From c844621f7177b0c739dcbe98840d608f75cc57c4 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Wed, 24 Feb 2021 18:10:11 +0000 Subject: [PATCH 01/51] python37Packages.bitbox02: 5.2.0 -> 5.3.0 --- pkgs/development/python-modules/bitbox02/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/bitbox02/default.nix b/pkgs/development/python-modules/bitbox02/default.nix index ce62fd6dce0..d57d4a6585b 100644 --- a/pkgs/development/python-modules/bitbox02/default.nix +++ b/pkgs/development/python-modules/bitbox02/default.nix @@ -2,11 +2,11 @@ buildPythonPackage rec { pname = "bitbox02"; - version = "5.2.0"; + version = "5.3.0"; src = fetchPypi { inherit pname version; - sha256 = "52b0b617660601939b30c8b588c28910946448b1b6d69ca231d5e3e47a322b71"; + sha256 = "fe0e8aeb9b32fd7d76bb3e9838895973a74dfd532a8fb8ac174a1a60214aee26"; }; propagatedBuildInputs = [ base58 ecdsa hidapi noiseprotocol protobuf semver typing-extensions ]; From 820cc72b52b961220fe862b74d42f27ce8c8b2da Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Tue, 2 Mar 2021 00:57:17 -0800 Subject: [PATCH 02/51] ssm-agent: 2.3.1319.0 -> 3.0.755.0 Co-authored-by: Cole Helbling --- ...C-tests-that-fail-in-the-Nix-sandbox.patch | 44 +++++++ ...-gen-don-t-use-unnecessary-constants.patch | 46 ++++++++ .../networking/cluster/ssm-agent/default.nix | 108 +++++++++++------- 3 files changed, 159 insertions(+), 39 deletions(-) create mode 100644 pkgs/applications/networking/cluster/ssm-agent/0001-Disable-NIC-tests-that-fail-in-the-Nix-sandbox.patch create mode 100644 pkgs/applications/networking/cluster/ssm-agent/0002-version-gen-don-t-use-unnecessary-constants.patch diff --git a/pkgs/applications/networking/cluster/ssm-agent/0001-Disable-NIC-tests-that-fail-in-the-Nix-sandbox.patch b/pkgs/applications/networking/cluster/ssm-agent/0001-Disable-NIC-tests-that-fail-in-the-Nix-sandbox.patch new file mode 100644 index 00000000000..364f7653efa --- /dev/null +++ b/pkgs/applications/networking/cluster/ssm-agent/0001-Disable-NIC-tests-that-fail-in-the-Nix-sandbox.patch @@ -0,0 +1,44 @@ +From bea6307ec2a77d90d59c13940381d73ec0f05b70 Mon Sep 17 00:00:00 2001 +From: Graham Christensen +Date: Mon, 1 Mar 2021 10:57:44 -0500 +Subject: [PATCH] Disable NIC tests that fail in the Nix sandbox. + +--- + agent/managedInstances/fingerprint/fingerprint_integ_test.go | 2 ++ + agent/ssm/service_test.go | 1 + + 2 files changed, 3 insertions(+) + +diff --git a/agent/managedInstances/fingerprint/fingerprint_integ_test.go b/agent/managedInstances/fingerprint/fingerprint_integ_test.go +index a1f969ff..631ea1f5 100644 +--- a/agent/managedInstances/fingerprint/fingerprint_integ_test.go ++++ b/agent/managedInstances/fingerprint/fingerprint_integ_test.go +@@ -28,12 +28,14 @@ func TestHostnameInfo(t *testing.T) { + } + + func TestPrimaryIpInfo(t *testing.T) { ++ t.Skip("The Nix build sandbox has no non-loopback IPs, causing this test to fail."); + ip, err := primaryIpInfo() + assert.NoError(t, err, "expected no error fetching the primary ip") + assert.NotEmpty(t, ip, "expected to fetch primary ip") + } + + func TestMacAddrInfo(t *testing.T) { ++ t.Skip("The Nix build sandbox has no non-loopback interfaces, causing this test to fail."); + mac, err := macAddrInfo() + assert.NoError(t, err, "expected no error fetching the mac addr") + assert.NotEmpty(t, mac, "expected to fetch mac address") +diff --git a/agent/ssm/service_test.go b/agent/ssm/service_test.go +index f4b34f83..d8216dba 100644 +--- a/agent/ssm/service_test.go ++++ b/agent/ssm/service_test.go +@@ -85,6 +85,7 @@ func (suite *SsmServiceTestSuite) TestUpdateEmptyInstanceInformation() { + // Test function for update instance information + // This function update the agent name, agent statuc, and agent version. + func (suite *SsmServiceTestSuite) TestUpdateInstanceInformation() { ++ suite.T().Skip("The Nix build sandbox has no interfaces for IP and MAC address reports."); + // Give mock value to test UpdateInstanceInformation, assert the error is nil, assert the log.Debug function get called. + response, err := suite.sdkService.UpdateInstanceInformation(suite.logMock, "2.2.3.2", "active", "Amazon-ssm-agent") + assert.Nil(suite.T(), err, "Err should be nil") +-- +2.29.2 + diff --git a/pkgs/applications/networking/cluster/ssm-agent/0002-version-gen-don-t-use-unnecessary-constants.patch b/pkgs/applications/networking/cluster/ssm-agent/0002-version-gen-don-t-use-unnecessary-constants.patch new file mode 100644 index 00000000000..234e510d3d1 --- /dev/null +++ b/pkgs/applications/networking/cluster/ssm-agent/0002-version-gen-don-t-use-unnecessary-constants.patch @@ -0,0 +1,46 @@ +From 473e3f8544915a35b3a45c548743978b34e5310e Mon Sep 17 00:00:00 2001 +From: Cole Helbling +Date: Tue, 2 Mar 2021 00:24:00 -0800 +Subject: [PATCH] version-gen: don't use unnecessary constants + +This prevents the tool from being built with Nix, because this project +doesn't use Go modules (or something; I'm not really familiar with Go, +much less Go + Nix). +--- + agent/version/versiongenerator/version-gen.go | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/agent/version/versiongenerator/version-gen.go b/agent/version/versiongenerator/version-gen.go +index d710effc..55c9a001 100644 +--- a/agent/version/versiongenerator/version-gen.go ++++ b/agent/version/versiongenerator/version-gen.go +@@ -22,8 +22,6 @@ import ( + "path/filepath" + "strings" + "text/template" +- +- "github.com/aws/amazon-ssm-agent/agent/appconfig" + ) + + const versiongoTemplate = `// This is an autogenerated file and should not be edited. +@@ -59,7 +57,7 @@ func main() { + versionStr := strings.TrimSpace(string(versionContent)) + + fmt.Printf("Agent Version: %v", versionStr) +- if err := ioutil.WriteFile(filepath.Join("VERSION"), []byte(versionStr), appconfig.ReadWriteAccess); err != nil { ++ if err := ioutil.WriteFile(filepath.Join("VERSION"), []byte(versionStr), 0600); err != nil { + log.Fatalf("Error writing to VERSION file. %v", err) + } + +@@ -108,7 +106,7 @@ func main() { + + releaseNoteOutFile := strings.Join(releaseNoteLines, "\n") + +- if err = ioutil.WriteFile(filepath.Join(releaseNotesFile), []byte(releaseNoteOutFile), appconfig.ReadWriteAccess); err != nil { ++ if err = ioutil.WriteFile(filepath.Join(releaseNotesFile), []byte(releaseNoteOutFile), 0600); err != nil { + log.Fatalf("Error writing to RELEASENOTES.md file. %v", err) + } + +-- +2.30.0 + diff --git a/pkgs/applications/networking/cluster/ssm-agent/default.nix b/pkgs/applications/networking/cluster/ssm-agent/default.nix index b042f8ff15f..9b9e57ca333 100644 --- a/pkgs/applications/networking/cluster/ssm-agent/default.nix +++ b/pkgs/applications/networking/cluster/ssm-agent/default.nix @@ -1,63 +1,93 @@ -{ lib, fetchFromGitHub, buildGoPackage, bash, makeWrapper }: +{ lib +, writeShellScriptBin +, buildGoPackage +, makeWrapper +, fetchFromGitHub +, coreutils +, nettools +, dmidecode +, util-linux +, bashInteractive +}: +let + # The SSM agent doesn't pay attention to our /etc/os-release yet, and the lsb-release tool + # in nixpkgs doesn't seem to work properly on NixOS, so let's just fake the two fields SSM + # looks for. See https://github.com/aws/amazon-ssm-agent/issues/38 for upstream fix. + fake-lsb-release = writeShellScriptBin "lsb_release" '' + . /etc/os-release || true + + case "$1" in + -i) echo "''${NAME:-unknown}";; + -r) echo "''${VERSION:-unknown}";; + esac + ''; +in buildGoPackage rec { - pname = "amazon-ssm-agent"; - version = "2.3.1319.0"; + pname = "amazon-ssm-agent"; + version = "3.0.755.0"; goPackagePath = "github.com/aws/${pname}"; - subPackages = [ - "agent" - "agent/framework/processor/executer/outofproc/worker" - "agent/framework/processor/executer/outofproc/worker" - "agent/framework/processor/executer/outofproc/sessionworker" - "agent/session/logging" - "agent/cli-main" - ]; nativeBuildInputs = [ makeWrapper ]; src = fetchFromGitHub { - rev = version; - owner = "aws"; - repo = pname; - sha256 = "1yiyhj7ckqa32b1rnbwn7zx89rsj00m5imn1xlpsw002ywxsxbnv"; + rev = version; + owner = "aws"; + repo = "amazon-ssm-agent"; + hash = "sha256-yVQJL1MJ1JlAndlrXfEbNLQihlbLhSoQXTKzJMRzhao="; }; - preBuild = '' - mv go/src/${goPackagePath}/vendor strange-vendor - mv strange-vendor/src go/src/${goPackagePath}/vendor + patches = [ + # Some tests use networking, so we skip them. + ./0001-Disable-NIC-tests-that-fail-in-the-Nix-sandbox.patch - cd go/src/${goPackagePath} - echo ${version} > VERSION + # They used constants from another package that I couldn't figure + # out how to resolve, so hardcoded the constants. + ./0002-version-gen-don-t-use-unnecessary-constants.patch + ]; - substituteInPlace agent/plugins/inventory/gatherers/application/dataProvider.go \ - --replace '"github.com/aws/amazon-ssm-agent/agent/plugins/configurepackage/localpackages"' "" + configurePhase = '' + export HOME=$(mktemp -d) - go run agent/version/versiongenerator/version-gen.go - substituteInPlace agent/appconfig/constants_unix.go \ - --replace /usr/bin/ssm-document-worker $bin/bin/ssm-document-worker \ - --replace /usr/bin/ssm-session-worker $bin/bin/ssm-session-worker \ - --replace /usr/bin/ssm-session-logger $bin/bin/ssm-session-logger - cd - + printf "#!/bin/sh\ntrue" > ./Tools/src/checkstyle.sh + + substituteInPlace agent/platform/platform_unix.go \ + --replace "/usr/bin/uname" "${coreutils}/bin/uname" \ + --replace '"/bin", "hostname"' '"${nettools}/bin/hostname"' \ + --replace '"lsb_release"' '"${fake-lsb-release}/bin/lsb_release"' + + substituteInPlace agent/managedInstances/fingerprint/hardwareInfo_unix.go \ + --replace /usr/sbin/dmidecode ${dmidecode}/bin/dmidecode + + substituteInPlace agent/session/shell/shell_unix.go \ + --replace '"script"' '"${util-linux}/bin/script"' + + # Note: if this step fails, please patch the code to fix it! Please only skip + # tests if it is not feasible for the test to pass in a sandbox. + make quick-integtest + + echo "${version}" > VERSION + + make pre-release + make pre-build ''; - postBuild = '' - mv go/bin/agent go/bin/amazon-ssm-agent - mv go/bin/worker go/bin/ssm-document-worker - mv go/bin/sessionworker go/bin/ssm-session-worker - mv go/bin/logging go/bin/ssm-session-logger - mv go/bin/cli-main go/bin/ssm-cli + buildPhase = '' + make build-linux ''; - postInstall = '' - wrapProgram $out/bin/amazon-ssm-agent --prefix PATH : ${bash}/bin + installPhase = '' + mkdir -p $out/bin + mv bin/linux_*/* $out/bin/ + wrapProgram $out/bin/amazon-ssm-agent --prefix PATH : ${bashInteractive}/bin ''; meta = with lib; { description = "Agent to enable remote management of your Amazon EC2 instance configuration"; - homepage = "https://github.com/aws/amazon-ssm-agent"; - license = licenses.asl20; - platforms = platforms.unix; + homepage = "https://github.com/aws/amazon-ssm-agent"; + license = licenses.asl20; + platforms = platforms.unix; maintainers = with maintainers; [ copumpkin manveru ]; }; } From 429d55c6d4957c9a7dce0e7e48e4dc587a38d56b Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Wed, 3 Mar 2021 01:48:53 +0000 Subject: [PATCH 03/51] mcfly: 0.5.3 -> 0.5.4 --- pkgs/tools/misc/mcfly/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/misc/mcfly/default.nix b/pkgs/tools/misc/mcfly/default.nix index 616ee822eba..acdde84accd 100644 --- a/pkgs/tools/misc/mcfly/default.nix +++ b/pkgs/tools/misc/mcfly/default.nix @@ -2,13 +2,13 @@ rustPlatform.buildRustPackage rec { pname = "mcfly"; - version = "0.5.3"; + version = "0.5.4"; src = fetchFromGitHub { owner = "cantino"; repo = "mcfly"; rev = "v${version}"; - sha256 = "1p51wdv47cyg6dmb81fm0d92x1kp7bwwpgax6vlh669nkddiwvmm"; + sha256 = "sha256-OYHUawlVHUlKMOWFqeJgg8EIe6Hbe+tKi57sJC5zH1U="; }; postInstall = '' @@ -20,7 +20,7 @@ rustPlatform.buildRustPackage rec { install -Dm644 -t $out/share/mcfly mcfly.fish ''; - cargoSha256 = "0gcdgca8w8i978b067rwm5zrc81rxb704006k9pbcwizkq2281yy"; + cargoSha256 = "sha256-aiOw1esERlhOTBCldxoldMCrxMxcGpYXEvjSFQ8xU8A="; meta = with lib; { homepage = "https://github.com/cantino/mcfly"; From 29b99a22a5e06de3d7a2401398c169782685078e Mon Sep 17 00:00:00 2001 From: Cole Helbling Date: Tue, 2 Mar 2021 12:47:42 -0800 Subject: [PATCH 04/51] ssm-agent: don't override phases --- .../networking/cluster/ssm-agent/default.nix | 43 +++++++++++++------ 1 file changed, 30 insertions(+), 13 deletions(-) diff --git a/pkgs/applications/networking/cluster/ssm-agent/default.nix b/pkgs/applications/networking/cluster/ssm-agent/default.nix index 9b9e57ca333..3aa583f3ae3 100644 --- a/pkgs/applications/networking/cluster/ssm-agent/default.nix +++ b/pkgs/applications/networking/cluster/ssm-agent/default.nix @@ -11,9 +11,10 @@ }: let - # The SSM agent doesn't pay attention to our /etc/os-release yet, and the lsb-release tool - # in nixpkgs doesn't seem to work properly on NixOS, so let's just fake the two fields SSM - # looks for. See https://github.com/aws/amazon-ssm-agent/issues/38 for upstream fix. + # Tests use lsb_release, so we mock it (the SSM agent used to not + # read from our /etc/os-release file, but now it does) because in + # reality, it won't (shouldn't) be used when active on a system with + # /etc/os-release. If it is, we fake the only two fields it cares about. fake-lsb-release = writeShellScriptBin "lsb_release" '' . /etc/os-release || true @@ -47,9 +48,8 @@ buildGoPackage rec { ./0002-version-gen-don-t-use-unnecessary-constants.patch ]; - configurePhase = '' - export HOME=$(mktemp -d) - + preConfigure = '' + rm -r ./Tools/src/goreportcard printf "#!/bin/sh\ntrue" > ./Tools/src/checkstyle.sh substituteInPlace agent/platform/platform_unix.go \ @@ -63,23 +63,40 @@ buildGoPackage rec { substituteInPlace agent/session/shell/shell_unix.go \ --replace '"script"' '"${util-linux}/bin/script"' + echo "${version}" > VERSION + ''; + + preBuild = '' + cp -r go/src/${goPackagePath}/vendor/src go + + pushd go/src/${goPackagePath} + # Note: if this step fails, please patch the code to fix it! Please only skip # tests if it is not feasible for the test to pass in a sandbox. make quick-integtest - echo "${version}" > VERSION - make pre-release make pre-build + + popd ''; - buildPhase = '' - make build-linux + postBuild = '' + pushd go/bin + + rm integration-cli versiongenerator generator + + mv core amazon-ssm-agent + mv agent ssm-agent-worker + mv cli-main ssm-cli + mv worker ssm-document-worker + mv logging ssm-session-logger + mv sessionworker ssm-session-worker + + popd ''; - installPhase = '' - mkdir -p $out/bin - mv bin/linux_*/* $out/bin/ + postFixup = '' wrapProgram $out/bin/amazon-ssm-agent --prefix PATH : ${bashInteractive}/bin ''; From eab2ba0a67d13b65eaa9b2f5befbe7fbd0fc0468 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dani=C3=ABl=20de=20Kok?