b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge #179844: staging-next 2022-07-01

Browse source
This commit is contained in:
Vladimír Čunát 2022-07-08 09:31:25 +02:00
parent 0be91cefef add0201f35
commit b39924fc77
No known key found for this signature in database
GPG key ID: E747DF1F9575A3AA
77 changed files with 928 additions and 542 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
doc/languages-frameworks/perl.section.md
View file

@ -1,6 +1,6 @@
# Perl {#sec-language-perl}
## Running perl programs on the shell {#ssec-perl-running}
## Running Perl programs on the shell {#ssec-perl-running}
When executing a Perl script, it is possible you get an error such as `./myscript.pl: bad interpreter: /usr/bin/perl: no such file or directory`. This happens when the script expects Perl to be installed at `/usr/bin/perl`, which is not the case when using Perl from nixpkgs. You can fix the script by changing the first line to:
@ -35,15 +35,16 @@ Perl packages from CPAN are defined in [pkgs/top-level/perl-packages.nix](https:
```nix
ClassC3 = buildPerlPackage rec {
name = "Class-C3-0.21";
pname = "Class-C3";
version = "0.21";
src = fetchurl {
url = "mirror://cpan/authors/id/F/FL/FLORA/${name}.tar.gz";
url = "mirror://cpan/authors/id/F/FL/FLORA/${pname}-${version}.tar.gz";
sha256 = "1bl8z095y4js66pwxnm7s853pi9czala4sqc743fdlnk27kq94gz";
};
};
```
Note the use of `mirror://cpan/`, and the `${name}` in the URL definition to ensure that the name attribute is consistent with the source that were actually downloading. Perl packages are made available in `all-packages.nix` through the variable `perlPackages`. For instance, if you have a package that needs `ClassC3`, you would typically write
Note the use of `mirror://cpan/`, and the `pname` and `version` in the URL definition to ensure that the `pname` attribute is consistent with the source that were actually downloading. Perl packages are made available in `all-packages.nix` through the variable `perlPackages`. For instance, if you have a package that needs `ClassC3`, you would typically write
```nix
foo = import ../path/to/foo.nix {
@ -72,10 +73,11 @@ So what does `buildPerlPackage` do? It does the following:
{ buildPerlPackage, fetchurl, db }:
buildPerlPackage rec {
name = "BerkeleyDB-0.36";
pname = "BerkeleyDB";
version = "0.36";
src = fetchurl {
url = "mirror://cpan/authors/id/P/PM/PMQS/${name}.tar.gz";
url = "mirror://cpan/authors/id/P/PM/PMQS/${pname}-${version}.tar.gz";
sha256 = "07xf50riarb60l1h6m2dqmql8q5dij619712fsgw7ach04d8g3z1";
};
@ -90,9 +92,10 @@ Dependencies on other Perl packages can be specified in the `buildInputs` and `p
```nix
ClassC3Componentised = buildPerlPackage rec {
name = "Class-C3-Componentised-1.0004";
pname = "Class-C3-Componentised";
version = "1.0004";
src = fetchurl {
url = "mirror://cpan/authors/id/A/AS/ASH/${name}.tar.gz";
url = "mirror://cpan/authors/id/A/AS/ASH/${pname}-${version}.tar.gz";
sha256 = "0xql73jkcdbq4q9m0b0rnca6nrlvf5hyzy8is0crdk65bynvs8q1";
};
propagatedBuildInputs = [
@ -111,7 +114,7 @@ ImageExifTool = buildPerlPackage {
version = "11.50";
src = fetchurl {
url = "https://www.sno.phy.queensu.ca/~phil/exiftool/Image-ExifTool-11.50.tar.gz";
url = "https://www.sno.phy.queensu.ca/~phil/exiftool/${pname}-${version}.tar.gz";
sha256 = "0d8v48y94z8maxkmw1rv7v9m0jg2dc8xbp581njb6yhr7abwqdv3";
};
@ -139,9 +142,10 @@ This program takes a Perl module name, looks it up on CPAN, fetches and unpacks
```ShellSession
$ nix-generate-from-cpan XML::Simple
XMLSimple = buildPerlPackage rec {
name = "XML-Simple-2.22";
pname = "XML-Simple";
version = "2.22";
src = fetchurl {
url = "mirror://cpan/authors/id/G/GR/GRANTM/${name}.tar.gz";
url = "mirror://cpan/authors/id/G/GR/GRANTM/XML-Simple-2.22.tar.gz";
sha256 = "b9450ef22ea9644ae5d6ada086dc4300fa105be050a2030ebd4efd28c198eb49";
};
propagatedBuildInputs = [ XMLNamespaceSupport XMLSAX XMLSAXExpat ];

4
pkgs/applications/networking/cluster/kompose/default.nix
View file

@ -1,4 +1,4 @@
{ lib, buildGoModule, fetchFromGitHub, installShellFiles, testers, kompose }:
{ lib, buildGoModule, fetchFromGitHub, installShellFiles, testers, kompose, git }:
buildGoModule rec {
pname = "kompose";
@ -13,7 +13,7 @@ buildGoModule rec {
vendorSha256 = "sha256-OR5U2PnebO0a+lwU09Dveh0Yxk91cmSRorTxQIO5lHc=";
nativeBuildInputs = [ installShellFiles ];
nativeBuildInputs = [ installShellFiles git ];
ldflags = [ "-s" "-w" ];

12
pkgs/applications/version-management/git-and-tools/gitbatch/default.nix
View file

@ -1,4 +1,4 @@
{ lib, buildGoModule, fetchFromGitHub }:
{ lib, buildGoModule, fetchFromGitHub, git }:
buildGoModule rec {
pname = "gitbatch";
@ -15,7 +15,15 @@ buildGoModule rec {
ldflags = [ "-s" "-w" ];
checkFlags = [ "-short" ];
nativeBuildInputs = [
git # required by unit tests
];
preCheck = ''
HOME=$(mktemp -d)
# Disable tests requiring network access to gitlab.com
buildFlagsArray+=("-run" "[^(Test(Run|Start|(Fetch|Pull)With(Go|)Git))]")
'';
meta = with lib; {
description = "Running git UI commands";

4
pkgs/data/misc/cacert/default.nix
View file

@ -20,7 +20,7 @@ let
blocklist = writeText "cacert-blocklist.txt" (lib.concatStringsSep "\n" blacklist);
extraCertificatesBundle = writeText "cacert-extra-certificates-bundle.crt" (lib.concatStringsSep "\n\n" extraCertificateStrings);
srcVersion = "3.77";
srcVersion = "3.80";
version = if nssOverride != null then nssOverride.version else srcVersion;
meta = with lib; {
homepage = "https://curl.haxx.se/docs/caextract.html";
@ -35,7 +35,7 @@ let
src = if nssOverride != null then nssOverride.src else fetchurl {
url = "mirror://mozilla/security/nss/releases/NSS_${lib.replaceStrings ["."] ["_"] version}_RTM/src/nss-${version}.tar.gz";
sha256 = "1pfy33b51914sivqyaxdwfd930hzb77gm07z4f57hnyk5xddypl2";
sha256 = "sha256-wL8f0sfimmsCswliK6r8RD7skMiTS7FV2ku5iYh4S2o=";
};
dontBuild = true;

8
pkgs/development/compilers/gcc/10/default.nix
View file

@ -53,11 +53,11 @@ with lib;
with builtins;
let majorVersion = "10";
version = "${majorVersion}.3.0";
version = "${majorVersion}.4.0";
inherit (stdenv) buildPlatform hostPlatform targetPlatform;
patches = [ ./gcc10-asan-glibc-2.34.patch ]
patches = [ ]
++ optional (targetPlatform != hostPlatform) ../libstdc++-target.patch
++ optional noSysDirs ../no-sys-dirs.patch
++ optional (noSysDirs && hostPlatform.isRiscV) ../no-sys-dirs-riscv.patch
@ -73,8 +73,6 @@ let majorVersion = "10";
# Obtain latest patch with ../update-mcfgthread-patches.sh
++ optional (!crossStageStatic && targetPlatform.isMinGW) ./Added-mcf-thread-model-support-from-mcfgthread.patch
++ [ ../libsanitizer-no-cyclades.patch ]
++ optional (buildPlatform.system == "aarch64-darwin" && targetPlatform != buildPlatform) (fetchpatch {
url = "https://raw.githubusercontent.com/richard-vd/musl-cross-make/5e9e87f06fc3220e102c29d3413fbbffa456fcd6/patches/gcc-${version}/0008-darwin-aarch64-self-host-driver.patch";
sha256 = "sha256-XtykrPd5h/tsnjY1wGjzSOJ+AyyNLsfnjuOZ5Ryq9vA=";
@ -95,7 +93,7 @@ stdenv.mkDerivation ({
src = fetchurl {
url = "mirror://gcc/releases/gcc-${version}/gcc-${version}.tar.xz";
sha256 = "0i6378ig6h397zkhd7m4ccwjx5alvzrf2hm27p1pzwjhlv0h9x34";
sha256 = "1wg4xdizkksmwi66mvv2v4pk3ja8x64m7v9gzhykzd3wrmdpsaf9";
};
inherit patches;

70
pkgs/development/compilers/gcc/10/gcc10-asan-glibc-2.34.patch
View file

@ -1,70 +0,0 @@
From 950bac27d63c1c2ac3a6ed867692d6a13f21feb3 Mon Sep 17 00:00:00 2001
From: Jakub Jelinek <jakub@redhat.com>
Date: Sat, 17 Apr 2021 11:27:14 +0200
Subject: [PATCH] sanitizer: Fix asan against glibc 2.34 [PR100114]
As mentioned in the PR, SIGSTKSZ is no longer a compile time constant in
glibc 2.34 and later, so
static const uptr kAltStackSize = SIGSTKSZ * 4;
needs dynamic initialization, but is used by a function called indirectly
from .preinit_array and therefore before the variable is constructed.
This results in using 0 size instead and all asan instrumented programs
die with:
==91==ERROR: AddressSanitizer failed to allocate 0x0 (0) bytes of SetAlternateSignalStack (error code: 22)
Here is a cherry-pick from upstream to fix this.
2021-04-17 Jakub Jelinek <jakub@redhat.com>
PR sanitizer/100114
* sanitizer_common/sanitizer_posix_libcdep.cpp: Cherry-pick
llvm-project revisions 82150606fb11d28813ae6da1101f5bda638165fe
and b93629dd335ffee2fc4b9b619bf86c3f9e6b0023.
(cherry picked from commit d9f462fb372fb02da032cefd6b091d7582c425ae)
---
.../sanitizer_common/sanitizer_posix_libcdep.cpp | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/libsanitizer/sanitizer_common/sanitizer_posix_libcdep.cpp b/libsanitizer/sanitizer_common/sanitizer_posix_libcdep.cpp
index 304b3a01a08..ac88fbe074e 100644
--- a/libsanitizer/sanitizer_common/sanitizer_posix_libcdep.cpp
+++ b/libsanitizer/sanitizer_common/sanitizer_posix_libcdep.cpp
@@ -169,7 +169,11 @@ bool SupportsColoredOutput(fd_t fd) {
#if !SANITIZER_GO
// TODO(glider): different tools may require different altstack size.
-static const uptr kAltStackSize = SIGSTKSZ * 4; // SIGSTKSZ is not enough.
+static uptr GetAltStackSize() {
+ // SIGSTKSZ is not enough.
+ static const uptr kAltStackSize = SIGSTKSZ * 4;
+ return kAltStackSize;
+}
void SetAlternateSignalStack() {
stack_t altstack, oldstack;
@@ -180,10 +184,9 @@ void SetAlternateSignalStack() {
// TODO(glider): the mapped stack should have the MAP_STACK flag in the
// future. It is not required by man 2 sigaltstack now (they're using
// malloc()).
- void* base = MmapOrDie(kAltStackSize, __func__);
- altstack.ss_sp = (char*) base;
+ altstack.ss_size = GetAltStackSize();
+ altstack.ss_sp = (char *)MmapOrDie(altstack.ss_size, __func__);
altstack.ss_flags = 0;
- altstack.ss_size = kAltStackSize;
CHECK_EQ(0, sigaltstack(&altstack, nullptr));
}
@@ -191,7 +194,7 @@ void UnsetAlternateSignalStack() {
stack_t altstack, oldstack;
altstack.ss_sp = nullptr;
altstack.ss_flags = SS_DISABLE;
- altstack.ss_size = kAltStackSize; // Some sane value required on Darwin.
+ altstack.ss_size = GetAltStackSize(); // Some sane value required on Darwin.
