dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge master into staging-next

Browse Source
This commit is contained in:
github-actions[bot] 2024-10-09 00:14:24 +00:00 committed by GitHub
commit b1bc4ea2b5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
102 changed files with 6623 additions and 2836 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
.github/CODEOWNERS vendored
View File

@ -15,6 +15,8 @@
/.github/workflows @NixOS/Security @Mic92 @zowoq
/.github/workflows/check-nix-format.yml @infinisil
/.github/workflows/nixpkgs-vet.yml @infinisil @philiptaron
/.github/workflows/codeowners.yml @infinisil
/.github/OWNERS @infinisil
/ci @infinisil @philiptaron @NixOS/Security
# Development support
@ -28,7 +30,7 @@
/lib/cli.nix @infinisil @Profpatsch
/lib/debug.nix @infinisil @Profpatsch
/lib/asserts.nix @infinisil @Profpatsch
/lib/path.* @infinisil
/lib/path/* @infinisil
/lib/fileset @infinisil
## Libraries / Module system
/lib/modules.nix @infinisil @roberth
@ -105,7 +107,7 @@ nixos/modules/installer/tools/nix-fallback-paths.nix @NixOS/nix-team @raitobeza
/nixos/lib/test-driver @tfc
# NixOS QEMU virtualisation
/nixos/virtualisation/qemu-vm.nix @raitobezarius
/nixos/modules/virtualisation/qemu-vm.nix @raitobezarius
# ACME
/nixos/modules/security/acme @arianvp @flokli @aanderse @emilazy # no merge permission: @m1cr0man
@ -170,7 +172,7 @@ nixos/modules/installer/tools/nix-fallback-paths.nix @NixOS/nix-team @raitobeza
# Audio
/nixos/modules/services/audio/botamusique.nix @mweinelt
/nixos/modules/services/audio/snapserver.nix @mweinelt
/nixos/tests/modules/services/audio/botamusique.nix @mweinelt
/nixos/tests/botamusique.nix @mweinelt
/nixos/tests/snapcast.nix @mweinelt
# Browsers
@ -204,21 +206,20 @@ pkgs/development/python-modules/buildcatrust/ @ajs124 @lukegb @mweinelt
# PostgreSQL and related stuff
/pkgs/servers/sql/postgresql @thoughtpolice
/nixos/modules/services/databases/postgresql.xml @thoughtpolice
/nixos/modules/services/databases/postgresql.md @thoughtpolice
/nixos/modules/services/databases/postgresql.nix @thoughtpolice
/nixos/tests/postgresql.nix @thoughtpolice
# Hardened profile & related modules
/nixos/modules/profiles/hardened.nix @joachifm
/nixos/modules/security/hidepid.nix @joachifm
/nixos/modules/security/lock-kernel-modules.nix @joachifm
/nixos/modules/security/misc.nix @joachifm
/nixos/tests/hardened.nix @joachifm
/pkgs/os-specific/linux/kernel/hardened-config.nix @joachifm
/pkgs/os-specific/linux/kernel/hardened/config.nix @joachifm
# Home Automation
/nixos/modules/services/misc/home-assistant.nix @mweinelt
/nixos/modules/services/misc/zigbee2mqtt.nix @mweinelt
/nixos/modules/services/home-automation/home-assistant.nix @mweinelt
/nixos/modules/services/home-automation/zigbee2mqtt.nix @mweinelt
/nixos/tests/home-assistant.nix @mweinelt
/nixos/tests/zigbee2mqtt.nix @mweinelt
/pkgs/servers/home-assistant @mweinelt
@ -316,8 +317,6 @@ pkgs/development/python-modules/buildcatrust/ @ajs124 @lukegb @mweinelt
# nim
/pkgs/development/compilers/nim @ehmry
/pkgs/development/nim-packages @ehmry
/pkgs/top-level/nim-packages.nix @ehmry
# terraform providers
/pkgs/applications/networking/cluster/terraform-providers @zowoq

19
.github/OWNERS vendored Normal file
View File

@ -0,0 +1,19 @@
#
# Currently unused! Use CODEOWNERS for now, see workflows/codeowners.yml
#
####################
#
# This file is used to describe who owns what in this repository.
# Users/teams will get review requests for PRs that change their files.
#
# This file does not replace `meta.maintainers`
# but is instead used for other things than derivations and modules,
# like documentation, package sets, and other assets.
#
# This file uses the same syntax as the natively supported CODEOWNERS file,
# see https://help.github.com/articles/about-codeowners/ for documentation.
# However it comes with some notable differences:
# - There is no need for user/team listed here to have write access.
# - No reviews will be requested for PRs that target the wrong base branch.
#
# Processing of this file is implemented in workflows/codeowners.yml

88
.github/workflows/codeowners.yml vendored Normal file
View File

@ -0,0 +1,88 @@
name: Codeowners
# This workflow depends on a GitHub App with the following permissions:
# - Repository > Administration: read-only
# - Organization > Members: read-only
# - Repository > Pull Requests: read-write
# The App needs to be installed on this repository
# the OWNER_APP_ID repository variable needs to be set
# the OWNER_APP_PRIVATE_KEY repository secret needs to be set
on:
pull_request_target:
types: [opened, ready_for_review, synchronize, reopened, edited]
env:
# TODO: Once confirmed that this works by seeing that the action would request
# reviews from the same people (or refuse for wrong base branches),
# move all entries from CODEOWNERS to OWNERS and change this value here
# OWNERS_FILE: .github/OWNERS
OWNERS_FILE: .github/CODEOWNERS
# Also remove this
DRY_MODE: 1
jobs:
# Check that code owners is valid
check:
name: Check
runs-on: ubuntu-latest
steps:
- uses: cachix/install-nix-action@08dcb3a5e62fa31e2da3d490afc4176ef55ecd72 # v30
# Important: Because we use pull_request_target, this checks out the base branch of the PR, not the PR itself.
# We later build and run code from the base branch with access to secrets,
# so it's important this is not the PRs code.
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
path: base
- name: Build codeowners validator
run: nix-build base/ci -A codeownersValidator
- uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0
id: app-token
with:
app-id: ${{ vars.OWNER_APP_ID }}
private-key: ${{ secrets.OWNER_APP_PRIVATE_KEY }}
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
ref: refs/pull/${{ github.event.number }}/merge
path: pr
- name: Validate codeowners
run: result/bin/codeowners-validator
env:
OWNERS_FILE: pr/${{ env.OWNERS_FILE }}
GITHUB_ACCESS_TOKEN: ${{ steps.app-token.outputs.token }}
REPOSITORY_PATH: pr
OWNER_CHECKER_REPOSITORY: ${{ github.repository }}
# Set this to "notowned,avoid-shadowing" to check that all files are owned by somebody
EXPERIMENTAL_CHECKS: "avoid-shadowing"
# Request reviews from code owners
request:
name: Request
runs-on: ubuntu-latest
steps:
- uses: cachix/install-nix-action@08dcb3a5e62fa31e2da3d490afc4176ef55ecd72 # v30
# Important: Because we use pull_request_target, this checks out the base branch of the PR, not the PR head.
# This is intentional, because we need to request the review of owners as declared in the base branch.
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0
id: app-token
with:
app-id: ${{ vars.OWNER_APP_ID }}
private-key: ${{ secrets.OWNER_APP_PRIVATE_KEY }}
- name: Build review request package
run: nix-build ci -A requestReviews
- name: Request reviews
run: result/bin/request-reviews.sh ${{ github.repository }} ${{ github.event.number }} "$OWNERS_FILE"
env:
GH_TOKEN: ${{ steps.app-token.outputs.token }}
# Don't do anything on draft PRs
DRY_MODE: ${{ github.event.pull_request.draft && '1' || '' }}

31
ci/codeowners-validator/default.nix Normal file
View File

@ -0,0 +1,31 @@
{
buildGoModule,
fetchFromGitHub,
fetchpatch,
}:
buildGoModule {
name = "codeowners-validator";
src = fetchFromGitHub {
owner = "mszostok";
repo = "codeowners-validator";
rev = "f3651e3810802a37bd965e6a9a7210728179d076";
hash = "sha256-5aSmmRTsOuPcVLWfDF6EBz+6+/Qpbj66udAmi1CLmWQ=";
};
patches = [
# https://github.com/mszostok/codeowners-validator/pull/222
(fetchpatch {
name = "user-write-access-check";
url = "https://github.com/mszostok/codeowners-validator/compare/f3651e3810802a37bd965e6a9a7210728179d076...840eeb88b4da92bda3e13c838f67f6540b9e8529.patch";
hash = "sha256-t3Dtt8SP9nbO3gBrM0nRE7+G6N/ZIaczDyVHYAG/6mU=";
})
# Undoes part of the above PR: We don't want to require write access
# to the repository, that's only needed for GitHub's native CODEOWNERS.
# Furthermore, it removes an unneccessary check from the code
# that breaks tokens generated for GitHub Apps.
./permissions.patch
# Allows setting a custom CODEOWNERS path using the OWNERS_FILE env var
./owners-file-name.patch
];
postPatch = "rm -r docs/investigation";
vendorHash = "sha256-R+pW3xcfpkTRqfS2ETVOwG8PZr0iH5ewroiF7u8hcYI=";
}

15
ci/codeowners-validator/owners-file-name.patch Normal file
View File

@ -0,0 +1,15 @@
diff --git a/pkg/codeowners/owners.go b/pkg/codeowners/owners.go
index 6910bd2..e0c95e9 100644
--- a/pkg/codeowners/owners.go
+++ b/pkg/codeowners/owners.go
@@ -39,6 +39,10 @@ func NewFromPath(repoPath string) ([]Entry, error) {
// openCodeownersFile finds a CODEOWNERS file and returns content.
// see: https://help.github.com/articles/about-code-owners/#codeowners-file-location
func openCodeownersFile(dir string) (io.Reader, error) {
+ if file, ok := os.LookupEnv("OWNERS_FILE"); ok {
+ return fs.Open(file)
+ }
+
var detectedFiles []string
for _, p := range []string{".", "docs", ".github"} {
pth := path.Join(dir, p)

36
ci/codeowners-validator/permissions.patch Normal file
View File

@ -0,0 +1,36 @@
diff --git a/internal/check/valid_owner.go b/internal/check/valid_owner.go
index a264bcc..610eda8 100644
--- a/internal/check/valid_owner.go
+++ b/internal/check/valid_owner.go
@@ -16,7 +16,6 @@ import (
const scopeHeader = "X-OAuth-Scopes"
var reqScopes = map[github.Scope]struct{}{
- github.ScopeReadOrg: {},
}
type ValidOwnerConfig struct {
@@ -223,10 +222,7 @@ func (v *ValidOwner) validateTeam(ctx context.Context, name string) *validateErr
for _, t := range v.repoTeams {
// GitHub normalizes name before comparison
if strings.EqualFold(t.GetSlug(), team) {
- if t.Permissions["push"] {
- return nil
- }
- return newValidateError("Team %q cannot review PRs on %q as neither it nor any parent team has write permissions.", team, v.orgRepoName)
+ return nil
}
}
@@ -245,10 +241,7 @@ func (v *ValidOwner) validateGitHubUser(ctx context.Context, name string) *valid
for _, u := range v.repoUsers {
// GitHub normalizes name before comparison
if strings.EqualFold(u.GetLogin(), userName) {
- if u.Permissions["push"] {
- return nil
- }
- return newValidateError("User %q cannot review PRs on %q as they don't have write permissions.", userName, v.orgRepoName)
+ return nil
}
}

29
ci/default.nix Normal file
View File

@ -0,0 +1,29 @@
let
pinnedNixpkgs = builtins.fromJSON (builtins.readFile ./pinned-nixpkgs.json);
in
{
system ? builtins.currentSystem,
nixpkgs ? null,
}:
let
nixpkgs' =
if nixpkgs == null then
fetchTarball {
url = "https://github.com/NixOS/nixpkgs/archive/${pinnedNixpkgs.rev}.tar.gz";
sha256 = pinnedNixpkgs.sha256;
}
else
nixpkgs;
pkgs = import nixpkgs' {
inherit system;
config = { };
overlays = [ ];
};
in
{
inherit pkgs;
requestReviews = pkgs.callPackage ./request-reviews { };
codeownersValidator = pkgs.callPackage ./codeowners-validator { };
}

43
ci/request-reviews/default.nix Normal file
View File

@ -0,0 +1,43 @@
{
lib,
stdenvNoCC,
makeWrapper,
coreutils,
codeowners,
jq,
curl,
github-cli,
gitMinimal,
}:
stdenvNoCC.mkDerivation {
name = "request-reviews";
src = lib.fileset.toSource {
root = ./.;
fileset = lib.fileset.unions [
./get-reviewers.sh
./request-reviews.sh
./verify-base-branch.sh
./dev-branches.txt
];
};
nativeBuildInputs = [ makeWrapper ];
dontBuild = true;
installPhase = ''
mkdir -p $out/bin
mv dev-branches.txt $out/bin
for bin in *.sh; do
mv "$bin" "$out/bin"
wrapProgram "$out/bin/$bin" \
--set PATH ${
lib.makeBinPath [
coreutils
codeowners
jq
curl
github-cli
gitMinimal
]
}
done
'';
}

7
ci/request-reviews/dev-branches.txt Normal file
View File

@ -0,0 +1,7 @@
# Trusted development branches:
# These generally require PRs to update and are built by Hydra.
master
staging
release-*
staging-*
haskell-updates

87
ci/request-reviews/get-reviewers.sh Executable file
View File

@ -0,0 +1,87 @@
#!/usr/bin/env bash
# Get the code owners of the files changed by a PR,
# suitable to be consumed by the API endpoint to request reviews:
# https://docs.github.com/en/rest/pulls/review-requests?apiVersion=2022-11-28#request-reviewers-for-a-pull-request
set -euo pipefail
log() {
echo "$@" >&2
}
if (( "$#" < 5 )); then
log "Usage: $0 GIT_REPO BASE_REF HEAD_REF OWNERS_FILE PR_AUTHOR"
exit 1
fi
gitRepo=$1
baseRef=$2
headRef=$3
ownersFile=$4
prAuthor=$5
tmp=$(mktemp -d)
trap 'rm -rf "$tmp"' exit
git -C "$gitRepo" diff --name-only --merge-base "$baseRef" "$headRef" > "$tmp/touched-files"
readarray -t touchedFiles < "$tmp/touched-files"
log "This PR touches ${#touchedFiles[@]} files"
# Get the owners file from the base, because we don't want to allow PRs to
# remove code owners to avoid pinging them
git -C "$gitRepo" show "$baseRef":"$ownersFile" > "$tmp"/codeowners
# Associative arrays with the team/user as the key for easy deduplication
declare -A teams users
for file in "${touchedFiles[@]}"; do
result=$(codeowners --file "$tmp"/codeowners "$file")
read -r file owners <<< "$result"
if [[ "$owners" == "(unowned)" ]]; then
log "File $file is unowned"
continue
fi
log "File $file is owned by $owners"
# Split up multiple owners, separated by arbitrary amounts of spaces
IFS=" " read -r -a entries <<< "$owners"
for entry in "${entries[@]}"; do
# GitHub technically also supports Emails as code owners,
# but we can't easily support that, so let's not
if [[ ! "$entry" =~ @(.*) ]]; then
warn -e "\e[33mCodeowner \"$entry\" for file $file is not valid: Must start with \"@\"\e[0m" >&2
# Don't fail, because the PR for which this script runs can't fix it,
# it has to be fixed in the base branch
continue
fi
# The first regex match is everything after the @
entry=${BASH_REMATCH[1]}
if [[ "$entry" =~ .*/(.*) ]]; then
# Teams look like $org/$team, where we only need $team for the API
# call to request reviews from teams
teams[${BASH_REMATCH[1]}]=
else
# Everything else is a user
users[$entry]=
fi
done
done
# Cannot request a review from the author
if [[ -v users[$prAuthor] ]]; then
log "One or more files are owned by the PR author, ignoring"
unset 'users[$prAuthor]'
fi
# Turn it into a JSON for the GitHub API call to request PR reviewers
jq -n \
--arg users "${!users[*]}" \
--arg teams "${!teams[*]}" \
'{
reviewers: $users | split(" "),
team_reviewers: $teams | split(" ")
}'

