dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge master into haskell-updates

Browse Source
This commit is contained in:
github-actions[bot] 2024-10-11 00:16:04 +00:00 committed by GitHub
commit abffbcb73b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
193 changed files with 3720 additions and 2325 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ci/OWNERS
View File

@ -228,7 +228,7 @@ pkgs/development/python-modules/buildcatrust/ @ajs124 @lukegb @mweinelt
/pkgs/tools/misc/esphome @mweinelt
# Network Time Daemons
/pkgs/tools/networking/chrony @thoughtpolice
/pkgs/by-name/ch/chrony @thoughtpolice
/pkgs/tools/networking/ntp @thoughtpolice
/pkgs/tools/networking/openntpd @thoughtpolice
/nixos/modules/services/networking/ntp @thoughtpolice

2
nixos/doc/manual/release-notes/rl-2205.section.md
View File

@ -85,7 +85,7 @@ In addition to numerous new and upgraded packages, this release has the followin
- [filebeat](https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-overview.html), a lightweight shipper for forwarding and centralizing log data. Available as [services.filebeat](#opt-services.filebeat.enable).
- [FRRouting](https://frrouting.org/), a popular suite of Internet routing protocol daemons (BGP, BFD, OSPF, IS-IS, VRRP and others). Available as [services.frr](#opt-services.frr.babel.enable).
- [FRRouting](https://frrouting.org/), a popular suite of Internet routing protocol daemons (BGP, BFD, OSPF, IS-IS, VRRP and others). Available as [services.frr](#opt-services.frr.babeld.enable).
- [Grafana Mimir](https://grafana.com/oss/mimir/), an open source, horizontally scalable, highly available, multi-tenant, long-term storage for Prometheus. Available as [services.mimir](#opt-services.mimir.enable).

13
nixos/doc/manual/release-notes/rl-2411.section.md
View File

@ -112,7 +112,7 @@
- [ddns-updater](https://github.com/qdm12/ddns-updater), a service to update DNS records periodically with WebUI for many DNS providers. Available as [services.ddns-updater](#opt-services.ddns-updater.enable).
- [Immersed VR](https://immersed.com/), a closed-source coworking platform. Available as [programs.immersed-vr](#opt-programs.immersed-vr.enable).
- [Immersed](https://immersed.com/), a closed-source coworking platform. Available as [programs.immersed](#opt-programs.immersed.enable).
- [HomeBox](https://github.com/sysadminsmedia/homebox): the inventory and organization system built for the Home User. Available as [services.homebox](#opt-services.homebox.enable).
@ -205,6 +205,8 @@
- `grafana` has been updated to version 11.1. This version doesn't support setting `http_addr` to a hostname anymore, an IP address is expected.
- `deno` has been updated to v2 which has breaking changes. Upstream will be abandoning v1 soon but for now you can use `deno_1` if you are yet to migrate (will be removed prior to cutting a final 24.11 release).
- `knot-dns` has been updated to version 3.4.x. Check the [migration guide](https://www.knot-dns.cz/docs/latest/html/migration.html#upgrade-3-3-x-to-3-4-x) for breaking changes.
- `services.kubernetes.kubelet.clusterDns` now accepts a list of DNS resolvers rather than a single string, bringing the module more in line with the upstream Kubelet configuration schema.
@ -519,6 +521,12 @@
- `ceph` has been upgraded to v19. See the [Ceph "squid" release notes](https://docs.ceph.com/en/latest/releases/squid/#v19-2-0-squid) for details and recommended upgrade procedure.
- `services.frr` has been refactored to use upstream service scripts. The per-daemon configurations
have been removed in favour of an `integrated-vtysh-config` style config. The daemon submodules
now use the daemon name (e.g. `ospfd`) instead of the protocol name (`ospf`). The daemons `zebra`,
`mgmtd` and `staticd` are always enabled if a config is present. The `vtyListenAddress` and
`vtyListenPort` options have been removed; use `options` or `extraOptions` instead, respectively.
- `opencv2` and `opencv3` have been removed, as they are obsolete and
were not used by any other package. External users are encouraged to
migrate to OpenCV 4.
@ -670,6 +678,9 @@
- ZFS now imports its pools in `postResumeCommands` rather than `postDeviceCommands`. If you had `postDeviceCommands` scripts that depended on ZFS pools being imported, those now need to be in `postResumeCommands`.
- `services.localtimed.enable = true` will now set `time.timeZone = null`.
This is to avoid silently shadowing a user's explicitly defined timezone without recognition on the user's part.
## Detailed migration information {#sec-release-24.11-migration}
### `sound` options removal {#sec-release-24.11-migration-sound}

2
nixos/modules/module-list.nix
View File

@ -215,7 +215,7 @@
./programs/iftop.nix
./programs/i3lock.nix
./programs/iio-hyprland.nix
./programs/immersed-vr.nix
./programs/immersed.nix
./programs/iotop.nix
./programs/java.nix
./programs/joycond-cemuhook.nix

34
nixos/modules/programs/immersed-vr.nix
View File

@ -1,34 +0,0 @@
{
config,
lib,
pkgs,
...
}:
let
cfg = config.programs.immersed-vr;
in
{
options = {
programs.immersed-vr = {
enable = lib.mkEnableOption "immersed-vr";
package = lib.mkPackageOption pkgs "immersed-vr" {};
};
};
config = lib.mkIf cfg.enable {
boot = {
kernelModules = [ "v4l2loopback" "snd-aloop" ];
extraModulePackages = [ config.boot.kernelPackages.v4l2loopback ];
extraModprobeConfig = ''
options v4l2loopback exclusive_caps=1 card_label="v4l2loopback Virtual Camera"
'';
};
environment.systemPackages = [ cfg.package ];
};
meta.maintainers = pkgs.immersed-vr.meta.maintainers;
}

49
nixos/modules/programs/immersed.nix Normal file
View File

@ -0,0 +1,49 @@
{
config,
lib,
pkgs,
...
}:
let
cfg = config.programs.immersed;
in
{
imports = [
(lib.mkRenamedOptionModule
[
"programs"
"immersed-vr"
]
[
"programs"
"immersed"
]
)
];
options = {
programs.immersed = {
enable = lib.mkEnableOption "immersed";
package = lib.mkPackageOption pkgs "immersed" { };
};
};
config = lib.mkIf cfg.enable {
boot = {
kernelModules = [
"v4l2loopback"
"snd-aloop"
];
extraModulePackages = [ config.boot.kernelPackages.v4l2loopback ];
extraModprobeConfig = ''
options v4l2loopback exclusive_caps=1 card_label="v4l2loopback Virtual Camera"
'';
};
environment.systemPackages = [ cfg.package ];
};
meta.maintainers = pkgs.immersed.meta.maintainers;
}

83
nixos/modules/security/pam.nix
View File

@ -287,6 +287,18 @@ let
'';
};
rssh = lib.mkOption {
default = false;
type = lib.types.bool;
description = ''
If set, the calling user's SSH agent is used to authenticate
against the configured keys. This module works in a manner
similar to pam_ssh_agent_auth, but supports a wider range
of SSH key types, including those protected by security
keys (FIDO2).
'';
};
duoSecurity = {
enable = lib.mkOption {
default = false;
@ -673,6 +685,7 @@ let
{ name = "ssh_agent_auth"; enable = config.security.pam.sshAgentAuth.enable && cfg.sshAgentAuth; control = "sufficient"; modulePath = "${pkgs.pam_ssh_agent_auth}/libexec/pam_ssh_agent_auth.so"; settings = {
file = lib.concatStringsSep ":" config.security.pam.sshAgentAuth.authorizedKeysFiles;
}; }
(let inherit (config.security.pam) rssh; in { name = "rssh"; enable = rssh.enable && cfg.rssh; control = "sufficient"; modulePath = "${pkgs.pam_rssh}/lib/libpam_rssh.so"; inherit (rssh) settings; })
(let p11 = config.security.pam.p11; in { name = "p11"; enable = cfg.p11Auth; control = p11.control; modulePath = "${pkgs.pam_p11}/lib/security/pam_p11.so"; args = [
"${pkgs.opensc}/lib/opensc-pkcs11.so"
]; })
@ -950,8 +963,9 @@ let
value.source = pkgs.writeText "${name}.pam" service.text;
};
optionalSudoConfigForSSHAgentAuth = lib.optionalString config.security.pam.sshAgentAuth.enable ''
# Keep SSH_AUTH_SOCK so that pam_ssh_agent_auth.so can do its magic.
optionalSudoConfigForSSHAgentAuth = lib.optionalString
(config.security.pam.sshAgentAuth.enable || config.security.pam.rssh.enable) ''
# Keep SSH_AUTH_SOCK so that pam_ssh_agent_auth.so and libpam_rssh.so can do their magic.
Defaults env_keep+=SSH_AUTH_SOCK
'';
@ -1068,6 +1082,55 @@ in
};
};
security.pam.rssh = {
enable = lib.mkEnableOption "authenticating using a signature performed by the ssh-agent";
settings = lib.mkOption {
type = lib.types.submodule {
freeformType = moduleSettingsType;
options = {
auth_key_file = lib.mkOption {
type = with lib.types; nullOr nonEmptyStr;
description = ''
Path to file with trusted public keys in OpenSSH's `authorized_keys` format. The following
variables are expanded to the respective PAM items:
- `service`: `PAM_SERVICE`, the service name,
- `user`: `PAM_USER`, the username of the entity under whose identity service will be given,
- `tty`: `PAM_TTY`, the terminal name,
- `rhost`: `PAM_RHOST`, the requesting hostname, and
- `ruser`: `PAM_RUSER`, the requesting entity.
These PAM items are explained in {manpage}`pam_get_item(3)`.
Variables may be specified as `$var`, `''${var}` or `''${var:defaultValue}`.
::: {.note}
Specifying user-writeable files here results in an insecure configuration: a malicious process
can then edit such an `authorized_keys` file and bypass the ssh-agent-based authentication.
This option is ignored if {option}`security.pam.rssh.settings.authorized_keys_command` is set.
If both this option and {option}`security.pam.rssh.settings.authorized_keys_command` are unset,
the keys will be read from `''${HOME}/.ssh/authorized_keys`, which should be considered
insecure.
'';
default = "/etc/ssh/authorized_keys.d/$ruser";
};
};
};
default = { };
description = ''
Options to pass to the pam_rssh module. Refer to
<https://github.com/z4yx/pam_rssh/blob/main/README.md#optional-arguments>
for supported values.
${moduleSettingsDescription}
'';
};
};
security.pam.enableOTPW = lib.mkEnableOption "the OTPW (one-time password) PAM module";
security.pam.dp9ik = {
@ -1512,16 +1575,30 @@ in
Did you forget to set `services.openssh.enable` ?
'';
}
{
assertion = with config.security.pam.rssh;
enable -> (settings.auth_key_file or null != null || settings.authorized_keys_command or null != null);
message = ''
security.pam.rssh.enable requires either security.pam.rssh.settings.auth_key_file or
security.pam.rssh.settings.authorized_keys_command to be set.
'';
}
];
warnings = lib.optional
(with lib; with config.security.pam.sshAgentAuth;
(with config.security.pam.sshAgentAuth;
enable && lib.any (s: lib.hasPrefix "%h" s || lib.hasPrefix "~" s) authorizedKeysFiles)
''config.security.pam.sshAgentAuth.authorizedKeysFiles contains files in the user's home directory.
Specifying user-writeable files there result in an insecure configuration:
a malicious process can then edit such an authorized_keys file and bypass the ssh-agent-based authentication.
See https://github.com/NixOS/nixpkgs/issues/31611
'' ++ lib.optional
(with config.security.pam.rssh;
enable && settings.auth_key_file or null != null && settings.authorized_keys_command or null != null) ''
security.pam.rssh.settings.auth_key_file will be ignored as
security.pam.rssh.settings.authorized_keys_command has been specified.
Explictly set the former to null to silence this warning.
'';
environment.systemPackages =

11
nixos/modules/services/networking/fedimintd.nix
View File

@ -63,7 +63,7 @@ let
};
url = mkOption {
type = types.str;
example = "fedimint://p2p.myfedimint.com";
example = "fedimint://p2p.myfedimint.com:8173";
description = ''
Public address for p2p connections from peers
'';
@ -159,6 +159,12 @@ let
example = "api.myfedimint.com";
description = "Public domain of the API address of the reverse proxy/tls terminator.";
};
path = mkOption {
type = types.str;
example = "/";
default = "/ws/";
description = "Path to host the API on and forward to the daemon's api port";
};
config = mkOption {
type = types.submodule (
recursiveUpdate (import ../web-servers/nginx/vhost-options.nix {
@ -286,8 +292,7 @@ in
# overriden by default value from vhost-options.nix
enableACME = mkOverride 99 true;
forceSSL = mkOverride 99 true;
# Currently Fedimint API only support JsonRPC on `/ws/` endpoint, so no need to handle `/`
locations."/ws/" = {
locations.${cfg.nginx.path} = {
proxyPass = "http://127.0.0.1:${toString cfg.api.port}/";
proxyWebsockets = true;
extraConfig = ''