CHECK_EQ(0, sigaltstack(&altstack, &oldstack));
UnmapOrDie(oldstack.ss_sp, oldstack.ss_size);
}
--
2.27.0

9
pkgs/development/compilers/ghc/8.6.5-binary.nix
View file

@ -12,7 +12,8 @@ assert stdenv.targetPlatform == stdenv.hostPlatform;
let
useLLVM = !stdenv.targetPlatform.isx86;
useNcurses6 = stdenv.hostPlatform.system == "x86_64-linux";
useNcurses6 = stdenv.hostPlatform.system == "x86_64-linux"
|| (with stdenv.hostPlatform; isPower64 && isLittleEndian);
ourNcurses = if useNcurses6 then ncurses6 else ncurses5;
@ -73,6 +74,10 @@ stdenv.mkDerivation rec {
url = "${downloadsUrl}/${version}/ghc-${version}-x86_64-apple-darwin.tar.xz";
sha256 = "0s9188vhhgf23q3rjarwhbr524z6h2qga5xaaa2pma03sfqvvhfz";
};
powerpc64le-linux = {
url = "https://downloads.haskell.org/~ghc/${version}/ghc-${version}-powerpc64le-fedora29-linux.tar.xz";
sha256 = "sha256-tWSsJdPVrCiqDyIKzpBt5DaXb3b6j951tCya584kWs4=";
};
}.${stdenv.hostPlatform.system}
or (throw "cannot bootstrap GHC on this platform"));
@ -211,7 +216,7 @@ stdenv.mkDerivation rec {
meta = rec {
license = lib.licenses.bsd3;
platforms = ["x86_64-linux" "i686-linux" "x86_64-darwin"];
platforms = ["x86_64-linux" "i686-linux" "x86_64-darwin" "powerpc64le-linux" ];
# build segfaults, use ghc8102Binary which has proper musl support instead
broken = stdenv.hostPlatform.isMusl;
maintainers = with lib.maintainers; [

20
pkgs/development/go-modules/generic/default.nix
View file

@ -178,12 +178,22 @@ let
exclude+='\)'
buildGoDir() {
local d; local cmd;
cmd="$1"
d="$2"
local cmd="$1" dir="$2"
. $TMPDIR/buildFlagsArray
declare -a flags
flags+=($buildFlags "''${buildFlagsArray[@]}")
flags+=(''${tags:+-tags=${lib.concatStringsSep "," tags}})
flags+=(''${ldflags:+-ldflags="$ldflags"})
flags+=("-v" "-p" "$NIX_BUILD_CORES")
if [ "$cmd" = "test" ]; then
flags+=($checkFlags)
fi
local OUT
if ! OUT="$(go $cmd $buildFlags "''${buildFlagsArray[@]}" ''${tags:+-tags=${lib.concatStringsSep "," tags}} ''${ldflags:+-ldflags="$ldflags"} -v -p $NIX_BUILD_CORES $d 2>&1)"; then
if ! OUT="$(go $cmd "''${flags[@]}" $dir 2>&1)"; then
if ! echo "$OUT" | grep -qE '(no( buildable| non-test)?|build constraints exclude all) Go (source )?files'; then
echo "$OUT" >&2
return 1
@ -241,7 +251,7 @@ let
runHook preCheck
for pkg in $(getGoDirs test); do
buildGoDir test $checkFlags "$pkg"
buildGoDir test "$pkg"
done
runHook postCheck

20
pkgs/development/go-packages/generic/default.nix
View file

@ -160,12 +160,22 @@ let
exclude+='\)'
buildGoDir() {
local d; local cmd;
cmd="$1"
d="$2"
local cmd="$1" dir="$2"
. $TMPDIR/buildFlagsArray
declare -a flags
flags+=($buildFlags "''${buildFlagsArray[@]}")
flags+=(''${tags:+-tags=${lib.concatStringsSep "," tags}})
flags+=(''${ldflags:+-ldflags="$ldflags"})
flags+=("-v" "-p" "$NIX_BUILD_CORES")
if [ "$cmd" = "test" ]; then
flags+=($checkFlags)
fi
local OUT
if ! OUT="$(go $cmd $buildFlags "''${buildFlagsArray[@]}" ''${tags:+-tags=${lib.concatStringsSep "," tags}} ''${ldflags:+-ldflags="$ldflags"} -v -p $NIX_BUILD_CORES $d 2>&1)"; then
if ! OUT="$(go $cmd "''${flags[@]}" $dir 2>&1)"; then
if ! echo "$OUT" | grep -qE '(no( buildable| non-test)?|build constraints exclude all) Go (source )?files'; then
echo "$OUT" >&2
return 1
@ -225,7 +235,7 @@ let
runHook preCheck
for pkg in $(getGoDirs test); do
buildGoDir test $checkFlags "$pkg"
buildGoDir test "$pkg"
done
runHook postCheck

4
pkgs/development/libraries/audio/libopenmpt/default.nix
View file

@ -16,13 +16,13 @@
stdenv.mkDerivation rec {
pname = "libopenmpt";
version = "0.6.3";
version = "0.6.4";
outputs = [ "out" "dev" "bin" ];
src = fetchurl {
url = "https://lib.openmpt.org/files/libopenmpt/src/libopenmpt-${version}+release.autotools.tar.gz";
sha256 = "pBCv63zVlwsWuabOfazPSVsaXpEhqdZELeDAKP1Uols=";
sha256 = "4J+4RcMpJwCnrBPDsx1mns072+vL/hMo66I3bOvkAWI=";
};
enableParallelBuilding = true;

4
pkgs/development/libraries/glib/default.nix
View file

@ -45,11 +45,11 @@ in
stdenv.mkDerivation rec {
pname = "glib";
version = "2.72.2";
version = "2.72.3";
src = fetchurl {
url = "mirror://gnome/sources/glib/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
sha256 = "eNWZoTPbp/4gNt+o24+2Exq5ZCeD/JV4sHogmVJS0t4=";
sha256 = "Sjmi9iS4US1QDVhAFz7af6hfUcEJBS6ugGrOzoXTRfA=";
};
patches = optionals stdenv.isDarwin [

10
pkgs/development/libraries/gnu-efi/default.nix
View file

@ -12,6 +12,16 @@ stdenv.mkDerivation rec {
sha256 = "tztkOg1Wl9HzltdDFEjoht2AVmh4lXjj4aKCd8lShDU=";
};
patches = [
# Pull fix pending upstream inclusion for parallel builds
# https://sourceforge.net/p/gnu-efi/patches/84/
(fetchurl {
name = "parallel-build.patch";
url = "https://sourceforge.net/p/gnu-efi/patches/84/attachment/0001-lib-Makefile-add-.o-file-dependency-on-libsubdirs-ta.patch";
sha256 = "sha256-+2UwV2lopdB/tazib1BLzO1E3GgB1L8dZsSQKWVoLwA=";
})
];
buildInputs = [ pciutils ];
hardeningDisable = [ "stackprotector" ];

3
pkgs/development/libraries/gpgme/default.nix
View file

@ -47,6 +47,9 @@ stdenv.mkDerivation rec {
./python-310-detection-without-distutils.patch
# Find correct version string for Python >= 3.10, https://dev.gnupg.org/D546
./python-find-version-string-above-310.patch
# Fix a test after disallowing compressed signatures in gpg (PR #180336)
./test_t-verify_double-plaintext.patch
# Disable python tests on Darwin as they use gpg (see configureFlags below)
] ++ lib.optional stdenv.isDarwin ./disable-python-tests.patch
# Fix _AC_UNDECLARED_WARNING for autoconf>=2.70

31
pkgs/development/libraries/gpgme/test_t-verify_double-plaintext.patch Normal file
View file

@ -0,0 +1,31 @@
--- a/tests/gpg/t-verify.c
+++ b/tests/gpg/t-verify.c
@@ -304,7 +304,7 @@
err = gpgme_data_new (&text);
fail_if_err (err);
err = gpgme_op_verify (ctx, sig, NULL, text);
- if (gpgme_err_code (err) != GPG_ERR_BAD_DATA)
+ if (gpgme_err_code (err) == GPG_ERR_NO_ERROR)
{
fprintf (stderr, "%s:%i: Double plaintext message not detected\n",
PGM, __LINE__);
--- a/lang/python/tests/t-verify.py
+++ b/lang/python/tests/t-verify.py
@@ -142,7 +142,7 @@
c.op_verify(sig, None, text)
except Exception as e:
assert type(e) == gpg.errors.GPGMEError
- assert e.getcode() == gpg.errors.BAD_DATA
+ assert e.getcode() != gpg.errors.NO_ERROR
else:
assert False, "Expected an error but got none."
@@ -178,7 +178,7 @@
try:
c.verify(double_plaintext_sig)
except gpg.errors.GPGMEError as e:
- assert e.getcode() == gpg.errors.BAD_DATA
+ assert e.getcode() != gpg.errors.NO_ERROR
else:
assert False, "Expected an error but got none."

6
pkgs/development/libraries/libaom/default.nix
View file

@ -1,15 +1,15 @@
{ lib, stdenv, fetchzip, yasm, perl, cmake, pkg-config, python3
, enableButteraugli ? false, libjxl # Broken
, enableButteraugli ? true, libjxl
, enableVmaf ? true, libvmaf
}:
stdenv.mkDerivation rec {
pname = "libaom";
version = "3.3.0";
version = "3.4.0";
src = fetchzip {
url = "https://aomedia.googlesource.com/aom/+archive/v${version}.tar.gz";
sha256 = "sha256-g6QkKLrk+SH1s5fRmseAQMmM6y4QwmKmVDPxdbqGmwg=";
sha256 = "sha256-NgzpVxQmsgOPzKkGpJIJrLiNQcruhpEoCi/CYJx5b3A=";
stripRoot = false;
};

11
pkgs/development/libraries/libjxl/default.nix
View file

@ -48,6 +48,17 @@ stdenv.mkDerivation rec {
url = "https://github.com/libjxl/libjxl/commit/204f87a5e4d684544b13900109abf040dc0b402b.patch";
sha256 = "sha256-DoAaYWLmQ+R9GZbHMTYGe0gBL9ZesgtB+2WhmbARna8=";
})
# fix build with asciidoc wrapped in shell script
(fetchpatch {
url = "https://github.com/libjxl/libjxl/commit/b8ec58c58c6281987f42ebec892f513824c0cc0e.patch";
hash = "sha256-g8U+YVhLfgSHJ+PWJgvVOI66+FElJSC8IgSRodNnsMw=";
})
(fetchpatch {
url = "https://github.com/libjxl/libjxl/commit/ca8e276aacf63a752346a6a44ba673b0af993237.patch";
excludes = [ "AUTHORS" ];
hash = "sha256-9VXy1LdJ0JhYbCGPNMySpnGLBxUrr8BYzE+oU3LnUGw=";
})
];
nativeBuildInputs = [

4
pkgs/development/libraries/libsoup/3.x.nix
View file

@ -21,13 +21,13 @@
stdenv.mkDerivation rec {
pname = "libsoup";
version = "3.0.6";
version = "3.0.7";
outputs = [ "out" "dev" ];
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
sha256 = "sha256-tF1Z+EC5rPm7Rf1FhU4+9nL1fjq5V0AcOtjXUCrCPaY=";
sha256 = "sha256-69+QzzWZwRrLtoGKnZ4/ydLGjlbrgpuTlilyaD4b98g=";
};
nativeBuildInputs = [

13
pkgs/development/libraries/liburing/default.nix
View file

@ -4,12 +4,12 @@
stdenv.mkDerivation rec {
pname = "liburing";
version = "2.1"; # remove patch when updating
version = "2.2";
src = fetchgit {
url = "http://git.kernel.dk/${pname}";
rev = "liburing-${version}";
sha256 = "sha256-7wSpKqjIdQeOdsQu4xN3kFHV49n6qQ3xVbjUcY1tmas=";
sha256 = "sha256-M/jfxZ+5DmFvlAt8sbXrjBTPf2gLd9UyTNymtjD+55g";
};
separateDebugInfo = true;
@ -43,15 +43,6 @@ stdenv.mkDerivation rec {
cp ./examples/ucontext-cp $bin/bin/io_uring-ucontext-cp
'';
# fix for compilation on 32-bit ARM, merged by upstream but not released; remove when
# upstream releases an update
patches = lib.optional stdenv.isAarch32 [
(fetchpatch {
url = "https://github.com/axboe/liburing/commit/e75a6cfa085fc9b5dbf5140fc1efb5a07b6b829e.diff";
sha256 = "sha256-qQEQXYm5mkws2klLxwuuoPSPRkpP1s6tuylAAEp7+9E=";
})
];
meta = with lib; {
description = "Userspace library for the Linux io_uring API";
homepage = "https://git.kernel.dk/cgit/liburing/";

10
pkgs/development/libraries/pcre2/default.nix
View file

@ -6,16 +6,20 @@
stdenv.mkDerivation rec {
pname = "pcre2";
version = "10.40";
src = fetchurl {
url = "https://github.com/PhilipHazel/pcre2/releases/download/pcre2-${version}/pcre2-${version}.tar.bz2";
hash = "sha256-FOS4PEeDkz3BfpZDGOYyT3yuG8ddjzx5vGlp8AwVnWg=";
};
# Disable jit on Apple Silicon, https://github.com/zherczeg/sljit/issues/51
configureFlags = [
"--enable-pcre2-16"
"--enable-pcre2-32"
] ++ lib.optional (!(stdenv.hostPlatform.isDarwin && stdenv.hostPlatform.isAarch64)) "--enable-jit=auto";
# only enable jit on supported platforms which excludes Apple Silicon, see https://github.com/zherczeg/sljit/issues/51
"--enable-jit=auto"
# fix pcre jit in systemd units that set MemoryDenyWriteExecute=true like gitea
"--enable-jit-sealloc"
];
outputs = [ "bin" "dev" "out" "doc" "man" "devdoc" ];
@ -24,7 +28,7 @@ stdenv.mkDerivation rec {
'';
meta = with lib; {
homepage = "http://www.pcre.org/";
homepage = "https://www.pcre.org/";
description = "Perl Compatible Regular Expressions";
license = licenses.bsd3;
maintainers = with maintainers; [ ttuegel ];

1
pkgs/development/libraries/proj/7.nix
View file

@ -27,6 +27,7 @@ stdenv.mkDerivation rec {
url = "https://github.com/OSGeo/PROJ/commit/6f1a3c4648bf06862dca0b3725cbb3b7ee0284e3.diff";
sha256 = "0gapny0a9c3r0x9szjgn86sspjrrf4vwbija77b17w6ci5cq4pdf";
})
./tests-sqlite-3.39.patch
];
postPatch = lib.optionalString (version == "7.2.1") ''

13
pkgs/development/libraries/proj/tests-sqlite-3.39.patch Normal file
View file

@ -0,0 +1,13 @@
Drop tests that time out with newest sqlite.
