diff --git a/.github/workflows/direct-push.yml b/.github/workflows/direct-push.yml
index 459475c3c6b..082a4806e61 100644
--- a/.github/workflows/direct-push.yml
+++ b/.github/workflows/direct-push.yml
@@ -22,7 +22,7 @@ jobs:
if: steps.ismerge.outputs.ismerge != 'true'
- name: Warn if the commit was a direct push
if: steps.ismerge.outputs.ismerge != 'true'
- uses: peter-evans/commit-comment@v1
+ uses: peter-evans/commit-comment@v2
with:
body: |
@${{ github.actor }}, you pushed a commit directly to master/release branch
diff --git a/doc/contributing/coding-conventions.chapter.md b/doc/contributing/coding-conventions.chapter.md
index cfe8582e514..dac6d828ac0 100644
--- a/doc/contributing/coding-conventions.chapter.md
+++ b/doc/contributing/coding-conventions.chapter.md
@@ -540,10 +540,11 @@ If you do need to do create this sort of patch file, one way to do so is with gi
If a patch is available online but does not cleanly apply, it can be modified in some fixed ways by using additional optional arguments for `fetchpatch`:
+- `relative`: Similar to using `git-diff`'s `--relative` flag, only keep changes inside the specified directory, making paths relative to it.
- `stripLen`: Remove the first `stripLen` components of pathnames in the patch.
- `extraPrefix`: Prefix pathnames by this string.
-- `excludes`: Exclude files matching this pattern.
-- `includes`: Include only files matching this pattern.
+- `excludes`: Exclude files matching these patterns (applies after the above arguments).
+- `includes`: Include only files matching these patterns (applies after the above arguments).
- `revert`: Revert the patch.
Note that because the checksum is computed after applying these effects, using or modifying these arguments will have no effect unless the `sha256` argument is changed as well.
diff --git a/doc/contributing/reviewing-contributions.chapter.md b/doc/contributing/reviewing-contributions.chapter.md
index 7a13a3f3b40..3417854730e 100644
--- a/doc/contributing/reviewing-contributions.chapter.md
+++ b/doc/contributing/reviewing-contributions.chapter.md
@@ -122,7 +122,7 @@ Reviewing process:
- [CODEOWNERS](https://help.github.com/articles/about-codeowners/) will make GitHub notify users based on the submitted changes, but it can happen that it misses some of the package maintainers.
- Ensure that the module tests, if any, are succeeding.
- Ensure that the introduced options are correct.
- - Type should be appropriate (string related types differs in their merging capabilities, `optionSet` and `string` types are deprecated).
+ - Type should be appropriate (string related types differs in their merging capabilities, `loaOf` and `string` types are deprecated).
- Description, default and example should be provided.
- Ensure that option changes are backward compatible.
- `mkRenamedOptionModuleWith` provides a way to make option changes backward compatible.
@@ -157,7 +157,7 @@ Reviewing process:
- Ensure that the module tests, if any, are succeeding.
- Ensure that the introduced options are correct.
- - Type should be appropriate (string related types differs in their merging capabilities, `optionSet` and `string` types are deprecated).
+ - Type should be appropriate (string related types differs in their merging capabilities, `loaOf` and `string` types are deprecated).
- Description, default and example should be provided.
- Ensure that module `meta` field is present
- Maintainers should be declared in `meta.maintainers`.
diff --git a/lib/modules.nix b/lib/modules.nix
index 35c93d22baf..894104cc579 100644
--- a/lib/modules.nix
+++ b/lib/modules.nix
@@ -609,17 +609,9 @@ rec {
throw "The option `${showOption loc}' in `${opt._file}' is already declared in ${showFiles res.declarations}."
else
let
- /* Add the modules of the current option to the list of modules
- already collected. The options attribute except either a list of
- submodules or a submodule. For each submodule, we add the file of the
- current option declaration as the file use for the submodule. If the
- submodule defines any filename, then we ignore the enclosing option file. */
- options' = toList opt.options.options;
-
getSubModules = opt.options.type.getSubModules or null;
submodules =
if getSubModules != null then map (setDefaultModuleLocation opt._file) getSubModules ++ res.options
- else if opt.options ? options then map (coerceOption opt._file) options' ++ res.options
else res.options;
in opt.options // res //
{ declarations = res.declarations ++ [opt._file];
@@ -802,27 +794,13 @@ rec {
compare = a: b: (a.priority or 1000) < (b.priority or 1000);
in sort compare defs';
+ # This calls substSubModules, whose entire purpose is only to ensure that
+ # option declarations in submodules have accurate position information.
+ # TODO: Merge this into mergeOptionDecls
fixupOptionType = loc: opt:
- let
- options = opt.options or
- (throw "Option `${showOption loc}' has type optionSet but has no option attribute, in ${showFiles opt.declarations}.");
-
- # Hack for backward compatibility: convert options of type
- # optionSet to options of type submodule. FIXME: remove
- # eventually.
- f = tp:
- if tp.name == "option set" || tp.name == "submodule" then
- throw "The option ${showOption loc} uses submodules without a wrapping type, in ${showFiles opt.declarations}."
- else if (tp.functor.wrapped.name or null) == "optionSet" then
- if tp.name == "attrsOf" then types.attrsOf (types.submodule options)
- else if tp.name == "listOf" then types.listOf (types.submodule options)
- else if tp.name == "nullOr" then types.nullOr (types.submodule options)
- else tp
- else tp;
- in
- if opt.type.getSubModules or null == null
- then opt // { type = f (opt.type or types.unspecified); }
- else opt // { type = opt.type.substSubModules opt.options; options = []; };
+ if opt.type.getSubModules or null == null
+ then opt // { type = opt.type or types.unspecified; }
+ else opt // { type = opt.type.substSubModules opt.options; options = []; };
/* Properties. */
diff --git a/lib/options.nix b/lib/options.nix
index 9efc1249e58..8d0801775c4 100644
--- a/lib/options.nix
+++ b/lib/options.nix
@@ -79,8 +79,6 @@ rec {
visible ? null,
# Whether the option can be set only once
readOnly ? null,
- # Deprecated, used by types.optionSet.
- options ? null
} @ attrs:
attrs // { _type = "option"; };
diff --git a/lib/types.nix b/lib/types.nix
index 00d97bf5723..5c4b9631061 100644
--- a/lib/types.nix
+++ b/lib/types.nix
@@ -749,14 +749,6 @@ rec {
nestedTypes.finalType = finalType;
};
- # Obsolete alternative to configOf. It takes its option
- # declarations from the ‘options’ attribute of containing option
- # declaration.
- optionSet = mkOptionType {
- name = "optionSet";
- description = "option set";
- deprecationMessage = "Use `types.submodule' instead";
- };
# Augment the given type with an additional type check function.
addCheck = elemType: check: elemType // { check = x: elemType.check x && check x; };
diff --git a/nixos/doc/manual/development/writing-nixos-tests.section.md b/nixos/doc/manual/development/writing-nixos-tests.section.md
index 7de57d0d2a3..433e1906f77 100644
--- a/nixos/doc/manual/development/writing-nixos-tests.section.md
+++ b/nixos/doc/manual/development/writing-nixos-tests.section.md
@@ -158,6 +158,12 @@ The following methods are available on machine objects:
e.g., `send_chars("foobar\n")` will type the string `foobar`
followed by the Enter key.
+`send_console`
+
+: Send keys to the kernel console. This allows interaction with the systemd
+ emergency mode, for example. Takes a string that is sent, e.g.,
+ `send_console("\n\nsystemctl default\n")`.
+
`execute`
: Execute a shell command, returning a list `(status, stdout)`.
@@ -272,6 +278,13 @@ The following methods are available on machine objects:
Killing the interactive session with `Ctrl-d` or `Ctrl-c` also ends
the guest session.
+`console_interact`
+
+: Allows you to directly interact with QEMU's stdin. This should
+ only be used during test development, not in production tests.
+ Output from QEMU is only read line-wise. `Ctrl-c` kills QEMU and
+ `Ctrl-d` closes console and returns to the test runner.
+
To test user units declared by `systemd.user.services` the optional
`user` argument can be used:
diff --git a/nixos/doc/manual/from_md/development/writing-nixos-tests.section.xml b/nixos/doc/manual/from_md/development/writing-nixos-tests.section.xml
index 45c9c40c609..4f856f98f2a 100644
--- a/nixos/doc/manual/from_md/development/writing-nixos-tests.section.xml
+++ b/nixos/doc/manual/from_md/development/writing-nixos-tests.section.xml
@@ -261,6 +261,19 @@ start_all()
+
+
+ send_console
+
+
+
+ Send keys to the kernel console. This allows interaction
+ with the systemd emergency mode, for example. Takes a string
+ that is sent, e.g.,
+ send_console("\n\nsystemctl default\n").
+
+
+
execute
@@ -502,6 +515,21 @@ machine.systemctl("list-jobs --no-pager", "any-user") # spaw
+
+
+ console_interact
+
+
+
+ Allows you to directly interact with QEMU’s stdin. This
+ should only be used during test development, not in
+ production tests. Output from QEMU is only read line-wise.
+ Ctrl-c kills QEMU and
+ Ctrl-d closes console and returns to the
+ test runner.
+
+
+
To test user units declared by
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
index 44a27c5f49d..95fb49a6294 100644
--- a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
+++ b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml
@@ -1671,6 +1671,12 @@
+
+
+ The programs.nncp options were added for
+ generating host-global NNCP configuration.
+
+
diff --git a/nixos/doc/manual/release-notes/rl-2205.section.md b/nixos/doc/manual/release-notes/rl-2205.section.md
index aadb6c4c231..a750673e176 100644
--- a/nixos/doc/manual/release-notes/rl-2205.section.md
+++ b/nixos/doc/manual/release-notes/rl-2205.section.md
@@ -591,4 +591,6 @@ In addition to numerous new and upgraded packages, this release has the followin
- Testing has been enabled for `aarch64-linux` in addition to `x86_64-linux`.
- The `spark3` package is now usable on `aarch64-darwin` as a result of [#158613](https://github.com/NixOS/nixpkgs/pull/158613) and [#158992](https://github.com/NixOS/nixpkgs/pull/158992).
+- The `programs.nncp` options were added for generating host-global NNCP configuration.
+
diff --git a/nixos/lib/test-driver/test_driver/machine.py b/nixos/lib/test-driver/test_driver/machine.py
index 569a0f3c61e..f3e615fe5bf 100644
--- a/nixos/lib/test-driver/test_driver/machine.py
+++ b/nixos/lib/test-driver/test_driver/machine.py
@@ -198,7 +198,7 @@ class StartCommand:
) -> subprocess.Popen:
return subprocess.Popen(
self.cmd(monitor_socket_path, shell_socket_path),
- stdin=subprocess.DEVNULL,
+ stdin=subprocess.PIPE,
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT,
shell=True,
@@ -558,6 +558,28 @@ class Machine:
pass_fds=[self.shell.fileno()],
)
+ def console_interact(self) -> None:
+ """Allows you to interact with QEMU's stdin
+
+ The shell can be exited with Ctrl+D. Note that Ctrl+C is not allowed to be used.
+ QEMU's stdout is read line-wise.
+
+ Should only be used during test development, not in the production test."""