= Date: Thu, 4 Mar 2021 08:45:33 +0100 Subject: [PATCH 05/51] python3Packages.etebase: switch to buildPythonPackage + cargoSetupHook The derivation also built OpenSSL statically. Switch to our OpenSSL derivation instead, so that the package gets automatic OpenSSL security updates. --- .../python-modules/etebase/default.nix | 57 ++++++++++--------- 1 file changed, 30 insertions(+), 27 deletions(-) diff --git a/pkgs/development/python-modules/etebase/default.nix b/pkgs/development/python-modules/etebase/default.nix index 7832f6b4787..9151e2471c4 100644 --- a/pkgs/development/python-modules/etebase/default.nix +++ b/pkgs/development/python-modules/etebase/default.nix @@ -1,19 +1,17 @@ -{ lib, stdenv -, wheel -, rustPlatform -, pipInstallHook -, setuptools-rust -, python -, msgpack -, requests -, openssl -, perl -, rustfmt +{ lib +, stdenv , fetchFromGitHub +, buildPythonPackage +, rustPlatform +, pkg-config +, rustfmt +, setuptools-rust +, openssl , Security +, msgpack }: -rustPlatform.buildRustPackage rec { +buildPythonPackage rec { pname = "etebase"; version = "0.31.1"; @@ -24,33 +22,38 @@ rustPlatform.buildRustPackage rec { sha256 = "163iw64l8lwawf84qswcjsq9p8qddv9ysjrr3dzqpqxb2yb0sy39"; }; - cargoSha256 = "0w8ypl6kj1mf6ahbdiwbd4jw6ldxdaig47zwk91jjsww5lbyx4lf"; + cargoDeps = rustPlatform.fetchCargoTarball { + inherit src; + name = "${pname}-${version}"; + sha256 = "0w8ypl6kj1mf6ahbdiwbd4jw6ldxdaig47zwk91jjsww5lbyx4lf"; + }; + + format = "pyproject"; nativeBuildInputs = [ + pkg-config rustfmt - perl - openssl - pipInstallHook setuptools-rust - wheel - ]; + ] ++ (with rustPlatform; [ + cargoSetupHook + rust.cargo + rust.rustc + ]); - buildInputs = lib.optionals stdenv.isDarwin [ Security ]; + buildInputs = [ openssl ] ++ lib.optionals stdenv.isDarwin [ Security ]; propagatedBuildInputs = [ - python msgpack ]; - doCheck = true; - - buildPhase = '' - ${python.interpreter} setup.py bdist_wheel + postPatch = '' + # Use system OpenSSL, which gets security updates. + substituteInPlace Cargo.toml \ + --replace ', features = ["vendored"]' "" ''; - installPhase = '' - pipInstallPhase - ''; + pythonImportsCheck = [ "etebase" ]; + meta = with lib; { homepage = "https://www.etebase.com/"; From 65671395da07d5d6f7daaf69aa7a30d614c3a438 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dani=C3=ABl=20de=20Kok?= Date: Thu, 4 Mar 2021 08:48:26 +0100 Subject: [PATCH 06/51] python3Packages.etebase: 0.31.1 -> 0.31.2 Changelog: https://github.com/etesync/etebase-py/releases/tag/v0.31.2 (Fixes crashes with Python 3.9.) --- pkgs/development/python-modules/etebase/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/python-modules/etebase/default.nix b/pkgs/development/python-modules/etebase/default.nix index 9151e2471c4..14c93fc719f 100644 --- a/pkgs/development/python-modules/etebase/default.nix +++ b/pkgs/development/python-modules/etebase/default.nix @@ -13,19 +13,19 @@ buildPythonPackage rec { pname = "etebase"; - version = "0.31.1"; + version = "0.31.2"; src = fetchFromGitHub { owner = "etesync"; repo = "etebase-py"; rev = "v${version}"; - sha256 = "163iw64l8lwawf84qswcjsq9p8qddv9ysjrr3dzqpqxb2yb0sy39"; + hash = "sha256-enGmfXW8eV6FgdHfJqXr1orAsGbxDz9xUY6T706sf5U="; }; cargoDeps = rustPlatform.fetchCargoTarball { inherit src; name = "${pname}-${version}"; - sha256 = "0w8ypl6kj1mf6ahbdiwbd4jw6ldxdaig47zwk91jjsww5lbyx4lf"; + hash = "sha256-4eJvFf6aY+DYkrYgam5Ok9941PX4uQOmtRznEY0+1TE="; }; format = "pyproject"; From 38aa907d46c4b08df996836d94900e8f1c8cfd8d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= Date: Sat, 27 Feb 2021 14:15:20 +0100 Subject: [PATCH 07/51] prs: init at 0.2.2 --- pkgs/tools/security/prs/default.nix | 48 +++++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 50 insertions(+) create mode 100644 pkgs/tools/security/prs/default.nix diff --git a/pkgs/tools/security/prs/default.nix b/pkgs/tools/security/prs/default.nix new file mode 100644 index 00000000000..197a2ba8b9b --- /dev/null +++ b/pkgs/tools/security/prs/default.nix @@ -0,0 +1,48 @@ +{ lib +, rustPlatform +, fetchFromGitLab +, pkg-config +, python3 +, dbus +, glib +, gpgme +, gtk3 +, libxcb +}: + +rustPlatform.buildRustPackage rec { + pname = "prs"; + version = "0.2.2"; + + src = fetchFromGitLab { + owner = "timvisee"; + repo = "prs"; + rev = "v${version}"; + sha256 = "05l9zaaadv2a7ngwkxggp5vrjlnpvf2wr4ijhprx3jkw8b2cxii7"; + }; + + cargoSha256 = "0fjkvr5mdqiy70qx4liwnh78y6mqdv6vbg3nayinh2h34p0z609y"; + + postPatch = '' + # The GPGME backend is recommended + for f in "gtk3/Cargo.toml" "cli/Cargo.toml"; do + substituteInPlace "$f" --replace \ + 'default = ["backend-gnupg-bin"' 'default = ["backend-gpgme"' + done + ''; + + nativeBuildInputs = [ gpgme pkg-config python3 ]; + + buildInputs = [ dbus glib gpgme gtk3 libxcb ]; + + meta = with lib; { + description = "Secure, fast & convenient password manager CLI using GPG and git to sync"; + homepage = "https://gitlab.com/timvisee/prs"; + changelog = "https://gitlab.com/timvisee/prs/-/blob/v${version}/CHANGELOG.md"; + license = with licenses; [ + lgpl3Only # lib + gpl3Only # everything else + ]; + maintainers = with maintainers; [ dotlambda ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index ae22edcd688..bb9534002bc 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7295,6 +7295,8 @@ in openssl = openssl_1_0_2; }; + prs = callPackage ../tools/security/prs { }; + psw = callPackage ../tools/misc/psw { }; pws = callPackage ../tools/misc/pws { }; From e7b4f9b91e6c93b67f681471f5fa68ab672d9dad Mon Sep 17 00:00:00 2001 From: roblabla Date: Sat, 27 Feb 2021 14:59:08 +0100 Subject: [PATCH 08/51] yara: 4.0.1 -> 4.0.5 --- pkgs/tools/security/yara/default.nix | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/security/yara/default.nix b/pkgs/tools/security/yara/default.nix index f11e772390d..844004c3b9e 100644 --- a/pkgs/tools/security/yara/default.nix +++ b/pkgs/tools/security/yara/default.nix @@ -1,4 +1,5 @@ { lib, stdenv +, fetchpatch , fetchFromGitHub , autoreconfHook , pcre @@ -10,14 +11,14 @@ }: stdenv.mkDerivation rec { - version = "4.0.1"; + version = "4.0.5"; pname = "yara"; src = fetchFromGitHub { owner = "VirusTotal"; repo = "yara"; rev = "v${version}"; - sha256 = "0dy8jf0pdn0wilxy1pj6pqjxg7icxkwax09w54np87gl9p00f5rk"; + sha256 = "1gkdll2ygdlqy1f27a5b84gw2bq75ss7acsx06yhiss90qwdaalq"; }; nativeBuildInputs = [ autoreconfHook pkg-config ]; @@ -30,6 +31,19 @@ stdenv.mkDerivation rec { preConfigure = "./bootstrap.sh"; + # If static builds are disabled, `make all-am` will fail to find libyara.a and + # cause a build failure. It appears that somewhere between yara 4.0.1 and + # 4.0.5, linking the yara binaries dynamically against libyara.so was broken. + # + # This was already fixed in yara master. Backport the patch to yara 4.0.5. + patches = [ + (fetchpatch { + name = "fix-build-with-no-static.patch"; + url = "https://github.com/VirusTotal/yara/commit/52e6866023b9aca26571c78fb8759bc3a51ba6dc.diff"; + sha256 = "074cf99j0rqiyacp60j1hkvjqxia7qwd11xjqgcr8jmfwihb38nr"; + }) + ]; + configureFlags = [ (lib.withFeature withCrypto "crypto") (lib.enableFeature enableMagic "magic") From a8ce931064b73c5ade7a570c0d4640631b0174b7 Mon Sep 17 00:00:00 2001 From: Stefan Frijters Date: Sun, 28 Feb 2021 19:18:51 +0100 Subject: [PATCH 09/51] urserver: 3.6.0.745 -> 3.9.0.2465 --- pkgs/servers/urserver/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/servers/urserver/default.nix b/pkgs/servers/urserver/default.nix index eee10d05826..9047ea0ee34 100644 --- a/pkgs/servers/urserver/default.nix +++ b/pkgs/servers/urserver/default.nix @@ -9,15 +9,16 @@ stdenv.mkDerivation rec { pname = "urserver"; - version = "3.6.0.745"; + version = "3.9.0.2465"; src = fetchurl { - url = "https://www.unifiedremote.com/static/builds/server/linux-x64/745/urserver-${version}.tar.gz"; - sha256 = "1ib9317bg9n4knwnlbrn1wfkyrjalj8js3a6h7zlcl8h8xc0szc8"; + url = "https://www.unifiedremote.com/static/builds/server/linux-x64/${builtins.elemAt (builtins.splitVersion version) 3}/urserver-${version}.tar.gz"; + sha256 = "sha256-3DIroodWCMbq1fzPjhuGLk/2fY/qFxFISLzjkjJ4i90="; }; nativeBuildInputs = [ autoPatchelfHook + makeWrapper ]; buildInputs = [ @@ -25,7 +26,6 @@ stdenv.mkDerivation rec { bluez libX11 libXtst - makeWrapper ]; installPhase = '' From 7e084ddffe6824dec9503fb6b909b65fee3e9cf8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vojt=C4=9Bch=20K=C3=A1n=C4=9B?= Date: Tue, 16 Feb 2021 15:17:42 +0100 Subject: [PATCH 10/51] natron: fix build and update to 2.3.15 --- pkgs/applications/video/natron/default.nix | 54 +++++++++++++--------- 1 file changed, 32 insertions(+), 22 deletions(-) diff --git a/pkgs/applications/video/natron/default.nix b/pkgs/applications/video/natron/default.nix index a455869ebf9..bbbcf3d7687 100644 --- a/pkgs/applications/video/natron/default.nix +++ b/pkgs/applications/video/natron/default.nix @@ -1,14 +1,14 @@ { lib, stdenv, fetchurl, qt4, pkg-config, boost, expat, cairo, python2Packages, cmake, flex, bison, pango, librsvg, librevenge, libxml2, libcdr, libzip, poppler, imagemagick, openexr, ffmpeg_3, opencolorio, openimageio, - qmake4Hook, libpng, libGL, lndir }: + qmake4Hook, libpng, libGL, lndir, libraw, openjpeg, libwebp, fetchFromGitHub }: let - minorVersion = "2.1"; - version = "${minorVersion}.9"; + minorVersion = "2.3"; + version = "${minorVersion}.15"; OpenColorIO-Configs = fetchurl { - url = "https://github.com/MrKepzie/OpenColorIO-Configs/archive/Natron-v${minorVersion}.tar.gz"; - sha256 = "9eec5a02ca80c9cd8e751013cb347ea982fdddd592a4a9215cce462e332dac51"; + url = "https://github.com/NatronGitHub/OpenColorIO-Configs/archive/Natron-v${minorVersion}.tar.gz"; + sha256 = "AZK9J+RnMyxOYcAQOAQZj5QciPQ999m6jrtBt5rdpkA="; }; seexpr = stdenv.mkDerivation rec { version = "1.0.1"; @@ -20,14 +20,15 @@ let nativeBuildInputs = [ cmake ]; buildInputs = [ libpng flex bison ]; }; - buildPlugin = { pluginName, sha256, nativeBuildInputs ? [], buildInputs ? [], preConfigure ? "" }: + buildPlugin = { pluginName, sha256, nativeBuildInputs ? [], buildInputs ? [], preConfigure ? "", postPatch ? "" }: stdenv.mkDerivation { - name = "openfx-${pluginName}-${version}"; + pname = "openfx-${pluginName}"; + version = version; src = fetchurl { - url = "https://github.com/MrKepzie/Natron/releases/download/${version}/openfx-${pluginName}-${version}.tar.xz"; + url = "https://github.com/NatronGitHub/openfx-${pluginName}/releases/download/Natron-${version}/openfx-${pluginName}-Natron-${version}.tar.xz"; inherit sha256; }; - inherit nativeBuildInputs buildInputs; + inherit nativeBuildInputs buildInputs postPatch; preConfigure = '' makeFlagsArray+=("CONFIG=release") makeFlagsArray+=("PLUGINPATH=$out/Plugins/OFX/Natron") @@ -42,14 +43,19 @@ let url = "https://raw.githubusercontent.com/lvandeve/lodepng/a70c086077c0eaecbae3845e4da4424de5f43361/lodepng.h"; sha256 = "14drdikd0vws3wwpyqq7zzm5z3kg98svv4q4w0hr45q6zh6hs0bq"; }; + cimgversion = "89b9d062ec472df3d33989e6d5d2a8b50ba0775c"; CImgh = fetchurl { - url = "https://raw.githubusercontent.com/dtschump/CImg/572c12d82b2f59ece21be8f52645c38f1dd407e6/CImg.h"; - sha256 = "0n4qfxj8j6rmj4svf68gg2pzg8d1pb74bnphidnf8i2paj6lwniz"; + url = "https://raw.githubusercontent.com/dtschump/CImg/${cimgversion}/CImg.h"; + sha256 = "sha256-NbYpZDNj2oZ+wqoEkRwwCjiujdr+iGOLA0Pa0Ynso6U="; + }; + inpainth = fetchurl { + url = "https://raw.githubusercontent.com/dtschump/CImg/${cimgversion}/plugins/inpaint.h"; + sha256 = "sha256-cd28a3VOs5002GkthHkbIUrxZfKuGhqIYO4Oxe/2HIQ="; }; plugins = map buildPlugin [ ({ pluginName = "arena"; - sha256 = "0qba13vn9qdfax7nqlz1ps27zspr5kh795jp1xvbmwjzjzjpkqkf"; + sha256 = "tUb6myG03mRieUAfgRZfv5Ap+cLvbpNrLMYCGTiAq8c="; nativeBuildInputs = [ pkg-config ]; buildInputs = [ pango librsvg librevenge libcdr opencolorio libxml2 libzip @@ -65,32 +71,37 @@ let }) ({ pluginName = "io"; - sha256 = "0s196i9fkgr9iw92c94mxgs1lkxbhynkf83vmsgrldflmf0xjky7"; + sha256 = "OQg6a5wNy9TFFySjmgd1subvXRxY/ZnSOCkaoUo+ZaA="; nativeBuildInputs = [ pkg-config ]; buildInputs = [ libpng ffmpeg_3 openexr opencolorio openimageio boost libGL - seexpr + seexpr libraw openjpeg libwebp ]; }) ({ pluginName = "misc"; - sha256 = "02h79jrll0c17azxj16as1mks3lmypm4m3da4mms9sg31l3n82qi"; + sha256 = "XkdQyWI9ilF6IoP3yuHulNUZRPLX1m4lq/+RbXsrFEQ="; buildInputs = [ libGL ]; - preConfigure = '' - cp ${CImgh} CImg/CImg.h + postPatch = '' + cp '${inpainth}' CImg/Inpaint/inpaint.h + patch -p0 -dCImg < CImg/Inpaint/inpaint.h.patch # taken from the Makefile; it gets skipped if the file already exists + cp '${CImgh}' CImg/CImg.h ''; }) ]; in stdenv.mkDerivation { inherit version; - name = "natron-${version}"; + pname = "natron"; - src = fetchurl { - url = "https://github.com/MrKepzie/Natron/releases/download/${version}/Natron-${version}.tar.xz"; - sha256 = "1wdc0zqriw2jhlrhzs6af3kagrv22cm086ffnbr1x43mgc9hfhjp"; + src = fetchFromGitHub { + owner = "NatronGitHub"; + repo = "Natron"; + rev = "v${version}"; + fetchSubmodules = true; + sha256 = "sha256-KuXJmmIsvwl4uqmAxXqWU+273jsdWrCuUSwWn5vuu8M="; }; nativeBuildInputs = [ qmake4Hook pkg-config python2Packages.wrapPython ]; @@ -124,6 +135,5 @@ stdenv.mkDerivation { license = lib.licenses.gpl2; maintainers = [ maintainers.puffnfresh ]; platforms = platforms.linux; - broken = true; }; } From 9033b0a9316fe080275a99a24a3cf2164cbf2de3 Mon Sep 17 00:00:00 2001 From: Arthur Gautier Date: Tue, 23 Feb 2021 01:28:59 +0000 Subject: [PATCH 11/51] pythonPackages.certvalidator: init at 0.11.1 Signed-off-by: Arthur Gautier --- .../python-modules/certvalidator/default.nix | 34 +++++++++++++++++++ pkgs/top-level/python-packages.nix | 2 ++ 2 files changed, 36 insertions(+) create mode 100644 pkgs/development/python-modules/certvalidator/default.nix diff --git a/pkgs/development/python-modules/certvalidator/default.nix b/pkgs/development/python-modules/certvalidator/default.nix new file mode 100644 index 00000000000..8f53bd9805b --- /dev/null +++ b/pkgs/development/python-modules/certvalidator/default.nix @@ -0,0 +1,34 @@ +{ lib, buildPythonPackage, fetchFromGitHub +, asn1crypto, oscrypto +, cacert +}: + +buildPythonPackage rec { + pname = "certvalidator"; + version = "0.11.1"; + + src = fetchFromGitHub { + owner = "wbond"; + repo = pname; + rev = version; + sha256 = "sha256-yVF7t4FuU3C9fDg67JeM7LWZZh/mv5F4EKmjlO4AuBY="; + }; + + propagatedBuildInputs = [ asn1crypto oscrypto ]; + + checkInputs = [ cacert ]; + checkPhase = '' + # Tests are run with a custom executor/loader + # The regex to skip specific tests relies on negative lookahead of regular expressions + # We're skipping the few tests that rely on the network, fetching CRLs, OCSP or remote certificates + python -c 'import dev.tests; dev.tests.run("^(?!.*test_(basic_certificate_validator_tls|fetch|revocation|build_path)).