https://github.com/OSGeo/PROJ/issues/3254
--- a/test/cli/CMakeLists.txt
+++ b/test/cli/CMakeLists.txt
@@ -16 +15,0 @@
-proj_add_test_script_sh("testprojinfo" PROJINFO_BIN)
--- a/test/unit/CMakeLists.txt
+++ b/test/unit/CMakeLists.txt
@@ -144,3 +143,0 @@
-add_test(NAME proj_test_cpp_api COMMAND proj_test_cpp_api)
-set_property(TEST proj_test_cpp_api
- PROPERTY ENVIRONMENT ${PROJ_TEST_ENVIRONMENT})

9
pkgs/development/libraries/re2/default.nix
View file

@ -15,13 +15,13 @@
stdenv.mkDerivation rec {
pname = "re2";
version = "2022-04-01";
version = "2022-06-01";
src = fetchFromGitHub {
owner = "google";
repo = "re2";
rev = version;
sha256 = "sha256-ywmXIAyVWYMKBOsAndcq7dFYpn9ZgNz5YWTPjylXxsk=";
sha256 = "sha256-UontAjOXpnPcOgoFHjf+1WSbCR7h58/U7nn4meT200Y=";
};
preConfigure = ''
@ -33,11 +33,6 @@ stdenv.mkDerivation rec {
buildFlags = lib.optionals stdenv.hostPlatform.isStatic [ "static" ];
enableParallelBuilding = true;
# Broken when shared/static are tested in parallel:
# cp: cannot create regular file 'obj/testinstall.cc': File exists
# make: *** [Makefile:334: static-testinstall] Error 1
# Will be fixed by https://code-review.googlesource.com/c/re2/+/59830
enableParallelChecking = false;
preCheck = "patchShebangs runtests";
doCheck = true;

4
pkgs/development/libraries/sqlite/default.nix
View file

@ -12,13 +12,13 @@ in
stdenv.mkDerivation rec {
pname = "sqlite${optionalString interactive "-interactive"}";
version = "3.38.5";
version = "3.39.0";
# nixpkgs-update: no auto update
# NB! Make sure to update ./tools.nix src (in the same directory).
src = fetchurl {
url = "https://sqlite.org/2022/sqlite-autoconf-${archiveVersion version}.tar.gz";
sha256 = "sha256-WvB96YK6ZY/ZGgMXDJRfmclx9pVbx53zJmVENz45hpw=";
sha256 = "sha256-6QvK723VgT/N7k6Gf2tl88m/0K7A8QF/nzu84eTtCeI=";
};
outputs = [ "bin" "dev" "out" ];

4
pkgs/development/libraries/sqlite/tools.nix
View file

@ -4,12 +4,12 @@ let
archiveVersion = import ./archive-version.nix lib;
mkTool = { pname, makeTarget, description, homepage, mainProgram }: stdenv.mkDerivation rec {
inherit pname;
version = "3.38.5";
version = "3.39.0";
# nixpkgs-update: no auto update
src = assert version == sqlite.version; fetchurl {
url = "https://sqlite.org/2022/sqlite-src-${archiveVersion version}.zip";
sha256 = "sha256-ZQO7WeOeyGYwg2lpQOyBjNVVUZbmylQ9QClEDMp7ANk=";
sha256 = "sha256-s1hfN90Qbbs9RsjBei0nX5pLh9+MRQm9LWpbQAMkJuY=";
};
nativeBuildInputs = [ unzip ];

12
pkgs/development/libraries/tracker/default.nix
View file

@ -38,6 +38,14 @@ stdenv.mkDerivation rec {
sha256 = "Wtb1vJd4Hr9V7NaUfNSuf/QZJRZYDRC9g4Dx3UcZbtI=";
};
patches = [
./fix-test-order.patch
];
postPatch = ''
patchShebangs utils/data-generators/cc/generate
'';
nativeBuildInputs = [
meson
ninja
@ -78,10 +86,6 @@ stdenv.mkDerivation rec {
doCheck = true;
postPatch = ''
patchShebangs utils/data-generators/cc/generate
'';
preCheck = ''
# (tracker-store:6194): Tracker-CRITICAL **: 09:34:07.722: Cannot initialize database: Could not open sqlite3 database:'/homeless-shelter/.cache/tracker/meta.db': unable to open database file
export HOME=$(mktemp -d)

9
pkgs/development/libraries/tracker/fix-test-order.patch Normal file
View file

@ -0,0 +1,9 @@
diff --git a/tests/libtracker-data/algebra/filter-scope-1.rq b/tests/libtracker-data/algebra/filter-scope-1.rq
index 7ee5a24ad..a8cd89ca9 100644
--- a/tests/libtracker-data/algebra/filter-scope-1.rq
+++ b/tests/libtracker-data/algebra/filter-scope-1.rq
@@ -7,3 +7,4 @@ SELECT ?v ?w ?v2
OPTIONAL { :x :p ?v2 FILTER(?v = 1) }
}
}
+ORDER BY ?v ?w ?v2

23
pkgs/development/perl-modules/generic/default.nix
View file

@ -27,27 +27,16 @@
, ...
}@attrs:
assert attrs?pname -> attrs?version;
assert attrs?pname -> !(attrs?name);
lib.warnIf (attrs ? name) "builtPerlPackage: `name' (\"${attrs.name}\") is deprecated, use `pname' and `version' instead"
lib.throwIf (attrs ? name) "buildPerlPackage: `name` (\"${attrs.name}\") is deprecated, use `pname` and `version` instead"
(let
defaultMeta = {
homepage = "https://metacpan.org/release/${lib.getName attrs}"; # TODO: phase-out `attrs.name`
mainProgram = attrs.pname or (builtins.parseDrvName attrs.name).name;
platforms = perl.meta.platforms;
homepage = "https://metacpan.org/dist/${attrs.pname}";
inherit (perl.meta) platforms;
};
cleanedAttrs = builtins.removeAttrs attrs [
"meta" "builder" "version" "pname" "fullperl"
"buildInputs" "nativeBuildInputs" "buildInputs"
"PERL_AUTOINSTALL" "AUTOMATED_TESTING" "PERL_USE_UNSAFE_INC"
];
package = stdenv.mkDerivation ({
pname = "perl${perl.version}-${lib.getName attrs}"; # TODO: phase-out `attrs.name`
version = lib.getVersion attrs; # TODO: phase-out `attrs.name`
package = stdenv.mkDerivation (attrs // {
name = "perl${perl.version}-${attrs.pname}-${attrs.version}";
builder = ./builder.sh;
@ -60,6 +49,6 @@ lib.warnIf (attrs ? name) "builtPerlPackage: `name' (\"${attrs.name}\") is depre
inherit PERL_AUTOINSTALL AUTOMATED_TESTING PERL_USE_UNSAFE_INC;
meta = defaultMeta // (attrs.meta or { });
} // cleanedAttrs);
});
in toPerlModule package)

11
pkgs/development/python-modules/Cython/default.nix
View file

@ -4,7 +4,6 @@
, fetchPypi
, fetchpatch
, python
, glibcLocales
, pkg-config
, gdb
, numpy
@ -24,12 +23,13 @@ let
;
in buildPythonPackage rec {
pname = "Cython";
version = "0.29.28";
pname = "cython";
version = "0.29.30";
src = fetchPypi {
inherit pname version;
sha256 = "sha256-1vrCNCgCww5RQmgo/ghP9N6xszhzZ8+Yl2uy5ktvjkU=";
pname = "Cython";
inherit version;
sha256 = "sha256-IjW2Laj+b6i5lCLI5YPy+5XhQ4Z9M3tcdeS5oahl+eM=";
};
nativeBuildInputs = [
@ -40,7 +40,6 @@ in buildPythonPackage rec {
gdb numpy ncurses
];
buildInputs = [ glibcLocales ];
LC_ALL = "en_US.UTF-8";
patches = [

4
pkgs/development/python-modules/babel/default.nix
View file

@ -2,12 +2,12 @@
buildPythonPackage rec {
pname = "babel";
version = "2.10.1";
version = "2.10.3";
src = fetchPypi {
pname = "Babel";
inherit version;
sha256 = "sha256-mK6soIYTPvs+HiqtA5aYdJDIQlkp3bz+BVAYT9xUzRM=";
sha256 = "sha256-dhRVNxHul0kPcyEm3Ad/jQrghOvGqW4j2xSCr6vbLFE=";
};
propagatedBuildInputs = [ pytz ];

4
pkgs/development/python-modules/certifi/default.nix
View file

@ -7,7 +7,7 @@
buildPythonPackage rec {
pname = "certifi";
version = "2022.05.18.1";
version = "2022.06.15";
disabled = pythonOlder "3.5";
@ -15,7 +15,7 @@ buildPythonPackage rec {
owner = pname;
repo = "python-certifi";
rev = version;
sha256 = "sha256-uDNVzKcT45mz0zXBwPkttKV21fEcgbRamE3+QutNLjA=";
sha256 = "sha256-CKO8wF5FMGLIZbTd7YrKE9OWV9MbfQ2+BMc5IPk1FFU=";
};
checkInputs = [

22
pkgs/development/python-modules/google-auth/default.nix
View file

@ -4,6 +4,7 @@
, fetchPypi
, pytestCheckHook
, cachetools
, cryptography
, flask
, freezegun
, mock
@ -32,6 +33,7 @@ buildPythonPackage rec {
];
checkInputs = [
cryptography
flask
freezegun
mock
@ -46,21 +48,11 @@ buildPythonPackage rec {
"google.oauth2"
];
disabledTests = lib.optionals stdenv.isDarwin [
"test_request_with_timeout_success"
"test_request_with_timeout_failure"
"test_request_headers"
"test_request_error"
"test_request_basic"
] ++ lib.optionals (stdenv.isDarwin && stdenv.isAarch64) [
# E MemoryError: Cannot allocate write+execute memory for ffi.callback().
# You might be running on a system that prevents this.
# For more information, see https://cffi.readthedocs.io/en/latest/using.html#callbacks
"test_configure_mtls_channel_with_callback"
"test_configure_mtls_channel_with_metadata"
"TestDecryptPrivateKey"
"TestMakeMutualTlsHttp"
"TestMutualTlsAdapter"
disabledTestPaths = [
# Disable tests related to pyopenssl
"tests/transport/test__mtls_helper.py"
"tests/transport/test_requests.py"
"tests/transport/test_urllib3.py"
];
meta = with lib; {

4
pkgs/development/python-modules/jsonschema/default.nix
View file

@ -14,14 +14,14 @@
buildPythonPackage rec {
pname = "jsonschema";
version = "4.6.0";
version = "4.6.1";
format = "pyproject";
disabled = pythonOlder "3.7";
src = fetchPypi {
inherit pname version;
sha256 = "sha256-nWOXukpsC/AwBzYFf2SePhLsvAfT6BoNrLct5OmAGVc=";
sha256 = "sha256-7CgC5qN1F/CdR9m6EHlHWJrh0l/1V7kl2DoyH8KqXTs=";
};
postPatch = ''

4
pkgs/development/python-modules/pycares/default.nix
View file

@ -8,11 +8,11 @@
buildPythonPackage rec {
pname = "pycares";
version = "4.1.2";
version = "4.2.1";
src = fetchPypi {
inherit pname version;
sha256 = "sha256-A0kL4Oe1GgyAc/h3vsNH7/MQA/ZPV9lRjUGdk2lFKDc=";
sha256 = "sha256-c1tPdf0PWVxOkYTaGM2Hc39GvIGmTqQfTtzitraNRtI=";
};
buildInputs = [

4
pkgs/development/python-modules/pycryptodome/default.nix
View file

@ -11,14 +11,14 @@ let
in
buildPythonPackage rec {
pname = "pycryptodome";
version = "3.14.1";
version = "3.15.0";
format = "setuptools";
src = fetchFromGitHub {
owner = "Legrandin";
repo = "pycryptodome";
rev = "v${version}";
hash = "sha256-0GjpKNyALe2Q1R3dEjeAEn6E8hxYDic/vbN1YkVaUfs=";
hash = "sha256-SPRoAfwP1MFlVzZsVWmXDWUY5Yje7eg7d+9zJhZNXrw=";
};
postPatch = ''

31
pkgs/development/python-modules/pytest-mock/default.nix
View file

@ -1,6 +1,6 @@
{ lib
, buildPythonPackage
, fetchpatch
, pythonOlder
, fetchPypi
, pytest
, pytest-asyncio
@ -10,24 +10,20 @@
buildPythonPackage rec {
pname = "pytest-mock";
version = "3.7.0";
version = "3.8.1";
disabled = pythonOlder "3.7";
format = "setuptools";
src = fetchPypi {
inherit pname version;
hash = "sha256-URK9ksyfGG7pbhqS78hJaepJSTnDrq05xQ9CHEzGlTQ=";
hash = "sha256-LG11bV07+Y4ugHl6lZyn+B9Hnn0fX1cWEbD91tF0UkA=";
};
patches = [
(fetchpatch {
# pytest7 compatbilitya
url = "https://github.com/pytest-dev/pytest-mock/commit/0577f1ad051fb8d0da94ea22dcb02346d74064b2.patch";
hash = "sha256-eim4v7U8Mjigr462bXI0pKH/M0ANBzSRc0lT4RpbZ0w=";
})
];
nativeBuildInputs = [ setuptools-scm ];
propagatedBuildInputs = [
buildInputs = [
pytest
];
@ -36,18 +32,13 @@ buildPythonPackage rec {
pytestCheckHook
];
disabledTests = [
# output of pytest has changed
"test_used_with_"
"test_plain_stopall"
];
pythonImportsCheck = [ "pytest_mock" ];
meta = with lib; {
description = "Thin-wrapper around the mock package for easier use with pytest";
description = "Thin wrapper around the mock package for easier use with pytest";
homepage = "https://github.com/pytest-dev/pytest-mock";
license = with licenses; [ mit ];
changelog = "https://github.com/pytest-dev/pytest-mock/blob/v${version}/CHANGELOG.rst";
license = licenses.mit;
maintainers = with maintainers; [ dotlambda ];
};
}

123
pkgs/development/python-modules/pythran/0001-hardcode-path-to-libgomp.patch
View file

@ -1,64 +1,79 @@
From 208fe98f10c580a5a2fb6a8cfdd56de109073925 Mon Sep 17 00:00:00 2001
From: Frederik Rietdijk <fridh@fridh.nl>
Date: Sat, 17 Jul 2021 18:36:27 +0200
Subject: [PATCH] hardcode path to libgomp
---
omp/__init__.py | 40 ++++------------------------------------
1 file changed, 4 insertions(+), 36 deletions(-)
diff --git a/omp/__init__.py b/omp/__init__.py
index bddae3063..9ba3678d8 100644
index 3801d1c8c..a93a74d6f 100644
--- a/omp/__init__.py
+++ b/omp/__init__.py
@@ -69,43 +69,11 @@ class OpenMP(object):
@@ -48,72 +48,8 @@ class OpenMP(object):
return ['omp', 'gomp', 'iomp5']
def init_not_msvc(self):
""" Find OpenMP library and try to load if using ctype interface. """
- # find_library() does not search automatically LD_LIBRARY_PATH
- paths = os.environ.get('LD_LIBRARY_PATH', '').split(':')
+ libgomp_path = "@gomp@"
- for libomp_name in self.get_libomp_names():
- if cxx is None or sys.platform == 'win32':
- # Note: Clang supports -print-file-name, but not yet for
- # clang-cl as of v12.0.0 (April '21)
- continue
-
- cmd = [cxx, '-print-file-name=' + libomp_name]
- # the subprocess can fail in various ways in that case just give up
- try:
- path = os.path.dirname(check_output(cmd).decode().strip())
- if path:
- paths.append(path)
- except (OSError, CalledProcessError):
- pass
-
- # Try to load find libgomp shared library using loader search dirs
- libgomp_path = find_library("gomp")
-
- # Try to use custom paths if lookup failed
- for path in paths:
- if libgomp_path:
- break
- path = path.strip()
- if os.path.isdir(path):
- libgomp_path = find_library(os.path.join(str(path), "libgomp"))
-
- if not libgomp_path:
- raise ImportError("I can't find a shared library for libgomp,"
- " you may need to install it or adjust the "
- "LD_LIBRARY_PATH environment variable.")
