From 955310683206739931c2106ac661a670181be364 Mon Sep 17 00:00:00 2001 From: Klemens Nanni Date: Thu, 12 May 2022 15:24:52 +0200 Subject: [PATCH 01/58] nixos/stage-1: Ensure correct ZFS mount options Consider ZFS filesystems meant to be mounted with zfs.mount(8), e.g. ``` config.fileSystems."/media".options = [ "zfsutil" ]; config.fileSystems."/nix".options = [ "zfsutil" ]; ``` `zfsutil` uses dataset properties as mount options such that zfsprops(7) do not have to be duplicated in fstab(5) entries or manual mount(8) invocations. Given the example configuation above, /media is correctly mounted with `setuid=off` translated into `nosuid`: ``` $ zfs get -Ho value setuid /media off $ findmnt -t zfs -no options /media rw,nosuid,nodev,noexec,noatime,xattr,posixacl ``` /nix however was mounted with default mount(8) options: ``` $ zfs get -Ho value setuid /nix off $ findmnt -t zfs -no options /nix rw,relatime,xattr,noacl ``` This holds true for all other ZFS properties/mount options, including `exec/[no]exec`, `devices/[no]dev`, `atime/[no]atime`, etc. /nix is mounted using BusyBox's `mount` during stage 1 init while /media is mounted later using proper systemd and/or util-linux's `mount`. Tracing stage 1 init showed that BusyBox never tried to execute mount.zfs(8) as intended by `zfsutil`. Replacing it with util-linux's `mount` and adding the mount helper showed attempts to execute mount.zfs(8). Ensure ZFS filesystems are mounted with correct options iff `zfsutil` is used. --- nixos/modules/system/boot/stage-1.nix | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/nixos/modules/system/boot/stage-1.nix b/nixos/modules/system/boot/stage-1.nix index d10ebac5682..adb8eb7ccf7 100644 --- a/nixos/modules/system/boot/stage-1.nix +++ b/nixos/modules/system/boot/stage-1.nix @@ -31,6 +31,9 @@ let # mounting `/`, like `/` on a loopback). fileSystems = filter utils.fsNeededForBoot config.system.build.fileSystems; + # Determine whether zfs-mount(8) is needed. + zfsRequiresMountHelper = any (fs: lib.elem "zfsutil" fs.options) fileSystems; + # A utility for enumerating the shared-library dependencies of a program findLibs = pkgs.buildPackages.writeShellScriptBin "find-libs" '' set -euo pipefail @@ -107,6 +110,22 @@ let copy_bin_and_libs $BIN done + ${optionalString zfsRequiresMountHelper '' + # Filesystems using the "zfsutil" option are mounted regardless of the + # mount.zfs(8) helper, but it is required to ensure that ZFS properties + # are used as mount options. + # + # BusyBox does not use the ZFS helper in the first place. + # util-linux searches /sbin/ as last path for helpers (stage-1-init.sh + # must symlink it to the store PATH). + # Without helper program, both `mount`s silently fails back to internal + # code, using default options and effectively ignore security relevant + # ZFS properties such as `setuid=off` and `exec=off` (unless manually + # duplicated in `fileSystems.*.options`, defeating "zfsutil"'s purpose). + copy_bin_and_libs ${pkgs.util-linux}/bin/mount + copy_bin_and_libs ${pkgs.zfs}/bin/mount.zfs + ''} + # Copy some util-linux stuff. copy_bin_and_libs ${pkgs.util-linux}/sbin/blkid @@ -221,7 +240,12 @@ let echo "testing patched programs..." $out/bin/ash -c 'echo hello world' | grep "hello world" export LD_LIBRARY_PATH=$out/lib - $out/bin/mount --help 2>&1 | grep -q "BusyBox" + ${if zfsRequiresMountHelper then '' + $out/bin/mount -V 1>&1 | grep -q "mount from util-linux" + $out/bin/mount.zfs -h 2>&1 | grep -q "Usage: mount.zfs" + '' else '' + $out/bin/mount --help 2>&1 | grep -q "BusyBox" + ''} $out/bin/blkid -V 2>&1 | grep -q 'libblkid' $out/bin/udevadm --version $out/bin/dmsetup --version 2>&1 | tee -a log | grep -q "version:" From de77849ad689101c4a7af14a9d02c9906d2b0b13 Mon Sep 17 00:00:00 2001 From: Klemens Nanni Date: Thu, 12 May 2022 16:18:30 +0200 Subject: [PATCH 02/58] nixos/stage-1: Account for hardcoded executable paths At least pkgs/os-specific/linux/util-linux/default.nix uses ``` "--enable-fs-paths-default=/run/wrappers/bin:/run/current-system/sw/bin:/sbin" ``` which does not cover stage 1 init's PATH as all executables are put under /bin/. Fix util-linux's `mount` usage by symlinking /sbin to it. --- nixos/modules/system/boot/stage-1-init.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/nixos/modules/system/boot/stage-1-init.sh b/nixos/modules/system/boot/stage-1-init.sh index 22d5ec76af7..337064034ef 100644 --- a/nixos/modules/system/boot/stage-1-init.sh +++ b/nixos/modules/system/boot/stage-1-init.sh @@ -14,6 +14,8 @@ extraUtils="@extraUtils@" export LD_LIBRARY_PATH=@extraUtils@/lib export PATH=@extraUtils@/bin ln -s @extraUtils@/bin /bin +# hardcoded in util-linux's mount helper search path `/run/wrappers/bin:/run/current-system/sw/bin:/sbin` +ln -s @extraUtils@/bin /sbin # Copy the secrets to their needed location if [ -d "@extraUtils@/secrets" ]; then From 4b045c70664617180c776d3d301fb7563572e66f Mon Sep 17 00:00:00 2001 From: Klemens Nanni Date: Thu, 12 May 2022 21:35:33 +0200 Subject: [PATCH 03/58] nixos/stage-1: Remove redundant symlink check find(1)'s test `-type f` already excludes symbolic links, so `test -L` will never return false for found files. --- nixos/modules/system/boot/stage-1.nix | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/nixos/modules/system/boot/stage-1.nix b/nixos/modules/system/boot/stage-1.nix index adb8eb7ccf7..ec2bd5ef352 100644 --- a/nixos/modules/system/boot/stage-1.nix +++ b/nixos/modules/system/boot/stage-1.nix @@ -223,16 +223,12 @@ let # Run patchelf to make the programs refer to the copied libraries. find $out/bin $out/lib -type f | while read i; do - if ! test -L $i; then - nuke-refs -e $out $i - fi + nuke-refs -e $out $i done find $out/bin -type f | while read i; do - if ! test -L $i; then - echo "patching $i..." - patchelf --set-interpreter $out/lib/ld*.so.? --set-rpath $out/lib $i || true - fi + echo "patching $i..." + patchelf --set-interpreter $out/lib/ld*.so.? --set-rpath $out/lib $i || true done if [ -z "${toString (pkgs.stdenv.hostPlatform != pkgs.stdenv.buildPlatform)}" ]; then From d33e52b2539c5b36a5a876df9006a7145efd42ea Mon Sep 17 00:00:00 2001 From: Klemens Nanni Date: Sun, 15 May 2022 01:00:37 +0200 Subject: [PATCH 04/58] nixos/stage-1: Fix library path in libraries also `extra-utils` composes the set of programs and libraries needed by 1. copying over all programs 2. copying over all libraries any program directly links against 3. set the runtime path for every program to the library directory It seems that this approach misses the case where a library itself links against another library. That is to say, `extra-utils` assumes that either only progams link against libraries or that every library linked to by a library is already linked to by a program. `mount.zfs` linking against `libcrypto`, in turn linking against `libdl` shows how the current approach falls short: ``` $ objdump -p $(which mount.zfs) | grep NEEDED | grep -e libdl -e libcrypto NEEDED libcrypto.so.1.1 $ ldd (which mount.zfs) | grep libdl libdl.so.2 => /nix/store/ybkkrhdwdj227kr20vk8qnzqnmj7a06x-glibc-2.34-115/lib/libdl.so.2 (0x00007f9967a9a000 ``` Using `mount.zfs` directly in stage 1 init still works since `LD_LIBRARY_PATH` overrides this (as intended). util-linux's `mount` however executes `mount.zfs` with LD_LIBRARY_PATH removed from its environment as can be seen with strace(1) in an interactive stage 1 init shell (`boot.shell_on_fail` kernel parameter): ``` # env -i LD_LIBRARY_PATH=$LD_LIBRARY_PATH $(which strace) -ff -e trace=/exec -v -qqq $(which mount) /mnt-root execve("/nix/store/3gqbb3swgiy749fxd5a4k6kirkr2jr9n-extra-utils/bin/mount", ["/nix/store/3gqbb3swgiy749fxd5a4k"..., "/mnt-root"], ["LD_LIBRARY_PATH=/nix/store/3gqbb"...]) = 0 [pid 1026] execve("/sbin/mount.zfs", ["/sbin/mount.zfs", "", "/mnt-root", "-o", "rw,zfsutil"], []) = 0 /sbin/mount.zfs: error while loading shared libraries: libdl.so.2: cannot open shared object file: No such file or directory --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=1026, si_uid=0, si_status=127, si_utime=0, si_stime=0} --- ``` env(1) is used for clarity (hence subshells for absoloute paths). While `mount` uses the right library path, `mount.zfs` is stripped of it, so ld.so(8) fails resolve `libdl` (as required by `libcrypto`). To fix this and not rely on `LD_LIBRARY_PATH` to be set, fix the library path inside libraries as well. This finally mounts all ZFS filesystems using `zfsutil` with correct and intended mount options. --- nixos/modules/system/boot/stage-1.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/nixos/modules/system/boot/stage-1.nix b/nixos/modules/system/boot/stage-1.nix index ec2bd5ef352..2900919b4b6 100644 --- a/nixos/modules/system/boot/stage-1.nix +++ b/nixos/modules/system/boot/stage-1.nix @@ -231,6 +231,11 @@ let patchelf --set-interpreter $out/lib/ld*.so.? --set-rpath $out/lib $i || true done + find $out/lib -type f \! -name 'ld*.so.?' | while read i; do + echo "patching $i..." + patchelf --set-rpath $out/lib $i + done + if [ -z "${toString (pkgs.stdenv.hostPlatform != pkgs.stdenv.buildPlatform)}" ]; then # Make sure that the patchelf'ed binaries still work. echo "testing patched programs..." From 9eb704b65a43047d136218b98e6f01fc20a6e83c Mon Sep 17 00:00:00 2001 From: Klemens Nanni Date: Sun, 15 May 2022 01:35:15 +0200 Subject: [PATCH 05/58] nixos/stage-1: Zap no longer needed LD_LIBRARY_PATH The previous commit properly adjusts all library paths, thus no need to forcefully adjust the path at runtime any longer. --- nixos/modules/system/boot/stage-1.nix | 3 --- 1 file changed, 3 deletions(-) diff --git a/nixos/modules/system/boot/stage-1.nix b/nixos/modules/system/boot/stage-1.nix index 2900919b4b6..e35ccff2907 100644 --- a/nixos/modules/system/boot/stage-1.nix +++ b/nixos/modules/system/boot/stage-1.nix @@ -240,7 +240,6 @@ let # Make sure that the patchelf'ed binaries still work. echo "testing patched programs..." $out/bin/ash -c 'echo hello world' | grep "hello world" - export LD_LIBRARY_PATH=$out/lib ${if zfsRequiresMountHelper then '' $out/bin/mount -V 1>&1 | grep -q "mount from util-linux" $out/bin/mount.zfs -h 2>&1 | grep -q "Usage: mount.zfs" @@ -285,8 +284,6 @@ let } '' mkdir -p $out - echo 'ENV{LD_LIBRARY_PATH}="${extraUtils}/lib"' > $out/00-env.rules - cp -v ${udev}/lib/udev/rules.d/60-cdrom_id.rules $out/ cp -v ${udev}/lib/udev/rules.d/60-persistent-storage.rules $out/ cp -v ${udev}/lib/udev/rules.d/75-net-description.rules $out/ From 7d4af5de4090988370a5c027b463608f187511af Mon Sep 17 00:00:00 2001 From: ranfdev Date: Fri, 20 May 2022 16:39:30 +0200 Subject: [PATCH 06/58] blueprint-compiler: init at 0.1.0 This package is needed by many new gtk apps. --- .../compilers/blueprint/default.nix | 51 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 + 2 files changed, 53 insertions(+) create mode 100644 pkgs/development/compilers/blueprint/default.nix diff --git a/pkgs/development/compilers/blueprint/default.nix b/pkgs/development/compilers/blueprint/default.nix new file mode 100644 index 00000000000..9aa1893effe --- /dev/null +++ b/pkgs/development/compilers/blueprint/default.nix @@ -0,0 +1,51 @@ +{ python3 +, stdenv +, fetchFromGitLab +, gobject-introspection +, lib +, meson +, ninja +}: + +stdenv.mkDerivation rec { + pname = "blueprint-compiler"; + version = "unstable-2022-05-27"; + + src = fetchFromGitLab { + domain = "gitlab.gnome.org"; + owner = "jwestman"; + repo = pname; + rev = "cebd9ecadc53790cd547392899589dd5de0ac552"; + sha256 = "sha256-mNR0ooJSRBIXy2E4avXYEdO1aSST+j41TsVg8+kitwo="; + }; + + # Requires pythonfuzz, which I've found difficult to package + doCheck = false; + + nativeBuildInputs = [ + meson + ninja + python3.pkgs.wrapPython + ]; + + buildInputs = [ + python3 + ]; + + propagatedBuildInputs = [ + # So that the compiler can find GIR and .ui files + gobject-introspection + ]; + + postFixup = '' + wrapPythonPrograms + ''; + + meta = with lib; { + description = "A markup language for GTK user interface files"; + homepage = "https://gitlab.gnome.org/jwestman/blueprint-compiler"; + license = licenses.lgpl3Plus; + maintainers = [ maintainers.ranfdev ]; + platforms = platforms.all; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 50098392bb6..9befd4a1651 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -12327,6 +12327,8 @@ with pkgs; binaryen = callPackage ../development/compilers/binaryen { }; + blueprint-compiler = callPackage ../development/compilers/blueprint { }; + bluespec = callPackage ../development/compilers/bluespec { gmp-static = gmp.override { withStatic = true; }; tex = texlive.combined.scheme-full; From 327af2f90f9f89d6a4f031f124fdd732247956f9 Mon Sep 17 00:00:00 2001 From: Robert Scott Date: Sun, 29 May 2022 00:32:12 +0100 Subject: [PATCH 07/58] liblouis: fix darwin build with patch --- pkgs/development/libraries/liblouis/default.nix | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/pkgs/development/libraries/liblouis/default.nix b/pkgs/development/libraries/liblouis/default.nix index 893704ddb18..6f630eedf5b 100644 --- a/pkgs/development/libraries/liblouis/default.nix +++ b/pkgs/development/libraries/liblouis/default.nix @@ -1,5 +1,7 @@ { fetchFromGitHub -, lib, stdenv +, lib +, stdenv +, fetchpatch , autoreconfHook , pkg-config , gettext @@ -21,6 +23,14 @@ stdenv.mkDerivation rec { sha256 = "sha256-Hfn0dfXihtUfO3R+qJaetrPwupcIwblvi1DQdHCF1s8="; }; + patches = [ + (fetchpatch { + name = "parenthesize-memcpy-calls-clang.patch"; + url = "https://github.com/liblouis/liblouis/commit/528f38938e9f539a251d9de92ad1c1b90401c4d0.patch"; + sha256 = "0hlhqsvd5wflg70bd7bmssnchk8znzbr93in0zpspzbyap6xz112"; + }) + ]; + outputs = [ "out" "dev" "man" "info" "doc" ]; nativeBuildInputs = [ From 5f70accc9d9f9815e47ed823c0cbac766a3489a1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 29 May 2022 09:58:36 +0200 Subject: [PATCH 08/58] python3.pkgs.coqui-trainer: 0.0.5 -> 0.0.11 --- pkgs/development/python-modules/coqui-trainer/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/coqui-trainer/default.nix b/pkgs/development/python-modules/coqui-trainer/default.nix index 3c447db0a0e..62d49d2aba0 100644 --- a/pkgs/development/python-modules/coqui-trainer/default.nix +++ b/pkgs/development/python-modules/coqui-trainer/default.nix @@ -15,7 +15,7 @@ let pname = "coqui-trainer"; - version = "0.0.5"; + version = "0.0.11"; in buildPythonPackage { inherit pname version; @@ -27,7 +27,7 @@ buildPythonPackage { owner = "coqui-ai"; repo = "Trainer"; rev = "v${version}"; - hash = "sha256-NsgCh+N2qWmRkTOjXqisVCP5aInH2zcNz6lsnIfVLiY="; + hash = "sha256-ujuQ9l6NOpDb2TdQbRcOM+j91RfbE8wCL9C0PID8g8Q="; }; patches = [ From f273458b656b79dd24e4ae7b538edbfa75127a5a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Sun, 29 May 2022 09:49:30 +0200 Subject: [PATCH 09/58] tts: 0.6.1 -> 0.6.2 --- pkgs/tools/audio/tts/default.