diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 33d27796b29..98ac1948e68 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -347,6 +347,7 @@ ./services/continuous-integration/hercules-ci-agent/default.nix ./services/continuous-integration/hydra/default.nix ./services/continuous-integration/github-runner.nix + ./services/continuous-integration/github-runners.nix ./services/continuous-integration/gitlab-runner.nix ./services/continuous-integration/gocd-agent/default.nix ./services/continuous-integration/gocd-server/default.nix diff --git a/nixos/modules/services/continuous-integration/github-runner.nix b/nixos/modules/services/continuous-integration/github-runner.nix index 2ece75722a1..24d02c931a4 100644 --- a/nixos/modules/services/continuous-integration/github-runner.nix +++ b/nixos/modules/services/continuous-integration/github-runner.nix @@ -1,396 +1,23 @@ -{ config, pkgs, lib, ... }: +{ config +, pkgs +, lib +, ... +}@args: + with lib; + let cfg = config.services.github-runner; - svcName = "github-runner"; - systemdDir = "${svcName}/${cfg.name}"; - # %t: Runtime directory root (usually /run); see systemd.unit(5) - runtimeDir = "%t/${systemdDir}"; - # %S: State directory root (usually /var/lib); see systemd.unit(5) - stateDir = "%S/${systemdDir}"; - # %L: Log directory root (usually /var/log); see systemd.unit(5) - logsDir = "%L/${systemdDir}"; - # Name of file stored in service state directory - currentConfigTokenFilename = ".current-token"; in + { - options.services.github-runner = { - enable = mkOption { - default = false; - example = true; - description = lib.mdDoc '' - Whether to enable GitHub Actions runner. - - Note: GitHub recommends using self-hosted runners with private repositories only. Learn more here: - [About self-hosted runners](https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners). - ''; - type = lib.types.bool; - }; - - url = mkOption { - type = types.str; - description = lib.mdDoc '' - Repository to add the runner to. - - Changing this option triggers a new runner registration. - - IMPORTANT: If your token is org-wide (not per repository), you need to - provide a github org link, not a single repository, so do it like this - `https://github.com/nixos`, not like this - `https://github.com/nixos/nixpkgs`. - Otherwise, you are going to get a `404 NotFound` - from `POST https://api.github.com/actions/runner-registration` - in the configure script. - ''; - example = "https://github.com/nixos/nixpkgs"; - }; - - tokenFile = mkOption { - type = types.path; - description = lib.mdDoc '' - The full path to a file which contains either a runner registration token or a - personal access token (PAT). - The file should contain exactly one line with the token without any newline. - If a registration token is given, it can be used to re-register a runner of the same - name but is time-limited. If the file contains a PAT, the service creates a new - registration token on startup as needed. Make sure the PAT has a scope of - `admin:org` for organization-wide registrations or a scope of - `repo` for a single repository. - - Changing this option or the file's content triggers a new runner registration. - ''; - example = "/run/secrets/github-runner/nixos.token"; - }; - - name = mkOption { - # Same pattern as for `networking.hostName` - type = types.strMatching "^$|^[[:alnum:]]([[:alnum:]_-]{0,61}[[:alnum:]])?$"; - description = lib.mdDoc '' - Name of the runner to configure. Defaults to the hostname. - - Changing this option triggers a new runner registration. - ''; - example = "nixos"; - default = config.networking.hostName; - defaultText = literalExpression "config.networking.hostName"; - }; - - runnerGroup = mkOption { - type = types.nullOr types.str; - description = lib.mdDoc '' - Name of the runner group to add this runner to (defaults to the default runner group). - - Changing this option triggers a new runner registration. - ''; - default = null; - }; - - extraLabels = mkOption { - type = types.listOf types.str; - description = lib.mdDoc '' - Extra labels in addition to the default (`["self-hosted", "Linux", "X64"]`). - - Changing this option triggers a new runner registration. - ''; - example = literalExpression ''[ "nixos" ]''; - default = [ ]; - }; - - replace = mkOption { - type = types.bool; - description = lib.mdDoc '' - Replace any existing runner with the same name. - - Without this flag, registering a new runner with the same name fails. - ''; - default = false; - }; - - extraPackages = mkOption { - type = types.listOf types.package; - description = lib.mdDoc '' - Extra packages to add to `PATH` of the service to make them available to workflows. - ''; - default = [ ]; - }; - - package = mkOption { - type = types.package; - description = lib.mdDoc '' - Which github-runner derivation to use. - ''; - default = pkgs.github-runner; - defaultText = literalExpression "pkgs.github-runner"; - }; - - ephemeral = mkOption { - type = types.bool; - description = lib.mdDoc '' - If enabled, causes the following behavior: - - - Passes the `--ephemeral` flag to the runner configuration script - - De-registers and stops the runner with GitHub after it has processed one job - - On stop, systemd wipes the runtime directory (this always happens, even without using the ephemeral option) - - Restarts the service after its successful exit - - On start, wipes the state directory and configures a new runner - - You should only enable this option if `tokenFile` points to a file which contains a - personal access token (PAT). If you're using the option with a registration token, restarting the - service will fail as soon as the registration token expired. - ''; - default = false; - }; - }; + options.services.github-runner = import ./github-runner/options.nix (args // { + # Users don't need to specify options.services.github-runner.name; it will default + # to the hostname. + includeNameDefault = true; + }); config = mkIf cfg.enable { - warnings = optionals (isStorePath cfg.tokenFile) [ - '' - `services.github-runner.tokenFile` points to the Nix store and, therefore, is world-readable. - Consider using a path outside of the Nix store to keep the token private. - '' - ]; - - systemd.services.${svcName} = { - description = "GitHub Actions runner"; - - wantedBy = [ "multi-user.target" ]; - wants = [ "network-online.target" ]; - after = [ "network.target" "network-online.target" ]; - - environment = { - HOME = runtimeDir; - RUNNER_ROOT = stateDir; - }; - - path = (with pkgs; [ - bash - coreutils - git - gnutar - gzip - ]) ++ [ - config.nix.package - ] ++ cfg.extraPackages; - - serviceConfig = rec { - ExecStart = "${cfg.package}/bin/Runner.Listener run --startuptype service"; - - # Does the following, sequentially: - # - If the module configuration or the token has changed, purge the state directory, - # and create the current and the new token file with the contents of the configured - # token. While both files have the same content, only the later is accessible by - # the service user. - # - Configure the runner using the new token file. When finished, delete it. - # - Set up the directory structure by creating the necessary symlinks. - ExecStartPre = - let - # Wrapper script which expects the full path of the state, runtime and logs - # directory as arguments. Overrides the respective systemd variables to provide - # unambiguous directory names. This becomes relevant, for example, if the - # caller overrides any of the StateDirectory=, RuntimeDirectory= or LogDirectory= - # to contain more than one directory. This causes systemd to set the respective - # environment variables with the path of all of the given directories, separated - # by a colon. - writeScript = name: lines: pkgs.writeShellScript "${svcName}-${name}.sh" '' - set -euo pipefail - - STATE_DIRECTORY="$1" - RUNTIME_DIRECTORY="$2" - LOGS_DIRECTORY="$3" - - ${lines} - ''; - runnerRegistrationConfig = getAttrs [ "name" "tokenFile" "url" "runnerGroup" "extraLabels" "ephemeral" ] cfg; - newConfigPath = builtins.toFile "${svcName}-config.json" (builtins.toJSON runnerRegistrationConfig); - currentConfigPath = "$STATE_DIRECTORY/.nixos-current-config.json"; - newConfigTokenPath= "$STATE_DIRECTORY/.new-token"; - currentConfigTokenPath = "$STATE_DIRECTORY/${currentConfigTokenFilename}"; - - runnerCredFiles = [ - ".credentials" - ".credentials_rsaparams" - ".runner" - ]; - unconfigureRunner = writeScript "unconfigure" '' - copy_tokens() { - # Copy the configured token file to the state dir and allow the service user to read the file - install --mode=666 ${escapeShellArg cfg.tokenFile} "${newConfigTokenPath}" - # Also copy current file to allow for a diff on the next start - install --mode=600 ${escapeShellArg cfg.tokenFile} "${currentConfigTokenPath}" - } - - clean_state() { - find "$STATE_DIRECTORY/" -mindepth 1 -delete - copy_tokens - } - - diff_config() { - changed=0 - - # Check for module config changes - [[ -f "${currentConfigPath}" ]] \ - && ${pkgs.diffutils}/bin/diff -q '${newConfigPath}' "${currentConfigPath}" >/dev/null 2>&1 \ - || changed=1 - - # Also check the content of the token file - [[ -f "${currentConfigTokenPath}" ]] \ - && ${pkgs.diffutils}/bin/diff -q "${currentConfigTokenPath}" ${escapeShellArg cfg.tokenFile} >/dev/null 2>&1 \ - || changed=1 - - # If the config has changed, remove old state and copy tokens - if [[ "$changed" -eq 1 ]]; then - echo "Config has changed, removing old runner state." - echo "The old runner will still appear in the GitHub Actions UI." \ - "You have to remove it manually." - clean_state - fi - } - - if [[ "${optionalString cfg.ephemeral "1"}" ]]; then - # In ephemeral mode, we always want to start with a clean state - clean_state - elif [[ "$(ls -A "$STATE_DIRECTORY")" ]]; then - # There are state files from a previous run; diff them to decide if we need a new registration - diff_config - else - # The state directory is entirely empty which indicates a first start - copy_tokens - fi - ''; - configureRunner = writeScript "configure" '' - if [[ -e "${newConfigTokenPath}" ]]; then - echo "Configuring GitHub Actions Runner" - - args=( - --unattended - --disableupdate - --work "$RUNTIME_DIRECTORY" - --url ${escapeShellArg cfg.url} - --labels ${escapeShellArg (concatStringsSep "," cfg.extraLabels)} - --name ${escapeShellArg cfg.name} - ${optionalString cfg.replace "--replace"} - ${optionalString (cfg.runnerGroup != null) "--runnergroup ${escapeShellArg cfg.runnerGroup}"} - ${optionalString cfg.ephemeral "--ephemeral"} - ) - - # If the token file contains a PAT (i.e., it starts with "ghp_"), we have to use the --pat option, - # if it is not a PAT, we assume it contains a registration token and use the --token option - token=$(<"${newConfigTokenPath}") - if [[ "$token" =~ ^ghp_* ]]; then - args+=(--pat "$token") - else - args+=(--token "$token") - fi - - ${cfg.package}/bin/config.sh "''${args[@]}" - - # Move the automatically created _diag dir to the logs dir - mkdir -p "$STATE_DIRECTORY/_diag" - cp -r "$STATE_DIRECTORY/_diag/." "$LOGS_DIRECTORY/" - rm -rf "$STATE_DIRECTORY/_diag/" - - # Cleanup token from config - rm "${newConfigTokenPath}" - - # Symlink to new config - ln -s '${newConfigPath}' "${currentConfigPath}" - fi - ''; - setupRuntimeDir = writeScript "setup-runtime-dirs" '' - # Link _diag dir - ln -s "$LOGS_DIRECTORY" "$RUNTIME_DIRECTORY/_diag" - - # Link the runner credentials to the runtime dir - ln -s "$STATE_DIRECTORY"/{${lib.concatStringsSep "," runnerCredFiles}} "$RUNTIME_DIRECTORY/" - ''; - in - map (x: "${x} ${escapeShellArgs [ stateDir runtimeDir logsDir ]}") [ - "+${unconfigureRunner}" # runs as root - configureRunner - setupRuntimeDir - ]; - - # If running in ephemeral mode, restart the service on-exit (i.e., successful de-registration of the runner) - # to trigger a fresh registration. - Restart = if cfg.ephemeral then "on-success" else "no"; - - # Contains _diag - LogsDirectory = [ systemdDir ]; - # Default RUNNER_ROOT which contains ephemeral Runner data - RuntimeDirectory = [ systemdDir ]; - # Home of persistent runner data, e.g., credentials - StateDirectory = [ systemdDir ]; - StateDirectoryMode = "0700"; - WorkingDirectory = runtimeDir; - - InaccessiblePaths = [ - # Token file path given in the configuration, if visible to the service - "-${cfg.tokenFile}" - # Token file in the state directory - "${stateDir}/${currentConfigTokenFilename}" - ]; - - # By default, use a dynamically allocated user - DynamicUser = true; - - KillSignal = "SIGINT"; - - # Hardening (may overlap with DynamicUser=) - # The following options are only for optimizing: - # systemd-analyze security github-runner - AmbientCapabilities = ""; - CapabilityBoundingSet = ""; - # ProtectClock= adds DeviceAllow=char-rtc r - DeviceAllow = ""; - NoNewPrivileges = true; - PrivateDevices = true; - PrivateMounts = true; - PrivateTmp = true; - PrivateUsers = true; - ProtectClock = true; - ProtectControlGroups = true; - ProtectHome = true; - ProtectHostname = true; - ProtectKernelLogs = true; - ProtectKernelModules = true; - ProtectKernelTunables = true; - ProtectSystem = "strict"; - RemoveIPC = true; - RestrictNamespaces = true; - RestrictRealtime = true; - RestrictSUIDSGID = true; - UMask = "0066"; - ProtectProc = "invisible"; - SystemCallFilter = [ - "~@clock" - "~@cpu-emulation" - "~@module" - "~@mount" - "~@obsolete" - "~@raw-io" - "~@reboot" - "~capset" - "~setdomainname" - "~sethostname" - ]; - RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" "AF_NETLINK" ]; - - # Needs network access - PrivateNetwork = false; - # Cannot be true due to Node - MemoryDenyWriteExecute = false; - - # The more restrictive "pid" option makes `nix` commands in CI emit - # "GC Warning: Couldn't read /proc/stat" - # You may want to set this to "pid" if not using `nix` commands - ProcSubset = "all"; - # Coverage programs for compiled code such as `cargo-tarpaulin` disable - # ASLR (address space layout randomization) which requires the - # `personality` syscall - # You may want to set this to `true` if not using coverage tooling on - # compiled code - LockPersonality = false; - }; - }; + services.github-runners.${cfg.name} = cfg; }; } diff --git a/nixos/modules/services/continuous-integration/github-runner/options.nix b/nixos/modules/services/continuous-integration/github-runner/options.nix new file mode 100644 index 00000000000..ae89d3a3bfb --- /dev/null +++ b/nixos/modules/services/continuous-integration/github-runner/options.nix @@ -0,0 +1,172 @@ +{ config +, lib +, pkgs +, includeNameDefault +, ... +}: + +with lib; + +{ + enable = mkOption { + default = false; + example = true; + description = lib.mdDoc '' + Whether to enable GitHub Actions runner. + + Note: GitHub recommends using self-hosted runners with private repositories only. Learn more here: + [About self-hosted runners](https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners). + ''; + type = lib.types.bool; + }; + + url = mkOption { + type = types.str; + description = lib.mdDoc '' + Repository to add the runner to. + + Changing this option triggers a new runner registration. + + IMPORTANT: If your token is org-wide (not per repository), you need to + provide a github org link, not a single repository, so do it like this + `https://github.com/nixos`, not like this + `https://github.com/nixos/nixpkgs`. + Otherwise, you are going to get a `404 NotFound` + from `POST https://api.github.com/actions/runner-registration` + in the configure script. + ''; + example = "https://github.com/nixos/nixpkgs"; + }; + + tokenFile = mkOption { + type = types.path; + description = lib.mdDoc '' + The full path to a file which contains either a runner registration token or a + personal access token (PAT). + The file should contain exactly one line with the token without any newline. + If a registration token is given, it can be used to re-register a runner of the same + name but is time-limited. If the file contains a PAT, the service creates a new + registration token on startup as needed. Make sure the PAT has a scope of + `admin:org` for organization-wide registrations or a scope of + `repo` for a single repository. + + Changing this option or the file's content triggers a new runner registration. + ''; + example = "/run/secrets/github-runner/nixos.token"; + }; + + name = let + # Same pattern as for `networking.hostName` + baseType = types.strMatching "^$|^[[:alnum:]]([[:alnum:]_-]{0,61}[[:alnum:]])?