97
ci/request-reviews/request-reviews.sh Executable file
View File

@ -0,0 +1,97 @@
#!/usr/bin/env bash
# Requests reviews for a PR after verifying that the base branch is correct
set -euo pipefail
tmp=$(mktemp -d)
trap 'rm -rf "$tmp"' exit
SCRIPT_DIR=$(dirname "$0")
log() {
echo "$@" >&2
}
effect() {
if [[ -n "${DRY_MODE:-}" ]]; then
log "Skipping in dry mode:" "${@@Q}"
else
"$@"
fi
}
if (( $# < 3 )); then
log "Usage: $0 GITHUB_REPO PR_NUMBER OWNERS_FILE"
exit 1
fi
baseRepo=$1
prNumber=$2
ownersFile=$3
log "Fetching PR info"
prInfo=$(gh api \
-H "Accept: application/vnd.github+json" \
-H "X-GitHub-Api-Version: 2022-11-28" \
"/repos/$baseRepo/pulls/$prNumber")
baseBranch=$(jq -r .base.ref <<< "$prInfo")
log "Base branch: $baseBranch"
prRepo=$(jq -r .head.repo.full_name <<< "$prInfo")
log "PR repo: $prRepo"
prBranch=$(jq -r .head.ref <<< "$prInfo")
log "PR branch: $prBranch"
prAuthor=$(jq -r .user.login <<< "$prInfo")
log "PR author: $prAuthor"
extraArgs=()
if pwdRepo=$(git rev-parse --show-toplevel 2>/dev/null); then
# Speedup for local runs
extraArgs+=(--reference-if-able "$pwdRepo")
fi
log "Fetching Nixpkgs commit history"
# We only need the commit history, not the contents, so we can do a tree-less clone using tree:0
# https://github.blog/open-source/git/get-up-to-speed-with-partial-clone-and-shallow-clone/#user-content-quick-summary
git clone --bare --filter=tree:0 --no-tags --origin upstream "${extraArgs[@]}" https://github.com/"$baseRepo".git "$tmp"/nixpkgs.git
log "Fetching the PR commit history"
# Fetch the PR
git -C "$tmp/nixpkgs.git" remote add fork https://github.com/"$prRepo".git
# This remote config is the same as --filter=tree:0 when cloning
git -C "$tmp/nixpkgs.git" config remote.fork.partialclonefilter tree:0
git -C "$tmp/nixpkgs.git" config remote.fork.promisor true
# This should not conflict with any refs in Nixpkgs
headRef=refs/remotes/fork/pr
# Only fetch into a remote ref, because the local ref namespace is used by Nixpkgs, don't want any conflicts
git -C "$tmp/nixpkgs.git" fetch --no-tags fork "$prBranch":"$headRef"
log "Checking correctness of the base branch"
if ! "$SCRIPT_DIR"/verify-base-branch.sh "$tmp/nixpkgs.git" "$headRef" "$baseRepo" "$baseBranch" "$prRepo" "$prBranch" | tee "$tmp/invalid-base-error" >&2; then
log "Posting error as comment"
if ! response=$(effect gh api \
--method POST \
-H "Accept: application/vnd.github+json" \
-H "X-GitHub-Api-Version: 2022-11-28" \
"/repos/$baseRepo/issues/$prNumber/comments" \
-F "body=@$tmp/invalid-base-error"); then
log "Failed to post the comment: $response"
fi
exit 1
fi
log "Getting code owners to request reviews from"
"$SCRIPT_DIR"/get-reviewers.sh "$tmp/nixpkgs.git" "$baseBranch" "$headRef" "$ownersFile" "$prAuthor" > "$tmp/reviewers.json"
log "Requesting reviews from: $(<"$tmp/reviewers.json")"
if ! response=$(effect gh api \
--method POST \
-H "Accept: application/vnd.github+json" \
-H "X-GitHub-Api-Version: 2022-11-28" \
"/repos/$baseRepo/pulls/$prNumber/requested_reviewers" \
--input "$tmp/reviewers.json"); then
log "Failed to request reviews: $response"
exit 1
fi
log "Successfully requested reviews"

103
ci/request-reviews/verify-base-branch.sh Executable file
View File

@ -0,0 +1,103 @@
#!/usr/bin/env bash
# Check that a PR doesn't include commits from other development branches.
# Fails with next steps if it does
set -euo pipefail
tmp=$(mktemp -d)
trap 'rm -rf "$tmp"' exit
SCRIPT_DIR=$(dirname "$0")
log() {
echo "$@" >&2
}
# Small helper to check whether an element is in a list
# Usage: `elementIn foo "${list[@]}"`
elementIn() {
local e match=$1
shift
for e; do
if [[ "$e" == "$match" ]]; then
return 0
fi
done
return 1
}
if (( $# < 6 )); then
log "Usage: $0 LOCAL_REPO HEAD_REF BASE_REPO BASE_BRANCH PR_REPO PR_BRANCH"
exit 1
fi
localRepo=$1
headRef=$2
baseRepo=$3
baseBranch=$4
prRepo=$5
prBranch=$6
# All development branches
devBranchPatterns=()
while read -r pattern; do
if [[ "$pattern" != '#'* ]]; then
devBranchPatterns+=("$pattern")
fi
done < "$SCRIPT_DIR/dev-branches.txt"
git -C "$localRepo" branch --list --format "%(refname:short)" "${devBranchPatterns[@]}" > "$tmp/dev-branches"
readarray -t devBranches < "$tmp/dev-branches"
if [[ "$baseRepo" == "$prRepo" ]] && elementIn "$prBranch" "${devBranches[@]}"; then
log "This PR merges $prBranch into $baseBranch, no commit check necessary"
exit 0
fi
# The current merge base of the PR
prMergeBase=$(git -C "$localRepo" merge-base "$baseBranch" "$headRef")
log "The PR's merge base with the base branch $baseBranch is $prMergeBase"
# This is purely for debugging
git -C "$localRepo" rev-list --reverse "$baseBranch".."$headRef" > "$tmp/pr-commits"
log "The PR includes these $(wc -l < "$tmp/pr-commits") commits:"
cat <"$tmp/pr-commits" >&2
for testBranch in "${devBranches[@]}"; do
if [[ -z "$(git -C "$localRepo" rev-list -1 --since="1 month ago" "$testBranch")" ]]; then
log "Not checking $testBranch, was inactive for the last month"
continue
fi
log "Checking if commits from $testBranch are included in the PR"
# We need to check for any commits that are in the PR which are also in the test branch.
# We could check each commit from the PR individually, but that's unnecessarily slow.
#
# This does _almost_ what we want: `git rev-list --count headRef testBranch ^baseBranch`,
# except that it includes commits that are reachable from _either_ headRef or testBranch,
# instead of restricting it to ones reachable by both
# Easily fixable though, because we can use `git merge-base testBranch headRef`
# to get the least common ancestor (aka merge base) commit reachable by both.
# If the branch being tested is indeed the right base branch,
# this is then also the commit from that branch that the PR is based on top of.
testMergeBase=$(git -C "$localRepo" merge-base "$testBranch" "$headRef")
# And then use the `git rev-list --count`, but replacing the non-working
# `headRef testBranch` with the merge base of the two.
extraCommits=$(git -C "$localRepo" rev-list --count "$testMergeBase" ^"$baseBranch")
if (( extraCommits != 0 )); then
log -e "\e[33m"
echo "The PR's base branch is set to $baseBranch, but $extraCommits commits from the $testBranch branch are included. Make sure you know the [right base branch for your changes](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md#branch-conventions), then:"
echo "- If the changes should go to the $testBranch branch, [change the base branch](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-base-branch-of-a-pull-request) to $testBranch"
echo "- If the changes should go to the $baseBranch branch, rebase your PR onto the merge base with the $testBranch branch:"
echo " \`\`\`"
echo " git rebase --onto $prMergeBase $testMergeBase"
echo " git push --force-with-lease"
echo " \`\`\`"
log -e "\e[m"
exit 1
fi
done
log "Base branch is correct, no commits from development branches are included"

11
nixos/doc/manual/release-notes/rl-2411.section.md
View File

@ -62,6 +62,15 @@
- The OCaml-based Xen Store can now be configured using [`virtualisation.xen.store.settings`](#opt-virtualisation.xen.store.settings).
- The `virtualisation.xen.bridge` options have been deprecated in this release cycle. Users who need network bridges are encouraged to set up their own networking configurations.
- A new option [`systemd.enableStrictShellChecks`](#opt-systemd.enableStrictShellChecks) has been added. When enabled, all systemd scripts generated by NixOS will
be checked with [shellcheck](https://www.shellcheck.net) and any errors or warnings will cause the build to fail.
This affects all scripts that have been created through the `script`, `reload`, `preStart`, `postStart`, `preStop` and `postStop` options for systemd services.
This does not affect commandlines passed directly to `ExecStart`, `ExecReload`, `ExecStartPre`, `ExecStartPost`, `ExecStop` or `ExecStopPost`.
It therefore also does not affect systemd units that are coming from packages and that are not defined through the NixOS config.
This option is disabled by default, and although some services have already been fixed, it is still likely that you will encounter build failures when enabling this.
We encourage people to enable this option when they are willing and able to submit fixes for potential build failures to nixpkgs.
The option can also be enabled or disabled for individual services using the `enableStrictShellChecks` option on the service itself, which will take precedence over the global setting.
## New Modules {#sec-release-24.11-new-modules}
- [TaskChampion Sync-Server](https://github.com/GothenburgBitFactory/taskchampion-sync-server), a [Taskwarrior 3](https://taskwarrior.org/docs/upgrade-3/) sync server, replacing Taskwarrior 2's sync server named [`taskserver`](https://github.com/GothenburgBitFactory/taskserver).
@ -508,6 +517,8 @@
- The `lsh` package and the `services.lshd` module have been removed as they had no maintainer in Nixpkgs and hadnt seen an upstream release in over a decade. It is recommended to migrate to `openssh` and `services.openssh`.
- `ceph` has been upgraded to v19. See the [Ceph "squid" release notes](https://docs.ceph.com/en/latest/releases/squid/#v19-2-0-squid) for details and recommended upgrade procedure.
- `opencv2` and `opencv3` have been removed, as they are obsolete and
were not used by any other package. External users are encouraged to
migrate to OpenCV 4.

29
nixos/lib/systemd-lib.nix
View File

@ -386,18 +386,27 @@ in rec {
''}
''; # */
makeJobScript = name: text:
makeJobScript = { name, text, enableStrictShellChecks }:
let
scriptName = replaceStrings [ "\\" "@" ] [ "-" "_" ] (shellEscape name);
out = (pkgs.writeShellScriptBin scriptName ''
set -e
${text}
'').overrideAttrs (_: {
out = (
if ! enableStrictShellChecks then
pkgs.writeShellScriptBin scriptName ''
set -e
${text}
''
else
pkgs.writeShellApplication {
name = scriptName;
inherit text;
}
).overrideAttrs (_: {
# The derivation name is different from the script file name
# to keep the script file name short to avoid cluttering logs.
name = "unit-script-${scriptName}";
});
in "${out}/bin/${scriptName}";
in lib.getExe out;
unitConfig = { config, name, options, ... }: {
config = {
@ -448,10 +457,16 @@ in rec {
};
};
serviceConfig = { name, config, ... }: {
serviceConfig =
let
nixosConfig = config;
in
{ name, lib, config, ... }: {
config = {
name = "${name}.service";
environment.PATH = mkIf (config.path != []) "${makeBinPath config.path}:${makeSearchPathOutput "bin" "sbin" config.path}";
enableStrictShellChecks = lib.mkOptionDefault nixosConfig.systemd.enableStrictShellChecks;
};
};

45
nixos/lib/systemd-unit-options.nix
View File

@ -17,6 +17,7 @@ let
concatMap
filterOverrides
isList
literalExpression
mergeEqualOption
mkIf
mkMerge
@ -357,6 +358,14 @@ in rec {
'';
};
enableStrictShellChecks = mkOption {
type = types.bool;
description = "Enable running shellcheck on the generated scripts for this unit.";
# The default gets set in systemd-lib.nix because we don't have access to
# the full NixOS config here.
defaultText = literalExpression "config.systemd.enableStrictShellChecks";
};
script = mkOption {
type = types.lines;
default = "";
@ -428,27 +437,51 @@ in rec {
config = mkMerge [
(mkIf (config.preStart != "") rec {
jobScripts = makeJobScript "${name}-pre-start" config.preStart;
jobScripts = makeJobScript {
name = "${name}-pre-start";
text = config.preStart;
inherit (config) enableStrictShellChecks;
};
serviceConfig.ExecStartPre = [ jobScripts ];
})
(mkIf (config.script != "") rec {
jobScripts = makeJobScript "${name}-start" config.script;
jobScripts = makeJobScript {
name = "${name}-start";
text = config.script;
inherit (config) enableStrictShellChecks;
};
serviceConfig.ExecStart = jobScripts + " " + config.scriptArgs;
})
(mkIf (config.postStart != "") rec {
jobScripts = (makeJobScript "${name}-post-start" config.postStart);
jobScripts = makeJobScript {
name = "${name}-post-start";
text = config.postStart;
inherit (config) enableStrictShellChecks;
};
serviceConfig.ExecStartPost = [ jobScripts ];
})
(mkIf (config.reload != "") rec {
jobScripts = makeJobScript "${name}-reload" config.reload;
jobScripts = makeJobScript {
name = "${name}-reload";
text = config.reload;
inherit (config) enableStrictShellChecks;
};
serviceConfig.ExecReload = jobScripts;
})
(mkIf (config.preStop != "") rec {
jobScripts = makeJobScript "${name}-pre-stop" config.preStop;
jobScripts = makeJobScript {
name = "${name}-pre-stop";
text = config.preStop;
inherit (config) enableStrictShellChecks;
};
serviceConfig.ExecStop = jobScripts;
})
(mkIf (config.postStop != "") rec {
jobScripts = makeJobScript "${name}-post-stop" config.postStop;
jobScripts = makeJobScript {
name = "${name}-post-stop";
text = config.postStop;
inherit (config) enableStrictShellChecks;
};
serviceConfig.ExecStopPost = jobScripts;
})
];

2
nixos/modules/system/boot/systemd.nix
View File

@ -197,6 +197,8 @@ in
package = mkPackageOption pkgs "systemd" {};
enableStrictShellChecks = mkEnableOption "running shellcheck on the generated scripts for systemd units.";
units = mkOption {
description = "Definition of systemd units; see {manpage}`systemd.unit(5)`.";
default = {};

4
pkgs/applications/audio/praat/default.nix
View File

@ -11,13 +11,13 @@
stdenv.mkDerivation (finalAttrs: {
pname = "praat";
version = "6.4.21";
version = "6.4.22";
src = fetchFromGitHub {
owner = "praat";
repo = "praat";
rev = "v${finalAttrs.version}";
hash = "sha256-2OeipesVdonv1XACbt9o99M9bxzxE0WQzCU2KWJmuzQ=";
hash = "sha256-bKWjazCCOIJm+VCAcnQGj3s0bbN4Ahx3RMNuLxZENXA=";
};
nativeBuildInputs = [

4
pkgs/applications/editors/openvi/default.nix
View File

@ -7,13 +7,13 @@
stdenv.mkDerivation rec {
pname = "openvi";
version = "7.5.29";
version = "7.6.30";
src = fetchFromGitHub {
owner = "johnsonjh";
repo = "OpenVi";
rev = version;
hash = "sha256-ukNgTtVrYkL7Bf7O7ERyQ9TOR8ss/EHCTMbzHi3tkG4=";
hash = "sha256-P4w/PM9UmHmTzS9+WDK3x3MyZ7OoY2yO/Rx0vRMJuLI=";
};
buildInputs = [ ncurses perl ];

4
pkgs/applications/misc/nwg-displays/default.nix
View File

@ -14,13 +14,13 @@
python310Packages.buildPythonApplication rec {
pname = "nwg-displays";
version = "0.3.21";
version = "0.3.22";
src = fetchFromGitHub {
owner = "nwg-piotr";
repo = "nwg-displays";
rev = "refs/tags/v${version}";
hash = "sha256-aVQSWvQTRdz5R9uEXU4CvveRaPdehcL7hrXwFoPCEyI=";
hash = "sha256-lTFei4NR8eu5/5V9MEc/k6qQYRRZkQ5m6B7Bx9xIS6c=";
};
nativeBuildInputs = [

6
pkgs/applications/networking/instant-messengers/ferdium/default.nix
View File

@ -6,14 +6,14 @@ let
aarch64-linux = "arm64";
}."${stdenv.hostPlatform.system}" or (throw "Unsupported system: ${stdenv.hostPlatform.system}");
hash = {
amd64-linux_hash = "sha256-gx8tDGb2yjwexChZGJ9RdVbgseDByFeW2ZR1RebjlO4=";
arm64-linux_hash = "sha256-/qv931J4ufKpAtj7KEqrN6klZ59ueHpbWJXsndBuD90=";
amd64-linux_hash = "sha256-5OW10sABNNYQNUgorM634j5oiBhJJby1ymH6UcmknRg=";
arm64-linux_hash = "sha256-zbO/8RU2SDV1h4gKdxKbvNFFSj6p3ybmPkpKsrup4No=";
}."${arch}-linux_hash";
in
mkFranzDerivation rec {
pname = "ferdium";
name = "Ferdium";
version = "6.7.6";
version = "6.7.7";
src = fetchurl {
url = "https://github.com/ferdium/ferdium-app/releases/download/v${version}/Ferdium-linux-${version}-${arch}.deb";
inherit hash;

