-qt3" "--disable-gdbm" "--disable-mono" - "--disable-gtk" "--with-dbus-sys=${placeholder "out"}/share/dbus-1/system.d" (lib.enableFeature gtk3Support "gtk3") (lib.enableFeature qt4Support "qt4") @@ -115,14 +112,10 @@ stdenv.mkDerivation rec { ''; postInstall = - # Maintain compat for mdnsresponder and howl + # Maintain compat for mdnsresponder lib.optionalString withLibdnssdCompat '' ln -s avahi-compat-libdns_sd/dns_sd.h "$out/include/dns_sd.h" ''; - /* # these don't exist (anymore?) - ln -s avahi-compat-howl $out/include/howl - ln -s avahi-compat-howl.pc $out/lib/pkgconfig/howl.pc - */ passthru.tests = { smoke-test = nixosTests.avahi; From 14dafc194f2b1166084110de1689efac20f1b6af Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Sat, 21 May 2022 18:39:02 +0200 Subject: [PATCH 04/92] avahi: Simplify pkg-config cross fix Building `pkgsCross.aarch64-multiplatform.avahi` would fail in the past with: checking for pkg-config... no configure: error: pkg-config is required to install this program To fix that, two independent workarounds were applied, each sufficient: - 34e4d0fd98aa66a0f46a6eb96dabadbbd44294b9 - 65a5313de5d34d73e2930bd132fe476f57f1b60f These days, it is more common to just add `pkg-config` to `depsBuildBuild`. --- pkgs/development/libraries/avahi/default.nix | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) diff --git a/pkgs/development/libraries/avahi/default.nix b/pkgs/development/libraries/avahi/default.nix index 3f0577705f3..d3e20b0422b 100644 --- a/pkgs/development/libraries/avahi/default.nix +++ b/pkgs/development/libraries/avahi/default.nix @@ -25,11 +25,6 @@ assert qt4Support -> qt4 != null; -let - # despite the configure script claiming it supports $PKG_CONFIG, it doesnt respect it - pkg-config-helper = writeShellScriptBin "pkg-config" ''exec $PKG_CONFIG "$@"''; -in - stdenv.mkDerivation rec { pname = "avahi${lib.optionalString withLibdnssdCompat "-compat"}"; version = "0.8"; @@ -48,9 +43,12 @@ stdenv.mkDerivation rec { }) ]; + depsBuildBuild = [ + pkg-config + ]; + nativeBuildInputs = [ pkg-config - pkg-config-helper gettext glib ]; @@ -100,11 +98,6 @@ stdenv.mkDerivation rec { NIX_CFLAGS_COMPILE = "-DAVAHI_SERVICE_DIR=\"/etc/avahi/services\""; - prePatch = '' - substituteInPlace configure \ - --replace pkg-config "$PKG_CONFIG" - ''; - preBuild = lib.optionalString stdenv.isDarwin '' sed -i '20 i\ #define __APPLE_USE_RFC_2292' \ From 8fa4e66def1aa4d465d6ab26d155074cf2ec4381 Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Sat, 21 May 2022 18:51:24 +0200 Subject: [PATCH 05/92] avahi: simplify path handling --- pkgs/development/libraries/avahi/default.nix | 12 +++++++++--- .../libraries/avahi/no-mkdir-localstatedir.patch | 12 ------------ 2 files changed, 9 insertions(+), 15 deletions(-) delete mode 100644 pkgs/development/libraries/avahi/no-mkdir-localstatedir.patch diff --git a/pkgs/development/libraries/avahi/default.nix b/pkgs/development/libraries/avahi/default.nix index d3e20b0422b..7ab9220be71 100644 --- a/pkgs/development/libraries/avahi/default.nix +++ b/pkgs/development/libraries/avahi/default.nix @@ -35,8 +35,6 @@ stdenv.mkDerivation rec { }; patches = [ - ./no-mkdir-localstatedir.patch - (fetchpatch { url = "https://github.com/lathiat/avahi/commit/9d31939e55280a733d930b15ac9e4dda4497680c.patch"; sha256 = "sha256-BXWmrLWUvDxKPoIPRFBpMS3T4gijRw0J+rndp6iDybU="; @@ -80,12 +78,15 @@ stdenv.mkDerivation rec { configureFlags = [ "--disable-gdbm" "--disable-mono" + # Use non-deprecated path https://github.com/lathiat/avahi/pull/376 "--with-dbus-sys=${placeholder "out"}/share/dbus-1/system.d" (lib.enableFeature gtk3Support "gtk3") (lib.enableFeature qt4Support "qt4") (lib.enableFeature qt5Support "qt5") (lib.enableFeature withPython "python") "--localstatedir=/var" + "--runstatedir=/run" + "--sysconfdir=/etc" "--with-distro=none" # A systemd unit is provided by the avahi-daemon NixOS module "--with-systemdsystemunitdir=no" @@ -96,7 +97,12 @@ stdenv.mkDerivation rec { "--disable-autoipd" ]; - NIX_CFLAGS_COMPILE = "-DAVAHI_SERVICE_DIR=\"/etc/avahi/services\""; + installFlags = [ + # Override directories to install into the package. + # Replace with runstatedir once is merged https://github.com/lathiat/avahi/pull/377 + "avahi_runtime_dir=${placeholder "out"}/run" + "sysconfdir=${placeholder "out"}/etc" + ]; preBuild = lib.optionalString stdenv.isDarwin '' sed -i '20 i\ diff --git a/pkgs/development/libraries/avahi/no-mkdir-localstatedir.patch b/pkgs/development/libraries/avahi/no-mkdir-localstatedir.patch deleted file mode 100644 index 72965c9f028..00000000000 --- a/pkgs/development/libraries/avahi/no-mkdir-localstatedir.patch +++ /dev/null @@ -1,12 +0,0 @@ -Don't "mkdir $(localstatedir)" since we can't do it (/var). - ---- a/avahi-daemon/Makefile.in -+++ b/avahi-daemon/Makefile.in -@@ -1625,7 +1625,6 @@ xmllint: - done - - install-data-local: -- test -z "$(avahi_runtime_dir)" || $(MKDIR_P) "$(DESTDIR)$(avahi_runtime_dir)" - - update-systemd: - curl http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.c > sd-daemon.c From 6a803b01aedd366a6a46eea6351cc91afb95de33 Mon Sep 17 00:00:00 2001 From: ajs124 Date: Thu, 26 May 2022 17:46:20 +0200 Subject: [PATCH 06/92] bind: remove broken configure flags configure: WARNING: unrecognized options: --without-atf, --without-docbook-xsl, --without-idn, --without-idnlib, --with-randomdev, --with-ecdsa, --with-gost, --without-eddsa, --with-aes, --with-libcap --- pkgs/servers/dns/bind/default.nix | 23 ++--------------------- 1 file changed, 2 insertions(+), 21 deletions(-) diff --git a/pkgs/servers/dns/bind/default.nix b/pkgs/servers/dns/bind/default.nix index 7b56061a4aa..b078b1ae2a8 100644 --- a/pkgs/servers/dns/bind/default.nix +++ b/pkgs/servers/dns/bind/default.nix @@ -1,9 +1,8 @@ { config, stdenv, lib, fetchurl, fetchpatch , perl, pkg-config , libcap, libtool, libxml2, openssl, libuv, nghttp2, jemalloc -, enableGSSAPI ? true, libkrb5 , enablePython ? false, python3 -, enableSeccomp ? false, libseccomp +, enableGSSAPI ? true, libkrb5 , buildPackages, nixosTests }: @@ -25,7 +24,6 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ perl pkg-config ]; buildInputs = [ libtool libxml2 openssl libuv nghttp2 jemalloc ] ++ lib.optional stdenv.isLinux libcap - ++ lib.optional enableSeccomp libseccomp ++ lib.optional enableGSSAPI libkrb5 ++ lib.optional enablePython (python3.withPackages (ps: with ps; [ ply ])); @@ -33,25 +31,8 @@ stdenv.mkDerivation rec { configureFlags = [ "--localstatedir=/var" - "--with-libtool" - (if enablePython then "--with-python" else "--without-python") - "--without-atf" - "--without-dlopen" - "--without-docbook-xsl" - "--without-idn" - "--without-idnlib" "--without-lmdb" - "--without-libjson" - "--without-pkcs11" - "--without-purify" - "--with-randomdev=/dev/random" - "--with-ecdsa" - "--with-gost" - "--without-eddsa" - "--with-aes" - ] ++ lib.optional stdenv.isLinux "--with-libcap=${libcap.dev}" - ++ lib.optional enableSeccomp "--enable-seccomp" - ++ lib.optional enableGSSAPI "--with-gssapi=${libkrb5.dev}/bin/krb5-config" + ] ++ lib.optional enableGSSAPI "--with-gssapi=${libkrb5.dev}/bin/krb5-config" ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) "BUILD_CC=$(CC_FOR_BUILD)"; postInstall = '' From 1c70b694fe0fece5ae74beb747a40f1b7237d251 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Na=C3=AFm=20Favier?= Date: Wed, 11 May 2022 23:03:35 +0200 Subject: [PATCH 07/92] makeWrapper,makeBinaryWrapper: implement `--append-flags` --- .../instant-messengers/teams/default.nix | 16 ++--- .../make-binary-wrapper.sh | 64 ++++++++++++------- .../build-support/setup-hooks/make-wrapper.sh | 34 ++++++---- pkgs/test/make-binary-wrapper/add-flags.c | 6 +- .../make-binary-wrapper/add-flags.cmdline | 1 + pkgs/test/make-binary-wrapper/add-flags.env | 2 + pkgs/test/make-binary-wrapper/combination.c | 4 +- pkgs/test/make-wrapper/default.nix | 10 +-- 8 files changed, 80 insertions(+), 57 deletions(-) diff --git a/pkgs/applications/networking/instant-messengers/teams/default.nix b/pkgs/applications/networking/instant-messengers/teams/default.nix index 07462b4cc26..474a1f96915 100644 --- a/pkgs/applications/networking/instant-messengers/teams/default.nix +++ b/pkgs/applications/networking/instant-messengers/teams/default.nix @@ -57,7 +57,12 @@ let ]; preFixup = '' - gappsWrapperArgs+=(--prefix PATH : "${coreutils}/bin:${gawk}/bin") + gappsWrapperArgs+=( + --prefix PATH : "${coreutils}/bin:${gawk}/bin" + + # fix for https://docs.microsoft.com/en-us/answers/questions/298724/open-teams-meeting-link-on-linux-doens39t-work.html?childToView=309406#comment-309406 + --append-flags '--disable-namespace-sandbox --disable-setuid-sandbox' + ) ''; @@ -118,15 +123,6 @@ let echo "Adding runtime dependencies to RPATH of Node module $mod" patchelf --set-rpath "$runtime_rpath:$mod_rpath" "$mod" done; - - # fix for https://docs.microsoft.com/en-us/answers/questions/298724/open-teams-meeting-link-on-linux-doens39t-work.html?childToView=309406#comment-309406 - wrapped=$out/bin/.teams-old - mv "$out/bin/teams" "$wrapped" - cat > "$out/bin/teams" << EOF - #! ${runtimeShell} - exec $wrapped "\$@" --disable-namespace-sandbox --disable-setuid-sandbox - EOF - chmod +x "$out/bin/teams" ''; }; diff --git a/pkgs/build-support/setup-hooks/make-binary-wrapper/make-binary-wrapper.sh b/pkgs/build-support/setup-hooks/make-binary-wrapper/make-binary-wrapper.sh index 6b8f5d60eb6..5f759d323cf 100644 --- a/pkgs/build-support/setup-hooks/make-binary-wrapper/make-binary-wrapper.sh +++ b/pkgs/build-support/setup-hooks/make-binary-wrapper/make-binary-wrapper.sh @@ -15,17 +15,19 @@ assertExecutable() { # makeWrapper EXECUTABLE OUT_PATH ARGS # ARGS: -# --argv0 NAME : set the name of the executed process to NAME -# (if unset or empty, defaults to EXECUTABLE) -# --inherit-argv0 : the executable inherits argv0 from the wrapper. -# (use instead of --argv0 '$0') -# --set VAR VAL : add VAR with value VAL to the executable's environment -# --set-default VAR VAL : like --set, but only adds VAR if not already set in -# the environment -# --unset VAR : remove VAR from the environment -# --chdir DIR : change working directory (use instead of --run "cd DIR") -# --add-flags FLAGS : add FLAGS to invocation of executable -# TODO(@ncfavier): --append-flags +# --argv0 NAME : set the name of the executed process to NAME +# (if unset or empty, defaults to EXECUTABLE) +# --inherit-argv0 : the executable inherits argv0 from the wrapper. +# (use instead of --argv0 '$0') +# --set VAR VAL : add VAR with value VAL to the executable's environment +# --set-default VAR VAL : like --set, but only adds VAR if not already set in +# the environment +# --unset VAR : remove VAR from the environment +# --chdir DIR : change working directory (use instead of --run "cd DIR") +# --add-flags ARGS : prepend ARGS to the invocation of the executable +# (that is, *before* any arguments passed on the command line) +# --append-flags ARGS : append ARGS to the invocation of the executable +# (that is, *after* any arguments passed on the command line) # --prefix ENV SEP VAL : suffix/prefix ENV with VAL, separated by SEP # --suffix @@ -83,7 +85,7 @@ makeDocumentedCWrapper() { # makeCWrapper EXECUTABLE ARGS # ARGS: same as makeWrapper makeCWrapper() { - local argv0 inherit_argv0 n params cmd main flagsBefore flags executable length + local argv0 inherit_argv0 n params cmd main flagsBefore flagsAfter flags executable length local uses_prefix uses_suffix uses_assert uses_assert_success uses_stdio uses_asprintf executable=$(escapeStringLiteral "$1") params=("$@") @@ -150,6 +152,13 @@ makeCWrapper() { n=$((n + 1)) [ $n -ge "$length" ] && main="$main#error makeCWrapper: $p takes 1 argument"$'\n' ;; + --append-flags) + flags="${params[n + 1]}" + flagsAfter="$flagsAfter $flags" + uses_assert=1 + n=$((n + 1)) + [ $n -ge "$length" ] && main="$main#error makeCWrapper: $p takes 1 argument"$'\n' + ;; --argv0) argv0=$(escapeStringLiteral "${params[n + 1]}") inherit_argv0= @@ -165,8 +174,7 @@ makeCWrapper() { ;; esac done - # shellcheck disable=SC2086 - [ -z "$flagsBefore" ] || main="$main"${main:+$'\n'}$(addFlags $flagsBefore)$'\n'$'\n' + [[ -z "$flagsBefore" && -z "$flagsAfter" ]] || main="$main"${main:+$'\n'}$(addFlags "$flagsBefore" "$flagsAfter")$'\n'$'\n' [ -z "$inherit_argv0" ] && main="${main}argv[0] = \"${argv0:-${executable}}\";"$'\n' main="${main}return execv(\"${executable}\", argv);"$'\n' @@ -184,21 +192,25 @@ makeCWrapper() { } addFlags() { - local result n flag flags var + local n flag before after var + # shellcheck disable=SC2086 + before=($1) after=($2) var="argv_tmp" - flags=("$@") - for ((n = 0; n < ${#flags[*]}; n += 1)); do - flag=$(escapeStringLiteral "${flags[$n]}") - result="$result${var}[$((n+1))] = \"$flag\";"$'\n' - done - printf '%s\n' "char **$var = calloc($((n+1)) + argc, sizeof(*$var));" + printf '%s\n' "char **$var = calloc(${#before[@]} + argc + ${#after[@]} + 1, sizeof(*$var));" printf '%s\n' "assert($var != NULL);" printf '%s\n' "${var}[0] = argv[0];" - printf '%s' "$result" + for ((n = 0; n < ${#before[@]}; n += 1)); do + flag=$(escapeStringLiteral "${before[n]}") + printf '%s\n' "${var}[$((n + 1))] = \"$flag\";" + done printf '%s\n' "for (int i = 1; i < argc; ++i) {" - printf '%s\n' " ${var}[$n + i] = argv[i];" + printf '%s\n' " ${var}[${#before[@]} + i] = argv[i];" printf '%s\n' "}" - printf '%s\n' "${var}[$n + argc] = NULL;" + for ((n = 0; n < ${#after[@]}; n += 1)); do + flag=$(escapeStringLiteral "${after[n]}") + printf '%s\n' "${var}[${#before[@]} + argc + $n] = \"$flag\";" + done + printf '%s\n' "${var}[${#before[@]} + argc + ${#after[@]}] = NULL;" printf '%s\n' "argv = $var;" } @@ -366,6 +378,10 @@ formatArgs() { formatArgsLine 1 "$@" shift 1 ;; + --append-flags) + formatArgsLine 1 "$@" + shift 1 + ;; --argv0) formatArgsLine 1 "$@" shift 1 diff --git a/pkgs/build-support/setup-hooks/make-wrapper.sh b/pkgs/build-support/setup-hooks/make-wrapper.sh index 8a38c39efc4..84e5ecee290 100644 --- a/pkgs/build-support/setup-hooks/make-wrapper.sh +++ b/pkgs/build-support/setup-hooks/make-wrapper.sh @@ -11,18 +11,20 @@ assertExecutable() { # makeWrapper EXECUTABLE OUT_PATH ARGS # ARGS: -# --argv0 NAME : set the name of the executed process to NAME -# (if unset or empty, defaults to EXECUTABLE) -# --inherit-argv0 : the executable inherits argv0 from the wrapper. -# (use instead of --argv0 '$0') -# --set VAR VAL : add VAR with value VAL to the executable's environment -# --set-default VAR VAL : like --set, but only adds VAR if not already set in -# the environment -# --unset VAR : remove VAR from the environment -# --chdir DIR : change working directory (use instead of --run "cd DIR") -# --run COMMAND : run command before the executable -# --add-flags FLAGS : add FLAGS to invocation of executable -# TODO(@ncfavier): --append-flags +# --argv0 NAME : set the name of the executed process to NAME +# (if unset or empty, defaults to EXECUTABLE) +# --inherit-argv0 : the executable inherits argv0 from the wrapper. +# (use instead of --argv0 '$0') +# --set VAR VAL : add VAR with value VAL to the executable's environment +# --set-default VAR VAL : like --set, but only adds VAR if not already set in +# the environment +# --unset VAR : remove VAR from the environment +# --chdir DIR : change working directory (use instead of --run "cd DIR") +# --run COMMAND : run command before the executable +# --add-flags ARGS : prepend ARGS to the invocation of the executable +# (that is, *before* any arguments passed on the command line) +# --append-flags ARGS : append ARGS to the invocation of the executable +# (that is, *after* any arguments passed on the command line) # --prefix ENV SEP VAL : suffix/prefix ENV with VAL, separated by SEP # --suffix @@ -36,7 +38,7 @@ makeShellWrapper() { local original="$1" local wrapper="$2" local params varName value command separator n fileNames - local argv0 flagsBefore flags + local argv0 flagsBefore flagsAfter flags assertExecutable "$original" @@ -165,6 +167,10 @@ makeShellWrapper() { flags="${params[$((n + 1))]}" n=$((n + 1)) flagsBefore="$flagsBefore $flags" + elif [[ "$p" == "--append-flags" ]]; then + flags="${params[$((n + 1))]}" + n=$((n + 1)) + flagsAfter="$flagsAfter $flags" elif [[ "$p" == "--argv0" ]]; then argv0="${params[$((n + 1))]}" n=$((n + 1)) @@ -177,7 +183,7 @@ makeShellWrapper() { done echo exec ${argv0:+-a \"$argv0\"} \""$original"\" \ - "$flagsBefore" '"$@"' >> "$wrapper" + "$flagsBefore" '"$@"' "$flagsAfter" >> "$wrapper" chmod +x "$wrapper" } diff --git a/pkgs/test/make-binary-wrapper/add-flags.c b/pkgs/test/make-binary-wrapper/add-flags.c index 7ce682c6be6..3ae8678d442 100644 --- a/pkgs/test/make-binary-wrapper/add-flags.c +++ b/pkgs/test/make-binary-wrapper/add-flags.c @@ -3,7 +3,7 @@ #include int main(int argc, char **argv) { - char **argv_tmp = calloc(5 + argc, sizeof(*argv_tmp)); + char **argv_tmp = calloc(4 + argc + 2 + 1, sizeof(*argv_tmp)); assert(argv_tmp != NULL); argv_tmp[0] = argv[0]; argv_tmp[1] = "-x"; @@ -13,7 +13,9 @@ int main(int argc, char **argv) { for (int i = 1; i < argc; ++i) { argv_tmp[4 + i] = argv[i]; } - argv_tmp[4 + argc] = NULL; + argv_tmp[4 + argc + 0] = "-foo"; + argv_tmp[4 + argc + 1] = "-bar"; + argv_tmp[4 + argc + 2] = NULL; argv = argv_tmp; argv[0] = "/send/me/flags"; diff --git a/pkgs/test/make-binary-wrapper/add-flags.cmdline b/pkgs/test/make-binary-wrapper/add-flags.cmdline index f840c772e34..f42d26f3adf 100644 --- a/pkgs/test/make-binary-wrapper/add-flags.cmdline +++ b/pkgs/test/make-binary-wrapper/add-flags.cmdline @@ -1,2 +1,3 @@ + --append-flags "-foo -bar" \ --add-flags "-x -y -z" \ --add-flags -abc diff --git a/pkgs/test/make-binary-wrapper/add-flags.env b/pkgs/test/make-binary-wrapper/add-flags.env index 9b8d1fb9f6a..3626b8cf97b 100644 --- a/pkgs/test/make-binary-wrapper/add-flags.env +++ b/pkgs/test/make-binary-wrapper/add-flags.env @@ -4,3 +4,5 @@ SUBST_ARGV0 -y -z -abc +-foo +-bar diff --git a/pkgs/test/make-binary-wrapper/combination.c b/pkgs/test/make-binary-wrapper/combination.c index e9ce5f1d724..8ce8a4722a0 100644 --- a/pkgs/test/make-binary-wrapper/combination.c +++ b/pkgs/test/make-binary-wrapper/combination.c @@ -36,7 +36,7 @@ int main(int argc, char **argv) { set_env_suffix("PATH", ":", "/usr/local/bin/"); putenv("MESSAGE2=WORLD"); - char **argv_tmp = calloc(4 + argc, sizeof(*argv_tmp)); + char **argv_tmp = calloc(3 + argc + 0 + 1, sizeof(*argv_tmp)); assert(argv_tmp != NULL); argv_tmp[0] = argv[0]; argv_tmp[1] = "-x"; @@ -45,7 +45,7 @@ int main(int argc, char **argv) { for (int i = 1; i < argc; ++i) { argv_tmp[3 + i] = argv[i]; } - argv_tmp[3 + argc] = NULL; + argv_tmp[3 + argc + 0] = NULL; argv = argv_tmp; argv[0] = "my-wrapper"; diff --git a/pkgs/test/make-wrapper/default.nix b/pkgs/test/make-wrapper/default.nix index 62ccd272adf..5cc7cee5a86 100644 --- a/pkgs/test/make-wrapper/default.nix +++ b/pkgs/test/make-wrapper/default.nix @@ -62,7 +62,7 @@ runCommand "make-wrapper-test" (mkWrapperBinary { name = "test-unset"; args = [ "--unset" "VAR" ]; }) (mkWrapperBinary { name = "test-run"; args = [ "--run" "echo bar" ]; }) (mkWrapperBinary { name = "test-run-and-set"; args = [ "--run" "export VAR=foo" "--set" "VAR" "bar" ]; }) - (mkWrapperBinary { name = "test-args"; args = [ "--add-flags" "abc" ]; wrapped = wrappedBinaryArgs; }) + (mkWrapperBinary { name = "test-args"; args = [ "--add-flags" "abc" "--append-flags" "xyz" ]; wrapped = wrappedBinaryArgs; }) (mkWrapperBinary { name = "test-prefix"; args = [ "--prefix" "VAR" ":" "abc" ]; }) (mkWrapperBinary { name = "test-prefix-noglob"; args = [ "--prefix" "VAR" ":" "./*" ]; }) (mkWrapperBinary { name = "test-suffix"; args = [ "--suffix" "VAR" ":" "abc" ]; }) @@ -89,10 +89,10 @@ runCommand "make-wrapper-test" # --unset works + mkTest "VAR=foo test-unset" "VAR=" - # --add-flags works - + mkTest "test-args" "abc" - # given flags are appended - + mkTest "test-args foo" "abc foo" + # --add-flags and --append-flags work + + mkTest "test-args" "abc xyz" + # given flags are kept + + mkTest "test-args foo" "abc foo xyz" # --run works + mkTest "test-run" "bar\nVAR=" From 25c990a60b524efae7c4cd0e58317248ade3eacc Mon Sep 17 00:00:00 2001 From: Kevin Mehall Date: Thu, 2 Jun 2022 10:54:13 -0700 Subject: [PATCH 08/92] libtiff: 4.3.0 -> 4.4.0 Changelog: http://www.simplesystems.org/libtiff/v4.4.0.html --- .../development/libraries/libtiff/default.nix | 59 +------------------ 1 file changed, 2 insertions(+), 57 deletions(-) diff --git a/pkgs/development/libraries/libtiff/default.nix b/pkgs/development/libraries/libtiff/default.nix index 410447a7832..4c7ea02d8aa 100644 --- a/pkgs/development/libraries/libtiff/default.nix +++ b/pkgs/development/libraries/libtiff/default.nix @@ -25,11 +25,11 @@ stdenv.mkDerivation rec { pname = "libtiff"; - version = "4.3.0"; + version = "4.4.0"; src = fetchurl { url = "https://download.osgeo.org/libtiff/tiff-${version}.tar.gz"; - sha256 = "1j3snghqjbhwmnm5vz3dr1zm68dj15mgbx1wqld7vkl7n2nfaihf"; + sha256 = "1vdbk3sc497c58kxmp02irl6nqkfm9rjs3br7g59m59qfnrj6wli"; }; patches = [ @@ -38,61 +38,6 @@ stdenv.mkDerivation rec { # libc++abi 11 has an `#include `, this picks up files name # `version` in the project's include paths ./rename-version.patch - (fetchpatch { - name = "CVE-2022-22844.