Merge staging-next into staging
This commit is contained in:
commit
9d11ed2864
@ -158,9 +158,9 @@ One would think that `localSystem` and `crossSystem` overlap horribly with the t
|
||||
|
||||
### Implementation of dependencies {#ssec-cross-dependency-implementation}
|
||||
|
||||
The categories of dependencies developed in [](#ssec-cross-dependency-categorization) are specified as lists of derivations given to `mkDerivation`, as documented in [](#ssec-stdenv-dependencies). In short, each list of dependencies for "host → target" of "foo → bar" is called `depsFooBar`, with exceptions for backwards compatibility that `depsBuildHost` is instead called `nativeBuildInputs` and `depsHostTarget` is instead called `buildInputs`. Nixpkgs is now structured so that each `depsFooBar` is automatically taken from `pkgsFooBar`. (These `pkgsFooBar`s are quite new, so there is no special case for `nativeBuildInputs` and `buildInputs`.) For example, `pkgsBuildHost.gcc` should be used at build-time, while `pkgsHostTarget.gcc` should be used at run-time.
|
||||
The categories of dependencies developed in [](#ssec-cross-dependency-categorization) are specified as lists of derivations given to `mkDerivation`, as documented in [](#ssec-stdenv-dependencies). In short, each list of dependencies for "host → target" is called `deps<host><target>` (where `host`, and `target` values are either `build`, `host`, or `target`), with exceptions for backwards compatibility that `depsBuildHost` is instead called `nativeBuildInputs` and `depsHostTarget` is instead called `buildInputs`. Nixpkgs is now structured so that each `deps<host><target>` is automatically taken from `pkgs<host><target>`. (These `pkgs<host><target>`s are quite new, so there is no special case for `nativeBuildInputs` and `buildInputs`.) For example, `pkgsBuildHost.gcc` should be used at build-time, while `pkgsHostTarget.gcc` should be used at run-time.
|
||||
|
||||
Now, for most of Nixpkgs's history, there were no `pkgsFooBar` attributes, and most packages have not been refactored to use it explicitly. Prior to those, there were just `buildPackages`, `pkgs`, and `targetPackages`. Those are now redefined as aliases to `pkgsBuildHost`, `pkgsHostTarget`, and `pkgsTargetTarget`. It is acceptable, even recommended, to use them for libraries to show that the host platform is irrelevant.
|
||||
Now, for most of Nixpkgs's history, there were no `pkgs<host><target>` attributes, and most packages have not been refactored to use it explicitly. Prior to those, there were just `buildPackages`, `pkgs`, and `targetPackages`. Those are now redefined as aliases to `pkgsBuildHost`, `pkgsHostTarget`, and `pkgsTargetTarget`. It is acceptable, even recommended, to use them for libraries to show that the host platform is irrelevant.
|
||||
|
||||
But before that, there was just `pkgs`, even though both `buildInputs` and `nativeBuildInputs` existed. \[Cross barely worked, and those were implemented with some hacks on `mkDerivation` to override dependencies.\] What this means is the vast majority of packages do not use any explicit package set to populate their dependencies, just using whatever `callPackage` gives them even if they do correctly sort their dependencies into the multiple lists described above. And indeed, asking that users both sort their dependencies, _and_ take them from the right attribute set, is both too onerous and redundant, so the recommended approach (for now) is to continue just categorizing by list and not using an explicit package set.
|
||||
|
||||
|
@ -116,15 +116,27 @@ On Linux, `stdenv` also includes the `patchelf` utility.
|
||||
|
||||
## Specifying dependencies {#ssec-stdenv-dependencies}
|
||||
|
||||
As described in the Nix manual, almost any `*.drv` store path in a derivation’s attribute set will induce a dependency on that derivation. `mkDerivation`, however, takes a few attributes intended to, between them, include all the dependencies of a package. This is done both for structure and consistency, but also so that certain other setup can take place. For example, certain dependencies need their bin directories added to the `PATH`. That is built-in, but other setup is done via a pluggable mechanism that works in conjunction with these dependency attributes. See [](#ssec-setup-hooks) for details.
|
||||
As described in the Nix manual, almost any `*.drv` store path in a derivation’s attribute set will induce a dependency on that derivation. `mkDerivation`, however, takes a few attributes intended to include all the dependencies of a package. This is done both for structure and consistency, but also so that certain other setup can take place. For example, certain dependencies need their bin directories added to the `PATH`. That is built-in, but other setup is done via a pluggable mechanism that works in conjunction with these dependency attributes. See [](#ssec-setup-hooks) for details.
|
||||
|
||||
Dependencies can be broken down along three axes: their host and target platforms relative to the new derivation’s, and whether they are propagated. The platform distinctions are motivated by cross compilation; see [](#chap-cross) for exactly what each platform means. [^footnote-stdenv-ignored-build-platform] But even if one is not cross compiling, the platforms imply whether or not the dependency is needed at run-time or build-time, a concept that makes perfect sense outside of cross compilation. By default, the run-time/build-time distinction is just a hint for mental clarity, but with `strictDeps` set it is mostly enforced even in the native case.
|
||||
|
||||
The extension of `PATH` with dependencies, alluded to above, proceeds according to the relative platforms alone. The process is carried out only for dependencies whose host platform matches the new derivation’s build platform i.e. dependencies which run on the platform where the new derivation will be built. [^footnote-stdenv-native-dependencies-in-path] For each dependency \<dep\> of those dependencies, `dep/bin`, if present, is added to the `PATH` environment variable.
|
||||
|
||||
The dependency is propagated when it forces some of its other-transitive (non-immediate) downstream dependencies to also take it on as an immediate dependency. Nix itself already takes a package’s transitive dependencies into account, but this propagation ensures nixpkgs-specific infrastructure like setup hooks (mentioned above) also are run as if the propagated dependency.
|
||||
A dependency is said to be **propagated** when some of its other-transitive (non-immediate) downstream dependencies also need it as an immediate dependency.
|
||||
[^footnote-stdenv-propagated-dependencies]
|
||||
|
||||
It is important to note that dependencies are not necessarily propagated as the same sort of dependency that they were before, but rather as the corresponding sort so that the platform rules still line up. The exact rules for dependency propagation can be given by assigning to each dependency two integers based one how its host and target platforms are offset from the depending derivation’s platforms. Those offsets are given below in the descriptions of each dependency list attribute. Algorithmically, we traverse propagated inputs, accumulating every propagated dependency’s propagated dependencies and adjusting them to account for the “shift in perspective” described by the current dependency’s platform offsets. This results in sort a transitive closure of the dependency relation, with the offsets being approximately summed when two dependency links are combined. We also prune transitive dependencies whose combined offsets go out-of-bounds, which can be viewed as a filter over that transitive closure removing dependencies that are blatantly absurd.
