dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge master into haskell-updates

Browse Source
This commit is contained in:
github-actions[bot] 2024-08-17 00:13:54 +00:00 committed by GitHub
commit f200a783ab
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
477 changed files with 16354 additions and 6383 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
doc/using/overrides.chapter.md
View File

@ -40,6 +40,13 @@ import pkgs.path { overlays = [ (self: super: {
In the first example, `pkgs.foo` is the result of a function call with some default arguments, usually a derivation. Using `pkgs.foo.override` will call the same function with the given new arguments.
Many packages, like the `foo` example above, provide package options with default values in their arguments, to facilitate overriding.
Because it's not usually feasible to test that packages build with all combinations of options, you might find that a package doesn't build if you override options to non-default values.
Package maintainers are not expected to fix arbitrary combinations of options.
If you find that something doesn't work, please submit a fix, ideally with a regression test.
If you want to ensure that things keep working, consider [becoming a maintainer](https://github.com/NixOS/nixpkgs/tree/master/maintainers) for the package.
## <pkg>.overrideAttrs {#sec-pkg-overrideAttrs}
The function `overrideAttrs` allows overriding the attribute set passed to a `stdenv.mkDerivation` call, producing a new derivation based on the original one. This function is available on all derivations produced by the `stdenv.mkDerivation` function, which is most packages in the nixpkgs expression `pkgs`.

2
nixos/doc/manual/release-notes/rl-2411.section.md
View File

@ -338,6 +338,8 @@
- `nixosTests` now provide a working IPv6 setup for VLAN 1 by default.
- Kanidm can now be provisioned using the new [`services.kanidm.provision`] option, but requires using a patched version available via `pkgs.kanidm.withSecretProvisioning`.
- To facilitate dependency injection, the `imgui` package now builds a static archive using vcpkg' CMake rules.
The derivation now installs "impl" headers selectively instead of by a wildcard.
Use `imgui.src` if you just want to access the unpacked sources.

2
nixos/modules/programs/xonsh.nix
View File

@ -23,7 +23,7 @@ in
};
package = lib.mkPackageOption pkgs "xonsh" {
example = "xonsh.wrapper.override { extraPackages = ps: [ ps.requests ]; }";
example = "pkgs.xonsh.override { extraPackages = ps: [ ps.requests ]; }";
};
config = lib.mkOption {

26
nixos/modules/services/desktops/pipewire/pipewire.nix
View File

@ -410,8 +410,30 @@ in {
networking.firewall.allowedUDPPorts = mkIf cfg.raopOpenFirewall [ 6001 6002 ];
users = mkIf cfg.systemWide {
users.pipewire = {
# See https://gitlab.freedesktop.org/pipewire/pipewire/-/blob/master/src/modules/module-rt/25-pw-rlimits.conf.in
security.pam.loginLimits = [
{
domain = "@pipewire";
item = "rtprio";
type = "-";
value = 95;
}
{
domain = "@pipewire";
item = "nice";
type = "-";
value = -19;
}
{
domain = "@pipewire";
item = "memlock";
type = "-";
value = 4194304;
}
];
users = {
users.pipewire = mkIf cfg.systemWide {
uid = config.ids.uids.pipewire;
group = "pipewire";
extraGroups = [

3
nixos/modules/services/networking/iperf3.nix
View File

@ -4,6 +4,7 @@ let
api = {
enable = mkEnableOption "iperf3 network throughput testing server";
package = mkPackageOption pkgs "iperf3" { };
port = mkOption {
type = types.ints.u16;
default = 5201;
@ -76,7 +77,7 @@ let
CapabilityBoundingSet = "";
NoNewPrivileges = true;
ExecStart = ''
${pkgs.iperf3}/bin/iperf \
${lib.getExe cfg.package} \
--server \
--port ${toString cfg.port} \
${optionalString (cfg.affinity != null) "--affinity ${toString cfg.affinity}"} \

2
nixos/modules/services/networking/nebula.nix
View File

@ -270,5 +270,5 @@ in
}) enabledNetworks);
};
meta.maintainers = [ numinit ];
meta.maintainers = with maintainers; [ numinit ];
}

14
nixos/modules/services/networking/zerotierone.nix
View File

@ -60,14 +60,16 @@ in
mkdir -p /var/lib/zerotier-one/networks.d
chmod 700 /var/lib/zerotier-one
chown -R root:root /var/lib/zerotier-one
# cleans up old symlinks also if we unset localConf
if [[ -L "${localConfFilePath}" && "$(readlink "${localConfFilePath}")" =~ ^${builtins.storeDir}.* ]]; then
rm ${localConfFilePath}
fi
'' + (concatMapStrings (netId: ''
touch "/var/lib/zerotier-one/networks.d/${netId}.conf"
'') cfg.joinNetworks) + optionalString (cfg.localConf != {}) ''
if [ -L "${localConfFilePath}" ]
then
rm ${localConfFilePath}
elif [ -f "${localConfFilePath}" ]
then
'') cfg.joinNetworks) + lib.optionalString (cfg.localConf != {}) ''
# in case the user has applied manual changes to the local.conf, we backup the file
if [ -f "${localConfFilePath}" ]; then
mv ${localConfFilePath} ${localConfFilePath}.bak
fi
ln -s ${localConfFile} ${localConfFilePath}

414
nixos/modules/services/security/kanidm.nix
View File

@ -62,6 +62,94 @@ let
#UMask = "0066";
};
mkPresentOption = what:
lib.mkOption {
description = "Whether to ensure that this ${what} is present or absent.";
type = lib.types.bool;
default = true;
};
filterPresent = lib.filterAttrs (_: v: v.present);
provisionStateJson = pkgs.writeText "provision-state.json" (builtins.toJSON {
inherit (cfg.provision) groups persons systems;
});
# Only recover the admin account if a password should explicitly be provisioned
# for the account. Otherwise it is not needed for provisioning.
maybeRecoverAdmin = lib.optionalString (cfg.provision.adminPasswordFile != null) ''
KANIDM_ADMIN_PASSWORD=$(< ${cfg.provision.adminPasswordFile})
# We always reset the admin account password if a desired password was specified.
if ! KANIDM_RECOVER_ACCOUNT_PASSWORD=$KANIDM_ADMIN_PASSWORD ${cfg.package}/bin/kanidmd recover-account -c ${serverConfigFile} admin --from-environment >/dev/null; then
echo "Failed to recover admin account" >&2
exit 1
fi
'';
# Recover the idm_admin account. If a password should explicitly be provisioned
# for the account we set it, otherwise we generate a new one because it is required
# for provisioning.
recoverIdmAdmin = if cfg.provision.idmAdminPasswordFile != null
then ''
KANIDM_IDM_ADMIN_PASSWORD=$(< ${cfg.provision.idmAdminPasswordFile})
# We always reset the idm_admin account password if a desired password was specified.
if ! KANIDM_RECOVER_ACCOUNT_PASSWORD=$KANIDM_IDM_ADMIN_PASSWORD ${cfg.package}/bin/kanidmd recover-account -c ${serverConfigFile} idm_admin --from-environment >/dev/null; then
echo "Failed to recover idm_admin account" >&2
exit 1
fi
''
else ''
# Recover idm_admin account
if ! recover_out=$(${cfg.package}/bin/kanidmd recover-account -c ${serverConfigFile} idm_admin -o json); then
echo "$recover_out" >&2
echo "kanidm provision: Failed to recover admin account" >&2
exit 1
fi
if ! KANIDM_IDM_ADMIN_PASSWORD=$(grep '{"password' <<< "$recover_out" | ${lib.getExe pkgs.jq} -r .password); then
echo "$recover_out" >&2
echo "kanidm provision: Failed to parse password for idm_admin account" >&2
exit 1
fi
'';
postStartScript = pkgs.writeShellScript "post-start" ''
set -euo pipefail
# Wait for the kanidm server to come online
count=0
while ! ${lib.getExe pkgs.curl} -L --silent --max-time 1 --connect-timeout 1 --fail \
${lib.optionalString cfg.provision.acceptInvalidCerts "--insecure"} \
${cfg.provision.instanceUrl} >/dev/null
do
sleep 1
if [[ "$count" -eq 30 ]]; then
echo "Tried for at least 30 seconds, giving up..."
exit 1
fi
count=$((count++))
done
${recoverIdmAdmin}
${maybeRecoverAdmin}
KANIDM_PROVISION_IDM_ADMIN_TOKEN=$KANIDM_IDM_ADMIN_PASSWORD \
${lib.getExe pkgs.kanidm-provision} \
${lib.optionalString (!cfg.provision.autoRemove) "--no-auto-remove"} \
${lib.optionalString cfg.provision.acceptInvalidCerts "--accept-invalid-certs"} \
--url "${cfg.provision.instanceUrl}" \
--state ${provisionStateJson}
'';
serverPort =
# ipv6:
if lib.hasInfix "]:" cfg.serverSettings.bindaddress
then lib.last (lib.splitString "]:" cfg.serverSettings.bindaddress)
else
# ipv4:
if lib.hasInfix "." cfg.serverSettings.bindaddress
then lib.last (lib.splitString ":" cfg.serverSettings.bindaddress)
# default is 8443
else "8443";
in
{
options.services.kanidm = {
@ -207,10 +295,267 @@ in
for possible values.
'';
};
provision = {
enable = lib.mkEnableOption "provisioning of groups, users and oauth2 resource servers";
instanceUrl = lib.mkOption {
description = "The instance url to which the provisioning tool should connect.";
default = "https://localhost:${serverPort}";
defaultText = ''"https://localhost:<port from serverSettings.bindaddress>"'';
type = lib.types.str;
};
acceptInvalidCerts = lib.mkOption {
description = ''
Whether to allow invalid certificates when provisioning the target instance.
By default this is only allowed when the instanceUrl is localhost. This is
dangerous when used with an external URL.
'';
type = lib.types.bool;
default = lib.hasPrefix "https://localhost:" cfg.provision.instanceUrl;
defaultText = ''lib.hasPrefix "https://localhost:" cfg.provision.instanceUrl'';
};
adminPasswordFile = lib.mkOption {
description = "Path to a file containing the admin password for kanidm. Do NOT use a file from the nix store here!";
example = "/run/secrets/kanidm-admin-password";
default = null;
type = lib.types.nullOr lib.types.path;
};
idmAdminPasswordFile = lib.mkOption {
description = ''
Path to a file containing the idm admin password for kanidm. Do NOT use a file from the nix store here!
If this is not given but provisioning is enabled, the idm_admin password will be reset on each restart.
'';
example = "/run/secrets/kanidm-idm-admin-password";
default = null;
type = lib.types.nullOr lib.types.path;
};
autoRemove = lib.mkOption {
description = ''
Determines whether deleting an entity in this provisioning config should automatically
cause them to be removed from kanidm, too. This works because the provisioning tool tracks
all entities it has ever created. If this is set to false, you need to explicitly specify
`present = false` to delete an entity.
'';
type = lib.types.bool;
default = true;
};
groups = lib.mkOption {
description = "Provisioning of kanidm groups";
default = {};
type = lib.types.attrsOf (lib.types.submodule (groupSubmod: {
options = {
present = mkPresentOption "group";
members = lib.mkOption {
description = "List of kanidm entities (persons, groups, ...) which are part of this group.";
type = lib.types.listOf lib.types.str;
apply = lib.unique;
default = [];
};
};
config.members = lib.concatLists (lib.flip lib.mapAttrsToList cfg.provision.persons (person: personCfg:
lib.optional (personCfg.present && builtins.elem groupSubmod.config._module.args.name personCfg.groups) person
));
}));
};
persons = lib.mkOption {
description = "Provisioning of kanidm persons";
default = {};
type = lib.types.attrsOf (lib.types.submodule {
options = {
present = mkPresentOption "person";
displayName = lib.mkOption {
description = "Display name";
type = lib.types.str;
example = "My User";
};
legalName = lib.mkOption {
description = "Full legal name";
type = lib.types.nullOr lib.types.str;
example = "Jane Doe";
default = null;
};
mailAddresses = lib.mkOption {
description = "Mail addresses. First given address is considered the primary address.";
type = lib.types.listOf lib.types.str;
example = ["jane.doe@example.com"];
default = [];
};
groups = lib.mkOption {
description = "List of groups this person should belong to.";
type = lib.types.listOf lib.types.str;
apply = lib.unique;
default = [];
};
};
});
};
systems.oauth2 = lib.mkOption {
description = "Provisioning of oauth2 resource servers";
default = {};
type = lib.types.attrsOf (lib.types.submodule {
options = {
present = mkPresentOption "oauth2 resource server";
public = lib.mkOption {
description = "Whether this is a public client (enforces PKCE, doesn't use a basic secret)";
type = lib.types.bool;
default = false;
};
displayName = lib.mkOption {
description = "Display name";
type = lib.types.str;
example = "Some Service";
};
originUrl = lib.mkOption {
description = "The origin URL of the service. OAuth2 redirects will only be allowed to sites under this origin. Must end with a slash.";
type = lib.types.strMatching ".*://.*/$";
example = "https://someservice.example.com/";
};
originLanding = lib.mkOption {
description = "When redirecting from the Kanidm Apps Listing page, some linked applications may need to land on a specific page to trigger oauth2/oidc interactions.";
type = lib.types.str;
example = "https://someservice.example.com/home";
};
basicSecretFile = lib.mkOption {
description = ''
The basic secret to use for this service. If null, the random secret generated
by kanidm will not be touched. Do NOT use a path from the nix store here!
'';
type = lib.types.nullOr lib.types.path;
example = "/run/secrets/some-oauth2-basic-secret";
default = null;
};
enableLocalhostRedirects = lib.mkOption {
description = "Allow localhost redirects. Only for public clients.";
type = lib.types.bool;
default = false;
};
enableLegacyCrypto = lib.mkOption {
description = "Enable legacy crypto on this client. Allows JWT signing algorthms like RS256.";
type = lib.types.bool;
default = false;
};
allowInsecureClientDisablePkce = lib.mkOption {
description = ''
Disable PKCE on this oauth2 resource server to work around insecure clients
that may not support it. You should request the client to enable PKCE!
Only for non-public clients.
'';
type = lib.types.bool;
default = false;
};
preferShortUsername = lib.mkOption {
description = "Use 'name' instead of 'spn' in the preferred_username claim";
type = lib.types.bool;
default = false;
};
scopeMaps = lib.mkOption {
description = ''
Maps kanidm groups to returned oauth scopes.
See [Scope Relations](https://kanidm.github.io/kanidm/stable/integrations/oauth2.html#scope-relationships) for more information.
'';
type = lib.types.attrsOf (lib.types.listOf lib.types.str);
default = {};
};
supplementaryScopeMaps = lib.mkOption {
description = ''
Maps kanidm groups to additionally returned oauth scopes.
See [Scope Relations](https://kanidm.github.io/kanidm/stable/integrations/oauth2.html#scope-relationships) for more information.
'';
type = lib.types.attrsOf (lib.types.listOf lib.types.str);
default = {};
};
removeOrphanedClaimMaps = lib.mkOption {
description = "Whether claim maps not specified here but present in kanidm should be removed from kanidm.";
type = lib.types.bool;
default = true;
};
claimMaps = lib.mkOption {
description = ''
Adds additional claims (and values) based on which kanidm groups an authenticating party belongs to.
See [Claim Maps](https://kanidm.github.io/kanidm/master/integrations/oauth2.html#custom-claim-maps) for more information.
'';
default = {};
type = lib.types.attrsOf (lib.types.submodule {
options = {
joinType = lib.mkOption {
description = ''
Determines how multiple values are joined to create the claim value.
See [Claim Maps](https://kanidm.github.io/kanidm/master/integrations/oauth2.html#custom-claim-maps) for more information.
'';
type = lib.types.enum ["array" "csv" "ssv"];
default = "array";
};
valuesByGroup = lib.mkOption {
description = "Maps kanidm groups to values for the claim.";
default = {};
type = lib.types.attrsOf (lib.types.listOf lib.types.str);
};
};
});
};
};
});
};
};
};
config = lib.mkIf (cfg.enableClient || cfg.enableServer || cfg.enablePam) {
assertions =
assertions = let
entityList = type: attrs: lib.flip lib.mapAttrsToList (filterPresent attrs) (name: _: { inherit type name; });
entities =
entityList "group" cfg.provision.groups
++ entityList "person" cfg.provision.persons
++ entityList "oauth2" cfg.provision.systems.oauth2;
# Accumulate entities by name. Track corresponding entity types for later duplicate check.
entitiesByName = lib.foldl' (acc: { type, name }:
acc // {
${name} = (acc.${name} or []) ++ [type];
}
) {} entities;
assertGroupsKnown = opt: groups: let
knownGroups = lib.attrNames (filterPresent cfg.provision.groups);
unknownGroups = lib.subtractLists knownGroups groups;
in {
assertion = (cfg.enableServer && cfg.provision.enable) -> unknownGroups == [];
message = "${opt} refers to unknown groups: ${toString unknownGroups}";
};
assertEntitiesKnown = opt: entities: let
unknownEntities = lib.subtractLists (lib.attrNames entitiesByName) entities;
in {
assertion = (cfg.enableServer && cfg.provision.enable) -> unknownEntities == [];
message = "${opt} refers to unknown entities: ${toString unknownEntities}";
};
in
[
{
assertion = !cfg.enableServer || ((cfg.serverSettings.tls_chain or null) == null) || (!lib.isStorePath cfg.serverSettings.tls_chain);
@ -251,7 +596,69 @@ in
the instance it follows.
'';
}
];
{
assertion = cfg.provision.enable -> cfg.enableServer;
message = "<option>services.kanidm.provision</option> requires <option>services.kanidm.enableServer</option> to be true";
}
# If any secret is provisioned, the kanidm package must have some required patches applied to it
{
assertion = (cfg.provision.enable &&
(cfg.provision.adminPasswordFile != null
|| cfg.provision.idmAdminPasswordFile != null
|| lib.any (x: x.basicSecretFile != null) (lib.attrValues (filterPresent cfg.provision.systems.oauth2))
)) -> cfg.package.enableSecretProvisioning;
message = ''
Specifying an admin account password or oauth2 basicSecretFile requires kanidm to be built with the secret provisioning patches.
You may want to set `services.kanidm.package = pkgs.kanidm.withSecretProvisioning;`.
'';
}
# Entity names must be globally unique:
(let
# Filter all names that occurred in more than one entity type.
duplicateNames = lib.filterAttrs (_: v: builtins.length v > 1) entitiesByName;
in {
assertion = cfg.provision.enable -> duplicateNames == {};
message = ''
services.kanidm.provision requires all entity names (group, person, oauth2, ...) to be unique!
${lib.concatLines (lib.mapAttrsToList (name: xs: " - '${name}' used as: ${toString xs}") duplicateNames)}'';
})
]
++ lib.flip lib.mapAttrsToList (filterPresent cfg.provision.persons) (person: personCfg:
assertGroupsKnown "services.kanidm.provision.persons.${person}.groups" personCfg.groups
)
++ lib.flip lib.mapAttrsToList (filterPresent cfg.provision.groups) (group: groupCfg:
assertEntitiesKnown "services.kanidm.provision.groups.${group}.members" groupCfg.members
)
++ lib.concatLists (lib.flip lib.mapAttrsToList (filterPresent cfg.provision.systems.oauth2) (
oauth2: oauth2Cfg:
[
(assertGroupsKnown "services.kanidm.provision.systems.oauth2.${oauth2}.scopeMaps" (lib.attrNames oauth2Cfg.scopeMaps))
(assertGroupsKnown "services.kanidm.provision.systems.oauth2.${oauth2}.supplementaryScopeMaps" (lib.attrNames oauth2Cfg.supplementaryScopeMaps))
]
++ lib.concatLists (lib.flip lib.mapAttrsToList oauth2Cfg.claimMaps (claim: claimCfg: [
(assertGroupsKnown "services.kanidm.provision.systems.oauth2.${oauth2}.claimMaps.${claim}.valuesByGroup" (lib.attrNames claimCfg.valuesByGroup))
# At least one group must map to a value in each claim map
{
assertion = (cfg.provision.enable && cfg.enableServer) -> lib.any (xs: xs != []) (lib.attrValues claimCfg.valuesByGroup);
message = "services.kanidm.provision.systems.oauth2.${oauth2}.claimMaps.${claim} does not specify any values for any group";
}
# Public clients cannot define a basic secret
{
assertion = (cfg.provision.enable && cfg.enableServer && oauth2Cfg.public) -> oauth2Cfg.basicSecretFile == null;
message = "services.kanidm.provision.systems.oauth2.${oauth2} is a public client and thus cannot specify a basic secret";
}
# Public clients cannot disable PKCE
{
assertion = (cfg.provision.enable && cfg.enableServer && oauth2Cfg.public) -> !oauth2Cfg.allowInsecureClientDisablePkce;
message = "services.kanidm.provision.systems.oauth2.${oauth2} is a public client and thus cannot disable PKCE";
}
# Non-public clients cannot enable localhost redirects
{
assertion = (cfg.provision.enable && cfg.enableServer && !oauth2Cfg.public) -> !oauth2Cfg.enableLocalhostRedirects;
message = "services.kanidm.provision.systems.oauth2.${oauth2} is a non-public client and thus cannot enable localhost redirects";
}
]))
));
environment.systemPackages = lib.mkIf cfg.enableClient [ cfg.package ];
@ -277,6 +684,7 @@ in
StateDirectoryMode = "0700";
RuntimeDirectory = "kanidmd";
ExecStart = "${cfg.package}/bin/kanidmd server -c ${serverConfigFile}";
ExecStartPost = lib.mkIf cfg.provision.enable postStartScript;
User = "kanidm";
Group = "kanidm";
@ -419,6 +827,6 @@ in
];
};
meta.maintainers = with lib.maintainers; [ erictapen Flakebi ];
meta.maintainers = with lib.maintainers; [ erictapen Flakebi oddlama ];
meta.buildDocsInSandbox = false;
}

2
nixos/modules/virtualisation/openstack-config.nix
View File

@ -63,8 +63,6 @@ in
settings.PasswordAuthentication = mkDefault false;
};
users.users.root.initialPassword = "foobar";
# Enable the serial console on tty1
systemd.services."serial-getty@tty1".enable = true;

1
nixos/tests/all-tests.nix
View File

@ -484,6 +484,7 @@ in {
k3s = handleTest ./k3s {};
kafka = handleTest ./kafka.nix {};
kanidm = handleTest ./kanidm.nix {};
kanidm-provisioning = handleTest ./kanidm-provisioning.nix {};
karma = handleTest ./karma.nix {};
kavita = handleTest ./kavita.nix {};
kbd-setfont-decompress = handleTest ./kbd-setfont-decompress.nix {};

10
nixos/tests/k3s/containerd-config.nix
View File

@ -1,6 +1,11 @@
# A test that containerdConfigTemplate settings get written to containerd/config.toml
import ../make-test-python.nix (
{ lib, k3s, ... }:
{
pkgs,
lib,
k3s,
...
}:
let
nodeName = "test";
in
@ -9,6 +14,7 @@ import ../make-test-python.nix (
nodes.machine =
{ ... }:
{
environment.systemPackages = [ pkgs.jq ];
# k3s uses enough resources the default vm fails.
virtualisation.memorySize = 1536;
virtualisation.diskSize = 4096;
@ -38,7 +44,7 @@ import ../make-test-python.nix (
start_all()
machine.wait_for_unit("k3s")
# wait until the node is ready
machine.wait_until_succeeds(r"""kubectl wait --for='jsonpath={.status.conditions[?(@.type=="Ready")].status}=True' nodes/${nodeName}""")
machine.wait_until_succeeds(r"""kubectl get node ${nodeName} -ojson | jq -e '.status.conditions[] | select(.type == "Ready") | .status == "True"'""")
# test whether the config template file contains the magic comment
out=machine.succeed("cat /var/lib/rancher/k3s/agent/etc/containerd/config.toml.tmpl")
assert "MAGIC COMMENT" in out, "the containerd config template does not contain the magic comment"