*$")' + ''; + pythonImportsCheck = [ "certvalidator" ]; + + meta = with lib; { + homepage = "https://github.com/wbond/certvalidator"; + description = "Validates X.509 certificates and paths"; + license = licenses.mit; + maintainers = with maintainers; [ baloo ]; + }; +} diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index a392ef3764f..52a91a62846 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -1244,6 +1244,8 @@ in { certipy = callPackage ../development/python-modules/certipy { }; + certvalidator = callPackage ../development/python-modules/certvalidator { }; + cffi = callPackage ../development/python-modules/cffi { }; cfgv = callPackage ../development/python-modules/cfgv { }; From 8578ba7cd4078589bb838f3d1a997be541730ca1 Mon Sep 17 00:00:00 2001 From: Arthur Gautier Date: Tue, 23 Feb 2021 01:29:59 +0000 Subject: [PATCH 12/51] pythonPackages.signify: init at 0.3.0 Signed-off-by: Arthur Gautier --- .../signify/certificate-expiration-date.patch | 18 ++++++++++ .../python-modules/signify/default.nix | 36 +++++++++++++++++++ pkgs/top-level/python-packages.nix | 2 ++ 3 files changed, 56 insertions(+) create mode 100644 pkgs/development/python-modules/signify/certificate-expiration-date.patch create mode 100644 pkgs/development/python-modules/signify/default.nix diff --git a/pkgs/development/python-modules/signify/certificate-expiration-date.patch b/pkgs/development/python-modules/signify/certificate-expiration-date.patch new file mode 100644 index 00000000000..6554211a4bc --- /dev/null +++ b/pkgs/development/python-modules/signify/certificate-expiration-date.patch @@ -0,0 +1,18 @@ +diff --git a/tests/test_authenticode.py b/tests/test_authenticode.py +index 7e2c709..2f27e09 100644 +--- a/tests/test_authenticode.py ++++ b/tests/test_authenticode.py +@@ -153,10 +153,12 @@ class AuthenticodeParserTestCase(unittest.TestCase): + """this certificate is revoked""" + with open(str(root_dir / "test_data" / "jameslth"), "rb") as f: + pefile = SignedPEFile(f) +- pefile.verify() ++ pefile.verify(verification_context_kwargs= ++ {'timestamp': datetime.datetime(2021, 1, 1, tzinfo=datetime.timezone.utc)}) + + def test_jameslth_revoked(self): + """this certificate is revoked""" ++ # TODO: this certificate is now expired, so it will not show up as valid anyway + with open(str(root_dir / "test_data" / "jameslth"), "rb") as f: + pefile = SignedPEFile(f) + with self.assertRaises(VerificationError): diff --git a/pkgs/development/python-modules/signify/default.nix b/pkgs/development/python-modules/signify/default.nix new file mode 100644 index 00000000000..be0623b1b73 --- /dev/null +++ b/pkgs/development/python-modules/signify/default.nix @@ -0,0 +1,36 @@ +{ lib, buildPythonPackage, fetchFromGitHub, pythonOlder, pytestCheckHook +, certvalidator, pyasn1, pyasn1-modules +}: + +buildPythonPackage rec { + pname = "signify"; + version = "0.3.0"; + disabled = pythonOlder "3.5"; + + src = fetchFromGitHub { + owner = "ralphje"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-JxQECpwHhPm8TCVW/bCnEpu5I/WETyZVBx29SQE4NmE="; + }; + patches = [ + # Upstream patch is available here: + # https://github.com/ralphje/signify/commit/8c345be954e898a317825bb450bed5ba0304b2b5.patch + # But update a couple other things and dont apply cleanly. This is an extract of the part + # we care about and breaks the tests after 2021-03-01 + ./certificate-expiration-date.patch + ]; + + propagatedBuildInputs = [ certvalidator pyasn1 pyasn1-modules ]; + + checkInputs = [ pytestCheckHook ]; + pytestFlagsArray = [ "-v" ]; + pythonImportsCheck = [ "signify" ]; + + meta = with lib; { + homepage = "https://github.com/ralphje/signify"; + description = "library that verifies PE Authenticode-signed binaries"; + license = licenses.mit; + maintainers = with maintainers; [ baloo ]; + }; +} diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 52a91a62846..1000a64b5e2 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -7368,6 +7368,8 @@ in { singledispatch = callPackage ../development/python-modules/singledispatch { }; + signify = callPackage ../development/python-modules/signify { }; + sip = callPackage ../development/python-modules/sip { }; sip_5 = callPackage ../development/python-modules/sip/5.x.nix { }; From 88fe05a59b3a0c5ca8dcea44e8883d50208a4225 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Fri, 5 Mar 2021 19:58:23 +0100 Subject: [PATCH 13/51] python3Packages.python-nmap: init at 0.6.4 --- .../python-modules/python-nmap/default.nix | 38 +++++++++++++++++++ pkgs/top-level/python-packages.nix | 2 + 2 files changed, 40 insertions(+) create mode 100644 pkgs/development/python-modules/python-nmap/default.nix diff --git a/pkgs/development/python-modules/python-nmap/default.nix b/pkgs/development/python-modules/python-nmap/default.nix new file mode 100644 index 00000000000..745d6c67eac --- /dev/null +++ b/pkgs/development/python-modules/python-nmap/default.nix @@ -0,0 +1,38 @@ +{ lib +, buildPythonPackage +, fetchPypi +, nmap +}: + +buildPythonPackage rec { + pname = "python-nmap"; + version = "0.6.4"; + + src = fetchPypi { + inherit pname version; + sha256 = "013q2797d9sf6mrj7x1hqfcql5gqgg50zgiifp2yypfa4k8cwjsx"; + }; + + propagatedBuildInputs = [ nmap ]; + + postPatch = '' + substituteInPlace setup.cfg --replace "universal=3" "universal=1" + ''; + + # Tests requires sudo and performs scans + doCheck = false; + pythonImportsCheck = [ "nmap" ]; + + meta = with lib; { + description = "Python library which helps in using nmap"; + longDescription = '' + python-nmap is a Python library which helps in using nmap port scanner. It + allows to easily manipulate nmap scan results and will be a perfect tool + for systems administrators who want to automatize scanning task and reports. + It also supports nmap script outputs. + ''; + homepage = "http://xael.org/pages/python-nmap-en.html"; + license = with licenses; [ gpl3Plus ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index fc77de9a88d..4dfabc30ad5 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -6493,6 +6493,8 @@ in { inherit (pkgs) pkg-config; }; + python-nmap = callPackage ../development/python-modules/python-nmap { }; + python-nomad = callPackage ../development/python-modules/python-nomad { }; python-oauth2 = callPackage ../development/python-modules/python-oauth2 { }; From 33f6c146a064a8bb283e56fb5ed013a94a2fe3f1 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Fri, 5 Mar 2021 19:58:41 +0100 Subject: [PATCH 14/51] home-assistant: update component-packages --- pkgs/servers/home-assistant/component-packages.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/servers/home-assistant/component-packages.nix b/pkgs/servers/home-assistant/component-packages.nix index bc9768a7345..0425fae5d70 100644 --- a/pkgs/servers/home-assistant/component-packages.nix +++ b/pkgs/servers/home-assistant/component-packages.nix @@ -549,7 +549,7 @@ "niko_home_control" = ps: with ps; [ ]; # missing inputs: niko-home-control "nilu" = ps: with ps; [ ]; # missing inputs: niluclient "nissan_leaf" = ps: with ps; [ ]; # missing inputs: pycarwings2 - "nmap_tracker" = ps: with ps; [ getmac ]; # missing inputs: python-nmap + "nmap_tracker" = ps: with ps; [ getmac python-nmap ]; "nmbs" = ps: with ps; [ ]; # missing inputs: pyrail "no_ip" = ps: with ps; [ ]; "noaa_tides" = ps: with ps; [ ]; # missing inputs: noaa-coops From 6817802d0ab74d903ec1892e0fd66fa5f0363a0b Mon Sep 17 00:00:00 2001 From: Aaron Andersen Date: Thu, 4 Mar 2021 20:53:10 -0500 Subject: [PATCH 15/51] kodi: remove unused code --- pkgs/applications/video/kodi/default.nix | 103 ++++++----------------- 1 file changed, 27 insertions(+), 76 deletions(-) diff --git a/pkgs/applications/video/kodi/default.nix b/pkgs/applications/video/kodi/default.nix index f461838fdf1..8d598f0bf55 100644 --- a/pkgs/applications/video/kodi/default.nix +++ b/pkgs/applications/video/kodi/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchurl, fetchFromGitHub, autoconf, automake, libtool, makeWrapper, linuxHeaders +{ stdenv, lib, fetchFromGitHub, autoconf, automake, libtool, makeWrapper , pkg-config, cmake, gnumake, yasm, python3Packages , libgcrypt, libgpgerror, libunistring , boost, avahi, lame @@ -57,41 +57,15 @@ let sha256 = "097dg6a7v4ia85jx1pmlpwzdpqcqxlrmniqd005q73zvgj67zc2p"; }; - cmakeProto = fetchurl { - url = "https://raw.githubusercontent.com/pramsey/libght/ca9b1121c352ea10170636e170040e1af015bad1/cmake/modules/CheckPrototypeExists.cmake"; - sha256 = "1zai82gm5x55n3xvdv7mns3ja6a2k81x9zz0nk42j6s2yb0fkjxh"; - }; - - cmakeProtoPatch = '' - # get rid of windows headers as they will otherwise be found first - rm -rf msvc - - cp ${cmakeProto} cmake/${cmakeProto.name} - # we need to enable support for C++ for check_prototype_exists to do its thing - substituteInPlace CMakeLists.txt --replace 'LANGUAGES C' 'LANGUAGES C CXX' - if [ -f cmake/CheckHeadersSTDC.cmake ]; then - sed -i cmake/CheckHeadersSTDC.cmake \ - -e '7iinclude(CheckPrototypeExists)' - fi - ''; - - kodiDependency = { name, version, rev, sha256, ... } @attrs: - let - attrs' = builtins.removeAttrs attrs ["name" "version" "rev" "sha256"]; - in stdenv.mkDerivation ({ - name = "kodi-${lib.toLower name}-${version}"; - src = fetchFromGitHub { - owner = "xbmc"; - repo = name; - inherit rev sha256; - }; - } // attrs'); - - ffmpeg = kodiDependency rec { - name = "FFmpeg"; + ffmpeg = stdenv.mkDerivation rec { + pname = "kodi-ffmpeg"; version = "4.3.1"; - rev = "${version}-${rel}-Beta1"; - sha256 = "1c5rwlxn6xj501iw7masdv2p6wb9rkmd299lmlkx97sw1kvxvg2w"; + src = fetchFromGitHub { + owner = "xbmc"; + repo = "FFmpeg"; + rev = "${version}-${rel}-Beta1"; + sha256 = "1c5rwlxn6xj501iw7masdv2p6wb9rkmd299lmlkx97sw1kvxvg2w"; + }; preConfigure = '' cp ${kodi_src}/tools/depends/target/ffmpeg/{CMakeLists.txt,*.cmake} . sed -i 's/ --cpu=''${CPU}//' CMakeLists.txt @@ -110,47 +84,25 @@ let # We can build these externally but FindLibDvd.cmake forces us to build it # them, so we currently just use them for the src. - libdvdcss = kodiDependency rec { - name = "libdvdcss"; - version = "1.4.2"; - rev = "${version}-${rel}-Beta-5"; - sha256 = "0j41ydzx0imaix069s3z07xqw9q95k7llh06fc27dcn6f7b8ydyl"; - buildInputs = [ linuxHeaders ]; - nativeBuildInputs = [ cmake pkg-config ]; - postPatch = '' - rm -rf msvc - - substituteInPlace config.h.cm \ - --replace '#cmakedefine O_BINARY "''${O_BINARY}"' '#define O_BINARY 0' - ''; - cmakeFlags = [ - "-DBUILD_SHARED_LIBS=1" - "-DHAVE_LINUX_DVD_STRUCT=1" - ]; + libdvdcss = fetchFromGitHub { + owner = "xbmc"; + repo = "libdvdcss"; + rev = "1.4.2-${rel}-Beta-5"; + sha256 = "0j41ydzx0imaix069s3z07xqw9q95k7llh06fc27dcn6f7b8ydyl"; }; - libdvdnav = kodiDependency rec { - name = "libdvdnav"; - version = "6.0.0"; - rev = "${version}-${rel}-Alpha-3"; - sha256 = "0qwlf4lgahxqxk1r2pzl866mi03pbp7l1fc0rk522sc0ak2s9jhb"; - buildInputs = [ libdvdcss libdvdread ]; - nativeBuildInputs = [ cmake pkg-config ]; - postPatch = cmakeProtoPatch; - postInstall = '' - mv $out/lib/liblibdvdnav.so $out/lib/libdvdnav.so - ''; + libdvdnav = fetchFromGitHub { + owner = "xbmc"; + repo = "libdvdnav"; + rev = "6.0.0-${rel}-Alpha-3"; + sha256 = "0qwlf4lgahxqxk1r2pzl866mi03pbp7l1fc0rk522sc0ak2s9jhb"; }; - libdvdread = kodiDependency rec { - name = "libdvdread"; - version = "6.0.0"; - rev = "${version}-${rel}-Alpha-3"; - sha256 = "1xxn01mhkdnp10cqdr357wx77vyzfb5glqpqyg8m0skyi75aii59"; - buildInputs = [ libdvdcss ]; - nativeBuildInputs = [ cmake pkg-config ]; - configureFlags = [ "--with-libdvdcss" ]; - postPatch = cmakeProtoPatch; + libdvdread = fetchFromGitHub { + owner = "xbmc"; + repo = "libdvdread"; + rev = "6.0.0-${rel}-Alpha-3"; + sha256 = "1xxn01mhkdnp10cqdr357wx77vyzfb5glqpqyg8m0skyi75aii59"; }; kodi_platforms = @@ -184,7 +136,6 @@ in stdenv.mkDerivation { bluez giflib glib harfbuzz lcms2 libpthreadstubs ffmpeg flatbuffers fmt fstrcmp rapidjson lirc - # libdvdcss libdvdnav libdvdread ] ++ lib.optional x11Support [ libX11 xorgproto libXt libXmu libXext.dev libXdmcp @@ -231,9 +182,9 @@ in stdenv.mkDerivation { cmakeFlags = [ "-DAPP_RENDER_SYSTEM=${if useGbm then "gles" else "gl"}" - "-Dlibdvdcss_URL=${libdvdcss.src}" - "-Dlibdvdnav_URL=${libdvdnav.src}" - "-Dlibdvdread_URL=${libdvdread.src}" + "-Dlibdvdcss_URL=${libdvdcss}" + "-Dlibdvdnav_URL=${libdvdnav}" + "-Dlibdvdread_URL=${libdvdread}" "-DGIT_VERSION=${kodiReleaseDate}" "-DENABLE_EVENTCLIENTS=ON" "-DENABLE_INTERNAL_CROSSGUID=OFF" From d5242ee214b61ceb7d9317dab376459770f209c0 Mon Sep 17 00:00:00 2001 From: Aaron Andersen Date: Thu, 4 Mar 2021 21:21:33 -0500 Subject: [PATCH 16/51] kodi: add samba to path for `nmblookup` executable --- pkgs/applications/video/kodi/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/applications/video/kodi/default.nix b/pkgs/applications/video/kodi/default.nix index 8d598f0bf55..da338e17586 100644 --- a/pkgs/applications/video/kodi/default.nix +++ b/pkgs/applications/video/kodi/default.nix @@ -221,7 +221,7 @@ in stdenv.mkDerivation { postInstall = '' for p in $(ls $out/bin/) ; do wrapProgram $out/bin/$p \ - --prefix PATH ":" "${lib.makeBinPath ([ python3Packages.python glxinfo ] ++ lib.optional x11Support xdpyinfo)}" \ + --prefix PATH ":" "${lib.makeBinPath ([ python3Packages.python glxinfo ] ++ lib.optional x11Support xdpyinfo ++ lib.optional sambaSupport samba)}" \ --prefix LD_LIBRARY_PATH ":" "${lib.makeLibraryPath ([ curl systemd libmad libvdpau libcec libcec_platform libass ] ++ lib.optional nfsSupport libnfs From 55142f4301163ada7c1aa1bb2b687a7342b488c1 Mon Sep 17 00:00:00 2001 From: Mario Rodas Date: Sat, 6 Mar 2021 04:20:00 +0000 Subject: [PATCH 17/51] rubocop: 1.10.0 -> 1.11.0 https://github.com/rubocop/rubocop/releases/tag/v1.11.0 --- pkgs/development/tools/rubocop/Gemfile.lock | 4 ++-- pkgs/development/tools/rubocop/default.nix | 1 - pkgs/development/tools/rubocop/gemset.nix | 8 ++++---- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/pkgs/development/tools/rubocop/Gemfile.lock b/pkgs/development/tools/rubocop/Gemfile.lock index 54287074bed..2c5deffc2d1 100644 --- a/pkgs/development/tools/rubocop/Gemfile.lock +++ b/pkgs/development/tools/rubocop/Gemfile.lock @@ -6,9 +6,9 @@ GEM parser (3.0.0.0) ast (~> 2.4.1) rainbow (3.0.0) - regexp_parser (2.0.3) + regexp_parser (2.1.1) rexml (3.2.4) - rubocop (1.10.0) + rubocop (1.11.0) parallel (~> 1.10) parser (>= 3.0.0.0) rainbow (>= 2.2.2, < 4.0) diff --git a/pkgs/development/tools/rubocop/default.nix b/pkgs/development/tools/rubocop/default.nix index 9a6393977d7..a388377ae08 100644 --- a/pkgs/development/tools/rubocop/default.nix +++ b/pkgs/development/tools/rubocop/default.nix @@ -14,6 +14,5 @@ bundlerEnv { homepage = "https://docs.rubocop.org/"; license = licenses.mit; maintainers = with maintainers; [ marsam leemachin ]; - platforms = platforms.unix; }; } diff --git a/pkgs/development/tools/rubocop/gemset.nix b/pkgs/development/tools/rubocop/gemset.nix index b460200c74e..46d920bc657 100644 --- a/pkgs/development/tools/rubocop/gemset.nix +++ b/pkgs/development/tools/rubocop/gemset.nix @@ -45,10 +45,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0zm86k9q8m5jkcnpb1f93wsvc57saldfj8czxkx1aw031i95inip"; + sha256 = "0vg7imjnfcqjx7kw94ccj5r78j4g190cqzi1i59sh4a0l940b9cr"; type = "gem"; }; - version = "2.0.3"; + version = "2.1.1"; }; rexml = { groups = ["default"]; @@ -66,10 +66,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ncd6w4sc112j86j9j12ws7flxfi8dk8nal2kyxg7phdfr703qlz"; + sha256 = "0zrzsgx35mcr81c51gyx63s7yngcfgk33dbkx5j0npkaks4fcm7r"; type = "gem"; }; - version = "1.10.0"; + version = "1.11.0"; }; rubocop-ast = { dependencies = ["parser"]; From ee3d784011119ecbae588241129ce9b36acb67dd Mon Sep 17 00:00:00 2001 From: zseri Date: Sat, 6 Mar 2021 02:39:36 +0100 Subject: [PATCH 18/51] zs-wait4host: init at 0.3.2 --- .../tools/networking/zs-wait4host/default.nix | 36 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 38 insertions(+) create mode 100644 pkgs/tools/networking/zs-wait4host/default.nix diff --git a/pkgs/tools/networking/zs-wait4host/default.nix b/pkgs/tools/networking/zs-wait4host/default.nix new file mode 100644 index 00000000000..4c8342256c7 --- /dev/null +++ b/pkgs/tools/networking/zs-wait4host/default.nix @@ -0,0 +1,36 @@ +{ bash, coreutils, fetchurl, fping, lib, stdenvNoCC }: + +stdenvNoCC.mkDerivation rec { + pname = "zs-wait4host"; + version = "0.3.2"; + + src = fetchurl { + url = "https://ytrizja.de/distfiles/${pname}-${version}.tar.gz"; + sha256 = "9F1264BDoGlRR7bWlRXhfyvxWio4ydShKmabUQEIz9I="; + }; + + buildInputs = [ bash coreutils fping ]; + + postPatch = '' + for i in zs-wait4host zs-wait4host-inf; do + substituteInPlace "$i" \ + --replace '$(zs-guess-fping)' '${fping}/bin/fping' \ + --replace ' sleep ' ' ${coreutils}/bin/sleep ' \ + --replace '[ "$FPING" ] || exit 1' "" + done + ''; + + installPhase = '' + runHook preInstall + install -D -t $out/bin zs-wait4host zs-wait4host-inf + runHook postInstall + ''; + + meta = with lib; { + description = "Wait for a host to come up/go down"; + homepage = "https://ytrizja.de/"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ zseri ]; + platforms = platforms.all; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 6d829b1126a..06e0c7bae62 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -9400,6 +9400,8 @@ in zs-apc-spdu-ctl = callPackage ../tools/networking/zs-apc-spdu-ctl { }; + zs-wait4host = callPackage ../tools/networking/zs-wait4host { }; + zstxtns-utils = callPackage ../tools/text/zstxtns-utils { }; zsh-autoenv = callPackage ../tools/misc/zsh-autoenv { }; From 74d70bd5a74e0aebcf7e1ac2941a832151c1999c Mon Sep 17 00:00:00 2001 From: Yevhen Shymotiuk Date: Sat, 6 Mar 2021 16:59:08 +0200 Subject: [PATCH 19/51] python3Packages.pipx: 0.16.0.0 -> 0.16.1.0 --- pkgs/development/python-modules/pipx/default.