+ self.log("Terminal is ready (there is no prompt):")
+
+ assert self.process
+ assert self.process.stdin
+
+ while True:
+ try:
+ char = sys.stdin.buffer.read(1)
+ except KeyboardInterrupt:
+ break
+ if char == b"": # ctrl+d
+ self.log("Closing connection to the console")
+ break
+ self.send_console(char.decode())
+
def succeed(self, *commands: str, timeout: Optional[int] = None) -> str:
"""Execute each command and check that it succeeds."""
output = ""
@@ -834,6 +856,12 @@ class Machine:
self.send_monitor_command("sendkey {}".format(key))
time.sleep(0.01)
+ def send_console(self, chars: str) -> None:
+ assert self.process
+ assert self.process.stdin
+ self.process.stdin.write(chars.encode())
+ self.process.stdin.flush()
+
def start(self) -> None:
if self.booted:
return
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index 93172aa0824..a4c389e6937 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -184,6 +184,7 @@
./programs/nix-ld.nix
./programs/neovim.nix
./programs/nm-applet.nix
+ ./programs/nncp.nix
./programs/npm.nix
./programs/noisetorch.nix
./programs/oblogout.nix
diff --git a/nixos/modules/programs/nncp.nix b/nixos/modules/programs/nncp.nix
new file mode 100644
index 00000000000..29a703eadf1
--- /dev/null
+++ b/nixos/modules/programs/nncp.nix
@@ -0,0 +1,101 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+let
+ nncpCfgFile = "/run/nncp.hjson";
+ programCfg = config.programs.nncp;
+ settingsFormat = pkgs.formats.json { };
+ jsonCfgFile = settingsFormat.generate "nncp.json" programCfg.settings;
+ pkg = programCfg.package;
+in {
+ options.programs.nncp = {
+
+ enable =
+ mkEnableOption "NNCP (Node to Node copy) utilities and configuration";
+
+ group = mkOption {
+ type = types.str;
+ default = "uucp";
+ description = ''
+ The group under which NNCP files shall be owned.
+ Any member of this group may access the secret keys
+ of this NNCP node.
+ '';
+ };
+
+ package = mkOption {
+ type = types.package;
+ default = pkgs.nncp;
+ defaultText = literalExpression "pkgs.nncp";
+ description = "The NNCP package to use system-wide.";
+ };
+
+ secrets = mkOption {
+ type = with types; listOf str;
+ example = [ "/run/keys/nncp.hjson" ];
+ description = ''
+ A list of paths to NNCP configuration files that should not be
+ in the Nix store. These files are layered on top of the values at
+ .
+ '';
+ };
+
+ settings = mkOption {
+ type = settingsFormat.type;
+ description = ''
+ NNCP configuration, see
+ .
+ At runtime these settings will be overlayed by the contents of
+ into the file
+ ${nncpCfgFile}. Node keypairs go in
+ secrets, do not specify them in
+ settings as they will be leaked into
+ /nix/store!
+ '';
+ default = { };
+ };
+
+ };
+
+ config = mkIf programCfg.enable {
+
+ environment = {
+ systemPackages = [ pkg ];
+ etc."nncp.hjson".source = nncpCfgFile;
+ };
+
+ programs.nncp.settings = {
+ spool = mkDefault "/var/spool/nncp";
+ log = mkDefault "/var/spool/nncp/log";
+ };
+
+ systemd.tmpfiles.rules = [
+ "d ${programCfg.settings.spool} 0770 root ${programCfg.group}"
+ "f ${programCfg.settings.log} 0770 root ${programCfg.group}"
+ ];
+
+ systemd.services.nncp-config = {
+ path = [ pkg ];
+ description = "Generate NNCP configuration";
+ wantedBy = [ "basic.target" ];
+ serviceConfig.Type = "oneshot";
+ script = ''
+ umask u=rw
+ nncpCfgDir=$(mktemp --directory nncp.XXX)
+ for f in ${jsonCfgFile} ${toString config.programs.nncp.secrets}; do
+ tmpdir=$(mktemp --directory nncp.XXX)
+ nncp-cfgdir -cfg $f -dump $tmpdir
+ find $tmpdir -size 1c -delete
+ cp -a $tmpdir/* $nncpCfgDir/
+ rm -rf $tmpdir
+ done
+ nncp-cfgdir -load $nncpCfgDir > ${nncpCfgFile}
+ rm -rf $nncpCfgDir
+ chgrp ${programCfg.group} ${nncpCfgFile}
+ chmod g+r ${nncpCfgFile}
+ '';
+ };
+ };
+
+ meta.maintainers = with lib.maintainers; [ ehmry ];
+}
diff --git a/nixos/modules/services/networking/squid.nix b/nixos/modules/services/networking/squid.nix
index 4f3881af8bb..db4f0d26b6f 100644
--- a/nixos/modules/services/networking/squid.nix
+++ b/nixos/modules/services/networking/squid.nix
@@ -111,6 +111,13 @@ in
description = "Whether to run squid web proxy.";
};
+ package = mkOption {
+ default = pkgs.squid;
+ defaultText = literalExpression "pkgs.squid";
+ type = types.package;
+ description = "Squid package to use.";
+ };
+
proxyAddress = mkOption {
type = types.nullOr types.str;
default = null;
@@ -157,17 +164,21 @@ in
users.groups.squid = {};
systemd.services.squid = {
- description = "Squid caching web proxy";
+ description = "Squid caching proxy";
+ documentation = [ "man:squid(8)" ];
after = [ "network.target" "nss-lookup.target" ];
wantedBy = [ "multi-user.target"];
preStart = ''
mkdir -p "/var/log/squid"
chown squid:squid "/var/log/squid"
+ ${cfg.package}/bin/squid --foreground -z -f ${squidConfig}
'';
serviceConfig = {
- Type="forking";
PIDFile="/run/squid.pid";
- ExecStart = "${pkgs.squid}/bin/squid -YCs -f ${squidConfig}";
+ ExecStart = "${cfg.package}/bin/squid --foreground -YCs -f ${squidConfig}";
+ ExecReload="kill -HUP $MAINPID";
+ KillMode="mixed";
+ NotifyAccess="all";
};
};
diff --git a/nixos/modules/services/web-apps/keycloak.nix b/nixos/modules/services/web-apps/keycloak.nix
index 22c16be7613..c4a2127663a 100644
--- a/nixos/modules/services/web-apps/keycloak.nix
+++ b/nixos/modules/services/web-apps/keycloak.nix
@@ -129,6 +129,14 @@ in
'';
};
+ plugins = lib.mkOption {
+ type = lib.types.listOf lib.types.path;
+ default = [];
+ description = ''
+ Keycloak plugin jar, ear files or derivations with them
+ '';
+ };
+
database = {
type = mkOption {
type = enum [ "mysql" "postgresql" ];
@@ -787,6 +795,14 @@ in
umask u=rwx,g=,o=
+ install_plugin() {
+ if [ -d "$1" ]; then
+ find "$1" -type f \( -iname \*.ear -o -iname \*.jar \) -exec install -m 0500 -o keycloak -g keycloak "{}" "/run/keycloak/deployments/" \;
+ else
+ install -m 0500 -o keycloak -g keycloak "$1" "/run/keycloak/deployments/"
+ fi
+ }
+
install -m 0600 ${cfg.package}/standalone/configuration/*.properties /run/keycloak/configuration
install -T -m 0600 ${keycloakConfig} /run/keycloak/configuration/standalone.xml
@@ -794,7 +810,9 @@ in
export JAVA_OPTS=-Djboss.server.config.user.dir=/run/keycloak/configuration
add-user-keycloak.sh -u admin -p '${cfg.initialAdminPassword}'
- '' + optionalString (cfg.sslCertificate != null && cfg.sslCertificateKey != null) ''
+ ''
+ + lib.optionalString (cfg.plugins != []) (lib.concatStringsSep "\n" (map (pl: "install_plugin ${lib.escapeShellArg pl}") cfg.plugins)) + "\n"
+ + optionalString (cfg.sslCertificate != null && cfg.sslCertificateKey != null) ''
pushd /run/keycloak/ssl/
cat "$CREDENTIALS_DIRECTORY/ssl_cert" <(echo) \
"$CREDENTIALS_DIRECTORY/ssl_key" <(echo) \
diff --git a/nixos/tests/keycloak.nix b/nixos/tests/keycloak.nix
index 6367ed808e0..fce8df2b7e3 100644
--- a/nixos/tests/keycloak.nix
+++ b/nixos/tests/keycloak.nix
@@ -16,8 +16,7 @@ let
};
nodes = {
- keycloak = { ... }: {
-
+ keycloak = { config, ... }: {
security.pki.certificateFiles = [
certs.ca.cert
];
@@ -36,6 +35,10 @@ let
username = "bogus";
passwordFile = pkgs.writeText "dbPassword" "wzf6vOCbPp6cqTH";
};
+ plugins = with config.services.keycloak.package.plugins; [
+ keycloak-discord
+ keycloak-metrics-spi
+ ];
};
environment.systemPackages = with pkgs; [
@@ -102,8 +105,21 @@ let
### Realm Setup ###
# Get an admin interface access token
+ keycloak.succeed("""
+ curl -sSf -d 'client_id=admin-cli' \
+ -d 'username=admin' \
+ -d 'password=${initialAdminPassword}' \
+ -d 'grant_type=password' \
+ '${frontendUrl}/realms/master/protocol/openid-connect/token' \
+ | jq -r '"Authorization: bearer " + .access_token' >admin_auth_header
+ """)
+
+ # Register the metrics SPI
keycloak.succeed(
- "curl -sSf -d 'client_id=admin-cli' -d 'username=admin' -d 'password=${initialAdminPassword}' -d 'grant_type=password' '${frontendUrl}/realms/master/protocol/openid-connect/token' | jq -r '\"Authorization: bearer \" + .access_token' >admin_auth_header"
+ "${pkgs.jre}/bin/keytool -import -alias snakeoil -file ${certs.ca.cert} -storepass aaaaaa -keystore cacert.jks -noprompt",
+ "KC_OPTS='-Djavax.net.ssl.trustStore=cacert.jks -Djavax.net.ssl.trustStorePassword=aaaaaa' ${pkgs.keycloak}/bin/kcadm.sh config credentials --server '${frontendUrl}' --realm master --user admin --password '${initialAdminPassword}'",
+ "KC_OPTS='-Djavax.net.ssl.trustStore=cacert.jks -Djavax.net.ssl.trustStorePassword=aaaaaa' ${pkgs.keycloak}/bin/kcadm.sh update events/config -s 'eventsEnabled=true' -s 'adminEventsEnabled=true' -s 'eventsListeners+=metrics-listener'",
+ "curl -sSf '${frontendUrl}/realms/master/metrics' | grep '^keycloak_admin_event_UPDATE'"
)
# Publish the realm, including a test OIDC client and user
diff --git a/pkgs/applications/audio/synaesthesia/default.nix b/pkgs/applications/audio/synaesthesia/default.nix
new file mode 100644
index 00000000000..efdd6f7e73a
--- /dev/null
+++ b/pkgs/applications/audio/synaesthesia/default.nix
@@ -0,0 +1,33 @@
+{ stdenv
+, lib
+, fetchzip
+, SDL
+, pkg-config
+, libSM
+}:
+stdenv.mkDerivation rec {
+ pname = "synaesthesia";
+ version = "2.4";
+
+ src = fetchzip {
+ url = "https://logarithmic.net/pfh-files/synaesthesia/synaesthesia-${version}.tar.gz";
+ sha256 = "0nzsdxbah0shm2vlziaaw3ilzlizd3d35rridkpg40nfxmq84qnx";
+ };
+
+ nativeBuildInputs = [
+ pkg-config
+ ];
+
+ buildInputs = [
+ SDL
+ libSM
+ ];
+
+ meta = {
+ homepage = "https://logarithmic.net/pfh/synaesthesia";
+ description = "Program for representing sounds visually";
+ license = lib.licenses.gpl2Only;
+ platforms = lib.platforms.linux;
+ maintainers = [ lib.maintainers.infinisil ];
+ };
+}
diff --git a/pkgs/applications/misc/dbeaver/default.nix b/pkgs/applications/misc/dbeaver/default.nix
index 56485e69d42..d713afc96a3 100644
--- a/pkgs/applications/misc/dbeaver/default.nix
+++ b/pkgs/applications/misc/dbeaver/default.nix
@@ -16,9 +16,10 @@
, maven
