b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge pull request #160417 from steinybot/fix/iterm2-signing

Browse source
This commit is contained in:
Sandro 2022-03-12 00:58:16 +01:00 committed by GitHub
parent 9afbaab4d2 829ef15879
commit 14260bb7ba
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 35 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
maintainers/maintainer-list.nix
View file

@ -11682,6 +11682,17 @@
githubId = 55607356; githubId = 55607356;
name = "Stephan Heßelmann"; name = "Stephan Heßelmann";
}; };
steinybot = {
name = "Jason Pickens";
email = "jasonpickensnz@gmail.com";
matrix = "@steinybot:matrix.org";
github = "steinybot";
githubId = 4659562;
keys = [{
longkeyid = "ed25519/0x21DE1CAE59762A0F";
fingerprint = "2709 1DEC CC42 4635 4299 569C 21DE 1CAE 5976 2A0F";
}];
};
stelcodes = { stelcodes = {
email = "stel@stel.codes"; email = "stel@stel.codes";
github = "stelcodes"; github = "stelcodes";

54
pkgs/applications/terminal-emulators/iterm2/default.nix
View file

@ -1,48 +1,42 @@
{ lib, stdenvNoCC, fetchFromGitHub }: { fetchzip, lib, stdenvNoCC }:
/* /*
This derivation is impure: it relies on an Xcode toolchain being installed This cannot be built from source as it requires entitlements and
and available in the expected place. The values of sandboxProfile for that it needs to be code signed. Automatic updates will have
are copied pretty directly from the MacVim derivation, which to be disabled via preferences instead of at build time. To do
is also impure. In order to build you at least need the `sandbox` that edit $HOME/Library/Preferences/com.googlecode.iterm2.plist
option set to `relaxed` or `false`. and add:
SUEnableAutomaticChecks = 0;
*/ */
stdenvNoCC.mkDerivation rec { stdenvNoCC.mkDerivation rec {
pname = "iterm2"; pname = "iterm2";
version = "3.4.14"; version = "3.4.15";
src = fetchFromGitHub { src = fetchzip {
owner = "gnachman"; url = "https://iterm2.com/downloads/stable/iTerm2-${lib.replaceStrings ["."] ["_"] version}.zip";
repo = "iTerm2"; sha256 = "sha256-ZE/uYBKB2popdIdZWA8AvyJiwMzt32u6u/H/AyNcoVo=";
rev = "v${version}";
sha256 = "sha256-sDCnBO7xDpecu2cSjpHwync2DVsj9EKUmgpqEVLtxRM=";
}; };
patches = [ ./disable_updates.patch ];
postPatch = ''
sed -i -e 's/CODE_SIGN_IDENTITY = "Developer ID Application"/CODE_SIGN_IDENTITY = ""/g' ./iTerm2.xcodeproj/project.pbxproj
'';
preConfigure = "LD=$CC";
makeFlagsArray = ["Nix"];
installPhase = '' installPhase = ''
mkdir -p $out/Applications runHook preInstall
mv Build/Products/Deployment/iTerm2.app $out/Applications/iTerm.app APP_DIR="$out/Applications/iTerm2.app"
''; mkdir -p "$APP_DIR"
cp -r . "$APP_DIR"
sandboxProfile = '' mkdir -p "$out/bin"
(allow file-read* file-write* process-exec mach-lookup) cat << EOF > "$out/bin/iterm2"
; block homebrew dependencies #!${stdenvNoCC.shell}
(deny file-read* file-write* process-exec mach-lookup (subpath "/usr/local") (with no-log)) open -na "$APP_DIR" --args "$@"
EOF
chmod +x "$out/bin/iterm2"
runHook postInstall
''; '';
meta = with lib; { meta = with lib; {
description = "A replacement for Terminal and the successor to iTerm"; description = "A replacement for Terminal and the successor to iTerm";
homepage = "https://www.iterm2.com/"; homepage = "https://www.iterm2.com/";
license = licenses.gpl2; license = licenses.gpl2;
maintainers = with maintainers; [ tricktron ]; maintainers = with maintainers; [ steinybot tricktron ];
platforms = platforms.darwin; platforms = [ "x86_64-darwin" "aarch64-darwin" ];
hydraPlatforms = [];
}; };
} }