diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index b2584681b84d..696a451e4d0f 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -49,11 +49,16 @@ /pkgs/build-support/writers @lassulus @Profpatsch # Nixpkgs documentation -/doc @fricklerhandwerk /maintainers/scripts/db-to-md.sh @jtojnar @ryantm /maintainers/scripts/doc @jtojnar @ryantm + +/doc/* @fricklerhandwerk /doc/build-aux/pandoc-filters @jtojnar -/doc/contributing/contributing-to-documentation.chapter.md @jtojnar +/doc/builders/trivial-builders.chapter.md @fricklerhandwerk +/doc/contributing/ @fricklerhandwerk +/doc/contributing/contributing-to-documentation.chapter.md @jtojnar @fricklerhandwerk +/doc/stdenv @fricklerhandwerk +/doc/using @fricklerhandwerk # NixOS Internals /nixos/default.nix @nbp @infinisil diff --git a/.github/ISSUE_TEMPLATE/unreproducible_package.md b/.github/ISSUE_TEMPLATE/unreproducible_package.md new file mode 100644 index 000000000000..749976dfbecd --- /dev/null +++ b/.github/ISSUE_TEMPLATE/unreproducible_package.md @@ -0,0 +1,31 @@ +--- +name: Unreproducible package +about: A package that does not produce a bit-by-bit reproducible result each time it is built +title: '' +labels: '0.kind: enhancement', '6.topic: reproducible builds' +assignees: '' + +--- + +Building this package twice does not produce the bit-by-bit identical result each time, making it harder to detect CI breaches. You can read more about this at https://reproducible-builds.org/ . + +Fixing bit-by-bit reproducibility also has additional advantages, such as avoiding hard-to-reproduce bugs, making content-addressed storage more effective and reducing rebuilds in such systems. + +### Steps To Reproduce + +``` +nix-build '' -A ... --check --keep-failed +``` + +You can use `diffoscope` to analyze the differences in the output of the two builds. + +To view the build log of the build that produced the artifact in the binary cache: + +``` +nix-store --read-log $(nix-instantiate '' -A ...) +``` + +### Additional context + +(please share the relevant fragment of the diffoscope output here, +and any additional analysis you may have done) diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index e5cef2bf4fe9..843ebdadcc38 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -11791,6 +11791,12 @@ githubId = 12312980; name = "Robbin C."; }; + robbins = { + email = "nejrobbins@gmail.com"; + github = "robbins"; + githubId = 31457698; + name = "Nathanael Robbins"; + }; roberth = { email = "nixpkgs@roberthensing.nl"; matrix = "@roberthensing:matrix.org"; diff --git a/nixos/modules/security/pam.nix b/nixos/modules/security/pam.nix index 412c5a433601..21e1749d8503 100644 --- a/nixos/modules/security/pam.nix +++ b/nixos/modules/security/pam.nix @@ -544,6 +544,7 @@ let # We use try_first_pass the second time to avoid prompting password twice (optionalString (cfg.unixAuth && (config.security.pam.enableEcryptfs + || config.security.pam.enableFscrypt || cfg.pamMount || cfg.enableKwallet || cfg.enableGnomeKeyring @@ -558,6 +559,9 @@ let optionalString config.security.pam.enableEcryptfs '' auth optional ${pkgs.ecryptfs}/lib/security/pam_ecryptfs.so unwrap '' + + optionalString config.security.pam.enableFscrypt '' + auth optional ${pkgs.fscrypt-experimental}/lib/security/pam_fscrypt.so + '' + optionalString cfg.pamMount '' auth optional ${pkgs.pam_mount}/lib/security/pam_mount.so disable_interactive '' + @@ -606,6 +610,9 @@ let optionalString config.security.pam.enableEcryptfs '' password optional ${pkgs.ecryptfs}/lib/security/pam_ecryptfs.so '' + + optionalString config.security.pam.enableFscrypt '' + password optional ${pkgs.fscrypt-experimental}/lib/security/pam_fscrypt.so + '' + optionalString cfg.pamMount '' password optional ${pkgs.pam_mount}/lib/security/pam_mount.so '' + @@ -652,6 +659,14 @@ let optionalString config.security.pam.enableEcryptfs '' session optional ${pkgs.ecryptfs}/lib/security/pam_ecryptfs.so '' + + optionalString config.security.pam.enableFscrypt '' + # Work around https://github.com/systemd/systemd/issues/8598 + # Skips the pam_fscrypt module for systemd-user sessions which do not have a password + # anyways. + # See also https://github.com/google/fscrypt/issues/95 + session [success=1 default=ignore] pam_succeed_if.so service = systemd-user + session optional ${pkgs.fscrypt-experimental}/lib/security/pam_fscrypt.so + '' + optionalString cfg.pamMount '' session optional ${pkgs.pam_mount}/lib/security/pam_mount.so disable_interactive '' + @@ -1168,6 +1183,14 @@ in }; security.pam.enableEcryptfs = mkEnableOption (lib.mdDoc "eCryptfs PAM module (mounting ecryptfs home directory on login)"); + security.pam.enableFscrypt = mkEnableOption (lib.mdDoc '' + Enables fscrypt to automatically unlock directories with the user's login password. + + This also enables a service at security.pam.services.fscrypt which is used by + fscrypt to verify the user's password when setting up a new protector. If you + use something other than pam_unix to verify user passwords, please remember to + adjust this PAM service. + ''); users.motd = mkOption { default = null; @@ -1192,6 +1215,7 @@ in ++ optionals config.security.pam.enableOTPW [ pkgs.otpw ] ++ optionals config.security.pam.oath.enable [ pkgs.oath-toolkit ] ++ optionals config.security.pam.p11.enable [ pkgs.pam_p11 ] + ++ optionals config.security.pam.enableFscrypt [ pkgs.fscrypt-experimental ] ++ optionals config.security.pam.u2f.enable [ pkgs.pam_u2f ]; boot.supportedFilesystems = optionals config.security.pam.enableEcryptfs [ "ecryptfs" ]; @@ -1233,6 +1257,9 @@ in it complains "Cannot create session: Already running in a session". */ runuser-l = { rootOK = true; unixAuth = false; }; + } // optionalAttrs (config.security.pam.enableFscrypt) { + # Allow fscrypt to verify login passphrase + fscrypt = {}; }; security.apparmor.includes."abstractions/pam" = let @@ -1297,6 +1324,9 @@ in optionalString config.security.pam.enableEcryptfs '' mr ${pkgs.ecryptfs}/lib/security/pam_ecryptfs.so, '' + + optionalString config.security.pam.enableFscrypt '' + mr ${pkgs.fscrypt-experimental}/lib/security/pam_fscrypt.so, + '' + optionalString (isEnabled (cfg: cfg.pamMount)) '' mr ${pkgs.pam_mount}/lib/security/pam_mount.so, '' + diff --git a/nixos/modules/virtualisation/libvirtd.nix b/nixos/modules/virtualisation/libvirtd.nix index be6ebb3eacc9..3b30bc8c4165 100644 --- a/nixos/modules/virtualisation/libvirtd.nix +++ b/nixos/modules/virtualisation/libvirtd.nix @@ -336,6 +336,7 @@ in }; systemd.services.libvirtd = { + wantedBy = [ "multi-user.target" ]; requires = [ "libvirtd-config.service" ]; after = [ "libvirtd-config.service" ] ++ optional vswitch.enable "ovs-vswitchd.service"; diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index c7aa9ed78ba4..bd0fe18c4f8c 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -179,6 +179,7 @@ in { ec2-config = (handleTestOn ["x86_64-linux"] ./ec2.nix {}).boot-ec2-config or {}; ec2-nixops = (handleTestOn ["x86_64-linux"] ./ec2.nix {}).boot-ec2-nixops or {}; ecryptfs = handleTest ./ecryptfs.nix {}; + fscrypt = handleTest ./fscrypt.nix {}; ejabberd = handleTest ./xmpp/ejabberd.nix {}; elk = handleTestOn ["x86_64-linux"] ./elk.nix {}; emacs-daemon = handleTest ./emacs-daemon.nix {}; diff --git a/nixos/tests/fscrypt.nix b/nixos/tests/fscrypt.nix new file mode 100644 index 000000000000..03367979359b --- /dev/null +++ b/nixos/tests/fscrypt.nix @@ -0,0 +1,50 @@ +import ./make-test-python.nix ({ ... }: +{ + name = "fscrypt"; + + nodes.machine = { pkgs, ... }: { + imports = [ ./common/user-account.nix ]; + security.pam.enableFscrypt = true; + }; + + testScript = '' + def login_as_alice(): + machine.wait_until_tty_matches("1", "login: ") + machine.send_chars("alice\n") + machine.wait_until_tty_matches("1", "Password: ") + machine.send_chars("foobar\n") + machine.wait_until_tty_matches("1", "alice\@machine") + + + def logout(): + machine.send_chars("logout\n") + machine.wait_until_tty_matches("1", "login: ") + + + machine.wait_for_unit("default.target") + + with subtest("Enable fscrypt on filesystem"): + machine.succeed("tune2fs -O encrypt /dev/vda") + machine.succeed("fscrypt setup --quiet --force --time=1ms") + + with subtest("Set up alice with an fscrypt-enabled home directory"): + machine.succeed("(echo foobar; echo foobar) | passwd alice") + machine.succeed("chown -R alice.users ~alice") + machine.succeed("echo foobar | fscrypt encrypt --skip-unlock --source=pam_passphrase --user=alice /home/alice") + + with subtest("Create file as alice"): + login_as_alice() + machine.succeed("echo hello > /home/alice/world") + logout() + # Wait for logout to be processed + machine.sleep(1) + + with subtest("File