, webkitgtk
, glib-networking
+, javaPackages
}:
-stdenv.mkDerivation rec {
+javaPackages.mavenfod rec {
pname = "dbeaver";
version = "22.0.1"; # When updating also update fetchedMavenDeps.sha256
@@ -29,6 +30,10 @@ stdenv.mkDerivation rec {
sha256 = "sha256-IG5YWwq3WVzQBvAslQ9Z2Ou6ADzf4n9NkQCtH4Jgkac=";
};
+
+ mvnSha256 = "7Sm1hAoi5xc4MLONOD8ySLLkpao0qmlMRRva/8zR210=";
+ mvnParameters = "-P desktop,all-platforms";
+
fetchedMavenDeps = stdenv.mkDerivation {
name = "dbeaver-${version}-maven-deps";
inherit src;
@@ -37,7 +42,7 @@ stdenv.mkDerivation rec {
maven
];
- buildPhase = "mvn package -Dmaven.repo.local=$out/.m2 -P desktop,all-platforms";
+ buildPhase = "mvn package -Dmaven.repo.local=$out/.m2 ${mvnParameters}";
# keep only *.{pom,jar,sha1,nbm} and delete all ephemeral files with lastModified timestamps inside
installPhase = ''
@@ -88,14 +93,6 @@ stdenv.mkDerivation rec {
})
];
- buildPhase = ''
- runHook preBuild
-
- mvn package --offline -Dmaven.repo.local=$(cp -dpR ${fetchedMavenDeps}/.m2 ./ && chmod +w -R .m2 && pwd)/.m2 -P desktop,all-platforms
-
- runHook postBuild
- '';
-
installPhase =
let
productTargetPath = "product/community/target/products/org.jkiss.dbeaver.core.product";
diff --git a/pkgs/applications/networking/cisco-packet-tracer/8.nix b/pkgs/applications/networking/cisco-packet-tracer/8.nix
index 1267a061429..9bc89001745 100644
--- a/pkgs/applications/networking/cisco-packet-tracer/8.nix
+++ b/pkgs/applications/networking/cisco-packet-tracer/8.nix
@@ -27,7 +27,7 @@
}:
let
- version = "8.0.1";
+ version = "8.1.1";
ptFiles = stdenv.mkDerivation {
name = "PacketTracer8Drv";
@@ -36,7 +36,7 @@ let
dontUnpack = true;
src = requireFile {
name = "CiscoPacketTracer_${builtins.replaceStrings ["."] [""] version}_Ubuntu_64bit.deb";
- sha256 = "77a25351b016faed7c78959819c16c7013caa89c6b1872cb888cd96edd259140";
+ sha256 = "08c53171aa0257a64ae7de1540f242214033cfa4f879fbc9fed5cc0d32232abf";
url = "https://www.netacad.com";
};
@@ -72,6 +72,7 @@ let
libXrandr
libXrender
libXScrnSaver
+ libXtst
xcbutilimage
xcbutilkeysyms
xcbutilrenderutil
diff --git a/pkgs/applications/networking/flexget/default.nix b/pkgs/applications/networking/flexget/default.nix
index f4a2306017a..96d3e773c88 100644
--- a/pkgs/applications/networking/flexget/default.nix
+++ b/pkgs/applications/networking/flexget/default.nix
@@ -5,14 +5,14 @@
python3Packages.buildPythonApplication rec {
pname = "flexget";
- version = "3.3.3";
+ version = "3.3.4";
# Fetch from GitHub in order to use `requirements.in`
src = fetchFromGitHub {
owner = "flexget";
repo = "flexget";
rev = "v${version}";
- hash = "sha256-a76x4Klad3lct2M9RxSroUYKmEX7lPqDN+dFvfjavo8=";
+ hash = "sha256-/nuY8+/RMM7ASke+NXb95yu+FeQHawCdgqVsBrk/KZ8=";
};
postPatch = ''
diff --git a/pkgs/applications/networking/mailreaders/alot/default.nix b/pkgs/applications/networking/mailreaders/alot/default.nix
index 3d09711fb3c..cb49829dce0 100644
--- a/pkgs/applications/networking/mailreaders/alot/default.nix
+++ b/pkgs/applications/networking/mailreaders/alot/default.nix
@@ -9,13 +9,7 @@
, withManpage ? false
}:
-with python3.pkgs;
-let
- notmuch2 = callPackage ./notmuch.nix {
- inherit notmuch;
- };
-in
-buildPythonApplication rec {
+with python3.pkgs; buildPythonApplication rec {
pname = "alot";
version = "0.10";
diff --git a/pkgs/applications/networking/mailreaders/notmuch/default.nix b/pkgs/applications/networking/mailreaders/notmuch/default.nix
index 184804a8788..e89216802e5 100644
--- a/pkgs/applications/networking/mailreaders/notmuch/default.nix
+++ b/pkgs/applications/networking/mailreaders/notmuch/default.nix
@@ -62,7 +62,12 @@ stdenv.mkDerivation rec {
enableParallelBuilding = true;
makeFlags = [ "V=1" ];
- outputs = [ "out" "man" "info" ]
+ postConfigure = ''
+ mkdir ${placeholder "bindingconfig"}
+ cp bindings/python-cffi/_notmuch_config.py ${placeholder "bindingconfig"}/
+ '';
+
+ outputs = [ "out" "man" "info" "bindingconfig" ]
++ lib.optional withEmacs "emacs"
++ lib.optional withRuby "ruby";
diff --git a/pkgs/applications/science/robotics/inav-configurator/default.nix b/pkgs/applications/science/robotics/inav-configurator/default.nix
index 40914a8ac1a..ec605a3a97e 100644
--- a/pkgs/applications/science/robotics/inav-configurator/default.nix
+++ b/pkgs/applications/science/robotics/inav-configurator/default.nix
@@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "inav-configurator";
- version = "3.0.2";
+ version = "4.1.0";
src = fetchurl {
url = "https://github.com/iNavFlight/inav-configurator/releases/download/${version}/INAV-Configurator_linux64_${version}.tar.gz";
- sha256 = "0v6dcg634wpp9q4ya3mj00j3pg25g62aq209iq2dsvj0a03afbp2";
+ sha256 = "sha256-+rPzytnAQcNGbISFBHb4JS9Nqy0C2i36k+EPBvq/mso=";
};
icon = fetchurl {
diff --git a/pkgs/build-support/fetchpatch/default.nix b/pkgs/build-support/fetchpatch/default.nix
index 6e25b2d6ecc..d46162c97ff 100644
--- a/pkgs/build-support/fetchpatch/default.nix
+++ b/pkgs/build-support/fetchpatch/default.nix
@@ -9,7 +9,8 @@ let
# 0.3.4 would change hashes: https://github.com/NixOS/nixpkgs/issues/25154
patchutils = buildPackages.patchutils_0_3_3;
in
-{ stripLen ? 0
+{ relative ? null
+, stripLen ? 0
, extraPrefix ? null
, excludes ? []
, includes ? []
@@ -17,7 +18,18 @@ in
, postFetch ? ""
, ...
}@args:
-
+let
+ args' = if relative != null then {
+ stripLen = 1 + lib.length (lib.splitString "/" relative) + stripLen;
+ extraPrefix = if extraPrefix != null then extraPrefix else "";
+ } else {
+ inherit stripLen extraPrefix;
+ };
+in let
+ inherit (args') stripLen extraPrefix;
+in
+lib.throwIfNot (excludes == [] || includes == [])
+ "fetchpatch: cannot use excludes and includes simultaneously"
fetchurl ({
postFetch = ''
tmpfile="$TMPDIR/patch"
@@ -27,17 +39,19 @@ fetchurl ({
exit 1
fi
- "${patchutils}/bin/lsdiff" "$out" \
- | sort -u | sed -e 's/[*?]/\\&/g' \
- | xargs -I{} \
- "${patchutils}/bin/filterdiff" \
- --include={} \
- --strip=${toString stripLen} \
- ${lib.optionalString (extraPrefix != null) ''
- --addoldprefix=a/${extraPrefix} \
- --addnewprefix=b/${extraPrefix} \
- ''} \
- --clean "$out" > "$tmpfile"
+ "${patchutils}/bin/lsdiff" \
+ ${lib.optionalString (relative != null) "-p1 -i ${lib.escapeShellArg relative}/'*'"} \
+ "$out" \
+ | sort -u | sed -e 's/[*?]/\\&/g' \
+ | xargs -I{} \
+ "${patchutils}/bin/filterdiff" \
+ --include={} \
+ --strip=${toString stripLen} \
+ ${lib.optionalString (extraPrefix != null) ''
+ --addoldprefix=a/${lib.escapeShellArg extraPrefix} \
+ --addnewprefix=b/${lib.escapeShellArg extraPrefix} \
+ ''} \
+ --clean "$out" > "$tmpfile"
if [ ! -s "$tmpfile" ]; then
echo "error: Normalized patch '$tmpfile' is empty (while the fetched file was not)!" 1>&2
@@ -64,5 +78,6 @@ fetchurl ({
${patchutils}/bin/interdiff "$out" /dev/null > "$tmpfile"
mv "$tmpfile" "$out"
'' + postFetch;
- meta.broken = excludes != [] && includes != [];
-} // builtins.removeAttrs args ["stripLen" "extraPrefix" "excludes" "includes" "revert" "postFetch"])
+} // builtins.removeAttrs args [
+ "relative" "stripLen" "extraPrefix" "excludes" "includes" "revert" "postFetch"
+])
diff --git a/pkgs/build-support/fetchpatch/tests.nix b/pkgs/build-support/fetchpatch/tests.nix
index 4240b325d65..ff2b81bf3a1 100644
--- a/pkgs/build-support/fetchpatch/tests.nix
+++ b/pkgs/build-support/fetchpatch/tests.nix
@@ -5,4 +5,20 @@
url = "https://github.com/facebook/zstd/pull/2724/commits/e1f85dbca3a0ed5ef06c8396912a0914db8dea6a.patch";
sha256 = "sha256-PuYAqnJWAE+L9bsroOnnBGJhERW8LHrGSLtIEkKU9vg=";
};
+
+ relative = invalidateFetcherByDrvHash fetchpatch {
+ url = "https://github.com/boostorg/math/commit/7d482f6ebc356e6ec455ccb5f51a23971bf6ce5b.patch";
+ relative = "include";
+ sha256 = "sha256-KlmIbixcds6GyKYt1fx5BxDIrU7msrgDdYo9Va/KJR4=";
+ };
+
+ full = invalidateFetcherByDrvHash fetchpatch {
+ url = "https://github.com/boostorg/math/commit/7d482f6ebc356e6ec455ccb5f51a23971bf6ce5b.patch";
+ relative = "test";
+ stripLen = 1;
+ extraPrefix = "foo/bar/";
+ excludes = [ "foo/bar/bernoulli_no_atomic_mp.cpp" ];
+ revert = true;
+ sha256 = "sha256-+UKmEbr2rIAweCav/hR/7d4ZrYV84ht/domTrHtm8sM=";
+ };
}
diff --git a/pkgs/development/haskell-modules/configuration-common.nix b/pkgs/development/haskell-modules/configuration-common.nix
index b95f53758fd..25b80f8c25d 100644
--- a/pkgs/development/haskell-modules/configuration-common.nix
+++ b/pkgs/development/haskell-modules/configuration-common.nix
@@ -859,9 +859,8 @@ self: super: {
(pkgs.fetchpatch {
name = "hledger-properly-escape-quotes-csv.patch";
url = "https://github.com/simonmichael/hledger/commit/c9a72e1615e2ddc2824f2e248456e1042eb31e1d.patch";
- sha256 = "10knvrd5bl9nrmi27i0pm82sfr64jy04xgbjp228qywyijpr3pqv";
- includes = [ "Hledger/Read/CsvReader.hs" ];
- stripLen = 1;
+ relative = "hledger-lib";
+ sha256 = "sha256-gjYYo0eq1gWNAAFF3dKt9QDq0VpLnN5/648r/NXEPVE=";
})
super.hledger-lib;
@@ -1819,10 +1818,8 @@ self: super: {
# Presumably to be removed at the next release
yi-language = appendPatch (pkgs.fetchpatch {
url = "https://github.com/yi-editor/yi/commit/0d3bcb5ba4c237d57ce33a3dc39b63c56d890765.patch";
- sha256 = "0r4mzngs0x1akqpajzx7ssa9rax977fvj5ra8d3grfbpx6z0nm01";
- includes = [ "yi-language.cabal" ];
- stripLen = 2;
- extraPrefix = "";
+ relative = "yi-language";
+ sha256 = "sha256-AVQLvul3ufxGQyoXud05qauclNanf6kunip0oJ/9lWQ=";
}) super.yi-language;
# https://github.com/ghcjs/jsaddle/issues/123
diff --git a/pkgs/development/java-modules/maven-fod.nix b/pkgs/development/java-modules/maven-fod.nix
new file mode 100644
index 00000000000..24ce572af57
--- /dev/null
+++ b/pkgs/development/java-modules/maven-fod.nix
@@ -0,0 +1,56 @@
+{ lib
+, stdenv
+, maven
+}:
+
+{ src
+, patches ? []
+, pname
+, version
+, mvnSha256 ? "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="
+, mvnHash ? "sha256-${mvnSha256}"
+, mvnFetchExtraArgs ? {}
+, mvnParameters ? ""
+, ...