|
||||
It is important to note that dependencies are not necessarily propagated as the same sort of dependency that they were before, but rather as the corresponding sort so that the platform rules still line up. To determine the exact rules for dependency propagation, we start by assigning to each dependency a couple of ternary numbers (`-1` for `build`, `0` for `host`, and `1` for `target`), representing how respectively its host and target platforms are "offset" from the depending derivation’s platforms. The following table summarize the different combinations that can be obtained:
|
||||
|
||||
| `host → target` | attribute name | offset |
|
||||
| ------------------- | ------------------- | -------- |
|
||||
| `build --> build` | `depsBuildBuild` | `-1, -1` |
|
||||
| `build --> host` | `nativeBuildInputs` | `-1, 0` |
|
||||
| `build --> target` | `depsBuildTarget` | `-1, 1` |
|
||||
| `host --> host` | `depsHostHost` | `0, 0` |
|
||||
| `host --> target` | `buildInputs` | `0, 1` |
|
||||
| `target --> target` | `depsTargetTarget` | `1, 1` |
|
||||
|
||||
Algorithmically, we traverse propagated inputs, accumulating every propagated dependency’s propagated dependencies and adjusting them to account for the “shift in perspective” described by the current dependency’s platform offsets. This results is sort of a transitive closure of the dependency relation, with the offsets being approximately summed when two dependency links are combined. We also prune transitive dependencies whose combined offsets go out-of-bounds, which can be viewed as a filter over that transitive closure removing dependencies that are blatantly absurd.
|
||||
|
||||
We can define the process precisely with [Natural Deduction](https://en.wikipedia.org/wiki/Natural_deduction) using the inference rules. This probably seems a bit obtuse, but so is the bash code that actually implements it! [^footnote-stdenv-find-inputs-location] They’re confusing in very different ways so… hopefully if something doesn’t make sense in one presentation, it will in the other!
|
||||
|
||||
@ -179,37 +191,37 @@ Overall, the unifying theme here is that propagation shouldn’t be introducing
|
||||
|
||||
#### `depsBuildBuild` {#var-stdenv-depsBuildBuild}
|
||||
|
||||
A list of dependencies whose host and target platforms are the new derivation’s build platform. This means a `-1` host and `-1` target offset from the new derivation’s platforms. These are programs and libraries used at build time that produce programs and libraries also used at build time. If the dependency doesn’t care about the target platform (i.e. isn’t a compiler or similar tool), put it in `nativeBuildInputs` instead. The most common use of this `buildPackages.stdenv.cc`, the default C compiler for this role. That example crops up more than one might think in old commonly used C libraries.
|
||||
A list of dependencies whose host and target platforms are the new derivation’s build platform. These are programs and libraries used at build time that produce programs and libraries also used at build time. If the dependency doesn’t care about the target platform (i.e. isn’t a compiler or similar tool), put it in `nativeBuildInputs` instead. The most common use of this `buildPackages.stdenv.cc`, the default C compiler for this role. That example crops up more than one might think in old commonly used C libraries.
|
||||
|
||||
Since these packages are able to be run at build-time, they are always added to the `PATH`, as described above. But since these packages are only guaranteed to be able to run then, they shouldn’t persist as run-time dependencies. This isn’t currently enforced, but could be in the future.
|
||||
|
||||
#### `nativeBuildInputs` {#var-stdenv-nativeBuildInputs}
|
||||
|
||||
A list of dependencies whose host platform is the new derivation’s build platform, and target platform is the new derivation’s host platform. This means a `-1` host offset and `0` target offset from the new derivation’s platforms. These are programs and libraries used at build-time that, if they are a compiler or similar tool, produce code to run at run-time—i.e. tools used to build the new derivation. If the dependency doesn’t care about the target platform (i.e. isn’t a compiler or similar tool), put it here, rather than in `depsBuildBuild` or `depsBuildTarget`. This could be called `depsBuildHost` but `nativeBuildInputs` is used for historical continuity.
|
||||
A list of dependencies whose host platform is the new derivation’s build platform, and target platform is the new derivation’s host platform. These are programs and libraries used at build-time that, if they are a compiler or similar tool, produce code to run at run-time—i.e. tools used to build the new derivation. If the dependency doesn’t care about the target platform (i.e. isn’t a compiler or similar tool), put it here, rather than in `depsBuildBuild` or `depsBuildTarget`. This could be called `depsBuildHost` but `nativeBuildInputs` is used for historical continuity.
|
||||
|
||||
Since these packages are able to be run at build-time, they are added to the `PATH`, as described above. But since these packages are only guaranteed to be able to run then, they shouldn’t persist as run-time dependencies. This isn’t currently enforced, but could be in the future.
|
||||
|
||||
#### `depsBuildTarget` {#var-stdenv-depsBuildTarget}
|
||||
|
||||
A list of dependencies whose host platform is the new derivation’s build platform, and target platform is the new derivation’s target platform. This means a `-1` host offset and `1` target offset from the new derivation’s platforms. These are programs used at build time that produce code to run with code produced by the depending package. Most commonly, these are tools used to build the runtime or standard library that the currently-being-built compiler will inject into any code it compiles. In many cases, the currently-being-built-compiler is itself employed for that task, but when that compiler won’t run (i.e. its build and host platform differ) this is not possible. Other times, the compiler relies on some other tool, like binutils, that is always built separately so that the dependency is unconditional.
|
||||
A list of dependencies whose host platform is the new derivation’s build platform, and target platform is the new derivation’s target platform. These are programs used at build time that produce code to run with code produced by the depending package. Most commonly, these are tools used to build the runtime or standard library that the currently-being-built compiler will inject into any code it compiles. In many cases, the currently-being-built-compiler is itself employed for that task, but when that compiler won’t run (i.e. its build and host platform differ) this is not possible. Other times, the compiler relies on some other tool, like binutils, that is always built separately so that the dependency is unconditional.