4
pkgs/applications/networking/instant-messengers/telegram/telegram-desktop/default.nix
View File

@ -63,14 +63,14 @@ let
in
stdenv.mkDerivation (finalAttrs: {
pname = "telegram-desktop";
version = "5.5.5";
version = "5.6.1";
src = fetchFromGitHub {
owner = "telegramdesktop";
repo = "tdesktop";
rev = "v${finalAttrs.version}";
fetchSubmodules = true;
hash = "sha256-LWIOgyHp43bLN4RQtBKH2HitfVI6AKstPK5es2s+wVw=";
hash = "sha256-MMXaNJ9uadThBghOObt4KNP73Wd2rCnJJXSHkwEKFxw=";
};
patches = [

84
pkgs/applications/networking/nym/default.nix
View File

@ -1,84 +0,0 @@
{ stdenv
, lib
, rustPlatform
, fetchFromGitHub
, pkg-config
, openssl
, Security
, CoreServices
, nix-update-script
, rustc
}:
let
version = "1.1.21";
hash = "sha256-VM0Pc5qyrsn9wV3mfvrAlCfm/rIf3cednZzFtJCT+no=";
in
rustPlatform.buildRustPackage {
pname = "nym";
inherit version;
src = fetchFromGitHub {
owner = "nymtech";
repo = "nym";
rev = "nym-binaries-v${version}";
inherit hash;
};
cargoLock = {
lockFile = ./Cargo.lock;
outputHashes = {
"bls12_381-0.6.0" = "sha256-sIZy+CTASP+uiY10nP/N4WfCLjeqkjiNl/FzO0p5WdI=";
"cosmos-sdk-proto-0.12.3" = "sha256-ekQ9JA6WaTkvHkBKJbYPzfmx6I7LZnhIPiHsZFAP90w=";
"rocket_cors-0.5.2" = "sha256-hfk5gKtc94g+VZmm+S6HKvg+E71QVKQTK2E3K2MCvz0=";
"wasm-timer-0.2.5" = "sha256-od+r3ttFpFhcIh8rPQJQARaQLsbLeEZpCY1h9c4gow8=";
};
};
postPatch = ''
substituteInPlace contracts/vesting/build.rs \
--replace 'vergen(config).expect("failed to extract build metadata")' '()'
substituteInPlace common/bin-common/build.rs \
--replace 'vergen(config).expect("failed to extract build metadata")' '()'
'';
nativeBuildInputs = [ pkg-config ];
buildInputs = [ openssl ] ++ lib.optionals stdenv.hostPlatform.isDarwin [ Security CoreServices ];
checkType = "debug";
passthru.updateScript = nix-update-script { };
checkFlags = [
"--skip=commands::upgrade::upgrade_tests"
"--skip=allowed_hosts::filter::tests::creating_a_new_host_store"
"--skip=allowed_hosts::filter::tests::getting_the_domain_root"
"--skip=allowed_hosts::filter::tests::requests_to_allowed_hosts"
"--skip=allowed_hosts::filter::tests::requests_to_unknown_hosts"
"--skip=ping::http::tests::resolve_host_with_valid_hostname_returns_some"
];
env = {
VERGEN_BUILD_TIMESTAMP = "0";
VERGEN_BUILD_SEMVER = version;
VERGEN_GIT_SHA = hash;
VERGEN_GIT_COMMIT_TIMESTAMP = "0";
VERGEN_GIT_BRANCH = "master";
VERGEN_RUSTC_SEMVER = rustc.version;
VERGEN_RUSTC_CHANNEL = "stable";
VERGEN_CARGO_PROFILE = "release";
};
meta = with lib; {
description = "Mixnet providing IP-level privacy";
longDescription = ''
Nym routes IP packets through other participating nodes to hide their source and destination.
In contrast with Tor, it prevents timing attacks at the cost of latency.
'';
homepage = "https://nymtech.net";
license = licenses.asl20;
platforms = platforms.all;
};
}

4
pkgs/applications/window-managers/hyprwm/hyprland-protocols/default.nix
View File

@ -6,13 +6,13 @@
}:
stdenv.mkDerivation (finalAttrs: {
pname = "hyprland-protocols";
version = "0.3.0";
version = "0.4.0";
src = fetchFromGitHub {
owner = "hyprwm";
repo = "hyprland-protocols";
rev = "v${finalAttrs.version}";
hash = "sha256-HUklK5u86w2Yh9dOkk4FdsL8eehcOZ95jPhLixGDRQY=";
hash = "sha256-CnpsECzP1VvBx8aM/ptv3S7rykYqTeh63LgEMv7hBnU=";
};
nativeBuildInputs = [

4
pkgs/applications/window-managers/jwm/default.nix
View File

@ -28,13 +28,13 @@
stdenv.mkDerivation rec {
pname = "jwm";
version = "2.4.3";
version = "2.4.5";
src = fetchFromGitHub {
owner = "joewing";
repo = "jwm";
rev = "v${version}";
sha256 = "sha256-HPcNXf+frYbT8lr5vU5xpUnyjGpQ5rc2G14EjDwpk3c=";
sha256 = "sha256-T0N9UMu+BLRzVWshUB4apiq8H2t1y09n4P1cLT5K/N8=";
};
nativeBuildInputs = [

0
pkgs/development/compilers/blueprint/default.nix → pkgs/by-name/bl/blueprint-compiler/package.nix
View File

6
pkgs/by-name/c2/c2patool/package.nix
View File

@ -10,16 +10,16 @@
}:
rustPlatform.buildRustPackage rec {
pname = "c2patool";
version = "0.9.9";
version = "0.9.10";
src = fetchFromGitHub {
owner = "contentauth";
repo = pname;
rev = "v${version}";
hash = "sha256-OU1X8EB0IBABlXJklUUCOBhwbcnJNczzjnTl4e8/BYY=";
hash = "sha256-1q0s8fwhlD891AhS1Sr2JBHi69SUMdP2cYslM/yFh8o=";
};
cargoHash = "sha256-0/fdQ9l4vm5Zy8QEvftKqt5GqPn+BkntyJoRiSaSbmU=";
cargoHash = "sha256-4LfrafJd2W2HL/Q36lJ1zXw2CDLL79SLEuyKeFR9cUY=";
# use the non-vendored openssl
OPENSSL_NO_VENDOR = 1;

6
pkgs/by-name/ch/chirp/package.nix
View File

@ -10,13 +10,13 @@
python3.pkgs.buildPythonApplication rec {
pname = "chirp";
version = "0.4.0-unstable-2024-09-28";
version = "0.4.0-unstable-2024-10-03";
src = fetchFromGitHub {
owner = "kk7ds";
repo = "chirp";
rev = "c09d51c5b92995de266ef4d7f285b8d110c0bdc7";
hash = "sha256-ErIAqXexgKjpbnubekX9Gy0qAkUDhNil8PtEOcxYVdk=";
rev = "387d8f63535140779864e8973fbde0bad17f8512";
hash = "sha256-kJ2Cr2ks901GUVFscyCInsTSTM7g42NRYYxjTZsh1Lw=";
};
buildInputs = [
glib

0
pkgs/applications/misc/citations/default.nix → pkgs/by-name/ci/citations/package.nix
View File

35
pkgs/by-name/em/emplace/package.nix Normal file
View File

@ -0,0 +1,35 @@
{
lib,
rustPlatform,
fetchpatch,
fetchFromGitHub,
}:
rustPlatform.buildRustPackage rec {
pname = "emplace";
version = "1.6.0";
src = fetchFromGitHub {
owner = "tversteeg";
repo = "emplace";
rev = "refs/tags/v${version}";
sha256 = "sha256-FZ+lvf5HRSruUdmkm/Hqz0aRa95SjfIa43WQczRCGNg=";
};
cargoPatches = [
(fetchpatch {
url = "https://github.com/tversteeg/emplace/pull/397/commits/fe32ab280234b1fb1a81a22f78bbc8af188b5fa7.patch";
hash = "sha256-9O0J9cJlXUGdQ9fqWeW8OIFA48qlYxGl+2yHHt3MaMU=";
})
];
cargoHash = "sha256-0BYAJOHymBVAssNfU5nPYTSvPbLEDCKoRVovIm6evUQ=";
meta = {
description = "Mirror installed software on multiple machines";
homepage = "https://github.com/tversteeg/emplace";
license = lib.licenses.agpl3Plus;
maintainers = with lib.maintainers; [ Br1ght0ne ];
mainProgram = "emplace";
};
}

4
pkgs/by-name/fa/fabric-ai/package.nix
View File

@ -7,13 +7,13 @@
buildGoModule rec {
pname = "fabric-ai";
version = "1.4.46";
version = "1.4.54";
src = fetchFromGitHub {
owner = "danielmiessler";
repo = "fabric";
rev = "v${version}";
hash = "sha256-c25qnRgr7g8dIcHuRyqCmzGBqNR2wxvgjt7E6x8VsZA=";
hash = "sha256-93kOJLzCoJgj5kApQyzGOZOGDlz6G/aNO7bT7eAs5o8=";
};
vendorHash = "sha256-ef5fn3D0DcvluLIlwfZFGS/6bZgkduQhRXvjCrghBL8=";

4
pkgs/by-name/he/heptabase/package.nix
View File

@ -5,10 +5,10 @@
}:
let
pname = "heptabase";
version = "1.40.0";
version = "1.41.1";
src = fetchurl {
url = "https://github.com/heptameta/project-meta/releases/download/v${version}/Heptabase-${version}.AppImage";
hash = "sha256-EnGn3N8dJ7bx60eY8u1LxgQaLkU/RR+ANEG817XfaS0=";
hash = "sha256-MX5lKTSJFBhtUMPlefSWvVayFYt0ydZ7lToUDdDUsT4=";
};
appimageContents = appimageTools.extractType2 { inherit pname version src; };

6
pkgs/by-name/i3/i3bar-river/package.nix
View File

@ -7,16 +7,16 @@
rustPlatform.buildRustPackage rec {
pname = "i3bar-river";
version = "1.0.0";
version = "1.0.1";
src = fetchFromGitHub {
owner = "MaxVerevkin";
repo = "i3bar-river";
rev = "v${version}";
hash = "sha256-Xa/9xDfVadwFEelxoXVjvPgOojNtol6XeDoBbDLbdS0=";
hash = "sha256-nUS53qL0CM4MJNomsAwINee3Yv1f7jqUg8S3ecusFB8=";
};
cargoHash = "sha256-k4bWJjcOkYKh3WOnTM1+otWLw4C7sVzF6IVkYmpiNeQ=";
cargoHash = "sha256-QniAkaVvr7kaBJAgiL+k6im99m9ZNZVpZGlHgSkZZtw=";
nativeBuildInputs = [ pkg-config ];
buildInputs = [ pango ];

4
pkgs/by-name/ma/materialgram/package.nix
View File

@ -6,14 +6,14 @@
telegram-desktop.overrideAttrs (
finalAttrs: previousAttrs: {
pname = "materialgram";
version = "5.5.4.1";
version = "5.6.1.1";
src = fetchFromGitHub {
owner = "kukuruzka165";
repo = "materialgram";
rev = "refs/tags/v${finalAttrs.version}";
fetchSubmodules = true;
hash = "sha256-LfeIhnCQ/b3Z7F3jUEdutlbZjSQoGr+zXP3oBiqe3XY=";
hash = "sha256-e2ZLUooPMs0qB97BDyCiOUeD7cc+MuF5of65mEeJr04=";
};
meta = previousAttrs.meta // {

7020
pkgs/applications/networking/nym/Cargo.lock → pkgs/by-name/ny/nym/Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

79
pkgs/by-name/ny/nym/package.nix Normal file
View File

@ -0,0 +1,79 @@
{
stdenv,
lib,
rustPlatform,
fetchFromGitHub,
pkg-config,
openssl,
darwin,
nix-update-script,
rustc,
}:
rustPlatform.buildRustPackage rec {
pname = "nym";
version = "2024.10-caramello";
src = fetchFromGitHub {
owner = "nymtech";
repo = "nym";
rev = "nym-binaries-v${version}";
hash = "sha256-0vEvjVCbwyJ7lpvZnIT551Kul0JfkcNSeURbX2PUZ4w=";
};
cargoLock = {
lockFile = ./Cargo.lock;
outputHashes = {
"bls12_381-0.8.0" = "sha256-4+X/ZQ5Z+Nax4Ot1JWWvvLxuIUaucHkfnDB2L+Ak7Ro=";
"cosmos-sdk-proto-0.22.0-pre" = "sha256-nRfcAbjFcvAqool+6heYK8joiU5YaSWITnO6S5MRM1E=";
"indexed_db_futures-0.4.2" = "sha256-vVqrD40CBdSSEtU+kQeuZUfsgpJdl8ks+os0Fct8Ung=";
};
};
nativeBuildInputs = [
pkg-config
];
buildInputs =
[
openssl
]
++ lib.optionals stdenv.hostPlatform.isDarwin (
with darwin.apple_sdk.frameworks;
[
Security
SystemConfiguration
CoreServices
]
);
checkType = "debug";
passthru.updateScript = nix-update-script { };
env = {
VERGEN_BUILD_TIMESTAMP = "0";
VERGEN_BUILD_SEMVER = version;
VERGEN_GIT_COMMIT_TIMESTAMP = "0";
VERGEN_GIT_BRANCH = "master";
VERGEN_RUSTC_SEMVER = rustc.version;
VERGEN_RUSTC_CHANNEL = "stable";
VERGEN_CARGO_PROFILE = "release";
};
checkFlags = [
"--skip=ping::http::tests::resolve_host_with_valid_hostname_returns_some"
];
meta = {
description = "Mixnet providing IP-level privacy";
longDescription = ''
Nym routes IP packets through other participating nodes to hide their source and destination.
In contrast with Tor, it prevents timing attacks at the cost of latency.
'';
homepage = "https://nymtech.net";
license = lib.licenses.asl20;
platforms = lib.platforms.all;
maintainers = with lib.maintainers; [ bot-wxt1221 ];
};
}

8
pkgs/by-name/op/openscad-unstable/package.nix
View File

@ -43,12 +43,12 @@
# clang consume much less RAM than GCC
clangStdenv.mkDerivation rec {
pname = "openscad-unstable";
version = "2024-09-22";
version = "2024-10-06";
src = fetchFromGitHub {
owner = "openscad";
repo = "openscad";
rev = "1cf4e97ed488d606c823f107dcc361f218aa84ca";
hash = "sha256-5WzLAQnjH+4JjJhh9pCgY3j8+lyNPrtY9a104tzkglo=";
rev = "4e4543d85dfb19630ffe499b75828d48d246bd22";
hash = "sha256-k1RjXwjigQAVKUHeAJAyJxfCr8qNkCDFq9p78sudjgs=";
fetchSubmodules = true; # Only really need sanitizers-cmake and MCAD
};
@ -109,7 +109,7 @@ clangStdenv.mkDerivation rec {
"-DUSE_BUILTIN_OPENCSG=OFF"
"-DUSE_BUILTIN_MANIFOLD=OFF"
"-DOPENSCAD_VERSION=\"${builtins.replaceStrings ["-"] ["."] version}\""
"-DCMAKE_UNITY_BUILD=ON" # faster build
"-DCMAKE_UNITY_BUILD=OFF" # broken compile with unity
# IPO
"-DCMAKE_EXE_LINKER_FLAGS=-fuse-ld=lld"
"-DCMAKE_INTERPROCEDURAL_OPTIMIZATION=ON"

0
pkgs/applications/misc/raider/default.nix → pkgs/by-name/ra/raider/package.nix
View File

6
pkgs/by-name/ra/rainfrog/package.nix
View File

@ -7,7 +7,7 @@
stdenv,
}:
let
version = "0.2.6";
version = "0.2.7";
in
rustPlatform.buildRustPackage {
inherit version;
@ -17,10 +17,10 @@ rustPlatform.buildRustPackage {
owner = "achristmascarl";
repo = "rainfrog";
rev = "refs/tags/v${version}";
hash = "sha256-yY4F5Aw+duXknESjl6hoOUV3er84DkTtIBoX3humWxA=";
hash = "sha256-ey9ioPDeuNYw2+UBUgtE0C1wES3wecFDWd9CMeKBq4Q=";
};
cargoHash = "sha256-QMZUReWrOS0P+hxsV5c/eJxnwYX977+4oI7MPfz4dgg=";
cargoHash = "sha256-mc7Lgaf1seefVu+LafctJm4y8xjX3c1ApadeQMi3STE=";
buildInputs = lib.optionals stdenv.isDarwin (
with darwin.apple_sdk.frameworks;