2
nixos/tests/k3s/kubelet-config.nix
View File

@ -53,7 +53,7 @@ import ../make-test-python.nix (
start_all()
machine.wait_for_unit("k3s")
# wait until the node is ready
machine.wait_until_succeeds(r"""kubectl wait --for='jsonpath={.status.conditions[?(@.type=="Ready")].status}=True' nodes/${nodeName}""")
machine.wait_until_succeeds(r"""kubectl get node ${nodeName} -ojson | jq -e '.status.conditions[] | select(.type == "Ready") | .status == "True"'""")
# test whether the kubelet registered an inhibitor lock
machine.succeed("systemd-inhibit --list --no-legend | grep \"kubelet.*k3s-server.*shutdown\"")
# run kubectl proxy in the background, close stdout through redirection to not wait for the command to finish

505
nixos/tests/kanidm-provisioning.nix Normal file
View File

@ -0,0 +1,505 @@
import ./make-test-python.nix (
{ pkgs, ... }:
let
certs = import ./common/acme/server/snakeoil-certs.nix;
serverDomain = certs.domain;
provisionAdminPassword = "very-strong-password-for-admin";
provisionIdmAdminPassword = "very-strong-password-for-idm-admin";
provisionIdmAdminPassword2 = "very-strong-alternative-password-for-idm-admin";
in
{
name = "kanidm-provisioning";
meta.maintainers = with pkgs.lib.maintainers; [ oddlama ];
nodes.provision =
{ pkgs, lib, ... }:
{
services.kanidm = {
package = pkgs.kanidm.withSecretProvisioning;
enableServer = true;
serverSettings = {
origin = "https://${serverDomain}";
domain = serverDomain;
bindaddress = "[::]:443";
ldapbindaddress = "[::1]:636";
tls_chain = certs."${serverDomain}".cert;
tls_key = certs."${serverDomain}".key;
};
# So we can check whether provisioning did what we wanted
enableClient = true;
clientSettings = {
uri = "https://${serverDomain}";
verify_ca = true;
verify_hostnames = true;
};
};
specialisation.credentialProvision.configuration =
{ ... }:
{
services.kanidm.provision = lib.mkForce {
enable = true;
adminPasswordFile = pkgs.writeText "admin-pw" provisionAdminPassword;
idmAdminPasswordFile = pkgs.writeText "idm-admin-pw" provisionIdmAdminPassword;
};
};
specialisation.changedCredential.configuration =
{ ... }:
{
services.kanidm.provision = lib.mkForce {
enable = true;
idmAdminPasswordFile = pkgs.writeText "idm-admin-pw" provisionIdmAdminPassword2;
};
};
specialisation.addEntities.configuration =
{ ... }:
{
services.kanidm.provision = lib.mkForce {
enable = true;
# Test whether credential recovery works without specific idmAdmin password
#idmAdminPasswordFile =
groups.supergroup1 = {
members = [ "testgroup1" ];
};
groups.testgroup1 = { };
persons.testuser1 = {
displayName = "Test User";
legalName = "Jane Doe";
mailAddresses = [ "jane.doe@example.com" ];
groups = [
"testgroup1"
"service1-access"
];
};
persons.testuser2 = {
displayName = "Powerful Test User";
legalName = "Ryouiki Tenkai";
groups = [ "service1-admin" ];
};
groups.service1-access = { };
groups.service1-admin = { };
systems.oauth2.service1 = {
displayName = "Service One";
originUrl = "https://one.example.com/";
originLanding = "https://one.example.com/landing";
basicSecretFile = pkgs.writeText "bs-service1" "very-strong-secret-for-service1";
scopeMaps.service1-access = [
"openid"
"email"
"profile"
];
supplementaryScopeMaps.service1-admin = [ "admin" ];
claimMaps.groups = {
valuesByGroup.service1-admin = [ "admin" ];
};
};
systems.oauth2.service2 = {
displayName = "Service Two";
originUrl = "https://two.example.com/";
originLanding = "https://landing2.example.com/";
# Test not setting secret
# basicSecretFile =
allowInsecureClientDisablePkce = true;
preferShortUsername = true;
};
};
};
specialisation.changeAttributes.configuration =
{ ... }:
{
services.kanidm.provision = lib.mkForce {
enable = true;
# Changing admin credentials at any time should not be a problem:
idmAdminPasswordFile = pkgs.writeText "idm-admin-pw" provisionIdmAdminPassword;
groups.supergroup1 = {
#members = ["testgroup1"];
};
groups.testgroup1 = { };
persons.testuser1 = {
displayName = "Test User (changed)";
legalName = "Jane Doe (changed)";
mailAddresses = [
"jane.doe@example.com"
"second.doe@example.com"
];
groups = [
#"testgroup1"
"service1-access"
];
};
persons.testuser2 = {
displayName = "Powerful Test User (changed)";
legalName = "Ryouiki Tenkai (changed)";
groups = [ "service1-admin" ];
};
groups.service1-access = { };
groups.service1-admin = { };
systems.oauth2.service1 = {
displayName = "Service One (changed)";
originUrl = "https://changed-one.example.com/";
originLanding = "https://changed-one.example.com/landing-changed";
basicSecretFile = pkgs.writeText "bs-service1" "changed-very-strong-secret-for-service1";
scopeMaps.service1-access = [
"openid"
"email"
#"profile"
];
supplementaryScopeMaps.service1-admin = [ "adminchanged" ];
claimMaps.groups = {
valuesByGroup.service1-admin = [ "adminchanged" ];
};
};
systems.oauth2.service2 = {
displayName = "Service Two (changed)";
originUrl = "https://changed-two.example.com/";
originLanding = "https://changed-landing2.example.com/";
# Test not setting secret
# basicSecretFile =
allowInsecureClientDisablePkce = false;
preferShortUsername = false;
};
};
};
specialisation.removeAttributes.configuration =
{ ... }:
{
services.kanidm.provision = lib.mkForce {
enable = true;
idmAdminPasswordFile = pkgs.writeText "idm-admin-pw" provisionIdmAdminPassword;
groups.supergroup1 = { };
persons.testuser1 = {
displayName = "Test User (changed)";
};
persons.testuser2 = {
displayName = "Powerful Test User (changed)";
groups = [ "service1-admin" ];
};
groups.service1-access = { };
groups.service1-admin = { };
systems.oauth2.service1 = {
displayName = "Service One (changed)";
originUrl = "https://changed-one.example.com/";
originLanding = "https://changed-one.example.com/landing-changed";
basicSecretFile = pkgs.writeText "bs-service1" "changed-very-strong-secret-for-service1";
# Removing maps requires setting them to the empty list
scopeMaps.service1-access = [ ];
supplementaryScopeMaps.service1-admin = [ ];
};
systems.oauth2.service2 = {
displayName = "Service Two (changed)";
originUrl = "https://changed-two.example.com/";
originLanding = "https://changed-landing2.example.com/";
};
};
};
specialisation.removeEntities.configuration =
{ ... }:
{
services.kanidm.provision = lib.mkForce {
enable = true;
idmAdminPasswordFile = pkgs.writeText "idm-admin-pw" provisionIdmAdminPassword;
};
};
security.pki.certificateFiles = [ certs.ca.cert ];
networking.hosts."::1" = [ serverDomain ];
networking.firewall.allowedTCPPorts = [ 443 ];
users.users.kanidm.shell = pkgs.bashInteractive;
environment.systemPackages = with pkgs; [
kanidm
openldap
ripgrep
jq
];
};
testScript =
{ nodes, ... }:
let
# We need access to the config file in the test script.
filteredConfig = pkgs.lib.converge (pkgs.lib.filterAttrsRecursive (
_: v: v != null
)) nodes.provision.services.kanidm.serverSettings;
serverConfigFile = (pkgs.formats.toml { }).generate "server.toml" filteredConfig;
specialisations = "${nodes.provision.system.build.toplevel}/specialisation";
in
''
import re
def assert_contains(haystack, needle):
if needle not in haystack:
print("The haystack that will cause the following exception is:")
print("---")
print(haystack)
print("---")
raise Exception(f"Expected string '{needle}' was not found")
def assert_matches(haystack, expr):
if not re.search(expr, haystack):
print("The haystack that will cause the following exception is:")
print("---")
print(haystack)
print("---")
raise Exception(f"Expected regex '{expr}' did not match")
def assert_lacks(haystack, needle):
if needle in haystack:
print("The haystack that will cause the following exception is:")
print("---")
print(haystack, end="")
print("---")
raise Exception(f"Unexpected string '{needle}' was found")
provision.start()
def provision_login(pw):
provision.wait_for_unit("kanidm.service")
provision.wait_until_succeeds("curl -Lsf https://${serverDomain} | grep Kanidm")
if pw is None:
pw = provision.succeed("su - kanidm -c 'kanidmd recover-account -c ${serverConfigFile} idm_admin 2>&1 | rg -o \'[A-Za-z0-9]{48}\' '").strip().removeprefix("'").removesuffix("'")
out = provision.succeed(f"KANIDM_PASSWORD={pw} kanidm login -D idm_admin")
assert_contains(out, "Login Success for idm_admin")
with subtest("Test Provisioning - setup"):
provision_login(None)
provision.succeed("kanidm logout -D idm_admin")
with subtest("Test Provisioning - credentialProvision"):
provision.succeed('${specialisations}/credentialProvision/bin/switch-to-configuration test')
provision_login("${provisionIdmAdminPassword}")
# Test provisioned admin pw
out = provision.succeed("KANIDM_PASSWORD=${provisionAdminPassword} kanidm login -D admin")
assert_contains(out, "Login Success for admin")
provision.succeed("kanidm logout -D admin")
provision.succeed("kanidm logout -D idm_admin")
with subtest("Test Provisioning - changedCredential"):
provision.succeed('${specialisations}/changedCredential/bin/switch-to-configuration test')
provision_login("${provisionIdmAdminPassword2}")
provision.succeed("kanidm logout -D idm_admin")
with subtest("Test Provisioning - addEntities"):
provision.succeed('${specialisations}/addEntities/bin/switch-to-configuration test')
# Unspecified idm admin password
provision_login(None)
out = provision.succeed("kanidm group get testgroup1")
assert_contains(out, "name: testgroup1")
out = provision.succeed("kanidm group get supergroup1")
assert_contains(out, "name: supergroup1")
assert_contains(out, "member: testgroup1")
out = provision.succeed("kanidm person get testuser1")
assert_contains(out, "name: testuser1")
assert_contains(out, "displayname: Test User")
assert_contains(out, "legalname: Jane Doe")
assert_contains(out, "mail: jane.doe@example.com")
assert_contains(out, "memberof: testgroup1")
assert_contains(out, "memberof: service1-access")
out = provision.succeed("kanidm person get testuser2")
assert_contains(out, "name: testuser2")
assert_contains(out, "displayname: Powerful Test User")
assert_contains(out, "legalname: Ryouiki Tenkai")
assert_contains(out, "memberof: service1-admin")
assert_lacks(out, "mail:")
out = provision.succeed("kanidm group get service1-access")
assert_contains(out, "name: service1-access")
out = provision.succeed("kanidm group get service1-admin")
assert_contains(out, "name: service1-admin")
out = provision.succeed("kanidm system oauth2 get service1")
assert_contains(out, "name: service1")
assert_contains(out, "displayname: Service One")
assert_contains(out, "oauth2_rs_origin: https://one.example.com/")
assert_contains(out, "oauth2_rs_origin_landing: https://one.example.com/landing")
assert_matches(out, 'oauth2_rs_scope_map: service1-access.*{"email", "openid", "profile"}')
assert_matches(out, 'oauth2_rs_sup_scope_map: service1-admin.*{"admin"}')
assert_matches(out, 'oauth2_rs_claim_map: groups:.*"admin"')
out = provision.succeed("kanidm system oauth2 show-basic-secret service1")
assert_contains(out, "very-strong-secret-for-service1")
out = provision.succeed("kanidm system oauth2 get service2")
assert_contains(out, "name: service2")
assert_contains(out, "displayname: Service Two")
assert_contains(out, "oauth2_rs_origin: https://two.example.com/")
assert_contains(out, "oauth2_rs_origin_landing: https://landing2.example.com/")
assert_contains(out, "oauth2_allow_insecure_client_disable_pkce: true")
assert_contains(out, "oauth2_prefer_short_username: true")
provision.succeed("kanidm logout -D idm_admin")
with subtest("Test Provisioning - changeAttributes"):
provision.succeed('${specialisations}/changeAttributes/bin/switch-to-configuration test')
provision_login("${provisionIdmAdminPassword}")
out = provision.succeed("kanidm group get testgroup1")
assert_contains(out, "name: testgroup1")
out = provision.succeed("kanidm group get supergroup1")
assert_contains(out, "name: supergroup1")
assert_lacks(out, "member: testgroup1")
out = provision.succeed("kanidm person get testuser1")
assert_contains(out, "name: testuser1")
assert_contains(out, "displayname: Test User (changed)")
assert_contains(out, "legalname: Jane Doe (changed)")
assert_contains(out, "mail: jane.doe@example.com")
assert_contains(out, "mail: second.doe@example.com")
assert_lacks(out, "memberof: testgroup1")
assert_contains(out, "memberof: service1-access")
out = provision.succeed("kanidm person get testuser2")
assert_contains(out, "name: testuser2")
assert_contains(out, "displayname: Powerful Test User (changed)")
assert_contains(out, "legalname: Ryouiki Tenkai (changed)")
assert_contains(out, "memberof: service1-admin")
assert_lacks(out, "mail:")
out = provision.succeed("kanidm group get service1-access")
assert_contains(out, "name: service1-access")
out = provision.succeed("kanidm group get service1-admin")
assert_contains(out, "name: service1-admin")
out = provision.succeed("kanidm system oauth2 get service1")
assert_contains(out, "name: service1")
assert_contains(out, "displayname: Service One (changed)")
assert_contains(out, "oauth2_rs_origin: https://changed-one.example.com/")
assert_contains(out, "oauth2_rs_origin_landing: https://changed-one.example.com/landing")
assert_matches(out, 'oauth2_rs_scope_map: service1-access.*{"email", "openid"}')
assert_matches(out, 'oauth2_rs_sup_scope_map: service1-admin.*{"adminchanged"}')
assert_matches(out, 'oauth2_rs_claim_map: groups:.*"adminchanged"')
out = provision.succeed("kanidm system oauth2 show-basic-secret service1")
assert_contains(out, "changed-very-strong-secret-for-service1")
out = provision.succeed("kanidm system oauth2 get service2")
assert_contains(out, "name: service2")
assert_contains(out, "displayname: Service Two (changed)")
assert_contains(out, "oauth2_rs_origin: https://changed-two.example.com/")
assert_contains(out, "oauth2_rs_origin_landing: https://changed-landing2.example.com/")
assert_lacks(out, "oauth2_allow_insecure_client_disable_pkce: true")
assert_lacks(out, "oauth2_prefer_short_username: true")
provision.succeed("kanidm logout -D idm_admin")
with subtest("Test Provisioning - removeAttributes"):
provision.succeed('${specialisations}/removeAttributes/bin/switch-to-configuration test')
provision_login("${provisionIdmAdminPassword}")
out = provision.succeed("kanidm group get testgroup1")
assert_lacks(out, "name: testgroup1")
out = provision.succeed("kanidm group get supergroup1")
assert_contains(out, "name: supergroup1")
assert_lacks(out, "member: testgroup1")
out = provision.succeed("kanidm person get testuser1")
assert_contains(out, "name: testuser1")
assert_contains(out, "displayname: Test User (changed)")
assert_lacks(out, "legalname: Jane Doe (changed)")
assert_lacks(out, "mail: jane.doe@example.com")
assert_lacks(out, "mail: second.doe@example.com")
assert_lacks(out, "memberof: testgroup1")
assert_lacks(out, "memberof: service1-access")
out = provision.succeed("kanidm person get testuser2")
assert_contains(out, "name: testuser2")
assert_contains(out, "displayname: Powerful Test User (changed)")
assert_lacks(out, "legalname: Ryouiki Tenkai (changed)")
assert_contains(out, "memberof: service1-admin")
assert_lacks(out, "mail:")
out = provision.succeed("kanidm group get service1-access")
assert_contains(out, "name: service1-access")
out = provision.succeed("kanidm group get service1-admin")
assert_contains(out, "name: service1-admin")
out = provision.succeed("kanidm system oauth2 get service1")
assert_contains(out, "name: service1")
assert_contains(out, "displayname: Service One (changed)")
assert_contains(out, "oauth2_rs_origin: https://changed-one.example.com/")
assert_contains(out, "oauth2_rs_origin_landing: https://changed-one.example.com/landing")
assert_lacks(out, "oauth2_rs_scope_map")
assert_lacks(out, "oauth2_rs_sup_scope_map")
assert_lacks(out, "oauth2_rs_claim_map")
out = provision.succeed("kanidm system oauth2 show-basic-secret service1")
assert_contains(out, "changed-very-strong-secret-for-service1")
out = provision.succeed("kanidm system oauth2 get service2")
assert_contains(out, "name: service2")
assert_contains(out, "displayname: Service Two (changed)")
assert_contains(out, "oauth2_rs_origin: https://changed-two.example.com/")
assert_contains(out, "oauth2_rs_origin_landing: https://changed-landing2.example.com/")
assert_lacks(out, "oauth2_allow_insecure_client_disable_pkce: true")
assert_lacks(out, "oauth2_prefer_short_username: true")
provision.succeed("kanidm logout -D idm_admin")
with subtest("Test Provisioning - removeEntities"):
provision.succeed('${specialisations}/removeEntities/bin/switch-to-configuration test')
provision_login("${provisionIdmAdminPassword}")
out = provision.succeed("kanidm group get testgroup1")
assert_lacks(out, "name: testgroup1")
out = provision.succeed("kanidm group get supergroup1")
assert_lacks(out, "name: supergroup1")
out = provision.succeed("kanidm person get testuser1")
assert_lacks(out, "name: testuser1")
out = provision.succeed("kanidm person get testuser2")
assert_lacks(out, "name: testuser2")
out = provision.succeed("kanidm group get service1-access")
assert_lacks(out, "name: service1-access")
out = provision.succeed("kanidm group get service1-admin")
assert_lacks(out, "name: service1-admin")
out = provision.succeed("kanidm system oauth2 get service1")
assert_lacks(out, "name: service1")
out = provision.succeed("kanidm system oauth2 get service2")
assert_lacks(out, "name: service2")
provision.succeed("kanidm logout -D idm_admin")
'';
}
)

13
nixos/tests/kanidm.nix
View File

@ -9,9 +9,9 @@ import ./make-test-python.nix ({ pkgs, ... }:
in
{
name = "kanidm";
meta.maintainers = with pkgs.lib.maintainers; [ erictapen Flakebi ];
meta.maintainers = with pkgs.lib.maintainers; [ erictapen Flakebi oddlama ];
nodes.server = { config, pkgs, lib, ... }: {
nodes.server = { pkgs, ... }: {
services.kanidm = {
enableServer = true;
serverSettings = {
@ -34,7 +34,7 @@ import ./make-test-python.nix ({ pkgs, ... }:
environment.systemPackages = with pkgs; [ kanidm openldap ripgrep ];
};
nodes.client = { pkgs, nodes, ... }: {
nodes.client = { nodes, ... }: {
services.kanidm = {
enableClient = true;
clientSettings = {
@ -62,10 +62,10 @@ import ./make-test-python.nix ({ pkgs, ... }:
(pkgs.lib.filterAttrsRecursive (_: v: v != null))
nodes.server.services.kanidm.serverSettings;
serverConfigFile = (pkgs.formats.toml { }).generate "server.toml" filteredConfig;
in
''
start_all()
server.start()
client.start()
server.wait_for_unit("kanidm.service")
client.systemctl("start network-online.target")
client.wait_for_unit("network-online.target")
@ -122,5 +122,8 @@ import ./make-test-python.nix ({ pkgs, ... }:
client.wait_until_succeeds("systemctl is-active user@$(id -u testuser).service")
client.send_chars("touch done\n")
client.wait_for_file("/home/testuser@${serverDomain}/done")
server.shutdown()
client.shutdown()
'';
})

4
pkgs/applications/blockchains/clboss/default.nix
View File

@ -11,13 +11,13 @@
stdenv.mkDerivation rec {
pname = "clboss";
version = "0.13.2";
version = "0.13.3";
src = fetchFromGitHub {
owner = "ZmnSCPxj";
repo = "clboss";
rev = "v${version}";
hash = "sha256-BMDeqAQGl2mSWyde5Pbai+1KHqPqcY+xzaY36L26olI=";
hash = "sha256-T61rkTEGLCZrEBp1WFhHnQ7DQyhctMf5lgbOs6u9E0o=";
};
nativeBuildInputs = [ autoconf-archive autoreconfHook pkg-config libev curlWithGnuTls sqlite ];

4
pkgs/applications/editors/vscode/extensions/default.nix
View File

@ -2102,8 +2102,8 @@ let
mktplcRef = {
name = "gitlab-workflow";
publisher = "gitlab";
version = "3.60.0";
hash = "sha256-rH0+6sQfBfI8SrKY9GGtTOONdzKus6Z62E8Qv5xY7Fw=";
version = "5.6.0";
hash = "sha256-K4oCMQBH5jrt61f/C3DDZC61RuDvOApnPEF3AsOrE20=";
};
meta = {
description = "GitLab extension for Visual Studio Code";

16
pkgs/applications/editors/vscode/vscode.nix
View File

@ -30,21 +30,21 @@ let
archive_fmt = if stdenv.isDarwin then "zip" else "tar.gz";
sha256 = {
x86_64-linux = "13572vj8izdkglrpk36z1nb3va3lbmsh885g1ix38x49hr3wjwaq";
x86_64-darwin = "1xz0rhkpwiji60vy7klm424fdzs8393jggaswsbyapkj3g9nrkpb";
aarch64-linux = "17rci7w2g595ziv1ylvzc5dhh0bc9l3a7mkl4lfljv6gaprdk766";
aarch64-darwin = "1rxvlc36yrzdji0qdackp14a0xlhyj0iylxscz50gvnvfv2pdysm";
armv7l-linux = "09iwsnr09cry9f6c4v7pkrdbcr8fnydjrmypjk5942dzz0b07lkr";
x86_64-linux = "0kfkn40a44ql6j4c8a1rsw5bqysj0i5k3qllq1rl2zglfx7v4vkk";
x86_64-darwin = "1iwl64wn5by6a4qdimxah76j90sv9as1908vgqxwhzj7plfcn6x5";
aarch64-linux = "02r8yl767cf972xyi0qky2yxli4jid3r474wg4lvhk7px4ajh4zj";
aarch64-darwin = "0d64dxm079v1v5c46c8brvmcdxawv70jyzp4hqnlxki1hpjxwbff";
armv7l-linux = "0ra50i827asq3y4d3qk9b3gnrrrq9vi5z14nw5wphgz139gqbxwj";
}.${system} or throwSystem;
in
callPackage ./generic.nix rec {
# Please backport all compatible updates to the stable release.
# This is important for the extension ecosystem.
version = "1.92.1";
version = "1.92.2";
pname = "vscode" + lib.optionalString isInsiders "-insiders";
# This is used for VS Code - Remote SSH test
rev = "eaa41d57266683296de7d118f574d0c2652e1fc4";
rev = "fee1edb8d6d72a0ddff41e5f71a671c23ed924b9";
executableName = "code" + lib.optionalString isInsiders "-insiders";
longName = "Visual Studio Code" + lib.optionalString isInsiders " - Insiders";
@ -68,7 +68,7 @@ in
src = fetchurl {
name = "vscode-server-${rev}.tar.gz";
url = "https://update.code.visualstudio.com/commit:${rev}/server-linux-x64/stable";
sha256 = "0g131nicp5j71phsfi187ggjx5952awvl0gy9983990sdxaah01x";
sha256 = "0n54l0s3p7nq3kc7jwdfsdq1k7p1v2ds17cwbfh3v9jifxqwws11";
};
};

