From 5fe395084ad57583cd5d5feaa9fa7d1a7038cfc8 Mon Sep 17 00:00:00 2001 From: cryptoluks <9020527+cryptoluks@users.noreply.github.com> Date: Fri, 20 Sep 2024 09:42:30 +0200 Subject: [PATCH 01/33] burpsuite: 2024.6.6 -> 2024.7.6, add missing dependency for built-in browser --- pkgs/tools/networking/burpsuite/default.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/networking/burpsuite/default.nix b/pkgs/tools/networking/burpsuite/default.nix index 75014e8823d7e05..553328442c2a7f3 100644 --- a/pkgs/tools/networking/burpsuite/default.nix +++ b/pkgs/tools/networking/burpsuite/default.nix @@ -9,20 +9,20 @@ }: let - version = "2024.6.6"; + version = "2024.7.6"; product = if proEdition then { productName = "pro"; productDesktop = "Burp Suite Professional Edition"; - hash = "sha256-EpDTxui/6w5RD15vpVXsNRqcajovgQDjlzLqEDdbPgY="; + hash = "sha256-mQWWRX8Ea0vA/Sw1rjghvnnY5inD0WJILyCSzAyhRQ8="; } else { productName = "community"; productDesktop = "Burp Suite Community Edition"; - hash = "sha256-5LyazMNcEOq+F3p7y50x9AogvBKLd6ToS3Wzc+fFpmc="; + hash = "sha256-OrixIA9KfztXwJQxkIe/6U9ZVeL8kMaK7LgLBMMibag="; }; src = fetchurl { @@ -72,6 +72,7 @@ buildFHSEnv { libdrm libudev0-shim libxkbcommon + mesa nspr nss pango From 1c39d26d98c95106151b4e0a43a0ff14b0ae77e6 Mon Sep 17 00:00:00 2001 From: Nikita Skakun Date: Wed, 2 Oct 2024 21:29:42 +0000 Subject: [PATCH 02/33] ladybird: update homepage link --- pkgs/applications/networking/browsers/ladybird/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/applications/networking/browsers/ladybird/default.nix b/pkgs/applications/networking/browsers/ladybird/default.nix index 60157ca2628263e..c205806f874076a 100644 --- a/pkgs/applications/networking/browsers/ladybird/default.nix +++ b/pkgs/applications/networking/browsers/ladybird/default.nix @@ -182,7 +182,7 @@ stdenv.mkDerivation (finalAttrs: { meta = with lib; { description = "Browser using the SerenityOS LibWeb engine with a Qt or Cocoa GUI"; - homepage = "https://ladybird.dev"; + homepage = "https://ladybird.org"; license = licenses.bsd2; maintainers = with maintainers; [ fgaz ]; platforms = [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" ]; From 94b5ecfb9502a5290583f86fe9ce04df5ba800ae Mon Sep 17 00:00:00 2001 From: Christoph Heiss Date: Thu, 3 Oct 2024 11:20:28 +0200 Subject: [PATCH 03/33] floorp: 11.18.1 -> 11.19.0 Release notes: https://blog.ablaze.one/4541/2024-09-21/ Git changelog: https://github.com/Floorp-Projects/Floorp/compare/v11.18.1...v11.19.0 Signed-off-by: Christoph Heiss --- pkgs/applications/networking/browsers/floorp/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/browsers/floorp/default.nix b/pkgs/applications/networking/browsers/floorp/default.nix index eef6c3a2abfc8d1..08a45eddd14fa3d 100644 --- a/pkgs/applications/networking/browsers/floorp/default.nix +++ b/pkgs/applications/networking/browsers/floorp/default.nix @@ -9,7 +9,7 @@ ( (buildMozillaMach rec { pname = "floorp"; - packageVersion = "11.18.1"; + packageVersion = "11.19.0"; applicationName = "Floorp"; binaryName = "floorp"; branding = "browser/branding/official"; @@ -24,7 +24,7 @@ repo = "Floorp"; fetchSubmodules = true; rev = "v${packageVersion}"; - hash = "sha256-w7b3s8/ekDzGbjbdqK/9W9S5e79fbE9ftJkSsz2sQtA="; + hash = "sha256-Sk7oMegNr01tLC1BXpUuImg03C6lEEhaVTSjISV9xAE="; }; extraConfigureFlags = [ From 001181d49e306a8a5aed7f22ee583c9136af95da Mon Sep 17 00:00:00 2001 From: Yarny0 <41838844+Yarny0@users.noreply.github.com> Date: Sat, 5 Oct 2024 07:19:54 +0200 Subject: [PATCH 04/33] oath-toolkit: migrate to `pkgs/by-name` overlay --- .../default.nix => by-name/oa/oath-toolkit/package.nix} | 0 pkgs/top-level/all-packages.nix | 2 -- 2 files changed, 2 deletions(-) rename pkgs/{tools/security/oath-toolkit/default.nix => by-name/oa/oath-toolkit/package.nix} (100%) diff --git a/pkgs/tools/security/oath-toolkit/default.nix b/pkgs/by-name/oa/oath-toolkit/package.nix similarity index 100% rename from pkgs/tools/security/oath-toolkit/default.nix rename to pkgs/by-name/oa/oath-toolkit/package.nix diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 58ab2693467b7d1..e3fb810aca967f7 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -10655,8 +10655,6 @@ with pkgs; oapi-codegen = callPackage ../tools/networking/oapi-codegen { }; - oath-toolkit = callPackage ../tools/security/oath-toolkit { }; - oatpp = callPackage ../development/libraries/oatpp { }; obex_data_server = callPackage ../tools/bluetooth/obex-data-server { }; From 18e9a97ff835d73ecf8d2e8ae3f4466b809750cd Mon Sep 17 00:00:00 2001 From: Yarny0 <41838844+Yarny0@users.noreply.github.com> Date: Sat, 5 Oct 2024 07:21:54 +0200 Subject: [PATCH 05/33] oath-toolkit: 2.6.11 -> 2.6.12 Note that this fixes CVE-2024-47191 (privilege escalation), see https://security.opensuse.org/2024/10/04/oath-toolkit-vulnerability.html --- pkgs/by-name/oa/oath-toolkit/package.