+} @args:
+
+# originally extracted from dbeaver
+# created to allow using maven packages in the same style as rust
+
+stdenv.mkDerivation (rec {
+ fetchedMavenDeps = stdenv.mkDerivation ({
+ name = "${pname}-${version}-maven-deps";
+ inherit src;
+
+ buildInputs = [
+ maven
+ ];
+
+ buildPhase = ''
+ mvn package -Dmaven.repo.local=$out/.m2 ${mvnParameters}
+ '';
+
+ # keep only *.{pom,jar,sha1,nbm} and delete all ephemeral files with lastModified timestamps inside
+ installPhase = ''
+ find $out -type f \
+ -name \*.lastUpdated -or \
+ -name resolver-status.properties -or \
+ -name _remote.repositories \
+ -delete
+ '';
+
+ # don't do any fixup
+ dontFixup = true;
+ outputHashMode = "recursive";
+ outputHash = mvnHash;
+ } // mvnFetchExtraArgs);
+
+ buildPhase = ''
+ runHook preBuild
+
+ mvnDeps=$(cp -dpR ${fetchedMavenDeps}/.m2 ./ && chmod +w -R .m2 && pwd)
+ mvn package --offline "-Dmaven.repo.local=$mvnDeps/.m2" -P desktop,all-platforms
+
+ runHook postBuild
+ '';
+} // args)
diff --git a/pkgs/development/libraries/CGAL/4.nix b/pkgs/development/libraries/CGAL/4.nix
index 7380a85248f..9c0305ec077 100644
--- a/pkgs/development/libraries/CGAL/4.nix
+++ b/pkgs/development/libraries/CGAL/4.nix
@@ -18,18 +18,14 @@ stdenv.mkDerivation rec {
(fetchpatch {
name = "gcc-12-prereq.patch";
url = "https://github.com/CGAL/cgal/commit/4581f1b7a8e97d1a136830e64b77cdae3546c4bf.patch";
- sha256 = "1gzrvbrwxylv80v0m3j2s1znlysmr69lp3ggagnh38lp6423i6pq";
- # Upstream slightly reordered directory structure since.
- stripLen = 1;
- # Fill patch does not apply: touches too many parts of the source.
- includes = [ "include/CGAL/CORE/BigFloatRep.h" ];
+ relative = "CGAL_Core"; # Upstream slightly reordered directory structure since.
+ sha256 = "sha256-4+7mzGSBwAv5RHBQPAecPPKNN/LQBgvYq5mq+fHAteo=";
})
(fetchpatch {
name = "gcc-12.patch";
url = "https://github.com/CGAL/cgal/commit/6680a6e6f994b2c5b9f068eb3014d12ee1134d53.patch";
- sha256 = "1c0h1lh8zng60yx78qc8wx714b517mil8mac87v6xr21q0b11wk7";
- # Upstream slightly reordered directory structure since.
- stripLen = 1;
+ relative = "CGAL_Core"; # Upstream slightly reordered directory structure since.
+ sha256 = "sha256-8kxJDT47jXI9kQNFI/ARWl9JBNS4AfU57/D0tYlgW0M=";
})
];
diff --git a/pkgs/development/libraries/boost/generic.nix b/pkgs/development/libraries/boost/generic.nix
index 8084065ce06..c0fce3ae576 100644
--- a/pkgs/development/libraries/boost/generic.nix
+++ b/pkgs/development/libraries/boost/generic.nix
@@ -137,10 +137,8 @@ stdenv.mkDerivation {
++ optional (versionAtLeast version "1.73") ./cmake-paths-173.patch
++ optional (version == "1.77.0") (fetchpatch {
url = "https://github.com/boostorg/math/commit/7d482f6ebc356e6ec455ccb5f51a23971bf6ce5b.patch";
+ relative = "include";
sha256 = "sha256-KlmIbixcds6GyKYt1fx5BxDIrU7msrgDdYo9Va/KJR4=";
- stripLen = 2;
- extraPrefix = "";
- includes = [ "boost/math/special_functions/detail/bernoulli_details.hpp" ];
});
meta = {
diff --git a/pkgs/development/libraries/libpwquality/default.nix b/pkgs/development/libraries/libpwquality/default.nix
index 5d83b137b8e..abc65130fc3 100644
--- a/pkgs/development/libraries/libpwquality/default.nix
+++ b/pkgs/development/libraries/libpwquality/default.nix
@@ -1,36 +1,57 @@
-{ stdenv, lib, fetchFromGitHub, autoreconfHook, perl, cracklib, python3, fetchpatch }:
+{ stdenv
+, lib
+, fetchFromGitHub
+, autoreconfHook
+, perl
+, cracklib
+, enablePAM ? stdenv.hostPlatform.isLinux
+, pam
+, enablePython ? false
+, python
+}:
+
+# python binding generates a shared library which are unavailable with musl build
+assert enablePython -> !stdenv.hostPlatform.isStatic;
stdenv.mkDerivation rec {
pname = "libpwquality";
- version = "1.4.2";
+ version = "1.4.4";
+
+ outputs = [ "out" "dev" "lib" "man" ] ++ lib.optionals enablePython [ "py" ];
src = fetchFromGitHub {
owner = "libpwquality";
repo = "libpwquality";
rev = "${pname}-${version}";
- sha256 = "0n4pjhm7wfivk0wizggaxq4y4mcxic876wcarjabkp5z9k14y36h";
+ sha256 = "sha256-7gAzrx5VP1fEBwAt6E5zGM8GyuPRR+JxYifYfirY+U8=";
};
- nativeBuildInputs = [ autoreconfHook perl python3 ];
- buildInputs = [ cracklib ];
-
- patches = lib.optional stdenv.hostPlatform.isStatic [
- (fetchpatch {
- name = "static-build.patch";
- url = "https://github.com/libpwquality/libpwquality/pull/40.patch";
- sha256 = "1ypccq437wxwgddd98cvd330jfm7jscdlzlyxgy05g6yzrr68xyk";
- })
+ patches = [
+ # ensure python site-packages goes in $py output
+ ./python-binding-prefix.patch
];
- configureFlags = lib.optional stdenv.hostPlatform.isStatic [
- # Python binding generates a shared library which are unavailable with musl build
- "--disable-python-bindings"
- ];
+ nativeBuildInputs = [ autoreconfHook perl ] ++ lib.optionals enablePython [ python ];
+ buildInputs = [ cracklib ] ++ lib.optionals enablePAM [ pam ];
+
+ configureFlags = lib.optionals (!enablePython) [ "--disable-python-bindings" ];
meta = with lib; {
- description = "Password quality checking and random password generation library";
homepage = "https://github.com/libpwquality/libpwquality";
- license = licenses.bsd3;
+ description = "Password quality checking and random password generation library";
+ longDescription = ''
+ The libpwquality library purpose is to provide common functions for
+ password quality checking and also scoring them based on their apparent
+ randomness. The library also provides a function for generating random
+ passwords with good pronounceability. The library supports reading and
+ parsing of a configuration file.
+
+ In the package there are also very simple utilities that use the library
+ function and PAM module that can be used instead of pam_cracklib. The
+ module supports all the options of pam_cracklib.