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/audio/tts/default.nix b/pkgs/tools/audio/tts/default.nix index a15a29f9d57..c9116b22ba0 100644 --- a/pkgs/tools/audio/tts/default.nix +++ b/pkgs/tools/audio/tts/default.nix @@ -31,14 +31,14 @@ let in python.pkgs.buildPythonApplication rec { pname = "tts"; - version = "0.6.1"; + version = "0.6.2"; format = "setuptools"; src = fetchFromGitHub { owner = "coqui-ai"; repo = "TTS"; rev = "v${version}"; - sha256 = "sha256-YzMR/Tl1UvjdSqV/h4lYR6DuarEqEIM7RReqYznFU4Q="; + sha256 = "sha256-n27a1s3Dpe5Hd3JryD4fPAjRcNc0YR1fpop+uhYA6sQ="; }; postPatch = let @@ -132,6 +132,8 @@ python.pkgs.buildPythonApplication rec { ]; disabledTestPaths = [ + # Requires network acccess to download models + "tests/aux_tests/test_remove_silence_vad_script.py" # phonemes mismatch between espeak-ng and gruuts phonemizer "tests/text_tests/test_phonemizer.py" # no training, it takes too long @@ -146,7 +148,6 @@ python.pkgs.buildPythonApplication rec { "tests/tts_tests/test_tacotron2_d-vectors_train.py" "tests/tts_tests/test_tacotron2_speaker_emb_train.py" "tests/tts_tests/test_tacotron2_train.py" - "tests/tts_tests/test_tacotron2_train_fsspec_path.py" "tests/tts_tests/test_tacotron_train.py" "tests/tts_tests/test_vits_d-vectors_train.py" "tests/tts_tests/test_vits_multilingual_speaker_emb_train.py" From e0ea4b52f03465863a0000595404d67cabfcbbd2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= Date: Sun, 29 May 2022 22:04:35 +0000 Subject: [PATCH 10/58] mopidy-spotify-tunigo: remove --- pkgs/applications/audio/mopidy/default.nix | 2 -- .../audio/mopidy/spotify-tunigo.nix | 23 ------------------- pkgs/top-level/aliases.nix | 1 + pkgs/top-level/all-packages.nix | 1 - 4 files changed, 1 insertion(+), 26 deletions(-) delete mode 100644 pkgs/applications/audio/mopidy/spotify-tunigo.nix diff --git a/pkgs/applications/audio/mopidy/default.nix b/pkgs/applications/audio/mopidy/default.nix index 8bf50e72092..0b01f8a779a 100644 --- a/pkgs/applications/audio/mopidy/default.nix +++ b/pkgs/applications/audio/mopidy/default.nix @@ -35,8 +35,6 @@ lib.makeScope newScope (self: with self; { mopidy-spotify = callPackage ./spotify.nix { }; - mopidy-spotify-tunigo = callPackage ./spotify-tunigo.nix { }; - mopidy-tunein = callPackage ./tunein.nix { }; mopidy-youtube = callPackage ./youtube.nix { }; diff --git a/pkgs/applications/audio/mopidy/spotify-tunigo.nix b/pkgs/applications/audio/mopidy/spotify-tunigo.nix deleted file mode 100644 index 70d076190cd..00000000000 --- a/pkgs/applications/audio/mopidy/spotify-tunigo.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ lib, fetchFromGitHub, pythonPackages, mopidy, mopidy-spotify }: - -pythonPackages.buildPythonApplication rec { - pname = "mopidy-spotify-tunigo"; - version = "1.0.0"; - - src = fetchFromGitHub { - owner = "trygveaa"; - repo = "mopidy-spotify-tunigo"; - rev = "v${version}"; - sha256 = "1jwk0b2iz4z09qynnhcr07w15lx6i1ra09s9lp48vslqcf2fp36x"; - }; - - propagatedBuildInputs = [ mopidy mopidy-spotify pythonPackages.tunigo ]; - - doCheck = false; - - meta = with lib; { - description = "Mopidy extension for providing the browse feature of Spotify"; - license = licenses.asl20; - maintainers = [ maintainers.spwhitt ]; - }; -} diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index 6ad3af02118..aa56ae872a5 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -842,6 +842,7 @@ mapAliases ({ mopidy-gmusic = throw "mopidy-gmusic has been removed because Google Play Music was discontinued"; # Added 2021-03-07 mopidy-local-images = throw "mopidy-local-images has been removed as it's unmaintained. Its functionality has been merged into the mopidy-local extension"; # Added 2020-10-18 mopidy-local-sqlite = throw "mopidy-local-sqlite has been removed as it's unmaintained. Its functionality has been merged into the mopidy-local extension"; # Added 2020-10-18 + mopidy-spotify-tunigo = throw "mopidy-spotify-tunigo has been removed because Spotify stopped supporting libspotify"; # added 2022-05-29 morituri = throw "'morituri' has been renamed to/replaced by 'whipper'"; # Converted to throw 2022-02-22 mozart-binary = mozart2-binary; # Added 2019-09-23 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index ac2e861f227..a3cf75f9bcc 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -28217,7 +28217,6 @@ with pkgs; mopidy-somafm mopidy-soundcloud mopidy-spotify - mopidy-spotify-tunigo mopidy-subidy mopidy-tunein mopidy-youtube From eaf436cc25922ac7dac74d2e93dd190ce9dc4313 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= Date: Sun, 29 May 2022 22:05:33 +0000 Subject: [PATCH 11/58] mopidy-spotify: remove --- pkgs/applications/audio/mopidy/default.nix | 2 -- pkgs/applications/audio/mopidy/spotify.nix | 25 ---------------------- pkgs/top-level/aliases.nix | 1 + pkgs/top-level/all-packages.nix | 1 - 4 files changed, 1 insertion(+), 28 deletions(-) delete mode 100644 pkgs/applications/audio/mopidy/spotify.nix diff --git a/pkgs/applications/audio/mopidy/default.nix b/pkgs/applications/audio/mopidy/default.nix index 0b01f8a779a..facad887962 100644 --- a/pkgs/applications/audio/mopidy/default.nix +++ b/pkgs/applications/audio/mopidy/default.nix @@ -33,8 +33,6 @@ lib.makeScope newScope (self: with self; { mopidy-soundcloud = callPackage ./soundcloud.nix { }; - mopidy-spotify = callPackage ./spotify.nix { }; - mopidy-tunein = callPackage ./tunein.nix { }; mopidy-youtube = callPackage ./youtube.nix { }; diff --git a/pkgs/applications/audio/mopidy/spotify.nix b/pkgs/applications/audio/mopidy/spotify.nix deleted file mode 100644 index ed68769f665..00000000000 --- a/pkgs/applications/audio/mopidy/spotify.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ lib, fetchFromGitHub, pythonPackages, mopidy }: - -pythonPackages.buildPythonApplication rec { - pname = "mopidy-spotify"; - version = "4.1.1"; - - src = fetchFromGitHub { - owner = "mopidy"; - repo = "mopidy-spotify"; - rev = "v${version}"; - sha256 = "1qsac2yy26cdlsmxd523v8ayacs0s6jj9x79sngwap781i63zqrm"; - }; - - propagatedBuildInputs = [ mopidy pythonPackages.pyspotify ]; - - doCheck = false; - - meta = with lib; { - homepage = "https://www.mopidy.com/"; - description = "Mopidy extension for playing music from Spotify"; - license = licenses.asl20; - maintainers = with maintainers; [ rski ]; - hydraPlatforms = [ ]; - }; -} diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index aa56ae872a5..7fdd85e8f5c 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -842,6 +842,7 @@ mapAliases ({ mopidy-gmusic = throw "mopidy-gmusic has been removed because Google Play Music was discontinued"; # Added 2021-03-07 mopidy-local-images = throw "mopidy-local-images has been removed as it's unmaintained. Its functionality has been merged into the mopidy-local extension"; # Added 2020-10-18 mopidy-local-sqlite = throw "mopidy-local-sqlite has been removed as it's unmaintained. Its functionality has been merged into the mopidy-local extension"; # Added 2020-10-18 + mopidy-spotify = throw "mopidy-spotify has been removed because Spotify stopped supporting libspotify"; # added 2022-05-29 mopidy-spotify-tunigo = throw "mopidy-spotify-tunigo has been removed because Spotify stopped supporting libspotify"; # added 2022-05-29 morituri = throw "'morituri' has been renamed to/replaced by 'whipper'"; # Converted to throw 2022-02-22 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index a3cf75f9bcc..8fa84fd1247 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -28216,7 +28216,6 @@ with pkgs; mopidy-scrobbler mopidy-somafm mopidy-soundcloud - mopidy-spotify mopidy-subidy mopidy-tunein mopidy-youtube From 645f612c40776d895048a9575792fe456a22bb42 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= Date: Sun, 29 May 2022 22:12:40 +0000 Subject: [PATCH 12/58] python3Packages.pyspotify: remove --- .../python-modules/pyspotify/default.nix | 45 ------------------- pkgs/top-level/python-aliases.nix | 1 + pkgs/top-level/python-packages.nix | 2 - 3 files changed, 1 insertion(+), 47 deletions(-) delete mode 100644 pkgs/development/python-modules/pyspotify/default.nix diff --git a/pkgs/development/python-modules/pyspotify/default.nix b/pkgs/development/python-modules/pyspotify/default.nix deleted file mode 100644 index ae7e7468db9..00000000000 --- a/pkgs/development/python-modules/pyspotify/default.nix +++ /dev/null @@ -1,45 +0,0 @@ -{ lib -, stdenv -, buildPythonPackage -, fetchFromGitHub -, cffi -, libspotify -}: - -buildPythonPackage rec { - pname = "pyspotify"; - version = "2.1.3"; - - src = fetchFromGitHub { - owner = "mopidy"; - repo = "pyspotify"; - rev = "v${version}"; - sha256 = "sha256-CjIRwSlR5HPOJ9tp7lrdcDPiKH3p/PxvEJ8sqVD5s3Q="; - }; - - propagatedBuildInputs = [ cffi ]; - buildInputs = [ libspotify ]; - - # python zip complains about old timestamps - preConfigure = '' - find -print0 | xargs -0 touch - ''; - - postInstall = lib.optionalString stdenv.isDarwin '' - find "$out" -name _spotify.so -exec \ - install_name_tool -change \ - @loader_path/../Frameworks/libspotify.framework/libspotify \ - ${libspotify}/lib/libspotify.dylib \ - {} \; - ''; - - # There are no tests - doCheck = false; - - meta = with lib; { - homepage = "http://pyspotify.mopidy.com"; - description = "A Python interface to Spotify’s online music streaming service"; - license = licenses.unfree; - maintainers = with maintainers; [ lovek323 ]; - }; -} diff --git a/pkgs/top-level/python-aliases.nix b/pkgs/top-level/python-aliases.nix index 2018b1b8b99..d2cb8187afa 100644 --- a/pkgs/top-level/python-aliases.nix +++ b/pkgs/top-level/python-aliases.nix @@ -112,6 +112,7 @@ mapAliases ({ pymssql = throw "pymssql has been abandoned upstream."; # added 2020-05-04 pyreadability = readability-lxml; # added 2022-05-24 pysmart-smartx = pysmart; # added 2021-10-22 + pyspotify = throw "pyspotify has been removed because Spotify stopped supporting libspotify"; # added 2022-05-29 pytest_6 = pytest; # added 2022-02-10 pytestcov = pytest-cov; # added 2021-01-04 pytest-pep8 = pytestpep8; # added 2021-01-04 diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index cc133d1be49..a7a93c0af07 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -8079,8 +8079,6 @@ in { pyspnego = callPackage ../development/python-modules/pyspnego { }; - pyspotify = callPackage ../development/python-modules/pyspotify { }; - pysptk = callPackage ../development/python-modules/pysptk { }; pysqlcipher3 = callPackage ../development/python-modules/pysqlcipher3 { From 70c42db535fea306ff1586d29b840857b7fc7fd5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= Date: Sun, 29 May 2022 22:10:42 +0000 Subject: [PATCH 13/58] clementineUnfree: remove --- .../clementine/clementine-spotify-blob.patch | 13 --- .../applications/audio/clementine/default.nix | 95 +++++-------------- pkgs/top-level/all-packages.nix | 2 - 3 files changed, 22 insertions(+), 88 deletions(-) delete mode 100644 pkgs/applications/audio/clementine/clementine-spotify-blob.patch diff --git a/pkgs/applications/audio/clementine/clementine-spotify-blob.patch b/pkgs/applications/audio/clementine/clementine-spotify-blob.patch deleted file mode 100644 index 344fc31d70d..00000000000 --- a/pkgs/applications/audio/clementine/clementine-spotify-blob.