diff --git a/lib/tests/modules.sh b/lib/tests/modules.sh index cc13a8d38e3..82d3dd96e88 100755 --- a/lib/tests/modules.sh +++ b/lib/tests/modules.sh @@ -313,7 +313,7 @@ checkConfigOutput "bar" config.priorities ./raw.nix ## Option collision checkConfigError \ - 'The option .set. in module .*/declare-set.nix. would be a parent of the following options, but its type .attribute set of signed integers. does not support nested options.\n\s*- option[(]s[)] with prefix .set.enable. in module .*/declare-enable-nested.nix.' \ + 'The option .set. in module .*/declare-set.nix. would be a parent of the following options, but its type .attribute set of signed integer. does not support nested options.\n\s*- option[(]s[)] with prefix .set.enable. in module .*/declare-enable-nested.nix.' \ config.set \ ./declare-set.nix ./declare-enable-nested.nix diff --git a/lib/types.nix b/lib/types.nix index 91b040d2455..e4b3f358d1c 100644 --- a/lib/types.nix +++ b/lib/types.nix @@ -397,7 +397,7 @@ rec { listOf = elemType: mkOptionType rec { name = "listOf"; - description = "list of ${elemType.description}s"; + description = "list of ${elemType.description}"; check = isList; merge = loc: defs: map (x: x.value) (filter (x: x ? value) (concatLists (imap1 (n: def: @@ -426,7 +426,7 @@ rec { attrsOf = elemType: mkOptionType rec { name = "attrsOf"; - description = "attribute set of ${elemType.description}s"; + description = "attribute set of ${elemType.description}"; check = isAttrs; merge = loc: defs: mapAttrs (n: v: v.value) (filterAttrs (n: v: v ? value) (zipAttrsWith (name: defs: @@ -449,7 +449,7 @@ rec { # error that it's not defined. Use only if conditional definitions don't make sense. lazyAttrsOf = elemType: mkOptionType rec { name = "lazyAttrsOf"; - description = "lazy attribute set of ${elemType.description}s"; + description = "lazy attribute set of ${elemType.description}"; check = isAttrs; merge = loc: defs: zipAttrsWith (name: defs: diff --git a/nixos/modules/security/wrappers/wrapper.c b/nixos/modules/security/wrappers/wrapper.c index 529669facda..a21ec500208 100644 --- a/nixos/modules/security/wrappers/wrapper.c +++ b/nixos/modules/security/wrappers/wrapper.c @@ -2,12 +2,12 @@ #include #include #include +#include #include #include #include #include #include -#include #include #include #include @@ -16,10 +16,7 @@ #include #include -// Make sure assertions are not compiled out, we use them to codify -// invariants about this program and we want it to fail fast and -// loudly if they are violated. -#undef NDEBUG +#define ASSERT(expr) ((expr) ? (void) 0 : assert_failure(#expr)) extern char **environ; @@ -38,6 +35,12 @@ static char *wrapper_debug = "WRAPPER_DEBUG"; #define LE32_TO_H(x) (x) #endif +static noreturn void assert_failure(const char *assertion) { + fprintf(stderr, "Assertion `%s` in NixOS's wrapper.c failed.