should not be readable without being logged in as alice"): + machine.fail("cat /home/alice/world") + + with subtest("File should be readable again as alice"): + login_as_alice() + machine.succeed("cat /home/alice/world") + logout() + ''; +}) diff --git a/nixos/tests/libvirtd.nix b/nixos/tests/libvirtd.nix index ce122682da73..49258fcb93ea 100644 --- a/nixos/tests/libvirtd.nix +++ b/nixos/tests/libvirtd.nix @@ -26,7 +26,7 @@ import ./make-test-python.nix ({ pkgs, ... }: { in '' start_all() - virthost.wait_for_unit("sockets.target") + virthost.wait_for_unit("multi-user.target") with subtest("enable default network"): virthost.succeed("virsh net-start default") @@ -46,13 +46,16 @@ import ./make-test-python.nix ({ pkgs, ... }: { virthost.succeed("virsh pool-start zfs_storagepool") virthost.succeed("virsh vol-create-as zfs_storagepool disk1 25MB") - with subtest("check if nixos install iso boots and network works"): + with subtest("check if nixos install iso boots, network and autostart works"): virthost.succeed( - "virt-install -n nixos --osinfo=nixos-unstable --ram=1024 --graphics=none --disk=`find ${nixosInstallISO}/iso -type f | head -n1`,readonly=on --import --noautoconsole" + "virt-install -n nixos --osinfo nixos-unstable --memory 1024 --graphics none --disk `find ${nixosInstallISO}/iso -type f | head -n1`,readonly=on --import --noautoconsole --autostart" ) virthost.succeed("virsh domstate nixos | grep running") virthost.wait_until_succeeds("ping -c 1 nixos") virthost.succeed("virsh ${virshShutdownCmd} nixos") virthost.wait_until_succeeds("virsh domstate nixos | grep 'shut off'") + virthost.shutdown() + virthost.wait_for_unit("multi-user.target") + virthost.wait_until_succeeds("ping -c 1 nixos") ''; }) diff --git a/pkgs/applications/audio/pulseeffects-legacy/default.nix b/pkgs/applications/audio/pulseeffects-legacy/default.nix index 2a775369d26a..53d2a998fbe2 100644 --- a/pkgs/applications/audio/pulseeffects-legacy/default.nix +++ b/pkgs/applications/audio/pulseeffects-legacy/default.nix @@ -45,13 +45,13 @@ let ]; in stdenv.mkDerivation rec { pname = "pulseeffects"; - version = "4.8.4"; + version = "4.8.7"; src = fetchFromGitHub { owner = "wwmm"; repo = "pulseeffects"; rev = "v${version}"; - sha256 = "19sndxvszafbd1l2033g2irpx2jrwi5bpbx8r35047wi0z7djiag"; + sha256 = "sha256-ldvcA8aTHOgaascH6MF4CzmJ8I2rYOiR0eAkCZzvK/M="; }; nativeBuildInputs = [ diff --git a/pkgs/applications/editors/emacs/generic.nix b/pkgs/applications/editors/emacs/generic.nix index 91110c48a74b..21d286ff3a2c 100644 --- a/pkgs/applications/editors/emacs/generic.nix +++ b/pkgs/applications/editors/emacs/generic.nix @@ -20,7 +20,6 @@ , AppKit, Carbon, Cocoa, IOKit, OSAKit, Quartz, QuartzCore, WebKit , ImageCaptureCore, GSS, ImageIO # These may be optional -, systemd ? null , withX ? !stdenv.isDarwin && !withPgtk , withNS ? stdenv.isDarwin && !withMacport , withMacport ? macportVersion != null @@ -45,6 +44,7 @@ else if withMotif then "motif" else if withAthena then "athena" else "lucid") +, withSystemd ? stdenv.isLinux, systemd }: assert (libXft != null) -> libpng != null; # probably a bug @@ -141,7 +141,8 @@ let emacs = (if withMacport then llvmPackages_6.stdenv else stdenv).mkDerivation buildInputs = [ ncurses gconf libxml2 gnutls gettext jansson harfbuzz.dev ] - ++ lib.optionals stdenv.isLinux [ dbus libselinux systemd alsa-lib acl gpm ] + ++ lib.optionals stdenv.isLinux [ dbus libselinux alsa-lib acl gpm ] + ++ lib.optionals withSystemd [ systemd ] ++ lib.optionals withX [ xlibsWrapper libXaw Xaw3d libXpm libpng libjpeg giflib libtiff libXft gconf cairo ] diff --git a/pkgs/applications/misc/1password-gui/default.nix b/pkgs/applications/misc/1password-gui/default.nix index 7f8cc200a968..e6cf00d669de 100644 --- a/pkgs/applications/misc/1password-gui/default.nix +++ b/pkgs/applications/misc/1password-gui/default.nix @@ -9,43 +9,43 @@ let pname = "1password"; - version = if channel == "stable" then "8.9.4" else "8.9.6-30.BETA"; + version = if channel == "stable" then "8.9.8" else "8.9.10-1.BETA"; sources = { stable = { x86_64-linux = { url = "https://downloads.1password.com/linux/tar/stable/x86_64/1password-${version}.x64.tar.gz"; - sha256 = "sha256-Smq0gOGfBTjIOMwF1AI+TJwXaIiTi/YP9mGIqcjsCNQ="; + sha256 = "sha256-s5GFGsSelnvqdoEgCzU88BG0dc4bUG4IX3fbeciIPIk="; }; aarch64-linux = { url = "https://downloads.1password.com/linux/tar/stable/aarch64/1password-${version}.arm64.tar.gz"; - sha256 = "sha256-SJDUfAFEwYnOR+y/6Dg2S/CkA84QogoRpMXOPP5PyrM="; + sha256 = "sha256-wNF9jwHTxuojFQ+s05jhb7dFihE/36cadaBONqrMYF0="; }; x86_64-darwin = { url = "https://downloads.1password.com/mac/1Password-${version}-x86_64.zip"; - sha256 = "sha256-+2FQQ5FiB0N30JM/Mtnfa04K2XZaf3r/W1+i8VKNslA="; + sha256 = "sha256-Ok0M6jPZ513iTE646PDPu+dK6Y3b/J8oejJQQkQMS2w="; }; aarch64-darwin = { url = "https://downloads.1password.com/mac/1Password-${version}-aarch64.zip"; - sha256 = "sha256-nhocEwtr6cMSSStPa7S+g8SwPStJVWPblA3HbqJ8q6Q="; + sha256 = "sha256-zocY/0IgiGwuY/ZrMbip34HoRp90ATWRpfAIRhyH9M8="; }; }; beta = { x86_64-linux = { url = "https://downloads.1password.com/linux/tar/beta/x86_64/1password-${version}.x64.tar.gz"; - sha256 = "sha256-xBfpBkYff1X26Iu0Ee03lIiR6UdJOiaG+kZMVotG0Hc="; + sha256 = "sha256-fW+9mko1OZ5zlTnbZucOjvjus8KVZA4Mcga/4HJyJL4="; }; aarch64-linux = { url = "https://downloads.1password.com/linux/tar/beta/aarch64/1password-${version}.arm64.tar.gz"; - sha256 = "0j0v90i78y1m77gpn65iyjdy1xslv1mar1ihxj9jzcmva0nmdmra"; + sha256 = "sha256-jczDhKMCEHjE5yXr5jczSalGa4pVFs7V8BcIhueT88M="; }; x86_64-darwin = { url = "https://downloads.1password.com/mac/1Password-${version}-x86_64.zip"; - sha256 = "sha256-PNlEBFoIGYkDR4TzbudsqAE5vjbiVHTNL7XoflN+mUY="; + sha256 = "sha256-apgXMoZ7yNtUgf6efuSjAK6TGFR230FMK4j95OoXgwQ="; }; aarch64-darwin = { url = "https://downloads.1password.com/mac/1Password-${version}-aarch64.zip"; - sha256 = "sha256-PYS0N4VeUjNhCncSDXvpyLuHlpv4nn35aJTPANdMXwk="; + sha256 = "sha256-tdGu648joHu5E8ECU1TpkxgfU6ZMHlJAy+VcNDtIscA="; }; }; }; diff --git a/pkgs/applications/misc/joplin-desktop/default.nix b/pkgs/applications/misc/joplin-desktop/default.nix index 47a0fcbebde4..d712712908f0 100644 --- a/pkgs/applications/misc/joplin-desktop/default.nix +++ b/pkgs/applications/misc/joplin-desktop/default.nix @@ -55,7 +55,7 @@ let install -Dm444 ${appimageContents}/@joplinapp-desktop.png -t $out/share/pixmaps substituteInPlace $out/share/applications/@joplinapp-desktop.desktop \ --replace 'Exec=AppRun' 'Exec=${pname}' \ - --replace 'Icon=joplin' "Icon=$out/share/pixmaps/@joplinapp-desktop.png" + --replace 'Icon=joplin' "Icon=@joplinapp-desktop" ''; }; diff --git a/pkgs/applications/misc/survex/default.nix b/pkgs/applications/misc/survex/default.nix index 0dd5afd3edb4..b23cd02220b2 100644 --- a/pkgs/applications/misc/survex/default.nix +++ b/pkgs/applications/misc/survex/default.nix @@ -7,6 +7,8 @@ , ffmpeg , glib , libGLU +, libICE +, libX11 , mesa , perl , pkg-config @@ -14,7 +16,6 @@ , python3 , wrapGAppsHook , wxGTK32 -, xlibsWrapper }: stdenv.mkDerivation rec { @@ -52,7 +53,8 @@ stdenv.mkDerivation rec { Carbon Cocoa ] ++ lib.optionals stdenv.hostPlatform.isLinux [ - xlibsWrapper + libICE + libX11 ]; postPatch = '' diff --git a/pkgs/applications/misc/syncthingtray/default.nix b/pkgs/applications/misc/syncthingtray/default.nix index 0b5723fdcb3f..e96cbb418b40 100644 --- a/pkgs/applications/misc/syncthingtray/default.nix +++ b/pkgs/applications/misc/syncthingtray/default.nix @@ -1,6 +1,7 @@ { mkDerivation , lib , fetchFromGitHub +, substituteAll , qtbase , qtwebengine , qtdeclarative @@ -31,6 +32,17 @@ mkDerivation rec { sha256 = "sha256-uhVRO9aiYJbUmwDp1+LIYF3wNBbVduVpTtVzaS0oUMU="; }; + patches = [ + # Fix Exec= path in runtime-generated + # ~/.config/autostart/syncthingtray.desktop file - this is required because + # we are wrapping the executable. We can't use `substituteAll` because we + # can't use `${placeholder "out"}` because that will produce the $out of + # the patch derivation itself, and not of syncthing's "out" placeholder. + # Hence we use a C definition with NIX_CFLAGS_COMPILE + ./use-nix-path-in-autostart.patch + ]; + NIX_CFLAGS_COMPILE = "-DEXEC_NIX_PATH=\"${placeholder "out"}/bin/syncthingtray\""; + buildInputs = [ qtbase cpp-utilities diff --git a/pkgs/applications/misc/syncthingtray/use-nix-path-in-autostart.patch b/pkgs/applications/misc/syncthingtray/use-nix-path-in-autostart.patch new file mode 100644 index 000000000000..a0907496ff9a --- /dev/null +++ b/pkgs/applications/misc/syncthingtray/use-nix-path-in-autostart.patch @@ -0,0 +1,13 @@ +diff --git i/widgets/settings/settingsdialog.cpp w/widgets/settings/settingsdialog.cpp +index 