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/by-name/oa/oath-toolkit/package.nix b/pkgs/by-name/oa/oath-toolkit/package.nix index aa42558604696ba..15fc4760bc37aa7 100644 --- a/pkgs/by-name/oa/oath-toolkit/package.nix +++ b/pkgs/by-name/oa/oath-toolkit/package.nix @@ -8,11 +8,11 @@ let in stdenv.mkDerivation rec { pname = "oath-toolkit"; - version = "2.6.11"; + version = "2.6.12"; src = fetchurl { url = "mirror://savannah/${pname}/${pname}-${version}.tar.gz"; - sha256 = "sha256-/FEqSltG9MQ6sFhsMYn+zk1U9+ZJOX1voeI0KEMeLLQ="; + hash = "sha256-yv33ObHsSydkQcau2uZBFDS72HAHH2YVS5CcxuLZ6Lo="; }; buildInputs = [ securityDependency ]; From e85f4cb2796f50c421b90c01fe6fd50ad2dff059 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= Date: Sat, 5 Oct 2024 14:17:38 -0700 Subject: [PATCH 06/33] python312Packages.matrix-nio: 0.25.1 -> 0.25.2 Diff: https://github.com/poljar/matrix-nio/compare/refs/tags/0.25.1...0.25.2 Changelog: https://github.com/poljar/matrix-nio/blob/0.25.2/CHANGELOG.md --- pkgs/development/python-modules/matrix-nio/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/matrix-nio/default.nix b/pkgs/development/python-modules/matrix-nio/default.nix index eaed123ef9031f5..9375c81a32a5bc4 100644 --- a/pkgs/development/python-modules/matrix-nio/default.nix +++ b/pkgs/development/python-modules/matrix-nio/default.nix @@ -44,14 +44,14 @@ buildPythonPackage rec { pname = "matrix-nio"; - version = "0.25.1"; + version = "0.25.2"; pyproject = true; src = fetchFromGitHub { owner = "poljar"; repo = "matrix-nio"; rev = "refs/tags/${version}"; - hash = "sha256-cfxM/k0AXP/47goWahAzY36dpZiR00gmNveyoxQWvjo="; + hash = "sha256-ZNYK5D4aDKE+N62A/hPmTphir+UsWvj3BW2EPG1z+R4="; }; patches = [ From be0d4e49cd3dc94b66736869c4831ba4baf202a8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= Date: Sat, 5 Oct 2024 14:18:05 -0700 Subject: [PATCH 07/33] home-assistant: 2024.10.0 -> 2024.10.1 Changelog: https://github.com/home-assistant/core/releases/tag/2024.10.1 --- pkgs/servers/home-assistant/component-packages.nix | 2 +- pkgs/servers/home-assistant/default.nix | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/servers/home-assistant/component-packages.nix b/pkgs/servers/home-assistant/component-packages.nix index 87af552c35757c5..a593d677fb16537 100644 --- a/pkgs/servers/home-assistant/component-packages.nix +++ b/pkgs/servers/home-assistant/component-packages.nix @@ -2,7 +2,7 @@ # Do not edit! { - version = "2024.10.0"; + version = "2024.10.1"; components = { "3_day_blinds" = ps: with ps; [ ]; diff --git a/pkgs/servers/home-assistant/default.nix b/pkgs/servers/home-assistant/default.nix index c22bfe4418b99ce..4baaeb229d1fe38 100644 --- a/pkgs/servers/home-assistant/default.nix +++ b/pkgs/servers/home-assistant/default.nix @@ -408,7 +408,7 @@ let extraBuildInputs = extraPackages python.pkgs; # Don't forget to run update-component-packages.py after updating - hassVersion = "2024.10.0"; + hassVersion = "2024.10.1"; in python.pkgs.buildPythonApplication rec { pname = "homeassistant"; @@ -426,13 +426,13 @@ in python.pkgs.buildPythonApplication rec { owner = "home-assistant"; repo = "core"; rev = "refs/tags/${version}"; - hash = "sha256-X7atEjhw6QcS5xNiW+17/vrwqjCL4N3VocxUTELLXgo="; + hash = "sha256-yEClfdMyN0E+eelSFESVbVDzvZu/rn4qBCjD5L/L6Is="; }; # Secondary source is pypi sdist for translations sdist = fetchPypi { inherit pname version; - hash = "sha256-SHNs/zLyNVi0uGguRTWMnt9UpPYEFJbrfwBYFz+q5Nk="; + hash = "sha256-M2vuqHoLNVizoCXnQ4RRQ+//TgtoJxJaQFCz9H7UnVs="; }; build-system = with python.pkgs; [ From c42d3b811183f886223d69b6908026b9702dfbb2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= Date: Sat, 5 Oct 2024 14:21:15 -0700 Subject: [PATCH 08/33] python312Packages.homeassistant-stubs: 2024.10.0 -> 2024.10.1 Diff: https://github.com/KapJI/homeassistant-stubs/compare/refs/tags/2024.10.0...2024.10.1 Changelog: https://github.com/KapJI/homeassistant-stubs/releases/tag/2024.10.1 --- pkgs/servers/home-assistant/stubs.