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/pipx/default.nix b/pkgs/development/python-modules/pipx/default.nix index c29847c9f29..34a7bc6b31a 100644 --- a/pkgs/development/python-modules/pipx/default.nix +++ b/pkgs/development/python-modules/pipx/default.nix @@ -6,12 +6,13 @@ , argcomplete , packaging , importlib-metadata +, colorama , pytestCheckHook }: buildPythonPackage rec { pname = "pipx"; - version = "0.16.0.0"; + version = "0.16.1.0"; disabled = pythonOlder "3.6"; @@ -20,13 +21,14 @@ buildPythonPackage rec { owner = "pipxproject"; repo = pname; rev = version; - sha256 = "08mn7vm8iw20pg0gfn491y1jx8wcyjijps6f1hy7ipzd5ckynscn"; + sha256 = "081raqsaq7i2x4yxhxppv930jhajdwmngin5wazy7vqhiy3xc669"; }; propagatedBuildInputs = [ userpath argcomplete packaging + colorama ] ++ lib.optionals (pythonOlder "3.8") [ importlib-metadata ]; From 66328b6949f9e605d66ab7cb224d4967a928b9cd Mon Sep 17 00:00:00 2001 From: tu-maurice Date: Sun, 21 Feb 2021 18:11:45 +0100 Subject: [PATCH 20/51] fishnet: 2.2.4 -> 2.2.5 --- pkgs/servers/fishnet/assets.nix | 5 +++-- pkgs/servers/fishnet/default.nix | 7 ++++--- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/pkgs/servers/fishnet/assets.nix b/pkgs/servers/fishnet/assets.nix index 6844db1b810..d246159402d 100644 --- a/pkgs/servers/fishnet/assets.nix +++ b/pkgs/servers/fishnet/assets.nix @@ -14,8 +14,8 @@ stdenv.mkDerivation rec { src = fetchFromGitHub { owner = "niklasf"; repo = pname; - rev = "b4fa30e57ec8976fb1c10bd36737bc784351b93e"; - sha256 = "0gfs9lm4ih3h3fmgqylw05ii1h0d6mpjfxadnw3wymnjsspfb0m4"; + rev = "acd36ab6ccee67a652b6d84aedc4c2828abac5c6"; + sha256 = "0mh4gh6qij70clp64m4jw6q7dafr7gwjqpvpaf9vc6h10g1rhzrx"; }; relAssetsPath = "share/${pname}"; @@ -53,5 +53,6 @@ stdenv.mkDerivation rec { homepage = "https://github.com/niklasf/fishnet-assets"; license = licenses.gpl3Only; maintainers = with maintainers; [ tu-maurice ]; + platforms = [ "x86_64-linux" ]; }; } diff --git a/pkgs/servers/fishnet/default.nix b/pkgs/servers/fishnet/default.nix index 508068bd2d4..8060943fa5e 100644 --- a/pkgs/servers/fishnet/default.nix +++ b/pkgs/servers/fishnet/default.nix @@ -12,16 +12,16 @@ let in rustPlatform.buildRustPackage rec { pname = "fishnet"; - version = "2.2.4"; + version = "2.2.5"; src = fetchFromGitHub { owner = "niklasf"; repo = pname; rev = "v${version}"; - sha256 = "19dh69b6mqx16195w9d20fah4jl8hhbxm84xq4zwsgl4khmw7zqz"; + sha256 = "0gif9wagm9bzq7j3biasqvzp9lfvmxqr5wagqqybmhbn8ipj20a8"; }; - cargoSha256 = "0zl2fnmqncyjd52wkn6dddx9lm9ywpw7swy895yq299z2bbbkv3h"; + cargoSha256 = "0hqyh0nzfrm7m34kqixrlbc7w8d0k7v6psw8jg6zpwpfcmhqq15j"; preBuild = '' rmdir ./assets @@ -33,5 +33,6 @@ rustPlatform.buildRustPackage rec { homepage = "https://github.com/niklasf/fishnet"; license = licenses.gpl3Plus; maintainers = with maintainers; [ tu-maurice ]; + platforms = [ "x86_64-linux" ]; }; } From ef615b5a61c049317da5ed5637e4561b224dd66d Mon Sep 17 00:00:00 2001 From: Mauricio Collares Date: Mon, 1 Mar 2021 10:42:12 -0300 Subject: [PATCH 21/51] sage: adapt for eclib output format changes --- .../eclib-20210223-test-formatting.patch | 131 ++++++++++++++++++ .../science/math/sage/sage-src.nix | 3 + 2 files changed, 134 insertions(+) create mode 100644 pkgs/applications/science/math/sage/patches/eclib-20210223-test-formatting.patch diff --git a/pkgs/applications/science/math/sage/patches/eclib-20210223-test-formatting.patch b/pkgs/applications/science/math/sage/patches/eclib-20210223-test-formatting.patch new file mode 100644 index 00000000000..3fdb8f768e9 --- /dev/null +++ b/pkgs/applications/science/math/sage/patches/eclib-20210223-test-formatting.patch @@ -0,0 +1,131 @@ +diff --git a/src/sage/libs/eclib/interface.py b/src/sage/libs/eclib/interface.py +index e898456720..6b98c12328 100644 +--- a/src/sage/libs/eclib/interface.py ++++ b/src/sage/libs/eclib/interface.py +@@ -758,78 +758,78 @@ class mwrank_MordellWeil(SageObject): + + sage: EQ = mwrank_MordellWeil(E, verbose=True) + sage: EQ.search(1) +- P1 = [0:1:0] is torsion point, order 1 +- P1 = [-3:0:1] is generator number 1 +- saturating up to 20...Checking 2-saturation ++ P1 = [0:1:0] is torsion point, order 1 ++ P1 = [-3:0:1] is generator number 1 ++ saturating up to 20...Checking 2-saturation... + Points have successfully been 2-saturated (max q used = 7) +- Checking 3-saturation ++ Checking 3-saturation... + Points have successfully been 3-saturated (max q used = 7) +- Checking 5-saturation ++ Checking 5-saturation... + Points have successfully been 5-saturated (max q used = 23) +- Checking 7-saturation ++ Checking 7-saturation... + Points have successfully been 7-saturated (max q used = 41) +- Checking 11-saturation ++ Checking 11-saturation... + Points have successfully been 11-saturated (max q used = 17) +- Checking 13-saturation ++ Checking 13-saturation... + Points have successfully been 13-saturated (max q used = 43) +- Checking 17-saturation ++ Checking 17-saturation... + Points have successfully been 17-saturated (max q used = 31) +- Checking 19-saturation ++ Checking 19-saturation... + Points have successfully been 19-saturated (max q used = 37) + done +- P2 = [-2:3:1] is generator number 2 +- saturating up to 20...Checking 2-saturation ++ P2 = [-2:3:1] is generator number 2 ++ saturating up to 20...Checking 2-saturation... + possible kernel vector = [1,1] + This point may be in 2E(Q): [14:-52:1] + ...and it is! + Replacing old generator #1 with new generator [1:-1:1] + Points have successfully been 2-saturated (max q used = 7) + Index gain = 2^1 +- Checking 3-saturation ++ Checking 3-saturation... + Points have successfully been 3-saturated (max q used = 13) +- Checking 5-saturation ++ Checking 5-saturation... + Points have successfully been 5-saturated (max q used = 67) +- Checking 7-saturation ++ Checking 7-saturation... + Points have successfully been 7-saturated (max q used = 53) +- Checking 11-saturation ++ Checking 11-saturation... + Points have successfully been 11-saturated (max q used = 73) +- Checking 13-saturation ++ Checking 13-saturation... + Points have successfully been 13-saturated (max q used = 103) +- Checking 17-saturation ++ Checking 17-saturation... + Points have successfully been 17-saturated (max q used = 113) +- Checking 19-saturation ++ Checking 19-saturation... + Points have successfully been 19-saturated (max q used = 47) + done (index = 2). + Gained index 2, new generators = [ [1:-1:1] [-2:3:1] ] +- P3 = [-14:25:8] is generator number 3 +- saturating up to 20...Checking 2-saturation ++ P3 = [-14:25:8] is generator number 3 ++ saturating up to 20...Checking 2-saturation... + Points have successfully been 2-saturated (max q used = 11) +- Checking 3-saturation ++ Checking 3-saturation... + Points have successfully been 3-saturated (max q used = 13) +- Checking 5-saturation ++ Checking 5-saturation... + Points have successfully been 5-saturated (max q used = 71) +- Checking 7-saturation ++ Checking 7-saturation... + Points have successfully been 7-saturated (max q used = 101) +- Checking 11-saturation ++ Checking 11-saturation... + Points have successfully been 11-saturated (max q used = 127) +- Checking 13-saturation ++ Checking 13-saturation... + Points have successfully been 13-saturated (max q used = 151) +- Checking 17-saturation ++ Checking 17-saturation... + Points have successfully been 17-saturated (max q used = 139) +- Checking 19-saturation ++ Checking 19-saturation... + Points have successfully been 19-saturated (max q used = 179) + done (index = 1). +- P4 = [-1:3:1] = -1*P1 + -1*P2 + -1*P3 (mod torsion) +- P4 = [0:2:1] = 2*P1 + 0*P2 + 1*P3 (mod torsion) +- P4 = [2:13:8] = -3*P1 + 1*P2 + -1*P3 (mod torsion) +- P4 = [1:0:1] = -1*P1 + 0*P2 + 0*P3 (mod torsion) +- P4 = [2:0:1] = -1*P1 + 1*P2 + 0*P3 (mod torsion) +- P4 = [18:7:8] = -2*P1 + -1*P2 + -1*P3 (mod torsion) +- P4 = [3:3:1] = 1*P1 + 0*P2 + 1*P3 (mod torsion) +- P4 = [4:6:1] = 0*P1 + -1*P2 + -1*P3 (mod torsion) +- P4 = [36:69:64] = 1*P1 + -2*P2 + 0*P3 (mod torsion) +- P4 = [68:-25:64] = -2*P1 + -1*P2 + -2*P3 (mod torsion) +- P4 = [12:35:27] = 1*P1 + -1*P2 + -1*P3 (mod torsion) ++ P4 = [-1:3:1] = -1*P1 + -1*P2 + -1*P3 (mod torsion) ++ P4 = [0:2:1] = 2*P1 + 0*P2 + 1*P3 (mod torsion) ++ P4 = [2:13:8] = -3*P1 + 1*P2 + -1*P3 (mod torsion) ++ P4 = [1:0:1] = -1*P1 + 0*P2 + 0*P3 (mod torsion) ++ P4 = [2:0:1] = -1*P1 + 1*P2 + 0*P3 (mod torsion) ++ P4 = [18:7:8] = -2*P1 + -1*P2 + -1*P3 (mod torsion) ++ P4 = [3:3:1] = 1*P1 + 0*P2 + 1*P3 (mod torsion) ++ P4 = [4:6:1] = 0*P1 + -1*P2 + -1*P3 (mod torsion) ++ P4 = [36:69:64] = 1*P1 + -2*P2 + 0*P3 (mod torsion) ++ P4 = [68:-25:64] = -2*P1 + -1*P2 + -2*P3 (mod torsion) ++ P4 = [12:35:27] = 1*P1 + -1*P2 + -1*P3 (mod torsion) + sage: EQ + Subgroup of Mordell-Weil group: [[1:-1:1], [-2:3:1], [-14:25:8]] + +@@ -1076,7 +1076,7 @@ class mwrank_MordellWeil(SageObject): + sage: EQ.search(1) + P1 = [0:1:0] is torsion point, order 1 + P1 = [-3:0:1] is generator number 1 +- saturating up to 20...Checking 2-saturation ++ saturating up to 20...Checking 2-saturation... + ... + P4 = [12:35:27] = 1*P1 + -1*P2 + -1*P3 (mod torsion) + sage: EQ diff --git a/pkgs/applications/science/math/sage/sage-src.nix b/pkgs/applications/science/math/sage/sage-src.nix index ff8e53d4172..99a163eb0b8 100644 --- a/pkgs/applications/science/math/sage/sage-src.nix +++ b/pkgs/applications/science/math/sage/sage-src.nix @@ -112,6 +112,9 @@ stdenv.mkDerivation rec { # workaround until we use sage's fork of threejs, which contains a "version" file ./patches/dont-grep-threejs-version-from-minified-js.patch + + # updated eclib output has punctuation changes and tidier whitespace + ./patches/eclib-20210223-test-formatting.patch ]; patches = nixPatches ++ bugfixPatches ++ packageUpgradePatches; From 6efed4bee8436d8f55c0671a28759b6e58eb0440 Mon Sep 17 00:00:00 2001 From: Mauricio Collares Date: Sat, 6 Mar 2021 12:22:37 -0300 Subject: [PATCH 22/51] Revert "python3Packages.cypari2: 2.1.1 -> 2.1.2" This reverts commit 7a3db26212b957cf1b210a4fbb85ed3c83c139e9. Updating this requires fixing Sage tests, which will be done in a separate PR. --- pkgs/development/python-modules/cypari2/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/cypari2/default.nix b/pkgs/development/python-modules/cypari2/default.nix index 8c189848fc3..a7115d1e940 100644 --- a/pkgs/development/python-modules/cypari2/default.nix +++ b/pkgs/development/python-modules/cypari2/default.nix @@ -11,11 +11,11 @@ buildPythonPackage rec { pname = "cypari2"; # upgrade may break sage, please test the sage build or ping @timokau on upgrade - version = "2.1.2"; + version = "2.1.1"; src = fetchPypi { inherit pname version; - sha256 = "03cd45edab8716ebbfdb754e65fea72e873c73dc91aec098fe4a01e35324ac7a"; + sha256 = "df1ef62e771ec36e5a456f5fc8b51bc6745b70f0efdd0c7a30c3f0b5f1fb93db"; }; # This differs slightly from the default python installPhase in that it pip-installs From 9a18802edfb9db4d826ec967d7301c6c7460dad9 Mon Sep 17 00:00:00 2001 From: Thomas Gerbet Date: Sat, 6 Mar 2021 19:48:03 +0100 Subject: [PATCH 23/51] botan2: 2.17.2 -> 2.17.3 Fixes CVE-2021-24115. --- pkgs/development/libraries/botan/2.0.