4
pkgs/by-name/se/sesh/package.nix
View File

@ -5,13 +5,13 @@
}:
buildGoModule rec {
pname = "sesh";
version = "2.4.0";
version = "2.5.0";
src = fetchFromGitHub {
owner = "joshmedeski";
repo = "sesh";
rev = "v${version}";
hash = "sha256-62w4I49ahXC4IHy0i/V4tArCqrg2Rch6f+IM/YoFQh8=";
hash = "sha256-Z19JT2HPKGbzxexXC/lyplRGC98SdZIBmqFZOIjIPZE=";
};
vendorHash = "sha256-a45P6yt93l0CnL5mrOotQmE/1r0unjoToXqSJ+spimg=";

6
pkgs/by-name/sy/syndicate-server/package.nix
View File

@ -9,15 +9,15 @@
rustPlatform.buildRustPackage rec {
pname = "syndicate-server";
version = "0.46.0";
version = "0.48.0";
src = fetchFromGitea {
domain = "git.syndicate-lang.org";
owner = "syndicate-lang";
repo = "syndicate-rs";
rev = "${pname}-v${version}";
hash = "sha256-bTteZIlBSoQ1o5shgd9NeKVvEhZTyG3i2zbeVojWiO8=";
hash = "sha256-DVgFlJCqaTmQ7eL2LQ8rkIbvaEfwx+NDeXRA8qB+/Qo=";
};
cargoHash = "sha256-SIpdFXTk6MC/drjCLaaa49BbGsvCMNbPGCfTxAlCo9c=";
cargoHash = "sha256-eSzRKTUDkx0i2z5y5rm1A799CfLPqd+txpmbolqe+PQ=";
nativeBuildInputs = [
pkg-config
versionCheckHook

4
pkgs/by-name/tr/trealla/package.nix
View File

@ -23,13 +23,13 @@ assert lib.elem lineEditingLibrary [
];
stdenv.mkDerivation (finalAttrs: {
pname = "trealla";
version = "2.56.19";
version = "2.57.1";
src = fetchFromGitHub {
owner = "trealla-prolog";
repo = "trealla";
rev = "v${finalAttrs.version}";
hash = "sha256-B2IJU/dtPNUfDC3lFvS4J0zHf1hceoX9YEbyxVYgMt0=";
hash = "sha256-hn5BaJNIxGhY6KlHPyy6WaOVoPY+1yQ05z/7u/xqDsU=";
};
postPatch = ''

0
pkgs/development/tools/twitch-cli/application-name.patch → pkgs/by-name/tw/twitch-cli/application-name.patch
View File

0
pkgs/development/tools/twitch-cli/default.nix → pkgs/by-name/tw/twitch-cli/package.nix
View File

0
pkgs/applications/misc/webfontkitgenerator/default.nix → pkgs/by-name/we/webfontkitgenerator/package.nix
View File

4
pkgs/data/misc/wireless-regdb/default.nix
View File

@ -2,11 +2,11 @@
stdenvNoCC.mkDerivation rec {
pname = "wireless-regdb";
version = "2024.07.04";
version = "2024.10.07";
src = fetchurl {
url = "https://www.kernel.org/pub/software/network/${pname}/${pname}-${version}.tar.xz";
hash = "sha256-mDKhThviSr/3vjDe48mhr7X9/PR1oNkar+8Dn42F9es=";
hash = "sha256-928r15plPp+d1QVI2Z0DpKTrFX2gVt/ViS9APsKPs9U=";
};
dontBuild = true;

6
pkgs/development/compilers/llvm/default.nix
View File

@ -30,9 +30,9 @@ let
"18.1.8".officialRelease.sha256 = "sha256-iiZKMRo/WxJaBXct9GdAcAT3cz9d9pnAcO1mmR6oPNE=";
"19.1.1".officialRelease.sha256 = "sha256-xTo44+vH1Bz49fEl4bIpU3eIgQtFuBTGbgU7mzeY33s=";
"20.0.0-git".gitRelease = {
rev = "64f2bff12b8ac40c79004ffacf46a5294600d219";
rev-version = "20.0.0-unstable-2024-09-29";
sha256 = "sha256-BUlnks9rFjvKRIy7lWhOJQKKNVTewBiCFDbgyRBvuEw=";
rev = "0e8555d4dbfdfeddc01dc2ecf9a9b6e804f7b645";
rev-version = "20.0.0-unstable-2024-10-07";
sha256 = "sha256-Rn8TkTUJKGFZ7uM1RiFOHIDTfpwEhLDpDh1zxVtTYG8=";
};
} // llvmVersions;

2
pkgs/development/coq-modules/mathcomp-analysis/default.nix
View File

@ -9,6 +9,7 @@ let
repo = "analysis";
owner = "math-comp";
release."1.4.0".sha256 = "sha256-eDggeuEU0fMK7D5FbxvLkbAgpLw5lwL/Rl0eLXAnJeg=";
release."1.2.0".sha256 = "sha256-w6BivDM4dF4Iv4rUTy++2feweNtMAJxgGExPfYGhXxo=";
release."1.1.0".sha256 = "sha256-wl4kZf4mh9zbFfGcqaFEgWRyp0Bj511F505mYodpS6o=";
release."1.0.0".sha256 = "sha256-KiXyaWB4zQ3NuXadq4BSWfoN1cIo1xiLVSN6nW03tC4=";
@ -32,6 +33,7 @@ let
defaultVersion = let inherit (lib.versions) range; in
lib.switch [ coq.version mathcomp.version ] [
{ cases = [ (range "8.19" "8.20") (range "2.1.0" "2.2.0") ]; out = "1.4.0"; }
{ cases = [ (range "8.17" "8.20") (range "2.0.0" "2.2.0") ]; out = "1.1.0"; }
{ cases = [ (range "8.17" "8.19") (range "1.17.0" "1.19.0") ]; out = "0.7.0"; }
{ cases = [ (range "8.17" "8.18") (range "1.15.0" "1.18.0") ]; out = "0.6.7"; }

8
pkgs/development/coq-modules/mathcomp-infotheo/default.nix
View File

@ -1,4 +1,4 @@
{ coq, mkCoqDerivation, mathcomp-analysis, mathcomp-algebra-tactics, lib, version ? null }:
{ coq, mkCoqDerivation, mathcomp-analysis, mathcomp-algebra-tactics, interval, lib, version ? null }:
(mkCoqDerivation {
namePrefix = [ "coq" "mathcomp" ];
@ -7,11 +7,13 @@
inherit version;
defaultVersion = with lib.versions; lib.switch [ coq.version mathcomp-analysis.version] [
{ cases = [ (range "8.18" "8.19") (isGe "1.2") ]; out = "0.7.2"; }
{ cases = [ (range "8.17" "8.19") (isGe "1.0") ]; out = "0.7.1"; }
{ cases = [ (isGe "8.17") (range "0.6.6" "0.7.0") ]; out = "0.6.1"; }
{ cases = [ (range "8.17" "8.18") (range "0.6.0" "0.6.7") ]; out = "0.5.2"; }
{ cases = [ (range "8.15" "8.16") (range "0.5.4" "0.6.5") ]; out = "0.5.1"; }
] null;
release."0.7.2".sha256 = "sha256-dekrdVmuTcqXXmKhIb831EKtMhbPrXHJZhzmGb9rdRo=";
release."0.7.1".sha256 = "sha256-/4Elb35SmscG6EjEcHYDo+AmWrpBUlygZL0WhaD+fcY=";
release."0.6.1".sha256 = "sha256-tFB5lrwRPIlHkP+ebgcJwu03Cc9yVaOINOAo8Bf2LT4=";
release."0.5.1".sha256 = "sha256-yBBl5l+V+dggsg5KM59Yo9CULKog/xxE8vrW+ZRnX7Y=";
@ -25,5 +27,7 @@
};
}).overrideAttrs (o: {
propagatedBuildInputs = o.propagatedBuildInputs
++ lib.optional (lib.versions.isGe "0.6.1" o.version || o.version == "dev") mathcomp-algebra-tactics;
++ lib.optional (lib.versions.isGe "0.6.1" o.version || o.version == "dev") mathcomp-algebra-tactics
++ lib.optional (lib.versions.isGe "0.7.2" o.version || o.version == "dev") interval
;
})

6
pkgs/development/interpreters/lune/default.nix
View File

@ -12,17 +12,17 @@ let
in
rustPlatform.buildRustPackage rec {
pname = "lune";
version = "0.8.8";
version = "0.8.9";
src = fetchFromGitHub {
owner = "filiptibell";
repo = "lune";
rev = "v${version}";
hash = "sha256-/+a1gJ1rGrmKCcVqLs1YgzE43RpIitYeN2Woo4V+snQ=";
hash = "sha256-KZt3w+nhJjz3ZLtLzJz0zpFTwQ28OmFWnCsLbo36Ryc=";
fetchSubmodules = true;
};
cargoHash = "sha256-ScM2eAqmBFjiZ3azm0O+YcnxOdCC8mlQrQde4vKMeTQ=";
cargoHash = "sha256-yTpklksOV+AFuW3Bc0L6sbAiJsQ+mseF1yz37FcWt1k=";
nativeBuildInputs = [
pkg-config

4
pkgs/development/python-modules/boschshcpy/default.nix
View File

@ -12,7 +12,7 @@
buildPythonPackage rec {
pname = "boschshcpy";
version = "0.2.91";
version = "0.2.95";
pyproject = true;
disabled = pythonOlder "3.10";
@ -21,7 +21,7 @@ buildPythonPackage rec {
owner = "tschamm";
repo = "boschshcpy";
rev = "refs/tags/${version}";
hash = "sha256-lQDYJrla2iDk1MbLHjBGP3ZcZ1djD3bWhz15RaBFMgg=";
hash = "sha256-5kPC6UxqysJEHNWDoXhg7oo/hQSKICuqWmOdjlljoLs=";
};
nativeBuildInputs = [ setuptools ];

89
pkgs/development/python-modules/cgal/default.nix Normal file
View File

@ -0,0 +1,89 @@
{
lib,
stdenv,
python,
buildPythonPackage,
fetchFromGitHub,
setuptools,
boost,
cgal,
cmake,
gmp,
tbb,
LAStools,
eigen,
mpfr,
numpy,
swig,
zlib,
withLAS ? false, # unfree
}:
buildPythonPackage rec {
pname = "cgal";
version = "5.6.1.post202403291426";
pyproject = true;
src = fetchFromGitHub {
owner = "CGAL";
repo = "cgal-swig-bindings";
rev = "v${version}";
hash = "sha256-EcvS1TWL3uGCE1G8Lbfiu/AzifMdUSei+z91bzkiKes=";
};
dontUseCmakeConfigure = true;
build-system = [
setuptools
cmake
swig
];
buildInputs =
[
cgal
gmp
mpfr
boost
zlib
tbb
eigen
]
++ lib.optionals withLAS [
LAStools
];
dependencies = [
numpy
];
pythonImportsCheck = [ "CGAL" ];
postFixup = lib.optionalString stdenv.hostPlatform.isElf ''
mv $out/${python.sitePackages}/{lib,CGAL/_lib}
for file in $out/${python.sitePackages}/CGAL/_*.so; do
patchelf "$file" --add-rpath $out/${python.sitePackages}/CGAL/_lib
done
'';
checkPhase = ''
runHook preCheck
(cd examples/python/
bash ./test.sh
cat error.txt
if grep -qi ' run error$' <error.txt; then
false
fi
)
runHook postCheck
'';
meta = {
description = "CGAL bindings using SWIG";
homepage = "https://github.com/CGAL/cgal-swig-bindings";
license = lib.licenses.gpl3Plus;
maintainers = with lib.maintainers; [ pbsds ];
# error: no template named 'unary_function' in namespace 'boost::functional::detail'
broken = stdenv.hostPlatform.isDarwin;
};
}

80
pkgs/development/python-modules/deepface/default.nix Normal file
View File

@ -0,0 +1,80 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
fire,
flask,
flask-cors,
gdown,
gunicorn,
mtcnn,
numpy,
opencv4,
pandas,
pillow,
pythonOlder,
requests,
retinaface,
setuptools,
tensorflow,
tqdm,
}:
buildPythonPackage rec {
pname = "deepface";
version = "0.0.92";
pyproject = true;
disabled = pythonOlder "3.7";
src = fetchFromGitHub {
owner = "serengil";
repo = "deepface";
rev = "refs/tags/v${version}";
hash = "sha256-Vjm8lfpGyJ7/1CUwIvxXxHqwmv0+iKewYV3vE08gpPQ=";
};
postPatch = ''
# prevent collisions
substituteInPlace setup.py \
--replace-fail "data_files=[(\"\", [\"README.md\", \"requirements.txt\", \"package_info.json\"])]," "" \
--replace-fail "install_requires=requirements," ""
substituteInPlace deepface/detectors/OpenCv.py \
--replace-fail "opencv_home = cv2.__file__" "opencv_home = os.readlink(cv2.__file__)" \
--replace-fail "folders = opencv_home.split(os.path.sep)[0:-1]" "folders = opencv_home.split(os.path.sep)[0:-4]" \
--replace-fail "return path + \"/data/\"" "return path + \"/share/opencv4/haarcascades/\""
'';
build-system = [ setuptools ];
dependencies = [
fire
flask
flask-cors
gdown
gunicorn
mtcnn
numpy
opencv4
pandas
pillow
requests
retinaface
tensorflow
tqdm
];
# requires internet connection
doCheck = false;
pythonImportsCheck = [ "deepface" ];
meta = {
description = "Lightweight Face Recognition and Facial Attribute Analysis (Age, Gender, Emotion and Race) Library for Python";
homepage = "https://github.com/serengil/deepface";
changelog = "https://github.com/serengil/deepface/releases/tag/v${version}";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ derdennisop ];
};
}

4
pkgs/development/python-modules/holidays/default.nix
View File

@ -14,7 +14,7 @@
buildPythonPackage rec {
pname = "holidays";
version = "0.57";
version = "0.58";
pyproject = true;
disabled = pythonOlder "3.8";
@ -23,7 +23,7 @@ buildPythonPackage rec {
owner = "vacanza";
repo = "python-holidays";
rev = "refs/tags/v${version}";
hash = "sha256-/aijcDD0gzg217NuD7A9qdgArek1fHWjb2SfA2H4gww=";
hash = "sha256-qsBKUdYZLSxWAGExydOO37IWqEOrYdlRnE/MJmz7Nr8=";
};
build-system = [