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/home-assistant/stubs.nix b/pkgs/servers/home-assistant/stubs.nix index da133b6a9c06bac..c99bedad54a637b 100644 --- a/pkgs/servers/home-assistant/stubs.nix +++ b/pkgs/servers/home-assistant/stubs.nix @@ -9,7 +9,7 @@ buildPythonPackage rec { pname = "homeassistant-stubs"; - version = "2024.10.0"; + version = "2024.10.1"; pyproject = true; disabled = python.version != home-assistant.python.version; @@ -18,7 +18,7 @@ buildPythonPackage rec { owner = "KapJI"; repo = "homeassistant-stubs"; rev = "refs/tags/${version}"; - hash = "sha256-CI8orK0iR8avP4zgdIo9EWa9G7fqAul9CF/rEZBqDbQ="; + hash = "sha256-uPB9ge7oUjGwKKvg2V+Yf7l2KiwgLLIBH/CKP2erAHY="; }; build-system = [ From cf15cf1eefe05e7338d97e79005e0ed538348bfd Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sat, 5 Oct 2024 21:29:22 +0000 Subject: [PATCH 09/33] python312Packages.awscrt: 0.21.5 -> 0.22.0 --- pkgs/development/python-modules/awscrt/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/awscrt/default.nix b/pkgs/development/python-modules/awscrt/default.nix index 08c902f13832976..02cc8115386f85a 100644 --- a/pkgs/development/python-modules/awscrt/default.nix +++ b/pkgs/development/python-modules/awscrt/default.nix @@ -12,14 +12,14 @@ buildPythonPackage rec { pname = "awscrt"; - version = "0.21.5"; + version = "0.22.0"; format = "setuptools"; disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - hash = "sha256-fsKmevMPvzhklN8Au9+Zb3AkAA32sBqxYAFK/vK5EAU="; + hash = "sha256-TKKwtJMo8D9aPd4tVlEy34rXTLonNSYS7Nn+JQXh13A="; }; buildInputs = lib.optionals stdenv.hostPlatform.isDarwin [ From 72f627af9e350b4b609c2cf5f0eec21538ea218e Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sun, 6 Oct 2024 03:00:47 +0000 Subject: [PATCH 10/33] stella: 6.7.1 -> 7.0 --- pkgs/by-name/st/stella/package.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/by-name/st/stella/package.nix b/pkgs/by-name/st/stella/package.nix index 26cb88cdbbbf906..16d812206934621 100644 --- a/pkgs/by-name/st/stella/package.nix +++ b/pkgs/by-name/st/stella/package.nix @@ -8,13 +8,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "stella"; - version = "6.7.1"; + version = "7.0"; src = fetchFromGitHub { owner = "stella-emu"; repo = "stella"; rev = finalAttrs.version; - hash = "sha256-4z6rFF6XqfyS9zZ4ByvTZi7cSqxpF4EcLffPbId5ppg="; + hash = "sha256-c7A1gFvYkxxwuwrntw/w8FYD24l5m1Uip+44Pe664lE="; }; nativeBuildInputs = [ From 245a23bd4ca7e9fed29153fdab22bd88f57f7f64 Mon Sep 17 00:00:00 2001 From: m1dugh Date: Thu, 19 Sep 2024 19:02:20 +0200 Subject: [PATCH 11/33] maintainers: Adds m1dugh --- maintainers/maintainer-list.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index 5db8d13fd65622f..640df9c6bb02ea0 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -12683,6 +12683,12 @@ githubId = 3044438; name = "Lucas Savva"; }; + m1dugh = { + email = "romain103paris@gmail.com"; + name = "Romain LE MIERE"; + github = "m1dugh"; + githubId = 42266017; + }; ma27 = { email = "maximilian@mbosch.me"; matrix = "@ma27:nicht-so.sexy"; From 2aa9d16122a45c3e0c3958c2a34df0c61b3bdd52 Mon Sep 17 00:00:00 2001 From: m1dugh Date: Thu, 19 Sep 2024 19:03:13 +0200 Subject: [PATCH 12/33] msi-ec-kmods: init at 0-unstable-2024-09-19 Adds msi-ec-kmods kernel module for msi embedded controllers. --- pkgs/os-specific/linux/msi-ec/default.nix | 53 +++++++++++++++++++ .../os-specific/linux/msi-ec/patches/Makefile | 27 ++++++++++ pkgs/top-level/linux-kernels.nix | 2 + 3 files changed, 82 insertions(+) create mode 100644 pkgs/os-specific/linux/msi-ec/default.nix create mode 100644 pkgs/os-specific/linux/msi-ec/patches/Makefile diff --git a/pkgs/os-specific/linux/msi-ec/default.nix b/pkgs/os-specific/linux/msi-ec/default.nix new file mode 100644 index 000000000000000..04f186af0844aa1 --- /dev/null +++ b/pkgs/os-specific/linux/msi-ec/default.nix @@ -0,0 +1,53 @@ +{ + stdenv, + lib, + fetchFromGitHub, + linuxPackages, + git, + kernel ? linuxPackages.kernel, +}: +stdenv.mkDerivation { + pname = "msi-ec-kmods"; + version = "0-unstable-2024-09-19"; + + src = fetchFromGitHub { + owner = "BeardOverflow"; + repo = "msi-ec"; + rev = "94c2a45c04a07096e10d7cb1240e1a201a025dc0"; + hash = "sha256-amJUoIf5Sl62BLyHLeam2fzN1s+APoWh2dH5QVfJhCs="; + }; + + dontMakeSourcesWritable = false; + + postPatch = + let + targets = builtins.filter (v: v != "") [ + (lib.strings.optionalString (kernel.kernelOlder "6.2") "older-kernel-patch") + (lib.strings.optionalString (kernel.kernelAtLeast "6.11") "6.11-kernel-patch") + ]; + commands = builtins.map (target: "make ${target}") targets; + in + lib.concatStringsSep "\n" ([ "cp ${./patches/Makefile} ./Makefile" ] ++ commands); + + hardeningDisable = [ "pic" ]; + + makeFlags = kernel.makeFlags ++ [ + "KERNELDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" + "INSTALL_MOD_PATH=$(out)" + ]; + + nativeBuildInputs = kernel.moduleBuildDependencies ++ [ git ]; + + installTargets = [ "modules_install" ]; + + enableParallelBuilding = true; + + meta = { + description = "Kernel modules for MSI Embedded controller"; + homepage = "https://github.com/BeardOverflow/msi-ec"; + license = lib.licenses.gpl2Plus; + maintainers = [ lib.maintainers.m1dugh ]; + platforms = lib.platforms.linux; + broken = kernel.kernelOlder "6.2"; + }; +} diff --git a/pkgs/os-specific/linux/msi-ec/patches/Makefile b/pkgs/os-specific/linux/msi-ec/patches/Makefile new file mode 100644 index 000000000000000..f88fa4022082408 --- /dev/null +++ b/pkgs/os-specific/linux/msi-ec/patches/Makefile @@ -0,0 +1,27 @@ +# Out of the box, the build with this Makefile only works in FHS environments, +# such as on Ubuntu or Debian. On NixOS, you either need to open an FHS +# environment using a Nix shell or build this from a specially crafted Nix +# derivation. +# +# This file follows the conventions written down here: +# https://docs.kernel.org/kbuild/modules.html +# Make it possible to override the kernel src tree location from Nix derivation. +KERNEL ?= $(shell uname -r) +KERNELDIR ?= /lib/modules/$(KERNEL)/build/ +ccflags-y := -std=gnu11 -Wno-declaration-after-statement +.PHONY: default +default: modules +# -m: Build as module. +obj-m = msi-ec.o +.PHONY: modules +modules: + @#"M=": Module source. Special variable of the kernel's main Makefile. + $(MAKE) -C $(KERNELDIR) M=$(PWD) modules +.PHONY: modules_install +modules_install: + $(MAKE) -C $(KERNELDIR) M=$(PWD) modules_install +6.11-kernel-patch: + git apply 6.11-kernel.patch + +older-kernel-patch: + git apply older-kernel.patch diff --git a/pkgs/top-level/linux-kernels.nix b/pkgs/top-level/linux-kernels.nix index 3c00a5693a58b1f..4255d0c036e83cd 100644 --- a/pkgs/top-level/linux-kernels.nix +++ b/pkgs/top-level/linux-kernels.nix @@ -602,6 +602,8 @@ in { nullfs = callPackage ../os-specific/linux/nullfs { }; + msi-ec = callPackage ../os-specific/linux/msi-ec { }; + } // lib.optionalAttrs config.allowAliases { ati_drivers_x11 = throw "ati drivers are no longer supported by any kernel >=4.1"; # added 2021-05-18; hid-nintendo = throw "hid-nintendo was added in mainline kernel version 5.16"; # Added 2023-07-30 From 197f37c80fbef3319f102434a5b98de0d54aa2b9 Mon Sep 17 00:00:00 2001 From: Lewis Arias Date: Fri, 31 May 2024 18:15:03 -0400 Subject: [PATCH 13/33] opencv4: properly install Python type-stubs Without these type stubs installed auto-completion for the `cv2` module will not be available and diagnostics may not be accurate. This is especially notable in a devshell using `mkShell` and `python3.withPackages` leading to editors such as Neovim having a poor development experience. --- pkgs/development/libraries/opencv/4.x.nix | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/pkgs/development/libraries/opencv/4.x.nix b/pkgs/development/libraries/opencv/4.x.nix index 3d5c0ac87067c95..0a48e4da8563322 100644 --- a/pkgs/development/libraries/opencv/4.x.nix +++ b/pkgs/development/libraries/opencv/4.x.nix @@ -480,7 +480,7 @@ effectiveStdenv.mkDerivation { ] ++ optionals (!effectiveStdenv.hostPlatform.isDarwin) [ (cmakeOptionType "path" "OPENCL_LIBRARY" "${ocl-icd}/lib/libOpenCL.so") ] ++ optionals enablePython [ - (cmakeBool "OPENCV_SKIP_PYTHON_LOADER" true) + (cmakeOptionType "path" "OPENCV_PYTHON_INSTALL_PATH" pythonPackages.python.sitePackages) ] ++ optionals (enabledModules != [ ]) [ (cmakeFeature "BUILD_LIST" (concatStringsSep "," enabledModules)) ]; @@ -541,10 +541,6 @@ effectiveStdenv.mkDerivation { pushd dist python -m pip install ./*.whl --no-index --no-warn-script-location --prefix="$out" --no-cache - # the cv2/__init__.py just tries to check provide "nice user feedback" if the installation is bad - # however, this also causes infinite recursion when used by other packages - rm -r $out/${pythonPackages.python.sitePackages}/cv2 - popd popd ''; From edc017aaa8b31568442014883cb9fc41e04d8459 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 7 Oct 2024 01:21:41 +0000 Subject: [PATCH 14/33] doublecmd: 1.1.18 -> 1.1.19 --- pkgs/by-name/do/doublecmd/package.