b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge master into staging-next

Browse source
This commit is contained in:
Frederik Rietdijk 2022-01-17 16:10:06 +01:00
parent 0eee7ee8c8 1caf78f4bf
commit 4d125692e5
38 changed files with 305 additions and 112 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
maintainers/maintainer-list.nix
View file

@ -9820,6 +9820,13 @@
githubId = 1016742;
name = "Rafael García";
};
raitobezarius = {
email = "ryan@lahfa.xyz";
matrix = "@raitobezarius:matrix.org";
github = "RaitoBezarius";
githubId = 314564;
name = "Ryan Lahfa";
};
raquelgb = {
email = "raquel.garcia.bautista@gmail.com";
github = "raquelgb";

25
nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
View file

@ -542,6 +542,31 @@
<literal>programs.starship.settings</literal>.
</para>
</listitem>
<listitem>
<para>
The <literal>zrepl</literal> package has been updated from
0.4.0 to 0.5:
</para>
<itemizedlist spacing="compact">
<listitem>
<para>
The RPC protocol version was bumped; all zrepl daemons in
a setup must be updated and restarted before replication
can resume.
</para>
</listitem>
<listitem>
<para>
A bug involving encrypt-on-receive has been fixed. Read
the
<link xlink:href="https://zrepl.github.io/configuration/sendrecvoptions.html#job-recv-options-placeholder">zrepl
documentation</link> and check the output of
<literal>zfs get -r encryption,zrepl:placeholder PATH_TO_ROOTFS</literal>
on the receiver.
</para>
</listitem>
</itemizedlist>
</listitem>
</itemizedlist>
</section>
</section>

4
nixos/doc/manual/release-notes/rl-2205.section.md
View file

@ -189,3 +189,7 @@ In addition to numerous new and upgraded packages, this release has the followin
- A new module was added for the [Starship](https://starship.rs/) shell prompt,
providing the options `programs.starship.enable` and `programs.starship.settings`.
- The `zrepl` package has been updated from 0.4.0 to 0.5:
* The RPC protocol version was bumped; all zrepl daemons in a setup must be updated and restarted before replication can resume.
* A bug involving encrypt-on-receive has been fixed. Read the [zrepl documentation](https://zrepl.github.io/configuration/sendrecvoptions.html#job-recv-options-placeholder) and check the output of `zfs get -r encryption,zrepl:placeholder PATH_TO_ROOTFS` on the receiver.

11
pkgs/applications/audio/aumix/default.nix
View file

@ -1,6 +1,7 @@
{ lib
, stdenv
, fetchurl
, fetchpatch
, gettext
, ncurses
, gtkGUI ? false
@ -17,6 +18,16 @@ stdenv.mkDerivation rec {
sha256 = "0a8fwyxnc5qdxff8sl2sfsbnvgh6pkij4yafiln0fxgg6bal7knj";
};
patches = [
# Pull Gentoo fix for -fno-common toolchains. Upstream does not
# seem to have the contacts
(fetchpatch {
name = "fno-common.patch";
url = "https://gitweb.gentoo.org/repo/gentoo.git/plain/media-sound/aumix/files/aumix-2.9.1-fno-common.patch?id=496c9ec7355f06f6d1d19be780a6981503e6df1f";
sha256 = "0qwylhx1hawsmx1pc7ykrjq9phksc73dq9rss6ggq15n3ggnc95y";
})
];
buildInputs = [ gettext ncurses ]
++ lib.optionals gtkGUI [ pkg-config gtk2 ];

2
pkgs/applications/misc/auto-multiple-choice/default.nix
View file

@ -82,7 +82,7 @@ stdenv.mkDerivation rec {
XMLWriter
]}:"$out/share/perl5 \
--prefix XDG_DATA_DIRS : "$out/share" \
--set TEXINPUTS ":.:$out/share/texmf/tex/latex/AMC"
--set TEXINPUTS ":.:$out/tex/latex"
'';
nativeBuildInputs = [

6
pkgs/applications/networking/cluster/tanka/default.nix
View file

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "tanka";
version = "0.17.3";
version = "0.19.0";
src = fetchFromGitHub {
owner = "grafana";
repo = pname;
rev = "v${version}";
sha256 = "sha256-Khu6ovtcXkqqt3W4OoJ09INgv80tw/6uDcJS+jt3y0Y=";
sha256 = "sha256-SMPStxqzoeooBoqUJdFK6Zg3dzbNHrB/tv8iwa8GdbM=";
};
vendorSha256 = "sha256-vpm2y/CxRNWkz6+AOMmmZH5AjRQWAa6WD5Fnx5lqJYw=";
vendorSha256 = "sha256-pqwdxFFcATfxGmz6quIH8OL4U2DZKmuVyOLEct2nBlE=";
doCheck = false;