371
nixos/modules/services/networking/frr.nix
View File

@ -1,10 +1,55 @@
{ config, lib, pkgs, ... }:
let
cfg = config.services.frr;
services = [
"static"
daemons = [
"bgpd"
"ospfd"
"ospf6d"
"ripd"
"ripngd"
"isisd"
"pimd"
"pim6d"
"ldpd"
"nhrpd"
"eigrpd"
"babeld"
"sharpd"
"pbrd"
"bfdd"
"fabricd"
"vrrpd"
"pathd"
];
daemonDefaultOptions = {
zebra = "-A 127.0.0.1 -s 90000000";
mgmtd = "-A 127.0.0.1";
bgpd = "-A 127.0.0.1";
ospfd = "-A 127.0.0.1";
ospf6d = "-A ::1";
ripd = "-A 127.0.0.1";
ripngd = "-A ::1";
isisd = "-A 127.0.0.1";
pimd = "-A 127.0.0.1";
pim6d = "-A ::1";
ldpd = "-A 127.0.0.1";
nhrpd = "-A 127.0.0.1";
eigrpd = "-A 127.0.0.1";
babeld = "-A 127.0.0.1";
sharpd = "-A 127.0.0.1";
pbrd = "-A 127.0.0.1";
staticd = "-A 127.0.0.1";
bfdd = "-A 127.0.0.1";
fabricd = "-A 127.0.0.1";
vrrpd = "-A 127.0.0.1";
pathd = "-A 127.0.0.1";
};
renamedServices = [
"bgp"
"ospf"
"ospf6"
@ -22,210 +67,194 @@ let
"fabric"
];
allServices = services ++ [ "zebra" "mgmt" ];
obsoleteServices = renamedServices ++ [ "static" "mgmt" "zebra" ];
allDaemons = builtins.attrNames daemonDefaultOptions;
isEnabled = service: cfg.${service}.enable;
daemonName = service: if service == "zebra" then service else "${service}d";
daemonLine = d: "${d}=${if isEnabled d then "yes" else "no"}";
configFile = service:
let
scfg = cfg.${service};
in
if scfg.configFile != null then scfg.configFile
else pkgs.writeText "${daemonName service}.conf"
''
! FRR ${daemonName service} configuration
!
hostname ${config.networking.hostName}
log syslog
service password-encryption
!
${scfg.config}
!
end
'';
configFile =
if cfg.configFile != null then
cfg.configFile
else
pkgs.writeText "frr.conf" ''
! FRR configuration
!
hostname ${config.networking.hostName}
log syslog
service password-encryption
service integrated-vtysh-config
!
${cfg.config}
!
end
'';
serviceOptions = service:
serviceOptions =
service:
{
enable = lib.mkEnableOption "the FRR ${lib.toUpper service} routing protocol";
configFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
example = "/etc/frr/${daemonName service}.conf";
options = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ daemonDefaultOptions.${service} ];
description = ''
Configuration file to use for FRR ${daemonName service}.
By default the NixOS generated files are used.
Options for the FRR ${service} daemon.
'';
};
config = lib.mkOption {
type = lib.types.lines;
default = "";
example =
let
examples = {
rip = ''
router rip
network 10.0.0.0/8
'';
ospf = ''
router ospf
network 10.0.0.0/8 area 0
'';
bgp = ''
router bgp 65001
neighbor 10.0.0.1 remote-as 65001
'';
};
in
examples.${service} or "";
description = ''
${daemonName service} configuration statements.
'';
};
vtyListenAddress = lib.mkOption {
type = lib.types.str;
default = "localhost";
description = ''
Address to bind to for the VTY interface.
'';
};
vtyListenPort = lib.mkOption {
type = lib.types.nullOr lib.types.int;
default = null;
description = ''
TCP Port to bind to for the VTY interface.
'';
};
extraOptions = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
default = [ ];
description = ''
Extra options for the daemon.
Extra options to be appended to the FRR ${service} daemon options.
'';
};
};
}
// (if (builtins.elem service daemons) then { enable = lib.mkEnableOption "FRR ${service}"; } else { });
in
{
###### interface
imports = [
{
options.services.frr = {
zebra = (serviceOptions "zebra") // {
enable = lib.mkOption {
type = lib.types.bool;
default = lib.any isEnabled services;
imports =
[
{
options.services.frr = {
configFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
example = "/etc/frr/frr.conf";
description = ''
Whether to enable the Zebra routing manager.
The Zebra routing manager is automatically enabled
if any routing protocols are configured.
Configuration file to use for FRR.
By default the NixOS generated files are used.
'';
};
config = lib.mkOption {
type = lib.types.lines;
default = "";
example = ''
router rip
network 10.0.0.0/8
router ospf
network 10.0.0.0/8 area 0
router bgp 65001
neighbor 10.0.0.1 remote-as 65001
'';
description = ''
FRR configuration statements.
'';
};
openFilesLimit = lib.mkOption {
type = lib.types.ints.unsigned;
default = 1024;
description = ''
This is the maximum number of FD's that will be available. Use a
reasonable value for your setup if you are expecting a large number
of peers in say BGP.
'';
};
};
mgmt = (serviceOptions "mgmt") // {
enable = lib.mkOption {
type = lib.types.bool;
default = isEnabled "static";
defaultText = lib.literalExpression "config.services.frr.static.enable";
description = ''
Whether to enable the Configuration management daemon.
The Configuration management daemon is automatically
enabled if needed, at the moment this is when staticd
is enabled.
'';
};
};
};
}
{ options.services.frr = (lib.genAttrs services serviceOptions); }
];
}
{ options.services.frr = (lib.genAttrs allDaemons serviceOptions); }
(lib.mkRemovedOptionModule [ "services" "frr" "zebra" "enable" ] "FRR zebra is always enabled")
]
++ (map (d: lib.mkRenamedOptionModule [ "services" "frr" d "enable" ] [ "services" "frr" "${d}d" "enable" ]) renamedServices)
++ (map (d: lib.mkRenamedOptionModule [ "services" "frr" d "extraOptions" ] [ "services" "frr" "${d}d" "extraOptions" ]) (renamedServices ++ [ "static" "mgmt" ]))
++ (map (d: lib.mkRemovedOptionModule [ "services" "frr" d "enable" ] "FRR ${d}d is always enabled") [ "static" "mgmt" ])
++ (map (d: lib.mkRemovedOptionModule [ "services" "frr" d "config" ] "FRR switched to integrated-vtysh-config, please use services.frr.config") obsoleteServices)
++ (map (d: lib.mkRemovedOptionModule [ "services" "frr" d "configFile" ] "FRR switched to integrated-vtysh-config, please use services.frr.config or services.frr.configFile") obsoleteServices)
++ (map (d: lib.mkRemovedOptionModule [ "services" "frr" d "vtyListenAddress" ] "Please change -A option in services.frr.${d}.options instead") obsoleteServices)
++ (map (d: lib.mkRemovedOptionModule [ "services" "frr" d "vtyListenPort" ] "Please use `-P «vtyListenPort»` option with services.frr.${d}.extraOptions instead, or change services.frr.${d}.options accordingly") obsoleteServices)
;
###### implementation
config = lib.mkIf (lib.any isEnabled allServices) {
environment.systemPackages = [
pkgs.frr # for the vtysh tool
];
users.users.frr = {
description = "FRR daemon user";
isSystemUser = true;
group = "frr";
};
users.groups = {
frr = {};
# Members of the frrvty group can use vtysh to inspect the FRR daemons
frrvty = { members = [ "frr" ]; };
};
environment.etc = let
mkEtcLink = service: {
name = "frr/${daemonName service}.conf";
value.source = configFile service;
};
config =
let
daemonList = lib.concatStringsSep "\n" (map daemonLine daemons);
daemonOptionLine = d: "${d}_options=\"${lib.concatStringsSep " " (cfg.${d}.options ++ cfg.${d}.extraOptions)}\"";
daemonOptions = lib.concatStringsSep "\n" (map daemonOptionLine allDaemons);
in
(builtins.listToAttrs
(map mkEtcLink (lib.filter isEnabled allServices))) // {
"frr/vtysh.conf".text = "";
lib.mkIf (lib.any isEnabled daemons || cfg.configFile != null || cfg.config != "") {
environment.systemPackages = [
pkgs.frr # for the vtysh tool
];
users.users.frr = {
description = "FRR daemon user";
isSystemUser = true;
group = "frr";
};
systemd.tmpfiles.rules = [
"d /run/frr 0750 frr frr -"
];
users.groups = {
frr = { };
# Members of the frrvty group can use vtysh to inspect the FRR daemons
frrvty = {
members = [ "frr" ];
};
};
systemd.services =
let
frrService = service:
let
scfg = cfg.${service};
daemon = daemonName service;
in
lib.nameValuePair daemon ({
wantedBy = [ "multi-user.target" ];
after = [ "network-pre.target" "systemd-sysctl.service" ] ++ lib.optionals (service != "zebra") [ "zebra.service" ];
bindsTo = lib.optionals (service != "zebra") [ "zebra.service" ];
wants = [ "network.target" ];
environment.etc = {
"frr/frr.conf".source = configFile;
"frr/vtysh.conf".text = ''
service integrated-vtysh-config
'';
"frr/daemons".text = ''
# This file tells the frr package which daemons to start.
#
# The watchfrr, zebra and staticd daemons are always started.
#
# This part is auto-generated from services.frr.<daemon>.enable config
${daemonList}
description = if service == "zebra" then "FRR Zebra routing manager"
else "FRR ${lib.toUpper service} routing daemon";
# If this option is set the /etc/init.d/frr script automatically loads
# the config via "vtysh -b" when the servers are started.
#
vtysh_enable=yes
unitConfig.Documentation = if service == "zebra" then "man:zebra(8)"
else "man:${daemon}(8) man:zebra(8)";
# This part is auto-generated from services.frr.<daemon>.options or
# services.frr.<daemon>.extraOptions
${daemonOptions}
'';
};
restartTriggers = lib.mkIf (service != "mgmt") [
(configFile service)
];
reloadIfChanged = (service != "mgmt");
systemd.tmpfiles.rules = [ "d /run/frr 0750 frr frr -" ];
serviceConfig = {
PIDFile = "frr/${daemon}.pid";
ExecStart = "${pkgs.frr}/libexec/frr/${daemon}"
+ lib.optionalString (scfg.vtyListenAddress != "") " -A ${scfg.vtyListenAddress}"
+ lib.optionalString (scfg.vtyListenPort != null) " -P ${toString scfg.vtyListenPort}"
+ " " + (lib.concatStringsSep " " scfg.extraOptions);
ExecReload = lib.mkIf (service != "mgmt") "${pkgs.python3.interpreter} ${pkgs.frr}/libexec/frr/frr-reload.py --reload --daemon ${daemon} --bindir ${pkgs.frr}/bin --rundir /run/frr /etc/frr/${daemon}.conf";
Restart = "on-abnormal";
};
});
in
lib.listToAttrs (map frrService (lib.filter isEnabled allServices));
};
systemd.services.frr = {
description = "FRRouting";
documentation = [ "https://frrouting.readthedocs.io/en/latest/setup.html" ];
wants = [ "network.target" ];
after = [
"network-pre.target"
"systemd-sysctl.service"
];
before = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
startLimitIntervalSec = 180;
reloadIfChanged = true;
restartTriggers = [
configFile
daemonList
];
serviceConfig = {
Nice = -5;
Type = "forking";
NotifyAccess = "all";
StartLimitBurst = "3";
TimeoutSec = 120;
WatchdogSec = 60;
RestartSec = 5;
Restart = "always";
LimitNOFILE = cfg.openFilesLimit;
PIDFile = "/run/frr/watchfrr.pid";
ExecStart = "${pkgs.frr}/libexec/frr/frrinit.sh start";
ExecStop = "${pkgs.frr}/libexec/frr/frrinit.sh stop";
ExecReload = "${pkgs.frr}/libexec/frr/frrinit.sh reload";
};
};
};
meta.maintainers = with lib.maintainers; [ woffs ];
}

2
nixos/modules/services/networking/shorewall.nix
View File

@ -58,7 +58,7 @@ in {
install -D -d -m 750 /var/lib/shorewall
install -D -d -m 755 /var/lock/subsys
touch /var/log/shorewall.log
chown 750 /var/log/shorewall.log
chmod 750 /var/log/shorewall.log
'';
};
environment = {

2
nixos/modules/services/networking/shorewall6.nix
View File

@ -58,7 +58,7 @@ in {
install -D -d -m 750 /var/lib/shorewall6
install -D -d -m 755 /var/lock/subsys
touch /var/log/shorewall6.log
chown 750 /var/log/shorewall6.log
chmod 750 /var/log/shorewall6.log
'';
};
environment = {

9
nixos/modules/services/system/localtimed.nix
View File

@ -16,6 +16,11 @@ in {
Enable `localtimed`, a simple daemon for keeping the
system timezone up-to-date based on the current location. It uses
geoclue2 to determine the current location.
To avoid silent overriding by the service, if you have explicitly set a
timezone, either remove it or ensure that it is set with a lower priority
than the default value using `lib.mkDefault` or `lib.mkOverride`. This is
to make the choice deliberate. An error will be presented otherwise.
'';
};
package = mkPackageOption pkgs "localtime" { };
@ -24,6 +29,10 @@ in {
};
config = mkIf cfg.enable {
# This will give users an error if they have set an explicit time
# zone, rather than having the service silently override it.
time.timeZone = null;
services.geoclue2.appConfig.localtimed = {
isAllowed = true;
isSystem = true;

5
nixos/modules/services/wayland/hypridle.nix
View File

@ -17,7 +17,10 @@ in
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
systemd.packages = [ cfg.package ];
systemd = {
packages = [ cfg.package ];
user.services.hypridle.wantedBy = [ "graphical-session.target" ];
};
};
meta.maintainers = with lib.maintainers; [ johnrtitor ];

2
nixos/modules/tasks/bcache.nix
View File

@ -11,6 +11,8 @@ in {
Whether to enable bcache support in the initrd.
'';
default = config.boot.initrd.systemd.enable && config.boot.bcache.enable;
defaultText = lib.literalExpression "config.boot.initrd.systemd.enable && config.boot.bcache.enable";
};
config = lib.mkIf cfg.enable {

2
nixos/modules/tasks/lvm.nix
View File

@ -31,6 +31,8 @@ in {
Whether to enable booting from LVM2 in the initrd.
'';
default = config.boot.initrd.systemd.enable && config.services.lvm.enable;
defaultText = lib.literalExpression "config.boot.initrd.systemd.enable && config.services.lvm.enable";
};
config = mkMerge [

4
nixos/modules/virtualisation/ec2-data.nix
View File

@ -34,7 +34,7 @@ with lib;
if ! [ -e /root/.ssh/authorized_keys ]; then
echo "obtaining SSH key..."
mkdir -p /root/.ssh
chown 0700 /root/.ssh
chmod 0700 /root/.ssh
if [ -s /etc/ec2-metadata/public-keys-0-openssh-key ]; then
(umask 177; cat /etc/ec2-metadata/public-keys-0-openssh-key >> /root/.ssh/authorized_keys)
echo "new key added to authorized_keys"
@ -47,7 +47,7 @@ with lib;
userData=/etc/ec2-metadata/user-data
mkdir -p /etc/ssh
chown 0755 /etc/ssh
chmod 0755 /etc/ssh
if [ -s "$userData" ]; then
key="$(sed 's/|/\n/g; s/SSH_HOST_DSA_KEY://; t; d' $userData)"

2
nixos/modules/virtualisation/ec2-metadata-fetcher.sh
View File

@ -1,6 +1,6 @@
metaDir=/etc/ec2-metadata
mkdir -p "$metaDir"
chown 0755 "$metaDir"
chmod 0755 "$metaDir"
rm -f "$metaDir/*"
get_imds_token() {