\n", assertion); + fflush(stderr); + abort(); +} + int get_last_cap(unsigned *last_cap) { FILE* file = fopen("/proc/sys/kernel/cap_last_cap", "r"); if (file == NULL) { @@ -167,6 +170,7 @@ int readlink_malloc(const char *p, char **ret) { } int main(int argc, char **argv) { + ASSERT(argc >= 1); char *self_path = NULL; int self_path_size = readlink_malloc("/proc/self/exe", &self_path); if (self_path_size < 0) { @@ -181,36 +185,36 @@ int main(int argc, char **argv) { int len = strlen(wrapper_dir); if (len > 0 && '/' == wrapper_dir[len - 1]) --len; - assert(!strncmp(self_path, wrapper_dir, len)); - assert('/' == wrapper_dir[0]); - assert('/' == self_path[len]); + ASSERT(!strncmp(self_path, wrapper_dir, len)); + ASSERT('/' == wrapper_dir[0]); + ASSERT('/' == self_path[len]); // Make *really* *really* sure that we were executed as // `self_path', and not, say, as some other setuid program. That // is, our effective uid/gid should match the uid/gid of // `self_path'. struct stat st; - assert(lstat(self_path, &st) != -1); + ASSERT(lstat(self_path, &st) != -1); - assert(!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())); - assert(!(st.st_mode & S_ISGID) || (st.st_gid == getegid())); + ASSERT(!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())); + ASSERT(!(st.st_mode & S_ISGID) || (st.st_gid == getegid())); // And, of course, we shouldn't be writable. - assert(!(st.st_mode & (S_IWGRP | S_IWOTH))); + ASSERT(!(st.st_mode & (S_IWGRP | S_IWOTH))); // Read the path of the real (wrapped) program from .real. char real_fn[PATH_MAX + 10]; int real_fn_size = snprintf(real_fn, sizeof(real_fn), "%s.real", self_path); - assert(real_fn_size < sizeof(real_fn)); + ASSERT(real_fn_size < sizeof(real_fn)); int fd_self = open(real_fn, O_RDONLY); - assert(fd_self != -1); + ASSERT(fd_self != -1); char source_prog[PATH_MAX]; len = read(fd_self, source_prog, PATH_MAX); - assert(len != -1); - assert(len < sizeof(source_prog)); - assert(len > 0); + ASSERT(len != -1); + ASSERT(len < sizeof(source_prog)); + ASSERT(len > 0); source_prog[len] = 0; close(fd_self); diff --git a/nixos/modules/services/misc/nitter.nix b/nixos/modules/services/misc/nitter.nix index 97005c9d914..5bf0e6bc008 100644 --- a/nixos/modules/services/misc/nitter.nix +++ b/nixos/modules/services/misc/nitter.nix @@ -277,7 +277,7 @@ in Add settings here to override NixOS module generated settings. Check the official repository for the available settings: - https://github.com/zedeus/nitter/blob/master/nitter.conf + https://github.com/zedeus/nitter/blob/master/nitter.example.conf ''; }; diff --git a/pkgs/applications/networking/cluster/k0sctl/default.nix b/pkgs/applications/networking/cluster/k0sctl/default.nix index 256d7e64225..b30a7174902 100644 --- a/pkgs/applications/networking/cluster/k0sctl/default.nix +++ b/pkgs/applications/networking/cluster/k0sctl/default.nix @@ -1,20 +1,29 @@ { lib , buildGoModule , fetchFromGitHub +, fetchpatch +, installShellFiles }: buildGoModule rec { pname = "k0sctl"; - version = "0.11.4"; + version = "0.12.6"; src = fetchFromGitHub { owner = "k0sproject"; repo = pname; rev = "v${version}"; - sha256 = "sha256-Fk1aYSa3LqzxiHtlzH5pcNtodOprjfnCFh4UMqCa6Rc="; + sha256 = "sha256-TkkMO6xBHY5t5Rpd0ieSDXMrnQ+Xdq+65Rk93ZkYcUs="; }; - vendorSha256 = "sha256-21C6wZ8lKQnbUg3aD0ZFVOgopblXyWk4WP/ubZVk3Yk="; + vendorSha256 = "sha256-nTAuvHcsJiW0XYX5GM1SL8cnOhwdrj6iw8tuAkEWNzQ="; + + patches = [ + (fetchpatch { + url = "https://github.com/k0sproject/${pname}/commit/22c694ab0335a1e6146d0d3f939ef79d2c005a3d.patch"; + sha256 = "sha256-Ftq/vbQd5ArdHboDt6NdyuqpFalHVnsQBdpmyDG/t5Q="; + }) + ]; ldflags = [ "-s" @@ -23,6 +32,15 @@ buildGoModule rec { "-X github.com/k0sproject/k0sctl/version.Version=${version}" ]; + nativeBuildInputs = [ installShellFiles ]; + + postInstall = '' + for shell in bash zsh fish; do + installShellCompletion --cmd ${pname} \ + --$shell <($out/bin/${pname} completion --shell $shell) + done + ''; + meta = with lib; { description = "A bootstrapping and management tool for k0s clusters."; homepage = "https://k0sproject.io/"; diff --git a/pkgs/applications/networking/cluster/tilt/default.nix b/pkgs/applications/networking/cluster/tilt/default.nix index c13c08c44a4..5532c644c2c 100644 --- a/pkgs/applications/networking/cluster/tilt/default.nix +++ b/pkgs/applications/networking/cluster/tilt/default.nix @@ -5,13 +5,13 @@ buildGoModule rec { /* Do not use "dev" as a version. If you do, Tilt will consider itself running in development environment and try to serve assets from the source tree, which is not there once build completes. */ - version = "0.26.3"; + version = "0.30.0"; src = fetchFromGitHub { owner = "tilt-dev"; repo = pname; rev = "v${version}"; - sha256 = "sha256-jrVf6vNlEkTgALS93o3kIiticvsyFHm5oA2Fh1edAGY="; + sha256 = "sha256-bZYm9T3NRNNtT8RDGwnXcXC7Rb/GuIxI/U06By4gR/w="; }; vendorSha256 = null; diff --git a/pkgs/applications/video/mpc-qt/default.nix b/pkgs/applications/video/mpc-qt/default.nix index 7c4126bb37c..9f91cc0c3c0 100644 --- a/pkgs/applications/video/mpc-qt/default.nix +++ b/pkgs/applications/video/mpc-qt/default.nix @@ -1,23 +1,16 @@ -{ lib, stdenv, mkDerivation, fetchFromGitLab, fetchpatch, pkg-config, qmake, qtx11extras, qttools, mpv }: +{ lib, stdenv, mkDerivation, fetchFromGitHub, pkg-config, qmake, qtx11extras, qttools, mpv }: mkDerivation rec { pname = "mpc-qt"; - version = "2019-06-09"; + version = "22.02"; - src = fetchFromGitLab { + src = fetchFromGitHub { owner = "mpc-qt"; repo = "mpc-qt"; - rev = "2abe6e7fc643068d50522468fe75d614861555ad"; - sha256 = "1cis8dl9pm91mpnp696zvwsfp96gkwr8jgs45anbwd7ldw78w4x5"; + rev = "v${version}"; + sha256 = "sha256-DRbNDrWnaTT4A0dRFAv9MX/MDwV/rXIw+R8fQJmVN+g="; }; - patches = [ - (fetchpatch { - url = "https://gitlab.com/mpc-qt/mpc-qt/-/commit/02f2bc7a22e863a89ba322b9acb61cf1aef23ba0.diff"; - sha256 = "0khld55i194zgi18d0wch5459lfzzkbfdbl1im8akvq8ks5xijis"; - }) - ]; - nativeBuildInputs = [ pkg-config qmake qttools ]; buildInputs = [ mpv qtx11extras ]; @@ -26,7 +19,7 @@ mkDerivation rec { meta = with lib; { description = "Media Player Classic Qute Theater"; - homepage = "https://gitlab.com/mpc-qt/mpc-qt"; + homepage = "https://mpc-qt.github.io"; license = licenses.gpl2; platforms = platforms.unix; broken = stdenv.isDarwin; diff --git a/pkgs/development/libraries/bullet/default.nix b/pkgs/development/libraries/bullet/default.nix index e37da386cd6..9a882fd7418 100644 --- a/pkgs/development/libraries/bullet/default.nix +++ b/pkgs/development/libraries/bullet/default.nix @@ -11,13 +11,13 @@ stdenv.mkDerivation rec { pname = "bullet"; - version = "3.22b"; + version = "3.23"; src = fetchFromGitHub { owner = "bulletphysics"; repo = "bullet3"; rev = version; - sha256 = "sha256-hf2b7enh9mziPKFcdU8NwLdhcxhV7Ididf9Bwwa+5/M="; + sha256 = "sha256-XZpwCVfSJD3W93BJrGefy3dGrevNzChU+TrKalMpY4Q="; }; nativeBuildInputs = [ cmake ]; diff --git a/pkgs/development/libraries/libdigidocpp/default.nix b/pkgs/development/libraries/libdigidocpp/default.nix index 4f80709652d..171f830032d 100644 --- a/pkgs/development/libraries/libdigidocpp/default.nix +++ b/pkgs/development/libraries/libdigidocpp/default.nix @@ -2,12 +2,12 @@ , xercesc, xml-security-c, pkg-config, xsd, zlib, xalanc, xxd }: stdenv.mkDerivation rec { - version = "3.14.7"; + version = "3.14.8"; pname = "libdigidocpp"; src = fetchurl { url = "https://github.com/open-eid/libdigidocpp/releases/download/v${version}/libdigidocpp-${version}.tar.gz"; - sha256 = "sha256-QdctW2+T8kPNUJv30pXZ/qfnw1Uhq6gScSjUI+bZMfY="; + sha256 = "sha256-U5i5IAyJF4359q6M6mQemEuG7+inPYIXqLy8GHv4dkg="; }; nativeBuildInputs = [ cmake pkg-config xxd ]; diff --git a/pkgs/development/nim-packages/jsony/default.nix b/pkgs/development/nim-packages/jsony/default.nix index 9a4808e3636..bf8cf5d5c7f 100644 --- a/pkgs/development/nim-packages/jsony/default.nix +++ b/pkgs/development/nim-packages/jsony/default.nix @@ -2,13 +2,13 @@ buildNimPackage rec { pname = "jsony"; - version = "1.1.3"; + version = "d0e69bddf83874e15b5c2f52f8b1386ac080b443"; src = fetchFromGitHub { owner = "treeform"; repo = pname; rev = version; - hash = "sha256-jtUCoqwCmE536Kpv/vZxGgqiHyReZf1WOiBdUzmMhM4="; + sha256 = "1p250wb97nzz2g0vvq6mn521fx7sn1jpk1ralbzqh5q8clh4g7wr"; }; doCheck = true; diff --git a/pkgs/development/nim-packages/supersnappy/default.nix b/pkgs/development/nim-packages/supersnappy/default.nix index 471543eca41..f2f8205d828 100644 --- a/pkgs/development/nim-packages/supersnappy/default.nix +++ b/pkgs/development/nim-packages/supersnappy/default.nix @@ -3,6 +3,6 @@ fetchFromGitHub { owner = "guzba"; repo = "supersnappy"; - rev = "1.1.5"; - sha256 = "1y26sgnszvdf5sn7j0jx2dpd4i03mvbk9i9ni9kbyrs798bjwi6z"; + rev = "2.1.1"; + sha256 = "03df1qgrbp84swhqy12ansyn951lkaw0kf1arbnki4fkgdnqdamf"; } diff --git a/pkgs/development/python-modules/apache-airflow/default.nix b/pkgs/development/python-modules/apache-airflow/default.nix index 948fae7893b..c753458fb7e 100644 --- a/pkgs/development/python-modules/apache-airflow/default.nix +++ b/pkgs/development/python-modules/apache-airflow/default.nix @@ -243,5 +243,7 @@ buildPythonPackage rec { homepage = "https://airflow.apache.org/"; license = licenses.asl20; maintainers = with maintainers; [ bhipple costrouc ingenieroariel ]; + # requires extremely outdated versions of multiple dependencies + broken = true; }; } diff --git a/pkgs/development/python-modules/djangorestframework/default.nix b/pkgs/development/python-modules/djangorestframework/default.nix index 131be8781b3..f8de884a24f 100644 --- a/pkgs/development/python-modules/djangorestframework/default.nix +++ b/pkgs/development/python-modules/djangorestframework/default.nix @@ -1,4 +1,4 @@ -{ lib, buildPythonPackage, fetchFromGitHub, django, isPy27 }: +{ lib, buildPythonPackage, fetchFromGitHub, django, pytz, isPy27 }: buildPythonPackage rec { version = "3.12.4"; @@ -15,7 +15,7 @@ buildPythonPackage