|
||||
|
||||
This is a somewhat confusing concept to wrap one’s head around, and for good reason. As the only dependency type where the platform offsets are not adjacent integers, it requires thinking of a bootstrapping stage *two* away from the current one. It and its use-case go hand in hand and are both considered poor form: try to not need this sort of dependency, and try to avoid building standard libraries and runtimes in the same derivation as the compiler produces code using them. Instead strive to build those like a normal library, using the newly-built compiler just as a normal library would. In short, do not use this attribute unless you are packaging a compiler and are sure it is needed.
|
||||
This is a somewhat confusing concept to wrap one’s head around, and for good reason. As the only dependency type where the platform offsets, `-1` and `1`, are not adjacent integers, it requires thinking of a bootstrapping stage *two* away from the current one. It and its use-case go hand in hand and are both considered poor form: try to not need this sort of dependency, and try to avoid building standard libraries and runtimes in the same derivation as the compiler produces code using them. Instead strive to build those like a normal library, using the newly-built compiler just as a normal library would. In short, do not use this attribute unless you are packaging a compiler and are sure it is needed.
|
||||
|
||||
Since these packages are able to run at build time, they are added to the `PATH`, as described above. But since these packages are only guaranteed to be able to run then, they shouldn’t persist as run-time dependencies. This isn’t currently enforced, but could be in the future.
|
||||
|
||||
#### `depsHostHost` {#var-stdenv-depsHostHost}
|
||||
|
||||
A list of dependencies whose host and target platforms match the new derivation’s host platform. This means a `0` host offset and `0` target offset from the new derivation’s host platform. These are packages used at run-time to generate code also used at run-time. In practice, this would usually be tools used by compilers for macros or a metaprogramming system, or libraries used by the macros or metaprogramming code itself. It’s always preferable to use a `depsBuildBuild` dependency in the derivation being built over a `depsHostHost` on the tool doing the building for this purpose.
|
||||
A list of dependencies whose host and target platforms match the new derivation’s host platform. In practice, this would usually be tools used by compilers for macros or a metaprogramming system, or libraries used by the macros or metaprogramming code itself. It’s always preferable to use a `depsBuildBuild` dependency in the derivation being built over a `depsHostHost` on the tool doing the building for this purpose.
|
||||
|
||||
#### `buildInputs` {#var-stdenv-buildInputs}
|
||||
|
||||
A list of dependencies whose host platform and target platform match the new derivation’s. This means a `0` host offset and a `1` target offset from the new derivation’s host platform. This would be called `depsHostTarget` but for historical continuity. If the dependency doesn’t care about the target platform (i.e. isn’t a compiler or similar tool), put it here, rather than in `depsBuildBuild`.
|
||||
A list of dependencies whose host platform and target platform match the new derivation’s. This would be called `depsHostTarget` but for historical continuity. If the dependency doesn’t care about the target platform (i.e. isn’t a compiler or similar tool), put it here, rather than in `depsBuildBuild`.
|
||||
|
||||
These are often programs and libraries used by the new derivation at *run*-time, but that isn’t always the case. For example, the machine code in a statically-linked library is only used at run-time, but the derivation containing the library is only needed at build-time. Even in the dynamic case, the library may also be needed at build-time to appease the linker.
|
||||
|
||||
#### `depsTargetTarget` {#var-stdenv-depsTargetTarget}
|
||||
|
||||
A list of dependencies whose host platform matches the new derivation’s target platform. This means a `1` offset from the new derivation’s platforms. These are packages that run on the target platform, e.g. the standard library or run-time deps of standard library that a compiler insists on knowing about. It’s poor form in almost all cases for a package to depend on another from a future stage \[future stage corresponding to positive offset\]. Do not use this attribute unless you are packaging a compiler and are sure it is needed.
|
||||
A list of dependencies whose host platform matches the new derivation’s target platform. These are packages that run on the target platform, e.g. the standard library or run-time deps of standard library that a compiler insists on knowing about. It’s poor form in almost all cases for a package to depend on another from a future stage \[future stage corresponding to positive offset\]. Do not use this attribute unless you are packaging a compiler and are sure it is needed.
|
||||
|
||||
#### `depsBuildBuildPropagated` {#var-stdenv-depsBuildBuildPropagated}
|
||||
|
||||
@ -1228,6 +1240,7 @@ If the libraries lack `-fPIE`, you will get the error `recompile with -fPIE`.
|
||||
|
||||
[^footnote-stdenv-ignored-build-platform]: The build platform is ignored because it is a mere implementation detail of the package satisfying the dependency: As a general programming principle, dependencies are always *specified* as interfaces, not concrete implementation.
|
||||
[^footnote-stdenv-native-dependencies-in-path]: Currently, this means for native builds all dependencies are put on the `PATH`. But in the future that may not be the case for sake of matching cross: the platforms would be assumed to be unique for native and cross builds alike, so only the `depsBuild*` and `nativeBuildInputs` would be added to the `PATH`.
|
||||
[^footnote-stdenv-propagated-dependencies]: Nix itself already takes a package’s transitive dependencies into account, but this propagation ensures nixpkgs-specific infrastructure like setup hooks (mentioned above) also are run as if the propagated dependency.
|
||||
[^footnote-stdenv-find-inputs-location]: The `findInputs` function, currently residing in `pkgs/stdenv/generic/setup.sh`, implements the propagation logic.
|
||||
[^footnote-stdenv-sys-lib-search-path]: It clears the `sys_lib_*search_path` variables in the Libtool script to prevent Libtool from using libraries in `/usr/lib` and such.
|
||||
[^footnote-stdenv-build-time-guessing-impurity]: Eventually these will be passed building natively as well, to improve determinism: build-time guessing, as is done today, is a risk of impurity.