8
pkgs/applications/emulators/craftos-pc/default.nix
View File

@ -15,18 +15,18 @@
}:
let
version = "2.8.2";
version = "2.8.3";
craftos2-lua = fetchFromGitHub {
owner = "MCJack123";
repo = "craftos2-lua";
rev = "v${version}";
hash = "sha256-Kv0supnYKWLaVqOeZAzQNd3tQRP2KJugZqytyoj8QtY=";
hash = "sha256-OCHN/ef83X4r5hZcPfFFvNJHjINCTiK+COf369/WPsA=";
};
craftos2-rom = fetchFromGitHub {
owner = "McJack123";
repo = "craftos2-rom";
rev = "v${version}";
hash = "sha256-5ZsLsqrkO02NLJCzsgf0k/ifsqNybTi4DcB9GLmWDHw=";
hash = "sha256-YidLt/JLwBMW0LMo5Q5PV6wGhF0J72FGX+iWYn6v0Z4=";
};
in
@ -38,7 +38,7 @@ stdenv.mkDerivation rec {
owner = "MCJack123";
repo = "craftos2";
rev = "v${version}";
hash = "sha256-ozebHgUgwdqYtWAyL+EdwpjEvZC+PkWcLYCPWz2FjSw=";
hash = "sha256-DbxAsXxpsa42dF6DaLmgIa+Hs/PPqJ4dE97PoKxG2Ig=";
};
nativeBuildInputs = [ patchelf unzip ];

7
pkgs/applications/emulators/xcpc/default.nix
View File

@ -3,7 +3,6 @@
, motifSupport ? false, lesstif
}:
with lib;
stdenv.mkDerivation rec {
version = "20070122";
pname = "xcpc";
@ -16,10 +15,10 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ pkg-config ];
buildInputs = [ glib libdsk libXaw libX11 libXext ]
++ optional libDSKSupport libdsk
++ optional motifSupport lesstif;
++ lib.optional libDSKSupport libdsk
++ lib.optional motifSupport lesstif;
meta = {
meta = with lib; {
description = "Portable Amstrad CPC 464/664/6128 emulator written in C";
homepage = "https://www.xcpc-emulator.net";
license = licenses.gpl2Plus;

8
pkgs/applications/file-managers/noice/default.nix
View File

@ -1,7 +1,5 @@
{ lib, stdenv, fetchgit, ncurses, conf ? null }:
with lib;
stdenv.mkDerivation rec {
pname = "noice";
version = "0.8";
@ -18,8 +16,8 @@ stdenv.mkDerivation rec {
substituteInPlace noice.c --replace 'printw(str);' 'printw("%s", str);'
'';
configFile = optionalString (conf!=null) (builtins.toFile "config.def.h" conf);
preBuild = optionalString (conf!=null) "cp ${configFile} config.def.h";
configFile = lib.optionalString (conf!=null) (builtins.toFile "config.def.h" conf);
preBuild = lib.optionalString (conf!=null) "cp ${configFile} config.def.h";
buildInputs = [ ncurses ];
@ -27,7 +25,7 @@ stdenv.mkDerivation rec {
installFlags = [ "DESTDIR=$(out)" "PREFIX=" ];
meta = {
meta = with lib; {
description = "Small ncurses-based file browser";
homepage = "https://git.2f30.org/noice/";
license = licenses.bsd2;

3
pkgs/applications/graphics/figma-linux/default.nix
View File

@ -8,7 +8,6 @@
, wrapGAppsHook3
, ...
}:
with lib;
stdenv.mkDerivation (finalAttrs: {
pname = "figma-linux";
version = "0.11.4";
@ -82,7 +81,7 @@ stdenv.mkDerivation (finalAttrs: {
--replace "Exec=/opt/figma-linux/figma-linux" "Exec=$out/bin/${finalAttrs.pname}"
'';
meta = {
meta = with lib; {
description = "Unofficial Electron-based Figma desktop app for Linux";
homepage = "https://github.com/Figma-Linux/figma-linux";
platforms = [ "x86_64-linux" ];

4
pkgs/applications/graphics/gscan2pdf/default.nix
View File

@ -6,8 +6,6 @@
# test dependencies
xvfb-run, liberation_ttf, file, tesseract }:
with lib;
perlPackages.buildPerlPackage rec {
pname = "gscan2pdf";
version = "2.13.3";
@ -132,7 +130,7 @@ perlPackages.buildPerlPackage rec {
make test
'';
meta = {
meta = with lib; {
description = "GUI to produce PDFs or DjVus from scanned documents";
homepage = "https://gscan2pdf.sourceforge.net/";
license = licenses.gpl3;

52
pkgs/applications/graphics/image_optim/default.nix
View File

@ -13,34 +13,32 @@
withSvgo ? true, svgo
}:
with lib;
let
optionalDepsPath = optional withPngcrush pngcrush
++ optional withPngout pngout
++ optional withAdvpng advancecomp
++ optional withOptipng optipng
++ optional withPngquant pngquant
++ optional withOxipng oxipng
++ optional withJhead jhead
++ optional withJpegoptim jpegoptim
++ optional withJpegrecompress jpeg-archive
++ optional withJpegtran libjpeg
++ optional withGifsicle gifsicle
++ optional withSvgo svgo;
optionalDepsPath = lib.optional withPngcrush pngcrush
++ lib.optional withPngout pngout
++ lib.optional withAdvpng advancecomp
++ lib.optional withOptipng optipng
++ lib.optional withPngquant pngquant
++ lib.optional withOxipng oxipng
++ lib.optional withJhead jhead
++ lib.optional withJpegoptim jpegoptim
++ lib.optional withJpegrecompress jpeg-archive
++ lib.optional withJpegtran libjpeg
++ lib.optional withGifsicle gifsicle
++ lib.optional withSvgo svgo;
disabledWorkersFlags = optional (!withPngcrush) "--no-pngcrush"
++ optional (!withPngout) "--no-pngout"
++ optional (!withAdvpng) "--no-advpng"
++ optional (!withOptipng) "--no-optipng"
++ optional (!withPngquant) "--no-pngquant"
++ optional (!withOxipng) "--no-oxipng"
++ optional (!withJhead) "--no-jhead"
++ optional (!withJpegoptim) "--no-jpegoptim"
++ optional (!withJpegrecompress) "--no-jpegrecompress"
++ optional (!withJpegtran) "--no-jpegtran"
++ optional (!withGifsicle) "--no-gifsicle"
++ optional (!withSvgo) "--no-svgo";
disabledWorkersFlags = lib.optional (!withPngcrush) "--no-pngcrush"
++ lib.optional (!withPngout) "--no-pngout"
++ lib.optional (!withAdvpng) "--no-advpng"
++ lib.optional (!withOptipng) "--no-optipng"
++ lib.optional (!withPngquant) "--no-pngquant"
++ lib.optional (!withOxipng) "--no-oxipng"
++ lib.optional (!withJhead) "--no-jhead"
++ lib.optional (!withJpegoptim) "--no-jpegoptim"
++ lib.optional (!withJpegrecompress) "--no-jpegrecompress"
++ lib.optional (!withJpegtran) "--no-jpegtran"
++ lib.optional (!withGifsicle) "--no-gifsicle"
++ lib.optional (!withSvgo) "--no-svgo";
in
bundlerApp {
@ -53,7 +51,7 @@ bundlerApp {
postBuild = ''
wrapProgram $out/bin/image_optim \
--prefix PATH : ${lib.escapeShellArg (makeBinPath optionalDepsPath)} \
--prefix PATH : ${lib.escapeShellArg (lib.makeBinPath optionalDepsPath)} \
--add-flags "${lib.concatStringsSep " " disabledWorkersFlags}"
'';

8
pkgs/applications/graphics/rx/default.nix
View File

@ -3,8 +3,6 @@
, xorg ? null
, libGL ? null }:
with lib;
rustPlatform.buildRustPackage rec {
pname = "rx";
version = "0.5.2";
@ -20,7 +18,7 @@ rustPlatform.buildRustPackage rec {
nativeBuildInputs = [ cmake pkg-config makeWrapper ];
buildInputs = optionals stdenv.isLinux
buildInputs = lib.optionals stdenv.isLinux
(with xorg; [
# glfw-sys dependencies:
libX11 libXrandr libXinerama libXcursor libXi libXext
@ -29,13 +27,13 @@ rustPlatform.buildRustPackage rec {
# FIXME: GLFW (X11) requires DISPLAY env variable for all tests
doCheck = false;
postInstall = optionalString stdenv.isLinux ''
postInstall = lib.optionalString stdenv.isLinux ''
mkdir -p $out/share/applications
cp $src/rx.desktop $out/share/applications
wrapProgram $out/bin/rx --prefix LD_LIBRARY_PATH : ${libGL}/lib
'';
meta = {
meta = with lib; {
description = "Modern and extensible pixel editor implemented in Rust";
mainProgram = "rx";
homepage = "https://rx.cloudhead.io/";

6
pkgs/applications/graphics/sane/config.nix
View File

@ -2,7 +2,7 @@
{ paths, disabledDefaultBackends ? [] }:
with lib;
let
installSanePath = path: ''
if [ -e "${path}/lib/sane" ]; then
@ -48,6 +48,6 @@ stdenv.mkDerivation {
mkdir -p $out/etc/sane.d $out/etc/sane.d/dll.d $out/lib/sane
''
+ (concatMapStrings installSanePath paths)
+ (concatMapStrings disableBackend disabledDefaultBackends);
+ (lib.concatMapStrings installSanePath paths)
+ (lib.concatMapStrings disableBackend disabledDefaultBackends);
}

8
pkgs/applications/graphics/sxiv/default.nix
View File

@ -1,7 +1,5 @@
{ lib, stdenv, fetchFromGitHub, libXft, imlib2, giflib, libexif, conf ? null }:
with lib;
stdenv.mkDerivation rec {
pname = "sxiv";
version = "26";
@ -13,8 +11,8 @@ stdenv.mkDerivation rec {
sha256 = "0xaawlfdy7b277m38mgg4423kd7p1ffn0dq4hciqs6ivbb3q9c4f";
};
configFile = optionalString (conf!=null) (builtins.toFile "config.def.h" conf);
preBuild = optionalString (conf!=null) "cp ${configFile} config.def.h";
configFile = lib.optionalString (conf!=null) (builtins.toFile "config.def.h" conf);
preBuild = lib.optionalString (conf!=null) "cp ${configFile} config.def.h";
buildInputs = [ libXft imlib2 giflib libexif ];
@ -24,7 +22,7 @@ stdenv.mkDerivation rec {
install -Dt $out/share/applications sxiv.desktop
'';
meta = {
meta = with lib; {
description = "Simple X Image Viewer";
homepage = "https://github.com/muennich/sxiv";
license = lib.licenses.gpl2Plus;

6
pkgs/applications/misc/nwg-dock-hyprland/default.nix
View File

@ -8,16 +8,16 @@
buildGoModule rec {
pname = "nwg-dock-hyprland";
version = "0.2.0";
version = "0.2.1";
src = fetchFromGitHub {
owner = "nwg-piotr";
repo = "nwg-dock-hyprland";
rev = "v${version}";
hash = "sha256-AB9YOHJCgjR70JNvWzDROWGVGFrjZycEKMV4XmDVcpY=";
hash = "sha256-rR0UkRKdIHcrLd4IpBUGxd6toPlohJfbvCBG/GkuQnY=";
};
vendorHash = "sha256-6AevEnesGZCXHUX8yq3mBA5ug+zb5qyriHdqGBKbbEs=";
vendorHash = "sha256-cZ5w7B8bi0faOVWoQ6eeW5ejCZJgnNB91DQalC75mPo=";
ldflags = [ "-s" "-w" ];

34
pkgs/applications/networking/cluster/hadoop/default.nix
View File

@ -23,9 +23,7 @@
, callPackage
}:
with lib;
assert elem stdenv.system [ "x86_64-linux" "x86_64-darwin" "aarch64-linux" "aarch64-darwin" ];
assert lib.elem stdenv.system [ "x86_64-linux" "x86_64-darwin" "aarch64-linux" "aarch64-darwin" ];
let
common = { pname, platformAttrs, jdk, tests }:
@ -34,7 +32,7 @@ let
version = platformAttrs.${stdenv.system}.version or (throw "Unsupported system: ${stdenv.system}");
src = fetchurl {
url = "mirror://apache/hadoop/common/hadoop-${finalAttrs.version}/hadoop-${finalAttrs.version}"
+ optionalString stdenv.isAarch64 "-aarch64" + ".tar.gz";
+ lib.optionalString stdenv.isAarch64 "-aarch64" + ".tar.gz";
inherit (platformAttrs.${stdenv.system} or (throw "Unsupported system: ${stdenv.system}")) hash;
};
doCheck = true;
@ -47,24 +45,24 @@ let
}) else "";
nativeBuildInputs = [ makeWrapper ]
++ optionals stdenv.isLinux [ autoPatchelfHook ];
buildInputs = optionals stdenv.isLinux [ stdenv.cc.cc.lib openssl protobuf zlib snappy libtirpc ];
++ lib.optionals stdenv.isLinux [ autoPatchelfHook ];
buildInputs = lib.optionals stdenv.isLinux [ stdenv.cc.cc.lib openssl protobuf zlib snappy libtirpc ];
installPhase = ''
mkdir $out
mv * $out/
'' + optionalString stdenv.isLinux ''
'' + lib.optionalString stdenv.isLinux ''
for n in $(find ${finalAttrs.containerExecutor}/bin -type f); do
ln -sf "$n" $out/bin
done
# these libraries are loaded at runtime by the JVM
ln -s ${getLib cyrus_sasl}/lib/libsasl2.so $out/lib/native/libsasl2.so.2
ln -s ${getLib openssl}/lib/libcrypto.so $out/lib/native/
ln -s ${getLib zlib}/lib/libz.so.1 $out/lib/native/
ln -s ${getLib zstd}/lib/libzstd.so.1 $out/lib/native/
ln -s ${getLib bzip2}/lib/libbz2.so.1 $out/lib/native/
ln -s ${getLib snappy}/lib/libsnappy.so.1 $out/lib/native/
ln -s ${lib.getLib cyrus_sasl}/lib/libsasl2.so $out/lib/native/libsasl2.so.2
ln -s ${lib.getLib openssl}/lib/libcrypto.so $out/lib/native/
ln -s ${lib.getLib zlib}/lib/libz.so.1 $out/lib/native/
ln -s ${lib.getLib zstd}/lib/libzstd.so.1 $out/lib/native/
ln -s ${lib.getLib bzip2}/lib/libbz2.so.1 $out/lib/native/
ln -s ${lib.getLib snappy}/lib/libsnappy.so.1 $out/lib/native/
# libjvm.so is in different paths for java 8 and 11
# libnativetask.so in hadooop 3 and libhdfs.so in hadoop 2 depend on it
@ -76,7 +74,7 @@ let
# hadoop 3.3+ depends on protobuf 3.18, 3.2 depends on 3.8
find $out/lib/native -name 'libhdfspp.so*' | \
xargs -r -n1 patchelf --replace-needed libprotobuf.so.${
if (versionAtLeast finalAttrs.version "3.3") then "18"
if (lib.versionAtLeast finalAttrs.version "3.3") then "18"
else "8"
} libprotobuf.so
@ -90,17 +88,17 @@ let
--set-default HADOOP_HOME $out/\
--run "test -d /etc/hadoop-conf && export HADOOP_CONF_DIR=\''${HADOOP_CONF_DIR-'/etc/hadoop-conf/'}"\
--set-default HADOOP_CONF_DIR $out/etc/hadoop/\
--prefix PATH : "${makeBinPath [ bash coreutils which]}"\
--prefix JAVA_LIBRARY_PATH : "${makeLibraryPath finalAttrs.buildInputs}"
--prefix PATH : "${lib.makeBinPath [ bash coreutils which]}"\
--prefix JAVA_LIBRARY_PATH : "${lib.makeLibraryPath finalAttrs.buildInputs}"
done
'' + (optionalString sparkSupport ''
'' + (lib.optionalString sparkSupport ''
# Add the spark shuffle service jar to YARN
cp ${spark.src}/yarn/spark-${spark.version}-yarn-shuffle.jar $out/share/hadoop/yarn/
'');
passthru = { inherit tests; };
meta = recursiveUpdate {
meta = with lib; recursiveUpdate {
homepage = "https://hadoop.apache.org/";
description = "Framework for distributed processing of large data sets across clusters of computers";
license = licenses.asl20;

6
pkgs/applications/networking/cluster/helm/plugins/helm-mapkubeapis.nix
View File

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "helm-mapkubeapis";
version = "0.4.1";
version = "0.5.0";
src = fetchFromGitHub {
owner = "helm";
repo = "helm-mapkubeapis";
rev = "v${version}";
hash = "sha256-6NeePXTdp5vlBLfIlWeXQZMZ0Uz/e1ZCgZmJvBJfaFw=";
hash = "sha256-6oo8KpNNF9j/eF0nUKBRDMwp3ZhfP1rEqGYZ4xGFVWc=";
};
vendorHash = "sha256-rVrQqeakPQl3rjzmqzHw74ffreLEVzP153wWJ8TEOIM=";
vendorHash = "sha256-G3Q8XCwKLgHeWLF46C5lWfvuynr/cJbkq7xdydfTHZ4=";
# NOTE: Remove the install and upgrade hooks.
postPatch = ''

16
pkgs/applications/networking/cluster/k3s/1_28/images-versions.json
View File

@ -1,18 +1,18 @@
{
"airgap-images-amd64": {
"url": "https://github.com/k3s-io/k3s/releases/download/v1.28.11%2Bk3s2/k3s-airgap-images-amd64.tar.zst",
"sha256": "199nxfxwr52cddk2ljchhxaigyi0al3lzyc0jy2am4aljlm0jivy"
"url": "https://github.com/k3s-io/k3s/releases/download/v1.28.12%2Bk3s1/k3s-airgap-images-amd64.tar.zst",
"sha256": "0dhzkn5y3ng7blyxj4bwrhbq5qvl3hq1hzg0h9633h8swv0xbsss"
},
"airgap-images-arm": {
"url": "https://github.com/k3s-io/k3s/releases/download/v1.28.11%2Bk3s2/k3s-airgap-images-arm.tar.zst",
"sha256": "02riiiwwr0h3zhlxxmjn5p8ws354rr2gk44x3kz9d7sxqn17sz4w"
"url": "https://github.com/k3s-io/k3s/releases/download/v1.28.12%2Bk3s1/k3s-airgap-images-arm.tar.zst",
"sha256": "1225nqsfg7p6iq7a7qibzf3d0r7iwn53hnd9w6l189dxqna97015"
},
"airgap-images-arm64": {
"url": "https://github.com/k3s-io/k3s/releases/download/v1.28.11%2Bk3s2/k3s-airgap-images-arm64.tar.zst",
"sha256": "0bs9wj33appb9xpsb2v1xz4xck4qq6g74flnc0mxf9warwr4988r"
"url": "https://github.com/k3s-io/k3s/releases/download/v1.28.12%2Bk3s1/k3s-airgap-images-arm64.tar.zst",
"sha256": "1lic564naj9323dkkq0z0y10n3j3yfmhixargqqs60syanfvj2p7"
},
"images-list": {
"url": "https://github.com/k3s-io/k3s/releases/download/v1.28.11%2Bk3s2/k3s-images.txt",
"sha256": "0245zra2h8756kq2v8nwl6gji749xlvy1y1bkab8vz5b0vpqhfxy"
"url": "https://github.com/k3s-io/k3s/releases/download/v1.28.12%2Bk3s1/k3s-images.txt",
"sha256": "1my3lfs5rfazcnnpsc9dj84dfnxx88xydrl86z6yw5n5p84x4nif"
}
}

12
pkgs/applications/networking/cluster/k3s/1_28/versions.nix
View File

@ -1,12 +1,12 @@
{
k3sVersion = "1.28.11+k3s2";
k3sCommit = "d076d9a78cb835279a04f12c816ff4404884862e";
k3sRepoSha256 = "1k1k3qmxc7n2h2i0g52ad4gnpq0qrvxnl7p2y0g9dss1ancgqwsd";
k3sVendorHash = "sha256-tzcMcsTmY8lG+9EyYkzYJm1YU/8tGpxpH7oZ4Jl/yNU=";
k3sVersion = "1.28.12+k3s1";
k3sCommit = "4717e2a58e04f0ba3d9f43d574a7eff01dea9146";
k3sRepoSha256 = "02wywlqqna0dj9cam6q3ykb3p5mi96f6lclrg5yhjky7jdvkffds";
k3sVendorHash = "sha256-RyUlaGQnfrCm4cB5FRs9IAeF+zn4LzAXmIViU3o30Z4=";
chartVersions = import ./chart-versions.nix;
imagesVersions = builtins.fromJSON (builtins.readFile ./images-versions.json);
k3sRootVersion = "0.12.2";
k3sRootSha256 = "1gjynvr350qni5mskgm7pcc7alss4gms4jmkiv453vs8mmma9c9k";
k3sRootVersion = "0.14.0";
k3sRootSha256 = "15cs9faw3jishsb5nhgmb5ldjc47hkwf7hz2126fp8ahf80m0fcl";
k3sCNIVersion = "1.4.0-k3s2";
k3sCNISha256 = "17dg6jgjx18nrlyfmkv14dhzxsljz4774zgwz5dchxcf38bvarqa";
containerdVersion = "1.7.17-k3s1.28";