173
pkgs/development/python-modules/ifcopenshell/default.nix
View File

@ -1,67 +1,196 @@
{
lib,
stdenv,
testers,
buildPythonPackage,
pythonOlder,
python,
pytestCheckHook,
# fetchers
fetchFromGitHub,
gcc10,
gitUpdater,
# build tools
cmake,
boost179,
icu,
swig,
pcre,
# native dependencies
eigen,
boost179,
cgal,
gmp,
hdf5,
icu,
libaec,
libxml2,
mpfr,
nlohmann_json,
opencascade-occt_7_6,
opencollada,
libxml2,
pcre,
zlib,
# python deps
## tools
setuptools,
build,
pytest,
## dependencies
isodate,
lark,
numpy,
python-dateutil,
shapely,
typing-extensions,
## additional deps for tests
lxml,
mathutils,
networkx,
tabulate,
xmlschema,
xsdata,
}:
let
opencascade-occt = opencascade-occt_7_6;
in
buildPythonPackage rec {
pname = "ifcopenshell";
version = "240611";
format = "other";
version = "0.7.10";
pyproject = false;
src = fetchFromGitHub {
owner = "IfcOpenShell";
repo = "IfcOpenShell";
rev = "refs/tags/blenderbim-${version}";
rev = "refs/tags/ifcopenshell-python-${version}";
fetchSubmodules = true;
hash = "sha256-fCgxSambC01qb14EoZTrVxNNw8H3nX8oMi6gk0O/HmQ=";
hash = "sha256-cRzv07T5VN5aTjMtAlLGbvI3c4SL0lfzCn/W6f/vdBY=";
};
nativeBuildInputs = [
gcc10
# c++
cmake
swig
# python
build
setuptools
];
buildInputs = [
# ifcopenshell needs stdc++
stdenv.cc.cc.lib
boost179
cgal
eigen
gmp
hdf5
icu
pcre
libaec
libxml2
mpfr
nlohmann_json
opencascade-occt
opencollada
pcre
];
propagatedBuildInputs = [
isodate
lark
numpy
python-dateutil
shapely
typing-extensions
];
# list taken from .github/workflows/ci.yml:49
nativeCheckInputs = [
lxml
mathutils
networkx
pytest
tabulate
xmlschema
xsdata
pytestCheckHook
];
pythonImportsCheck = [ "ifcopenshell" ];
PYTHONUSERBASE = ".";
# We still build with python to generate ifcopenshell_wrapper.py and ifcopenshell_wrapper.so
cmakeFlags = [
"-DUSERSPACE_PYTHON_PREFIX=ON"
"-DBUILD_SHARED_LIBS=ON"
"-DBUILD_IFCPYTHON=ON"
"-DCITYJSON_SUPPORT=OFF"
"-DEIGEN_DIR=${eigen}/include/eigen3"
"-DJSON_INCLUDE_DIR=${nlohmann_json}/include/"
"-DOCC_INCLUDE_DIR=${opencascade-occt}/include/opencascade"
"-DOCC_LIBRARY_DIR=${lib.getLib opencascade-occt}/lib"
"-DOPENCOLLADA_INCLUDE_DIR=${opencollada}/include/opencollada"
"-DOPENCOLLADA_LIBRARY_DIR=${lib.getLib opencollada}/lib/opencollada"
"-DSWIG_EXECUTABLE=${swig}/bin/swig"
"-DLIBXML2_INCLUDE_DIR=${libxml2.dev}/include/libxml2"
"-DLIBXML2_LIBRARIES=${lib.getLib libxml2}/lib/libxml2${stdenv.hostPlatform.extensions.sharedLibrary}"
"-DGMP_LIBRARY_DIR=${lib.getLib gmp}/lib/"
"-DMPFR_LIBRARY_DIR=${lib.getLib mpfr}/lib/"
# HDF5 support is currently not optional, see https://github.com/IfcOpenShell/IfcOpenShell/issues/1815
"-DHDF5_SUPPORT=ON"
"-DHDF5_INCLUDE_DIR=${hdf5.dev}/include/"
"-DHDF5_LIBRARIES=${lib.getLib hdf5}/lib/libhdf5_cpp.so;${lib.getLib hdf5}/lib/libhdf5.so;${lib.getLib zlib}/lib/libz.so;${lib.getLib libaec}/lib/libaec.so;"
];
postPatch = ''
pushd src/ifcopenshell-python
# The build process is here: https://github.com/IfcOpenShell/IfcOpenShell/blob/v0.8.0/src/ifcopenshell-python/Makefile#L131
# NOTE: it has changed a *lot* between 0.7.0 and 0.8.0, it *may* change again (look for mathutils and basically all the things this Makefile does manually)
substituteInPlace pyproject.toml --replace-fail "0.0.0" "${version}"
# NOTE: the following is directly inspired by https://github.com/IfcOpenShell/IfcOpenShell/blob/v0.8.0/src/ifcopenshell-python/Makefile#L123
cp ../../README.md README.md
popd
'';
preConfigure = ''
cd cmake
'';
PYTHONUSERBASE = ".";
cmakeFlags = [
"-DUSERSPACE_PYTHON_PREFIX=ON"
"-DOCC_INCLUDE_DIR=${opencascade-occt}/include/opencascade"
"-DOCC_LIBRARY_DIR=${opencascade-occt}/lib"
"-DOPENCOLLADA_INCLUDE_DIR=${opencollada}/include/opencollada"
"-DOPENCOLLADA_LIBRARY_DIR=${opencollada}/lib/opencollada"
"-DSWIG_EXECUTABLE=${swig}/bin/swig"
"-DLIBXML2_INCLUDE_DIR=${libxml2.dev}/include/libxml2"
"-DLIBXML2_LIBRARIES=${libxml2.out}/lib/libxml2${stdenv.hostPlatform.extensions.sharedLibrary}"
preCheck = ''
pushd ../../src/ifcopenshell-python
# let's test like done in .github/workflows/ci.yml
# installing the python wrapper and the .so, both are needed to be able to test
cp -v $out/${python.sitePackages}/ifcopenshell/ifcopenshell_wrapper.py ./ifcopenshell
cp $out/${python.sitePackages}/ifcopenshell/_ifcopenshell_wrapper.cpython-${
lib.versions.major python.version + lib.versions.minor python.version
}-${stdenv.targetPlatform.system}-gnu.so ./ifcopenshell
pushd ../../test
PYTHONPATH=../src/ifcopenshell-python/ python tests.py
popd
'';
pytestFlagsArray = [
"-p no:pytest-blender"
];
disabledTestPaths = [
"test/test_open.py"
];
postCheck = ''
popd
'';
passthru = {
updateScript = gitUpdater { rev-prefix = "ifcopenshell-python-"; };
tests = {
version = testers.testVersion { command = "IfcConvert --version"; };
};
};
meta = with lib; {
broken = stdenv.hostPlatform.isDarwin;
description = "Open source IFC library and geometry engine";
homepage = "http://ifcopenshell.org/";
license = licenses.lgpl3;
maintainers = with maintainers; [ fehnomenal ];
maintainers = with maintainers; [ autra ];
};
}

4
pkgs/development/python-modules/llama-cloud/default.nix
View File

@ -10,7 +10,7 @@
buildPythonPackage rec {
pname = "llama-cloud";
version = "0.0.17";
version = "0.1.2";
pyproject = true;
disabled = pythonOlder "3.8";
@ -18,7 +18,7 @@ buildPythonPackage rec {
src = fetchPypi {
pname = "llama_cloud";
inherit version;
hash = "sha256-f9aFe7u5GTdTVXLMtI2qOBifVc3XQRGF2Ag9qym6Epk=";
hash = "sha256-fIB0fpp/MtS3OcLV1K3XNR+DbZLmM9asA/pAGJbTMJc=";
};
build-system = [ poetry-core ];

4
pkgs/development/python-modules/llama-index-core/default.nix
View File

@ -35,7 +35,7 @@
buildPythonPackage rec {
pname = "llama-index-core";
version = "0.11.14";
version = "0.11.16";
pyproject = true;
disabled = pythonOlder "3.8";
@ -44,7 +44,7 @@ buildPythonPackage rec {
owner = "run-llama";
repo = "llama_index";
rev = "refs/tags/v${version}";
hash = "sha256-mkABEjyZb8ONS1BaETbL47sDHo/BOD7G+fJGO0MQyd0=";
hash = "sha256-t4hQMlORpdWXkbKQhVSxD/pdxFtu+sJ4FQQxIXLoH94=";
};
sourceRoot = "${src.name}/${pname}";

4
pkgs/development/python-modules/llama-index-embeddings-gemini/default.nix
View File

@ -10,7 +10,7 @@
buildPythonPackage rec {
pname = "llama-index-embeddings-gemini";
version = "0.2.0";
version = "0.2.1";
pyproject = true;
disabled = pythonOlder "3.9";
@ -18,7 +18,7 @@ buildPythonPackage rec {
src = fetchPypi {
pname = "llama_index_embeddings_gemini";
inherit version;
hash = "sha256-7ftu+Gh8Ar9+yrFkUldlAvUfVtAw+xzrmyzqr7TeQdc=";
hash = "sha256-TA3dm1+NZ0Km9Li9cswzm5fusVYXTRqA9W3U4OgT92I=";
};
pythonRelaxDeps = [ "google-generativeai" ];

4
pkgs/development/python-modules/llama-index-llms-openai/default.nix
View File

@ -10,7 +10,7 @@
buildPythonPackage rec {
pname = "llama-index-llms-openai";
version = "0.2.9";
version = "0.2.12";
pyproject = true;
disabled = pythonOlder "3.8";
@ -18,7 +18,7 @@ buildPythonPackage rec {
src = fetchPypi {
pname = "llama_index_llms_openai";
inherit version;
hash = "sha256-VjdvOeOkAlO1xPuQ0Ptq8JPyG7KTWSVhXwwooo0CgYc=";
hash = "sha256-RyG8GnZcyfiWuSgku07RTyicGfwVdlpmgJB4slY6dBE=";
};
pythonRemoveDeps = [

4
pkgs/development/python-modules/llama-index-multi-modal-llms-openai/default.nix
View File

@ -10,7 +10,7 @@
buildPythonPackage rec {
pname = "llama-index-multi-modal-llms-openai";
version = "0.2.1";
version = "0.2.2";
pyproject = true;
disabled = pythonOlder "3.8";
@ -18,7 +18,7 @@ buildPythonPackage rec {
src = fetchPypi {
pname = "llama_index_multi_modal_llms_openai";
inherit version;
hash = "sha256-G1vmkdX6KGH9S1oHGIPclNgts+HH/2hthN2EBIo1THs=";
hash = "sha256-xyBc/Zoj4iAdtSfKP4+l70+yYKtsmxXnkWNjCpFu4Vk=";
};
build-system = [ poetry-core ];

4
pkgs/development/python-modules/llama-parse/default.nix
View File

@ -9,7 +9,7 @@
buildPythonPackage rec {
pname = "llama-parse";
version = "0.5.6";
version = "0.5.7";
pyproject = true;
disabled = pythonOlder "3.8";
@ -17,7 +17,7 @@ buildPythonPackage rec {
src = fetchPypi {
pname = "llama_parse";
inherit version;
hash = "sha256-PHTaEkbJvdYdY7f8ISBA6i29IY1H/JhqGOOXTmRZG4A=";
hash = "sha256-sqKdvOMrmTQvuULRwhCr7w7qV99vJmZimQOe96kx/v8=";
};
build-system = [ poetry-core ];

4
pkgs/development/python-modules/mailchecker/default.nix
View File

@ -8,14 +8,14 @@
buildPythonPackage rec {
pname = "mailchecker";
version = "6.0.9";
version = "6.0.11";
pyproject = true;
disabled = pythonOlder "3.7";
src = fetchPypi {
inherit pname version;
hash = "sha256-8X6Qf/5vb67cJD9X6wyclR9h3smvjpaSLB3NCTOJuI0=";
hash = "sha256-vySQ4mo6msOFdgg44/zHMhpr4ZgP2tV0bQe2OgZHmqI=";
};
build-system = [ setuptools ];

53
pkgs/development/python-modules/mtcnn/default.nix Normal file
View File

@ -0,0 +1,53 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
opencv4,
pytestCheckHook,
pythonOlder,
setuptools,
tensorflow,
}:
buildPythonPackage {
pname = "mtcnn";
version = "0.1.1";
pyproject = true;
disabled = pythonOlder "3.7";
src = fetchFromGitHub {
owner = "ipazc";
repo = "mtcnn";
# No tags / releases; using commit: https://github.com/ipazc/mtcnn/commit/3208d443a8f01d317c65d7c97a03bc0a6143c41d
rev = "3208d443a8f01d317c65d7c97a03bc0a6143c41d";
hash = "sha256-GXUrLJ5XD6V2hT/gjyYSuh/CMMw2xIXKBsYFvQmbLYs=";
};
postPatch = ''
substituteInPlace setup.py \
--replace-fail "setup, setuptools" "setup, find_packages"\
--replace-fail "setuptools.find_packages" "find_packages"\
--replace-fail "opencv-python>=4.1.0" ""\
--replace-fail "keras>=2.0.0" ""\
--replace-fail "tests_require=['nose']," ""
'';
build-system = [ setuptools ];
dependencies = [
opencv4
tensorflow
];
pythonImportsCheck = [ "mtcnn" ];
nativeCheckInputs = [ pytestCheckHook ];
meta = {
description = "MTCNN face detection implementation for TensorFlow";
homepage = "https://github.com/ipazc/mtcnn";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ derdennisop ];
};
}

4
pkgs/development/python-modules/pyeconet/default.nix
View File

@ -10,7 +10,7 @@
buildPythonPackage rec {
pname = "pyeconet";
version = "0.1.22";
version = "0.1.23";
format = "pyproject";
disabled = pythonOlder "3.7";
@ -19,7 +19,7 @@ buildPythonPackage rec {
owner = "w1ll1am23";
repo = pname;
rev = "refs/tags/v${version}";
hash = "sha256-R6PA/i35vo253J4yowe2fPRZEqStAqmm98k81KDHLQk=";
hash = "sha256-zpaKUEg78vzvuTtVauCUUt0U92NXVyNhEfgKVrRzdnM=";
};
nativeBuildInputs = [ setuptools ];

4
pkgs/development/python-modules/pysml/default.nix
View File

@ -12,7 +12,7 @@
buildPythonPackage rec {
pname = "pysml";
version = "0.1.3";
version = "0.1.4";
pyproject = true;
disabled = pythonOlder "3.7";
@ -21,7 +21,7 @@ buildPythonPackage rec {
owner = "mtdcr";
repo = "pysml";
rev = "refs/tags/${version}";
hash = "sha256-LmybrMHHWsLd6Y2xMqJ8g65SQCsysBGxeL43qouo3SM=";
hash = "sha256-G4t0cHbJWMmDODeldj064SlKGagOfUnnRiGRwLu1bF0=";
};
build-system = [ poetry-core ];

4
pkgs/development/python-modules/python-hcl2/default.nix
View File

@ -11,14 +11,14 @@
buildPythonPackage rec {
pname = "python-hcl2";
version = "4.3.5";
version = "5.0.0";
pyproject = true;
src = fetchFromGitHub {
owner = "amplify-education";
repo = "python-hcl2";
rev = "refs/tags/v${version}";
hash = "sha256-Pz1FS1g0OYSThpxFcs6UCOAzGnF4kOuRwhx2KIl9sv4=";
hash = "sha256-aUPjW3yQci5aG85qIRHPiKiX01cFw8jWKJY5RuRATvQ=";
};
disabled = pythonOlder "3.7";

14
pkgs/development/python-modules/rapidfuzz/default.nix
View File

@ -7,7 +7,7 @@
cmake,
cython,
ninja,
scikit-build,
scikit-build-core,
setuptools,
numpy,
hypothesis,
@ -19,21 +19,20 @@
buildPythonPackage rec {
pname = "rapidfuzz";
version = "3.9.7";
version = "3.10.0";
pyproject = true;
disabled = pythonOlder "3.8";
disabled = pythonOlder "3.9";
src = fetchFromGitHub {
owner = "maxbachmann";
repo = "RapidFuzz";
rev = "refs/tags/v${version}";
hash = "sha256-hyjzY9ogroUa4nGSG8HOyr5FxifX9d7Hf8ezKq6zxVk=";
hash = "sha256-hLYidU09nCSOi42zgSh7dW83glxIjFY4C6BTmy/sf60=";
};
postPatch = ''
substituteInPlace pyproject.toml \
--replace-fail "scikit-build~=0.18.0" "scikit-build" \
--replace-fail "Cython >=3.0.11, <3.1.0" "Cython"
'';
@ -41,8 +40,7 @@ buildPythonPackage rec {
cmake
cython
ninja
scikit-build
setuptools
scikit-build-core
];
dontUseCmakeConfigure = true;
@ -61,7 +59,7 @@ buildPythonPackage rec {
'';
optional-dependencies = {
full = [ numpy ];
all = [ numpy ];
};
preCheck = ''

64
pkgs/development/python-modules/retinaface/default.nix Normal file
View File

@ -0,0 +1,64 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
gdown,
numpy,
opencv4,
pillow,
pytestCheckHook,
pythonOlder,
setuptools,
tensorflow,
}:
buildPythonPackage rec {
pname = "retinaface";
version = "0.0.17";
pyproject = true;
disabled = pythonOlder "3.7";
src = fetchFromGitHub {
owner = "serengil";
repo = "retinaface";
rev = "refs/tags/v${version}";
hash = "sha256-0s1CSGlK2bF1F2V/IuG2ZqD7CkNfHGvp1M5C3zDnuKs=";
};
postPatch = ''
# prevent collisions
substituteInPlace setup.py \
--replace-fail "data_files=[(\"\", [\"README.md\", \"requirements.txt\", \"package_info.json\"])]," "" \
--replace-fail "install_requires=requirements," ""
'';
# requires internet connection
disabledTestPaths = [
"tests/test_actions.py"
"tests/test_align_first.py"
"tests/test_expand_face_area.py"
];
build-system = [ setuptools ];
dependencies = [
gdown
numpy
opencv4
pillow
tensorflow
];
nativeCheckInputs = [ pytestCheckHook ];
pythonImportsCheck = [ "retinaface" ];
meta = {
description = "Deep Face Detection Library for Python";
homepage = "https://github.com/serengil/retinaface";
changelog = "https://github.com/serengil/retinaface/releases/tag/v${version}";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ derdennisop ];
};
}