6
pkgs/applications/science/logic/lean/default.nix
View file

@ -2,7 +2,7 @@
stdenv.mkDerivation rec {
pname = "lean";
version = "3.37.0";
version = "3.38.0";
src = fetchFromGitHub {
owner = "leanprover-community";
@ -11,8 +11,8 @@ stdenv.mkDerivation rec {
# from. this is then used to check whether an olean file should be
# rebuilt. don't use a tag as rev because this will get replaced into
# src/githash.h.in in preConfigure.
rev = "e69ab934262eb6f141344fdaec98ede68a9102b6";
sha256 = "19sigzbrdl90jqk7lvl3q8j6n4nnidzwp9zzmzgq3zxxgywa2ghp";
rev = "a8cf8a0c9ea19a633baeb3aa7e8d706b86c2c0f9";
sha256 = "14dam91pnn266fgii5c2j5p9p2i31bghx0s2h3qnnqyvxi4s5isx";
};
nativeBuildInputs = [ cmake ];

10
pkgs/desktops/pantheon/apps/elementary-camera/default.nix
View file

@ -1,6 +1,7 @@
{ lib
, stdenv
, fetchFromGitHub
, fetchpatch
, nix-update-script
, pkg-config
, meson
@ -34,6 +35,15 @@ stdenv.mkDerivation rec {
sha256 = "sha256-xIv+mOlZV58XD0Z6Vc2wA1EQUxT5BaQ0zhYc9v+ne1w=";
};
patches = [
# Fix build with meson 0.61
# https://github.com/elementary/camera/pull/216
(fetchpatch {
url = "https://github.com/elementary/camera/commit/ead143b7e3246c5fa9bb37c95d491fb07cea9e04.patch";
sha256 = "sha256-2zGigUi6DpjJx8SEvAE3Q3jrm7MggOvLc72lAPMPvs4=";
})
];
nativeBuildInputs = [
appstream
desktop-file-utils

10
pkgs/desktops/pantheon/apps/elementary-code/default.nix
View file

@ -1,6 +1,7 @@
{ lib
, stdenv
, fetchFromGitHub
, fetchpatch
, nix-update-script
, pkg-config
, meson
@ -38,6 +39,15 @@ stdenv.mkDerivation rec {
sha256 = "sha256-AXmMcPj2hf33G5v3TUg+eZwaKOdVlRvoVXglMJFHRjw=";
};
patches = [
# Fix build with meson 0.61
# https://github.com/elementary/code/pull/1165
(fetchpatch {
url = "https://github.com/elementary/code/commit/a2607cce3a6b1bb62d02456456d3cbc3c6530bb0.patch";
sha256 = "sha256-VKR83IOUYsQhBRlU9JUTlMJtXWv/AyG4wDsjMU2vmU8=";
})
];
passthru = {
updateScript = nix-update-script {
attrPath = "pantheon.${pname}";

10
pkgs/desktops/pantheon/apps/elementary-files/default.nix
View file

@ -1,6 +1,7 @@
{ lib
, stdenv
, fetchFromGitHub
, fetchpatch
, nix-update-script
, pkg-config
, meson
@ -43,6 +44,15 @@ stdenv.mkDerivation rec {
sha256 = "sha256-5TSzV8MQG81aCCR8yiCPhKJaLrp/fwf4mjP32KkcbbY=";
};
patches = [
# Fix build with meson 0.61
# https://github.com/elementary/files/pull/1973
(fetchpatch {
url = "https://github.com/elementary/files/commit/28428fbda905ece59d3427a3a40e986fdf71a916.patch";
sha256 = "sha256-GZTHAH9scQWrBqdrDI14cj57f61HD8o79zFcPCXjKmc=";
})
];
nativeBuildInputs = [
desktop-file-utils
gettext

10
pkgs/desktops/pantheon/apps/elementary-mail/default.nix
View file

@ -1,6 +1,7 @@
{ lib
, stdenv
, fetchFromGitHub
, fetchpatch
, nix-update-script
, pkg-config
, meson
@ -34,6 +35,15 @@ stdenv.mkDerivation rec {
sha256 = "sha256-wOu9jvvwG53vzcNa38nk4eREZWW7Cin8el4qApQ8gI8=";
};
patches = [
# Fix build with meson 0.61
# https://github.com/elementary/mail/pull/751
(fetchpatch {
url = "https://github.com/elementary/mail/commit/bbadc56529276d8e0ff98e9df7d9bb1bf8fc5783.patch";
sha256 = "sha256-lJEnX5/G6e8PdKy1XGlwFIoCeSy6SR5p68tS4noj+44=";
})
];
nativeBuildInputs = [
appstream
desktop-file-utils