16
pkgs/applications/networking/cluster/k3s/1_29/images-versions.json
View File

@ -1,18 +1,18 @@
{
"airgap-images-amd64": {
"url": "https://github.com/k3s-io/k3s/releases/download/v1.29.6%2Bk3s2/k3s-airgap-images-amd64.tar.zst",
"sha256": "1d1adpjxxgkflm4xqzynsib67pga85r1qmhkhh540nl0rppbq7gr"
"url": "https://github.com/k3s-io/k3s/releases/download/v1.29.7%2Bk3s1/k3s-airgap-images-amd64.tar.zst",
"sha256": "1dyh107ygnlv9gyq2f9jdgrwjiyg25a61id69z48vc60gq480888"
},
"airgap-images-arm": {
"url": "https://github.com/k3s-io/k3s/releases/download/v1.29.6%2Bk3s2/k3s-airgap-images-arm.tar.zst",
"sha256": "07c085y5qy8h5ja2ms3np61d7wkp6gic82snx70qlsm5fm3ak3z7"
"url": "https://github.com/k3s-io/k3s/releases/download/v1.29.7%2Bk3s1/k3s-airgap-images-arm.tar.zst",
"sha256": "16l6d1ix3ri1l2wr2k5brg11a1snbkqhqasrk69wrix6diddklrn"
},
"airgap-images-arm64": {
"url": "https://github.com/k3s-io/k3s/releases/download/v1.29.6%2Bk3s2/k3s-airgap-images-arm64.tar.zst",
"sha256": "0ljajvz0n0mmwkdl1rwpwqmhgxqivakdpfyaqsascdzfk0qpv5gp"
"url": "https://github.com/k3s-io/k3s/releases/download/v1.29.7%2Bk3s1/k3s-airgap-images-arm64.tar.zst",
"sha256": "0pg4nzh1rf28003yxhl3jklxs41vjjgldviybvnqqp146ib6hy0r"
},
"images-list": {
"url": "https://github.com/k3s-io/k3s/releases/download/v1.29.6%2Bk3s2/k3s-images.txt",
"sha256": "0245zra2h8756kq2v8nwl6gji749xlvy1y1bkab8vz5b0vpqhfxy"
"url": "https://github.com/k3s-io/k3s/releases/download/v1.29.7%2Bk3s1/k3s-images.txt",
"sha256": "1my3lfs5rfazcnnpsc9dj84dfnxx88xydrl86z6yw5n5p84x4nif"
}
}

12
pkgs/applications/networking/cluster/k3s/1_29/versions.nix
View File

@ -1,12 +1,12 @@
{
k3sVersion = "1.29.6+k3s2";
k3sCommit = "b4b156d9d14eeb475e789718b3a6b78aba00019e";
k3sRepoSha256 = "0wagfh4vbvyi62np6zx7b4p6myn0xavw691y78rnbl32jckiy14f";
k3sVendorHash = "sha256-o36gf3q7Vv+RoY681cL44rU2QFrdFW3EbRpw3dLcVTI=";
k3sVersion = "1.29.7+k3s1";
k3sCommit = "f246bbc390a05f45431e49617b58013fe06a460d";
k3sRepoSha256 = "0fv628rxxavqmb2gv0ncsx4m8ghn3v6ddn2n06x8q4ar27d9gijg";
k3sVendorHash = "sha256-pAOyGgEaO6ewNv+6yhDt83NZl95rmLseFUs4vlXNH6Q=";
chartVersions = import ./chart-versions.nix;
imagesVersions = builtins.fromJSON (builtins.readFile ./images-versions.json);
k3sRootVersion = "0.13.0";
k3sRootSha256 = "1jq5f0lm08abx5ikarf92z56fvx4kjpy2nmzaazblb34lajw87vj";
k3sRootVersion = "0.14.0";
k3sRootSha256 = "15cs9faw3jishsb5nhgmb5ldjc47hkwf7hz2126fp8ahf80m0fcl";
k3sCNIVersion = "1.4.0-k3s2";
k3sCNISha256 = "17dg6jgjx18nrlyfmkv14dhzxsljz4774zgwz5dchxcf38bvarqa";
containerdVersion = "1.7.17-k3s1";

16
pkgs/applications/networking/cluster/k3s/1_30/images-versions.json
View File

@ -1,18 +1,18 @@
{
"airgap-images-amd64": {
"url": "https://github.com/k3s-io/k3s/releases/download/v1.30.2%2Bk3s2/k3s-airgap-images-amd64.tar.zst",
"sha256": "1d1adpjxxgkflm4xqzynsib67pga85r1qmhkhh540nl0rppbq7gr"
"url": "https://github.com/k3s-io/k3s/releases/download/v1.30.3%2Bk3s1/k3s-airgap-images-amd64.tar.zst",
"sha256": "1ym7cdm3a2f05wgh4vba2g7q1zihrfvvm2zngcs0gm8djj7hy4d9"
},
"airgap-images-arm": {
"url": "https://github.com/k3s-io/k3s/releases/download/v1.30.2%2Bk3s2/k3s-airgap-images-arm.tar.zst",
"sha256": "1hjhlj4b5ddaqhpmqbbvhvgzryi5j84i8bmpl3yij87yjkz3kld7"
"url": "https://github.com/k3s-io/k3s/releases/download/v1.30.3%2Bk3s1/k3s-airgap-images-arm.tar.zst",
"sha256": "15mj949msrd30xhqryhpsvx1bi3pywm1z5bmi0h40qyzc1mcfvjk"
},
"airgap-images-arm64": {
"url": "https://github.com/k3s-io/k3s/releases/download/v1.30.2%2Bk3s2/k3s-airgap-images-arm64.tar.zst",
"sha256": "1r9rd70qp8x57j3hdpgwgkzchykphw0x4yd8c1jwjfaqm5df1w0d"
"url": "https://github.com/k3s-io/k3s/releases/download/v1.30.3%2Bk3s1/k3s-airgap-images-arm64.tar.zst",
"sha256": "1k2q6rzczajnrkj57p97fdr7lgmrfv7x54by2syngfwb5in8fhd5"
},
"images-list": {
"url": "https://github.com/k3s-io/k3s/releases/download/v1.30.2%2Bk3s2/k3s-images.txt",
"sha256": "0245zra2h8756kq2v8nwl6gji749xlvy1y1bkab8vz5b0vpqhfxy"
"url": "https://github.com/k3s-io/k3s/releases/download/v1.30.3%2Bk3s1/k3s-images.txt",
"sha256": "1my3lfs5rfazcnnpsc9dj84dfnxx88xydrl86z6yw5n5p84x4nif"
}
}

12
pkgs/applications/networking/cluster/k3s/1_30/versions.nix
View File

@ -1,12 +1,12 @@
{
k3sVersion = "1.30.2+k3s2";
k3sCommit = "faeaf1b01b2a708a46cae2a67c1b4d381ee1ba6b";
k3sRepoSha256 = "0hy0f44hj5n5nscr0p52dbklvj2ki2vs7k0cgh1r8xlg4p6fn1b0";
k3sVendorHash = "sha256-Mj9Q3TgqZoJluG4/nyuw2WHnB3OJ+/mlV7duzWt1B1A=";
k3sVersion = "1.30.3+k3s1";
k3sCommit = "f646604010affc6a1d3233a8a0870bca46bf80cf";
k3sRepoSha256 = "1sqa4cx5rihrqcnriq7if7sm4hx73ma975yyr5k9nvhg71dvlig3";
k3sVendorHash = "sha256-HMlYdWDUoELpwsfCtyCxVIcFULdvu5gna83lc79AUWc=";
chartVersions = import ./chart-versions.nix;
imagesVersions = builtins.fromJSON (builtins.readFile ./images-versions.json);
k3sRootVersion = "0.13.0";
k3sRootSha256 = "1jq5f0lm08abx5ikarf92z56fvx4kjpy2nmzaazblb34lajw87vj";
k3sRootVersion = "0.14.0";
k3sRootSha256 = "15cs9faw3jishsb5nhgmb5ldjc47hkwf7hz2126fp8ahf80m0fcl";
k3sCNIVersion = "1.4.0-k3s2";
k3sCNISha256 = "17dg6jgjx18nrlyfmkv14dhzxsljz4774zgwz5dchxcf38bvarqa";
containerdVersion = "1.7.17-k3s1";

6
pkgs/applications/networking/cluster/kubebuilder/default.nix
View File

@ -12,16 +12,16 @@
buildGoModule rec {
pname = "kubebuilder";
version = "4.1.0";
version = "4.1.1";
src = fetchFromGitHub {
owner = "kubernetes-sigs";
repo = "kubebuilder";
rev = "v${version}";
hash = "sha256-CaDGl8+gIbcUH+bxqye+XEFO7ZwFE7NGZmyrqn7vzTk=";
hash = "sha256-1/X8HuhzizrkiOyCZ7F6rq6G33oqVaf4uW9Sr94ogL8=";
};
vendorHash = "sha256-8f37IPO9PsYA/oHCtIjVrUgOTkXzkHv4cGTy5bUQP8s=";
vendorHash = "sha256-2b/c6t9RkHbBe894DPOETLMf4MpsTjXMtEoVG4FMo24=";
subPackages = ["cmd"];

4
pkgs/applications/networking/cluster/kubeshark/default.nix
View File

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "kubeshark";
version = "52.3.73";
version = "52.3.74";
src = fetchFromGitHub {
owner = "kubeshark";
repo = "kubeshark";
rev = "v${version}";
hash = "sha256-fhdHgkIsvB7cR5kCkvfzJuxrAVYvB4Y6NCGJpHolriA=";
hash = "sha256-MlYyTo30v9i1puSadbQRHCmUW7Kf9UV8X5Y7LQtRWaE=";
};
vendorHash = "sha256-b3Aq3970E19jOJPjw/e0ly1W9x9HiDN+bfuB4uP09BY=";

4
pkgs/applications/networking/cluster/kuma/default.nix
View File

@ -15,14 +15,14 @@
buildGoModule rec {
inherit pname;
version = "2.8.1";
version = "2.8.2";
tags = lib.optionals enableGateway [ "gateway" ];
src = fetchFromGitHub {
owner = "kumahq";
repo = "kuma";
rev = version;
hash = "sha256-k4XqFwpHlm6BmFORqc1IFGqbfLYqtHwLM2eSF3JV+0M=";
hash = "sha256-znjOMegh0lgFDonUXtRfs+1ZMN5Olzz01E2tX+tRcns=";
};
vendorHash = "sha256-FEdDOpz6C89OlzU3Pl4Uu6P0WgM4QsuccQ9vAHnb4xI=";

6
pkgs/applications/networking/cluster/rke/default.nix
View File

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "rke";
version = "1.5.10";
version = "1.6.0";
src = fetchFromGitHub {
owner = "rancher";
repo = pname;
rev = "v${version}";
hash = "sha256-e4YR3vYpaRVhwvBY8VwLp3XNXxnwYlS14VP0gSyLvJA=";
hash = "sha256-ZxNU76W7IGSn1cdzmiLI/eMO3dAd8bUQX+1cvANci2k=";
};
vendorHash = "sha256-++4d87ARL1czjL9I/AuodIP2PmbjjAQ5jf5x2bP16yQ=";
vendorHash = "sha256-Rr2BXCpliv9KF9wkXQLy6LxKxyPo1pO5SHUTcy2wETM=";
subPackages = [ "." ];

4
pkgs/applications/networking/firewalld/default.nix
View File

@ -31,13 +31,13 @@ let
in
stdenv.mkDerivation rec {
pname = "firewalld";
version = "2.2.0";
version = "2.2.1";
src = fetchFromGitHub {
owner = "firewalld";
repo = "firewalld";
rev = "v${version}";
sha256 = "sha256-MaBYJLNVlDEsMlnyNtf8G8D1Tnvcfv0/bXQ/8f7kBao=";
sha256 = "sha256-VI1LyedohInmZb7heNoZ/4cvLz5IImEE2tyNylvr2mU=";
};
patches = [

4
pkgs/applications/networking/instant-messengers/discord/default.nix
View File

@ -2,7 +2,7 @@
let
versions =
if stdenv.isLinux then {
stable = "0.0.63";
stable = "0.0.64";
ptb = "0.0.98";
canary = "0.0.465";
development = "0.0.24";
@ -17,7 +17,7 @@ let
x86_64-linux = {
stable = fetchurl {
url = "https://dl.discordapp.net/apps/linux/${version}/discord-${version}.tar.gz";
hash = "sha256-KtVX9EJPYmzDQd2beV/dDW8jjLDjacKZDrD72kLUwKo=";
hash = "sha256-tBopyhGRNDmtOWSwwiNnPJJm82sk3s76cUun7erHRbM=";
};
ptb = fetchurl {
url = "https://dl-ptb.discordapp.net/apps/linux/${version}/discord-ptb-${version}.tar.gz";

2
pkgs/applications/networking/instant-messengers/fluffychat/default.nix
View File

@ -8,6 +8,7 @@
, pulseaudio
, makeDesktopItem
, zenity
, olm
, targetFlutterPlatform ? "linux"
}:
@ -44,6 +45,7 @@ flutter319.buildFlutterApplication (rec {
maintainers = with maintainers; [ mkg20001 gilice ];
platforms = [ "x86_64-linux" "aarch64-linux" ];
sourceProvenance = [ sourceTypes.fromSource ];
inherit (olm.meta) knownVulnerabilities;
};
} // lib.optionalAttrs (targetFlutterPlatform == "linux") {
nativeBuildInputs = [ imagemagick ];

4
pkgs/applications/networking/irc/weechat/default.nix
View File

@ -36,14 +36,14 @@ let
in
assert lib.all (p: p.enabled -> ! (builtins.elem null p.buildInputs)) plugins;
stdenv.mkDerivation rec {
version = "4.3.5";
version = "4.3.6";
pname = "weechat";
hardeningEnable = [ "pie" ];
src = fetchurl {
url = "https://weechat.org/files/src/weechat-${version}.tar.xz";
hash = "sha256-5tvEyDLaXFuF5Jb+/BUjf7viqPe6L76B7gcdwMZrS+M=";
hash = "sha256-h4sGORUy3cQPS0lUYqIX68OZJeLq3+TfhOdqMxNkfJk=";
};
# Why is this needed? https://github.com/weechat/weechat/issues/2031

4
pkgs/applications/office/tryton/default.nix
View File

@ -17,8 +17,6 @@
, wrapGAppsHook3
}:
with lib;
python3Packages.buildPythonApplication rec {
pname = "tryton";
version = "7.2.4";
@ -61,7 +59,7 @@ python3Packages.buildPythonApplication rec {
doCheck = false;
meta = {
meta = with lib; {
description = "Client of the Tryton application platform";
mainProgram = "tryton";
longDescription = ''

10
pkgs/applications/science/chemistry/marvin/default.nix
View File

@ -1,14 +1,12 @@
{ lib, stdenv, fetchurl, dpkg, makeWrapper, coreutils, gawk, gnugrep, gnused, openjdk17 }:
with lib;
stdenv.mkDerivation rec {
pname = "marvin";
version = "23.17.0";
src = fetchurl {
name = "marvin-${version}.deb";
url = "http://dl.chemaxon.com/marvin/${version}/marvin_linux_${versions.majorMinor version}.deb";
url = "http://dl.chemaxon.com/marvin/${version}/marvin_linux_${lib.versions.majorMinor version}.deb";
hash = "sha256-zE/9EaOsNJwzE4Doasm9N8QG4t7wDOxqpV/Nhc4p7Ws=";
};
@ -22,7 +20,7 @@ stdenv.mkDerivation rec {
wrapBin() {
makeWrapper $1 $out/bin/$(basename $1) \
--set INSTALL4J_JAVA_HOME "${openjdk17}" \
--prefix PATH : ${makeBinPath [ coreutils gawk gnugrep gnused ]}
--prefix PATH : ${lib.makeBinPath [ coreutils gawk gnugrep gnused ]}
}
cp -r opt $out
mkdir -p $out/bin $out/share/pixmaps $out/share/applications
@ -33,12 +31,12 @@ stdenv.mkDerivation rec {
for name in cxcalc cxtrain evaluate molconvert mview msketch; do
wrapBin $out/opt/chemaxon/marvinsuite/bin/$name
done
${concatStrings (map (name: ''
${lib.concatStrings (map (name: ''
substitute ${./. + "/${name}.desktop"} $out/share/applications/${name}.desktop --subst-var out
'') [ "LicenseManager" "MarvinSketch" "MarvinView" ])}
'';
meta = {
meta = with lib; {
description = "Chemical modelling, analysis and structure drawing program";
homepage = "https://chemaxon.com/products/marvin";
maintainers = with maintainers; [ fusion809 ];

3
pkgs/applications/science/electronics/fped/default.nix
View File

@ -3,7 +3,6 @@
, pkg-config
}:
with lib;
stdenv.mkDerivation {
pname = "fped";
version = "unstable-2017-05-11";
@ -39,7 +38,7 @@ stdenv.mkDerivation {
gtk2
];
meta = {
meta = with lib; {
description = "Editor that allows the interactive creation of footprints electronic components";
mainProgram = "fped";
homepage = "http://projects.qi-hardware.com/index.php/p/fped/";

6
pkgs/applications/science/logic/monosat/default.nix
View File

@ -3,8 +3,6 @@
# annoying and break the python library, so let's not bother for now
includeJava ? !stdenv.hostPlatform.isDarwin, includeGplCode ? true }:
with lib;
let
boolToCmake = x: if x then "ON" else "OFF";
@ -52,14 +50,14 @@ let
"-DCMAKE_SKIP_BUILD_RPATH=ON"
];
postInstall = optionalString includeJava ''
postInstall = lib.optionalString includeJava ''
mkdir -p $out/share/java
cp monosat.jar $out/share/java
'';
passthru = { inherit python; };
meta = {
meta = with lib; {
description = "SMT solver for Monotonic Theories";
mainProgram = "monosat";
platforms = platforms.unix;

28
pkgs/applications/science/logic/z3/default.nix
View File

@ -16,8 +16,6 @@
assert javaBindings -> jdk != null;
assert ocamlBindings -> ocaml != null && findlib != null && zarith != null;
with lib;
let common = { version, sha256, patches ? [ ], tag ? "z3" }:
stdenv.mkDerivation rec {
pname = "z3";
@ -32,25 +30,25 @@ let common = { version, sha256, patches ? [ ], tag ? "z3" }:
strictDeps = true;
nativeBuildInputs = [ python ]
++ optional stdenv.hostPlatform.isDarwin fixDarwinDylibNames
++ optional javaBindings jdk
++ optionals ocamlBindings [ ocaml findlib ]
++ lib.optional stdenv.hostPlatform.isDarwin fixDarwinDylibNames
++ lib.optional javaBindings jdk
++ lib.optionals ocamlBindings [ ocaml findlib ]
;
propagatedBuildInputs = [ python.pkgs.setuptools ]
++ optionals ocamlBindings [ zarith ];
++ lib.optionals ocamlBindings [ zarith ];
enableParallelBuilding = true;
postPatch = optionalString ocamlBindings ''
postPatch = lib.optionalString ocamlBindings ''
export OCAMLFIND_DESTDIR=$ocaml/lib/ocaml/${ocaml.version}/site-lib
mkdir -p $OCAMLFIND_DESTDIR/stublibs
'';
configurePhase = concatStringsSep " "
configurePhase = lib.concatStringsSep " "
(
[ "${python.pythonOnBuildForHost.interpreter} scripts/mk_make.py --prefix=$out" ]
++ optional javaBindings "--java"
++ optional ocamlBindings "--ml"
++ optional pythonBindings "--python --pypkgdir=$out/${python.sitePackages}"
++ lib.optional javaBindings "--java"
++ lib.optional ocamlBindings "--ml"
++ lib.optional pythonBindings "--python --pypkgdir=$out/${python.sitePackages}"
) + "\n" + "cd build";
doCheck = true;
@ -63,19 +61,19 @@ let common = { version, sha256, patches ? [ ], tag ? "z3" }:
mkdir -p $dev $lib
mv $out/lib $lib/lib
mv $out/include $dev/include
'' + optionalString pythonBindings ''
'' + lib.optionalString pythonBindings ''
mkdir -p $python/lib
mv $lib/lib/python* $python/lib/
ln -sf $lib/lib/libz3${stdenv.hostPlatform.extensions.sharedLibrary} $python/${python.sitePackages}/z3/lib/libz3${stdenv.hostPlatform.extensions.sharedLibrary}
'' + optionalString javaBindings ''
'' + lib.optionalString javaBindings ''
mkdir -p $java/share/java
mv com.microsoft.z3.jar $java/share/java
moveToOutput "lib/libz3java.${stdenv.hostPlatform.extensions.sharedLibrary}" "$java"
'';
outputs = [ "out" "lib" "dev" "python" ]
++ optional javaBindings "java"
++ optional ocamlBindings "ocaml";
++ lib.optional javaBindings "java"
++ lib.optional ocamlBindings "ocaml";
meta = with lib; {
description = "High-performance theorem prover and SMT solver";

19
pkgs/applications/science/math/ripser/default.nix
View File

@ -5,14 +5,11 @@
, fileFormat ? "lowerTriangularCsv"
}:
with lib;
assert assertOneOf "fileFormat" fileFormat
assert lib.assertOneOf "fileFormat" fileFormat
["lowerTriangularCsv" "upperTriangularCsv" "dipha"];
assert useGoogleHashmap -> sparsehash != null;
let
inherit (lib) optional;
version = "1.2.1";
in
stdenv.mkDerivation {
@ -26,19 +23,19 @@ stdenv.mkDerivation {
sha256 = "sha256-BxmkPQ/nl5cF+xwQMTjXnLgkLgdmT/39y7Kzl2wDfpE=";
};
buildInputs = optional useGoogleHashmap sparsehash;
buildInputs = lib.optional useGoogleHashmap sparsehash;
buildFlags = [
"-std=c++11"
"-O3"
"-D NDEBUG"
]
++ optional useCoefficients "-D USE_COEFFICIENTS"
++ optional indicateProgress "-D INDICATE_PROGRESS"
++ optional useGoogleHashmap "-D USE_GOOGLE_HASHMAP"
++ optional (fileFormat == "lowerTriangularCsv") "-D FILE_FORMAT_LOWER_TRIANGULAR_CSV"
++ optional (fileFormat == "upperTriangularCsv") "-D FILE_FORMAT_UPPER_TRIANGULAR_CSV"
++ optional (fileFormat == "dipha") "-D FILE_FORMAT_DIPHA"
++ lib.optional useCoefficients "-D USE_COEFFICIENTS"
++ lib.optional indicateProgress "-D INDICATE_PROGRESS"
++ lib.optional useGoogleHashmap "-D USE_GOOGLE_HASHMAP"
++ lib.optional (fileFormat == "lowerTriangularCsv") "-D FILE_FORMAT_LOWER_TRIANGULAR_CSV"
++ lib.optional (fileFormat == "upperTriangularCsv") "-D FILE_FORMAT_UPPER_TRIANGULAR_CSV"
++ lib.optional (fileFormat == "dipha") "-D FILE_FORMAT_DIPHA"
;
buildPhase = "c++ ripser.cpp -o ripser $buildFlags";

8
pkgs/applications/science/math/wolfram-engine/l10ns.nix
View File

@ -45,7 +45,7 @@ let allVersions = with lib; flip map
]
({ version, lang, language, sha256, installer }: {
inherit version lang;
name = "wolfram-engine-${version}" + optionalString (lang != "en") "-${lang}";
name = "wolfram-engine-${version}" + lib.optionalString (lang != "en") "-${lang}";
src = requireFile {
name = installer;
message = ''
@ -58,14 +58,12 @@ let allVersions = with lib; flip map
};
});
minVersion =
with lib;
if majorVersion == null
then elemAt (builtins.splitVersion (elemAt allVersions 0).version) 0
then lib.elemAt (builtins.splitVersion (lib.elemAt allVersions 0).version) 0
else majorVersion;
maxVersion = toString (1 + builtins.fromJSON minVersion);
in
with lib;
findFirst (l: (l.lang == lang
lib.findFirst (l: (l.lang == lang
&& l.version >= minVersion
&& l.version < maxVersion))
(throw "Version ${minVersion} in language ${lang} not supported")