+ '';
+ license = with licenses; [ bsd3 /* or */ gpl2Plus ];
+ maintainers = with maintainers; [ jk ];
platforms = platforms.unix;
};
}
diff --git a/pkgs/development/libraries/libpwquality/python-binding-prefix.patch b/pkgs/development/libraries/libpwquality/python-binding-prefix.patch
new file mode 100644
index 00000000000..a8f77142e1d
--- /dev/null
+++ b/pkgs/development/libraries/libpwquality/python-binding-prefix.patch
@@ -0,0 +1,13 @@
+diff --git a/python/Makefile.am b/python/Makefile.am
+index 1d00c0c..0987690 100644
+--- a/python/Makefile.am
++++ b/python/Makefile.am
+@@ -14,7 +14,7 @@ all-local:
+ CFLAGS="${CFLAGS} -fno-strict-aliasing" @PYTHONBINARY@ setup.py build --build-base py$(PYTHONREV)
+
+ install-exec-local:
+- CFLAGS="${CFLAGS} -fno-strict-aliasing" @PYTHONBINARY@ setup.py build --build-base py$(PYTHONREV) install --prefix=${DESTDIR}${prefix}
++ CFLAGS="${CFLAGS} -fno-strict-aliasing" @PYTHONBINARY@ setup.py build --build-base py$(PYTHONREV) install --prefix=${DESTDIR}${py}
+
+ clean-local:
+ rm -rf py$(PYTHONREV)
diff --git a/pkgs/development/ocaml-modules/batteries/default.nix b/pkgs/development/ocaml-modules/batteries/default.nix
index 184f10a52be..865518ec29c 100644
--- a/pkgs/development/ocaml-modules/batteries/default.nix
+++ b/pkgs/development/ocaml-modules/batteries/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, lib, fetchFromGitHub, ocaml, findlib, ocamlbuild, qtest, num, ounit
+{ stdenv, lib, fetchFromGitHub, ocaml, findlib, ocamlbuild, qtest, qcheck, num, ounit
, doCheck ? lib.versionAtLeast ocaml.version "4.08" && !stdenv.isAarch64
}:
@@ -18,7 +18,7 @@ stdenv.mkDerivation rec {
};
nativeBuildInputs = [ ocaml findlib ocamlbuild ];
- checkInputs = [ qtest ounit ];
+ checkInputs = [ qtest ounit qcheck ];
propagatedBuildInputs = [ num ];
strictDeps = !doCheck;
diff --git a/pkgs/development/ocaml-modules/conduit/default.nix b/pkgs/development/ocaml-modules/conduit/default.nix
index 1dc28b2b5f7..6261ba2801b 100644
--- a/pkgs/development/ocaml-modules/conduit/default.nix
+++ b/pkgs/development/ocaml-modules/conduit/default.nix
@@ -15,8 +15,7 @@ buildDunePackage rec {
sha256 = "2a37ffaa352a1e145ef3d80ac28661213c69a741b238623e59f29e3d5a12c537";
};
- buildInputs = [ ppx_sexp_conv ];
- propagatedBuildInputs = [ astring ipaddr ipaddr-sexp sexplib uri logs ];
+ propagatedBuildInputs = [ astring ipaddr ipaddr-sexp sexplib uri logs ppx_sexp_conv ];
meta = {
description = "A network connection establishment library";
diff --git a/pkgs/development/ocaml-modules/elina/default.nix b/pkgs/development/ocaml-modules/elina/default.nix
index df7f140e545..ec4199cc06e 100644
--- a/pkgs/development/ocaml-modules/elina/default.nix
+++ b/pkgs/development/ocaml-modules/elina/default.nix
@@ -8,9 +8,9 @@ stdenv.mkDerivation rec {
sha256 = "1nymykskq1yx87y4xl6hl9i4q6kv0qaq25rniqgl1bfn883p1ysc";
};
- nativeBuildInputs = [ perl ocaml findlib ];
+ nativeBuildInputs = [ perl ocaml findlib camlidl ];
- propagatedBuildInputs = [ apron camlidl gmp mpfr ];
+ propagatedBuildInputs = [ apron gmp mpfr ];
strictDeps = true;
diff --git a/pkgs/development/ocaml-modules/facile/default.nix b/pkgs/development/ocaml-modules/facile/default.nix
index df228603e9f..3eab7d3417f 100644
--- a/pkgs/development/ocaml-modules/facile/default.nix
+++ b/pkgs/development/ocaml-modules/facile/default.nix
@@ -1,11 +1,9 @@
-{ lib, fetchurl, buildDunePackage }:
+{ lib, fetchurl, buildDunePackage, ocaml }:
buildDunePackage rec {
pname = "facile";
version = "1.1.4";
- useDune2 = false;
-
src = fetchurl {
url = "https://github.com/Emmanuel-PLF/facile/releases/download/${version}/facile-${version}.tbz";
sha256 = "0jqrwmn6fr2vj2rrbllwxq4cmxykv7zh0y4vnngx29f5084a04jp";
@@ -13,6 +11,9 @@ buildDunePackage rec {
doCheck = true;
+ useDune2 = lib.versionAtLeast ocaml.version "4.12";
+ postPatch = lib.optionalString useDune2 "dune upgrade";
+
meta = {
homepage = "http://opti.recherche.enac.fr/facile/";
license = lib.licenses.lgpl21Plus;
diff --git a/pkgs/development/ocaml-modules/gmetadom/default.nix b/pkgs/development/ocaml-modules/gmetadom/default.nix
index 50be2adcb38..fe4f85a0024 100644
--- a/pkgs/development/ocaml-modules/gmetadom/default.nix
+++ b/pkgs/development/ocaml-modules/gmetadom/default.nix
@@ -22,8 +22,8 @@ stdenv.mkDerivation rec {
'';
nativeBuildInputs = [ pkg-config ocaml findlib ];
- buildInputs = [ gdome2 libxslt];
- propagatedBuildInputs = [gdome2];
+ buildInputs = [ libxslt ];
+ propagatedBuildInputs = [ gdome2 ];
strictDeps = true;
diff --git a/pkgs/development/ocaml-modules/hack_parallel/default.nix b/pkgs/development/ocaml-modules/hack_parallel/default.nix
index f9bc6777212..122ee2149f3 100644
--- a/pkgs/development/ocaml-modules/hack_parallel/default.nix
+++ b/pkgs/development/ocaml-modules/hack_parallel/default.nix
@@ -15,7 +15,7 @@ buildDunePackage rec {
nativeBuildInputs = [ pkg-config ];
- buildInputs = [ core core_kernel sqlite ];
+ propagatedBuildInputs = [ core core_kernel sqlite ];
meta = {
description =
diff --git a/pkgs/development/ocaml-modules/mccs/default.nix b/pkgs/development/ocaml-modules/mccs/default.nix
index beadceff02b..50abdf631db 100644
--- a/pkgs/development/ocaml-modules/mccs/default.nix
+++ b/pkgs/development/ocaml-modules/mccs/default.nix
@@ -13,7 +13,7 @@ buildDunePackage rec {
useDune2 = true;
- buildInputs = [
+ propagatedBuildInputs = [
cudf
];
diff --git a/pkgs/development/ocaml-modules/mirage-logs/default.nix b/pkgs/development/ocaml-modules/mirage-logs/default.nix
index 2a7670ce372..7aabd51b819 100644
--- a/pkgs/development/ocaml-modules/mirage-logs/default.nix
+++ b/pkgs/development/ocaml-modules/mirage-logs/default.nix
@@ -1,6 +1,6 @@
{ lib, fetchurl, buildDunePackage
, logs, lwt, mirage-clock, mirage-profile, ptime
-, alcotest
+, alcotest, stdlib-shims
}:
buildDunePackage rec {
@@ -14,7 +14,7 @@ buildDunePackage rec {
sha256 = "0h0amzjxy067jljscib7fvw5q8k0adqa8m86affha9hq5jsh07a1";
};
- propagatedBuildInputs = [ logs lwt mirage-clock mirage-profile ptime ];
+ propagatedBuildInputs = [ logs lwt mirage-clock mirage-profile ptime stdlib-shims ];
doCheck = true;
checkInputs = [ alcotest ];
diff --git a/pkgs/development/ocaml-modules/mirage-profile/default.nix b/pkgs/development/ocaml-modules/mirage-profile/default.nix
index c6ca730bf3c..ef856e02127 100644
--- a/pkgs/development/ocaml-modules/mirage-profile/default.nix
+++ b/pkgs/development/ocaml-modules/mirage-profile/default.nix
@@ -1,5 +1,5 @@
{ lib, fetchurl, buildDunePackage
-, ppx_cstruct
+, ppx_cstruct, stdlib-shims
, cstruct, lwt
}:
@@ -15,7 +15,7 @@ buildDunePackage rec {
};
buildInputs = [ ppx_cstruct ];
- propagatedBuildInputs = [ cstruct lwt ];
+ propagatedBuildInputs = [ cstruct lwt stdlib-shims ];
meta = with lib; {
description = "Collect runtime profiling information in CTF format";
diff --git a/pkgs/development/ocaml-modules/mlgmpidl/default.nix b/pkgs/development/ocaml-modules/mlgmpidl/default.nix
index d12329b811e..33f9f2d8e6b 100644
--- a/pkgs/development/ocaml-modules/mlgmpidl/default.nix
+++ b/pkgs/development/ocaml-modules/mlgmpidl/default.nix
@@ -10,7 +10,7 @@ stdenv.mkDerivation rec {
sha256 = "17xqiclaqs4hmnb92p9z6z9a1xfr31vcn8nlnj8ykk57by31vfza";
};
- nativeBuildInputs = [ perl ocaml findlib mpfr camlidl ];
+ nativeBuildInputs = [ perl ocaml findlib camlidl ];
buildInputs = [ gmp mpfr ];
strictDeps = true;
@@ -22,8 +22,7 @@ stdenv.mkDerivation rec {
];
postConfigure = ''
- sed -i Makefile \
- -e 's|/bin/rm|rm|'
+ substituteInPlace Makefile --replace "/bin/rm" "rm"
mkdir -p $out/lib/ocaml/${ocaml.version}/site-lib/stublibs
'';
diff --git a/pkgs/development/ocaml-modules/nonstd/default.nix b/pkgs/development/ocaml-modules/nonstd/default.nix
index 82b1feed540..696cdff5219 100644
--- a/pkgs/development/ocaml-modules/nonstd/default.nix
+++ b/pkgs/development/ocaml-modules/nonstd/default.nix
@@ -1,11 +1,9 @@
-{ lib, fetchzip, buildDunePackage }:
+{ lib, fetchzip, buildDunePackage, ocaml }:
buildDunePackage rec {
pname = "nonstd";
version = "0.0.3";
- useDune2 = false;
-
minimalOCamlVersion = "4.02";
src = fetchzip {
@@ -13,6 +11,8 @@ buildDunePackage rec {
sha256 = "0ccjwcriwm8fv29ij1cnbc9win054kb6pfga3ygzdbjpjb778j46";
};
+ useDune2 = lib.versionAtLeast ocaml.version "4.12";
+ postPatch = lib.optionalString useDune2 "dune upgrade";
doCheck = true;
meta = with lib; {
diff --git a/pkgs/development/ocaml-modules/odoc-parser/default.nix b/pkgs/development/ocaml-modules/odoc-parser/default.nix
index 7a2b5abd974..9e4e4bc8d1d 100644
--- a/pkgs/development/ocaml-modules/odoc-parser/default.nix
+++ b/pkgs/development/ocaml-modules/odoc-parser/default.nix
@@ -23,7 +23,7 @@ buildDunePackage rec {
useDune2 = true;
- buildInputs = [ astring result ];
+ propagatedBuildInputs = [ astring result ];
meta = {
description = "Parser for Ocaml documentation comments";
diff --git a/pkgs/development/ocaml-modules/opium_kernel/default.nix b/pkgs/development/ocaml-modules/opium_kernel/default.nix
index c7bfe1e7306..6b51443df23 100644
--- a/pkgs/development/ocaml-modules/opium_kernel/default.nix
+++ b/pkgs/development/ocaml-modules/opium_kernel/default.nix
@@ -9,6 +9,7 @@
, ezjsonm
, hmap
, sexplib
+, fieldslib
}:
buildDunePackage rec {
@@ -31,7 +32,7 @@ buildDunePackage rec {
];
propagatedBuildInputs = [
- hmap cohttp-lwt ezjsonm sexplib
+ hmap cohttp-lwt ezjsonm sexplib fieldslib
];
meta = {
diff --git a/pkgs/development/ocaml-modules/pcap-format/default.nix b/pkgs/development/ocaml-modules/pcap-format/default.nix
index f8bb6f4f6b2..ae093cc7817 100644
--- a/pkgs/development/ocaml-modules/pcap-format/default.nix
+++ b/pkgs/development/ocaml-modules/pcap-format/default.nix
@@ -1,6 +1,6 @@
{ lib, buildDunePackage, fetchurl
, ppx_cstruct, ppx_tools
-, cstruct, ounit, mmap
+, cstruct, ounit, mmap, stdlib-shims
}:
buildDunePackage rec {
@@ -24,6 +24,7 @@ buildDunePackage rec {
propagatedBuildInputs = [
cstruct
+ stdlib-shims
];
doCheck = true;
diff --git a/pkgs/development/ocaml-modules/pipebang/default.nix b/pkgs/development/ocaml-modules/pipebang/default.nix
index 251aeb8de8e..e2bd4d3ec5c 100644
--- a/pkgs/development/ocaml-modules/pipebang/default.nix
+++ b/pkgs/development/ocaml-modules/pipebang/default.nix