6
pkgs/desktops/pantheon/apps/elementary-music/default.nix
View file

@ -50,6 +50,12 @@ stdenv.mkDerivation rec {
url = "https://github.com/elementary/music/commit/aea97103d59afd213467403a48788e476e47c4c3.patch";
sha256 = "1ayj8l6lb19hhl9bhsdfbq7jgchfmpjx0qkljnld90czcksn95yx";
})
# Fix build with meson 0.61
# https://github.com/elementary/music/pull/674
(fetchpatch {
url = "https://github.com/elementary/music/commit/fb3d840049c1e2e0bf8fdddea378a2db647dd096.patch";
sha256 = "sha256-tQZv7hZExLqbkGXahZxDfg7bkgwCKYbDholC2zuwlNw=";
})
];
passthru = {

10
pkgs/desktops/pantheon/apps/elementary-screenshot/default.nix
View file

@ -1,6 +1,7 @@
{ lib
, stdenv
, fetchFromGitHub
, fetchpatch
, nix-update-script
, pkg-config
, meson
@ -28,6 +29,15 @@ stdenv.mkDerivation rec {
sha256 = "sha256-n+L08C/W5YnHZ5P3F1NGUYE2SH94sc4+kr1x+wXZ+cw=";
};
patches = [
# Fix build with meson 0.61
# https://github.com/elementary/screenshot/pull/241
(fetchpatch {
url = "https://github.com/elementary/screenshot/commit/80a5d942e813dd098e1ef0f6629b81d2ccef05ae.patch";
sha256 = "sha256-jOQuzUJvsjqytplLcW9BeIxzi9+/k2GFa4hHVZ3+wts=";
})
];
nativeBuildInputs = [
desktop-file-utils
meson

10
pkgs/desktops/pantheon/apps/elementary-terminal/default.nix
View file

@ -1,6 +1,7 @@
{ lib
, stdenv
, fetchFromGitHub
, fetchpatch
, nix-update-script
, pkg-config
, meson
@ -32,6 +33,15 @@ stdenv.mkDerivation rec {
sha256 = "sha256-4q7YQ4LxuiM/TRae1cc3ncmw7QwE1soC2Sh+GZ+Gpq0=";
};
patches = [
# Fix build with meson 0.61
# https://github.com/elementary/terminal/pull/649
(fetchpatch {
url = "https://github.com/elementary/terminal/commit/15e3ace08cb25e53941249fa1ee680a1e2f871b4.patch";
sha256 = "sha256-XVs+kq5qbX5KlxtkqxwJnatNYNeJiVLBec7sLjQsUxg=";
})
];
nativeBuildInputs = [
appstream
desktop-file-utils

6
pkgs/desktops/pantheon/apps/switchboard/default.nix
View file

@ -60,6 +60,12 @@ stdenv.mkDerivation rec {
url = "https://github.com/elementary/switchboard/commit/8d6b5f4cbbaf134880252afbf1e25d70033e6402.patch";
sha256 = "0gwq3wwj45jrnlhsmxfclbjw6xjr8kf6pp3a84vbnrazw76lg5nc";
})
# Fix build with meson 0.61
# https://github.com/elementary/switchboard/pull/226
(fetchpatch {
url = "https://github.com/elementary/switchboard/commit/ecf2a6c42122946cc84150f6927ef69c1f67c909.patch";
sha256 = "sha256-J62tMeDfOpliBLHMSa3uBGTc0RBNzC6eDjDBDYySL+0=";
})
];
postPatch = ''

7
pkgs/desktops/pantheon/desktop/elementary-greeter/default.nix
View file

@ -1,6 +1,7 @@
{ lib
, stdenv
, fetchFromGitHub
, fetchpatch
, nix-update-script
, linkFarm
, substituteAll
@ -90,6 +91,12 @@ stdenv.mkDerivation rec {
src = ./hardcode-fallback-background.patch;
default_wallpaper = "${nixos-artwork.wallpapers.simple-dark-gray.gnomeFilePath}";
})
# Fix build with meson 0.61
# https://github.com/elementary/greeter/pull/590
(fetchpatch {
url = "https://github.com/elementary/greeter/commit/a4b25244058fce794a9f13f6b22a8ff7735ebde9.patch";
sha256 = "sha256-qPXhdvmYG8YMDU/CjbEkfZ0glgRzxnu0TsOPtvWHxLY=";
})
];
preFixup = ''

14
pkgs/desktops/pantheon/desktop/elementary-shortcut-overlay/default.nix
View file

@ -1,6 +1,7 @@
{ lib
, stdenv
, fetchFromGitHub
, fetchpatch
, nix-update-script
, pkg-config
, meson
@ -21,15 +22,22 @@ stdenv.mkDerivation rec {
pname = "elementary-shortcut-overlay";
version = "1.2.1";
repoName = "shortcut-overlay";
src = fetchFromGitHub {
owner = "elementary";
repo = repoName;
repo = "shortcut-overlay";
rev = version;
sha256 = "sha256-qmqzGCM3cVM6y80pzjm5CCyG6BO6XlKZiODAAEnwVrM=";
};
patches = [
# Fix build with meson 0.61
# https://github.com/elementary/shortcut-overlay/pull/113
(fetchpatch {
url = "https://github.com/elementary/shortcut-overlay/commit/130f78eb4b7770586ea98ba0a5fdbbf5bb116f3f.patch";
sha256 = "sha256-XXWq9CEv3Z2B8ogcFQAJZCfy19XxNHs3c8NToE2m/aA=";
})
];
nativeBuildInputs = [
desktop-file-utils
libxml2