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/03047a26952a82daaa0792957ce211e0aa51bc64.patch"; - sha256 = "0cfih55f5qpc84mvlwsffik80bgz6drkflkhrdyqq8m84jw3mbwb"; - }) - (fetchpatch { - name = "CVE-2022-0561.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef.patch"; - sha256 = "0m57fdxyvhhr9cc260lvkkn2g4zr4n4v9nricc6lf9h6diagd7mk"; - }) - (fetchpatch { - name = "CVE-2022-0562.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b.patch"; - sha256 = "0ycirjjc1vigj03kwjb92n6jszsl9p17ccw5hry7lli9gxyyr0an"; - }) - (fetchpatch { - name = "CVE-2022-0891.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/46dc8fcd4d38c3b6f35ab28e532aee80e6f609d6.patch"; - sha256 = "1zn2pgsmbrjx3g2bpdggvwwbp6i348mikwlx4ws482h2379vmyj1"; - }) - (fetchpatch { - name = "CVE-2022-0865.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/5e18004500cda10d9074bdb6166b054e95b659ed.patch"; - sha256 = "131b9ial6avl2agwk31wp2jkrx59955f4r0dikx1jdaywqb7zhd1"; - }) - (fetchpatch { - name = "CVE-2022-0924.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/408976c44ef0aad975e0d1b6c6dc80d60f9dc665.patch"; - sha256 = "1aqaynp74ijxr3rizvbyz23ncs71pbbcw5src1zv46473sy55s8p"; - }) - (fetchpatch { - name = "CVE-2022-0907.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/f2b656e2e64adde07a6cffd5c8e96bd81a850fea.patch"; - sha256 = "0nsplq671qx0f35qww9mx27raqp3nvslz8iv7f3hxdgldylmh2vs"; - }) - (fetchpatch { - name = "CVE-2022-0909.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/f8d0f9aa1ba04c9ae3bfe869a18141a8b8117ad7.patch"; - sha256 = "1plhk6ildl16bp0k3wvzfd4a97hqfqfbbn7vjinsaasf4v0x3q5j"; - }) - (fetchpatch { - name = "CVE-2022-0908.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/a95b799f65064e4ba2e2dfc206808f86faf93e85.patch"; - sha256 = "0i61kkjaixdn2p933lpma9s6i0772vhxjxxcwyqagw96lmszrcm7"; - }) - (fetchpatch { - name = "CVE-2022-1354.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/87f580f39011109b3bb5f6eca13fac543a542798.patch"; - sha256 = "0171c662xiv3295x4wsq6qq0v90js51j54vsl7wm043kjkrp1fsb"; - }) - (fetchpatch { - name = "CVE-2022-1355.patch"; - url = "https://gitlab.com/libtiff/libtiff/-/commit/c1ae29f9ebacd29b7c3e0c7db671af7db3584bc2.patch"; - sha256 = "1y75c72s41pl39d5zr5pmkiyfrancllv8fbl10zvc67pg3qjq4v8"; - }) ]; postPatch = '' From 5dcb09d3cbeecf8ff707aac0309507fee270cc34 Mon Sep 17 00:00:00 2001 From: Kevin Mehall Date: Thu, 2 Jun 2022 21:44:57 +0000 Subject: [PATCH 09/92] freeimage: Add patch to fix build with libtiff 4.4.0 --- pkgs/development/libraries/freeimage/default.nix | 2 +- .../libraries/freeimage/libtiff-4.4.0.diff | 15 +++++++++++++++ 2 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 pkgs/development/libraries/freeimage/libtiff-4.4.0.diff diff --git a/pkgs/development/libraries/freeimage/default.nix b/pkgs/development/libraries/freeimage/default.nix index b132b3fae8c..c6215873128 100644 --- a/pkgs/development/libraries/freeimage/default.nix +++ b/pkgs/development/libraries/freeimage/default.nix @@ -16,7 +16,7 @@ stdenv.mkDerivation { # Ensure that the bundled libraries are not used at all prePatch = "rm -rf Source/Lib* Source/OpenEXR Source/ZLib"; - patches = [ ./unbundle.diff ]; + patches = [ ./unbundle.diff ./libtiff-4.4.0.diff ]; postPatch = '' # To support cross compilation, use the correct `pkg-config`. diff --git a/pkgs/development/libraries/freeimage/libtiff-4.4.0.diff b/pkgs/development/libraries/freeimage/libtiff-4.4.0.diff new file mode 100644 index 00000000000..13abd5dd708 --- /dev/null +++ b/pkgs/development/libraries/freeimage/libtiff-4.4.0.diff @@ -0,0 +1,15 @@ +Fix build with libtiff 4.4.0 by not using a private libtiff API. +Patch by Kurt Schwehr: https://sourceforge.net/p/freeimage/discussion/36109/thread/2018fdc6e7/ + +diff -ru a/Source/Metadata/XTIFF.cpp b/Source/Metadata/XTIFF.cpp +--- a/Source/Metadata/XTIFF.cpp ++++ b/Source/Metadata/XTIFF.cpp +@@ -749,7 +749,7 @@ + continue; + } + // type of storage may differ (e.g. rationnal array vs float array type) +- if((unsigned)_TIFFDataSize(tif_tag_type) != FreeImage_TagDataWidth(tag_type)) { ++ if((unsigned)TIFFFieldSetGetSize(fld) != FreeImage_TagDataWidth(tag_type)) { + // skip tag or _TIFFmemcpy will fail + continue; + } From 6ffe4109839c62ccd7347f915f6b810768fc99f8 Mon Sep 17 00:00:00 2001 From: Kevin Mehall Date: Fri, 3 Jun 2022 13:29:23 -0700 Subject: [PATCH 10/92] freeimage: cleanup suggestions from code review Co-authored-by: Sandro --- pkgs/development/libraries/freeimage/default.nix | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/freeimage/default.nix b/pkgs/development/libraries/freeimage/default.nix index c6215873128..807e96669c6 100644 --- a/pkgs/development/libraries/freeimage/default.nix +++ b/pkgs/development/libraries/freeimage/default.nix @@ -15,8 +15,13 @@ stdenv.mkDerivation { sourceRoot = "svn-r1900/FreeImage/trunk"; # Ensure that the bundled libraries are not used at all - prePatch = "rm -rf Source/Lib* Source/OpenEXR Source/ZLib"; - patches = [ ./unbundle.diff ./libtiff-4.4.0.diff ]; + prePatch = '' + rm -rf Source/Lib* Source/OpenEXR Source/ZLib + ''; + patches = [ + ./unbundle.diff + ./libtiff-4.4.0.diff + ]; postPatch = '' # To support cross compilation, use the correct `pkg-config`. From c4897187fb65ea76dd18d22f6ca292834dcafacb Mon Sep 17 00:00:00 2001 From: Kevin Mehall Date: Thu, 2 Jun 2022 22:32:28 +0000 Subject: [PATCH 11/92] python3Packages.pillow: Add patch to fix failing test with libtiff 4.4.0 --- pkgs/development/python-modules/pillow/default.nix | 9 +++++++++ pkgs/development/python-modules/pillow/generic.nix | 3 ++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/pkgs/development/python-modules/pillow/default.nix b/pkgs/development/python-modules/pillow/default.nix index 47ed191c6d9..bd14a9d7c01 100644 --- a/pkgs/development/python-modules/pillow/default.nix +++ b/pkgs/development/python-modules/pillow/default.nix @@ -1,5 +1,6 @@ { lib , stdenv +, fetchpatch , buildPythonPackage , pythonOlder , fetchPypi @@ -22,6 +23,14 @@ import ./generic.nix (rec { sha256 = "f401ed2bbb155e1ade150ccc63db1a4f6c1909d3d378f7d1235a44e90d75fb97"; }; + patches = [ + # Fix failing test with libtiff 4.4.0 + (fetchpatch { + url = "https://github.com/python-pillow/Pillow/commit/40a918d274182b7d7c063d7797fb77d967982c4a.patch"; + sha256 = "sha256-f8m3Xt3V3pHggK1JEc2tnPmrTVPFjfV4YJqwE1KM1pA="; + }) + ]; + passthru.tests = { inherit imageio matplotlib pilkit pydicom reportlab; }; diff --git a/pkgs/development/python-modules/pillow/generic.nix b/pkgs/development/python-modules/pillow/generic.nix index 97c67fd5fa4..ec4f0526382 100644 --- a/pkgs/development/python-modules/pillow/generic.nix +++ b/pkgs/development/python-modules/pillow/generic.nix @@ -2,6 +2,7 @@ , version , disabled , src +, patches ? [] , meta , passthru ? {} , ... @@ -10,7 +11,7 @@ with args; buildPythonPackage rec { - inherit pname version src meta passthru; + inherit pname version src meta passthru patches; # Disable imagefont tests, because they don't work well with infinality: # https://github.com/python-pillow/Pillow/issues/1259 From 088b29159d2e14a6e722cdc2a8204af7b3118b76 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Wed, 1 Jun 2022 18:18:07 +0200 Subject: [PATCH 12/92] libidn2: hack to avoid referencing bootstrap tools Due to bootstrap tools getting purged from closure of libidn2.dev, a very large rebuild is caused. --- .../development/libraries/libidn2/default.nix | 1 + .../libidn2/no-bootstrap-reference.nix | 30 +++++++++++++++++++ pkgs/stdenv/linux/default.nix | 10 ++++++- 3 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 pkgs/development/libraries/libidn2/no-bootstrap-reference.nix diff --git a/pkgs/development/libraries/libidn2/default.nix b/pkgs/development/libraries/libidn2/default.nix index d8294f56adc..933bafa429f 100644 --- a/pkgs/development/libraries/libidn2/default.nix +++ b/pkgs/development/libraries/libidn2/default.nix @@ -16,6 +16,7 @@ stdenv.mkDerivation rec { sha256 = "sha256-dpQM1Od46Ak1eanRlbJf/16Tbp3GJCBoUotDenZ2T5E="; }; + # Beware: non-bootstrap libidn2 is overridden by ./hack.nix outputs = [ "bin" "dev" "out" "info" "devdoc" ]; patches = optional stdenv.isDarwin ./fix-error-darwin.patch; diff --git a/pkgs/development/libraries/libidn2/no-bootstrap-reference.nix b/pkgs/development/libraries/libidn2/no-bootstrap-reference.nix new file mode 100644 index 00000000000..e5922073437 --- /dev/null +++ b/pkgs/development/libraries/libidn2/no-bootstrap-reference.nix @@ -0,0 +1,30 @@ +{ stdenv, lib, libidn2, libunistring, runCommandLocal, patchelf }: +# Construct a copy of libidn2.* where all (transitive) libc references (in .bin) +# get replaced by a new one, so that there's no reference to bootstrap tools. +runCommandLocal + "${libidn2.pname}-${libidn2.version}" + { + outputs = [ "bin" "dev" "out" ]; + passthru = { + inherit (libidn2) out info devdoc; # no need to touch these store paths + }; + } + '' + cp -r '${libidn2.bin}' "$bin" + chmod +w "$bin"/bin/* + patchelf \ + --set-interpreter '${stdenv.cc.bintools.dynamicLinker}' \ + --set-rpath '${lib.concatMapStringsSep ":" (p: lib.getLib p + "/lib") + [ stdenv.cc.libc libunistring libidn2 ]}' \ + "$bin"/bin/* + + cp -r '${libidn2.dev}' "$dev" + chmod +w "$dev"/nix-support/propagated-build-inputs + substituteInPlace "$dev"/nix-support/propagated-build-inputs \ + --replace '${libidn2.bin}' "$bin" + substituteInPlace "$dev"/lib/pkgconfig/libidn2.pc \ + --replace '${libidn2.dev}' "$dev" + + ln -s '${libidn2.out}' "$out" # it's hard to be without any $out + '' + diff --git a/pkgs/stdenv/linux/default.nix b/pkgs/stdenv/linux/default.nix index 64c21fa105d..d5b220b8520 100644 --- a/pkgs/stdenv/linux/default.nix +++ b/pkgs/stdenv/linux/default.nix @@ -432,8 +432,16 @@ in inherit (prevStage) gzip bzip2 xz bash coreutils diffutils findutils gawk gnumake gnused gnutar gnugrep gnupatch patchelf - attr acl zlib pcre libunistring libidn2; + attr acl zlib pcre libunistring; ${localSystem.libc} = getLibc prevStage; + + # Hack: avoid libidn2.{bin,dev} referencing bootstrap tools. There's a logical cycle. + libidn2 = import ../../development/libraries/libidn2/no-bootstrap-reference.nix { + inherit lib; + inherit (prevStage) libidn2; + inherit (self) stdenv runCommandLocal patchelf libunistring; + }; + } // lib.optionalAttrs (super.stdenv.targetPlatform == localSystem) { # Need to get rid of these when cross-compiling. inherit (prevStage) binutils binutils-unwrapped; From fd84f6bb0c645f8be1f66b9b1514c606fea295da Mon Sep 17 00:00:00 2001 From: 7FM <41307817+7FM@users.noreply.github.com> Date: Sun, 5 Jun 2022 18:03:11 +0200 Subject: [PATCH 13/92] sane-backends: fix udev rule generation --- pkgs/applications/graphics/sane/backends/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/applications/graphics/sane/backends/default.nix b/pkgs/applications/graphics/sane/backends/default.nix index d3c5b1c0b75..8c45f3a62ff 100644 --- a/pkgs/applications/graphics/sane/backends/default.nix +++ b/pkgs/applications/graphics/sane/backends/default.nix @@ -83,7 +83,7 @@ stdenv.mkDerivation { in '' mkdir -p $out/etc/udev/rules.d/ - ./tools/sane-desc -m udev > $out/etc/udev/rules.d/49-libsane.rules || \ + ./tools/sane-desc -m udev+hwdb -s doc/descriptions:doc/descriptions-external > $out/etc/udev/rules.d/49-libsane.rules || \ cp tools/udev/libsane.rules $out/etc/udev/rules.d/49-libsane.rules # the created 49-libsane references /bin/sh substituteInPlace $out/etc/udev/rules.d/49-libsane.rules \ From df640d47ad3867a419e71543ad99a61c5092e7dc Mon Sep 17 00:00:00 2001 From: misuzu Date: Mon, 6 Jun 2022 13:11:15 +0300 Subject: [PATCH 14/92] valgrind: fix build error for armv7l https://bugs.kde.org/show_bug.cgi?id=454346 --- .../tools/analysis/valgrind/default.nix | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/pkgs/development/tools/analysis/valgrind/default.nix b/pkgs/development/tools/analysis/valgrind/default.nix index 6f631045f00..e602339303f 100644 --- a/pkgs/development/tools/analysis/valgrind/default.nix +++ b/pkgs/development/tools/analysis/valgrind/default.nix @@ -20,6 +20,20 @@ stdenv.mkDerivation rec { url = "https://bugsfiles.kde.org/attachment.cgi?id=148912"; sha256 = "Za+7K93pgnuEUQ+jDItEzWlN0izhbynX2crSOXBBY/I="; }) + # Fix build on armv7l. + # https://bugs.kde.org/show_bug.cgi?id=454346 + (fetchpatch { + url = "https://bugsfiles.kde.org/attachment.cgi?id=149172"; + sha256 = "sha256-4MASLsEK8wcshboR4YOc6mIt7AvAgDPvqIZyHqlvTEs="; + }) + (fetchpatch { + url = "https://bugsfiles.kde.org/attachment.cgi?id=149173"; + sha256 = "sha256-jX9hD4utWRebbXMJYZ5mu9jecvdrNP05E5J+PnKRTyQ="; + }) + (fetchpatch { + url = "https://bugsfiles.kde.org/attachment.cgi?id=149174"; + sha256 = "sha256-f1YIFIhWhXYVw3/UNEWewDak2mvbAd3aGzK4B+wTlys="; + }) ]; outputs = [ "out" "dev" "man" "doc" ]; From 295bb5dc03cccc31bc4b03bc456b731a4aad78b4 Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Mon, 6 Jun 2022 12:22:43 +0200 Subject: [PATCH 15/92] libdrm: 2.4.110 -> 2.4.111 --- pkgs/development/libraries/libdrm/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libdrm/default.nix b/pkgs/development/libraries/libdrm/default.nix index e08a4673248..90963cf516b 100644 --- a/pkgs/development/libraries/libdrm/default.nix +++ b/pkgs/development/libraries/libdrm/default.nix @@ -5,11 +5,11 @@ stdenv.mkDerivation rec { pname = "libdrm"; - version = "2.4.110"; + version = "2.4.111"; src = fetchurl { url = "https://dri.freedesktop.org/${pname}/${pname}-${version}.tar.xz"; - sha256 = "0dwpry9m5l27dlhq48j4bsiqwm0247cxdqwv3b7ddmkynk2f9kpf"; + sha256 = "1adjg96mz0ghjzsgp9hrdr622shrvqmjcz5sxksfcka2fx7idmqs"; }; outputs = [ "out" "dev" "bin" ]; From 8807cab81b09fa3c1d611e44a3ba4ac446d09f08 Mon Sep 17 00:00:00 2001 From: Zhaofeng Li Date: Thu, 16 Dec 2021 21:06:07 -0800 Subject: [PATCH 16/92] libffi: Pass --build and --host to configure script Without this, building `libffi` would do something horrible when natively targeting `armv5tel-linux` on an `aarch64-linux` machine using the 32-bit compatibility sub-mode: ``` $ nix-build --system armv5tel-linux -A libffi --check [...] checking build system type... aarch64-unknown-linux-gnu checking host system type... aarch64-unknown-linux-gnu checking target system type... aarch64-unknown-linux-gnu [...] $ file result/lib/libffi.so.8.1.0 result/lib/libffi.so.8.1.0: ELF 32-bit LSB shared object, ARM, EABI5 version 1 (SYSV), dynamically linked, not stripped $ nm result/lib/libffi.so.8.1.0 | grep ffi_call U ffi_call ``` Correct arch-specific code wouldn't be built at all, with the resulting binary subtly broken. --- pkgs/development/libraries/libffi/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/development/libraries/libffi/default.nix b/pkgs/development/libraries/libffi/default.nix index 7387a4a1f06..43661198b28 100644 --- a/pkgs/development/libraries/libffi/default.nix +++ b/pkgs/development/libraries/libffi/default.nix @@ -28,6 +28,8 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; + configurePlatforms = [ "build" "host" ]; + configureFlags = [ "--with-gcc-arch=generic" # no detection of -march= or -mtune= "--enable-pax_emutramp" From 61223d51de5824c57754990c606f91aeae0fc730 Mon Sep 17 00:00:00 2001 From: Thiago Kenji Okada Date: Tue, 7 Jun 2022 15:54:30 +0100 Subject: [PATCH 17/92] pythonRelaxDepsHook: fix usage in packages with `-` in pname --- .../python/hooks/python-relax-deps-hook.sh | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/pkgs/development/interpreters/python/hooks/python-relax-deps-hook.sh b/pkgs/development/interpreters/python/hooks/python-relax-deps-hook.sh index 7e1cfe51724..1c515ea9213 100644 --- a/pkgs/development/interpreters/python/hooks/python-relax-deps-hook.sh +++ b/pkgs/development/interpreters/python/hooks/python-relax-deps-hook.sh @@ -59,10 +59,11 @@ _pythonRemoveDeps() { pythonRelaxDepsHook() { pushd dist - local -r package="$pname-$version" + # See https://peps.python.org/pep-0491/#escaping-and-unicode + local -r pkg_name="${pname//[^[:alnum:].]/_}-$version" local -r unpack_dir="unpacked" - local -r metadata_file="$unpack_dir/$package/$package.dist-info/METADATA" - local -r wheel=$(echo "$package"*".whl") + local -r metadata_file="$unpack_dir/$pkg_name/$pkg_name.dist-info/METADATA" + local -r wheel=$(printf "$pkg_name"*".whl") @pythonInterpreter@ -m wheel unpack --dest "$unpack_dir" "$wheel" rm -rf "$wheel" @@ -72,10 +73,10 @@ pythonRelaxDepsHook() { if (( "${NIX_DEBUG:-0}" >= 1 )); then echo "pythonRelaxDepsHook: resulting METADATA:" - cat "$unpack_dir/$package/$package.dist-info/METADATA" + cat "$unpack_dir/$pkg_name/$pkg_name.dist-info/METADATA" fi - @pythonInterpreter@ -m wheel pack "$unpack_dir/$package" + @pythonInterpreter@ -m wheel pack "$unpack_dir/$pkg_name" popd } From 0d71f8a2bc0b47189e348e68245334971ba0d05f Mon Sep 17 00:00:00 2001 From: Thiago Kenji Okada Date: Tue, 7 Jun 2022 15:54:55 +0100 Subject: [PATCH 18/92] pysigma-backend-insightidr: use pythonRelaxDepsHook Co-authored-by: Fabian Affolter --- .../python-modules/pysigma-backend-insightidr/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pkgs/development/python-modules/pysigma-backend-insightidr/default.nix b/pkgs/development/python-modules/pysigma-backend-insightidr/default.nix index 46346f466b2..583abc11f6d 100644 --- a/pkgs/development/python-modules/pysigma-backend-insightidr/default.nix +++ b/pkgs/development/python-modules/pysigma-backend-insightidr/default.nix @@ -5,6 +5,7 @@ , pysigma , pytestCheckHook , pythonOlder +, pythonRelaxDepsHook }: buildPythonPackage rec { @@ -23,12 +24,17 @@ buildPythonPackage rec { nativeBuildInputs = [ poetry-core + pythonRelaxDepsHook ]; propagatedBuildInputs = [ pysigma ]; + pythonRelaxDeps = [ + "pysigma" + ]; + checkInputs = [ pytestCheckHook ]; From 05373e130b16bc9080c7fc1908b8c9702e8bbc22 Mon Sep 17 00:00:00 2001 From: Izorkin Date: Sun, 15 May 2022 11:19:19 +0300 Subject: [PATCH 19/92] libnetfilter_cthelper: 1.0.0 -> 1.0.1 --- .../development/libraries/libnetfilter_cthelper/default.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libnetfilter_cthelper/default.nix b/pkgs/development/libraries/libnetfilter_cthelper/default.nix index 294f776192d..5d221bed34a 100644 --- a/pkgs/development/libraries/libnetfilter_cthelper/default.nix +++ b/pkgs/development/libraries/libnetfilter_cthelper/default.nix @@ -2,13 +2,15 @@ stdenv.mkDerivation rec { pname = "libnetfilter_cthelper"; - version = "1.0.0"; + version = "1.0.1"; src = fetchurl { url = "https://netfilter.org/projects/libnetfilter_cthelper/files/${pname}-${version}.tar.bz2"; - sha256 = "07618e71c4d9a6b6b3dc1986540486ee310a9838ba754926c7d14a17d8fccf3d"; + sha256 = "sha256-FAc9VIcjOJc1XT/wTdwcjQPMW6jSNWI2qogWGp8tyRI="; }; + outputs = [ "out" "dev" ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ libmnl ]; From d5d49c402d45c95f9467ae5c255e6d4e4d3e3fe4 Mon Sep 17 00:00:00 2001 From: Izorkin Date: Sun, 15 May 2022 11:22:01 +0300 Subject: [PATCH 20/92] libnetfilter_cttimeout: 1.0.0 -> 1.0.1 --- .../libraries/libnetfilter_cttimeout/default.