29
nixos/tests/frr.nix
View File

@ -38,7 +38,11 @@ import ./make-test-python.nix ({ pkgs, ... }:
{ nodes, ... }:
{
virtualisation.vlans = [ 1 ];
networking.defaultGateway = ifAddr nodes.router1 "eth1";
services.frr = {
config = ''
ip route 192.168.0.0/16 ${ifAddr nodes.router1 "eth1"}
'';
};
};
router1 =
@ -47,13 +51,13 @@ import ./make-test-python.nix ({ pkgs, ... }:
virtualisation.vlans = [ 1 2 ];
boot.kernel.sysctl."net.ipv4.ip_forward" = "1";
networking.firewall.extraCommands = "iptables -A nixos-fw -i eth2 -p ospfigp -j ACCEPT";
services.frr.ospf = {
enable = true;
services.frr = {
ospfd.enable = true;
config = ospfConf1;
};
specialisation.ospf.configuration = {
services.frr.ospf.config = ospfConf2;
services.frr.config = ospfConf2;
};
};
@ -63,8 +67,8 @@ import ./make-test-python.nix ({ pkgs, ... }:
virtualisation.vlans = [ 3 2 ];
boot.kernel.sysctl."net.ipv4.ip_forward" = "1";
networking.firewall.extraCommands = "iptables -A nixos-fw -i eth2 -p ospfigp -j ACCEPT";
services.frr.ospf = {
enable = true;
services.frr = {
ospfd.enable = true;
config = ospfConf2;
};
};
@ -73,7 +77,11 @@ import ./make-test-python.nix ({ pkgs, ... }:
{ nodes, ... }:
{
virtualisation.vlans = [ 3 ];
networking.defaultGateway = ifAddr nodes.router2 "eth1";
services.frr = {
config = ''
ip route 192.168.0.0/16 ${ifAddr nodes.router2 "eth1"}
'';
};
};
};
@ -86,10 +94,9 @@ import ./make-test-python.nix ({ pkgs, ... }:
for machine in client, router1, router2, server:
machine.wait_for_unit("network.target")
with subtest("Wait for Zebra and OSPFD"):
for gw in router1, router2:
gw.wait_for_unit("zebra")
gw.wait_for_unit("ospfd")
with subtest("Wait for FRR"):
for gw in client, router1, router2, server:
gw.wait_for_unit("frr")
router1.succeed("${nodes.router1.config.system.build.toplevel}/specialisation/ospf/bin/switch-to-configuration test >&2")

4
nixos/tests/nebula.nix
View File

@ -136,9 +136,9 @@ in
${name}.start()
${name}.succeed(
"mkdir -p /root/.ssh",
"chown 700 /root/.ssh",
"chmod 700 /root/.ssh",
"cat '${snakeOilPrivateKey}' > /root/.ssh/id_snakeoil",
"chown 600 /root/.ssh/id_snakeoil",
"chmod 600 /root/.ssh/id_snakeoil",
"mkdir -p /root"
)
'';

4
nixos/tests/tmate-ssh-server.nix
View File

@ -6,9 +6,9 @@ let
setUpPrivateKey = name: ''
${name}.succeed(
"mkdir -p /root/.ssh",
"chown 700 /root/.ssh",
"chmod 700 /root/.ssh",
"cat '${snakeOilPrivateKey}' > /root/.ssh/id_snakeoil",
"chown 600 /root/.ssh/id_snakeoil",
"chmod 600 /root/.ssh/id_snakeoil",
)
${name}.wait_for_file("/root/.ssh/id_snakeoil")
'';

9
pkgs/applications/editors/android-studio/common.nix
View File

@ -60,12 +60,15 @@
, usbutils
, which
, runCommand
, wayland
, xkeyboard_config
, xorg
, zlib
, makeDesktopItem
, tiling_wm # if we are using a tiling wm, need to set _JAVA_AWT_WM_NONREPARENTING in wrapper
, androidenv
, forceWayland ? false
}:
let
@ -176,7 +179,11 @@ let
# For GTKLookAndFeel
gtk2
glib
]}"
# For wayland support
wayland
]}" \
${lib.optionalString forceWayland "--add-flags -Dawt.toolkit.name=WLToolkit"}
# AS launches LLDBFrontend with a custom LD_LIBRARY_PATH
wrapProgram $(find $out -name LLDBFrontend) --prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath [

7
pkgs/applications/editors/emacs/elisp-packages/manual-packages/lsp-bridge/default.nix
View File

@ -24,18 +24,19 @@ let
setuptools
sexpdata
six
watchdog
]
);
in
melpaBuild {
pname = "lsp-bridge";
version = "0-unstable-2024-10-04";
version = "0-unstable-2024-10-07";
src = fetchFromGitHub {
owner = "manateelazycat";
repo = "lsp-bridge";
rev = "2d0cd0bea3bd503ca3bb7bcf4a6a78af091c7ecc";
hash = "sha256-q6xIYUhXTqGeR9tnjd1xnCOnOeOMypJN6vfGjZDuIIM=";
rev = "f726a341c283a5b84d3587cf84e40817b8ec72c6";
hash = "sha256-JL02pYjM5DyUt5wCNN0UnLVSXv9DCfSaSBGy5PzLvyA=";
};
patches = [

1
pkgs/applications/editors/vscode/generic.nix
View File

@ -149,6 +149,7 @@ in
exec = executableName + " --open-url %U";
icon = "vs${executableName}";
startupNotify = true;
startupWMClass = shortName;
categories = [ "Utility" "TextEditor" "Development" "IDE" ];
mimeTypes = [ "x-scheme-handler/vs${executableName}" ];
keywords = [ "vscode" ];

12
pkgs/applications/editors/vscode/vscodium.nix
View File

@ -15,11 +15,11 @@ let
archive_fmt = if stdenv.hostPlatform.isDarwin then "zip" else "tar.gz";
sha256 = {
x86_64-linux = "0wx0jjckyz2hxas3108m9l2nm8vlgxh8rc9g673g9a43zzg98prf";
x86_64-darwin = "1s56qd9ycqnm4fxg4c75cfjxy0hpn762f84l4gg2054yic7c3s2v";
aarch64-linux = "070wj6h5riv9vp73np9k9qk85y26wj22626jafvss0zjkdjrrhgh";
aarch64-darwin = "09pl31zplrixi828yxqyl1khyxp3mw4d3gsfrj1dz62rxbnahmq6";
armv7l-linux = "1sqidmzdyrxgskylhyi1xav7apq0f8ca9qz0g7svcy5jn1wk855f";
x86_64-linux = "0hq2w9rc54qy6234njx6xfh3m1p3d206lr22sdxxa3snnrh4vrs8";
x86_64-darwin = "0knkn4i6vvszxqzsv9564bbassqgszr8bfa4l7hsqy25ki37k5ln";
aarch64-linux = "1k9qvymc7yfq8ihlbx8676gsjyfhg41acc5p4lrw9ci0a3sqanz9";
aarch64-darwin = "029sdf0h9fcviv6qdphzlgb1qhy24vj79h465mf559gdih21xlp4";
armv7l-linux = "16lwgagg2i6mwqm3p2z97di571wgl2hj255pnxqhcz6x9vq26l8p";
}.${system} or throwSystem;
sourceRoot = lib.optionalString (!stdenv.hostPlatform.isDarwin) ".";
@ -29,7 +29,7 @@ in
# Please backport all compatible updates to the stable release.
# This is important for the extension ecosystem.
version = "1.94.0.24282";
version = "1.94.1.24283";
pname = "vscodium";
executableName = "codium";

8
pkgs/applications/graphics/processing/default.nix
View File

@ -31,25 +31,25 @@ let
flatlaf = fetchurl {
name = "flatlaf-2.4.jar";
url = "https://repo1.maven.org/maven2/com/formdev/flatlaf/2.4/flatlaf-2.4.jar";
url = "mirror://maven/com/formdev/flatlaf/2.4/flatlaf-2.4.jar";
sha256 = "NVMYiCd+koNCJ6X3EiRx1Aj+T5uAMSJ9juMmB5Os+zc=";
};
lsp4j = fetchurl {
name = "org.eclipse.lsp4j-0.19.0.jar";
url = "https://repo1.maven.org/maven2/org/eclipse/lsp4j/org.eclipse.lsp4j/0.19.0/org.eclipse.lsp4j-0.19.0.jar";
url = "mirror://maven/org/eclipse/lsp4j/org.eclipse.lsp4j/0.19.0/org.eclipse.lsp4j-0.19.0.jar";
sha256 = "sha256-1DI5D9KW+GL4gT1qjwVZveOl5KVOEjt6uXDwsFzi8Sg=";
};
lsp4j-jsonrpc = fetchurl {
name = "org.eclipse.lsp4j.jsonrpc-0.19.0.jar";
url = "https://repo1.maven.org/maven2/org/eclipse/lsp4j/org.eclipse.lsp4j.jsonrpc/0.19.0/org.eclipse.lsp4j.jsonrpc-0.19.0.jar";
url = "mirror://maven/org/eclipse/lsp4j/org.eclipse.lsp4j.jsonrpc/0.19.0/org.eclipse.lsp4j.jsonrpc-0.19.0.jar";
sha256 = "sha256-ozYTkvv7k0psCeX/PbSM3/Bl17qT3upX3trt65lmM9I=";
};
gson = fetchurl {
name = "gson-2.9.1.jar";
url = "https://repo1.maven.org/maven2/com/google/code/gson/gson/2.9.1/gson-2.9.1.jar";
url = "mirror://maven/com/google/code/gson/gson/2.9.1/gson-2.9.1.jar";
sha256 = "sha256-N4U04znm5tULFzb7Ort28cFdG+P0wTzsbVNkEuI9pgM=";
};

27
pkgs/applications/misc/subsurface/default.nix
View File

@ -25,16 +25,17 @@
, qtwebengine
, libXcomposite
, bluez
, writeScript
}:
let
version = "5.0.10";
version = "6.0.5231";
subsurfaceSrc = (fetchFromGitHub {
owner = "Subsurface";
repo = "subsurface";
rev = "v${version}";
hash = "sha256-KzUBhFGvocaS1VrVT2stvKrj3uVxYka+dyYZUfkIoNs=";
rev = "38a0050ac33566dfd34bf94cf1d7ac66034e4118";
hash = "sha256-6fNcBF/Ep2xs2z83ZQ09XNb/ZkhK1nUNLChV1x8qh0Y=";
fetchSubmodules = true;
});
@ -136,7 +137,25 @@ stdenv.mkDerivation {
"-DNO_PRINTING=OFF"
];
passthru = { inherit version libdc googlemaps; };
passthru = {
inherit version libdc googlemaps;
updateScript = writeScript "update-subsurface" ''
#!/usr/bin/env nix-shell
#!nix-shell -i bash -p git common-updater-scripts
set -eu -o pipefail
tmpdir=$(mktemp -d)
pushd $tmpdir
git clone -b current https://github.com/subsurface/subsurface.git
cd subsurface
# this returns 6.0.????-local
new_version=$(./scripts/get-version.sh | cut -d '-' -f 1)
new_rev=$(git rev-list -1 HEAD)
popd
update-source-version subsurface "$new_version" --rev="$new_rev"
rm -rf $tmpdir
'';
};
meta = with lib; {
description = "Divelog program";

8
pkgs/applications/networking/browsers/chromium/upstream-info.nix
View File

@ -27,11 +27,11 @@
version = "2024-08-19";
};
ungoogled-patches = {
hash = "sha256-fKMa/TxQRzteLIYMy+gn5fDvxLyrqtSwXHWxle0bhsE=";
rev = "129.0.6668.89-1";
hash = "sha256-kvpLE6SbXFur5xi1C8Ukvm4OoU5YB8PQCJdiakhFSAM=";
rev = "129.0.6668.100-1";
};
};
hash = "sha256-+n9LjRLFvVB/pYkSrRCxln/Xn2paFyoY+mJGD73NtII=";
version = "129.0.6668.89";
hash = "sha256-LOZ9EPw7VgBNEV7Wxb8H5WfSYTTWOL8EDP91uCrZAsA=";
version = "129.0.6668.100";
};
}

9
pkgs/applications/networking/browsers/floorp/default.nix
View File

@ -9,7 +9,7 @@
(
(buildMozillaMach rec {
pname = "floorp";
packageVersion = "11.19.0";
packageVersion = "11.19.1";
applicationName = "Floorp";
binaryName = "floorp";
branding = "browser/branding/official";
@ -17,14 +17,14 @@
allowAddonSideload = true;
# Must match the contents of `browser/config/version.txt` in the source tree
version = "128.3.0";
version = "128.4.0";
src = fetchFromGitHub {
owner = "Floorp-Projects";
repo = "Floorp";
fetchSubmodules = true;
rev = "v${packageVersion}";
hash = "sha256-Sk7oMegNr01tLC1BXpUuImg03C6lEEhaVTSjISV9xAE=";
hash = "sha256-RFJ3aRbLwCf0qaluqImcF9+6frvJbw8QE3jBpxNxFjE=";
};
extraConfigureFlags = [
@ -57,9 +57,6 @@
maxSilent = 14400; # 4h, double the default of 7200s (c.f. #129212, #129115)
license = lib.licenses.mpl20;
mainProgram = "floorp";
knownVulnerabilities = [
"CVE-2024-9680"
];
};
tests = [ nixosTests.floorp ];
}).override

6
pkgs/applications/networking/instant-messengers/wire-desktop/default.nix
View File

@ -6,7 +6,7 @@
, stdenv
, lib
, udev
, wrapGAppsHook3
, buildPackages
, cpio
, xar
, libdbusmenu
@ -97,7 +97,7 @@ let
autoPatchelfHook
dpkg
makeWrapper
wrapGAppsHook3
(buildPackages.wrapGAppsHook3.override { makeWrapper = buildPackages.makeShellWrapper; })
];
buildInputs = [
@ -137,7 +137,7 @@ let
];
preFixup = ''
gappsWrapperArgs+=(--add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--ozone-platform-hint=auto --ozone-platform=wayland --enable-features=WaylandWindowDecorations}}")
gappsWrapperArgs+=(--add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--ozone-platform-hint=auto --enable-features=WaylandWindowDecorations}}")
'';
postFixup = ''

2
pkgs/applications/networking/jmeter/default.nix
View File

@ -4,7 +4,7 @@ stdenv.mkDerivation rec {
pname = "jmeter";
version = "5.6.3";
src = fetchurl {
url = "https://archive.apache.org/dist/jmeter/binaries/apache-${pname}-${version}.tgz";
url = "mirror://apache/jmeter/binaries/apache-${pname}-${version}.tgz";
sha256 = "sha256-9o78F/4GD2mMSKar4lmakzknSGvaKSTb4Ux0iVMY3d4=";
};

2
pkgs/applications/networking/remote/teamviewer/default.nix
View File

@ -30,7 +30,7 @@ mkDerivation rec {
src =
let
base_url = "https://dl.tvcdn.de/download/linux/version_${lib.versions.major version}x";
base_url = "https://dl.teamviewer.com/download/linux/version_${lib.versions.major version}x";
in
{
x86_64-linux = fetchurl {

4
pkgs/applications/science/biology/picard-tools/default.nix
View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "picard-tools";
version = "3.2.0";
version = "3.3.0";
src = fetchurl {
url = "https://github.com/broadinstitute/picard/releases/download/${version}/picard.jar";
sha256 = "sha256-4lj6Lj9fphzWeZ7I4HP0mpX73OrxY9imCXGyYZuG+kE=";
sha256 = "sha256-WIGadmBka3SzTigvXU0hyNuuoi3e/5bjJYdV2voPhtw=";
};
nativeBuildInputs = [ makeWrapper ];