14
pkgs/desktops/pantheon/services/elementary-capnet-assist/default.nix
View file

@ -1,6 +1,7 @@
{ lib
, stdenv
, fetchFromGitHub
, fetchpatch
, nix-update-script
, pkg-config
, meson
@ -21,15 +22,22 @@ stdenv.mkDerivation rec {
pname = "elementary-capnet-assist";
version = "2.4.0";
repoName = "capnet-assist";
src = fetchFromGitHub {
owner = "elementary";
repo = repoName;
repo = "capnet-assist";
rev = version;
sha256 = "sha256-UdkS+w61c8z2TCJyG7YsDb0n0b2LOpFyaHzMbdCJsZI=";
};
patches = [
# Fix build with meson 0.61
# https://github.com/elementary/capnet-assist/pull/76
(fetchpatch {
url = "https://github.com/elementary/capnet-assist/commit/0e77bf8023ba1b35e3a5badb72c246cabf6552b9.patch";
sha256 = "sha256-B/KEs/TCxR+i3uQSRtWxTi2+cu0n6QLcfKCbMCvSsvs=";
})
];
nativeBuildInputs = [
desktop-file-utils
meson

1
pkgs/development/compilers/intel-graphics-compiler/default.nix
View file

@ -77,5 +77,6 @@ stdenv.mkDerivation rec {
license = licenses.mit;
platforms = platforms.all;
maintainers = with maintainers; [ gloaming ];
broken = stdenv.isDarwin; # never built on Hydra https://hydra.nixos.org/job/nixpkgs/trunk/intel-graphics-compiler.x86_64-darwin
};
}

13
pkgs/development/libraries/arrayfire/default.nix
View file

@ -1,4 +1,4 @@
{ lib, stdenv, fetchurl, fetchFromGitHub, cmake, pkg-config
{ lib, stdenv, fetchFromGitHub, cmake, pkg-config
, opencl-clhpp, ocl-icd, fftw, fftwFloat
, blas, lapack, boost, mesa, libGLU, libGL
, freeimage, python3, clfft, clblas
@ -8,11 +8,14 @@
stdenv.mkDerivation rec {
pname = "arrayfire";
version = "3.6.4";
version = "3.7.3";
src = fetchurl {
url = "http://arrayfire.com/arrayfire_source/arrayfire-full-${version}.tar.bz2";
sha256 = "1fin7a9rliyqic3z83agkpb8zlq663q6gdxsnm156cs8s7f7rc9h";
src = fetchFromGitHub {
owner = pname;
repo = pname;
rev = "v${version}";
sha256 = "0gcbg6b6gs38xhks5pp0vkcqs89zl7rh9982jqlzsd0h724qddw0";
fetchSubmodules = true;
};
cmakeFlags = [

2
pkgs/development/python-modules/build/default.nix
View file

@ -54,6 +54,8 @@ buildPythonPackage rec {
pytestFlagsArray = [
"-n"
"$NIX_BUILD_CORES"
"-W"
"ignore::DeprecationWarning"
];
disabledTests = [

8
pkgs/development/python-modules/commoncode/default.nix
View file

@ -8,6 +8,7 @@
, intbitset
, pytest-xdist
, pytestCheckHook
, pythonAtLeast
, pythonOlder
, requests
, saneyaml
@ -19,6 +20,7 @@
buildPythonPackage rec {
pname = "commoncode";
version = "30.0.0";
format = "setuptools";
disabled = pythonOlder "3.6";
@ -49,12 +51,18 @@ buildPythonPackage rec {
pytestCheckHook
pytest-xdist
];
disabledTests = lib.optionals stdenv.isDarwin [
# expected result is tailored towards the quirks of upstream's
# CI environment on darwin
"test_searchable_paths"
];
disabledTestPaths = lib.optionals (pythonAtLeast "3.10") [
# https://github.com/nexB/commoncode/issues/36
"src/commoncode/fetch.py"
];
pythonImportsCheck = [
"commoncode"
];

4
pkgs/development/python-modules/google-api-core/default.nix
View file

@ -16,14 +16,14 @@
buildPythonPackage rec {
pname = "google-api-core";
version = "2.2.2";
version = "2.4.0";
format = "setuptools";
disabled = pythonOlder "3.6";
src = fetchPypi {
inherit pname version;
sha256 = "97349cc18c2bb2415f64f1353a80273a289a61294ce3eb2f7ce682d251bdd997";
sha256 = "sha256-uoeHt8YWMs0DQPCV4cA2vvlCayWU8Qr7KQujEa6Msss=";
};
propagatedBuildInputs = [