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/botan/2.0.nix b/pkgs/development/libraries/botan/2.0.nix index 2346153e2a1..cb40e535b0c 100644 --- a/pkgs/development/libraries/botan/2.0.nix +++ b/pkgs/development/libraries/botan/2.0.nix @@ -2,8 +2,8 @@ callPackage ./generic.nix (args // { baseVersion = "2.17"; - revision = "2"; - sha256 = "0v0yiq0qxcrsn5b34j6bz8i6pds8dih2ds90ylmy1msm5gz7vqpb"; + revision = "3"; + sha256 = "121vn1aryk36cpks70kk4c4cfic5g0qs82bf92xap9258ijkn4kr"; postPatch = '' sed -e 's@lang_flags "@&--std=c++11 @' -i src/build-data/cc/{gcc,clang}.txt ''; From 7adf9e90559a70473ee5fbcba9ef53d6a5850949 Mon Sep 17 00:00:00 2001 From: ajs124 Date: Sat, 6 Mar 2021 19:59:34 +0100 Subject: [PATCH 24/51] pythonPackages.configshell: 1.1.28 -> 1.1.29 --- pkgs/development/python-modules/configshell/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/configshell/default.nix b/pkgs/development/python-modules/configshell/default.nix index a41d077f22d..9f67aacf2d4 100644 --- a/pkgs/development/python-modules/configshell/default.nix +++ b/pkgs/development/python-modules/configshell/default.nix @@ -2,13 +2,13 @@ buildPythonPackage rec { pname = "configshell"; - version = "1.1.28"; + version = "1.1.29"; src = fetchFromGitHub { owner = "open-iscsi"; repo = "${pname}-fb"; rev = "v${version}"; - sha256 = "1ym2hkvmmacgy21wnjwzyrcxyl3sx4bcx4hc51vf4lzcnj589l68"; + sha256 = "0mjj3c9335sph8rhwww7j4zvhyk896fbmx887vibm89w3jpvjjr9"; }; propagatedBuildInputs = [ pyparsing six urwid ]; From d178471fadd0cb85aa79e19be15144da4efc63a8 Mon Sep 17 00:00:00 2001 From: ajs124 Date: Sat, 6 Mar 2021 20:00:33 +0100 Subject: [PATCH 25/51] targetcli: 2.1.53 -> 2.1.54 --- pkgs/os-specific/linux/targetcli/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/targetcli/default.nix b/pkgs/os-specific/linux/targetcli/default.nix index 4d3446d5a5d..f08ac284f23 100644 --- a/pkgs/os-specific/linux/targetcli/default.nix +++ b/pkgs/os-specific/linux/targetcli/default.nix @@ -2,13 +2,13 @@ python3.pkgs.buildPythonApplication rec { pname = "targetcli"; - version = "2.1.53"; + version = "2.1.54"; src = fetchFromGitHub { owner = "open-iscsi"; repo = "${pname}-fb"; rev = "v${version}"; - sha256 = "1qrq7y5hnghzbxgrxgl153n8jlhw31kqjbr93jsvlvhz5b3ci750"; + sha256 = "1kbbvx0lba96ynr5iwws9jpi319m4rzph4bmcj7yfb37k8mi161v"; }; propagatedBuildInputs = with python3.pkgs; [ configshell rtslib ]; From 9c512f7a7651f55b3081418d138deef246a90ee7 Mon Sep 17 00:00:00 2001 From: Thomas Gerbet Date: Sat, 6 Mar 2021 19:58:04 +0100 Subject: [PATCH 26/51] smarty3: 3.1.36 -> 3.1.39 Fixes CVE-2021-26119 and CVE-2021-26120. https://github.com/smarty-php/smarty/blob/v3.1.39/CHANGELOG.md --- pkgs/development/libraries/smarty3/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/smarty3/default.nix b/pkgs/development/libraries/smarty3/default.nix index 29f640dedfc..c3c4f8610c7 100644 --- a/pkgs/development/libraries/smarty3/default.nix +++ b/pkgs/development/libraries/smarty3/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "smarty3"; - version = "3.1.36"; + version = "3.1.39"; src = fetchFromGitHub { owner = "smarty-php"; repo = "smarty"; rev = "v${version}"; - sha256 = "0jljzw1xl2kjwf9cylp1ddnjhz7wbm499s03r479891max1m2mlf"; + sha256 = "0n5hmnw66gxqikp6frgfd9ywsvr2azyg5nl7ix89digqlzcljkbg"; }; installPhase = '' From 6f4b61d2ce39057fc0d9971fa7620cc7d7e7dd3a Mon Sep 17 00:00:00 2001 From: Dave Gallant Date: Sat, 6 Mar 2021 14:09:43 -0500 Subject: [PATCH 27/51] awscli2: 2.1.17 -> 2.1.29 --- pkgs/tools/admin/awscli2/default.nix | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/pkgs/tools/admin/awscli2/default.nix b/pkgs/tools/admin/awscli2/default.nix index d832b00a6ee..1f5ff48d25a 100644 --- a/pkgs/tools/admin/awscli2/default.nix +++ b/pkgs/tools/admin/awscli2/default.nix @@ -1,19 +1,14 @@ -{ lib -, python3 -, groff -, less -, fetchFromGitHub -}: +{ lib, python3, groff, less, fetchFromGitHub }: let py = python3.override { packageOverrides = self: super: { botocore = super.botocore.overridePythonAttrs (oldAttrs: rec { - version = "2.0.0dev85"; + version = "2.0.0dev97"; src = fetchFromGitHub { owner = "boto"; repo = "botocore"; - rev = "962bb5d356096c57e25a5579d09e4b4d928c886d"; - sha256 = "09bk8d0r3245kbi96641gvfl3q4jjhw55gjldc2cpml6mv36hhnb"; + rev = "f240d284994b521b0bd099161bc0ab5786caf700"; + sha256 = "sha256-Ot3w/4OcQ+pXq6bJnQqV5uvG50/uIOa1pwMWqor5NXM="; }; }); prompt_toolkit = super.prompt_toolkit.overridePythonAttrs (oldAttrs: rec { @@ -29,13 +24,13 @@ let in with py.pkgs; buildPythonApplication rec { pname = "awscli2"; - version = "2.1.17"; # N.B: if you change this, change botocore to a matching version too + version = "2.1.29"; # N.B: if you change this, change botocore to a matching version too src = fetchFromGitHub { owner = "aws"; repo = "aws-cli"; rev = version; - sha256 = "1pla97sylzhvj7r5cschv4bg23hpl0ax1m5cx4291fppjnrn2yp9"; + sha256 = "sha256-6SVDJeyPJQX4XIH8RYRzJG2LFDHxIrW/b1a0JZ5kIFY="; }; postPatch = '' From 39b57a4d0daa896455be6ccd0df73361335b2484 Mon Sep 17 00:00:00 2001 From: Xinglu Chen Date: Sat, 6 Mar 2021 17:52:44 +0100 Subject: [PATCH 28/51] tor-browser-bundle-bin: 10.0.12 -> 10.0.13 Update to latest release. --- .../browsers/tor-browser-bundle-bin/default.nix | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix b/pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix index 6517203eeeb..9264bbb1560 100644 --- a/pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix +++ b/pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix @@ -33,9 +33,6 @@ , gmp -# Pluggable transport dependencies -, python27 - # Wrapper runtime , coreutils , glibcLocales @@ -91,19 +88,19 @@ let fteLibPath = makeLibraryPath [ stdenv.cc.cc gmp ]; # Upstream source - version = "10.0.12"; + version = "10.0.13"; lang = "en-US"; srcs = { x86_64-linux = fetchurl { url = "https://dist.torproject.org/torbrowser/${version}/tor-browser-linux64-${version}_${lang}.tar.xz"; - sha256 = "0i5g997kgn7n6ji7pxbyvkx33nqfi2s1val680fp5hh1zz31yvfv"; + sha256 = "sha256-KxJKS/ymbkAg8LjMFz3BDSupPk5cNB1pFz9fFyRTndk="; }; i686-linux = fetchurl { url = "https://dist.torproject.org/torbrowser/${version}/tor-browser-linux32-${version}_${lang}.tar.xz"; - sha256 = "16915fvvq3d16v1bzclnb52sa6yyaalihk3gv93jcnph9vsz8ags"; + sha256 = "sha256-4glc2qP6AdHtWc8zW+varG30rlAXpeFyKjqDPsmiVfI="; }; }; in From 390684da02cf154c25355212c86609c335414486 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Wed, 3 Mar 2021 13:48:33 +0100 Subject: [PATCH 29/51] python3Packages.bitlist: init at 0.3.1 --- .../python-modules/bitlist/default.nix | 35 +++++++++++++++++++ pkgs/top-level/python-packages.nix | 2 ++ 2 files changed, 37 insertions(+) create mode 100644 pkgs/development/python-modules/bitlist/default.nix diff --git a/pkgs/development/python-modules/bitlist/default.nix b/pkgs/development/python-modules/bitlist/default.nix new file mode 100644 index 00000000000..ac8cf39cff2 --- /dev/null +++ b/pkgs/development/python-modules/bitlist/default.nix @@ -0,0 +1,35 @@ +{ lib +, buildPythonPackage +, fetchPypi +, nose +, parts +, pytestCheckHook +}: + +buildPythonPackage rec { + pname = "bitlist"; + version = "0.3.1"; + + src = fetchPypi { + inherit pname version; + sha256 = "04dz64r21a39p8wph5qlhvs5y873qgk6xxjlzw8n695b8jm3ixir"; + }; + + propagatedBuildInputs = [ + parts + ]; + + checkInputs = [ + pytestCheckHook + nose + ]; + + pythonImportsCheck = [ "bitlist" ]; + + meta = with lib; { + description = "Python library for working with little-endian list representation of bit strings"; + homepage = "https://github.com/lapets/bitlist"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 810ecb9b86f..de94696c610 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -979,6 +979,8 @@ in { bitcoin-price-api = callPackage ../development/python-modules/bitcoin-price-api { }; + bitlist = callPackage ../development/python-modules/bitlist { }; + bitmath = callPackage ../development/python-modules/bitmath { }; bitstring = callPackage ../development/python-modules/bitstring { }; From 60b78b1c09951a0732b21cb403d927082081d27f Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Wed, 3 Mar 2021 13:52:49 +0100 Subject: [PATCH 30/51] python3Packages.fe25519: init at 0.2.0 --- .../python-modules/fe25519/default.nix | 39 +++++++++++++++++++ pkgs/top-level/python-packages.nix | 2 + 2 files changed, 41 insertions(+) create mode 100644 pkgs/development/python-modules/fe25519/default.nix diff --git a/pkgs/development/python-modules/fe25519/default.nix b/pkgs/development/python-modules/fe25519/default.nix new file mode 100644 index 00000000000..466de64453f --- /dev/null +++ b/pkgs/development/python-modules/fe25519/default.nix @@ -0,0 +1,39 @@ +{ lib +, bitlist +, buildPythonPackage +, fetchPypi +, fountains +, parts +, nose +, pytestCheckHook +}: + +buildPythonPackage rec { + pname = "fe25519"; + version = "0.2.0"; + + src = fetchPypi { + inherit pname version; + sha256 = "1m85qvw9dwxk81mv9k45c9n75pk8wqn70qkinqh56h5zv56vgq24"; + }; + + propagatedBuildInputs = [ + bitlist + fountains + parts + ]; + + checkInputs = [ + nose + pytestCheckHook + ]; + + pythonImportsCheck = [ "fe25519" ]; + + meta = with lib; { + description = "Python field operations for Curve25519's prime"; + homepage = "https://github.com/BjoernMHaase/fe25519"; + license = with licenses; [ cc0 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index de94696c610..137826f0e7c 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -2230,6 +2230,8 @@ in { fdint = callPackage ../development/python-modules/fdint { }; + fe25519 = callPackage ../development/python-modules/fe25519 { }; + feedgen = callPackage ../development/python-modules/feedgen { }; feedgenerator = callPackage ../development/python-modules/feedgenerator { inherit (pkgs) glibcLocales; }; From 7cdb7324494760a016f8772954eef10de71e3b79 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Wed, 3 Mar 2021 13:54:41 +0100 Subject: [PATCH 31/51] python3Packages.ge25519: init at 0.2.0 --- .../python-modules/ge25519/default.nix | 41 +++++++++++++++++++ pkgs/top-level/python-packages.nix | 2 + 2 files changed, 43 insertions(+) create mode 100644 pkgs/development/python-modules/ge25519/default.nix diff --git a/pkgs/development/python-modules/ge25519/default.nix b/pkgs/development/python-modules/ge25519/default.nix new file mode 100644 index 00000000000..0e8d3722fbe --- /dev/null +++ b/pkgs/development/python-modules/ge25519/default.nix @@ -0,0 +1,41 @@ +{ lib +, bitlist +, buildPythonPackage +, fe25519 +, fetchPypi +, fountains +, nose +, parts +, pytestCheckHook +}: + +buildPythonPackage rec { + pname = "ge25519"; + version = "0.2.0"; + + src = fetchPypi { + inherit pname version; + sha256 = "1wgv0vqg8iv9y5d7if14gmcgslwd5zzgk322w9jaxdfbndldddik"; + }; + + propagatedBuildInputs = [ + fe25519 + parts + bitlist + fountains + ]; + + checkInputs = [ + nose + pytestCheckHook + ]; + + pythonImportsCheck = [ "ge25519" ]; + + meta = with lib; { + description = "Python implementation of Ed25519 group elements and operations"; + homepage = "https://github.com/nthparty/ge25519"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 137826f0e7c..bd6cc68d213 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -2530,6 +2530,8 @@ in { gdrivefs = callPackage ../development/python-modules/gdrivefs { }; + ge25519 = callPackage ../development/python-modules/ge25519 { }; + geant4 = disabledIf (!isPy3k) (toPythonModule (pkgs.geant4.override { enablePython = true; python3 = python; From e83c692f972cb8b3190f85ed8705f1d2eddc4c53 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Sat, 6 Mar 2021 21:44:29 +0100 Subject: [PATCH 32/51] python3Packages.fountains: init at 0.2.1 --- .../python-modules/fountains/default.nix | 30 +++++++++++++++++++ pkgs/top-level/python-packages.nix | 2 ++ 2 files changed, 32 insertions(+) create mode 100644 pkgs/development/python-modules/fountains/default.nix diff --git a/pkgs/development/python-modules/fountains/default.nix b/pkgs/development/python-modules/fountains/default.nix new file mode 100644 index 00000000000..b706930b3ef --- /dev/null +++ b/pkgs/development/python-modules/fountains/default.nix @@ -0,0 +1,30 @@ +{ lib +, buildPythonPackage +, fetchPypi +, bitlist +}: + +buildPythonPackage rec { + pname = "fountains"; + version = "0.2.1"; + + src = fetchPypi { + inherit pname version; + sha256 = "0jk5y099g6ggaq5lwp0jlg4asyhcdxnl3him3ibmzc1k9nnknp30"; + }; + + propagatedBuildInputs = [ + bitlist + ]; + + # Project has no test + doCheck = false; + pythonImportsCheck = [ "fountains" ]; + + meta = with lib; { + description = "Python library for generating and embedding data for unit testing"; + homepage = "https://github.com/reity/fountains"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index bd6cc68d213..65a8db8108e 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -2446,6 +2446,8 @@ in { foundationdb60 = callPackage ../servers/foundationdb/python.nix { foundationdb = pkgs.foundationdb60; }; foundationdb61 = callPackage ../servers/foundationdb/python.nix { foundationdb = pkgs.foundationdb61; }; + fountains = callPackage ../development/python-modules/fountains { }; + foxdot = callPackage ../development/python-modules/foxdot { }; fpdf = callPackage ../development/python-modules/fpdf { }; From 10b1c7e54b97ae6053adf7346349d18644d8edfa Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Sat, 6 Mar 2021 21:48:17 +0100 Subject: [PATCH 33/51] python3Packages.parts: init at 1.0.2 --- .../python-modules/parts/default.nix | 25 +++++++++++++++++++ pkgs/top-level/python-packages.nix | 2 ++ 2 files changed, 27 insertions(+) create mode 100644 pkgs/development/python-modules/parts/default.nix diff --git a/pkgs/development/python-modules/parts/default.nix b/pkgs/development/python-modules/parts/default.nix new file mode 100644 index 00000000000..1bf7f26adfd --- /dev/null +++ b/pkgs/development/python-modules/parts/default.nix @@ -0,0 +1,25 @@ +{ lib +, buildPythonPackage +, fetchPypi +}: + +buildPythonPackage rec { + pname = "parts"; + version = "1.0.2"; + + src = fetchPypi { + inherit pname version; + sha256 = "1ym238hxwsw15ivvf6gzmkmla08b9hwhdyc3v6rs55wga9j3a4db"; + }; + + # Project has no tests + doCheck = false; + pythonImportsCheck = [ "parts" ]; + + meta = with lib; { + description = "Python library for common list functions related to partitioning lists"; + homepage = "https://github.com/lapets/parts"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 65a8db8108e..042590dff89 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -4751,6 +4751,8 @@ in { partd = callPackage ../development/python-modules/partd { }; + parts = callPackage ../development/python-modules/parts { }; + parver = callPackage ../development/python-modules/parver { }; arpeggio = callPackage ../development/python-modules/arpeggio { }; From 4e25873e92dc07b9d7ce3dfff4974c3bf04046ea Mon Sep 17 00:00:00 2001 From: Dmitry Kalinkin Date: Sun, 21 Feb 2021 18:03:46 -0500 Subject: [PATCH 34/51] pythonPackages.awkward: 1.0.2 -> 1.1.2 Co-authored-by: Sandro --- pkgs/development/python-modules/awkward/default.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/awkward/default.nix b/pkgs/development/python-modules/awkward/default.nix index 298074f300d..a343306a5b9 100644 --- a/pkgs/development/python-modules/awkward/default.nix +++ b/pkgs/development/python-modules/awkward/default.nix @@ -10,11 +10,11 @@ buildPythonPackage rec { pname = "awkward"; - version = "1.0.2"; + version = "1.1.2"; src = fetchPypi { inherit pname version; - sha256 = "3468cb80cab51252a1936e5e593c7df4588ea0e18dcb6fb31e3d2913ba883928"; + sha256 = "4ae8371d9e6d5bd3e90f3686b433cebc0541c88072655d2c75ec58e79b5d6943"; }; nativeBuildInputs = [ cmake ]; @@ -25,6 +25,7 @@ buildPythonPackage rec { checkInputs = [ pytestCheckHook numba ]; dontUseSetuptoolsCheck = true; + disabledTestPaths = [ "tests-cuda" ]; meta = with lib; { description = "Manipulate JSON-like data with NumPy-like idioms"; From 41d3640e004e23744d9d01ba09995a9d53ed4963 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Sat, 6 Mar 2021 23:14:12 +0100 Subject: [PATCH 35/51] python3Packages.scramp: 1.2.0 -> 1.2.2 --- pkgs/development/python-modules/scramp/default.nix | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/pkgs/development/python-modules/scramp/default.nix b/pkgs/development/python-modules/scramp/default.nix index 7beefa4e899..dc57461d549 100644 --- a/pkgs/development/python-modules/scramp/default.nix +++ b/pkgs/development/python-modules/scramp/default.nix @@ -1,16 +1,23 @@ -{ lib, buildPythonPackage, fetchFromGitHub, pytestCheckHook }: +{ lib +, asn1crypto +, buildPythonPackage +, fetchFromGitHub +, pytestCheckHook +}: buildPythonPackage rec { pname = "scramp"; - version = "1.2.0"; + version = "1.2.2"; src = fetchFromGitHub { owner = "tlocke"; repo = "scramp"; rev = version; - sha256 = "15jb7z5l2lijxr60fb9v55i3f81h6d83c0b7fv5q0fv5q259nv0a"; + sha256 = "sha256-d/kfrhvU96eH8TQX7n1hVRclEFWLseEvOxiR6VaOdrg="; }; + propagatedBuildInputs = [ asn1crypto ]; + checkInputs = [ pytestCheckHook ]; pythonImportsCheck = [ "scramp" ]; From 04208d2ffa148d607164aebcb53ce3037ce40cad Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Sat, 6 Mar 2021 23:33:01 +0100 Subject: [PATCH 36/51] python3Packages.pg8000: 1.17.0 -> 1.18.0 --- pkgs/development/python-modules/pg8000/default.