4
pkgs/applications/version-management/subversion/default.nix
View File

@ -136,7 +136,7 @@ let
in {
subversion = common {
version = "1.14.3";
sha256 = "sha256-lJ79RRoJQ19+hXNXTHHHtxsZTYRIkPpJzWHSJi6hpEA=";
version = "1.14.4";
sha256 = "sha256-ROrRFucuSA8Q8SPJFLtvn4wEFxHAQe16v/G4Y0oZnjw=";
};
}

48
pkgs/applications/video/makemkv/default.nix
View File

@ -1,13 +1,16 @@
{
autoPatchelfHook,
common-updater-scripts,
curl,
fetchurl,
ffmpeg,
lib,
mkDerivation,
fetchurl,
autoPatchelfHook,
pkg-config,
curl,
ffmpeg,
openssl,
pkg-config,
qtbase,
rubyPackages,
writeShellApplication,
zlib,
withJava ? true,
@ -15,21 +18,21 @@
}:
let
version = "1.17.7";
version = "1.17.8";
# Using two URLs as the first one will break as soon as a new version is released
src_bin = fetchurl {
urls = [
"http://www.makemkv.com/download/makemkv-bin-${version}.tar.gz"
"http://www.makemkv.com/download/old/makemkv-bin-${version}.tar.gz"
];
hash = "sha256-jFvIMbyVKx+HPMhFDGTjktsLJHm2JtGA8P/JZWaJUdA=";
hash = "sha256-jg9UdDDZr+7ZdseJtb7N+y7Prhyq3hLo4+EZpzRxcEE=";
};
src_oss = fetchurl {
urls = [
"http://www.makemkv.com/download/makemkv-oss-${version}.tar.gz"
"http://www.makemkv.com/download/old/makemkv-oss-${version}.tar.gz"
];
hash = "sha256-di5VLUb57HWnxi3LfZfA/Z5qFRINDvb1oIDO4pHToO8=";
hash = "sha256-knUrzj/J+Xk5N1tg0q9iIXT+hqStkkjL3Yc2Yp5tvIo=";
};
in
mkDerivation {
@ -83,6 +86,35 @@ mkDerivation {
runHook postInstall
'';
passthru = {
srcs = {
inherit src_bin src_oss;
};
updateScript = lib.getExe (writeShellApplication {
name = "update-makemkv";
runtimeInputs = [
common-updater-scripts
curl
rubyPackages.nokogiri
];
text = ''
get_version() {
# shellcheck disable=SC2016
curl --fail --silent 'https://forum.makemkv.com/forum/viewtopic.php?f=3&t=224' \
| nokogiri -e 'puts $_.css("head title").first.text.match(/\bMakeMKV (\d+\.\d+\.\d+) /)[1]'
}
oldVersion=${lib.escapeShellArg version}
newVersion=$(get_version)
if [[ $oldVersion == "$newVersion" ]]; then
echo "$0: New version same as old version, nothing to do." >&2
exit
fi
update-source-version makemkv "$newVersion" --source-key=passthru.srcs.src_bin
update-source-version makemkv "$newVersion" --source-key=passthru.srcs.src_oss --ignore-same-version
'';
});
};
meta = with lib; {
description = "Convert blu-ray and dvd to mkv";
longDescription = ''

9
pkgs/by-name/aa/aaaaxy/package.nix
View File

@ -20,17 +20,17 @@
buildGoModule rec {
pname = "aaaaxy";
version = "1.5.202";
version = "1.5.208";
src = fetchFromGitHub {
owner = "divVerent";
repo = pname;
rev = "v${version}";
hash = "sha256-UR6rcdNXrDotakDhUW7EFYKpGEqGVmAPUUwrEG9Fiqs=";
hash = "sha256-VfF8bQP7pFaTezOJpda4N9KbCHr5ST/wCvdNRiojio0=";
fetchSubmodules = true;
};
vendorHash = "sha256-rNCzCSVENwoVTWOEcXBCWgVAwiBZtGsbyz3QBT+WUGw=";
vendorHash = "sha256-PBwI3S8ZvmVD57/ICALe+HvgtbPQpJKNPfkWo+uUeSo=";
buildInputs = [
alsa-lib
@ -71,6 +71,9 @@ buildGoModule rec {
# To work around this, use environment variables.
postBuild = ''
substituteInPlace 'vendor/github.com/hajimehoshi/ebiten/v2/internal/graphicsdriver/opengl/gl/procaddr_linbsd.go' \
--replace-fail \
'import (' \
'import ("os"' \
--replace-fail \
'{"libGL.so", "libGL.so.2", "libGL.so.1", "libGL.so.0"}' \
'{os.Getenv("EBITENGINE_LIBGL")}' \

46
pkgs/by-name/ad/adcskiller/package.nix Normal file
View File

@ -0,0 +1,46 @@
{
lib,
fetchFromGitHub,
python3,
coercer,
}:
python3.pkgs.buildPythonApplication rec {
pname = "adcskiller";
version = "0-unstable-2024-05-19";
format = "other";
src = fetchFromGitHub {
owner = "grimlockx";
repo = "ADCSKiller";
rev = "d74bfea91f24a09df74262998d60f213609b45c6";
hash = "sha256-ekyGDM9up3h6h21uLEstgn33x+KngX4tOLMhL4B6BA8=";
};
buildInputs = [
coercer
];
propagatedBuildInputs = with python3.pkgs; [
ldap3
certipy
];
installPhase = ''
runHook preInstall
install -vD $pname.py $out/bin/$pname
substituteInPlace $out/bin/$pname --replace '"Coercer"' '"coercer"'
runHook postInstall
'';
meta = with lib; {
description = "Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities";
homepage = "https://github.com/grimlockx/ADCSKiller";
license = licenses.mit;
maintainers = with maintainers; [ exploitoverload ];
mainProgram = "ADCSKiller";
};
}

24
pkgs/by-name/al/alsa-utils/package.nix
View File

@ -1,7 +1,7 @@
{ lib
, stdenv
, directoryListingUpdater
, fetchurl
, fetchpatch
, alsa-lib
, alsa-plugins
, gettext
@ -9,6 +9,7 @@
, ncurses
, libsamplerate
, pciutils
, procps
, which
, fftw
, pipewire
@ -30,23 +31,12 @@ let
in
stdenv.mkDerivation rec {
pname = "alsa-utils";
version = "1.2.10";
version = "1.2.12";
src = fetchurl {
url = "mirror://alsa/utils/alsa-utils-${version}.tar.bz2";
hash = "sha256-EEti7H8Cp84WynefSBVhbfHMIZM1A3g6kQe1lE+DBjo=";
hash = "sha256-mLxmd9DAB0AGZ5BRgiMkoKsIea6lWKj2i1EXgNMM2SQ=";
};
patches = [
# Backport fixes for musl libc. Remove on next release
(fetchpatch {
url = "https://github.com/alsa-project/alsa-utils/commit/8c229270f6bae83b705a03714c46067a7aa57b02.patch";
hash = "sha256-sUaBHY8EHf4805nF6tyNV5jYXcJf3O+r04VXFu4dUCE=";
})
(fetchpatch {
url = "https://github.com/alsa-project/alsa-utils/commit/0925ad7f09b2dc77015784f9ac2f5e34dd0dd5c3.patch";
hash = "sha256-bgGU9On82AUbOjo+KN6WfuhqUAWM87OHnKN7plpG284=";
})
];
nativeBuildInputs = [ gettext makeWrapper ];
buildInputs = [ alsa-lib ncurses libsamplerate fftw ];
@ -57,10 +47,14 @@ stdenv.mkDerivation rec {
postFixup = ''
mv $out/bin/alsa-info.sh $out/bin/alsa-info
wrapProgram $out/bin/alsa-info --prefix PATH : "${lib.makeBinPath [ which pciutils ]}"
wrapProgram $out/bin/alsa-info --prefix PATH : "${lib.makeBinPath [ which pciutils procps ]}"
wrapProgram $out/bin/aplay --set-default ALSA_PLUGIN_DIR ${plugin-dir}
'';
passthru.updateScript = directoryListingUpdater {
url = "https://www.alsa-project.org/files/pub/utils/";
};
meta = with lib; {
homepage = "http://www.alsa-project.org/";
description = "ALSA, the Advanced Linux Sound Architecture utils";

2
pkgs/by-name/at/attic-client/Cargo.lock generated
View File

@ -325,6 +325,7 @@ dependencies = [
"maybe-owned",
"rand",
"regex",
"rsa 0.9.6",
"ryu",
"sea-orm",
"sea-orm-migration",
@ -355,6 +356,7 @@ dependencies = [
"jwt-simple",
"lazy_static",
"regex",
"rsa 0.9.6",
"serde",
"serde_with",
"tracing",

6
pkgs/by-name/at/attic-client/package.nix
View File

@ -11,13 +11,13 @@
}:
rustPlatform.buildRustPackage {
pname = "attic";
version = "0-unstable-2024-10-04";
version = "0-unstable-2024-10-06";
src = fetchFromGitHub {
owner = "zhaofengli";
repo = "attic";
rev = "61ebdef2e263c091f24807b07701be5cb8068dea";
hash = "sha256-whgxjoDF7aey3xWy2b9Dp+NHsszK6By+raEbygcSU6w=";
rev = "1b29816235b7573fca7f964709fd201e1a187024";
hash = "sha256-icNt2T1obK3hFNgBOgiiyOoiScUfz9blmRbNp3aOUBE=";
};
nativeBuildInputs = [

4
pkgs/by-name/bi/biglybt/package.nix
View File

@ -9,11 +9,11 @@
stdenv.mkDerivation rec {
pname = "biglybt";
version = "3.6.0.0";
version = "3.7.0.0";
src = fetchurl {
url = "https://github.com/BiglySoftware/BiglyBT/releases/download/v${version}/GitHub_BiglyBT_unix.tar.gz";
hash = "sha256-a7g9sB3orO2m0X7qNwQ1dDygYPhs/b6kX0RDSG8Wq2U=";
hash = "sha256-CfLKoX77yCanSzHq+Fy3jRqQAC2GeUo2SO9x0mk2Tf4=";
};
nativeBuildInputs = [ wrapGAppsHook3 ];

4
pkgs/by-name/bn/bngblaster/package.nix
View File

@ -13,13 +13,13 @@
stdenv.mkDerivation (finalAttrs: {
pname = "bngblaster";
version = "0.9.7";
version = "0.9.8";
src = fetchFromGitHub {
owner = "rtbrick";
repo = "bngblaster";
rev = finalAttrs.version;
hash = "sha256-h4m/tPiLFRi3Dwh6QPmnCCZR4XNOZaz9xoDhOXAcIEQ=";
hash = "sha256-6pOkFu5BQHyESGW4Yxq5QjUG+fZOGxT2OAnglrav6fE=";
};
nativeBuildInputs = [ cmake ];

0
pkgs/tools/networking/chrony/makefile.patch → pkgs/by-name/ch/chrony/makefile.patch
View File

116
pkgs/by-name/ch/chrony/package.nix Normal file
View File

@ -0,0 +1,116 @@
{
lib,
stdenv,
overrideSDK,
fetchurl,
pkg-config,
gnutls,
libedit,
texinfo,
libcap,
libseccomp,
pps-tools,
nixosTests,
}:
let
stdenv' =
if stdenv.hostPlatform.isDarwin then
overrideSDK stdenv {
darwinSdkVersion = "11.0";
darwinMinVersion = "10.13";
}
else
stdenv;
in
stdenv'.mkDerivation rec {
pname = "chrony";
version = "4.6.1";
src = fetchurl {
url = "https://chrony-project.org/releases/${pname}-${version}.tar.gz";
hash = "sha256-Vx/3P78K4wl/BgTsouALHYuy6Rr/4aNJR4X/IdYZnFw=";
};
outputs = [
"out"
"man"
];
nativeBuildInputs = [ pkg-config ];
buildInputs =
[
gnutls
libedit
texinfo
]
++ lib.optionals stdenv.hostPlatform.isLinux [
libcap
libseccomp
pps-tools
];
configureFlags = [
"--enable-ntp-signd"
"--sbindir=$(out)/bin"
"--chronyrundir=/run/chrony"
] ++ lib.optional stdenv.hostPlatform.isLinux "--enable-scfilter";
patches = [
# Cleanup the installation script
./makefile.patch
];
postPatch = ''
patchShebangs test
# nts_ke_session unit test fails, so drop it.
# TODO: try again when updating?
rm test/unit/nts_ke_session.c
'';
enableParallelBuilding = true;
doCheck = true;
hardeningEnable = lib.optionals (!stdenv.hostPlatform.isDarwin) [ "pie" ];
passthru.tests = {
inherit (nixosTests) chrony chrony-ptp;
};
meta = {
description = "Sets your computer's clock from time servers on the Net";
homepage = "https://chrony-project.org/";
license = lib.licenses.gpl2Only;
platforms =
with lib.platforms;
builtins.concatLists [
linux
freebsd
netbsd
darwin
illumos
];
maintainers = with lib.maintainers; [
fpletz
thoughtpolice
vifino
];
longDescription = ''
Chronyd is a daemon which runs in background on the system. It obtains
measurements via the network of the system clocks offset relative to
time servers on other systems and adjusts the system time accordingly.
For isolated systems, the user can periodically enter the correct time by
hand (using Chronyc). In either case, Chronyd determines the rate at
which the computer gains or loses time, and compensates for this. Chronyd
implements the NTP protocol and can act as either a client or a server.
Chronyc provides a user interface to Chronyd for monitoring its
performance and configuring various settings. It can do so while running
on the same computer as the Chronyd instance it is controlling or a
different computer.
'';
};
}