$"; + in mkOption { + type = if includeNameDefault then baseType else types.nullOr baseType; + description = lib.mdDoc '' + Name of the runner to configure. Defaults to the hostname. + + Changing this option triggers a new runner registration. + ''; + example = "nixos"; + } // (if includeNameDefault then { + default = config.networking.hostName; + defaultText = literalExpression "config.networking.hostName"; + } else { + default = null; + }); + + runnerGroup = mkOption { + type = types.nullOr types.str; + description = lib.mdDoc '' + Name of the runner group to add this runner to (defaults to the default runner group). + + Changing this option triggers a new runner registration. + ''; + default = null; + }; + + extraLabels = mkOption { + type = types.listOf types.str; + description = lib.mdDoc '' + Extra labels in addition to the default (`["self-hosted", "Linux", "X64"]`). + + Changing this option triggers a new runner registration. + ''; + example = literalExpression ''[ "nixos" ]''; + default = [ ]; + }; + + replace = mkOption { + type = types.bool; + description = lib.mdDoc '' + Replace any existing runner with the same name. + + Without this flag, registering a new runner with the same name fails. + ''; + default = false; + }; + + extraPackages = mkOption { + type = types.listOf types.package; + description = lib.mdDoc '' + Extra packages to add to `PATH` of the service to make them available to workflows. + ''; + default = [ ]; + }; + + extraEnvironment = mkOption { + type = types.attrs; + description = lib.mdDoc '' + Extra environment variables to set for the runner, as an attrset. + ''; + example = { + GIT_CONFIG = "/path/to/git/config"; + }; + default = {}; + }; + + serviceOverrides = mkOption { + type = types.attrs; + description = lib.mdDoc '' + Overrides for the systemd service. Can be used to adjust the sandboxing options. + ''; + example = { + ProtectHome = false; + }; + default = {}; + }; + + package = mkOption { + type = types.package; + description = lib.mdDoc '' + Which github-runner derivation to use. + ''; + default = pkgs.github-runner; + defaultText = literalExpression "pkgs.github-runner"; + }; + + ephemeral = mkOption { + type = types.bool; + description = lib.mdDoc '' + If enabled, causes the following behavior: + + - Passes the `--ephemeral` flag to the runner configuration script + - De-registers and stops the runner with GitHub after it has processed one job + - On stop, systemd wipes the runtime directory (this always happens, even without using the ephemeral option) + - Restarts the service after its successful exit + - On start, wipes the state directory and configures a new runner + + You should only enable this option if `tokenFile` points to a file which contains a + personal access token (PAT). If you're using the option with a registration token, restarting the + service will fail as soon as the registration token expired. + ''; + default = false; + }; + + user = mkOption { + type = types.nullOr types.str; + description = lib.mdDoc '' + User under which to run the service. If null, will use a systemd dynamic user. + ''; + default = null; + defaultText = literalExpression "username"; + }; +} diff --git a/nixos/modules/services/continuous-integration/github-runner/service.nix b/nixos/modules/services/continuous-integration/github-runner/service.nix new file mode 100644 index 00000000000..4dc8445495a --- /dev/null +++ b/nixos/modules/services/continuous-integration/github-runner/service.nix @@ -0,0 +1,254 @@ +{ config +, lib +, pkgs + +, cfg ? config.services.github-runner +, svcName + +, systemdDir ? "${svcName}/${cfg.name}" + # %t: Runtime directory root (usually /run); see systemd.unit(5) +, runtimeDir ? "%t/${systemdDir}" + # %S: State directory root (usually /var/lib); see systemd.unit(5) +, stateDir ? "%S/${systemdDir}" + # %L: Log directory root (usually /var/log); see systemd.unit(5) +, logsDir ? "%L/${systemdDir}" + # Name of file stored in service state directory +, currentConfigTokenFilename ? ".current-token" + +, ... +}: + +with lib; + +{ + description = "GitHub Actions runner"; + + wantedBy = [ "multi-user.target" ]; + wants = [ "network-online.target" ]; + after = [ "network.target" "network-online.target" ]; + + environment = { + HOME = runtimeDir; + RUNNER_ROOT = stateDir; + } // cfg.extraEnvironment; + + path = (with pkgs; [ + bash + coreutils + git + gnutar + gzip + ]) ++ [ + config.nix.package + ] ++ cfg.extraPackages; + + serviceConfig = rec { + ExecStart = "${cfg.package}/bin/Runner.Listener run --startuptype service"; + + # Does the following, sequentially: + # - If the module configuration or the token has changed, purge the state directory, + # and create the current and the new token file with the contents of the configured + # token. While both files have the same content, only the later is accessible by + # the service user. + # - Configure the runner using the new token file. When finished, delete it. + # - Set up the directory structure by creating the necessary symlinks. + ExecStartPre = + let + # Wrapper script which expects the full path of the state, runtime and logs + # directory as arguments. Overrides the respective systemd variables to provide + # unambiguous directory names. This becomes relevant, for example, if the + # caller overrides any of the StateDirectory=, RuntimeDirectory= or LogDirectory= + # to contain more than one directory. This causes systemd to set the respective + # environment variables with the path of all of the given directories, separated + # by a colon. + writeScript = name: lines: pkgs.writeShellScript "${svcName}-${name}.sh" '' + set -euo pipefail + + STATE_DIRECTORY="$1" + RUNTIME_DIRECTORY="$2" + LOGS_DIRECTORY="$3" + + ${lines} + ''; + runnerRegistrationConfig = getAttrs [ "name" "tokenFile" "url" "runnerGroup" "extraLabels" "ephemeral" ] cfg; + newConfigPath = builtins.toFile "${svcName}-config.json" (builtins.toJSON runnerRegistrationConfig); + currentConfigPath = "$STATE_DIRECTORY/.nixos-current-config.json"; + newConfigTokenPath= "$STATE_DIRECTORY/.new-token"; + currentConfigTokenPath = "$STATE_DIRECTORY/${currentConfigTokenFilename}"; + + runnerCredFiles = [ + ".credentials" + ".credentials_rsaparams" + ".runner" + ]; + unconfigureRunner = writeScript "unconfigure" '' + copy_tokens() { + # Copy the configured token file to the state dir and allow the service user to read the file + install --mode=666 ${escapeShellArg cfg.tokenFile} "${newConfigTokenPath}" + # Also copy current file to allow for a diff on the next start + install --mode=600 ${escapeShellArg cfg.tokenFile} "${currentConfigTokenPath}" + } + clean_state() { + find "$STATE_DIRECTORY/" -mindepth 1 -delete + copy_tokens + } + diff_config() { + changed=0 + # Check for module config changes + [[ -f "${currentConfigPath}" ]] \ + && ${pkgs.diffutils}/bin/diff -q '${newConfigPath}' "${currentConfigPath}" >/dev/null 2>&1 \ + || changed=1 + # Also check the content of the token file + [[ -f "${currentConfigTokenPath}" ]] \ + && ${pkgs.diffutils}/bin/diff -q "${currentConfigTokenPath}" ${escapeShellArg cfg.tokenFile} >/dev/null 2>&1 \ + || changed=1 + # If the config has changed, remove old state and copy tokens + if [[ "$changed" -eq 1 ]]; then + echo "Config has changed, removing old runner state." + echo "The old runner will still appear in the GitHub Actions UI." \ + "You have to remove it manually." + clean_state + fi + } + if [[ "${optionalString cfg.ephemeral "1"}" ]]; then + # In ephemeral mode, we always want to start with a clean state + clean_state + elif [[ "$(ls -A "$STATE_DIRECTORY")" ]]; then + # There are state files from a previous run; diff them to decide if we need a new registration + diff_config + else + # The state directory is entirely empty which indicates a first start + copy_tokens + fi ''; + configureRunner = writeScript "configure" '' + if [[ -e "${newConfigTokenPath}" ]]; then + echo "Configuring GitHub Actions Runner" + args=( + --unattended + --disableupdate + --work "$RUNTIME_DIRECTORY" + --url ${escapeShellArg cfg.url} + --labels ${escapeShellArg (concatStringsSep "," cfg.extraLabels)} + --name ${escapeShellArg cfg.name} + ${optionalString cfg.replace "--replace"} + ${optionalString (cfg.runnerGroup != null) "--runnergroup ${escapeShellArg cfg.runnerGroup}"} + ${optionalString cfg.ephemeral "--ephemeral"} + ) + # If the token file contains a PAT (i.e., it starts with "ghp_"), we have to use the --pat option, + # if it is not a PAT, we assume it contains a registration token and use the --token option + token=$(<"${newConfigTokenPath}") + if [[ "$token" =~ ^ghp_* ]]; then + args+=(--pat "$token") + else + args+=(--token "$token") + fi + ${cfg.package}/bin/config.sh "''${args[@]}" + # Move the automatically created _diag dir to the logs dir + mkdir -p "$STATE_DIRECTORY/_diag" + cp -r "$STATE_DIRECTORY/_diag/." "$LOGS_DIRECTORY/" + rm -rf "$STATE_DIRECTORY/_diag/" + # Cleanup token from config + rm "${newConfigTokenPath}" + # Symlink to new config + ln -s '${newConfigPath}' "${currentConfigPath}" + fi + ''; + setupRuntimeDir = writeScript "setup-runtime-dirs" '' + # Link _diag dir + ln -s "$LOGS_DIRECTORY" "$RUNTIME_DIRECTORY/_diag" + + # Link the runner credentials to the runtime dir + ln -s "$STATE_DIRECTORY"/{${lib.concatStringsSep "," runnerCredFiles}} "$RUNTIME_DIRECTORY/" + ''; + in + map (x: "${x} ${escapeShellArgs [ stateDir runtimeDir logsDir ]}") [ + "+${unconfigureRunner}" # runs as root + configureRunner + setupRuntimeDir + ]; + + # If running in ephemeral mode, restart the service on-exit (i.e., successful de-registration of the runner) + # to trigger a fresh registration. + Restart = if cfg.ephemeral then "on-success" else "no"; + + # Contains _diag + LogsDirectory = [ systemdDir ]; + # Default RUNNER_ROOT which contains ephemeral Runner data + RuntimeDirectory = [ systemdDir ]; + # Home of persistent runner data, e.g., credentials + StateDirectory = [ systemdDir ]; + StateDirectoryMode = "0700"; + WorkingDirectory = runtimeDir; + + InaccessiblePaths = [ + # Token file path given in the configuration, if visible to the service + "-${cfg.tokenFile}" + # Token file in the state directory + "${stateDir}/${currentConfigTokenFilename}" + ]; + + KillSignal = "SIGINT"; + + # Hardening (may overlap with DynamicUser=) + # The following options are only for optimizing: + # systemd-analyze security github-runner + AmbientCapabilities = ""; + CapabilityBoundingSet = ""; + # ProtectClock= adds DeviceAllow=char-rtc r + DeviceAllow = ""; + NoNewPrivileges = true; + PrivateDevices = true; + PrivateMounts = true; + PrivateTmp = true; + PrivateUsers = true; + ProtectClock = true; + ProtectControlGroups = true; + ProtectHome = true; + ProtectHostname = true; + ProtectKernelLogs = true; + ProtectKernelModules = true; + ProtectKernelTunables = true; + ProtectSystem = "strict"; + RemoveIPC = true; + RestrictNamespaces = true; + RestrictRealtime = true; + RestrictSUIDSGID = true; + UMask = "0066"; + ProtectProc = "invisible"; + SystemCallFilter = [ + "~@clock" + "~@cpu-emulation" + "~@module" + "~@mount" + "~@obsolete" + "~@raw-io" + "~@reboot" + "~capset" + "~setdomainname" + "~sethostname" + ]; + RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" "AF_NETLINK" ]; + + # Needs network access + PrivateNetwork = false; + # Cannot be true due to Node + MemoryDenyWriteExecute = false; + + # The more restrictive "pid" option makes `nix` commands in CI emit + # "GC Warning: Couldn't read /proc/stat" + # You may want to set this to "pid" if not using `nix` commands + ProcSubset = "all"; + # Coverage programs for compiled code such as `cargo-tarpaulin` disable + # ASLR (address space layout randomization) which requires the + # `personality` syscall + # You may want to set this to `true` if not using coverage tooling on + # compiled code + LockPersonality = false; + + # Note that this has some interactions with the User setting; so you may + # want to consult the systemd docs if using both. + DynamicUser = true; + } // ( + lib.optionalAttrs (cfg.user != null) { User = cfg.user; } + ) // cfg.serviceOverrides; +} diff --git a/nixos/modules/services/continuous-integration/github-runners.nix b/nixos/modules/services/continuous-integration/github-runners.nix new file mode 100644 index 00000000000..78b57f9c7a2 --- /dev/null +++ b/nixos/modules/services/continuous-integration/github-runners.nix @@ -0,0 +1,56 @@ +{ config +, pkgs +, lib +, ... +}@args: + +with lib; + +let + cfg = config.services.github-runners; + +in + +{ + options.services.github-runners = mkOption { + default = {}; + type = with types; attrsOf (submodule { options = import ./github-runner/options.nix (args // { + # services.github-runners.${name}.name doesn't have a default; it falls back to ${name} below. + includeNameDefault = false; + }); }); + example = { + runner1 = { + enable = true; + url = "https://github.com/owner/repo"; + name = "runner1"; + tokenFile = "/secrets/token1"; + }; + + runner2 = { + enable = true; + url = "https://github.com/owner/repo"; + name = "runner2"; + tokenFile = "/secrets/token2"; + }; + }; + description = lib.mdDoc '' + Multiple GitHub Runners. + ''; + }; + + config = { + systemd.services = flip mapAttrs' cfg (n: v: + let + svcName = "github-runner-${n}"; + in + nameValuePair svcName + (import ./github-runner/service.nix (args // { + inherit svcName; + cfg = v // { + name = if v.name != null then v.name else n; + }; + systemdDir = "github-runner/${n}"; + })) + ); + }; +} diff --git a/pkgs/applications/emulators/retroarch/cores.nix b/pkgs/applications/emulators/retroarch/cores.nix index 1224aa74f29..65b11762930 100644 --- a/pkgs/applications/emulators/retroarch/cores.nix +++ b/pkgs/applications/emulators/retroarch/cores.nix @@ -55,7 +55,7 @@ let , stdenvOverride ? stdenv , src ? (getCoreSrc core) , broken ? false - , version ? "unstable-2022-10-01" + , version ? "unstable-2022-10-18" , platforms ? retroarch.meta.platforms # The resulting core file is based on core name # Setting `normalizeCore` to `true` will convert `-` to `_` on the core filename diff --git a/pkgs/applications/emulators/retroarch/default.nix b/pkgs/applications/emulators/retroarch/default.nix index 1754ad5eccb..a8a20682afd 100644 --- a/pkgs/applications/emulators/retroarch/default.nix +++ b/pkgs/applications/emulators/retroarch/default.nix @@ -4,6 +4,7 @@ , enableNvidiaCgToolkit ? false , withGamemode ? stdenv.isLinux , withVulkan ? stdenv.isLinux +, withWayland ? stdenv.isLinux , alsa-lib , AppKit , dbus @@ -33,19 +34,20 @@ , udev , vulkan-loader , wayland -, which }: let - version = "1.11.0"; + version = "1.12.0"; libretroCoreInfo = fetchFromGitHub { owner = "libretro"; repo = "libretro-core-info"; - sha256 = "sha256-46T87BpzWUQHD7CsCF2sZo065Sl8Y4Sj1zwzBWmCiiU="; - rev = "v${version}"; + sha256 = "sha256-9Sfp/JkMJIe34YGNRxf93fONOBuQxR2pduoJU+xtuF0="; + # Upstream didn't tag a new libretro-core-info in 1.12.0 release + rev = "v1.11.1"; }; - runtimeLibs = lib.optional withVulkan vulkan-loader - ++ lib.optional withGamemode gamemode.lib; + runtimeLibs = + lib.optional withVulkan vulkan-loader ++ + lib.optional withGamemode (lib.getLib gamemode); in stdenv.mkDerivation rec { pname = "retroarch-bare"; @@ -54,60 +56,77 @@ stdenv.mkDerivation rec { src = fetchFromGitHub { owner = "libretro"; repo = "RetroArch"; - sha256 = "sha256-/rOf85TQTXbY9kIETaO5E58f2ZvKPqEFLsbNne/+/lw="; + sha256 = "sha256-doLWNA8aTAllxx3zABtvZaegBQEPIi8276zbytPSdBU="; rev = "v${version}"; }; patches = [ - ./disable-menu_show_core_updater.patch - ./use-fixed-paths-on-libretro_info_path.patch + ./use-fixed-paths.patch ]; postPatch = '' substituteInPlace "frontend/drivers/platform_unix.c" \ - --replace "@libretro_directory@" "$out/lib" \ - --replace "@libretro_info_path@" "$out/share/libretro/info" + --subst-var-by libretro_directory "$out/lib" \ + --subst-var-by libretro_info_path "$out/share/libretro/info" \ + --subst-var-by out "$out" substituteInPlace "frontend/drivers/platform_darwin.m" \ - --replace "@libretro_directory@" "$out/lib" \ - --replace "@libretro_info_path@" "$out/share/libretro/info" + --subst-var-by libretro_directory "$out/lib" \ + --subst-var-by libretro_info_path "$out/share/libretro/info" ''; nativeBuildInputs = [ pkg-config ] ++ - lib.optional stdenv.isLinux wayland ++ + lib.optional withWayland wayland ++ lib.optional (runtimeLibs != [ ]) makeWrapper; - buildInputs = [ ffmpeg_4 freetype libxml2 libGLU libGL python3 SDL2 which ] ++ - lib.optional enableNvidiaCgToolkit nvidia_cg_toolkit ++ - lib.optional withVulkan vulkan-loader ++ - lib.optionals stdenv.isDarwin [ libobjc AppKit Foundation ] ++ - lib.optionals stdenv.isLinux [ - alsa-lib - dbus - libX11 - libXdmcp - libXext - libXxf86vm - libdrm - libpulseaudio - libv4l - libxkbcommon - mesa - udev - wayland - ]; + buildInputs = [ + ffmpeg_4 + freetype + libGL + libGLU + libxml2 + python3 + SDL2 + ] ++ + lib.optional enableNvidiaCgToolkit nvidia_cg_toolkit ++ + lib.optional withVulkan vulkan-loader ++ + lib.optional withWayland wayland ++ + lib.optionals stdenv.isDarwin [ libobjc AppKit Foundation ] ++ + lib.optionals stdenv.isLinux [ + alsa-lib + dbus + libX11 + libXdmcp + libXext + libXxf86vm + libdrm + libpulseaudio + libv4l + libxkbcommon + mesa + udev + ]; enableParallelBuilding = true; - configureFlags = lib.optionals stdenv.isLinux [ "--enable-kms" "--enable-egl" "--enable-dbus" ]; + configureFlags = [ + "--disable-update_cores" + ] ++ + lib.optionals stdenv.isLinux [ + "--enable-dbus" + "--enable-egl" + "--enable-kms" + ]; postInstall = '' - mkdir -p $out/share/libretro/info # TODO: ideally each core should have its own core information + mkdir -p $out/share/libretro/info cp -r ${libretroCoreInfo}/* $out/share/libretro/info - '' + lib.optionalString (runtimeLibs != [ ]) '' + '' + + lib.optionalString (runtimeLibs != [ ]) '' wrapProgram $out/bin/retroarch \ --prefix LD_LIBRARY_PATH ':' ${lib.makeLibraryPath runtimeLibs} - '' + lib.optionalString stdenv.isDarwin '' + '' + + lib.optionalString stdenv.isDarwin '' # https://github.com/libretro/RetroArch/blob/master/retroarch-apple-packaging.sh app=$out/Applications/RetroArch.app mkdir -p $app/Contents/MacOS diff --git a/pkgs/applications/emulators/retroarch/disable-menu_show_core_updater.patch b/pkgs/applications/emulators/retroarch/disable-menu_show_core_updater.patch deleted file mode 100644 index 427cb4871dc..00000000000 --- a/pkgs/applications/emulators/retroarch/disable-menu_show_core_updater.