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/development/python-modules/pg8000/default.nix b/pkgs/development/python-modules/pg8000/default.nix index ad51a80674b..3cf843b864c 100644 --- a/pkgs/development/python-modules/pg8000/default.nix +++ b/pkgs/development/python-modules/pg8000/default.nix @@ -1,19 +1,19 @@ { lib , buildPythonPackage , fetchPypi -, scramp -, isPy3k , passlib +, pythonOlder +, scramp }: buildPythonPackage rec { pname = "pg8000"; - version = "1.17.0"; - disabled = !isPy3k; + version = "1.18.0"; + disabled = pythonOlder "3.6"; src = fetchPypi { inherit pname version; - sha256 = "sha256-FBmMWv6yiRBuQO5uXkwFKcU2mTn2yliKAos3GnX+IN0="; + sha256 = "1nkjxf95ldda41mkmahbikhd1fvxai5lfjb4a5gyhialpz4g5fim"; }; propagatedBuildInputs = [ passlib scramp ]; From 3787cf2075c6b40f77f369f0701a49d97c6c4446 Mon Sep 17 00:00:00 2001 From: Maxine Aubrey Date: Sat, 6 Mar 2021 23:54:53 +0100 Subject: [PATCH 37/51] consul: 1.9.3 -> 1.9.4 --- pkgs/servers/consul/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/consul/default.nix b/pkgs/servers/consul/default.nix index fb4372a1d89..cc00f4cf0ce 100644 --- a/pkgs/servers/consul/default.nix +++ b/pkgs/servers/consul/default.nix @@ -2,7 +2,7 @@ buildGoModule rec { pname = "consul"; - version = "1.9.3"; + version = "1.9.4"; rev = "v${version}"; # Note: Currently only release tags are supported, because they have the Consul UI @@ -17,7 +17,7 @@ buildGoModule rec { owner = "hashicorp"; repo = pname; inherit rev; - sha256 = "sha256-/PjtLZtMSq/+S1mWe0oJ+dRCmCq0mlgvreL2awm0PcE="; + sha256 = "1ck55i8snpm583p21y1hac0w76wiwyjpgfxkzscd4whp2jnzhhif"; }; passthru.tests.consul = nixosTests.consul; @@ -26,7 +26,7 @@ buildGoModule rec { # has a split module structure in one repo subPackages = ["." "connect/certgen"]; - vendorSha256 = "sha256-eIW3xQgy2doirGwKGE6OFGgXtKs8LYx3sfsnIu8n5Hg="; + vendorSha256 = "0y744zpj49zvn5vqqb9wmfs1fs0lir71h2kcmhidmn9j132vg1bq"; doCheck = false; From ceb1e7d18a618b9f726b4cc2061c39ad03aed0a5 Mon Sep 17 00:00:00 2001 From: Ingo Blechschmidt Date: Sun, 7 Mar 2021 00:31:43 +0100 Subject: [PATCH 38/51] dsniff: 2.4b1+debian-29 -> 2.4b1+debian-30 --- pkgs/tools/networking/dsniff/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/networking/dsniff/default.nix b/pkgs/tools/networking/dsniff/default.nix index 3a8eab862cb..8e641ec83e7 100644 --- a/pkgs/tools/networking/dsniff/default.nix +++ b/pkgs/tools/networking/dsniff/default.nix @@ -53,8 +53,8 @@ in gcc9Stdenv.mkDerivation rec { domain = "salsa.debian.org"; owner = "pkg-security-team"; repo = "dsniff"; - rev = "debian/${version}+debian-29"; - sha256 = "10zz9krf65jsqvlcr72ycp5cd27xwr18jkc38zqp2i4j6x0caj2g"; + rev = "debian/${version}+debian-30"; + sha256 = "1fk2k0sfdp5g27i11g0sbzm7al52raz5yr1aibzssnysv7l9xgzh"; name = "dsniff.tar.gz"; }; From d59047a77430fa8705c2fb67795145f657923eff Mon Sep 17 00:00:00 2001 From: Ben Wolsieffer Date: Sat, 6 Mar 2021 19:01:30 -0500 Subject: [PATCH 39/51] python3Packages.pypugjs: 5.9.8 -> 5.9.9 --- pkgs/development/python-modules/pypugjs/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/pypugjs/default.nix b/pkgs/development/python-modules/pypugjs/default.nix index 4e2bf164a33..77ca912db6c 100644 --- a/pkgs/development/python-modules/pypugjs/default.nix +++ b/pkgs/development/python-modules/pypugjs/default.nix @@ -3,11 +3,11 @@ buildPythonPackage rec { pname = "pypugjs"; - version = "5.9.8"; + version = "5.9.9"; src = fetchPypi { inherit pname version; - sha256 = "1iy8k56rbslxcylhamdik2bd6gqqirrix55mrdn29zz9gl6vg1xi"; + sha256 = "0s0a239940z6rsssa13yz6pfkjk4300j35hs7qysyz45f3ixq19j"; }; propagatedBuildInputs = [ six chardet ]; From b3c90695a9a23b893f22903c5b9c22f5ba9af3a8 Mon Sep 17 00:00:00 2001 From: Austin Butler Date: Sat, 6 Mar 2021 16:51:58 -0800 Subject: [PATCH 40/51] nomachine-client: 7.0.211 -> 7.2.3 --- pkgs/tools/admin/nomachine-client/default.nix | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/pkgs/tools/admin/nomachine-client/default.nix b/pkgs/tools/admin/nomachine-client/default.nix index c419c7e834a..fa5763178bd 100644 --- a/pkgs/tools/admin/nomachine-client/default.nix +++ b/pkgs/tools/admin/nomachine-client/default.nix @@ -1,10 +1,10 @@ { lib, stdenv, file, fetchurl, makeWrapper, autoPatchelfHook, jsoncpp, libpulseaudio }: let - versionMajor = "7.0"; - versionMinor = "211"; - versionBuild_x86_64 = "4"; - versionBuild_i686 = "4"; + versionMajor = "7.2"; + versionMinor = "3"; + versionBuild_x86_64 = "8"; + versionBuild_i686 = "8"; in stdenv.mkDerivation rec { pname = "nomachine-client"; @@ -14,12 +14,12 @@ in if stdenv.hostPlatform.system == "x86_64-linux" then fetchurl { url = "https://download.nomachine.com/download/${versionMajor}/Linux/nomachine_${version}_${versionBuild_x86_64}_x86_64.tar.gz"; - sha256 = "06habqsl5gp13sym519r3qp188qwqqfw8p48wcs4zj3kcri6fjz0"; + sha256 = "1x60vmngq4927qvy6ljmyvwlz5lapilld3495w3y3jdllwd3dxp4"; } else if stdenv.hostPlatform.system == "i686-linux" then fetchurl { url = "https://download.nomachine.com/download/${versionMajor}/Linux/nomachine_${version}_${versionBuild_i686}_i686.tar.gz"; - sha256 = "1y4lr95mwilwr7gqsxqvygq4w3dcp4cjh8m06wdi3avwdzrjkgj9"; + sha256 = "0dx921g6w3gk0x4p771qqxbbi16vl11hmdzzwhfczrq90pgzrhks"; } else throw "NoMachine client is not supported on ${stdenv.hostPlatform.system}"; From 725f331cc8b1d3b762b1adeadf2ee2044f5b69c6 Mon Sep 17 00:00:00 2001 From: Demyan Rogozhin Date: Sun, 7 Mar 2021 01:58:04 +0100 Subject: [PATCH 41/51] particl-core: 0.19.2.3 -> 0.19.2.5 --- pkgs/applications/blockchains/particl/particl-core.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/blockchains/particl/particl-core.nix b/pkgs/applications/blockchains/particl/particl-core.nix index feced9eecb0..99bc49e8db3 100644 --- a/pkgs/applications/blockchains/particl/particl-core.nix +++ b/pkgs/applications/blockchains/particl/particl-core.nix @@ -17,11 +17,11 @@ with lib; stdenv.mkDerivation rec { pname = "particl-core"; - version = "0.19.2.3"; + version = "0.19.2.5"; src = fetchurl { url = "https://github.com/particl/particl-core/archive/v${version}.tar.gz"; - sha256 = "sha256-nAsQvYWUejSu/4MMIwZhlV5Gjza/Da4jcp6/01lppvg="; + sha256 = "sha256-uI4T8h6RvCikk8h/sZmGlj3Uj3Xhu0vDn/fPb6rLcSg="; }; nativeBuildInputs = [ pkg-config autoreconfHook ]; From 6303d139fc09122613108f8eb0996441429fe2ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Sun, 7 Mar 2021 02:58:01 +0100 Subject: [PATCH 42/51] pythonPackages.cairosvg: 2.5.1 -> 2.5.2 --- .../python-modules/cairosvg/default.nix | 35 ++++++++++++++----- 1 file changed, 27 insertions(+), 8 deletions(-) diff --git a/pkgs/development/python-modules/cairosvg/default.nix b/pkgs/development/python-modules/cairosvg/default.nix index 0244f772be1..58b8c267306 100644 --- a/pkgs/development/python-modules/cairosvg/default.nix +++ b/pkgs/development/python-modules/cairosvg/default.nix @@ -1,25 +1,44 @@ -{ lib, buildPythonPackage, fetchPypi, isPy3k, fetchpatch -, cairocffi, cssselect2, defusedxml, pillow, tinycss2 -, pytest, pytestrunner, pytestcov, pytest-flake8, pytest-isort }: +{ lib +, buildPythonPackage +, fetchPypi +, isPy3k +, cairocffi +, cssselect2 +, defusedxml +, pillow +, tinycss2 +, pytestCheckHook +, pytest-runner +, pytest-flake8 +, pytest-isort +}: buildPythonPackage rec { pname = "CairoSVG"; - version = "2.5.1"; - + version = "2.5.2"; disabled = !isPy3k; src = fetchPypi { inherit pname version; - sha256 = "bfa0deea7fa0b9b2f29e41b747a915c249dbca731a4667c2917e47ff96e773e0"; + sha256 = "sha256-sLmSnPXboAUXjXRqgDb88AJVUPSYylTbYYczIjhHg7w="; }; + buildInputs = [ pytest-runner ]; + propagatedBuildInputs = [ cairocffi cssselect2 defusedxml pillow tinycss2 ]; - checkInputs = [ pytest pytestrunner pytestcov pytest-flake8 pytest-isort ]; + checkInputs = [ pytestCheckHook pytest-flake8 pytest-isort ]; + + pytestFlagsArray = [ + "cairosvg/test_api.py" + ]; + + pythonImportsCheck = [ "cairosvg" ]; meta = with lib; { homepage = "https://cairosvg.org"; - license = licenses.lgpl3; + license = licenses.lgpl3Plus; description = "SVG converter based on Cairo"; + maintainers = with maintainers; [ SuperSandro2000 ]; }; } From fa2bf8e38e9ad75f7bfd9953974196fc41980ef7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Sun, 7 Mar 2021 02:58:56 +0100 Subject: [PATCH 43/51] pythonPackages.celery: add missing requirement --- pkgs/development/python-modules/celery/default.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/celery/default.nix b/pkgs/development/python-modules/celery/default.nix index e1fb0b98ea0..f0fe81f85e2 100644 --- a/pkgs/development/python-modules/celery/default.nix +++ b/pkgs/development/python-modules/celery/default.nix @@ -1,5 +1,5 @@ { lib, buildPythonPackage, fetchPypi -, billiard, click, click-didyoumean, click-repl, kombu, pytz, vine +, billiard, click, click-didyoumean, click-plugins, click-repl, kombu, pytz, vine , boto3, case, moto, pytest, pytest-celery, pytest-subtests, pytest-timeout }: @@ -17,7 +17,7 @@ buildPythonPackage rec { --replace "moto==1.3.7" moto ''; - propagatedBuildInputs = [ billiard click click-didyoumean click-repl kombu pytz vine ]; + propagatedBuildInputs = [ billiard click click-didyoumean click-plugins click-repl kombu pytz vine ]; checkInputs = [ boto3 case moto pytest pytest-celery pytest-subtests pytest-timeout ]; @@ -38,5 +38,6 @@ buildPythonPackage rec { homepage = "https://github.com/celery/celery/"; description = "Distributed task queue"; license = licenses.bsd3; + maintainers = [ ]; }; } From 9c43942caf1e3cb496cf50325bc128d4c0ce740d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Sun, 7 Mar 2021 03:13:51 +0100 Subject: [PATCH 44/51] mirage: remove unused input --- .../networking/instant-messengers/mirage/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/applications/networking/instant-messengers/mirage/default.nix b/pkgs/applications/networking/instant-messengers/mirage/default.nix index 3b6b9bfc6f9..42ea1c52fa9 100644 --- a/pkgs/applications/networking/instant-messengers/mirage/default.nix +++ b/pkgs/applications/networking/instant-messengers/mirage/default.nix @@ -1,6 +1,6 @@ { lib, stdenv, mkDerivation, fetchFromGitHub , qmake, pkg-config, olm, wrapQtAppsHook -, qtbase, qtquickcontrols2, qtkeychain, qtmultimedia, qttools, qtgraphicaleffects +, qtbase, qtquickcontrols2, qtkeychain, qtmultimedia, qtgraphicaleffects , python3Packages, pyotherside, libXScrnSaver }: From 0218a3a1d54870440889aa06f5ab8ccf1e0e9a97 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Sun, 7 Mar 2021 03:14:35 +0100 Subject: [PATCH 45/51] pythonPackages.flower: fix broken --- pkgs/development/python-modules/flower/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkgs/development/python-modules/flower/default.nix b/pkgs/development/python-modules/flower/default.nix index 09368552966..3662116bc2a 100644 --- a/pkgs/development/python-modules/flower/default.nix +++ b/pkgs/development/python-modules/flower/default.nix @@ -35,11 +35,13 @@ buildPythonPackage rec { checkInputs = [ mock ]; + pythonImportsCheck = [ "flower" ]; + meta = with lib; { description = "Celery Flower"; homepage = "https://github.com/mher/flower"; license = licenses.bsdOriginal; maintainers = [ maintainers.arnoldfarkas ]; - broken = (celery.version == "5.0.2"); # currently broken with celery>=5.0 by https://github.com/mher/flower/pull/1021 + broken = (celery.version >= "5.0.2"); # currently broken with celery>=5.0 by https://github.com/mher/flower/pull/1021 }; } From fc750b2000a1cfb31cc4cf2a409f16f243d2f9c0 Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Wed, 13 Jan 2021 13:44:22 +0100 Subject: [PATCH 46/51] kubernetes: 1.19.5 -> 1.20.4 --- .../networking/cluster/kubernetes/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/applications/networking/cluster/kubernetes/default.nix b/pkgs/applications/networking/cluster/kubernetes/default.nix index d4ec9cf5ef3..184f36c69f7 100644 --- a/pkgs/applications/networking/cluster/kubernetes/default.nix +++ b/pkgs/applications/networking/cluster/kubernetes/default.nix @@ -20,13 +20,13 @@ stdenv.mkDerivation rec { pname = "kubernetes"; - version = "1.19.5"; + version = "1.20.4"; src = fetchFromGitHub { owner = "kubernetes"; repo = "kubernetes"; rev = "v${version}"; - sha256 = "15bv620fj4x731f2z2a9dcdss18rk379kc40g49bpqsdn42jjx2z"; + sha256 = "0nni351ya688dphdkpyq94p3wjw2kigg85kmalwdpv5wpz1abl5g"; }; nativeBuildInputs = [ removeReferencesTo makeWrapper which go rsync installShellFiles ]; @@ -53,7 +53,7 @@ stdenv.mkDerivation rec { postBuild = '' ./hack/update-generated-docs.sh - (cd build/pause && cc pause.c -o pause) + (cd build/pause/linux && cc pause.c -o pause) ''; installPhase = '' @@ -61,7 +61,7 @@ stdenv.mkDerivation rec { install -D _output/local/go/bin/''${p##*/} -t $out/bin done - install -D build/pause/pause -t $pause/bin + install -D build/pause/linux/pause -t $pause/bin installManPage docs/man/man1/*.[1-9] cp cluster/addons/addon-manager/kube-addons.sh $out/bin/kube-addons From 7da62867be079bb5f6412fb12a76dbb68f9bad4b Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Wed, 13 Jan 2021 20:10:04 +0100 Subject: [PATCH 47/51] nixos/kubernetes: adapt module and test cases to fit kubernetes v1.20.X as well as coredns v1.7.X --- .../cluster/kubernetes/addons/dns.nix | 7 ++- .../services/cluster/kubernetes/apiserver.nix | 44 ++++++++++++++++--- .../services/cluster/kubernetes/kubelet.nix | 16 ++++++- .../services/cluster/kubernetes/pki.nix | 1 + .../networking/cluster/kubernetes/default.nix | 11 ++++- .../fixup-addonmanager-lib-path.patch | 23 ++++++++++ 6 files changed, 89 insertions(+), 13 deletions(-) create mode 100644 pkgs/applications/networking/cluster/kubernetes/fixup-addonmanager-lib-path.patch diff --git a/nixos/modules/services/cluster/kubernetes/addons/dns.nix b/nixos/modules/services/cluster/kubernetes/addons/dns.nix index f12e866930d..24d86628b21 100644 --- a/nixos/modules/services/cluster/kubernetes/addons/dns.nix +++ b/nixos/modules/services/cluster/kubernetes/addons/dns.nix @@ -3,7 +3,7 @@ with lib; let - version = "1.6.4"; + version = "1.7.1"; cfg = config.services.kubernetes.addons.dns; ports = { dns = 10053; @@ -55,9 +55,9 @@ in { type = types.attrs; default = { imageName = "coredns/coredns"; - imageDigest = "sha256:493ee88e1a92abebac67cbd4b5658b4730e0f33512461442d8d9214ea6734a9b"; + imageDigest = "sha256:4a6e0769130686518325b21b0c1d0688b54e7c79244d48e1b15634e98e40c6ef"; finalImageTag = version; - sha256 = "0fm9zdjavpf5hni8g7fkdd3csjbhd7n7py7llxjc66sbii087028"; + sha256 = "02r440xcdsgi137k5lmmvp0z5w5fmk8g9mysq5pnysq1wl8sj6mw"; }; }; }; @@ -156,7 +156,6 @@ in { health :${toString ports.health} kubernetes ${cfg.clusterDomain} in-addr.arpa ip6.arpa { pods insecure - upstream fallthrough in-addr.arpa ip6.arpa } prometheus :${toString ports.metrics} diff --git a/nixos/modules/services/cluster/kubernetes/apiserver.nix b/nixos/modules/services/cluster/kubernetes/apiserver.nix index 95bdb4c0d14..616389dfaac 100644 --- a/nixos/modules/services/cluster/kubernetes/apiserver.nix +++ b/nixos/modules/services/cluster/kubernetes/apiserver.nix @@ -238,14 +238,42 @@ in type = int; }; + apiAudiences = mkOption { + description = '' + Kubernetes apiserver ServiceAccount issuer. + ''; + default = "api,https://kubernetes.default.svc"; + type = str; + }; + + serviceAccountIssuer = mkOption { + description = '' + Kubernetes apiserver ServiceAccount issuer. + ''; + default = "https://kubernetes.default.svc"; + type = str; + }; + + serviceAccountSigningKeyFile = mkOption { + description = '' + Path to the file that contains the current private key of the service + account token issuer. The issuer will sign issued ID tokens with this + private key. + ''; + default = top.serviceAccountSigningKeyFile; + type = path; + }; + serviceAccountKeyFile = mkOption { description = '' - Kubernetes apiserver PEM-encoded x509 RSA private or public key file, - used to verify ServiceAccount tokens. By default tls private key file - is used. + File containing PEM-encoded x509 RSA or ECDSA private or public keys, + used to verify ServiceAccount tokens. The specified file can contain + multiple keys, and the flag can be specified multiple times with + different files. If unspecified, --tls-private-key-file is used. + Must be specified when --service-account-signing-key is provided ''; - default = null; - type = nullOr path; + default = top.serviceAccountKeyFile; + type = path; }; serviceClusterIpRange = mkOption { @@ -357,8 +385,10 @@ in ${optionalString (cfg.runtimeConfig != "") "--runtime-config=${cfg.runtimeConfig}"} \ --secure-port=${toString cfg.securePort} \ - ${optionalString (cfg.serviceAccountKeyFile!