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libnetfilter_cttimeout/default.nix b/pkgs/development/libraries/libnetfilter_cttimeout/default.nix index a8d0c2680df..d4b53a18187 100644 --- a/pkgs/development/libraries/libnetfilter_cttimeout/default.nix +++ b/pkgs/development/libraries/libnetfilter_cttimeout/default.nix @@ -2,13 +2,15 @@ stdenv.mkDerivation rec { pname = "libnetfilter_cttimeout"; - version = "1.0.0"; + version = "1.0.1"; src = fetchurl { url = "https://netfilter.org/projects/libnetfilter_cttimeout/files/${pname}-${version}.tar.bz2"; - sha256 = "aeab12754f557cba3ce2950a2029963d817490df7edb49880008b34d7ff8feba"; + sha256 = "sha256-C1naLzIE4cgMuF0fbXIoX8B7AaL1Z4q/Xcz7vv1lAyU="; }; + outputs = [ "out" "dev" ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ libmnl ]; From 131fce41a3b25eed5f0d7b16819f8811f5e26af9 Mon Sep 17 00:00:00 2001 From: Izorkin Date: Sun, 15 May 2022 11:51:48 +0300 Subject: [PATCH 21/92] iptables: 1.8.7 -> 1.8.8 --- pkgs/os-specific/linux/iptables/default.nix | 30 ++++++++++++++------- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/pkgs/os-specific/linux/iptables/default.nix b/pkgs/os-specific/linux/iptables/default.nix index c6dc10f32ba..d76bba1c37d 100644 --- a/pkgs/os-specific/linux/iptables/default.nix +++ b/pkgs/os-specific/linux/iptables/default.nix @@ -1,19 +1,33 @@ { lib, stdenv, fetchurl, pkg-config, pruneLibtoolFiles, flex, bison , libmnl, libnetfilter_conntrack, libnfnetlink, libnftnl, libpcap , nftablesCompat ? true +, fetchpatch }: -with lib; - stdenv.mkDerivation rec { - version = "1.8.7"; + version = "1.8.8"; pname = "iptables"; src = fetchurl { url = "https://www.netfilter.org/projects/${pname}/files/${pname}-${version}.tar.bz2"; - sha256 = "1w6qx3sxzkv80shk21f63rq41c84irpx68k62m2cv629n1mwj2f1"; + sha256 = "sha256-ccdYidxxBnZjFVPrFRHaAXe7qvG1USZbkS0jbD9RhZ8="; }; + patches = [ + # xshared: Fix build for -Werror=format-security + (fetchpatch { + url = "https://git.netfilter.org/iptables/patch/?id=b72eb12ea5a61df0655ad99d5048994e916be83a"; + sha256 = "sha256-pnamqOagwNWoiwlxPnKCqSc2N7MP/eZlT7JiE09c8OE="; + }) + # treewide: use uint* instead of u_int* + (fetchpatch { + url = "https://git.netfilter.org/iptables/patch/?id=f319389525b066b7dc6d389c88f16a0df3b8f189"; + sha256 = "sha256-rOxCEWZoI8Ac5fQDp286YHAwvreUAoDVAbomboKrGyM="; + }) + ]; + + outputs = [ "out" "dev" "man" ]; + nativeBuildInputs = [ pkg-config pruneLibtoolFiles flex bison ]; buildInputs = [ libmnl libnetfilter_conntrack libnfnetlink libnftnl libpcap ]; @@ -28,11 +42,9 @@ stdenv.mkDerivation rec { "--enable-libipq" "--enable-nfsynproxy" "--enable-shared" - ] ++ optional (!nftablesCompat) "--disable-nftables"; + ] ++ lib.optional (!nftablesCompat) "--disable-nftables"; - outputs = [ "out" "dev" ]; - - postInstall = optionalString nftablesCompat '' + postInstall = lib.optionalString nftablesCompat '' rm $out/sbin/{iptables,iptables-restore,iptables-save,ip6tables,ip6tables-restore,ip6tables-save} ln -sv xtables-nft-multi $out/bin/iptables ln -sv xtables-nft-multi $out/bin/iptables-restore @@ -42,7 +54,7 @@ stdenv.mkDerivation rec { ln -sv xtables-nft-multi $out/bin/ip6tables-save ''; - meta = { + meta = with lib; { description = "A program to configure the Linux IP packet filtering ruleset"; homepage = "https://www.netfilter.org/projects/iptables/index.html"; platforms = platforms.linux; From 6dd69475e244c6c47c6afd0d7a4d846b37147dd8 Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Thu, 9 Jun 2022 21:05:39 +0200 Subject: [PATCH 22/92] =?UTF-8?q?fontconfig:=202.13.94=20=E2=86=92=202.14.?= =?UTF-8?q?0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit https://gitlab.freedesktop.org/fontconfig/fontconfig/-/compare/2.13.94...2.14.0 --- .../libraries/fontconfig/default.nix | 21 ++++++------------- 1 file changed, 6 insertions(+), 15 deletions(-) diff --git a/pkgs/development/libraries/fontconfig/default.nix b/pkgs/development/libraries/fontconfig/default.nix index 64e6f9a2476..6c0b8899a3f 100644 --- a/pkgs/development/libraries/fontconfig/default.nix +++ b/pkgs/development/libraries/fontconfig/default.nix @@ -1,6 +1,5 @@ -{ lib, stdenv -, fetchpatch -, substituteAll +{ stdenv +, lib , fetchurl , pkg-config , python3 @@ -15,23 +14,15 @@ stdenv.mkDerivation rec { pname = "fontconfig"; - version = "2.13.94"; + version = "2.14.0"; + + outputs = [ "bin" "dev" "lib" "out" ]; # $out contains all the config src = fetchurl { url = "https://www.freedesktop.org/software/fontconfig/release/${pname}-${version}.tar.xz"; - sha256 = "0g004r0bkkqz00mpm3svnnxn7d83158q0yb9ggxryizxfg5m5w55"; + sha256 = "3L64TJx0u/2xM9U1/hx77cnyIhqNrzkUuYTETFIOm6w="; }; - patches = [ - # Fix font style detection - (fetchpatch { - url = "https://gitlab.freedesktop.org/fontconfig/fontconfig/-/commit/92fbf14b0d7c4737ffe1e8326b7ab8ffae5548c3.patch"; - sha256 = "1wmyax2151hg3m11q61mv25k45zk2w3xapb4p1r6wzk91zjlsgyr"; - }) - ]; - - outputs = [ "bin" "dev" "lib" "out" ]; # $out contains all the config - nativeBuildInputs = [ autoreconfHook gperf From e91b5670e3fc0a7e39b9f3e469bedfe742d42eda Mon Sep 17 00:00:00 2001 From: Manuel Mendez Date: Tue, 7 Jun 2022 13:14:38 -0400 Subject: [PATCH 23/92] cc-wrapper: Use case statements instead of bunch of if/elif checks Makes for easier to read code imo, case-in-point there was a duplicate test for `$p = -E` before. While doing this little bit of refactor I changed rest -> kept because that makes more sense, rest sounds like its the rest of params while kept says these are the params that we've kept. I tested for no change in behavior using the following bash script: ``` reset() { cInclude=1 cxxInclude=1 cxxLibrary=1 dontLink=0 isCxx=0 nonFlagArgs=0 params=() } parseParams() { declare -i n=0 nParams=${#params[@]} while (("$n" < "$nParams")); do p=${params[n]} p2=${params[n + 1]:-} # handle `p` being last one case "$p" in -[cSEM] | -MM) dontLink=1 ;; -cc1) cc1=1 ;; -nostdinc) cInclude=0 cxxInclude=0 ;; -nostdinc++) cxxInclude=0 ;; -nostdlib) cxxLibrary=0 ;; -x) case "$p2" in *-header) dontLink=1 ;; c++*) isCxx=1 ;; esac ;; -?*) ;; *) nonFlagArgs=1 ;; # Includes a solitary dash (`-`) which signifies standard input; it is not a flag esac n+=1 done } for p in c S E M MM; do reset params=-$p parseParams [[ $dontLink != 1 ]] && echo "expected dontLink=1 for params:${params[@]}" >&2 && exit 1 done reset params=(-x foo-header) parseParams [[ $dontLink != 1 ]] && echo "expected dontLink=1 for params:${params[@]}" >&2 && exit 1 reset params=(-x c++-foo) parseParams [[ $isCxx != 1 ]] && echo "expected isCxx=1 for params:${params[@]}" >&2 && exit 1 reset params=-nostdlib parseParams [[ $cxxLibrary != 0 ]] && echo "expected cxxLibrary=0 for params:${params[@]}" >&2 && exit 1 reset params=-nostdinc parseParams [[ $cInclude != 0 ]] && echo "expected cInclude=0 for params:${params[@]}" >&2 && exit 1 [[ $cxxInclude != 0 ]] && echo "expected cxxInclude=0 for params:${params[@]}" >&2 && exit 1 reset params=-nostdinc++ parseParams [[ $cxxInclude != 0 ]] && echo "expected cxxInclude=0 for params:${params[@]}" >&2 && exit 1 reset params=-cc1 parseParams [[ $cc1 != 1 ]] && echo "expected cc1=1 for params:${params[@]}" >&2 && exit 1 reset params=- parseParams [[ $nonFlagArgs != 1 ]] && echo "expected nonFlagArgs=1 for params:${params[@]}" >&2 && exit 1 reset params=bleh parseParams [[ $nonFlagArgs != 1 ]] && echo "expected nonFlagArgs=1 for params:${params[@]}" >&2 && exit 1 reset params=-? parseParams [[ $nonFlagArgs != 0 ]] && echo "expected nonFlagArgs=0 for params:${params[@]}" >&2 && exit 1 exit 0 ``` --- pkgs/build-support/cc-wrapper/cc-wrapper.sh | 83 +++++++++------------ 1 file changed, 36 insertions(+), 47 deletions(-) diff --git a/pkgs/build-support/cc-wrapper/cc-wrapper.sh b/pkgs/build-support/cc-wrapper/cc-wrapper.sh index 1220841162c..334bd72e4d4 100644 --- a/pkgs/build-support/cc-wrapper/cc-wrapper.sh +++ b/pkgs/build-support/cc-wrapper/cc-wrapper.sh @@ -38,36 +38,23 @@ nParams=${#params[@]} while (( "$n" < "$nParams" )); do p=${params[n]} p2=${params[n+1]:-} # handle `p` being last one - if [ "$p" = -c ]; then - dontLink=1 - elif [ "$p" = -S ]; then - dontLink=1 - elif [ "$p" = -E ]; then - dontLink=1 - elif [ "$p" = -E ]; then - dontLink=1 - elif [ "$p" = -M ]; then - dontLink=1 - elif [ "$p" = -MM ]; then - dontLink=1 - elif [[ "$p" = -x && "$p2" = *-header ]]; then - dontLink=1 - elif [[ "$p" = -x && "$p2" = c++* && "$isCxx" = 0 ]]; then - isCxx=1 - elif [ "$p" = -nostdlib ]; then - cxxLibrary=0 - elif [ "$p" = -nostdinc ]; then - cInclude=0 - cxxInclude=0 - elif [ "$p" = -nostdinc++ ]; then - cxxInclude=0 - elif [[ "$p" != -?* ]]; then - # A dash alone signifies standard input; it is not a flag - nonFlagArgs=1 - elif [ "$p" = -cc1 ]; then - cc1=1 - fi n+=1 + + case "$p" in + -[cSEM] | -MM) dontLink=1 ;; + -cc1) cc1=1 ;; + -nostdinc) cInclude=0 cxxInclude=0 ;; + -nostdinc++) cxxInclude=0 ;; + -nostdlib) cxxLibrary=0 ;; + -x) + case "$p2" in + *-header) dontLink=1 ;; + c++*) isCxx=1 ;; + esac + ;; + -?*) ;; + *) nonFlagArgs=1 ;; # Includes a solitary dash (`-`) which signifies standard input; it is not a flag + esac done # If we pass a flag like -Wl, then gcc will call the linker unless it @@ -81,29 +68,31 @@ fi # Optionally filter out paths not refering to the store. if [[ "${NIX_ENFORCE_PURITY:-}" = 1 && -n "$NIX_STORE" ]]; then - rest=() + kept=() nParams=${#params[@]} declare -i n=0 while (( "$n" < "$nParams" )); do p=${params[n]} p2=${params[n+1]:-} # handle `p` being last one - if [ "${p:0:3}" = -L/ ] && badPath "${p:2}"; then - skip "${p:2}" - elif [ "$p" = -L ] && badPath "$p2"; then - n+=1; skip "$p2" - elif [ "${p:0:3}" = -I/ ] && badPath "${p:2}"; then - skip "${p:2}" - elif [ "$p" = -I ] && badPath "$p2"; then - n+=1; skip "$p2" - elif [ "$p" = -isystem ] && badPath "$p2"; then - n+=1; skip "$p2" - else - rest+=("$p") - fi n+=1 + + skipNext=false + path="" + case "$p" in + -[IL]/*) path=${p:2} ;; + -[IL] | -isystem) path=$p2 skipNext=true ;; + esac + + if [[ -n $path ]] && badPath "$path"; then + skip "$path" + $skipNext && n+=1 + continue + fi + + kept+=("$p") done # Old bash empty array hack - params=(${rest+"${rest[@]}"}) + params=(${kept+"${kept[@]}"}) fi # Flirting with a layer violation here. @@ -118,17 +107,17 @@ fi # Clear march/mtune=native -- they bring impurity. if [ "$NIX_ENFORCE_NO_NATIVE_@suffixSalt@" = 1 ]; then - rest=() + kept=() # Old bash empty array hack for p in ${params+"${params[@]}"}; do if [[ "$p" = -m*=native ]]; then skip "$p" else - rest+=("$p") + kept+=("$p") fi done # Old bash empty array hack - params=(${rest+"${rest[@]}"}) + params=(${kept+"${kept[@]}"}) fi if [[ "$isCxx" = 1 ]]; then From 19b6ccd9acb89585cb9df7fae22e68baacda3534 Mon Sep 17 00:00:00 2001 From: Manuel Mendez Date: Fri, 3 Jun 2022 17:00:10 -0400 Subject: [PATCH 24/92] cc-wrapper: Allow for override of -target for clang/clang++ This enables users to make use of clang's multi-platform/target support without having to go through full cross system setup. This is especially useful for generating bpf object files, I'm not even usre what would a no-userland cross compile system tuple even look like to even try going that route. Fixes #176128 --- pkgs/build-support/cc-wrapper/cc-wrapper.sh | 6 ++++++ pkgs/build-support/cc-wrapper/default.nix | 13 +++++-------- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/pkgs/build-support/cc-wrapper/cc-wrapper.sh b/pkgs/build-support/cc-wrapper/cc-wrapper.sh index 334bd72e4d4..b8049dafb98 100644 --- a/pkgs/build-support/cc-wrapper/cc-wrapper.sh +++ b/pkgs/build-support/cc-wrapper/cc-wrapper.sh @@ -29,6 +29,7 @@ cc1=0 cxxInclude=1 cxxLibrary=1 cInclude=1 +needsTarget=@needsTarget@ expandResponseParams "$@" linkType=$(checkLinkType "${params[@]}") @@ -46,6 +47,7 @@ while (( "$n" < "$nParams" )); do -nostdinc) cInclude=0 cxxInclude=0 ;; -nostdinc++) cxxInclude=0 ;; -nostdlib) cxxLibrary=0 ;; + -target|--target=*) needsTarget=0;; -x) case "$p2" in *-header) dontLink=1 ;; @@ -159,6 +161,10 @@ if [ "$dontLink" != 1 ]; then export NIX_LINK_TYPE_@suffixSalt@=$linkType fi +if [ $needsTarget == 1 ]; then + extraAfter+=(-target @defaultTarget@) +fi + # As a very special hack, if the arguments are just `-v', then don't # add anything. This is to prevent `gcc -v' (which normally prints # out the version number and returns exit code 0) from printing out diff --git a/pkgs/build-support/cc-wrapper/default.nix b/pkgs/build-support/cc-wrapper/default.nix index 35d714f9b41..1fc0491cbec 100644 --- a/pkgs/build-support/cc-wrapper/default.nix +++ b/pkgs/build-support/cc-wrapper/default.nix @@ -208,6 +208,7 @@ stdenv.mkDerivation { + '' export named_cc=${targetPrefix}cc export named_cxx=${targetPrefix}c++ + export needsTarget=0 if [ -e $ccPath/${targetPrefix}gcc ]; then wrap ${targetPrefix}gcc $wrapper $ccPath/${targetPrefix}gcc @@ -215,6 +216,8 @@ stdenv.mkDerivation { export named_cc=${targetPrefix}gcc export named_cxx=${targetPrefix}g++ elif [ -e $ccPath/clang ]; then + needsTarget=1 + export defaultTarget=${targetPlatform.config} wrap ${targetPrefix}clang $wrapper $ccPath/clang ln -s ${targetPrefix}clang $out/bin/${targetPrefix}cc export named_cc=${targetPrefix}clang @@ -225,6 +228,8 @@ stdenv.mkDerivation { wrap ${targetPrefix}g++ $wrapper $ccPath/${targetPrefix}g++ ln -s ${targetPrefix}g++ $out/bin/${targetPrefix}c++ elif [ -e $ccPath/clang++ ]; then + needsTarget=1 + export defaultTarget=${targetPlatform.config} wrap ${targetPrefix}clang++ $wrapper $ccPath/clang++ ln -s ${targetPrefix}clang++ $out/bin/${targetPrefix}c++ fi @@ -297,14 +302,6 @@ stdenv.mkDerivation { fi '' - ## - ## General Clang support - ## - + optionalString isClang '' - - echo "-target ${targetPlatform.config}" >> $out/nix-support/cc-cflags - '' - ## ## GCC libs for non-GCC support ## From 2294dace6ae30d095719a6dd8413242ec61ca8e5 Mon Sep 17 00:00:00 2001 From: Ben Wolsieffer Date: Tue, 17 May 2022 19:26:20 -0400 Subject: [PATCH 25/92] python3Packages.setuptools: add distutils patch to support cross-compilation This is mostly the same patch applied to stdlib distutils, except rebased and reworked a bit. This fixes cross-compilation of Python packages with C extension modules now that setuptools uses bundled distutils. --- pkgs/development/python-modules/setuptools/default.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/pkgs/development/python-modules/setuptools/default.nix b/pkgs/development/python-modules/setuptools/default.nix index 1d9592022d1..772d9c79c2b 100644 --- a/pkgs/development/python-modules/setuptools/default.nix +++ b/pkgs/development/python-modules/setuptools/default.nix @@ -1,6 +1,7 @@ { stdenv , buildPythonPackage , fetchFromGitHub +, fetchpatch , python , bootstrapped-pip , lib @@ -27,6 +28,14 @@ let patches = [ ./tag-date.patch ./setuptools-distutils-C++.patch + # Use sysconfigdata to find headers. Fixes cross-compilation of extension modules. + # https://github.com/pypa/distutils/pull/145 + (fetchpatch { + url = "https://github.com/pypa/distutils/commit/aed7294b7b0c228cc0666a8b04f2959bf310ab57.patch"; + hash = "sha256-/9+TKv0nllBfnj48zcXLrOgyBj52dBIVbrpnIaQ4O84="; + stripLen = 2; + extraPrefix = "setuptools/_distutils/"; + }) ]; buildPhase = '' From cf32ea06a472828674203e08ef728a116e3f04de Mon Sep 17 00:00:00 2001 From: ajs124 Date: Fri, 10 Jun 2022 00:14:55 +0200 Subject: [PATCH 26/92] unbound: 1.14.0 -> 1.16.0 --- pkgs/tools/networking/unbound/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/networking/unbound/default.nix b/pkgs/tools/networking/unbound/default.nix index b92fb23d64e..cf1c7f717e6 100644 --- a/pkgs/tools/networking/unbound/default.nix +++ b/pkgs/tools/networking/unbound/default.nix @@ -43,11 +43,11 @@ stdenv.mkDerivation rec { pname = "unbound"; - version = "1.14.0"; + version = "1.16.0"; src = fetchurl { url = "https://nlnetlabs.nl/downloads/unbound/unbound-${version}.tar.gz"; - sha256 = "sha256-bvkcvwLVKZ6rOTKMCFc5Pee0iFov5yM93+PBJP9aicg="; + hash = "sha256-ZwFTTJOOsBliZgEZHtxtAS/FNMCdJBjVuSgn2wy+SKU="; }; outputs = [ "out" "lib" "man" ]; # "dev" would only split ~20 kB From eb31cd04f1ac7aaa7d0f95cad42d36e148ebec23 Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Fri, 10 Jun 2022 02:51:47 +0200 Subject: [PATCH 27/92] avahi: remove Qt 4 support Co-authored-by: Sandro --- pkgs/development/libraries/avahi/default.nix | 7 ------- 1 file changed, 7 deletions(-) diff --git a/pkgs/development/libraries/avahi/default.nix b/pkgs/development/libraries/avahi/default.nix index 7ab9220be71..e2421743455 100644 --- a/pkgs/development/libraries/avahi/default.nix +++ b/pkgs/development/libraries/avahi/default.nix @@ -14,8 +14,6 @@ , nixosTests , gtk3Support ? false , gtk3 ? null -, qt4 ? null -, qt4Support ? false , qt5 ? null , qt5Support ? false , withLibdnssdCompat ? false @@ -23,8 +21,6 @@ , withPython ? false }: -assert qt4Support -> qt4 != null; - stdenv.mkDerivation rec { pname = "avahi${lib.optionalString withLibdnssdCompat "-compat"}"; version = "0.8"; @@ -63,8 +59,6 @@ stdenv.mkDerivation rec { XMLParser ]) ++ lib.optionals gtk3Support [ gtk3 - ] ++ lib.optionals qt4Support [ - qt4 ] ++ lib.optionals qt5Support [ qt5 ]; @@ -81,7 +75,6 @@ stdenv.mkDerivation rec { # Use non-deprecated path https://github.com/lathiat/avahi/pull/376 "--with-dbus-sys=${placeholder "out"}/share/dbus-1/system.d" (lib.enableFeature gtk3Support "gtk3") - (lib.enableFeature qt4Support "qt4") (lib.enableFeature qt5Support "qt5") (lib.enableFeature withPython "python") "--localstatedir=/var" From 701a79a798f9f2e2ec66bdac53db6af0e4c162a2 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Fri, 10 Jun 2022 08:38:00 +0100 Subject: [PATCH 28/92] lsof: pull fix pending upstream inclusion for -fno-common toolchains Without the change build fails on upstream llvm-11 as: duplicate symbol '_Cfp' in: ddev.o dfile.o --- pkgs/development/tools/misc/lsof/default.nix | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/misc/lsof/default.nix b/pkgs/development/tools/misc/lsof/default.nix index 94e3722598b..f3f29cc1acd 100644 --- a/pkgs/development/tools/misc/lsof/default.nix +++ b/pkgs/development/tools/misc/lsof/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, buildPackages, ncurses }: +{ lib, stdenv, fetchFromGitHub, fetchpatch, buildPackages, ncurses }: let dialect = with lib; last (splitString "-" stdenv.hostPlatform.system); in @@ -16,7 +16,17 @@ stdenv.mkDerivation rec { sha256 = "0yxv2jg6rnzys49lyrz9yjb4knamah4xvlqj596y6ix3vm4k3chp"; }; - patches = [ ./no-build-info.patch ]; + patches = [ + ./no-build-info.patch + + # Pull upstream fix for -fno-common toolchains: + # https://github.com/lsof-org/lsof/pull/221 + (fetchpatch { + name = "fno-common.patch"; + url = "https://github.com/lsof-org/lsof/commit/80e7c890585deec02c527dbcf42bc0e5d8d7c534.patch"; + sha256 = "17xshi7j7af9nli1zjk1m5f4il2ajvvhw7lii8g8d27rkkgyb8g6"; + }) + ]; postPatch = lib.optionalString stdenv.hostPlatform.isMusl '' substituteInPlace dialects/linux/dlsof.h --replace "defined(__UCLIBC__)" 1 From fefca2f6222be0235a128c656d06a8215c006426 Mon Sep 17 00:00:00 2001 From: Daniel Olsen Date: Sun, 5 Jun 2022 06:51:44 +0200 Subject: [PATCH 29/92] libjxl: Gate building docs behind setting --- pkgs/development/libraries/libjxl/default.nix | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/pkgs/development/libraries/libjxl/default.nix b/pkgs/development/libraries/libjxl/default.nix index 049d79c7025..c7ff1d0c551 100644 --- a/pkgs/development/libraries/libjxl/default.nix +++ b/pkgs/development/libraries/libjxl/default.nix @@ -1,10 +1,7 @@ { stdenv, lib, fetchFromGitHub , fetchpatch -, asciidoc , brotli , cmake -, graphviz -, doxygen , giflib , gperftools , gtest @@ -14,8 +11,12 @@ , libwebp , openexr , pkg-config -, python3 , zlib +, buildDocs ? true +, asciidoc +, graphviz +, doxygen +, python3 }: stdenv.mkDerivation rec { @@ -50,13 +51,14 @@ stdenv.mkDerivation rec { ]; nativeBuildInputs = [ - asciidoc # for docs cmake - graphviz # for docs via doxygen component `dot` - doxygen # for docs gtest pkg-config - python3 # for docs + ] ++ lib.optionals buildDocs [ + asciidoc + graphviz + doxygen + python3 ]; # Functionality not currently provided by this package From 397724176b474080a09422fdc29d3fc85cd43f2a Mon Sep 17 00:00:00 2001 From: Daniel Olsen Date: Sat, 12 Feb 2022 07:39:33 +0100 Subject: [PATCH 30/92] libaom: Add support for butteraugli and vmaf tunes --- pkgs/development/libraries/libaom/default.nix | 16 ++++++++++++++-- pkgs/top-level/all-packages.nix | 5 ++++- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/pkgs/development/libraries/libaom/default.nix b/pkgs/development/libraries/libaom/default.nix index 3a3866911b8..bed7a33a39b 