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 546b343294209abbb193883ab76b679b7f99c6d3 Mon Sep 17 00:00:00 2001 -From: Thiago Kenji Okada -Date: Sat, 20 Nov 2021 16:03:50 -0300 -Subject: [PATCH] Disable "menu_show_core_updater" - ---- - retroarch.cfg | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/retroarch.cfg b/retroarch.cfg -index cdcb199c9f..ab72f3920f 100644 ---- a/retroarch.cfg -+++ b/retroarch.cfg -@@ -681,7 +681,7 @@ - # menu_show_online_updater = true - - # If disabled, will hide the ability to update cores (and core info files) inside the menu. --# menu_show_core_updater = true -+menu_show_core_updater = false - - # If disabled, the libretro core will keep running in the background when we - # are in the menu. --- -2.31.1 - diff --git a/pkgs/applications/emulators/retroarch/fix-config.patch b/pkgs/applications/emulators/retroarch/fix-config.patch deleted file mode 100644 index 1a71bf43cb1..00000000000 --- a/pkgs/applications/emulators/retroarch/fix-config.patch +++ /dev/null @@ -1,26 +0,0 @@ -diff --git a/retroarch.cfg b/retroarch.cfg -index cdcb199c9f..08b9b1cf10 100644 ---- a/retroarch.cfg -+++ b/retroarch.cfg -@@ -681,7 +681,7 @@ - # menu_show_online_updater = true - - # If disabled, will hide the ability to update cores (and core info files) inside the menu. --# menu_show_core_updater = true -+menu_show_core_updater = false - - # If disabled, the libretro core will keep running in the background when we - # are in the menu. -@@ -823,10 +823,10 @@ - # rgui_browser_directory = - - # Core directory for libretro core implementations. --# libretro_directory = -+libretro_directory = @libretro_directory@ - - # Core info directory for libretro core information. --# libretro_info_path = -+libretro_info_path = @libretro_info_path@ - - # Path to content database directory. - # content_database_path = diff --git a/pkgs/applications/emulators/retroarch/fix-libretro-paths.patch b/pkgs/applications/emulators/retroarch/fix-libretro-paths.patch deleted file mode 100644 index 203ce836533..00000000000 --- a/pkgs/applications/emulators/retroarch/fix-libretro-paths.patch +++ /dev/null @@ -1,28 +0,0 @@ -diff --git a/configuration.c b/configuration.c -index e6a3841324..afb1d6e2ce 100644 ---- a/configuration.c -+++ b/configuration.c -@@ -1456,7 +1456,7 @@ static struct config_path_setting *populate_settings_path( - SETTING_PATH("core_options_path", - settings->paths.path_core_options, false, NULL, true); - SETTING_PATH("libretro_info_path", -- settings->paths.path_libretro_info, false, NULL, true); -+ settings->paths.path_libretro_info, false, NULL, false); - SETTING_PATH("content_database_path", - settings->paths.path_content_database, false, NULL, true); - SETTING_PATH("cheat_database_path", -diff --git a/frontend/drivers/platform_unix.c b/frontend/drivers/platform_unix.c -index 722e1c595c..e7313ee038 100644 ---- a/frontend/drivers/platform_unix.c -+++ b/frontend/drivers/platform_unix.c -@@ -1825,8 +1825,8 @@ static void frontend_unix_get_env(int *argc, - fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE_INFO], base_path, - "core_info", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE_INFO])); - #else -- fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE_INFO], base_path, -- "cores", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE_INFO])); -+ fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE_INFO], "@libretro_info_path@", -+ "", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE_INFO])); - #endif - fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_AUTOCONFIG], base_path, - "autoconfig", sizeof(g_defaults.dirs[DEFAULT_DIR_AUTOCONFIG])); diff --git a/pkgs/applications/emulators/retroarch/hashes.json b/pkgs/applications/emulators/retroarch/hashes.json index fac926c9062..af63572e61c 100644 --- a/pkgs/applications/emulators/retroarch/hashes.json +++ b/pkgs/applications/emulators/retroarch/hashes.json @@ -153,8 +153,8 @@ "fbneo": { "owner": "libretro", "repo": "fbneo", - "rev": "8678b0fcd02c4049c0cfa40a0ab87fded1bbedd8", - "sha256": "MiLYaURj17Sq8V31SDFQ93XH4DAYMQQelVq+4EBmtro=" + "rev": "758f24740d81ff833c1868befd98ccd11909255f", + "sha256": "VhfsvohRWICWqKWry0fgUS76kiXBsnjY9DytxEvulKA=" }, "fceumm": { "owner": "libretro", @@ -219,8 +219,8 @@ "mame": { "owner": "libretro", "repo": "mame", - "rev": "fcacbc7811a9b69874fd09b91e7217e44c6a0980", - "sha256": "WiBmqBcqxXmeQOmTN4FDDUv680uqAkpYUOnvJ7FXn4k=" + "rev": "0d935696dce53a13eaf0705f4a108ee348f3c613", + "sha256": "HnJ3eHzTpR7Lsi1ATn3B314y0KNKJ0+qNGcDbFvmZEA=" }, "mame2000": { "owner": "libretro", @@ -237,8 +237,8 @@ "mame2003-plus": { "owner": "libretro", "repo": "mame2003-plus-libretro", - "rev": "982db57b325b54aa90a60bd2e512b624d3b6642c", - "sha256": "uyysUD/PULHyaOw42GJoBsT9fYdYuAl4eLCVNRU8/Sw=" + "rev": "d88d5c118e8d7075ec0a4e6deebb4cd3f18a8dd1", + "sha256": "9offucQMCpMqo4StYscS6kivXCYHy4Sn+Cs/3MoNwsw=" }, "mame2010": { "owner": "libretro", @@ -261,8 +261,8 @@ "melonds": { "owner": "libretro", "repo": "melonds", - "rev": "6a03f3f11a729dbf698ec53954c735a0680aca01", - "sha256": "GH/G/UzwjNqHwtIwx6VohP4XsJKe+EFU2n+GX43IByM=" + "rev": "5e52c245fb38cabe881fbfa6513280ee44fc5bd8", + "sha256": "jWBZ5wg1dKEgoEV09VTGJ+I4+8uiivAHhpTiD9tPaYg=" }, "mesen": { "owner": "libretro", @@ -285,8 +285,8 @@ "mgba": { "owner": "libretro", "repo": "mgba", - "rev": "db7ace387cdc87d9f2bd4f9f5211c26ce0b07867", - "sha256": "i/U5yrnGQBRHqBu8c/mQ7Eov43+6IOOs+H8pSKXNM1E=" + "rev": "199a03e719436018779fe9299706c597fb2e9231", + "sha256": "3Q3MBzezCvl1Er45AeUM/QI0a+JiGn/PfYpqMaaiuds=" }, "mupen64plus": { "owner": "libretro", @@ -346,28 +346,28 @@ "pcsx_rearmed": { "owner": "libretro", "repo": "pcsx_rearmed", - "rev": "5b406fd9567c0829171af44b3325dae6dd155732", - "sha256": "V+z58fRSaLurDiu4Y/xQjndkMKPSmEGjay3foDkppM0=" + "rev": "5ced3945423cda0010597b27b7da6bce77b12baa", + "sha256": "8O2XyEr40HqQf8mHxmvB6/UT837HZw8SrKBy/JH66p4=" }, "picodrive": { "owner": "libretro", "repo": "picodrive", - "rev": "26719f348eb579a8372e2c58ef0132d95d9dc817", - "sha256": "xD8RxFHeKOltIc35Zudj29x+vkq2AXfSKu0/ZzQQHi4=", + "rev": "0a4ec83cbfaebb65fb1c40f26ffaf28131f9003b", + "sha256": "NOMQoDmXGrxrquAcSLo6Otcz8bH4gnhqcG/zzet3Dtk=", "fetchSubmodules": true }, "play": { "owner": "jpd002", "repo": "Play-", - "rev": "1129440ab6ede8263275dc3a5eec1624d20442fb", - "sha256": "nTJjxVPGOofnIZbjGe3GZDIj4YnC73IbSdGsSuVIjEA=", + "rev": "1126c39cd8ebf56af347c475139d4db97fc7cc19", + "sha256": "H/cYFWl8rA/ZdoygEjr7h1y6Z0n29Z+OCzzVMvIuVyo=", "fetchSubmodules": true }, "ppsspp": { "owner": "hrydgard", "repo": "ppsspp", - "rev": "16f93a26844b26e11cf9becfd275c4a637bfd1ab", - "sha256": "k1URDPE4kRMY1LUeR2zcLJFGt0Gnt5N8gTQHpIxDdRw=", + "rev": "4af4b0dddc638b00205d9943f17a2806e438fe83", + "sha256": "5n+Mg2ZDTJd5fk1OZAiYnCT13G3LAWahXPA+MwaOF08=", "fetchSubmodules": true }, "prboom": { @@ -385,8 +385,8 @@ "puae": { "owner": "libretro", "repo": "libretro-uae", - "rev": "1b7dd443ff89d667d99f8c44454a91ed59bcabd9", - "sha256": "YJiZEtB0rBFffEZj/hB7zEFBUp02kCzblq4CtCmygKo=" + "rev": "4d8ebafe3f91c4998e8d73940e9558d863ecf93b", + "sha256": "dzfZFm7L+Qe3WwSYiMLp3cQm8zk0pWVB68nBe/H1Hvc=" }, "quicknes": { "owner": "libretro", @@ -439,8 +439,8 @@ "stella": { "owner": "stella-emu", "repo": "stella", - "rev": "65115cc3a133d68979f3096bdecb067bcaedb493", - "sha256": "letOnjaIGIjC9xwj5C156VkBhMPFtVq12FG7SuC5+OY=" + "rev": "7193c405327e0f2156d24d53836162f4b44af079", + "sha256": "A9icQON+0WrknjGp/0wiFNSWs2ot2s0X5lucCdk4O/s=" }, "stella2014": { "owner": "libretro", @@ -451,8 +451,8 @@ "swanstation": { "owner": "libretro", "repo": "swanstation", - "rev": "b6a18318bd7bf0d3b28b50d2b554810ea11b30cb", - "sha256": "jZ6SfiHFJyaTFvINrEe61yhUtWYoqRzaAi0vLuDnMuo=" + "rev": "ff0b451a573885a5b3a4f291f7b22f3ffc667a17", + "sha256": "jz8tkvgonc4icRt12tt1BBCCiwec0ucix7Hp7PNPl8E=" }, "tgbdual": { "owner": "libretro", @@ -476,8 +476,8 @@ "vba-m": { "owner": "libretro", "repo": "vbam-libretro", - "rev": "7c25d64d6903c6d859cce781c52da0671c4f7d3e", - "sha256": "U+jBM34sZxny9lpuegQ8YDKBwYrWOAyLBMKumoQCok4=" + "rev": "7e30b038893de63e674944f75581d57c7685ea3a", + "sha256": "CmmiKiy0mFqAiagUHFV5wRSZ0MkzADrHRAG+h82dWAQ=" }, "vba-next": { "owner": "libretro", diff --git a/pkgs/applications/emulators/retroarch/use-fixed-paths-on-libretro_info_path.patch b/pkgs/applications/emulators/retroarch/use-fixed-paths-on-libretro_info_path.patch deleted file mode 100644 index fd3913ea157..00000000000 --- a/pkgs/applications/emulators/retroarch/use-fixed-paths-on-libretro_info_path.patch +++ /dev/null @@ -1,84 +0,0 @@ -From 7bf021529ff15ca2580b15b3c0bfdc137d5beffe Mon Sep 17 00:00:00 2001 -From: Thiago Kenji Okada -Date: Wed, 9 Mar 2022 18:24:15 +0000 -Subject: [PATCH] Use fixed paths on "libretro_info_path" - -This patch sets "libretro_info_path" to `handle = false`, so instead of -using the values from `retroarch.cfg`, it will always use the default. - -Also, it patches the default "libretro_info_path" to the -`@libretro_info_path` string, so we can substitute it with the full path -to it during build. ---- - configuration.c | 2 +- - frontend/drivers/platform_darwin.m | 9 ++------- - frontend/drivers/platform_unix.c | 12 ++++-------- - 3 files changed, 7 insertions(+), 16 deletions(-) - -diff --git a/configuration.c b/configuration.c -index 7e346ff6e9..c4b2100203 100644 ---- a/configuration.c -+++ b/configuration.c -@@ -1466,7 +1466,7 @@ static struct config_path_setting *populate_settings_path( - SETTING_PATH("core_options_path", - settings->paths.path_core_options, false, NULL, true); - SETTING_PATH("libretro_info_path", -- settings->paths.path_libretro_info, false, NULL, true); -+ settings->paths.path_libretro_info, false, NULL, false); - SETTING_PATH("content_database_path", - settings->paths.path_content_database, false, NULL, true); - SETTING_PATH("cheat_database_path", -diff --git a/frontend/drivers/platform_darwin.m b/frontend/drivers/platform_darwin.m -index 6c5fdca400..552dcb7e2b 100644 ---- a/frontend/drivers/platform_darwin.m -+++ b/frontend/drivers/platform_darwin.m -@@ -388,14 +388,9 @@ static void frontend_darwin_get_env(int *argc, char *argv[], - home_dir_buf, "shaders_glsl", - sizeof(g_defaults.dirs[DEFAULT_DIR_SHADER])); - #endif --#ifdef HAVE_UPDATE_CORES - fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE], -- home_dir_buf, "cores", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE])); --#else -- fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE], -- bundle_path_buf, "modules", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE])); --#endif -- fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE_INFO], home_dir_buf, "info", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE_INFO])); -+ "@libretro_directory@", "", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE])); -+ fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE_INFO], "@libretro_info_path@", "", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE_INFO])); - fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_OVERLAY], home_dir_buf, "overlays", sizeof(g_defaults.dirs[DEFAULT_DIR_OVERLAY])); - #ifdef HAVE_VIDEO_LAYOUT - fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_VIDEO_LAYOUT], home_dir_buf, "layouts", sizeof(g_defaults.dirs[DEFAULT_DIR_VIDEO_LAYOUT])); -diff --git a/frontend/drivers/platform_unix.c b/frontend/drivers/platform_unix.c -index b3b5dad173..7f1561e523 100644 ---- a/frontend/drivers/platform_unix.c -+++ b/frontend/drivers/platform_unix.c -@@ -1820,12 +1820,8 @@ static void frontend_unix_get_env(int *argc, - strcpy_literal(base_path, "retroarch"); - #endif - -- if (!string_is_empty(libretro_directory)) -- strlcpy(g_defaults.dirs[DEFAULT_DIR_CORE], libretro_directory, -- sizeof(g_defaults.dirs[DEFAULT_DIR_CORE])); -- else -- fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE], base_path, -- "cores", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE])); -+ fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE], "@libretro_directory@", -+ "", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE])); - #if defined(DINGUX) - /* On platforms that require manual core installation/ - * removal, placing core info files in the same directory -@@ -1834,8 +1830,8 @@ static void frontend_unix_get_env(int *argc, - fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE_INFO], base_path, - "core_info", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE_INFO])); - #else -- fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE_INFO], base_path, -- "cores", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE_INFO])); -+ fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE_INFO], "@libretro_info_path@", -+ "", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE_INFO])); - #endif - fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_AUTOCONFIG], base_path, - "autoconfig", sizeof(g_defaults.dirs[DEFAULT_DIR_AUTOCONFIG])); --- -2.32.0 - diff --git a/pkgs/applications/emulators/retroarch/use-fixed-paths.patch b/pkgs/applications/emulators/retroarch/use-fixed-paths.patch new file mode 100644 index 00000000000..a4837e63af7 --- /dev/null +++ b/pkgs/applications/emulators/retroarch/use-fixed-paths.patch @@ -0,0 +1,154 @@ +From 8a1cffebb23f9d2a28228cd8cbf4fd80836157e8 Mon Sep 17 00:00:00 2001 +From: Thiago Kenji Okada +Date: Tue, 18 Oct 2022 17:41:33 +0100 +Subject: [PATCH] Use fixed paths + +--- + configuration.c | 2 +- + frontend/drivers/platform_darwin.m | 4 +-- + frontend/drivers/platform_unix.c | 56 +++++++++++++++--------------- + 3 files changed, 31 insertions(+), 31 deletions(-) + +diff --git a/configuration.c b/configuration.c +index ac4779b2d7..d980892dda 100644 +--- a/configuration.c ++++ b/configuration.c +@@ -1468,7 +1468,7 @@ static struct config_path_setting *populate_settings_path( + SETTING_PATH("core_options_path", + settings->paths.path_core_options, false, NULL, true); + SETTING_PATH("libretro_info_path", +- settings->paths.path_libretro_info, false, NULL, true); ++ settings->paths.path_libretro_info, false, NULL, false); + SETTING_PATH("content_database_path", + settings->paths.path_content_database, false, NULL, true); + SETTING_PATH("cheat_database_path", +diff --git a/frontend/drivers/platform_darwin.m b/frontend/drivers/platform_darwin.m +index c771ec0f55..d5e21a1f4d 100644 +--- a/frontend/drivers/platform_darwin.m ++++ b/frontend/drivers/platform_darwin.m +@@ -400,9 +400,9 @@ static void frontend_darwin_get_env(int *argc, char *argv[], + home_dir_buf, "cores", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE])); + #else + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE], +- bundle_path_buf, "modules", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE])); ++ "@libretro_directory@", "", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE])); + #endif +- fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE_INFO], home_dir_buf, "info", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE_INFO])); ++ fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE_INFO], "@libretro_info_path@", "", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE_INFO])); + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_OVERLAY], home_dir_buf, "overlays", sizeof(g_defaults.dirs[DEFAULT_DIR_OVERLAY])); + #ifdef HAVE_VIDEO_LAYOUT + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_VIDEO_LAYOUT], home_dir_buf, "layouts", sizeof(g_defaults.dirs[DEFAULT_DIR_VIDEO_LAYOUT])); +diff --git a/frontend/drivers/platform_unix.c b/frontend/drivers/platform_unix.c +index 29e9a0d633..dba8abe941 100644 +--- a/frontend/drivers/platform_unix.c ++++ b/frontend/drivers/platform_unix.c +@@ -1792,8 +1792,8 @@ static void frontend_unix_get_env(int *argc, + strlcpy(g_defaults.dirs[DEFAULT_DIR_CORE], libretro_directory, + sizeof(g_defaults.dirs[DEFAULT_DIR_CORE])); + else +- fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE], base_path, +- "cores", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE])); ++ fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE], "@libretro_directory@", ++ "", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE])); + #if defined(DINGUX) + /* On platforms that require manual core installation/ + * removal, placing core info files in the same directory +@@ -1802,27 +1802,27 @@ static void frontend_unix_get_env(int *argc, + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE_INFO], base_path, + "core_info", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE_INFO])); + #else +- fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE_INFO], base_path, +- "cores", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE_INFO])); ++ fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_CORE_INFO], "@libretro_info_path@", ++ "", sizeof(g_defaults.dirs[DEFAULT_DIR_CORE_INFO])); + #endif + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_AUTOCONFIG], base_path, + "autoconfig", sizeof(g_defaults.dirs[DEFAULT_DIR_AUTOCONFIG])); + +- if (path_is_directory("/usr/local/share/retroarch/assets")) ++ if (path_is_directory("@out@/local/share/retroarch/assets")) + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_ASSETS], +- "/usr/local/share/retroarch", ++ "@out@/local/share/retroarch", + "assets", sizeof(g_defaults.dirs[DEFAULT_DIR_ASSETS])); +- else if (path_is_directory("/usr/share/retroarch/assets")) ++ else if (path_is_directory("@out@/share/retroarch/assets")) + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_ASSETS], +- "/usr/share/retroarch", ++ "@out@/share/retroarch", + "assets", sizeof(g_defaults.dirs[DEFAULT_DIR_ASSETS])); +- else if (path_is_directory("/usr/local/share/games/retroarch/assets")) ++ else if (path_is_directory("@out@/local/share/games/retroarch/assets")) + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_ASSETS], +- "/usr/local/share/games/retroarch", ++ "@out@/local/share/games/retroarch", + "assets", sizeof(g_defaults.dirs[DEFAULT_DIR_ASSETS])); +- else if (path_is_directory("/usr/share/games/retroarch/assets")) ++ else if (path_is_directory("@out@/share/games/retroarch/assets")) + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_ASSETS], +- "/usr/share/games/retroarch", ++ "@out@/share/games/retroarch", + "assets", sizeof(g_defaults.dirs[DEFAULT_DIR_ASSETS])); + else + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_ASSETS], base_path, +@@ -1834,41 +1834,41 @@ static void frontend_unix_get_env(int *argc, + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_VIDEO_FILTER], base_path, + "filters/video", sizeof(g_defaults.dirs[DEFAULT_DIR_VIDEO_FILTER])); + #else +- if (path_is_directory("/usr/local/share/retroarch/filters/audio")) ++ if (path_is_directory("@out@/local/share/retroarch/filters/audio")) + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_AUDIO_FILTER], +- "/usr/local/share/retroarch", ++ "@out@/local/share/retroarch", + "filters/audio", sizeof(g_defaults.dirs[DEFAULT_DIR_AUDIO_FILTER])); +- else if (path_is_directory("/usr/share/retroarch/filters/audio")) ++ else if (path_is_directory("@out@/share/retroarch/filters/audio")) + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_AUDIO_FILTER], +- "/usr/share/retroarch", ++ "@out@/share/retroarch", + "filters/audio", sizeof(g_defaults.dirs[DEFAULT_DIR_AUDIO_FILTER])); +- else if (path_is_directory("/usr/local/share/games/retroarch/filters/audio")) ++ else if (path_is_directory("@out@/local/share/games/retroarch/filters/audio")) + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_AUDIO_FILTER], +- "/usr/local/share/games/retroarch", ++ "@out@/local/share/games/retroarch", + "filters/audio", sizeof(g_defaults.dirs[DEFAULT_DIR_AUDIO_FILTER])); +- else if (path_is_directory("/usr/share/games/retroarch/filters/audio")) ++ else if (path_is_directory("@out@/share/games/retroarch/filters/audio")) + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_AUDIO_FILTER], +- "/usr/share/games/retroarch", ++ "@out@/share/games/retroarch", + "filters/audio", sizeof(g_defaults.dirs[DEFAULT_DIR_AUDIO_FILTER])); + else + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_AUDIO_FILTER], base_path, + "filters/audio", sizeof(g_defaults.dirs[DEFAULT_DIR_AUDIO_FILTER])); + +- if (path_is_directory("/usr/local/share/retroarch/filters/video")) ++ if (path_is_directory("@out@/local/share/retroarch/filters/video")) + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_VIDEO_FILTER], +- "/usr/local/share/retroarch", ++ "@out@/local/share/retroarch", + "filters/video", sizeof(g_defaults.dirs[DEFAULT_DIR_VIDEO_FILTER])); +- else if (path_is_directory("/usr/share/retroarch/filters/video")) ++ else if (path_is_directory("@out@/share/retroarch/filters/video")) + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_VIDEO_FILTER], +- "/usr/share/retroarch", ++ "@out@/share/retroarch", + "filters/video", sizeof(g_defaults.dirs[DEFAULT_DIR_VIDEO_FILTER])); +- else if (path_is_directory("/usr/local/share/games/retroarch/filters/video")) ++ else if (path_is_directory("@out@/local/share/games/retroarch/filters/video")) + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_VIDEO_FILTER], +- "/usr/local/share/games/retroarch", ++ "@out@/local/share/games/retroarch", + "filters/video", sizeof(g_defaults.dirs[DEFAULT_DIR_VIDEO_FILTER])); +- else if (path_is_directory("/usr/share/games/retroarch/filters/video")) ++ else if (path_is_directory("@out@/share/games/retroarch/filters/video")) + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_VIDEO_FILTER], +- "/usr/share/games/retroarch", ++ "@out@/share/games/retroarch", + "filters/video", sizeof(g_defaults.dirs[DEFAULT_DIR_VIDEO_FILTER])); + else + fill_pathname_join(g_defaults.dirs[DEFAULT_DIR_VIDEO_FILTER], base_path, +-- +2.37.3 + diff --git a/pkgs/applications/networking/instant-messengers/telegram/tdesktop/default.nix b/pkgs/applications/networking/instant-messengers/telegram/tdesktop/default.nix index a820e4e0150..10f9ad7697d 100644 --- a/pkgs/applications/networking/instant-messengers/telegram/tdesktop/default.nix +++ b/pkgs/applications/networking/instant-messengers/telegram/tdesktop/default.nix @@ -46,6 +46,7 @@ , libthai , libdatrie , xdg-utils +, xorg , libsysprof-capture , libpsl , brotli @@ -170,7 +171,8 @@ env.mkDerivation rec { wrapProgram $out/bin/telegram-desktop \ "''${gappsWrapperArgs[@]}" \ "''${qtWrapperArgs[@]}" \ - --suffix PATH : ${lib.makeBinPath [ xdg-utils]} \ + --prefix LD_LIBRARY_PATH : "${xorg.libXcursor}/lib" \ + --suffix PATH : ${lib.makeBinPath [ xdg-utils ]} \ --set XDG_RUNTIME_DIR "XDG-RUNTIME-DIR" sed -i $out/bin/telegram-desktop \ -e "s,'XDG-RUNTIME-DIR',\"\''${XDG_RUNTIME_DIR:-/run/user/\$(id --user)}\"," diff --git a/pkgs/applications/office/libreoffice/default.nix b/pkgs/applications/office/libreoffice/default.nix index 43a1571b46e..5b8ad73b257 100644 --- a/pkgs/applications/office/libreoffice/default.nix +++ b/pkgs/applications/office/libreoffice/default.nix @@ -94,6 +94,7 @@ , ncurses , libepoxy , gpgme +, libwebp , abseil-cpp , langs ? [ "ca" "cs" "da" "de" "en-GB" "en-US" "eo" "es" "fr" "hu" "it" "ja" "nl" "pl" "pt" "pt-BR" "ro" "ru" "sl" "uk" "zh-CN" ] , withHelp ? true @@ -116,7 +117,7 @@ assert builtins.elem variant [ "fresh" "still" ]; let inherit (lib) flatten flip - concatMapStrings concatMapStringsSep concatStringsSep + concatMapStrings concatStringsSep getDev getLib optional optionals optionalString; @@ -128,7 +129,7 @@ let primary-src = importVariant "primary.nix" { inherit fetchurl; }; - inherit (primary-src) major minor subdir version; + inherit (primary-src) major minor version; langsSpaces = concatStringsSep " " langs; @@ -194,20 +195,8 @@ in tar -xf ${srcs.translations} ''; - patches = [ - ./skip-failed-test-with-icu70.patch - - # Fix build with poppler 22.03 - (fetchurl { - url = "https://github.com/archlinux/svntogit-packages/raw/f82958b9538f86e41b51f1ba7134968d2f3788d1/trunk/poppler-22.03.0.patch"; - sha256 = "5h4qJmx6Q3Q3dHUlSi8JXBziN2mAswGVWk5aDTLTwls="; - }) - - # Fix build with poppler 22.04 - ./poppler-22-04-0.patch - - ./gpgme-1.18.patch - ]; + patches = optional (variant == "still") [ ./skip-failed-test-with-icu70.patch ./gpgme-1.18.patch ] + ; ### QT/KDE # @@ -226,7 +215,7 @@ in # add the missing dependencies to it). postPatch = '' substituteInPlace shell/source/unix/exec/shellexec.cxx \ - --replace /usr/bin/xdg-open ${if kdeIntegration then "kde-open5" else "xdg-open"} + --replace xdg-open ${if kdeIntegration then "kde-open5" else "xdg-open"} # configure checks for header 'gpgme++/gpgmepp_version.h', # and if it is found (no matter where) uses a hardcoded path @@ -341,6 +330,7 @@ in sed -e '/CPPUNIT_TEST(testEmbeddedDataSource);/d' -i './sw/qa/extras/uiwriter/uiwriter.cxx' sed -e '/CPPUNIT_TEST(testTdf96479);/d' -i './sw/qa/extras/uiwriter/uiwriter.cxx' sed -e '/CPPUNIT_TEST(testInconsistentBookmark);/d' -i './sw/qa/extras/uiwriter/uiwriter.cxx' + sed -e /CppunitTest_sw_layoutwriter/d -i sw/Module_sw.mk sed -e "s/DECLARE_SW_ROUNDTRIP_TEST(\([_a-zA-Z0-9.]\+\)[, ].*, *\([_a-zA-Z0-9.]\+\))/class \\1: public \\2 { public: void verify() override; }; void \\1::verify() /" -i "sw/qa/extras/ooxmlexport/ooxmlexport9.cxx" sed -e "s/DECLARE_SW_ROUNDTRIP_TEST(\([_a-zA-Z0-9.]\+\)[, ].*, *\([_a-zA-Z0-9.]\+\))/class \\1: public \\2 { public: void verify() override; }; void \\1::verify() /" -i "sw/qa/extras/ooxmlexport/ooxmlencryption.cxx" sed -e "s/DECLARE_SW_ROUNDTRIP_TEST(\([_a-zA-Z0-9.]\+\)[, ].*, *\([_a-zA-Z0-9.]\+\))/class \\1: public \\2 { public: void verify() override; }; void \\1::verify() /" -i "sw/qa/extras/odfexport/odfexport.cxx" @@ -374,12 +364,6 @@ in ln -s $out/bin/soffice $out/bin/libreoffice ln -s $out/lib/libreoffice/share/xdg $out/share/applications - for f in $out/share/applications/*.desktop; do - substituteInPlace "$f" \ - --replace "Exec=libreofficedev${major}.${minor}" "Exec=libreoffice" \ - --replace "Exec=libreoffice${major}.${minor}" "Exec=libreoffice" - done - cp -r sysui/desktop/icons "$out/share" sed -re 's@Icon=libreoffice(dev)?[0-9.]*-?@Icon=@' -i "$out/share/applications/"*.desktop @@ -432,7 +416,6 @@ in "--disable-postgresql-sdbc" "--disable-firebird-sdbc" "--without-fonts" - "--without-myspell-dicts" "--without-doxygen" # TODO: package these as system libraries @@ -449,10 +432,12 @@ in "--without-system-libstaroffice" "--without-system-libepubgen" "--without-system-libqxp" - "--without-system-mdds" # we have mdds but our version is too new + "--with-system-mdds" # https://github.com/NixOS/nixpkgs/commit/5c5362427a3fa9aefccfca9e531492a8735d4e6f "--without-system-orcus" "--without-system-xmlsec" + "--without-system-cuckoo" + "--without-system-zxing" ] ++ optionals kdeIntegration [ "--enable-kf5" "--enable-qt5" @@ -573,7 +558,8 @@ in gst-plugins-ugly gstreamer ]) - ++ optionals kdeIntegration [ qtbase qtx11extras kcoreaddons kio ]; + ++ optionals kdeIntegration [ qtbase qtx11extras kcoreaddons kio ] + ++ optionals (lib.versionAtLeast (lib.versions.majorMinor version) "7.4") [ libwebp ]; passthru = { inherit srcs; diff --git a/pkgs/applications/office/libreoffice/src-fresh/download.nix b/pkgs/applications/office/libreoffice/src-fresh/download.nix index 5ed0517e944..c3393424f05 100644 --- a/pkgs/applications/office/libreoffice/src-fresh/download.nix +++ b/pkgs/applications/office/libreoffice/src-fresh/download.nix @@ -7,32 +7,18 @@ md5name = "e763a9dc21c3d2667402d66e202e3f8ef4db51b34b79ef41f56cacb86dcd6eed-libabw-0.1.3.tar.xz"; } { - name = "apr-1.5.2.tar.gz"; - url = "https://dev-www.libreoffice.org/src/apr-1.5.2.tar.gz"; - sha256 = "1af06e1720a58851d90694a984af18355b65bb0d047be03ec7d659c746d6dbdb"; + name = "boost_1_79_0.tar.xz"; + url = "https://dev-www.libreoffice.org/src/boost_1_79_0.tar.xz"; + sha256 = "2058aa88758a0e1aaac1759b3c4bad2526f899c6ecc6eeea79aa5e8fd3ea95dc"; md5 = ""; - md5name = "1af06e1720a58851d90694a984af18355b65bb0d047be03ec7d659c746d6dbdb-apr-1.5.2.tar.gz"; + md5name = "2058aa88758a0e1aaac1759b3c4bad2526f899c6ecc6eeea79aa5e8fd3ea95dc-boost_1_79_0.tar.xz"; } { - name = "apr-util-1.5.4.tar.gz"; - url = "https://dev-www.libreoffice.org/src/apr-util-1.5.4.tar.gz"; - sha256 = "976a12a59bc286d634a21d7be0841cc74289ea9077aa1af46be19d1a6e844c19"; + name = "box2d-2.4.1.tar.gz"; + url = "https://dev-www.libreoffice.org/src/box2d-2.4.1.tar.gz"; + sha256 = "d6b4650ff897ee1ead27cf77a5933ea197cbeef6705638dd181adc2e816b23c2"; md5 = ""; - md5name = "976a12a59bc286d634a21d7be0841cc74289ea9077aa1af46be19d1a6e844c19-apr-util-1.5.4.tar.gz"; - } - { - name = "boost_1_77_0.tar.xz"; - url = "https://dev-www.libreoffice.org/src/boost_1_77_0.tar.xz"; - sha256 = "9b334d6c6d7af5a0687280788cd84444398b8e0b472cd88e52bbc3c3ef11d98e"; - md5 = ""; - md5name = "9b334d6c6d7af5a0687280788cd84444398b8e0b472cd88e52bbc3c3ef11d98e-boost_1_77_0.tar.xz"; - } - { - name = "box2d-2.3.1.tar.gz"; - url = "https://dev-www.libreoffice.org/src/box2d-2.3.1.tar.gz"; - sha256 = "58ffc8475a8650aadc351345aef696937747b40501ab78d72c197c5ff5b3035c"; - md5 = ""; - md5name = "58ffc8475a8650aadc351345aef696937747b40501ab78d72c197c5ff5b3035c-box2d-2.3.1.tar.gz"; + md5name = "d6b4650ff897ee1ead27cf77a5933ea197cbeef6705638dd181adc2e816b23c2-box2d-2.4.1.tar.gz"; } { name = "breakpad-b324760c7f53667af128a6b77b790323da04fcb9.tar.xz"; @@ -56,11 +42,11 @@ md5name = "ab5a03176ee106d3f0fa90e381da478ddae405918153cca248e682cd0c4a2269-bzip2-1.0.8.tar.gz"; } { - name = "cairo-1.17.4.tar.xz"; - url = "https://dev-www.libreoffice.org/src/cairo-1.17.4.tar.xz"; - sha256 = "74b24c1ed436bbe87499179a3b27c43f4143b8676d8ad237a6fa787401959705"; + name = "cairo-1.17.6.tar.xz"; + url = "https://dev-www.libreoffice.org/src/cairo-1.17.6.tar.xz"; + sha256 = "4eebc4c2bad0402bc3f501db184417094657d111fb6c06f076a82ea191fe1faf"; md5 = ""; - md5name = "74b24c1ed436bbe87499179a3b27c43f4143b8676d8ad237a6fa787401959705-cairo-1.17.4.tar.xz"; + md5name = "4eebc4c2bad0402bc3f501db184417094657d111fb6c06f076a82ea191fe1faf-cairo-1.17.6.tar.xz"; } { name = "libcdr-0.1.7.tar.xz"; @@ -76,6 +62,13 @@ md5 = "48d647fbd8ef8889e5a7f422c1bfda94"; md5name = "48d647fbd8ef8889e5a7f422c1bfda94-clucene-core-2.3.3.4.tar.gz"; } + { + name = "dragonbox-1.1.0.tar.gz"; + url = "https://dev-www.libreoffice.org/src/dragonbox-1.1.0.tar.gz"; + sha256 = "293247ccba995ec47ae3abb52c3e83904a7d71efb7093d4c0d2c6367c1cc1e20"; + md5 = ""; + md5name = "293247ccba995ec47ae3abb52c3e83904a7d71efb7093d4c0d2c6367c1cc1e20-dragonbox-1.1.0.tar.gz"; + } { name = "dtoa-20180411.tgz"; url = "https://dev-www.libreoffice.org/src/dtoa-20180411.tgz"; @@ -105,18 +98,11 @@ md5name = "89c5c6665337f56fd2db36bc3805a5619709d51fb136e51937072f63fcc717a7-cppunit-1.15.1.tar.gz"; } { - name = "converttexttonumber-1-5-0.oxt"; - url = "https://dev-www.libreoffice.org/src/1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt"; - sha256 = "71b238efd2734be9800af07566daea8d6685aeed28db5eb5fa0e6453f4d85de3"; - md5 = "1f467e5bb703f12cbbb09d5cf67ecf4a"; - md5name = "1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt"; - } - { - name = "curl-7.79.1.tar.xz"; - url = "https://dev-www.libreoffice.org/src/curl-7.79.1.tar.xz"; - sha256 = "0606f74b1182ab732a17c11613cbbaf7084f2e6cca432642d0e3ad7c224c3689"; + name = "curl-7.85.0.tar.xz"; + url = "https://dev-www.libreoffice.org/src/curl-7.85.0.tar.xz"; + sha256 = "88b54a6d4b9a48cb4d873c7056dcba997ddd5b7be5a2d537a4acb55c20b04be6"; md5 = ""; - md5name = "0606f74b1182ab732a17c11613cbbaf7084f2e6cca432642d0e3ad7c224c3689-curl-7.79.1.tar.xz"; + md5name = "88b54a6d4b9a48cb4d873c7056dcba997ddd5b7be5a2d537a4acb55c20b04be6-curl-7.85.0.tar.xz"; } { name = "libe-book-0.1.3.tar.xz"; @@ -154,11 +140,11 @@ md5name = "b430435a6e8487888b761dc848b7981626eb814884963ffe25eb26a139301e9a-libetonyek-0.1.10.tar.xz"; } { - name = "expat-2.4.6.tar.xz"; - url = "https://dev-www.libreoffice.org/src/expat-2.4.6.tar.xz"; - sha256 = "de55794b7a9bc214852fdc075beaaecd854efe1361597e6268ee87946951289b"; + name = "expat-2.4.9.tar.xz"; + url = "https://dev-www.libreoffice.org/src/expat-2.4.9.tar.xz"; + sha256 = "6e8c0728fe5c7cd3f93a6acce43046c5e4736c7b4b68e032e9350daa0efc0354"; md5 = ""; - md5name = "de55794b7a9bc214852fdc075beaaecd854efe1361597e6268ee87946951289b-expat-2.4.6.tar.xz"; + md5name = "6e8c0728fe5c7cd3f93a6acce43046c5e4736c7b4b68e032e9350daa0efc0354-expat-2.4.9.tar.xz"; } { name = "Firebird-3.0.7.33374-0.tar.bz2"; @@ -280,11 +266,11 @@ md5name = "b98b67602a2c8880a1770f0b9e37c190f29a7e2ade5616784f0b89fbdb75bf52-alef-1.001.tar.gz"; } { - name = "Amiri-0.111.zip"; - url = "https://dev-www.libreoffice.org/src/Amiri-0.111.zip"; - sha256 = "1fbfccced6348b5db2c1c21d5b319cd488e14d055702fa817a0f6cb83d882166"; + name = "Amiri-0.117.zip"; + url = "https://dev-www.libreoffice.org/src/Amiri-0.117.zip"; + sha256 = "9c4e768893e0023a0ad6f488d5c84bd5add6565d3dcadb838ba5b20e75fcc9a7"; md5 = ""; - md5name = "1fbfccced6348b5db2c1c21d5b319cd488e14d055702fa817a0f6cb83d882166-Amiri-0.111.zip"; + md5name = "9c4e768893e0023a0ad6f488d5c84bd5add6565d3dcadb838ba5b20e75fcc9a7-Amiri-0.117.zip"; } { name = "ttf-kacst_2.01+mry.tar.gz"; @@ -294,11 +280,11 @@ md5name = "dca00f5e655f2f217a766faa73a81f542c5c204aa3a47017c3c2be0b31d00a56-ttf-kacst_2.01+mry.tar.gz"; } { - name = "ReemKufi-0.7.zip"; - url = "https://dev-www.libreoffice.org/src/ReemKufi-0.7.zip"; - sha256 = "f60c6508d209ce4236d2d7324256c2ffddd480be7e3d6023770b93dc391a605f"; + name = "ReemKufi-1.2.zip"; + url = "https://dev-www.libreoffice.org/src/ReemKufi-1.2.zip"; + sha256 = "c4fd68a23c0ea471cc084ae7efe888da372b925cb208eeb0322c26792d2ef413"; md5 = ""; - md5name = "f60c6508d209ce4236d2d7324256c2ffddd480be7e3d6023770b93dc391a605f-ReemKufi-0.7.zip"; + md5name = "c4fd68a23c0ea471cc084ae7efe888da372b925cb208eeb0322c26792d2ef413-ReemKufi-1.2.zip"; } { name = "Scheherazade-2.100.zip"; @@ -315,11 +301,11 @@ md5name = "0e422d1564a6dbf22a9af598535425271e583514c0f7ba7d9091676420de34ac-libfreehand-0.1.2.tar.xz"; } { - name = "freetype-2.11.0.tar.xz"; - url = "https://dev-www.libreoffice.org/src/freetype-2.11.0.tar.xz"; - sha256 = "8bee39bd3968c4804b70614a0a3ad597299ad0e824bc8aad5ce8aaf48067bde7"; + name = "freetype-2.11.1.tar.xz"; + url = "https://dev-www.libreoffice.org/src/freetype-2.11.1.tar.xz"; + sha256 = "3333ae7cfda88429c97a7ae63b7d01ab398076c3b67182e960e5684050f2c5c8"; md5 = ""; - md5name = "8bee39bd3968c4804b70614a0a3ad597299ad0e824bc8aad5ce8aaf48067bde7-freetype-2.11.0.tar.xz"; + md5name = "3333ae7cfda88429c97a7ae63b7d01ab398076c3b67182e960e5684050f2c5c8-freetype-2.11.1.tar.xz"; } { name = "glm-0.9.9.8.zip"; @@ -343,11 +329,11 @@ md5name = "b8e892d8627c41888ff121e921455b9e2d26836978f2359173d19825da62b8fc-graphite2-minimal-1.3.14.tgz"; } { - name = "harfbuzz-2.8.2.tar.xz"; - url = "https://dev-www.libreoffice.org/src/harfbuzz-2.8.2.tar.xz"; - sha256 = "d58461395ce28b9dc03903254374dd70c38c8c28c5046db123c08f7ab9417be7"; + name = "harfbuzz-4.3.0.tar.xz"; + url = "https://dev-www.libreoffice.org/src/harfbuzz-4.3.0.tar.xz"; + sha256 = "a49628f4c4c8e6d8df95ef44935a93446cf2e46366915b0e3ca30df21fffb530"; md5 = ""; - md5name = "d58461395ce28b9dc03903254374dd70c38c8c28c5046db123c08f7ab9417be7-harfbuzz-2.8.2.tar.xz"; + md5name = "a49628f4c4c8e6d8df95ef44935a93446cf2e46366915b0e3ca30df21fffb530-harfbuzz-4.3.0.tar.xz"; } { name = "hsqldb_1_8_0.zip"; @@ -371,18 +357,18 @@ md5name = "5ade6ae2a99bc1e9e57031ca88d36dad-hyphen-2.8.8.tar.gz"; } { - name = "icu4c-70_1-src.tgz"; - url = "https://dev-www.libreoffice.org/src/icu4c-70_1-src.tgz"; - sha256 = "8d205428c17bf13bb535300669ed28b338a157b1c01ae66d31d0d3e2d47c3fd5"; + name = "icu4c-71_1-src.tgz"; + url = "https://dev-www.libreoffice.org/src/icu4c-71_1-src.tgz"; + sha256 = "67a7e6e51f61faf1306b6935333e13b2c48abd8da6d2f46ce6adca24b1e21ebf"; md5 = ""; - md5name = "8d205428c17bf13bb535300669ed28b338a157b1c01ae66d31d0d3e2d47c3fd5-icu4c-70_1-src.tgz"; + md5name = "67a7e6e51f61faf1306b6935333e13b2c48abd8da6d2f46ce6adca24b1e21ebf-icu4c-71_1-src.tgz"; } { - name = "icu4c-70_1-data.zip"; - url = "https://dev-www.libreoffice.org/src/icu4c-70_1-data.zip"; - sha256 = "c72723ddba3300ffb231d6b09e2a728ea6e89de10ed5927f74bacbd77042336e"; + name = "icu4c-71_1-data.zip"; + url = "https://dev-www.libreoffice.org/src/icu4c-71_1-data.zip"; + sha256 = "e3882b4fece6e5e039f22c3189b7ba224180fd26fdbfa9db284617455b93e804"; md5 = ""; - md5name = "c72723ddba3300ffb231d6b09e2a728ea6e89de10ed5927f74bacbd77042336e-icu4c-70_1-data.zip"; + md5name = "e3882b4fece6e5e039f22c3189b7ba224180fd26fdbfa9db284617455b93e804-icu4c-71_1-data.zip"; } { name = "flow-engine-0.9.4.zip"; @@ -462,25 +448,18 @@ md5name = "39bb3fcea1514f1369fcfc87542390fd-sacjava-1.3.zip"; } { - name = "libjpeg-turbo-2.1.1.tar.gz"; - url = "https://dev-www.libreoffice.org/src/libjpeg-turbo-2.1.1.tar.gz"; - sha256 = "20e9cd3e5f517950dfb7a300ad344543d88719c254407ffb5ad88d891bf701c4"; + name = "libjpeg-turbo-2.1.2.tar.gz"; + url = "https://dev-www.libreoffice.org/src/libjpeg-turbo-2.1.2.tar.gz"; + sha256 = "09b96cb8cbff9ea556a9c2d173485fd19488844d55276ed4f42240e1e2073ce5"; md5 = ""; - md5name = "20e9cd3e5f517950dfb7a300ad344543d88719c254407ffb5ad88d891bf701c4-libjpeg-turbo-2.1.1.tar.gz"; + md5name = "09b96cb8cbff9ea556a9c2d173485fd19488844d55276ed4f42240e1e2073ce5-libjpeg-turbo-2.1.2.tar.gz"; } { - name = "language-subtag-registry-2021-12-29.tar.bz2"; - url = "https://dev-www.libreoffice.org/src/language-subtag-registry-2021-12-29.tar.bz2"; - sha256 = "d9dcf20be5ad4856daef023087421bedc1477f9b4247fc8ea53bb32e07c97837"; + name = "language-subtag-registry-2022-08-08.tar.bz2"; + url = "https://dev-www.libreoffice.org/src/language-subtag-registry-2022-08-08.tar.bz2"; + sha256 = "e2d9224e0e50fc8ad12a3cf47396bbcadf45b2515839d4770432653a88972c00"; md5 = ""; - md5name = "d9dcf20be5ad4856daef023087421bedc1477f9b4247fc8ea53bb32e07c97837-language-subtag-registry-2021-12-29.tar.bz2"; - } - { - name = "JLanguageTool-1.7.0.tar.bz2"; - url = "https://dev-www.libreoffice.org/src/b63e6340a02ff1cacfeadb2c42286161-JLanguageTool-1.7.0.tar.bz2"; - sha256 = "48c87e41636783bba438b65fd895821e369ed139e1465fac654323ad93c5a82d"; - md5 = "b63e6340a02ff1cacfeadb2c42286161"; - md5name = "b63e6340a02ff1cacfeadb2c42286161-JLanguageTool-1.7.0.tar.bz2"; + md5name = "e2d9224e0e50fc8ad12a3cf47396bbcadf45b2515839d4770432653a88972c00-language-subtag-registry-2022-08-08.tar.bz2"; } { name = "lcms2-2.12.tar.gz"; @@ -553,18 +532,25 @@ md5name = "083daa92d8ee6f4af96a6143b12d7fc8fe1a547e14f862304f7281f8f7347483-ltm-1.0.zip"; } { - name = "xmlsec1-1.2.33.tar.gz"; - url = "https://dev-www.libreoffice.org/src/xmlsec1-1.2.33.tar.gz"; - sha256 = "26041d35a20a245ed5a2fb9ee075f10825664d274220cb5190340fa87a4d0931"; + name = "libwebp-1.2.4.tar.gz"; + url = "https://dev-www.libreoffice.org/src/libwebp-1.2.4.tar.gz"; + sha256 = "7bf5a8a28cc69bcfa8cb214f2c3095703c6b73ac5fba4d5480c205331d9494df"; md5 = ""; - md5name = "26041d35a20a245ed5a2fb9ee075f10825664d274220cb5190340fa87a4d0931-xmlsec1-1.2.33.tar.gz"; + md5name = "7bf5a8a28cc69bcfa8cb214f2c3095703c6b73ac5fba4d5480c205331d9494df-libwebp-1.2.4.tar.gz"; } { - name = "libxml2-2.9.13.tar.xz"; - url = "https://dev-www.libreoffice.org/src/libxml2-2.9.13.tar.xz"; - sha256 = "276130602d12fe484ecc03447ee5e759d0465558fbc9d6bd144e3745306ebf0e"; + name = "xmlsec1-1.2.34.tar.gz"; + url = "https://dev-www.libreoffice.org/src/xmlsec1-1.2.34.tar.gz"; + sha256 = "52ced4943f35bd7d0818a38298c1528ca4ac8a54440fd71134a07d2d1370a262"; md5 = ""; - md5name = "276130602d12fe484ecc03447ee5e759d0465558fbc9d6bd144e3745306ebf0e-libxml2-2.9.13.tar.xz"; + md5name = "52ced4943f35bd7d0818a38298c1528ca4ac8a54440fd71134a07d2d1370a262-xmlsec1-1.2.34.tar.gz"; + } + { + name = "libxml2-2.10.2.tar.xz"; + url = "https://dev-www.libreoffice.org/src/libxml2-2.10.2.tar.xz"; + sha256 = "d240abe6da9c65cb1900dd9bf3a3501ccf88b3c2a1cb98317d03f272dda5b265"; + md5 = ""; + md5name = "d240abe6da9c65cb1900dd9bf3a3501ccf88b3c2a1cb98317d03f272dda5b265-libxml2-2.10.2.tar.xz"; } { name = "libxslt-1.1.35.tar.xz"; @@ -595,11 +581,11 @@ md5name = "431434d3926f4bcce2e5c97240609983f60d7ff50df5a72083934759bb863f7b-mariadb-connector-c-3.1.8-src.tar.gz"; } { - name = "mdds-2.0.1.tar.bz2"; - url = "https://dev-www.libreoffice.org/src/mdds-2.0.1.tar.bz2"; - sha256 = "3ab33fce58e6acf9540cc1a52264be6863ef80f55ac287194cc98cda48e71fe6"; + name = "mdds-2.0.3.tar.bz2"; + url = "https://dev-www.libreoffice.org/src/mdds-2.0.3.tar.bz2"; + sha256 = "9771fe42e133443c13ca187253763e17c8bc96a1a02aec9e1e8893367ffa9ce5"; md5 = ""; - md5name = "3ab33fce58e6acf9540cc1a52264be6863ef80f55ac287194cc98cda48e71fe6-mdds-2.0.1.tar.bz2"; + md5name = "9771fe42e133443c13ca187253763e17c8bc96a1a02aec9e1e8893367ffa9ce5-mdds-2.0.3.tar.bz2"; } { name = "mDNSResponder-878.200.35.tar.gz"; @@ -630,18 +616,11 @@ md5name = "a8c2c5b8f09e7ede322d5c602ff6a4b6-mythes-1.2.4.tar.gz"; } { - name = "neon-0.31.2.tar.gz"; - url = "https://dev-www.libreoffice.org/src/neon-0.31.2.tar.gz"; - sha256 = "cf1ee3ac27a215814a9c80803fcee4f0ede8466ebead40267a9bd115e16a8678"; + name = "nss-3.83-with-nspr-4.34.1.tar.gz"; + url = "https://dev-www.libreoffice.org/src/nss-3.83-with-nspr-4.34.1.tar.gz"; + sha256 = "b1e1198fa7ee4e0fe4fa6937245c94820fd3c3c6897779493858af1bf6310b30"; md5 = ""; - md5name = "cf1ee3ac27a215814a9c80803fcee4f0ede8466ebead40267a9bd115e16a8678-neon-0.31.2.tar.gz"; - } - { - name = "nss-3.73-with-nspr-4.32.tar.gz"; - url = "https://dev-www.libreoffice.org/src/nss-3.73-with-nspr-4.32.tar.gz"; - sha256 = "07a9e5b70f121a62706140d4cacc3006d3efb869da40f3a2bf7a65d37847f4d9"; - md5 = ""; - md5name = "07a9e5b70f121a62706140d4cacc3006d3efb869da40f3a2bf7a65d37847f4d9-nss-3.73-with-nspr-4.32.tar.gz"; + md5name = "b1e1198fa7ee4e0fe4fa6937245c94820fd3c3c6897779493858af1bf6310b30-nss-3.83-with-nspr-4.34.1.tar.gz"; } { name = "libodfgen-0.1.8.tar.xz"; @@ -672,11 +651,11 @@ md5name = "99f37d6747d88206c470067eda624d5e48c1011e943ec0ab217bae8712e22f34-openldap-2.4.59.tgz"; } { - name = "openssl-1.1.1l.tar.gz"; - url = "https://dev-www.libreoffice.org/src/openssl-1.1.1l.tar.gz"; - sha256 = "0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1"; + name = "openssl-1.1.1q.tar.gz"; + url = "https://dev-www.libreoffice.org/src/openssl-1.1.1q.tar.gz"; + sha256 = "d7939ce614029cdff0b6c20f0e2e5703158a489a72b2507b8bd51bf8c8fd10ca"; md5 = ""; - md5name = "0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1-openssl-1.1.1l.tar.gz"; + md5name = "d7939ce614029cdff0b6c20f0e2e5703158a489a72b2507b8bd51bf8c8fd10ca-openssl-1.1.1q.tar.gz"; } { name = "liborcus-0.17.2.tar.bz2"; @@ -693,11 +672,11 @@ md5name = "66adacd705a7d19895e08eac46d1e851332adf2e736c566bef1164e7a442519d-libpagemaker-0.0.4.tar.xz"; } { - name = "pdfium-4699.tar.bz2"; - url = "https://dev-www.libreoffice.org/src/pdfium-4699.tar.bz2"; - sha256 = "ee80fe0a3b20ef5c5babc494cd655d1b1a0bdec710acb04524789df500c563bf"; + name = "pdfium-5058.tar.bz2"; + url = "https://dev-www.libreoffice.org/src/pdfium-5058.tar.bz2"; + sha256 = "eaf4ce9fad32b5d951c524139df23119b66c67720057defb97acab2dfb2582ac"; md5 = ""; - md5name = "ee80fe0a3b20ef5c5babc494cd655d1b1a0bdec710acb04524789df500c563bf-pdfium-4699.tar.bz2"; + md5name = "eaf4ce9fad32b5d951c524139df23119b66c67720057defb97acab2dfb2582ac-pdfium-5058.tar.bz2"; } { name = "pixman-0.40.0.tar.gz"; @@ -714,18 +693,25 @@ md5name = "505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201fc80868d88ca-libpng-1.6.37.tar.xz"; } { - name = "poppler-21.11.0.tar.xz"; - url = "https://dev-www.libreoffice.org/src/poppler-21.11.0.tar.xz"; - sha256 = "31b76b5cac0a48612fdd154c02d9eca01fd38fb8eaa77c1196840ecdeb53a584"; + name = "tiff-4.4.0.tar.xz"; + url = "https://dev-www.libreoffice.org/src/tiff-4.4.0.tar.xz"; + sha256 = "49307b510048ccc7bc40f2cba6e8439182fe6e654057c1a1683139bf2ecb1dc1"; md5 = ""; - md5name = "31b76b5cac0a48612fdd154c02d9eca01fd38fb8eaa77c1196840ecdeb53a584-poppler-21.11.0.tar.xz"; + md5name = "49307b510048ccc7bc40f2cba6e8439182fe6e654057c1a1683139bf2ecb1dc1-tiff-4.4.0.tar.xz"; } { - name = "poppler-data-0.4.10.tar.gz"; - url = "https://dev-www.libreoffice.org/src/poppler-data-0.4.10.tar.gz"; - sha256 = "6e2fcef66ec8c44625f94292ccf8af9f1d918b410d5aa69c274ce67387967b30"; + name = "poppler-22.09.0.tar.xz"; + url = "https://dev-www.libreoffice.org/src/poppler-22.09.0.tar.xz"; + sha256 = "d7a8f748211359cadb774ba3e18ecda6464b34027045c0648eb30d5852a41e2e"; md5 = ""; - md5name = "6e2fcef66ec8c44625f94292ccf8af9f1d918b410d5aa69c274ce67387967b30-poppler-data-0.4.10.tar.gz"; + md5name = "d7a8f748211359cadb774ba3e18ecda6464b34027045c0648eb30d5852a41e2e-poppler-22.09.0.tar.xz"; + } + { + name = "poppler-data-0.4.11.tar.gz"; + url = "https://dev-www.libreoffice.org/src/poppler-data-0.4.11.tar.gz"; + sha256 = "2cec05cd1bb03af98a8b06a1e22f6e6e1a65b1e2f3816cb3069bb0874825f08c"; + md5 = ""; + md5name = "2cec05cd1bb03af98a8b06a1e22f6e6e1a65b1e2f3816cb3069bb0874825f08c-poppler-data-0.4.11.tar.gz"; } { name = "postgresql-13.5.tar.bz2"; @@ -735,11 +721,11 @@ md5name = "9b81067a55edbaabc418aacef457dd8477642827499560b00615a6ea6c13f6b3-postgresql-13.5.tar.bz2"; } { - name = "Python-3.8.10.tar.xz"; - url = "https://dev-www.libreoffice.org/src/Python-3.8.10.tar.xz"; - sha256 = "6af24a66093dd840bcccf371d4044a3027e655cf24591ce26e48022bc79219d9"; + name = "Python-3.8.14.tar.xz"; + url = "https://dev-www.libreoffice.org/src/Python-3.8.14.tar.xz"; + sha256 = "5d77e278271ba803e9909a41a4f3baca006181c93ada682a5e5fe8dc4a24c5f3"; md5 = ""; - md5name = "6af24a66093dd840bcccf371d4044a3027e655cf24591ce26e48022bc79219d9-Python-3.8.10.tar.xz"; + md5name = "5d77e278271ba803e9909a41a4f3baca006181c93ada682a5e5fe8dc4a24c5f3-Python-3.8.14.tar.xz"; } { name = "libqxp-0.0.2.tar.xz"; @@ -784,18 +770,11 @@ md5name = "798b2ffdc8bcfe7bca2cf92b62caf685-rhino1_5R5.zip"; } { - name = "serf-1.3.9.tar.bz2"; - url = "https://dev-www.libreoffice.org/src/serf-1.3.9.tar.bz2"; - sha256 = "549c2d21c577a8a9c0450facb5cca809f26591f048e466552240947bdf7a87cc"; + name = "skia-m103-b301ff025004c9cd82816c86c547588e6c24b466.tar.xz"; + url = "https://dev-www.libreoffice.org/src/skia-m103-b301ff025004c9cd82816c86c547588e6c24b466.tar.xz"; + sha256 = "c094a6247e44104beaaa0d00c825beb6baf1a8e532dc22214747495317a65bd9"; md5 = ""; - md5name = "549c2d21c577a8a9c0450facb5cca809f26591f048e466552240947bdf7a87cc-serf-1.3.9.tar.bz2"; - } - { - name = "skia-m97-a7230803d64ae9d44f4e1282444801119a3ae967.tar.xz"; - url = "https://dev-www.libreoffice.org/src/skia-m97-a7230803d64ae9d44f4e1282444801119a3ae967.tar.xz"; - sha256 = "97e859e8467eca9d2441cd23079b61c2c3863b5687620f18cc31a9f966740177"; - md5 = ""; - md5name = "97e859e8467eca9d2441cd23079b61c2c3863b5687620f18cc31a9f966740177-skia-m97-a7230803d64ae9d44f4e1282444801119a3ae967.tar.xz"; + md5name = "c094a6247e44104beaaa0d00c825beb6baf1a8e532dc22214747495317a65bd9-skia-m103-b301ff025004c9cd82816c86c547588e6c24b466.tar.xz"; } { name = "libstaroffice-0.0.7.tar.xz"; @@ -881,11 +860,4 @@ md5 = ""; md5name = "653d9e44195d86cf64a36af9ff3a1978ec5599df3882439fefa56e7064f55e8a-zxing-cpp-1.2.0.tar.gz"; } - { - name = "libcuckoo-93217f8d391718380c508a722ab9acd5e9081233.tar.gz"; - url = "https://dev-www.libreoffice.org/src/libcuckoo-93217f8d391718380c508a722ab9acd5e9081233.tar.gz"; - sha256 = "471dd83a813ed2816c2246c373004470ad0f6612c7ce72038929dc5161cdd58e"; - md5 = ""; - md5name = "471dd83a813ed2816c2246c373004470ad0f6612c7ce72038929dc5161cdd58e-libcuckoo-93217f8d391718380c508a722ab9acd5e9081233.tar.gz"; - } ] diff --git a/pkgs/applications/office/libreoffice/src-fresh/override.nix b/pkgs/applications/office/libreoffice/src-fresh/override.nix index ace442176dd..148c674f507 100644 --- a/pkgs/applications/office/libreoffice/src-fresh/override.nix +++ b/pkgs/applications/office/libreoffice/src-fresh/override.nix @@ -16,8 +16,7 @@ attrs: sed -e '/CPPUNIT_ASSERT_EQUAL(22, nEndRunPos);/d' -i './vcl/qa/cppunit/text.cxx' ''; configureFlags = attrs.configureFlags ++ [ - (lib.enableFeature kdeIntegration "kf5") - "--without-system-zxing" - "--without-system-cuckoo" + "--without-system-dragonbox" + "--without-system-libfixmath" ]; } diff --git a/pkgs/applications/office/libreoffice/src-fresh/primary.nix b/pkgs/applications/office/libreoffice/src-fresh/primary.nix index 50b28e6cf6b..72f1abefca9 100644 --- a/pkgs/applications/office/libreoffice/src-fresh/primary.nix +++ b/pkgs/applications/office/libreoffice/src-fresh/primary.nix @@ -7,9 +7,9 @@ rec { }; major = "7"; - minor = "3"; - patch = "3"; - tweak = "2"; + minor = "4"; + patch = "2"; + tweak = "3"; subdir = "${major}.${minor}.