rec { # Test settings are missing doCheck = false; - propagatedBuildInputs = [ django ]; + propagatedBuildInputs = [ django pytz ]; meta = with lib; { description = "Web APIs for Django, made easy"; diff --git a/pkgs/development/python-modules/mkdocs-material/default.nix b/pkgs/development/python-modules/mkdocs-material/default.nix index a0df1000892..feed177a9af 100644 --- a/pkgs/development/python-modules/mkdocs-material/default.nix +++ b/pkgs/development/python-modules/mkdocs-material/default.nix @@ -13,7 +13,7 @@ buildPythonApplication rec { pname = "mkdocs-material"; - version = "8.2.11"; + version = "8.2.15"; format = "setuptools"; disabled = pythonOlder "3.6"; @@ -22,7 +22,7 @@ buildPythonApplication rec { owner = "squidfunk"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-YAXdIA36QWwdQxTux6Sy/F0j8lprSO+5/VezFcsGQYg="; + hash = "sha256-6x3ENFPGmtRDMV6YRGlTLCYusmX49LrGBDwicg8sDB0="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/pycep-parser/default.nix b/pkgs/development/python-modules/pycep-parser/default.nix index 3e8104ea33b..7a5178cb228 100644 --- a/pkgs/development/python-modules/pycep-parser/default.nix +++ b/pkgs/development/python-modules/pycep-parser/default.nix @@ -12,7 +12,7 @@ buildPythonPackage rec { pname = "pycep-parser"; - version = "0.3.4"; + version = "0.3.5"; format = "pyproject"; disabled = pythonOlder "3.7"; @@ -20,8 +20,8 @@ buildPythonPackage rec { src = fetchFromGitHub { owner = "gruebel"; repo = "pycep"; - rev = version; - hash = "sha256-o2sYPvZVevDqZV8EtKWTL2zHHzX2kmTZ4iVHsUhFv7M="; + rev = "refs/tags/${version}"; + hash = "sha256-Nj/drNRSIBh8DaE+vzQRijQg8NVUK5qBClwU3aWiA48="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/pymdown-extensions/default.nix b/pkgs/development/python-modules/pymdown-extensions/default.nix index 94a73fd8211..068c3196952 100644 --- a/pkgs/development/python-modules/pymdown-extensions/default.nix +++ b/pkgs/development/python-modules/pymdown-extensions/default.nix @@ -1,7 +1,7 @@ { lib , buildPythonPackage , fetchFromGitHub -, fetchpatch +, hatchling , pytestCheckHook , markdown , pyyaml @@ -38,26 +38,17 @@ let in buildPythonPackage rec { pname = "pymdown-extensions"; - version = "9.1"; + version = "9.4"; format = "pyproject"; src = fetchFromGitHub { owner = "facelessuser"; repo = "pymdown-extensions"; rev = version; - sha256 = "sha256-II8Po8144h3wPFrzMbOB/qiCm2HseYrcZkyIZFGT+ek="; + sha256 = "sha256-9oYLDerz6ZcE4QyLO4mFPuHws8oZoXX8LcSV209MFec="; }; - patches = [ - # this patch is needed to allow tests to pass for later versions of the - # markdown dependency - # - # it can be removed after the next pymdown-extensions release - (fetchpatch { - url = "https://github.com/facelessuser/pymdown-extensions/commit/8ee5b5caec8f9373e025f50064585fb9d9b71f86.patch"; - sha256 = "sha256-jTHNcsV0zL0EkSTSj8zCGXXtpUaLnNPldmL+krZj3Gk="; - }) - ]; + nativeBuildInputs = [ hatchling ]; propagatedBuildInputs = [ markdown pygments ]; diff --git a/pkgs/development/python-modules/pyskyqhub/default.nix b/pkgs/development/python-modules/pyskyqhub/default.nix index b0d1f8010fb..6f60fec79f2 100644 --- a/pkgs/development/python-modules/pyskyqhub/default.nix +++ b/pkgs/development/python-modules/pyskyqhub/default.nix @@ -7,7 +7,7 @@ buildPythonPackage rec { pname = "pyskyqhub"; - version = "0.1.8"; + version = "0.1.9"; format = "setuptools"; disabled = pythonOlder "3.8"; @@ -16,7 +16,7 @@ buildPythonPackage rec { owner = "RogerSelwyn"; repo = "skyq_hub"; rev = version; - sha256 = "sha256-1KNgF3d5w+aNKNkOZVkdD3VVLz/F8NyQ5MxO1UaWrFk="; + sha256 = "sha256-yXqtABbsCh1yb96lsEA0gquikVenGLCo6J93AeXAC8k="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/sanic/default.nix b/pkgs/development/python-modules/sanic/default.nix index 228bf2a5624..ff76e2c5631 100644 --- a/pkgs/development/python-modules/sanic/default.nix +++ b/pkgs/development/python-modules/sanic/default.nix @@ -82,6 +82,9 @@ buildPythonPackage rec { # needed for relative paths for some packages cd tests + '' + lib.optionalString stdenv.isDarwin '' + # OSError: [Errno 24] Too many open files + ulimit -n 1024 ''; # uvloop usage is buggy diff --git a/pkgs/development/tools/ocaml/merlin/4.x.nix b/pkgs/development/tools/ocaml/merlin/4.x.nix index 635273bcfd2..b5100afee98 100644 --- a/pkgs/development/tools/ocaml/merlin/4.x.nix +++ b/pkgs/development/tools/ocaml/merlin/4.x.nix @@ -15,12 +15,13 @@ }: let - merlinVersion = "4.4"; + merlinVersion = "4.5"; hashes = { - "4.4-411" = "sha256:0chx28098mmnjbnaz5wgzsn82rh1w9dhzqmsykb412cq13msl1q4"; - "4.4-412" = "sha256:18xjpsiz7xbgjdnsxfc52l7yfh22harj0birlph4xm42d14pkn0n"; - "4.4-413" = "sha256:1ilmh2gqpwgr51w2ba8r0s5zkj75h00wkw4az61ssvivn9jxr7k0"; + "4.5-411" = "sha256:05nz6y7r91rh0lj8b6xdv3s3yknmvjc7y60v17kszgqnr887bvpn"; + "4.5-412" = "sha256:0i5c3rfzinmwdjya7gv94zyknsm32qx9dlg472xpfqivwvnnhf1z"; + "4.5-413" = "sha256:1sphq9anfg1qzrvj7hdcqflj6cmc1qiyfkljhng9fxnnr0i7550s"; + "4.5-414" = "sha256:13h588kwih05zd9p3p7q528q4zc0d1l983kkvbmkxgay5d17nn1i"; }; ocamlVersionShorthand = lib.concatStrings @@ -55,8 +56,6 @@ buildDunePackage { ./test.patch ; - useDune2 = true; - strictDeps = true; nativeBuildInputs = [ diff --git a/pkgs/servers/mail/mailman/hyperkitty.nix b/pkgs/servers/mail/mailman/hyperkitty.nix index d1e4581789e..b84e78e323d 100644 --- a/pkgs/servers/mail/mailman/hyperkitty.nix +++ b/pkgs/servers/mail/mailman/hyperkitty.nix @@ -1,5 +1,6 @@ { lib , buildPythonPackage +, fetchpatch , fetchPypi , pythonOlder @@ -40,6 +41,15 @@ buildPythonPackage rec { sha256 = "sha256-gmkiK8pIHfubbbxNdm/D6L2o722FptxYgINYdIUOn4Y="; }; + patches = [ + # FIXME: backport Python 3.10 support fix, remove for next release + (fetchpatch { + url = "https://gitlab.com/mailman/hyperkitty/-/commit/551a44a76e46931fc5c1bcb341235d8f579820be.patch"; + sha256 = "sha256-5XCrvyrDEqH3JryPMoOXSlVVDLQ+PdYBqwGYxkExdvk="; + includes = [ "hyperkitty/*" ]; + }) + ]; + postPatch = '' # isort is a development dependency sed -i '/isort/d' setup.py diff --git a/pkgs/servers/nitter/default.nix b/pkgs/servers/nitter/default.nix index a0115440b6e..3931f5b3281 100644 --- a/pkgs/servers/nitter/default.nix +++ b/pkgs/servers/nitter/default.nix @@ -2,14 +2,14 @@ nimPackages.buildNimPackage rec { pname = "nitter"; - version = "unstable-2022-03-21"; + version = "unstable-2022-05-13"; nimBinOnly = true; src = fetchFromGitHub { owner = "zedeus"; repo = "nitter"; - rev = "6884f05041a9b8619ec709afacdfdd6482a120a0"; - sha256 = "1mnc6jqljpqp9lgcrxxvf3aiswssr34v139cxfbwlmj45swmsazh"; + rev = "683c052036b268028f0ecae020a1519bc586516d"; + sha256 = "179z66jlwbdarrgvpdh8aqy2ihkiakd22wqydrfgpsgr59ma8fgl"; }; buildInputs = with nimPackages; [ @@ -29,6 +29,7 @@ nimPackages.buildNimPackage rec { postBuild = '' nim c --hint[Processing]:off -r tools/gencss + nim c --hint[Processing]:off -r tools/rendermd ''; postInstall = '' diff --git a/pkgs/servers/web-apps/netbox/default.nix b/pkgs/servers/web-apps/netbox/default.nix index 988076947bc..ee868397ee7 100644 --- a/pkgs/servers/web-apps/netbox/default.nix +++ b/pkgs/servers/web-apps/netbox/default.nix @@ -9,36 +9,7 @@ let py = python3.override { packageOverrides = self: super: { - django = super.django_3; - jsonschema = super.jsonschema.overridePythonAttrs (old: rec { - version = "3.2.0"; - src = self.fetchPypi { - pname = old.pname; - inherit version; - sha256 = "c8a85b28d377cc7737e46e2d9f2b4f44ee3c0e1deac6bf46ddefc7187d30797a"; - }; - }); - lxml = super.lxml.overridePythonAttrs (old: rec { - version = "4.6.5"; - src = self.fetchPypi { - pname = old.pname; - inherit version; - sha256 = "6e84edecc3a82f90d44ddee2ee2a2630d4994b8471816e226d2b771cda7ac4ca"; - }; - }); - werkzeug = super.werkzeug.overridePythonAttrs (old: rec { - version = "2.0.3"; - src = self.fetchPypi { - pname = "Werkzeug"; - inherit version; - sha256 = "sha256-uGP4/wV8UiFktgZ8niiwQRYbS+W6TQ2s7qpQoWOCLTw="; - }; - }); - sentry-sdk = super.sentry-sdk.overridePythonAttrs (old: rec { - disabledTestPaths = old.disabledTestPaths ++ [ - "tests/integrations/flask/test_flask.py" - ]; - }); + django = super.django_4; }; }; @@ -64,7 +35,7 @@ py.pkgs.buildPythonApplication rec { ]; propagatedBuildInputs = with py.pkgs; [ - django_3 + django_4 django-cors-headers django-debug-toolbar django-filter diff --git a/pkgs/shells/rc/default.nix b/pkgs/shells/rc/default.nix index b0caea99875..5783607751a 100644 --- a/pkgs/shells/rc/default.nix +++ b/pkgs/shells/rc/default.nix @@ -14,10 +14,10 @@ stdenv.mkDerivation rec { }; strictDeps = true; - nativeBuildInputs = [ autoreconfHook ]; + nativeBuildInputs = [ autoreconfHook byacc ]; # acinclude.m4 wants headers for tgetent(). - buildInputs = [ byacc ncurses ] + buildInputs = [ ncurses ] ++ lib.optionals readlineSupport [ readline ]; configureFlags = [ diff --git a/pkgs/tools/security/clamav/default.nix b/pkgs/tools/security/clamav/default.nix index 4a72c900ca4..25351625259 100644 --- a/pkgs/tools/security/clamav/default.nix +++ b/pkgs/tools/security/clamav/default.nix @@ -1,52 +1,32 @@ -{ lib, stdenv, fetchurl, pkg-config +{ lib, stdenv, fetchurl, pkg-config, cmake , zlib, bzip2, libiconv, libxml2, openssl, ncurses, curl, libmilter, pcre2 , libmspack, systemd, Foundation, json_c, check +, rustc, rust-bindgen, rustfmt, cargo, python3 }: stdenv.mkDerivation rec { pname = "clamav"; - version = "0.103.6"; + version = "0.105.0"; src = fetchurl { url = "https://www.clamav.net/downloads/production/${pname}-${version}.tar.gz"; - sha256 = "sha256-qqEuPcGfHTI7HFDXoQ+or1V+Q5AUnoZNWb3jm2rZujM="; + sha256 = "sha256-JwIDpUxFgEnbVPzZNoP/Wy2xkVHzY8SOgs7O/d4rNdQ="; }; - # don't