|
||||
|
@ -453,7 +453,7 @@ in
|
||||
cantarell-fonts
|
||||
dejavu_fonts
|
||||
source-code-pro # Default monospace font in 3.32
|
||||
source-sans-pro
|
||||
source-sans
|
||||
];
|
||||
|
||||
# Adapt from https://gitlab.gnome.org/GNOME/gnome-build-meta/blob/gnome-3-38/elements/core/meta-gnome-core-shell.bst
|
||||
|
@ -6,14 +6,14 @@
|
||||
|
||||
let chia = python3Packages.buildPythonApplication rec {
|
||||
pname = "chia";
|
||||
version = "1.2.9";
|
||||
version = "1.2.10";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Chia-Network";
|
||||
repo = "chia-blockchain";
|
||||
rev = version;
|
||||
fetchSubmodules = true;
|
||||
sha256 = "sha256-ZDWkVCga/NsKOnj5HP0lnmnX6vqw+I0b3a1Wr1t1VN0=";
|
||||
sha256 = "sha256-TzSBGjgaE0IWaqJcCIoO/u+gDh17NtAqhE8ldbbjNIE=";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
|
@ -3,13 +3,13 @@
|
||||
|
||||
mkDerivation rec {
|
||||
pname = "texstudio";
|
||||
version = "4.0.0";
|
||||
version = "4.0.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "${pname}-org";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "0fapgc6dvzn47gmhxkqymwi3818rdiag33ml57j2mfmsi5pjxi0f";
|
||||
sha256 = "sha256-SCrWoIZan8mFwQoXaXvM0Ujdhcic3FbmfgKZSFXFBGE=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ qmake wrapQtAppsHook pkg-config ];
|
||||
|
@ -16,13 +16,13 @@ in
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "imagemagick";
|
||||
version = "6.9.12-19";
|
||||
version = "6.9.12-26";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "ImageMagick";
|
||||
repo = "ImageMagick6";
|
||||
rev = version;
|
||||
sha256 = "sha256-8KofT9aNd8SXL0YBQ0RUOTccVxQNacvJL1uYPZiSPkY=";
|
||||
sha256 = "sha256-oNorY/93jk1v5BS1T3wqctXuzV4o8JlyZtHnsNYmO4U=";
|
||||
};
|
||||
|
||||
outputs = [ "out" "dev" "doc" ]; # bin/ isn't really big
|
||||
|
@ -18,13 +18,13 @@ in
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "imagemagick";
|
||||
version = "7.1.0-9";
|
||||
version = "7.1.0-11";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "ImageMagick";
|
||||
repo = "ImageMagick";
|
||||
rev = version;
|
||||
sha256 = "sha256-9eeOY6TvNykWA3yyQH1UR3ahdhOja87I9rsie9fMbso=";
|
||||
sha256 = "sha256-z7ZpoB8NlcS5NVyoW0ngSlakCcb5qC3bh3xDVYuWS6w=";
|
||||
};
|
||||
|
||||
outputs = [ "out" "dev" "doc" ]; # bin/ isn't really big
|
||||
|
@ -42,18 +42,18 @@ with lib;
|
||||
# Those pieces of software we entirely ignore upstream's handling of, and just
|
||||
# make sure they're in the path if desired.
|
||||
let
|
||||
k3sVersion = "1.21.4+k3s1"; # k3s git tag
|
||||
k3sCommit = "3e250fdbab72d88f7e6aae57446023a0567ffc97"; # k3s git commit at the above version
|
||||
k3sRepoSha256 = "1w7drvk0bmlmqrxh1y6dxjy7dk6bdrl72pkd25lc1ir6wbzb05h9";
|
||||
k3sVersion = "1.22.2+k3s2"; # k3s git tag
|
||||
k3sCommit = "3f5774b41eb475eb10c93bb0ce58459a6f777c5f"; # k3s git commit at the above version
|
||||
k3sRepoSha256 = "1kjf2zkm5d3s1aj4w9gzsc3ms3a0cm900fyi9899ijczw1cbrc61";
|
||||
|
||||
traefikChartVersion = "9.18.2"; # taken from ./manifests/traefik.yaml at spec.version
|
||||
traefikChartSha256 = "sha256-9d7p0ngyMN27u4OPgz7yI14Zj9y36t9o/HMX5wyDpUI=";
|
||||
traefikChartVersion = "10.3.0"; # taken from ./manifests/traefik.yaml at spec.version
|
||||
traefikChartSha256 = "0y6wr64xp7bgx24kqil0x6myr3pnfrg8rw0d1h5zd2n5a8nfd73f";
|
||||
|
||||
k3sRootVersion = "0.9.1"; # taken from ./scripts/download at ROOT_VERSION
|
||||
k3sRootSha256 = "sha256-qI84KYJKY/T6pqWZW9lOTq5NzZiu//v1zrMzUCiRTGQ=";
|
||||
k3sRootSha256 = "0r2cj4l50cxkrvszpzxfk36lvbjf9vcmp6d5lvxg8qsah8lki3x8";
|
||||
|
||||
k3sCNIVersion = "0.8.6-k3s1"; # taken from ./scripts/version.sh at VERSION_CNIPLUGINS
|
||||
k3sCNISha256 = "sha256-uAy17eRRAXPCcnh481KxFMvFQecnnBs24jn5YnVNfY4=";
|
||||
k3sCNIVersion = "0.9.1-k3s1"; # taken from ./scripts/version.sh at VERSION_CNIPLUGINS
|
||||
k3sCNISha256 = "1327vmfph7b8i14q05c2xdfzk60caflg1zhycx0mrf3d59f4zsz5";
|
||||
|
||||
baseMeta = {
|
||||
description = "A lightweight Kubernetes distribution";
|
||||
|
@ -12,7 +12,9 @@ LATEST_TAG_RAWFILE=${WORKDIR}/latest_tag.json
|
||||
curl --silent ${GITHUB_TOKEN:+"-u \":$GITHUB_TOKEN\""} \
|
||||
https://api.github.com/repos/k3s-io/k3s/releases > ${LATEST_TAG_RAWFILE}
|
||||
|
||||
LATEST_TAG_NAME=$(jq 'map(.tag_name)' ${LATEST_TAG_RAWFILE} | grep -v -e rc -e engine | sed 's/["|,| ]//g' | sort -V -r | head -n1)
|
||||
LATEST_TAG_NAME=$(jq 'map(.tag_name)' ${LATEST_TAG_RAWFILE} | \
|
||||
grep -v -e rc -e engine | tail -n +2 | head -n -1 | sed 's|[", ]||g' | sort -rV | head -n1)
|
||||
|
||||
K3S_VERSION=$(echo ${LATEST_TAG_NAME} | sed 's/^v//')
|
||||
|
||||
K3S_COMMIT=$(curl --silent ${GITHUB_TOKEN:+"-u \":$GITHUB_TOKEN\""} \
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
(callPackage ./generic.nix { }) {
|
||||
channel = "stable";
|
||||
version = "2.10.2";
|
||||
sha256 = "sha256-dOD0S4FJ2lXE+1VZooi8tKvC8ndGEHAxmAvSqoWI/m0=";
|
||||
vendorSha256 = "sha256-Qb0FZOvKL9GgncfUl538PynkYbm3V8Q6lUpApUoIp5s=";