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/src/internet/spotify/spotifyservice.cpp b/src/internet/spotify/spotifyservice.cpp -index 88c7383..6e0893c 100644 ---- a/src/internet/spotify/spotifyservice.cpp -+++ b/src/internet/spotify/spotifyservice.cpp -@@ -94,7 +94,7 @@ SpotifyService::SpotifyService(Application* app, InternetModel* parent) - system_blob_path_ = QCoreApplication::applicationDirPath() + - "/../PlugIns/clementine-spotifyblob"; - #else -- system_blob_path_ = QCoreApplication::applicationDirPath() + -+ system_blob_path_ = qgetenv("CLEMENTINE_SPOTIFYBLOB") + - "/clementine-spotifyblob" CMAKE_EXECUTABLE_SUFFIX; - #endif - diff --git a/pkgs/applications/audio/clementine/default.nix b/pkgs/applications/audio/clementine/default.nix index aa6c862641a..e3558127a61 100644 --- a/pkgs/applications/audio/clementine/default.nix +++ b/pkgs/applications/audio/clementine/default.nix @@ -23,7 +23,6 @@ , libpulseaudio , gvfs , libcdio -, libspotify , pcre , projectm , protobuf @@ -49,7 +48,8 @@ let withMTP = config.clementine.mtp or true; withCD = config.clementine.cd or true; withCloud = config.clementine.cloud or true; - +in mkDerivation { + pname = "clementine"; version = "unstable-2022-04-11"; src = fetchFromGitHub { @@ -59,10 +59,6 @@ let sha256 = "06fcbs3wig3mh711iypyj49qm5246f7qhvgvv8brqfrd8cqyh6qf"; }; - patches = [ - ./clementine-spotify-blob.patch - ]; - nativeBuildInputs = [ cmake pkg-config @@ -101,6 +97,8 @@ let alsa-lib ] + # gst_plugins needed for setup-hooks + ++ gst_plugins ++ lib.optionals (withIpod) [ libgpod libplist usbmuxd ] ++ lib.optionals (withMTP) [ libmtp ] ++ lib.optionals (withCD) [ libcdio ] @@ -115,74 +113,25 @@ let -e 's,libprotobuf.a,protobuf,g' ''; - free = mkDerivation { - pname = "clementine-free"; - inherit version; - inherit src patches nativeBuildInputs postPatch; + preConfigure = '' + rm -rf ext/{,lib}clementine-spotifyblob + ''; - # gst_plugins needed for setup-hooks - buildInputs = buildInputs ++ gst_plugins; + cmakeFlags = [ + "-DUSE_SYSTEM_PROJECTM=ON" + "-DSPOTIFY_BLOB=OFF" + ]; - preConfigure = '' - rm -rf ext/{,lib}clementine-spotifyblob - ''; + postInstall = '' + wrapProgram $out/bin/clementine \ + --prefix GST_PLUGIN_SYSTEM_PATH_1_0 : "$GST_PLUGIN_SYSTEM_PATH_1_0" + ''; - cmakeFlags = [ - "-DUSE_SYSTEM_PROJECTM=ON" - "-DSPOTIFY_BLOB=OFF" - ]; - - passthru.unfree = unfree; - - postInstall = '' - wrapProgram $out/bin/clementine \ - --prefix GST_PLUGIN_SYSTEM_PATH_1_0 : "$GST_PLUGIN_SYSTEM_PATH_1_0" - ''; - - meta = with lib; { - homepage = "https://www.clementine-player.org"; - description = "A multiplatform music player"; - license = licenses.gpl3Plus; - platforms = platforms.linux; - maintainers = [ maintainers.ttuegel ]; - }; + meta = with lib; { + homepage = "https://www.clementine-player.org"; + description = "A multiplatform music player"; + license = licenses.gpl3Plus; + platforms = platforms.linux; + maintainers = [ maintainers.ttuegel ]; }; - - # Unfree Spotify blob for Clementine - unfree = mkDerivation { - pname = "clementine-blob"; - inherit version; - # Use the same patches and sources as Clementine - inherit src nativeBuildInputs patches postPatch; - - buildInputs = buildInputs ++ [ libspotify ]; - # Only build and install the Spotify blob - preBuild = '' - cd ext/clementine-spotifyblob - ''; - postInstall = '' - mkdir -p $out/libexec/clementine - mv $out/bin/clementine-spotifyblob $out/libexec/clementine - rmdir $out/bin - - makeWrapper ${free}/bin/clementine $out/bin/clementine \ - --set CLEMENTINE_SPOTIFYBLOB $out/libexec/clementine - - mkdir -p $out/share - for dir in applications icons kde4; do - ln -s "${free}/share/$dir" "$out/share/$dir" - done - ''; - - meta = with lib; { - homepage = "https://www.clementine-player.org"; - description = "Spotify integration for Clementine"; - # The blob itself is Apache-licensed, although libspotify is unfree. - license = licenses.asl20; - platforms = platforms.linux; - maintainers = [ maintainers.ttuegel ]; - }; - }; - -in -free +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 8fa84fd1247..f9297d92f0c 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -4623,8 +4623,6 @@ with pkgs; protobuf = protobuf3_19; }; - clementineUnfree = clementine.unfree; - mellowplayer = libsForQt5.callPackage ../applications/audio/mellowplayer { }; ciopfs = callPackage ../tools/filesystems/ciopfs { }; From 1f402eec780bbbbe720cc46de98f02adc5770d92 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= Date: Sun, 29 May 2022 22:15:15 +0000 Subject: [PATCH 14/58] libspotify: remove As of May 16, 2022, Spotify no longer supports libspotify. https://developer.spotify.com/community/news/2022/04/12/libspotify-sunset/ --- .../libraries/libspotify/default.nix | 91 ------------------- pkgs/top-level/aliases.nix | 2 + pkgs/top-level/all-packages.nix | 2 - 3 files changed, 2 insertions(+), 93 deletions(-) delete mode 100644 pkgs/development/libraries/libspotify/default.nix diff --git a/pkgs/development/libraries/libspotify/default.nix b/pkgs/development/libraries/libspotify/default.nix deleted file mode 100644 index d9be4a2964f..00000000000 --- a/pkgs/development/libraries/libspotify/default.nix +++ /dev/null @@ -1,91 +0,0 @@ -{ lib, stdenv, fetchurl, libspotify, alsa-lib, readline, pkg-config, apiKey ? null, unzip, gnused }: - -let - version = "12.1.51"; - isLinux = (stdenv.hostPlatform.system == "x86_64-linux" || stdenv.hostPlatform.system == "i686-linux"); -in - -if (stdenv.hostPlatform.system != "x86_64-linux" && stdenv.hostPlatform.system != "x86_64-darwin" && stdenv.hostPlatform.system != "i686-linux") -then throw "Check https://developer.spotify.com/technologies/libspotify/ for a tarball for your system and add it here" -else stdenv.mkDerivation { - pname = "libspotify"; - inherit version; - - src = - if stdenv.hostPlatform.system == "x86_64-linux" then - fetchurl { - url = "https://developer.spotify.com/download/libspotify/libspotify-${version}-Linux-x86_64-release.tar.gz"; - sha256 = "0n0h94i4xg46hfba95n3ypah93crwb80bhgsg00f6sms683lx8a3"; - } - else if stdenv.hostPlatform.system == "x86_64-darwin" then - fetchurl { - url = "https://developer.spotify.com/download/libspotify/libspotify-${version}-Darwin-universal.zip"; - sha256 = "1gcgrc8arim3hnszcc886lmcdb4iigc08abkaa02l6gng43ky1c0"; - } - else if stdenv.hostPlatform.system == "i686-linux" then - fetchurl { - url = "https://developer.spotify.com/download/libspotify/libspotify-${version}-Linux-i686-release.tar.gz"; - sha256 = "1bjmn64gbr4p9irq426yap4ipq9rb84zsyhjjr7frmmw22xb86ll"; - } - else - null; - - dontBuild = true; - - installPhase = if (isLinux) - then "installPhase" - else '' - mkdir -p "$out"/include/libspotify - mv -v libspotify.framework/Versions/Current/Headers/api.h \ - "$out"/include/libspotify - mkdir -p "$out"/lib - mv -v libspotify.framework/Versions/Current/libspotify \ - "$out"/lib/libspotify.dylib - mkdir -p "$out"/share/man - mv -v man3 "$out"/share/man - ''; - - - # darwin-specific - nativeBuildInputs = lib.optional (stdenv.hostPlatform.system == "x86_64-darwin") unzip; - - # linux-specific - installFlags = lib.optional isLinux - "prefix=$(out)"; - patchPhase = lib.optionalString isLinux - "${gnused}/bin/sed -i 's/ldconfig//' Makefile"; - postInstall = lib.optionalString isLinux - "mv -v share $out"; - - passthru = { - samples = if apiKey == null - then throw '' - Please visit ${libspotify.meta.homepage} to get an api key then set config.libspotify.apiKey accordingly - '' else stdenv.mkDerivation { - pname = "libspotify-samples"; - inherit version; - src = libspotify.src; - nativeBuildInputs = [ pkg-config ]; - buildInputs = [ libspotify readline ] - ++ lib.optional (!stdenv.isDarwin) alsa-lib; - postUnpack = "sourceRoot=$sourceRoot/share/doc/libspotify/examples"; - patchPhase = "cp ${apiKey} appkey.c"; - installPhase = '' - mkdir -p $out/bin - install -m 755 jukebox/jukebox $out/bin - install -m 755 spshell/spshell $out/bin - install -m 755 localfiles/posix_stu $out/bin - ''; - meta = libspotify.meta // { description = "Spotify API library samples"; }; - }; - - inherit apiKey; - }; - - meta = with lib; { - description = "Spotify API library"; - homepage = "https://developer.spotify.com/technologies/libspotify"; - maintainers = with maintainers; [ lovek323 ]; - license = licenses.unfree; - }; -} diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index 7fdd85e8f5c..2ef27b25740 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -193,6 +193,7 @@ mapAliases ({ clawsMail = throw "'clawsMail' has been renamed to/replaced by 'claws-mail'"; # Converted to throw 2022-02-22 cldr-emoji-annotation = throw "'cldr-emoji-annotation' has been removed, as it was unmaintained; use 'cldr-annotations' instead"; # Added 2022-04-03 clearsilver = throw "clearsilver has been removed: abandoned by upstream"; # Added 2022-03-15 + clementineUnfree = throw "clementineUnfree has been removed because Spotify stopped supporting libspotify"; # added 2022-05-29 clutter_gtk = throw "'clutter_gtk' has been renamed to/replaced by 'clutter-gtk'"; # Converted to throw 2022-02-22 cmakeWithQt4Gui = throw "cmakeWithQt4Gui has been removed in favor of cmakeWithGui (Qt 5)"; # Added 2021-05 codimd = hedgedoc; # Added 2020-11-29 @@ -698,6 +699,7 @@ mapAliases ({ libressl_3_2 = throw "'libressl_3_2' has reached end-of-life "; # Added 2022-03-19 librsync_0_9 = throw "librsync_0_9 has been removed"; # Added 2021-07-24 libseat = seatd; # Added 2021-06-24 + libspotify = throw "libspotify has been removed because Spotify stopped supporting it"; # added 2022-05-29 libstdcxxHook = throw "libstdcxx hook has been removed because cc-wrapper is now directly aware of the c++ standard library intended to be used"; # Added 2020-06-22 libsysfs = throw "'libsysfs' has been renamed to/replaced by 'sysfsutils'"; # Converted to throw 2022-02-22 libtidy = throw "'libtidy' has been renamed to/replaced by 'html-tidy'"; # Converted to throw 2022-02-22 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index f9297d92f0c..3be31b9ea9c 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -29714,8 +29714,6 @@ with pkgs; spotify = callPackage ../applications/audio/spotify/wrapper.nix { }; - libspotify = callPackage ../development/libraries/libspotify (config.libspotify or {}); - sourcetrail = let llvmPackages = llvmPackages_10; in libsForQt5.callPackage ../development/tools/sourcetrail { From 8a12230be6fb3a5176786cdd5aa7cba042690ba3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Mon, 30 May 2022 05:31:11 +0200 Subject: [PATCH 15/58] python310Packages.geoip2: add missing dependency, description --- pkgs/development/python-modules/geoip2/default.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/geoip2/default.nix b/pkgs/development/python-modules/geoip2/default.nix index 2a626c9c9ea..c5e9a01db53 100644 --- a/pkgs/development/python-modules/geoip2/default.nix +++ b/pkgs/development/python-modules/geoip2/default.nix @@ -4,6 +4,7 @@ , mocket , requests , requests-mock +, urllib3 , pytestCheckHook }: @@ -21,7 +22,7 @@ buildPythonPackage rec { substituteInPlace requirements.txt --replace "requests>=2.24.0,<3.0.0" "requests" ''; - propagatedBuildInputs = [ aiohttp requests maxminddb ]; + propagatedBuildInputs = [ aiohttp maxminddb requests urllib3 ]; checkInputs = [ mocket @@ -32,7 +33,7 @@ buildPythonPackage rec { pythonImportsCheck = [ "geoip2" ]; meta = with lib; { - description = "Python client for GeoIP2 webservice client and database reader"; + description = "GeoIP2 webservice client and database reader"; homepage = "https://github.com/maxmind/GeoIP2-python"; license = licenses.asl20; maintainers = with maintainers; [ ]; From c9d0d43db0bbbef15c5d74f704484b5dd82db195 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Mon, 30 May 2022 06:26:22 +0200 Subject: [PATCH 16/58] python310Packages.codespell: remove pytest-cov --- pkgs/development/python-modules/codespell/default.nix | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/codespell/default.nix b/pkgs/development/python-modules/codespell/default.nix index d9b64cb8399..95b64dda4b2 100644 --- a/pkgs/development/python-modules/codespell/default.nix +++ b/pkgs/development/python-modules/codespell/default.nix @@ -1,4 +1,4 @@ -{ lib, buildPythonApplication, fetchFromGitHub, pytestCheckHook, pytest-cov, pytest-dependency, aspell-python, aspellDicts, chardet }: +{ lib, buildPythonApplication, fetchFromGitHub, pytestCheckHook, pytest-dependency, aspell-python, aspellDicts, chardet }: buildPythonApplication rec { pname = "codespell"; @@ -11,7 +11,13 @@ buildPythonApplication rec { sha256 = "sha256-BhYVztSr2MalILEcOcvMl07CObYa73o3kW8S/idqAO8="; }; - checkInputs = [ aspell-python chardet pytestCheckHook pytest-cov pytest-dependency ]; + postPatch = '' + substituteInPlace setup.cfg \ + --replace "--cov=codespell_lib" "" \ + --replace "--cov-report=" "" + ''; + + checkInputs = [ aspell-python chardet pytestCheckHook pytest-dependency ]; preCheck = '' export ASPELL_CONF="dict-dir ${aspellDicts.en}/lib/aspell" From 0dbe01aa771e19a5428710d0d7c2d5729b240de2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Mon, 30 May 2022 06:32:15 +0200 Subject: [PATCH 17/58] python310Packages.celery: remove stale postPatch --- pkgs/development/python-modules/celery/default.nix | 5 ----- 1 file changed, 5 deletions(-) diff --git a/pkgs/development/python-modules/celery/default.nix b/pkgs/development/python-modules/celery/default.nix index dd08fda6b1c..a005d0cfbfb 100644 --- a/pkgs/development/python-modules/celery/default.nix +++ b/pkgs/development/python-modules/celery/default.nix @@ -57,11 +57,6 @@ buildPythonPackage rec { pytestCheckHook ]; - postPatch = '' - substituteInPlace requirements/default.txt \ - --replace "setuptools>=59.1.1,<59.7.0" "setuptools" - ''; - disabledTestPaths = [ # test_eventlet touches network "t/unit/concurrency/test_eventlet.py" From 1593316a21521b24b3f5035e796a1ced78699941 Mon Sep 17 00:00:00 2001 From: Vincent Laporte Date: Mon, 30 May 2022 06:59:28 +0200 Subject: [PATCH 18/58] =?UTF-8?q?gajim:=201.4.1=20=E2=86=92=201.4.2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../networking/instant-messengers/gajim/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/instant-messengers/gajim/default.nix b/pkgs/applications/networking/instant-messengers/gajim/default.nix index 24b65db364d..3f26cfc4f6d 100644 --- a/pkgs/applications/networking/instant-messengers/gajim/default.nix +++ b/pkgs/applications/networking/instant-messengers/gajim/default.nix @@ -22,11 +22,11 @@ python3.pkgs.buildPythonApplication rec { pname = "gajim"; - version = "1.4.1"; + version = "1.4.2"; src = fetchurl { url = "https://gajim.org/downloads/${lib.versions.majorMinor version}/gajim-${version}.tar.gz"; - sha256 = "sha256:0mbx7s1d2xgk7bkhwqcdss6ynshkqdiwh3qgv7d45frb4c3k33l2"; + sha256 = "sha256:151lbz9092z8r2yva5039g867chcid3n804jk7hjawrd9vnw81az"; }; buildInputs = [ From 029b7b9b9964e2296d2bd01b38734f07484cbe8a Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 30 May 2022 05:03:57 +0000 Subject: [PATCH 19/58] python310Packages.pynetgear: 0.10.2 -> 0.10.3 --- pkgs/development/python-modules/pynetgear/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/pynetgear/default.nix b/pkgs/development/python-modules/pynetgear/default.nix index e60b667d80b..a6cda6e4d33 100644 --- a/pkgs/development/python-modules/pynetgear/default.nix +++ b/pkgs/development/python-modules/pynetgear/default.nix @@ -7,7 +7,7 @@ buildPythonPackage rec { pname = "pynetgear"; - version = "0.10.2"; + version = "0.10.3"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -16,7 +16,7 @@ buildPythonPackage rec { owner = "MatMaul"; repo = pname; rev = "refs/tags/${version}"; - sha256 = "sha256-/JynomaMARuE3svTdnnczHmP839S0EXLbE7xG9dYEv0="; + sha256 = "sha256-CuKV4a3f5FlkDRAOv6H7k5oGTiT8rRhE+NosKpvZj6g="; }; propagatedBuildInputs = [ From e037da1ccaab9a29f1884aa7b5ddcefb7acf348c Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 30 May 2022 05:15:58 +0000 Subject: [PATCH 20/58] python310Packages.hahomematic: 1.5.4 -> 1.6.1 --- pkgs/development/python-modules/hahomematic/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/hahomematic/default.nix b/pkgs/development/python-modules/hahomematic/default.nix index a815625bf6e..3d4af789a85 100644 --- a/pkgs/development/python-modules/hahomematic/default.nix +++ b/pkgs/development/python-modules/hahomematic/default.nix @@ -14,7 +14,7 @@ buildPythonPackage rec { pname = "hahomematic"; - version = "1.5.4"; + version = "1.6.1"; format = "pyproject"; disabled = pythonOlder "3.9"; @@ -23,7 +23,7 @@ buildPythonPackage rec { owner = "danielperna84"; repo = pname; rev = "refs/tags/${version}"; - sha256 = "sha256-V9wQXXPeoplxVcFDIhQcJFnKkewwDEaoQfTsQ7IyjOU="; + sha256 = "sha256-/v0om2SbikNpMCvJhwIGlWSiZilhnJi7qj8SCV+zHCU="; }; propagatedBuildInputs = [ From eee2bff922477148607cb5861dee8ebae0ae778e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Mon, 30 May 2022 04:22:50 +0200 Subject: [PATCH 21/58] python310Packages.structlog: remove unused depedency, little cleanup --- pkgs/development/python-modules/structlog/default.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/development/python-modules/structlog/default.nix b/pkgs/development/python-modules/structlog/default.nix index b6eb0c2672a..2bc61dac161 100644 --- a/pkgs/development/python-modules/structlog/default.nix +++ b/pkgs/development/python-modules/structlog/default.nix @@ -5,7 +5,6 @@ , pytest-asyncio , pretend , freezegun -, twisted , simplejson , six , pythonAtLeast @@ -16,7 +15,6 @@ buildPythonPackage rec { version = "21.5.0"; format = "flit"; - # sdist is missing conftest.py src = fetchFromGitHub { owner = "hynek"; repo = "structlog"; @@ -24,12 +22,14 @@ buildPythonPackage rec { sha256 = "0bc5lj0732j0hjq89llgrncyzs6k3aaffvg07kr3la44w0hlrb4l"; }; - checkInputs = [ pytestCheckHook pytest-asyncio pretend freezegun simplejson twisted ]; propagatedBuildInputs = [ six ]; - meta = { + checkInputs = [ pytestCheckHook pytest-asyncio pretend freezegun simplejson ]; + + meta = with lib; { description = "Painless structural logging"; homepage = "https://github.com/hynek/structlog"; - license = lib.licenses.asl20; + license = licenses.asl20; + maintainers = with maintainers; [ ]; }; } From b885589e7d5934a430ebfe8a4361d3c5e5459682 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Mon, 30 May 2022 06:09:24 +0200 Subject: [PATCH 22/58] python310Packages.kubernetes: 20.13.0 -> 23.6.0 --- .../development/python-modules/kubernetes/default.nix | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/pkgs/development/python-modules/kubernetes/default.nix b/pkgs/development/python-modules/kubernetes/default.nix index 61333cc52bd..bba71224cfd 100644 --- a/pkgs/development/python-modules/kubernetes/default.nix +++ b/pkgs/development/python-modules/kubernetes/default.nix @@ -12,6 +12,8 @@ , pyyaml , requests , requests-oauthlib +, setuptools +, six , urllib3 , websocket-client @@ -22,7 +24,7 @@ buildPythonPackage rec { pname = "kubernetes"; - version = "20.13.0"; + version = "23.6.0"; format = "setuptools"; disabled = pythonOlder "3.6"; @@ -31,8 +33,7 @@ buildPythonPackage rec { owner = "kubernetes-client"; repo = "python"; rev = "v${version}"; - sha256 = "sha256-zZb5jEQEluY1dfa7UegW+P7MV86ESqOey7kkC74ETlM="; - fetchSubmodules = true; + sha256 = "sha256-d6S7cMTiwIgqOcN9j3yeEXUNSro9I2b8HLJw1oGKjWI="; }; propagatedBuildInputs = [ @@ -43,6 +44,8 @@ buildPythonPackage rec { pyyaml requests requests-oauthlib + setuptools + six urllib3 websocket-client ]; @@ -65,6 +68,6 @@ buildPythonPackage rec { description = "Kubernetes Python client"; homepage = "https://github.com/kubernetes-client/python"; license = licenses.asl20; - maintainers = with maintainers; [ lsix ]; + maintainers = with maintainers; [ lsix SuperSandro2000 ]; }; } From 7997ad6d34032282d83e94a5ece19c2d621fff80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Mon, 30 May 2022 05:40:44 +0200 Subject: [PATCH 23/58] python310Packages.fake_factory: drop --- .../python-modules/fake_factory/default.nix | 37 ------------------- pkgs/top-level/python-aliases.nix | 1 + pkgs/top-level/python-packages.nix | 2 - 3 files changed, 1 insertion(+), 39 deletions(-) delete mode 100644 pkgs/development/python-modules/fake_factory/default.nix diff --git a/pkgs/development/python-modules/fake_factory/default.nix b/pkgs/development/python-modules/fake_factory/default.nix deleted file mode 100644 index 002df15177b..00000000000 --- a/pkgs/development/python-modules/fake_factory/default.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ lib -, buildPythonPackage -, fetchPypi -, python -, six -, python-dateutil -, ipaddress -, mock -}: - -buildPythonPackage rec { - pname = "fake-factory"; - version = "9999.9.9"; - - src = fetchPypi { - inherit pname version; - sha256 = "f5bd18deb22ad8cb4402513c025877bc6b50de58902d686b6b21ba8981dce260"; - }; - - propagatedBuildInputs = [ six python-dateutil ipaddress mock ]; - - # fake-factory is depreciated and single test will always fail - doCheck = false; - - checkPhase = '' - ${python.interpreter} -m unittest faker.tests - ''; - - meta = with lib; { - description = "A Python package that generates fake data for you"; - homepage = "https://pypi.python.org/pypi/fake-factory"; - license = licenses.mit; - maintainers = with maintainers; [ lovek323 ]; - platforms = platforms.unix; - }; - -} diff --git a/pkgs/top-level/python-aliases.nix b/pkgs/top-level/python-aliases.nix index 2018b1b8b99..64fe6105053 100644 --- a/pkgs/top-level/python-aliases.nix +++ b/pkgs/top-level/python-aliases.nix @@ -68,6 +68,7 @@ mapAliases ({ dogpile_cache = dogpile-cache; # added 2021-10-28 dogpile-core = throw "dogpile-core is no longer maintained, use dogpile-cache instead"; # added 2021-11-20 eebrightbox = throw "eebrightbox is unmaintained upstream and has therefore been removed"; # added 2022-02-03 + fake_factory = throw "fake_factory has been removed because it is unused and deprecated by upstream since 2016."; # added 2022-05-30 faulthandler = throw "faulthandler is built into ${python.executable}"; # added 2021-07-12 flask_testing = flask-testing; # added 2022-04-25 flask_wtf = flask-wtf; # added 2022-05-24 diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 189207368ba..2a5069e0246 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -2891,8 +2891,6 @@ in { factory_boy = callPackage ../development/python-modules/factory_boy { }; - fake_factory = callPackage ../development/python-modules/fake_factory { }; - fake-useragent = callPackage ../development/python-modules/fake-useragent { }; faker = callPackage ../development/python-modules/faker { }; From c4c4babb5533a8e4a5a4c1543d59cf9380e08fd0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Mon, 30 May 2022 05:25:25 +0200 Subject: [PATCH 24/58] python310Packages.mail-parser: remove unused input --- pkgs/development/python-modules/mail-parser/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/python-modules/mail-parser/default.nix b/pkgs/development/python-modules/mail-parser/default.nix index d3be0844f6f..42123445fc5 100644 --- a/pkgs/development/python-modules/mail-parser/default.nix +++ b/pkgs/development/python-modules/mail-parser/default.nix @@ -1,4 +1,4 @@ -{ lib, buildPythonPackage, python, pythonOlder, glibcLocales, fetchFromGitHub, six, simplejson }: +{ lib, buildPythonPackage, python, glibcLocales, fetchFromGitHub, six, simplejson }: buildPythonPackage rec { pname = "mail-parser"; From 39b60ae0b8474ecfaa87d52c36b392b04bb03191 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 30 May 2022 04:10:56 +0000 Subject: [PATCH 25/58] python310Packages.pglast: 3.10 -> 3.11 --- pkgs/development/python-modules/pglast/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/pglast/default.nix b/pkgs/development/python-modules/pglast/default.nix index 5c1a4b74a87..baef7ea8aad 100644 --- a/pkgs/development/python-modules/pglast/default.nix +++ b/pkgs/development/python-modules/pglast/default.nix @@ -8,14 +8,14 @@ buildPythonPackage rec { pname = "pglast"; - version = "3.10"; + version = "3.11"; format = "setuptools"; disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - hash = "sha256-rkoCtcBe5LBTTpmd+cj6s80UWXyTpMk74FipyK0t5go="; + hash = "sha256-JvWYrfo4HmvzwJ4vi8iGMfUKTMmpN6FS8fx2McKDj3Y="; }; propagatedBuildInputs = [ From b32b506ad0b4a99a7675fb8dea3af209d052875a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Mon, 30 May 2022 05:36:40 +0200 Subject: [PATCH 26/58] python310Packages.gpsoauth: cleanup dependencies --- .../python-modules/gpsoauth/default.nix | 20 ++++++------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/pkgs/development/python-modules/gpsoauth/default.nix b/pkgs/development/python-modules/gpsoauth/default.nix index 20d2e51e922..bf76347c9d0 100644 --- a/pkgs/development/python-modules/gpsoauth/default.nix +++ b/pkgs/development/python-modules/gpsoauth/default.nix @@ -1,41 +1,33 @@ { lib , buildPythonPackage , fetchPypi -, cffi -, cryptography -, enum34 -, idna -, ipaddress -, ndg-httpsclient -, pyopenssl -, pyasn1 -, pycparser , pycryptodomex +, pythonOlder , requests -, six }: buildPythonPackage rec { version = "1.0.0"; pname = "gpsoauth"; + disabled = pythonOlder "3.8"; + src = fetchPypi { inherit pname version; sha256 = "1c4d6a980625b8ab6f6f1cf3e30d9b10a6c61ababb2b60bfe4870649e9c82be0"; }; - propagatedBuildInputs = [ cffi cryptography enum34 idna ipaddress ndg-httpsclient pyopenssl pyasn1 pycparser pycryptodomex requests six ]; + propagatedBuildInputs = [ pycryptodomex requests ]; - # no tests executed + # upstream tests are not very comprehensive doCheck = false; pythonImportsCheck = [ "gpsoauth" ]; meta = with lib; { - description = "A python client library for Google Play Services OAuth"; + description = "Library for Google Play Services OAuth"; homepage = "https://github.com/simon-weber/gpsoauth"; license = licenses.mit; maintainers = with maintainers; [ jgillich ]; }; - } From 412ec27c1688e282b18453e7ae15a8628a740aa9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Mon, 30 May 2022 06:02:38 +0200 Subject: [PATCH 27/58] python310Packages.pysaml2: add missing dependency on setuptools --- pkgs/development/python-modules/pysaml2/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkgs/development/python-modules/pysaml2/default.nix b/pkgs/development/python-modules/pysaml2/default.nix index 1c6d9b45c56..ac46cdf0ec4 100644 --- a/pkgs/development/python-modules/pysaml2/default.nix +++ b/pkgs/development/python-modules/pysaml2/default.nix @@ -14,6 +14,7 @@ , pytz , requests , responses +, setuptools , six , substituteAll , xmlschema @@ -36,11 +37,12 @@ buildPythonPackage rec { propagatedBuildInputs = [ cryptography - python-dateutil defusedxml pyopenssl + python-dateutil pytz requests + setuptools six xmlschema ] ++ lib.optionals (pythonOlder "3.9") [ From d02116e31944b63058b592b1025fe090eea6c95f Mon Sep 17 00:00:00 2001 From: Jonathan Ringer Date: Mon, 30 May 2022 00:02:51 -0700 Subject: [PATCH 28/58] python3Packages.transformers: fix pytorch reference --- pkgs/development/python-modules/transformers/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/transformers/default.nix b/pkgs/development/python-modules/transformers/default.nix index adef7a19afc..dcc89161d4e 100644 --- a/pkgs/development/python-modules/transformers/default.nix +++ b/pkgs/development/python-modules/transformers/default.nix @@ -17,7 +17,7 @@ , scikit-learn , pillow , pyyaml -, torch +, pytorch , tokenizers , tqdm }: @@ -67,7 +67,7 @@ buildPythonPackage rec { # tf2onnx ]; torch = [ - torch + pytorch ]; tokenizers = [ tokenizers From 5523be73f4913ff62e54a859b4e2359e57229b51 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 30 May 2022 03:41:01 +0000 Subject: [PATCH 29/58] python310Packages.brother: 1.2.2 -> 1.2.3 --- pkgs/development/python-modules/brother/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/brother/default.nix b/pkgs/development/python-modules/brother/default.nix index 551dffa6541..7dbab50b63b 100644 --- a/pkgs/development/python-modules/brother/default.nix +++ b/pkgs/development/python-modules/brother/default.nix @@ -10,7 +10,7 @@ buildPythonPackage rec { pname = "brother"; - version = "1.2.2"; + version = "1.2.3"; format = "setuptools"; disabled = pythonOlder "3.8"; @@ -19,7 +19,7 @@ buildPythonPackage rec { owner = "bieniu"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-pxFp/CSoskAx6DdZlkBRvocUJ5Kt5ymPwxpLhT743uE="; + hash = "sha256-+o6hv63u6FBEu57mD02lss0LQPwgBnXsP8CKQ+/74/Q="; }; propagatedBuildInputs = [ From 8bb4fac4053aa311b836c1243f817f5cd506e01d Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Mon, 30 May 2022 14:01:41 +1000 Subject: [PATCH 30/58] terraform-providers: update scripts - skip updates that include alphabetic characters in version --- .../networking/cluster/terraform-providers/update-provider | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/applications/networking/cluster/terraform-providers/update-provider b/pkgs/applications/networking/cluster/terraform-providers/update-provider index fb506cefbe0..482da6a6027 100755 --- a/pkgs/applications/networking/cluster/terraform-providers/update-provider +++ b/pkgs/applications/networking/cluster/terraform-providers/update-provider @@ -129,7 +129,7 @@ if [[ ${old_version} == "${version}" && ${force} != 1 && -z ${vendorSha256} && $ echo_provider "already at version ${version}" exit fi -if [[ ${version} =~ (alpha|beta|pre) && ${force} != 1 ]]; then +if [[ ${version} =~ [[:alpha:]] && ${force} != 1 ]]; then echo_provider "not updating to unstable version ${version}" exit fi From 049be08db3addfd5bdf7361e057b7198b0327e33 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 30 May 2022 03:55:46 +0000 Subject: [PATCH 31/58] terraform-providers: update 2022-05-30 --- .../terraform-providers/providers.json | 183 +++++++++--------- 1 file changed, 92 insertions(+), 91 deletions(-) diff --git a/pkgs/applications/networking/cluster/terraform-providers/providers.json b/pkgs/applications/networking/cluster/terraform-providers/providers.json index 54a3904550b..114ebe445a1 100644 --- a/pkgs/applications/networking/cluster/terraform-providers/providers.json +++ b/pkgs/applications/networking/cluster/terraform-providers/providers.json @@ -49,10 +49,10 @@ "owner": "aliyun", "provider-source-address": "registry.terraform.io/aliyun/alicloud", "repo": "terraform-provider-alicloud", - "rev": "v1.168.0", - "sha256": "sha256-NN4dqEywcoP4tk2J6RfWqoGw+95bIEoxb4YpwPtoTZ0=", - "vendorSha256": "sha256-qZNYfSlUkCu7FudbKF4IOgK1xWM5LqUghclOeGOxYXg=", - "version": "1.168.0" + "rev": "v1.169.0", + "sha256": "sha256-rtQN1l6OMEN/fudg67BFmk/OpwMVxxDM36zks3WvyUM=", + "vendorSha256": "sha256-bSJDPNkO8MQT1/coyHSCWNQ8zudrX+2KNwsASGeKh8s=", + "version": "1.169.0" }, "ansible": { "owner": "nbering", @@ -103,10 +103,10 @@ "owner": "hashicorp", "provider-source-address": "registry.terraform.io/hashicorp/aws", "repo": "terraform-provider-aws", - "rev": "v4.15.1", - "sha256": "sha256-o8yUcjw4X+Vx49hV+0guccueWoHvpxSs+sMsbAoAw9o=", - "vendorSha256": "sha256-l7Fe5hhEvJ5DiZ3t79sZYIt+6eZkjjf7Npmr8p2/e/4=", - "version": "4.15.1" + "rev": "v4.16.0", + "sha256": "sha256-PHm2MR1JDH3RnMqX3FjbjVFNTPD8CX2K7eemJ9ZMiJU=", + "vendorSha256": "sha256-UBOvQexfbSUh/9XKCvOYoMVH+QYLiwcdlZ8mcjy2AKU=", + "version": "4.16.0" }, "azuread": { "owner": "hashicorp", @@ -121,10 +121,10 @@ "owner": "hashicorp", "provider-source-address": "registry.terraform.io/hashicorp/azurerm", "repo": "terraform-provider-azurerm", - "rev": "v3.7.0", - "sha256": "sha256-dvkR2nEtf4HvLTIoa++4PI5oNOPuJzI4obxdI4meKG4=", + "rev": "v3.8.0", + "sha256": "sha256-PqupNzZlcgqld25dFN0GHNM7YJ8zSuZ04cz40dUMv/0=", "vendorSha256": null, - "version": "3.7.0" + "version": "3.8.0" }, "azurestack": { "owner": "hashicorp", @@ -145,22 +145,23 @@ "version": "0.8.0" }, "baiducloud": { + "deleteVendor": true, "owner": "baidubce", "provider-source-address": "registry.terraform.io/baidubce/baiducloud", "repo": "terraform-provider-baiducloud", - "rev": "v1.12.0", - "sha256": "1m7cw08ld073q1dsa7njshps21nc71gsz0kp6qj0p638zqx62xn7", - "vendorSha256": null, - "version": "1.12.0" + "rev": "v1.12.5", + "sha256": "sha256-SR2LYwxeGR9UJLj8+13+UtgXynLquttDGvIIQqxvbcY=", + "vendorSha256": "sha256-pA2dAC8AasWLTlC+SddS4kWT16FqcyBrtdVMV9k/FtE=", + "version": "1.12.5" }, "bigip": { "owner": "F5Networks", "provider-source-address": "registry.terraform.io/F5Networks/bigip", "repo": "terraform-provider-bigip", - "rev": "v1.13.1", - "sha256": "sha256-nNcOHTFJrvvjKAZUsb1IVTp71/Xk5OuSzihPyi08anw=", + "rev": "v1.14.0", + "sha256": "sha256-Z3YqiKGlMrn55ZZsRjuvKAFRNW1G2D2Iczlk42yHk34=", "vendorSha256": null, - "version": "1.13.1" + "version": "1.14.0" }, "bitbucket": { "owner": "DrFaust92", @@ -184,10 +185,10 @@ "owner": "buildkite", "provider-source-address": "registry.terraform.io/buildkite/buildkite", "repo": "terraform-provider-buildkite", - "rev": "v0.9.0", - "sha256": "sha256-k7caRT/9YA198I6K3Qv3UcyQiULpOvJ3Smc816sKHkQ=", + "rev": "v0.11.0", + "sha256": "sha256-BpQpMAecpknI8b1q6XuZPty8I/AUTAwQWm5Y28XJ+G4=", "vendorSha256": "sha256-smBADIbH/t2IUt2w0VQ2BOU6iAuxVRa1yu4C5P2VeIo=", - "version": "0.9.0" + "version": "0.11.0" }, "checkly": { "owner": "checkly", @@ -221,10 +222,10 @@ "owner": "cloudamqp", "provider-source-address": "registry.terraform.io/cloudamqp/cloudamqp", "repo": "terraform-provider-cloudamqp", - "rev": "v1.16.0", - "sha256": "sha256-swE4Nr1cQzNQOq8q6o0nZhhYRtgAwTfx6Epm76Jjjqg=", - "vendorSha256": "sha256-oPeldPn30uS5Yl6IfXVPy2R7/wsAdZsEbbhVnVHQVwk=", - "version": "1.16.0" + "rev": "v1.17.2", + "sha256": "sha256-/17CEejRGgLAJfAt4bOijpNVZhR2Tt9sXxBcfcC8EDQ=", + "vendorSha256": "sha256-tPYbkQz7he5V5+z3Swt9ch9Sdr1xqgbpDHasd4xB1B8=", + "version": "1.17.2" }, "cloudflare": { "owner": "cloudflare", @@ -294,10 +295,10 @@ "owner": "DataDog", "provider-source-address": "registry.terraform.io/DataDog/datadog", "repo": "terraform-provider-datadog", - "rev": "v3.11.0", - "sha256": "sha256-9ugNj/D6VPaERckV0cCPlBjNtzS9tLJj+rc/8MhxCVU=", - "vendorSha256": "sha256-XxOOOljx+p4onI6SF8UY+gy7x7G2pduEqODT1UX4zfg=", - "version": "3.11.0" + "rev": "v3.12.0", + "sha256": "sha256-17VtO+dHYMVvbG8cOVRx5qKPvmOoUGkNUl4aHrdsemQ=", + "vendorSha256": "sha256-Od80m/RsxUQpyalF4jN1Hv6/+kVwYEmqeJyiTbEwC2g=", + "version": "3.12.0" }, "dhall": { "owner": "awakesecurity", @@ -312,10 +313,10 @@ "owner": "digitalocean", "provider-source-address": "registry.terraform.io/digitalocean/digitalocean", "repo": "terraform-provider-digitalocean", - "rev": "v2.19.0", - "sha256": "sha256-I1BcBsl9liyg9XVd30q6Un+B8km7dpLhLMn1Vgn21dk=", + "rev": "v2.20.0", + "sha256": "sha256-1RgQgxGORVvXovx4Ovm5SUsGgMD7CJjgHsgzw+bO8U4=", "vendorSha256": null, - "version": "2.19.0" + "version": "2.20.0" }, "dme": { "owner": "DNSMadeEasy", @@ -375,10 +376,10 @@ "owner": "exoscale", "provider-source-address": "registry.terraform.io/exoscale/exoscale", "repo": "terraform-provider-exoscale", - "rev": "v0.35.0", - "sha256": "sha256-iIClnbCldGnihpML9xF0kyR4viXZzAsTF8MFT53wg+A=", + "rev": "v0.36.0", + "sha256": "sha256-cziPxZrvmv3Lpqn2kCwy8DGwOhQCTPcHZg22hYSBW0A=", "vendorSha256": null, - "version": "0.35.0" + "version": "0.36.0" }, "external": { "owner": "hashicorp", @@ -429,39 +430,39 @@ "owner": "integrations", "provider-source-address": "registry.terraform.io/integrations/github", "repo": "terraform-provider-github", - "rev": "v4.25.0", - "sha256": "sha256-9sZYg/gpCq2qpUhhFQjLVZLlNnYWaCz5K4/+TvCD/qk=", + "rev": "v4.26.0", + "sha256": "sha256-VH5AFT0wDFZ9MJtv+/KlcXD43Tg3QuDHI3vOw6qQoOU=", "vendorSha256": null, - "version": "4.25.0" + "version": "4.26.0" }, "gitlab": { "owner": "gitlabhq", "provider-source-address": "registry.terraform.io/gitlabhq/gitlab", "repo": "terraform-provider-gitlab", - "rev": "v3.14.0", - "sha256": "sha256-KUlFEVeST/ujerpkjHYzdROwkFD4ASx0juHOKWKM14o=", - "vendorSha256": "sha256-M03+MK7YB3IPHA/w+yrO6YohPzknCmhguO5b25qzDzw=", - "version": "3.14.0" + "rev": "v3.15.0", + "sha256": "sha256-UF0yhgynqgW9dnVae19yaDqPsmanyGOgmwU9YaTTYMo=", + "vendorSha256": "sha256-wstFJ0eOIutyexhEvxvdUCAMOW+bPZnc+Ec9C4T5BuI=", + "version": "3.15.0" }, "google": { "owner": "hashicorp", "provider-source-address": "registry.terraform.io/hashicorp/google", "proxyVendor": true, "repo": "terraform-provider-google", - "rev": "v4.21.0", - "sha256": "sha256-xintCclIhM2FqmbYoWTPGq/twkUH3M2ebc/b0SZ/hXY=", - "vendorSha256": "sha256-B3JiVeCzeCtsAvQiHayZY3pahN4bwizE6d99Qw2VYK8=", - "version": "4.21.0" + "rev": "v4.22.0", + "sha256": "sha256-L85rh/UNXBO64VBJUNePMrAgTAKJMghH9LeQgYNhuqg=", + "vendorSha256": "sha256-wc+B0PPgq+m/Kxkaappf8jiLhm3ch8yP+KqGzzlmwFI=", + "version": "4.22.0" }, "google-beta": { "owner": "hashicorp", "provider-source-address": "registry.terraform.io/hashicorp/google-beta", "proxyVendor": true, "repo": "terraform-provider-google-beta", - "rev": "v4.21.0", - "sha256": "sha256-3oViGAFwUTBC4tMUlnjUDHdmk+sxtCeVZNbYGGwHhwU=", - "vendorSha256": "sha256-B3JiVeCzeCtsAvQiHayZY3pahN4bwizE6d99Qw2VYK8=", - "version": "4.21.0" + "rev": "v4.22.0", + "sha256": "sha256-D21cdG3dPNOJjGS+x4Yb2cwsmzrwnkg0ByQGRjuMZcI=", + "vendorSha256": "sha256-wc+B0PPgq+m/Kxkaappf8jiLhm3ch8yP+KqGzzlmwFI=", + "version": "4.22.0" }, "googleworkspace": { "owner": "hashicorp", @@ -476,10 +477,10 @@ "owner": "grafana", "provider-source-address": "registry.terraform.io/grafana/grafana", "repo": "terraform-provider-grafana", - "rev": "v1.22.0", - "sha256": "sha256-0OkFf2YiwJHwXheYkN1HA1DG5vadyhZOzVjmu0BNDHI=", - "vendorSha256": "sha256-Pd4cSmDzRhu8MD2osXg6mVYiKG2VM6MQ67aC6jDy59U=", - "version": "1.22.0" + "rev": "v1.23.0", + "sha256": "sha256-5cOl+HmMKcEA8MOjopH1h8BGuI2wa8QWHUNs3JoFFP0=", + "vendorSha256": "sha256-nnJNYi16nqddMQRCXy9TzsRFGsPOPCF0cWmCDB2m5xM=", + "version": "1.23.0" }, "gridscale": { "owner": "gridscale", @@ -692,10 +693,10 @@ "owner": "logicmonitor", "provider-source-address": "registry.terraform.io/logicmonitor/logicmonitor", "repo": "terraform-provider-logicmonitor", - "rev": "v2.0.1", - "sha256": "sha256-LW88NTWwzGrpOpliVqc1AOjxaZ4p/8gq9twEpjY3FzE=", + "rev": "v2.0.2", + "sha256": "sha256-F22tBNnH8dvSjrd0Wx+bAfiiQ9emJjHGXn3x4mQKH5E=", "vendorSha256": null, - "version": "2.0.1" + "version": "2.0.2" }, "lxd": { "owner": "terraform-lxd", @@ -782,10 +783,10 @@ "owner": "newrelic", "provider-source-address": "registry.terraform.io/newrelic/newrelic", "repo": "terraform-provider-newrelic", - "rev": "v2.45.1", - "sha256": "sha256-KA4uvhK54JgzjAeIMvlLWQjul8ZZFbvmXyQTqOonxYY=", - "vendorSha256": "sha256-8nEbs5lDpXZ49QkIC1oRxZm+gVGx9xqDHe6jK8wWOA8=", - "version": "2.45.1" + "rev": "v2.46.1", + "sha256": "sha256-XWCvgBIFOY9fX+WwCoPalHDmFozAm2LPL+R+znDs1XA=", + "vendorSha256": "sha256-bRegJiWC3NvFBEEOAnSbZBT71W0Yeor+bmtXf7lLr78=", + "version": "2.46.1" }, "nomad": { "owner": "hashicorp", @@ -800,10 +801,10 @@ "owner": "ns1-terraform", "provider-source-address": "registry.terraform.io/ns1-terraform/ns1", "repo": "terraform-provider-ns1", - "rev": "v1.12.6", - "sha256": "sha256-nP951YipGzsweJvV2PE0UlWGP+cAM6s18F5MCcxTxeo=", + "rev": "v1.12.7", + "sha256": "sha256-pzFfU/fs+c0AjY63CmKeKEKrnf+PF1cfG5P4euFY4ns=", "vendorSha256": "sha256-MaJHCxvD9BM5G8wJbSo06+TIPvJTlXzQ+l9Kdbg0QQw=", - "version": "1.12.6" + "version": "1.12.7" }, "nsxt": { "owner": "vmware", @@ -837,19 +838,19 @@ "owner": "oracle", "provider-source-address": "registry.terraform.io/oracle/oci", "repo": "terraform-provider-oci", - "rev": "v4.76.0", - "sha256": "sha256-sJ837jK/iYOC3dPFHoix1fiiSFMCNSqYEus9VlhXqMg=", + "rev": "v4.77.0", + "sha256": "sha256-FUCqNugAdJtTv7HtPH8ji56423iyWYPnDVGtOgJWatg=", "vendorSha256": null, - "version": "4.76.0" + "version": "4.77.0" }, "okta": { "owner": "okta", "provider-source-address": "registry.terraform.io/okta/okta", "repo": "terraform-provider-okta", - "rev": "v3.27.0", - "sha256": "sha256-DDNq4Yvx45ynNePg8bW8tQ6LuyvUfudxY+M88+pIXMQ=", - "vendorSha256": "sha256-but/2CF3OW2aefUIy5XnDvhtXYqfCkHIrS1EDQoD9jM=", - "version": "3.27.0" + "rev": "v3.28.0", + "sha256": "sha256-1lTmXcBdCwQFDyO6ABByGl1klvTU8r6DpOrCX0l/aTU=", + "vendorSha256": "sha256-uI+C8LFw+R0np2dN1aUbcR2shVNhg6fiBICr0aWyngY=", + "version": "3.28.0" }, "oktaasa": { "owner": "oktadeveloper", @@ -882,10 +883,10 @@ "owner": "opentelekomcloud", "provider-source-address": "registry.terraform.io/opentelekomcloud/opentelekomcloud", "repo": "terraform-provider-opentelekomcloud", - "rev": "v1.29.3", - "sha256": "sha256-rFaryW9yibw5whTYOb7kDF45l5NI9bdZvVQezIqudE8=", - "vendorSha256": "sha256-FOcddb1+uG5avqYZMvzR1UXDvtDDwtxBzf7FsN6ZROM=", - "version": "1.29.3" + "rev": "v1.29.4", + "sha256": "sha256-ZsrCmg/7Flef8tU7ZTI+MnorJbafnY63mf1/anxwMaQ=", + "vendorSha256": "sha256-jxtkF3VXrsfF/Dpp7mDz+3XYootoxQX3YSp9bX7j6Cg=", + "version": "1.29.4" }, "opsgenie": { "owner": "opsgenie", @@ -963,10 +964,10 @@ "owner": "rancher", "provider-source-address": "registry.terraform.io/rancher/rancher2", "repo": "terraform-provider-rancher2", - "rev": "v1.23.0", - "sha256": "sha256-GmesO28YUaaBBTr+hbn8OxDf4oABQFEw8wPzA9LtFyM=", - "vendorSha256": "sha256-kTPL/db/wBzLWaqib6WQPokuuT2bcDyBgEvfm8xjhuw=", - "version": "1.23.0" + "rev": "v1.24.0", + "sha256": "sha256-rNoz34ogNcthKBO26OL4TkIOyD95amPT2ByC6afqV1w=", + "vendorSha256": "sha256-cSf/peZBChjrElkwAK4eoczll1fyDvfnxm16wF/pqTs=", + "version": "1.24.0" }, "random": { "owner": "hashicorp", @@ -1017,10 +1018,10 @@ "owner": "jianyuan", "provider-source-address": "registry.terraform.io/jianyuan/sentry", "repo": "terraform-provider-sentry", - "rev": "v0.7.0", - "sha256": "09rxgq4m28nhwg6y51m5sq3d12lx7r1q3k76zrd5gpbxagqhvhkr", - "vendorSha256": "1wh2nf5q69j1p568c0q5yhlkd8ij3r8jg2769qy51wsj3bbv0wcj", - "version": "0.7.0" + "rev": "v0.8.0", + "sha256": "sha256-3PTM3GOImwO/yqzR6tOuwU0f+74DfK4RQSBY0vmH3qs=", + "vendorSha256": "sha256-naMuvrVIJp82NIFoR1oEEN6cZFqG4craDh8YU3+NSf0=", + "version": "0.8.0" }, "shell": { "owner": "scottwinkler", @@ -1071,10 +1072,10 @@ "owner": "spotinst", "provider-source-address": "registry.terraform.io/spotinst/spotinst", "repo": "terraform-provider-spotinst", - "rev": "v1.74.0", - "sha256": "sha256-wdhpkQM7J4WO4nN+0R8XfgbuusK0zDzSDy/DyOB8GcI=", - "vendorSha256": "sha256-OT5YuAlZNRCvwvZpCrhtKj4YiosEuHrTLQkWFYuKZrw=", - "version": "1.74.0" + "rev": "v1.75.0", + "sha256": "sha256-4MQVttAyt6o0fFKOLFnMlBS6iN51LdaM5ajEnpDmQXE=", + "vendorSha256": "sha256-oTtu/h7Fu+UtjQeOmxnHQr39dUIpsFST8zkejyuN3ig=", + "version": "1.75.0" }, "stackpath": { "owner": "stackpath", @@ -1261,10 +1262,10 @@ "owner": "vmware", "provider-source-address": "registry.terraform.io/vmware/wavefront", "repo": "terraform-provider-wavefront", - "rev": "v3.0.2", - "sha256": "sha256-HCo6Hw724kQrPOCHoyByThq7L5NIZ/0AHmnQD27RUFA=", - "vendorSha256": "sha256-PdSW3tyQUWbBiaM9U3NsqX/j4fMw9ZmjEDdyjxmRfD0=", - "version": "3.0.2" + "rev": "v3.1.0", + "sha256": "sha256-Q9ikBBlqprdu4BheItrWBoWqODgMXLgbtSg9RHtejBE=", + "vendorSha256": "sha256-sUzlDapp1smQ4lbgvsz22y3/fGkfJdHBlK7HNfihYpI=", + "version": "3.1.0" }, "yandex": { "owner": "yandex-cloud", From 30d5e6068af96b31ca729d83f52c238f4082be1a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Mon, 30 May 2022 05:42:13 +0200 Subject: [PATCH 32/58] python310Packages.elasticsearch-dsl: remove ipaddress dependency --- .../development/python-modules/elasticsearch-dsl/default.nix | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/pkgs/development/python-modules/elasticsearch-dsl/default.nix b/pkgs/development/python-modules/elasticsearch-dsl/default.nix index 5f55a3ac473..2fe746ea7f3 100644 --- a/pkgs/development/python-modules/elasticsearch-dsl/default.nix +++ b/pkgs/development/python-modules/elasticsearch-dsl/default.nix @@ -1,9 +1,7 @@ { lib , buildPythonPackage , fetchPypi -, isPy3k , elasticsearch -, ipaddress , python-dateutil , six }: @@ -17,8 +15,7 @@ buildPythonPackage rec { sha256 = "c4a7b93882918a413b63bed54018a1685d7410ffd8facbc860ee7fd57f214a6d"; }; - propagatedBuildInputs = [ elasticsearch python-dateutil six ] - ++ lib.optional (!isPy3k) ipaddress; + propagatedBuildInputs = [ elasticsearch python-dateutil six ]; # ImportError: No module named test_elasticsearch_dsl # Tests require a local instance of elasticsearch From 4dc5ea5202a17db17953551a88966cc3e85256c4 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sun, 29 May 2022 16:05:09 +0000 Subject: [PATCH 33/58] python310Packages.sphinxcontrib-spelling: 7.4.0 -> 7.4.1 --- .../python-modules/sphinxcontrib-spelling/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/sphinxcontrib-spelling/default.nix b/pkgs/development/python-modules/sphinxcontrib-spelling/default.nix index 5ffdc0221e7..80f988c477a 100644 --- a/pkgs/development/python-modules/sphinxcontrib-spelling/default.nix +++ b/pkgs/development/python-modules/sphinxcontrib-spelling/default.nix @@ -10,14 +10,14 @@ buildPythonPackage rec { pname = "sphinxcontrib-spelling"; - version = "7.4.0"; + version = "7.4.1"; format = "setuptools"; disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - hash = "sha256-GLsQu912pXRg7dejBka9lXZt+oxv50/T7J2ZQ2BlmGA="; + hash = "sha256-OpbyKqxq9JQHOvrLmI2U2NfCtgJ7IFA6jyDa4ysQw74="; }; nativeBuildInputs = [ From c68d9334815057d61e379a0adc9019e594867d84 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sun, 29 May 2022 16:32:27 +0000 Subject: [PATCH 34/58] python310Packages.flask-httpauth: 4.6.0 -> 4.7.0 --- pkgs/development/python-modules/flask-httpauth/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/flask-httpauth/default.nix b/pkgs/development/python-modules/flask-httpauth/default.nix index fb313faff23..9c57881f4b2 100644 --- a/pkgs/development/python-modules/flask-httpauth/default.nix +++ b/pkgs/development/python-modules/flask-httpauth/default.nix @@ -2,14 +2,14 @@ buildPythonPackage rec { pname = "flask-httpauth"; - version = "4.6.0"; + version = "4.7.0"; disabled = python.pythonOlder "3"; src = fetchPypi { pname = "Flask-HTTPAuth"; version = version; - sha256 = "sha256-IHbPhuhMaqRC7gM0S/91Hq4TPTWhpIkx5vmfFHFhtVs="; + sha256 = "sha256-9xmee60g1baLPwtivd/KdjfFUIfp0C9gWuJuDeR5/ZQ="; }; checkInputs = [ pytestCheckHook ]; From c78821e0fd85bfda2622cfd9a187358ea03a09e5 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Sat, 28 May 2022 23:34:50 +0200 Subject: [PATCH 35/58] python310Packages.wordcloud: switch to pytestCheckHook --- .../python-modules/wordcloud/default.nix | 59 ++++++++++++++----- 1 file changed, 43 insertions(+), 16 deletions(-) diff --git a/pkgs/development/python-modules/wordcloud/default.nix b/pkgs/development/python-modules/wordcloud/default.nix index e04f17c214d..2ac682c775f 100644 --- a/pkgs/development/python-modules/wordcloud/default.nix +++ b/pkgs/development/python-modules/wordcloud/default.nix @@ -1,35 +1,44 @@ -{ lib, buildPythonPackage, fetchFromGitHub +{ lib +, buildPythonPackage +, cython +, fetchFromGitHub +, fetchpatch , matplotlib , mock , numpy , pillow -, cython -, pytest-cov -, pytest -, fetchpatch +, pytestCheckHook +, pythonOlder }: buildPythonPackage rec { - pname = "word_cloud"; + pname = "wordcloud"; version = "1.8.1"; + format = "setuptools"; + + disabled = pythonOlder "3.7"; - # tests are not included in pypi tarball src = fetchFromGitHub { owner = "amueller"; repo = pname; rev = version; - sha256 = "sha256-4EFQfv+Jn9EngUAyDoJP0yv9zr9Tnbrdwq1YzDacB9Q="; + hash = "sha256-4EFQfv+Jn9EngUAyDoJP0yv9zr9Tnbrdwq1YzDacB9Q="; }; - nativeBuildInputs = [ cython ]; - propagatedBuildInputs = [ matplotlib numpy pillow ]; + nativeBuildInputs = [ + cython + ]; - # Tests require extra dependencies - checkInputs = [ mock pytest pytest-cov ]; + propagatedBuildInputs = [ + matplotlib + numpy + pillow + ]; - checkPhase = '' - PATH=$out/bin:$PATH pytest test - ''; + checkInputs = [ + mock + pytestCheckHook + ]; patches = [ (fetchpatch { @@ -39,8 +48,26 @@ buildPythonPackage rec { }) ]; + postPatch = '' + substituteInPlace setup.cfg \ + --replace " --cov --cov-report xml --tb=short" "" + ''; + + preCheck = '' + cd test + ''; + + pythonImportsCheck = [ + "wordcloud" + ]; + + disabledTests = [ + # Don't tests CLI + "test_cli_as_executable" + ]; + meta = with lib; { - description = "A little word cloud generator in Python"; + description = "Word cloud generator in Python"; homepage = "https://github.com/amueller/word_cloud"; license = licenses.mit; maintainers = with maintainers; [ jm2dev ]; From f6facfe59d1e6f891d456a93ac34ae60d7ab2813 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sun, 29 May 2022 13:58:51 +0000 Subject: [PATCH 36/58] python310Packages.pims: 0.6.0 -> 0.6.1 --- pkgs/development/python-modules/pims/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/python-modules/pims/default.nix b/pkgs/development/python-modules/pims/default.nix index 85a867ec511..879e25f7741 100644 --- a/pkgs/development/python-modules/pims/default.nix +++ b/pkgs/development/python-modules/pims/default.nix @@ -11,7 +11,7 @@ buildPythonPackage rec { pname = "pims"; - version = "0.6.0"; + version = "0.6.1"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -19,8 +19,8 @@ buildPythonPackage rec { src = fetchFromGitHub { owner = "soft-matter"; repo = pname; - rev = "v${version}"; - hash = "sha256-F4UWbD9fOfvaZwYcY1l7XOzVKZyqqTGTqVJoNPo1Ozg="; + rev = "refs/tags/v${version}"; + hash = "sha256-QdllA1QTSJ8vWaSJ0XoUanX53sb4RaOmdXBCFEsoWMU="; }; propagatedBuildInputs = [ From 90a741547ea72c14f7eb26f1e72604b7c3a66e21 Mon Sep 17 00:00:00 2001 From: Troels Henriksen Date: Sat, 28 May 2022 19:54:39 +0200 Subject: [PATCH 37/58] geomyidae: init at 0.50.1 --- .../networking/gopher/geomyidae/default.nix | 24 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 26 insertions(+) create mode 100644 pkgs/applications/networking/gopher/geomyidae/default.nix diff --git a/pkgs/applications/networking/gopher/geomyidae/default.nix b/pkgs/applications/networking/gopher/geomyidae/default.nix new file mode 100644 index 00000000000..c9aa26ad987 --- /dev/null +++ b/pkgs/applications/networking/gopher/geomyidae/default.nix @@ -0,0 +1,24 @@ +{ lib, stdenv, fetchurl, libressl, +}: + +stdenv.mkDerivation rec { + pname = "geomyidae"; + version = "0.50.1"; + + src = fetchurl { + url = "gopher://bitreich.org/9/scm/geomyidae/tag/geomyidae-v${version}.tar.gz"; + sha512 = "2a71b12f51c2ef8d6e791089f9eea49eb90a36be45b874d4234eba1e673186be945711be1f92508190f5c0a6f502f132c4b7cb82caf805a39a3f31903032ac47"; + }; + + buildInputs = [ libressl ]; + + makeFlags = [ "PREFIX=${placeholder "out"}" ]; + + meta = with lib; { + description = "A gopher daemon for Linux/BSD"; + homepage = "gopher://bitreich.org/1/scm/geomyidae"; + license = licenses.mit; + maintainers = [ maintainers.athas ]; + platforms = platforms.unix; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index cdfcf5ff526..0b83f5af4fd 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -17335,6 +17335,8 @@ with pkgs; geoipjava = callPackage ../development/libraries/java/geoipjava { }; + geomyidae = callPackage ../applications/networking/gopher/geomyidae { }; + geos = callPackage ../development/libraries/geos { }; geos39 = callPackage ../development/libraries/geos/3.9.nix { }; From 4b3a039b60dc3626b201fa39d1955e1feb08a9b2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20Reynier?= Date: Mon, 30 May 2022 10:08:00 +0200 Subject: [PATCH 38/58] gh-cal: fix pkg-config --- pkgs/tools/misc/gh-cal/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/misc/gh-cal/default.nix b/pkgs/tools/misc/gh-cal/default.nix index f4f4a66a496..3e38cdf9d75 100644 --- a/pkgs/tools/misc/gh-cal/default.nix +++ b/pkgs/tools/misc/gh-cal/default.nix @@ -2,7 +2,7 @@ , stdenv , fetchCrate , rustPlatform -, pkgconfig +, pkg-config , openssl , Security }: @@ -17,7 +17,7 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "sha256-73gqk0DjhaLGIEP5VQQlubPomxHQyg4RnY5XTgE7msQ="; - nativeBuildInputs = [ pkgconfig ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ openssl ] ++ lib.optionals stdenv.isDarwin [ Security ]; meta = with lib; { From da9162f667e5833b885edae3631299c0e7005d2b Mon Sep 17 00:00:00 2001 From: Robert Scott Date: Sun, 20 Feb 2022 19:23:12 +0000 Subject: [PATCH 39/58] add mechanism for handling meta.sourceProvenance attributes heavily based on patterns used by licenses infrastructure, so may appear overengineered for its initial level of use --- lib/default.nix | 1 + lib/source-types.nix | 25 ++++++++++++++++ pkgs/stdenv/generic/check-meta.nix | 46 +++++++++++++++++++++++++++--- 3 files changed, 68 insertions(+), 4 deletions(-) create mode 100644 lib/source-types.nix diff --git a/lib/default.nix b/lib/default.nix index e919509e724..791eba8a930 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -36,6 +36,7 @@ let # constants licenses = callLibs ./licenses.nix; + sourceTypes = callLibs ./source-types.nix; systems = callLibs ./systems; # serialization diff --git a/lib/source-types.nix b/lib/source-types.nix new file mode 100644 index 00000000000..8a4ab540b9d --- /dev/null +++ b/lib/source-types.nix @@ -0,0 +1,25 @@ +{ lib }: + +lib.mapAttrs (tname: tset: let + defaultSourceType = { + shortName = tname; + isSource = false; + }; + + mkSourceType = sourceTypeDeclaration: let + applyDefaults = sourceType: defaultSourceType // sourceType; + in lib.pipe sourceTypeDeclaration [ + applyDefaults + ]; +in mkSourceType tset) { + + fromSource = { + isSource = true; + }; + + binaryNativeCode = {}; + + binaryBytecode = {}; + + binaryFirmware = {}; +} diff --git a/pkgs/stdenv/generic/check-meta.nix b/pkgs/stdenv/generic/check-meta.nix index 1da098dabbe..1be306fd396 100644 --- a/pkgs/stdenv/generic/check-meta.nix +++ b/pkgs/stdenv/generic/check-meta.nix @@ -20,6 +20,9 @@ let allowUnfree = config.allowUnfree || builtins.getEnv "NIXPKGS_ALLOW_UNFREE" == "1"; + allowNonSource = config.allowNonSource or true + || builtins.getEnv "NIXPKGS_ALLOW_NONSOURCE" == "1"; + allowlist = config.allowlistedLicenses or config.whitelistedLicenses or []; blocklist = config.blocklistedLicenses or config.blacklistedLicenses or []; @@ -86,12 +89,41 @@ let allowInsecurePredicate attrs || builtins.getEnv "NIXPKGS_ALLOW_INSECURE" == "1"; - showLicense = license: toString (map (l: l.shortName or "unknown") (lib.lists.toList license)); + hasSourceProvenance = attrs: + attrs ? meta.sourceProvenance; + + isNonSource = sourceTypes: lib.lists.any (t: !t.isSource or true) sourceTypes; + + hasNonSourceProvenance = attrs: + hasSourceProvenance attrs && + isNonSource (lib.lists.toList attrs.meta.sourceProvenance); + + # Allow granular checks to allow only some non-source-built packages + # Example: + # {pkgs, ...}: + # { + # allowNonSource = false; + # allowNonSourcePredicate = (x: pkgs.lib.hasPrefix "pulumi" x.name); + # } + allowNonSourcePredicate = config.allowNonSourcePredicate or (x: false); + + # Check whether non-source packages are allowed and if not, whether the + # package has non-source provenance and is not explicitly allowed by the + # `allowNonSourcePredicate` function. + hasDeniedNonSourceProvenance = attrs: + hasNonSourceProvenance attrs && + !allowNonSource && + !allowNonSourcePredicate attrs; + + showLicenseOrSourceType = value: toString (map (v: v.shortName or "unknown") (lib.lists.toList value)); + showLicense = showLicenseOrSourceType; + showSourceType = showLicenseOrSourceType; pos_str = meta: meta.position or "«unknown-file»"; remediation = { - unfree = remediate_allowlist "Unfree" remediate_unfree_predicate; + unfree = remediate_allowlist "Unfree" (remediate_predicate "allowUnfreePredicate"); + non-source = remediate_allowlist "NonSource" (remediate_predicate "allowNonSourcePredicate"); broken = remediate_allowlist "Broken" (x: ""); unsupported = remediate_allowlist "UnsupportedSystem" (x: ""); blocklisted = x: ""; @@ -104,17 +136,19 @@ let Unfree = "NIXPKGS_ALLOW_UNFREE"; Broken = "NIXPKGS_ALLOW_BROKEN"; UnsupportedSystem = "NIXPKGS_ALLOW_UNSUPPORTED_SYSTEM"; + NonSource = "NIXPKGS_ALLOW_NONSOURCE"; }.