124
pkgs/by-name/co/codechecker/package.nix Normal file
View File

@ -0,0 +1,124 @@
{
lib,
python3,
fetchPypi,
fetchFromGitHub,
clang,
clang-tools,
cppcheck,
gcc,
makeWrapper,
withClang ? false,
withClangTools ? false,
withCppcheck ? false,
withGcc ? false,
}:
let
python = python3.override {
packageOverrides = self: super: rec {
# codechecker is incompatible with SQLAlchemy greater than 1.3
sqlalchemy = super.sqlalchemy_1_4.overridePythonAttrs (oldAttrs: rec {
version = "1.3.23";
pname = oldAttrs.pname;
src = fetchFromGitHub {
owner = "sqlalchemy";
repo = "sqlalchemy";
rev = "rel_${lib.replaceStrings [ "." ] [ "_" ] version}";
hash = "sha256-hWA0/f7rQpEfYTg10i0rBK3qeJbw3p6HW7S59rLnD0Q=";
};
doCheck = false;
# That test does not exist in the 1.3 branch so we get an error for disabling it
disabledTestPaths = builtins.filter (
testPath: testPath != "test/ext/mypy"
) oldAttrs.disabledTestPaths;
});
sqlalchemy_1_4 = sqlalchemy;
# The current alembic version is not compatible with SQLAlchemy 1.3 so we need to downgrade it
alembic = super.alembic.overridePythonAttrs (oldAttrs: rec {
pname = "alembic";
version = "1.5.5";
src = fetchPypi {
inherit pname version;
hash = "sha256-3wAowZJ1os/xN+OWF6Oc3NvRFzczuHtr+iV7fAhgITs=";
};
doCheck = false;
dependencies = oldAttrs.dependencies ++ [
super.python-dateutil
super.python-editor
];
});
};
};
python3Packages = python.pkgs;
in
python3Packages.buildPythonApplication rec {
pname = "codechecker";
version = "6.24.0";
pyproject = true;
src = fetchPypi {
inherit pname version;
hash = "sha256-ftZACUf2lAHokcUXj45LRA7/3goOcIy521cGl6qhR98=";
};
nativeBuildInputs = with python3Packages; [
setuptools
pythonRelaxDepsHook
];
propagatedBuildInputs = with python3Packages; [
lxml
sqlalchemy
alembic
portalocker
psutil
multiprocess
thrift
gitpython
types-pyyaml
sarif-tools
pytest
pycodestyle
pylint
mkdocs
coverage
];
pythonRelaxDeps = [
"thrift"
"portalocker"
"types-pyyaml"
"lxml"
"psutil"
"multiprocess"
"gitpython"
"sarif-tools"
"pyyaml"
];
postInstall = ''
wrapProgram "$out/bin/CodeChecker" --prefix PATH : ${
lib.makeBinPath (
[ ]
++ lib.optional withClang clang
++ lib.optional withClangTools clang-tools
++ lib.optional withCppcheck cppcheck
++ lib.optional withGcc gcc
)
}
'';
meta = with lib; {
homepage = "https://github.com/Ericsson/codechecker";
changelog = "https://github.com/Ericsson/codechecker/releases/tag/v${version}";
description = "Analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy";
license = licenses.asl20-llvm;
maintainers = with maintainers; [
zebreus
felixsinger
];
mainProgram = "CodeChecker";
platforms = platforms.linux;
};
}

6
pkgs/by-name/da/darcs-to-git/package.nix
View File

@ -12,13 +12,13 @@
stdenv.mkDerivation {
pname = "darcs-to-git";
version = "0-unstable-2024-02-20";
version = "0-unstable-2024-09-30";
src = fetchFromGitHub {
owner = "purcell";
repo = "darcs-to-git";
rev = "2a31a95726658fef1b48e1f0010928fc2a69d5bf";
hash = "sha256-ep36lAYUnO3kX0ff3PxrBHog5CIGsJaERiNN5DmmAQI=";
rev = "9d556cb7daa06b9de3cb97487b98bab2869a7fe7";
hash = "sha256-0GKSzqgJgi1w4uZOqixp/F6i7hK2ZmuQI0px8FEDFXM=";
};
patchPhase =

12
pkgs/by-name/de/deno/1/librusty_v8.nix Normal file
View File

@ -0,0 +1,12 @@
# auto-generated file -- DO NOT EDIT!
{ fetchLibrustyV8 }:
fetchLibrustyV8 {
version = "0.105.0";
shas = {
x86_64-linux = "sha256-9yON4DNPxm4IUZSLZp9VZtzSRPPWX1tEuQLVJmN8cLs=";
aarch64-linux = "sha256-5vAjw2vimjCHKPxjIp5vcwMCWUUDYVlk4QyOeEI0DLY=";
x86_64-darwin = "sha256-o4WRkg4ptiJTNMkorn5K+P8xOJwpChM5PqkZCjP076g=";
aarch64-darwin = "sha256-ZuWBnvxu1PgDtjtguxtj3BhFO01AChlbjAS0kZUws3A=";
};
}

118
pkgs/by-name/de/deno/1/package.nix Normal file
View File

@ -0,0 +1,118 @@
{
stdenv,
lib,
callPackage,
fetchFromGitHub,
rustPlatform,
cmake,
protobuf,
installShellFiles,
libiconv,
darwin,
librusty_v8 ? callPackage ./librusty_v8.nix {
inherit (callPackage ../fetchers.nix { }) fetchLibrustyV8;
},
}:
rustPlatform.buildRustPackage rec {
pname = "deno";
version = "1.46.3";
src = fetchFromGitHub {
owner = "denoland";
repo = "deno";
rev = "refs/tags/v${version}";
hash = "sha256-AM6SjcIHo6Koxcnznhkv3cXoKaMy2TEVpiWe/bczDuA=";
};
cargoHash = "sha256-D+CZpb6OTzM5Il0k8GQB7qSONy4myE5yKlaSkLLqHT8=";
postPatch = ''
# upstream uses lld on aarch64-darwin for faster builds
# within nix lld looks for CoreFoundation rather than CoreFoundation.tbd and fails
substituteInPlace .cargo/config.toml --replace "-fuse-ld=lld " ""
'';
# uses zlib-ng but can't dynamically link yet
# https://github.com/rust-lang/libz-sys/issues/158
nativeBuildInputs = [
# required by libz-ng-sys crate
cmake
# required by deno_kv crate
protobuf
installShellFiles
];
buildInputs = lib.optionals stdenv.isDarwin (
[
libiconv
darwin.libobjc
]
++ (with darwin.apple_sdk_11_0.frameworks; [
Security
CoreServices
Metal
MetalPerformanceShaders
Foundation
QuartzCore
])
);
buildAndTestSubdir = "cli";
# work around "error: unknown warning group '-Wunused-but-set-parameter'"
env.NIX_CFLAGS_COMPILE = lib.optionalString stdenv.cc.isClang "-Wno-unknown-warning-option";
# The v8 package will try to download a `librusty_v8.a` release at build time to our read-only filesystem
# To avoid this we pre-download the file and export it via RUSTY_V8_ARCHIVE
env.RUSTY_V8_ARCHIVE = librusty_v8;
# Tests have some inconsistencies between runs with output integration tests
# Skipping until resolved
doCheck = false;
preInstall = ''
find ./target -name libswc_common${stdenv.hostPlatform.extensions.sharedLibrary} -delete
'';
postInstall = lib.optionalString (stdenv.buildPlatform.canExecute stdenv.hostPlatform) ''
installShellCompletion --cmd deno \
--bash <($out/bin/deno completions bash) \
--fish <($out/bin/deno completions fish) \
--zsh <($out/bin/deno completions zsh)
'';
doInstallCheck = true;
installCheckPhase = ''
runHook preInstallCheck
$out/bin/deno --help
$out/bin/deno --version | grep "deno ${version}"
runHook postInstallCheck
'';
passthru.tests = callPackage ./tests { };
meta = with lib; {
homepage = "https://deno.land/";
changelog = "https://github.com/denoland/deno/releases/tag/v${version}";
description = "Secure runtime for JavaScript and TypeScript";
longDescription = ''
Deno aims to be a productive and secure scripting environment for the modern programmer.
Deno will always be distributed as a single executable.
Given a URL to a Deno program, it is runnable with nothing more than the ~15 megabyte zipped executable.
Deno explicitly takes on the role of both runtime and package manager.
It uses a standard browser-compatible protocol for loading modules: URLs.
Among other things, Deno is a great replacement for utility scripts that may have been historically written with
bash or python.
'';
license = licenses.mit;
mainProgram = "deno";
maintainers = with maintainers; [ jk ];
platforms = [
"x86_64-linux"
"aarch64-linux"
"x86_64-darwin"
"aarch64-darwin"
];
# NOTE: `aligned_alloc` error on darwin SDK < 10.15. Can't do usual overrideSDK with rust toolchain in current implementation.
# Should be fixed with darwin SDK refactor and can be revisited.
badPlatforms = [ "x86_64-darwin" ];
};
}

1
pkgs/by-name/de/deno/1/tests/basic.ts Normal file
View File

@ -0,0 +1 @@
console.log(1 + 1)

79
pkgs/by-name/de/deno/1/tests/default.nix Normal file
View File

@ -0,0 +1,79 @@
{
deno,
runCommand,
lib,
testers,
}:
let
testDenoRun =
name:
{
args ? "",
dir ? ./. + "/${name}",
file ? "index.ts",
expected ? "",
expectFailure ? false,
}:
let
command = "deno run ${args} ${dir}/${file}";
in
runCommand "deno-test-${name}"
{
nativeBuildInputs = [ deno ];
meta.timeout = 60;
}
''
HOME=$(mktemp -d)
if output=$(${command} 2>&1); then
if [[ $output =~ '${expected}' ]]; then
echo "Test '${name}' passed"
touch $out
else
echo -n ${lib.escapeShellArg command} >&2
echo " output did not match what was expected." >&2
echo "The expected was:" >&2
echo '${expected}' >&2
echo "The output was:" >&2
echo "$output" >&2
exit 1
fi
else
if [[ "${toString expectFailure}" == "1" ]]; then
echo "Test '${name}' failed as expected"
touch $out
exit 0
fi
echo -n ${lib.escapeShellArg command} >&2
echo " returned a non-zero exit code." >&2
echo "$output" >&2
exit 1
fi
'';
in
(lib.mapAttrs testDenoRun {
basic = {
dir = ./.;
file = "basic.ts";
expected = "2";
};
import-json = {
expected = "hello from JSON";
};
import-ts = {
expected = "hello from ts";
};
read-file = {
args = "--allow-read";
expected = "hello from a file";
};
fail-read-file = {
expectFailure = true;
dir = ./read-file;
};
})
// {
version = testers.testVersion {
package = deno;
command = "deno --version";
};
}

1
pkgs/by-name/de/deno/1/tests/import-json/data.json Normal file
View File

@ -0,0 +1 @@
{ "msg": "hello from JSON" }

2
pkgs/by-name/de/deno/1/tests/import-json/index.ts Normal file
View File

@ -0,0 +1,2 @@
import file from "./data.json" assert { type: "json" };
console.log(file.msg);

3
pkgs/by-name/de/deno/1/tests/import-ts/index.ts Normal file
View File

@ -0,0 +1,3 @@
import { sayHello } from "./lib.ts"
sayHello("ts")

3
pkgs/by-name/de/deno/1/tests/import-ts/lib.ts Normal file
View File

@ -0,0 +1,3 @@
export function sayHello(thing: string) {
console.log(`hello from ${thing}`);
}

1
pkgs/by-name/de/deno/1/tests/read-file/data.txt Normal file
View File

@ -0,0 +1 @@
hello from a file

5
pkgs/by-name/de/deno/1/tests/read-file/index.ts Normal file
View File

@ -0,0 +1,5 @@
// trim 'file://' prefix
const thisDir = Deno.mainModule.substring(7, Deno.mainModule.length);
const getParent = (path: string) => path.substring(0, path.lastIndexOf("/"))
const text = await Deno.readTextFile(getParent(thisDir) + "/data.txt");
console.log(text);

21
pkgs/by-name/de/deno/fetchers.nix Normal file
View File

@ -0,0 +1,21 @@
# not a stable interface, do not reference outside the deno package but make a
# copy if you need
{
lib,
stdenv,
fetchurl,
}:
{
fetchLibrustyV8 =
args:
fetchurl {
name = "librusty_v8-${args.version}";
url = "https://github.com/denoland/rusty_v8/releases/download/v${args.version}/librusty_v8_release_${stdenv.hostPlatform.rust.rustcTarget}.a.gz";
sha256 = args.shas.${stdenv.hostPlatform.system};
meta = {
inherit (args) version;
sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ];
};
};
}

25
pkgs/by-name/de/deno/librusty_v8.nix
View File

@ -1,23 +1,12 @@
# auto-generated file -- DO NOT EDIT!
{ lib, stdenv, fetchurl }:
{ fetchLibrustyV8 }:
let
fetch_librusty_v8 = args: fetchurl {
name = "librusty_v8-${args.version}";
url = "https://github.com/denoland/rusty_v8/releases/download/v${args.version}/librusty_v8_release_${stdenv.hostPlatform.rust.rustcTarget}.a.gz";
sha256 = args.shas.${stdenv.hostPlatform.system};
meta = {
inherit (args) version;
sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ];
};
};
in
fetch_librusty_v8 {
version = "0.105.0";
fetchLibrustyV8 {
version = "0.106.0";
shas = {
x86_64-linux = "sha256-9yON4DNPxm4IUZSLZp9VZtzSRPPWX1tEuQLVJmN8cLs=";
aarch64-linux = "sha256-5vAjw2vimjCHKPxjIp5vcwMCWUUDYVlk4QyOeEI0DLY=";
x86_64-darwin = "sha256-o4WRkg4ptiJTNMkorn5K+P8xOJwpChM5PqkZCjP076g=";
aarch64-darwin = "sha256-ZuWBnvxu1PgDtjtguxtj3BhFO01AChlbjAS0kZUws3A=";
x86_64-linux = "sha256-jLYl/CJp2Z+Ut6qZlh6u+CtR8KN+ToNTB+72QnVbIKM=";
aarch64-linux = "sha256-uAkBMg6JXA+aILd8TzDtuaEdM3Axiw43Ad5tZzxNt5w=";
x86_64-darwin = "sha256-60aR0YvQT8KyacY8J3fWKZcf9vny51VUB19NVpurS/A=";
aarch64-darwin = "sha256-pd/I6Mclj2/r/uJTIywnolPKYzeLu1c28d/6D56vkzQ=";
};
}