3
pkgs/applications/science/medicine/dcmtk/default.nix
View File

@ -1,7 +1,6 @@
{ lib, stdenv, fetchFromGitHub, zlib, libtiff, libxml2, openssl, libiconv
, libpng, cmake }:
with lib;
stdenv.mkDerivation rec {
pname = "dcmtk";
version = "3.6.8";
@ -17,7 +16,7 @@ stdenv.mkDerivation rec {
doCheck = true;
meta = {
meta = with lib; {
description =
"Collection of libraries and applications implementing large parts of the DICOM standard";
longDescription = ''

20
pkgs/applications/science/misc/simgrid/default.nix
View File

@ -12,8 +12,6 @@
, withoutBin ? false
}:
with lib;
let
optionOnOff = option: if option then "on" else "off";
in
@ -32,15 +30,15 @@ stdenv.mkDerivation rec {
propagatedBuildInputs = [ boost ];
nativeBuildInputs = [ cmake perl python3 ]
++ optionals fortranSupport [ gfortran ]
++ optionals buildJavaBindings [ openjdk ]
++ optionals buildPythonBindings [ python3Packages.pybind11 ]
++ optionals buildDocumentation [ fig2dev ghostscript doxygen ]
++ optionals bmfSupport [ eigen ]
++ optionals modelCheckingSupport [ libunwind libevent elfutils ];
++ lib.optionals fortranSupport [ gfortran ]
++ lib.optionals buildJavaBindings [ openjdk ]
++ lib.optionals buildPythonBindings [ python3Packages.pybind11 ]
++ lib.optionals buildDocumentation [ fig2dev ghostscript doxygen ]
++ lib.optionals bmfSupport [ eigen ]
++ lib.optionals modelCheckingSupport [ libunwind libevent elfutils ];
outputs = [ "out" ]
++ optionals buildPythonBindings [ "python" ];
++ lib.optionals buildPythonBindings [ "python" ];
# "Release" does not work. non-debug mode is Debug compiled with optimization
cmakeBuildType = "Debug";
@ -69,7 +67,7 @@ stdenv.mkDerivation rec {
# RPATH of binary /nix/store/.../bin/... contains a forbidden reference to /build/
"-DCMAKE_SKIP_BUILD_RPATH=ON"
];
makeFlags = optional debug "VERBOSE=1";
makeFlags = lib.optional debug "VERBOSE=1";
# needed to run tests and to ensure correct shabangs in output scripts
preBuild = ''
@ -106,7 +104,7 @@ stdenv.mkDerivation rec {
hardeningDisable = lib.optionals debug [ "fortify" ];
dontStrip = debug;
meta = {
meta = with lib; {
description = "Framework for the simulation of distributed applications";
longDescription = ''
SimGrid is a toolkit that provides core functionalities for the

1
pkgs/applications/terminal-emulators/hyper/default.nix
View File

@ -54,5 +54,6 @@ stdenv.mkDerivation rec {
license = licenses.mit;
platforms = [ "x86_64-linux" ];
mainProgram = "hyper";
broken = true; # Error: 'node-pty' failed to load
};
}

18
pkgs/applications/terminal-emulators/rxvt-unicode/default.nix
View File

@ -33,8 +33,6 @@ let
};
in
with lib;
stdenv.mkDerivation {
name = "${pname}-unwrapped-${version}";
inherit pname version;
@ -49,8 +47,8 @@ stdenv.mkDerivation {
[ libX11 libXt libXft ncurses # required to build the terminfo file
fontconfig freetype libXrender
libptytty
] ++ optionals perlSupport [ perl libXext ]
++ optional gdkPixbufSupport gdk-pixbuf;
] ++ lib.optionals perlSupport [ perl libXext ]
++ lib.optional gdkPixbufSupport gdk-pixbuf;
outputs = [ "out" "terminfo" ];
@ -73,19 +71,19 @@ stdenv.mkDerivation {
./patches/9.06-font-width.patch
]) ++ [
./patches/256-color-resources.patch
] ++ optional (perlSupport && versionAtLeast perl.version "5.38") (fetchpatch {
] ++ lib.optional (perlSupport && lib.versionAtLeast perl.version "5.38") (fetchpatch {
name = "perl538-locale-c.patch";
url = "https://github.com/exg/rxvt-unicode/commit/16634bc8dd5fc4af62faf899687dfa8f27768d15.patch";
excludes = [ "Changes" ];
sha256 = "sha256-JVqzYi3tcWIN2j5JByZSztImKqbbbB3lnfAwUXrumHM=";
}) ++ optional stdenv.isDarwin ./patches/makefile-phony.patch;
}) ++ lib.optional stdenv.isDarwin ./patches/makefile-phony.patch;
configureFlags = [
"--with-terminfo=${placeholder "terminfo"}/share/terminfo"
"--enable-256-color"
(enableFeature perlSupport "perl")
(enableFeature unicode3Support "unicode3")
] ++ optional emojiSupport "--enable-wide-glyphs";
(lib.enableFeature perlSupport "perl")
(lib.enableFeature unicode3Support "unicode3")
] ++ lib.optional emojiSupport "--enable-wide-glyphs";
LDFLAGS = [ "-lfontconfig" "-lXrender" "-lpthread" ];
CFLAGS = [ "-I${freetype.dev}/include/freetype2" ];
@ -111,7 +109,7 @@ stdenv.mkDerivation {
passthru.tests.test = nixosTests.terminal-emulators.urxvt;
meta = {
meta = with lib; {
inherit description;
homepage = "http://software.schmorp.de/pkg/rxvt-unicode.html";
downloadPage = "http://dist.schmorp.de/rxvt-unicode/Attic/";

6
pkgs/applications/version-management/git-octopus/default.nix
View File

@ -1,7 +1,5 @@
{ lib, stdenv, fetchFromGitHub, git, perl, makeWrapper }:
with lib;
stdenv.mkDerivation rec {
pname = "git-octopus";
version = "1.4";
@ -13,7 +11,7 @@ stdenv.mkDerivation rec {
# perl provides shasum
postInstall = ''
for f in $out/bin/*; do
wrapProgram $f --prefix PATH : ${makeBinPath [ git perl ]}
wrapProgram $f --prefix PATH : ${lib.makeBinPath [ git perl ]}
done
'';
@ -24,7 +22,7 @@ stdenv.mkDerivation rec {
sha256 = "14p61xk7jankp6gc26xciag9fnvm7r9vcbhclcy23f4ghf4q4sj1";
};
meta = {
meta = with lib; {
homepage = "https://github.com/lesfurets/git-octopus";
description = "Continuous merge workflow";
license = licenses.lgpl3;

4
pkgs/applications/version-management/git-subrepo/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "git-subrepo";
version = "0.4.6";
version = "0.4.9";
src = fetchFromGitHub {
owner = "ingydotnet";
repo = "git-subrepo";
rev = version;
sha256 = "sha256-83N0Ek6DawUrOc6s2Utzi8776bX4UTGS/a/OffkV44Y=";
sha256 = "sha256-Fwh4haGXVDsLexe/1kjUhY4lF6u5cTrAwivZiOkPig0=";
};
nativeBuildInputs = [

6
pkgs/applications/version-management/gitkraken/default.nix
View File

@ -55,8 +55,6 @@
cacert,
}:
with lib;
let
pname = "gitkraken";
version = "10.2.0";
@ -82,7 +80,7 @@ let
src = srcs.${stdenv.hostPlatform.system} or throwSystem;
meta = {
meta = with lib; {
homepage = "https://www.gitkraken.com/git-client";
description = "Simplifying Git for any OS";
sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ];
@ -108,7 +106,7 @@ let
dontBuild = true;
dontConfigure = true;
libPath = makeLibraryPath [
libPath = lib.makeLibraryPath [
stdenv.cc.cc.lib
curlWithGnuTls
udev

12
pkgs/applications/version-management/gogs/default.nix
View File

@ -4,8 +4,6 @@
, pamSupport ? true
}:
with lib;
buildGoModule rec {
pname = "gogs";
version = "0.13.0";
@ -27,19 +25,19 @@ buildGoModule rec {
nativeBuildInputs = [ makeWrapper openssh ];
buildInputs = optional pamSupport pam;
buildInputs = lib.optional pamSupport pam;
tags =
( optional sqliteSupport "sqlite"
++ optional pamSupport "pam");
( lib.optional sqliteSupport "sqlite"
++ lib.optional pamSupport "pam");
postInstall = ''
wrapProgram $out/bin/gogs \
--prefix PATH : ${makeBinPath [ bash git gzip openssh ]}
--prefix PATH : ${lib.makeBinPath [ bash git gzip openssh ]}
'';
meta = {
meta = with lib; {
description = "Painless self-hosted Git service";
homepage = "https://gogs.io";
license = licenses.mit;

8
pkgs/applications/video/dmlive/default.nix
View File

@ -14,16 +14,16 @@
rustPlatform.buildRustPackage rec {
pname = "dmlive";
version = "5.3.2";
version = "5.5.4";
src = fetchFromGitHub {
owner = "THMonster";
repo = pname;
rev = "3736d83ac0920de78ac82fe331bc6b16dc72b5cd"; # no tag
hash = "sha256-3agUeAv6Nespn6GNw4wmy8HNPQ0VIgZAMnKiV/myKbA=";
rev = "688ddda12ed70a7ad25ede63e948e1cba143a307"; # no tag
hash = "sha256-M7IZ2UzusWovyhigyUXasmSEz4J79gnFyivHVUqfUKg=";
};
cargoHash = "sha256-MxkWaEn/gMMOuje7lu7PlqsQjnF0LWpV9JzmFBG1ukU=";
cargoHash = "sha256-d3vI2iv2Db1XZQc3uaNfkUpDyNKPvHkb/0zEwRTOWZ0=";
OPENSSL_NO_VENDOR = true;

9
pkgs/applications/video/mpv/scripts/default.nix
View File

@ -140,13 +140,12 @@ let
};
in
with lib;
pipe scope [
(makeScope newScope)
lib.pipe scope [
(lib.makeScope newScope)
(
self:
assert builtins.intersectAttrs self aliases == { };
self // optionalAttrs config.allowAliases aliases
self // lib.optionalAttrs config.allowAliases aliases
)
recurseIntoAttrs
lib.recurseIntoAttrs
]

5
pkgs/applications/video/vcs/default.nix
View File

@ -3,7 +3,6 @@
, util-linux, getopt
, dejavu_fonts
}:
with lib;
let
version = "1.13.4";
gopt = if stdenv.isLinux then util-linux else getopt;
@ -29,10 +28,10 @@ stdenv.mkDerivation {
mv vcs $out/bin/vcs
substituteAllInPlace $out/bin/vcs
chmod +x $out/bin/vcs
wrapProgram $out/bin/vcs --argv0 vcs --set PATH "${makeBinPath runtimeDeps}"
wrapProgram $out/bin/vcs --argv0 vcs --set PATH "${lib.makeBinPath runtimeDeps}"
'';
meta = {
meta = with lib; {
description = "Generates contact sheets from video files";
homepage = "http://p.outlyer.net/vcs";
license = licenses.lgpl21Plus;

254
pkgs/applications/virtualization/cloud-hypervisor/Cargo.lock generated
View File

@ -12,9 +12,9 @@ dependencies = [
[[package]]
name = "addr2line"
version = "0.21.0"
version = "0.22.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8a30b2e23b9e17a9f90641c7ab1549cd9b44f296d3ccbf309d2863cfe398a0cb"
checksum = "6e4503c46a5c0c7844e948c9a4d6acd9f50cccb4de1c48eb9e291ea17470c678"
dependencies = [
"gimli",
]
@ -36,23 +36,24 @@ dependencies = [
[[package]]
name = "anstream"
version = "0.6.13"
version = "0.6.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d96bd03f33fe50a863e394ee9718a706f988b9079b20c3784fb726e7678b62fb"
checksum = "418c75fa768af9c03be99d17643f93f79bbba589895012a80e3452a19ddda15b"
dependencies = [
"anstyle",
"anstyle-parse",
"anstyle-query",
"anstyle-wincon",
"colorchoice",
"is_terminal_polyfill",
"utf8parse",
]
[[package]]
name = "anstyle"
version = "1.0.6"
version = "1.0.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8901269c6307e8d93993578286ac0edf7f195079ffff5ebdeea6a59ffb7e36bc"
checksum = "038dfcf04a5feb68e9c60b21c9625a54c2c0616e79b72b0fd87075a056ae1d1b"
[[package]]
name = "anstyle-parse"
@ -74,9 +75,9 @@ dependencies = [
[[package]]
name = "anstyle-wincon"
version = "3.0.3"
version = "3.0.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "61a38449feb7068f52bb06c12759005cf459ee52bb4adc1d5a7c4322d716fb19"
checksum = "5bf74e1b6e971609db8ca7a9ce79fd5768ab6ae46441c572e46cf596f59e57f8"
dependencies = [
"anstyle",
"windows-sys 0.52.0",
@ -84,9 +85,9 @@ dependencies = [
[[package]]
name = "anyhow"
version = "1.0.81"
version = "1.0.86"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0952808a6c2afd1aa8947271f3a60f1a6763c7b912d210184c5149b5cf147247"
checksum = "b3d1d046238990b9cf5bcde22a3fb3584ee5cf65fb2765f454ed428c7a0063da"
[[package]]
name = "api_client"
@ -136,9 +137,9 @@ dependencies = [
[[package]]
name = "async-channel"
version = "2.2.0"
version = "2.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f28243a43d821d11341ab73c80bed182dc015c514b951616cf79bd4af39af0c3"
checksum = "9f2776ead772134d55b62dd45e59a79e21612d85d0af729b8b7d3967d601a62a"
dependencies = [
"concurrent-queue",
"event-listener 5.3.0",
@ -281,9 +282,9 @@ checksum = "0c4b4d0bd25bd0b74681c0ad21497610ce1b7c91b1022cd21c80c6fbdd9476b0"
[[package]]
name = "backtrace"
version = "0.3.71"
version = "0.3.73"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "26b05800d2e817c8b3b4b54abd461726265fa9789ae34330622f2db9ee696f9d"
checksum = "5cc23269a4f8976d0a4d2e7109211a419fe30e8d88d677cd60b6bc79c5732e0a"
dependencies = [
"addr2line",
"cc",
@ -296,9 +297,9 @@ dependencies = [
[[package]]
name = "bitfield-struct"
version = "0.5.6"
version = "0.7.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a26b8cea8bb6a81b75a84603b9e096f05fa86db057904ef29be1deee900532bd"
checksum = "6c2ce686adbebce0ee484a502c440b4657739adbad65eadf06d64f5816ee9765"
dependencies = [
"proc-macro2",
"quote",
@ -313,9 +314,9 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
[[package]]
name = "bitflags"
version = "2.5.0"
version = "2.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cf4b9d6a944f767f8e5e0db018570623c85f3d925ac718db4e06d0187adb21c1"
checksum = "b048fb63fd8b5923fc5aa7b340d8e156aec7ec02f0c78fa8a6ddc2613f6f71de"
[[package]]
name = "block"
@ -362,9 +363,9 @@ dependencies = [
[[package]]
name = "bumpalo"
version = "3.15.4"
version = "3.16.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7ff69b9dd49fd426c69a0db9fc04dd934cdb6645ff000864d98f7e2af8830eaa"
checksum = "79296716171880943b8470b5f8d03aa55eb2e645a4874bdbb28adb49162e012c"
[[package]]
name = "byteorder"
@ -420,7 +421,7 @@ checksum = "98cc8fbded0c607b7ba9dd60cd98df59af97e84d24e49c8557331cfc26d301ce"
[[package]]
name = "cloud-hypervisor"
version = "40.0.0"
version = "41.0.0"
dependencies = [
"anyhow",
"api_client",
@ -451,9 +452,9 @@ dependencies = [
[[package]]
name = "colorchoice"
version = "1.0.0"
version = "1.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "acbf1af155f9b9ef647e42cdc158db4b64a1b61f743629225fde6f3e0be2a7c7"
checksum = "d3fd119d74b830634cea2a0f58bbd0d54540518a14397557951e79340abc28c0"
[[package]]
name = "concurrent-queue"
@ -509,9 +510,9 @@ dependencies = [
[[package]]
name = "darling"
version = "0.20.9"
version = "0.20.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "83b2eb4d90d12bdda5ed17de686c2acb4c57914f8f921b8da7e112b5a36f3fe1"
checksum = "6f63b86c8a8826a49b8c21f08a2d07338eec8d900540f8630dc76284be802989"
dependencies = [
"darling_core",
"darling_macro",
@ -519,9 +520,9 @@ dependencies = [
[[package]]
name = "darling_core"
version = "0.20.9"
version = "0.20.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "622687fe0bac72a04e5599029151f5796111b90f1baaa9b544d807a5e31cd120"
checksum = "95133861a8032aaea082871032f5815eb9e98cef03fa916ab4500513994df9e5"
dependencies = [
"fnv",
"ident_case",
@ -533,9 +534,9 @@ dependencies = [
[[package]]
name = "darling_macro"
version = "0.20.9"
version = "0.20.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "733cabb43482b1a1b53eee8583c2b9e8684d592215ea83efd305dd31bc2f0178"
checksum = "d336a2a514f6ccccaa3e09b02d41d35330c07ddf03a62165fcec10bb561c7806"
dependencies = [
"darling_core",
"quote",
@ -566,12 +567,13 @@ dependencies = [
"acpi_tables",
"anyhow",
"arch",
"bitflags 2.5.0",
"bitflags 2.6.0",
"byteorder",
"event_monitor",
"hypervisor",
"libc",
"log",
"num_enum",
"pci",
"serde",
"thiserror",
@ -638,9 +640,9 @@ checksum = "a3d8a32ae18130a3c84dd492d4215c3d913c3b07c6b63c2eb3eb7ff1101ab7bf"
[[package]]
name = "enumflags2"
version = "0.7.9"
version = "0.7.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3278c9d5fb675e0a51dabcf4c0d355f692b064171535ba72361be1528a9d8e8d"
checksum = "d232db7f5956f3f14313dc2f87985c58bd2c695ce124c8cdd984e08e15ac133d"
dependencies = [
"enumflags2_derive",
"serde",
@ -648,9 +650,9 @@ dependencies = [
[[package]]
name = "enumflags2_derive"
version = "0.7.9"
version = "0.7.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5c785274071b1b420972453b306eeca06acf4633829db4223b58a2a8c5953bc4"
checksum = "de0d48a183585823424a4ce1aa132d174a6a81bd540895822eb4c8373a8e49e8"
dependencies = [
"proc-macro2",
"quote",
@ -686,7 +688,7 @@ version = "4.3.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "74351c3392ea1ff6cd2628e0042d268ac2371cb613252ff383b6dfa50d22fa79"
dependencies = [
"bitflags 2.5.0",
"bitflags 2.6.0",
"libc",
]
@ -698,9 +700,9 @@ checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5"
[[package]]
name = "errno"
version = "0.3.8"
version = "0.3.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a258e46cdc063eb8519c00b9fc845fc47bcfca4130e2f08e88665ceda8474245"
checksum = "534c5cf6194dfab3db3242765c03bbe257cf92f22b38f6bc0c58d59108a820ba"
dependencies = [
"libc",
"windows-sys 0.52.0",
@ -897,7 +899,7 @@ version = "0.7.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6341b3480afbb34eaefc7f92713bc92f2d83e338aaa1c44192f9c2956f4a4903"
dependencies = [
"bitflags 2.5.0",
"bitflags 2.6.0",
"cfg-if",
"log",
"managed",
@ -940,9 +942,9 @@ dependencies = [
[[package]]
name = "gimli"
version = "0.28.1"
version = "0.29.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4271d37baee1b8c7e4b708028c57d816cf9d2434acb33a549475f78c181f6253"
checksum = "40ecd4077b5ae9fd2e9e169b102c6c330d0605168eb0e8bf79952b256dbefffd"
[[package]]
name = "glob"
@ -1015,9 +1017,9 @@ checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39"
[[package]]
name = "igvm"
version = "0.3.1"
version = "0.3.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2bc8970c7e36437c52af3b3ef1acaa5e334c2a95cd8ee9639d574830f48af17e"
checksum = "7984b10433b50e06a06bd50c69bca4888a5d7de8975f64ea4c2a7687eb99b09d"
dependencies = [
"bitfield-struct",
"crc32fast",
@ -1032,9 +1034,9 @@ dependencies = [
[[package]]
name = "igvm_defs"
version = "0.3.1"
version = "0.3.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2c4942827cef415726296f6d62411afdb13c1b1924125f3222988f04bef33ad2"
checksum = "b64ec5588c475372ae830475d3ee9a7bd255407dcb9f03faf6d493556eb6105a"
dependencies = [
"bitfield-struct",
"open-enum",
@ -1080,6 +1082,12 @@ dependencies = [
"serde",
]
[[package]]
name = "is_terminal_polyfill"
version = "1.70.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f8478577c03552c21db0e2724ffb8986a5ce7af88107e6be5d2ee6e158c12800"
[[package]]
name = "itoa"
version = "1.0.11"
@ -1112,12 +1120,23 @@ version = "0.17.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bedae2ca4a531bebe311abaf9691f5cc14eaa21475243caa2e39c43bb872947d"
dependencies = [
"bitflags 2.5.0",
"bitflags 2.6.0",
"kvm-bindings",
"libc",
"vmm-sys-util",
]
[[package]]
name = "landlock"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dafb8a4afee64f167eb2b52d32f0eea002e41a7a6450e68c799c8ec3a81a634c"
dependencies = [
"enumflags2",
"libc",
"thiserror",
]
[[package]]
name = "lazy_static"
version = "1.4.0"
@ -1126,9 +1145,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
[[package]]
name = "libc"
version = "0.2.153"
version = "0.2.155"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9c198f91728a82281a64e1f4f9eeb25d82cb32a5de251c6bd1b5154d63a8e7bd"
checksum = "97b3888a4aecf77e811145cadf6eef5901f4782c53886191b2f693f24761847c"
[[package]]
name = "libredox"
@ -1136,7 +1155,7 @@ version = "0.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c0ff37bd590ca25063e35af745c343cb7a0271906fb7b37e4813e8f79f00268d"
dependencies = [
"bitflags 2.5.0",
"bitflags 2.6.0",
"libc",
]
@ -1156,9 +1175,9 @@ dependencies = [
[[package]]
name = "libz-sys"
version = "1.1.16"
version = "1.1.18"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5e143b5e666b2695d28f6bca6497720813f699c9602dd7f5cac91008b8ada7f9"
checksum = "c15da26e5af7e25c90b37a2d75cdbf940cf4a55316de9d84c679c9b8bfabf82e"
dependencies = [
"cc",
"libc",
@ -1193,9 +1212,9 @@ dependencies = [
[[package]]
name = "log"
version = "0.4.21"
version = "0.4.22"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "90ed8c1e510134f979dbc4f070f87d4313098b704861a105fe34231c70a3901c"
checksum = "a7a70ba024b9dc04c27ea2f0c0548feb474ec5c54bba33a7f72f873a39d07b24"
[[package]]
name = "managed"
@ -1311,7 +1330,7 @@ version = "0.28.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ab2156c4fce2f8df6c499cc1c763e4394b7482525bf2a9701c9d79d215f519e4"
dependencies = [
"bitflags 2.5.0",
"bitflags 2.6.0",
"cfg-if",
"cfg_aliases",
"libc",
@ -1335,19 +1354,20 @@ dependencies = [
[[package]]
name = "num_enum"
version = "0.7.2"
version = "0.7.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "02339744ee7253741199f897151b38e72257d13802d4ee837285cc2990a90845"
checksum = "4e613fc340b2220f734a8595782c551f1250e969d87d3be1ae0579e8d4065179"
dependencies = [
"num_enum_derive",
]
[[package]]
name = "num_enum_derive"
version = "0.7.2"
version = "0.7.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "681030a937600a36906c185595136d26abfebb4aa9c65701cefcaf8578bb982b"
checksum = "af1844ef2428cc3e1cb900be36181049ef3d3193c63e43026cfe202983b27a56"
dependencies = [
"proc-macro-crate",
"proc-macro2",
"quote",
"syn 2.0.66",
@ -1355,9 +1375,9 @@ dependencies = [
[[package]]
name = "object"
version = "0.32.2"
version = "0.36.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a6a622008b6e321afc04970976f62ee297fdbaa6f95318ca343e3eebb9648441"
checksum = "081b846d1d56ddfc18fdf1a922e4f6e07a11768ea1b92dec44e42b72712ccfce"
dependencies = [
"memchr",
]
@ -1370,29 +1390,29 @@ checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92"
[[package]]
name = "open-enum"
version = "0.4.1"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ba485b94b3e73fa752d98cfcab74647a4a537269682cc1ee5256aa020432506d"
checksum = "2eb2508143a400b3361812094d987dd5adc81f0f5294a46491be648d6c94cab5"
dependencies = [
"open-enum-derive",
]
[[package]]
name = "open-enum-derive"
version = "0.4.1"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fed1c261430059cab8b2b51eec42a3c15750439ec6c013cd8fe41d4a450de776"
checksum = "8d1296fab5231654a5aec8bf9e87ba4e3938c502fc4c3c0425a00084c78944be"
dependencies = [
"proc-macro2",
"quote",
"syn 1.0.109",
"syn 2.0.66",
]
[[package]]
name = "openssl-src"
version = "300.2.3+3.2.1"
version = "300.3.1+3.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5cff92b6f71555b61bb9315f7c64da3ca43d87531622120fea0195fc761b4843"
checksum = "7259953d42a81bf137fbbd73bd30a8e1914d6dce43c2b90ed575783a22608b91"
dependencies = [
"cc",
]
@ -1486,9 +1506,9 @@ dependencies = [
[[package]]
name = "paste"
version = "1.0.14"
version = "1.0.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "de3145af08024dea9fa9914f381a17b8fc6034dfb00f3a84013f7ff43f29ed4c"
checksum = "57c0d7b74b563b49d38dae00a0c37d4d6de9b432382b2892f0574ddcae73fd0a"
[[package]]
name = "pci"
@ -1538,9 +1558,9 @@ checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184"
[[package]]
name = "piper"
version = "0.2.1"
version = "0.2.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "668d31b1c4eba19242f2088b2bf3316b82ca31082a8335764db4e083db7485d4"
checksum = "ae1d5c74c9876f070d3e8fd503d748c7d974c3e48da8f41350fa5222ef9b4391"
dependencies = [
"atomic-waker",
"fastrand",
@ -1555,9 +1575,9 @@ checksum = "d231b230927b5e4ad203db57bbcbee2802f6bce620b1e4a9024a07d94e2907ec"
[[package]]
name = "pnet"
version = "0.34.0"
version = "0.35.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "130c5b738eeda2dc5796fe2671e49027e6935e817ab51b930a36ec9e6a206a64"
checksum = "682396b533413cc2e009fbb48aadf93619a149d3e57defba19ff50ce0201bd0d"
dependencies = [
"ipnetwork",
"pnet_base",
@ -1569,18 +1589,18 @@ dependencies = [
[[package]]
name = "pnet_base"
version = "0.34.0"
version = "0.35.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fe4cf6fb3ab38b68d01ab2aea03ed3d1132b4868fa4e06285f29f16da01c5f4c"
checksum = "ffc190d4067df16af3aba49b3b74c469e611cad6314676eaf1157f31aa0fb2f7"
dependencies = [
"no-std-net",
]
[[package]]
name = "pnet_datalink"
version = "0.34.0"
version = "0.35.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ad5854abf0067ebbd3967f7d45ebc8976ff577ff0c7bd101c4973ae3c70f98fe"
checksum = "e79e70ec0be163102a332e1d2d5586d362ad76b01cec86f830241f2b6452a7b7"
dependencies = [
"ipnetwork",
"libc",
@ -1591,9 +1611,9 @@ dependencies = [
[[package]]
name = "pnet_macros"
version = "0.34.0"
version = "0.35.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "688b17499eee04a0408aca0aa5cba5fc86401d7216de8a63fdf7a4c227871804"
checksum = "13325ac86ee1a80a480b0bc8e3d30c25d133616112bb16e86f712dcf8a71c863"
dependencies = [
"proc-macro2",
"quote",
@ -1603,18 +1623,18 @@ dependencies = [
[[package]]
name = "pnet_macros_support"
version = "0.34.0"
version = "0.35.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "eea925b72f4bd37f8eab0f221bbe4c78b63498350c983ffa9dd4bcde7e030f56"
checksum = "eed67a952585d509dd0003049b1fc56b982ac665c8299b124b90ea2bdb3134ab"
dependencies = [
"pnet_base",
]
[[package]]
name = "pnet_packet"
version = "0.34.0"
version = "0.35.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a9a005825396b7fe7a38a8e288dbc342d5034dac80c15212436424fef8ea90ba"
checksum = "4c96ebadfab635fcc23036ba30a7d33a80c39e8461b8bd7dc7bb186acb96560f"
dependencies = [
"glob",
"pnet_base",
@ -1624,9 +1644,9 @@ dependencies = [
[[package]]
name = "pnet_sys"
version = "0.34.0"
version = "0.35.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "417c0becd1b573f6d544f73671070b039051e5ad819cc64aa96377b536128d00"
checksum = "7d4643d3d4db6b08741050c2f3afa9a892c4244c085a72fcda93c9c2c9a00f4b"
dependencies = [
"libc",
"winapi",
@ -1634,9 +1654,9 @@ dependencies = [
[[package]]
name = "pnet_transport"
version = "0.34.0"
version = "0.35.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2637e14d7de974ee2f74393afccbc8704f3e54e6eb31488715e72481d1662cc3"
checksum = "5f604d98bc2a6591cf719b58d3203fd882bdd6bf1db696c4ac97978e9f4776bf"
dependencies = [
"libc",
"pnet_base",
@ -1661,9 +1681,12 @@ dependencies = [
[[package]]
name = "ppv-lite86"
version = "0.2.17"
version = "0.2.20"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de"
checksum = "77957b295656769bb8ad2b6a6b09d897d94f05c41b069aede1fcdaa675eaea04"
dependencies = [
"zerocopy",
]
[[package]]
name = "proc-macro-crate"
@ -1770,9 +1793,9 @@ dependencies = [
[[package]]
name = "regex"
version = "1.10.4"
version = "1.10.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c117dbdfde9c8308975b6a18d71f3f385c89461f7b3fb054288ecf2a2058ba4c"
checksum = "b91213439dad192326a0d7c6ee3955910425f441d7038e0d6933b0aec5c4517f"
dependencies = [
"aho-corasick",
"memchr",
@ -1799,9 +1822,9 @@ checksum = "adad44e29e4c806119491a7f06f03de4d1af22c3a680dd47f1e6e179439d1f56"
[[package]]
name = "remain"
version = "0.2.13"
version = "0.2.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ad9f2390298a947ee0aa6073d440e221c0726188cfbcdf9604addb6ee393eb4a"
checksum = "46aef80f842736de545ada6ec65b81ee91504efd6853f4b96de7414c42ae7443"
dependencies = [
"proc-macro2",
"quote",
@ -1826,7 +1849,7 @@ version = "0.38.34"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "70dc5ec042f7a43c4a73241207cecc9873a06d45debb38b329f8541d85c2730f"
dependencies = [
"bitflags 2.5.0",
"bitflags 2.6.0",
"errno",
"libc",
"linux-raw-sys",
@ -1876,9 +1899,9 @@ dependencies = [
[[package]]
name = "serde_json"
version = "1.0.115"
version = "1.0.120"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "12dc5c46daa8e9fdf4f5e71b6cf9a53f2487da0e86e55808e2d35539666497dd"
checksum = "4e0d21c9a8cae1235ad58a00c11cb40d4b1e5c784f1ef2c537876ed6ffd8b7c5"
dependencies = [
"itoa",
"ryu",
@ -1898,9 +1921,9 @@ dependencies = [
[[package]]
name = "serde_with"
version = "3.7.0"
version = "3.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ee80b0e361bbf88fd2f6e242ccd19cfda072cb0faa6ae694ecee08199938569a"
checksum = "69cecfa94848272156ea67b2b1a53f20fc7bc638c4a46d2f8abde08f05f4b857"
dependencies = [
"serde",
"serde_derive",
@ -1909,9 +1932,9 @@ dependencies = [
[[package]]
name = "serde_with_macros"
version = "3.7.0"
version = "3.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6561dc161a9224638a31d876ccdfefbc1df91d3f3a8342eddb35f055d48c7655"
checksum = "a8fee4991ef4f274617a51ad4af30519438dacb2f56ac773b08a1922ff743350"
dependencies = [
"darling",
"proc-macro2",
@ -1946,9 +1969,9 @@ dependencies = [
[[package]]
name = "signal-hook-registry"
version = "1.4.1"
version = "1.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d8229b473baa5980ac72ef434c4415e70c4b5e71b423043adb4ba059f89c99a1"
checksum = "a9e9e0b4211b72e7b8b6e85c807d36c212bdb33ea8587f7569562a84df5465b1"
dependencies = [
"libc",
]
@ -2062,18 +2085,18 @@ dependencies = [
[[package]]
name = "thiserror"
version = "1.0.61"
version = "1.0.62"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c546c80d6be4bc6a00c0f01730c08df82eaa7a7a61f11d656526506112cc1709"
checksum = "f2675633b1499176c2dff06b0856a27976a8f9d436737b4cf4f312d4d91d8bbb"
dependencies = [
"thiserror-impl",
]
[[package]]
name = "thiserror-impl"
version = "1.0.61"
version = "1.0.62"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "46c3384250002a6d5af4d114f2845d37b57521033f30d5c3f46c4d70e1197533"
checksum = "d20468752b09f49e909e55a5d338caa8bedf615594e9d80bc4c565d30faf798c"
dependencies = [
"proc-macro2",
"quote",
@ -2257,7 +2280,7 @@ version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6be08d1166d41a78861ad50212ab3f9eca0729c349ac3a7a8f557c62406b87cc"
dependencies = [
"bitflags 2.5.0",
"bitflags 2.6.0",
"libc",
"vm-memory",
"vmm-sys-util",
@ -2433,7 +2456,7 @@ dependencies = [
"anyhow",
"arc-swap",
"arch",
"bitflags 2.5.0",
"bitflags 2.6.0",
"block",
"blocking",
"cfg-if",
@ -2450,6 +2473,7 @@ dependencies = [
"hypervisor",
"igvm",
"igvm_defs",
"landlock",
"libc",
"linux-loader",
"log",
@ -2803,9 +2827,9 @@ dependencies = [
[[package]]
name = "zerocopy"
version = "0.7.32"
version = "0.7.35"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "74d4d3961e53fa4c9a25a8637fc2bfaf2595b3d3ae34875568a5cf64787716be"
checksum = "1b9b4fd18abc82b8136838da5d50bae7bdea537c574d8dc1a34ed098d6c166f0"
dependencies = [
"byteorder",
"zerocopy-derive",
@ -2813,9 +2837,9 @@ dependencies = [
[[package]]
name = "zerocopy-derive"
version = "0.7.32"
version = "0.7.35"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9ce1b18ccd8e73a9321186f97e46f9f04b778851177567b1975109d26a08d2a6"
checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e"
dependencies = [
"proc-macro2",
"quote",
@ -2824,9 +2848,9 @@ dependencies = [
[[package]]
name = "zvariant"
version = "4.1.1"
version = "4.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9aa6d31a02fbfb602bfde791de7fedeb9c2c18115b3d00f3a36e489f46ffbbc7"
checksum = "1724a2b330760dc7d2a8402d841119dc869ef120b139d29862d6980e9c75bfc9"
dependencies = [
"endi",
"enumflags2",
@ -2837,9 +2861,9 @@ dependencies = [
[[package]]
name = "zvariant_derive"
version = "4.1.1"
version = "4.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "642bf1b6b6d527988b3e8193d20969d53700a36eac734d21ae6639db168701c8"
checksum = "55025a7a518ad14518fb243559c058a2e5b848b015e31f1d90414f36e3317859"
dependencies = [
"proc-macro-crate",
"proc-macro2",