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/by-name/do/doublecmd/package.nix b/pkgs/by-name/do/doublecmd/package.nix index 766ce66b1dbc573..db12c0f1c90ffbd 100644 --- a/pkgs/by-name/do/doublecmd/package.nix +++ b/pkgs/by-name/do/doublecmd/package.nix @@ -13,13 +13,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "doublecmd"; - version = "1.1.18"; + version = "1.1.19"; src = fetchFromGitHub { owner = "doublecmd"; repo = "doublecmd"; rev = "v${finalAttrs.version}"; - hash = "sha256-1lmDmtvkLMLxvF6ZTOShr5fsYN++Jm6+ngzgFyNjFn4="; + hash = "sha256-3OHlC6+oHB1xW2uYFeQn3paJDvo2PZytdzv98G/qqmg="; }; nativeBuildInputs = [ From 7c4c284e9df3070865a6535f301c2639a9b6aefe Mon Sep 17 00:00:00 2001 From: seth Date: Sun, 6 Oct 2024 22:28:13 -0400 Subject: [PATCH 15/33] python312Packages.apprise: disable nondeterministic test --- pkgs/development/python-modules/apprise/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pkgs/development/python-modules/apprise/default.nix b/pkgs/development/python-modules/apprise/default.nix index cf6aef5fb69f50d..53a0835bc6356fe 100644 --- a/pkgs/development/python-modules/apprise/default.nix +++ b/pkgs/development/python-modules/apprise/default.nix @@ -64,6 +64,9 @@ buildPythonPackage rec { "test_plugin_mqtt_general" # Nondeterministic. Fails with `assert 3 == 2` "test_plugin_matrix_transaction_ids_api_v3" + # Nondeterministic. Fails with `IndexError` + # https://github.com/NixOS/nixpkgs/issues/346894 + "test_plugin_wxpusher_result_set" # Nondeterministic. Fails with `AssertionError` "test_plugin_xbmc_kodi_urls" # Nondeterministic. Fails with `AssertionError` From 341a8aa7f7cdbf3da548e8c6d0403abe80d09896 Mon Sep 17 00:00:00 2001 From: Randy Eckenrode Date: Sun, 28 Jan 2024 17:18:07 -0500 Subject: [PATCH 16/33] bacula: fix build on Darwin After the CoreFoundation hook was dropped, bacula requires the following changes to build on Darwin: * Ensure bacula links CoreFoundation. Override incorrectly failing `configure` tests and add gettext as a build input. Even if those tests pass, bacula only links CoreFoundation when it finds libintl. * Add Kerberos framework. Required to build on x86_64-darwin. --- pkgs/tools/backup/bacula/default.nix | 12 ++++++++++-- pkgs/top-level/all-packages.nix | 2 +- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/backup/bacula/default.nix b/pkgs/tools/backup/bacula/default.nix index d21336813008c89..58bb7ebb4014f9f 100644 --- a/pkgs/tools/backup/bacula/default.nix +++ b/pkgs/tools/backup/bacula/default.nix @@ -1,5 +1,5 @@ { lib, stdenv, fetchurl, sqlite, postgresql, zlib, acl, ncurses, openssl, readline -, CoreFoundation, IOKit +, gettext, CoreFoundation, IOKit, Kerberos }: stdenv.mkDerivation rec { @@ -19,8 +19,10 @@ stdenv.mkDerivation rec { buildInputs = [ postgresql sqlite zlib ncurses openssl readline ] ++ lib.optionals stdenv.hostPlatform.isDarwin [ + gettext # bacula requires CoreFoundation, but its `configure` script will only link it when it detects libintl. CoreFoundation IOKit + Kerberos ] # acl relies on attr, which I can't get to build on darwin ++ lib.optional (!stdenv.hostPlatform.isDarwin) acl; @@ -31,7 +33,13 @@ stdenv.mkDerivation rec { "--with-logdir=/var/log/bacula" "--with-working-dir=/var/lib/bacula" "--mandir=\${out}/share/man" - ] ++ lib.optional (stdenv.buildPlatform != stdenv.hostPlatform) "ac_cv_func_setpgrp_void=yes"; + ] ++ lib.optional (stdenv.buildPlatform != stdenv.hostPlatform) "ac_cv_func_setpgrp_void=yes" + ++ lib.optionals stdenv.isDarwin [ + # bacula’s `configure` script fails to detect CoreFoundation correctly, + # but these symbols are available in the nixpkgs CoreFoundation framework. + "gt_cv_func_CFLocaleCopyCurrent=yes" + "gt_cv_func_CFPreferencesCopyAppValue=yes" + ]; installFlags = [ "logdir=\${out}/logdir" diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 5542da6fbc4fdd2..170340c8b56e666 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -6083,7 +6083,7 @@ with pkgs; }; bacula = callPackage ../tools/backup/bacula { - inherit (darwin.apple_sdk.frameworks) CoreFoundation IOKit; + inherit (darwin.apple_sdk.frameworks) CoreFoundation IOKit Kerberos; }; bacon = callPackage ../development/tools/bacon { From 43be2aeca67651b0c7bcd8c6be760c8efd2dfefa Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 7 Oct 2024 12:40:10 +0000 Subject: [PATCH 17/33] ecapture: 0.8.6 -> 0.8.7 --- pkgs/by-name/ec/ecapture/package.