27
pkgs/by-name/de/deno/package.nix
View File

@ -9,20 +9,26 @@
installShellFiles,
libiconv,
darwin,
librusty_v8 ? callPackage ./librusty_v8.nix { },
librusty_v8 ? callPackage ./librusty_v8.nix {
inherit (callPackage ./fetchers.nix { }) fetchLibrustyV8;
},
}:
let
canExecute = stdenv.buildPlatform.canExecute stdenv.hostPlatform;
in
rustPlatform.buildRustPackage rec {
pname = "deno";
version = "1.46.3";
version = "2.0.0";
src = fetchFromGitHub {
owner = "denoland";
repo = "deno";
rev = "refs/tags/v${version}";
hash = "sha256-AM6SjcIHo6Koxcnznhkv3cXoKaMy2TEVpiWe/bczDuA=";
hash = "sha256-3PfAjn2zWgxJOYgKwR7lvXu+rIENIHBMPwMM6dWNgR4=";
};
cargoHash = "sha256-D+CZpb6OTzM5Il0k8GQB7qSONy4myE5yKlaSkLLqHT8=";
cargoHash = "sha256-3r5B9yWXKO/8ah+Etflws8RnlRTAdaaC5HZMlZduyHE=";
postPatch = ''
# upstream uses lld on aarch64-darwin for faster builds
@ -54,14 +60,13 @@ rustPlatform.buildRustPackage rec {
])
);
# work around "error: unknown warning group '-Wunused-but-set-parameter'"
env.NIX_CFLAGS_COMPILE = lib.optionalString stdenv.cc.isClang "-Wno-unknown-warning-option";
buildAndTestSubdir = "cli";
# work around "error: unknown warning group '-Wunused-but-set-parameter'"
env.NIX_CFLAGS_COMPILE = lib.optionalString stdenv.cc.isClang "-Wno-unknown-warning-option";
# The v8 package will try to download a `librusty_v8.a` release at build time to our read-only filesystem
# To avoid this we pre-download the file and export it via RUSTY_V8_ARCHIVE
RUSTY_V8_ARCHIVE = librusty_v8;
env.RUSTY_V8_ARCHIVE = librusty_v8;
# Tests have some inconsistencies between runs with output integration tests
# Skipping until resolved
@ -71,15 +76,15 @@ rustPlatform.buildRustPackage rec {
find ./target -name libswc_common${stdenv.hostPlatform.extensions.sharedLibrary} -delete
'';
postInstall = lib.optionalString (stdenv.buildPlatform.canExecute stdenv.hostPlatform) ''
postInstall = lib.optionalString (canExecute) ''
installShellCompletion --cmd deno \
--bash <($out/bin/deno completions bash) \
--fish <($out/bin/deno completions fish) \
--zsh <($out/bin/deno completions zsh)
'';
doInstallCheck = true;
installCheckPhase = ''
doInstallCheck = canExecute;
installCheckPhase = lib.optionalString (canExecute) ''
runHook preInstallCheck
$out/bin/deno --help
$out/bin/deno --version | grep "deno ${version}"

71
pkgs/by-name/de/deno/tests/default.nix
View File

@ -1,43 +1,54 @@
{ deno, runCommand, lib, testers }:
{
deno,
runCommand,
lib,
testers,
}:
let
testDenoRun =
name:
{ args ? ""
, dir ? ./. + "/${name}"
, file ? "index.ts"
, expected ? ""
, expectFailure ? false
{
args ? "",
dir ? ./. + "/${name}",
file ? "index.ts",
expected ? "",
expectFailure ? false,
}:
let
command = "deno run ${args} ${dir}/${file}";
in
runCommand "deno-test-${name}" { nativeBuildInputs = [ deno ]; meta.timeout = 60; } ''
HOME=$(mktemp -d)
if output=$(${command} 2>&1); then
if [[ $output =~ '${expected}' ]]; then
echo "Test '${name}' passed"
touch $out
runCommand "deno-test-${name}"
{
nativeBuildInputs = [ deno ];
meta.timeout = 60;
}
''
HOME=$(mktemp -d)
if output=$(${command} 2>&1); then
if [[ $output =~ '${expected}' ]]; then
echo "Test '${name}' passed"
touch $out
else
echo -n ${lib.escapeShellArg command} >&2
echo " output did not match what was expected." >&2
echo "The expected was:" >&2
echo '${expected}' >&2
echo "The output was:" >&2
echo "$output" >&2
exit 1
fi
else
if [[ "${toString expectFailure}" == "1" ]]; then
echo "Test '${name}' failed as expected"
touch $out
exit 0
fi
echo -n ${lib.escapeShellArg command} >&2
echo " output did not match what was expected." >&2
echo "The expected was:" >&2
echo '${expected}' >&2
echo "The output was:" >&2
echo " returned a non-zero exit code." >&2
echo "$output" >&2
exit 1
fi
else
if [[ "${toString expectFailure}" == "1" ]]; then
echo "Test '${name}' failed as expected"
touch $out
exit 0
fi
echo -n ${lib.escapeShellArg command} >&2
echo " returned a non-zero exit code." >&2
echo "$output" >&2
exit 1
fi
'';
'';
in
(lib.mapAttrs testDenoRun {
basic = {
@ -59,8 +70,8 @@ in
expectFailure = true;
dir = ./read-file;
};
}) //
{
})
// {
version = testers.testVersion {
package = deno;
command = "deno --version";

2
pkgs/by-name/de/deno/tests/import-json/index.ts
View File

@ -1,2 +1,2 @@
import file from "./data.json" assert { type: "json" };
import file from "./data.json" with { type: "json" };
console.log(file.msg);

14
pkgs/by-name/de/deno/update/common.ts
View File

@ -3,15 +3,11 @@ interface GHRelease {
}
const decode = (buffer: Uint8Array) => new TextDecoder("utf-8").decode(buffer);
const decodeTrim = (b: Uint8Array) => decode(b).trimEnd();
export const run = async (command: string, args: string[]) => {
const cmd = Deno.run({
cmd: [command, ...args],
stdout: "piped",
stderr: "piped",
});
if (!(await cmd.status()).success) {
const error = await cmd.stderrOutput().then(decodeTrim);
const cmd = new Deno.Command(command, { args });
const { code, stdout, stderr } = await cmd.output();
if (code !== 0) {
const error = decode(stderr).trimEnd();
// Known error we can ignore
if (error.includes("'allow-unsafe-native-code-during-evaluation'")) {
// Extract the target sha256 out of the error
@ -26,7 +22,7 @@ export const run = async (command: string, args: string[]) => {
}
throw new Error(error);
}
return cmd.output().then(decodeTrim);
return decode(stdout).trimEnd();
};
// Exports

21
pkgs/by-name/de/deno/update/librusty_v8.ts
View File

@ -1,4 +1,4 @@
import * as toml from "https://deno.land/std@0.202.0/toml/mod.ts";
import * as toml from "jsr:@std/toml@1.0.1";
import { getExistingVersion, logger, run, write } from "./common.ts";
const log = logger("librusty_v8");
@ -40,22 +40,15 @@ fetchurl {
const templateDeps = (version: string, deps: PrefetchResult[]) =>
`# auto-generated file -- DO NOT EDIT!
{ lib, stdenv, fetchurl }:
{ fetchLibrustyV8 }:
let
fetch_librusty_v8 = args: fetchurl {
name = "librusty_v8-\${args.version}";
url = "https://github.com/denoland/rusty_v8/releases/download/v\${args.version}/librusty_v8_release_\${stdenv.hostPlatform.rust.rustcTarget}.a.gz";
sha256 = args.shas.\${stdenv.hostPlatform.system};
meta = {
inherit (args) version;
sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ];
};
};
in
fetch_librusty_v8 {
fetchLibrustyV8 {
version = "${version}";
shas = {
x86_64-linux = "sha256-jLYl/CJp2Z+Ut6qZlh6u+CtR8KN+ToNTB+72QnVbIKM=";
aarch64-linux = "sha256-uAkBMg6JXA+aILd8TzDtuaEdM3Axiw43Ad5tZzxNt5w=";
x86_64-darwin = "sha256-60aR0YvQT8KyacY8J3fWKZcf9vny51VUB19NVpurS/A=";
aarch64-darwin = "sha256-pd/I6Mclj2/r/uJTIywnolPKYzeLu1c28d/6D56vkzQ=";
${deps.map(({ arch, sha256 }) => ` ${arch.nix} = "${sha256}";`).join("\n")}
};
}

49
pkgs/by-name/do/double-entry-generator/package.nix Normal file
View File

@ -0,0 +1,49 @@
{
lib,
buildGoModule,
fetchFromGitHub,
nix-update-script,
}:
buildGoModule rec {
pname = "double-entry-generator";
version = "2.7.1";
src = fetchFromGitHub {
owner = "deb-sig";
repo = "double-entry-generator";
hash = "sha256-2Y8Spj1LAVZsUgChDYDCZ63pTH+nqs2ff9xcmC+gr0c=";
rev = "v${version}";
};
vendorHash = "sha256-Xedva9oGteOnv3rP4Wo3sOHIPyuy2TYwkZV2BAuxY4M=";
excludedPackages = [ "hack" ];
ldflags = [
"-s"
"-w"
"-X=github.com/deb-sig/double-entry-generator/pkg/version.VERSION=${version}"
"-X=github.com/deb-sig/double-entry-generator/pkg/version.REPOROOT=github.com/deb-sig/double-entry-generator"
"-X=github.com/deb-sig/double-entry-generator/pkg/version.COMMIT=${src.rev}"
];
doInstallCheck = true;
installCheckPhase = ''
runHook preInstallCheck
touch build-local
ln -s $out/bin ./
make SHELL=bash GIT_COMMIT= VERSION= DOCKER_LABELS= -o test-go test
runHook postInstallCheck
'';
passthru.updateScript = nix-update-script { };
meta = with lib; {
description = "Rule-based double-entry bookkeeping importer (from Alipay/WeChat/Huobi etc. to Beancount/Ledger)";
homepage = "https://github.com/deb-sig/double-entry-generator";
license = licenses.asl20;
maintainers = with maintainers; [ rennsax ];
mainProgram = "double-entry-generator";
};
}

2
pkgs/by-name/dr/druid/package.nix
View File

@ -27,7 +27,7 @@ stdenv.mkDerivation (finalAttrs: {
};
mysqlConnector = fetchurl {
url = "https://repo1.maven.org/maven2/mysql/mysql-connector-java/5.1.48/mysql-connector-java-5.1.48.jar";
url = "mirror://maven/mysql/mysql-connector-java/5.1.48/mysql-connector-java-5.1.48.jar";
hash = "sha256-VuJsqqOCH1rkr0T5x09mz4uE6gFRatOAPLsOkEm27Kg=";
};

4
pkgs/by-name/er/errands/package.nix
View File

@ -17,7 +17,7 @@
}:
python3Packages.buildPythonApplication rec {
pname = "errands";
version = "46.2.4";
version = "46.2.5";
pyproject = false;
@ -25,7 +25,7 @@ python3Packages.buildPythonApplication rec {
owner = "mrvladus";
repo = "Errands";
rev = "refs/tags/${version}";
hash = "sha256-qk3CbxMj3PiuK7KkgtmH/A549mpNd70gYAW56P5nmu8=";
hash = "sha256-peIsTSmqjLHdmd5Xrqh6XKXjEbwhNE+FOH/pEY0QqdI=";
};
nativeBuildInputs = [

6
pkgs/by-name/ex/exo/package.nix
View File

@ -6,14 +6,14 @@
}:
python3Packages.buildPythonApplication {
pname = "exo";
version = "0-unstable-2024-10-06";
version = "0-unstable-2024-10-09";
pyproject = true;
src = fetchFromGitHub {
owner = "exo-explore";
repo = "exo";
rev = "7b2a523fd1e5f1281d89bc1f664a29dc2003b787";
hash = "sha256-o4tNbU9oa7WsAQ6eiTHqQVhliXbG/Y8d7PeH2TTWgGk=";
rev = "c1a26cd7fa447b2802a4bececfd7cb9d316c0600";
hash = "sha256-jtcfGmk03Yf5IaswIvi6N9oMXzNPYlJBf4WMLkogUVo=";
};
build-system = with python3Packages; [ setuptools ];

4
pkgs/by-name/fr/freeplane/package.nix
View File

@ -40,6 +40,10 @@ stdenvNoCC.mkDerivation (finalAttrs: {
gradleFlags = [ "-Dorg.gradle.java.home=${jdk}" "-x" "test" ];
# share/freeplane/core/org.freeplane.core/META-INF doesn't
# always get generated with parallel building enabled
enableParallelBuilding = false;
preBuild = "mkdir -p freeplane/build";
gradleBuildTask = "build";

2
pkgs/by-name/ft/ftjam/package.nix
View File

@ -14,7 +14,7 @@ stdenv.mkDerivation (finalAttrs: {
version = "2.5.2";
src = fetchurl {
url = "https://downloads.sourceforge.net/project/freetype/ftjam/${finalAttrs.version}/ftjam-${finalAttrs.version}.tar.bz2";
url = "mirror://sourceforge/project/freetype/ftjam/${finalAttrs.version}/ftjam-${finalAttrs.version}.tar.bz2";
hash = "sha256-6JdzUAqSkS3pGOn+v/q+S2vOedaa8ZRDX04DK4ptZqM=";
};

10
pkgs/applications/version-management/glab/default.nix → pkgs/by-name/gl/glab/package.nix
View File

@ -1,17 +1,17 @@
{ lib, buildGoModule, fetchFromGitLab, installShellFiles, stdenv }:
{ lib, buildGo123Module, fetchFromGitLab, installShellFiles, stdenv }:
buildGoModule rec {
buildGo123Module rec {
pname = "glab";
version = "1.45.0";
version = "1.47.0";
src = fetchFromGitLab {
owner = "gitlab-org";
repo = "cli";
rev = "v${version}";
hash = "sha256-jTpddpS+FYSQg2aRxQiVlG+bitiIqmZ4kxOJLPZkICo=";
hash = "sha256-mAM11nQ6YJJWNFOR9xQbgma7Plvo4MdcW2Syniw7o60=";
};
vendorHash = "sha256-o0sYObTeDgG+3X3YEnDbk1h4DkEiMwEgYMF7hGjCL3Q=";
vendorHash = "sha256-uwSVdebZtIpSol553gJC0ItkEqa6qXXOAVFvzjsHSSI=";
ldflags = [
"-s"

10
pkgs/by-name/go/google-chrome/package.nix
View File

@ -166,11 +166,11 @@ let
linux = stdenv.mkDerivation (finalAttrs: {
inherit pname meta passthru;
version = "129.0.6668.89";
version = "129.0.6668.100";
src = fetchurl {
url = "https://dl.google.com/linux/chrome/deb/pool/main/g/google-chrome-stable/google-chrome-stable_${finalAttrs.version}-1_amd64.deb";
hash = "sha256-7siTsIW29x4XZ+Zut9b5BFSTtc5tuhxusxnkJPouG1w=";
hash = "sha256-5NITOnDEVd5PeyWT9rPVgFv5W5bP2h+bLM30hjmpgzs=";
};
# With strictDeps on, some shebangs were not being patched correctly
@ -266,11 +266,11 @@ let
darwin = stdenvNoCC.mkDerivation (finalAttrs: {
inherit pname meta passthru;
version = "129.0.6668.90";
version = "129.0.6668.101";
src = fetchurl {
url = "http://dl.google.com/release2/chrome/n4gcpoygckhm4y53qwq7lkpnqu_129.0.6668.90/GoogleChrome-129.0.6668.90.dmg";
hash = "sha256-viQSX8ogY5ywPqgVmMToHdZysxLuC8U78UJ9fIUrGCs=";
url = "http://dl.google.com/release2/chrome/j4koa2lwvw3lho34hvastakhfi_129.0.6668.101/GoogleChrome-129.0.6668.101.dmg";
hash = "sha256-rwH7BqOyszmybadZ4gtJHoVxxjcjZLHcOku+YxZH88w=";
};
dontPatch = true;