- """ Find OpenMP library and try to load if using ctype interface. """
- # find_library() does not automatically search LD_LIBRARY_PATH
- # until Python 3.6+, so we explicitly add it.
- # LD_LIBRARY_PATH is used on Linux, while macOS uses DYLD_LIBRARY_PATH
- # and DYLD_FALLBACK_LIBRARY_PATH.
- env_vars = []
- if sys.platform == 'darwin':
- env_vars = ['DYLD_LIBRARY_PATH', 'DYLD_FALLBACK_LIBRARY_PATH']
- else:
- # Load the library (shouldn't fail with an absolute path right?)
- self.libomp = ctypes.CDLL(libgomp_path)
- self.version = 45
+ # Load the library (shouldn't fail with an absolute path right?)
+ self.libomp = ctypes.CDLL(libgomp_path)
- env_vars = ['LD_LIBRARY_PATH']
-
- paths = []
- for env_var in env_vars:
- env_paths = os.environ.get(env_var, '')
- if env_paths:
- paths.extend(env_paths.split(os.pathsep))
-
-
- libomp_names = self.get_libomp_names()
-
- if cxx is not None:
- for libomp_name in libomp_names:
- cmd = [cxx,
- '-print-file-name=lib{}{}'.format(
- libomp_name,
- get_shared_lib_extension())]
- # The subprocess can fail in various ways, including because it
- # doesn't support '-print-file-name'. In that case just give up.
- try:
- output = check_output(cmd,
- stderr=DEVNULL)
- path = os.path.dirname(output.decode().strip())
- if path:
- paths.append(path)
- except (OSError, CalledProcessError):
- pass
-
-
- for libomp_name in libomp_names:
- # Try to load find libomp shared library using loader search dirs
- libomp_path = find_library(libomp_name)
-
- # Try to use custom paths if lookup failed
- if not libomp_path:
- for path in paths:
- candidate_path = os.path.join(
- path,
- 'lib{}{}'.format(libomp_name,
- get_shared_lib_extension()))
- if os.path.isfile(candidate_path):
- libomp_path = candidate_path
- break
-
- # Load the library
- if libomp_path:
- try:
- self.libomp = ctypes.CDLL(libomp_path)
- except OSError:
- raise ImportError("found openMP library '{}' but couldn't load it. "
- "This may happen if you are cross-compiling.".format(libomp_path))
- self.version = 45
- return
-
- raise ImportError("I can't find a shared library for libomp, you may need to install it "
- "or adjust the {} environment variable.".format(env_vars[0]))
-
+ self.libomp = ctypes.CDLL("@gomp@")
+ self.version = 45
def __getattr__(self, name):
"""
--
2.32.0

21
pkgs/development/python-modules/pythran/default.nix
View file

@ -3,7 +3,6 @@
, buildPythonPackage
, fetchFromGitHub
, openmp
, pytest-runner
, ply
, networkx
, decorator
@ -11,8 +10,6 @@
, six
, numpy
, beniget
, pytestCheckHook
, scipy
, isPy3k
, substituteAll
}:
@ -22,13 +19,13 @@ let
in buildPythonPackage rec {
pname = "pythran";
version = "0.9.12";
version = "0.11.0";
src = fetchFromGitHub {
owner = "serge-sans-paille";
repo = "pythran";
rev = version;
sha256 = "sha256-lQbVq4K/Q8RzlFhE+l3HPCmUGmauXawcKe31kfbUHsI=";
sha256 = "sha256-F9gUZOTSuiqvfGoN4yQqwUg9mnCeBntw5eHO7ZnjpzI=";
};
patches = [
@ -39,10 +36,6 @@ in buildPythonPackage rec {
})
];
nativeBuildInputs = [
pytest-runner
];
propagatedBuildInputs = [
ply
networkx
@ -62,14 +55,7 @@ in buildPythonPackage rec {
"pythran.spec"
];
checkInputs = [
pytestCheckHook
numpy
scipy
];
# Test suite is huge.
# Also, in the future scipy will rely on it resulting in a circular test dependency
# Test suite is huge and has a circular dependency on scipy.
doCheck = false;
disabled = !isPy3k;
@ -79,5 +65,4 @@ in buildPythonPackage rec {
homepage = "https://github.com/serge-sans-paille/pythran";
license = lib.licenses.bsd3;
};
}

4
pkgs/development/python-modules/requests/default.nix
View file

@ -17,12 +17,12 @@
buildPythonPackage rec {
pname = "requests";
version = "2.28.0";
version = "2.28.1";
disabled = pythonOlder "3.7";
src = fetchPypi {
inherit pname version;
hash = "sha256-1WhyOn69JYddjR6vXfoGjNL8gZSy5IPXsffIGRjb7Gs=";
hash = "sha256-fFWZsQL+3apmHIJsVqtP7ii/0X9avKHrvj5/GdfJeYM=";
};
patches = [

2
pkgs/development/python-modules/setuptools-scm/default.nix
View file

@ -3,6 +3,7 @@
, fetchPypi
, packaging
, tomli
, setuptools
, lib
}:
@ -19,6 +20,7 @@ buildPythonPackage rec {
propagatedBuildInputs = [
packaging
tomli
setuptools
];
pythonImportsCheck = [

4
pkgs/development/python-modules/sqlalchemy/default.nix
View file

@ -13,11 +13,11 @@
buildPythonPackage rec {
pname = "SQLAlchemy";
version = "1.4.37";
version = "1.4.39";
src = fetchPypi {
inherit pname version;
hash = "sha256-Noj5LGLbbF3yaOImSJEHjxfsuR4xQbQA8uKND3V5beo=";
hash = "sha256-gZSJYDh1O0awigsK6JpdgMiX+2Ad1R4kPtVyDx8VXSc=";
};
propagatedBuildInputs = [

3
pkgs/development/python-modules/twisted/default.nix
View file

@ -119,7 +119,8 @@ buildPythonPackage rec {
pyhamcrest
]
++ passthru.optional-dependencies.conch
++ passthru.optional-dependencies.tls;
# not supported on aarch64-darwin: https://github.com/pyca/pyopenssl/issues/873
++ lib.optionals (!(stdenv.isDarwin && stdenv.isAarch64)) passthru.optional-dependencies.tls;
checkPhase = ''
export SOURCE_DATE_EPOCH=315532800

7
pkgs/development/python-modules/urllib3/default.nix
View file

@ -4,16 +4,16 @@
, buildPythonPackage
, certifi
, cryptography
, python-dateutil
, fetchPypi
, isPyPy
, idna
, isPyPy
, mock
, pyopenssl
, pysocks
, pytest-freezegun
, pytest-timeout
, pytestCheckHook
, python-dateutil
, tornado
, trustme
}:
@ -30,7 +30,7 @@ buildPythonPackage rec {
# FIXME: remove backwards compatbility hack
propagatedBuildInputs = passthru.optional-dependencies.brotli
++ passthru.optional-dependencies.secure;
++ passthru.optional-dependencies.socks;
checkInputs = [
python-dateutil
@ -65,6 +65,7 @@ buildPythonPackage rec {
passthru.optional-dependencies = {
brotli = if isPyPy then [ brotlicffi ] else [ brotli ];
# Use carefully since pyopenssl is not supported aarch64-darwin
secure = [ certifi cryptography idna pyopenssl ];
socks = [ pysocks ];
};

0
pkgs/development/tools/build-managers/cmake/search-path.patch → pkgs/development/tools/build-managers/cmake/001-search-path.diff
View file

0
pkgs/development/tools/build-managers/cmake/application-services.patch → pkgs/development/tools/build-managers/cmake/002-application-services.diff
View file

0
pkgs/development/tools/build-managers/cmake/libuv-application-services.patch → pkgs/development/tools/build-managers/cmake/003-libuv-application-services.diff
View file

0
pkgs/development/tools/build-managers/cmake/3.2.2-cygwin.patch → pkgs/development/tools/build-managers/cmake/004-cygwin.diff
View file

30
pkgs/development/tools/build-managers/cmake/remove-systemconfiguration-dep.patch → pkgs/development/tools/build-managers/cmake/005-remove-systemconfiguration-dep.diff
View file

@ -1,23 +1,19 @@
diff --git a/Utilities/cmcurl/CMakeLists.txt b/Utilities/cmcurl/CMakeLists.txt
index 9eef01aaf0..d141d4086c 100644
--- a/Utilities/cmcurl/CMakeLists.txt
+++ b/Utilities/cmcurl/CMakeLists.txt
@@ -537,12 +537,7 @@ if(${CMAKE_SYSTEM_NAME} MATCHES "Darwin")
message(FATAL_ERROR "CoreFoundation framework not found")
endif()
@@ -391,13 +391,6 @@ if(ENABLE_IPV6 AND NOT WIN32)
- find_library(SYSTEMCONFIGURATION_FRAMEWORK "SystemConfiguration")
- if(NOT SYSTEMCONFIGURATION_FRAMEWORK)
- message(FATAL_ERROR "SystemConfiguration framework not found")
- endif()
if(CMAKE_SYSTEM_NAME STREQUAL "Darwin" AND NOT ENABLE_ARES)
set(use_core_foundation ON)
-
- list(APPEND CURL_LIBS "-framework CoreFoundation" "-framework SystemConfiguration")
+ list(APPEND CURL_LIBS "-framework CoreFoundation")
- find_library(SYSTEMCONFIGURATION_FRAMEWORK "SystemConfiguration")
- if(NOT SYSTEMCONFIGURATION_FRAMEWORK)
- message(FATAL_ERROR "SystemConfiguration framework not found")
- endif()
-
- list(APPEND CURL_LIBS "-framework SystemConfiguration")
endif()
endif()
if(CMAKE_USE_SECTRANSP)
find_library(SECURITY_FRAMEWORK "Security")
diff --git a/Utilities/cmcurl/lib/curl_setup.h b/Utilities/cmcurl/lib/curl_setup.h
index 554dcc1e67..059f14e632 100644
--- a/Utilities/cmcurl/lib/curl_setup.h
+++ b/Utilities/cmcurl/lib/curl_setup.h
@@ -257,11 +257,7 @@
@ -32,8 +28,6 @@ index 554dcc1e67..059f14e632 100644
#endif
#ifdef USE_LWIPSOCK
diff --git a/Utilities/cmcurl/lib/hostip.c b/Utilities/cmcurl/lib/hostip.c
index 117caa2957..9f7c709e44 100644
--- a/Utilities/cmcurl/lib/hostip.c
+++ b/Utilities/cmcurl/lib/hostip.c
@@ -68,10 +68,6 @@
@ -47,7 +41,7 @@ index 117caa2957..9f7c709e44 100644
#if defined(CURLRES_SYNCH) && \
defined(HAVE_ALARM) && defined(SIGALRM) && defined(HAVE_SIGSETJMP)
/* alarm-based timeouts can only be used with all the dependencies satisfied */
@@ -653,23 +649,6 @@ enum resolve_t Curl_resolv(struct Curl_easy *data,
@@ -661,23 +657,6 @@ enum resolve_t Curl_resolv(struct Curl_easy *data,
return CURLRESOLV_ERROR;
}

0
pkgs/development/tools/build-managers/cmake/darwin-always-set-runtime-c-flag.patch → pkgs/development/tools/build-managers/cmake/006-darwin-always-set-runtime-c-flag.diff
View file

120
pkgs/development/tools/build-managers/cmake/default.nix
View file

@ -1,62 +1,91 @@
{ stdenv, lib, fetchurl, pkg-config
, bzip2, curlMinimal, expat, libarchive, xz, zlib, libuv, rhash
{ lib
, stdenv
, buildPackages
# darwin attributes
, bzip2
, curlMinimal
, expat
, fetchurl
, libarchive
, libuv
, ncurses
, openssl
, pkg-config
, qtbase
, rhash
, sphinx
, texinfo
, wrapQtAppsHook
, xz
, zlib
, SystemConfiguration
, ps
, isBootstrap ? false
, useOpenSSL ? !isBootstrap
, useSharedLibraries ? (!isBootstrap && !stdenv.isCygwin)
, useOpenSSL ? !isBootstrap, openssl
, useNcurses ? false, ncurses
, withQt5 ? false, qtbase, wrapQtAppsHook
, buildDocs ? (!isBootstrap && (useNcurses || withQt5)), sphinx, texinfo
, uiToolkits ? [] # can contain "ncurses" and/or "qt5"
, buildDocs ? !(isBootstrap || (uiToolkits == []))
}:
let
cursesUI = lib.elem "ncurses" uiToolkits;
qt5UI = lib.elem "qt5" uiToolkits;
in
# Accepts only "ncurses" and "qt5" as possible uiToolkits
assert lib.subtractLists [ "ncurses" "qt5" ] uiToolkits == [];
stdenv.mkDerivation rec {
pname = "cmake"
+ lib.optionalString isBootstrap "-boot"
+ lib.optionalString useNcurses "-cursesUI"
+ lib.optionalString withQt5 "-qt5UI";
version = "3.22.3";
+ lib.optionalString cursesUI "-cursesUI"
+ lib.optionalString qt5UI "-qt5UI";
version = "3.23.2";
src = fetchurl {
url = "https://cmake.org/files/v${lib.versions.majorMinor version}/cmake-${version}.tar.gz";
sha256 = "sha256-n4RpFm+UVTtpeKFu4pIn7Emi61zrYIJ13sQNiuDRtaA=";
sha256 = "sha256-8xa0AFNGb5pBat+YHv2kGxYMqFnpf2pIS0R+opn/Jqo=";
};