4
pkgs/development/python-modules/google-cloud-storage/default.nix
View file

@ -13,11 +13,11 @@
buildPythonPackage rec {
pname = "google-cloud-storage";
version = "1.44.0";
version = "2.0.0";
src = fetchPypi {
inherit pname version;
sha256 = "29edbfeedd157d853049302bf5d104055c6f0cb7ef283537da3ce3f730073001";
sha256 = "sha256-pXoVrq0PnfvUOB8b/b6L+JgYpL11urhGyvzvstuEbEc=";
};
propagatedBuildInputs = [

4
pkgs/development/python-modules/google-cloud-testutils/default.nix
View file

@ -2,11 +2,11 @@
buildPythonPackage rec {
pname = "google-cloud-testutils";
version = "1.3.0";
version = "1.3.1";
src = fetchPypi {
inherit pname version;
sha256 = "7a755c1247e32e92bd6df4fa2240dab185b29da9777ab3b946c3b3d9f1abf5d3";
sha256 = "sha256-X85NRgGZt7+OpL4poOyS+UWec4fuABiTxEYyFpkUpqs=";
};
propagatedBuildInputs = [ click google-auth six ];

3
pkgs/development/python-modules/gvm-tools/default.nix
View file

@ -4,6 +4,7 @@
, poetry-core
, pytestCheckHook
, python-gvm
, pythonAtLeast
, pythonOlder
}:
@ -36,6 +37,8 @@ buildPythonPackage rec {
disabledTests = [
# Don't test sending
"SendTargetTestCase"
] ++ lib.optionals (pythonAtLeast "3.10") [
"HelpFormattingParserTestCase"
];
pythonImportsCheck = [

35
pkgs/development/python-modules/installer/default.nix Normal file
View file

@ -0,0 +1,35 @@
{ lib
, buildPythonPackage
, pythonOlder
, fetchFromGitHub
, pytestCheckHook
, flit-core
, mock
}:
buildPythonPackage rec {
pname = "installer";
version = "0.3.0";
format = "pyproject";
src = fetchFromGitHub {
owner = "pradyunsg";
repo = pname;
rev = version;
sha256 = "sha256-AxAQgDhRFkb0HB7ttDb+pHuHzwnNDX6UOm9rswzIwmI=";
};
nativeBuildInputs = [ flit-core ];
checkInputs = [
pytestCheckHook
mock
];
meta = with lib; {
homepage = "https://github.com/pradyunsg/installer";
description = "A low-level library for installing a Python package from a wheel distribution.";
license = licenses.mit;
maintainers = with maintainers; [ cpcloud fridh ];
};
}

39
pkgs/development/python-modules/socketio-client/default.nix Normal file
View file

@ -0,0 +1,39 @@
{ lib
, buildPythonPackage
, requests
, six
, websocket-client
, fetchFromGitHub
}:
buildPythonPackage rec {
pname = "socketio-client";
version = "0.7.2";
src = fetchFromGitHub {
owner = "invisibleroads";
repo = "socketio-client";
rev = version;
sha256 = "sha256-71sjiGJDDYElPGUNCH1HaVdvgMt8KeD/kXVDpF615ho=";
};
propagatedBuildInputs = [
six
websocket-client
requests
];
# Perform networking tests.
doCheck = false;
pythonImportsCheck = [
"socketIO_client"
];
meta = with lib; {
description = "A socket.io client library for protocol 1.x";
homepage = "https://github.com/invisibleroads/socketIO-client";
license = licenses.mit;
maintainers = with maintainers; [ raitobezarius ];
};
}

1
pkgs/development/tools/parsing/tree-sitter/grammars/default.nix
View file

@ -56,6 +56,7 @@
tree-sitter-norg = lib.importJSON ./tree-sitter-norg.json;
tree-sitter-ocaml = lib.importJSON ./tree-sitter-ocaml.json;
tree-sitter-perl = lib.importJSON ./tree-sitter-perl.json;
tree-sitter-org = lib.importJSON ./tree-sitter-org.json;
tree-sitter-php = lib.importJSON ./tree-sitter-php.json;
tree-sitter-pioasm = lib.importJSON ./tree-sitter-pioasm.json;
tree-sitter-prisma = lib.importJSON ./tree-sitter-prisma.json;

11
pkgs/development/tools/parsing/tree-sitter/grammars/tree-sitter-org.json Normal file
View file