12
pkgs/applications/virtualization/cloud-hypervisor/default.nix
View File

@ -4,23 +4,15 @@
rustPlatform.buildRustPackage rec {
pname = "cloud-hypervisor";
version = "40.0";
version = "41.0";
src = fetchFromGitHub {
owner = "cloud-hypervisor";
repo = pname;
rev = "v${version}";
hash = "sha256-zrMJGdbOukNbzmcTuIcHlwAbJvTzhz53dc4TO/Fplb4=";
hash = "sha256-CI7hWRZUexvmBZJ8cPXxZxwmcxLnw6h9PFMhoaj9jh4=";
};
patches = [
(fetchpatch {
name = "ub.patch";
url = "https://github.com/cloud-hypervisor/cloud-hypervisor/commit/02f146fef81c4aa4a7ef3555c176d3b533158d7a.patch";
hash = "sha256-g9WcGJy8Q+Bc0egDfoQVSVfKqyXa8vkIZk+aYQyFuy8=";
})
];
cargoLock = {
lockFile = ./Cargo.lock;
outputHashes = {

6
pkgs/applications/virtualization/conmon-rs/default.nix
View File

@ -7,19 +7,19 @@
rustPlatform.buildRustPackage rec {
pname = "conmon-rs";
version = "0.6.3";
version = "0.6.5";
src = fetchFromGitHub {
owner = "containers";
repo = pname;
rev = "v${version}";
hash = "sha256-+RKjJtI01Y56+cFDdOSAL4BodI7R/rM3B3ht3p6+xzs=";
hash = "sha256-qb7n6AcRkv/nF0BQbPgdFqaklfJeC+PRzMh6EIykobY=";
};
nativeBuildInputs = [ capnproto protobuf ];
doCheck = false;
cargoHash = "sha256-4VOse+y0EO9IORyeAO/j1t6ssQARJp7lK21TUJVuH78=";
cargoVendorDir = ".cargo-vendor";
meta = with lib; {
description = "OCI container runtime monitor written in Rust";

5
pkgs/applications/virtualization/docker/gc.nix
View File

@ -1,7 +1,4 @@
{ stdenv, lib, fetchFromGitHub, makeWrapper, docker, coreutils, procps, gnused, findutils, gnugrep }:
with lib;
stdenv.mkDerivation rec {
pname = "docker-gc";
version = "unstable-2015-10-5";
@ -23,7 +20,7 @@ stdenv.mkDerivation rec {
--prefix PATH : "${lib.makeBinPath [ docker coreutils procps gnused findutils gnugrep ]}"
'';
meta = {
meta = with lib; {
description = "Docker garbage collection of containers and images";
mainProgram = "docker-gc";
license = licenses.asl20;

4
pkgs/applications/virtualization/podman/default.nix
View File

@ -65,13 +65,13 @@ let
in
buildGoModule rec {
pname = "podman";
version = "5.2.0";
version = "5.2.1";
src = fetchFromGitHub {
owner = "containers";
repo = "podman";
rev = "v${version}";
hash = "sha256-Rb9rOetMVxf1GhEOzZmaUwRI4nkPdJnpkpjIyJcb6r8=";
hash = "sha256-xwZfCPnn81Rvk2ceLxL8Dwaw2T0oc1agjrcauHYSRvU=";
};
patches = [

4
pkgs/applications/virtualization/tart/default.nix
View File

@ -10,11 +10,11 @@
}:
stdenvNoCC.mkDerivation (finalAttrs: {
pname = "tart";
version = "2.14.0";
version = "2.18.0";
src = fetchurl {
url = "https://github.com/cirruslabs/tart/releases/download/${finalAttrs.version}/tart-arm64.tar.gz";
hash = "sha256-3I4WSdWfPZd//pJiYXKcgpjx8qv4nSeMHHGJE1ja00o=";
hash = "sha256-no05QZpvaF7Kn9lU26lXjimHJn7xHydmh7Rv50aXPm4=";
};
sourceRoot = ".";

13
pkgs/applications/virtualization/virt-viewer/default.nix
View File

@ -32,9 +32,6 @@
, vte
, wrapGAppsHook3
}:
with lib;
stdenv.mkDerivation rec {
pname = "virt-viewer";
version = "11.0";
@ -76,18 +73,18 @@ stdenv.mkDerivation rec {
libvirt-glib
libxml2
vte
] ++ optionals ovirtSupport [
] ++ lib.optionals ovirtSupport [
libgovirt
] ++ optionals spiceSupport ([
] ++ lib.optionals spiceSupport ([
gdbm
spice-gtk
spice-protocol
] ++ optionals stdenv.isLinux [
] ++ lib.optionals stdenv.isLinux [
libcap
]);
# Required for USB redirection PolicyKit rules file
propagatedUserEnvPkgs = optional spiceSupport spice-gtk;
propagatedUserEnvPkgs = lib.optional spiceSupport spice-gtk;
mesonFlags = [
(lib.mesonEnable "ovirt" ovirtSupport)
@ -99,7 +96,7 @@ stdenv.mkDerivation rec {
patchShebangs build-aux/post_install.py
'';
meta = {
meta = with lib; {
description = "Viewer for remote virtual machines";
maintainers = with maintainers; [ raskin atemu ];
platforms = with platforms; linux ++ darwin;

5
pkgs/applications/virtualization/virtualbox/extpack.nix
View File

@ -1,7 +1,4 @@
{ fetchurl, lib, virtualbox }:
with lib;
let
inherit (virtualbox) version;
in
@ -15,7 +12,7 @@ fetchurl rec {
let value = "d750fb17688d70e0cb2d7b06f1ad3a661303793f4d1ac39cfa9a54806b89da25";
in assert (builtins.stringLength value) == 64; value;
meta = {
meta = with lib; {
description = "Oracle Extension pack for VirtualBox";
license = licenses.virtualbox-puel;
homepage = "https://www.virtualbox.org/";

5
pkgs/applications/virtualization/virtualbox/guest-additions/default.nix
View File

@ -1,9 +1,6 @@
{ stdenv, kernel, callPackage, lib, dbus
, xorg, zlib, patchelf, makeWrapper
}:
with lib;
let
virtualBoxNixGuestAdditionsBuilder = callPackage ./builder.nix { };
@ -103,7 +100,7 @@ in stdenv.mkDerivation {
host/guest clipboard support.
'';
sourceProvenance = with lib.sourceTypes; [ fromSource ];
license = licenses.gpl2;
license = lib.licenses.gpl2;
maintainers = [ lib.maintainers.sander lib.maintainers.friedrichaltheide ];
platforms = [ "i686-linux" "x86_64-linux" ];
broken = stdenv.hostPlatform.is32bit && (kernel.kernelAtLeast "5.10");

3
pkgs/applications/window-managers/fluxbox/default.nix
View File

@ -4,7 +4,6 @@
, libXinerama
, imlib2 }:
with lib;
stdenv.mkDerivation rec {
pname = "fluxbox";
@ -35,7 +34,7 @@ stdenv.mkDerivation rec {
--subst-var-by PREFIX "$out"
'';
meta = {
meta = with lib; {
description = "Full-featured, light-resource X window manager";
longDescription = ''
Fluxbox is a X window manager based on Blackbox 0.61.1 window

26
pkgs/applications/window-managers/i3/blocks-gaps.nix
View File

@ -4,11 +4,9 @@
"load_average" "memory" "volume" "wifi" ]
}:
with lib;
let
perlscripts = [ "battery" "cpu_usage" "openvpn" "temperature" ];
contains_any = l1: l2: 0 < length( intersectLists l1 l2 );
contains_any = l1: l2: 0 < lib.length( lib.intersectLists l1 l2 );
in
stdenv.mkDerivation rec {
@ -25,24 +23,24 @@ stdenv.mkDerivation rec {
makeFlags = [ "all" ];
installFlags = [ "PREFIX=\${out}" "VERSION=${version}" ];
buildInputs = optional (contains_any scripts perlscripts) perl;
buildInputs = lib.optional (contains_any scripts perlscripts) perl;
nativeBuildInputs = [ makeWrapper ];
postFixup = optionalString (elem "bandwidth" scripts) ''
postFixup = lib.optionalString (lib.elem "bandwidth" scripts) ''
wrapProgram $out/libexec/i3blocks/bandwidth \
--prefix PATH : ${makeBinPath [ iproute2 ]}
'' + optionalString (elem "battery" scripts) ''
--prefix PATH : ${lib.makeBinPath [ iproute2 ]}
'' + lib.optionalString (lib.elem "battery" scripts) ''
wrapProgram $out/libexec/i3blocks/battery \
--prefix PATH : ${makeBinPath [ acpi ]}
'' + optionalString (elem "cpu_usage" scripts) ''
--prefix PATH : ${lib.makeBinPath [ acpi ]}
'' + lib.optionalString (lib.elem "cpu_usage" scripts) ''
wrapProgram $out/libexec/i3blocks/cpu_usage \
--prefix PATH : ${makeBinPath [ sysstat ]}
'' + optionalString (elem "iface" scripts) ''
--prefix PATH : ${lib.makeBinPath [ sysstat ]}
'' + lib.optionalString (lib.elem "iface" scripts) ''
wrapProgram $out/libexec/i3blocks/iface \
--prefix PATH : ${makeBinPath [ iproute2 ]}
'' + optionalString (elem "volume" scripts) ''
--prefix PATH : ${lib.makeBinPath [ iproute2 ]}
'' + lib.optionalString (lib.elem "volume" scripts) ''
wrapProgram $out/libexec/i3blocks/volume \
--prefix PATH : ${makeBinPath [ alsa-utils ]}
--prefix PATH : ${lib.makeBinPath [ alsa-utils ]}
'';
meta = with lib; {

4
pkgs/applications/window-managers/i3/blocks.nix
View File

@ -1,7 +1,5 @@
{ fetchFromGitHub, fetchpatch, lib, stdenv, autoreconfHook, pkg-config }:
with lib;
stdenv.mkDerivation {
pname = "i3blocks";
version = "1.5";
@ -24,7 +22,7 @@ stdenv.mkDerivation {
nativeBuildInputs = [ autoreconfHook pkg-config ];
meta = {
meta = with lib; {
description = "Flexible scheduler for your i3bar blocks";
mainProgram = "i3blocks";
homepage = "https://github.com/vivien/i3blocks";

6
pkgs/applications/window-managers/miriway/default.nix
View File

@ -11,13 +11,13 @@
stdenv.mkDerivation (finalAttrs: {
pname = "miriway";
version = "0-unstable-2024-07-17";
version = "0-unstable-2024-08-14";
src = fetchFromGitHub {
owner = "Miriway";
repo = "Miriway";
rev = "810dea99773f96a4ef4471bf00c65089956ff97a";
hash = "sha256-hkHipu1ERiM8UH18NuyxILyxxXvyVTOSLBP/7Z64ZTg=";
rev = "2d00e8a61cb029cec96596897a1dada8033c601a";
hash = "sha256-DB07IGFXLQj2LsU8iVZrSda0FS/efKUAolet8fK9Clo=";
};
strictDeps = true;