=null) - "--service-account-key-file=${cfg.serviceAccountKeyFile}"} \ + --api-audiences=${toString cfg.apiAudiences} \ + --service-account-issuer=${toString cfg.serviceAccountIssuer} \ + --service-account-signing-key-file=${cfg.serviceAccountSigningKeyFile} \ + --service-account-key-file=${cfg.serviceAccountKeyFile} \ --service-cluster-ip-range=${cfg.serviceClusterIpRange} \ --storage-backend=${cfg.storageBackend} \ ${optionalString (cfg.tlsCertFile != null) diff --git a/nixos/modules/services/cluster/kubernetes/kubelet.nix b/nixos/modules/services/cluster/kubernetes/kubelet.nix index 479027f1b27..4da6efca535 100644 --- a/nixos/modules/services/cluster/kubernetes/kubelet.nix +++ b/nixos/modules/services/cluster/kubernetes/kubelet.nix @@ -125,6 +125,18 @@ in }; }; + containerRuntime = mkOption { + description = "Which container runtime type to use"; + type = enum ["docker" "remote"]; + default = "remote"; + }; + + containerRuntimeEndpoint = mkOption { + description = "Endpoint at which to find the container runtime api interface/socket"; + type = str; + default = "unix:///var/run/docker/containerd/containerd.sock"; + }; + enable = mkEnableOption "Kubernetes kubelet."; extraOpts = mkOption { @@ -240,7 +252,7 @@ in systemd.services.kubelet = { description = "Kubernetes Kubelet Service"; wantedBy = [ "kubernetes.target" ]; - after = [ "network.target" "docker.service" "kube-apiserver.service" ]; + after = [ "network.target" "kube-apiserver.service" "sockets.target" ]; path = with pkgs; [ gitMinimal openssh @@ -306,6 +318,8 @@ in ${optionalString (cfg.tlsKeyFile != null) "--tls-private-key-file=${cfg.tlsKeyFile}"} \ ${optionalString (cfg.verbosity != null) "--v=${toString cfg.verbosity}"} \ + --container-runtime=${cfg.containerRuntime} \ + --container-runtime-endpoint=${cfg.containerRuntimeEndpoint} \ ${cfg.extraOpts} ''; WorkingDirectory = top.dataDir; diff --git a/nixos/modules/services/cluster/kubernetes/pki.nix b/nixos/modules/services/cluster/kubernetes/pki.nix index 933ae481e96..8de6a3ba0d8 100644 --- a/nixos/modules/services/cluster/kubernetes/pki.nix +++ b/nixos/modules/services/cluster/kubernetes/pki.nix @@ -361,6 +361,7 @@ in tlsCertFile = mkDefault cert; tlsKeyFile = mkDefault key; serviceAccountKeyFile = mkDefault cfg.certs.serviceAccount.cert; + serviceAccountSigningKeyFile = mkDefault cfg.certs.serviceAccount.key; kubeletClientCaFile = mkDefault caCert; kubeletClientCertFile = mkDefault cfg.certs.apiserverKubeletClient.cert; kubeletClientKeyFile = mkDefault cfg.certs.apiserverKubeletClient.key; diff --git a/pkgs/applications/networking/cluster/kubernetes/default.nix b/pkgs/applications/networking/cluster/kubernetes/default.nix index 184f36c69f7..cb669615f63 100644 --- a/pkgs/applications/networking/cluster/kubernetes/default.nix +++ b/pkgs/applications/networking/cluster/kubernetes/default.nix @@ -33,6 +33,8 @@ stdenv.mkDerivation rec { outputs = [ "out" "man" "pause" ]; + patches = [ ./fixup-addonmanager-lib-path.patch ]; + postPatch = '' # go env breaks the sandbox substituteInPlace "hack/lib/golang.sh" \ @@ -64,10 +66,17 @@ stdenv.mkDerivation rec { install -D build/pause/linux/pause -t $pause/bin installManPage docs/man/man1/*.[1-9] - cp cluster/addons/addon-manager/kube-addons.sh $out/bin/kube-addons + # Unfortunately, kube-addons-main.sh only looks for the lib file in either the current working dir + # or in /opt. We have to patch this for now. + substitute cluster/addons/addon-manager/kube-addons-main.sh $out/bin/kube-addons \ + --subst-var out + + chmod +x $out/bin/kube-addons patchShebangs $out/bin/kube-addons wrapProgram $out/bin/kube-addons --set "KUBECTL_BIN" "$out/bin/kubectl" + cp cluster/addons/addon-manager/kube-addons.sh $out/bin/kube-addons-lib.sh + cp ${./mk-docker-opts.sh} $out/bin/mk-docker-opts.sh for tool in kubeadm kubectl; do diff --git a/pkgs/applications/networking/cluster/kubernetes/fixup-addonmanager-lib-path.patch b/pkgs/applications/networking/cluster/kubernetes/fixup-addonmanager-lib-path.patch new file mode 100644 index 00000000000..ef2904bdcfe --- /dev/null +++ b/pkgs/applications/networking/cluster/kubernetes/fixup-addonmanager-lib-path.patch @@ -0,0 +1,23 @@ +diff --git a/cluster/addons/addon-manager/kube-addons-main.sh b/cluster/addons/addon-manager/kube-addons-main.sh +index 849973470d1..e4fef30eaea 100755 +--- a/cluster/addons/addon-manager/kube-addons-main.sh ++++ b/cluster/addons/addon-manager/kube-addons-main.sh +@@ -17,17 +17,7 @@ + # Import required functions. The addon manager is installed to /opt in + # production use (see the Dockerfile) + # Disabling shellcheck following files as the full path would be required. +-if [ -f "kube-addons.sh" ]; then +- # shellcheck disable=SC1091 +- source "kube-addons.sh" +-elif [ -f "/opt/kube-addons.sh" ]; then +- # shellcheck disable=SC1091 +- source "/opt/kube-addons.sh" +-else +- # If the required source is missing, we have to fail. +- log ERR "== Could not find kube-addons.sh (not in working directory or /opt) at $(date -Is) ==" +- exit 1 +-fi ++source "@out@/bin/kube-addons-lib.sh" + + # The business logic for whether a given object should be created + # was already enforced by salt, and /etc/kubernetes/addons is the From 7b5c38e97384257a03ec29e9eec56e2a46a07816 Mon Sep 17 00:00:00 2001 From: Johan Thomsen Date: Thu, 25 Feb 2021 16:00:59 +0100 Subject: [PATCH 48/51] nixos/kubernetes: docker -> containerd also, nixos/containerd: module init --- nixos/doc/manual/release-notes/rl-2105.xml | 9 ++ nixos/modules/module-list.nix | 1 + .../services/cluster/kubernetes/apiserver.nix | 2 - .../services/cluster/kubernetes/default.nix | 33 +++-- .../services/cluster/kubernetes/flannel.nix | 40 +------ .../services/cluster/kubernetes/kubelet.nix | 27 +++-- nixos/modules/services/networking/flannel.nix | 6 +- nixos/modules/virtualisation/containerd.nix | 60 ++++++++++ nixos/tests/kubernetes/dns.nix | 15 ++- nixos/tests/kubernetes/rbac.nix | 6 +- .../networking/cluster/kubernetes/default.nix | 2 - .../cluster/kubernetes/mk-docker-opts.sh | 113 ------------------ 12 files changed, 129 insertions(+), 185 deletions(-) create mode 100644 nixos/modules/virtualisation/containerd.nix delete mode 100755 pkgs/applications/networking/cluster/kubernetes/mk-docker-opts.sh diff --git a/nixos/doc/manual/release-notes/rl-2105.xml b/nixos/doc/manual/release-notes/rl-2105.xml index 0666b4300ec..2f87869fbe3 100644 --- a/nixos/doc/manual/release-notes/rl-2105.xml +++ b/nixos/doc/manual/release-notes/rl-2105.xml @@ -788,6 +788,15 @@ self: super: and use Maturin as their build tool. + + + Kubernetes has deprecated docker as container runtime. + As a consequence, the Kubernetes module now has support for configuration of custom remote container runtimes and enables containerd by default. + Note that containerd is more strict regarding container image OCI-compliance. + As an example, images with CMD or ENTRYPOINT defined as strings (not lists) will fail on containerd, while working fine on docker. + Please test your setup and container images with containerd prior to upgrading. + + diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index f91c21ad5cb..9bb81d085c9 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -1053,6 +1053,7 @@ ./testing/service-runner.nix ./virtualisation/anbox.nix ./virtualisation/container-config.nix + ./virtualisation/containerd.nix ./virtualisation/containers.nix ./virtualisation/nixos-containers.nix ./virtualisation/oci-containers.nix diff --git a/nixos/modules/services/cluster/kubernetes/apiserver.nix b/nixos/modules/services/cluster/kubernetes/apiserver.nix index 616389dfaac..a5b13215476 100644 --- a/nixos/modules/services/cluster/kubernetes/apiserver.nix +++ b/nixos/modules/services/cluster/kubernetes/apiserver.nix @@ -260,7 +260,6 @@ in account token issuer. The issuer will sign issued ID tokens with this private key. ''; - default = top.serviceAccountSigningKeyFile; type = path; }; @@ -272,7 +271,6 @@ in different files. If unspecified, --tls-private-key-file is used. Must be specified when --service-account-signing-key is provided ''; - default = top.serviceAccountKeyFile; type = path; }; diff --git a/nixos/modules/services/cluster/kubernetes/default.nix b/nixos/modules/services/cluster/kubernetes/default.nix index 3a11a6513a4..19edc338bba 100644 --- a/nixos/modules/services/cluster/kubernetes/default.nix +++ b/nixos/modules/services/cluster/kubernetes/default.nix @@ -5,6 +5,29 @@ with lib; let cfg = config.services.kubernetes; + defaultContainerdConfigFile = pkgs.writeText "containerd.toml" '' + version = 2 + root = "/var/lib/containerd/daemon" + state = "/var/run/containerd/daemon" + oom_score = 0 + + [grpc] + address = "/var/run/containerd/containerd.sock" + + [plugins."io.containerd.grpc.v1.cri"] + sandbox_image = "pause:latest" + + [plugins."io.containerd.grpc.v1.cri".cni] + bin_dir = "/opt/cni/bin" + max_conf_num = 0 + + [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] + runtime_type = "io.containerd.runc.v2" + + [plugins."io.containerd.grpc.v1.cri".containerd.runtimes."io.containerd.runc.v2".options] + SystemdCgroup = true + ''; + mkKubeConfig = name: conf: pkgs.writeText "${name}-kubeconfig" (builtins.toJSON { apiVersion = "v1"; kind = "Config"; @@ -222,14 +245,9 @@ in { }) (mkIf cfg.kubelet.enable { - virtualisation.docker = { + virtualisation.containerd = { enable = mkDefault true; - - # kubernetes needs access to logs - logDriver = mkDefault "json-file"; - - # iptables must be disabled for kubernetes - extraOptions = "--iptables=false --ip-masq=false"; + configFile = mkDefault defaultContainerdConfigFile; }; }) @@ -269,7 +287,6 @@ in { users.users.kubernetes = { uid = config.ids.uids.kubernetes; description = "Kubernetes user"; - extraGroups = [ "docker" ]; group = "kubernetes"; home = cfg.dataDir; createHome = true; diff --git a/nixos/modules/services/cluster/kubernetes/flannel.nix b/nixos/modules/services/cluster/kubernetes/flannel.nix index 548ffed1ddb..3f55719027f 100644 --- a/nixos/modules/services/cluster/kubernetes/flannel.nix +++ b/nixos/modules/services/cluster/kubernetes/flannel.nix @@ -8,16 +8,6 @@ let # we want flannel to use kubernetes itself as configuration backend, not direct etcd storageBackend = "kubernetes"; - - # needed for flannel to pass options to docker - mkDockerOpts = pkgs.runCommand "mk-docker-opts" { - buildInputs = [ pkgs.makeWrapper ]; - } '' - mkdir -p $out - - # bashInteractive needed for `compgen` - makeWrapper ${pkgs.bashInteractive}/bin/bash $out/mk-docker-opts --add-flags "${pkgs.kubernetes}/bin/mk-docker-opts.sh" - ''; in { ###### interface @@ -43,43 +33,17 @@ in cniVersion = "0.3.1"; delegate = { isDefaultGateway = true; - bridge = "docker0"; + bridge = "mynet"; }; }]; }; - systemd.services.mk-docker-opts = { - description = "Pre-Docker Actions"; - path = with pkgs; [ gawk gnugrep ]; - script = '' - ${mkDockerOpts}/mk-docker-opts -d /run/flannel/docker - systemctl restart docker - ''; - serviceConfig.Type = "oneshot"; - }; - - systemd.paths.flannel-subnet-env = { - wantedBy = [ "flannel.service" ]; - pathConfig = { - PathModified = "/run/flannel/subnet.env"; - Unit = "mk-docker-opts.service"; - }; - }; - - systemd.services.docker = { - environment.DOCKER_OPTS = "-b none"; - serviceConfig.EnvironmentFile = "-/run/flannel/docker"; - }; - - # read environment variables generated by mk-docker-opts - virtualisation.docker.extraOptions = "$DOCKER_OPTS"; - networking = { firewall.allowedUDPPorts = [ 8285 # flannel udp 8472 # flannel vxlan ]; - dhcpcd.denyInterfaces = [ "docker*" "flannel*" ]; + dhcpcd.denyInterfaces = [ "mynet*" "flannel*" ]; }; services.kubernetes.pki.certs = { diff --git a/nixos/modules/services/cluster/kubernetes/kubelet.nix b/nixos/modules/services/cluster/kubernetes/kubelet.nix index 4da6efca535..ef6da26a024 100644 --- a/nixos/modules/services/cluster/kubernetes/kubelet.nix +++ b/nixos/modules/services/cluster/kubernetes/kubelet.nix @@ -23,7 +23,7 @@ let name = "pause"; tag = "latest"; contents = top.package.pause; - config.Cmd = "/bin/pause"; + config.Cmd = ["/bin/pause"]; }; kubeconfig = top.lib.mkKubeConfig "kubelet" cfg.kubeconfig; @@ -134,7 +134,7 @@ in containerRuntimeEndpoint = mkOption { description = "Endpoint at which to find the container runtime api interface/socket"; type = str; - default = "unix:///var/run/docker/containerd/containerd.sock"; + default = "unix:///var/run/containerd/containerd.sock"; }; enable = mkEnableOption "Kubernetes kubelet."; @@ -247,16 +247,24 @@ in ###### implementation config = mkMerge [ (mkIf cfg.enable { + + environment.etc."cni/net.d".source = cniConfig; + services.kubernetes.kubelet.seedDockerImages = [infraContainer]; + boot.kernel.sysctl = { + "net.bridge.bridge-nf-call-iptables" = 1; + "net.ipv4.ip_forward" = 1; + "net.bridge.bridge-nf-call-ip6tables" = 1; + }; + systemd.services.kubelet = { description = "Kubernetes Kubelet Service"; wantedBy = [ "kubernetes.target" ]; - after = [ "network.target" "kube-apiserver.service" "sockets.target" ]; + after = [ "containerd.service" "network.target" "kube-apiserver.service" ]; path = with pkgs; [ gitMinimal openssh - docker util-linux iproute ethtool @@ -266,8 +274,12 @@ in ] ++ lib.optional config.boot.zfs.enabled config.boot.zfs.package ++ top.path; preStart = '' ${concatMapStrings (img: '' - echo "Seeding docker image: ${img}" - docker load <${img} + echo "Seeding container image: ${img}" + ${if (lib.hasSuffix "gz" img) then + ''${pkgs.gzip}/bin/zcat "${img}" | ${pkgs.containerd}/bin/ctr -n k8s.io image import -'' + else + ''${pkgs.coreutils}/bin/cat "${img}" | ${pkgs.containerd}/bin/ctr -n k8s.io image import -'' + } '') cfg.seedDockerImages} rm /opt/cni/bin/* || true @@ -320,6 +332,7 @@ in ${optionalString (cfg.verbosity != null) "--v=${toString cfg.verbosity}"} \ --container-runtime=${cfg.containerRuntime} \ --container-runtime-endpoint=${cfg.containerRuntimeEndpoint} \ + --cgroup-driver=systemd \ ${cfg.extraOpts} ''; WorkingDirectory = top.dataDir; @@ -329,7 +342,7 @@ in # Allways include cni plugins services.kubernetes.kubelet.cni.packages = [pkgs.cni-plugins]; - boot.kernelModules = ["br_netfilter"]; + boot.kernelModules = ["br_netfilter" "overlay"]; services.kubernetes.kubelet.hostname = with config.networking; mkDefault (hostName + optionalString (domain != null) ".