From 54587c3b1f3d983bc1d9c50776100f394b01c889 Mon Sep 17 00:00:00 2001
From: techknowlogick <techknowlogick@gitea.io>
Date: Fri, 10 Jun 2022 19:50:00 -0400
Subject: [PATCH 1/7] vault: 1.10.3 -> 1.10.4

---
 pkgs/tools/security/vault/default.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pkgs/tools/security/vault/default.nix b/pkgs/tools/security/vault/default.nix
index 3d6c34d5bfa..039e41390d4 100644
--- a/pkgs/tools/security/vault/default.nix
+++ b/pkgs/tools/security/vault/default.nix
@@ -6,16 +6,16 @@
 
 buildGoModule rec {
   pname = "vault";
-  version = "1.10.3";
+  version = "1.10.4";
 
   src = fetchFromGitHub {
     owner = "hashicorp";
     repo = "vault";
     rev = "v${version}";
-    sha256 = "sha256-12LOYp2ffTC/IOyNyT2PMnkP4FOKT8HROZNRWyTHxhA=";
+    sha256 = "sha256-RJCFbhpFx84R9CIU1OaaZbjBXltNY/1GC2gwgydX4n8=";
   };
 
-  vendorSha256 = "sha256-w5nUkCNo9xfalbc/U7uYaHZsUdyMV3tKDypQM9MnwE4=";
+  vendorSha256 = "sha256-8fTAU/K0WkkS6an5Ffaxpnz8vABQXpiWaCroc8DTYmc=";
 
   subPackages = [ "." ];
 

From 94dba70a05f3b3bc2048b888203ff9fce8fb8ba2 Mon Sep 17 00:00:00 2001
From: techknowlogick <techknowlogick@gitea.io>
Date: Fri, 10 Jun 2022 19:52:41 -0400
Subject: [PATCH 2/7] vault-bin: 1.10.3 -> 1.10.4

---
 pkgs/tools/security/vault/vault-bin.nix | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/pkgs/tools/security/vault/vault-bin.nix b/pkgs/tools/security/vault/vault-bin.nix
index 55192c670e0..0e679ccb7af 100644
--- a/pkgs/tools/security/vault/vault-bin.nix
+++ b/pkgs/tools/security/vault/vault-bin.nix
@@ -2,7 +2,7 @@
 
 stdenv.mkDerivation rec {
   pname = "vault-bin";
-  version = "1.10.3";
+  version = "1.10.4";
 
   src =
     let
@@ -16,11 +16,11 @@ stdenv.mkDerivation rec {
         aarch64-darwin = "darwin_arm64";
       };
       sha256 = selectSystem {
-        x86_64-linux = "sha256-hz7u6sW415h/AsGlyghImo3K54gbAS92N6L0dI8vV8Q=";
-        aarch64-linux = "sha256-DIrVgHeVvDNx0vRwXt2gzf3HDYzDeYQ2JVy+7KlrLUo=";
-        i686-linux = "sha256-B0xamHI6GnHrKLjhIBvs89keShJ45fRgyM7M214S9jY=";
-        x86_64-darwin = "sha256-ubPcl/e0nwYYw5SrN2jfrGSwLHbi99jklYMDZuVdf6s=";
-        aarch64-darwin = "sha256-4CKrelIzaXu2GccWo2ZTzGSqCMTM1qmJ0drGD8F3c0k=";
+        x86_64-linux = "sha256-cLCRZDOMx1bk+sZnArR9oOxuCowqFDwPINxWnONIqUU=";
+        aarch64-linux = "sha256-5MdszdDr+qK1RZnhXnAZjZ9+pal3ju6XMV6NnjVSUIg=";
+        i686-linux = "sha256-srlyVhh4j005kLdLdJoEjHbXw0DLHH4G/rUH+b4EdDE=";
+        x86_64-darwin = "sha256-Bep4LAm1/8PDA+fiWfR0nDUezP0VADKwry2rjYv8dTU=";
+        aarch64-darwin = "sha256-2mLIOun03SiXeSEFD+qRPOCj4LJB6LjB6aneJ78A5OQ=";
       };
     in
     fetchzip {