6
pkgs/by-name/gr/greenmask/package.nix
View File

@ -7,16 +7,16 @@
buildGoModule rec {
pname = "greenmask";
version = "0.1.14";
version = "0.2.0";
src = fetchFromGitHub {
owner = "GreenmaskIO";
repo = "greenmask";
rev = "refs/tags/v${version}";
hash = "sha256-R/JJnHBp9MPnq/fIDwYrePIUH3/FvDPFaRpmrpwhU6o=";
hash = "sha256-ouDYXXlmvLRuR6ATUAk2Gn9toTVxRwQY1CgMyQUN/B0=";
};
vendorHash = "sha256-WCsZ5DU+mZk9M1lldBY4q2PXI8DDFytPojzGJ6wqXsg=";
vendorHash = "sha256-M7HcTQp4pzfSLvyCiV/loqqprKM1B93LOr4wxOVoHjk=";
subPackages = [ "cmd/greenmask/" ];

23
pkgs/by-name/ho/homebox/package.nix
View File

@ -1,33 +1,34 @@
{
lib,
buildGoModule,
buildGo123Module,
fetchFromGitHub,
pnpm,
nodejs,
go,
go_1_23,
git,
cacert,
nixosTests,
}:
let
pname = "homebox";
version = "0.13.0";
version = "0.15.2";
src = fetchFromGitHub {
owner = "sysadminsmedia";
repo = "homebox";
rev = "v${version}";
hash = "sha256-mhb4q0ja94TjvOzl28WVb3uzkR9MKlqifFJgUo6hfrA=";
hash = "sha256-2jB2Oo0dK36n5tQPrGNyPO3Q0yNkUms4RPQzXiDzuks=";
};
in
buildGoModule {
buildGo123Module {
inherit pname version src;
vendorHash = "sha256-QRmP6ichKjwDWEx13sEs1oetc4nojGyJnKafAATTNTA=";
vendorHash = "sha256-Ftm5tR3w8S3mjYLJG0+17nYP5kDbaAd8QkbZpNt7WuE=";
modRoot = "backend";
# the goModules derivation inherits our buildInputs and buildPhases
# Since we do pnpm thing in those it fails if we don't explicitely remove them
overrideModAttrs = _: {
nativeBuildInputs = [
go
go_1_23
git
cacert
];
@ -37,7 +38,7 @@ buildGoModule {
pnpmDeps = pnpm.fetchDeps {
inherit pname version;
src = "${src}/frontend";
hash = "sha256-MdTZJ/Ichpwc54r7jZjiFD12YOdRzHSuzRZ/PnDk2mY=";
hash = "sha256-SyKET+W9Fn1WETzF4KlAtLOzNI/DOavHUbC7Yfv6kFw=";
};
pnpmRoot = "../frontend";
@ -72,6 +73,12 @@ buildGoModule {
"-X main.commit=${version}"
];
passthru = {
tests = {
inherit (nixosTests) homebox;
};
};
meta = {
mainProgram = "api";
homepage = "https://homebox.software/";

10
pkgs/by-name/hy/hyprland/info.json
View File

@ -1,7 +1,7 @@
{
"branch": "main",
"commit_hash": "0f594732b063a90d44df8c5d402d658f27471dfe",
"commit_message": "props: bump version to 0.43.0",
"date": "2024-09-08",
"tag": "v0.43.0"
"branch": "v0.44.1-b",
"commit_hash": "4520b30d498daca8079365bdb909a8dea38e8d55",
"commit_message": "version: bump to 0.44.1",
"date": "2024-10-09",
"tag": "v0.44.1"
}

4
pkgs/by-name/hy/hyprland/package.nix
View File

@ -82,14 +82,14 @@ assert assertMsg (!hidpiXWayland)
customStdenv.mkDerivation (finalAttrs: {
pname = "hyprland" + optionalString debug "-debug";
version = "0.44.0";
version = "0.44.1";
src = fetchFromGitHub {
owner = "hyprwm";
repo = "hyprland";
fetchSubmodules = true;
rev = "refs/tags/v${finalAttrs.version}";
hash = "sha256-XgDhPx+tKs+2lyWM/ZqIHnMArd/c0LGmwAwu0EG1uJM=";
hash = "sha256-hnoPoxMFetuoXQuAMgvopl1kCRQ33FYaVVBgV9FIFkM=";
};
postPatch = ''

0
pkgs/by-name/im/immersed-vr/darwin.nix → pkgs/by-name/im/immersed/darwin.nix
View File

0
pkgs/by-name/im/immersed-vr/linux.nix → pkgs/by-name/im/immersed/linux.nix
View File

0
pkgs/by-name/im/immersed-vr/package.nix → pkgs/by-name/im/immersed/package.nix
View File

29
pkgs/by-name/jo/josm/package.nix
View File

@ -1,22 +1,23 @@
{ lib, stdenv, fetchurl, fetchsvn, makeWrapper, unzip, jre, libXxf86vm
{ lib, stdenv, fetchurl, fetchFromGitHub, makeWrapper, unzip, jre, libXxf86vm
, extraJavaOpts ? "-Djosm.restart=true -Djava.net.useSystemProxies=true"
}:
let
pname = "josm";
version = "19207";
version = "19230";
srcs = {
jar = fetchurl {
url = "https://josm.openstreetmap.de/download/josm-snapshot-${version}.jar";
hash = "sha256-dYDJmGXIKd2GhjyKBpQjoIfz9giBsgFdC0TaKplxiPY=";
hash = "sha256-d2KyTPIw7N+ZveNUa5W3yiV6pCouigTq+GICSEkTiis=";
};
macosx = fetchurl {
url = "https://josm.openstreetmap.de/download/macosx/josm-macos-${version}-java21.zip";
hash = "sha256-A34nd+RBipON5zOKBD57L1l2KACYEUHNjxs0N6xqoXc=";
hash = "sha256-IrFtRlNdXZI6ucfZC6yEancV4E5lEP7+VNhaZ6p9t4I=";
};
pkg = fetchsvn {
url = "https://josm.openstreetmap.de/svn/trunk/native/linux/tested";
rev = version;
hash = "sha256-L7P6FtqKLB4e+ezPzXePM33qj5esNoRlTFXi0/GhdsA=";
pkg = fetchFromGitHub {
owner = "JOSM";
repo = "josm";
rev = "refs/tags/${version}-tested";
hash = "sha256-s6vc09qdQbJb2b0j4t7CVPmbfWpjc5Pl3JBCPgGVZMY=";
};
};
@ -41,7 +42,7 @@ stdenv.mkDerivation rec {
${unzip}/bin/unzip ${srcs.macosx} 'JOSM.app/*' -d $out/Applications
'' else ''
install -Dm644 ${srcs.jar} $out/share/josm/josm.jar
cp -R ${srcs.pkg}/usr/share $out
cp -R ${srcs.pkg}/native/linux/tested/usr/share $out
# Add libXxf86vm to path because it is needed by at least Kendzi3D plugin
makeWrapper ${jre}/bin/java $out/bin/josm \
@ -49,14 +50,14 @@ stdenv.mkDerivation rec {
--prefix LD_LIBRARY_PATH ":" '${libXxf86vm}/lib'
'';
meta = with lib; {
meta = {
description = "Extensible editor for OpenStreetMap";
homepage = "https://josm.openstreetmap.de/";
changelog = "https://josm.openstreetmap.de/wiki/Changelog";
sourceProvenance = with sourceTypes; [ binaryBytecode ];
license = licenses.gpl2Plus;
maintainers = with maintainers; [ rycee sikmir ];
platforms = platforms.all;
sourceProvenance = with lib.sourceTypes; [ binaryBytecode ];
license = lib.licenses.gpl2Plus;
maintainers = with lib.maintainers; [ rycee sikmir ];
platforms = lib.platforms.all;
mainProgram = "josm";
};
}

10
pkgs/by-name/kc/kcl/package.nix
View File

@ -1,6 +1,6 @@
{ lib
, stdenv
, buildGoModule
, buildGo123Module
, fetchFromGitHub
, kclvm_cli
, kclvm
@ -9,18 +9,18 @@
, darwin
,
}:
buildGoModule rec {
buildGo123Module rec {
pname = "kcl";
version = "0.9.8";
version = "0.10.0";
src = fetchFromGitHub {
owner = "kcl-lang";
repo = "cli";
rev = "v${version}";
hash = "sha256-s8pFnItmw3+l9GKqdqX0Rxsy47h6vO+yUtVNCuyn/m8=";
hash = "sha256-0KxT4t77EDB7Vr/cb+P20ARRR+7g5uZiF5QYOArUhgI=";
};
vendorHash = "sha256-DGYYH5sKhpcWHYoUim4NyflzqsXFc4MCOqIw5jIfIiM=";
vendorHash = "sha256-9APQDYCBvG38y0ZYuacfyUmjoEV9jGqRg7OZ7mArzIU=";
# By default, libs and bins are stripped. KCL will crash on darwin if they are.
dontStrip = stdenv.hostPlatform.isDarwin;

986
pkgs/by-name/kc/kclvm/Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

6
pkgs/by-name/kc/kclvm/package.nix
View File

@ -10,13 +10,13 @@
}:
rustPlatform.buildRustPackage rec {
pname = "kclvm";
version = "0.9.3";
version = "0.10.0";
src = fetchFromGitHub {
owner = "kcl-lang";
repo = "kcl";
rev = "v${version}";
hash = "sha256-nk5oJRTBRj0LE2URJqno8AoZ+/342C2tEt8d6k2MAc8=";
hash = "sha256-OMPo2cT0ngwHuGghVSfGoDgf+FThj2GsZ3Myb1wSxQM=";
};
sourceRoot = "${src.name}/kclvm";
@ -24,7 +24,7 @@ rustPlatform.buildRustPackage rec {
lockFile = ./Cargo.lock;
outputHashes = {
"inkwell-0.2.0" = "sha256-JxSlhShb3JPhsXK8nGFi2uGPp8XqZUSiqniLBrhr+sM=";
"protoc-bin-vendored-3.1.0" = "sha256-RRqpPMJygpKGG5NYzD93iy4htpVqFhYMmfPgbRtpUqg=";
"protoc-bin-vendored-3.2.0" = "sha256-cYLAjjuYWat+8RS3vtNVS/NAJYw2NGeMADzGBL1L2Ww=";
};
};

2
pkgs/by-name/kc/kclvm_cli/cargo_lock.patch
View File

@ -7,4 +7,4 @@
+
+[[package]]
+name = "kclvm_cli"
+version = "0.9.3"
+version = "0.10.0"

2
pkgs/by-name/kc/kclvm_cli/package.nix
View File

@ -19,7 +19,7 @@ rustPlatform.buildRustPackage rec {
};
sourceRoot = "${src.name}/cli";
cargoHash = "sha256-hILG2YcwsAzzJPJno+2KzAHM226HYmQPQt9JVVYn9Jk=";
cargoHash = "sha256-2694O2q6UbNySgn76aBTjdqt2Hh1GrdRaro064fGBrI=";
cargoPatches = [ ./cargo_lock.patch ];
buildInputs = [ kclvm rustc ] ++ (

7
pkgs/by-name/li/librewolf-bin/package.nix
View File

@ -6,11 +6,11 @@
let
pname = "librewolf-bin";
upstreamVersion = "129.0.2-1";
upstreamVersion = "131.0.2-1";
version = lib.replaceStrings [ "-" ] [ "." ] upstreamVersion;
src = fetchurl {
url = "https://gitlab.com/api/v4/projects/24386000/packages/generic/librewolf/${upstreamVersion}/LibreWolf.x86_64.AppImage";
hash = "sha256-h4SZnI2BwCSsLADYIxTXu82Jyst1hqYGHt54MnluLss=";
hash = "sha256-Sj3WkY3t8UHsh2v3xPaDb0IGp66YQIw9MKmmFFQCGvk=";
};
appimageContents = appimageTools.extract { inherit pname version src; };
in
@ -31,8 +31,5 @@ appimageTools.wrapType2 {
platforms = [ "x86_64-linux" ];
mainProgram = "librewolf";
sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ];
knownVulnerabilities = [
"CVE-2024-9680"
];
};
}

18
pkgs/by-name/lo/local-ai/package.nix
View File

@ -15,7 +15,7 @@
ffmpeg,
cmake,
pkg-config,
buildGoModule,
buildGo123Module,
makeWrapper,
ncurses,
which,
@ -147,8 +147,8 @@ let
src = fetchFromGitHub {
owner = "ggerganov";
repo = "llama.cpp";
rev = "fc54ef0d1c138133a01933296d50a36a1ab64735";
hash = "sha256-o87EhrA2Oa98pwyb6GSUgwERY0/GWJiX7kvlxDv4zb4=";
rev = "70392f1f81470607ba3afef04aa56c9f65587664";
hash = "sha256-PgdH3Q4lM45a7aLeN/19i0Ld4NuTfzh/caYOSdooFao=";
fetchSubmodules = true;
};
postPatch =
@ -299,8 +299,8 @@ let
src = fetchFromGitHub {
owner = "ggerganov";
repo = "whisper.cpp";
rev = "9e3c5345cd46ea718209db53464e426c3fe7a25e";
hash = "sha256-JOptyveuaKRLzeZ6GuB3A70IM7dk4we95g5o25XVXJI=";
rev = "0d2e2aed80109e8696791083bde3b58e190b7812";
hash = "sha256-HE9FLwLGVCggEF7VjWtdNhNnhe7c1RQp30spEIkK4TI=";
};
nativeBuildInputs = [
@ -431,12 +431,12 @@ let
stdenv;
pname = "local-ai";
version = "2.20.1";
version = "2.21.1";
src = fetchFromGitHub {
owner = "go-skynet";
repo = "LocalAI";
rev = "v${version}";
hash = "sha256-FeZZC0Tg9JT9Yj0e27GOLSdHEtWl17AHK3j7epwPyY8=";
hash = "sha256-UlXBg/FKv/GNz2PCEVvzhILNdyQvTfkw157sNpunf2I=";
};
prepare-sources =
@ -457,10 +457,10 @@ let
${cp} ${if with_tinydream then go-tiny-dream else go-tiny-dream.src} sources/go-tiny-dream
'';
self = buildGoModule.override { stdenv = effectiveStdenv; } {
self = buildGo123Module.override { stdenv = effectiveStdenv; } {
inherit pname version src;
vendorHash = "sha256-mDxp5frUIECSHKjxaJVqIP7mnIusvdT45Xlxc9+P5tE=";
vendorHash = "sha256-tb2nVUCUdaOWHpJz4zMqgfJ4PYUqGwV/0lj76n36sUg=";
env.NIX_CFLAGS_COMPILE = lib.optionalString with_stablediffusion " -isystem ${opencv}/include/opencv4";