4
pkgs/by-name/ar/arxiv-latex-cleaner/package.nix
View File

@ -5,13 +5,13 @@
}:
python3Packages.buildPythonApplication rec {
pname = "arxiv-latex-cleaner";
version = "1.0.6";
version = "1.0.8";
src = fetchFromGitHub {
owner = "google-research";
repo = "arxiv-latex-cleaner";
rev = "refs/tags/v${version}";
hash = "sha256-S/r5riFIsRG+5za+4kVvUXOLIJ3ELCDWlSpYeSuNs+s=";
hash = "sha256-CQb1u1j+/px+vNqA3iXZ2oe6/0ZWeMjWrUQL9elRDEI=";
};
propagatedBuildInputs = with python3Packages; [

6
pkgs/by-name/c2/c2patool/package.nix
View File

@ -10,16 +10,16 @@
}:
rustPlatform.buildRustPackage rec {
pname = "c2patool";
version = "0.9.6";
version = "0.9.7";
src = fetchFromGitHub {
owner = "contentauth";
repo = pname;
rev = "v${version}";
sha256 = "sha256-IESolMRRDJwLsWndXvat9otqPTPduQN1uZokx/tUCH0=";
sha256 = "sha256-5zHjPjWwYiUz+ebDoZkuEdZ+mbPTC3AnX6dTrhvjtPI=";
};
cargoHash = "sha256-cgL/88CuiqaSWj7HJABiZnIkEzJUhgPl6e2OJQ5LAnM=";
cargoHash = "sha256-lPCaR3s4Tfy0n6xGxK+eLAObRhmzXc57CI0JnVrF8sg=";
# use the non-vendored openssl
OPENSSL_NO_VENDOR = 1;

43
pkgs/by-name/ca/cargo-typify/package.nix
View File

@ -1,35 +1,58 @@
{ lib, rustfmt, rustPlatform, fetchFromGitHub, gitUpdater }:
{
lib,
rustfmt,
rustPlatform,
fetchFromGitHub,
gitUpdater,
makeWrapper,
}:
rustPlatform.buildRustPackage rec {
pname = "cargo-typify";
version = "0.0.14";
version = "0.1.0";
src = fetchFromGitHub {
owner = "oxidecomputer";
repo = "typify";
rev = "v${version}";
hash = "sha256-Clwm5hRjPPPRB6xpO8YOGpqnyNFtsSMkPbWBY3etPCI=";
hash = "sha256-vokhWIY5iikTyADrqxp6DIq+tJ+xdFPebDFTddJnstA=";
};
cargoHash = "sha256-balx5xOtrWwMOFeGQkYQ2f+lcGMCJvdPqE8rH9adkfU=";
cargoHash = "sha256-etlZqhtRCcCBeMC4lq6BjTD4TQyWEwJf1bLKjoIDR70=";
cargoBuildFlags = [ "-p" "cargo-typify" ];
nativeBuildInputs = [
rustfmt
makeWrapper
];
nativeCheckInputs = [ rustfmt ];
cargoBuildFlags = [
"--package"
"cargo-typify"
];
cargoTestFlags = [
"--package"
"cargo-typify"
];
strictDeps = true;
preCheck = ''
# cargo-typify depends on rustfmt-wrapper, which requires RUSTFMT:
export RUSTFMT="${lib.getExe rustfmt}"
'';
postInstall = ''
wrapProgram $out/bin/cargo-typify \
--set RUSTFMT "${lib.getExe rustfmt}"
'';
passthru.updateScript = gitUpdater { rev-prefix = "v"; };
meta = with lib; {
meta = {
description = "JSON Schema to Rust type converter";
mainProgram = "cargo-typify";
homepage = "https://github.com/oxidecomputer/typify";
license = with licenses; [ asl20 ];
maintainers = with maintainers; [ david-r-cox ];
broken = true;
license = with lib.licenses; [ asl20 ];
maintainers = with lib.maintainers; [ david-r-cox ];
};
}

6
pkgs/by-name/ce/centrifugo/package.nix
View File

@ -14,16 +14,16 @@ let
in
buildGoModule rec {
pname = "centrifugo";
version = "5.4.4";
version = "5.4.5";
src = fetchFromGitHub {
owner = "centrifugal";
repo = "centrifugo";
rev = "v${version}";
hash = "sha256-lZ2EWXg4aWDwsvziI4+9ECv6SlsdkElWJzf8JrByrSI=";
hash = "sha256-kbSHNtujHlT9l9VV9fVlVnTMOQSKdXSwMP/x0EGTNZo=";
};
vendorHash = "sha256-iS4ykyJfsKeQkEuTj5p243FZbULbGTYHEJ2JrATd7Vc=";
vendorHash = "sha256-gfz2jRGx8egAKCFaQOZfh7cthcXS9t8ugB0zF+tiYh0=";
ldflags = [
"-s"

2
pkgs/by-name/ce/cewler/package.nix
View File

@ -13,7 +13,7 @@ python3.pkgs.buildPythonApplication rec {
owner = "roys";
repo = "cewler";
rev = "v${version}";
hash = "sha256-nlF+B7Z1GRo3ZrGhG58c0vLcJAW+PvXT2tfFoyElw7w=";
hash = "sha256-lVI3p6YMugQ3yKHFNxISmUY7XZMuX/TXvVUoZfIeJog=";
};
nativeBuildInputs = with python3.pkgs; [

4
pkgs/by-name/ch/challenger/package.nix
View File

@ -21,12 +21,12 @@
stdenv.mkDerivation (finalAttrs: {
pname = "challenger";
version = "0.11.0";
version = "0.12.0";
src = fetchgit {
url = "https://git.taler.net/challenger.git";
rev = "v${finalAttrs.version}";
hash = "sha256-utME8ywCf4hjgOZWp4j2+dNPPLbAqHd80A62waVvONE=";
hash = "sha256-Qntwtcjjtu3Mbr8Wi5pgFq8KENaycGR4Y3hJ5+LBgTI=";
};
# https://git.taler.net/challenger.git/tree/bootstrap

6
pkgs/by-name/ch/chezmoi/package.nix
View File

@ -8,16 +8,16 @@
let
argset = {
pname = "chezmoi";
version = "2.52.0";
version = "2.52.1";
src = fetchFromGitHub {
owner = "twpayne";
repo = "chezmoi";
rev = "v${argset.version}";
hash = "sha256-RhzFIG93LglHd462e9ZdUYLGGlWn2EkJcEbk9EPrlfA=";
hash = "sha256-USDZ3tEXXOTNyA6tCJndZiHTDBFg70EFnvxYsrFbgi0=";
};
vendorHash = "sha256-3RJk8Pf445lF2C7kQsj0eOXcFBWCHwLx8+GrqO7nAPM=";
vendorHash = "sha256-xof2uSVUzWPlMhWU7p9/dlbHnr2/Keu7JpUUvuTB2dM=";
nativeBuildInputs = [
installShellFiles

2
pkgs/by-name/ci/cinny-unwrapped/package.nix
View File

@ -9,6 +9,7 @@
pango,
stdenv,
darwin,
olm,
}:
buildNpmPackage rec {
@ -54,5 +55,6 @@ buildNpmPackage rec {
maintainers = with lib.maintainers; [ abbe ];
license = lib.licenses.agpl3Only;
platforms = lib.platforms.all;
inherit (olm.meta) knownVulnerabilities;
};
}

24
pkgs/development/tools/language-servers/csharp-ls/default.nix → pkgs/by-name/cs/csharp-ls/package.nix
View File

@ -1,6 +1,8 @@
{ lib
, buildDotnetGlobalTool
, dotnetCorePackages
{
lib,
buildDotnetGlobalTool,
dotnetCorePackages,
nix-update-script,
}:
let
inherit (dotnetCorePackages) sdk_8_0;
@ -8,20 +10,24 @@ in
buildDotnetGlobalTool rec {
pname = "csharp-ls";
version = "0.14.0";
version = "0.15.0";
nugetHash = "sha256-agcx7VPIqGhl3NzdGLPwXYJsRuvSjL4SdbNg9vFjIh4=";
nugetHash = "sha256-Fp1D2z4x2e85z4IO4xQentS7dbqhFT3e/BPZm0d5L5M=";
dotnet-sdk = sdk_8_0;
dotnet-runtime = sdk_8_0;
meta = with lib; {
passthru.tests = {
updateScript = nix-update-script { };
};
meta = {
description = "Roslyn-based LSP language server for C#";
mainProgram = "csharp-ls";
homepage = "https://github.com/razzmatazz/csharp-language-server";
changelog = "https://github.com/razzmatazz/csharp-language-server/releases/tag/v${version}";
license = licenses.mit;
platforms = platforms.unix;
maintainers = with maintainers; [ GaetanLepage ];
license = lib.licenses.mit;
platforms = lib.platforms.unix;
maintainers = with lib.maintainers; [ GaetanLepage ];
};
}

5
pkgs/by-name/cz/czkawka/package.nix
View File

@ -28,14 +28,15 @@ let
rev = version;
hash = "sha256-SOWtLmehh1F8SoDQ+9d7Fyosgzya5ZztCv8IcJZ4J94=";
};
cargoHash = "sha256-GOX7V6NLEMP06nMeRZINwcWCaHwK6T3nkRKl4e25DPg=";
cargoPatches = [ ./time.patch ];
cargoHash = "sha256-cQv8C0P3xizsvnJODkTMJQA98P4nYSCHFT75isJE6es=";
buildRustPackage' = rustPlatform.buildRustPackage.override {
stdenv = if stdenv.isDarwin then overrideSDK stdenv "11.0" else stdenv;
};
in
buildRustPackage' {
inherit pname version src cargoHash;
inherit pname version src cargoPatches cargoHash;
nativeBuildInputs = [
gobject-introspection

28
pkgs/by-name/cz/czkawka/time.patch Normal file
View File

@ -0,0 +1,28 @@
diff --git a/Cargo.lock b/Cargo.lock
index 5ae2bd6..e4c6f18 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -5676,9 +5676,9 @@ dependencies = [
[[package]]
name = "time"
-version = "0.3.34"
+version = "0.3.36"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c8248b6521bb14bc45b4067159b9b6ad792e2d6d754d6c41fb50e29fefe38749"
+checksum = "5dfd88e563464686c916c7e46e623e520ddc6d79fa6641390f2e3fa86e83e885"
dependencies = [
"deranged",
"itoa",
@@ -5699,9 +5699,9 @@ checksum = "ef927ca75afb808a4d64dd374f00a2adf8d0fcff8e7b184af886c3c87ec4a3f3"
[[package]]
name = "time-macros"
-version = "0.2.17"
+version = "0.2.18"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7ba3a3ef41e6672a2f0f001392bb5dcd3ff0a9992d618ca761a11c3121547774"
+checksum = "3f252a68540fde3a3877aeea552b832b40ab9a69e318efd078774a01ddee1ccf"
dependencies = [
"num-conv",
"time-core",

34
pkgs/by-name/de/deepfilternet/Cargo.lock generated
View File

@ -1073,9 +1073,12 @@ dependencies = [
[[package]]
name = "deranged"
version = "0.3.8"
version = "0.3.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f2696e8a945f658fd14dc3b87242e6b80cd0f36ff04ea560fa39082368847946"
checksum = "b42b6fa04a440b495c8b04d0e71b707c585f83cb9cb28cf8cd0d976c315e31b4"
dependencies = [
"powerfmt",
]
[[package]]
name = "derivative"
@ -2805,6 +2808,12 @@ dependencies = [
"serde",
]
[[package]]
name = "num-conv"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "51d515d32fb182ee37cda2ccdcb92950d6a3c2893aa280e540671c2cd0f3b1d9"
[[package]]
name = "num-derive"
version = "0.3.3"
@ -3266,6 +3275,12 @@ dependencies = [
"windows-sys 0.48.0",
]
[[package]]
name = "powerfmt"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "439ee305def115ba05938db6eb1644ff94165c5ab5e9420d1c1bcedbba909391"
[[package]]
name = "ppv-lite86"
version = "0.2.17"
@ -4134,12 +4149,14 @@ dependencies = [
[[package]]
name = "time"
version = "0.3.28"
version = "0.3.36"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "17f6bb557fd245c28e6411aa56b6403c689ad95061f50e4be16c274e70a17e48"
checksum = "5dfd88e563464686c916c7e46e623e520ddc6d79fa6641390f2e3fa86e83e885"
dependencies = [
"deranged",
"itoa",
"num-conv",
"powerfmt",
"serde",
"time-core",
"time-macros",
@ -4147,16 +4164,17 @@ dependencies = [
[[package]]
name = "time-core"
version = "0.1.1"
version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7300fbefb4dadc1af235a9cef3737cea692a9d97e1b9cbcd4ebdae6f8868e6fb"
checksum = "ef927ca75afb808a4d64dd374f00a2adf8d0fcff8e7b184af886c3c87ec4a3f3"
[[package]]
name = "time-macros"
version = "0.2.14"
version = "0.2.18"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1a942f44339478ef67935ab2bbaec2fb0322496cf3cbe84b261e06ac3814c572"
checksum = "3f252a68540fde3a3877aeea552b832b40ab9a69e318efd078774a01ddee1ccf"
dependencies = [
"num-conv",
"time-core",
]

84
pkgs/by-name/de/deepfilternet/cargo-lock-bump-time.patch Normal file
View File

@ -0,0 +1,84 @@
diff --git a/Cargo.lock b/Cargo.lock
index 48eb89c..ae318a6 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1073,9 +1073,12 @@ dependencies = [
[[package]]
name = "deranged"
-version = "0.3.8"
+version = "0.3.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f2696e8a945f658fd14dc3b87242e6b80cd0f36ff04ea560fa39082368847946"
+checksum = "b42b6fa04a440b495c8b04d0e71b707c585f83cb9cb28cf8cd0d976c315e31b4"
+dependencies = [
+ "powerfmt",
+]
[[package]]
name = "derivative"
@@ -2805,6 +2808,12 @@ dependencies = [
"serde",
]
+[[package]]
+name = "num-conv"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "51d515d32fb182ee37cda2ccdcb92950d6a3c2893aa280e540671c2cd0f3b1d9"
+
[[package]]
name = "num-derive"
version = "0.3.3"
@@ -3266,6 +3275,12 @@ dependencies = [
"windows-sys 0.48.0",
]
+[[package]]
+name = "powerfmt"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "439ee305def115ba05938db6eb1644ff94165c5ab5e9420d1c1bcedbba909391"
+
[[package]]
name = "ppv-lite86"
version = "0.2.17"
@@ -4134,12 +4149,14 @@ dependencies = [
[[package]]
name = "time"
-version = "0.3.28"
+version = "0.3.36"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "17f6bb557fd245c28e6411aa56b6403c689ad95061f50e4be16c274e70a17e48"
+checksum = "5dfd88e563464686c916c7e46e623e520ddc6d79fa6641390f2e3fa86e83e885"
dependencies = [
"deranged",
"itoa",
+ "num-conv",
+ "powerfmt",
"serde",
"time-core",
"time-macros",
@@ -4147,16 +4164,17 @@ dependencies = [
[[package]]
name = "time-core"
-version = "0.1.1"
+version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7300fbefb4dadc1af235a9cef3737cea692a9d97e1b9cbcd4ebdae6f8868e6fb"
+checksum = "ef927ca75afb808a4d64dd374f00a2adf8d0fcff8e7b184af886c3c87ec4a3f3"
[[package]]
name = "time-macros"
-version = "0.2.14"
+version = "0.2.18"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1a942f44339478ef67935ab2bbaec2fb0322496cf3cbe84b261e06ac3814c572"
+checksum = "3f252a68540fde3a3877aeea552b832b40ab9a69e318efd078774a01ddee1ccf"
dependencies = [
+ "num-conv",
"time-core",
]

5
pkgs/by-name/de/deepfilternet/package.nix
View File

@ -15,6 +15,11 @@ rustPlatform.buildRustPackage rec {
hash = "sha256-5bYbfO1kmduNm9YV5niaaPvRIDRmPt4QOX7eKpK+sWY=";
};
cargoPatches = [
# Fix compilation with Rust 1.80 (https://github.com/NixOS/nixpkgs/issues/332957)
./cargo-lock-bump-time.patch
];
cargoLock = {
lockFile = ./Cargo.lock;
outputHashes = {

2
pkgs/by-name/el/element-call/package.nix
View File

@ -6,6 +6,7 @@
, yarnBuildHook
, nodejs
, npmHooks
, olm
}:
let
@ -52,5 +53,6 @@ stdenv.mkDerivation (finalAttrs: {
license = licenses.asl20;
maintainers = with maintainers; [ kilimnik ];
mainProgram = "element-call";
inherit (olm.meta) knownVulnerabilities;
};
})

8
pkgs/by-name/es/espflash/package.nix
View File

@ -15,13 +15,13 @@
rustPlatform.buildRustPackage rec {
pname = "espflash";
version = "3.1.0";
version = "3.1.1";
src = fetchFromGitHub {
owner = "esp-rs";
repo = "espflash";
rev = "v${version}";
hash = "sha256-Tp74x5qgccq/7z1y0ozjiooPFxO7miDPuXBZ+XEKaW0=";
rev = "refs/tags/v${version}";
hash = "sha256-NplHzdUHlBgujH8rLYT5VbYBV7NljMJEbMAxZ5ZK8JY=";
};
nativeBuildInputs = [
@ -40,7 +40,7 @@ rustPlatform.buildRustPackage rec {
SystemConfiguration
];
cargoHash = "sha256-kn79kNS+vres7rhHMANAofqFv0k8Bg4HVEWBJvz7CSY=";
cargoHash = "sha256-iA8VJj0btFHUoyY7w8kR+9AU5Yrts4ctr90jxlWQu4c=";
postInstall = lib.optionalString (stdenv.buildPlatform.canExecute stdenv.hostPlatform) ''
installShellCompletion --cmd espflash \

33
pkgs/by-name/fu/fuzzdb/package.nix Normal file
View File

@ -0,0 +1,33 @@
{
lib,
fetchFromGitHub,
stdenvNoCC,
}:
stdenvNoCC.mkDerivation {
pname = "fuzzdb";
version = "0-unstable-2020-02-26";
src = fetchFromGitHub {
owner = "fuzzdb-project";
repo = "fuzzdb";
rev = "5656ab25dc6bb43bae32236fab775658a90d7380";
hash = "sha256-7AORrXi443+VK5lbgcjqW4QS7asbXu/dCKj8uCMC0PY=";
};
installPhase = ''
runHook preInstall
mkdir -p $out/share/{fuzzdb,wordlists/fuzzdb}
mv docs web-backdoors $out/share/fuzzdb
mv */ $out/share/wordlists/fuzzdb
runHook postInstall
'';
meta = {
description = "Comprehensive collection of attack patterns and predictable resource names used for security testing and fuzzing application";
homepage = "https://github.com/fuzzdb-project/fuzzdb";
license = with lib.licenses; [ bsd3 ];
maintainers = with lib.maintainers; [ d3vil0p3r ];
platforms = lib.platforms.all;
};
}

4
pkgs/by-name/ga/gabutdm/package.nix
View File

@ -20,13 +20,13 @@
stdenv.mkDerivation rec {
pname = "gabutdm";
version = "2.5.0";
version = "2.6.0";
src = fetchFromGitHub {
owner = "gabutakut";
repo = "gabutdm";
rev = version;
hash = "sha256-0PBNKacgKT5xcd0mnn0y9ltmxEAbP+S7MLtt/Zau8vs=";
hash = "sha256-FKOgoJ0QreYk3PgvUoQMczC3tXkthw86/Y3pnm6tTQk=";
};
nativeBuildInputs = [

2
pkgs/by-name/go/godot_4-export-templates/package.nix
View File

@ -9,5 +9,5 @@ fetchzip {
pname = "export_templates";
extension = "zip";
url = "https://github.com/godotengine/godot/releases/download/${godot_4.version}/Godot_v${godot_4.version}_export_templates.tpz";
hash = "sha256-eomGLH9lbZhl7VtHTWjJ5mxVt0Yg8LfnAnpqoCksPgs=";
hash = "sha256-XRnKii+eexIkbGf7bqc42SR0NBULFvgMdOpSRNNk6kg=";
}

191
pkgs/development/tools/godot/4/default.nix → pkgs/by-name/go/godot_4/package.nix
View File

@ -1,93 +1,68 @@
{ stdenv
, lib
, fetchFromGitHub
, pkg-config
, autoPatchelfHook
, installShellFiles
, scons
, vulkan-loader
, libGL
, libX11
, libXcursor
, libXinerama
, libXext
, libXrandr
, libXrender
, libXi
, libXfixes
, libxkbcommon
, alsa-lib
, libpulseaudio
, dbus
, speechd-minimal
, fontconfig
, udev
, withDebug ? false
, withPlatform ? "linuxbsd"
, withTarget ? "editor"
, withPrecision ? "single"
, withPulseaudio ? true
, withDbus ? true
, withSpeechd ? true
, withFontconfig ? true
, withUdev ? true
, withTouch ? true
{
alsa-lib,
autoPatchelfHook,
buildPackages,
dbus,
fetchFromGitHub,
fontconfig,
installShellFiles,
lib,
libGL,
libpulseaudio,
libX11,
libXcursor,
libXext,
libXfixes,
libXi,
libXinerama,
libxkbcommon,
libXrandr,
libXrender,
pkg-config,
scons,
speechd-minimal,
stdenv,
udev,
vulkan-loader,
withDbus ? true,
withDebug ? false,
withFontconfig ? true,
withPlatform ? "linuxbsd",
withPrecision ? "single",
withPulseaudio ? true,
withSpeechd ? true,
withTarget ? "editor",
withTouch ? true,
withUdev ? true,
}:
assert lib.asserts.assertOneOf "withPrecision" withPrecision [ "single" "double" ];
assert lib.asserts.assertOneOf "withPrecision" withPrecision [
"single"
"double"
];
let
mkSconsFlagsFromAttrSet = lib.mapAttrsToList (k: v:
if builtins.isString v
then "${k}=${v}"
else "${k}=${builtins.toJSON v}");
mkSconsFlagsFromAttrSet = lib.mapAttrsToList (
k: v: if builtins.isString v then "${k}=${v}" else "${k}=${builtins.toJSON v}"
);
in
stdenv.mkDerivation rec {
pname = "godot4";
version = "4.2.2-stable";
commitHash = "15073afe3856abd2aa1622492fe50026c7d63dc1";
version = "4.3-stable";
commitHash = "77dcf97d82cbfe4e4615475fa52ca03da645dbd8";
src = fetchFromGitHub {
owner = "godotengine";
repo = "godot";
rev = commitHash;
hash = "sha256-anJgPEeHIW2qIALMfPduBVgbYYyz1PWCmPsZZxS9oHI=";
hash = "sha256-v2lBD3GEL8CoIwBl3UoLam0dJxkLGX0oneH6DiWkEsM=";
};
nativeBuildInputs = [
pkg-config
autoPatchelfHook
installShellFiles
outputs = [
"out"
"man"
];
buildInputs = [
scons
];
runtimeDependencies = [
vulkan-loader
libGL
libX11
libXcursor
libXinerama
libXext
libXrandr
libXrender
libXi
libXfixes
libxkbcommon
alsa-lib
]
++ lib.optional withPulseaudio libpulseaudio
++ lib.optional withDbus dbus
++ lib.optional withDbus dbus.lib
++ lib.optional withSpeechd speechd-minimal
++ lib.optional withFontconfig fontconfig
++ lib.optional withFontconfig fontconfig.lib
++ lib.optional withUdev udev;
enableParallelBuilding = true;
# Set the build name which is part of the version. In official downloads, this
# is set to 'official'. When not specified explicitly, it is set to
# 'custom_build'. Other platforms packaging Godot (Gentoo, Arch, Flatpack
@ -110,26 +85,68 @@ stdenv.mkDerivation rec {
echo ${commitHash} > .git/HEAD
'';
# From: https://github.com/godotengine/godot/blob/4.2.2-stable/SConstruct
sconsFlags = mkSconsFlagsFromAttrSet {
# Options from 'SConstruct'
precision = withPrecision; # Floating-point precision level
production = true; # Set defaults to build Godot for use in production
platform = withPlatform;
target = withTarget;
precision = withPrecision; # Floating-point precision level
debug_symbols = withDebug;
# Options from 'platform/linuxbsd/detect.py'
pulseaudio = withPulseaudio; # Use PulseAudio
dbus = withDbus; # Use D-Bus to handle screensaver and portal desktop settings
speechd = withSpeechd; # Use Speech Dispatcher for Text-to-Speech support
fontconfig = withFontconfig; # Use fontconfig for system fonts support
udev = withUdev; # Use udev for gamepad connection callbacks
pulseaudio = withPulseaudio; # Use PulseAudio
speechd = withSpeechd; # Use Speech Dispatcher for Text-to-Speech support
touch = withTouch; # Enable touch events
udev = withUdev; # Use udev for gamepad connection callbacks
};
dontStrip = withDebug;
enableParallelBuilding = true;
outputs = [ "out" "man" ];
strictDeps = true;
depsBuildBuild = lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [
buildPackages.stdenv.cc
pkg-config
];
nativeBuildInputs = [
autoPatchelfHook
installShellFiles
pkg-config
scons
];
runtimeDependencies =
[
alsa-lib
libGL
libX11
libXcursor
libXext
libXfixes
libXi
libXinerama
libxkbcommon
libXrandr
libXrender
vulkan-loader
]
++ lib.optionals withDbus [
dbus
dbus.lib
]
++ lib.optionals withFontconfig [
fontconfig
fontconfig.lib
]
++ lib.optionals withPulseaudio [ libpulseaudio ]
++ lib.optionals withSpeechd [ speechd-minimal ]
++ lib.optionals withUdev [ udev ];
dontStrip = withDebug;
installPhase = ''
runHook preInstall
@ -151,11 +168,19 @@ stdenv.mkDerivation rec {
'';
meta = {
homepage = "https://godotengine.org";
changelog = "https://github.com/godotengine/godot/releases/tag/${version}";
description = "Free and Open Source 2D and 3D game engine";
homepage = "https://godotengine.org";
license = lib.licenses.mit;
platforms = [ "i686-linux" "x86_64-linux" "aarch64-linux" ];
maintainers = with lib.maintainers; [ shiryel superherointj ];
platforms = [
"i686-linux"
"x86_64-linux"
"aarch64-linux"
];
maintainers = with lib.maintainers; [
shiryel
superherointj
];
mainProgram = "godot4";
};
}