patches = [
# Don't search in non-Nix locations such as /usr, but do search in our libc.
./search-path.patch
./001-search-path.diff
# Don't depend on frameworks.
./application-services.patch
./002-application-services.diff
# Derived from https://github.com/libuv/libuv/commit/1a5d4f08238dd532c3718e210078de1186a5920d
./libuv-application-services.patch
] ++ lib.optional stdenv.isCygwin ./3.2.2-cygwin.patch
./003-libuv-application-services.diff
]
++ lib.optional stdenv.isCygwin ./004-cygwin.diff
# Derived from https://github.com/curl/curl/commit/31f631a142d855f069242f3e0c643beec25d1b51
++ lib.optional (stdenv.isDarwin && isBootstrap) ./remove-systemconfiguration-dep.patch
++ lib.optional (stdenv.isDarwin && isBootstrap) ./005-remove-systemconfiguration-dep.diff
# On Darwin, always set CMAKE_SHARED_LIBRARY_RUNTIME_C_FLAG.
++ lib.optional stdenv.isDarwin ./darwin-always-set-runtime-c-flag.patch;
++ lib.optional stdenv.isDarwin ./006-darwin-always-set-runtime-c-flag.diff;
outputs = [ "out" ]
++ lib.optionals buildDocs [ "man" "info" ];
outputs = [ "out" ] ++ lib.optionals buildDocs [ "man" "info" ];
setOutputFlags = false;
setupHook = ./setup-hook.sh;
depsBuildBuild = [ buildPackages.stdenv.cc ];
nativeBuildInputs = [ setupHook pkg-config ]
++ lib.optionals buildDocs [ texinfo ]
++ lib.optionals withQt5 [ wrapQtAppsHook ];
nativeBuildInputs = [
pkg-config
setupHook
]
++ lib.optionals buildDocs [ texinfo ]
++ lib.optionals qt5UI [ wrapQtAppsHook ];
buildInputs = lib.optionals useSharedLibraries [ bzip2 curlMinimal expat libarchive xz zlib libuv rhash ]
++ lib.optional useOpenSSL openssl
++ lib.optional useNcurses ncurses
++ lib.optional withQt5 qtbase
++ lib.optional (stdenv.isDarwin && !isBootstrap) SystemConfiguration;
buildInputs = lib.optionals useSharedLibraries [
bzip2
curlMinimal
expat
libarchive
xz
zlib
libuv
rhash
]
++ lib.optional useOpenSSL openssl
++ lib.optional cursesUI ncurses
++ lib.optional qt5UI qtbase
++ lib.optional (stdenv.isDarwin && !isBootstrap) SystemConfiguration;
propagatedBuildInputs = lib.optional stdenv.isDarwin ps;
@ -73,18 +102,21 @@ stdenv.mkDerivation rec {
configureFlags = [
"CXXFLAGS=-Wno-elaborated-enum-base"
"--docdir=share/doc/${pname}${version}"
] ++ (if useSharedLibraries then [ "--no-system-jsoncpp" "--system-libs" ] else [ "--no-system-libs" ]) # FIXME: cleanup
++ lib.optional withQt5 "--qt-gui"
] ++ (if useSharedLibraries
then [ "--no-system-jsoncpp" "--system-libs" ]
else [ "--no-system-libs" ]) # FIXME: cleanup
++ lib.optional qt5UI "--qt-gui"
++ lib.optionals buildDocs [
"--sphinx-build=${sphinx}/bin/sphinx-build"
"--sphinx-man"
"--sphinx-info"
"--sphinx-man"
]
# Workaround https://gitlab.kitware.com/cmake/cmake/-/issues/20568
++ lib.optionals stdenv.hostPlatform.is32bit [
"CFLAGS=-D_FILE_OFFSET_BITS=64"
"CXXFLAGS=-D_FILE_OFFSET_BITS=64"
] ++ [
]
++ [
"--"
# We should set the proper `CMAKE_SYSTEM_NAME`.
# http://www.cmake.org/Wiki/CMake_Cross_Compiling
@ -100,7 +132,7 @@ stdenv.mkDerivation rec {
"-DCMAKE_USE_OPENSSL=${if useOpenSSL then "ON" else "OFF"}"
# Avoid depending on frameworks.
"-DBUILD_CursesDialog=${if useNcurses then "ON" else "OFF"}"
"-DBUILD_CursesDialog=${if cursesUI then "ON" else "OFF"}"
];
# make install attempts to use the just-built cmake
@ -118,19 +150,19 @@ stdenv.mkDerivation rec {
doCheck = false; # fails
meta = with lib; {
broken = (withQt5 && stdenv.isDarwin);
homepage = "https://cmake.org/";
changelog = "https://cmake.org/cmake/help/v${lib.versions.majorMinor version}/release/${lib.versions.majorMinor version}.html";
description = "Cross-Platform Makefile Generator";
description = "Cross-platform, open-source build system generator";
longDescription = ''
CMake is an open-source, cross-platform family of tools designed to
build, test and package software. CMake is used to control the software
CMake is an open-source, cross-platform family of tools designed to build,
test and package software. CMake is used to control the software
compilation process using simple platform and compiler independent
configuration files, and generate native makefiles and workspaces that
can be used in the compiler environment of your choice.
configuration files, and generate native makefiles and workspaces that can
be used in the compiler environment of your choice.
'';
platforms = platforms.all;
maintainers = with maintainers; [ ttuegel lnl7 ];
changelog = "https://cmake.org/cmake/help/v${lib.versions.majorMinor version}/release/${lib.versions.majorMinor version}.html";
license = licenses.bsd3;
maintainers = with maintainers; [ ttuegel lnl7 AndersonTorres ];
platforms = platforms.all;
broken = (qt5UI && stdenv.isDarwin);
};
}

6
pkgs/development/tools/build-managers/ninja/setup-hook.sh
View file

@ -14,7 +14,7 @@ ninjaBuildPhase() {
)
echoCmd 'build flags' "${flagsArray[@]}"
ninja "${flagsArray[@]}" | cat
TERM=dumb ninja "${flagsArray[@]}"
runHook postBuild
}
@ -33,7 +33,7 @@ ninjaInstallPhase() {
)
echoCmd 'install flags' "${flagsArray[@]}"
ninja "${flagsArray[@]}" | cat
TERM=dumb ninja "${flagsArray[@]}"
runHook postInstall
}
@ -67,7 +67,7 @@ ninjaCheckPhase() {
)
echoCmd 'check flags' "${flagsArray[@]}"
ninja "${flagsArray[@]}" | cat
TERM=dumb ninja "${flagsArray[@]}"
fi
runHook postCheck

16
pkgs/development/tools/delve/default.nix
View file

@ -1,4 +1,4 @@
{ lib, buildGoModule, fetchFromGitHub, makeWrapper }:
{ lib, buildGoModule, fetchFromGitHub, makeWrapper, stdenv }:
buildGoModule rec {
pname = "delve";
@ -17,7 +17,19 @@ buildGoModule rec {
nativeBuildInputs = [ makeWrapper ];
checkFlags = [ "-short" ];
hardeningDisable = [ "fortify" ];
preCheck = ''
XDG_CONFIG_HOME=$(mktemp -d)
'';
# Disable tests on Darwin as they require various workarounds.
#
# - Tests requiring local networking fail with or without sandbox,
# even with __darwinAllowLocalNetworking allowed.
# - CGO_FLAGS warnings break tests' expected stdout/stderr outputs.
# - DAP test binaries exit prematurely.
doCheck = !stdenv.isDarwin;
postInstall = ''
# fortify source breaks build since delve compiles with -O0

4
pkgs/development/tools/documentation/doxygen/default.nix
View file

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "doxygen";
version = "1.9.3";
version = "1.9.4";
src = fetchFromGitHub {
owner = "doxygen";
repo = "doxygen";
rev = "Release_${lib.replaceStrings [ "." ] [ "_" ] version}";
sha256 = "1xfsv31ffrv03qhxlscav0r5mdi3qz4654ib9cq35rvmxfj999bw";
sha256 = "sha256-Dnr8d+ngSBkgL/BITvsvoERAHQyEXCoQDltbnQ2nXKM=";
};
nativeBuildInputs = [

4
pkgs/development/tools/misc/autoconf-archive/default.nix
View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "autoconf-archive";
version = "2021.02.19";
version = "2022.02.11";
src = fetchurl {
url = "mirror://gnu/autoconf-archive/autoconf-archive-${version}.tar.xz";
sha256 = "sha256-6KbrnSjdy6j/7z+iEWUyOem/I5q6agGmt8/Hzq7GnL0=";
sha256 = "sha256-eKYbYR4u61WongOY4M44e8r1f+LdU8b+QnEw93etHow=";
};
strictDeps = true;

4
pkgs/development/tools/misc/luarocks/default.nix
View file

@ -26,6 +26,10 @@ stdenv.mkDerivation rec {
substituteInPlace src/luarocks/core/cfg.lua --subst-var-by 'darwinMinVersion' '${stdenv.targetPlatform.darwinMinVersion}'
'';
# Manually written ./configure does not support --build= or --host=:
# Error: Unknown flag: --build=x86_64-unknown-linux-gnu
configurePlatforms = [ ];
preConfigure = ''
lua -e "" || {
luajit -e "" && {

13
pkgs/development/tools/misc/texinfo/common.nix
View file

@ -36,8 +36,7 @@ stdenv.mkDerivation {
strictDeps = true;
enableParallelBuilding = true;
# We need a native compiler to build perl XS extensions
# when cross-compiling.
# A native compiler is needed to build tools needed at build time
depsBuildBuild = [ buildPackages.stdenv.cc perl ];
buildInputs = [ xz.bin bash libintl ]
@ -45,6 +44,9 @@ stdenv.mkDerivation {
++ optional interactive ncurses;
configureFlags = [ "PERL=${buildPackages.perl}/bin/perl" ]