${patch}"; @@ -17,13 +17,13 @@ rec { src = fetchurl { url = "https://download.documentfoundation.org/libreoffice/src/${subdir}/libreoffice-${version}.tar.xz"; - sha256 = "sha256-7hK9vhYhwg4nRLxbbFlngQ8lpXYLmKxYEtVQqwCWhoU="; + hash = "sha256-gsH/4C8u2O4UUan2fDUzWyemONtZH5vFOe/4arFN2Vo="; }; # FIXME rename translations = fetchSrc { name = "translations"; - sha256 = "sha256-uRsKSC+kLVnhYF85o5FxZuf/dr+o6bYtbu8KmwSzNRw="; + sha256 = "sha256-yAU/hjyVwxqDoHm7Lu/Ztmb/1Z5AxDRAmMBKkkpU9uE="; }; # the "dictionaries" archive is not used for LO build because we already build hunspellDicts packages from @@ -31,6 +31,6 @@ rec { help = fetchSrc { name = "help"; - sha256 = "sha256-aIY07MuALBVklhJLOUwOxeIQWam2zQCVkw+edvnu/ps="; + sha256 = "sha256-T57V3Z2LOUvkQt24b1fLeHRigtiG4Nw1rdNuizQXD1w="; }; } diff --git a/pkgs/applications/office/libreoffice/src-still/download.nix b/pkgs/applications/office/libreoffice/src-still/download.nix index dddb89671b0..1b85cae70c5 100644 --- a/pkgs/applications/office/libreoffice/src-still/download.nix +++ b/pkgs/applications/office/libreoffice/src-still/download.nix @@ -21,11 +21,11 @@ md5name = "976a12a59bc286d634a21d7be0841cc74289ea9077aa1af46be19d1a6e844c19-apr-util-1.5.4.tar.gz"; } { - name = "boost_1_75_0.tar.xz"; - url = "https://dev-www.libreoffice.org/src/boost_1_75_0.tar.xz"; - sha256 = "cc378a036a1cfd3af289f3da24deeb8dba7a729f61ab104c7b018a622e22d21b"; + name = "boost_1_77_0.tar.xz"; + url = "https://dev-www.libreoffice.org/src/boost_1_77_0.tar.xz"; + sha256 = "9b334d6c6d7af5a0687280788cd84444398b8e0b472cd88e52bbc3c3ef11d98e"; md5 = ""; - md5name = "cc378a036a1cfd3af289f3da24deeb8dba7a729f61ab104c7b018a622e22d21b-boost_1_75_0.tar.xz"; + md5name = "9b334d6c6d7af5a0687280788cd84444398b8e0b472cd88e52bbc3c3ef11d98e-boost_1_77_0.tar.xz"; } { name = "box2d-2.3.1.tar.gz"; @@ -56,11 +56,11 @@ md5name = "ab5a03176ee106d3f0fa90e381da478ddae405918153cca248e682cd0c4a2269-bzip2-1.0.8.tar.gz"; } { - name = "cairo-1.16.0.tar.xz"; - url = "https://dev-www.libreoffice.org/src/cairo-1.16.0.tar.xz"; - sha256 = "5e7b29b3f113ef870d1e3ecf8adf21f923396401604bda16d44be45e66052331"; + name = "cairo-1.17.4.tar.xz"; + url = "https://dev-www.libreoffice.org/src/cairo-1.17.4.tar.xz"; + sha256 = "74b24c1ed436bbe87499179a3b27c43f4143b8676d8ad237a6fa787401959705"; md5 = ""; - md5name = "5e7b29b3f113ef870d1e3ecf8adf21f923396401604bda16d44be45e66052331-cairo-1.16.0.tar.xz"; + md5name = "74b24c1ed436bbe87499179a3b27c43f4143b8676d8ad237a6fa787401959705-cairo-1.17.4.tar.xz"; } { name = "libcdr-0.1.7.tar.xz"; @@ -112,11 +112,11 @@ md5name = "1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt"; } { - name = "curl-7.79.1.tar.xz"; - url = "https://dev-www.libreoffice.org/src/curl-7.79.1.tar.xz"; - sha256 = "0606f74b1182ab732a17c11613cbbaf7084f2e6cca432642d0e3ad7c224c3689"; + name = "curl-7.83.1.tar.xz"; + url = "https://dev-www.libreoffice.org/src/curl-7.83.1.tar.xz"; + sha256 = "2cb9c2356e7263a1272fd1435ef7cdebf2cd21400ec287b068396deb705c22c4"; md5 = ""; - md5name = "0606f74b1182ab732a17c11613cbbaf7084f2e6cca432642d0e3ad7c224c3689-curl-7.79.1.tar.xz"; + md5name = "2cb9c2356e7263a1272fd1435ef7cdebf2cd21400ec287b068396deb705c22c4-curl-7.83.1.tar.xz"; } { name = "libe-book-0.1.3.tar.xz"; @@ -126,11 +126,11 @@ md5name = "7e8d8ff34f27831aca3bc6f9cc532c2f90d2057c778963b884ff3d1e34dfe1f9-libe-book-0.1.3.tar.xz"; } { - name = "libepoxy-1.5.3.tar.xz"; - url = "https://dev-www.libreoffice.org/src/libepoxy-1.5.3.tar.xz"; - sha256 = "002958c5528321edd53440235d3c44e71b5b1e09b9177e8daf677450b6c4433d"; + name = "libepoxy-1.5.9.tar.xz"; + url = "https://dev-www.libreoffice.org/src/libepoxy-1.5.9.tar.xz"; + sha256 = "d168a19a6edfdd9977fef1308ccf516079856a4275cf876de688fb7927e365e4"; md5 = ""; - md5name = "002958c5528321edd53440235d3c44e71b5b1e09b9177e8daf677450b6c4433d-libepoxy-1.5.3.tar.xz"; + md5name = "d168a19a6edfdd9977fef1308ccf516079856a4275cf876de688fb7927e365e4-libepoxy-1.5.9.tar.xz"; } { name = "epm-3.7.tar.gz"; @@ -168,11 +168,11 @@ md5name = "acb85cedafa10ce106b1823fb236b1b3e5d942a5741e8f8435cc8ccfec0afe76-Firebird-3.0.7.33374-0.tar.bz2"; } { - name = "fontconfig-2.13.91.tar.gz"; - url = "https://dev-www.libreoffice.org/src/fontconfig-2.13.91.tar.gz"; - sha256 = "19e5b1bc9d013a52063a44e1307629711f0bfef35b9aca16f9c793971e2eb1e5"; + name = "fontconfig-2.13.94.tar.xz"; + url = "https://dev-www.libreoffice.org/src/fontconfig-2.13.94.tar.xz"; + sha256 = "a5f052cb73fd479ffb7b697980510903b563bbb55b8f7a2b001fcfb94026003c"; md5 = ""; - md5name = "19e5b1bc9d013a52063a44e1307629711f0bfef35b9aca16f9c793971e2eb1e5-fontconfig-2.13.91.tar.gz"; + md5name = "a5f052cb73fd479ffb7b697980510903b563bbb55b8f7a2b001fcfb94026003c-fontconfig-2.13.94.tar.xz"; } { name = "crosextrafonts-20130214.tar.gz"; @@ -280,11 +280,11 @@ md5name = "b98b67602a2c8880a1770f0b9e37c190f29a7e2ade5616784f0b89fbdb75bf52-alef-1.001.tar.gz"; } { - name = "Amiri-0.111.zip"; - url = "https://dev-www.libreoffice.org/src/Amiri-0.111.zip"; - sha256 = "1fbfccced6348b5db2c1c21d5b319cd488e14d055702fa817a0f6cb83d882166"; + name = "Amiri-0.117.zip"; + url = "https://dev-www.libreoffice.org/src/Amiri-0.117.zip"; + sha256 = "9c4e768893e0023a0ad6f488d5c84bd5add6565d3dcadb838ba5b20e75fcc9a7"; md5 = ""; - md5name = "1fbfccced6348b5db2c1c21d5b319cd488e14d055702fa817a0f6cb83d882166-Amiri-0.111.zip"; + md5name = "9c4e768893e0023a0ad6f488d5c84bd5add6565d3dcadb838ba5b20e75fcc9a7-Amiri-0.117.zip"; } { name = "ttf-kacst_2.01+mry.tar.gz"; @@ -294,11 +294,11 @@ md5name = "dca00f5e655f2f217a766faa73a81f542c5c204aa3a47017c3c2be0b31d00a56-ttf-kacst_2.01+mry.tar.gz"; } { - name = "ReemKufi-0.7.zip"; - url = "https://dev-www.libreoffice.org/src/ReemKufi-0.7.zip"; - sha256 = "f60c6508d209ce4236d2d7324256c2ffddd480be7e3d6023770b93dc391a605f"; + name = "ReemKufi-1.2.zip"; + url = "https://dev-www.libreoffice.org/src/ReemKufi-1.2.zip"; + sha256 = "c4fd68a23c0ea471cc084ae7efe888da372b925cb208eeb0322c26792d2ef413"; md5 = ""; - md5name = "f60c6508d209ce4236d2d7324256c2ffddd480be7e3d6023770b93dc391a605f-ReemKufi-0.7.zip"; + md5name = "c4fd68a23c0ea471cc084ae7efe888da372b925cb208eeb0322c26792d2ef413-ReemKufi-1.2.zip"; } { name = "Scheherazade-2.100.zip"; @@ -315,25 +315,25 @@ md5name = "0e422d1564a6dbf22a9af598535425271e583514c0f7ba7d9091676420de34ac-libfreehand-0.1.2.tar.xz"; } { - name = "freetype-2.9.1.tar.bz2"; - url = "https://dev-www.libreoffice.org/src/freetype-2.9.1.tar.bz2"; - sha256 = "db8d87ea720ea9d5edc5388fc7a0497bb11ba9fe972245e0f7f4c7e8b1e1e84d"; + name = "freetype-2.11.0.tar.xz"; + url = "https://dev-www.libreoffice.org/src/freetype-2.11.0.tar.xz"; + sha256 = "8bee39bd3968c4804b70614a0a3ad597299ad0e824bc8aad5ce8aaf48067bde7"; md5 = ""; - md5name = "db8d87ea720ea9d5edc5388fc7a0497bb11ba9fe972245e0f7f4c7e8b1e1e84d-freetype-2.9.1.tar.bz2"; + md5name = "8bee39bd3968c4804b70614a0a3ad597299ad0e824bc8aad5ce8aaf48067bde7-freetype-2.11.0.tar.xz"; } { - name = "glm-0.9.9.7.zip"; - url = "https://dev-www.libreoffice.org/src/glm-0.9.9.7.zip"; - sha256 = "c5e167c042afd2d7ad642ace6b643863baeb33880781983563e1ab68a30d3e95"; + name = "glm-0.9.9.8.zip"; + url = "https://dev-www.libreoffice.org/src/glm-0.9.9.8.zip"; + sha256 = "6bba5f032bed47c73ad9397f2313b9acbfb56253d0d0576b5873d3dcb25e99ad"; md5 = ""; - md5name = "c5e167c042afd2d7ad642ace6b643863baeb33880781983563e1ab68a30d3e95-glm-0.9.9.7.zip"; + md5name = "6bba5f032bed47c73ad9397f2313b9acbfb56253d0d0576b5873d3dcb25e99ad-glm-0.9.9.8.zip"; } { - name = "gpgme-1.13.1.tar.bz2"; - url = "https://dev-www.libreoffice.org/src/gpgme-1.13.1.tar.bz2"; - sha256 = "c4e30b227682374c23cddc7fdb9324a99694d907e79242a25a4deeedb393be46"; + name = "gpgme-1.16.0.tar.bz2"; + url = "https://dev-www.libreoffice.org/src/gpgme-1.16.0.tar.bz2"; + sha256 = "6c8cc4aedb10d5d4c905894ba1d850544619ee765606ac43df7405865de29ed0"; md5 = ""; - md5name = "c4e30b227682374c23cddc7fdb9324a99694d907e79242a25a4deeedb393be46-gpgme-1.13.1.tar.bz2"; + md5name = "6c8cc4aedb10d5d4c905894ba1d850544619ee765606ac43df7405865de29ed0-gpgme-1.16.0.tar.bz2"; } { name = "graphite2-minimal-1.3.14.tgz"; @@ -343,11 +343,11 @@ md5name = "b8e892d8627c41888ff121e921455b9e2d26836978f2359173d19825da62b8fc-graphite2-minimal-1.3.14.tgz"; } { - name = "harfbuzz-2.6.0.tar.xz"; - url = "https://dev-www.libreoffice.org/src/harfbuzz-2.6.0.tar.xz"; - sha256 = "9cf7d117548265f95ca884e2f4c9fafaf4e17d45a67b11107147b79eed76c966"; + name = "harfbuzz-2.8.2.tar.xz"; + url = "https://dev-www.libreoffice.org/src/harfbuzz-2.8.2.tar.xz"; + sha256 = "d58461395ce28b9dc03903254374dd70c38c8c28c5046db123c08f7ab9417be7"; md5 = ""; - md5name = "9cf7d117548265f95ca884e2f4c9fafaf4e17d45a67b11107147b79eed76c966-harfbuzz-2.6.0.tar.xz"; + md5name = "d58461395ce28b9dc03903254374dd70c38c8c28c5046db123c08f7ab9417be7-harfbuzz-2.8.2.tar.xz"; } { name = "hsqldb_1_8_0.zip"; @@ -371,18 +371,18 @@ md5name = "5ade6ae2a99bc1e9e57031ca88d36dad-hyphen-2.8.8.tar.gz"; } { - name = "icu4c-69_1-src.tgz"; - url = "https://dev-www.libreoffice.org/src/icu4c-69_1-src.tgz"; - sha256 = "4cba7b7acd1d3c42c44bb0c14be6637098c7faf2b330ce876bc5f3b915d09745"; + name = "icu4c-70_1-src.tgz"; + url = "https://dev-www.libreoffice.org/src/icu4c-70_1-src.tgz"; + sha256 = "8d205428c17bf13bb535300669ed28b338a157b1c01ae66d31d0d3e2d47c3fd5"; md5 = ""; - md5name = "4cba7b7acd1d3c42c44bb0c14be6637098c7faf2b330ce876bc5f3b915d09745-icu4c-69_1-src.tgz"; + md5name = "8d205428c17bf13bb535300669ed28b338a157b1c01ae66d31d0d3e2d47c3fd5-icu4c-70_1-src.tgz"; } { - name = "icu4c-69_1-data.zip"; - url = "https://dev-www.libreoffice.org/src/icu4c-69_1-data.zip"; - sha256 = "4fc2d8cfc3343673123586fca3967404abd4e346fba5515829204533b3bae4bf"; + name = "icu4c-70_1-data.zip"; + url = "https://dev-www.libreoffice.org/src/icu4c-70_1-data.zip"; + sha256 = "c72723ddba3300ffb231d6b09e2a728ea6e89de10ed5927f74bacbd77042336e"; md5 = ""; - md5name = "4fc2d8cfc3343673123586fca3967404abd4e346fba5515829204533b3bae4bf-icu4c-69_1-data.zip"; + md5name = "c72723ddba3300ffb231d6b09e2a728ea6e89de10ed5927f74bacbd77042336e-icu4c-70_1-data.zip"; } { name = "flow-engine-0.9.4.zip"; @@ -462,11 +462,11 @@ md5name = "39bb3fcea1514f1369fcfc87542390fd-sacjava-1.3.zip"; } { - name = "libjpeg-turbo-1.5.3.tar.gz"; - url = "https://dev-www.libreoffice.org/src/libjpeg-turbo-1.5.3.tar.gz"; - sha256 = "b24890e2bb46e12e72a79f7e965f409f4e16466d00e1dd15d93d73ee6b592523"; + name = "libjpeg-turbo-2.1.1.tar.gz"; + url = "https://dev-www.libreoffice.org/src/libjpeg-turbo-2.1.1.tar.gz"; + sha256 = "20e9cd3e5f517950dfb7a300ad344543d88719c254407ffb5ad88d891bf701c4"; md5 = ""; - md5name = "b24890e2bb46e12e72a79f7e965f409f4e16466d00e1dd15d93d73ee6b592523-libjpeg-turbo-1.5.3.tar.gz"; + md5name = "20e9cd3e5f517950dfb7a300ad344543d88719c254407ffb5ad88d891bf701c4-libjpeg-turbo-2.1.1.tar.gz"; } { name = "language-subtag-registry-2021-12-29.tar.bz2"; @@ -483,18 +483,18 @@ md5name = "b63e6340a02ff1cacfeadb2c42286161-JLanguageTool-1.7.0.tar.bz2"; } { - name = "lcms2-2.11.tar.gz"; - url = "https://dev-www.libreoffice.org/src/lcms2-2.11.tar.gz"; - sha256 = "dc49b9c8e4d7cdff376040571a722902b682a795bf92985a85b48854c270772e"; + name = "lcms2-2.12.tar.gz"; + url = "https://dev-www.libreoffice.org/src/lcms2-2.12.tar.gz"; + sha256 = "18663985e864100455ac3e507625c438c3710354d85e5cbb7cd4043e11fe10f5"; md5 = ""; - md5name = "dc49b9c8e4d7cdff376040571a722902b682a795bf92985a85b48854c270772e-lcms2-2.11.tar.gz"; + md5name = "18663985e864100455ac3e507625c438c3710354d85e5cbb7cd4043e11fe10f5-lcms2-2.12.tar.gz"; } { - name = "libassuan-2.5.3.tar.bz2"; - url = "https://dev-www.libreoffice.org/src/libassuan-2.5.3.tar.bz2"; - sha256 = "91bcb0403866b4e7c4bc1cc52ed4c364a9b5414b3994f718c70303f7f765e702"; + name = "libassuan-2.5.5.tar.bz2"; + url = "https://dev-www.libreoffice.org/src/libassuan-2.5.5.tar.bz2"; + sha256 = "8e8c2fcc982f9ca67dcbb1d95e2dc746b1739a4668bc20b3a3c5be632edb34e4"; md5 = ""; - md5name = "91bcb0403866b4e7c4bc1cc52ed4c364a9b5414b3994f718c70303f7f765e702-libassuan-2.5.3.tar.bz2"; + md5name = "8e8c2fcc982f9ca67dcbb1d95e2dc746b1739a4668bc20b3a3c5be632edb34e4-libassuan-2.5.5.tar.bz2"; } { name = "libatomic_ops-7.6.8.tar.gz"; @@ -511,11 +511,11 @@ md5name = "cf5091fa8e7dcdbe667335eb90a2cfdd0a3fe8f8c7c8d1ece44d9d055736a06a-libeot-0.01.tar.bz2"; } { - name = "libexttextcat-3.4.5.tar.xz"; - url = "https://dev-www.libreoffice.org/src/libexttextcat-3.4.5.tar.xz"; - sha256 = "13fdbc9d4c489a4d0519e51933a1aa21fe3fb9eb7da191b87f7a63e82797dac8"; + name = "libexttextcat-3.4.6.tar.xz"; + url = "https://dev-www.libreoffice.org/src/libexttextcat-3.4.6.tar.xz"; + sha256 = "6d77eace20e9ea106c1330e268ede70c9a4a89744ddc25715682754eca3368df"; md5 = ""; - md5name = "13fdbc9d4c489a4d0519e51933a1aa21fe3fb9eb7da191b87f7a63e82797dac8-libexttextcat-3.4.5.tar.xz"; + md5name = "6d77eace20e9ea106c1330e268ede70c9a4a89744ddc25715682754eca3368df-libexttextcat-3.4.6.tar.xz"; } { name = "libffi-3.3.tar.gz"; @@ -525,25 +525,25 @@ md5name = "72fba7922703ddfa7a028d513ac15a85c8d54c8d67f55fa5a4802885dc652056-libffi-3.3.tar.gz"; } { - name = "libgpg-error-1.37.tar.bz2"; - url = "https://dev-www.libreoffice.org/src/libgpg-error-1.37.tar.bz2"; - sha256 = "b32d6ff72a73cf79797f7f2d039e95e9c6f92f0c1450215410840ab62aea9763"; + name = "libgpg-error-1.43.tar.bz2"; + url = "https://dev-www.libreoffice.org/src/libgpg-error-1.43.tar.bz2"; + sha256 = "a9ab83ca7acc442a5bd846a75b920285ff79bdb4e3d34aa382be88ed2c3aebaf"; md5 = ""; - md5name = "b32d6ff72a73cf79797f7f2d039e95e9c6f92f0c1450215410840ab62aea9763-libgpg-error-1.37.tar.bz2"; + md5name = "a9ab83ca7acc442a5bd846a75b920285ff79bdb4e3d34aa382be88ed2c3aebaf-libgpg-error-1.43.tar.bz2"; } { - name = "liblangtag-0.6.2.tar.bz2"; - url = "https://dev-www.libreoffice.org/src/liblangtag-0.6.2.tar.bz2"; - sha256 = "d6242790324f1432fb0a6fae71b6851f520b2c5a87675497cf8ea14c2924d52e"; + name = "liblangtag-0.6.3.tar.bz2"; + url = "https://dev-www.libreoffice.org/src/liblangtag-0.6.3.tar.bz2"; + sha256 = "1f12a20a02ec3a8d22e54dedb8b683a43c9c160bda1ba337bf1060607ae733bd"; md5 = ""; - md5name = "d6242790324f1432fb0a6fae71b6851f520b2c5a87675497cf8ea14c2924d52e-liblangtag-0.6.2.tar.bz2"; + md5name = "1f12a20a02ec3a8d22e54dedb8b683a43c9c160bda1ba337bf1060607ae733bd-liblangtag-0.6.3.tar.bz2"; } { - name = "libnumbertext-1.0.7.tar.xz"; - url = "https://dev-www.libreoffice.org/src/libnumbertext-1.0.7.tar.xz"; - sha256 = "17b8249cb89ae11ae15a85612d2665626c0e0e3e56b35654363ba6566d8b61fc"; + name = "libnumbertext-1.0.10.tar.xz"; + url = "https://dev-www.libreoffice.org/src/libnumbertext-1.0.10.tar.xz"; + sha256 = "a285573864eaac8d36a0f66d946e9b1d3cf01c5d93d31fda00264a76f2633beb"; md5 = ""; - md5name = "17b8249cb89ae11ae15a85612d2665626c0e0e3e56b35654363ba6566d8b61fc-libnumbertext-1.0.7.tar.xz"; + md5name = "a285573864eaac8d36a0f66d946e9b1d3cf01c5d93d31fda00264a76f2633beb-libnumbertext-1.0.10.tar.xz"; } { name = "ltm-1.0.zip"; @@ -553,18 +553,18 @@ md5name = "083daa92d8ee6f4af96a6143b12d7fc8fe1a547e14f862304f7281f8f7347483-ltm-1.0.zip"; } { - name = "xmlsec1-1.2.32.tar.gz"; - url = "https://dev-www.libreoffice.org/src/xmlsec1-1.2.32.tar.gz"; - sha256 = "e383702853236004e5b08e424b8afe9b53fe9f31aaa7a5382f39d9533eb7c043"; + name = "xmlsec1-1.2.33.tar.gz"; + url = "https://dev-www.libreoffice.org/src/xmlsec1-1.2.33.tar.gz"; + sha256 = "26041d35a20a245ed5a2fb9ee075f10825664d274220cb5190340fa87a4d0931"; md5 = ""; - md5name = "e383702853236004e5b08e424b8afe9b53fe9f31aaa7a5382f39d9533eb7c043-xmlsec1-1.2.32.tar.gz"; + md5name = "26041d35a20a245ed5a2fb9ee075f10825664d274220cb5190340fa87a4d0931-xmlsec1-1.2.33.tar.gz"; } { - name = "libxml2-2.9.13.tar.xz"; - url = "https://dev-www.libreoffice.org/src/libxml2-2.9.13.tar.xz"; - sha256 = "276130602d12fe484ecc03447ee5e759d0465558fbc9d6bd144e3745306ebf0e"; + name = "libxml2-2.9.14.tar.xz"; + url = "https://dev-www.libreoffice.org/src/libxml2-2.9.14.tar.xz"; + sha256 = "60d74a257d1ccec0475e749cba2f21559e48139efba6ff28224357c7c798dfee"; md5 = ""; - md5name = "276130602d12fe484ecc03447ee5e759d0465558fbc9d6bd144e3745306ebf0e-libxml2-2.9.13.tar.xz"; + md5name = "60d74a257d1ccec0475e749cba2f21559e48139efba6ff28224357c7c798dfee-libxml2-2.9.14.tar.xz"; } { name = "libxslt-1.1.35.tar.xz"; @@ -595,11 +595,11 @@ md5name = "431434d3926f4bcce2e5c97240609983f60d7ff50df5a72083934759bb863f7b-mariadb-connector-c-3.1.8-src.tar.gz"; } { - name = "mdds-1.7.0.tar.bz2"; - url = "https://dev-www.libreoffice.org/src/mdds-1.7.0.tar.bz2"; - sha256 = "a66a2a8293a3abc6cd9baff7c236156e2666935cbfb69a15d64d38141638fecf"; + name = "mdds-2.0.3.tar.bz2"; + url = "https://dev-www.libreoffice.org/src/mdds-2.0.3.tar.bz2"; + sha256 = "9771fe42e133443c13ca187253763e17c8bc96a1a02aec9e1e8893367ffa9ce5"; md5 = ""; - md5name = "a66a2a8293a3abc6cd9baff7c236156e2666935cbfb69a15d64d38141638fecf-mdds-1.7.0.tar.bz2"; + md5name = "9771fe42e133443c13ca187253763e17c8bc96a1a02aec9e1e8893367ffa9ce5-mdds-2.0.3.tar.bz2"; } { name = "mDNSResponder-878.200.35.tar.gz"; @@ -616,11 +616,11 @@ md5name = "ef36c1a1aabb2ba3b0bedaaafe717bf4480be2ba8de6f3894be5fd3702b013ba-libmspub-0.1.4.tar.xz"; } { - name = "libmwaw-0.3.19.tar.xz"; - url = "https://dev-www.libreoffice.org/src/libmwaw-0.3.19.tar.xz"; - sha256 = "b272e234eefc828c4bb8344af0f047a62e070f530e9e2fba11b04c8db8eda5af"; + name = "libmwaw-0.3.21.tar.xz"; + url = "https://dev-www.libreoffice.org/src/libmwaw-0.3.21.tar.xz"; + sha256 = "e8750123a78d61b943cef78b7736c8a7f20bb0a649aa112402124fba794fc21c"; md5 = ""; - md5name = "b272e234eefc828c4bb8344af0f047a62e070f530e9e2fba11b04c8db8eda5af-libmwaw-0.3.19.tar.xz"; + md5name = "e8750123a78d61b943cef78b7736c8a7f20bb0a649aa112402124fba794fc21c-libmwaw-0.3.21.tar.xz"; } { name = "mythes-1.2.4.tar.gz"; @@ -637,11 +637,11 @@ md5name = "cf1ee3ac27a215814a9c80803fcee4f0ede8466ebead40267a9bd115e16a8678-neon-0.31.2.tar.gz"; } { - name = "nss-3.73-with-nspr-4.32.tar.gz"; - url = "https://dev-www.libreoffice.org/src/nss-3.73-with-nspr-4.32.tar.gz"; - sha256 = "07a9e5b70f121a62706140d4cacc3006d3efb869da40f3a2bf7a65d37847f4d9"; + name = "nss-3.79-with-nspr-4.34.tar.gz"; + url = "https://dev-www.libreoffice.org/src/nss-3.79-with-nspr-4.34.tar.gz"; + sha256 = "5369ed274a19f480ec94e1faef04da63e3cbac1a82e15bb1751e58b2f274b835"; md5 = ""; - md5name = "07a9e5b70f121a62706140d4cacc3006d3efb869da40f3a2bf7a65d37847f4d9-nss-3.73-with-nspr-4.32.tar.gz"; + md5name = "5369ed274a19f480ec94e1faef04da63e3cbac1a82e15bb1751e58b2f274b835-nss-3.79-with-nspr-4.34.tar.gz"; } { name = "libodfgen-0.1.8.tar.xz"; @@ -679,11 +679,11 @@ md5name = "0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1-openssl-1.1.1l.tar.gz"; } { - name = "liborcus-0.16.1.tar.bz2"; - url = "https://dev-www.libreoffice.org/src/liborcus-0.16.1.tar.bz2"; - sha256 = "c700d1325f744104d9fca0d5a019434901e9d51a16eedfb05792f90a298587a4"; + name = "liborcus-0.17.2.tar.bz2"; + url = "https://dev-www.libreoffice.org/src/liborcus-0.17.2.tar.bz2"; + sha256 = "2a86c405a5929f749b27637509596421d46805753364ab258b035fd01fbde143"; md5 = ""; - md5name = "c700d1325f744104d9fca0d5a019434901e9d51a16eedfb05792f90a298587a4-liborcus-0.16.1.tar.bz2"; + md5name = "2a86c405a5929f749b27637509596421d46805753364ab258b035fd01fbde143-liborcus-0.17.2.tar.bz2"; } { name = "libpagemaker-0.0.4.tar.xz"; @@ -693,18 +693,18 @@ md5name = "66adacd705a7d19895e08eac46d1e851332adf2e736c566bef1164e7a442519d-libpagemaker-0.0.4.tar.xz"; } { - name = "pdfium-4500.tar.bz2"; - url = "https://dev-www.libreoffice.org/src/pdfium-4500.tar.bz2"; - sha256 = "26a03dd60e5ed0979cdaba9cc848242895110ddfdf347d40989ce2f14020f304"; + name = "pdfium-4699.tar.bz2"; + url = "https://dev-www.libreoffice.org/src/pdfium-4699.tar.bz2"; + sha256 = "ee80fe0a3b20ef5c5babc494cd655d1b1a0bdec710acb04524789df500c563bf"; md5 = ""; - md5name = "26a03dd60e5ed0979cdaba9cc848242895110ddfdf347d40989ce2f14020f304-pdfium-4500.tar.bz2"; + md5name = "ee80fe0a3b20ef5c5babc494cd655d1b1a0bdec710acb04524789df500c563bf-pdfium-4699.tar.bz2"; } { - name = "pixman-0.34.0.tar.gz"; - url = "https://dev-www.libreoffice.org/src/e80ebae4da01e77f68744319f01d52a3-pixman-0.34.0.tar.gz"; - sha256 = "21b6b249b51c6800dc9553b65106e1e37d0e25df942c90531d4c3997aa20a88e"; - md5 = "e80ebae4da01e77f68744319f01d52a3"; - md5name = "e80ebae4da01e77f68744319f01d52a3-pixman-0.34.0.tar.gz"; + name = "pixman-0.40.0.tar.gz"; + url = "https://dev-www.libreoffice.org/src/pixman-0.40.0.tar.gz"; + sha256 = "6d200dec3740d9ec4ec8d1180e25779c00bc749f94278c8b9021f5534db223fc"; + md5 = ""; + md5name = "6d200dec3740d9ec4ec8d1180e25779c00bc749f94278c8b9021f5534db223fc-pixman-0.40.0.tar.gz"; } { name = "libpng-1.6.37.tar.xz"; @@ -791,11 +791,11 @@ md5name = "549c2d21c577a8a9c0450facb5cca809f26591f048e466552240947bdf7a87cc-serf-1.3.9.tar.bz2"; } { - name = "skia-m90-45c57e116ee0ce214bdf78405a4762722e4507d9.tar.xz"; - url = "https://dev-www.libreoffice.org/src/skia-m90-45c57e116ee0ce214bdf78405a4762722e4507d9.tar.xz"; - sha256 = "abe0b94d54edb717c58d74263f4ed3d27824d2ce9e9f2ce85a21ab38d993f94d"; + name = "skia-m97-a7230803d64ae9d44f4e1282444801119a3ae967.tar.xz"; + url = "https://dev-www.libreoffice.org/src/skia-m97-a7230803d64ae9d44f4e1282444801119a3ae967.tar.xz"; + sha256 = "97e859e8467eca9d2441cd23079b61c2c3863b5687620f18cc31a9f966740177"; md5 = ""; - md5name = "abe0b94d54edb717c58d74263f4ed3d27824d2ce9e9f2ce85a21ab38d993f94d-skia-m90-45c57e116ee0ce214bdf78405a4762722e4507d9.tar.xz"; + md5name = "97e859e8467eca9d2441cd23079b61c2c3863b5687620f18cc31a9f966740177-skia-m97-a7230803d64ae9d44f4e1282444801119a3ae967.tar.xz"; } { name = "libstaroffice-0.0.7.tar.xz"; @@ -861,11 +861,11 @@ md5name = "a7983f859eafb2677d7ff386a023bc40-xsltml_2.1.2.zip"; } { - name = "zlib-1.2.11.tar.xz"; - url = "https://dev-www.libreoffice.org/src/zlib-1.2.11.tar.xz"; - sha256 = "4ff941449631ace0d4d203e3483be9dbc9da454084111f97ea0a2114e19bf066"; + name = "zlib-1.2.12.tar.xz"; + url = "https://dev-www.libreoffice.org/src/zlib-1.2.12.tar.xz"; + sha256 = "7db46b8d7726232a621befaab4a1c870f00a90805511c0e0090441dac57def18"; md5 = ""; - md5name = "4ff941449631ace0d4d203e3483be9dbc9da454084111f97ea0a2114e19bf066-zlib-1.2.11.tar.xz"; + md5name = "7db46b8d7726232a621befaab4a1c870f00a90805511c0e0090441dac57def18-zlib-1.2.12.tar.xz"; } { name = "libzmf-0.0.2.tar.xz"; @@ -875,10 +875,10 @@ md5name = "27051a30cb057fdb5d5de65a1f165c7153dc76e27fe62251cbb86639eb2caf22-libzmf-0.0.2.tar.xz"; } { - name = "zxing-cpp-1.1.1.tar.gz"; - url = "https://dev-www.libreoffice.org/src/zxing-cpp-1.1.1.tar.gz"; - sha256 = "e595b3fa2ec320beb0b28f6af56b1141853257c2611686685639cebb3b248c86"; + name = "zxing-cpp-1.2.0.tar.gz"; + url = "https://dev-www.libreoffice.org/src/zxing-cpp-1.2.0.tar.gz"; + sha256 = "653d9e44195d86cf64a36af9ff3a1978ec5599df3882439fefa56e7064f55e8a"; md5 = ""; - md5name = "e595b3fa2ec320beb0b28f6af56b1141853257c2611686685639cebb3b248c86-zxing-cpp-1.1.1.tar.gz"; + md5name = "653d9e44195d86cf64a36af9ff3a1978ec5599df3882439fefa56e7064f55e8a-zxing-cpp-1.2.0.tar.gz"; } ] diff --git a/pkgs/applications/office/libreoffice/src-still/override.nix b/pkgs/applications/office/libreoffice/src-still/override.nix index 75fb085b9c9..0a46cc37364 100644 --- a/pkgs/applications/office/libreoffice/src-still/override.nix +++ b/pkgs/applications/office/libreoffice/src-still/override.nix @@ -3,46 +3,19 @@ attrs: { postConfigure = attrs.postConfigure + '' sed -e '/CPPUNIT_TEST(Import_Export_Import);/d' -i './sw/qa/inc/swmodeltestbase.hxx' - sed -e '/CPPUNIT_ASSERT_EQUAL(11148L, pOleObj->GetLogicRect().getWidth());/d ' -i sc/qa/unit/subsequent_filters-test.cxx - sed -e '/CPPUNIT_TEST(testChartImportXLS)/d' -i sc/qa/unit/subsequent_filters-test.cxx - sed -e '/CPPUNIT_TEST(testCustomColumnWidthExportXLSX)/d' -i sc/qa/unit/subsequent_export-test.cxx - sed -e '/CPPUNIT_TEST(testColumnWidthExportFromODStoXLSX)/d' -i sc/qa/unit/subsequent_export-test.cxx - sed -e '/CPPUNIT_TEST(test);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testConditionalFormatExportODS);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testProtectionKeyODS_UTF16LErtlSHA1);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testProtectionKeyODS_UTF8SHA1);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testProtectionKeyODS_UTF8SHA256ODF12);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testProtectionKeyODS_UTF8SHA256W3C);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testProtectionKeyODS_XL_SHA1);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testColorScaleExportODS);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testDataBarExportODS);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testNamedRangeBugfdo62729);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testRichTextExportODS);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testFormulaRefSheetNameODS);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testCellValuesExportODS);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testCellNoteExportODS);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testFormatExportODS);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testEmbeddedChartODS);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testCellAnchoredGroupXLS);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testCeilingFloorODS);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testRelativePathsODS);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testSheetProtectionODS);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testSwappedOutImageExport);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testLinkedGraphicRT);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testImageWithSpecialID);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testAbsNamedRangeHTML);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testMoveCellAnchoredShapesODS);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testRefStringUnspecified);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testHeaderImageODS);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testTdf88657ODS);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testExponentWithoutSignFormatXLSX);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testHiddenRepeatedRowsODS);/d' -i './sc/qa/unit/subsequent_export-test.cxx' - sed -e '/CPPUNIT_TEST(testHyperlinkTargetFrameODS);/d' -i './sc/qa/unit/subsequent_export-test.cxx' + sed -e '/CPPUNIT_ASSERT(!bRTL);/d' -i './vcl/qa/cppunit/text.cxx' + + sed -e '/CPPUNIT_ASSERT_EQUAL(0, nMinRunPos);/d' -i './vcl/qa/cppunit/text.cxx' + sed -e '/CPPUNIT_ASSERT_EQUAL(4, nMinRunPos);/d' -i './vcl/qa/cppunit/text.cxx' + sed -e '/CPPUNIT_ASSERT_EQUAL(11, nMinRunPos);/d' -i './vcl/qa/cppunit/text.cxx' + sed -e '/CPPUNIT_ASSERT_EQUAL(18, nMinRunPos);/d' -i './vcl/qa/cppunit/text.cxx' + + sed -e '/CPPUNIT_ASSERT_EQUAL(3, nEndRunPos);/d' -i './vcl/qa/cppunit/text.cxx' + sed -e '/CPPUNIT_ASSERT_EQUAL(9, nEndRunPos);/d' -i './vcl/qa/cppunit/text.cxx' + sed -e '/CPPUNIT_ASSERT_EQUAL(17, nEndRunPos);/d' -i './vcl/qa/cppunit/text.cxx' + sed -e '/CPPUNIT_ASSERT_EQUAL(22, nEndRunPos);/d' -i './vcl/qa/cppunit/text.cxx' ''; - configureFlags = attrs.configureFlags ++ [ - (lib.enableFeature kdeIntegration "kf5") - "--without-system-zxing" - ]; + configureFlags = attrs.configureFlags; patches = attrs.patches or []; } diff --git a/pkgs/applications/office/libreoffice/src-still/primary.nix b/pkgs/applications/office/libreoffice/src-still/primary.nix index 52226fdc2d9..53c732b59bf 100644 --- a/pkgs/applications/office/libreoffice/src-still/primary.nix +++ b/pkgs/applications/office/libreoffice/src-still/primary.nix @@ -7,7 +7,7 @@ rec { }; major = "7"; - minor = "2"; + minor = "3"; patch = "6"; tweak = "2"; @@ -17,13 +17,13 @@ rec { src = fetchurl { url = "https://download.documentfoundation.org/libreoffice/src/${subdir}/libreoffice-${version}.tar.xz"; - sha256 = "sha256-SDdlqYuS2Q6MjHNeCNM8KjS1/h+8jn9rH5x0rRoUHjE="; + hash = "sha256-MwPWr2/7vFg0UFGgCQwTNvi5PEnHhhxlNLzuogWu1aM="; }; # FIXME rename translations = fetchSrc { name = "translations"; - sha256 = "sha256-fUZflmrCi4mOa6iZTm+K9IvRTlSjcI4UJ4EoyK/HHck="; + sha256 = "sha256-vjthXfBP6vRY3lMBlithJM7b5SX3uvBwEpi30IeW/Dg="; }; # the "dictionaries" archive is not used for LO build because we already build hunspellDicts packages from @@ -31,6 +31,6 @@ rec { help = fetchSrc { name = "help"; - sha256 = "sha256-TjAgz7yV7y5VNrEuT2eElkNGZzh6J58T1TC3u2Ap2o4="; + sha256 = "sha256-b3VvaNEfnytWqJekAWOKokNoCnefXdQgYB7Hpptra0s="; }; } diff --git a/pkgs/applications/science/astronomy/gildas/default.nix b/pkgs/applications/science/astronomy/gildas/default.nix index 1c0b1eeefe6..0a98c1b7a03 100644 --- a/pkgs/applications/science/astronomy/gildas/default.nix +++ b/pkgs/applications/science/astronomy/gildas/default.nix @@ -7,8 +7,8 @@ let in stdenv.mkDerivation rec { - srcVersion = "nov21a"; - version = "20211101_a"; + srcVersion = "oct22b"; + version = "20221001_b"; pname = "gildas"; src = fetchurl { @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { # source code of the previous release to a different directory urls = [ "http://www.iram.fr/~gildas/dist/gildas-src-${srcVersion}.tar.xz" "http://www.iram.fr/~gildas/dist/archive/gildas/gildas-src-${srcVersion}.tar.xz" ]; - sha256 = "0fb6iqwh4hm7v7sib7sx98vxdavn3d6q2gq6y6vxg2z29g31f8g2"; + sha256 = "sha256-MGfU2gzBbJ8ITpU7OiwCaHbi8s9Y6gvcAvSUuEZjfqk="; }; nativeBuildInputs = [ pkg-config groff perl getopt gfortran which ]; @@ -50,7 +50,6 @@ stdenv.mkDerivation rec { ''; meta = { - broken = stdenv.isDarwin; description = "Radioastronomy data analysis software"; longDescription = '' GILDAS is a collection of state-of-the-art software @@ -66,6 +65,7 @@ stdenv.mkDerivation rec { license = lib.licenses.free; maintainers = [ lib.maintainers.bzizou lib.maintainers.smaret ]; platforms = lib.platforms.all; + broken = stdenv.isDarwin && stdenv.isAarch64; }; } diff --git a/pkgs/applications/science/math/qalculate-qt/default.nix b/pkgs/applications/science/math/qalculate-qt/default.nix index 2bbb39804ff..099f0ec6067 100644 --- a/pkgs/applications/science/math/qalculate-qt/default.nix +++ b/pkgs/applications/science/math/qalculate-qt/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "qalculate-qt"; - version = "4.3.0"; + version = "4.4.0"; src = fetchFromGitHub { owner = "qalculate"; repo = "qalculate-qt"; rev = "v${version}"; - sha256 = "sha256-zznLCTbHX7VDMgW3b709snxSEtoF8k4xJBk3MdgFPNk="; + sha256 = "sha256-C3alvl8hLxUy+soSjfxlNQ++QTcU9Gong1ydVpu8xGs="; }; nativeBuildInputs = [ qmake intltool pkg-config wrapQtAppsHook ]; diff --git a/pkgs/data/fonts/sil-abyssinica/default.nix b/pkgs/data/fonts/sil-abyssinica/default.nix index c884b5567dd..7cefdf07761 100644 --- a/pkgs/data/fonts/sil-abyssinica/default.nix +++ b/pkgs/data/fonts/sil-abyssinica/default.nix @@ -1,23 +1,25 @@ { fetchzip, lib }: let - version = "1.500"; + version = "2.100"; in -fetchzip { +fetchzip rec { name = "sil-abyssinica-${version}"; - url = "mirror://debian/pool/main/f/fonts-sil-abyssinica/fonts-sil-abyssinica_${version}.orig.tar.xz"; - sha256 = "sha256-fCa88wG2JfHTaHaBkuvoncbcbrh3XNzc8ewS3W+W/fM="; + url = "https://software.sil.org/downloads/r/abyssinica/AbyssinicaSIL-${version}.zip"; + sha256 = "sha256-06olbIdSlhJ4hgblzzabqIs57FpsyWIdPDFXb9vK31A="; postFetch = '' - mkdir -p $out/share/fonts - tar xf $downloadedFile --strip-components=1 -C $out/share/fonts AbyssinicaSIL-${version}/AbyssinicaSIL-R.ttf + rm -rf $out/web + mkdir -p $out/share/{fonts/truetype,doc/${name}} + mv $out/*.ttf $out/share/fonts/truetype/ + mv $out/*.txt $out/documentation $out/share/doc/${name}/ ''; meta = with lib; { description = "Unicode font for Ethiopian and Erythrean scripts (Amharic et al.)"; homepage = "https://software.sil.org/abyssinica/"; license = licenses.ofl; - maintainers = with lib.maintainers; [ serge ]; + maintainers = with maintainers; [ serge ]; platforms = platforms.all; }; } diff --git a/pkgs/data/fonts/sil-padauk/default.nix b/pkgs/data/fonts/sil-padauk/default.nix index 1b574e2da2d..b993ef5ae6b 100644 --- a/pkgs/data/fonts/sil-padauk/default.nix +++ b/pkgs/data/fonts/sil-padauk/default.nix @@ -1,27 +1,26 @@ { fetchzip, lib }: let - version = "3.003"; + version = "5.001"; in -fetchzip { +fetchzip rec { name = "sil-padauk-${version}"; - url = "mirror://debian/pool/main/f/fonts-sil-padauk/fonts-sil-padauk_${version}.orig.tar.xz"; - sha256 = "sha256-oK+EufbvsqXunTgcWj+DiNdfpRl+VPO60Wc9KYjZv5A="; + url = "https://software.sil.org/downloads/r/padauk/Padauk-${version}.zip"; + sha256 = "sha256-6H9EDmXr1Ox2fgLw9sG5JrCAllK3tbjvMfLi8DTF1f0="; postFetch = '' - unpackDir="$TMPDIR/unpack" - mkdir "$unpackDir" - cd "$unpackDir" - tar xf "$downloadedFile" --strip-components=1 - mkdir -p $out/share/fonts - cp *.ttf $out/share/fonts + mkdir -p $out/share/fonts/truetype + rm -rf $out/{manifest.json,web/} + mv $out/*.ttf $out/share/fonts/truetype/ + mkdir -p $out/share/doc/${name} + mv $out/*.txt $out/documentation/ $out/share/doc/${name}/ ''; meta = with lib; { - description = "Burmese Unicode 6 TrueType font"; + description = "A Unicode-based font family with broad support for writing systems that use the Myanmar script"; homepage = "https://software.sil.org/padauk"; license = licenses.ofl; - maintainers = with lib.maintainers; [ serge ]; + maintainers = with maintainers; [ serge ]; platforms = platforms.all; }; } diff --git a/pkgs/development/interpreters/clojure/babashka.nix b/pkgs/development/interpreters/clojure/babashka.nix index 955ef5e8b80..5608cfd6be3 100644 --- a/pkgs/development/interpreters/clojure/babashka.nix +++ b/pkgs/development/interpreters/clojure/babashka.nix @@ -2,11 +2,11 @@ buildGraalvmNativeImage rec { pname = "babashka"; - version = "0.10.163"; + version = "1.0.164"; src = fetchurl { url = "https://github.com/babashka/${pname}/releases/download/v${version}/${pname}-${version}-standalone.jar"; - sha256 = "sha256-54RqqjhKBNSmIIomyhgjujC4CsY33Mkd3QSIc2w9fRg="; + sha256 = "sha256-ckC6QL8pCnenSWYCBKwEx0JrwOnmWAaQhFvw6qQFCv4="; }; executable = "bb"; diff --git a/pkgs/development/node-packages/overrides.nix b/pkgs/development/node-packages/overrides.nix index 57cb62dc52d..496e80c175a 100644 --- a/pkgs/development/node-packages/overrides.nix +++ b/pkgs/development/node-packages/overrides.nix @@ -403,7 +403,7 @@ final: prev: { src = fetchurl { url = "https://registry.npmjs.org/prisma/-/prisma-${version}.tgz"; - sha512 = "sha512-l/QKLmLcKJQFuc+X02LyICo0NWTUVaNNZ00jKJBqwDyhwMAhboD1FWwYV50rkH4Wls0RviAJSFzkC2ZrfawpfA=="; + sha512 = "sha512-9Aeg4qiKlv9Wsjz4NO8k2CzRzlvS3A4FYVJ5+28sBBZ0eEwbiVOE/Jj7v6rZC1tFW2s4GSICQOAyuOjc6WsNew=="; }; postInstall = with pkgs; '' wrapProgram "$out/bin/prisma" \ diff --git a/pkgs/development/python-modules/adlfs/default.nix b/pkgs/development/python-modules/adlfs/default.nix index 1058bc94ffb..e41f8b75f62 100644 --- a/pkgs/development/python-modules/adlfs/default.nix +++ b/pkgs/development/python-modules/adlfs/default.nix @@ -12,7 +12,7 @@ buildPythonPackage rec { pname = "adlfs"; - version = "2022.9.1"; + version = "2022.10.0"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -21,7 +21,7 @@ buildPythonPackage rec { owner = "fsspec"; repo = pname; rev = version; - hash = "sha256-7gL0B4rOMsMYYqElY9hSZeAICWA+mO5N+Xe357DWgu8="; + hash = "sha256-h/xcqb7G4uj4WNVE8is/s2LQ2NfzP1negh15G8B9YCs="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/cvelib/default.nix b/pkgs/development/python-modules/cvelib/default.nix new file mode 100644 index 00000000000..fc81da016f6 --- /dev/null +++ b/pkgs/development/python-modules/cvelib/default.nix @@ -0,0 +1,32 @@ +{ buildPythonPackage +, fetchFromGitHub +, requests +, click +, lib +}: + +buildPythonPackage rec { + pname = "cvelib"; + version = "1.0.0"; + + src = fetchFromGitHub { + owner = "RedHatProductSecurity"; + repo = "cvelib"; + rev = "tags/${version}"; + sha256 = "sha256-KUj9Cnvl7r8NMmZvVj5CB0uZvLNK5aHcLc+NzxFrv0I="; + }; + + SETUPTOOLS_SCM_PRETEND_VERSION = "v${version}"; + propagatedBuildInputs = [ requests click ]; + + pythonImportsCheck = [ + "cvelib" + ]; + + meta = with lib; { + description = "A library and a command line interface for the CVE Services API"; + homepage = "https://github.com/RedHatProductSecurity/cvelib"; + license = licenses.mit; + maintainers = with maintainers; [ raboof ]; + }; +} diff --git a/pkgs/development/python-modules/hy/default.nix b/pkgs/development/python-modules/hy/default.nix index c40ba37cec6..096e1d4aa07 100644 --- a/pkgs/development/python-modules/hy/default.nix +++ b/pkgs/development/python-modules/hy/default.nix @@ -61,7 +61,14 @@ buildPythonPackage rec { # For backwards compatibility with removed pkgs/development/interpreters/hy # Example usage: # hy.withPackages (ps: with ps; [ hyrule requests ]) - withPackages = python-packages: python.withPackages (ps: (python-packages ps) ++ [ ps.hy ]); + withPackages = python-packages: + (python.withPackages + (ps: (python-packages ps) ++ [ ps.hy ])).overrideAttrs (old: { + name = "${hy.name}-env"; + meta = lib.mergeAttrs (builtins.removeAttrs hy.meta [ "license" ]) { + mainProgram = "hy"; + }; + }); }; meta = with lib; { diff --git a/pkgs/development/python-modules/progressbar2/default.nix b/pkgs/development/python-modules/progressbar2/default.nix index 9b159846f10..5678eefc212 100644 --- a/pkgs/development/python-modules/progressbar2/default.nix +++ b/pkgs/development/python-modules/progressbar2/default.nix @@ -7,11 +7,11 @@ buildPythonPackage rec { pname = "progressbar2"; - version = "4.0.0"; + version = "4.1.1"; src = fetchPypi { inherit pname version; - sha256 = "14d3165a1781d053ffaa117daf27cc706128d2ec1d2977fdb05b6bb079888013"; + sha256 = "sha256-Y5odWSJ4RIg5kwvf/SQrTU6pzgyeZWrqgQKCwtNrwSE="; }; propagatedBuildInputs = [ python-utils ]; diff --git a/pkgs/development/python-modules/pylutron-caseta/default.nix b/pkgs/development/python-modules/pylutron-caseta/default.nix index 985cd4614d1..89b7dd6c7f3 100644 --- a/pkgs/development/python-modules/pylutron-caseta/default.nix +++ b/pkgs/development/python-modules/pylutron-caseta/default.nix @@ -12,7 +12,7 @@ buildPythonPackage rec { pname = "pylutron-caseta"; - version = "0.16.0"; + version = "0.17.0"; format = "pyproject"; disabled = pythonOlder "3.8"; @@ -21,7 +21,7 @@ buildPythonPackage rec { owner = "gurumitts"; repo = pname; rev = "v${version}"; - hash = "sha256-QASVifbDh9nsgKi0cT4VaUX0d6inVS8rddr/rsbJ7/I="; + hash = "sha256-8keKhwbvqIMxbfmd9GGF7uacOyvqb8G/ifq+pr4Z700="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/pyotgw/default.nix b/pkgs/development/python-modules/pyotgw/default.nix index 8015eebff1c..ff519920ad6 100644 --- a/pkgs/development/python-modules/pyotgw/default.nix +++ b/pkgs/development/python-modules/pyotgw/default.nix @@ -9,7 +9,7 @@ buildPythonPackage rec { pname = "pyotgw"; - version = "2.1.0"; + version = "2.1.1"; format = "setuptools"; disabled = pythonOlder "3.8"; @@ -18,7 +18,7 @@ buildPythonPackage rec { owner = "mvn23"; repo = pname; rev = version; - hash = "sha256-1kUL0fY+L8HZIdQki0KK5RstfZSd/ylaqV7m1z40yM8="; + hash = "sha256-gMrLoITDBO7T9JtY4O43aMKF88zhwnJ/rlw8U3yvG8k="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/tools/crd2pulumi/default.nix b/pkgs/development/tools/crd2pulumi/default.nix index 4c7e5f5ef3c..0640c9c7b79 100644 --- a/pkgs/development/tools/crd2pulumi/default.nix +++ b/pkgs/development/tools/crd2pulumi/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "crd2pulumi"; - version = "1.2.2"; + version = "1.2.3"; src = fetchFromGitHub { owner = "pulumi"; repo = "crd2pulumi"; rev = "v${version}"; - sha256 = "sha256-FkIHbZF1ylJI6meVnLKuSqVd8AYZnE/eixVZDvNRvs0="; + sha256 = "sha256-0+83etSRk7nAaIrA5qu+BL7BfzBkjO7gsExQJ255ZOY="; }; - vendorSha256 = "sha256-kVD+TwU+tizNSXKIc7OqIJIA0nPOyfF9kVxBAYBzOKU="; + vendorSha256 = "sha256-QnmqhXfE/999i+idAZbREMzNi62164uq5nGKb1nauwk="; ldflags = [ "-s" "-w" "-X github.com/pulumi/crd2pulumi/gen.Version=${src.rev}" ]; diff --git a/pkgs/development/tools/database/prisma-engines/default.nix b/pkgs/development/tools/database/prisma-engines/default.nix index 984b94cdc10..19fa3f18d61 100644 --- a/pkgs/development/tools/database/prisma-engines/default.nix +++ b/pkgs/development/tools/database/prisma-engines/default.nix @@ -13,19 +13,19 @@ # function correctly. rustPlatform.buildRustPackage rec { pname = "prisma-engines"; - version = "4.4.0"; + version = "4.5.0"; src = fetchFromGitHub { owner = "prisma"; repo = "prisma-engines"; rev = version; - sha256 = "sha256-gk+psYNSC5Xy6R3aUF0E9TyJgJ78+EMvz/xnPgN3+RY="; + sha256 = "sha256-/5X1t9ZVGoZRFNTfsv663QWIBE1eME/KiPuyc+L4D10="; }; # Use system openssl. OPENSSL_NO_VENDOR = 1; - cargoSha256 = "sha256-BiQMoY2hd5q05YZBrTrHlKDtWlOkyfWjjNB/8F2+lXg="; + cargoSha256 = "sha256-tKdLTa/Tl98hDGtOPMxluIUgLoWkyOhnmGuxvq4AhfU="; nativeBuildInputs = [ pkg-config ]; diff --git a/pkgs/development/tools/okteto/default.nix b/pkgs/development/tools/okteto/default.nix index efd8a077855..c4a70272fad 100644 --- a/pkgs/development/tools/okteto/default.nix +++ b/pkgs/development/tools/okteto/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "okteto"; - version = "2.7.0"; + version = "2.8.0"; src = fetchFromGitHub { owner = "okteto"; repo = "okteto"; rev = version; - sha256 = "sha256-xAK2gxIMyiC3GEd4As5FrGQqa4f+FiQLZZs4VROSpgQ="; + sha256 = "sha256-7M/axnl6K3yrfNwdp3gkKE3c0m0zgDfW8FV7BixIxBM="; }; - vendorSha256 = "sha256-Na0t9uxmA7lIRTRp6I+eDHjUbo7YQzbMQfqDZd6T62k="; + vendorSha256 = "sha256-/oR8R0/GC6cgCqXinCRH5x93qgRPeQmxHgZZGshrDr4="; postPatch = '' # Disable some tests that need file system & network access. diff --git a/pkgs/development/tools/wails/default.nix b/pkgs/development/tools/wails/default.nix index 4dd88b1f0d7..36ef7748ea1 100644 --- a/pkgs/development/tools/wails/default.nix +++ b/pkgs/development/tools/wails/default.nix @@ -14,16 +14,16 @@ buildGoModule rec { pname = "wails"; - version = "2.0.0"; + version = "2.1.0"; src = fetchFromGitHub { owner = "wailsapp"; repo = pname; rev = "v${version}"; - sha256 = "sha256-mAHRjIi4/cC29NqTdUF9sMLyHhFANw+QBibk1ENo1BA="; + sha256 = "sha256-Vrd6RP/N5Lrh5Ocr2W03m41fJXVXLJZle4C6xeF/jxM="; } + "/v2"; - vendorSha256 = "sha256-Ufm7sUak31/PzR3UGlUKdcrzdX6NRhFEXqteaowmz9k="; + vendorSha256 = "sha256-jRW8SROt0CON17xZ+I3WiQow7yC1ly7pPHgbpEr1kW8="; proxyVendor = true; diff --git a/pkgs/servers/mail/postfix/default.nix b/pkgs/servers/mail/postfix/default.nix index 65e0041a01e..2f60ce54070 100644 --- a/pkgs/servers/mail/postfix/default.nix +++ b/pkgs/servers/mail/postfix/default.nix @@ -53,6 +53,9 @@ in stdenv.mkDerivation rec { url = "https://src.fedoraproject.org/rpms/postfix/raw/2f9d42453e67ebc43f786d98262a249037f80a77/f/postfix-3.6.2-glibc-234-build-fix.patch"; sha256 = "sha256-xRUL5gaoIt6HagGlhsGwvwrAfYvzMgydsltYMWvl9BI="; }) + + # linux-6 compatibility + ./linux-6.patch ]; postPatch = lib.optionalString (stdenv.hostPlatform != stdenv.buildPlatform) '' diff --git a/pkgs/servers/mail/postfix/linux-6.patch b/pkgs/servers/mail/postfix/linux-6.patch new file mode 100644 index 00000000000..ee9a3be740a --- /dev/null +++ b/pkgs/servers/mail/postfix/linux-6.patch @@ -0,0 +1,26 @@ +Extracted fix from postfix-3.8-20221006 snapshot: + https://github.com/vdukhovni/postfix/commit/b65530350fa4a7eee40946160fd80c3e1e0b63e5 +--- a/makedefs ++++ b/makedefs +@@ -627,7 +627,8 @@ EOF + : ${SHLIB_ENV="LD_LIBRARY_PATH=`pwd`/lib"} + : ${PLUGIN_LD="${CC-gcc} -shared"} + ;; +- Linux.[345].*) SYSTYPE=LINUX$RELEASE_MAJOR ++ Linux.[3456].*) ++ SYSTYPE=LINUX$RELEASE_MAJOR + case "$CCARGS" in + *-DNO_DB*) ;; + *-DHAS_DB*) ;; +--- a/src/util/sys_defs.h ++++ b/src/util/sys_defs.h +@@ -751,7 +751,8 @@ extern int initgroups(const char *, int); + /* + * LINUX. + */ +-#if defined(LINUX2) || defined(LINUX3) || defined(LINUX4) || defined(LINUX5) ++#if defined(LINUX2) || defined(LINUX3) || defined(LINUX4) || defined(LINUX5) \ ++ || defined(LINUX6) + #define SUPPORTED + #define UINT32_TYPE unsigned int + #define UINT16_TYPE unsigned short diff --git a/pkgs/tools/networking/libreswan/default.nix b/pkgs/tools/networking/libreswan/default.nix index 01ac1af23ef..ab3249e57a8 100644 --- a/pkgs/tools/networking/libreswan/default.nix +++ b/pkgs/tools/networking/libreswan/default.nix @@ -45,11 +45,11 @@ in stdenv.mkDerivation rec { pname = "libreswan"; - version = "4.8"; + version = "4.9"; src = fetchurl { url = "https://download.libreswan.org/${pname}-${version}.tar.gz"; - sha256 = "sha256-gEy5EX1/tBGYE7FVrJF+NFZY41ehOBim9t/Oikch4gs="; + sha256 = "sha256-9kLctjXpCVZMqP2Z6kSrQ/YHI7TXbBWO2BKXjEWzmLk="; }; strictDeps = true; diff --git a/pkgs/tools/networking/yggdrasil/default.nix b/pkgs/tools/networking/yggdrasil/default.nix index a45f4903df3..2fa0bda6812 100644 --- a/pkgs/tools/networking/yggdrasil/default.nix +++ b/pkgs/tools/networking/yggdrasil/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "yggdrasil"; - version = "0.4.4"; + version = "0.4.5"; src = fetchFromGitHub { owner = "yggdrasil-network"; repo = "yggdrasil-go"; rev = "v${version}"; - sha256 = "sha256-uJFBboV0DhZHEir4+2VdTGMqxZsahnFRgr9btdMlW2M="; + sha256 = "sha256-ehOvPFQtFgxVDOyF2MBbGO0IKwMWSb3aat+e+fJay1Q="; }; - vendorSha256 = "sha256-qeyXUTcII0hMrOWIvsjaOXv/tKWBoUrTkCimRC/RnUw="; + vendorSha256 = "sha256-u1VrlTvmB2KSnlxcdCyfxw0xAMd+AeN5g/a7JehUV9U="; # Change the default location of the management socket on Linux # systems so that the yggdrasil system service unit does not have to diff --git a/pkgs/tools/package-management/harmonia/default.nix b/pkgs/tools/package-management/harmonia/default.nix new file mode 100644 index 00000000000..93ed524c7b5 --- /dev/null +++ b/pkgs/tools/package-management/harmonia/default.nix @@ -0,0 +1,39 @@ +{ lib +, boost +, fetchFromGitHub +, libsodium +, nix +, pkg-config +, rustPlatform +}: + +rustPlatform.buildRustPackage rec { + pname = "harmonia"; + version = "0.2.0"; + + src = fetchFromGitHub { + owner = "helsinki-systems"; + repo = pname; + rev = "refs/tags/${pname}-v${version}"; + hash = "sha256-deqF6xDz3oCA1W8X8U1FD1gPYfxinZzpSuRKyaPDN/Y="; + }; + + cargoHash = "sha256-eur3tg2w2WTA+JkOwTLwQzDZX7QN2xV4K0FIn7JN/rM="; + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + boost + libsodium + nix + ]; + + meta = with lib; { + description = "Nix binary cache"; + homepage = "https://github.com/helsinki-systems/harmonia"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/tools/security/cie-middleware-linux/default.nix b/pkgs/tools/security/cie-middleware-linux/default.nix new file mode 100644 index 00000000000..30a0352db70 --- /dev/null +++ b/pkgs/tools/security/cie-middleware-linux/default.nix @@ -0,0 +1,173 @@ +{ stdenv +, lib +, fetchFromGitHub +, makeWrapper +, strip-nondeterminism +, meson +, ninja +, pkg-config +, gradle +, curl +, cryptopp +, fontconfig +, jre +, libxml2 +, openssl +, pcsclite +, podofo +, ghostscript +}: + +let + pname = "cie-middleware-linux"; + version = "1.4.3.3"; + + src = fetchFromGitHub { + owner = "M0rf30"; + repo = pname; + # use the podofo-vanilla branch + rev = "531acc54609eaeccbdd4ef881d7d7e7e0fe0af17"; + sha256 = "sha256-hUpEkiEQu0R+aCo4bfZfVLLib0o6v2RQJVIte3n+IAk="; + }; + + # Shared libraries needed by the Java application + libraries = lib.makeLibraryPath [ ghostscript ]; + + # Fixed-output derivation that fetches the Java dependencies + javaDeps = stdenv.mkDerivation { + pname = "cie-java-deps"; + inherit src version; + + nativeBuildInputs = [ gradle ]; + + buildPhase = '' + # Run the fetchDeps task + export GRADLE_USER_HOME=$(mktemp -d) + gradle --no-daemon -b cie-java/build.gradle fetchDeps + ''; + + installPhase = '' + # Build a tree compatible with the maven repository format + pushd "$GRADLE_USER_HOME/caches/modules-2/files-2.1" + find -type f | awk -F/ -v OFS=/ -v out="$out" '{ + infile = $0 + gsub(/\./, "/", $2) + system("install -m644 -D "infile" "out"/"$2"/"$3"/"$4"/"$6) + }' + popd + ''; + + outputHashAlgo = "sha256"; + outputHashMode = "recursive"; + outputHash = "sha256-gsb4aH/au7IDh1PX/qY+8o7CmjKJUHpmEa0vYhbAnP0="; + }; + +in + +stdenv.mkDerivation { + inherit pname src version; + + hardeningDisable = [ "format" ]; + + outputs = [ "out" "dev" ]; + + nativeBuildInputs = [ + makeWrapper + meson + ninja + pkg-config + gradle + strip-nondeterminism + ]; + + buildInputs = [ + cryptopp + fontconfig + podofo + openssl + pcsclite + curl + libxml2 + ]; + + postPatch = '' + # substitute the cieid command with this $out/bin/cieid + substituteInPlace libs/pkcs11/src/CSP/AbilitaCIE.cpp \ + --replace 'file = "cieid"' 'file = "'$out'/bin/cieid"' + ''; + + # Note: we use pushd/popd to juggle between the + # libraries and the Java application builds. + preConfigure = "pushd libs"; + + postBuild = '' + popd + + # Use the packages in javaDeps for both plugins and dependencies + localRepo="maven { url uri('${javaDeps}') }" + sed -i cie-java/settings.gradle -e "1i \ + pluginManagement { repositories { $localRepo } }" + substituteInPlace cie-java/build.gradle \ + --replace 'mavenCentral()' "$localRepo" + + # Build the Java application + export GRADLE_USER_HOME=$(mktemp -d) + gradle standalone \ + --no-daemon \ + --offline \ + --parallel \ + --info -Dorg.gradle.java.home=${jre} \ + --build-file cie-java/build.gradle + + pushd libs/build + ''; + + postInstall = '' + popd + + # Install the Java application + install -Dm755 cie-java/build/libs/CIEID-standalone.jar \ + "$out/share/cieid/cieid.jar" + + # Create a wrapper + mkdir -p "$out/bin" + makeWrapper "${jre}/bin/java" "$out/bin/cieid" \ + --add-flags "-Djna.library.path='$out/lib:${libraries}'" \ + --add-flags '-Dawt.useSystemAAFontSettings=on' \ + --add-flags "-cp $out/share/cieid/cieid.jar" \ + --add-flags "it.ipzs.cieid.MainApplication" + + # Install other files + install -Dm644 data/cieid.desktop "$out/share/applications/cieid.desktop" + install -Dm755 data/logo.png "$out/share/pixmaps/cieid.png" + install -Dm644 LICENSE "$out/share/licenses/cieid/LICENSE" + ''; + + postFixup = '' + # Move static libraries to the dev output + mv -t "$dev/lib" "$out/lib/"*.a + + # Make the jar deterministic (mainly, sorting its files) + strip-nondeterminism "$out/share/cieid/cieid.jar" + ''; + + passthru = { inherit javaDeps; }; + + meta = with lib; { + homepage = "https://github.com/M0Rf30/cie-middleware-linux"; + description = "Middleware for the Italian Electronic Identity Card (CIE)"; + longDescription = '' + Software for the usage of the Italian Electronic Identity Card (CIE). + Access to PA services, signing and verification of documents + + Warning: this is an unofficial fork because the original software, as + distributed by the Italian government, is essentially lacking a build + system and is in violation of the license of the PoDoFo library. + ''; + license = licenses.bsd3; + platforms = platforms.unix; + # Note: fails due to a lot of broken type conversions + badPlatforms = platforms.darwin; + maintainers = with maintainers; [ rnhmjoj ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index be5d4bfbe5d..0b46c1f4535 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -260,6 +260,8 @@ with pkgs; inherit (darwin.apple_sdk.frameworks) Security SystemConfiguration; }; + cve = with python3Packages; toPythonApplication cvelib; + fiche = callPackage ../servers/fiche { }; fishnet = callPackage ../servers/fishnet { }; @@ -1279,6 +1281,8 @@ with pkgs; bikeshed = python3Packages.callPackage ../applications/misc/bikeshed { }; + cie-middleware-linux = callPackage ../tools/security/cie-middleware-linux { }; + cidrgrep = callPackage ../tools/text/cidrgrep { }; cope = callPackage ../tools/misc/cope { }; @@ -7621,6 +7625,8 @@ with pkgs; hardinfo = callPackage ../tools/system/hardinfo { }; + harmonia = callPackage ../tools/package-management/harmonia { }; + hcl2json = callPackage ../applications/misc/hcl2json { }; hcxtools = callPackage ../tools/security/hcxtools { }; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 3bf9687b824..a762cf9cc6c 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -2189,6 +2189,8 @@ in { curve25519-donna = callPackage ../development/python-modules/curve25519-donna { }; + cvelib = callPackage ../development/python-modules/cvelib { }; + cvxopt = callPackage ../development/python-modules/cvxopt { }; cvxpy = callPackage ../development/python-modules/cvxpy { };