100644 --- a/pkgs/development/libraries/libaom/default.nix +++ b/pkgs/development/libraries/libaom/default.nix @@ -1,4 +1,7 @@ -{ lib, stdenv, fetchzip, yasm, perl, cmake, pkg-config, python3 }: +{ lib, stdenv, fetchzip, yasm, perl, cmake, pkg-config, python3 +, enableButteraugli ? false, libjxl, libhwy # Broken +, enableVmaf ? true, libvmaf +}: stdenv.mkDerivation rec { pname = "libaom"; @@ -16,6 +19,11 @@ stdenv.mkDerivation rec { yasm perl cmake pkg-config python3 ]; + buildInputs = lib.optionals enableButteraugli [ + libjxl + libhwy + ] ++ lib.optional enableVmaf libvmaf; + preConfigure = '' # build uses `git describe` to set the build version cat > $NIX_BUILD_TOP/git << "EOF" @@ -32,6 +40,10 @@ stdenv.mkDerivation rec { cmakeFlags = [ "-DBUILD_SHARED_LIBS=ON" "-DENABLE_TESTS=OFF" + ] ++ lib.optionals enableButteraugli [ + "-DCONFIG_TUNE_BUTTERAUGLI=1" + ] ++ lib.optionals enableVmaf [ + "-DCONFIG_TUNE_VMAF=1" ] ++ lib.optionals (stdenv.isDarwin && stdenv.isAarch64) [ # CPU detection isn't supported on Darwin and breaks the aarch64-darwin build: "-DCONFIG_RUNTIME_CPU_DETECT=0" @@ -58,7 +70,7 @@ stdenv.mkDerivation rec { ''; homepage = "https://aomedia.org/av1-features/get-started/"; changelog = "https://aomedia.googlesource.com/aom/+/refs/tags/v${version}/CHANGELOG"; - maintainers = with maintainers; [ primeos kiloreux ]; + maintainers = with maintainers; [ primeos kiloreux dandellion ]; platforms = platforms.all; license = licenses.bsd2; }; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index c1a9f54b7aa..9d222b90341 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -18185,7 +18185,10 @@ with pkgs; libantlr3c = callPackage ../development/libraries/libantlr3c {}; - libaom = callPackage ../development/libraries/libaom { }; + libaom = callPackage ../development/libraries/libaom { + # Remove circular dependency for libavif + libjxl = libjxl.override { buildDocs = false; }; + }; libappindicator-gtk2 = libappindicator.override { gtkVersion = "2"; }; libappindicator-gtk3 = libappindicator.override { gtkVersion = "3"; }; From 7bb5b6ce9cbeba2dabe7adf158d2280d4d880804 Mon Sep 17 00:00:00 2001 From: Ofek Lev Date: Fri, 10 Jun 2022 08:10:32 -0400 Subject: [PATCH 31/92] python310Packages.hatchling: 0.25.0 -> 1.0.0 (#173450) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Robert Schütz --- pkgs/development/python-modules/hatchling/default.nix | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/pkgs/development/python-modules/hatchling/default.nix b/pkgs/development/python-modules/hatchling/default.nix index 6385b32a48c..d2d212f5417 100644 --- a/pkgs/development/python-modules/hatchling/default.nix +++ b/pkgs/development/python-modules/hatchling/default.nix @@ -15,13 +15,12 @@ , build , python , requests -, toml , virtualenv }: let pname = "hatchling"; - version = "0.25.0"; + version = "1.0.0"; in buildPythonPackage { inherit pname version; @@ -29,7 +28,7 @@ buildPythonPackage { src = fetchPypi { inherit pname version; - hash = "sha256-k/bjZvGaOjZshVr6w3Jb7XaC1dAOlIaraFQKCth2ZII="; + sha256 = "d235a5fa8aff89e8d9d6d4033594aa4c3bc00ec5e31d3e80c153bfcf951b4f98"; }; # listed in backend/src/hatchling/ouroboros.py @@ -38,9 +37,10 @@ buildPythonPackage { packaging pathspec pluggy - tomli ] ++ lib.optionals (pythonOlder "3.8") [ importlib-metadata + ] ++ lib.optionals (pythonOlder "3.11") [ + tomli ]; pythonImportsCheck = [ @@ -56,7 +56,6 @@ buildPythonPackage { build packaging requests - toml virtualenv ]; @@ -72,7 +71,7 @@ buildPythonPackage { meta = with lib; { description = "Modern, extensible Python build backend"; - homepage = "https://ofek.dev/hatch/latest/"; + homepage = "https://hatch.pypa.io/latest/"; license = licenses.mit; maintainers = with maintainers; [ hexa ofek ]; }; From 6e6292279e89ff6240c77159fec15970b0d5db7a Mon Sep 17 00:00:00 2001 From: Artturin Date: Tue, 7 Jun 2022 21:47:38 +0300 Subject: [PATCH 32/92] meson: add mesonEmulatorHook fixes building documentation while cross-compiling and other issues Exec format error: './gdk3-scan' added some simple documentation --- doc/stdenv/cross-compilation.chapter.md | 18 ++++++++++++++++++ .../build-managers/meson/emulator-hook.sh | 5 +++++ pkgs/top-level/all-packages.nix | 18 ++++++++++++++++++ 3 files changed, 41 insertions(+) create mode 100644 pkgs/development/tools/build-managers/meson/emulator-hook.sh diff --git a/doc/stdenv/cross-compilation.chapter.md b/doc/stdenv/cross-compilation.chapter.md index 3b6e5c34d54..7b8f2b4ce6c 100644 --- a/doc/stdenv/cross-compilation.chapter.md +++ b/doc/stdenv/cross-compilation.chapter.md @@ -153,6 +153,24 @@ Add the following to your `mkDerivation` invocation. doCheck = stdenv.hostPlatform == stdenv.buildPlatform; ``` +#### Package using Meson needs to run binaries for the host platform during build. {#cross-meson-runs-host-code} + +Add `mesonEmulatorHook` cross conditionally to `nativeBuildInputs`. + +e.g. + +``` +nativeBuildInputs = [ + meson +] ++ lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ + mesonEmulatorHook +]; +``` + +Example of an error which this fixes. + +`[Errno 8] Exec format error: './gdk3-scan'` + ## Cross-building packages {#sec-cross-usage} Nixpkgs can be instantiated with `localSystem` alone, in which case there is no cross-compiling and everything is built by and for that system, or also with `crossSystem`, in which case packages run on the latter, but all building happens on the former. Both parameters take the same schema as the 3 (build, host, and target) platforms defined in the previous section. As mentioned above, `lib.systems.examples` has some platforms which are used as arguments for these parameters in practice. You can use them programmatically, or on the command line: diff --git a/pkgs/development/tools/build-managers/meson/emulator-hook.sh b/pkgs/development/tools/build-managers/meson/emulator-hook.sh new file mode 100644 index 00000000000..4f08087cf5f --- /dev/null +++ b/pkgs/development/tools/build-managers/meson/emulator-hook.sh @@ -0,0 +1,5 @@ +add_meson_exe_wrapper_cross_flag() { + mesonFlagsArray+=(--cross-file=@crossFile@) +} + +preConfigureHooks+=(add_meson_exe_wrapper_cross_flag) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 2ce6d217dd3..b8216c36778 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -3942,6 +3942,24 @@ with pkgs; meson = callPackage ../development/tools/build-managers/meson { }; + # while building documentation meson may want to run binaries for host + # which needs an emulator + # example of an error which this fixes + # [Errno 8] Exec format error: './gdk3-scan' + mesonEmulatorHook = + if (stdenv.buildPlatform != stdenv.targetPlatform) then + makeSetupHook + { + name = "mesonEmulatorHook"; + substitutions = { + crossFile = writeText "cross-file.conf" '' + [binaries] + exe_wrapper = ${lib.escapeShellArg (stdenv.targetPlatform.emulator buildPackages)} + ''; + }; + } ../development/tools/build-managers/meson/emulator-hook.sh + else throw "mesonEmulatorHook has to be in a cross conditional i.e. (stdenv.buildPlatform != stdenv.hostPlatform)"; + meson-tools = callPackage ../misc/meson-tools { }; metabase = callPackage ../servers/metabase { }; From 163ffce31d78d54fb95366bdebe3143f636f491c Mon Sep 17 00:00:00 2001 From: Artturin Date: Tue, 7 Jun 2022 21:48:40 +0300 Subject: [PATCH 33/92] prelink: 20130503 -> unstable-2019-06-24 cross_prelink branch has prelink-rltd and the normal prelink tools --- .../tools/misc/prelink/default.nix | 56 +++++++++++++++---- 1 file changed, 44 insertions(+), 12 deletions(-) diff --git a/pkgs/development/tools/misc/prelink/default.nix b/pkgs/development/tools/misc/prelink/default.nix index 2fbee4ca5f5..384829daadf 100644 --- a/pkgs/development/tools/misc/prelink/default.nix +++ b/pkgs/development/tools/misc/prelink/default.nix @@ -1,22 +1,54 @@ -{ lib, stdenv, fetchurl, libelf }: +{ stdenv +, lib +, fetchgit +, autoreconfHook +, libelf +, libiberty +}: stdenv.mkDerivation rec { pname = "prelink"; - version = "20130503"; + version = "unstable-2019-06-24"; - buildInputs = [ - libelf stdenv.cc.libc (lib.getOutput "static" stdenv.cc.libc) + src = fetchgit { + url = "https://git.yoctoproject.org/git/prelink-cross"; + branchName = "cross_prelink"; + rev = "f9975537dbfd9ade0fc813bd5cf5fcbe41753a37"; + sha256 = "sha256-O9/oZooLRyUBBZX3SFcB6LFMmi2vQqkUlqtZnrq5oZc="; + }; + + strictDeps = true; + + configurePlatforms = [ "build" "host" ]; + + nativeBuildInputs = [ + autoreconfHook ]; - src = fetchurl { - url = "https://people.redhat.com/jakub/prelink/prelink-${version}.tar.bz2"; - sha256 = "1w20f6ilqrz8ca51qhrn1n13h7q1r34k09g33d6l2vwvbrhcffb3"; - }; + buildInputs = [ + stdenv.cc.libc + libelf + libiberty + ]; - meta = { - homepage = "https://people.redhat.com/jakub/prelink/"; - license = "GPL"; + # Disable some tests because they're failing + preCheck = '' + for f in reloc2 layout1 unprel1 tls3 cxx2 cxx3 quick1 quick2 deps1 deps2; do + echo '#' > testsuite/''${f}.sh + done + patchShebangs --build testsuite + ''; + + # most tests fail + doCheck = !stdenv.isAarch64; + + enableParallelBuilding = true; + + meta = with lib;{ description = "ELF prelinking utility to speed up dynamic linking"; - platforms = lib.platforms.linux; + homepage = "https://wiki.yoctoproject.org/wiki/Cross-Prelink"; + license = licenses.gpl2Plus; + platforms = platforms.linux; + maintainers = with maintainers; [ artturin ]; }; } From 79d349b0877cf22b693882c9a28f9052ae66cf2d Mon Sep 17 00:00:00 2001 From: Artturin Date: Tue, 7 Jun 2022 21:51:59 +0300 Subject: [PATCH 34/92] gobject-introspection: support cross-compilation used the following as references https://github.com/void-linux/void-packages/blob/master/srcpkgs/gobject-introspection and https://git.busybox.net/buildroot/tree/package/gobject-introspection thanks void and buildroot --- .../gobject-introspection/default.nix | 17 +++++++++-- ...-error-return-codes-from-ldd-wrapper.patch | 30 +++++++++++++++++++ .../gobject-introspection/wrapper.nix | 29 ++++++++++++++++++ .../wrappers/g-ir-compiler.sh | 4 +++ .../wrappers/g-ir-scanner.sh | 7 +++++ pkgs/top-level/all-packages.nix | 5 +++- 6 files changed, 89 insertions(+), 3 deletions(-) create mode 100644 pkgs/development/libraries/gobject-introspection/giscanner-ignore-error-return-codes-from-ldd-wrapper.patch create mode 100644 pkgs/development/libraries/gobject-introspection/wrapper.nix create mode 100644 pkgs/development/libraries/gobject-introspection/wrappers/g-ir-compiler.sh create mode 100644 pkgs/development/libraries/gobject-introspection/wrappers/g-ir-scanner.sh diff --git a/pkgs/development/libraries/gobject-introspection/default.nix b/pkgs/development/libraries/gobject-introspection/default.nix index b457331983a..a0f4f22472d 100644 --- a/pkgs/development/libraries/gobject-introspection/default.nix +++ b/pkgs/development/libraries/gobject-introspection/default.nix @@ -17,6 +17,8 @@ , cairo , gnome , substituteAll +, buildPackages +, gobject-introspection-unwrapped , nixStoreDir ? builtins.storeDir , x11Support ? true }: @@ -40,6 +42,9 @@ stdenv.mkDerivation rec { }; patches = [ + # prelink-rtld, which we use for cross returns 127 when it can't find a library. + # https://git.busybox.net/buildroot/tree/package/gobject-introspection/0003-giscanner-ignore-error-return-codes-from-ldd-wrapper.patch + ./giscanner-ignore-error-return-codes-from-ldd-wrapper.patch # Make g-ir-scanner put absolute path to GIR files it generates # so that programs can just dlopen them without having to muck # with LD_LIBRARY_PATH environment variable. @@ -67,7 +72,7 @@ stdenv.mkDerivation rec { docbook_xml_dtd_45 python3 setupHook # move .gir files - ]; + ] ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ gobject-introspection-unwrapped ]; buildInputs = [ python3 @@ -86,7 +91,11 @@ stdenv.mkDerivation rec { "--datadir=${placeholder "dev"}/share" "-Ddoctool=disabled" "-Dcairo=disabled" - "-Dgtk_doc=true" + "-Dgtk_doc=${lib.boolToString (stdenv.hostPlatform == stdenv.buildPlatform)}" + ] ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ + "-Dgi_cross_ldd_wrapper=${buildPackages.prelink}/bin/prelink-rtld" + "-Dgi_cross_use_prebuilt_gi=true" + "-Dgi_cross_binary_wrapper=${stdenv.hostPlatform.emulator buildPackages}" ]; doCheck = !stdenv.isAarch64; @@ -97,6 +106,10 @@ stdenv.mkDerivation rec { patchShebangs tools/* ''; + postInstall = lib.optionalString (stdenv.hostPlatform != stdenv.buildPlatform) '' + cp -r ${buildPackages.gobject-introspection-unwrapped.devdoc} $devdoc + ''; + preCheck = '' # Our gobject-introspection patches make the shared library paths absolute # in the GIR files. When running tests, the library is not yet installed, diff --git a/pkgs/development/libraries/gobject-introspection/giscanner-ignore-error-return-codes-from-ldd-wrapper.patch b/pkgs/development/libraries/gobject-introspection/giscanner-ignore-error-return-codes-from-ldd-wrapper.patch new file mode 100644 index 00000000000..fdcec4bc88c --- /dev/null +++ b/pkgs/development/libraries/gobject-introspection/giscanner-ignore-error-return-codes-from-ldd-wrapper.patch @@ -0,0 +1,30 @@ +From e0fc4a2a5161a36483ddc518be9bb14390f11b19 Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin +Date: Wed, 5 Sep 2018 16:46:52 +0200 +Subject: [PATCH] giscanner: ignore error return codes from ldd-wrapper + +prelink-rtld, which we use instead of ldd returns 127 when it can't find a library. +It is not an error per se, but it breaks subprocess.check_output(). + +Upstream-Status: Inappropriate [oe-core specific] +Signed-off-by: Alexander Kanavin +Signed-off-by: Adam Duskett +--- + giscanner/shlibs.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/giscanner/shlibs.py b/giscanner/shlibs.py +index 9f8ab5df..7a1a72fe 100644 +--- a/giscanner/shlibs.py ++++ b/giscanner/shlibs.py +@@ -103,7 +103,7 @@ def _resolve_non_libtool(options, binary, libraries): + args.extend(['otool', '-L', binary.args[0]]) + else: + args.extend(['ldd', binary.args[0]]) +- output = subprocess.check_output(args) ++ output = subprocess.run(args, check=False, stdout=subprocess.PIPE).stdout + if isinstance(output, bytes): + output = output.decode("utf-8", "replace") + +-- +2.25.1 diff --git a/pkgs/development/libraries/gobject-introspection/wrapper.nix b/pkgs/development/libraries/gobject-introspection/wrapper.nix new file mode 100644 index 00000000000..44d31540e64 --- /dev/null +++ b/pkgs/development/libraries/gobject-introspection/wrapper.nix @@ -0,0 +1,29 @@ +{ lib +, stdenv +, buildPackages +, gobject-introspection-unwrapped +, targetPackages +}: + +# to build, run +# `nix build ".#pkgsCross.aarch64-multiplatform.buildPackages.gobject-introspection"` +gobject-introspection-unwrapped.overrideAttrs (_previousAttrs: { + pname = "gobject-introspection-wrapped"; + postFixup = '' + mv $dev/bin/g-ir-compiler $dev/bin/.g-ir-compiler-wrapped + mv $dev/bin/g-ir-scanner $dev/bin/.g-ir-scanner-wrapped + + ( + export bash="${buildPackages.bash}/bin/bash" + export emulator=${lib.escapeShellArg (stdenv.targetPlatform.emulator buildPackages)} + export buildprelink="${buildPackages.prelink}/bin/prelink-rtld" + + export targetgir="${lib.getDev targetPackages.gobject-introspection-unwrapped}" + + substituteAll "${./wrappers/g-ir-compiler.sh}" "$dev/bin/g-ir-compiler" + substituteAll "${./wrappers/g-ir-scanner.sh}" "$dev/bin/g-ir-scanner" + chmod +x "$dev/bin/g-ir-compiler" + chmod +x "$dev/bin/g-ir-scanner" + ) + ''; +}) diff --git a/pkgs/development/libraries/gobject-introspection/wrappers/g-ir-compiler.sh b/pkgs/development/libraries/gobject-introspection/wrappers/g-ir-compiler.sh new file mode 100644 index 00000000000..fde3dcfe0c0 --- /dev/null +++ b/pkgs/development/libraries/gobject-introspection/wrappers/g-ir-compiler.sh @@ -0,0 +1,4 @@ +#! @bash@ +# shellcheck shell=bash + +exec @emulator@ @targetgir@/bin/g-ir-compiler "$@" diff --git a/pkgs/development/libraries/gobject-introspection/wrappers/g-ir-scanner.sh b/pkgs/development/libraries/gobject-introspection/wrappers/g-ir-scanner.sh new file mode 100644 index 00000000000..0825f10e166 --- /dev/null +++ b/pkgs/development/libraries/gobject-introspection/wrappers/g-ir-scanner.sh @@ -0,0 +1,7 @@ +#! @bash@ +# shellcheck shell=bash + +exec @dev@/bin/.g-ir-scanner-wrapped \ + --use-binary-wrapper=@emulator@ \ + --use-ldd-wrapper=@buildprelink@ \ + "$@" diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index b8216c36778..44bfd07525c 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -17585,7 +17585,10 @@ with pkgs; gns3-gui = gns3Packages.guiStable; gns3-server = gns3Packages.serverStable; - gobject-introspection = callPackage ../development/libraries/gobject-introspection { + gobject-introspection = if (stdenv.hostPlatform != stdenv.targetPlatform) + then callPackage ../development/libraries/gobject-introspection/wrapper.nix { } else gobject-introspection-unwrapped; + + gobject-introspection-unwrapped = callPackage ../development/libraries/gobject-introspection { nixStoreDir = config.nix.storeDir or builtins.storeDir; inherit (darwin) cctools; }; From 41f8722078be674d185db03d0947e0df84a7ae2c Mon Sep 17 00:00:00 2001 From: Artturin Date: Wed, 8 Jun 2022 03:49:04 +0300 Subject: [PATCH 35/92] gobject-introspection: add artturin as maintainer --- pkgs/development/libraries/gobject-introspection/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/libraries/gobject-introspection/default.nix b/pkgs/development/libraries/gobject-introspection/default.nix index a0f4f22472d..b8cbdc0cfa3 100644 --- a/pkgs/development/libraries/gobject-introspection/default.nix +++ b/pkgs/development/libraries/gobject-introspection/default.nix @@ -135,7 +135,7 @@ stdenv.mkDerivation rec { meta = with lib; { description = "A middleware layer between C libraries and language bindings"; homepage = "https://gi.readthedocs.io/"; - maintainers = teams.gnome.members ++ (with maintainers; [ lovek323 ]); + maintainers = teams.gnome.members ++ (with maintainers; [ lovek323 artturin ]); platforms = platforms.unix; license = with licenses; [ gpl2 lgpl2 ]; From 944781be23e853575128a319846c8962af78bb92 Mon Sep 17 00:00:00 2001 From: Artturin Date: Thu, 9 Jun 2022 21:14:58 +0300 Subject: [PATCH 36/92] gobject-introspection: revert patch to ignore return codes from ldd we may not need this so reverting for now --- .../gobject-introspection/default.nix | 3 -- ...