# Perl XS modules are difficult to cross-compile and texinfo has pure Perl
# fallbacks.
++ optional crossBuildTools "--enable-perl-xs=no"
++ lib.optional stdenv.isSunOS "AWK=${gawk}/bin/awk";
installFlags = [ "TEXMF=$(out)/texmf-dist" ];
@ -62,6 +64,13 @@ stdenv.mkDerivation {
"XFAIL_TESTS=test_scripts/layout_formatting_fr_icons.sh"
];
postFixup = optionalString crossBuildTools ''
for f in "$out"/bin/{pod2texi,texi2any}; do
substituteInPlace "$f" \
--replace ${buildPackages.perl}/bin/perl ${perl}/bin/perl
done
'';
meta = {
homepage = "https://www.gnu.org/software/texinfo/";
description = "The GNU documentation system";

4
pkgs/os-specific/linux/alsa-project/alsa-lib/default.nix
View file

@ -7,11 +7,11 @@
stdenv.mkDerivation rec {
pname = "alsa-lib";
version = "1.2.6.1";
version = "1.2.7.1";
src = fetchurl {
url = "mirror://alsa/lib/${pname}-${version}.tar.bz2";
hash = "sha256-rVgpk9Us21+xWaC+q2CmrFfqsMwb34XcTbbWGX8CMz8=";
hash = "sha256-BG3ELfz60mkhe+BZVGhhN+XnOX8wQTcvjG3NfXlGHmE=";
};
patches = [

4
pkgs/os-specific/linux/alsa-project/alsa-plugins/default.nix
View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "alsa-plugins";
version = "1.2.6";
version = "1.2.7.1";
src = fetchurl {
url = "mirror://alsa/plugins/${pname}-${version}.tar.bz2";
sha256 = "sha256-BogYpLVdjAKdqgABXYU9RRE/VrIkt8ZOHhF5iMglsqA=";
hash = "sha256-jDN4FJVLt8FnRWczpgRhQqKTHxLsy6PsKkrmGKNDJRE=";
};
nativeBuildInputs = [ pkg-config ];

4
pkgs/os-specific/linux/alsa-project/alsa-ucm-conf/default.nix
View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "alsa-ucm-conf";
version = "1.2.6.3";
version = "1.2.7.1";
src = fetchurl {
url = "mirror://alsa/lib/${pname}-${version}.tar.bz2";
sha256 = "sha256-uKA6o4emJKL2XtwgG/d3QhGQtgUpqSCHZGgjr72Wxc0=";
hash = "sha256-rFsqEnV4Pv8H4cs0w2xsWYd0JnmjQAN1B8BKncHSLKw=";
};
dontBuild = true;

4
pkgs/os-specific/linux/ell/default.nix
View file

@ -7,14 +7,14 @@
stdenv.mkDerivation rec {
pname = "ell";
version = "0.50";
version = "0.51";
outputs = [ "out" "dev" ];
src = fetchgit {
url = "https://git.kernel.org/pub/scm/libs/ell/ell.git";
rev = version;
sha256 = "sha256-LQAbE/pAKjVFsn9FjIbvY6sTBcVBdi4LCOnDVZ/WGV0=";
sha256 = "sha256-UGc6msj+V3U7IzquD4+KDLWt1vUxdV2Qm9Y0FOmsqtc=";
};
nativeBuildInputs = [

4
pkgs/os-specific/linux/iproute/default.nix
View file

@ -6,11 +6,11 @@
stdenv.mkDerivation rec {
pname = "iproute2";
version = "5.17.0";
version = "5.18.0";
src = fetchurl {
url = "mirror://kernel/linux/utils/net/${pname}/${pname}-${version}.tar.xz";
sha256 = "bjhPG0LHXhqdqsV4Zto33P+QkJC6huslpudk2niTZg4=";
sha256 = "W6PUZNUcjCg1UNUH/6w9EPeuxYe3xmsMy2lQZDZGOJ4=";
};
patches = [

5
pkgs/os-specific/linux/iptables/default.nix
View file

@ -24,6 +24,11 @@ stdenv.mkDerivation rec {
url = "https://git.netfilter.org/iptables/patch/?id=f319389525b066b7dc6d389c88f16a0df3b8f189";
sha256 = "sha256-rOxCEWZoI8Ac5fQDp286YHAwvreUAoDVAbomboKrGyM=";
})
# fix Musl build
(fetchpatch {
url = "https://git.netfilter.org/iptables/patch/?id=0e7cf0ad306cdf95dc3c28d15a254532206a888e";
sha256 = "18mnvqfxzd7ifq3zjb4vyifcyadpxdi8iqcj8wsjgw23n49lgrbj";
})
];
outputs = [ "out" "dev" "man" ];

4
pkgs/os-specific/linux/iwd/default.nix
View file

@ -12,12 +12,12 @@
stdenv.mkDerivation rec {
pname = "iwd";
version = "1.27";
version = "1.28";
src = fetchgit {
url = "https://git.kernel.org/pub/scm/network/wireless/iwd.git";
rev = version;
sha256 = "sha256-gN9+9Cc6zjZBXDhcHBH5wyucO5/vL7bKSLWM5laFqaA=";
sha256 = "sha256-UAhgmXTbCgxja8nniexr6+jkzHIOMn9k1Cp8oMuskk0=";
};
outputs = [ "out" "man" "doc" ]

2
pkgs/os-specific/linux/libsepol/default.nix
View file

@ -31,6 +31,8 @@ stdenv.mkDerivation rec {
NIX_CFLAGS_COMPILE = "-Wno-error";
enableParallelBuilding = true;
passthru = { inherit se_url; };
meta = with lib; {

6
pkgs/os-specific/linux/v4l-utils/default.nix
View file

@ -1,5 +1,5 @@
{ stdenv, lib, fetchurl, pkg-config, perl
, libjpeg, udev
, argp-standalone, libjpeg, udev
, withUtils ? true
, withGUI ? true, alsa-lib, libX11, qtbase, libGLU, wrapQtAppsHook
}:
@ -35,7 +35,9 @@ in stdenv.mkDerivation rec {
nativeBuildInputs = [ pkg-config perl ] ++ lib.optional withQt wrapQtAppsHook;
buildInputs = [ udev ] ++ lib.optionals withQt [ alsa-lib libX11 qtbase libGLU ];
buildInputs = [ udev ]
++ lib.optional (!stdenv.hostPlatform.isGnu) argp-standalone
++ lib.optionals withQt [ alsa-lib libX11 qtbase libGLU ];
propagatedBuildInputs = [ libjpeg ];

33
pkgs/stdenv/linux/default.nix
View file

@ -304,15 +304,18 @@ in
binutils coreutils gnugrep
perl patchelf linuxHeaders gnum4 bison libidn2 libunistring;
${localSystem.libc} = getLibc prevStage;
# Link GCC statically against GMP etc. This makes sense because
# these builds of the libraries are only used by GCC, so it
# reduces the size of the stdenv closure.
gmp = super.gmp.override { stdenv = self.makeStaticLibraries self.stdenv; };
mpfr = super.mpfr.override { stdenv = self.makeStaticLibraries self.stdenv; };
libmpc = super.libmpc.override { stdenv = self.makeStaticLibraries self.stdenv; };
isl_0_20 = super.isl_0_20.override { stdenv = self.makeStaticLibraries self.stdenv; };
gcc-unwrapped = super.gcc-unwrapped.override {
isl = isl_0_20;
gcc-unwrapped =
let makeStaticLibrariesAndMark = pkg:
lib.makeOverridable (pkg.override { stdenv = self.makeStaticLibraries self.stdenv; })
.overrideAttrs (a: { pname = "${a.pname}-stage3"; });
in super.gcc-unwrapped.override {
# Link GCC statically against GMP etc. This makes sense because
# these builds of the libraries are only used by GCC, so it
# reduces the size of the stdenv closure.
gmp = makeStaticLibrariesAndMark super.gmp;
mpfr = makeStaticLibrariesAndMark super.mpfr;
libmpc = makeStaticLibrariesAndMark super.libmpc;
isl = makeStaticLibrariesAndMark super.isl_0_20;
# Use a deterministically built compiler
# see https://github.com/NixOS/nixpkgs/issues/108475 for context
reproducibleBuild = true;
@ -336,7 +339,7 @@ in
# because gcc (since JAR support) already depends on zlib, and
# then if we already have a zlib we want to use that for the
# other purposes (binutils and top-level pkgs) too.
inherit (prevStage) gettext gnum4 bison gmp perl texinfo zlib linuxHeaders libidn2 libunistring;
inherit (prevStage) gettext gnum4 bison perl texinfo zlib linuxHeaders libidn2 libunistring;
${localSystem.libc} = getLibc prevStage;
binutils = super.binutils.override {
# Don't use stdenv's shell but our own
@ -347,6 +350,14 @@ in
};
};
# force gmp to rebuild so we have the option of dynamically linking
# libgmp without creating a reference path from:
# stage5.gcc -> stage4.coreutils -> stage3.glibc -> bootstrap
gmp = lib.makeOverridable (super.gmp.override { stdenv = self.stdenv; }).overrideAttrs (a: { pname = "${a.pname}-stage4"; });
# coreutils gets rebuilt both here and also in the final stage; we rename this one to avoid confusion
coreutils = super.coreutils.overrideAttrs (a: { pname = "${a.pname}-stage4"; });
gcc = lib.makeOverridable (import ../../build-support/cc-wrapper) {
nativeTools = false;
nativeLibc = false;
@ -417,7 +428,7 @@ in
# Simple executable tools
concatMap (p: [ (getBin p) (getLib p) ]) [
gzip bzip2 xz bash binutils.bintools coreutils diffutils findutils
gawk gnumake gnused gnutar gnugrep gnupatch patchelf ed file
gawk gmp gnumake gnused gnutar gnugrep gnupatch patchelf ed file
]
# Library dependencies
++ map getLib (

6
pkgs/tools/filesystems/go-mtpfs/default.nix
View file

@ -18,7 +18,11 @@ buildGoModule rec {
nativeBuildInputs = [ pkg-config ];
buildInputs = [ libusb1 ];
checkFlags = [ "-short" ];
preCheck = ''
# Only run tests under mtp/encoding_test.go
# Other tests require an Android deviced attached over USB.
buildFlagsArray+=("-run" "Test(Encode|Decode|Variant).*")
'';
meta = with lib; {
description = "A simple FUSE filesystem for mounting Android devices as a MTP device";

5
pkgs/tools/misc/coreutils/default.nix
View file

@ -39,6 +39,11 @@ stdenv.mkDerivation rec {
sha256 = "sha256-YaH0ENeLp+fzelpPUObRMgrKMzdUhKMlXt3xejhYBCM=";
};
patches = lib.optionals (stdenv.isDarwin && stdenv.isx86_64) [
# Workaround for https://debbugs.gnu.org/cgi/bugreport.cgi?bug=51433
./disable-seek-hole.patch
];
postPatch = ''
# The test tends to fail on btrfs, f2fs and maybe other unusual filesystems.
sed '2i echo Skipping dd sparse test && exit 77' -i ./tests/dd/sparse.sh

43
pkgs/tools/misc/coreutils/disable-seek-hole.patch Normal file
View file

@ -0,0 +1,43 @@
diff --git a/src/copy.c b/src/copy.c
index cb9018f93..2a4ccc061 100644
--- a/src/copy.c
+++ b/src/copy.c
@@ -502,7 +502,7 @@ write_zeros (int fd, off_t n_bytes)
return true;
}
-#ifdef SEEK_HOLE
+#if 0
/* Perform an efficient extent copy, if possible. This avoids
the overhead of detecting holes in hole-introducing/preserving
copy, and thus makes copying sparse files much more efficient.
@@ -1095,7 +1095,7 @@ infer_scantype (int fd, struct stat const *sb,
&& ST_NBLOCKS (*sb) < sb->st_size / ST_NBLOCKSIZE))
return PLAIN_SCANTYPE;
-#ifdef SEEK_HOLE
+#if 0
scan_inference->ext_start = lseek (fd, 0, SEEK_DATA);
if (0 <= scan_inference->ext_start)
return LSEEK_SCANTYPE;
@@ -1377,7 +1377,7 @@ copy_reg (char const *src_name, char const *dst_name,
off_t n_read;
bool wrote_hole_at_eof = false;
if (! (
-#ifdef SEEK_HOLE
+#if 0
scantype == LSEEK_SCANTYPE
? lseek_copy (source_desc, dest_desc, buf, buf_size, hole_size,
scan_inference.ext_start, src_open_sb.st_size,
diff --git a/tests/seek-data-capable b/tests/seek-data-capable
index cc6372214..6e7a9ec1e 100644
--- a/tests/seek-data-capable
+++ b/tests/seek-data-capable
@@ -1,5 +1,7 @@
import sys, os, errno, platform
+sys.exit(1)
+
# Pass an _empty_ file
if len(sys.argv) != 2:
sys.exit(1)

3
pkgs/tools/misc/mmake/default.nix
View file

@ -15,7 +15,8 @@ buildGoModule rec {
ldflags = [ "-s" "-w" ];
checkFlags = [ "-short" ];
# Almost all tests require non-local networking, trying to resolve githubusercontent.com.
doCheck = false;
meta = with lib; {
homepage = "https://github.com/tj/mmake";

10
pkgs/tools/security/gnupg/23.nix
View file

@ -15,11 +15,11 @@ assert guiSupport -> pinentry != null && enableMinimal == false;
stdenv.mkDerivation rec {
pname = "gnupg";
version = "2.3.4";
version = "2.3.6";
src = fetchurl {
url = "mirror://gnupg/gnupg/${pname}-${version}.tar.bz2";
sha256 = "sha256-80aOyvsdf5rXtR/R23rr8XzridLvqKBc8vObTUBUAq4=";
sha256 = "sha256-Iff+L8XC8hQYSrBQl37HqOME5Yv64qsJj+xp+Pq9qcE=";
};
depsBuildBuild = [ buildPackages.stdenv.cc ];
@ -34,6 +34,12 @@ stdenv.mkDerivation rec {
./tests-add-test-cases-for-import-without-uid.patch
./allow-import-of-previously-known-keys-even-without-UI.patch
./accept-subkeys-with-a-good-revocation-but-no-self-sig.patch
# Patch from upstream 34c649b36013, https://dev.gnupg.org/T6027
./CVE-2022-34903-g10-fix-garbled-status-messages-in-NOTATION_DATA.patch
# Patch for DoS vuln from https://seclists.org/oss-sec/2022/q3/27
./v3-0001-Disallow-compressed-signatures-and-certificates.patch
];
postPatch = ''
sed -i 's,\(hkps\|https\)://keyserver.ubuntu.com,hkps://keys.openpgp.org,g' configure configure.ac doc/dirmngr.texi doc/gnupg.info-1

45
pkgs/tools/security/gnupg/CVE-2022-34903-g10-fix-garbled-status-messages-in-NOTATION_DATA.patch Normal file
View file

@ -0,0 +1,45 @@
commit 34c649b3601383cd11dbc76221747ec16fd68e1b
Author: Werner Koch <wk@gnupg.org>
Date: 2022-06-14 11:33:27 +0200
g10: Fix garbled status messages in NOTATION_DATA
* g10/cpr.c (write_status_text_and_buffer): Fix off-by-one
--
Depending on the escaping and line wrapping the computed remaining
buffer length could be wrong. Fixed by always using a break to
terminate the escape detection loop. Might have happened for all
status lines which may wrap.
GnuPG-bug-id: T6027
diff --git a/g10/cpr.c b/g10/cpr.c
index 9bfdd3c34..fa8005d6f 100644
--- a/g10/cpr.c
+++ b/g10/cpr.c
@@ -372,20 +372,15 @@ write_status_text_and_buffer (int no, const char *string,
}
first = 0;
}
- for (esc=0, s=buffer, n=len; n && !esc; s++, n--)
+ for (esc=0, s=buffer, n=len; n; s++, n--)
{
if (*s == '%' || *(const byte*)s <= lower_limit
|| *(const byte*)s == 127 )
esc = 1;
if (wrap && ++count > wrap)
- {
- dowrap=1;
- break;
- }
- }
- if (esc)
- {
- s--; n++;
+ dowrap=1;
+ if (esc || dowrap)
+ break;
}
if (s != buffer)
es_fwrite (buffer, s-buffer, 1, statusfp);

216
pkgs/tools/security/gnupg/v3-0001-Disallow-compressed-signatures-and-certificates.patch Normal file
View file

@ -0,0 +1,216 @@
From 459b61fa21db755d6c879c3ef9ab85b3d1786c9f Mon Sep 17 00:00:00 2001
From: Demi Marie Obenour <demi () invisiblethingslab com>
Date: Fri, 27 May 2022 19:51:19 -0400
Subject: [PATCH GnuPG v3] Disallow compressed signatures and certificates
Compressed packets have significant attack surface, due to the potential
for both denial of service (zip bombs and the like) and for code
execution via memory corruption vulnerabilities in the decompressor.