136
pkgs/by-name/gr/gruvbox-gtk-theme/package.nix
View File

@ -5,7 +5,12 @@
sassc,
gnome-themes-extra,
gtk-engine-murrine,
colorVariants ? [] # default: install all icons
unstableGitUpdater,
colorVariants ? [ ],
sizeVariants ? [ ],
themeVariants ? [ ],
tweakVariants ? [ ],
iconVariants ? [ ],
}:
let
@ -14,49 +19,104 @@ let
"dark"
"light"
];
sizeVariantList = [
"compact"
"standard"
];
themeVariantList = [
"default"
"green"
"grey"
"orange"
"pink"
"purple"
"red"
"teal"
"yellow"
"all"
];
tweakVariantList = [
"medium"
"soft"
"black"
"float"
"outline"
"macos"
];
iconVariantList = [
"Dark"
"Light"
];
in
lib.checkListOfEnum "${pname}: colorVariants" colorVariantList colorVariants
lib.checkListOfEnum "${pname}: colorVariants" colorVariantList colorVariants lib.checkListOfEnum
"${pname}: sizeVariants"
sizeVariantList
sizeVariants
lib.checkListOfEnum
"${pname}: themeVariants"
themeVariantList
themeVariants
lib.checkListOfEnum
"${pname}: tweakVariants"
tweakVariantList
tweakVariants
lib.checkListOfEnum
"${pname}: iconVariants"
iconVariantList
iconVariants
stdenvNoCC.mkDerivation {
inherit pname;
version = "0-unstable-2024-06-27";
stdenvNoCC.mkDerivation
{
inherit pname;
version = "0-unstable-2024-07-22";
src = fetchFromGitHub {
owner = "Fausto-Korpsvart";
repo = "Gruvbox-GTK-Theme";
rev = "f568ccd7bf7570d8a27feb62e318b07b88e24b94";
hash = "sha256-4vGwPggHdNjtQ03UFgN4OH5+ZEkdIlivCdYuZ0Dsd5Q=";
};
src = fetchFromGitHub {
owner = "Fausto-Korpsvart";
repo = "Gruvbox-GTK-Theme";
rev = "f14a99e1369a6348a4ecd4a5b2d9c067b83f7b2a";
hash = "sha256-WuZX2A5nLk8vMlK0ZlDlbeb79wCCWrGUf2CbqfnbUzk=";
};
propagatedUserEnvPkgs = [ gtk-engine-murrine ];
propagatedUserEnvPkgs = [ gtk-engine-murrine ];
nativeBuildInputs = [ sassc ];
buildInputs = [ gnome-themes-extra ];
nativeBuildInputs = [ sassc ];
buildInputs = [ gnome-themes-extra ];
dontBuild = true;
dontBuild = true;
postPatch = ''
patchShebangs themes/install.sh
'';
passthru.updateScript = unstableGitUpdater { };
installPhase = ''
runHook preInstall
mkdir -p $out/share/themes
cd themes
./install.sh -n Gruvbox -c ${lib.concatStringsSep " " (if colorVariants != [] then colorVariants else colorVariantList)} --tweaks macos -d "$out/share/themes"
runHook postInstall
'';
postPatch = ''
patchShebangs themes/install.sh
'';
meta = {
description = "GTK theme based on the Gruvbox colour palette";
homepage = "https://github.com/Fausto-Korpsvart/Gruvbox-GTK-Theme";
license = lib.licenses.gpl3Plus;
platforms = lib.platforms.unix;
maintainers = with lib.maintainers; [
luftmensch-luftmensch
math-42
d3vil0p3r
];
};
}
installPhase = ''
runHook preInstall
mkdir -p $out/share/themes
cd themes
./install.sh -n Gruvbox \
${lib.optionalString (colorVariants != [ ]) "-c " + toString colorVariants} \
${lib.optionalString (sizeVariants != [ ]) "-s " + toString sizeVariants} \
${lib.optionalString (themeVariants != [ ]) "-t " + toString themeVariants} \
${lib.optionalString (tweakVariants != [ ]) "--tweaks " + toString tweakVariants} \
-d "$out/share/themes"
cd ../icons
${lib.optionalString (iconVariants != [ ]) ''
mkdir -p $out/share/icons
cp -a ${toString (map (v: "Gruvbox-${v}") iconVariants)} $out/share/icons/
''}
runHook postInstall
'';
meta = {
description = "GTK theme based on the Gruvbox colour palette";
homepage = "https://github.com/Fausto-Korpsvart/Gruvbox-GTK-Theme";
license = lib.licenses.gpl3Plus;
platforms = lib.platforms.unix;
maintainers = with lib.maintainers; [
luftmensch-luftmensch
math-42
d3vil0p3r
];
};
}

6
pkgs/by-name/ha/harmonia/package.nix
View File

@ -13,16 +13,16 @@
rustPlatform.buildRustPackage rec {
pname = "harmonia";
version = "1.0.0";
version = "1.0.1";
src = fetchFromGitHub {
owner = "nix-community";
repo = "harmonia";
rev = "refs/tags/harmonia-v${version}";
hash = "sha256-S5UU6/JZzp4mJKplhpJjcACr+M1rQCFQFWuyk9Wwumg=";
hash = "sha256-K4pll1YUqCkiqUxyWMgPKzNEJ2AMf3C/5YVBOn0SFtw=";
};
cargoHash = "sha256-iCltPaWNq9vWgPfjNYikoU25X8wzlM4ruYI+WgHYv7U=";
cargoHash = "sha256-1ITnTlLVgSC0gsXtELHOPqM4jPZd0TeVgM5GYkqaNVA=";
doCheck = false;

3
pkgs/by-name/im/imgbrd-grabber/package.nix
View File

@ -62,6 +62,9 @@ stdenv.mkDerivation (finalAttrs: {
# ensure the script uses the rsync package from nixpkgs
substituteInPlace ../scripts/package.sh --replace-fail "rsync" "${lib.getExe rsync}"
substituteInPlace gui/CMakeLists.txt \
--replace-fail "find_package(Qt6 COMPONENTS " "find_package(Qt6 COMPONENTS NetworkAuth " \
--replace-fail "set(QT_LIBRARIES " "set(QT_LIBRARIES Qt6::NetworkAuth "
# the npm build step only runs typescript
# run this step directly so it doesn't try and fail to download the unnecessary node_modules, etc.

29
pkgs/by-name/ka/kanidm-provision/package.nix Normal file
View File

@ -0,0 +1,29 @@
{
lib,
rustPlatform,
fetchFromGitHub,
}:
rustPlatform.buildRustPackage rec {
pname = "kanidm-provision";
version = "1.1.1";
src = fetchFromGitHub {
owner = "oddlama";
repo = "kanidm-provision";
rev = "v${version}";
hash = "sha256-tX24cszmWu7kB5Eoa3OrPqU1bayD62OpAV12U0ayoEo=";
};
cargoHash = "sha256-Ok8A47z5Z3QW4teql/4RyDlox/nrhkdA6IN/qJm13bM=";
meta = with lib; {
description = "A small utility to help with kanidm provisioning";
homepage = "https://github.com/oddlama/kanidm-provision";
license = with licenses; [
asl20
mit
];
maintainers = with maintainers; [ oddlama ];
mainProgram = "kanidm-provision";
};
}

17
pkgs/by-name/ka/kanidm/package.nix
View File

@ -13,6 +13,14 @@
, pam
, bashInteractive
, rust-jemalloc-sys
, kanidm
# If this is enabled, kanidm will be built with two patches allowing both
# oauth2 basic secrets and admin credentials to be provisioned.
# This is NOT officially supported (and will likely never be),
# see https://github.com/kanidm/kanidm/issues/1747.
# Please report any provisioning-related errors to
# https://github.com/oddlama/kanidm-provision/issues/ instead.
, enableSecretProvisioning ? false
}:
let
@ -33,6 +41,11 @@ rustPlatform.buildRustPackage rec {
KANIDM_BUILD_PROFILE = "release_nixos_${arch}";
patches = lib.optionals enableSecretProvisioning [
./patches/oauth2-basic-secret-modify.patch
./patches/recover-account.patch
];
postPatch =
let
format = (formats.toml { }).generate "${KANIDM_BUILD_PROFILE}.toml";
@ -94,10 +107,12 @@ rustPlatform.buildRustPackage rec {
passthru = {
tests = {
inherit (nixosTests) kanidm;
inherit (nixosTests) kanidm kanidm-provisioning;
};
updateScript = nix-update-script { };
inherit enableSecretProvisioning;
withSecretProvisioning = kanidm.override { enableSecretProvisioning = true; };
};
meta = with lib; {

303
pkgs/by-name/ka/kanidm/patches/oauth2-basic-secret-modify.patch Normal file
View File

@ -0,0 +1,303 @@
From 44dfbc2b9dccce86c7d7e7b54db4c989344b8c56 Mon Sep 17 00:00:00 2001
From: oddlama <oddlama@oddlama.org>
Date: Mon, 12 Aug 2024 23:17:25 +0200
Subject: [PATCH 1/2] oauth2 basic secret modify
---
server/core/src/actors/v1_write.rs | 42 ++++++++++++++++++++++++++++++
server/core/src/https/v1.rs | 6 ++++-
server/core/src/https/v1_oauth2.rs | 29 +++++++++++++++++++++
server/lib/src/constants/acp.rs | 6 +++++
4 files changed, 82 insertions(+), 1 deletion(-)
diff --git a/server/core/src/actors/v1_write.rs b/server/core/src/actors/v1_write.rs
index e00a969fb..1cacc67b8 100644
--- a/server/core/src/actors/v1_write.rs
+++ b/server/core/src/actors/v1_write.rs
@@ -315,20 +315,62 @@ impl QueryServerWriteV1 {
};
trace!(?del, "Begin delete event");
idms_prox_write
.qs_write
.delete(&del)
.and_then(|_| idms_prox_write.commit().map(|_| ()))
}
+ #[instrument(
+ level = "info",
+ skip_all,
+ fields(uuid = ?eventid)
+ )]
+ pub async fn handle_oauth2_basic_secret_write(
+ &self,
+ client_auth_info: ClientAuthInfo,
+ filter: Filter<FilterInvalid>,
+ new_secret: String,
+ eventid: Uuid,
+ ) -> Result<(), OperationError> {
+ // Given a protoEntry, turn this into a modification set.
+ let ct = duration_from_epoch_now();
+ let mut idms_prox_write = self.idms.proxy_write(ct).await;
+ let ident = idms_prox_write
+ .validate_client_auth_info_to_ident(client_auth_info, ct)
+ .map_err(|e| {
+ admin_error!(err = ?e, "Invalid identity");
+ e
+ })?;
+
+ let modlist = ModifyList::new_purge_and_set(
+ Attribute::OAuth2RsBasicSecret,
+ Value::SecretValue(new_secret),
+ );
+
+ let mdf =
+ ModifyEvent::from_internal_parts(ident, &modlist, &filter, &idms_prox_write.qs_write)
+ .map_err(|e| {
+ admin_error!(err = ?e, "Failed to begin modify during handle_oauth2_basic_secret_write");
+ e
+ })?;
+
+ trace!(?mdf, "Begin modify event");
+
+ idms_prox_write
+ .qs_write
+ .modify(&mdf)
+ .and_then(|_| idms_prox_write.commit())
+ }
+
#[instrument(
level = "info",
skip_all,
fields(uuid = ?eventid)
)]
pub async fn handle_reviverecycled(
&self,
client_auth_info: ClientAuthInfo,
filter: Filter<FilterInvalid>,
eventid: Uuid,
diff --git a/server/core/src/https/v1.rs b/server/core/src/https/v1.rs
index 8aba83bb2..f1f815026 100644
--- a/server/core/src/https/v1.rs
+++ b/server/core/src/https/v1.rs
@@ -1,17 +1,17 @@
//! The V1 API things!
use axum::extract::{Path, State};
use axum::http::{HeaderMap, HeaderValue};
use axum::middleware::from_fn;
use axum::response::{IntoResponse, Response};
-use axum::routing::{delete, get, post, put};
+use axum::routing::{delete, get, post, put, patch};
use axum::{Extension, Json, Router};
use axum_extra::extract::cookie::{Cookie, CookieJar, SameSite};
use compact_jwt::{Jwk, Jws, JwsSigner};
use kanidm_proto::constants::uri::V1_AUTH_VALID;
use std::net::IpAddr;
use uuid::Uuid;
use kanidm_proto::internal::{
ApiToken, AppLink, CUIntentToken, CURequest, CUSessionToken, CUStatus, CreateRequest,
CredentialStatus, DeleteRequest, IdentifyUserRequest, IdentifyUserResponse, ModifyRequest,
@@ -3119,20 +3119,24 @@ pub(crate) fn route_setup(state: ServerState) -> Router<ServerState> {
)
.route(
"/v1/oauth2/:rs_name/_image",
post(super::v1_oauth2::oauth2_id_image_post)
.delete(super::v1_oauth2::oauth2_id_image_delete),
)
.route(
"/v1/oauth2/:rs_name/_basic_secret",
get(super::v1_oauth2::oauth2_id_get_basic_secret),
)
+ .route(
+ "/v1/oauth2/:rs_name/_basic_secret",
+ patch(super::v1_oauth2::oauth2_id_patch_basic_secret),
+ )
.route(
"/v1/oauth2/:rs_name/_scopemap/:group",
post(super::v1_oauth2::oauth2_id_scopemap_post)
.delete(super::v1_oauth2::oauth2_id_scopemap_delete),
)
.route(
"/v1/oauth2/:rs_name/_sup_scopemap/:group",
post(super::v1_oauth2::oauth2_id_sup_scopemap_post)
.delete(super::v1_oauth2::oauth2_id_sup_scopemap_delete),
)
diff --git a/server/core/src/https/v1_oauth2.rs b/server/core/src/https/v1_oauth2.rs
index 5e481afab..a771aed04 100644
--- a/server/core/src/https/v1_oauth2.rs
+++ b/server/core/src/https/v1_oauth2.rs
@@ -144,20 +144,49 @@ pub(crate) async fn oauth2_id_get_basic_secret(
) -> Result<Json<Option<String>>, WebError> {
let filter = oauth2_id(&rs_name);
state
.qe_r_ref
.handle_oauth2_basic_secret_read(client_auth_info, filter, kopid.eventid)
.await
.map(Json::from)
.map_err(WebError::from)
}
+#[utoipa::path(
+ patch,
+ path = "/v1/oauth2/{rs_name}/_basic_secret",
+ request_body=ProtoEntry,
+ responses(
+ DefaultApiResponse,
+ ),
+ security(("token_jwt" = [])),
+ tag = "v1/oauth2",
+ operation_id = "oauth2_id_patch_basic_secret"
+)]
+/// Overwrite the basic secret for a given OAuth2 Resource Server.
+#[instrument(level = "info", skip(state, new_secret))]
+pub(crate) async fn oauth2_id_patch_basic_secret(
+ State(state): State<ServerState>,
+ Extension(kopid): Extension<KOpId>,
+ VerifiedClientInformation(client_auth_info): VerifiedClientInformation,
+ Path(rs_name): Path<String>,
+ Json(new_secret): Json<String>,
+) -> Result<Json<()>, WebError> {
+ let filter = oauth2_id(&rs_name);
+ state
+ .qe_w_ref
+ .handle_oauth2_basic_secret_write(client_auth_info, filter, new_secret, kopid.eventid)
+ .await
+ .map(Json::from)
+ .map_err(WebError::from)
+}
+
#[utoipa::path(
patch,
path = "/v1/oauth2/{rs_name}",
request_body=ProtoEntry,
responses(
DefaultApiResponse,
),
security(("token_jwt" = [])),
tag = "v1/oauth2",
operation_id = "oauth2_id_patch"
diff --git a/server/lib/src/constants/acp.rs b/server/lib/src/constants/acp.rs
index f3409649d..42e407b7d 100644
--- a/server/lib/src/constants/acp.rs
+++ b/server/lib/src/constants/acp.rs
@@ -645,34 +645,36 @@ lazy_static! {
Attribute::Image,
],
modify_present_attrs: vec![
Attribute::Description,
Attribute::DisplayName,
Attribute::OAuth2RsName,
Attribute::OAuth2RsOrigin,
Attribute::OAuth2RsOriginLanding,
Attribute::OAuth2RsSupScopeMap,
Attribute::OAuth2RsScopeMap,
+ Attribute::OAuth2RsBasicSecret,
Attribute::OAuth2AllowInsecureClientDisablePkce,
Attribute::OAuth2JwtLegacyCryptoEnable,
Attribute::OAuth2PreferShortUsername,
Attribute::Image,
],
create_attrs: vec![
Attribute::Class,
Attribute::Description,
Attribute::DisplayName,
Attribute::OAuth2RsName,
Attribute::OAuth2RsOrigin,
Attribute::OAuth2RsOriginLanding,
Attribute::OAuth2RsSupScopeMap,
Attribute::OAuth2RsScopeMap,
+ Attribute::OAuth2RsBasicSecret,
Attribute::OAuth2AllowInsecureClientDisablePkce,
Attribute::OAuth2JwtLegacyCryptoEnable,
Attribute::OAuth2PreferShortUsername,
Attribute::Image,
],
create_classes: vec![
EntryClass::Object,
EntryClass::OAuth2ResourceServer,
EntryClass::OAuth2ResourceServerBasic,
EntryClass::OAuth2ResourceServerPublic,
@@ -739,36 +741,38 @@ lazy_static! {
Attribute::Image,
],
modify_present_attrs: vec![
Attribute::Description,
Attribute::DisplayName,
Attribute::OAuth2RsName,
Attribute::OAuth2RsOrigin,
Attribute::OAuth2RsOriginLanding,
Attribute::OAuth2RsSupScopeMap,
Attribute::OAuth2RsScopeMap,
+ Attribute::OAuth2RsBasicSecret,
Attribute::OAuth2AllowInsecureClientDisablePkce,
Attribute::OAuth2JwtLegacyCryptoEnable,
Attribute::OAuth2PreferShortUsername,
Attribute::OAuth2AllowLocalhostRedirect,
Attribute::OAuth2RsClaimMap,
Attribute::Image,
],
create_attrs: vec![
Attribute::Class,
Attribute::Description,
Attribute::DisplayName,
Attribute::OAuth2RsName,
Attribute::OAuth2RsOrigin,
Attribute::OAuth2RsOriginLanding,
Attribute::OAuth2RsSupScopeMap,
Attribute::OAuth2RsScopeMap,
+ Attribute::OAuth2RsBasicSecret,
Attribute::OAuth2AllowInsecureClientDisablePkce,
Attribute::OAuth2JwtLegacyCryptoEnable,
Attribute::OAuth2PreferShortUsername,
Attribute::OAuth2AllowLocalhostRedirect,
Attribute::OAuth2RsClaimMap,
Attribute::Image,
],
create_classes: vec![
EntryClass::Object,
EntryClass::OAuth2ResourceServer,
@@ -840,36 +844,38 @@ lazy_static! {
Attribute::Image,
],
modify_present_attrs: vec![
Attribute::Description,
Attribute::DisplayName,
Attribute::Name,
Attribute::OAuth2RsOrigin,
Attribute::OAuth2RsOriginLanding,
Attribute::OAuth2RsSupScopeMap,
Attribute::OAuth2RsScopeMap,
+ Attribute::OAuth2RsBasicSecret,
Attribute::OAuth2AllowInsecureClientDisablePkce,
Attribute::OAuth2JwtLegacyCryptoEnable,
Attribute::OAuth2PreferShortUsername,
Attribute::OAuth2AllowLocalhostRedirect,
Attribute::OAuth2RsClaimMap,
Attribute::Image,
],
create_attrs: vec![
Attribute::Class,
Attribute::Description,
Attribute::Name,
Attribute::OAuth2RsName,
Attribute::OAuth2RsOrigin,
Attribute::OAuth2RsOriginLanding,
Attribute::OAuth2RsSupScopeMap,
Attribute::OAuth2RsScopeMap,
+ Attribute::OAuth2RsBasicSecret,
Attribute::OAuth2AllowInsecureClientDisablePkce,
Attribute::OAuth2JwtLegacyCryptoEnable,
Attribute::OAuth2PreferShortUsername,
Attribute::OAuth2AllowLocalhostRedirect,
Attribute::OAuth2RsClaimMap,
Attribute::Image,
],
create_classes: vec![
EntryClass::Object,
EntryClass::Account,
--
2.45.2

Some files were not shown because too many files have changed in this diff Show More