6
pkgs/development/python-modules/scikit-build-core/default.nix
View File

@ -30,14 +30,14 @@
buildPythonPackage rec {
pname = "scikit-build-core";
version = "0.10.5";
version = "0.10.7";
pyproject = true;
src = fetchFromGitHub {
owner = "scikit-build";
repo = "scikit-build-core";
rev = "refs/tags/v${version}";
hash = "sha256-hpwXEWPofgMT4ua2tZI1mtGbaBkT2XPBd6QL8xTi1A0=";
hash = "sha256-R6/Y9brIYBA1P3YeG8zGaoPcxWFUDqZlqbZpWu3MIIw=";
};
postPatch = lib.optionalString (pythonOlder "3.11") ''
@ -89,7 +89,7 @@ buildPythonPackage rec {
meta = with lib; {
description = "Next generation Python CMake adaptor and Python API for plugins";
homepage = "https://github.com/scikit-build/scikit-build-core";
changelog = "https://github.com/scikit-build/scikit-build-core/releases/tag/v${version}";
changelog = "https://github.com/scikit-build/scikit-build-core/blob/${src.rev}/docs/changelog.md";
license = with licenses; [ asl20 ];
maintainers = with maintainers; [ veprbl ];
};

2
pkgs/development/python-modules/sshfs/default.nix
View File

@ -42,7 +42,7 @@ buildPythonPackage rec {
gssapi = [ asyncssh ] ++ asyncssh.optional-dependencies.gssapi;
libnacl = [ asyncssh ] ++ asyncssh.optional-dependencies.libnacl;
pkcs11 = [ asyncssh ] ++ asyncssh.optional-dependencies.pkcs11;
pyopenssl = [ asyncssh ] ++ asyncssh.optional-dependencies.pyopenssl;
pyopenssl = [ asyncssh ] ++ asyncssh.optional-dependencies.pyOpenSSL;
};
__darwinAllowLocalNetworking = true;

4
pkgs/development/tools/bazel-gazelle/default.nix
View File

@ -5,13 +5,13 @@
buildGoModule rec {
pname = "bazel-gazelle";
version = "0.38.0";
version = "0.39.0";
src = fetchFromGitHub {
owner = "bazelbuild";
repo = pname;
rev = "v${version}";
hash = "sha256-0FOKLBu1eZMK1nXOmXN4achrZgNUqzzcuC6sH0RLtbc=";
hash = "sha256-T1Kd6C0eDvogFjeDuCMp/EjetblQ1Hjww+C4dUGNq3E=";
};
vendorHash = null;

6
pkgs/development/tools/build-managers/moon/default.nix
View File

@ -9,16 +9,16 @@
rustPlatform.buildRustPackage rec {
pname = "moon";
version = "1.28.3";
version = "1.29.0";
src = fetchFromGitHub {
owner = "moonrepo";
repo = pname;
rev = "v${version}";
hash = "sha256-X7O5F/gIkj0EOTMat6koKmCba2V/UiIUq0O46gNiCp8=";
hash = "sha256-s0JwqEso1Mum+fMTg2rn58oxoSqraQ0iEnsRpgMmtVU=";
};
cargoHash = "sha256-I4QLlvN1F4Ptq43A0KpRCnSIxavsvLGnkbJzbiTxjm4=";
cargoHash = "sha256-5WFB2+dWm0q+Ui7rpVlvVrmCHoc4v5x5QNEbDpANkhA=";
env = {
RUSTFLAGS = "-C strip=symbols";

4
pkgs/development/tools/micronaut/default.nix
View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "micronaut";
version = "4.6.2";
version = "4.6.3";
src = fetchzip {
url = "https://github.com/micronaut-projects/micronaut-starter/releases/download/v${version}/micronaut-cli-${version}.zip";
sha256 = "sha256-y+/qdZ9Kl6rVoziss+UipkU4/QSqZuD7J3efWdWNfl8=";
sha256 = "sha256-3bOGun+IjRWW3KeaXJIKh0/20RpqhARCgJQysrZhNf4=";
};
nativeBuildInputs = [ makeWrapper installShellFiles ];

6
pkgs/development/tools/viceroy/default.nix
View File

@ -2,18 +2,18 @@
rustPlatform.buildRustPackage rec {
pname = "viceroy";
version = "0.12.0";
version = "0.12.1";
src = fetchFromGitHub {
owner = "fastly";
repo = pname;
rev = "v${version}";
hash = "sha256-0jED0Ju7ojqDxfEjZKmWuCfGR830/gJF5p+QtcVajIY=";
hash = "sha256-VzeHebbeqW+Tn1ZEiJRdfxJlWLg9Gf5+5dAaqPoTtP0=";
};
buildInputs = lib.optional stdenv.hostPlatform.isDarwin Security;
cargoHash = "sha256-rSZe/MrJlbB0oaAsKg38mEnS3pqe9Rk4/aoRuLlOUFc=";
cargoHash = "sha256-WQzY4fh+plyJCBkJJ/4kgUZ8bEWzL5CVGX67LTu4rnI=";
cargoTestFlags = [
"--package viceroy-lib"

45
pkgs/servers/monitoring/nagios-plugins/check_esxi_hardware/default.nix Normal file
View File

@ -0,0 +1,45 @@
{
lib,
fetchFromGitHub,
python3Packages,
}:
python3Packages.buildPythonApplication rec {
pname = "check-esxi-hardware";
version = "20221230";
format = "other";
src = fetchFromGitHub {
owner = "Napsty";
repo = "check_esxi_hardware";
rev = "refs/tags/${version}";
hash = "sha256-u0LklUrzj92mzSzD61C/lxA37bx6nWlRzE1+1fcTL14=";
};
dontBuild = true;
dependencies = with python3Packages; [
pywbem
requests
setuptools
];
doCheck = false;
installPhase = ''
runHook preInstall
install -Dm755 check_esxi_hardware.py $out/bin/check_esxi_hardware
install -Dm644 -t $out/share/doc/${pname} README.md
runHook postInstall
'';
meta = {
homepage = "https://github.com/Napsty/check_esxi_hardware";
changelog = "https://github.com/Napsty/check_esxi_hardware/releases/tag/${version}";
license = lib.licenses.gpl2Plus;
mainProgram = "check_esxi_hardware";
maintainers = with lib.maintainers; [ peterhoeg ];
};
}

12
pkgs/servers/monitoring/plugins/openvpn.nix → pkgs/servers/monitoring/nagios-plugins/check_openvpn/default.nix
View File

@ -1,4 +1,8 @@
{ lib, fetchFromGitHub, python3Packages }:
{
lib,
fetchFromGitHub,
python3Packages,
}:
python3Packages.buildPythonApplication rec {
pname = "check-openvpn";
@ -14,10 +18,10 @@ python3Packages.buildPythonApplication rec {
# no tests
doCheck = false;
meta = with lib; {
meta = {
description = "Nagios/icinga/sensu check plugin for OpenVPN";
license = lib.licenses.mit;
mainProgram = "check_openvpn";
license = licenses.mit;
maintainers = with maintainers; [ peterhoeg ];
maintainers = with lib.maintainers; [ peterhoeg ];
};
}

27
pkgs/servers/monitoring/nagios/plugins/smartmon.nix → pkgs/servers/monitoring/nagios-plugins/check_smartmon/default.nix
View File

@ -1,18 +1,19 @@
{ lib
, stdenv
, fetchFromGitHub
, python3
, smartmontools
{
fetchFromGitHub,
lib,
python3,
smartmontools,
stdenv,
}:
stdenv.mkDerivation rec {
pname = "check_smartmon";
pname = "check-smartmon";
version = "1.0.1";
src = fetchFromGitHub {
owner = "driehuis";
repo = "Nagios_check_smartmon";
rev = version;
owner = "driehuis";
repo = "Nagios_check_smartmon";
rev = "refs/tags/${version}";
sha256 = "tiIeFiHdDgqoeznk9XdCE7owIMnnsQ0fmtj8foFoUD8=";
};
@ -24,7 +25,7 @@ stdenv.mkDerivation rec {
postPatch = ''
patchShebangs check_smartmon.py
substituteInPlace check_smartmon.py \
--replace '"/usr/sbin/smartctl"' '"${smartmontools}/bin/smartctl"'
--replace-fail '"/usr/sbin/smartctl"' '"${smartmontools}/bin/smartctl"'
'';
installPhase = ''
@ -33,11 +34,11 @@ stdenv.mkDerivation rec {
runHook postInstall
'';
meta = with lib; {
meta = {
description = "Nagios-Plugin that uses smartmontools to check disk health status and temperature";
mainProgram = "check_smartmon";
homepage = "https://github.com/driehuis/Nagios_check_smartmon";
license = licenses.gpl2Plus;
maintainers = with maintainers; [ mariaa144 ];
license = lib.licenses.gpl2Plus;
maintainers = with lib.maintainers; [ mariaa144 ];
};
}

67
pkgs/servers/monitoring/nagios-plugins/check_ssl_cert/default.nix Normal file
View File

@ -0,0 +1,67 @@
{
bc,
bind,
coreutils,
curl,
fetchFromGitHub,
file,
iproute2,
lib,
makeWrapper,
netcat-gnu,
nmap,
openssl,
python3,
stdenv,
which,
}:
stdenv.mkDerivation rec {
pname = "check_ssl_cert";
version = "2.84.4";
src = fetchFromGitHub {
owner = "matteocorti";
repo = "check_ssl_cert";
rev = "refs/tags/v${version}";
hash = "sha256-HVif2pjVumrf2YFSHbNiL9pfXy8XNeXHRgaIlx/Tzds=";
};
nativeBuildInputs = [ makeWrapper ];
makeFlags = [
"DESTDIR=$(out)/bin"
"MANDIR=$(out)/share/man"
];
postInstall = ''
wrapProgram $out/bin/check_ssl_cert \
--prefix PATH : "${
lib.makeBinPath (
[
bc
bind # host and dig binary
coreutils # date and timeout binary
curl
file
netcat-gnu
nmap
openssl
python3
which
]
++ lib.optional stdenv.hostPlatform.isLinux iproute2
)
}"
'';
meta = {
changelog = "https://github.com/matteocorti/check_ssl_cert/releases/tag/v${version}";
description = "Nagios plugin to check the CA and validity of an X.509 certificate";
homepage = "https://github.com/matteocorti/check_ssl_cert";
license = lib.licenses.gpl3Plus;
mainProgram = "check_ssl_cert";
maintainers = with lib.maintainers; [ fab ];
platforms = lib.platforms.all;
};
}

50
pkgs/servers/monitoring/nagios-plugins/check_systemd/default.nix Normal file
View File

@ -0,0 +1,50 @@
{
fetchFromGitHub,
lib,
python3Packages,
}:
python3Packages.buildPythonApplication rec {
pname = "check-systemd";
version = "4.1.0";
pyproject = true;
src = fetchFromGitHub {
owner = "Josef-Friedrich";
repo = "check_systemd";
rev = "refs/tags/v${version}";
hash = "sha256-1e1WtWRTmOxozuOP2ndfsozuiy9LCT/Lsvb+yKH+8eY=";
};
postPatch = ''
substituteInPlace tests/test_argparse.py \
--replace-fail "./check_systemd.py" "check_systemd"
'';
build-system = with python3Packages; [
poetry-core
];
dependencies = with python3Packages; [
nagiosplugin
];
# needs to be able to run check_systemd from PATH
preCheck = ''
export PATH=$PATH:$out/bin
'';
nativeCheckInputs = with python3Packages; [
pytestCheckHook
];
meta = {
changelog = "https://github.com/Josef-Friedrich/check_systemd/releases";
description = "Nagios / Icinga monitoring plugin to check systemd for failed units";
homepage = "https://github.com/Josef-Friedrich/check_systemd";
license = lib.licenses.lgpl2Only;
mainProgram = "check_systemd";
maintainers = with lib.maintainers; [ symphorien ];
platforms = lib.platforms.linux;
};
}

34
pkgs/servers/monitoring/nagios-plugins/check_uptime/default.nix Normal file
View File

@ -0,0 +1,34 @@
{
autoreconfHook,
fetchFromGitHub,
lib,
stdenv,
}:
stdenv.mkDerivation {
pname = "check-uptime";
version = "unstable-2016-11-12";
src = fetchFromGitHub {
owner = "madrisan";
repo = "nagios-plugins-uptime";
rev = "51822dacd1d404b3eabf3b4984c64b2475ed6f3b";
hash = "sha256-0zOvaVWCFKlbblGyObir1QI0cU186J6y1+0ki/+KCaM=";
};
nativeBuildInputs = [ autoreconfHook ];
enableParallelBuilding = true;
postInstall = ''
ln -sr $out/libexec $out/bin
'';
meta = {
description = "Uptime check plugin for Sensu/Nagios/others";
homepage = "https://github.com/madrisan/nagios-plugins-uptime";
license = lib.licenses.gpl3Plus;
mainProgram = "check_uptime";
maintainers = with lib.maintainers; [ peterhoeg ];
};
}

75
pkgs/servers/monitoring/plugins/wmiplus/default.nix → pkgs/servers/monitoring/nagios-plugins/check_wmi_plus/default.nix
View File

@ -1,34 +1,62 @@
{ lib, stdenv, fetchFromGitHub, makeWrapper, perlPackages, txt2man
, monitoring-plugins
, wmic-bin ? null }:
{
fetchFromGitHub,
lib,
makeWrapper,
monitoring-plugins,
perlPackages,
stdenv,
txt2man,
wmic-bin ? null,
}:
stdenv.mkDerivation rec {
pname = "check-wmiplus";
pname = "check-wmi-plus";
version = "1.65";
# We fetch from github.com instead of the proper upstream as nix-build errors
# out with 406 when trying to fetch the sources
# Upstream has been moved from Github to tarballs on the author's website.
# See https://edcint.co.nz/checkwmiplus/releases/
src = fetchFromGitHub {
owner = "speartail";
repo = "checkwmiplus";
rev = "v${version}";
rev = "refs/tags/v${version}";
sha256 = "1as0iyhy4flpm37mb7lvah7rnd6ax88appjm1icwhy7iq03wi8pl";
};
patches = [
./wmiplus_fix_manpage.patch
];
patches = [ ./wmiplus_fix_manpage.patch ];
propagatedBuildInputs = with perlPackages; [
BHooksEndOfScope ClassDataInheritable ClassInspector ClassSingleton
ConfigIniFiles DateTime DateTimeLocale DateTimeTimeZone DevelStackTrace
EvalClosure ExceptionClass FileShareDir ModuleImplementation ModuleRuntime
MROCompat namespaceautoclean namespaceclean NumberFormat PackageStash
ParamsValidate ParamsValidationCompiler RoleTiny Specio
SubExporterProgressive SubIdentify TryTiny
BHooksEndOfScope
ClassDataInheritable
ClassInspector
ClassSingleton
ConfigIniFiles
DateTime
DateTimeLocale
DateTimeTimeZone
DevelStackTrace
EvalClosure
ExceptionClass
FileShareDir
ModuleImplementation
ModuleRuntime
MROCompat
namespaceautoclean
namespaceclean
NumberFormat
PackageStash
ParamsValidate
ParamsValidationCompiler
RoleTiny
Specio
SubExporterProgressive
SubIdentify
TryTiny
];
nativeBuildInputs = [ makeWrapper txt2man ];
nativeBuildInputs = [
makeWrapper
txt2man
];
dontConfigure = true;
dontBuild = true;
@ -36,11 +64,11 @@ stdenv.mkDerivation rec {
postPatch = ''
substituteInPlace check_wmi_plus.pl \
--replace /usr/bin/wmic ${wmic-bin}/bin/wmic \
--replace /etc/check_wmi_plus $out/etc/check_wmi_plus \
--replace /opt/nagios/bin/plugins $out/etc/check_wmi_plus \
--replace /usr/lib/nagios/plugins ${monitoring-plugins}/libexec \
--replace '$base_dir/check_wmi_plus_help.pl' "$out/bin/check_wmi_plus_help.pl"
--replace-fail /usr/bin/wmic ${wmic-bin}/bin/wmic \
--replace-fail /etc/check_wmi_plus $out/etc/check_wmi_plus \
--replace-fail /opt/nagios/bin/plugins $out/etc/check_wmi_plus \
--replace-fail /usr/lib/nagios/plugins ${monitoring-plugins}/libexec \
--replace-fail '$base_dir/check_wmi_plus_help.pl' "$out/bin/check_wmi_plus_help.pl"
for f in *.pl ; do
substituteInPlace $f --replace /usr/bin/perl ${perlPackages.perl}/bin/perl
@ -70,8 +98,9 @@ stdenv.mkDerivation rec {
meta = with lib; {
description = "Sensu/nagios plugin using WMI to query Windows hosts";
homepage = "http://edcint.co.nz/checkwmiplus";
homepage = "https://edcint.co.nz/checkwmiplus/";
license = licenses.gpl2Plus;
mainProgram = "check_wmi_plus";
maintainers = with maintainers; [ peterhoeg ];
};
}

0
pkgs/servers/monitoring/plugins/wmiplus/wmiplus_fix_manpage.patch → pkgs/servers/monitoring/nagios-plugins/check_wmi_plus/wmiplus_fix_manpage.patch
View File