Furthermore, I am not aware of any implementation that uses them in keys
or detached signatures. Therefore, disallow their use in such contexts
entirely. This includes signatures that are part of a cleartext-signed
message.
When parsing detached signatures, forbid any packet that is not a
signature or marker packet. When parsing keys, return an error when
encountering a compressed packet, instead of decompressing the packet.
Furthermore, certificates, keys, and signatures are not allowed to
contain partial-length or indeterminate-length packets. Reject those in
parse_packet, rather than activating the partial-length filter code.
This is not (yet) implemented for cleartext-signed messages, as these
messages are internally represented as inline-signed messages.
GnuPG-bug-id: T5993
Signed-off-by: Demi Marie Obenour <demiobenour () gmail com>
---
g10/import.c | 18 ++----------------
g10/mainproc.c | 24 +++++++++++++++++++++---
g10/packet.h | 2 ++
g10/parse-packet.c | 44 +++++++++++++++++++++++++++++++++++++++++++-
4 files changed, 68 insertions(+), 20 deletions(-)
diff --git a/g10/import.c b/g10/import.c
index bb0bf67934a8316130cde182cd43d56353e0171d..a8136351f6f7dae8c65634ed8e1c242d323e2009 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -1042,22 +1042,8 @@ read_block( IOBUF a, unsigned int options,
switch (pkt->pkttype)
{
case PKT_COMPRESSED:
- if (check_compress_algo (pkt->pkt.compressed->algorithm))
- {
- rc = GPG_ERR_COMPR_ALGO;
- goto ready;
- }
- else
- {
- compress_filter_context_t *cfx = xmalloc_clear( sizeof *cfx );
- pkt->pkt.compressed->buf = NULL;
- if (push_compress_filter2 (a, cfx,
- pkt->pkt.compressed->algorithm, 1))
- xfree (cfx); /* e.g. in case of compression_algo NONE. */
- }
- free_packet (pkt, &parsectx);
- init_packet(pkt);
- break;
+ rc = GPG_ERR_UNEXPECTED;
+ goto ready;
case PKT_RING_TRUST:
/* Skip those packets unless we are in restore mode. */
diff --git a/g10/mainproc.c b/g10/mainproc.c
index af11877aa257e46662c42b6ff573ee01c3ad1547..3629fc921b742afd131e8d8e2664b201095990f0 100644
--- a/g10/mainproc.c
+++ b/g10/mainproc.c
@@ -152,6 +152,7 @@ add_onepass_sig (CTX c, PACKET *pkt)
{
kbnode_t node;
+ log_assert(!(c->sigs_only && c->signed_data.used));
if (c->list) /* Add another packet. */
add_kbnode (c->list, new_kbnode (pkt));
else /* Insert the first one. */
@@ -1076,8 +1077,16 @@ proc_compressed (CTX c, PACKET *pkt)
int rc;
/*printf("zip: compressed data packet\n");*/
- if (c->sigs_only)
- rc = handle_compressed (c->ctrl, c, zd, proc_compressed_cb, c);
+ if ( literals_seen )
+ {
+ log_error ("Compressed packet follows literal data packet\n");
+ rc = GPG_ERR_UNEXPECTED;
+ }
+ else if ( c->sigs_only )
+ {
+ log_assert(!c->signed_data.used);
+ rc = handle_compressed (c->ctrl, c, zd, proc_compressed_cb, c);
+ }
else if( c->encrypt_only )
rc = handle_compressed (c->ctrl, c, zd, proc_encrypt_cb, c);
else
@@ -1596,6 +1605,7 @@ do_proc_packets (CTX c, iobuf_t a)
c->iobuf = a;
init_packet(pkt);
init_parse_packet (&parsectx, a);
+ parsectx.sigs_only = c->sigs_only && c->signed_data.used;
while ((rc=parse_packet (&parsectx, pkt)) != -1)
{
any_data = 1;
@@ -1607,6 +1617,12 @@ do_proc_packets (CTX c, iobuf_t a)
if (gpg_err_code (rc) == GPG_ERR_INV_PACKET
&& opt.list_packets == 0)
break;
+
+ if (gpg_err_code (rc) == GPG_ERR_UNEXPECTED)
+ {
+ write_status_text( STATUS_UNEXPECTED, "0" );
+ goto leave;
+ }
continue;
}
newpkt = -1;
@@ -1644,7 +1660,9 @@ do_proc_packets (CTX c, iobuf_t a)
case PKT_COMPRESSED: rc = proc_compressed (c, pkt); break;
case PKT_ONEPASS_SIG: newpkt = add_onepass_sig (c, pkt); break;
case PKT_GPG_CONTROL: newpkt = add_gpg_control (c, pkt); break;
- default: newpkt = 0; break;
+ default:
+ log_assert(!c->signed_data.used);
+ newpkt = 0; break;
}
}
else if (c->encrypt_only)
diff --git a/g10/packet.h b/g10/packet.h
index 5a14015a16c872fe7b0b15468598daf7a05ffc02..82dfe786b46051491e7015e64441678140defa9e 100644
--- a/g10/packet.h
+++ b/g10/packet.h
@@ -657,6 +657,7 @@ struct parse_packet_ctx_s
int free_last_pkt; /* Indicates that LAST_PKT must be freed. */
int skip_meta; /* Skip ring trust packets. */
unsigned int n_parsed_packets; /* Number of parsed packets. */
+ int sigs_only; /* Only accept detached signature packets */
};
typedef struct parse_packet_ctx_s *parse_packet_ctx_t;
@@ -667,6 +668,7 @@ typedef struct parse_packet_ctx_s *parse_packet_ctx_t;
(a)->free_last_pkt = 0; \
(a)->skip_meta = 0; \
(a)->n_parsed_packets = 0; \
+ (a)->sigs_only = 0; \
} while (0)
#define deinit_parse_packet(a) do { \
diff --git a/g10/parse-packet.c b/g10/parse-packet.c
index cea1f7ebc5daec3863ae963c1ab25500f86796fe..dca66ff427ea6778e536782ec6bda83584877342 100644
--- a/g10/parse-packet.c
+++ b/g10/parse-packet.c
@@ -738,6 +738,20 @@ parse (parse_packet_ctx_t ctx, PACKET *pkt, int onlykeypkts, off_t * retpos,
case PKT_ENCRYPTED_MDC:
case PKT_ENCRYPTED_AEAD:
case PKT_COMPRESSED:
+ if (ctx->sigs_only)
+ {
+ log_error (_("partial length packet of type %d in detached"
+ " signature\n"), pkttype);
+ rc = gpg_error (GPG_ERR_UNEXPECTED);
+ goto leave;
+ }
+ if (onlykeypkts)
+ {
+ log_error (_("partial length packet of type %d in keyring\n"),
+ pkttype);
+ rc = gpg_error (GPG_ERR_UNEXPECTED);
+ goto leave;
+ }
iobuf_set_partial_body_length_mode (inp, c & 0xff);
pktlen = 0; /* To indicate partial length. */
partial = 1;
@@ -775,6 +789,20 @@ parse (parse_packet_ctx_t ctx, PACKET *pkt, int onlykeypkts, off_t * retpos,
rc = gpg_error (GPG_ERR_INV_PACKET);
goto leave;
}
+ else if (ctx->sigs_only)
+ {
+ log_error (_("indeterminate length packet of type %d in detached"
+ " signature\n"), pkttype);
+ rc = gpg_error (GPG_ERR_UNEXPECTED);
+ goto leave;
+ }
+ else if (onlykeypkts)
+ {
+ log_error (_("indeterminate length packet of type %d in"
+ " keyring\n"), pkttype);
+ rc = gpg_error (GPG_ERR_UNEXPECTED);
+ goto leave;
+ }
}
else
{
@@ -828,7 +856,21 @@ parse (parse_packet_ctx_t ctx, PACKET *pkt, int onlykeypkts, off_t * retpos,
goto leave;
}
- if (with_uid && pkttype == PKT_USER_ID)
+ if (ctx->sigs_only)
+ switch (pkttype)
+ {
+ case PKT_SIGNATURE:
+ case PKT_MARKER:
+ break;
+ default:
+ log_error(_("Packet type %d not allowed in detached signature\n"),
+ pkttype);
+ iobuf_skip_rest (inp, pktlen, partial);
+ *skip = 1;
+ rc = GPG_ERR_UNEXPECTED;
+ goto leave;
+ }
+ else if (with_uid && pkttype == PKT_USER_ID)
/* If ONLYKEYPKTS is set to 2, then we never skip user id packets,
even if DO_SKIP is set. */
;
--
2.36.1

25
pkgs/tools/system/skeema/default.nix
View file

@ -1,4 +1,4 @@
{ lib, buildGoModule, fetchFromGitHub }:
{ lib, buildGoModule, fetchFromGitHub, coreutils }:
buildGoModule rec {
pname = "skeema";
@ -17,6 +17,29 @@ buildGoModule rec {
ldflags = [ "-s" "-w" ];
preCheck = ''
# Disable tests requiring network access to gitlab.com
buildFlagsArray+=("-run" "[^(Test(ParseDir(Symlinks|))|DirRelPath)]")
# Fix tests expecting /usr/bin/printf and /bin/echo
substituteInPlace skeema_cmd_test.go \
--replace /usr/bin/printf "${coreutils}/bin/printf"
substituteInPlace internal/fs/dir_test.go \
--replace /bin/echo "${coreutils}/bin/echo" \
--replace /usr/bin/printf "${coreutils}/bin/printf"
substituteInPlace internal/applier/ddlstatement_test.go \
--replace /bin/echo "${coreutils}/bin/echo"
substituteInPlace internal/util/shellout_unix_test.go \
--replace /bin/echo "${coreutils}/bin/echo" \
--replace /usr/bin/printf "${coreutils}/bin/printf"
substituteInPlace internal/util/shellout_unix_test.go \
--replace /bin/echo "${coreutils}/bin/echo"
'';
checkFlags = [ "-short" ];
meta = with lib; {

8
pkgs/tools/text/gucci/default.nix
View file

@ -21,6 +21,14 @@ buildGoModule rec {
checkFlags = [ "-short" ];
# Integration tests rely on Ginkgo but fail.
# Related: https://github.com/onsi/ginkgo/issues/602
#
# Disable integration tests.
preCheck = ''
buildFlagsArray+=("-run" "[^(TestIntegration)]")
'';
meta = with lib; {
description = "A simple CLI templating tool written in golang";
homepage = "https://github.com/noqcks/gucci";

181
pkgs/tools/typesetting/asciidoc/default.nix
View file

@ -1,39 +1,39 @@
{ fetchurl, lib, stdenv, python3
, fetchFromGitHub, autoreconfHook
, installShellFiles
, enableStandardFeatures ? false
, sourceHighlight ? null
, highlight ? null
, pygments ? null
, graphviz ? null
, texlive ? null
, dblatexFull ? null
, libxslt ? null
, w3m ? null
, lynx ? null
, imagemagick ? null
, lilypond ? null
, libxml2 ? null
, docbook_xml_dtd_45 ? null
, docbook_xsl_ns ? null
, docbook_xsl ? null
, fop ? null
# TODO: Package this:
#, epubcheck ? null
, gnused ? null
, coreutils ? null
, sourceHighlight
, highlight
, pygments
, graphviz
, texlive
, dblatexFull
, libxslt
, w3m
, lynx
, imagemagick
, lilypond
, libxml2
, docbook_xml_dtd_45
, docbook_xsl_ns
, docbook_xsl
, fop
, epubcheck
, gnused
, coreutils
# if true, enable all the below filters and backends
, enableExtraPlugins ? false
# unzip is needed to extract filter and backend plugins
, unzip ? null
, unzip
# filters
, enableDitaaFilter ? false, jre ? null
, enableMscgenFilter ? false, mscgen ? null
, enableDiagFilter ? false, blockdiag ? null, seqdiag ? null, actdiag ? null, nwdiag ? null
, enableQrcodeFilter ? false, qrencode ? null
, enableMatplotlibFilter ? false, matplotlib ? null, numpy ? null
, enableAafigureFilter ? false, aafigure ? null, recursivePthLoader ? null
, enableDitaaFilter ? false, jre
, enableMscgenFilter ? false, mscgen
, enableDiagFilter ? false, blockdiag, seqdiag, actdiag, nwdiag
, enableQrcodeFilter ? false, qrencode
, enableMatplotlibFilter ? false, matplotlib, numpy
, enableAafigureFilter ? false, aafigure, recursivePthLoader
# backends
, enableDeckjsBackend ? false
, enableOdfBackend ? false
@ -44,38 +44,6 @@
, buildPackages
}:
assert enableStandardFeatures ->
sourceHighlight != null &&
highlight != null &&
pygments != null &&
graphviz != null &&
texlive != null &&
dblatexFull != null &&
libxslt != null &&
w3m != null &&
lynx != null &&
imagemagick != null &&
lilypond != null &&
libxml2 != null &&
docbook_xml_dtd_45 != null &&
docbook_xsl_ns != null &&
docbook_xsl != null &&
(fop != null || !enableJava) &&
# TODO: Package this:
# epubcheck != null &&
gnused != null &&
coreutils != null;
# filters
assert enableExtraPlugins || enableDitaaFilter || enableMscgenFilter || enableDiagFilter || enableQrcodeFilter || enableAafigureFilter -> unzip != null;
assert (enableExtraPlugins && enableJava) || enableDitaaFilter -> jre != null;
assert enableExtraPlugins || enableMscgenFilter -> mscgen != null;
assert enableExtraPlugins || enableDiagFilter -> blockdiag != null && seqdiag != null && actdiag != null && nwdiag != null;
assert enableExtraPlugins || enableMatplotlibFilter -> matplotlib != null && numpy != null;
assert enableExtraPlugins || enableAafigureFilter -> aafigure != null && recursivePthLoader != null;
# backends
assert enableExtraPlugins || enableDeckjsBackend || enableOdfBackend -> unzip != null;
let
_enableDitaaFilter = (enableExtraPlugins && enableJava) || enableDitaaFilter;
@ -144,26 +112,24 @@ let
sha256 = "08ya4bskygzqkfqwjllpg31qc5k08xp2k78z9b2480g8y57bfy10";
};
in
stdenv.mkDerivation rec {
in python3.pkgs.buildPythonApplication rec {
pname = "asciidoc"
+ lib.optionalString enableStandardFeatures "-full"
+ lib.optionalString enableExtraPlugins "-with-plugins";
version = "9.1.0";
version = "10.2.0";