6
pkgs/by-name/lu/lutgen/package.nix
View File

@ -8,16 +8,16 @@
rustPlatform.buildRustPackage rec {
pname = "lutgen";
version = "0.11.0";
version = "0.11.2";
src = fetchFromGitHub {
owner = "ozwaldorf";
repo = "lutgen-rs";
rev = "v${version}";
hash = "sha256-ybaapL9OUUQ+sO8P0JH1MuxCFmTihKp9gXJpM7KLY7U=";
hash = "sha256-jmMVeDDVb/TuxulDYj+8y4Kl42EJTAWb3tAsanfWduE=";
};
cargoHash = "sha256-Fxecnq7QKcDe6aAsKj9uye3sFdfkgFEKYmdqnvQDiAQ=";
cargoHash = "sha256-cT999TukdiKmmNUpK7SE1uiuNoLhmjdtz/2cYXFC6dk=";
nativeBuildInputs = [ installShellFiles ];

12
pkgs/data/fonts/lxgw-wenkai/default.nix → pkgs/by-name/lx/lxgw-wenkai/package.nix
View File

@ -1,12 +1,16 @@
{ lib, stdenvNoCC, fetchurl }:
{
lib,
stdenvNoCC,
fetchurl,
}:
stdenvNoCC.mkDerivation rec {
pname = "lxgw-wenkai";
version = "1.330";
version = "1.500";
src = fetchurl {
url = "https://github.com/lxgw/LxgwWenKai/releases/download/v${version}/${pname}-v${version}.tar.gz";
hash = "sha256-CscUUcyLsk/S70tT2uGRqLiF8fa4KxC9pVrOziWJ/fI=";
hash = "sha256-5cQSHrL/kllmsrOSEHDhsiIa3PXpDh5ELrCnVh/9pxI=";
};
installPhase = ''
@ -23,6 +27,6 @@ stdenvNoCC.mkDerivation rec {
description = "Open-source Chinese font derived from Fontworks' Klee One";
license = licenses.ofl;
platforms = platforms.all;
maintainers = with maintainers; [ elliot ];
maintainers = with maintainers; [ ryanccn ];
};
}

4
pkgs/by-name/mo/mold/package.nix
View File

@ -23,13 +23,13 @@
stdenv.mkDerivation rec {
pname = "mold";
version = "2.34.0";
version = "2.34.1";
src = fetchFromGitHub {
owner = "rui314";
repo = "mold";
rev = "v${version}";
hash = "sha256-QH9mtigVqt9ZrVBUyQcgUMW/8jtXHSYDWz6pprt6Hlk=";
hash = "sha256-x5fQ+dJFcxwENyTpZpQsMqTLtYQ8uuhUHV8jDpmltWg=";
};
nativeBuildInputs = [

4
pkgs/by-name/mu/music-assistant/package.nix
View File

@ -24,14 +24,14 @@ in
python.pkgs.buildPythonApplication rec {
pname = "music-assistant";
version = "2.2.6";
version = "2.2.7";
pyproject = true;
src = fetchFromGitHub {
owner = "music-assistant";
repo = "server";
rev = "refs/tags/${version}";
hash = "sha256-BEbcIq+qtJ1OffT2we6qajzvDYDu09rMcmJF1F06xZQ=";
hash = "sha256-GMjeNX8C027F+Wl/HfluWap9pDOeQwlM9qOs0Sp5tTI=";
};
patches = [

1815
pkgs/by-name/no/node-red/package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

6
pkgs/by-name/no/node-red/package.nix
View File

@ -8,16 +8,16 @@
buildNpmPackage rec {
pname = "node-red";
version = "4.0.3";
version = "4.0.4";
src = fetchFromGitHub {
owner = "node-red";
repo = "node-red";
rev = "refs/tags/${version}";
hash = "sha256-AiLGqpEUqvWpI+7cL7ZygT2mSCVt7zCUwEJXvRaiGT8=";
hash = "sha256-s+3OrTj/VwjnK6Ml+4aSlLo/GcpC6BWmGmxAaj1SsMI=";
};
npmDepsHash = "sha256-ipUhco5Z+x2FYqLPdgMYJk4eXrIqn1BHidaYXXgujis=";
npmDepsHash = "sha256-y3agiGh5qApyjFUkxjgEG+Ztx1FL4IOMaJsS4WwZY/c=";
postPatch =
let

25
pkgs/by-name/nu/numbat/package.nix
View File

@ -2,23 +2,33 @@
, stdenv
, testers
, fetchFromGitHub
, fetchpatch
, rustPlatform
, darwin
, numbat
, tzdata
}:
rustPlatform.buildRustPackage rec {
pname = "numbat";
version = "1.12.0";
version = "1.13.0";
src = fetchFromGitHub {
owner = "sharkdp";
repo = "numbat";
rev = "v${version}";
hash = "sha256-MYoNziQiyppftLPNM8cqEuNwUA4KCmtotQqDhgyef1E=";
hash = "sha256-o3EYhMFBgs/Ni+YCM3+RdUYlwRt+nMaEP/cAkDXMVHc=";
};
cargoHash = "sha256-t6vxJ0UIQJILCGv4PO5V4/QF5de/wtMQDkb8gPtE70E=";
cargoHash = "sha256-rK9RPd/hww2F87l/dd14pB4izE58NuqaewYaqMimV1M=";
patches = [
# https://github.com/sharkdp/numbat/pull/562
(fetchpatch {
url = "https://github.com/sharkdp/numbat/commit/4756a1989ecdab35fd05ca18c721ed15d8cde2b1.patch";
hash = "sha256-22+yePjy+MxJQ60EdvgaTw/IVV0d/wS2Iqza1p1xmfk=";
})
];
buildInputs = lib.optionals stdenv.hostPlatform.isDarwin [
darwin.apple_sdk.frameworks.Security
@ -31,6 +41,13 @@ rustPlatform.buildRustPackage rec {
cp -r $src/numbat/modules $out/share/numbat/
'';
preCheck = ''
# The datetime library used by Numbat, "jiff", always attempts to use the
# system TZDIR on Unix and doesn't fall back to the embedded tzdb when not
# present.
export TZDIR=${tzdata}/share/zoneinfo
'';
passthru.tests.version = testers.testVersion {
package = numbat;
};
@ -46,5 +63,7 @@ rustPlatform.buildRustPackage rec {
license = with licenses; [ asl20 mit ];
mainProgram = "numbat";
maintainers = with maintainers; [ giomf atemu ];
# Failing tests on Darwin.
broken = stdenv.isDarwin;
};
}

2
pkgs/by-name/op/openctm/package.nix
View File

@ -13,7 +13,7 @@ stdenv.mkDerivation (finalAttrs: {
version = "1.0.3";
src = fetchurl {
url = "https://downloads.sourceforge.net/project/openctm/OpenCTM-${finalAttrs.version}/OpenCTM-${finalAttrs.version}-src.tar.bz2";
url = "mirror://sourceforge/project/openctm/OpenCTM-${finalAttrs.version}/OpenCTM-${finalAttrs.version}-src.tar.bz2";
hash = "sha256-So0mCNlzZPfuxWt8Y3xWuTCK6YKGs+kNu3QTyQ6UPx0=";
};

2
pkgs/by-name/os/osu-lazer-bin/package.nix
View File

@ -25,7 +25,7 @@ let
};
x86_64-linux = fetchurl {
url = "https://github.com/ppy/osu/releases/download/${version}/osu.AppImage";
hash = "sha256-G7+Mr0Zd/p8XUVU5aG7KywvLD2hz2N37kEbm5rlghEw=";
hash = "sha256-PAbLw/IVJHe/y7YSyrTK9wJVcN3VIZYhrgDoHzYtjS8=";
};
}
.${stdenv.system} or (throw "osu-lazer-bin: ${stdenv.system} is unsupported.");

4
pkgs/by-name/pi/picom/package.nix
View File

@ -33,13 +33,13 @@
stdenv.mkDerivation (finalAttrs: {
pname = "picom";
version = "12.1";
version = "12.2";
src = fetchFromGitHub {
owner = "yshui";
repo = "picom";
rev = "v${finalAttrs.version}";
hash = "sha256-XBFSPSrG6C4n5oQUQbWXyy9iCuEdrdaxU0CPR73juzk=";
hash = "sha256-tT4OIzIX+phbze2+9f3WQN6RuGKlSQ+Ocp4xodvdPC0=";
fetchSubmodules = true;
};

6
pkgs/by-name/sc/schemamap/package.nix
View File

@ -9,7 +9,7 @@
}:
let
version = "0.3.0";
version = "0.4.0";
in
rustPlatform.buildRustPackage rec {
pname = "schemamap";
@ -19,12 +19,12 @@ rustPlatform.buildRustPackage rec {
owner = "schemamap";
repo = "schemamap";
rev = "v${version}";
hash = "sha256-49i2zyOy/yngSgvKd66RsOhF6OlYfgDnEtPEbmhEcIo=";
hash = "sha256-L5p7Kh5sQAlDHrXgWUuiYZb3sV0Mp2ODEOMQsaB0iMs=";
};
sourceRoot = "${src.name}/rust";
cargoHash = "sha256-ILgvS96D6yF4Teaa5on6jHZlVoxRLSk8A523PzH1b5Y=";
cargoHash = "sha256-rwAujQC/zV5nH5YQdjPRyf1L7SYSbdS3FJ5SAVMlhRE=";
buildInputs =
[ openssl ]

4
pkgs/by-name/sv/svt-av1-psy/package.nix
View File

@ -9,13 +9,13 @@
stdenv.mkDerivation (finalAttrs: {
pname = "svt-av1-psy";
version = "2.2.1";
version = "2.2.1-A";
src = fetchFromGitHub {
owner = "gianni-rosato";
repo = "svt-av1-psy";
rev = "refs/tags/v${finalAttrs.version}";
hash = "sha256-4ds7yrUMp0O5/aWOkdnrANR1D3djajU/0ZeY6xJnpHI=";
hash = "sha256-oCs8ZSfiqmAv2go6fa51l/Kt2pb1qdvuHtACRT2xGrw=";
};
cmakeBuildType = "Release";

13
pkgs/by-name/te/terraform-docs/package.nix
View File

@ -1,7 +1,9 @@
{
stdenv,
lib,
buildGoModule,
fetchFromGitHub,
installShellFiles,
}:
buildGoModule rec {
pname = "terraform-docs";
@ -16,6 +18,17 @@ buildGoModule rec {
vendorHash = "sha256-aweKTHQBYYqSp8CymwhnVv1WNQ7cZ1/bJNz7DSo7PKc=";
excludedPackages = [ "scripts" ];
nativeBuildInputs = [ installShellFiles ];
postInstall = lib.optionalString (stdenv.buildPlatform.canExecute stdenv.hostPlatform) ''
$out/bin/terraform-docs completion bash >terraform-docs.bash
$out/bin/terraform-docs completion fish >terraform-docs.fish
$out/bin/terraform-docs completion zsh >terraform-docs.zsh
installShellCompletion terraform-docs.{bash,fish,zsh}
'';
meta = with lib; {
description = "Utility to generate documentation from Terraform modules in various output formats";
mainProgram = "terraform-docs";

22
pkgs/by-name/tt/ttop/lock.json
View File

@ -10,19 +10,19 @@
"rev": "9f51fc4e94d0960ab63fa6ea274518159720aa69",
"sha256": "1n8cx5vl26ppjsn889zmfpa37yhlxahy2va4bqp6q4v4r1dl1h14",
"srcDir": "src",
"url": "https://github.com/Yardanico/asciigraph/archive/9f51fc4e94d0960ab63fa6ea274518159720aa69.tar.gz"
"url": "https://github.com/nimbackup/asciigraph/archive/9f51fc4e94d0960ab63fa6ea274518159720aa69.tar.gz"
},
{
"method": "fetchzip",
"packages": [
"illwill"
],
"path": "/nix/store/3lmm3z36qn4gz7bfa209zv0pqrpm3di9-source",
"ref": "v0.3.2",
"rev": "1d12cb36ab7b76c31d2d25fa421013ecb382e625",
"sha256": "0f9yncl5gbdja18mrqf5ixrdgrh95k0khda923dm1jd1x1b7ar8z",
"path": "/nix/store/k3sxzm7qnkgnwkrfd8hc3gkwzbayb1h1-source",
"ref": "v0.4.1",
"rev": "2736d9e0eb6b2bf32cd2fdb8226407a388362cd1",
"sha256": "0hiic5yjsaw6sgl1jzmfpm5g6a5ckzmd29c3pzg30glchn2g94sk",
"srcDir": "",
"url": "https://github.com/johnnovak/illwill/archive/1d12cb36ab7b76c31d2d25fa421013ecb382e625.tar.gz"
"url": "https://github.com/johnnovak/illwill/archive/99a120f7f69868b94f5d35ce7e21dd12535de70c.tar.gz"
},
{
"method": "fetchzip",
@ -52,12 +52,12 @@
"packages": [
"zippy"
],
"path": "/nix/store/dj520pi1q9xh5gplcjs0jsn5wgnaa0cr-source",
"ref": "0.10.11",
"rev": "9560f3d20479fb390c97f731ef8d100f1ed54e6c",
"sha256": "140r42kgynwsnrga4x2mildx9pflwniyhjjzmid2jvnl4i6jrsr4",
"path": "/nix/store/zcd2hmjxlkp1bpb7c9xrpg153ssj3w0b-source",
"ref": "0.10.16",
"rev": "a99f6a7d8a8e3e0213b3cad0daf0ea974bf58e3f",
"sha256": "16qdnyql8d7nm7nwwpq0maflm3p6cpbb2jfaqx6xkld9xkc9lsbv",
"srcDir": "src",
"url": "https://github.com/guzba/zippy/archive/9560f3d20479fb390c97f731ef8d100f1ed54e6c.tar.gz"
"url": "https://github.com/guzba/zippy/archive/a99f6a7d8a8e3e0213b3cad0daf0ea974bf58e3f.tar.gz"
}
]
}

4
pkgs/by-name/tt/ttop/package.nix
View File

@ -2,13 +2,13 @@
buildNimPackage (finalAttrs: {
pname = "ttop";
version = "1.2.8";
version = "1.5.2";
src = fetchFromGitHub {
owner = "inv2004";
repo = "ttop";
rev = "v${finalAttrs.version}";
hash = "sha256-QMUrA3OjxlDa1OxptJL7T3SPDTzSwVz6zz+ueh9eovM=";
hash = "sha256-/rs5JjTXxptVHXL3fY8qP6Be3r5N871CEbUH7w6zx4A=";
};
lockFile = ./lock.json;

Some files were not shown because too many files have changed in this diff Show More