@@ -15,7 +15,7 @@ buildOcaml rec {
strictDeps = true;
- buildInputs = [ camlp4 ];
+ propagatedBuildInputs = [ camlp4 ];
meta = with lib; {
homepage = "https://github.com/janestreet/pipebang";
diff --git a/pkgs/development/ocaml-modules/piqi-ocaml/default.nix b/pkgs/development/ocaml-modules/piqi-ocaml/default.nix
index 4f2e4693357..8c0276bc9a7 100644
--- a/pkgs/development/ocaml-modules/piqi-ocaml/default.nix
+++ b/pkgs/development/ocaml-modules/piqi-ocaml/default.nix
@@ -1,4 +1,4 @@
-{ lib, stdenv, fetchFromGitHub, fetchpatch, ocaml, findlib, piqi, stdlib-shims }:
+{ lib, stdenv, fetchFromGitHub, fetchpatch, ocaml, findlib, piqi, stdlib-shims, num }:
stdenv.mkDerivation rec {
version = "0.7.7";
@@ -15,6 +15,8 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ ocaml findlib ];
buildInputs = [ piqi stdlib-shims ];
+ checkInputs = [ num ];
+
strictDeps = true;
createFindlibDestdir = true;
diff --git a/pkgs/development/ocaml-modules/ppx_cstubs/default.nix b/pkgs/development/ocaml-modules/ppx_cstubs/default.nix
index f4794eea76e..f2c844ea048 100644
--- a/pkgs/development/ocaml-modules/ppx_cstubs/default.nix
+++ b/pkgs/development/ocaml-modules/ppx_cstubs/default.nix
@@ -27,17 +27,19 @@ buildDunePackage rec {
sha256 = "15cjb9ygnvp2kv85rrb7ncz7yalifyl7wd2hp2cl8r1qrpgi1d0w";
};
- nativeBuildInputs = [ cppo ];
+ nativeBuildInputs = [ cppo findlib ];
buildInputs = [
bigarray-compat
containers
- ctypes
integers
num
ppxlib
re
- findlib
+ ];
+
+ propagatedBuildInputs = [
+ ctypes
];
strictDeps = true;
diff --git a/pkgs/development/ocaml-modules/ppx_deriving_protobuf/default.nix b/pkgs/development/ocaml-modules/ppx_deriving_protobuf/default.nix
index 6f23af44b94..43cc2992c2a 100644
--- a/pkgs/development/ocaml-modules/ppx_deriving_protobuf/default.nix
+++ b/pkgs/development/ocaml-modules/ppx_deriving_protobuf/default.nix
@@ -1,5 +1,5 @@
{ lib, fetchurl, buildDunePackage, cppo, ppx_deriving
-, ppxlib
+, ppxlib, dune-configurator
}:
buildDunePackage rec {
@@ -13,7 +13,9 @@ buildDunePackage rec {
sha256 = "1dc1vxnkd0cnrgac5v3zbaj2lq1d2w8118mp1cmsdxylp06yz1sj";
};
- buildInputs = [ cppo ppxlib ppx_deriving ];
+ nativeBuildInputs = [ cppo ];
+ buildInputs = [ ppxlib dune-configurator ];
+ propagatedBuildInputs = [ ppx_deriving ];
meta = with lib; {
homepage = "https://github.com/ocaml-ppx/ppx_deriving_protobuf";
diff --git a/pkgs/development/ocaml-modules/shared-memory-ring/default.nix b/pkgs/development/ocaml-modules/shared-memory-ring/default.nix
index 3a96d4adee4..17dd6183c0d 100644
--- a/pkgs/development/ocaml-modules/shared-memory-ring/default.nix
+++ b/pkgs/development/ocaml-modules/shared-memory-ring/default.nix
@@ -5,6 +5,7 @@
, mirage-profile
, cstruct
, ounit
+, stdlib-shims
}:
buildDunePackage rec {
@@ -25,6 +26,7 @@ buildDunePackage rec {
propagatedBuildInputs = [
mirage-profile
cstruct
+ stdlib-shims
];
doCheck = true;
diff --git a/pkgs/development/ocaml-modules/ulex/default.nix b/pkgs/development/ocaml-modules/ulex/default.nix
index 9a5848db3f7..d08f2c4c0ae 100644
--- a/pkgs/development/ocaml-modules/ulex/default.nix
+++ b/pkgs/development/ocaml-modules/ulex/default.nix
@@ -26,6 +26,7 @@ stdenv.mkDerivation rec {
createFindlibDestdir = true;
nativeBuildInputs = [ ocaml findlib ocamlbuild camlp4 ];
+ propagatedBuildInputs = [ camlp4 ];
strictDeps = true;
diff --git a/pkgs/development/python-modules/asyncsleepiq/default.nix b/pkgs/development/python-modules/asyncsleepiq/default.nix
index 93b4aca2aa7..7eaac649064 100644
--- a/pkgs/development/python-modules/asyncsleepiq/default.nix
+++ b/pkgs/development/python-modules/asyncsleepiq/default.nix
@@ -7,14 +7,14 @@
buildPythonPackage rec {
pname = "asyncsleepiq";
- version = "1.2.0";
+ version = "1.2.1";
format = "setuptools";
disabled = pythonOlder "3.7";
src = fetchPypi {
inherit pname version;
- sha256 = "sha256-bE9eOjOLERnioOunIBN7Hc/Nvs1zDXMSMzqZsVRg6Jo=";
+ sha256 = "sha256-pIfEdNmtnwA+PE3lXVd7Qd8Igj+/aqZmuDqFs60PxgY=";
};
propagatedBuildInputs = [
diff --git a/pkgs/applications/networking/mailreaders/alot/notmuch.nix b/pkgs/development/python-modules/notmuch2/default.nix
similarity index 73%
rename from pkgs/applications/networking/mailreaders/alot/notmuch.nix
rename to pkgs/development/python-modules/notmuch2/default.nix
index bd195b52d44..5d74270a58c 100644
--- a/pkgs/applications/networking/mailreaders/alot/notmuch.nix
+++ b/pkgs/development/python-modules/notmuch2/default.nix
@@ -14,6 +14,12 @@ buildPythonPackage {
buildInputs = [ python notmuch cffi ];
+ # since notmuch 0.35, this package expects _notmuch_config.py that is
+ # generated by notmuch's configure script
+ postPatch = ''
+ cp ${notmuch.bindingconfig}/_notmuch_config.py .
+ '';
+
# no tests
doCheck = false;
pythonImportsCheck = [ "notmuch2" ];
diff --git a/pkgs/development/python-modules/vertica-python/default.nix b/pkgs/development/python-modules/vertica-python/default.nix
index a456c5232d8..cd6186e574f 100644
--- a/pkgs/development/python-modules/vertica-python/default.nix
+++ b/pkgs/development/python-modules/vertica-python/default.nix
@@ -1,27 +1,52 @@
-{ lib, buildPythonPackage, fetchPypi, future, python-dateutil, six, pytest, mock, parameterized }:
+{ lib
+, buildPythonPackage
+, fetchPypi
+, future
+, mock
+, parameterized
+, pytestCheckHook
+, python-dateutil
+, pythonOlder
+, six
+}:
buildPythonPackage rec {
pname = "vertica-python";
- version = "1.0.3";
+ version = "1.0.4";
+ format = "setuptools";
+
+ disabled = pythonOlder "3.7";
src = fetchPypi {
inherit pname version;
- sha256 = "cfe1794c5ba9fdfbd470a55d82f60c2e08e129828367753bf64199a58a539bc2";
+ hash = "sha256-IpdrR9mDG+8cNnXgSXkmXahSEP4EGnEBJqZk5SNu9pA=";
};
- propagatedBuildInputs = [ future python-dateutil six ];
+ propagatedBuildInputs = [
+ future
+ python-dateutil
+ six
+ ];
- checkInputs = [ pytest mock parameterized ];
+ checkInputs = [
+ mock
+ parameterized
+ pytestCheckHook
+ ];
- # Integration tests require an accessible Vertica db
- checkPhase = ''
- pytest --ignore vertica_python/tests/integration_tests
- '';
+ disabledTestPaths = [
+ # Integration tests require an accessible Vertica db
+ "vertica_python/tests/integration_tests"
+ ];
+
+ pythonImportsCheck = [
+ "vertica_python"
+ ];
meta = with lib; {
description = "Native Python client for Vertica database";
homepage = "https://github.com/vertica/vertica-python";
license = licenses.asl20;
- maintainers = [ maintainers.arnoldfarkas ];
+ maintainers = with maintainers; [ arnoldfarkas ];
};
}
diff --git a/pkgs/development/web/nodejs/v17.nix b/pkgs/development/web/nodejs/v17.nix
index 20d76246020..1c4dcc02a97 100644
--- a/pkgs/development/web/nodejs/v17.nix
+++ b/pkgs/development/web/nodejs/v17.nix
@@ -7,8 +7,8 @@ let
in
buildNodejs {
inherit enableNpm;
- version = "17.7.2";
- sha256 = "sha256-OuXnTgsWIoz37faIU1mp0uAZrIQ5BsXgGUjXRvq6Sq8=";
+ version = "17.8.0";
+ sha256 = "0jsf6sv42rzpizvil7g1gf9bskh8lx0gcxg0yzpr4hk7mx7i90br";
patches = [
./disable-darwin-v8-system-instrumentation.patch
];
diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix
index 22d53bb2de6..fdf54d302bf 100644
--- a/pkgs/os-specific/linux/kernel/common-config.nix
+++ b/pkgs/os-specific/linux/kernel/common-config.nix
@@ -60,16 +60,16 @@ let
};
power-management = {
- PM_ADVANCED_DEBUG = yes;
- X86_INTEL_LPSS = yes;
- X86_INTEL_PSTATE = yes;
- INTEL_IDLE = yes;
CPU_FREQ_DEFAULT_GOV_PERFORMANCE = yes;
CPU_FREQ_GOV_SCHEDUTIL = yes;
+ PM_ADVANCED_DEBUG = yes;
PM_WAKELOCKS = yes;
- # Power-capping framework and support for INTEL RAPL
POWERCAP = yes;
+ } // optionalAttrs (stdenv.hostPlatform.isx86) {
+ INTEL_IDLE = yes;
INTEL_RAPL = whenAtLeast "5.3" module;
+ X86_INTEL_LPSS = yes;
+ X86_INTEL_PSTATE = yes;
};
external-firmware = {
@@ -269,8 +269,6 @@ let
DRM_GMA600 = whenOlder "5.13" yes;
DRM_GMA3600 = whenOlder "5.12" yes;
DRM_VMWGFX_FBCON = yes;
- # necessary for amdgpu polaris support
- DRM_AMD_POWERPLAY = whenBetween "4.5" "4.9" yes;
# (experimental) amdgpu support for verde and newer chipsets
DRM_AMDGPU_SI = yes;
# (stable) amdgpu support for bonaire and newer chipsets
@@ -383,7 +381,7 @@ let
EXT4_FS_POSIX_ACL = yes;
EXT4_FS_SECURITY = yes;
- EXT4_ENCRYPTION = { optional = true; tristate = if (versionOlder version "4.8") then "m" else "y"; };
+ EXT4_ENCRYPTION = option yes;
REISERFS_FS_XATTR = option yes;
REISERFS_FS_POSIX_ACL = option yes;
@@ -464,7 +462,7 @@ let
# https://googleprojectzero.blogspot.com/2019/11/bad-binder-android-in-wild-exploit.html
DEBUG_LIST = yes;
# Detect writes to read-only module pages
- DEBUG_SET_MODULE_RONX = { optional = true; tristate = whenOlder "4.11" "y"; };
+ DEBUG_SET_MODULE_RONX = whenOlder "4.11" (option yes);
RANDOMIZE_BASE = option yes;
STRICT_DEVMEM = mkDefault yes; # Filter access to /dev/mem
IO_STRICT_DEVMEM = mkDefault yes;
@@ -564,8 +562,8 @@ let
PARAVIRT_SPINLOCKS = option yes;
KVM_ASYNC_PF = yes;
- KVM_COMPAT = { optional = true; tristate = whenBetween "4.0" "4.12" "y"; };
- KVM_DEVICE_ASSIGNMENT = { optional = true; tristate = whenBetween "3.10" "4.12" "y"; };
+ KVM_COMPAT = whenOlder "4.12" (option yes);
+ KVM_DEVICE_ASSIGNMENT = whenOlder "4.12" (option yes);
KVM_GENERIC_DIRTYLOG_READ_PROTECT = yes;
KVM_GUEST = yes;
KVM_MMIO = yes;
@@ -773,7 +771,6 @@ let
AIC79XX_DEBUG_ENABLE = no;
AIC7XXX_DEBUG_ENABLE = no;
AIC94XX_DEBUG = no;
- B43_PCMCIA = { optional=true; tristate = whenOlder "4.4" "y";};
BLK_DEV_INTEGRITY = yes;
@@ -794,7 +791,9 @@ let
BT_RFCOMM_TTY = option yes; # RFCOMM TTY support
BT_QCA = module; # enables QCA6390 bluetooth
- CLEANCACHE = option yes;
+ # Removed on 5.17 as it was unused
+ # upstream: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0a4ee518185e902758191d968600399f3bc2be31
+ CLEANCACHE = whenOlder "5.17" (option yes);
CRASH_DUMP = option no;
DVB_DYNAMIC_MINORS = option yes; # we use udev
diff --git a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh
index 695f173da8f..795bedb99d4 100755
--- a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh
+++ b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh
@@ -352,16 +352,6 @@ if [[ -z $flake && -e /etc/nixos/flake.nix && -z $noFlake ]]; then
flake="$(dirname "$(readlink -f /etc/nixos/flake.nix)")"
fi
-# Re-execute nixos-rebuild from the Nixpkgs tree.