From 872695d02b9a8f23d7e0cca0ab6331039ca3c108 Mon Sep 17 00:00:00 2001
From: nek0 <nek0@nek0.eu>
Date: Sun, 12 Jun 2022 13:02:13 +0200
Subject: [PATCH 3/7] krita: fix double wrapping

---
 pkgs/applications/graphics/krita/generic.nix | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/pkgs/applications/graphics/krita/generic.nix b/pkgs/applications/graphics/krita/generic.nix
index 825e8882a55..aaab492734f 100644
--- a/pkgs/applications/graphics/krita/generic.nix
+++ b/pkgs/applications/graphics/krita/generic.nix
@@ -54,10 +54,8 @@ mkDerivation rec {
     "-DCMAKE_BUILD_TYPE=RelWithDebInfo"
   ];
 
-  postInstall = ''
-    for i in $out/bin/*; do
-      wrapProgram $i --prefix PYTHONPATH : "$PYTHONPATH"
-    done
+  preInstall = ''
+    qtWrapperArgs+=(--prefix PYTHONPATH : "$PYTHONPATH")
   '';
 
   meta = with lib; {

From d6d847bc396c9e0ab52a888d93a5e4fbac52c856 Mon Sep 17 00:00:00 2001
From: Aaron Jheng <wentworth@outlook.com>
Date: Sun, 12 Jun 2022 13:45:53 +0000
Subject: [PATCH 4/7] okteto: 2.3.1 -> 2.3.3

---
 pkgs/development/tools/okteto/default.nix | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/pkgs/development/tools/okteto/default.nix b/pkgs/development/tools/okteto/default.nix
index d1fb6615850..435ccd5a79f 100644
--- a/pkgs/development/tools/okteto/default.nix
+++ b/pkgs/development/tools/okteto/default.nix
@@ -2,23 +2,23 @@
 
 buildGoModule rec {
   pname = "okteto";
-  version = "2.3.1";
+  version = "2.3.3";
 
   src = fetchFromGitHub {
     owner = "okteto";
     repo = "okteto";
     rev = version;
-    sha256 = "sha256-2L6Ky7Mbky6VYx4kdBuYTtaJ9AzNufuYLrgERxLYpg8=";
+    sha256 = "sha256-rKhXzmBV59bj/Dj2ORU1ggOohAs56iB15es924pHXp4=";
   };
 
+  vendorSha256 = "sha256-XT/ZLydN1oeuRupD3gjvY6+hOB/Lq5CQwhfr9/iT7JI=";
+
   postPatch = ''
     # Disable some tests that need file system & network access.
     find cmd -name "*_test.go" | xargs rm -f
     rm -f pkg/analytics/track_test.go
   '';
 
-  vendorSha256 = "sha256-XT/ZLydN1oeuRupD3gjvY6+hOB/Lq5CQwhfr9/iT7JI=";
-
   nativeBuildInputs = [ installShellFiles ];
 
   ldflags = [

From c602569c9de4d51bb1cd9d5f0c88c914cd183ae5 Mon Sep 17 00:00:00 2001
From: nek0 <nek0@nek0.eu>
Date: Sun, 12 Jun 2022 13:14:28 +0200
Subject: [PATCH 5/7] maintainers: add nek0

---
 maintainers/maintainer-list.nix              | 6 ++++++
 pkgs/applications/graphics/krita/generic.nix | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix
index 9fa9646cacb..ee77b597478 100644
--- a/maintainers/maintainer-list.nix
+++ b/maintainers/maintainer-list.nix
@@ -9117,6 +9117,12 @@
     githubId = 166791;
     name = "Neil Mayhew";
   };
+  nek0 = {
+    email = "nek0@nek0.eu";
+    github = "nek0";
+    githubId = 1859691;
+    name = "Amedeo Molnár";
+  };
   nelsonjeppesen = {
     email = "nix@jeppesen.io";
     github = "NelsonJeppesen";
diff --git a/pkgs/applications/graphics/krita/generic.nix b/pkgs/applications/graphics/krita/generic.nix
index aaab492734f..d5f778b592a 100644
--- a/pkgs/applications/graphics/krita/generic.nix
+++ b/pkgs/applications/graphics/krita/generic.nix
@@ -61,7 +61,7 @@ mkDerivation rec {
   meta = with lib; {
     description = "A free and open source painting application";
     homepage = "https://krita.org/";
-    maintainers = with maintainers; [ abbradar sifmelcara ];
+    maintainers = with maintainers; [ abbradar sifmelcara nek0 ];
     platforms = platforms.linux;
     license = licenses.gpl3Only;
   };

