nixpkgs

Author	SHA1	Message	Date
Maximilian Bosch	70a6092f1e	nixos/doc: mention postgresql hardening	2024-11-01 16:31:35 +01:00
Maximilian Bosch	0f1e2a1cd8	nixos/postgresql: MemoryDenyWriteExecute must be off when doing JIT The test breaks like this otherwise: machine # WARNING: error during JITing: Permission denied machine # [ 14.012280] postgres[913]: [913] WARNING: error during JITing: Permission denied machine # ERROR: failed to look up symbol "evalexpr_0_1": Failed to materialize symbols: { (main, { evalexpr_0_1, evalexpr_0_0 }) }	2024-10-14 23:57:39 +02:00
Maximilian Bosch	f800d8e42b	nixos/postgresql: enable private /tmp & private mounts; fix wal-receiver test The issue was that the old test-case used `/tmp` to share data. Using `JoinsNamespaceOf=` wasn't a real workaround since the private `/tmp` is recreated when a service gets stopped/started which is the case here, so the wals were still lost. To keep the test building with `PrivateTmp=yes`, create a dedicated directory in `/var/cache` with tmpfiles and allow the hardened `postgresql.service` to access it via `ReadWritePaths`.	2024-10-01 10:31:20 +02:00
Martin Weinelt	2ebffcc4c7	nixos/postgresql: set up sandboxing Reduces the general exposure of the postgresql.service through systemd hardening options.	2024-10-01 10:31:20 +02:00
Ivan Mincik	ead36718eb	geos: 3.12.2 -> 3.13.0 (#344310 )	2024-10-01 07:55:47 +00:00
Thomas Gerbet	2c5fac3edf	wireshark: 4.2.6 -> 4.2.7 Fixes CVE-2024-8250. https://www.wireshark.org/security/wnpa-sec-2024-11.html Changes: https://www.wireshark.org/docs/relnotes/wireshark-4.2.7.html	2024-10-01 08:56:48 +02:00
7c6f434c	92bdb0b4e0	sgt-puzzles: 20240911.cd97968 -> 20240928.182b3d9 (#345480 )	2024-10-01 06:53:27 +00:00
Olli Helenius	bafb19f793	zoom-us: add pulseaudio to `PATH` Zoom wants to be able to invoke `pactl` or `pacmd` in order to support computer audio sharing.	2024-10-01 08:40:03 +02:00
Olli Helenius	affe201a2a	zoom-us: patch `ZoomWebviewHost`	2024-10-01 08:40:03 +02:00
Pol Dellaiera	d441b0aa9c	php81Extensions.spx: 0.4.16 -> 0.4.17 (#345604 )	2024-10-01 08:34:43 +02:00
Julien Malka	350888a27c	inochi2d: add libGL to LD_LIBRARY_PATH (#345579 )	2024-10-01 08:31:42 +02:00
Luke Granger-Brown	34c3e4bfc2	pomerium: 0.26.1 -> 0.27.1 (#345627 )	2024-10-01 07:25:09 +01:00
nixpkgs-merge-bot[bot]	b7e838f0bb	n8n: 1.60.1 -> 1.61.0 (#345596 )	2024-10-01 05:50:11 +00:00
Bruno Bigras	b523c0d26e	spotube: 3.8.1 -> 3.8.2 (#345551 )	2024-10-01 00:21:59 -04:00
nixpkgs-merge-bot[bot]	e85db9fe2b	jp-zip-codes: 0-unstable-2024-09-01 -> 0-unstable-2024-10-01 (#345629 )	2024-10-01 04:11:31 +00:00
nixpkgs-merge-bot[bot]	dde1577528	mozcdic-ut-jawiki: 0-unstable-2024-09-21 -> 0-unstable-2024-09-27 (#345630 )	2024-10-01 04:10:44 +00:00
nixpkgs-merge-bot[bot]	d1d974a8b9	jawiki-all-titles-in-ns0: 0-unstable-2024-09-11 -> 0-unstable-2024-10-01 (#345628 )	2024-10-01 04:10:25 +00:00
Masum Reza	b2dd9cd1e1	mpv: fix build on darwin (#345600 )	2024-10-01 08:50:10 +05:30
Morgan Helton	9ab8b25dc8	pomerium: 0.26.1 -> 0.27.1	2024-09-30 21:12:09 -05:00