-# FIXME: get nixos-rebuild from $flake.
-if [[ -z $_NIXOS_REBUILD_REEXEC && -n $canRun && -z $fast && -z $flake ]]; then
- if p=$(runCmd nix-build --no-out-link --expr 'with import {}; config.system.build.nixos-rebuild' "${extraBuildFlags[@]}"); then
- export _NIXOS_REBUILD_REEXEC=1
- runCmd exec "$p/bin/nixos-rebuild" "${origArgs[@]}"
- exit 1
- fi
-fi
-
# For convenience, use the hostname as the default configuration to
# build from the flake.
if [[ -n $flake ]]; then
@@ -380,6 +370,40 @@ if [[ -n $flake ]]; then
fi
fi
+
+tmpDir=$(mktemp -t -d nixos-rebuild.XXXXXX)
+
+cleanup() {
+ for ctrl in "$tmpDir"/ssh-*; do
+ ssh -o ControlPath="$ctrl" -O exit dummyhost 2>/dev/null || true
+ done
+ rm -rf "$tmpDir"
+}
+trap cleanup EXIT
+
+
+# Re-execute nixos-rebuild from the Nixpkgs tree.
+if [[ -z $_NIXOS_REBUILD_REEXEC && -n $canRun && -z $fast ]]; then
+ if [[ -z $flake ]]; then
+ if p=$(runCmd nix-build --no-out-link --expr 'with import {}; config.system.build.nixos-rebuild' "${extraBuildFlags[@]}"); then
+ SHOULD_REEXEC=1
+ fi
+ else
+ runCmd nix "${flakeFlags[@]}" build --out-link "${tmpDir}/nixos-rebuild" "$flake#$flakeAttr.config.system.build.nixos-rebuild" "${extraBuildFlags[@]}" "${lockFlags[@]}"
+ if p=$(readlink -e "${tmpDir}/nixos-rebuild"); then
+ SHOULD_REEXEC=1
+ fi
+ fi
+
+ if [[ -n $SHOULD_REEXEC ]]; then
+ export _NIXOS_REBUILD_REEXEC=1
+ # Manually call cleanup as the EXIT trap is not triggered when using exec
+ cleanup
+ runCmd exec "$p/bin/nixos-rebuild" "${origArgs[@]}"
+ exit 1
+ fi
+fi
+
# Find configuration.nix and open editor instead of building.
if [ "$action" = edit ]; then
if [[ -z $flake ]]; then
@@ -394,19 +418,8 @@ if [ "$action" = edit ]; then
exit 1
fi
-
-tmpDir=$(mktemp -t -d nixos-rebuild.XXXXXX)
SSHOPTS="$NIX_SSHOPTS -o ControlMaster=auto -o ControlPath=$tmpDir/ssh-%n -o ControlPersist=60"
-cleanup() {
- for ctrl in "$tmpDir"/ssh-*; do
- ssh -o ControlPath="$ctrl" -O exit dummyhost 2>/dev/null || true
- done
- rm -rf "$tmpDir"
-}
-trap cleanup EXIT
-
-
# First build Nix, since NixOS may require a newer version than the
# current one.
if [[ -n "$rollback" || "$action" = dry-build ]]; then
diff --git a/pkgs/os-specific/linux/nvidia-x11/default.nix b/pkgs/os-specific/linux/nvidia-x11/default.nix
index 14526501785..246295eb734 100644
--- a/pkgs/os-specific/linux/nvidia-x11/default.nix
+++ b/pkgs/os-specific/linux/nvidia-x11/default.nix
@@ -19,10 +19,10 @@ rec {
# Policy: use the highest stable version as the default (on our master).
stable = if stdenv.hostPlatform.system == "x86_64-linux"
then generic {
- version = "510.54";
- sha256_64bit = "TCDezK4/40et/Q5piaMG+QJP2t+DGtwejmCFVnUzUWE=";
- settingsSha256 = "ZWz5UN6Pa69NlmerKu30G+X8WfGlAwnVerDrO7TRO6w=";
- persistencedSha256 = "MgWrBjKXJeRqF+ouT72tTiLPtn+lsS/Cp3oS61AWV8Q=";
+ version = "510.60.02";
+ sha256_64bit = "sha256-qADfwFSQeP2Mbo5ngO+47uh4cuYFXH9fOGpHaM4H4AM=";
+ settingsSha256 = "sha256-Voa1JZ2qqJ1t+bfwKh/mssEi/hjzLTPwef2XG/gAC+0=";
+ persistencedSha256 = "sha256-THgK2GpRcttqSN2WxcuJu5My++Q+Y34jG8hm7daxhAQ=";
}
else legacy_390;
diff --git a/pkgs/os-specific/linux/zfs/default.nix b/pkgs/os-specific/linux/zfs/default.nix
index b5260d47caa..6747d511694 100644
--- a/pkgs/os-specific/linux/zfs/default.nix
+++ b/pkgs/os-specific/linux/zfs/default.nix
@@ -16,7 +16,7 @@
, enablePython ? true
# for determining the latest compatible linuxPackages
-, linuxPackages_5_16 ? pkgs.linuxKernel.packages.linux_5_16
+, linuxPackages_5_17 ? pkgs.linuxKernel.packages.linux_5_17
}:
let
@@ -216,28 +216,28 @@ in {
# to be adapted
zfsStable = common {
# check the release notes for compatible kernels
- kernelCompatible = kernel.kernelAtLeast "3.10" && kernel.kernelOlder "5.17";
- latestCompatibleLinuxPackages = linuxPackages_5_16;
+ kernelCompatible = kernel.kernelAtLeast "3.10" && kernel.kernelOlder "5.18";
+ latestCompatibleLinuxPackages = linuxPackages_5_17;
# this package should point to the latest release.
- version = "2.1.3";
+ version = "2.1.4";
- sha256 = "10p9s835wj5msspqwnqbfbnh8jmcazzd2v0gj4hn7vvni4p48gfl";
+ sha256 = "sha256-pHz1N2j+d9p1xleEBwwrmK9mN5gEyM69Suy0dsrkZT4=";
};
zfsUnstable = common {
# check the release notes for compatible kernels
- kernelCompatible = kernel.kernelAtLeast "3.10" && kernel.kernelOlder "5.17";
- latestCompatibleLinuxPackages = linuxPackages_5_16;
+ kernelCompatible = kernel.kernelAtLeast "3.10" && kernel.kernelOlder "5.18";
+ latestCompatibleLinuxPackages = linuxPackages_5_17;
# this package should point to a version / git revision compatible with the latest kernel release
# IMPORTANT: Always use a tagged release candidate or commits from the
# zfs--staging branch, because this is tested by the OpenZFS
# maintainers.
- version = "2.1.3";
+ version = "2.1.4";
# rev = "0000000000000000000000000000000000000000";
- sha256 = "10p9s835wj5msspqwnqbfbnh8jmcazzd2v0gj4hn7vvni4p48gfl";
+ sha256 = "sha256-pHz1N2j+d9p1xleEBwwrmK9mN5gEyM69Suy0dsrkZT4=";
isUnstable = true;
};
diff --git a/pkgs/servers/keycloak/all-plugins.nix b/pkgs/servers/keycloak/all-plugins.nix
new file mode 100644
index 00000000000..4dbd2487263
--- /dev/null
+++ b/pkgs/servers/keycloak/all-plugins.nix
@@ -0,0 +1,7 @@
+{ callPackage }:
+
+{
+ scim-for-keycloak = callPackage ./scim-for-keycloak {};
+ keycloak-discord = callPackage ./keycloak-discord {};
+ keycloak-metrics-spi = callPackage ./keycloak-metrics-spi {};
+}
diff --git a/pkgs/servers/keycloak/default.nix b/pkgs/servers/keycloak/default.nix
index 19268de42ff..d9797de6d17 100644
--- a/pkgs/servers/keycloak/default.nix
+++ b/pkgs/servers/keycloak/default.nix
@@ -1,5 +1,6 @@
{ stdenv, lib, fetchzip, makeWrapper, jre, writeText, nixosTests
, postgresql_jdbc ? null, mysql_jdbc ? null
+, callPackage
}:
let
@@ -57,7 +58,10 @@ stdenv.mkDerivation rec {
wrapProgram $out/bin/kcreg.sh --prefix PATH : ${jre}/bin
'';
- passthru.tests = nixosTests.keycloak;
+ passthru = {
+ tests = nixosTests.keycloak;
+ plugins = callPackage ./all-plugins.nix {};
+ };
meta = with lib; {
homepage = "https://www.keycloak.org/";
diff --git a/pkgs/servers/keycloak/keycloak-discord/default.nix b/pkgs/servers/keycloak/keycloak-discord/default.nix
new file mode 100644
index 00000000000..047bc67fbc5
--- /dev/null
+++ b/pkgs/servers/keycloak/keycloak-discord/default.nix
@@ -0,0 +1,29 @@
+{ stdenv
+, lib
+, fetchurl
+}:
+
+stdenv.mkDerivation rec {
+ pname = "keycloak-discord";
+ version = "0.3.1";
+
+ src = fetchurl {
+ url = "https://github.com/wadahiro/keycloak-discord/releases/download/v${version}/keycloak-discord-ear-${version}.ear";
+ sha256 = "0fswhbnxc80dpfqf5y6j29dxk3vcnm4kki6qdk22qliasvpw5n9c";
+ };
+
+ dontUnpack = true;
+ dontBuild = true;
+
+ installPhase = ''
+ mkdir -p "$out"
+ install "$src" "$out/${pname}-ear-${version}.ear"
+ '';
+
+ meta = with lib; {
+ homepage = "https://github.com/wadahiro/keycloak-discord";
+ description = "Keycloak Social Login extension for Discord";
+ license = licenses.apsl20;
+ maintainers = with maintainers; [ mkg20001 ];
+ };
+}
diff --git a/pkgs/servers/keycloak/keycloak-metrics-spi/default.nix b/pkgs/servers/keycloak/keycloak-metrics-spi/default.nix
new file mode 100644
index 00000000000..b5e23d0fe22
--- /dev/null
+++ b/pkgs/servers/keycloak/keycloak-metrics-spi/default.nix
@@ -0,0 +1,26 @@
+{ stdenv, lib, fetchurl }:
+
+stdenv.mkDerivation rec {
+ pname = "keycloak-metrics-spi";
+ version = "2.5.3";
+
+ src = fetchurl {
+ url = "https://github.com/aerogear/keycloak-metrics-spi/releases/download/${version}/keycloak-metrics-spi-${version}.jar";
+ sha256 = "15lsy8wjw6nlfdfhllc45z9l5474p0lsghrwzzsssvd68bw54gwv";
+ };
+
+ dontUnpack = true;
+ dontBuild = true;
+
+ installPhase = ''
+ mkdir -p $out
+ install "$src" "$out"
+ '';
+
+ meta = with lib; {
+ homepage = "https://github.com/aerogear/keycloak-metrics-spi";
+ description = "Keycloak Service Provider that adds a metrics endpoint";
+ license = licenses.apsl20;
+ maintainers = with maintainers; [ benley ];
+ };
+}
diff --git a/pkgs/servers/keycloak/scim-for-keycloak/default.nix b/pkgs/servers/keycloak/scim-for-keycloak/default.nix
new file mode 100644
index 00000000000..1ef06061326
--- /dev/null
+++ b/pkgs/servers/keycloak/scim-for-keycloak/default.nix
@@ -0,0 +1,36 @@
+{ lib
+, stdenv
+, fetchFromGitHub
+, maven
+, javaPackages
+}:
+
+javaPackages.mavenfod rec {
+ pname = "scim-for-keycloak";
+ version = "kc-15-b2"; # When updating also update mvnHash
+
+ src = fetchFromGitHub {
+ owner = "Captain-P-Goldfish";
+ repo = "scim-for-keycloak";
+ rev = version;
+ sha256 = "K34c7xISjEETI3jFkRLdZ0C8pZHTWtPtrrIzwC76Tv0=";
+ };
+
+ mvnHash = "sha256-kDYhXTEOAWH/dcRJalKtbwBpoxcD1aX9eqcRKs6ewbE=";
+
+ nativeBuildInputs = [
+ maven
+ ];
+