|
||||
version = "2.11.0";
|
||||
sha256 = "172in8vmr7c5sff111rrd5127lz2pv7bbh7p399xafnk8ri0fx2i";
|
||||
vendorSha256 = "sha256-c3EyVrblqtFuoP7+YdbyPN0DdN6TcQ5DTtFQ/frKM0Q=";
|
||||
}
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
(callPackage ./generic.nix { }) {
|
||||
channel = "edge";
|
||||
version = "21.9.3";
|
||||
sha256 = "0swqx4myvr24visj39icg8g90kj325pvf22bq447rnm0whq3cnyz";
|
||||
vendorSha256 = "sha256-fMtAR66TwMNR/HCVQ9Jg3sJ0XBx2jUKDG7/ts0lEZM4=";
|
||||
version = "21.10.3";
|
||||
sha256 = "09k4c0dgn9vvgp6xb20x0vylk6bbd03srk3sra8vnpywwi591mcv";
|
||||
vendorSha256 = "sha256-uGj1sMEa791ZKA7hpJ1A9vtwsmrZDGAYp6HQo6QNAYY=";
|
||||
}
|
||||
|
@ -48,8 +48,13 @@ in
|
||||
serif = makePackage {
|
||||
family = "serif";
|
||||
description = "serif";
|
||||
rev = "1.001R";
|
||||
sha256 = "0nnsb2w140ih0cnp1fh7s4csvzp9y0cavz9df2ryhv215mh9z4m0";
|
||||
rev = "2.000R";
|
||||
sha256 = "0x3n6s4khdd6l0crwd7g9sjaqp8lkvksglhc7kj3cv80hldab9wp";
|
||||
postFetch = ''
|
||||
mkdir -p $out/share/fonts/opentype/source-han-serif
|
||||
unzip $downloadedFile -d $out/share/fonts/opentype/source-han-serif
|
||||
'';
|
||||
zip = ".zip";
|
||||
};
|
||||
|
||||
mono = makePackage {
|
||||
|
@ -11,6 +11,8 @@ stdenv.mkDerivation {
|
||||
|
||||
buildInputs = [ libusb-compat-0_1 readline ];
|
||||
|
||||
configureFlags = [ "sysconfdir=/etc" ];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Open source library libnfc for Near Field Communication";
|
||||
license = licenses.gpl3;
|
||||
|
@ -2,11 +2,11 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "fastjet-contrib";
|
||||
version = "1.045";
|
||||
version = "1.046";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://fastjet.hepforge.org/contrib/downloads/fjcontrib-${version}.tar.gz";
|
||||
sha256 = "1y45jx7i30ik2pjv33y16fi5i5jpmi0zp1jh32pwywd3diaiazv6";
|
||||
sha256 = "sha256-cgavrH/rIHXZn7sDa7NRPTKy2sOvMDQQJjmGNUeT7s8=";
|
||||
};
|
||||
|
||||
buildInputs = [ fastjet ];
|
||||
|
@ -25,13 +25,13 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "vte";
|
||||
version = "0.66.0";
|
||||
version = "0.64.2";
|
||||
|
||||
outputs = [ "out" "dev" ];
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnome/sources/${pname}/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
|
||||
sha256 = "sha256-0IE6wA+x102IhR52X3VdSWyD4JcJc1jqG6rbOLN7ezM=";
|
||||
sha256 = "sha256-KzyCC2WmZ8HYhZuiBHi+Ym0VGcwxWdrCX3AzMMbQfhg=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
|
@ -9,7 +9,7 @@
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "casbin";
|
||||
version = "1.9.2";
|
||||
version = "1.9.3";
|
||||
|
||||
disabled = isPy27;
|
||||
|
||||
@ -17,7 +17,7 @@ buildPythonPackage rec {
|
||||
owner = pname;
|
||||
repo = "pycasbin";
|
||||
rev = "v${version}";
|
||||
sha256 = "0awqdh4jsarf0lr2bl2qiaff1yk9vndq15jcl4abiig9wr2yghpc";
|
||||
sha256 = "sha256-PN31/1BpXcNqsqBZ8sS/MM3UL47/Bi24bUh+jGOJevk=";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [
|
||||
|
27
pkgs/development/python-modules/insegel/default.nix
Normal file
27
pkgs/development/python-modules/insegel/default.nix
Normal file
@ -0,0 +1,27 @@
|
||||
{ lib, buildPythonPackage, fetchPypi, pygments }:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "insegel";
|
||||
version = "1.3.1";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "1d055dd64f6eb335580a485271511ba2f4e3b5e315f48f827f58da3cace4b4ae";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [ pygments ];
|
||||
|
||||
# No tests included
|
||||
doCheck = false;
|
||||
|
||||
pythonImportsCheck = [
|
||||
"insegel"
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://github.com/autophagy/insegel";
|
||||
description = "A monochrome 2 column Sphinx theme";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ autophagy ];
|
||||
};
|
||||
}
|
@ -16,14 +16,14 @@
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "minio";
|
||||
version = "7.1.0";
|
||||
version = "7.1.1";
|
||||
disabled = pythonOlder "3.6";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "minio";
|
||||
repo = "minio-py";
|
||||
rev = version;
|
||||
sha256 = "sha256-0N9hPjGGYHFyGzEWWDnW7KsPQtv0y/j/lCBLNC9IlpA=";
|
||||
sha256 = "sha256-dUNx6r7KppfeHefa1IeJPXSEMyElPk+RAGdn447ax1g=";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [
|
||||
|
@ -1,28 +1,40 @@
|
||||
{ lib
|
||||
, buildPythonPackage
|
||||
, fetchFromGitHub
|
||||
, pytestCheckHook
|
||||
, poetry-core
|
||||
, urllib3
|
||||
, pytestCheckHook
|
||||
, requests
|
||||
, urllib3
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "py-synologydsm-api";
|
||||
version = "1.0.4";
|
||||
version = "1.0.5";
|
||||
format = "pyproject";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "mib1185";
|
||||
repo = "synologydsm-api";
|
||||
rev = "v${version}";
|
||||
sha256 = "1f9fbcp6dbh1c7q1cpppwggnw4m89w14cjdgl64f1bzv72rggpn1";
|
||||