-error-return-codes-from-ldd-wrapper.patch | 30 ------------------- 2 files changed, 33 deletions(-) delete mode 100644 pkgs/development/libraries/gobject-introspection/giscanner-ignore-error-return-codes-from-ldd-wrapper.patch diff --git a/pkgs/development/libraries/gobject-introspection/default.nix b/pkgs/development/libraries/gobject-introspection/default.nix index b8cbdc0cfa3..82be84e1f1d 100644 --- a/pkgs/development/libraries/gobject-introspection/default.nix +++ b/pkgs/development/libraries/gobject-introspection/default.nix @@ -42,9 +42,6 @@ stdenv.mkDerivation rec { }; patches = [ - # prelink-rtld, which we use for cross returns 127 when it can't find a library. - # https://git.busybox.net/buildroot/tree/package/gobject-introspection/0003-giscanner-ignore-error-return-codes-from-ldd-wrapper.patch - ./giscanner-ignore-error-return-codes-from-ldd-wrapper.patch # Make g-ir-scanner put absolute path to GIR files it generates # so that programs can just dlopen them without having to muck # with LD_LIBRARY_PATH environment variable. diff --git a/pkgs/development/libraries/gobject-introspection/giscanner-ignore-error-return-codes-from-ldd-wrapper.patch b/pkgs/development/libraries/gobject-introspection/giscanner-ignore-error-return-codes-from-ldd-wrapper.patch deleted file mode 100644 index fdcec4bc88c..00000000000 --- a/pkgs/development/libraries/gobject-introspection/giscanner-ignore-error-return-codes-from-ldd-wrapper.patch +++ /dev/null @@ -1,30 +0,0 @@ -From e0fc4a2a5161a36483ddc518be9bb14390f11b19 Mon Sep 17 00:00:00 2001 -From: Alexander Kanavin -Date: Wed, 5 Sep 2018 16:46:52 +0200 -Subject: [PATCH] giscanner: ignore error return codes from ldd-wrapper - -prelink-rtld, which we use instead of ldd returns 127 when it can't find a library. -It is not an error per se, but it breaks subprocess.check_output(). - -Upstream-Status: Inappropriate [oe-core specific] -Signed-off-by: Alexander Kanavin -Signed-off-by: Adam Duskett ---- - giscanner/shlibs.py | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/giscanner/shlibs.py b/giscanner/shlibs.py -index 9f8ab5df..7a1a72fe 100644 ---- a/giscanner/shlibs.py -+++ b/giscanner/shlibs.py -@@ -103,7 +103,7 @@ def _resolve_non_libtool(options, binary, libraries): - args.extend(['otool', '-L', binary.args[0]]) - else: - args.extend(['ldd', binary.args[0]]) -- output = subprocess.check_output(args) -+ output = subprocess.run(args, check=False, stdout=subprocess.PIPE).stdout - if isinstance(output, bytes): - output = output.decode("utf-8", "replace") - --- -2.25.1 From 80a0760433d179ac0e9f8702639f335378625eb6 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sat, 11 Jun 2022 05:36:49 +0000 Subject: [PATCH 37/92] librsvg: 2.54.3 -> 2.54.4 --- pkgs/development/libraries/librsvg/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/librsvg/default.nix b/pkgs/development/libraries/librsvg/default.nix index fe097b6c667..91e0033cd27 100644 --- a/pkgs/development/libraries/librsvg/default.nix +++ b/pkgs/development/libraries/librsvg/default.nix @@ -27,7 +27,7 @@ stdenv.mkDerivation rec { pname = "librsvg"; - version = "2.54.3"; + version = "2.54.4"; outputs = [ "out" "dev" "installedTests" ] ++ lib.optionals withIntrospection [ "devdoc" @@ -35,7 +35,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "mirror://gnome/sources/${pname}/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz"; - sha256 = "ZhWPLvRt3iYAJoRsTaEC5KndTlKTAQ8wlJxswm3W7+g="; + sha256 = "6hUqJD9qQ8DgNqKMcN4/y83qVmTGgRx4WSvCKezCSDM="; }; cargoVendorDir = "vendor"; From 8e73fa158789b1df09f073152e923958732eb0fb Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Sat, 11 Jun 2022 11:54:01 +0200 Subject: [PATCH 38/92] fuse3: 3.10.5 -> 3.11.0 --- pkgs/os-specific/linux/fuse/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/fuse/default.nix b/pkgs/os-specific/linux/fuse/default.nix index b1d9d3dc41e..6aa3e46d4e1 100644 --- a/pkgs/os-specific/linux/fuse/default.nix +++ b/pkgs/os-specific/linux/fuse/default.nix @@ -11,7 +11,7 @@ in { }; fuse_3 = mkFuse { - version = "3.10.5"; - sha256Hash = "1yxh85m8fnn3w21f6g6vza7k2giizmyhcbkms4rmkcd2dd2rzk3y"; + version = "3.11.0"; + sha256Hash = "1wx80xxlvjn0wxhmkr1g91vwrgxssyzds1hizzxc2xrd4kjh9dfb"; }; } From 0da898ca39a9b860fbd50cdde781286ec52f4194 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Sat, 11 Jun 2022 11:21:56 +0100 Subject: [PATCH 39/92] glibcLocalesUtf8: init at 2.34 glibcLocalesUtf8 is a trimmed down version of glibcLocales that provides UTF-8 locale. It is useful to use in derivations that need some UTF-8 lcoale, like unzip in https://github.com/NixOS/nixpkgs/pull/176253. --- pkgs/top-level/all-packages.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 17fd806562a..b7fb0707b6c 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -17505,7 +17505,14 @@ with pkgs; relibc = callPackage ../development/libraries/relibc { }; # Only supported on Linux - glibcLocales = if stdenv.hostPlatform.isLinux then callPackage ../development/libraries/glibc/locales.nix { } else null; + glibcLocales = + if stdenv.hostPlatform.isLinux + then callPackage ../development/libraries/glibc/locales.nix { } + else null; + glibcLocalesUtf8 = + if stdenv.hostPlatform.isLinux + then callPackage ../development/libraries/glibc/locales.nix { allLocales = false; } + else null; glibcInfo = callPackage ../development/libraries/glibc/info.nix { }; From ffb456ae61d1740b5b254f6d431801782d7ab0d7 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Sat, 4 Jun 2022 15:38:56 +0100 Subject: [PATCH 40/92] fetchzip: force UTF-8 compatibel locale to unpack non-ASCII symbols MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit musl and darwin support UTF-8 locales without any extras. As a result unzip can unpack UTF-8 filenames there as is. But on glibc without locale archive presence files get mangled as: deps/αβ -> deps/#U03b1#U03b2 This makes `fetchzip` fixed-output derivations unstable. Tested this change to fail in `coq.src` which was generated in system that mangles UTF-8 symbols: $ nix build -f. coq.src --rebuild -L source> trying https://github.com/coq/coq/archive/V8.15.2.zip source> % Total % Received % Xferd Average Speed Time Time Time Current source> Dload Upload Total Spent Left Speed source> 0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0 source> 100 8945k 100 8945k 0 0 1513k 0 0:00:05 0:00:05 --:--:-- 1989k source> unpacking source archive /build/V8.15.2.zip error: hash mismatch in fixed-output derivation '/nix/store/hrnyykm7wgw8vxisgq7hc2bg5gr0y6s8-source.drv': specified: sha256-h81nFqkuvZkMR7YLHy7laTq5yOhjMW+w6rYzncxvyD4= got: sha256-DTspmwyD3Evl1CUmvUy2MonbLGUezvsHN3prmP9eK2I= Note: it means that some of existing caches for fixed output derivations become incorrect. It should not break already cached tarballs on cache.nixos.org thus the impact should not be widespread. --- pkgs/build-support/fetchzip/default.nix | 7 +++++-- pkgs/tools/archivers/unzip/setup-hook.sh | 8 +++++++- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/pkgs/build-support/fetchzip/default.nix b/pkgs/build-support/fetchzip/default.nix index 98c41037074..10142134792 100644 --- a/pkgs/build-support/fetchzip/default.nix +++ b/pkgs/build-support/fetchzip/default.nix @@ -5,7 +5,7 @@ # (e.g. due to minor changes in the compression algorithm, or changes # in timestamps). -{ lib, fetchurl, unzip }: +{ lib, fetchurl, unzip, glibcLocalesUtf8 }: { # Optionally move the contents of the unpacked tree up one level. stripRoot ? true @@ -35,7 +35,10 @@ in { downloadToTemp = true; - nativeBuildInputs = [ unzip ] ++ nativeBuildInputs; + # Have to pull in glibcLocalesUtf8 for unzip in setup-hook.sh to handle + # UTF-8 aware locale: + # https://github.com/NixOS/nixpkgs/issues/176225#issuecomment-1146617263 + nativeBuildInputs = [ unzip glibcLocalesUtf8 ] ++ nativeBuildInputs; postFetch = '' diff --git a/pkgs/tools/archivers/unzip/setup-hook.sh b/pkgs/tools/archivers/unzip/setup-hook.sh index 4055d2fab51..99c63f68e94 100644 --- a/pkgs/tools/archivers/unzip/setup-hook.sh +++ b/pkgs/tools/archivers/unzip/setup-hook.sh @@ -1,5 +1,11 @@ unpackCmdHooks+=(_tryUnzip) _tryUnzip() { if ! [[ "$curSrc" =~ \.zip$ ]]; then return 1; fi - unzip -qq "$curSrc" + + # UTF-8 locale is needed for unzip on glibc to handle UTF-8 symbols: + # https://github.com/NixOS/nixpkgs/issues/176225#issuecomment-1146617263 + # Otherwise unzip unpacks escaped file names as if '-U' options was in effect. + # + # Pick en_US.UTF-8 as most possible to be present on glibc, musl and darwin. + LANG=en_US.UTF-8 unzip -qq "$curSrc" } From b543ad569161f123b4652a5b88476f7105887451 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Sat, 11 Jun 2022 08:16:35 +0100 Subject: [PATCH 41/92] eduli.src: update hash change with fetchzip update fetchzip changed unpacking of UTF-8 files on glibc systems: https://github.com/NixOS/nixpkgs/pull/176253 As a result unpacked contents changed it's filenames. --- pkgs/data/fonts/eduli/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/data/fonts/eduli/default.nix b/pkgs/data/fonts/eduli/default.nix index 7ff2ad4446c..beb89d49fc3 100644 --- a/pkgs/data/fonts/eduli/default.nix +++ b/pkgs/data/fonts/eduli/default.nix @@ -8,7 +8,7 @@ stdenvNoCC.mkDerivation rec { name = "${pname}-${version}"; url = "http://language.moe.gov.tw/001/Upload/Files/site_content/M0001/MoeLI-3.0.zip"; - sha256 = "0vpmm2qb429npng0aqkafwgs7cjibq8a3f7bbn9hysbm2lndwxwd"; + sha256 = "0b4kjdk0h0hx446swi0wzawia0mf16qh9b6v4h4nqg8qx0p2sd3c"; }; installPhase = '' From 6920e6d3474e5751f8929f495d43d9a0800dca64 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 26 May 2022 01:46:00 +0000 Subject: [PATCH 42/92] f2fs-tools: 1.14.0 -> 1.15.0 --- pkgs/tools/filesystems/f2fs-tools/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/filesystems/f2fs-tools/default.nix b/pkgs/tools/filesystems/f2fs-tools/default.nix index df4d2e44e51..f7de571dc09 100644 --- a/pkgs/tools/filesystems/f2fs-tools/default.nix +++ b/pkgs/tools/filesystems/f2fs-tools/default.nix @@ -2,12 +2,12 @@ stdenv.mkDerivation rec { pname = "f2fs-tools"; - version = "1.14.0"; + version = "1.15.0"; src = fetchgit { url = "https://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs-tools.git"; rev = "refs/tags/v${version}"; - sha256 = "06ss05n87i1c3149qb3n7j1qp2scv3g2adx0v6ljkl59ab9b5saj"; + sha256 = "sha256-RSWvdC6kV0KfyJefK9qyFCWjlezFc7DBOOn+uy7S3Lk="; }; nativeBuildInputs = [ autoreconfHook pkg-config ]; From 739ab383a5f99fe7cd9bbc9ef8f0f6ff51e8c290 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Sat, 11 Jun 2022 08:29:31 +0100 Subject: [PATCH 43/92] coq_8_13.src, coq_8_14.src, coq_8_15.src: update hash change with fetchzip update fetchzip changed unpacking of UTF-8 files on glibc systems: https://github.com/NixOS/nixpkgs/pull/176253 As a result unpacked contents changed it's filenames. Closes: https://github.com/NixOS/nixpkgs/issues/176225 --- .../applications/science/logic/coq/default.nix | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/pkgs/applications/science/logic/coq/default.nix b/pkgs/applications/science/logic/coq/default.nix index f91b336cbf6..bb92e2d7492 100644 --- a/pkgs/applications/science/logic/coq/default.nix +++ b/pkgs/applications/science/logic/coq/default.nix @@ -41,15 +41,15 @@ let "8.12.0".sha256 = "18dc7k0piv6v064zgdadpw6mkkxk7j663hb3svgj5236fihjr0cz"; "8.12.1".sha256 = "1rkcyjjrzcqw9xk93hsq0vvji4f8r5iq0f739mghk60bghkpnb7q"; "8.12.2".sha256 = "18gscfm039pqhq4msq01nraig5dm9ab98bjca94zldf8jvdv0x2n"; - "8.13.0".sha256 = "0sjbqmz6qcvnz0hv87xha80qbhvmmyd675wyc5z4rgr34j2l1ymd"; - "8.13.1".sha256 = "0xx2ns84mlip9bg2mkahy3pmc5zfcgrjxsviq9yijbzy1r95wf0n"; - "8.13.2".sha256 = "1884vbmwmqwn9ngibax6dhnqh4cc02l0s2ajc6jb1xgr0i60whjk"; - "8.14.0".sha256 = "04y2z0qyvag66zanfyc3f9agvmzbn4lsr0p1l7ck6yjhqx7vbm17"; - "8.14.1".sha256 = "0sx78pgx0qw8v7v2r32zzy3l161zipzq95iacda628girim7psnl"; - "8.15.0".sha256 = "sha256:1ma76wfrpfsl72yh10w1ys2a0vi0mdc2jc79kdc8nrmxkhpw1nxx"; - "8.15.1".sha256 = "sha256:1dsa04jzkx5pw69pmxn0l55q4w88lg6fvz7clbga0bazzsfnsgd6"; - "8.15.2".sha256 = "sha256:0gn8dz69scxnxaq6ycb3x34bjfk9wlp1y2xn8w69kg9fm4b6gkc7"; - "8.16+rc1".sha256 = "sha256-dU+E0Mz7MVntbQIeG9I59ANBaHaXXSrjCRdoqZ5TO60="; + "8.13.0".sha256 = "1l2c63vskp8kiyxiyi5rpgbmnv67ysn3y4lybd6nj0li5llibifi"; + "8.13.1".sha256 = "15drjcqhsgwqnv02bbidyhk316ypyhz1pxfz2gwsalci9svhkz0v"; + "8.13.2".sha256 = "14d4alp35hngvga9m7cfp5d1nl62xdj0nm4811f2jjblk86gxxk4"; + "8.14.0".sha256 = "0yxjx9kq9bfpk31dc1c6a0pz0827fz7jmrcwwd4n7dc07yi0arq8"; + "8.14.1".sha256 = "0xdqiabgm4lrm6d7lw544zd8xwb1cdcavsxvwwlqq6yid2rl2yli"; + "8.15.0".sha256 = "sha256:0q7jl3bn0d1v9cwdkxykw4frccww6wbh1p8hdrfqw489mkxmh5jh"; + "8.15.1".sha256 = "sha256:1janvmnk3czimp0j5qmnfwx6509vhpjc2q7lcza1bc6dm6kn8n42"; + "8.15.2".sha256 = "sha256:0qibbvzrhsvs6w3zpkhyclndp29jnr6bs9i5skjlpp431jdjjfqd"; + "8.16+rc1".sha256 = "sha256-hmZQ6rFIOZJwnAh23nKScJ3Nn+xqDRn5q2Tn82igpYE="; }; releaseRev = v: "V${v}"; fetched = import ../../../../build-support/coq/meta-fetch/default.nix From 49f69d198833b2ad0f46d1c9a0ddba48f7df04f1 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Sat, 11 Jun 2022 23:03:11 +0200 Subject: [PATCH 44/92] rust-cbindgen: 0.24.2 -> 0.24.3 https://github.com/eqrion/cbindgen/releases/tag/v0.24.3 --- pkgs/development/tools/rust/cbindgen/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/rust/cbindgen/default.nix b/pkgs/development/tools/rust/cbindgen/default.nix index 555ed3a080d..61553ffad86 100644 --- a/pkgs/development/tools/rust/cbindgen/default.nix +++ b/pkgs/development/tools/rust/cbindgen/default.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "rust-cbindgen"; - version = "0.24.2"; + version = "0.24.3"; src = fetchFromGitHub { owner = "eqrion"; repo = "cbindgen"; rev = "v${version}"; - hash = "sha256-7nl2VHw4l0hUVLs4fAnmkVaxTFRe3OcUwHXMqf/cH40="; + hash = "sha256-v5g6/ul6mJtzC4O4WlNopPtFUSbx2Jv79mZL72mucws="; }; - cargoSha256 = "sha256:0q99vy5k57phi80viqhkw8cyw7kglap1yf6m8n25n4knf7z9l119"; + cargoSha256 = "sha256-j3/2cFjSDkx0TXCaxYSCLrBbAHrJfJ6hwBcXlDedwh8="; buildInputs = lib.optional stdenv.isDarwin Security; From a3f2567847712d1139c06319a7b83bc8f0b899d2 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sun, 12 Jun 2022 05:16:45 +0000 Subject: [PATCH 45/92] libinput: 1.20.1 -> 1.21.0 --- pkgs/development/libraries/libinput/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libinput/default.nix b/pkgs/development/libraries/libinput/default.nix index 9cc8395b9c2..38deb7fbcc0 100644 --- a/pkgs/development/libraries/libinput/default.nix +++ b/pkgs/development/libraries/libinput/default.nix @@ -45,7 +45,7 @@ in stdenv.mkDerivation rec { pname = "libinput"; - version = "1.20.1"; + version = "1.21.0"; outputs = [ "bin" "out" "dev" ]; @@ -54,7 +54,7 @@ stdenv.mkDerivation rec { owner = "libinput"; repo = "libinput"; rev = version; - sha256 = "eujnabUaeNEJC/tPPhwcNS9sqDIorF52RjfqKBotbmc="; + sha256 = "R94BdrjI4szNbVtQ+ydRNUg9clR8mkRL7+GE9b2FcDs="; }; patches = [ From 9228c0a2d2f69b2f6c31fd2f2d326571dc191775 Mon Sep 17 00:00:00 2001 From: Daniel Olsen Date: Sun, 12 Jun 2022 09:28:52 +0200 Subject: [PATCH 46/92] libjxl: Move brotli and libhwy to propagatedBuildInputs pkg-config dependencies aren't specified using store paths so they need to be propagated manually --- pkgs/development/libraries/libjxl/default.nix | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libjxl/default.nix b/pkgs/development/libraries/libjxl/default.nix index c7ff1d0c551..2017fc66d70 100644 --- a/pkgs/development/libraries/libjxl/default.nix +++ b/pkgs/development/libraries/libjxl/default.nix @@ -78,10 +78,8 @@ stdenv.mkDerivation rec { # conclusively in its README or otherwise; they can best be determined # by checking the CMake output for "Could NOT find". buildInputs = [ - brotli giflib gperftools # provides `libtcmalloc` - libhwy libjpeg libpng libwebp @@ -89,6 +87,11 @@ stdenv.mkDerivation rec { zlib ]; + propagatedBuildInputs = [ + brotli + libhwy + ]; + cmakeFlags = [ # For C dependencies like brotli, which are dynamically linked, # we want to use the system libraries, so that we don't have to care about From 826794479e937f70ee2dad3d5cac38d3a0a5cb45 Mon Sep 17 00:00:00 2001 From: Daniel Olsen Date: Sun, 12 Jun 2022 09:10:42 +0200 Subject: [PATCH 47/92] libaom: move libvmaf and libjxl to propagatedBuildInputs pkg-config doesn't have absolute store paths so propogating the dependencies was required Fixes the build for gst_all_1.gst-plugins-bad Co-authored-by: Sergei Trofimovich --- pkgs/development/libraries/libaom/default.nix | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/pkgs/development/libraries/libaom/default.nix b/pkgs/development/libraries/libaom/default.nix index bed7a33a39b..f6921091bea 100644 --- a/pkgs/development/libraries/libaom/default.nix +++ b/pkgs/development/libraries/libaom/default.nix @@ -1,5 +1,5 @@ { lib, stdenv, fetchzip, yasm, perl, cmake, pkg-config, python3 -, enableButteraugli ? false, libjxl, libhwy # Broken +, enableButteraugli ? false, libjxl # Broken , enableVmaf ? true, libvmaf }: @@ -19,10 +19,8 @@ stdenv.mkDerivation rec { yasm perl cmake pkg-config python3 ]; - buildInputs = lib.optionals enableButteraugli [ - libjxl - libhwy - ] ++ lib.optional enableVmaf libvmaf; + propagatedBuildInputs = lib.optional enableButteraugli libjxl + ++ lib.optional enableVmaf libvmaf; preConfigure = '' # build uses `git describe` to set the build version From 15491e727dbde6cd4d1c9b1579d64164dd8054df Mon Sep 17 00:00:00 2001 From: Thiago Kenji Okada Date: Sun, 12 Jun 2022 11:46:30 +0100 Subject: [PATCH 48/92] pythonRelaxDepsHook: correct handles multiple wheels --- .../python/hooks/python-relax-deps-hook.sh | 22 ++++++++++--------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/pkgs/development/interpreters/python/hooks/python-relax-deps-hook.sh b/pkgs/development/interpreters/python/hooks/python-relax-deps-hook.sh index 1c515ea9213..82231ee3adc 100644 --- a/pkgs/development/interpreters/python/hooks/python-relax-deps-hook.sh +++ b/pkgs/development/interpreters/python/hooks/python-relax-deps-hook.sh @@ -63,20 +63,22 @@ pythonRelaxDepsHook() { local -r pkg_name="${pname//[^[:alnum:].]/_}-$version" local -r unpack_dir="unpacked" local -r metadata_file="$unpack_dir/$pkg_name/$pkg_name.dist-info/METADATA" - local -r wheel=$(printf "$pkg_name"*".whl") - @pythonInterpreter@ -m wheel unpack --dest "$unpack_dir" "$wheel" - rm -rf "$wheel" + # We generally shouldn't have multiple wheel files, but let's be safer here + for wheel in "$pkg_name"*".whl"; do + @pythonInterpreter@ -m wheel unpack --dest "$unpack_dir" "$wheel" + rm -rf "$wheel" - _pythonRelaxDeps "$metadata_file" - _pythonRemoveDeps "$metadata_file" + _pythonRelaxDeps "$metadata_file" + _pythonRemoveDeps "$metadata_file" - if (( "${NIX_DEBUG:-0}" >= 1 )); then - echo "pythonRelaxDepsHook: resulting METADATA:" - cat "$unpack_dir/$pkg_name/$pkg_name.dist-info/METADATA" - fi + if (( "${NIX_DEBUG:-0}" >= 1 )); then + echo "pythonRelaxDepsHook: resulting METADATA for '$wheel':" + cat "$unpack_dir/$pkg_name/$pkg_name.dist-info/METADATA" + fi - @pythonInterpreter@ -m wheel pack "$unpack_dir/$pkg_name" + @pythonInterpreter@ -m wheel pack "$unpack_dir/$pkg_name" + done popd } From 1a11501d85df154135c5168cbad3f54349556b91 Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Sun, 12 Jun 2022 13:20:16 +0200 Subject: [PATCH 49/92] libxkbcommon: 1.4.0 -> 1.4.1 --- pkgs/development/libraries/libxkbcommon/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libxkbcommon/default.nix b/pkgs/development/libraries/libxkbcommon/default.nix index 5c632009bee..ca7feb996f7 100644 --- a/pkgs/development/libraries/libxkbcommon/default.nix +++ b/pkgs/development/libraries/libxkbcommon/default.nix @@ -21,11 +21,11 @@ stdenv.mkDerivation rec { pname = "libxkbcommon"; - version = "1.4.0"; + version = "1.4.1"; src = fetchurl { url = "https://xkbcommon.org/download/${pname}-${version}.tar.xz"; - sha256 = "0ca00awfzvxiznvd4mgwgxyqxiwvi07j5xxmg5z0l47rcd9fqv0h"; + sha256 = "0fbb2dyjvf71p42y2jmwdcylsvj03w52f5rb23c2d00rwahhfg4l"; }; outputs = [ "out" "dev" "doc" ]; From 6adaaf8d8ef21a9a51517ce5adec8279dbe00c0d Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Sun, 12 Jun 2022 21:21:30 +1000 Subject: [PATCH 50/92] file: 5.41 -> 5.42 (#177347) --- pkgs/tools/misc/file/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/misc/file/default.nix b/pkgs/tools/misc/file/default.nix index 9b982f2c2ea..eb14a4a7142 100644 --- a/pkgs/tools/misc/file/default.nix +++ b/pkgs/tools/misc/file/default.nix @@ -7,14 +7,14 @@ stdenv.mkDerivation rec { pname = "file"; - version = "5.41"; + version = "5.42"; src = fetchurl { urls = [ - "ftp://ftp.astron.com/pub/file/${pname}-${version}.tar.gz" + "https://astron.com/pub/file/${pname}-${version}.tar.gz" "https://distfiles.macports.org/file/${pname}-${version}.tar.gz" ]; - sha256 = "sha256-E+Uyx7Nk99V+I9/uoxRxAxUMuQWTpXr4bBDk9uQRYD8="; + sha256 = "sha256-wHb7TQKcdAc/FcQzYe9XLPuGhAfTRxkLqDSvOxY5sOQ="; }; strictDeps = true; From 8132fb355a3517ea306dc3a94277706837d1706e Mon Sep 17 00:00:00 2001 From: Artturin Date: Sun, 12 Jun 2022 23:57:17 +0300 Subject: [PATCH 51/92] vala: fix cross --- pkgs/development/compilers/vala/default.nix | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/pkgs/development/compilers/vala/default.nix b/pkgs/development/compilers/vala/default.nix index 546160ba5e3..0a468023616 100644 --- a/pkgs/development/compilers/vala/default.nix +++ b/pkgs/development/compilers/vala/default.nix @@ -1,5 +1,5 @@ { stdenv, lib, fetchurl, fetchpatch, pkg-config, flex, bison, libxslt, autoconf, autoreconfHook -, gnome, graphviz, glib, libiconv, libintl, libtool, expat, substituteAll +, gnome, graphviz, glib, libiconv, libintl, libtool, expat, substituteAll, vala }: let @@ -49,7 +49,9 @@ let # so that it can be used to regenerate documentation. patches = lib.optionals disableGraphviz [ graphvizPatch ./gvc-compat.patch ]; configureFlags = lib.optional disableGraphviz "--disable-graphviz"; - preBuild = lib.optionalString disableGraphviz "buildFlagsArray+=(\"VALAC=$(pwd)/compiler/valac\")"; + # when cross-compiling ./compiler/valac is valac for host + # so add the build vala in nativeBuildInputs + preBuild = lib.optionalString (disableGraphviz && (stdenv.buildPlatform == stdenv.hostPlatform)) "buildFlagsArray+=(\"VALAC=$(pwd)/compiler/valac\")"; outputs = [ "out" "devdoc" ]; @@ -57,6 +59,7 @@ let pkg-config flex bison libxslt ] ++ lib.optional (stdenv.isDarwin && (lib.versionAtLeast version "0.38")) expat ++ lib.optional disableGraphviz autoreconfHook # if we changed our ./configure script, need to reconfigure + ++ lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ vala ] ++ extraNativeBuildInputs; buildInputs = [ From 52e36bc559b7d48dece68ff5c6390bf8b1577721 Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Thu, 9 Jun 2022 10:26:16 +1000 Subject: [PATCH 52/92] libseccomp: 2.5.3 -> 2.5.4 https://github.com/seccomp/libseccomp/releases/tag/v2.5.4 --- pkgs/development/libraries/libseccomp/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libseccomp/default.nix b/pkgs/development/libraries/libseccomp/default.nix index fbc8a026af5..7cea80696a9 100644 --- a/pkgs/development/libraries/libseccomp/default.nix +++ b/pkgs/development/libraries/libseccomp/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "libseccomp"; - version = "2.5.3"; + version = "2.5.4"; src = fetchurl { url = "https://github.com/seccomp/libseccomp/releases/download/v${version}/libseccomp-${version}.tar.gz"; - sha256 = "sha256-WQZchzM2RyXpchukjDqZu8Uq+SHa9I30seAS+8exCnY="; + sha256 = "sha256-2CkCQAQFzwBoV07z3B/l9ZJiB1Q7oa5vjnoVdjUdy9s="; }; outputs = [ "out" "lib" "dev" "man" "pythonsrc" ]; From 99aaddced3704cc52af0e11de3363a173cafe117 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 14 Jun 2022 02:14:18 +0000 Subject: [PATCH 53/92] ethtool: 5.17 -> 5.18 --- pkgs/tools/misc/ethtool/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/misc/ethtool/default.nix b/pkgs/tools/misc/ethtool/default.nix index f80de50ea55..48d7a009c01 100644 --- a/pkgs/tools/misc/ethtool/default.nix +++ b/pkgs/tools/misc/ethtool/default.nix @@ -8,11 +8,11 @@ stdenv.mkDerivation rec { pname = "ethtool"; - version = "5.17"; + version = "5.18"; src = fetchurl { url = "mirror://kernel/software/network/${pname}/${pname}-${version}.tar.xz"; - sha256 = "sha256-ZKuRS5xrRQRyRdkfQLh2CycomSqeWvInF8ZEI46IkTM="; + sha256 = "sha256-lXey/7znELZZ+yOVmOySvO0cpADKDxKGdiv6ROR4QnA="; }; nativeBuildInputs = [ From 08615ec689ca43af112f834517691aa69fa8d9c3 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Tue, 14 Jun 2022 15:39:54 +0200 Subject: [PATCH 54/92] python310: 3.10.4 -> 3.10.5 https://docs.python.org/release/3.10.5/whatsnew/changelog.html#python-3-10-5-final --- pkgs/development/interpreters/python/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/interpreters/python/default.nix b/pkgs/development/interpreters/python/default.nix index e902fdcece3..805086a7872 100644 --- a/pkgs/development/interpreters/python/default.nix +++ b/pkgs/development/interpreters/python/default.nix @@ -133,10 +133,10 @@ with pkgs; sourceVersion = { major = "3"; minor = "10"; - patch = "4"; + patch = "5"; suffix = ""; }; - sha256 = "sha256-gL+SX1cdpDazUhCIbPefbrX6XWxXExa3NWg0NFH3ehk="; + sha256 = "sha256-hDfv1bEG7wp1qr+/I9iAYlEgpzqGoireTS4uaNe3RIY="; }; }; From 0fdc72b7e94f121943b4c03bc97c6b7bdabc28d9 Mon Sep 17 00:00:00 2001 From: Manuel Mendez Date: Mon, 13 Jun 2022 14:24:52 -0400 Subject: [PATCH 55/92] cc-wrapper: Add clang specific options to clang specific file This way gcc doesn't need to be rebuilt because of clang. This also avoids rebuilding clang when only the wrapper needs to be tweaked. --- .../cc-wrapper/add-clang-cc-cflags-before.sh | 11 +++++++++++ pkgs/build-support/cc-wrapper/cc-wrapper.sh | 6 ++---- pkgs/build-support/cc-wrapper/default.nix | 14 +++++++++----- 3 files changed, 22 insertions(+), 9 deletions(-) create mode 100644 pkgs/build-support/cc-wrapper/add-clang-cc-cflags-before.sh diff --git a/pkgs/build-support/cc-wrapper/add-clang-cc-cflags-before.sh b/pkgs/build-support/cc-wrapper/add-clang-cc-cflags-before.sh new file mode 100644 index 00000000000..f943b850468 --- /dev/null +++ b/pkgs/build-support/cc-wrapper/add-clang-cc-cflags-before.sh @@ -0,0 +1,11 @@ +needsTarget=true + +for p in "${params[@]}"; do + case "$p" in + -target | --target=*) needsTarget=false ;; + esac +done + +if $needsTarget; then + extraBefore+=(-target @defaultTarget@) +fi diff --git a/pkgs/build-support/cc-wrapper/cc-wrapper.sh b/pkgs/build-support/cc-wrapper/cc-wrapper.sh index b8049dafb98..651519490aa 100644 --- a/pkgs/build-support/cc-wrapper/cc-wrapper.sh +++ b/pkgs/build-support/cc-wrapper/cc-wrapper.sh @@ -29,7 +29,6 @@ cc1=0 cxxInclude=1 cxxLibrary=1 cInclude=1 -needsTarget=@needsTarget@ expandResponseParams "$@" linkType=$(checkLinkType "${params[@]}") @@ -47,7 +46,6 @@ while (( "$n" < "$nParams" )); do -nostdinc) cInclude=0 cxxInclude=0 ;; -nostdinc++) cxxInclude=0 ;; -nostdlib) cxxLibrary=0 ;; - -target|--target=*) needsTarget=0;; -x) case "$p2" in *-header) dontLink=1 ;; @@ -161,8 +159,8 @@ if [ "$dontLink" != 1 ]; then export NIX_LINK_TYPE_@suffixSalt@=$linkType fi -if [ $needsTarget == 1 ]; then - extraAfter+=(-target @defaultTarget@) +if [[ -e @out@/nix-support/add-local-cc-cflags-before.sh ]]; then + source @out@/nix-support/add-local-cflags-before.sh fi # As a very special hack, if the arguments are just `-v', then don't diff --git a/pkgs/build-support/cc-wrapper/default.nix b/pkgs/build-support/cc-wrapper/default.nix index 1fc0491cbec..5be2589088b 100644 --- a/pkgs/build-support/cc-wrapper/default.nix +++ b/pkgs/build-support/cc-wrapper/default.nix @@ -208,7 +208,6 @@ stdenv.mkDerivation { + '' export named_cc=${targetPrefix}cc export named_cxx=${targetPrefix}c++ - export needsTarget=0 if [ -e $ccPath/${targetPrefix}gcc ]; then wrap ${targetPrefix}gcc $wrapper $ccPath/${targetPrefix}gcc @@ -216,8 +215,6 @@ stdenv.mkDerivation { export named_cc=${targetPrefix}gcc export named_cxx=${targetPrefix}g++ elif [ -e $ccPath/clang ]; then - needsTarget=1 - export defaultTarget=${targetPlatform.config} wrap ${targetPrefix}clang $wrapper $ccPath/clang ln -s ${targetPrefix}clang $out/bin/${targetPrefix}cc export named_cc=${targetPrefix}clang @@ -228,8 +225,6 @@ stdenv.mkDerivation { wrap ${targetPrefix}g++ $wrapper $ccPath/${targetPrefix}g++ ln -s ${targetPrefix}g++ $out/bin/${targetPrefix}c++ elif [ -e $ccPath/clang++ ]; then - needsTarget=1 - export defaultTarget=${targetPlatform.config} wrap ${targetPrefix}clang++ $wrapper $ccPath/clang++ ln -s ${targetPrefix}clang++ $out/bin/${targetPrefix}c++ fi @@ -519,6 +514,15 @@ stdenv.mkDerivation { substituteAll ${../wrapper-common/utils.bash} $out/nix-support/utils.bash '' + ## + ## General Clang support + ## Needs to go after ^ because the for loop eats \n and makes this file an invalid script + ## + + optionalString isClang '' + export defaultTarget=${targetPlatform.config} + substituteAll ${./add-clang-cc-cflags-before.sh} $out/nix-support/add-local-cc-cflags-before.sh + '' + ## ## Extra custom steps ## From 64fc13ff1d9722b7fe87f0413a6d045b483b37f0 Mon Sep 17 00:00:00 2001 From: Adam Joseph Date: Wed, 15 Jun 2022 12:10:44 -0700 Subject: [PATCH 56/92] setup.sh: use -exec rather than -execdir Busybox's `find` does not support `-execdir`, so let's uses `-exec` instead, in the spirit of requiring the minimum features needed for the task. --- pkgs/stdenv/generic/setup.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/stdenv/generic/setup.sh b/pkgs/stdenv/generic/setup.sh index 40ffd9344e3..9ff1995eded 100644 --- a/pkgs/stdenv/generic/setup.sh +++ b/pkgs/stdenv/generic/setup.sh @@ -1031,10 +1031,10 @@ configurePhase() { -executable \ -type f \ -name configure \ - -execdir grep -l 'GNU Libtool is free software; you can redistribute it and/or modify' {} \; \ - -execdir touch -r {} "$CONFIGURE_MTIME_REFERENCE" \; \ - -execdir sed -i s_/usr/bin/file_file_g {} \; \ - -execdir touch -r "$CONFIGURE_MTIME_REFERENCE" {} \; + -exec grep -l 'GNU Libtool is free software; you can redistribute it and/or modify' {} \; \ + -exec touch -r {} "$CONFIGURE_MTIME_REFERENCE" \; \ + -exec sed -i s_/usr/bin/file_file_g {} \; \ + -exec touch -r "$CONFIGURE_MTIME_REFERENCE" {} \; rm -f "$CONFIGURE_MTIME_REFERENCE" fi From 912eb001da85949daa4371729c1e75b56be1fff3 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Wed, 15 Jun 2022 23:32:54 +0100 Subject: [PATCH 57/92] linuxHeaders: backport fix to restore __bitwise__ define Without it openiscsi build fails in staging-next as: ../../include/iscsi_proto.h:550:9: error: unknown type name 'itt_t' 550 | itt_t itt; /* Initiator Task Tag */ | ^~~~~ --- pkgs/os-specific/linux/kernel-headers/default.nix | 3 +++ .../kernel-headers/restore-__bitwise__.patch | 15 +++++++++++++++ 2 files changed, 18 insertions(+) create mode 100644 pkgs/os-specific/linux/kernel-headers/restore-__bitwise__.patch diff --git a/pkgs/os-specific/linux/kernel-headers/default.nix b/pkgs/os-specific/linux/kernel-headers/default.nix index d07c9073e6a..5b2fb62cb95 100644 --- a/pkgs/os-specific/linux/kernel-headers/default.nix +++ b/pkgs/os-specific/linux/kernel-headers/default.nix @@ -93,6 +93,9 @@ in { }; patches = [ ./no-relocs.patch # for building x86 kernel headers on non-ELF platforms + + # 5.19 backport. Can be removed on update. + ./restore-__bitwise__.patch ]; }; } diff --git a/pkgs/os-specific/linux/kernel-headers/restore-__bitwise__.patch b/pkgs/os-specific/linux/kernel-headers/restore-__bitwise__.patch new file mode 100644 index 00000000000..67d2af8fc3b --- /dev/null +++ b/pkgs/os-specific/linux/kernel-headers/restore-__bitwise__.patch @@ -0,0 +1,15 @@ +https://github.com/torvalds/linux/commit/caa28984163cb63ea0be4cb8dbf05defdc7303f9 + +Fixes openiscsi build. +--- a/include/uapi/linux/types.h ++++ b/include/uapi/linux/types.h +@@ -26,6 +26,9 @@ + #define __bitwise + #endif + ++/* The kernel doesn't use this legacy form, but user space does */ ++#define __bitwise__ __bitwise ++ + typedef __u16 __bitwise __le16; + typedef __u16 __bitwise __be16; + typedef __u32 __bitwise __le32; From e0692dfb4f30bd1268bb95b94d6fcf0f1b0f2446 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= Date: Sun, 12 Jun 2022 04:50:32 +0000 Subject: [PATCH 58/92] python310Packages.ipython: 8.2.0 -> 8.4.0 https://github.com/ipython/ipython/blob/8.4.0/docs/source/whatsnew/version8.rst --- .../python-modules/ipython/default.nix | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/pkgs/development/python-modules/ipython/default.nix b/pkgs/development/python-modules/ipython/default.nix index 0a39950689d..b5e99fe4a7d 100644 --- a/pkgs/development/python-modules/ipython/default.nix +++ b/pkgs/development/python-modules/ipython/default.nix @@ -5,7 +5,7 @@ , pythonOlder # Build dependencies -, glibcLocales +, setuptools # Runtime dependencies , appnope @@ -27,17 +27,17 @@ buildPythonPackage rec { pname = "ipython"; - version = "8.2.0"; + version = "8.4.0"; format = "pyproject"; disabled = pythonOlder "3.8"; src = fetchPypi { inherit pname version; - sha256 = "sha256-cOXrEyysWUo0tfeZvSUliQCZBfBRBHKK6mpAPsJRncE="; + sha256 = "f2db3a10254241d9b447232cec8b424847f338d9d36f9a577a6192c332a46abd"; }; - buildInputs = [ - glibcLocales + nativeBuildInputs = [ + setuptools ]; propagatedBuildInputs = [ @@ -55,8 +55,6 @@ buildPythonPackage rec { appnope ]; - LC_ALL="en_US.UTF-8"; - pythonImportsCheck = [ "IPython" ]; @@ -74,7 +72,10 @@ buildPythonPackage rec { testpath ]; - disabledTests = lib.optionals (stdenv.isDarwin) [ + disabledTests = [ + # UnboundLocalError: local variable 'child' referenced before assignment + "test_system_interrupt" + ] ++ lib.optionals (stdenv.isDarwin) [ # FileNotFoundError: [Errno 2] No such file or directory: 'pbpaste' "test_clipboard_get" ]; @@ -82,6 +83,7 @@ buildPythonPackage rec { meta = with lib; { description = "IPython: Productive Interactive Computing"; homepage = "https://ipython.org/"; + changelog = "https://github.com/ipython/ipython/blob/${version}/docs/source/whatsnew/version${lib.versions.major version}.rst"; license = licenses.bsd3; maintainers = with maintainers; [ bjornfor fridh ]; }; From e04ac131cfdc58c654e093795ba949018d862834 Mon Sep 17 00:00:00 2001 From: kilianar Date: Thu, 16 Jun 2022 14:23:03 +0200 Subject: [PATCH 59/92] oniguruma: 6.9.7.1 -> 6.9.8 https://github.com/kkos/oniguruma/releases/tag/v6.9.8 --- pkgs/development/libraries/oniguruma/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/oniguruma/default.nix b/pkgs/development/libraries/oniguruma/default.nix index e50750d58ec..bc084829e7b 100644 --- a/pkgs/development/libraries/oniguruma/default.nix +++ b/pkgs/development/libraries/oniguruma/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "onig"; - version = "6.9.7.1"; + version = "6.9.8"; src = fetchFromGitHub { owner = "kkos"; repo = "oniguruma"; rev = "v${version}"; - sha256 = "sha256-IBWxmzmVdKTkHbfy7V8ejpeIdfOU/adGwpUTCMdLU3w="; + sha256 = "sha256-8aFZdhh6ovLCR0A17rvWq/Oif66rSMnHcCYHjClNElw="; }; nativeBuildInputs = [ autoreconfHook ]; From d9775e93ec48769d2d9d19abed0b4f13e6b3907f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tomasz=20Ho=C5=82ubowicz?= Date: Thu, 2 Jun 2022 13:42:22 +0200 Subject: [PATCH 60/92] p11-kit: add path to openSUSE certificate store --- pkgs/development/libraries/p11-kit/default.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pkgs/development/libraries/p11-kit/default.nix b/pkgs/development/libraries/p11-kit/default.nix index df6e364d2e9..fee4a2e8259 100644 --- a/pkgs/development/libraries/p11-kit/default.nix +++ b/pkgs/development/libraries/p11-kit/default.nix @@ -59,9 +59,10 @@ stdenv.mkDerivation rec { "--sysconfdir=/etc" "--localstatedir=/var" "--with-trust-paths=${lib.concatStringsSep ":" [ - "/etc/ssl/trust-source" # p11-kit trust source - "/etc/ssl/certs/ca-certificates.crt" # NixOS + Debian/Ubuntu/Arch/Gentoo... - "/etc/pki/tls/certs/ca-bundle.crt" # Fedora/CentOS + "/etc/ssl/trust-source" # p11-kit trust source + "/etc/ssl/certs/ca-certificates.crt" # NixOS + Debian/Ubuntu/Arch/Gentoo... + "/etc/pki/tls/certs/ca-bundle.crt" # Fedora/CentOS + "/var/lib/ca-certificates/ca-bundle.pem" # openSUSE ]}" ]; From 40c7edc3ab8fecf0d9c564a493aa14aa7f8658f6 Mon Sep 17 00:00:00 2001 From: AndersonTorres Date: Sat, 11 Jun 2022 21:32:32 -0300 Subject: [PATCH 61/92] coreutils: use SRI hash format --- pkgs/tools/misc/coreutils/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/tools/misc/coreutils/default.nix b/pkgs/tools/misc/coreutils/default.nix index b7ee7967953..4b1a4add955 100644 --- a/pkgs/tools/misc/coreutils/default.nix +++ b/pkgs/tools/misc/coreutils/default.nix @@ -26,7 +26,7 @@ stdenv.mkDerivation (rec { src = fetchurl { url = "mirror://gnu/coreutils/coreutils-${version}.tar.xz"; - sha256 = "sha256:08q4b0w7mwfxbqjs712l6wrwl2ijs7k50kssgbryg9wbsw8g98b1"; + sha256 = "sha256-YaH0ENeLp+fzelpPUObRMgrKMzdUhKMlXt3xejhYBCM="; }; postPatch = '' From 0b60b10eb7739d0c6f4f6579ca622ca5683a9488 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Thu, 9 Jun 2022 23:02:37 +0200 Subject: [PATCH 62/92] python310Packages.requests: 2.27.1 -> 2.28.0 --- .../development/python-modules/requests/default.nix | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/pkgs/development/python-modules/requests/default.nix b/pkgs/development/python-modules/requests/default.nix index be996151f98..b87be59bad8 100644 --- a/pkgs/development/python-modules/requests/default.nix +++ b/pkgs/development/python-modules/requests/default.nix @@ -1,7 +1,5 @@ { lib , stdenv -, pythonOlder -, brotli , brotlicffi , buildPythonPackage , certifi @@ -9,24 +7,22 @@ , charset-normalizer , fetchPypi , idna -, isPy27 -, isPy3k , pysocks , pytest-mock , pytest-xdist , pytestCheckHook +, pythonOlder , urllib3 }: buildPythonPackage rec { pname = "requests"; - version = "2.27.1"; - + version = "2.28.0"; disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - hash = "sha256-aNfFb9WomZiHco7zBKbRLtx7508c+kdxT8i0FFJcmmE="; + hash = "sha256-1WhyOn69JYddjR6vXfoGjNL8gZSy5IPXsffIGRjb7Gs="; }; patches = [ @@ -59,9 +55,6 @@ buildPythonPackage rec { ] ++ passthru.optional-dependencies.socks; - # AttributeError: 'KeywordMapping' object has no attribute 'get' - doCheck = !isPy27; - disabledTests = [ # Disable tests that require network access and use httpbin "requests.api.request" From 2ee6526b2a52ae7d244887ef4207c3ae54865c87 Mon Sep 17 00:00:00 2001 From: AndersonTorres Date: Thu, 16 Jun 2022 13:51:29 -0300 Subject: [PATCH 63/92] Cosmetical: 80-char fill the opening paragraph of all-packages.nix --- pkgs/top-level/all-packages.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index a13e76d8267..02d9703724f 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1,8 +1,8 @@ /* The top-level package collection of nixpkgs. - * It is sorted by categories corresponding to the folder names - * in the /pkgs folder. Inside the categories packages are roughly - * sorted by alphabet, but strict sorting has been long lost due - * to merges. Please use the full-text search of your editor. ;) + * It is sorted by categories corresponding to the folder names in the /pkgs + * folder. Inside the categories packages are roughly sorted by alphabet, but + * strict sorting has been long lost due to merges. Please use the full-text + * search of your editor. ;) * Hint: ### starts category names. */ { lib, noSysDirs, config, overlays }: From e418cc4298654659ae512a4e8f3e4144a3bf3ead Mon Sep 17 00:00:00 2001 From: AndersonTorres Date: Thu, 16 Jun 2022 13:49:41 -0300 Subject: [PATCH 64/92] Move uclibc to uclibc-ng In order to keep coherence between upstream project's name. Also, aliasing it to the older names uclibc and uclibcCross. --- pkgs/os-specific/linux/{uclibc => uclibc-ng}/default.nix | 0 pkgs/top-level/all-packages.nix | 8 ++++++-- 2 files changed, 6 insertions(+), 2 deletions(-) rename pkgs/os-specific/linux/{uclibc => uclibc-ng}/default.nix (100%) diff --git a/pkgs/os-specific/linux/uclibc/default.nix b/pkgs/os-specific/linux/uclibc-ng/default.nix similarity index 100% rename from pkgs/os-specific/linux/uclibc/default.nix rename to pkgs/os-specific/linux/uclibc-ng/default.nix diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 02d9703724f..3186a19311d 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -24038,12 +24038,16 @@ with pkgs; buildBarebox bareboxTools; - uclibc = callPackage ../os-specific/linux/uclibc { }; + uclibc-ng = callPackage ../os-specific/linux/uclibc-ng { }; - uclibcCross = callPackage ../os-specific/linux/uclibc { + uclibc-ng-cross = callPackage ../os-specific/linux/uclibc-ng { stdenv = crossLibcStdenv; }; + # Aliases + uclibc = uclibc-ng; + uclibcCross = uclibc-ng-cross; + eudev = callPackage ../os-specific/linux/eudev { util-linux = util-linuxMinimal; }; libudev0-shim = callPackage ../os-specific/linux/libudev0-shim { }; From 949579633ddf817daa7d29baf8abdc3c99c18e8d Mon Sep 17 00:00:00 2001 From: AndersonTorres Date: Thu, 16 Jun 2022 17:29:09 -0300 Subject: [PATCH 65/92] uclibc-ng: 1.0.38 -> 1.0.41 Also - Add AndersonTorres as maintainer - Set badPlatforms to aarch64 (because it does not exist on the source tree of uclibc-ng --- pkgs/os-specific/linux/uclibc-ng/default.nix | 67 +++++++++++++------- 1 file changed, 45 insertions(+), 22 deletions(-) diff --git a/pkgs/os-specific/linux/uclibc-ng/default.nix b/pkgs/os-specific/linux/uclibc-ng/default.nix index 1d4166e4083..f7cd34a458c 100644 --- a/pkgs/os-specific/linux/uclibc-ng/default.nix +++ b/pkgs/os-specific/linux/uclibc-ng/default.nix @@ -1,9 +1,14 @@ -{ lib, stdenv, buildPackages -, fetchurl, linuxHeaders, libiconvReal +{ lib +, stdenv +, buildPackages +, fetchurl +, linuxHeaders +, libiconvReal , extraConfig ? "" }: let + isCross = (stdenv.buildPlatform != stdenv.hostPlatform); configParser = '' function parseconfig { set -x @@ -36,12 +41,13 @@ let UCLIBC_HAS_RPC y DO_C99_MATH y UCLIBC_HAS_PROGRAM_INVOCATION_NAME y + UCLIBC_HAS_RESOLVER_SUPPORT y UCLIBC_SUSV4_LEGACY y UCLIBC_HAS_THREADS_NATIVE y KERNEL_HEADERS "${linuxHeaders}/include" '' + lib.optionalString (stdenv.hostPlatform.gcc.float or "" == "soft") '' UCLIBC_HAS_FPU n - '' + lib.optionalString (stdenv.isAarch32 && stdenv.buildPlatform != stdenv.hostPlatform) '' + '' + lib.optionalString (stdenv.isAarch32 && isCross) '' CONFIG_ARM_EABI y ARCH_WANTS_BIG_ENDIAN n ARCH_BIG_ENDIAN n @@ -49,18 +55,14 @@ let ARCH_LITTLE_ENDIAN y UCLIBC_HAS_FPU n ''; - - version = "1.0.38"; in - -stdenv.mkDerivation { +stdenv.mkDerivation rec { pname = "uclibc-ng"; - inherit version; + version = "1.0.41"; src = fetchurl { - url = "https://downloads.uclibc-ng.org/releases/${version}/uClibc-ng-${version}.tar.bz2"; - # from "${url}.sha256"; - sha256 = "sha256-7wexvOOfDpIsM3XcdhHxESz7GsOW+ZkiA0dfiN5rHrU="; + url = "https://downloads.uclibc-ng.org/releases/${version}/uClibc-ng-${version}.tar.xz"; + sha256 = "sha256-syqSoCGNlZItaXZGTm71Hi66z7zbYFggRY2du4ph4CU="; }; # 'ftw' needed to build acl, a coreutils dependency @@ -78,7 +80,7 @@ stdenv.mkDerivation { hardeningDisable = [ "stackprotector" ]; # Cross stripping hurts. - dontStrip = stdenv.hostPlatform != stdenv.buildPlatform; + dontStrip = isCross; depsBuildBuild = [ buildPackages.stdenv.cc ]; @@ -86,7 +88,7 @@ stdenv.mkDerivation { "ARCH=${stdenv.hostPlatform.linuxArch}" "TARGET_ARCH=${stdenv.hostPlatform.linuxArch}" "VERBOSE=1" - ] ++ lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ + ] ++ lib.optionals (isCross) [ "CROSS=${stdenv.cc.targetPrefix}" ]; @@ -95,24 +97,45 @@ stdenv.mkDerivation { enableParallelBuilding = false; installPhase = '' + runHook preInstall + mkdir -p $out make $makeFlags PREFIX=$out VERBOSE=1 install (cd $out/include && ln -s $(ls -d ${linuxHeaders}/include/* | grep -v "scsi$") .) # libpthread.so may not exist, so I do || true sed -i s@/lib/@$out/lib/@g $out/lib/libc.so $out/lib/libpthread.so || true - ''; - passthru = { - # Derivations may check for the existance of this attribute, to know what to link to. - libiconv = libiconvReal; - }; + runHook postInstall + ''; meta = with lib; { homepage = "https://uclibc-ng.org"; - description = "A small implementation of the C library"; - maintainers = with maintainers; [ rasendubi ]; - license = licenses.lgpl2; + description = "Embedded C library"; + longDescription = '' + uClibc-ng is a small C library for developing embedded Linux systems. It + is much smaller than the GNU C Library, but nearly all applications + supported by glibc also work perfectly with uClibc-ng. + + Porting applications from glibc to uClibc-ng typically involves just + recompiling the source code. uClibc-ng supports shared libraries and + threading. It currently runs on standard Linux and MMU-less (also known as + uClinux) systems with support for Aarch64, Alpha, ARC, ARM, AVR32, + Blackfin, CRIS, C-Sky, C6X, FR-V, H8/300, HPPA, i386, IA64, KVX, LM32, + M68K/Coldfire, Metag, Microblaze, MIPS, MIPS64, NDS32, NIOS2, OpenRISC, + PowerPC, RISCV64, Sparc, Sparc64, SuperH, Tile, X86_64 and XTENSA + processors. Alpha, FR-V, HPPA, IA64, LM32, NIOS2, Tile and Sparc64 are + experimental and need more testing. + ''; + license = licenses.lgpl2Plus; + maintainers = with maintainers; [ rasendubi AndersonTorres ]; platforms = platforms.linux; - broken = stdenv.hostPlatform.isAarch32 || stdenv.hostPlatform.isAarch64; + badPlatforms = platforms.aarch64; }; + + passthru = { + # Derivations may check for the existance of this attribute, to know what to + # link to. + libiconv = libiconvReal; + }; + } From c1136b341ed1df5d7090dddf9656e850cb66da8a Mon Sep 17 00:00:00 2001 From: timothy <387270+timothyklim@users.noreply.github.com> Date: Fri, 17 Jun 2022 11:34:53 +0700 Subject: [PATCH 66/92] postgresql_14: 14.3 -> 14.4 (#177903) --- pkgs/servers/sql/postgresql/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/sql/postgresql/default.nix b/pkgs/servers/sql/postgresql/default.nix index bfbac087bc3..7c1ed8b6b37 100644 --- a/pkgs/servers/sql/postgresql/default.nix +++ b/pkgs/servers/sql/postgresql/default.nix @@ -239,9 +239,9 @@ in self: { }; postgresql_14 = self.callPackage generic { - version = "14.3"; + version = "14.4"; psqlSchema = "14"; - sha256 = "sha256-J5BXNov1mpGcBa2o+VxeBKu0PnS5oqacPUaiDgeprzg="; + sha256 = "sha256-wjtiN8UjHHkVEb3HkJhhfWhS6eO982Dv2LXRWho9j2o="; this = self.postgresql_14; thisAttr = "postgresql_14"; inherit self; From 6eb689d4901e6a0ee52c3ea0927f81da0df91d68 Mon Sep 17 00:00:00 2001 From: Dmitry Bogatov Date: Fri, 17 Jun 2022 20:23:35 -0400 Subject: [PATCH 67/92] cc-wrapper: fix typo in shell script Noticed this bug when was trying to bootstrap m4 on darwin. That fixes line 163: no such file or directory error That does not solve all problems staging has on darwin. --- pkgs/build-support/cc-wrapper/cc-wrapper.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/build-support/cc-wrapper/cc-wrapper.sh b/pkgs/build-support/cc-wrapper/cc-wrapper.sh index 651519490aa..83b6817798f 100644 --- a/pkgs/build-support/cc-wrapper/cc-wrapper.sh +++ b/pkgs/build-support/cc-wrapper/cc-wrapper.sh @@ -160,7 +160,7 @@ if [ "$dontLink" != 1 ]; then fi if [[ -e @out@/nix-support/add-local-cc-cflags-before.sh ]]; then - source @out@/nix-support/add-local-cflags-before.sh + source @out@/nix-support/add-local-cc-cflags-before.sh fi # As a very special hack, if the arguments are just `-v', then don't From f93c47b2e31b31cff50b0dd84cb39355600955f2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 1 Jun 2022 22:06:26 +0200 Subject: [PATCH 68/92] ruby: enable O3 optimization --- pkgs/development/interpreters/ruby/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkgs/development/interpreters/ruby/default.nix b/pkgs/development/interpreters/ruby/default.nix index 07349cf4f91..4381e6b6ddd 100644 --- a/pkgs/development/interpreters/ruby/default.nix +++ b/pkgs/development/interpreters/ruby/default.nix @@ -137,6 +137,10 @@ let (lib.enableFeature docSupport "install-doc") (lib.withFeature jemallocSupport "jemalloc") (lib.withFeatureAs docSupport "ridir" "${placeholder "devdoc"}/share/ri") + # ruby enables -O3 for gcc, however our compiler hardening wrapper + # overrides that by enabling `-O2` which is the minimum optimization + # needed for `_FORTIFY_SOURCE`. + ] ++ lib.optional stdenv.cc.isGNU "CFLAGS=-O3" ++ [ ] ++ ops stdenv.isDarwin [ # on darwin, we have /usr/include/tk.h -- so the configure script detects # that tk is installed From fe8f468f0e9e9d30a86cce3cfe556abf26bf1b44 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 18 Jun 2022 07:16:34 +0200 Subject: [PATCH 69/92] Revert "ruby: enable O3 optimization" This reverts commit 64e09fac3d6b74da210f6b09aeb947f9ba2e8f16. This commit should go to staging first. --- pkgs/development/interpreters/ruby/default.nix | 4 ---- 1 file changed, 4 deletions(-) diff --git a/pkgs/development/interpreters/ruby/default.nix b/pkgs/development/interpreters/ruby/default.nix index 4381e6b6ddd..07349cf4f91 100644 --- a/pkgs/development/interpreters/ruby/default.nix +++ b/pkgs/development/interpreters/ruby/default.nix @@ -137,10 +137,6 @@ let (lib.enableFeature docSupport "install-doc") (lib.withFeature jemallocSupport "jemalloc") (lib.withFeatureAs docSupport "ridir" "${placeholder "devdoc"}/share/ri") - # ruby enables -O3 for gcc, however our compiler hardening wrapper - # overrides that by enabling `-O2` which is the minimum optimization - # needed for `_FORTIFY_SOURCE`. - ] ++ lib.optional stdenv.cc.isGNU "CFLAGS=-O3" ++ [ ] ++ ops stdenv.isDarwin [ # on darwin, we have /usr/include/tk.h -- so the configure script detects # that tk is installed From 49145d30e050e3dc1dddbb0d11d25b55c7336731 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sat, 18 Jun 2022 07:21:38 +0200 Subject: [PATCH 70/92] Revert "Revert "ruby: enable O3 optimization"" This reverts commit fe8f468f0e9e9d30a86cce3cfe556abf26bf1b44. Now we are targeting the right branch. --- pkgs/development/interpreters/ruby/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkgs/development/interpreters/ruby/default.nix b/pkgs/development/interpreters/ruby/default.nix index 07349cf4f91..4381e6b6ddd 100644 --- a/pkgs/development/interpreters/ruby/default.nix +++ b/pkgs/development/interpreters/ruby/default.nix @@ -137,6 +137,10 @@ let (lib.enableFeature docSupport "install-doc") (lib.withFeature jemallocSupport "jemalloc") (lib.withFeatureAs docSupport "ridir" "${placeholder "devdoc"}/share/ri") + # ruby enables -O3 for gcc, however our compiler hardening wrapper + # overrides that by enabling `-O2` which is the minimum optimization + # needed for `_FORTIFY_SOURCE`. + ] ++ lib.optional stdenv.cc.isGNU "CFLAGS=-O3" ++ [ ] ++ ops stdenv.isDarwin [ # on darwin, we have /usr/include/tk.h -- so the configure script detects # that tk is installed From 643104fece05d2013f7c43564b6729a05bbbcf2e Mon Sep 17 00:00:00 2001 From: OPNA2608 Date: Tue, 14 Jun 2022 01:42:58 +0200 Subject: [PATCH 71/92] srb2: openmpt123 -> libopenmpt --- pkgs/games/srb2/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/games/srb2/default.nix b/pkgs/games/srb2/default.nix index ff5e0f43036..1a4862904ab 100644 --- a/pkgs/games/srb2/default.nix +++ b/pkgs/games/srb2/default.nix @@ -6,7 +6,7 @@ , cmake , curl , nasm -, openmpt123 +, libopenmpt , p7zip , libgme , libpng @@ -50,7 +50,7 @@ in stdenv.mkDerivation rec { curl libgme libpng - openmpt123 + libopenmpt SDL2 SDL2_mixer zlib @@ -59,7 +59,7 @@ in stdenv.mkDerivation rec { cmakeFlags = [ "-DSRB2_ASSET_DIRECTORY=/build/source/assets" "-DGME_INCLUDE_DIR=${libgme}/include" - "-DOPENMPT_INCLUDE_DIR=${openmpt123}/include" + "-DOPENMPT_INCLUDE_DIR=${libopenmpt.dev}/include" "-DSDL2_MIXER_INCLUDE_DIR=${SDL2_mixer}/include/SDL2" "-DSDL2_INCLUDE_DIR=${SDL2.dev}/include/SDL2" ]; From 312928f0bc5df5d8e1e6ed4a903218bc1d1bb1a7 Mon Sep 17 00:00:00 2001 From: AndersonTorres Date: Fri, 17 Jun 2022 18:37:46 -0300 Subject: [PATCH 72/92] coreutils: refactor the expression --- pkgs/tools/misc/coreutils/default.nix | 108 +++++++++++++++----------- 1 file changed, 64 insertions(+), 44 deletions(-) diff --git a/pkgs/tools/misc/coreutils/default.nix b/pkgs/tools/misc/coreutils/default.nix index 4b1a4add955..f6d2591716e 100644 --- a/pkgs/tools/misc/coreutils/default.nix +++ b/pkgs/tools/misc/coreutils/default.nix @@ -1,27 +1,37 @@ -{ stdenv, lib, buildPackages -, autoreconfHook, bison, texinfo, fetchurl, perl, xz, libiconv, gmp ? null -, aclSupport ? stdenv.isLinux, acl ? null -, attrSupport ? stdenv.isLinux, attr ? null -, selinuxSupport? false, libselinux ? null, libsepol ? null +{ lib +, stdenv +, fetchurl +, autoreconfHook +, buildPackages +, libiconv +, perl +, texinfo +, xz +, gmpSupport ? true, gmp +, aclSupport ? stdenv.isLinux, acl +, attrSupport ? stdenv.isLinux, attr +, selinuxSupport ? false, libselinux, libsepol # No openssl in default version, so openssl-induced rebuilds aren't too big. # It makes *sum functions significantly faster. -, minimal ? true, withOpenssl ? !minimal, openssl ? null +, minimal ? true +, withOpenssl ? !minimal, openssl , withPrefix ? false , singleBinary ? "symlinks" # you can also pass "shebangs" or false }: -# Note: this package is used for bootstrapping fetchurl, and thus -# cannot use fetchpatch! All mutable patches (generated by GitHub or -# cgit) that are needed here should be included directly in Nixpkgs as -# files. +# Note: this package is used for bootstrapping fetchurl, and thus cannot use +# fetchpatch! All mutable patches (generated by GitHub or cgit) that are needed +# here should be included directly in Nixpkgs as files. assert aclSupport -> acl != null; assert selinuxSupport -> libselinux != null && libsepol != null; -with lib; - -stdenv.mkDerivation (rec { - pname = "coreutils${optionalString (!minimal) "-full"}"; +let + inherit (lib) concatStringsSep isString optional optionals optionalString; + isCross = (stdenv.hostPlatform != stdenv.buildPlatform); +in +stdenv.mkDerivation rec { + pname = "coreutils" + (optionalString (!minimal) "-full"); version = "9.1"; src = fetchurl { @@ -30,7 +40,7 @@ stdenv.mkDerivation (rec { }; postPatch = '' - # The test tends to fail on btrfs,f2fs and maybe other unusual filesystems. + # The test tends to fail on btrfs, f2fs and maybe other unusual filesystems. sed '2i echo Skipping dd sparse test && exit 77' -i ./tests/dd/sparse.sh sed '2i echo Skipping du threshold test && exit 77' -i ./tests/du/threshold.sh sed '2i echo Skipping cp sparse test && exit 77' -i ./tests/cp/sparse.sh @@ -60,7 +70,7 @@ stdenv.mkDerivation (rec { # intermittent failures on builders, unknown reason sed '2i echo Skipping du basic test && exit 77' -i ./tests/du/basic.sh - '' + (optionalString (stdenv.hostPlatform.libc == "musl") (lib.concatStringsSep "\n" [ + '' + (optionalString (stdenv.hostPlatform.libc == "musl") (concatStringsSep "\n" [ '' echo "int main() { return 77; }" > gnulib-tests/test-parse-datetime.c echo "int main() { return 77; }" > gnulib-tests/test-getlogin.c @@ -75,43 +85,54 @@ stdenv.mkDerivation (rec { outputs = [ "out" "info" ]; separateDebugInfo = true; - nativeBuildInputs = [ perl xz.bin autoreconfHook ] # autoreconfHook is due to patch, normally only needed for cygwin - ++ optionals stdenv.hostPlatform.isCygwin [ texinfo ]; # due to patch + nativeBuildInputs = [ + # autoreconfHook is due to patch, normally only needed for cygwin + autoreconfHook + perl + xz.bin + ] + ++ optionals stdenv.hostPlatform.isCygwin [ + # due to patch + texinfo + ]; + + buildInputs = [ ] + ++ optional aclSupport acl + ++ optional attrSupport attr + ++ optional gmpSupport gmp + ++ optional withOpenssl openssl + ++ optionals selinuxSupport [ libselinux libsepol ] + # TODO(@Ericson2314): Investigate whether Darwin could benefit too + ++ optional (isCross && stdenv.hostPlatform.libc != "glibc") libiconv; + configureFlags = [ "--with-packager=https://nixos.org" ] ++ optional (singleBinary != false) ("--enable-single-binary" + optionalString (isString singleBinary) "=${singleBinary}") ++ optional withOpenssl "--with-openssl" ++ optional stdenv.hostPlatform.isSunOS "ac_cv_func_inotify_init=no" ++ optional withPrefix "--program-prefix=g" - ++ optional stdenv.isDarwin "--disable-nls" # the shipped configure script doesn't enable nls, but using autoreconfHook does so which breaks the build - ++ optionals (stdenv.hostPlatform != stdenv.buildPlatform && stdenv.hostPlatform.libc == "glibc") [ + # the shipped configure script doesn't enable nls, but using autoreconfHook + # does so which breaks the build + ++ optional stdenv.isDarwin "--disable-nls" + ++ optionals (isCross && stdenv.hostPlatform.libc == "glibc") [ # TODO(19b98110126fde7cbb1127af7e3fe1568eacad3d): Needed for fstatfs() I # don't know why it is not properly detected cross building with glibc. "fu_cv_sys_stat_statfs2_bsize=yes" ]; - - buildInputs = [ gmp ] - ++ optional aclSupport acl - ++ optional attrSupport attr - ++ optional withOpenssl openssl - ++ optionals selinuxSupport [ libselinux libsepol ] - # TODO(@Ericson2314): Investigate whether Darwin could benefit too - ++ optional (stdenv.hostPlatform != stdenv.buildPlatform && stdenv.hostPlatform.libc != "glibc") libiconv; - # The tests are known broken on Cygwin # (http://article.gmane.org/gmane.comp.gnu.core-utils.bugs/19025), # Darwin (http://article.gmane.org/gmane.comp.gnu.core-utils.bugs/19351), # and {Open,Free}BSD. # With non-standard storeDir: https://github.com/NixOS/nix/issues/512 # On aarch64+musl, test-init.sh fails due to a segfault in diff. - doCheck = stdenv.hostPlatform == stdenv.buildPlatform - && (stdenv.hostPlatform.libc == "glibc" || stdenv.hostPlatform.isMusl) - && !(stdenv.hostPlatform.isMusl && stdenv.hostPlatform.isAarch64) + doCheck = (!isCross) + && (stdenv.hostPlatform.libc == "glibc" || stdenv.hostPlatform.libc == "musl") + && !(stdenv.hostPlatform.libc == "musl" && stdenv.hostPlatform.isAarch64) && !stdenv.isAarch32; # Prevents attempts of running 'help2man' on cross-built binaries. - PERL = if stdenv.hostPlatform == stdenv.buildPlatform then null else "missing"; + PERL = if isCross then "missing" else null; enableParallelBuilding = true; @@ -124,11 +145,11 @@ stdenv.mkDerivation (rec { # Works around a bug with 8.26: # Makefile:3440: *** Recursive variable 'INSTALL' references itself (eventually). Stop. - preInstall = optionalString (stdenv.hostPlatform != stdenv.buildPlatform) '' + preInstall = optionalString isCross '' sed -i Makefile -e 's|^INSTALL =.*|INSTALL = ${buildPackages.coreutils}/bin/install -c|' ''; - postInstall = optionalString (stdenv.hostPlatform != stdenv.buildPlatform && !minimal) '' + postInstall = optionalString (isCross && !minimal) '' rm $out/share/man/man1/* cp ${buildPackages.coreutils-full}/share/man/man1/* $out/share/man/man1 '' @@ -137,18 +158,17 @@ stdenv.mkDerivation (rec { rm -r "$out/share" ''; - meta = { + meta = with lib; { homepage = "https://www.gnu.org/software/coreutils/"; - description = "The basic file, shell and text manipulation utilities of the GNU operating system"; + description = "The GNU Core Utilities"; longDescription = '' - The GNU Core Utilities are the basic file, shell and text - manipulation utilities of the GNU operating system. These are - the core utilities which are expected to exist on every - operating system. + The GNU Core Utilities are the basic file, shell and text manipulation + utilities of the GNU operating system. These are the core utilities which + are expected to exist on every operating system. ''; license = licenses.gpl3Plus; - platforms = platforms.unix ++ platforms.windows; + maintainers = with maintainers; [ das_j ]; + platforms = with platforms; unix ++ windows; priority = 10; - maintainers = [ maintainers.das_j ]; }; -}) +} From 9e84510b815202e5c484837915e5900ea62f402e Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Sun, 19 Jun 2022 08:50:51 +0100 Subject: [PATCH 73/92] help2man: 1.49.1 -> 1.49.2 The main change is added Romanian locale. --- pkgs/development/tools/misc/help2man/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/misc/help2man/default.nix b/pkgs/development/tools/misc/help2man/default.nix index c432aaa82e1..1d25dc8c6e0 100644 --- a/pkgs/development/tools/misc/help2man/default.nix +++ b/pkgs/development/tools/misc/help2man/default.nix @@ -7,11 +7,11 @@ stdenv.mkDerivation rec { pname = "help2man"; - version = "1.49.1"; + version = "1.49.2"; src = fetchurl { url = "mirror://gnu/${pname}/${pname}-${version}.tar.xz"; - sha256 = "sha256-/ZmmZOxL6ahqDdiXGZifFPNnqcB5110OHXHhinu1GwM="; + sha256 = "sha256-ni4OITp+CjYkTu1iBNkCtlBGAqV4tuzRUmixRU3q3TY="; }; strictDeps = true; From e4515da3c236d9e17f564cdae130e15efb8eb2e2 Mon Sep 17 00:00:00 2001 From: Nick Cao Date: Tue, 14 Jun 2022 11:04:55 +0800 Subject: [PATCH 74/92] buildGoModule: passing CGO_ENABLED explicitly --- pkgs/development/go-modules/generic/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pkgs/development/go-modules/generic/default.nix b/pkgs/development/go-modules/generic/default.nix index 7cab5d38c7b..b0c587ea471 100644 --- a/pkgs/development/go-modules/generic/default.nix +++ b/pkgs/development/go-modules/generic/default.nix @@ -39,6 +39,8 @@ # IE: programs coupled with the compiler , allowGoReference ? false +, CGO_ENABLED ? go.CGO_ENABLED + , meta ? {} # Not needed with buildGoModule @@ -141,6 +143,7 @@ let GO111MODULE = "on"; GOFLAGS = lib.optionals (!proxyVendor) [ "-mod=vendor" ] ++ lib.optionals (!allowGoReference) [ "-trimpath" ]; + inherit CGO_ENABLED; configurePhase = args.configurePhase or '' runHook preConfigure From 4618729d68d7542b69974b9d1d4f3d66f835c060 Mon Sep 17 00:00:00 2001 From: Luke Worth Date: Mon, 20 Jun 2022 14:22:41 +1000 Subject: [PATCH 75/92] aws-sam-translator: 1.42.0 -> 1.46.0 --- .../python-modules/aws-sam-translator/default.