@ -0,0 +1,11 @@
{
"url": "https://github.com/milisims/tree-sitter-org",
"rev": "39a377f5072ee9f79884e227dc49d42c2eba67d8",
"date": "2021-11-01T23:43:23-04:00",
"path": "/nix/store/cgsn53p4gp1ahq2zl38jz51xal60dckf-tree-sitter-org",
"sha256": "0vfnph4xxvkalzk3rgvzi6ckqkjg31ddzgh4mwbk7qwsacbq9rss",
"fetchLFS": false,
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}

40
pkgs/os-specific/linux/hostapd/default.nix
View file

@ -1,12 +1,12 @@
{ lib, stdenv, fetchurl, fetchpatch, pkg-config, libnl, openssl, sqlite ? null }:
{ lib, stdenv, fetchurl, pkg-config, libnl, openssl, sqlite ? null }:
stdenv.mkDerivation rec {
pname = "hostapd";
version = "2.9";
version = "2.10";
src = fetchurl {
url = "https://w1.fi/releases/${pname}-${version}.tar.gz";
sha256 = "1mrbvg4v7vm7mknf0n29mf88k3s4a4qj6r4d51wq8hmjj1m7s7c8";
sha256 = "sha256-IG58eZtnhXLC49EgMCOHhLxKn4IyOwFWtMlGbxSYkV0=";
};
nativeBuildInputs = [ pkg-config ];
@ -16,38 +16,8 @@ stdenv.mkDerivation rec {
(fetchurl {
# Note: fetchurl seems to be unhappy with openwrt git
# server's URLs containing semicolons. Using the github mirror instead.
url = "https://raw.githubusercontent.com/openwrt/openwrt/master/package/network/services/hostapd/patches/300-noscan.patch";
sha256 = "04wg4yjc19wmwk6gia067z99gzzk9jacnwxh5wyia7k5wg71yj5k";
})
# AP mode PMF disconnection protection bypass (CVE.2019-16275), can be removed >= 2.10
# https://w1.fi/security/2019-7/
(fetchurl {
name = "CVE-2019-16275.patch";
url = "https://w1.fi/security/2019-7/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch";
sha256 = "15xjyy7crb557wxpx898b5lnyblxghlij0xby5lmj9hpwwss34dz";
})
# Fixes for UPnP SUBSCRIBE misbehavior in hostapd WPS AP (CVE-2020-12695), can be removed >= 2.10
# https://w1.fi/security/2020-1/
(fetchurl {
name = "CVE-2020-12695_0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch";
url = "https://w1.fi/security/2020-1/0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch";
sha256 = "1mrbhicqb34jlw1nid5hk2vnjbvfhvp7r5iblaj4l6vgc6fmp6id";
})
(fetchurl {
name = "CVE-2020-12695_0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch";
url = "https://w1.fi/security/2020-1/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch";
sha256 = "1pk08b06b24is50bis3rr56xjd3b5kxdcdk8bx39n9vna9db7zj9";
})
(fetchurl {
name = "CVE-2020-12695_0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch";
url = "https://w1.fi/security/2020-1/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch";
sha256 = "12npqp2skgrj934wwkqicgqksma0fxz09di29n1b5fm5i4njl8d8";
})
# In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
(fetchpatch {
name = "CVE-2021-30004.patch";
url = "https://w1.fi/cgit/hostap/patch/?id=a0541334a6394f8237a4393b7372693cd7e96f15";
sha256 = "1gbhlz41x1ar1hppnb76pqxj6vimiypy7c4kq6h658637s4am3xg";
url = "https://raw.githubusercontent.com/openwrt/openwrt/eefed841b05c3cd4c65a78b50ce0934d879e6acf/package/network/services/hostapd/patches/300-noscan.patch";
sha256 = "08p5frxhpq1rp2nczkscapwwl8g9nc4fazhjpxic5bcbssc3sb00";
})
];