${domain}"); diff --git a/nixos/modules/services/networking/flannel.nix b/nixos/modules/services/networking/flannel.nix index 4c040112d28..32a7eb3ed69 100644 --- a/nixos/modules/services/networking/flannel.nix +++ b/nixos/modules/services/networking/flannel.nix @@ -162,10 +162,7 @@ in { NODE_NAME = cfg.nodeName; }; path = [ pkgs.iptables ]; - preStart = '' - mkdir -p /run/flannel - touch /run/flannel/docker - '' + optionalString (cfg.storageBackend == "etcd") '' + preStart = optionalString (cfg.storageBackend == "etcd") '' echo "setting network configuration" until ${pkgs.etcdctl}/bin/etcdctl set /coreos.com/network/config '${builtins.toJSON networkConfig}' do @@ -177,6 +174,7 @@ in { ExecStart = "${cfg.package}/bin/flannel"; Restart = "always"; RestartSec = "10s"; + RuntimeDirectory = "flannel"; }; }; diff --git a/nixos/modules/virtualisation/containerd.nix b/nixos/modules/virtualisation/containerd.nix new file mode 100644 index 00000000000..194276d1695 --- /dev/null +++ b/nixos/modules/virtualisation/containerd.nix @@ -0,0 +1,60 @@ +{ pkgs, lib, config, ... }: +let + cfg = config.virtualisation.containerd; + containerdConfigChecked = pkgs.runCommand "containerd-config-checked.toml" { nativeBuildInputs = [pkgs.containerd]; } '' + containerd -c ${cfg.configFile} config dump >/dev/null + ln -s ${cfg.configFile} $out + ''; +in +{ + + options.virtualisation.containerd = with lib.types; { + enable = lib.mkEnableOption "containerd container runtime"; + + configFile = lib.mkOption { + default = null; + description = "path to containerd config file"; + type = nullOr path; + }; + + args = lib.mkOption { + default = {}; + description = "extra args to append to the containerd cmdline"; + type = attrsOf str; + }; + }; + + config = lib.mkIf cfg.enable { + virtualisation.containerd.args.config = lib.mkIf (cfg.configFile != null) (toString containerdConfigChecked); + + environment.systemPackages = [pkgs.containerd]; + + systemd.services.containerd = { + description = "containerd - container runtime"; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + path = with pkgs; [ + containerd + runc + iptables + ]; + serviceConfig = { + ExecStart = ''${pkgs.containerd}/bin/containerd ${lib.concatStringsSep " " (lib.cli.toGNUCommandLine {} cfg.args)}''; + Delegate = "yes"; + KillMode = "process"; + Type = "notify"; + Restart = "always"; + RestartSec = "5"; + StartLimitBurst = "8"; + StartLimitIntervalSec = "120s"; + + # "limits" defined below are adopted from upstream: https://github.com/containerd/containerd/blob/master/containerd.service + LimitNPROC = "infinity"; + LimitCORE = "infinity"; + LimitNOFILE = "infinity"; + TasksMax = "infinity"; + OOMScoreAdjust = "-999"; + }; + }; + }; +} diff --git a/nixos/tests/kubernetes/dns.nix b/nixos/tests/kubernetes/dns.nix index 890499a0fb8..b6cd811c5ae 100644 --- a/nixos/tests/kubernetes/dns.nix +++ b/nixos/tests/kubernetes/dns.nix @@ -34,7 +34,7 @@ let name = "redis"; tag = "latest"; contents = [ pkgs.redis pkgs.bind.host ]; - config.Entrypoint = "/bin/redis-server"; + config.Entrypoint = ["/bin/redis-server"]; }; probePod = pkgs.writeText "probe-pod.json" (builtins.toJSON { @@ -55,12 +55,11 @@ let name = "probe"; tag = "latest"; contents = [ pkgs.bind.host pkgs.busybox ]; - config.Entrypoint = "/bin/tail"; + config.Entrypoint = ["/bin/tail"]; }; - extraConfiguration = { config, pkgs, ... }: { + extraConfiguration = { config, pkgs, lib, ... }: { environment.systemPackages = [ pkgs.bind.host ]; - # virtualisation.docker.extraOptions = "--dns=${config.services.kubernetes.addons.dns.clusterIp}"; services.dnsmasq.enable = true; services.dnsmasq.servers = [ "/cluster.local/${config.services.kubernetes.addons.dns.clusterIp}#53" @@ -77,7 +76,7 @@ let # prepare machine1 for test machine1.wait_until_succeeds("kubectl get node machine1.${domain} | grep -w Ready") machine1.wait_until_succeeds( - "docker load < ${redisImage}" + "${pkgs.gzip}/bin/zcat ${redisImage} | ${pkgs.containerd}/bin/ctr -n k8s.io image import -" ) machine1.wait_until_succeeds( "kubectl create -f ${redisPod}" @@ -86,7 +85,7 @@ let "kubectl create -f ${redisService}" ) machine1.wait_until_succeeds( - "docker load < ${probeImage}" + "${pkgs.gzip}/bin/zcat ${probeImage} | ${pkgs.containerd}/bin/ctr -n k8s.io image import -" ) machine1.wait_until_succeeds( "kubectl create -f ${probePod}" @@ -118,7 +117,7 @@ let # prepare machines for test machine1.wait_until_succeeds("kubectl get node machine2.${domain} | grep -w Ready") machine2.wait_until_succeeds( - "docker load < ${redisImage}" + "${pkgs.gzip}/bin/zcat ${redisImage} | ${pkgs.containerd}/bin/ctr -n k8s.io image import -" ) machine1.wait_until_succeeds( "kubectl create -f ${redisPod}" @@ -127,7 +126,7 @@ let "kubectl create -f ${redisService}" ) machine2.wait_until_succeeds( - "docker load < ${probeImage}" + "${pkgs.gzip}/bin/zcat ${probeImage} | ${pkgs.containerd}/bin/ctr -n k8s.io image import -" ) machine1.wait_until_succeeds( "kubectl create -f ${probePod}" diff --git a/nixos/tests/kubernetes/rbac.nix b/nixos/tests/kubernetes/rbac.nix index c922da515d9..3fc8ed0fbe3 100644 --- a/nixos/tests/kubernetes/rbac.nix +++ b/nixos/tests/kubernetes/rbac.nix @@ -85,7 +85,7 @@ let name = "kubectl"; tag = "latest"; contents = [ kubectl pkgs.busybox kubectlPod2 ]; - config.Entrypoint = "/bin/sh"; + config.Entrypoint = ["/bin/sh"]; }; base = { @@ -97,7 +97,7 @@ let machine1.wait_until_succeeds("kubectl get node machine1.my.zyx | grep -w Ready") machine1.wait_until_succeeds( - "docker load < ${kubectlImage}" + "${pkgs.gzip}/bin/zcat ${kubectlImage} | ${pkgs.containerd}/bin/ctr -n k8s.io image import -" ) machine1.wait_until_succeeds( @@ -134,7 +134,7 @@ let machine1.wait_until_succeeds("kubectl get node machine2.my.zyx | grep -w Ready") machine2.wait_until_succeeds( - "docker load < ${kubectlImage}" + "${pkgs.gzip}/bin/zcat ${kubectlImage} | ${pkgs.containerd}/bin/ctr -n k8s.io image import -" ) machine1.wait_until_succeeds( diff --git a/pkgs/applications/networking/cluster/kubernetes/default.nix b/pkgs/applications/networking/cluster/kubernetes/default.nix index cb669615f63..c218e1b492b 100644 --- a/pkgs/applications/networking/cluster/kubernetes/default.nix +++ b/pkgs/applications/networking/cluster/kubernetes/default.nix @@ -77,8 +77,6 @@ stdenv.mkDerivation rec { cp cluster/addons/addon-manager/kube-addons.sh $out/bin/kube-addons-lib.sh - cp ${./mk-docker-opts.sh} $out/bin/mk-docker-opts.sh - for tool in kubeadm kubectl; do installShellCompletion --cmd $tool \ --bash <($out/bin/$tool completion bash) \ diff --git a/pkgs/applications/networking/cluster/kubernetes/mk-docker-opts.sh b/pkgs/applications/networking/cluster/kubernetes/mk-docker-opts.sh deleted file mode 100755 index 22a459f5134..00000000000 --- a/pkgs/applications/networking/cluster/kubernetes/mk-docker-opts.sh +++ /dev/null @@ -1,113 +0,0 @@ -#!/usr/bin/env bash - -# Copyright 2014 The Kubernetes Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Generate Docker daemon options based on flannel env file. - -# exit on any error -set -e - -usage() { - echo "$0 [-f FLANNEL-ENV-FILE] [-d DOCKER-ENV-FILE] [-i] [-c] [-m] [-k COMBINED-KEY] - -Generate Docker daemon options based on flannel env file -OPTIONS: - -f Path to flannel env file. Defaults to /run/flannel/subnet.env - -d Path to Docker env file to write to. Defaults to /run/docker_opts.env - -i Output each Docker option as individual var. e.g. DOCKER_OPT_MTU=1500 - -c Output combined Docker options into DOCKER_OPTS var - -k Set the combined options key to this value (default DOCKER_OPTS=) - -m Do not output --ip-masq (useful for older Docker version) -" >/dev/stderr - exit 1 -} - -flannel_env="/run/flannel/subnet.env" -docker_env="/run/docker_opts.env" -combined_opts_key="DOCKER_OPTS" -indiv_opts=false -combined_opts=false -ipmasq=true -val="" - -while getopts "f:d:icmk:" opt; do - case $opt in - f) - flannel_env=$OPTARG - ;; - d) - docker_env=$OPTARG - ;; - i) - indiv_opts=true - ;; - c) - combined_opts=true - ;; - m) - ipmasq=false - ;; - k) - combined_opts_key=$OPTARG - ;; - \?) - usage - ;; - esac -done - -if [[ $indiv_opts = false ]] && [[ $combined_opts = false ]]; then - indiv_opts=true - combined_opts=true -fi - -if [[ -f "${flannel_env}" ]]; then - source "${flannel_env}" -fi - -if [[ -n "$FLANNEL_SUBNET" ]]; then - # shellcheck disable=SC2034 # Variable name referenced in OPT_LOOP below - DOCKER_OPT_BIP="--bip=$FLANNEL_SUBNET" -fi - -if [[ -n "$FLANNEL_MTU" ]]; then - # shellcheck disable=SC2034 # Variable name referenced in OPT_LOOP below - DOCKER_OPT_MTU="--mtu=$FLANNEL_MTU" -fi - -if [[ "$FLANNEL_IPMASQ" = true ]] && [[ $ipmasq = true ]]; then - # shellcheck disable=SC2034 # Variable name referenced in OPT_LOOP below - DOCKER_OPT_IPMASQ="--ip-masq=false" -fi - -eval docker_opts="\$${combined_opts_key}" -docker_opts+=" " - -echo -n "" >"${docker_env}" - -# OPT_LOOP -for opt in $(compgen -v DOCKER_OPT_); do - eval val=\$"${opt}" - - if [[ "$indiv_opts" = true ]]; then - echo "$opt=\"$val\"" >>"${docker_env}" - fi - - docker_opts+="$val " -done - -if [[ "$combined_opts" = true ]]; then - echo "${combined_opts_key}=\"${docker_opts}\"" >>"${docker_env}" -fi From b79b4ab4cb5c57453f82175cbbd41a15b028f0d5 Mon Sep 17 00:00:00 2001 From: Masanori Ogino <167209+omasanori@users.noreply.github.com> Date: Sun, 7 Mar 2021 12:24:15 +0900 Subject: [PATCH 49/51] kramdown-rfc2629: 1.2.13 -> 1.3.37 Signed-off-by: Masanori Ogino <167209+omasanori@users.noreply.github.com> --- pkgs/tools/text/kramdown-rfc2629/Gemfile.lock | 4 +++- pkgs/tools/text/kramdown-rfc2629/gemset.nix | 16 +++++++++++++--- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/pkgs/tools/text/kramdown-rfc2629/Gemfile.lock b/pkgs/tools/text/kramdown-rfc2629/Gemfile.lock index b50dc2fdbca..feab5cddf99 100644 --- a/pkgs/tools/text/kramdown-rfc2629/Gemfile.lock +++ b/pkgs/tools/text/kramdown-rfc2629/Gemfile.lock @@ -2,9 +2,11 @@ GEM remote: https://rubygems.org/ specs: certified (1.0.0) + json_pure (2.5.1) kramdown (1.17.0) - kramdown-rfc2629 (1.2.13) + kramdown-rfc2629 (1.3.37) certified (~> 1.0) + json_pure (~> 2.0) kramdown (~> 1.17.0) PLATFORMS diff --git a/pkgs/tools/text/kramdown-rfc2629/gemset.nix b/pkgs/tools/text/kramdown-rfc2629/gemset.nix index bf0cf130c42..f0b6c39a359 100644 --- a/pkgs/tools/text/kramdown-rfc2629/gemset.nix +++ b/pkgs/tools/text/kramdown-rfc2629/gemset.nix @@ -9,6 +9,16 @@ }; version = "1.0.0"; }; + json_pure = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "030hmc268wchqsccbjk41hvbyg99krpa72i3q0y3wwqzfh8hi736"; + type = "gem"; + }; + version = "2.5.1"; + }; kramdown = { groups = ["default"]; platforms = []; @@ -20,14 +30,14 @@ version = "1.17.0"; }; kramdown-rfc2629 = { - dependencies = ["certified" "kramdown"]; + dependencies = ["certified" "json_pure" "kramdown"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0s53m46qlcdakik0czvx0p41mk46l9l36331cps8gpf364wf3l9d"; + sha256 = "16m08q5bgib3i54bb9p3inrxb1xksiybs9zj1rnncq492gcqqv4j"; type = "gem"; }; - version = "1.2.13"; + version = "1.3.37"; }; } From f003d2c9cecdb55e720967bc3d13931ef9145fc8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 7 Mar 2021 03:35:30 +0000 Subject: [PATCH 50/51] drone-runner-exec: init at unstable-2020-04-19 (#115003) Co-authored-by: Sandro --- .../drone-runner-exec/default.nix | 26 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 28 insertions(+) create mode 100644 pkgs/development/tools/continuous-integration/drone-runner-exec/default.nix diff --git a/pkgs/development/tools/continuous-integration/drone-runner-exec/default.nix b/pkgs/development/tools/continuous-integration/drone-runner-exec/default.nix new file mode 100644 index 00000000000..373c6183725 --- /dev/null +++ b/pkgs/development/tools/continuous-integration/drone-runner-exec/default.nix @@ -0,0 +1,26 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "drone-runner-exec"; + version = "unstable-2020-04-19"; + + src = fetchFromGitHub { + owner = "drone-runners"; + repo = "drone-runner-exec"; + rev = "c0a612ef2bdfdc6d261dfbbbb005c887a0c3668d"; + sha256 = "sha256-0UIJwpC5Y2TQqyZf6C6neICYBZdLQBWAZ8/K1l6KVRs="; + }; + + vendorSha256 = "sha256-ypYuQKxRhRQGX1HtaWt6F6BD9vBpD8AJwx/4esLrJsw="; + + meta = with lib; { + description = "Drone pipeline runner that executes builds directly on the host machine"; + homepage = "https://github.com/drone-runners/drone-runner-exec"; + # https://polyformproject.org/licenses/small-business/1.0.0/ + license = licenses.unfree; + maintainers = with maintainers; [ mic92 ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 1cb21e4866a..4de12459f07 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -3782,6 +3782,8 @@ in drone-cli = callPackage ../development/tools/continuous-integration/drone-cli { }; + drone-runner-exec = callPackage ../development/tools/continuous-integration/drone-runner-exec { }; + dropbear = callPackage ../tools/networking/dropbear { }; dsview = libsForQt5.callPackage ../applications/science/electronics/dsview { }; From 5a7d2375290d7f9be63a71381564196c640ee579 Mon Sep 17 00:00:00 2001 From: Zhaofeng Li Date: Sat, 6 Mar 2021 18:49:14 -0800 Subject: [PATCH 51/51] dpt-rp1-py: unstable-2018-10-16 -> 0.1.12 --- pkgs/tools/misc/dpt-rp1-py/default.nix | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/pkgs/tools/misc/dpt-rp1-py/default.nix b/pkgs/tools/misc/dpt-rp1-py/default.nix index 69b689fb824..cf3a9a42406 100644 --- a/pkgs/tools/misc/dpt-rp1-py/default.nix +++ b/pkgs/tools/misc/dpt-rp1-py/default.nix @@ -1,22 +1,27 @@ { lib, python3Packages, fetchFromGitHub }: python3Packages.buildPythonApplication rec { pname = "dpt-rp1-py"; - version = "unstable-2018-10-16"; + version = "0.1.12"; src = fetchFromGitHub { owner = "janten"; repo = pname; - rev = "4551b4432f8470de5f2ad9171105f731a6259395"; - sha256 = "176y5j31aci1vpi8v6r5ki55432fbdsazh9bsyzr90im9zimkffl"; + rev = "v${version}"; + sha256 = "0xw853s5bx2lr57w6ldfjzi1ppc6px66zd7hzk8y2kg82q6bnasq"; }; doCheck = false; propagatedBuildInputs = with python3Packages; [ + anytree + fusepy httpsig - requests pbkdf2 + pyyaml + requests + tqdm urllib3 + zeroconf ]; meta = with lib; {