sha256 = "sha256-mm5N2RKn2KP2dV7+dw0sNWlCDT5X/fRmH8POQqJIoZY=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ poetry-core ];
|
||||
propagatedBuildInputs = [ urllib3 requests ];
|
||||
pythonImportsCheck = [ "synology_dsm" ];
|
||||
checkInputs = [ pytestCheckHook ];
|
||||
nativeBuildInputs = [
|
||||
poetry-core
|
||||
];
|
||||
|
||||
propagatedBuildInputs = [
|
||||
requests
|
||||
urllib3
|
||||
];
|
||||
|
||||
checkInputs = [
|
||||
pytestCheckHook
|
||||
];
|
||||
|
||||
pythonImportsCheck = [
|
||||
"synology_dsm"
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Python API for Synology DSM";
|
||||
|
39
pkgs/development/python-modules/pylgnetcast/default.nix
Normal file
39
pkgs/development/python-modules/pylgnetcast/default.nix
Normal file
@ -0,0 +1,39 @@
|
||||
{ lib
|
||||
, buildPythonPackage
|
||||
, fetchFromGitHub
|
||||
, requests
|
||||
, pythonOlder
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "pylgnetcast";
|
||||
version = "0.3.4";
|
||||
format = "setuptools";
|
||||
|
||||
disabled = pythonOlder "3.6";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Drafteed";
|
||||
repo = "python-lgnetcast";
|
||||
rev = "v${version}-1";
|
||||
sha256 = "04bh5i4zchdg0lgwpic8wfbk77n225g71z55iin9r0083xbhd7bh";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [
|
||||
requests
|
||||
];
|
||||
|
||||
# Project has no tests
|
||||
doCheck = false;
|
||||
|
||||
pythonImportsCheck = [
|
||||
"pylgnetcast"
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Python API client for the LG Smart TV running NetCast 3 or 4";
|
||||
homepage = "https://github.com/Drafteed/python-lgnetcast";
|
||||
license = with licenses; [ mit ];
|
||||
maintainers = with maintainers; [ fab ];
|
||||
};
|
||||
}
|
@ -9,7 +9,7 @@
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "pytradfri";
|
||||
version = "7.1.0";
|
||||
version = "7.1.1";
|
||||
|
||||
disabled = pythonOlder "3.7";
|
||||
|
||||
@ -17,7 +17,7 @@ buildPythonPackage rec {
|
||||
owner = "home-assistant-libs";
|
||||
repo = "pytradfri";
|
||||
rev = version;
|
||||
sha256 = "sha256-r/qt06YPia8PYhwOeDXk0oK3YvEZ/1kN//+LXj34fmE=";
|
||||
sha256 = "sha256-rLpqCpvHTXv6SyT3SOv6oUrWnSDhMG5r+BmznlnNKwg=";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [
|
||||
|
@ -10,14 +10,14 @@
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "pyvicare";
|
||||
version = "2.13.0";
|
||||
version = "2.13.1";
|
||||
disabled = pythonOlder "3.7";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "somm15";
|
||||
repo = "PyViCare";
|
||||
rev = version;
|
||||
sha256 = "sha256-v1twWyxd0nhXxvbRCbnH5TP736eeDYE5Nz62sf6HIcA=";
|
||||
sha256 = "sha256-L43aickagJolw+VTRX4ZwRcfOm9fMBZOimPx8jLPHhE=";
|
||||
};
|
||||
|
||||
SETUPTOOLS_SCM_PRETEND_VERSION = version;
|
||||
|
@ -1,16 +1,37 @@
|
||||
{ lib, fetchPypi, buildPythonPackage }:
|
||||
{ lib
|
||||
, buildPythonPackage
|
||||
, fetchFromGitHub
|
||||
, pytestCheckHook
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "simpleeval";
|
||||
version = "0.9.10";
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "1skvl467kj83rzkhk01i0wm8m5vmh6j5znrfdizn6r18ii45a839";
|
||||
version = "0.9.11";
|
||||
format = "pyproject";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "danthedeckie";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "111w76mahbf3lm2p72dkqp5fhwg7nvnwm4l078dgsgkixssjazi7";
|
||||
};
|
||||
meta = {
|
||||
|
||||
checkInputs = [
|
||||
pytestCheckHook
|
||||
];
|
||||
|
||||
pytestFlagsArray = [
|
||||
"test_simpleeval.py"
|
||||
];
|
||||
|
||||
pythonImportsCheck = [
|
||||
"simpleeval"
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Simple, safe single expression evaluator library";
|
||||
homepage = "https://github.com/danthedeckie/simpleeval";
|
||||
description = "A simple, safe single expression evaluator library";
|
||||
maintainers = with lib.maintainers; [ johbo ];
|
||||
license = lib.licenses.mit;
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ johbo ];
|
||||
};
|
||||
}
|
||||
|
@ -8,7 +8,7 @@
|
||||
|
||||
buildPythonPackage rec {
|
||||
pname = "wakeonlan";
|
||||
version = "2.0.1";
|
||||
version = "2.1.0";
|
||||
disabled = pythonOlder "3.6";
|
||||
format = "pyproject";
|
||||
|
||||
@ -16,7 +16,7 @@ buildPythonPackage rec {
|
||||
owner = "remcohaszing";
|
||||
repo = "pywakeonlan";
|
||||
rev = version;
|
||||
sha256 = "sha256-WgoL8ntfEaHcvVbJjdewe0wE31Lq7WBj8Bppeq1uJx8=";
|
||||
sha256 = "sha256-5ri4bXc0EMNntzmcUZYpRIfaXoex4s5M6psf/9ta17Y=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
@ -27,12 +27,16 @@ buildPythonPackage rec {
|
||||
pytestCheckHook
|
||||
];
|
||||
|
||||
pytestFlagsArray = [ "test_wakeonlan.py" ];
|
||||
pytestFlagsArray = [
|
||||
"test_wakeonlan.py"
|
||||
];
|
||||
|
||||
pythonImportsCheck = [ "wakeonlan" ];
|
||||
pythonImportsCheck = [
|
||||
"wakeonlan"
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
description = "A small python module for wake on lan";
|
||||
description = "Python module for wake on lan";