+ installPhase = ''
+ EAR=$(find -iname "*.ear")
+ install -D "$EAR" "$out/$(basename $EAR)"
+ '';
+
+ meta = with lib; {
+ homepage = "https://github.com/Captain-P-Goldfish/scim-for-keycloak";
+ description = "A third party module that extends Keycloak with SCIM functionality";
+ license = licenses.bsd3;
+ maintainers = with maintainers; [ mkg20001 ];
+ };
+}
diff --git a/pkgs/servers/squid/default.nix b/pkgs/servers/squid/default.nix
index dae9d21c7f5..70b9c869f11 100644
--- a/pkgs/servers/squid/default.nix
+++ b/pkgs/servers/squid/default.nix
@@ -1,20 +1,20 @@
{ lib, stdenv, fetchurl, perl, openldap, pam, db, cyrus_sasl, libcap
-, expat, libxml2, openssl, pkg-config
+, expat, libxml2, openssl, pkg-config, systemd
}:
stdenv.mkDerivation rec {
pname = "squid";
- version = "4.17";
+ version = "5.4.1";
src = fetchurl {
- url = "http://www.squid-cache.org/Versions/v4/${pname}-${version}.tar.xz";
- sha256 = "sha256-y5KKwIx8hrFRscj4J6vhqE2DGBoqhuDVEihhY+HjFBg=";
+ url = "http://www.squid-cache.org/Versions/v5/${pname}-${version}.tar.xz";
+ sha256 = "sha256-300xCpFmOuWcKbD4GD8iYjxeb3MYaa95OAWYerlMpBw=";
};
nativeBuildInputs = [ pkg-config ];
buildInputs = [
perl openldap db cyrus_sasl expat libxml2 openssl
- ] ++ lib.optionals stdenv.isLinux [ libcap pam ];
+ ] ++ lib.optionals stdenv.isLinux [ libcap pam systemd ];
configureFlags = [
"--enable-ipv6"
@@ -26,7 +26,9 @@ stdenv.mkDerivation rec {
"--enable-removal-policies=lru,heap"
"--enable-delay-pools"
"--enable-x-accelerator-vary"
- ] ++ lib.optional (stdenv.isLinux && !stdenv.hostPlatform.isMusl) "--enable-linux-netfilter";
+ "--enable-htcp"
+ ] ++ lib.optional (stdenv.isLinux && !stdenv.hostPlatform.isMusl)
+ "--enable-linux-netfilter";
meta = with lib; {
description = "A caching proxy for the Web supporting HTTP, HTTPS, FTP, and more";
diff --git a/pkgs/test/mkOption/declare.nix b/pkgs/test/mkOption/declare.nix
deleted file mode 100644
index 9e89a1c096d..00000000000
--- a/pkgs/test/mkOption/declare.nix
+++ /dev/null
@@ -1,53 +0,0 @@
-# sets of small configurations:
-# Each configuration
-rec {
- # has 2 arguments pkgs and this.
- configA = pkgs: this: {
- # Can depends on other configuration
- require = configB;
-
- # Defines new options
- optionA = pkgs.lib.mkOption {
- # With default values
- default = false;
- # And merging functions.
- merge = pkgs.lib.mergeEnableOption;
- };
-
- # Add a new definition to other options.
- optionB = this.optionA;
- };
-
- # Can be used for option header.
- configB = pkgs: this: {
- # Can depends on more than one configuration.
- require = [ configC configD ];
-
- optionB = pkgs.lib.mkOption {
- default = false;
- };
-
- # Is not obliged to define other options.
- };
-
- configC = pkgs: this: {
- require = [ configA ];
-
- optionC = pkgs.lib.mkOption {
- default = false;
- };
-
- # Use the default value if it is not overwritten.
- optionA = this.optionC;
- };
-
- # Can also be used as option configuration only.
- # without any arguments (backward compatibility)
- configD = {
- # Is not forced to specify the require attribute.
-
- # Is not force to make new options.
- optionA = true;
- optionD = false;
- };
-}
diff --git a/pkgs/test/mkOption/keep.nix b/pkgs/test/mkOption/keep.nix
deleted file mode 100644
index 26fb8c28dd5..00000000000
--- a/pkgs/test/mkOption/keep.nix
+++ /dev/null
@@ -1,11 +0,0 @@
-let
- pkgs = import ../../.. {};
- config = import ./declare.nix;
-in
- with (pkgs.lib);
-
- finalReferenceOptionSets
- filterOptionSets
- pkgs
- # List of main configurations.
- [ config.configB config.configC ]
diff --git a/pkgs/test/mkOption/keep.ref b/pkgs/test/mkOption/keep.ref
deleted file mode 100644
index a3a051eb48c..00000000000
--- a/pkgs/test/mkOption/keep.ref
+++ /dev/null
@@ -1,57 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/pkgs/test/mkOption/merge.nix b/pkgs/test/mkOption/merge.nix
deleted file mode 100644
index bbf68218aa0..00000000000
--- a/pkgs/test/mkOption/merge.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-let
- pkgs = import ../../.. {};
- config = import ./declare.nix;
-
- # Define the handler of unbound options.
- noOption = name: values:
- builtins.trace "Attribute named '${name}' does not match any option declaration." values;
-in
- with (pkgs.lib);
-
- finalReferenceOptionSets
- (mergeOptionSets noOption)
- pkgs
- # List of main configurations.
- [ config.configB config.configC ]
diff --git a/pkgs/test/mkOption/merge.ref b/pkgs/test/mkOption/merge.ref
deleted file mode 100644
index 6956f65dbbc..00000000000
--- a/pkgs/test/mkOption/merge.ref
+++ /dev/null
@@ -1,20 +0,0 @@
-trace: Str("Attribute named 'optionD' does not match any option declaration.",[])
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/pkgs/test/mkOption/test.sh b/pkgs/test/mkOption/test.sh
deleted file mode 100755
index 5478846d563..00000000000
--- a/pkgs/test/mkOption/test.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-#! /bin/sh -e
-
-echo 1>&2 "Test: Merge of option bindings."
-nix-instantiate merge.nix --eval-only --strict --xml >& merge.out
-diff merge.ref merge.out
-
-echo 1>&2 "Test: Filter of option declarations."
-nix-instantiate keep.nix --eval-only --strict --xml >& keep.out
-diff keep.ref keep.out
diff --git a/pkgs/tools/filesystems/littlefs-fuse/default.nix b/pkgs/tools/filesystems/littlefs-fuse/default.nix
new file mode 100644
index 00000000000..daec12b5041
--- /dev/null
+++ b/pkgs/tools/filesystems/littlefs-fuse/default.nix
@@ -0,0 +1,26 @@
+{ lib, stdenv, fetchFromGitHub, fuse }:
+
+stdenv.mkDerivation rec {
+ pname = "littlefs-fuse";
+ version = "2.4.1";
+ src = fetchFromGitHub {
+ owner = "littlefs-project";
+ repo = pname;
+ rev = "v${version}";
+ hash = "sha256-+EUZluBtgZiziTEIfXIhkRIBu/Pe78qmL18TQHkfHO4=";
+ };
+ buildInputs = [ fuse ];
+ installPhase = ''
+ runHook preInstall
+ install -D lfs $out/bin/${pname}
+ ln -s $out/bin/${pname} $out/bin/mount.littlefs
+ ln -s $out/bin $out/sbin
+ runHook postInstall
+ '';
+ meta = src.meta // {
+ description = "A FUSE wrapper that puts the littlefs in user-space";
+ license = lib.licenses.bsd3;
+ maintainers = with lib.maintainers; [ ehmry ];
+ inherit (fuse.meta) platforms;
+ };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 99c2efa1e7f..48b104782e8 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -7233,6 +7233,8 @@ with pkgs;
lfs = callPackage ../tools/filesystems/lfs { };
+ littlefs-fuse = callPackage ../tools/filesystems/littlefs-fuse { };
+
lksctp-tools = callPackage ../os-specific/linux/lksctp-tools { };
lldpd = callPackage ../tools/networking/lldpd { };
@@ -10292,6 +10294,8 @@ with pkgs;
symengine = callPackage ../development/libraries/symengine { };
+ synaesthesia = callPackage ../applications/audio/synaesthesia { };
+
sysbench = callPackage ../development/tools/misc/sysbench {};
system-config-printer = callPackage ../tools/misc/system-config-printer {
@@ -18731,7 +18735,9 @@ with pkgs;
libpulsar = callPackage ../development/libraries/libpulsar { };
- libpwquality = callPackage ../development/libraries/libpwquality { };
+ libpwquality = callPackage ../development/libraries/libpwquality {
+ python = python3;
+ };
libqalculate = callPackage ../development/libraries/libqalculate {
readline = readline81;
diff --git a/pkgs/top-level/java-packages.nix b/pkgs/top-level/java-packages.nix
index c8d9e85fbd7..160f51cf43c 100644
--- a/pkgs/top-level/java-packages.nix
+++ b/pkgs/top-level/java-packages.nix
@@ -10,8 +10,10 @@ let
openjfx15 = callPackage ../development/compilers/openjdk/openjfx/15.nix { };
openjfx17 = callPackage ../development/compilers/openjdk/openjfx/17.nix { };
+ mavenfod = callPackage ../development/java-modules/maven-fod.nix { };
+
in {
- inherit mavenbuild fetchMaven openjfx11 openjfx15 openjfx17;
+ inherit mavenbuild mavenfod fetchMaven openjfx11 openjfx15 openjfx17;
compiler = let
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index be5244a70d3..ef4ebec78a7 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -4668,6 +4668,13 @@ in {
libpyvivotek = callPackage ../development/python-modules/libpyvivotek { };
+ libpwquality = pipe pkgs.libpwquality [
+ toPythonModule
+ (p: p.overrideAttrs (super: { meta = super.meta // { outputsToInstall = [ "py" ]; }; }))
+ (p: p.override { enablePython = true; inherit python; })
+ (p: p.py)
+ ];
+
libredwg = toPythonModule (pkgs.libredwg.override {
enablePython = true;
inherit (self) python libxml2;
@@ -5610,6 +5617,10 @@ in {
inherit (pkgs) notmuch;
};
+ notmuch2 = callPackage ../development/python-modules/notmuch2 {
+ inherit (pkgs) notmuch;
+ };
+
nototools = callPackage ../data/fonts/noto-fonts/tools.nix { };
notus-scanner = callPackage ../development/python-modules/notus-scanner { };