From b25f38ac4e210f88aaf394471e11b002b79b11e2 Mon Sep 17 00:00:00 2001
From: nek0 <nek0@nek0.eu>
Date: Sun, 12 Jun 2022 13:46:03 +0200
Subject: [PATCH 6/7] krita: 5.0.6 -> 5.0.8

fix saving bug
---
 pkgs/applications/graphics/krita/default.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkgs/applications/graphics/krita/default.nix b/pkgs/applications/graphics/krita/default.nix
index 4aea1c4d981..603c1a44f4f 100644
--- a/pkgs/applications/graphics/krita/default.nix
+++ b/pkgs/applications/graphics/krita/default.nix
@@ -1,7 +1,7 @@
 { callPackage, ... } @ args:
 
 callPackage ./generic.nix (args // {
-  version = "5.0.6";
+  version = "5.0.8";
   kde-channel = "stable";
-  sha256 = "sha256:0qhf7vm13v33yk67n7wdcgrqpk7yvajdlkqcp7zhrl2z7qdnvmzd";
+  sha256 = "sha256:7R0fpQc+4MQVDh/enhCTgpgOqU0y5YRShrv/ILa/XkU=";
 })

From cc73dc83b36b76baab8bf2282c2e0fcc1ebbbd5a Mon Sep 17 00:00:00 2001
From: Mario Rodas <marsam@users.noreply.github.com>
Date: Sun, 12 Jun 2022 15:38:05 -0500
Subject: [PATCH 7/7] Revert "nixos/security/wrappers: use an assertion for the
 existence check"

---
 nixos/modules/security/wrappers/default.nix | 40 ++++++++++++++++-----
 1 file changed, 31 insertions(+), 9 deletions(-)

diff --git a/nixos/modules/security/wrappers/default.nix b/nixos/modules/security/wrappers/default.nix
index ec4fe33b8f1..169ef744262 100644
--- a/nixos/modules/security/wrappers/default.nix
+++ b/nixos/modules/security/wrappers/default.nix
@@ -202,21 +202,15 @@ in
   ###### implementation
   config = {
 
-    assertions = lib.concatLists (lib.mapAttrsToList
-      (name: opts: [
+    assertions = lib.mapAttrsToList
+      (name: opts:
         { assertion = opts.setuid || opts.setgid -> opts.capabilities == "";
           message = ''
             The security.wrappers.${name} wrapper is not valid:
                 setuid/setgid and capabilities are mutually exclusive.
           '';
         }
-        { assertion = lib.pathHasContext (toString opts.source) -> lib.pathExists opts.source;
-          message = ''
-            The security.wrappers.${name} wrapper is not valid:
-                the source store path '${opts.source}' does not exist.
-          '';
-        }
-      ]) wrappers);
+      ) wrappers;
 
     security.wrappers =
       let
@@ -279,5 +273,33 @@ in
             ln --symbolic "$wrapperDir" "${wrapperDir}"
           fi
         '';
+
+    ###### wrappers consistency checks
+    system.extraDependencies = lib.singleton (pkgs.runCommandLocal
+      "ensure-all-wrappers-paths-exist" { }
+      ''
+        # make sure we produce output
+        mkdir -p $out
+
+        echo -n "Checking that Nix store paths of all wrapped programs exist... "
+
+        declare -A wrappers
+        ${lib.concatStringsSep "\n" (lib.mapAttrsToList (n: v:
+          "wrappers['${n}']='${v.source}'") wrappers)}
+
+        for name in "''${!wrappers[@]}"; do
+          path="''${wrappers[$name]}"
+          if [[ "$path" =~ /nix/store ]] && [ ! -e "$path" ]; then
+            test -t 1 && echo -ne '\033[1;31m'
+            echo "FAIL"
+            echo "The path $path does not exist!"
+            echo 'Please, check the value of `security.wrappers."'$name'".source`.'
+            test -t 1 && echo -ne '\033[0m'
+            exit 1
+          fi
+        done
+
+        echo "OK"
+      '');
   };
 }