4deff1f..16845b5 100644 +--- i/widgets/settings/settingsdialog.cpp ++++ w/widgets/settings/settingsdialog.cpp +@@ -802,7 +802,7 @@ bool setAutostartEnabled(bool enabled) + desktopFile.write("[Desktop Entry]\n" + "Name=" APP_NAME "\n" + "Exec=\""); +- desktopFile.write(qEnvironmentVariable("APPIMAGE", QCoreApplication::applicationFilePath()).toUtf8().data()); ++ desktopFile.write(qEnvironmentVariable("APPIMAGE", EXEC_NIX_PATH).toUtf8().data()); + desktopFile.write("\" qt-widgets-gui --single-instance\nComment=" APP_DESCRIPTION "\n" + "Icon=" PROJECT_NAME "\n" + "Type=Application\n" diff --git a/pkgs/applications/video/obs-studio/plugins/default.nix b/pkgs/applications/video/obs-studio/plugins/default.nix index 3f6a5f8d987d..d1a3cc988a50 100644 --- a/pkgs/applications/video/obs-studio/plugins/default.nix +++ b/pkgs/applications/video/obs-studio/plugins/default.nix @@ -26,6 +26,8 @@ obs-pipewire-audio-capture = callPackage ./obs-pipewire-audio-capture.nix { }; + obs-source-record = callPackage ./obs-source-record.nix { }; + obs-vkcapture = callPackage ./obs-vkcapture.nix { obs-vkcapture32 = pkgsi686Linux.obs-studio-plugins.obs-vkcapture; }; diff --git a/pkgs/applications/video/obs-studio/plugins/obs-source-record.nix b/pkgs/applications/video/obs-studio/plugins/obs-source-record.nix new file mode 100644 index 000000000000..29dcb533915c --- /dev/null +++ b/pkgs/applications/video/obs-studio/plugins/obs-source-record.nix @@ -0,0 +1,34 @@ +{ lib, stdenv, fetchFromGitHub, cmake, obs-studio }: + +stdenv.mkDerivation rec { + pname = "obs-source-record"; + version = "unstable-2022-11-10"; + + src = fetchFromGitHub { + owner = "exeldro"; + repo = "obs-source-record"; + rev = "4a543d3577d56a27f5f2b9aa541a466b37dafde0"; + sha256 = "sha256-LoMgrWZ7r6lu2fisNvqrAiFvxWQQDE6lSxUHkMB/ZPY="; + }; + + nativeBuildInputs = [ cmake ]; + buildInputs = [ + obs-studio + ]; + + cmakeFlags = [ + "-DBUILD_OUT_OF_TREE=On" + ]; + + postInstall = '' + rm -rf $out/{data,obs-plugins} + ''; + + meta = with lib; { + description = "OBS Studio plugin to make sources available to record via a filter"; + homepage = "https://github.com/exeldro/obs-source-record"; + maintainers = with maintainers; [ robbins ]; + license = licenses.gpl2Only; + platforms = [ "x86_64-linux" ]; + }; +} diff --git a/pkgs/development/python-modules/asyncserial/default.nix b/pkgs/development/python-modules/asyncserial/default.nix new file mode 100644 index 000000000000..34ab492b9ae8 --- /dev/null +++ b/pkgs/development/python-modules/asyncserial/default.nix @@ -0,0 +1,30 @@ +{ lib +, buildPythonPackage +, fetchFromGitHub +, pyserial +}: + +buildPythonPackage rec { + pname = "asyncserial"; + version = "unstable-2022-06-10"; + + src = fetchFromGitHub { + owner = "m-labs"; + repo = "asyncserial"; + rev = "446559fec892a556876b17d17f182ae9647d5952"; + hash = "sha256-WExmgh55sTH2w7wV3i96J1F1FN7L5rX3L/Ayvt2Kw/g="; + }; + + propagatedBuildInputs = [ + pyserial + ]; + + pythonImportsCheck = [ "asyncserial" ]; + + meta = with lib; { + description = "asyncio support for pyserial"; + homepage = "https://github.com/m-labs/asyncserial"; + license = licenses.bsd2; + maintainers = with maintainers; [ doronbehar ]; + }; +} diff --git a/pkgs/development/python-modules/geometric/ase-is-optional.patch b/pkgs/development/python-modules/geometric/ase-is-optional.patch new file mode 100644 index 000000000000..911867c35457 --- /dev/null +++ b/pkgs/development/python-modules/geometric/ase-is-optional.patch @@ -0,0 +1,50 @@ +From aff6e4411980ac9cbe112a050c3a34ba7e305a43 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Roberto=20Di=20Remigio=20Eik=C3=A5s?= + +Date: Fri, 11 Nov 2022 09:20:25 +0100 +Subject: [PATCH] Do not import ASE stuff at the top + +Since it is an optional add-on and it's not listed in the installation requirements. +--- + geometric/tests/test_ase_engine.py | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/geometric/tests/test_ase_engine.py b/geometric/tests/test_ase_engine.py +index 8750763..34239b5 100644 +--- a/geometric/tests/test_ase_engine.py ++++ b/geometric/tests/test_ase_engine.py +@@ -10,7 +10,6 @@ + - geometry optimisation w/ ASE internal calc + """ + import numpy as np +-from ase.calculators.lj import LennardJones + from pytest import fixture, raises + + from geometric.ase_engine import EngineASE +@@ -37,6 +36,8 @@ def molecule_h2o() -> Molecule: + + @using_ase + def test_construction(molecule_h2o): ++ from ase.calculators.lj import LennardJones ++ + lj_calc = LennardJones() + engine = EngineASE(molecule_h2o, lj_calc) + assert engine.calculator == lj_calc +@@ -44,6 +45,8 @@ def test_construction(molecule_h2o): + + @using_ase + def test_from_args(molecule_h2o): ++ from ase.calculators.lj import LennardJones ++ + lj_calc = LennardJones(sigma=1.4, epsilon=3.0) + + # create equivalent engines in two ways +@@ -68,6 +71,8 @@ def test_from_args(molecule_h2o): + + @using_ase + def test_from_string(molecule_h2o): ++ from ase.calculators.lj import LennardJones ++ + engine = EngineASE.from_calculator_string( + molecule_h2o, calculator_import="ase.calculators.lj.LennardJones" + ) diff --git a/pkgs/development/python-modules/geometric/default.nix b/pkgs/development/python-modules/geometric/default.nix index 89f1e73ed9af..775ace5f6b2c 100644 --- a/pkgs/development/python-modules/geometric/default.nix +++ b/pkgs/development/python-modules/geometric/default.nix @@ -1,19 +1,28 @@ -{ buildPythonPackage, lib, fetchFromGitHub -, networkx, numpy, scipy, six +{ buildPythonPackage +, lib +, fetchFromGitHub +, networkx +, numpy +, scipy +, six , pytestCheckHook }: buildPythonPackage rec { pname = "geometric"; - version = "0.9.7.2"; + version = "1.0"; src = fetchFromGitHub { owner = "leeping"; repo = "geomeTRIC"; rev = version; - hash = "sha256-QFpfY6tWqcda6AJT17YBEuwu/4DYPbIMJU1c9/gHjaA="; + hash = "sha256-y8dh4vZ/d1KL1EpDrle8CH/KIDMCKKZdAyJVgUFjx/o="; }; + patches = [ + ./ase-is-optional.patch + ]; + propagatedBuildInputs = [ networkx numpy @@ -21,6 +30,10 @@ buildPythonPackage rec { six ]; + preCheck = '' + export OMP_NUM_THREADS=2 + ''; + checkInputs = [ pytestCheckHook ]; meta = with lib; { diff --git a/pkgs/development/python-modules/migen/default.nix b/pkgs/development/python-modules/migen/default.nix index 41396e1c623b..0bbecefff967 100644 --- a/pkgs/development/python-modules/migen/default.nix +++ b/pkgs/development/python-modules/migen/default.nix @@ -7,14 +7,13 @@ buildPythonPackage rec { pname = "migen"; - version = "unstable-2021-09-14"; - disabled = pythonOlder "3.3"; + version = "unstable-2022-09-02"; src = fetchFromGitHub { owner = "m-labs"; repo = "migen"; - rev = "a5bc262560238f93ceaad423820eb06843326274"; - sha256 = "32UjaIam/B7Gx6XbPcR067LcXfokJH2mATG9mU38a6o="; + rev = "639e66f4f453438e83d86dc13491b9403bbd8ec6"; + hash = "sha256-IPyhoFZLhY8d3jHB8jyvGdbey7V+X5eCzBZYSrJ18ec="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/misoc/default.nix b/pkgs/development/python-modules/misoc/default.nix new file mode 100644 index 000000000000..447bde58c328 --- /dev/null +++ b/pkgs/development/python-modules/misoc/default.nix @@ -0,0 +1,41 @@ +{ lib +, buildPythonPackage +, fetchFromGitHub +, pyserial +, asyncserial +, jinja2 +, migen +, numpy +}: + +buildPythonPackage rec { + pname = "misoc"; + version = "unstable-2022-10-08"; + + src = fetchFromGitHub { + owner = "m-labs"; + repo = "misoc"; + rev = "6a7c670ab6120b8136f652c41d907eb0fb16ed54"; + hash = "sha256-dLDp0xg5y5b443hD7vbJFobHxbhtnj68RdZnQ7ckgp4="; + }; + + propagatedBuildInputs = [ + pyserial + asyncserial + jinja2 + migen + ]; + + checkInputs = [ + numpy + ]; + + pythonImportsCheck = [ "misoc" ]; + + meta = with lib; { + description = "The original high performance and small footprint system-on-chip based on Migen"; + homepage = "https://github.com/m-labs/misoc"; + license = licenses.bsd2; + maintainers = with maintainers; [ doronbehar ]; + }; +} diff --git a/pkgs/development/python-modules/myhdl/default.nix b/pkgs/development/python-modules/myhdl/default.nix new file mode 100644 index 000000000000..77e793266e70 --- /dev/null +++ b/pkgs/development/python-modules/myhdl/default.nix @@ -0,0 +1,49 @@ +{ lib +, fetchFromGitHub +, buildPythonPackage +, verilog +, ghdl +, pytest +, pytest-xdist +}: + +buildPythonPackage rec { + pname = "myhdl"; + # The stable version is from 2019 and it doesn't pass tests + version = "unstable-2022-04-26"; + # The pypi src doesn't contain the ci script used in checkPhase + src = fetchFromGitHub { + owner = "myhdl"; + repo = "myhdl"; + rev = "1a4f5cd4e9de2e7bbf1053c3c2bc9526b5cc524a"; + hash = "sha256-Tgoem88Y6AhlCKVhMm0Khg6GPcrEktYOqV8xcMaNkl4="; + }; + + checkInputs = [ + pytest + pytest-xdist + verilog + ghdl + ]; + passthru = { + # If using myhdl as a dependency, use these if needed and not ghdl and + # verlog from all-packages.nix + inherit ghdl verilog; + }; + checkPhase = '' + runHook preCheck + + for target in {core,iverilog,ghdl}; do + env CI_TARGET="$target" bash ./scripts/ci.sh + done; + + runHook postCheck + ''; + + meta = with lib; { + description = "A free, open-source package for using Python as a hardware description and verification language."; + homepage = "http://www.myhdl.org/"; + license = licenses.lgpl21; + maintainers = with maintainers; [ doronbehar ]; + }; +} diff --git a/pkgs/development/python-modules/pylpsd/default.nix b/pkgs/development/python-modules/pylpsd/default.nix new file mode 100644 index 000000000000..b74a7e65aa15 --- /dev/null +++ b/pkgs/development/python-modules/pylpsd/default.nix @@ -0,0 +1,33 @@ +{ lib +, fetchPypi +, buildPythonPackage +, numpy +, scipy +}: + +buildPythonPackage rec { + pname = "pylpsd"; + version = "0.1.4"; + src = fetchPypi { + inherit pname version; + hash = "sha256-evPL9vF75S8ATkFwzQjh4pLI/aXGXWwoypCb24nXAN8="; + }; + + # Tests fail and there are none + doCheck = false; + pythonImportsCheck = [ + "pylpsd" + ]; + + propagatedBuildInputs = [ + numpy + scipy + ]; + + meta = with lib; { + description = "Python implementation of the LPSD algorithm for computing power spectral density with logarithmically spaced points."; + homepage = "https://github.com/bleykauf/py-lpsd"; + license = licenses.mit; + maintainers = with maintainers; [ doronbehar ]; + }; +} diff --git a/pkgs/development/python-modules/pytest-plt/default.nix b/pkgs/development/python-modules/pytest-plt/default.nix new file mode 100644 index 000000000000..2c995aaeff1c --- /dev/null +++ b/pkgs/development/python-modules/pytest-plt/default.nix @@ -0,0 +1,29 @@ +{ lib +, buildPythonPackage +, fetchPypi +, matplotlib +, pytestCheckHook +}: + +buildPythonPackage rec { + pname = "pytest-plt"; + version = "1.1.0"; + + src = fetchPypi { + inherit pname version; + sha256 = "sha256-IkTNlierFXIG9WSVUfVoirfQ6z7JOYlCaa5NhnBSuxc="; + }; + + checkInputs = [ + pytestCheckHook + matplotlib + ]; + + meta = with lib; { + description = "provides fixtures for quickly creating Matplotlib plots in your tests"; + homepage = "https://www.nengo.ai/pytest-plt/"; + changelog = "https://github.com/nengo/pytest-plt/blob/master/CHANGES.rst"; + license = licenses.mit; + maintainers = [ maintainers.doronbehar ]; + }; +} diff --git a/pkgs/development/tools/analysis/cppcheck/default.nix b/pkgs/development/tools/analysis/cppcheck/default.nix index 7d3502f1262a..73b1385a00de 100644 --- a/pkgs/development/tools/analysis/cppcheck/default.nix +++ b/pkgs/development/tools/analysis/cppcheck/default.nix @@ -13,13 +13,13 @@ stdenv.mkDerivation rec { pname = "cppcheck"; - version = "2.9.1"; + version = "2.9.2"; src = fetchFromGitHub { owner = "danmar"; repo = "cppcheck"; rev = version; - hash = "sha256-bKZOAGInks26NmzlKo1T8NREO9xoF8ZsssNDzyTJwlU="; + hash = "sha256-76JMC9kjeQO4ZuRQ4Kv7J141xy0M7kDTWWjQtJ/d5r0="; }; buildInputs = [ pcre diff --git a/pkgs/os-specific/linux/kernel/perf/default.nix b/pkgs/os-specific/linux/kernel/perf/default.nix index e3a387b8115b..709312ebdcdf 100644 --- a/pkgs/os-specific/linux/kernel/perf/default.nix +++ b/pkgs/os-specific/linux/kernel/perf/default.nix @@ -31,6 +31,7 @@ , systemtap , numactl , zlib +, babeltrace , withGtk ? false , gtk2 , withZstd ? true @@ -69,7 +70,7 @@ stdenv.mkDerivation { postPatch = '' patchShebangs scripts tools/perf/pmu-events/jevents.py - + '' + lib.optionalString (lib.versionAtLeast kernel.version "5.8") '' substituteInPlace tools/perf/scripts/python/flamegraph.py \ --replace "/usr/share/d3-flame-graph/d3-flamegraph-base.html" \ "${d3-flame-graph-templates}/share/d3-flame-graph/d3-flamegraph-base.html" @@ -121,6 +122,7 @@ stdenv.mkDerivation { numactl python3 perl + babeltrace ] ++ (if (lib.versionAtLeast kernel.version "5.19") then [ libbfd libopcodes ] else [ libbfd_2_38 libopcodes_2_38 ]) diff --git a/pkgs/os-specific/linux/pam_ussh/default.nix b/pkgs/os-specific/linux/pam_ussh/default.nix index 4d02efa67330..b0eeef0948e6 100644 --- a/pkgs/os-specific/linux/pam_ussh/default.nix +++ b/pkgs/os-specific/linux/pam_ussh/default.nix @@ -16,14 +16,12 @@ buildGoModule rec { sha256 = "0nb9hpqbghgi3zvq41kabydzyc6ffaaw9b4jkc5jrwn1klpw1xk8"; }; - prePatch = '' + preBuild = '' cp ${./go.mod} go.mod + cp ${./go.sum} go.sum ''; - overrideModAttrs = (_: { - inherit prePatch; - }); - vendorSha256 = null; #vendorSha256 = ""; + vendorSha256 = "sha256-fOIzJuTXiDNJak5ilgI2KnPOCogbFWTlPL3yNQdzUUI="; buildInputs = [ pam @@ -63,6 +61,5 @@ buildGoModule rec { license = licenses.mit; platforms = platforms.linux; maintainers = with maintainers; [ lukegb ]; - broken = true; # vendor isn't reproducible with go > 1.17: nix-build -A $name.go-modules --check }; } diff --git a/pkgs/os-specific/linux/pam_ussh/go.sum b/pkgs/os-specific/linux/pam_ussh/go.sum new file mode 100644 index 000000000000..0df3145edbd5 --- /dev/null +++ b/pkgs/os-specific/linux/pam_ussh/go.sum @@ -0,0 +1,22 @@ +github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +golang.org/x/crypto v0.0.0-20220313003712-b769efc7c000 h1:SL+8VVnkqyshUSz5iNnXtrBQzvFF2SkROm6t5RczFAE= +golang.org/x/crypto v0.0.0-20220313003712-b769efc7c000/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 h1:SrN+KX8Art/Sf4HNj6Zcz06G7VEz+7w9tdXTPOZ7+l4= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/pkgs/tools/admin/awscli2/default.nix b/pkgs/tools/admin/awscli2/default.nix index a666a4cf8edb..a04ebf85ea7f 100644 --- a/pkgs/tools/admin/awscli2/default.nix +++ b/pkgs/tools/admin/awscli2/default.nix @@ -32,14 +32,14 @@ let in with py.pkgs; buildPythonApplication rec { pname = "awscli2"; - version = "2.8.11"; # N.B: if you change this, check if overrides are still up-to-date + version = "2.8.12"; # N.B: if you change this, check if overrides are still up-to-date format = "pyproject"; src = fetchFromGitHub { owner = "aws"; repo = "aws-cli"; rev = version; - sha256 = "sha256-E4O4DEdPwfIt+XOiCF2gLZILYTfZ4BhXMUgKggtsoCc="; + sha256 = "sha256-OeOSSB0WgVJEszmkXmMkmJNq37sPID7HFaTbXkBUwlI="; }; nativeBuildInputs = [ diff --git a/pkgs/tools/misc/fd/default.nix b/pkgs/tools/misc/fd/default.nix index 1a8843bd4f8c..6dd0e7a6e7cb 100644 --- a/pkgs/tools/misc/fd/default.nix +++ b/pkgs/tools/misc/fd/default.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "fd"; - version = "8.5.2"; + version = "8.5.3"; src = fetchFromGitHub { owner = "sharkdp"; repo = "fd"; rev = "v${version}"; - sha256 = "sha256-APgC5159U9yMrTiGLE0ngyA5y1bbJUZgoleDAs2ZaDI="; + sha256 = "sha256-7QQHLw+isXtr1FDQr4aiUhvOjJUPbaxFGDwukiWBG9g="; }; - cargoSha256 = "sha256-8pkn7FLPWMEwsjdwxKigHDEwBHBlh2W9R7HCUIu94Wg="; + cargoSha256 = "sha256-QFh47Pr+7lIdT++huziKgMJxvsZElTTwu11c7/wjyHE="; nativeBuildInputs = [ installShellFiles ]; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 617356b42c4e..86e5938f5bab 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -688,6 +688,8 @@ self: super: with self; { asyncpg = callPackage ../development/python-modules/asyncpg { }; + asyncserial = callPackage ../development/python-modules/asyncserial { }; + asyncsleepiq = callPackage ../development/python-modules/asyncsleepiq { }; asyncssh = callPackage ../development/python-modules/asyncssh { }; @@ -5734,6 +5736,8 @@ self: super: with self; { misaka = callPackage ../development/python-modules/misaka { }; + misoc = callPackage ../development/python-modules/misoc { }; + mistletoe = callPackage ../development/python-modules/mistletoe { }; mistune = callPackage ../development/python-modules/mistune { }; @@ -5963,6 +5967,10 @@ self: super: with self; { mygpoclient = callPackage ../development/python-modules/mygpoclient { }; + myhdl = callPackage ../development/python-modules/myhdl { + inherit (pkgs) ghdl verilog; + }; + myhome = callPackage ../development/python-modules/myhome { }; myjwt = callPackage ../development/python-modules/myjwt { }; @@ -8060,6 +8068,8 @@ self: super: with self; { pylsp-mypy = callPackage ../development/python-modules/pylsp-mypy { }; + pylpsd = callPackage ../development/python-modules/pylpsd { }; + PyLTI = callPackage ../development/python-modules/pylti { }; pylutron = callPackage ../development/python-modules/pylutron { }; @@ -8829,6 +8839,8 @@ self: super: with self; { pytest-param-files = callPackage ../development/python-modules/pytest-param-files { }; + pytest-plt = callPackage ../development/python-modules/pytest-plt { }; + pytest-pylint = callPackage ../development/python-modules/pytest-pylint { }; pytest-qt = callPackage ../development/python-modules/pytest-qt { };