|
||||
homepage = "https://github.com/remcohaszing/pywakeonlan";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ peterhoeg ];
|
||||
|
@ -1,16 +1,16 @@
|
||||
{ lib, buildGoPackage, fetchFromGitLab, fetchurl }:
|
||||
|
||||
let
|
||||
version = "14.3.2";
|
||||
version = "14.4.0";
|
||||
# Gitlab runner embeds some docker images these are prebuilt for arm and x86_64
|
||||
docker_x86_64 = fetchurl {
|
||||
url = "https://gitlab-runner-downloads.s3.amazonaws.com/v${version}/binaries/gitlab-runner-helper/gitlab-runner-helper.x86_64";
|
||||
sha256 = "0np2ijgrq6yg3r0744qlj9a9va7y996f7csfs4ajyfqq3vm7jz2g";
|
||||
sha256 = "0cd0bcqfy2cwkhgj1d4mmn0xv4n5mmhyf2yv42ynvv0yr5xk75n0";
|
||||
};
|
||||
|
||||
docker_arm = fetchurl {
|
||||
url = "https://gitlab-runner-downloads.s3.amazonaws.com/v${version}/binaries/gitlab-runner-helper/gitlab-runner-helper.arm";
|
||||
sha256 = "0adjczad3y2f55i76pcp1q2kzdwqr04y59bslb9523s4dlav9jcd";
|
||||
sha256 = "06dnxj1w1nnqkkxrbhz8p85g1afr49j8jizkf2g8j01dsk5b2gvi";
|
||||
};
|
||||
in
|
||||
buildGoPackage rec {
|
||||
@ -29,7 +29,7 @@ buildGoPackage rec {
|
||||
owner = "gitlab-org";
|
||||
repo = "gitlab-runner";
|
||||
rev = "v${version}";
|
||||
sha256 = "15mwyhr7a4b9vl7c0qz299qv91h3kcmf6d6p5vjjrm1phiy3bpgf";
|
||||
sha256 = "07dvbair8fiska7ay4k4hbdwlkgyrq8hmxxwdzkhcpyc0faxqlly";
|
||||
};
|
||||
|
||||
patches = [ ./fix-shell-path.patch ];
|
||||
|
28
pkgs/development/tools/metal-cli/default.nix
Normal file
28
pkgs/development/tools/metal-cli/default.nix
Normal file
@ -0,0 +1,28 @@
|
||||
{ lib, buildGoModule, fetchFromGitHub }:
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "metal-cli";
|
||||
version = "0.6.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "equinix";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-dGeOFrsqhW0+aQyB4f6pvv4ZBawqKX2+WRskDWoLS7E=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-ifSfeJjrZI1Hrsq64zAGBiLVc8GKvq+Ddg26gQooyTs=";
|
||||
|
||||
postInstall = ''
|
||||
ln -s $out/bin/metal-cli $out/bin/metal
|
||||
'';
|
||||
|
||||
doCheck = false;
|
||||
|
||||
meta = with lib; {
|
||||
description = "Official Equinix Metal CLI";
|
||||
homepage = "https://github.com/equinix/metal-cli/";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ Br1ght0ne nshalman ];
|
||||
};
|
||||
}
|
@ -1,28 +0,0 @@
|
||||
{ lib, buildGoModule, fetchFromGitHub }:
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "packet-cli";
|
||||
version = "0.5.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "packethost";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "0dlcx186l8kh6w3i4dvj7v90lhjkgvq1xkjb2vijy6399z41grw2";
|
||||
};
|
||||
|
||||
vendorSha256 = "1y1c369gsaf5crkdvv5g8d9p2g5602x2gcj8zy1q3wjx9lwhl0i6";
|
||||
|
||||
postInstall = ''
|
||||
ln -s $out/bin/packet-cli $out/bin/packet
|
||||
'';
|
||||
|
||||
doCheck = false;
|
||||
|
||||
meta = with lib; {
|
||||
description = "Official Packet CLI";
|
||||
homepage = "https://github.com/packethost/packet-cli";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ Br1ght0ne nshalman ];
|
||||
};
|
||||
}
|
@ -38,8 +38,8 @@ in ((vscode-utils.override { stdenv = gccStdenv; }).buildVscodeMarketplaceExtens
|
||||
mktplcRef = {
|
||||
name = "vsliveshare";
|
||||
publisher = "ms-vsliveshare";
|
||||
version = "1.0.4836";
|
||||
sha256 = "7hK2ptNU2mQt3iTZgkrKU9ZTVN+m7VFmAlXHxkiPL+o=";
|
||||
version = "1.0.5043";
|
||||
sha256 = "OdFOFvidUV/trySHvF8iELPNVP2kq8+vZQ4q4Nf7SiQ=";
|
||||
};
|
||||
}).overrideAttrs({ nativeBuildInputs ? [], buildInputs ? [], ... }: {
|
||||
nativeBuildInputs = nativeBuildInputs ++ [
|
||||
|
@ -452,7 +452,7 @@
|
||||
"lastfm" = ps: with ps; [ pylast ];
|
||||
"launch_library" = ps: with ps; [ ]; # missing inputs: pylaunches
|
||||
"lcn" = ps: with ps; [ pypck ];
|
||||
"lg_netcast" = ps: with ps; [ ]; # missing inputs: pylgnetcast
|
||||
"lg_netcast" = ps: with ps; [ pylgnetcast ];
|
||||
"lg_soundbar" = ps: with ps; [ ]; # missing inputs: temescal
|
||||
"life360" = ps: with ps; [ ]; # missing inputs: life360
|
||||
"lifx" = ps: with ps; [ aiolifx aiolifx-effects ];
|
||||
|
@ -2,16 +2,16 @@
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "trivy";
|
||||
version = "0.19.2";
|
||||
version = "0.20.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "aquasecurity";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-aYPG0xvuijASKXBGgB+6UyF9bmeU8l5snOoPWI8Ewh8=";
|
||||
sha256 = "sha256-ittOVWsM+1IaILCLCJNOeLxRbRHiiMN4qgLTS9gxV0w=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-4FO6/1eNyxy/CH7XMUkLfRqEg2+XUXL1gKleL6o4EoM=";
|
||||
vendorSha256 = "sha256-HrDj09gUJtkZhQ3nYfoj0K8+T62ib0CWAhhcuvg8cyc=";
|
||||
|
||||
excludedPackages = "misc";
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
{ lib, stdenv, fetchurl, dpkg, gawk, perl, wget, coreutils, util-linux
|
||||
, gnugrep, gnutar, gnused, gzip, makeWrapper }:
|
||||
, gnugrep, gnupg1, gnutar, gnused, gzip, makeWrapper }:
