First, this closes#167972 by explicitly disabling Python tests for the
backported pycrypto library. Those tests were written for Python 2 only.
Furthermore, the meta.knownVulnerabilities attribute was added as the
last weechat-otr upstream release was in 2018-03 [0] and the backported
Debian package of pycrypto is from 2020-04 [1]. As there are no known
vulnerabilities for weechat-otr itself, pycrypto "is unmaintained,
obsolete, and contains security vulnerabilities" [2]. Even with Debian's
patches, this is no good situation.
As weechat-otr being a security and privacy related software, it should
be made obvious, that its code base is old and unmaintained.
[0] https://github.com/mmb/weechat-otr/releases/tag/v1.9.2
[1] https://salsa.debian.org/sramacher/python-crypto/-/tags/debian%2F2.6.1-13.1
[2] https://www.pycrypto.org/
server.py tries to launch a matrix_sso_helper binary when connecting to
a homeserver that uses some SSO mechanism instead of plain login and
password, but doesn't have $out/bin in $PATH.
Using substituteInPlace to patch server.py so that the helper process is
started by using its actual filesystem location instead of relying on
$PATH.
Fixes: https://github.com/NixOS/nixpkgs/issues/124186
matrix.py tries to import its dependencies, and its own code from
$out/${python.sitePackages}, and neither of these worked because
nothing was telling Python where to load that stuff from.
Using patchPythonScript made it so matrix.py could find its
dependencies, but it still wasn't able to find its own code, so that
had to be added to program_PYTHONPATH beforehand so patchPythonScript
would include it as well.
Fixes: https://github.com/NixOS/nixpkgs/issues/89499
This reverts commit f19b7b03a0, reversing
changes made to 572a864d02.
Sorry. I pushed the wrong staging-next (the one that had my master
merged in). This was not intended.
@the-kenny did a good job in the past and is set as maintainer in many package,
however since 2017-2018 he stopped contributing. To create less confusion
in pull requests when people try to request his feedback, I removed him as
maintainer from all packages.
Sandro Jäckel