35
pkgs/os-specific/linux/wpa_supplicant/default.nix
View file

@ -1,4 +1,4 @@
{ lib, stdenv, fetchurl, fetchpatch, openssl, pkg-config, libnl
{ lib, stdenv, fetchurl, openssl, pkg-config, libnl
, nixosTests
, withDbus ? true, dbus
, withReadline ? true, readline
@ -8,45 +8,16 @@
with lib;
stdenv.mkDerivation rec {
version = "2.9";
version = "2.10";
pname = "wpa_supplicant";
src = fetchurl {
url = "https://w1.fi/releases/${pname}-${version}.tar.gz";
sha256 = "05qzak1mssnxcgdrafifxh9w86a4ha69qabkg4bsigk499xyxggw";
sha256 = "sha256-IN965RVLODA1X4q0JpEjqHr/3qWf50/pKSqR0Nfhey8=";
};
patches = [
(fetchurl {
name = "CVE-2019-16275.patch";
url = "https://w1.fi/security/2019-7/0001-AP-Silently-ignore-management-frame-from-unexpected-.patch";
sha256 = "15xjyy7crb557wxpx898b5lnyblxghlij0xby5lmj9hpwwss34dz";
})
(fetchpatch {
# Expose OWE key management capability over DBus, remove >= 2.10
name = "dbus-Export-OWE-capability-and-OWE-BSS-key_mgmt.patch";
url = "https://w1.fi/cgit/hostap/patch/?id=7800725afb27397f7d6033d4969e2aeb61af4737";
sha256 = "0c1la7inf4m5y9gzdjjdnhpkx32pm8vi6m5knih8p77q4mbrdgg8";
})
# P2P: Fix copying of secondary device types for P2P group client (https://w1.fi/security/2020-2/)
(fetchurl {
name = "CVE-2021-0326.patch";
url = "https://w1.fi/security/2020-2/0001-P2P-Fix-copying-of-secondary-device-types-for-P2P-gr.patch";
sha256 = "19f4hx0p547mdx8y8arb3vclwyy4w9c8a6a40ryj7q33730mrmn4";
})
# P2P: Fix a corner case in peer addition based on PD Request (https://w1.fi/security/2021-1/)
(fetchurl {
name = "CVE-2021-27803.patch";
url = "https://w1.fi/security/2021-1/0001-P2P-Fix-a-corner-case-in-peer-addition-based-on-PD-R.patch";
sha256 = "04cnds7hmbqc44jasabjvrdnh66i5hwvk2h2m5z94pmgbzncyh3z";
})
# In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
(fetchpatch {
name = "CVE-2021-30004.patch";
url = "https://w1.fi/cgit/hostap/patch/?id=a0541334a6394f8237a4393b7372693cd7e96f15";
sha256 = "1gbhlz41x1ar1hppnb76pqxj6vimiypy7c4kq6h658637s4am3xg";
})
] ++ lib.optionals readOnlyModeSSIDs [
# Allow read-only networks
./0001-Implement-read-only-mode-for-ssids.patch

18
pkgs/tools/admin/pulumi/data.nix
View file

@ -1,12 +1,12 @@
# DO NOT EDIT! This file is generated automatically by update.sh
{ }:
{
version = "3.21.0";
version = "3.22.1";
pulumiPkgs = {
x86_64-linux = [
{
url = "https://get.pulumi.com/releases/sdk/pulumi-v3.21.0-linux-x64.tar.gz";
sha256 = "110ab7i3ynkjhbk10q150p7301prffk4xqma79rk28cxxvxf4kk3";
url = "https://get.pulumi.com/releases/sdk/pulumi-v3.22.1-linux-x64.tar.gz";
sha256 = "0yxjlkvyxap4c7ny5x0ch0j4d5360qapb670f6im7vnaqhc00by0";
}
{
url = "https://api.pulumi.com/releases/plugins/pulumi-resource-auth0-v2.4.0-linux-amd64.tar.gz";
@ -103,8 +103,8 @@
];
x86_64-darwin = [
{
url = "https://get.pulumi.com/releases/sdk/pulumi-v3.21.0-darwin-x64.tar.gz";
sha256 = "0pd6jlrw2cc4g33kkl2dfqks5xicmc2bnbrf0cd2ymx9mdnkdaq8";
url = "https://get.pulumi.com/releases/sdk/pulumi-v3.22.1-darwin-x64.tar.gz";
sha256 = "0b68pfrd83x02rs2saybxycpkirjciilp4a94ps3788y1plinyih";
}
{
url = "https://api.pulumi.com/releases/plugins/pulumi-resource-auth0-v2.4.0-darwin-amd64.tar.gz";
@ -201,8 +201,8 @@
];
aarch64-linux = [
{
url = "https://get.pulumi.com/releases/sdk/pulumi-v3.21.0-linux-arm64.tar.gz";
sha256 = "0484hpbf25kfxac72r74h5rfp5r59hlkhzqib9vma3l1cz9icmyx";
url = "https://get.pulumi.com/releases/sdk/pulumi-v3.22.1-linux-arm64.tar.gz";
sha256 = "0551zp5n77jzh8k3jbqq75zj734faryxxdd2fvw881cxf95v39aj";
}
{
url = "https://api.pulumi.com/releases/plugins/pulumi-resource-auth0-v2.4.0-linux-arm64.tar.gz";
@ -296,8 +296,8 @@
];
aarch64-darwin = [
{
url = "https://get.pulumi.com/releases/sdk/pulumi-v3.21.0-darwin-arm64.tar.gz";
sha256 = "01446r5q9a684k0z5b6d2a7gdjszy2816v09jdxkc54cg37fhmlz";
url = "https://get.pulumi.com/releases/sdk/pulumi-v3.22.1-darwin-arm64.tar.gz";
sha256 = "00jzqrnw6khbw5hsaqwi73hx9h3yxdhy2n3jn3h76az27wfjkhkz";
}
{
url = "https://api.pulumi.com/releases/plugins/pulumi-resource-auth0-v2.4.0-darwin-arm64.tar.gz";

2
pkgs/tools/admin/pulumi/update.sh
View file

@ -10,7 +10,7 @@ fi
# Version of Pulumi from
# https://www.pulumi.com/docs/get-started/install/versions/
VERSION="3.21.0"
VERSION="3.22.1"
# An array of plugin names. The respective repository inside Pulumi's
# Github organization is called pulumi-$name by convention.