R. Ryantm	b23eda1624	mozcdic-ut-jawiki: 0-unstable-2024-09-21 -> 0-unstable-2024-09-27	2024-10-01 02:09:40 +00:00
R. Ryantm	100c948cdd	jp-zip-codes: 0-unstable-2024-09-01 -> 0-unstable-2024-10-01	2024-10-01 02:07:27 +00:00
R. Ryantm	966526bda1	jawiki-all-titles-in-ns0: 0-unstable-2024-09-11 -> 0-unstable-2024-10-01	2024-10-01 02:07:01 +00:00
Winter	8d6134b231	gonic: don't use substituteStream --replace	2024-09-30 22:04:09 -04:00
Winter	ecf486145f	gonic: fix tests in darwin sandbox	2024-09-30 21:55:51 -04:00
Morgan Helton	2a42c191d4	pomerium: move to by-name	2024-09-30 20:50:17 -05:00
Tristan Ross	9682b2197d	llvmPackages_git: 20.0.0-git-2024-09-22 -> 20.0.0-git-2024-09-29 (#345420 )	2024-09-30 18:43:25 -07:00
Peder Bergebakken Sundt	9dc3c339a2	gotestsum: 1.11.0 -> 1.12.0-unstable-2024-09-17; move to by-name (#345462 )	2024-10-01 02:26:20 +02:00
Peder Bergebakken Sundt	bf51ad7d03	spl: 0.3.2 -> 0.4.0 (#345354 )	2024-10-01 02:24:53 +02:00
Peder Bergebakken Sundt	76c02e28cb	syshud: 0-unstable-2024-08-27 -> 0-unstable-2024-09-26 (#345308 )	2024-10-01 02:24:39 +02:00
Peder Bergebakken Sundt	597d2aa8b1	dioxus-cli: 0.5.6 -> 0.5.7 (#344754 )	2024-10-01 02:22:14 +02:00
Philip Taron	69bd130db4	cargo-tauri.hook: init (#335751 )	2024-09-30 17:17:38 -07:00
seth	26b1cefb0c	mouse-actions-gui: use cargo-tauri.hook	2024-09-30 20:14:38 -04:00
seth	a678b77f9b	en-croissant: use cargo-tauri.hook	2024-09-30 20:14:38 -04:00
seth	0539d522be	doc/release-notes: add section on `cargo-tauri.hook`	2024-09-30 20:14:36 -04:00
Peder Bergebakken Sundt	fab601bdc0	fnc: 0.16 -> 0.18 (#344400 )	2024-10-01 02:13:21 +02:00
seth	328e517888	insulator2: use cargo-tauri.hook & yarnConfigHook	2024-09-30 20:13:15 -04:00
seth	83edf5a626	kiwitalk: use cargo-tauri.hook	2024-09-30 20:13:15 -04:00
seth	4f58959149	surrealist: use cargo-tauri.hook	2024-09-30 20:13:15 -04:00
seth	686cff417a	pot: use cargo-tauri.hook	2024-09-30 20:13:15 -04:00
seth	43256320c5	gitbutler: use cargo-tauri.hook	2024-09-30 20:13:15 -04:00
seth	154d776f51	cinny-desktop: use cargo-tauri.hook	2024-09-30 20:13:14 -04:00
seth	5b5c9540a5	modrinth-app: use cargo-tauri.hook	2024-09-30 20:13:14 -04:00
seth	ec696bd85d	doc: init tauri hook section	2024-09-30 20:13:14 -04:00
seth	f70fb77ea1	cargo-tauri: add test for setup hooks	2024-09-30 20:13:14 -04:00
seth	b833d6a1d3	cargo-tauri.hook: init	2024-09-30 20:13:14 -04:00
seth	c1c013bd3b	cargo-tauri: add getchoo as a maintainer	2024-09-30 20:13:13 -04:00
seth	4a78651ed9	cargo-tauri: refactor Specifically: - Tighten dependencies by only listing what's needed to build - Better sorting things - Adding `meta.changelog`	2024-09-30 20:13:13 -04:00
seth	e4efc38613	cargo-tauri: migrate to by-name	2024-09-30 20:13:10 -04:00
Silvan Mosberger	eba78e46b7	lib/modules: Improve error when loading a flake as a module (#344688 )	2024-10-01 02:12:58 +02:00
Peder Bergebakken Sundt	268ee8ec60	activemq: 6.1.2 -> 6.1.3 (#343794 )	2024-10-01 02:04:50 +02:00

1 2 3 4 5 ...

687655 Commits