${allow_attr}; remediation_phrase = allow_attr: { Unfree = "unfree packages"; Broken = "broken packages"; UnsupportedSystem = "packages that are unsupported for this system"; + NonSource = "packages not built from source"; }.${allow_attr}; - remediate_unfree_predicate = attrs: + remediate_predicate = predicateConfigAttr: attrs: '' Alternatively you can configure a predicate to allow specific packages: - { nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ + { nixpkgs.config.${predicateConfigAttr} = pkg: builtins.elem (lib.getName pkg) [ "${lib.getName attrs}" ]; } @@ -226,6 +260,7 @@ let downloadPage = str; changelog = either (listOf str) str; license = either (listOf lib.types.attrs) (either lib.types.attrs str); + sourceProvenance = either (listOf lib.types.attrs) (either lib.types.attrs str); maintainers = listOf (attrsOf str); priority = int; platforms = listOf str; @@ -288,6 +323,7 @@ let checkValidity = attrs: { unfree = hasUnfreeLicense attrs; + nonSource = hasNonSourceProvenance attrs; broken = isMarkedBroken attrs; unsupported = hasUnsupportedPlatform attrs; insecure = isMarkedInsecure attrs; @@ -296,6 +332,8 @@ let { valid = "no"; reason = "unfree"; errormsg = "has an unfree license (‘${showLicense attrs.meta.license}’)"; } else if hasBlocklistedLicense attrs then { valid = "no"; reason = "blocklisted"; errormsg = "has a blocklisted license (‘${showLicense attrs.meta.license}’)"; } + else if hasDeniedNonSourceProvenance attrs then + { valid = "no"; reason = "non-source"; errormsg = "contains elements not built from source (‘${showSourceType attrs.meta.sourceProvenance}’)"; } else if !allowBroken && attrs.meta.broken or false then { valid = "no"; reason = "broken"; errormsg = "is marked as broken"; } else if !allowUnsupportedSystem && hasUnsupportedPlatform attrs then From 9d0784829a1dabe24b186c976502a6642f99997c Mon Sep 17 00:00:00 2001 From: Robert Scott Date: Sat, 19 Mar 2022 21:55:33 +0000 Subject: [PATCH 40/58] add initial meta.sourceProvenance documentation --- doc/stdenv/meta.chapter.md | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/doc/stdenv/meta.chapter.md b/doc/stdenv/meta.chapter.md index c1bb3f8863f..2b99a8abf55 100644 --- a/doc/stdenv/meta.chapter.md +++ b/doc/stdenv/meta.chapter.md @@ -249,3 +249,29 @@ Unfree package that cannot be redistributed. You can build it yourself, but you ### `lib.licenses.unfreeRedistributableFirmware`, `"unfree-redistributable-firmware"` {#lib.licenses.unfreeredistributablefirmware-unfree-redistributable-firmware} This package supplies unfree, redistributable firmware. This is a separate value from `unfree-redistributable` because not everybody cares whether firmware is free. + +## Source provenance {#sec-meta-sourceProvenance} + +The value of a package's `meta.sourceProvenance` attribute specifies the provenance of the package's derivation outputs. + +If a package contains elements that are not built from the original source by a nixpkgs derivation, the `meta.sourceProvenance` attribute should be a list containing one or more value from `lib.sourceTypes` defined in [`nixpkgs/lib/source-types.nix`](https://github.com/NixOS/nixpkgs/blob/master/lib/source-types.nix). + +Adding this information helps users who have needs related to build transparency and supply-chain security to gain some visibility into their installed software or set policy to allow or disallow installation based on source provenance. + +The presence of a particular `sourceType` in a package's `meta.sourceProvenance` list indicates that the package contains some components falling into that category, though the *absence* of that `sourceType` does not *guarantee* the absence of that category of `sourceType` in the package's contents. A package with no `meta.sourceProvenance` set implies it has no *known* `sourceType`s other than `fromSource`. + +### `lib.sourceTypes.fromSource` {#lib.sourceTypes.fromSource} + +Package elements which are produced by a nixpkgs derivation which builds them from source code. + +### `lib.sourceTypes.binaryNativeCode` {#lib.sourceTypes.binaryNativeCode} + +Native code to be executed on the target system's CPU, built by a third party. This includes packages which wrap a downloaded AppImage or Debian package. + +### `lib.sourceTypes.binaryFirmware` {#lib.sourceTypes.binaryFirmware} + +Code to be executed on a peripheral device or embedded controller, built by a third party. + +### `lib.sourceTypes.binaryBytecode` {#lib.sourceTypes.binaryBytecode} + +Code to run on a VM interpreter or JIT compiled into bytecode by a third party. This includes packages which download Java `.jar` files from another source. From 81bc106e080e56e2c85466ea7d4ecf38bc99149c Mon Sep 17 00:00:00 2001 From: Adam Joseph Date: Mon, 28 Mar 2022 20:51:34 -0700 Subject: [PATCH 41/58] meta.sourceProvenance documentation: clarify it is unaffected by changes to meta.license This commit clarifies that the meaning of the `meta.sourceProvenance` field is independent of and unaffected by the value of the `meta.license` field. This is based on the intent of the RFC author as expressed here: https://github.com/NixOS/nixpkgs/pull/161098#issuecomment-1081270201 This clarification is added for two reasons: 1. If in the future there should be some disagreement about what `sourceProvenance` to assign to a package, this may help resolve the disagreement. Any interpretation of `sourceProvenance` which is influenced by the `meta.license` is clearly an incorrect interpretation. 2. If it should turn out that it is impossible to disentangle `sourceProvenance` from `meta.license`, this would indicate the need for changes to the `sourceProvenance` scheme. That change might be as simple as replacing the sentence added by this commit with some other sentence explaining how the two fields influence each other. This commit implements the recommendation made in the paragraph of this comments which begins with "Please say this explicitly...": https://github.com/NixOS/nixpkgs/pull/161098#issuecomment-1081309089 --- doc/stdenv/meta.chapter.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/doc/stdenv/meta.chapter.md b/doc/stdenv/meta.chapter.md index 2b99a8abf55..475006b1259 100644 --- a/doc/stdenv/meta.chapter.md +++ b/doc/stdenv/meta.chapter.md @@ -260,6 +260,8 @@ Adding this information helps users who have needs related to build transparency The presence of a particular `sourceType` in a package's `meta.sourceProvenance` list indicates that the package contains some components falling into that category, though the *absence* of that `sourceType` does not *guarantee* the absence of that category of `sourceType` in the package's contents. A package with no `meta.sourceProvenance` set implies it has no *known* `sourceType`s other than `fromSource`. +The meaning of the `meta.sourceProvenance` attribute does not depend on the value of the `meta.license` attribute. + ### `lib.sourceTypes.fromSource` {#lib.sourceTypes.fromSource} Package elements which are produced by a nixpkgs derivation which builds them from source code. From 095eb9153381d240e2ba3e05716b3ce7fda85080 Mon Sep 17 00:00:00 2001 From: Robert Scott Date: Fri, 20 May 2022 19:03:04 +0100 Subject: [PATCH 42/58] meta.sourceProvenance: disallow string values strings complicate reasoning about values and may not be needed with `sourceProvenance` Co-authored-by: Alexander Foremny --- pkgs/stdenv/generic/check-meta.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/stdenv/generic/check-meta.nix b/pkgs/stdenv/generic/check-meta.nix index 1be306fd396..5252711c8ca 100644 --- a/pkgs/stdenv/generic/check-meta.nix +++ b/pkgs/stdenv/generic/check-meta.nix @@ -92,7 +92,7 @@ let hasSourceProvenance = attrs: attrs ? meta.sourceProvenance; - isNonSource = sourceTypes: lib.lists.any (t: !t.isSource or true) sourceTypes; + isNonSource = sourceTypes: lib.lists.any (t: !t.isSource) sourceTypes; hasNonSourceProvenance = attrs: hasSourceProvenance attrs && @@ -260,7 +260,7 @@ let downloadPage = str; changelog = either (listOf str) str; license = either (listOf lib.types.attrs) (either lib.types.attrs str); - sourceProvenance = either (listOf lib.types.attrs) (either lib.types.attrs str); + sourceProvenance = either (listOf lib.types.attrs) lib.types.attrs; maintainers = listOf (attrsOf str); priority = int; platforms = listOf str; From 7906ea6d9d938c7f4221c305cfbcc9f8ba63804a Mon Sep 17 00:00:00 2001 From: Robert Scott Date: Fri, 20 May 2022 19:31:18 +0100 Subject: [PATCH 43/58] allowNonSourcePredicate: use example of categorical permissivity Co-authored-by: Adam Joseph <54836058+a-m-joseph@users.noreply.github.com> --- pkgs/stdenv/generic/check-meta.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/stdenv/generic/check-meta.nix b/pkgs/stdenv/generic/check-meta.nix index 5252711c8ca..96e2a40b2de 100644 --- a/pkgs/stdenv/generic/check-meta.nix +++ b/pkgs/stdenv/generic/check-meta.nix @@ -103,7 +103,7 @@ let # {pkgs, ...}: # { # allowNonSource = false; - # allowNonSourcePredicate = (x: pkgs.lib.hasPrefix "pulumi" x.name); + # allowNonSourcePredicate = with lib.lists; pkg: !(any (p: !p.isSource && p!=lib.sourceTypes.binaryFirmware) (toList pkg.meta.sourceProvenance)); # } allowNonSourcePredicate = config.allowNonSourcePredicate or (x: false); From 5bb9bf47740bb98bf6c2c404a086d7ed6a5c595d Mon Sep 17 00:00:00 2001 From: Robert Scott Date: Fri, 20 May 2022 20:17:02 +0100 Subject: [PATCH 44/58] meta.sourceProvenance: inline hasSourceProvenance it may be what the license handling code does, but it's confusing and not very useful Co-authored-by: Adam Joseph <54836058+a-m-joseph@users.noreply.github.com> --- pkgs/stdenv/generic/check-meta.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/pkgs/stdenv/generic/check-meta.nix b/pkgs/stdenv/generic/check-meta.nix index 96e2a40b2de..4e5db210637 100644 --- a/pkgs/stdenv/generic/check-meta.nix +++ b/pkgs/stdenv/generic/check-meta.nix @@ -89,13 +89,11 @@ let allowInsecurePredicate attrs || builtins.getEnv "NIXPKGS_ALLOW_INSECURE" == "1"; - hasSourceProvenance = attrs: - attrs ? meta.sourceProvenance; isNonSource = sourceTypes: lib.lists.any (t: !t.isSource) sourceTypes; hasNonSourceProvenance = attrs: - hasSourceProvenance attrs && + (attrs ? meta.sourceProvenance) && isNonSource (lib.lists.toList attrs.meta.sourceProvenance); # Allow granular checks to allow only some non-source-built packages From ae0df5d38afdb0be90973ddd42b1c9b1059464fd Mon Sep 17 00:00:00 2001 From: Robert Scott Date: Fri, 20 May 2022 22:28:38 +0100 Subject: [PATCH 45/58] lib.sourceTypes: simplify implementation Co-authored-by: Alexander Foremny --- lib/source-types.nix | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/lib/source-types.nix b/lib/source-types.nix index 8a4ab540b9d..c4f263dcf46 100644 --- a/lib/source-types.nix +++ b/lib/source-types.nix @@ -1,17 +1,11 @@ { lib }: -lib.mapAttrs (tname: tset: let - defaultSourceType = { +let + defaultSourceType = tname: { shortName = tname; isSource = false; }; - - mkSourceType = sourceTypeDeclaration: let - applyDefaults = sourceType: defaultSourceType // sourceType; - in lib.pipe sourceTypeDeclaration [ - applyDefaults - ]; -in mkSourceType tset) { +in lib.mapAttrs (tname: tset: defaultSourceType tname // tset) { fromSource = { isSource = true; From e0115c36ece8889fbd97c31113c19de07869af62 Mon Sep 17 00:00:00 2001 From: Florian Franzen Date: Mon, 30 May 2022 11:17:16 +0200 Subject: [PATCH 46/58] hydra_unstable: passthru pinned nix --- pkgs/development/tools/misc/hydra/unstable.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/tools/misc/hydra/unstable.nix b/pkgs/development/tools/misc/hydra/unstable.nix index 2759c08fbca..709af8f4485 100644 --- a/pkgs/development/tools/misc/hydra/unstable.nix +++ b/pkgs/development/tools/misc/hydra/unstable.nix @@ -239,7 +239,7 @@ stdenv.mkDerivation rec { doCheck = true; passthru = { - inherit perlDeps; + inherit nix perlDeps; tests.basic = nixosTests.hydra.hydra_unstable; }; From 1a20dbc0861e4378975960b7ccfe3d49218965eb Mon Sep 17 00:00:00 2001 From: Klemens Nanni Date: Thu, 26 May 2022 04:05:03 +0200 Subject: [PATCH 47/58] bpftrace: Rename *.8 to *.bt.8 to avoid bcc conflicts bpftrace ships *.bt replacement scripts for the original bcc programs but still installs their manual pages as *.8 rather than *.bt.8 which conflicts with the original manual pages. Rename them to recover the original manuals and avoid conflict spam: ``` building '/nix/store/jspx13hyfi2m9vlnbj5iywk6rxpxp7y0-system-path.drv'... warning: collision between `/nix/store/dv7x07rmd2m7596f38kl9d5bnv545qz7-bpftrace-0.14.1-man/share/man/man8/biolatency.8.gz' and `/nix/store/lw1kw7077wk3j6cnvjrm904rs2w7785p-bcc-0.24.0/share/man/man8/biolatency.8.gz' [... 