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/aws-sam-translator/default.nix b/pkgs/development/python-modules/aws-sam-translator/default.nix index ca01e35a3c5..1f0a38584d5 100644 --- a/pkgs/development/python-modules/aws-sam-translator/default.nix +++ b/pkgs/development/python-modules/aws-sam-translator/default.nix @@ -5,6 +5,7 @@ , jsonschema , mock , parameterized +, pytest-env , pytestCheckHook , pythonOlder , pyyaml @@ -13,7 +14,7 @@ buildPythonPackage rec { pname = "aws-sam-translator"; - version = "1.42.0"; + version = "1.46.0"; format = "setuptools"; disabled = pythonOlder "3.6"; @@ -22,7 +23,7 @@ buildPythonPackage rec { owner = "aws"; repo = "serverless-application-model"; rev = "v${version}"; - sha256 = "sha256-pjcRsmxPL4lbgDopW+wKQRkRcqebLPTd95JTL8PiWtc="; + sha256 = "sha256-SLGxpRbTuK+Lxww45dfHIMwwxV5vhlnYyG4WqG45aNg="; }; propagatedBuildInputs = [ @@ -41,6 +42,7 @@ buildPythonPackage rec { checkInputs = [ mock parameterized + pytest-env pytestCheckHook pyyaml ]; From b1cc6afe11cd643797cdf79168e0cd709eba164b Mon Sep 17 00:00:00 2001 From: Luke Worth Date: Mon, 20 Jun 2022 14:29:49 +1000 Subject: [PATCH 76/92] aws-sam-cli: 1.37.0 -> 1.52.0 --- .../development/tools/aws-sam-cli/default.nix | 14 ++++++++++--- .../tools/aws-sam-cli/support-click-8-1.patch | 21 +++++++++++++++++++ 2 files changed, 32 insertions(+), 3 deletions(-) create mode 100644 pkgs/development/tools/aws-sam-cli/support-click-8-1.patch diff --git a/pkgs/development/tools/aws-sam-cli/default.nix b/pkgs/development/tools/aws-sam-cli/default.nix index c4fdb203c34..af2685681f1 100644 --- a/pkgs/development/tools/aws-sam-cli/default.nix +++ b/pkgs/development/tools/aws-sam-cli/default.nix @@ -5,11 +5,11 @@ python3.pkgs.buildPythonApplication rec { pname = "aws-sam-cli"; - version = "1.37.0"; + version = "1.52.0"; src = python3.pkgs.fetchPypi { inherit pname version; - hash = "sha256-XE3g2mKwAiaJvi0ShVScnCKrmz7ujaQgOeFXuYwtP4g="; + hash = "sha256-ldr0X+I5+Nfb+WBDOe0m202WOuccGUI5HFL3fpbBNPo="; }; propagatedBuildInputs = with python3.pkgs; [ @@ -36,15 +36,23 @@ python3.pkgs.buildPythonApplication rec { wrapProgram $out/bin/sam --set SAM_CLI_TELEMETRY 0 ''; + patches = [ + # Click 8.1 removed `get_terminal_size`, recommending + # `shutil.get_terminal_size` instead. + # (https://github.com/pallets/click/pull/2130) + ./support-click-8-1.patch + ]; + # fix over-restrictive version bounds postPatch = '' substituteInPlace requirements/base.txt \ --replace "aws_lambda_builders==" "aws-lambda-builders #" \ - --replace "click~=7.1" "click~=8.0" \ + --replace "click~=7.1" "click~=8.1" \ --replace "dateparser~=1.0" "dateparser>=0.7" \ --replace "docker~=4.2.0" "docker>=4.2.0" \ --replace "Flask~=1.1.2" "Flask~=2.0" \ --replace "jmespath~=0.10.0" "jmespath" \ + --replace "MarkupSafe==2.0.1" "MarkupSafe #" \ --replace "PyYAML~=5.3" "PyYAML #" \ --replace "regex==" "regex #" \ --replace "requests==" "requests #" \ diff --git a/pkgs/development/tools/aws-sam-cli/support-click-8-1.patch b/pkgs/development/tools/aws-sam-cli/support-click-8-1.patch new file mode 100644 index 00000000000..dc7af080ac6 --- /dev/null +++ b/pkgs/development/tools/aws-sam-cli/support-click-8-1.patch @@ -0,0 +1,21 @@ +diff --git a/samcli/commands/_utils/table_print.py b/samcli/commands/_utils/table_print.py +index de63af29..a9d0f2fe 100644 +--- a/samcli/commands/_utils/table_print.py ++++ b/samcli/commands/_utils/table_print.py +@@ -7,6 +7,7 @@ from functools import wraps + from typing import Sized + + import click ++import shutil + + MIN_OFFSET = 20 + +@@ -30,7 +31,7 @@ def pprint_column_names( + + def pprint_wrap(func): + # Calculate terminal width, number of columns in the table +- width, _ = click.get_terminal_size() ++ width, _ = shutil.get_terminal_size() + # For UX purposes, set a minimum width for the table to be usable + # and usable_width keeps margins in mind. + width = max(width, min_width) From a25847ddaa967ef6f5ba39a4637f5501f508c0b6 Mon Sep 17 00:00:00 2001 From: Luke Worth Date: Mon, 20 Jun 2022 17:22:12 +1000 Subject: [PATCH 77/92] awscli2: 2.7.8 -> 2.7.9 --- pkgs/tools/admin/awscli2/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkgs/tools/admin/awscli2/default.nix b/pkgs/tools/admin/awscli2/default.nix index 305a1e719f5..d772d1d16e4 100644 --- a/pkgs/tools/admin/awscli2/default.nix +++ b/pkgs/tools/admin/awscli2/default.nix @@ -29,7 +29,7 @@ let in with py.pkgs; buildPythonApplication rec { pname = "awscli2"; - version = "2.7.8"; # N.B: if you change this, check if overrides are still up-to-date + version = "2.7.9"; # N.B: if you change this, check if overrides are still up-to-date src = fetchFromGitHub { owner = "aws"; @@ -67,6 +67,7 @@ with py.pkgs; buildPythonApplication rec { postPatch = '' substituteInPlace setup.cfg \ --replace "colorama>=0.2.5,<0.4.4" "colorama" \ + --replace "cryptography>=3.3.2,<37.0.0" "cryptography" \ --replace "docutils>=0.10,<0.16" "docutils" \ --replace "ruamel.yaml>=0.15.0,<0.16.0" "ruamel.yaml" \ --replace "wcwidth<0.2.0" "wcwidth" \ From 90a8d6809b0f9053e1b12d8e96dc27cc4ad49d53 Mon Sep 17 00:00:00 2001 From: Kevin Amado Date: Mon, 20 Jun 2022 16:46:12 -0600 Subject: [PATCH 78/92] sphinx: remove whitespace from phase - This whitespace causes a derivation diff after formatting the file and therefore affects reproducibility --- pkgs/development/python-modules/sphinx/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/python-modules/sphinx/default.nix b/pkgs/development/python-modules/sphinx/default.nix index 753b3b6c377..40f17f10cfc 100644 --- a/pkgs/development/python-modules/sphinx/default.nix +++ b/pkgs/development/python-modules/sphinx/default.nix @@ -52,7 +52,7 @@ buildPythonPackage rec { substituteInPlace setup.py \ --replace "docutils>=0.14,<0.18" "docutils>=0.14" - # remove impurity caused by date inclusion + # remove impurity caused by date inclusion # https://github.com/sphinx-doc/sphinx/blob/master/setup.cfg#L4-L6 substituteInPlace setup.cfg \ --replace "tag_build = .dev" "" \ From d0177347d8e700b9f833a24e6d5ae7bfc98320f2 Mon Sep 17 00:00:00 2001 From: Bernardo Meurer Date: Mon, 20 Jun 2022 16:02:33 -0400 Subject: [PATCH 79/92] python3Packages.uharfbuzz: fix on Darwin --- pkgs/development/python-modules/uharfbuzz/default.nix | 6 +++++- pkgs/top-level/python-packages.nix | 4 +++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/uharfbuzz/default.nix b/pkgs/development/python-modules/uharfbuzz/default.nix index f545acb9761..a2fb2940b80 100644 --- a/pkgs/development/python-modules/uharfbuzz/default.nix +++ b/pkgs/development/python-modules/uharfbuzz/default.nix @@ -6,6 +6,7 @@ , cython , setuptools-scm , pytestCheckHook +, ApplicationServices }: buildPythonPackage rec { @@ -31,6 +32,10 @@ buildPythonPackage rec { setuptools-scm ]; + buildInputs = [ + ApplicationServices + ]; + checkInputs = [ pytestCheckHook ]; @@ -42,6 +47,5 @@ buildPythonPackage rec { homepage = "https://github.com/harfbuzz/uharfbuzz"; license = licenses.asl20; maintainers = with maintainers; [ wolfangaukang ]; - broken = stdenv.isDarwin; }; } diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 1692b130b44..ec67b692b4a 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -10843,7 +10843,9 @@ in { ueagle = callPackage ../development/python-modules/ueagle { }; - uharfbuzz = callPackage ../development/python-modules/uharfbuzz { }; + uharfbuzz = callPackage ../development/python-modules/uharfbuzz { + inherit (pkgs.darwin.apple_sdk.frameworks) ApplicationServices; + }; ujson = callPackage ../development/python-modules/ujson { }; From 0c213829222e20c83eb2044c36ff205854a583b9 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Tue, 21 Jun 2022 17:57:43 +0200 Subject: [PATCH 80/92] openssl_1_1: 1.1.1o -> 1.1.1p Fixes additional sanitization issues in the c_rehash script. https://mta.openssl.org/pipermail/openssl-announce/2022-June/000226.html Fixes: CVE-2022-2068 --- pkgs/development/libraries/openssl/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix index a0506dda1f6..a14615b878b 100644 --- a/pkgs/development/libraries/openssl/default.nix +++ b/pkgs/development/libraries/openssl/default.nix @@ -186,8 +186,8 @@ in { openssl_1_1 = common rec { - version = "1.1.1o"; - sha256 = "sha256-k4SisFcN2ANYhBRkZ3EV33he25QccSEfdQdtcv5rQ48="; + version = "1.1.1p"; + sha256 = "sha256-v2G2Kqpmx8djmUKpTeTJroKAwI8X1OrC5EZE2fyKzm8="; patches = [ ./1.1/nix-ssl-cert-file.patch From deb8ef11623db2127133293642a8719f71f76b82 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Tue, 21 Jun 2022 17:57:43 +0200 Subject: [PATCH 81/92] openssl_3_0: 3.0.3 -> 3.0.4 Fixes additional sanitization issues in the c_rehash script. https://mta.openssl.org/pipermail/openssl-announce/2022-June/000227.html Fixes: CVE-2022-2068 --- pkgs/development/libraries/openssl/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix index a14615b878b..8f940b69256 100644 --- a/pkgs/development/libraries/openssl/default.nix +++ b/pkgs/development/libraries/openssl/default.nix @@ -201,8 +201,8 @@ in { }; openssl_3_0 = common { - version = "3.0.3"; - sha256 = "sha256-7gB4rc7x3l8APGLIDMllJ3IWCcbzu0K3eV3zH4tVjAs="; + version = "3.0.4"; + sha256 = "sha256-KDGEPppmigq0eOcCCtY9LWXlH3KXdHLcc+/O+6/AwA8="; patches = [ ./3.0/nix-ssl-cert-file.patch From 9b42f641b861f32b2947af415ac70918a8bb0dcc Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Tue, 21 Jun 2022 21:30:26 +0100 Subject: [PATCH 82/92] autoconf264: fix depends for strictDeps = true Without the change `config.strictDepsByDefault = true` fails build as: checking for GNU M4 that supports accurate traces... configure: error: no acceptable m4 could be found in $PATH. --- pkgs/development/tools/misc/autoconf/2.64.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkgs/development/tools/misc/autoconf/2.64.nix b/pkgs/development/tools/misc/autoconf/2.64.nix index 8c6e104e11b..daf026dc3a5 100644 --- a/pkgs/development/tools/misc/autoconf/2.64.nix +++ b/pkgs/development/tools/misc/autoconf/2.64.nix @@ -9,7 +9,9 @@ stdenv.mkDerivation rec { sha256 = "0j3jdjpf5ly39dlp0bg70h72nzqr059k0x8iqxvaxf106chpgn9j"; }; - buildInputs = [ m4 perl ]; + strictDeps = true; + nativeBuildInputs = [ m4 perl ]; + buildInputs = [ m4 ]; # Work around a known issue in Cygwin. See # http://thread.gmane.org/gmane.comp.sysutils.autoconf.bugs/6822 for From 6f0fb013cd327f7bc1aad0a46e0afd5181093309 Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Tue, 21 Jun 2022 22:35:35 +0100 Subject: [PATCH 83/92] gumbo: fix depends for strictDeps = true Without the change `config.strictDepsByDefault = true` fails build as: configuring libtoolize ./autogen.sh: line 29: libtoolize: not found --- pkgs/development/libraries/gumbo/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/gumbo/default.nix b/pkgs/development/libraries/gumbo/default.nix index 0948b5d01fa..b8cfef1f324 100644 --- a/pkgs/development/libraries/gumbo/default.nix +++ b/pkgs/development/libraries/gumbo/default.nix @@ -11,8 +11,8 @@ stdenv.mkDerivation rec { sha256 = "0xslckwdh2i0g2qjsb6rnm8mjmbagvziz0hjlf7d1lbljfms1iw1"; }; - nativeBuildInputs = [ autoconf automake ]; - buildInputs = [ libtool ]; + strictDeps = true; + nativeBuildInputs = [ autoconf automake libtool ]; preConfigure = "./autogen.sh"; From 3ca9a6d773f709cbb88b8bc02c916ca837e3972f Mon Sep 17 00:00:00 2001 From: Sergei Trofimovich Date: Tue, 21 Jun 2022 22:44:46 +0100 Subject: [PATCH 84/92] automake111x: fix depends for strictDeps = true Without the change `config.strictDepsByDefault = true` fails build as: checking for perl... no configure: error: perl not found --- pkgs/development/tools/misc/automake/automake-1.11.x.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkgs/development/tools/misc/automake/automake-1.11.x.nix b/pkgs/development/tools/misc/automake/automake-1.11.x.nix index 02d9f4c4872..4f9a92d362b 100644 --- a/pkgs/development/tools/misc/automake/automake-1.11.x.nix +++ b/pkgs/development/tools/misc/automake/automake-1.11.x.nix @@ -18,7 +18,9 @@ stdenv.mkDerivation rec { patches = [ ./fix-test-autoconf-2.69.patch ./fix-perl-5.26.patch ]; - buildInputs = [ perl autoconf ]; + strictDeps = true; + nativeBuildInputs = [ perl autoconf ]; + buildInputs = [ autoconf ]; # Disable indented log output from Make, otherwise "make.test" will # fail. From a4afd6aa1e0120a1867b601e301e3c0132c13f64 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= Date: Tue, 21 Jun 2022 00:19:25 +0000 Subject: [PATCH 85/92] python310Packages.bottle: 0.12.19 -> 0.12.21 fixes CVE-2022-31799 --- .../python-modules/bottle/default.nix | 29 +++++++++++++++---- 1 file changed, 23 insertions(+), 6 deletions(-) diff --git a/pkgs/development/python-modules/bottle/default.nix b/pkgs/development/python-modules/bottle/default.nix index eeaf34a44eb..6532312ab71 100644 --- a/pkgs/development/python-modules/bottle/default.nix +++ b/pkgs/development/python-modules/bottle/default.nix @@ -1,21 +1,38 @@ -{ lib, buildPythonPackage, fetchPypi, setuptools }: +{ lib +, buildPythonPackage +, fetchPypi +, pytestCheckHook +}: buildPythonPackage rec { pname = "bottle"; - version = "0.12.19"; + version = "0.12.21"; + + format = "setuptools"; src = fetchPypi { inherit pname version; - sha256 = "a9d73ffcbc6a1345ca2d7949638db46349f5b2b77dac65d6494d45c23628da2c"; + sha256 = "787c61b6cc02b9c229bf2663011fac53dd8fc197f7f8ad2eeede29d888d7887e"; }; - propagatedBuildInputs = [ setuptools ]; + checkInputs = [ + pytestCheckHook + ]; + + preCheck = '' + cd test + ''; + + disabledTests = [ + "test_delete_cookie" + "test_error" + "test_error_in_generator_callback" + ]; meta = with lib; { - homepage = "http://bottlepy.org"; + homepage = "https://bottlepy.org/"; description = "A fast and simple micro-framework for small web-applications"; license = licenses.mit; - platforms = platforms.all; maintainers = with maintainers; [ koral ]; }; } From 97bf76b3b370e5031b38cd6e33009b43e067c5aa Mon Sep 17 00:00:00 2001 From: Adam Joseph Date: Wed, 22 Jun 2022 12:46:22 -0700 Subject: [PATCH 86/92] setup.sh: use six `X` characters in `mktemp` invocation Closes #178625 The `busybox` version of `mktemp` requires exactly six `X` characters in the argument to `mktemp`, unlike the `coreutils` version of `mktemp`. Let's accomodate packages, like `epson-escpr2`, which fool `setup.sh` into using the `busybox` version instead of the `stdenv` version. --- pkgs/stdenv/generic/setup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/stdenv/generic/setup.sh b/pkgs/stdenv/generic/setup.sh index 40ffd9344e3..488540c1b44 100644 --- a/pkgs/stdenv/generic/setup.sh +++ b/pkgs/stdenv/generic/setup.sh @@ -1026,7 +1026,7 @@ configurePhase() { # scripts with vendored libtool code. Preserve mtimes to # prevent some packages (e.g. libidn2) from spontaneously # autoreconf'ing themselves - CONFIGURE_MTIME_REFERENCE=$(mktemp configure.mtime.reference.XXX) + CONFIGURE_MTIME_REFERENCE=$(mktemp configure.mtime.reference.XXXXXX) find . \ -executable \ -type f \ From f344b4da35e5807895739f952c25f0f296e93d70 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Thu, 23 Jun 2022 09:13:57 +0200 Subject: [PATCH 87/92] gnutls: 3.7.3 -> 3.7.6 https://lists.gnupg.org/pipermail/gnutls-help/2022-March/004738.html https://lists.gnupg.org/pipermail/gnutls-help/2022-May/004743.html https://lists.gnupg.org/pipermail/gnutls-help/2022-May/004744.html --- pkgs/development/libraries/gnutls/default.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/gnutls/default.nix b/pkgs/development/libraries/gnutls/default.nix index 627e5f46f72..4b615412755 100644 --- a/pkgs/development/libraries/gnutls/default.nix +++ b/pkgs/development/libraries/gnutls/default.nix @@ -6,6 +6,7 @@ , tpmSupport ? false, trousers, which, nettools, libunistring , withP11-kit ? !stdenv.hostPlatform.isStatic, p11-kit , withSecurity ? false, Security # darwin Security.framework +# certificate compression - only zlib now, more possible: zstd, brotli }: assert guileBindings -> guile != null; @@ -21,11 +22,11 @@ in stdenv.mkDerivation rec { pname = "gnutls"; - version = "3.7.3"; + version = "3.7.6"; src = fetchurl { url = "mirror://gnupg/gnutls/v${lib.versions.majorMinor version}/gnutls-${version}.tar.xz"; - sha256 = "16n4yvw3792gcdxkikjmhddr6cbs4wlk027zfxlhmchsqcxw8ngw"; + sha256 = "1zv2097v9f6f4c66q7yn3c6gggjk9jz38095ma7v3gs5lccmf1kp"; }; outputs = [ "bin" "dev" "out" "man" "devdoc" ]; From 6e20d752b65bf1ec89377bc5be12fef7bcace381 Mon Sep 17 00:00:00 2001 From: 06kellyjac Date: Thu, 23 Jun 2022 14:45:10 +0100 Subject: [PATCH 88/92] python310Packages.pip: 22.0.4 -> 22.1.2 --- pkgs/development/python-modules/pip/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/pip/default.nix b/pkgs/development/python-modules/pip/default.nix index 239c91fb88a..9956b6038d1 100644 --- a/pkgs/development/python-modules/pip/default.nix +++ b/pkgs/development/python-modules/pip/default.nix @@ -14,14 +14,14 @@ buildPythonPackage rec { pname = "pip"; - version = "22.0.4"; + version = "22.1.2"; format = "other"; src = fetchFromGitHub { owner = "pypa"; repo = pname; rev = version; - sha256 = "sha256-gtDaopeFVpVFXpBtHDzBuZuXUrJciSSIppYXBx1anu4="; + sha256 = "sha256-Id/oz0e59WWpafR1cIYIogvOgxKGKVqrwNON32BU9zU="; name = "${pname}-${version}-source"; }; From 66528a4ae5fb5c88243e0557ea0a67c0a1b142db Mon Sep 17 00:00:00 2001 From: Bernardo Meurer Date: Thu, 23 Jun 2022 16:14:22 -0400 Subject: [PATCH 89/92] python3Packages.uharfbuzz: only add ApplicationServices if stdenv.isDarwin --- pkgs/development/python-modules/uharfbuzz/default.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/pkgs/development/python-modules/uharfbuzz/default.nix b/pkgs/development/python-modules/uharfbuzz/default.nix index a2fb2940b80..ac0fd9fb66b 100644 --- a/pkgs/development/python-modules/uharfbuzz/default.nix +++ b/pkgs/development/python-modules/uharfbuzz/default.nix @@ -32,9 +32,7 @@ buildPythonPackage rec { setuptools-scm ]; - buildInputs = [ - ApplicationServices - ]; + buildInputs = lib.optionals stdenv.isDarwin [ ApplicationServices ]; checkInputs = [ pytestCheckHook From 672046dceb4737bc0a0b303f2cda4c041480b2b6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Sun, 26 Jun 2022 08:56:24 +0200 Subject: [PATCH 90/92] gnutls: enable Security framework on darwin (PR #179078) Otherwise the builds started to fail since the last bump: https://hydra.nixos.org/build/181462581 https://hydra.nixos.org/build/181520558 --- pkgs/development/libraries/gnutls/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/libraries/gnutls/default.nix b/pkgs/development/libraries/gnutls/default.nix index 4b615412755..e45fa022b7d 100644 --- a/pkgs/development/libraries/gnutls/default.nix +++ b/pkgs/development/libraries/gnutls/default.nix @@ -5,7 +5,7 @@ , guileBindings ? config.gnutls.guile or false, guile , tpmSupport ? false, trousers, which, nettools, libunistring , withP11-kit ? !stdenv.hostPlatform.isStatic, p11-kit -, withSecurity ? false, Security # darwin Security.framework +, withSecurity ? true, Security # darwin Security.framework # certificate compression - only zlib now, more possible: zstd, brotli }: From 8fb70dee32dc0cf86d04b1ae477c0a4ba9a27652 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Mon, 27 Jun 2022 09:51:49 +0200 Subject: [PATCH 91/92] gnutls: [darwin] propagate the security framework (#179298) https://hydra.nixos.org/build/181628152 https://hydra.nixos.org/build/181629306 --- pkgs/development/libraries/gnutls/default.nix | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/gnutls/default.nix b/pkgs/development/libraries/gnutls/default.nix index e45fa022b7d..f6c6aca19a2 100644 --- a/pkgs/development/libraries/gnutls/default.nix +++ b/pkgs/development/libraries/gnutls/default.nix @@ -36,6 +36,8 @@ stdenv.mkDerivation rec { patches = [ ./nix-ssl-cert-file.patch ] # Disable native add_system_trust. + # FIXME: apparently it's not enough to drop the framework anymore; maybe related to + # https://gitlab.com/gnutls/gnutls/-/commit/c19cb93d492e45141bfef9b926dfeba36003261c ++ lib.optional (isDarwin && !withSecurity) ./no-security-framework.patch; # Skip some tests: @@ -74,7 +76,6 @@ stdenv.mkDerivation rec { buildInputs = [ lzo lzip libtasn1 libidn2 zlib gmp libunistring unbound gettext libiconv ] ++ lib.optional (withP11-kit) p11-kit - ++ lib.optional (isDarwin && withSecurity) Security ++ lib.optional (tpmSupport && stdenv.isLinux) trousers ++ lib.optional guileBindings guile; @@ -82,7 +83,9 @@ stdenv.mkDerivation rec { ++ lib.optionals (isDarwin && !withSecurity) [ autoconf automake ] ++ lib.optionals doCheck [ which nettools util-linux ]; - propagatedBuildInputs = [ nettle ]; + propagatedBuildInputs = [ nettle ] + # Builds dynamically linking against gnutls seem to need the framework now. + ++ lib.optional (isDarwin && withSecurity) Security; inherit doCheck; # stdenv's `NIX_SSL_CERT_FILE=/no-cert-file.crt` breaks tests. From 9790d255837a5117e8f52cbaf93d2cabb57e1971 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Mon, 27 Jun 2022 12:14:59 +0200 Subject: [PATCH 92/92] home-assistant: relax requests --- pkgs/servers/home-assistant/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/servers/home-assistant/default.nix b/pkgs/servers/home-assistant/default.nix index b1b731642b8..ee069f19b05 100644 --- a/pkgs/servers/home-assistant/default.nix +++ b/pkgs/servers/home-assistant/default.nix @@ -213,6 +213,7 @@ in python.pkgs.buildPythonApplication rec { "cryptography" "httpx" "PyJWT" + "requests" ]; in '' sed -r -i \