install sample config files into the absolute sysconfdir folder - postPatch = '' - substituteInPlace Makefile.in --replace ' etc ' ' ' - ''; + # Flaky test, remove this when https://github.com/Cisco-Talos/clamav/issues/343 is fixed + patches = [ ./remove-freshclam-test.patch ]; enableParallelBuilding = true; - nativeBuildInputs = [ pkg-config ]; + nativeBuildInputs = [ cmake pkg-config rustc rust-bindgen rustfmt cargo python3 ]; buildInputs = [ zlib bzip2 libxml2 openssl ncurses curl libiconv libmilter pcre2 libmspack json_c check ] ++ lib.optional stdenv.isLinux systemd ++ lib.optional stdenv.isDarwin Foundation; - configureFlags = [ - "--libdir=$(out)/lib" - "--sysconfdir=/etc/clamav" - "--disable-llvm" # enabling breaks the build at the moment - "--with-zlib=${zlib.dev}" - "--with-xml=${libxml2.dev}" - "--with-openssl=${openssl.dev}" - "--with-libcurl=${curl.dev}" - "--with-libjson=${json_c.dev}" - "--with-system-libmspack" - "--enable-milter" - "--disable-unrar" # disable unrar because it's non-free and requires some extra patching to work properly - "--enable-check" - ] ++ lib.optional stdenv.isLinux - "--with-systemdsystemunitdir=$(out)/lib/systemd"; + cmakeFlags = [ + "-DSYSTEMD_UNIT_DIR=${placeholder "out"}/lib/systemd" + ]; - postInstall = '' - mkdir $out/etc - cp etc/*.sample $out/etc - ''; - - # Only required for the unit tests - hardeningDisable = [ "format" ]; doCheck = true; meta = with lib; { diff --git a/pkgs/tools/security/clamav/remove-freshclam-test.patch b/pkgs/tools/security/clamav/remove-freshclam-test.patch new file mode 100644 index 00000000000..93078b52aaa --- /dev/null +++ b/pkgs/tools/security/clamav/remove-freshclam-test.patch @@ -0,0 +1,20 @@ +diff --git a/unit_tests/CMakeLists.txt b/unit_tests/CMakeLists.txt +index 1460357ba..1194abc9d 100644 +--- a/unit_tests/CMakeLists.txt ++++ b/unit_tests/CMakeLists.txt +@@ -371,15 +371,6 @@ if(ENABLE_APP) + set_property(TEST clamd_valgrind PROPERTY ENVIRONMENT ${ENVIRONMENT} VALGRIND=${Valgrind_EXECUTABLE}) + endif() + +- add_test(NAME freshclam COMMAND ${PythonTest_COMMAND};freshclam_test.py +- WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}) +- set_property(TEST freshclam PROPERTY ENVIRONMENT ${ENVIRONMENT}) +- if(Valgrind_FOUND) +- add_test(NAME freshclam_valgrind COMMAND ${PythonTest_COMMAND};freshclam_test.py +- WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}) +- set_property(TEST freshclam_valgrind PROPERTY ENVIRONMENT ${ENVIRONMENT} VALGRIND=${Valgrind_EXECUTABLE}) +- endif() +- + add_test(NAME sigtool COMMAND ${PythonTest_COMMAND};sigtool_test.py + WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}) + set_property(TEST sigtool PROPERTY ENVIRONMENT ${ENVIRONMENT}) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index e08417bd6ca..478a88adc65 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -34684,7 +34684,9 @@ with pkgs; tgswitch = callPackage ../applications/networking/cluster/tgswitch {}; - tilt = callPackage ../applications/networking/cluster/tilt { }; + tilt = callPackage ../applications/networking/cluster/tilt { + buildGoModule = buildGo118Module; + }; timeular = callPackage ../applications/office/timeular {};