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/by-name/ec/ecapture/package.nix b/pkgs/by-name/ec/ecapture/package.nix index 6d97c3fa60ee646..25150c2e43104b2 100644 --- a/pkgs/by-name/ec/ecapture/package.nix +++ b/pkgs/by-name/ec/ecapture/package.nix @@ -20,13 +20,13 @@ buildGoModule rec { pname = "ecapture"; - version = "0.8.6"; + version = "0.8.7"; src = fetchFromGitHub { owner = "gojue"; repo = "ecapture"; rev = "refs/tags/v${version}"; - hash = "sha256-xnUgsnz3zUkuLwqgdogEWQh0GMEmS/qmDqqmEQlHhfQ="; + hash = "sha256-tkWbX/RGx+SbJn+vqPTgyStBwdhldd5hGuRj8wTwY9M="; fetchSubmodules = true; }; From 2e9de92fe61edae06dfbd8ab3778ecefd141a539 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 7 Oct 2024 12:45:50 +0000 Subject: [PATCH 18/33] dssp: 4.4.7 -> 4.4.8 --- pkgs/applications/science/biology/dssp/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/science/biology/dssp/default.nix b/pkgs/applications/science/biology/dssp/default.nix index 680fc67ffcd142f..531d025dd586502 100644 --- a/pkgs/applications/science/biology/dssp/default.nix +++ b/pkgs/applications/science/biology/dssp/default.nix @@ -10,13 +10,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "dssp"; - version = "4.4.7"; + version = "4.4.8"; src = fetchFromGitHub { owner = "PDB-REDO"; repo = "dssp"; rev = "refs/tags/v${finalAttrs.version}"; - hash = "sha256-qePoZYkzzWuK6j1NM+q6fPuWVRDEe4OkPmXc9Nbqobo="; + hash = "sha256-ThQInyVuf8ejkidne/T3GdPBbf3HeThDBwWQEWB+JMI="; }; nativeBuildInputs = [ From 3c2859a9700726381de391ec39820a9dfa1e5762 Mon Sep 17 00:00:00 2001 From: alyaeanyx Date: Mon, 7 Oct 2024 15:20:54 +0200 Subject: [PATCH 19/33] {libqalculate, qalculate-gtk, qalculate-qt}: 5.2.0 -> 5.3.0 --- pkgs/applications/science/math/qalculate-gtk/default.nix | 4 ++-- pkgs/applications/science/math/qalculate-qt/default.nix | 4 ++-- pkgs/development/libraries/libqalculate/default.nix | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/pkgs/applications/science/math/qalculate-gtk/default.nix b/pkgs/applications/science/math/qalculate-gtk/default.nix index 306d6141ac17aa8..35daa00586b759d 100644 --- a/pkgs/applications/science/math/qalculate-gtk/default.nix +++ b/pkgs/applications/science/math/qalculate-gtk/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "qalculate-gtk"; - version = "5.2.0"; + version = "5.3.0"; src = fetchFromGitHub { owner = "qalculate"; repo = "qalculate-gtk"; rev = "v${finalAttrs.version}"; - hash = "sha256-vH4GZaeQ6Ji9aWh8R5B6PE2fBBW7KTyCsFkpgHu6yg8="; + hash = "sha256-0+c6zInEorUH3Fd4qRJD1pXeAGsK6EY53qQAu3ctGKg="; }; hardeningDisable = [ "format" ]; diff --git a/pkgs/applications/science/math/qalculate-qt/default.nix b/pkgs/applications/science/math/qalculate-qt/default.nix index 2cde63449888985..a8b4c65ca97e038 100644 --- a/pkgs/applications/science/math/qalculate-qt/default.nix +++ b/pkgs/applications/science/math/qalculate-qt/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "qalculate-qt"; - version = "5.2.0.1"; + version = "5.3.0"; src = fetchFromGitHub { owner = "qalculate"; repo = "qalculate-qt"; rev = "v${finalAttrs.version}"; - hash = "sha256-kzOxOCZmu4mYYgegRBU8SMAkTiE4p1AugVAeZa8yDDE="; + hash = "sha256-uzcqkx9UiQvv/KFwsOGzIWbdIco8woKIGjjFz2avwe8="; }; nativeBuildInputs = [ qmake intltool pkg-config qttools wrapQtAppsHook ]; diff --git a/pkgs/development/libraries/libqalculate/default.nix b/pkgs/development/libraries/libqalculate/default.nix index ab206c5dc4bb6dd..2dbaf0a02763cdd 100644 --- a/pkgs/development/libraries/libqalculate/default.nix +++ b/pkgs/development/libraries/libqalculate/default.nix @@ -18,13 +18,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "libqalculate"; - version = "5.2.0"; + version = "5.3.0"; src = fetchFromGitHub { owner = "qalculate"; repo = "libqalculate"; rev = "v${finalAttrs.version}"; - hash = "sha256-puNzw/3oWph76um4eNuEftvWPmjC1cZIXKU9pWB++jE="; + hash = "sha256-YNw6oFjrbYifIlAF2fz+htT1PIk9oEn7nBrnIZIR7DE="; }; outputs = [ "out" "dev" "doc" ]; From c6b721513bbb457f5bae5352e57e7b1fd2d8d0df Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 7 Oct 2024 17:27:20 +0000 Subject: [PATCH 20/33] python312Packages.htmldate: 1.9.0 -> 1.9.1 --- pkgs/development/python-modules/htmldate/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/htmldate/default.nix b/pkgs/development/python-modules/htmldate/default.nix index adfeb0b7949e10b..ca648b7790d7fd8 100644 --- a/pkgs/development/python-modules/htmldate/default.nix +++ b/pkgs/development/python-modules/htmldate/default.nix @@ -16,7 +16,7 @@ buildPythonPackage rec { pname = "htmldate"; - version = "1.9.0"; + version = "1.9.1"; pyproject = true; disabled = pythonOlder "3.8"; @@ -25,7 +25,7 @@ buildPythonPackage rec { owner = "adbar"; repo = "htmldate"; rev = "refs/tags/v${version}"; - hash = "sha256-sddPlVaYenR8sQG/ronkYIcVH5nyQzcjF8rfeMr5I78="; + hash = "sha256-VjOqttpbHp1wQARyHieAZie/yO74+S2mDbBXx00PKWM="; }; build-system = [ setuptools ]; From cb3e5a9480ce0b62860410d7d13ee28374b17b79 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 7 Oct 2024 17:57:05 +0000 Subject: [PATCH 21/33] python312Packages.particle: 0.25.1 -> 0.25.2 --- pkgs/development/python-modules/particle/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/particle/default.nix b/pkgs/development/python-modules/particle/default.nix index 112b733ed284883..96dbf62e4166512 100644 --- a/pkgs/development/python-modules/particle/default.nix +++ b/pkgs/development/python-modules/particle/default.nix @@ -15,14 +15,14 @@ buildPythonPackage rec { pname = "particle"; - version = "0.25.1"; + version = "0.25.2"; pyproject = true; disabled = pythonOlder "3.9"; src = fetchPypi { inherit pname version; - hash = "sha256-lwZ0jpWnBt/9SUJts5MpgZf+GvgZchxdLG5RV2Sh+wE="; + hash = "sha256-H6S77ji/6u8IpAsnebTDDFzk+ihloQwCrP6QZ5tOYek="; }; postPatch = '' From 9d3560b6eb2a8e23b78f80460d5f58d5f7b4f4a4 Mon Sep 17 00:00:00 2001 From: Emily Date: Mon, 7 Oct 2024 19:20:56 +0100 Subject: [PATCH 22/33] bisq-desktop: mark as broken OpenJFX 11 has been EOL for over a year; upstream uses OpenJFX 15 which is also EOL. According to , the application does not function with later versions, and has a limited remaining lifespan as there is a new major version that uses more modern versions. It looks like that version officially supports OpenJDK 22, which is also EOL, but hopefully it will work with 21 or 23. Some work was done already to package it here: . --- pkgs/applications/blockchains/bisq-desktop/default.nix | 2 ++ pkgs/top-level/all-packages.nix | 4 +--- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/blockchains/bisq-desktop/default.nix b/pkgs/applications/blockchains/bisq-desktop/default.nix index e7e5f0f5a2c4dcb..3f3bbfe80ff8682 100644 --- a/pkgs/applications/blockchains/bisq-desktop/default.nix +++ b/pkgs/applications/blockchains/bisq-desktop/default.nix @@ -122,5 +122,7 @@ stdenv.mkDerivation rec { license = licenses.mit; maintainers = with maintainers; [ juaningan emmanuelrosa ]; platforms = [ "x86_64-linux" ]; + # Requires OpenJFX 11 or 16, which are both EOL. + broken = true; }; } diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 5542da6fbc4fdd2..cf678f3778d38b1 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -3305,9 +3305,7 @@ with pkgs; bazarr = callPackage ../servers/bazarr { }; - bisq-desktop = callPackage ../applications/blockchains/bisq-desktop { - openjdk11 = openjdk11.override { enableJavaFX = true; }; - }; + bisq-desktop = callPackage ../applications/blockchains/bisq-desktop { }; bic = callPackage ../development/interpreters/bic { }; From 3ec78d411851ad1d2320e6c43c56595e752f0ba5 Mon Sep 17 00:00:00 2001 From: Emily Date: Mon, 7 Oct 2024 19:20:56 +0100 Subject: [PATCH 23/33] soapui: remove dead code MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The derivation doesn’t support Darwin anyway, and OpenJFX 11 is EOL. --- pkgs/top-level/all-packages.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index cf678f3778d38b1..8fc604b8c7de8c9 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -12384,9 +12384,7 @@ with pkgs; snort = callPackage ../applications/networking/ids/snort { }; soapui = callPackage ../applications/networking/soapui { - jdk = if stdenv.hostPlatform.isDarwin - then (jdk11.override { enableJavaFX = true; }) - else jdk11; + jdk = jdk11; }; sockdump = callPackage ../tools/networking/sockdump { }; From c979637f24641155d8d30511358e73483a3335c4 Mon Sep 17 00:00:00 2001 From: Emily Date: Mon, 7 Oct 2024 19:20:56 +0100 Subject: [PATCH 24/33] openjfx11: drop MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OpenJFX 11 reached end‐of‐life in 2023. --- .../compilers/openjdk/openjfx/11/default.nix | 103 ------------ .../compilers/openjdk/openjfx/11/deps.json | 152 ------------------ pkgs/top-level/aliases.nix | 1 + pkgs/top-level/all-packages.nix | 2 +- pkgs/top-level/java-packages.nix | 5 +- 5 files changed, 4 insertions(+), 259 deletions(-) delete mode 100644 