36
pkgs/servers/monitoring/nagios/plugins/zfs.nix → pkgs/servers/monitoring/nagios-plugins/check_zfs/default.nix
View File

@ -1,30 +1,34 @@
{ lib
, stdenv
, fetchFromGitHub
, python3
, zfs
, sudo
{
fetchFromGitHub,
lib,
python3,
stdenv,
sudo,
zfs,
}:
stdenv.mkDerivation rec {
pname = "check_zfs";
pname = "check-zfs";
version = "2.0";
src = fetchFromGitHub {
owner = "zlacelle";
repo = "nagios_check_zfs_linux";
rev = version;
rev = "refs/tags/${version}";
sha256 = "gPLCNt6hp4E94s9/PRgsnBN5XXQQ+s2MGcgRFeknXg4=";
};
buildInputs = [ python3 zfs sudo ];
buildInputs = [
python3
zfs
];
postPatch = ''
patchShebangs check_zfs.py
substituteInPlace check_zfs.py \
--replace "'/usr/bin/sudo'" "'${sudo}/bin/sudo'" \
--replace "'/sbin/zpool'" "'${zfs}/bin/zpool'" \
--replace "'/sbin/zfs'" "'${zfs}/bin/zfs'"
--replace-fail "'/usr/bin/sudo'" "'${sudo}/bin/sudo'" \
--replace-fail "'/sbin/zpool'" "'${zfs}/bin/zpool'" \
--replace-fail "'/sbin/zfs'" "'${zfs}/bin/zfs'"
'';
installPhase = ''
@ -35,11 +39,11 @@ stdenv.mkDerivation rec {
runHook postInstall
'';
meta = with lib; {
meta = {
description = "Check the health, capacity, fragmentation, and other things for use with Nagios monitoring";
mainProgram = "check_zfs";
homepage = "https://github.com/zlacelle/nagios_check_zfs_linux";
license = licenses.gpl3Only;
maintainers = with maintainers; [ mariaa144 ];
license = lib.licenses.gpl3Only;
mainProgram = "check_zfs";
maintainers = with lib.maintainers; [ mariaa144 ];
};
}

7
pkgs/servers/monitoring/nagios-plugins/default.nix Normal file
View File

@ -0,0 +1,7 @@
{ newScope, pkgs }:
let
callPackage = newScope (pkgs // plugins);
plugins = import ./plugins.nix { inherit callPackage; };
in
plugins

100
pkgs/servers/monitoring/nagios-plugins/labs_consol_de/default.nix Normal file
View File

@ -0,0 +1,100 @@
{
autoreconfHook,
coreutils,
fetchFromGitHub,
fetchurl,
gnugrep,
gnused,
lib,
makeWrapper,
perlPackages,
stdenv,
}:
let
glplugin = fetchFromGitHub {
owner = "lausser";
repo = "GLPlugin";
rev = "ef3107f01afe55fad5452e64ac5bbea00b18a8d5";
sha256 = "047fwrycsl2vmpi4wl46fs6f8y191d6qc9ms5rvmrj1dm2r828ws";
};
generic =
{
pname,
version,
sha256,
description,
buildInputs,
}:
stdenv.mkDerivation {
inherit pname version;
src = fetchurl {
url = "https://labs.consol.de/assets/downloads/nagios/${pname}-${version}.tar.gz";
inherit sha256;
};
buildInputs = [ perlPackages.perl ] ++ buildInputs;
nativeBuildInputs = [
autoreconfHook
makeWrapper
];
prePatch = ''
rm -rf GLPlugin
ln -s ${glplugin} GLPlugin
substituteInPlace plugins-scripts/Makefile.am \
--replace-fail /bin/cat ${lib.getExe' coreutils "cat"} \
--replace-fail /bin/echo ${lib.getExe' coreutils "echo"} \
--replace-fail /bin/grep ${lib.getExe gnugrep} \
--replace-fail /bin/sed ${lib.getExe gnused}
'';
postInstall = ''
if [[ -d $out/libexec ]]; then
ln -sr $out/libexec $out/bin
fi
'';
postFixup = ''
for f in $out/bin/* ; do
wrapProgram $f --prefix PERL5LIB : $PERL5LIB
done
'';
meta = {
homepage = "https://labs.consol.de/";
license = lib.licenses.gpl2Only;
maintainers = with lib.maintainers; [ peterhoeg ];
inherit description;
};
};
in
{
check_mssql_health = generic {
pname = "check-mssql-health";
version = "2.6.4.15";
sha256 = "12z0b3c2p18viy7s93r6bbl8fvgsqh80136d07118qhxshp1pwxg";
description = "Check plugin for Microsoft SQL Server";
buildInputs = [ perlPackages.DBDsybase ];
};
check_nwc_health = generic {
pname = "check-nwc-health";
version = "7.10.0.6";
sha256 = "092rhaqnk3403z0y60x38vgh65gcia3wrd6gp8mr7wszja38kxv2";
description = "Check plugin for network equipment";
buildInputs = [ perlPackages.NetSNMP ];
};
check_ups_health = generic {
pname = "check-ups-health";
version = "2.8.3.3";
sha256 = "0qc2aglppwr9ms4p53kh9nr48625sqrbn46xs0k9rx5sv8hil9hm";
description = "Check plugin for UPSs";
buildInputs = [ perlPackages.NetSNMP ];
};
}

14
pkgs/servers/monitoring/nagios-plugins/plugins.nix Normal file
View File

@ -0,0 +1,14 @@
{ callPackage }:
{
check_esxi_hardware = callPackage ./check_esxi_hardware { };
check_openvpn = callPackage ./check_openvpn { };
check_smartmon = callPackage ./check_smartmon { };
check_ssl_cert = callPackage ./check_ssl_cert { };
check_systemd = callPackage ./check_systemd { };
check_uptime = callPackage ./check_uptime { };
check_wmi_plus = callPackage ./check_wmi_plus { };
check_zfs = callPackage ./check_zfs { };
inherit (callPackage ./labs_consol_de { }) check_mssql_health check_nwc_health check_ups_health;
}

52
pkgs/servers/monitoring/nagios/plugins/check_ssl_cert.nix
View File

@ -1,52 +0,0 @@
{ lib
, stdenv
, bc
, bind # host and dig binary
, coreutils # date and timeout binary
, curl
, fetchFromGitHub
, file
, iproute2
, makeWrapper
, netcat-gnu
, nmap
, openssl
, python3
, which
}:
stdenv.mkDerivation rec {
pname = "check_ssl_cert";
version = "2.84.4";
src = fetchFromGitHub {
owner = "matteocorti";
repo = "check_ssl_cert";
rev = "refs/tags/v${version}";
hash = "sha256-HVif2pjVumrf2YFSHbNiL9pfXy8XNeXHRgaIlx/Tzds=";
};
nativeBuildInputs = [
makeWrapper
];
makeFlags = [
"DESTDIR=$(out)/bin"
"MANDIR=$(out)/share/man"
];
postInstall = ''
wrapProgram $out/bin/check_ssl_cert \
--prefix PATH : "${lib.makeBinPath ([ openssl file which curl bc coreutils bind nmap netcat-gnu python3 ] ++ lib.optional stdenv.hostPlatform.isLinux iproute2) }"
'';
meta = with lib; {
description = "Nagios plugin to check the CA and validity of an X.509 certificate";
mainProgram = "check_ssl_cert";
homepage = "https://github.com/matteocorti/check_ssl_cert";
changelog = "https://github.com/matteocorti/check_ssl_cert/releases/tag/v${version}";
license = licenses.gpl3Plus;
maintainers = with maintainers; [ fab ];
platforms = platforms.all;
};
}

38
pkgs/servers/monitoring/nagios/plugins/check_systemd.nix
View File

@ -1,38 +0,0 @@
{ fetchFromGitHub, python3Packages, lib }:
python3Packages.buildPythonApplication rec {
pname = "check_systemd";
version = "2.3.1";
src = fetchFromGitHub {
owner = "Josef-Friedrich";
repo = pname;
rev = "v${version}";
sha256 = "11sc0gycxzq1vfvin501jnwnky2ky6ns64yjiw8vq9vmkbf8nni6";
};
propagatedBuildInputs = with python3Packages; [ nagiosplugin ];
postInstall = ''
# check_systemd is only a broken stub calling check_systemd.py
mv $out/bin/check_systemd{.py,}
'';
# the test scripts run ./check_systemd.py and check_systemd. Patch to
# the installed, patchShebanged executable in $out/bin
preCheck = ''
find test -name "*.py" -execdir sed -i "s@./check_systemd.py@$out/bin/check_systemd@" '{}' ";"
export PATH=$PATH:$out/bin
'';
nativeCheckInputs = [ python3Packages.pytestCheckHook ];
meta = with lib; {
description = "Nagios / Icinga monitoring plugin to check systemd for failed units";
mainProgram = "check_systemd";
inherit (src.meta) homepage;
changelog = "https://github.com/Josef-Friedrich/check_systemd/releases";
maintainers = with maintainers; [ symphorien ];
license = licenses.lgpl2Only;
platforms = platforms.linux;
};
}

37
pkgs/servers/monitoring/plugins/esxi.nix
View File

@ -1,37 +0,0 @@
{ lib, fetchFromGitHub, python3Packages }:
let
bName = "check_esxi_hardware";
in python3Packages.buildPythonApplication rec {
pname = lib.replaceStrings [ "_" ] [ "-" ] bName;
version = "20200710";
format = "other";
src = fetchFromGitHub {
owner = "Napsty";
repo = bName;
rev = version;
sha256 = "EC6np/01S+5SA2H9z5psJ9Pq/YoEyGdHL9wHUKKsNas=";
};
dontBuild = true;
doCheck = false;
installPhase = ''
runHook preInstall
install -Dm755 ${bName}.py $out/bin/${bName}
install -Dm644 -t $out/share/doc/${pname} README.md
runHook postInstall
'';
propagatedBuildInputs = with python3Packages; [ pywbem requests setuptools ];
meta = with lib; {
homepage = "https://www.claudiokuenzler.com/nagios-plugins/";
license = licenses.gpl2Plus;
maintainers = with maintainers; [ peterhoeg ];
};
}

77
pkgs/servers/monitoring/plugins/labs_consol_de.nix
View File

@ -1,77 +0,0 @@
{ lib, stdenv, fetchFromGitHub, fetchurl, autoreconfHook, makeWrapper
, perlPackages, coreutils, gnused, gnugrep }:
let
glplugin = fetchFromGitHub {
owner = "lausser";
repo = "GLPlugin";
rev = "ef3107f01afe55fad5452e64ac5bbea00b18a8d5";
sha256 = "047fwrycsl2vmpi4wl46fs6f8y191d6qc9ms5rvmrj1dm2r828ws";
};
generic = { pname, version, sha256, description, buildInputs, ... }:
stdenv.mkDerivation {
inherit pname version;
src = fetchurl {
url = "https://labs.consol.de/assets/downloads/nagios/${pname}-${version}.tar.gz";
inherit sha256;
};
buildInputs = [ perlPackages.perl ] ++ buildInputs;
nativeBuildInputs = [ autoreconfHook makeWrapper ];
prePatch = ''
rm -rf GLPlugin
ln -s ${glplugin} GLPlugin
substituteInPlace plugins-scripts/Makefile.am \
--replace /bin/cat ${lib.getBin coreutils}/bin/cat \
--replace /bin/echo ${lib.getBin coreutils}/bin/echo \
--replace /bin/grep ${lib.getBin gnugrep}/bin/grep \
--replace /bin/sed ${lib.getBin gnused}/bin/sed
'';
postInstall = ''
test -d $out/libexec && ln -sr $out/libexec $out/bin
'';
postFixup = ''
for f in $out/bin/* ; do
wrapProgram $f --prefix PERL5LIB : $PERL5LIB
done
'';
meta = {
homepage = "https://labs.consol.de/";
license = lib.licenses.gpl2Only;
maintainers = with lib.maintainers; [ peterhoeg ];
inherit description;
};
};
in {
check-mssql-health = generic {
pname = "check_mssql_health";
version = "2.6.4.15";
sha256 = "12z0b3c2p18viy7s93r6bbl8fvgsqh80136d07118qhxshp1pwxg";
description = "Check plugin for Microsoft SQL Server";
buildInputs = [ perlPackages.DBDsybase ];
};
check-nwc-health = generic {
pname = "check_nwc_health";
version = "7.10.0.6";
sha256 = "092rhaqnk3403z0y60x38vgh65gcia3wrd6gp8mr7wszja38kxv2";
description = "Check plugin for network equipment";
buildInputs = [ perlPackages.NetSNMP ];
};
check-ups-health = generic {
pname = "check_ups_health";
version = "2.8.3.3";
sha256 = "0qc2aglppwr9ms4p53kh9nr48625sqrbn46xs0k9rx5sv8hil9hm";
description = "Check plugin for UPSs";
buildInputs = [ perlPackages.NetSNMP ];
};
}

26
pkgs/servers/monitoring/plugins/uptime.nix
View File

@ -1,26 +0,0 @@
{ lib, stdenv, fetchFromGitHub, autoreconfHook }:
stdenv.mkDerivation {
pname = "check-uptime";
version = "20161112";
src = fetchFromGitHub {
owner = "madrisan";
repo = "nagios-plugins-uptime";
rev = "51822dacd1d404b3eabf3b4984c64b2475ed6f3b";
sha256 = "18q9ibzqn97dsyr9xs3w9mqk80nmmfw3kcjidrdsj542amlsycyk";
};
nativeBuildInputs = [ autoreconfHook ];
enableParallelBuilding = true;
postInstall = "ln -sr $out/libexec $out/bin";
meta = with lib; {
description = "Uptime check plugin for Sensu/Nagios/others";
homepage = "https://github.com/madrisan/nagios-plugins-uptime";
license = licenses.gpl3;
maintainers = with maintainers; [ peterhoeg ];
};
}

0
pkgs/servers/monitoring/plugins/wmic-bin.nix → pkgs/servers/monitoring/wmic-bin/default.nix
View File

4
pkgs/servers/nosql/aerospike/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "aerospike-server";
version = "7.1.0.6";
version = "7.2.0.1";
src = fetchFromGitHub {
owner = "aerospike";
repo = "aerospike-server";
rev = version;
hash = "sha256-10Ky4j4XyskjuuabCvD0mjpLOd9QjChM9TrDvKmgGHQ=";
hash = "sha256-PFLdESQ3eyVTu8FJSI/9FbjpA+721G+ok5/UE/5u/2E=";
fetchSubmodules = true;
};

6
pkgs/servers/web-apps/livebook/default.nix
View File

@ -1,7 +1,7 @@
{ lib, beamPackages, makeWrapper, rebar3, elixir, erlang, fetchFromGitHub, nixosTests }:
beamPackages.mixRelease rec {
pname = "livebook";
version = "0.14.2";
version = "0.14.4";
inherit elixir;
@ -13,13 +13,13 @@ beamPackages.mixRelease rec {
owner = "livebook-dev";
repo = "livebook";
rev = "v${version}";
hash = "sha256-iD9FzIjm0OAnApgmMqw0bDTQH/pSC8Z2l4+3Y4y+ieQ=";
hash = "sha256-XpBJlPLr7E3OqTnLxnSmKCgDyiU1hT8WfOhWeRGYROA=";
};
mixFodDeps = beamPackages.fetchMixDeps {
pname = "mix-deps-${pname}";
inherit src version;
hash = "sha256-knqjnySXwh7/vMkFNfDZzSjojWpWPNZyR/RIDb9hdgA=";
hash = "sha256-jB6IOBX3LwdrEtaWY3gglo1HO2OhdiK8j3BgzfZ1nAU=";
};
postInstall = ''