28 more duplicate manuals ...] ``` --- pkgs/os-specific/linux/bpftrace/default.nix | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/pkgs/os-specific/linux/bpftrace/default.nix b/pkgs/os-specific/linux/bpftrace/default.nix index abf8fb63bc3..0dd477ee31d 100644 --- a/pkgs/os-specific/linux/bpftrace/default.nix +++ b/pkgs/os-specific/linux/bpftrace/default.nix @@ -4,12 +4,31 @@ , libelf, libbfd, libbpf, libopcodes, bcc , cereal, asciidoctor , nixosTests +, util-linux }: stdenv.mkDerivation rec { pname = "bpftrace"; version = "0.14.1"; + # Cherry-picked from merged PR, remove this hook on next update + # https://github.com/iovisor/bpftrace/pull/2242 + # Cannot `fetchpatch` such pure renaming diff since + # https://github.com/iovisor/bpftrace/commit/2df807dbae4037aa8bf0afc03f52fb3f6321c62a.patch + # does not contain any diff in unified format but just this instead: + # ... + # man/man8/{bashreadline.8 => bashreadline.bt.8} | 0 + # ... + # 35 files changed, 0 insertions(+), 0 deletions(-) + # rename man/man8/{bashreadline.8 => bashreadline.bt.8} (100%) + # ... + # on witch `fetchpatch` fails with + # error: Normalized patch '/build/patch' is empty (while the fetched file was not)! + # Did you maybe fetch a HTML representation of a patch instead of a raw patch? + postUnpack = '' + rename .8 .bt.8 "$sourceRoot"/man/man8/*.8 + ''; + src = fetchFromGitHub { owner = "iovisor"; repo = "bpftrace"; @@ -29,7 +48,7 @@ stdenv.mkDerivation rec { cereal asciidoctor ]; - nativeBuildInputs = [ cmake pkg-config flex bison llvmPackages.llvm.dev ]; + nativeBuildInputs = [ cmake pkg-config flex bison llvmPackages.llvm.dev util-linux ]; # tests aren't built, due to gtest shenanigans. see: # From 5157246aa4fdcbef7796ef9914c3a7e630c838ef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Janne=20He=C3=9F?= Date: Mon, 30 May 2022 10:12:11 +0200 Subject: [PATCH 48/58] nixos/vmware-guest: Remove the video driver This breaks isos since https://github.com/NixOS/nixpkgs/pull/172668 because vmware is enabled there. @K900 tested this and confirmed that the GPU acceleration still works. --- nixos/modules/virtualisation/vmware-guest.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/nixos/modules/virtualisation/vmware-guest.nix b/nixos/modules/virtualisation/vmware-guest.nix index 3caed746ca9..d468a200872 100644 --- a/nixos/modules/virtualisation/vmware-guest.nix +++ b/nixos/modules/virtualisation/vmware-guest.nix @@ -64,7 +64,6 @@ in environment.etc.vmware-tools.source = "${open-vm-tools}/etc/vmware-tools/*"; services.xserver = mkIf (!cfg.headless) { - videoDrivers = mkOverride 50 [ "vmware" ]; modules = [ xf86inputvmmouse ]; config = '' From 14ef375cf036a7f8e3ed610f21ed5a591371d747 Mon Sep 17 00:00:00 2001 From: ajs124 Date: Wed, 25 May 2022 11:03:25 +0200 Subject: [PATCH 49/58] nginxStable: 1.20.2 -> 1.22.0 --- pkgs/servers/http/nginx/stable.nix | 13 +++---------- pkgs/top-level/all-packages.nix | 1 + 2 files changed, 4 insertions(+), 10 deletions(-) diff --git a/pkgs/servers/http/nginx/stable.nix b/pkgs/servers/http/nginx/stable.nix index c219b01fbb3..5d4db3a403b 100644 --- a/pkgs/servers/http/nginx/stable.nix +++ b/pkgs/servers/http/nginx/stable.nix @@ -1,13 +1,6 @@ -{ callPackage, fetchpatch, ... } @ args: +{ callPackage, ... } @ args: callPackage ./generic.nix args { - version = "1.20.2"; - sha256 = "0hjsyjzd35qyw49w210f67g678kvzinw4kg1acb0l6c2fxspd24m"; - extraPatches = [ - (fetchpatch { - name = "CVE-2021-3618.patch"; - url = "https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a.patch"; - sha256 = "0cnxmbkp6ip61w7y1ihhnvziiwzz3p3wi2vpi5c7yaj5m964k5db"; - }) - ]; + version = "1.22.0"; + sha256 = "0lzb4sn8hv491zad9kbpvka3m5ayjf1pxqbwllri980idyd5cgdk"; } diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index daec3fc67ba..846ba0c1656 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -22055,6 +22055,7 @@ with pkgs; nginxStable = callPackage ../servers/http/nginx/stable.nix { zlib = zlib-ng.override { withZlibCompat = true; }; + openssl = openssl_3_0; withPerl = false; # We don't use `with` statement here on purpose! # See https://github.com/NixOS/nixpkgs/pull/10474#discussion_r42369334 From 893214cd0e6d15a2dbadfa5cc680e7ba18e4d1c0 Mon Sep 17 00:00:00 2001 From: ajs124 Date: Wed, 25 May 2022 11:05:19 +0200 Subject: [PATCH 50/58] nginxMainline: 1.21.6 -> 1.22.0 --- pkgs/servers/http/nginx/generic.nix | 4 ++-- pkgs/servers/http/nginx/mainline.nix | 8 ++++---- pkgs/top-level/all-packages.nix | 1 + 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/pkgs/servers/http/nginx/generic.nix b/pkgs/servers/http/nginx/generic.nix index f3c4a31bc85..be39b84ebdb 100644 --- a/pkgs/servers/http/nginx/generic.nix +++ b/pkgs/servers/http/nginx/generic.nix @@ -1,4 +1,4 @@ -outer@{ lib, stdenv, fetchurl, fetchpatch, openssl, zlib, pcre, libxml2, libxslt +outer@{ lib, stdenv, fetchurl, fetchpatch, openssl, zlib, pcre2, libxml2, libxslt , nginx-doc , nixosTests @@ -53,7 +53,7 @@ stdenv.mkDerivation { inherit sha256; }; - buildInputs = [ openssl zlib pcre libxml2 libxslt gd geoip perl ] + buildInputs = [ openssl zlib pcre2 libxml2 libxslt gd geoip perl ] ++ buildInputs ++ mapModules "inputs"; diff --git a/pkgs/servers/http/nginx/mainline.nix b/pkgs/servers/http/nginx/mainline.nix index f4b5bf65fea..dd5ae58d2a4 100644 --- a/pkgs/servers/http/nginx/mainline.nix +++ b/pkgs/servers/http/nginx/mainline.nix @@ -1,6 +1,6 @@ -{ callPackage, openssl_3_0, ... }@args: +{ callPackage, ... }@args: -callPackage ./generic.nix (args // { openssl = openssl_3_0; }) { - version = "1.21.6"; - sha256 = "1bh52jqqcaj5wlh2kvhxr00jhk2hnk8k97ki4pwyj4c8920p1p36"; +callPackage ./generic.nix args { + version = "1.22.0"; + sha256 = "0lzb4sn8hv491zad9kbpvka3m5ayjf1pxqbwllri980idyd5cgdk"; } diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 846ba0c1656..cd144942bf4 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -22064,6 +22064,7 @@ with pkgs; nginxMainline = callPackage ../servers/http/nginx/mainline.nix { zlib = zlib-ng.override { withZlibCompat = true; }; + openssl = openssl_3_0; withKTLS = true; withPerl = false; # We don't use `with` statement here on purpose! From b4849523302484e7cd365a2765f2e8894ace39fe Mon Sep 17 00:00:00 2001 From: ajs124 Date: Wed, 25 May 2022 21:34:21 +0200 Subject: [PATCH 51/58] nginx(Stable|Mainline|Quic): use pcre2 --- pkgs/servers/http/nginx/generic.nix | 4 ++-- pkgs/top-level/all-packages.nix | 3 +++ 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/http/nginx/generic.nix b/pkgs/servers/http/nginx/generic.nix index be39b84ebdb..f3c4a31bc85 100644 --- a/pkgs/servers/http/nginx/generic.nix +++ b/pkgs/servers/http/nginx/generic.nix @@ -1,4 +1,4 @@ -outer@{ lib, stdenv, fetchurl, fetchpatch, openssl, zlib, pcre2, libxml2, libxslt +outer@{ lib, stdenv, fetchurl, fetchpatch, openssl, zlib, pcre, libxml2, libxslt , nginx-doc , nixosTests @@ -53,7 +53,7 @@ stdenv.mkDerivation { inherit sha256; }; - buildInputs = [ openssl zlib pcre2 libxml2 libxslt gd geoip perl ] + buildInputs = [ openssl zlib pcre libxml2 libxslt gd geoip perl ] ++ buildInputs ++ mapModules "inputs"; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index cd144942bf4..bd87f7dff40 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -22045,6 +22045,7 @@ with pkgs; nginxQuic = callPackage ../servers/http/nginx/quic.nix { zlib = zlib-ng.override { withZlibCompat = true; }; + pcre = pcre2; withPerl = false; # We don't use `with` statement here on purpose! # See https://github.com/NixOS/nixpkgs/pull/10474#discussion_r42369334 @@ -22056,6 +22057,7 @@ with pkgs; nginxStable = callPackage ../servers/http/nginx/stable.nix { zlib = zlib-ng.override { withZlibCompat = true; }; openssl = openssl_3_0; + pcre = pcre2; withPerl = false; # We don't use `with` statement here on purpose! # See https://github.com/NixOS/nixpkgs/pull/10474#discussion_r42369334 @@ -22065,6 +22067,7 @@ with pkgs; nginxMainline = callPackage ../servers/http/nginx/mainline.nix { zlib = zlib-ng.override { withZlibCompat = true; }; openssl = openssl_3_0; + pcre = pcre2; withKTLS = true; withPerl = false; # We don't use `with` statement here on purpose! From c26e3354a7e8f5233f2a8d3755edbe4262193dae Mon Sep 17 00:00:00 2001 From: ajs124 Date: Fri, 27 May 2022 18:37:54 +0200 Subject: [PATCH 52/58] nginxQuic: update --- pkgs/servers/http/nginx/quic.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/http/nginx/quic.nix b/pkgs/servers/http/nginx/quic.nix index 4db1b19644c..8743d31939b 100644 --- a/pkgs/servers/http/nginx/quic.nix +++ b/pkgs/servers/http/nginx/quic.nix @@ -6,8 +6,8 @@ callPackage ./generic.nix args { src = fetchhg { url = "https://hg.nginx.org/nginx-quic"; - rev = "55b38514729b"; # branch=quic - sha256 = "sha256-EJ3Fuxb4Z43I5eSb3mzzIOBfppAZ4Adv1yVZWbVCv0A="; + rev = "5b1011b5702b"; # branch=quic + sha256 = "sha256-q1gsJ6CJ7SD1XLitygnRusJ+exFPFg+B3wdsN+NvuL8="; }; preConfigure = '' From 30186896ee517990e51c5256b589c0224c971670 Mon Sep 17 00:00:00 2001 From: ajs124 Date: Mon, 30 May 2022 11:57:10 +0200 Subject: [PATCH 53/58] nixos/nginx: fix SystemCallFilter for openresty --- nixos/modules/services/web-servers/nginx/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 0c2333399e8..160d76597c8 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -932,7 +932,7 @@ in # System Call Filtering SystemCallArchitectures = "native"; SystemCallFilter = [ "~@cpu-emulation @debug @keyring @mount @obsolete @privileged @setuid" ] - ++ optionals ((cfg.package != pkgs.tengine) && (!lib.any (mod: (mod.disableIPC or false)) cfg.package.modules)) [ "~@ipc" ]; + ++ optionals ((cfg.package != pkgs.tengine) && (cfg.package != pkgs.openresty) && (!lib.any (mod: (mod.disableIPC or false)) cfg.package.modules)) [ "~@ipc" ]; }; }; From d1b430ec3fb1f244566cbdcb55b7515704528321 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 30 May 2022 05:10:20 +0000 Subject: [PATCH 54/58] gnome.mutter: 42.1 -> 42.2 --- pkgs/desktops/gnome/core/mutter/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/desktops/gnome/core/mutter/default.nix b/pkgs/desktops/gnome/core/mutter/default.nix index 415fd7b80c9..a99da4e9836 100644 --- a/pkgs/desktops/gnome/core/mutter/default.nix +++ b/pkgs/desktops/gnome/core/mutter/default.nix @@ -47,13 +47,13 @@ let self = stdenv.mkDerivation rec { pname = "mutter"; - version = "42.1"; + version = "42.2"; outputs = [ "out" "dev" "man" ]; src = fetchurl { url = "mirror://gnome/sources/mutter/${lib.versions.major version}/${pname}-${version}.tar.xz"; - sha256 = "cZQhi/7EW5o+/avOb4RQ7Uw5dyIaHqQBTC5Fii/poVQ="; + sha256 = "vTDXi+fRcAE6CovMg3zsXubETXcP8AZ03N/CizQms0w="; }; patches = [ From cd21d43206f6fe58cdee3366a3cf171e69782976 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 30 May 2022 04:08:43 +0000 Subject: [PATCH 55/58] gnome.gnome-shell: 42.1 -> 42.2 --- pkgs/desktops/gnome/core/gnome-shell/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/desktops/gnome/core/gnome-shell/default.nix b/pkgs/desktops/gnome/core/gnome-shell/default.nix index e3b8d6c344d..d422fd85677 100644 --- a/pkgs/desktops/gnome/core/gnome-shell/default.nix +++ b/pkgs/desktops/gnome/core/gnome-shell/default.nix @@ -67,13 +67,13 @@ let in stdenv.mkDerivation rec { pname = "gnome-shell"; - version = "42.1"; + version = "42.2"; outputs = [ "out" "devdoc" ]; src = fetchurl { url = "mirror://gnome/sources/gnome-shell/${lib.versions.major version}/${pname}-${version}.tar.xz"; - sha256 = "9e6KYVj6EiYnQScmy4gATn4tBGrcMiFQViROWbdAY+o="; + sha256 = "Z+sTzRdeIDGoOMzqkukDdK4OnMumFoP7rNZ/9q/dWQ4="; }; patches = [ From 3ece45bc72edf425232867c377a52e3c59bd1bb0 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 30 May 2022 03:49:41 +0000 Subject: [PATCH 56/58] gnome.gnome-remote-desktop: 42.1.1 -> 42.2 --- pkgs/desktops/gnome/core/gnome-remote-desktop/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/desktops/gnome/core/gnome-remote-desktop/default.nix b/pkgs/desktops/gnome/core/gnome-remote-desktop/default.nix index 03788d94378..111aa6bfefa 100644 --- a/pkgs/desktops/gnome/core/gnome-remote-desktop/default.nix +++ b/pkgs/desktops/gnome/core/gnome-remote-desktop/default.nix @@ -28,11 +28,11 @@ stdenv.mkDerivation rec { pname = "gnome-remote-desktop"; - version = "42.1.1"; + version = "42.2"; src = fetchurl { url = "mirror://gnome/sources/${pname}/${lib.versions.major version}/${pname}-${version}.tar.xz"; - hash = "sha256-pEZqYsL+7GLn9XLwkpxY24iyXWCVuv5LFZHpnPqaDuY="; + hash = "sha256-wcy82MpwN+9ttz9r8rXdOKM2t9gKKpyY32/4g4eP+dU="; }; nativeBuildInputs = [ From c3d7a0ef4ffbfd2045228e0643a1d03e81b14c4f Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 30 May 2022 04:57:09 +0000 Subject: [PATCH 57/58] gnome.gnome-shell-extensions: 42.1 -> 42.2 --- pkgs/desktops/gnome/core/gnome-shell-extensions/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/desktops/gnome/core/gnome-shell-extensions/default.nix b/pkgs/desktops/gnome/core/gnome-shell-extensions/default.nix index 2815c3d53ea..5ec1df8fe9c 100644 --- a/pkgs/desktops/gnome/core/gnome-shell-extensions/default.nix +++ b/pkgs/desktops/gnome/core/gnome-shell-extensions/default.nix @@ -13,11 +13,11 @@ stdenv.mkDerivation rec { pname = "gnome-shell-extensions"; - version = "42.1"; + version = "42.2"; src = fetchurl { url = "mirror://gnome/sources/gnome-shell-extensions/${lib.versions.major version}/${pname}-${version}.tar.xz"; - sha256 = "LYjv61d+2viqrkMcd5um5uuWHuvd8FzKLsyhqgTbekA="; + sha256 = "ZXGEQKocLxe7CSIv+AJpn2Qf1RJ5Ih8EyxkZOWjsCzA="; }; patches = [ From 90ce1f86b9bec2f468fd82316d12b1f9d24397d7 Mon Sep 17 00:00:00 2001 From: Sascha Grunert Date: Mon, 30 May 2022 13:05:17 +0200 Subject: [PATCH 58/58] cri-tools: 1.24.1 -> 1.24.2 Signed-off-by: Sascha Grunert --- pkgs/tools/virtualization/cri-tools/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/virtualization/cri-tools/default.nix b/pkgs/tools/virtualization/cri-tools/default.nix index 62a13499dd8..9bffe01c8d3 100644 --- a/pkgs/tools/virtualization/cri-tools/default.nix +++ b/pkgs/tools/virtualization/cri-tools/default.nix @@ -6,13 +6,13 @@ buildGoModule rec { pname = "cri-tools"; - version = "1.24.1"; + version = "1.24.2"; src = fetchFromGitHub { owner = "kubernetes-sigs"; repo = pname; rev = "v${version}"; - sha256 = "sha256-7WZ7Kb3Rx/hq7LYaDN/B9CpPgr9+aR5+FKDG7G/JydA="; + sha256 = "sha256-uhLaBX5vgQO/RkZUrP2uAubavq5MBvr3TRsGYchfR5s="; }; vendorSha256 = null;