6
pkgs/tools/backup/kopia/default.nix
View file

@ -2,16 +2,16 @@
buildGo117Module rec {
pname = "kopia";
version = "0.9.8";
version = "0.10.0";
src = fetchFromGitHub {
owner = pname;
repo = pname;
rev = "v${version}";
sha256 = "sha256-7Bvgtp6egZqpTv4Ac+OUkhKzTZhRRMwpdvwOCBA6Dso=";
sha256 = "sha256-445E+RiYlfDNOuw51Wdsavb52RjL3FkcrN9EeKmJ+Q8=";
};
vendorSha256 = "sha256-/dCRM61Zl5YbIb0mKhcyLU15nQhR31QAaq+5TwRK4pM=";
vendorSha256 = "sha256-wq/9MUCeJBZjrg0SXgHYMyXodqIF3KLRHQmvi7gbv5M=";
doCheck = false;

6
pkgs/tools/backup/zrepl/default.nix
View file

@ -6,16 +6,16 @@
}:
buildGoModule rec {
pname = "zrepl";
version = "0.4.0";
version = "0.5.0";
src = fetchFromGitHub {
owner = "zrepl";
repo = "zrepl";
rev = "v${version}";
sha256 = "5Bp8XGCjibDJgeAjW98rcABuddI+CV4Fh3hFJaKKwbo=";
sha256 = "4q/wwlF11HPDS2lTXUizJ3RFQ9sX5qNnWZUKAgnvDiE=";
};
vendorSha256 = "MwmYiK2z7ZK5kKBZV7K6kCZRSd7v5Sgjoih1eeOh6go=";
vendorSha256 = "xToq9pKAxxknh4kE8S3uUg5ySPMbJkLftkMhofNxotc=";
subPackages = [ "." ];

4
pkgs/top-level/python-packages.nix
View file

@ -3953,6 +3953,8 @@ in {
insegel = callPackage ../development/python-modules/insegel { };
installer = callPackage ../development/python-modules/installer { };
intake = callPackage ../development/python-modules/intake { };
intake-parquet = callPackage ../development/python-modules/intake-parquet { };
@ -9078,6 +9080,8 @@ in {
usePython = true;
});
socketio-client = callPackage ../development/python-modules/socketio-client { };
socialscan = callPackage ../development/python-modules/socialscan { };
socid-extractor = callPackage ../development/python-modules/socid-extractor { };

13
pkgs/top-level/release.nix
View file

@ -25,7 +25,10 @@ let
systemsWithAnySupport = supportedSystems ++ limitedSupportedSystems;
supportDarwin = builtins.elem "x86_64-darwin" systemsWithAnySupport;
supportDarwin = lib.genAttrs [
"x86_64"
"aarch64"
] (arch: builtins.elem "${arch}-darwin" systemsWithAnySupport);
jobs =
{ tarball = import ./make-tarball.nix { inherit pkgs nixpkgs officialRelease supportedSystems; };
@ -36,7 +39,7 @@ let
lib-tests = import ../../lib/tests/release.nix { inherit pkgs; };
pkgs-lib-tests = import ../pkgs-lib/tests { inherit pkgs; };
darwin-tested = if supportDarwin then pkgs.releaseTools.aggregate
darwin-tested = if supportDarwin.x86_64 then pkgs.releaseTools.aggregate
{ name = "nixpkgs-darwin-${jobs.tarball.version}";
meta.description = "Release-critical builds for the Nixpkgs darwin channel";
constituents =
@ -130,7 +133,7 @@ let
*/
]
++ lib.collect lib.isDerivation jobs.stdenvBootstrapTools
++ lib.optionals supportDarwin [
++ lib.optionals supportDarwin.x86_64 [
jobs.stdenv.x86_64-darwin
jobs.cargo.x86_64-darwin
jobs.go.x86_64-darwin
@ -171,7 +174,7 @@ let
dist test;
})
# darwin is special in this
// optionalAttrs supportDarwin {
// optionalAttrs supportDarwin.x86_64 {
x86_64-darwin =
let
bootstrap = import ../stdenv/darwin/make-bootstrap-tools.nix { system = "x86_64-darwin"; };
@ -181,7 +184,7 @@ let
# Test a full stdenv bootstrap from the bootstrap tools definition
inherit (bootstrap.test-pkgs) stdenv;
};
} // optionalAttrs supportDarwin.aarch64 {
# Cross compiled bootstrap tools
aarch64-darwin =
let