82
pkgs/tools/filesystems/ceph/default.nix
View File

@ -7,10 +7,13 @@
, fetchpatch
# Build time
, autoconf
, automake
, cmake
, ensureNewerSourcesHook
, fmt
, git
, libtool
, makeWrapper
, nasm
, pkg-config
@ -22,10 +25,11 @@
# Runtime dependencies
, arrow-cpp
, babeltrace
, boost179
, boost182 # using the version installed by ceph's `install-deps.sh`
, bzip2
, cryptsetup
, cunit
, e2fsprogs
, doxygen
, gperf
, graphviz
@ -37,17 +41,22 @@
, libcap_ng
, libnl
, libxml2
, lmdb
, lttng-ust
, lua
, lvm2
, lz4
, oath-toolkit
, openldap
, python311
, parted
, python311 # to get an idea which Python versions are supported by Ceph, see upstream `do_cmake.sh` (see `PYBUILD=` variable)
, rdkafka
, rocksdb
, snappy
, openssh
, sqlite
, utf8proc
, xfsprogs
, zlib
, zstd
@ -247,7 +256,7 @@ let
};
};
boost = boost179.override {
boost = boost182.override {
enablePython = true;
inherit python;
};
@ -282,6 +291,9 @@ let
virtualenv
werkzeug
# src/cephadm/zipapp-reqs.txt
markupsafe
# src/pybind/mgr/requirements-required.txt
cryptography
jsonpatch
@ -292,54 +304,24 @@ let
]);
inherit (ceph-python-env.python) sitePackages;
version = "18.2.4";
version = "19.2.0";
src = fetchurl {
url = "https://download.ceph.com/tarballs/ceph-${version}.tar.gz";
hash = "sha256-EFqteP3Jo+hASXVesH6gkjDjFO7/1RN151tIf/lQ06s=";
hash = "sha256-30vkW1j49hFIxyxzkssSKVSq0VqiwLfDtOb62xfxadM=";
};
in rec {
ceph = stdenv.mkDerivation {
pname = "ceph";
inherit src version;
patches = [
# Fixes mgr not being able to import `packaging` due to autotools >= 70.
# Remove once https://github.com/ceph/ceph/pull/58624 is merged, see
# https://github.com/NixOS/nixpkgs/pull/330226#issuecomment-2268421031
(fetchpatch {
url = "https://github.com/ceph/ceph/commit/8da2d857fa8fdfedd7aad0ca90e1780a3ed085c9.patch";
name = "ceph-mgr-python-fix-packaging-import.patch";
hash = "sha256-3Yl1X6UfTf0XCXJxgRnM/Js9sz8tS+hsqViY6gDExoI=";
})
# Fixes cryptesetup version parsing regex, see
# * https://github.com/NixOS/nixpkgs/issues/334227
# * https://www.mail-archive.com/ceph-users@ceph.io/msg26309.html
# * https://github.com/ceph/ceph/pull/58997
# Remove once we're on the next version of Ceph 18, when this should be in:
# https://github.com/ceph/ceph/pull/58997
(fetchpatch {
url = "https://github.com/ceph/ceph/commit/6ae874902b63652fa199563b6e7950cd75151304.patch";
name = "ceph-reef-ceph-volume-fix-set_dmcrypt_no_workqueue.patch";
hash = "sha256-r+7hcCz2WF/rJfgKwTatKY9unJlE8Uw3fmOyaY5jVH0=";
})
(fetchpatch {
url = "https://github.com/ceph/ceph/commit/607eb34b2c278566c386efcbf3018629cf08ccfd.patch";
name = "ceph-volume-fix-set_dmcrypt_no_workqueue-regex.patch";
hash = "sha256-q28Q7OIyFoMyMBCPXGA+AdNqp+9/6J/XwD4ODjx+JXY=";
})
];
postPatch = ''
substituteInPlace cmake/modules/Finduring.cmake \
--replace-fail "liburing.a liburing" "uring"
'';
nativeBuildInputs = [
autoconf # `autoreconf` is called, e.g. for `qatlib_ext`
automake # `aclocal` is called, e.g. for `qatlib_ext`
cmake
fmt
git
makeWrapper
libtool # used e.g. for `qatlib_ext`
nasm
pkg-config
python
@ -357,17 +339,23 @@ in rec {
babeltrace
boost
bzip2
# Adding `ceph-python-env` here adds the env's `site-packages` to `PYTHONPATH` during the build.
# This is important, otherwise the build system may not find the Python deps and then
# silently skip installing ceph-volume and other Ceph python tools.
ceph-python-env
cryptsetup
cunit
e2fsprogs # according to `debian/control` file, `ceph-volume` is supposed to use it
gperf
gtest
icu
libcap
libnl
libxml2
lmdb
lttng-ust
lua
lvm2 # according to `debian/control` file, e.g. `pvs` command used by `src/ceph-volume/ceph_volume/api/lvm.py`
lz4
malloc
oath-toolkit
@ -375,11 +363,14 @@ in rec {
optLibatomic_ops
optLibs3
optYasm
parted # according to `debian/control` file, used by `src/ceph-volume/ceph_volume/util/disk.py`
rdkafka
rocksdb'
snappy
openssh # according to `debian/control` file, `ssh` command used by `cephadm`
sqlite
utf8proc
xfsprogs # according to `debian/control` file, `ceph-volume` is supposed to use it
zlib
zstd
] ++ lib.optionals stdenv.hostPlatform.isLinux [
@ -402,7 +393,11 @@ in rec {
optLibedit
];
pythonPath = [ ceph-python-env "${placeholder "out"}/${ceph-python-env.sitePackages}" ];
# Picked up, amongst others, by `wrapPythonPrograms`.
pythonPath = [
ceph-python-env
"${placeholder "out"}/${ceph-python-env.sitePackages}"
];
# replace /sbin and /bin based paths with direct nix store paths
# increase the `command` buffer size since 2 nix store paths cannot fit within 128 characters
@ -413,9 +408,8 @@ in rec {
--replace "/sbin/modprobe" "${kmod}/bin/modprobe" \
--replace "/bin/grep" "${gnugrep}/bin/grep"
# install target needs to be in PYTHONPATH for "*.pth support" check to succeed
# set PYTHONPATH, so the build system doesn't silently skip installing ceph-volume and others
export PYTHONPATH=${ceph-python-env}/${sitePackages}:$lib/${sitePackages}:$out/${sitePackages}
# The install target needs to be in PYTHONPATH for "*.pth support" check to succeed
export PYTHONPATH=$PYTHONPATH:$lib/${sitePackages}:$out/${sitePackages}
patchShebangs src/
'';
@ -453,6 +447,10 @@ in rec {
"-DWITH_SYSTEM_UTF8PROC:BOOL=ON"
"-DWITH_SYSTEM_ZSTD:BOOL=ON"
# Use our own python libraries too, see:
# https://github.com/NixOS/nixpkgs/pull/344993#issuecomment-2391046329
"-DCEPHADM_BUNDLED_DEPENDENCIES=none"
# TODO breaks with sandbox, tries to download stuff with npm
"-DWITH_MGR_DASHBOARD_FRONTEND:BOOL=OFF"
# WITH_XFS has been set default ON from Ceph 16, keeping it optional in nixpkgs for now

6
pkgs/tools/networking/flannel/default.nix
View File

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "flannel";
version = "0.25.6";
version = "0.25.7";
rev = "v${version}";
vendorHash = "sha256-telkdlxNUoaZJ8mzKbcBq2sruI0reT9wp+yOLa8RBOs=";
vendorHash = "sha256-377VLcZ1agntvFKWNFlUQUCG4CWbk+olbebtkKd9uDk=";
src = fetchFromGitHub {
inherit rev;
owner = "flannel-io";
repo = "flannel";
sha256 = "sha256-72eoAr3Vnvwqcrq1qFqEJY/J3yodICv+uWM484d99b4=";
sha256 = "sha256-AehNMAxqzZED/e1joB2GsjkQ7KsjsZq5KZFB12kHMiE=";
};
ldflags = [ "-X github.com/flannel-io/flannel/pkg/version.Version=${rev}" ];

23
pkgs/tools/package-management/emplace/default.nix
View File

@ -1,23 +0,0 @@
{ lib, rustPlatform, fetchFromGitHub }:
rustPlatform.buildRustPackage rec {
pname = "emplace";
version = "1.6.0";
src = fetchFromGitHub {
owner = "tversteeg";
repo = pname;
rev = "v${version}";
sha256 = "sha256-FZ+lvf5HRSruUdmkm/Hqz0aRa95SjfIa43WQczRCGNg=";
};
cargoHash = "sha256-0bKLN0l3ldHJizqWuSoBUxQ8I114BQz6ZTtsro3eYEI=";
meta = with lib; {
description = "Mirror installed software on multiple machines";
homepage = "https://github.com/tversteeg/emplace";
license = licenses.agpl3Plus;
maintainers = with maintainers; [ Br1ght0ne ];
mainProgram = "emplace";
};
}

6
pkgs/tools/system/zx/default.nix
View File

@ -8,16 +8,16 @@
buildNpmPackage rec {
pname = "zx";
version = "8.1.8";
version = "8.1.9";
src = fetchFromGitHub {
owner = "google";
repo = "zx";
rev = version;
hash = "sha256-d/U37QWC6e41P9GuohpWjP0MNZCzHbxFMBBASpIKpQk=";
hash = "sha256-vy53g6nG/krK1PsfIKEdok67ghf9Jm2xNMmZpU2N+A0=";
};
npmDepsHash = "sha256-2v8pGIB5W2jgjsJPKBjymAv2rzq9judVdYZexohAclo=";
npmDepsHash = "sha256-bKckzwvJNWDYkF1ZBwB9RpzJAVTIoAjoKK8D3V8RHmQ=";
nativeInstallCheckInputs = [ versionCheckHook ];
doInstallCheck = true;

6
pkgs/tools/virtualization/govc/default.nix
View File

@ -2,7 +2,7 @@
buildGoModule rec {
pname = "govc";
version = "0.43.0";
version = "0.44.0";
subPackages = [ "govc" ];
@ -10,10 +10,10 @@ buildGoModule rec {
rev = "v${version}";
owner = "vmware";
repo = "govmomi";
sha256 = "sha256-TLkSDi8s8zqUED76Bfznm3VLwUi0+tmUjbddqHlwiUQ=";
sha256 = "sha256-DHzSW8PTi8CnIYvauhoEBSUKOInR8VwTIfosjzLY6CM=";
};
vendorHash = "sha256-C8NeTGPqzFe3UYB90sEui67e5wUsH/15rwkwahNTLHM=";
vendorHash = "sha256-ddofXjBnyHRn7apS8hpM57S1oo+1w5i4n0Z6ZPKQEDI=";
ldflags = [
"-s"

11
pkgs/top-level/aliases.nix
View File

@ -230,6 +230,17 @@ mapAliases {
ccloud-cli = throw "ccloud-cli has been removed, please use confluent-cli instead"; # Added 2023-06-09
certmgr-selfsigned = certmgr; # Added 2023-11-30
challenger = taler-challenger; # Added 2024-09-04
check_smartmon = throw "'check_smartmon' has been renamed to 'nagiosPlugins.check_smartmon'"; # Added 2024-05-03
check_systemd = throw "'check_systemd' has been renamed to 'nagiosPlugins.check_systemd'"; # Added 2024-05-03
check_zfs = throw "'check_zfs' has been renamed to 'nagiosPlugins.check_zfs'"; # Added 2024-05-03
check-esxi-hardware = throw "'check-esxi-hardware' has been renamed to 'nagiosPlugins.check_esxi_hardware'"; # Added 2024-05-03
check-mssql-health = throw "'check-mssql-health' has been renamed to 'nagiosPlugins.check_mssql_health'"; # Added 2024-05-03
check-nwc-health = throw "'check-nwc-health' has been renamed to 'nagiosPlugins.check_nwc_health'"; # Added 2024-05-03
check-openvpn = throw "'check-openvpn' has been renamed to 'nagiosPlugins.check_openvpn'"; # Added 2024-05-03
check-ups-health = throw "'check-ups-health' has been renamed to 'nagiosPlugins.check_ups_health'"; # Added 2024-05-03
check-uptime = throw "'check-uptime' has been renamed to 'nagiosPlugins.check_uptime'"; # Added 2024-05-03
check-wmiplus = throw "'check-wmiplus' has been renamed to 'nagiosPlugins.check_wmi_plus'"; # Added 2024-05-03
checkSSLCert = throw "'checkSSLCert' has been renamed to 'nagiosPlugins.check_ssl_cert'"; # Added 2024-05-03
chefdk = throw "chefdk has been removed due to being deprecated upstream by Chef Workstation"; # Added 2023-03-22
chia = throw "chia has been removed. see https://github.com/NixOS/nixpkgs/pull/270254"; # Added 2023-11-30
chia-dev-tools = throw "chia-dev-tools has been removed. see https://github.com/NixOS/nixpkgs/pull/270254"; # Added 2023-11-30

47
pkgs/top-level/all-packages.nix
View File

@ -372,6 +372,10 @@ with pkgs;
propagatedBuildInputs = [ innoextract file-rename ]; }
../build-support/setup-hooks/gog-unpack.sh;
buf = callPackage ../by-name/bu/buf/package.nix {
buildGoModule = buildGo123Module;
};
buildEnv = callPackage ../build-support/buildenv { }; # not actually a package
buildFHSEnv = buildFHSEnvBubblewrap;
@ -2500,10 +2504,6 @@ with pkgs;
cen64 = callPackage ../applications/emulators/cen64 { };
citations = callPackage ../applications/misc/citations { };
webfontkitgenerator = callPackage ../applications/misc/webfontkitgenerator { };
collapseos-cvm = callPackage ../applications/emulators/collapseos-cvm { };
coltrane = callPackage ../applications/misc/coltrane { };
@ -3505,8 +3505,6 @@ with pkgs;
sedutil = callPackage ../tools/security/sedutil { };
emplace = callPackage ../tools/package-management/emplace { };
enchive = callPackage ../tools/security/enchive { };
enjarify = callPackage ../tools/misc/enjarify { };
@ -8603,8 +8601,6 @@ with pkgs;
idle3tools = callPackage ../tools/system/idle3tools { };
ifcopenshell = with python3Packages; toPythonApplication ifcopenshell;
iftop = callPackage ../tools/networking/iftop { };
ifwifi = callPackage ../tools/networking/ifwifi {
@ -10599,10 +10595,6 @@ with pkgs;
nylon = callPackage ../tools/networking/nylon { };
nym = darwin.apple_sdk_11_0.callPackage ../applications/networking/nym {
inherit (darwin.apple_sdk.frameworks) Security CoreServices;
};
oapi-codegen = callPackage ../tools/networking/oapi-codegen { };
oatpp = callPackage ../development/libraries/oatpp { };
@ -11637,8 +11629,6 @@ with pkgs;
quilt = callPackage ../development/tools/quilt { };
raider = callPackage ../applications/misc/raider { };
quota = if stdenv.hostPlatform.isLinux then linuxquota else unixtools.quota;
qvge = libsForQt5.callPackage ../applications/graphics/qvge { };
@ -14357,8 +14347,6 @@ with pkgs;
inherit (python3Packages) filecheck;
};
blueprint-compiler = callPackage ../development/compilers/blueprint { };
bluespec = callPackage ../development/compilers/bluespec {
gmp-static = gmp.override { withStatic = true; };
};
@ -24885,29 +24873,14 @@ with pkgs;
nagios = callPackage ../servers/monitoring/nagios { };
nagiosPlugins = callPackages ../servers/monitoring/nagios-plugins { };
monitoring-plugins = callPackage ../servers/monitoring/plugins { };
inherit (callPackage ../servers/monitoring/plugins/labs_consol_de.nix { })
check-mssql-health
check-nwc-health
check-ups-health;
check-openvpn = callPackage ../servers/monitoring/plugins/openvpn.nix { };
check_smartmon = callPackage ../servers/monitoring/nagios/plugins/smartmon.nix { };
checkSSLCert = callPackage ../servers/monitoring/nagios/plugins/check_ssl_cert.nix { };
check_systemd = callPackage ../servers/monitoring/nagios/plugins/check_systemd.nix { };
check_zfs = callPackage ../servers/monitoring/nagios/plugins/zfs.nix { };
neo4j = callPackage ../servers/nosql/neo4j { };
neo4j-desktop = callPackage ../applications/misc/neo4j-desktop { };
check-esxi-hardware = callPackage ../servers/monitoring/plugins/esxi.nix { };
net-snmp = callPackage ../servers/monitoring/net-snmp { };
newrelic-sysmond = callPackage ../servers/monitoring/newrelic-sysmond { };
@ -25198,8 +25171,6 @@ with pkgs;
sensu-go-backend
sensu-go-cli;
check-wmiplus = callPackage ../servers/monitoring/plugins/wmiplus { };
shishi = callPackage ../servers/shishi {
pam = if stdenv.hostPlatform.isLinux then pam else null;
# see also openssl, which has/had this same trick
@ -38110,8 +38081,6 @@ with pkgs;
tvbrowser = callPackage ../applications/misc/tvbrowser { };
twitch-cli = callPackage ../development/tools/twitch-cli { };
uacme = callPackage ../tools/admin/uacme { };
ufiformat = callPackage ../tools/system/ufiformat { };
@ -38513,9 +38482,7 @@ with pkgs;
hy = with python3Packages; toPythonApplication hy;
wmic-bin = callPackage ../servers/monitoring/plugins/wmic-bin.nix { };
check-uptime = callPackage ../servers/monitoring/plugins/uptime.nix { };
wmic-bin = callPackage ../servers/monitoring/wmic-bin { };
ghc-standalone-archive = callPackage ../os-specific/darwin/ghc-standalone-archive { };

Some files were not shown because too many files have changed in this diff Show More