|
||||
# USAGE like this: debootstrap sid /tmp/target-chroot-directory
|
||||
# There is also cdebootstrap now. Is that easier to maintain?
|
||||
let binPath = lib.makeBinPath [
|
||||
@ -7,6 +7,7 @@ let binPath = lib.makeBinPath [
|
||||
dpkg
|
||||
gawk
|
||||
gnugrep
|
||||
gnupg1
|
||||
gnused
|
||||
gnutar
|
||||
gzip
|
||||
|
@ -6,13 +6,13 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "snapper";
|
||||
version = "0.9.0";
|
||||
version = "0.9.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "openSUSE";
|
||||
repo = "snapper";
|
||||
rev = "v${version}";
|
||||
sha256 = "1gx3ichbkdqlzl7w187vc3xpmr9prmnp7as0h6ympgigradj5c7g";
|
||||
sha256 = "1ci5mdsph2n5cqad51zf4sank35yj741adsqy2gg7vqwxrhpm8mj";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -7,13 +7,13 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "mu";
|
||||
version = "1.6.7";
|
||||
version = "1.6.9";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "djcb";
|
||||
repo = "mu";
|
||||
rev = version;
|
||||
sha256 = "bhZrottFT5NX43Iz1wFGYzaUSAgvgkhOwNHX6fjUs7M=";
|
||||
sha256 = "RoSj283fcllEbirZOScKRU4BKLoxgatDdL1qYZu+LEI=";
|
||||
};
|
||||
|
||||
postPatch = lib.optionalString (batchSize != null) ''
|
||||
|
@ -9,16 +9,16 @@
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "sn0int";
|
||||
version = "0.22.0";
|
||||
version = "0.23.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "kpcyrd";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-0BadgWZhP73WOVO18jtcdhsM0L7AM0TQ3PF7MNJM7M0=";
|
||||
sha256 = "sha256-DsDSGF43yEyYYduRHu4+VRrPZ89Ce1fwtDxit0x8Apo=";
|
||||
};
|
||||
|
||||
cargoSha256 = "sha256-KYrJIOaFX2wTDj4KeHn3d8wBHfVevCKQK/bDglfLWAU=";
|
||||
cargoSha256 = "sha256-dXNIbngfwMVvLx4uSO6MWpSrZfUGhlggGvXHysYAJIE=";
|
||||
|
||||
nativeBuildInputs = [
|
||||
pkg-config
|
||||
|
33
pkgs/tools/security/snowcat/default.nix
Normal file
33
pkgs/tools/security/snowcat/default.nix
Normal file
@ -0,0 +1,33 @@
|
||||
{ lib, buildGoModule, fetchFromGitHub }:
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "snowcat";
|
||||
version = "0.1.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "praetorian-inc";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-EulQYGOMIh952e4Xp13hT/HMW3qP1QXYtt5PEej1VTY=";
|
||||
};
|
||||
vendorSha256 = "sha256-D6ipwGMxT0B3uYUzg6Oo2TYnsOVBY0mYO5lC7vtVPc0=";
|
||||
|
||||
ldflags = [ "-s" "-w" ];
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://github.com/praetorian-inc/snowcat";
|
||||
changelog = "https://github.com/praetorian-inc/snowcat/releases/tag/v${version}";
|
||||
description = "A tool to audit the istio service mesh";
|
||||
longDescription = ''
|
||||
Snowcat gathers and analyzes the configuration of an Istio cluster and
|
||||
audits it for potential violations of security best practices.
|
||||
|
||||
There are two main modes of operation for Snowcat. With no positional
|
||||
argument, Snowcat will assume it is running inside of a cluster enabled
|
||||
with Istio, and begin to enumerate the required data. Optionally, you can
|
||||
point snowcat at a directory containing Kubernets YAML files.
|
||||
'';
|
||||
license = licenses.asl20;
|
||||
maintainers = with maintainers; [ jk ];
|
||||
};
|
||||
}
|
@ -620,6 +620,7 @@ mapAliases ({
|
||||
owncloudclient = owncloud-client; # added 2016-08
|
||||
ocz-ssd-guru = throw "ocz-ssd-guru has been removed due to there being no source available"; # added 2021-07-12
|
||||
p11_kit = p11-kit; # added 2018-02-25
|
||||
packet-cli = metal-cli; # added 2021-10-25
|
||||
paperless = paperless-ng; # added 2021-06-06
|
||||
parity = openethereum; # added 2020-08-01
|
||||
parquet-cpp = arrow-cpp; # added 2018-09-08
|
||||
@ -775,6 +776,7 @@ mapAliases ({
|
||||
qt-3 = throw "qt-3 has been removed from nixpkgs, as it's unmaintained and insecure"; # added 2021-02-15
|
||||
rfkill = throw "rfkill has been removed, as it's included in util-linux"; # added 2020-08-23
|
||||
riak-cs = throw "riak-cs is not maintained anymore"; # added 2020-10-14
|
||||
ring-daemon = jami-daemon; #added 2021-10-26
|
||||
radare2-cutter = cutter; # added 2021-03-30
|
||||
redkite = throw "redkite was archived by upstream"; # added 2021-04-12
|
||||
rkt = throw "rkt was archived by upstream"; # added 2020-05-16
|
||||
|
@ -3483,6 +3483,8 @@ with pkgs;
|
||||
|
||||
snippetpixie = callPackage ../tools/text/snippetpixie { };
|
||||
|
||||
snowcat = callPackage ../tools/security/snowcat { };
|
||||
|
||||
socklog = callPackage ../tools/system/socklog { };
|
||||
|
||||
soju = callPackage ../applications/networking/soju { };
|
||||
@ -27147,7 +27149,7 @@ with pkgs;
|
||||
|
||||
packet-sd = callPackage ../development/tools/packet-sd { };
|
||||
|
||||
packet-cli = callPackage ../development/tools/packet-cli { };
|
||||
metal-cli = callPackage ../development/tools/metal-cli { };
|
||||
|
||||
pb_cli = callPackage ../tools/misc/pb_cli {};
|
||||
|
||||
|
@ -3730,6 +3730,8 @@ in {
|
||||
|
||||
inquirer = callPackage ../development/python-modules/inquirer { };
|
||||
|
||||
insegel = callPackage ../development/python-modules/insegel { };
|
||||
|
||||
intake = callPackage ../development/python-modules/intake { };
|
||||
|
||||
intake-parquet = callPackage ../development/python-modules/intake-parquet { };
|
||||
@ -6507,6 +6509,8 @@ in {
|
||||
|
||||
pylev = callPackage ../development/python-modules/pylev { };
|
||||
|
||||
pylgnetcast = callPackage ../development/python-modules/pylgnetcast { };
|
||||
|
||||
pylibacl = callPackage ../development/python-modules/pylibacl { };
|
||||
|
||||
pylibconfig2 = callPackage ../development/python-modules/pylibconfig2 { };
|
||||
|
Loading…
Reference in New Issue
Block a user