# Note: a substitution to improve reproducibility should be updated once 10.0.0 is
# released. See the comment in `patchPhase` for more information.
src = fetchFromGitHub {
owner = "asciidoc";
repo = "asciidoc-py3";
owner = "asciidoc-py";
repo = "asciidoc-py";
rev = version;
sha256 = "1clf1axkns23wfmh48xfspzsnw04pjh4mq1pshpzvj0cwxhz0yaq";
hash = "sha256-TqC0x9xB6e2d6Wc9bgnlqgZVOmYHmUUKfE/CKAiEtag=";
};
strictDeps = true;
nativeBuildInputs = [ python3 unzip autoreconfHook ];
buildInputs = [ python3 ];
nativeBuildInputs = [
autoreconfHook
installShellFiles
unzip
];
# install filters early, so their shebangs are patched too
postPatch = with lib; ''
@ -230,22 +196,22 @@ stdenv.mkDerivation rec {
-e "s|twopi|${graphviz}/bin/twopi|g" \
-e "s|circo|${graphviz}/bin/circo|g" \
-e "s|fdp|${graphviz}/bin/fdp|g" \
-i "filters/graphviz/graphviz2png.py"
-i "asciidoc/resources/filters/graphviz/graphviz2png.py"
sed -e "s|run('latex|run('${texlive}/bin/latex|g" \
-e "s|cmd = 'dvipng'|cmd = '${texlive}/bin/dvipng'|g" \
-e "s|cmd = 'dvisvgm'|cmd = '${texlive}/bin/dvisvgm'|g" \
-i "filters/latex/latex2img.py"
-i "asciidoc/resources/filters/latex/latex2img.py"
sed -e "s|run('abc2ly|run('${lilypond}/bin/abc2ly|g" \
-e "s|run('lilypond|run('${lilypond}/bin/lilypond|g" \
-e "s|run('convert|run('${imagemagick.out}/bin/convert|g" \
-i "filters/music/music2png.py"
-i "asciidoc/resources/filters/music/music2png.py"
sed -e 's|filter="source-highlight|filter="${sourceHighlight}/bin/source-highlight|' \
-e 's|filter="highlight|filter="${highlight}/bin/highlight|' \
-e 's|filter="pygmentize|filter="${pygments}/bin/pygmentize|' \
-i "filters/source/source-highlight-filter.conf"
-i "asciidoc/resources/filters/source/source-highlight-filter.conf"
# ENV is custom environment passed to programs that a2x invokes. Here we
# use it to work around an impurity in the tetex package; tetex tools
@ -260,55 +226,45 @@ stdenv.mkDerivation rec {
-e "s|^W3M =.*|W3M = '${w3m}/bin/w3m'|" \
-e "s|^LYNX =.*|LYNX = '${lynx}/bin/lynx'|" \
-e "s|^XMLLINT =.*|XMLLINT = '${libxml2.bin}/bin/xmllint'|" \
-e "s|^EPUBCHECK =.*|EPUBCHECK = 'nixpkgs_is_missing_epubcheck'|" \
-i a2x.py
-e "s|^EPUBCHECK =.*|EPUBCHECK = '${epubcheck}/bin/epubcheck'|" \
-i asciidoc/a2x.py
'' else ''
sed -e "s|^ENV =.*|ENV = dict(XML_CATALOG_FILES='${docbook_xml_dtd_45}/xml/dtd/docbook/catalog.xml ${docbook_xsl_ns}/xml/xsl/docbook/catalog.xml ${docbook_xsl}/xml/xsl/docbook/catalog.xml')|" \
-e "s|^XSLTPROC =.*|XSLTPROC = '${libxslt.bin}/bin/xsltproc'|" \
-e "s|^XMLLINT =.*|XMLLINT = '${libxml2.bin}/bin/xmllint'|" \
-i a2x.py
-i asciidoc/a2x.py
'') + ''
patchShebangs --host \
asciidoc.py \
a2x.py \
tests/testasciidoc.py \
filters/code/code-filter.py \
filters/latex/latex2img.py \
filters/music/music2png.py \
filters/unwraplatex.py \
filters/graphviz/graphviz2png.py
# Hardcode the path to its own asciidoc.
# This helps with cross-compilation.
substituteInPlace a2x.py \
--replace "find_executable(ASCIIDOC)" "'${placeholder "out"}/bin/asciidoc'"
# Note: this substitution will not work in the planned 10.0.0 release:
#
# https://github.com/asciidoc/asciidoc-py3/commit/dfffda23381014481cd13e8e9d8f131e1f93f08a
#
# Update this substitution to:
#
# --replace "python3 -m asciidoc.a2x" "python3 -m asciidoc.a2x -a revdate=01/01/1980"
substituteInPlace Makefile.in \
--replace "python3 a2x.py" "python3 a2x.py -a revdate=01/01/1980"
# Fix tests
for f in $(grep -R --files-with-matches "2002-11-25") ; do
substituteInPlace $f --replace "2002-11-25" "1970-01-01"
substituteInPlace $f --replace "00:37:42" "00:00:01"
substituteInPlace $f --replace "2002-11-25" "1980-01-02"
substituteInPlace $f --replace "00:37:42" "00:00:00"
done
'' + lib.optionalString (stdenv.buildPlatform != stdenv.hostPlatform) ''
# We want to use asciidoc from the build platform to build the documentation.
substituteInPlace Makefile.in \
--replace "python3 a2x.py" "python3 ${buildPackages.asciidoc}/bin/a2x.py"
--replace "python3 -m asciidoc.a2x" "${buildPackages.asciidoc}/bin/a2x"
'';
preInstall = "mkdir -p $out/etc/vim";
makeFlags = lib.optional stdenv.isCygwin "DESTDIR=/.";
postBuild = ''
make manpages
'';
checkInputs = [ sourceHighlight ];
doCheck = true;
postInstall = ''
installManPage doc/asciidoc.1 doc/a2x.1 doc/testasciidoc.1
'';
checkInputs = with python3.pkgs; [
pytest
pytest-mock
];
checkPhase = ''
runHook preCheck
make test
runHook postCheck
'';
meta = with lib; {
description = "Text-based document generation system";
@ -325,9 +281,10 @@ stdenv.mkDerivation rec {
sourceProvenance = with sourceTypes; [
fromSource
] ++ lib.optional _enableDitaaFilter binaryBytecode;
homepage = "http://www.methods.co.nz/asciidoc/";
homepage = "https://asciidoc-py.github.io/";
changelog = "https://github.com/asciidoc-py/asciidoc-py/blob/${src.rev}/CHANGELOG.adoc";
license = licenses.gpl2Plus;
platforms = platforms.unix;
maintainers = [ maintainers.bjornfor ];
maintainers = with maintainers; [ bjornfor dotlambda ];
};
}

44
pkgs/top-level/all-packages.nix
View file

@ -4601,21 +4601,17 @@ with pkgs;
arpoison = callPackage ../tools/networking/arpoison { };
asciidoc = callPackage ../tools/typesetting/asciidoc {
inherit (python3.pkgs) matplotlib numpy aafigure recursivePthLoader;
inherit (python3.pkgs) pygments matplotlib numpy aafigure recursivePthLoader;
texlive = texlive.combine { inherit (texlive) scheme-minimal dvipng; };
w3m = w3m-batch;
enableStandardFeatures = false;
};
asciidoc-full = asciidoc.override {
inherit (python3.pkgs) pygments;
texlive = texlive.combine { inherit (texlive) scheme-minimal dvipng; };
w3m = w3m-batch;
enableStandardFeatures = true;
};
asciidoc-full-with-plugins = asciidoc.override {
inherit (python3.pkgs) pygments;
texlive = texlive.combine { inherit (texlive) scheme-minimal dvipng; };
w3m = w3m-batch;
enableStandardFeatures = true;
enableExtraPlugins = true;
};
@ -15527,20 +15523,27 @@ with pkgs;
ctmg = callPackage ../tools/security/ctmg { };
cmake = libsForQt5.callPackage ../development/tools/build-managers/cmake {
cmake = callPackage ../development/tools/build-managers/cmake {
inherit (darwin.apple_sdk.frameworks) SystemConfiguration;
inherit (libsForQt5) qtbase wrapQtAppsHook;
};
cmakeMinimal = libsForQt5.callPackage ../development/tools/build-managers/cmake {
cmakeMinimal = callPackage ../development/tools/build-managers/cmake {
isBootstrap = true;
qtbase = null;
wrapQtAppsHook = null;
# There is no SystemConfiguration in bootstrapTools, so this version gets
# patched to remove that dependency.
SystemConfiguration = null;
};
cmakeCurses = cmake.override { useNcurses = true; };
cmakeCurses = cmake.override {
uiToolkits = [ "ncurses" ];
};
cmakeWithGui = cmakeCurses.override { withQt5 = true; };
cmakeWithGui = cmake.override {
uiToolkits = [ "ncurses" "qt5" ];
};
cmake-format = python3Packages.callPackage ../development/tools/cmake-format { };
@ -21042,23 +21045,6 @@ with pkgs;
sphinx = with python3Packages; toPythonApplication sphinx;
# A variation of sphinx that is only suitable for offline use as it excludes
# pyopenssl, which is broken on aarch64-darwin.
# https://github.com/NixOS/nixpkgs/issues/175875
sphinx_offline =
if !(stdenv.buildPlatform.isDarwin && stdenv.buildPlatform.isAarch64)
then sphinx
else
sphinx.override (o: {
requests = pkgsBuildTarget.python3Packages.requests.override (o: {
urllib3 = pkgsBuildTarget.python3Packages.urllib3.overrideAttrs (o: {
# urllib3 adds the optional pyopenssl to propagatedBuildInputs
# pkgs/development/python-modules/urllib3/default.nix
propagatedBuildInputs = [];
});
});
});
sphinx-autobuild = with python3Packages; toPythonApplication sphinx-autobuild;
sphinx-serve = with python3Packages; toPythonApplication sphinx-serve;
@ -23452,7 +23438,7 @@ with pkgs;
# latest 6.8 mysteriously fails to parse '@headings single':
# https://lists.gnu.org/archive/html/bug-texinfo/2021-09/msg00011.html
texinfo = texinfo6_7;
texinfo = buildPackages.texinfo6_7;
};
gpm-ncurses = gpm.override { inherit ncurses; };

25
pkgs/top-level/haskell-packages.nix
View file

@ -49,8 +49,6 @@ let
# Use this rather than `rec { ... }` below for sake of overlays.
inherit (pkgs.haskell) compiler packages;
sphinx = buildPackages.sphinx_offline;
in {
lib = haskellLibUncomposable;
@ -99,7 +97,7 @@ in {
packages.ghc8102Binary
else
packages.ghc865Binary;
inherit sphinx;
inherit (buildPackages.python3Packages) sphinx;
buildTargetLlvmPackages = pkgsBuildTarget.llvmPackages_7;
llvmPackages = pkgs.llvmPackages_7;
};
@ -110,9 +108,12 @@ in {
# Musl bindists do not exist for ghc 8.6.5, so we use 8.10.* for them
if stdenv.isAarch64 || stdenv.isAarch32 then
packages.ghc8107BinaryMinimal
else if stdenv.hostPlatform.isPower64 && stdenv.hostPlatform.isLittleEndian then
# to my (@a-m-joseph) knowledge there are no newer official binaries for this platform
packages.ghc865Binary
else
packages.ghc8107Binary;
inherit sphinx;
inherit (buildPackages.python3Packages) sphinx;
# Need to use apple's patched xattr until
# https://github.com/xattr/xattr/issues/44 and
# https://github.com/xattr/xattr/issues/55 are solved.
@ -126,9 +127,11 @@ in {
# the oldest ghc with aarch64-darwin support is 8.10.5
if stdenv.isAarch64 || stdenv.isAarch32 then
packages.ghc8107BinaryMinimal
else if stdenv.hostPlatform.isPower64 && stdenv.hostPlatform.isLittleEndian then
packages.ghc8107
else
packages.ghc8107Binary;
inherit sphinx;
inherit (buildPackages.python3Packages) sphinx;
inherit (buildPackages.darwin) autoSignDarwinBinariesHook xattr;
buildTargetLlvmPackages = pkgsBuildTarget.llvmPackages_12;
llvmPackages = pkgs.llvmPackages_12;
@ -138,9 +141,11 @@ in {
# aarch64 ghc8107Binary exceeds max output size on hydra
if stdenv.isAarch64 || stdenv.isAarch32 then
packages.ghc8107BinaryMinimal
else if stdenv.hostPlatform.isPower64 && stdenv.hostPlatform.isLittleEndian then
packages.ghc8107
else
packages.ghc8107Binary;
inherit sphinx;
inherit (buildPackages.python3Packages) sphinx;
# Need to use apple's patched xattr until
# https://github.com/xattr/xattr/issues/44 and
# https://github.com/xattr/xattr/issues/55 are solved.
@ -149,8 +154,12 @@ in {
llvmPackages = pkgs.llvmPackages_12;
};
ghcHEAD = callPackage ../development/compilers/ghc/head.nix {
bootPkgs = packages.ghc8107Binary;
inherit sphinx;
bootPkgs =
if stdenv.hostPlatform.isPower64 && stdenv.hostPlatform.isLittleEndian then
packages.ghc8107
else
packages.ghc8107Binary;
inherit (buildPackages.python3Packages) sphinx;
# Need to use apple's patched xattr until
# https://github.com/xattr/xattr/issues/44 and
# https://github.com/xattr/xattr/issues/55 are solved.