pkgs/development/compilers/openjdk/openjfx/11/default.nix delete mode 100644 pkgs/development/compilers/openjdk/openjfx/11/deps.json diff --git a/pkgs/development/compilers/openjdk/openjfx/11/default.nix b/pkgs/development/compilers/openjdk/openjfx/11/default.nix deleted file mode 100644 index dcce1a2de6fc4fe..000000000000000 --- a/pkgs/development/compilers/openjdk/openjfx/11/default.nix +++ /dev/null @@ -1,103 +0,0 @@ -{ stdenv, lib, pkgs, fetchFromGitHub, writeText, gradle_7, pkg-config, perl, cmake -, gperf, gtk2, gtk3, libXtst, libXxf86vm, glib, alsa-lib, ffmpeg_7-headless, python3, ruby -, openjdk11-bootstrap -, withMedia ? true -, withWebKit ? false -}: - -let - pname = "openjfx-modular-sdk"; - major = "11"; - update = ".0.20"; - build = "1"; - repover = "${major}${update}+${build}"; - jdk = openjdk11-bootstrap; - gradle = gradle_7; - -in stdenv.mkDerivation { - inherit pname; - version = "${major}${update}-${build}"; - - src = fetchFromGitHub { - owner = "openjdk"; - repo = "jfx${major}u"; - rev = repover; - sha256 = "sha256-BbBP2DiPZTSn1SBYMCgyiNdF9GD+NqR6YjeVNOQHHn4="; - }; - - patches = [ - ../backport-ffmpeg-6-support-jfx11.patch - ../backport-ffmpeg-7-support-jfx11.patch - ]; - - buildInputs = [ gtk2 gtk3 libXtst libXxf86vm glib alsa-lib ffmpeg_7-headless ]; - nativeBuildInputs = [ gradle perl pkg-config cmake gperf python3 ruby ]; - - dontUseCmakeConfigure = true; - - config = writeText "gradle.properties" '' - CONF = Release - JDK_HOME = ${jdk.home} - COMPILE_MEDIA = ${lib.boolToString withMedia} - COMPILE_WEBKIT = ${lib.boolToString withWebKit} - ''; - - postPatch = '' - substituteInPlace buildSrc/linux.gradle \ - --replace ', "-Werror=implicit-function-declaration"' "" - - # Add missing includes for gcc-13 for webkit build: - sed -e '1i #include ' \ - -i modules/javafx.web/src/main/native/Source/bmalloc/bmalloc/Heap.cpp \ - modules/javafx.web/src/main/native/Source/bmalloc/bmalloc/IsoSharedPageInlines.h - - ln -s $config gradle.properties - ''; - - mitmCache = gradle.fetchDeps { - attrPath = "openjfx${major}"; - pkg = pkgs."openjfx${major}".override { withWebKit = true; }; - data = ./deps.json; - }; - - __darwinAllowLocalNetworking = true; - - preBuild = '' - export NUMBER_OF_PROCESSORS=$NIX_BUILD_CORES - export NIX_CFLAGS_COMPILE="$(pkg-config --cflags glib-2.0) $NIX_CFLAGS_COMPILE" - ''; - - enableParallelBuilding = false; - - gradleBuildTask = "sdk"; - - installPhase = '' - cp -r build/modular-sdk $out - ''; - - stripDebugList = [ "." ]; - - postFixup = '' - # Remove references to bootstrap. - export openjdkOutPath='${jdk.outPath}' - find "$out" -name \*.so | while read lib; do - new_refs="$(patchelf --print-rpath "$lib" | perl -pe 's,:?\Q$ENV{openjdkOutPath}\E[^:]*,,')" - patchelf --set-rpath "$new_refs" "$lib" - done - # Remove licenses, otherwise they may conflict with the ones included in the openjdk - rm -rf $out/modules_legal/* - ''; - - disallowedReferences = [ jdk gradle.jdk ]; - - # Uses a lot of RAM, OOMs otherwise - requiredSystemFeatures = [ "big-parallel" ]; - - meta = with lib; { - homepage = "http://openjdk.java.net/projects/openjfx/"; - license = licenses.gpl2; - description = "Next-generation Java client toolkit"; - maintainers = with maintainers; [ abbradar ]; - platforms = [ "x86_64-linux" ]; - }; -} diff --git a/pkgs/development/compilers/openjdk/openjfx/11/deps.json b/pkgs/development/compilers/openjdk/openjfx/11/deps.json deleted file mode 100644 index 7c8167124430b4e..000000000000000 --- a/pkgs/development/compilers/openjdk/openjfx/11/deps.json +++ /dev/null @@ -1,152 +0,0 @@ -{ - "!comment": "This is a nixpkgs Gradle dependency lockfile. For more details, refer to the Gradle section in the nixpkgs manual.", - "!version": 1, - "https://download.eclipse.org": { - "eclipse/updates/4.6/R-4.6.3-201703010400/plugins/org.eclipse.swt.gtk.linux.x86_64_3.105.3.v20170228-0512": { - "jar": "sha256-qWM1HV97griQxJlOFY2AVV2uOLAK87jXPzh1wh/zmLw=" - } - }, - "https://github.com": { - "unicode-org/icu/releases/download/release-71-1/icu4c-71_1-data-bin-l": { - "zip": "sha256-pVWIy0BkICsthA5mxhR9SJQHleMNnaEcGl/AaLi5qZM=" - } - }, - "https://repo.maven.apache.org/maven2": { - "com/ibm/icu#icu4j/61.1": { - "jar": "sha256-VcmOsYOLKku5oH3Da9N4Uy1k0M3LfO7pFCNoZqfeRGQ=", - "pom": "sha256-E7h6QHnOsFUVsZrHoVIDlHB1YB1JQj9xk1ikmACYBWs=" - }, - "junit#junit/4.13.2": { - "jar": "sha256-jklbY0Rp1k+4rPo0laBly6zIoP/1XOHjEAe+TBbcV9M=", - "pom": "sha256-Vptpd+5GA8llwcRsMFj6bpaSkbAWDraWTdCSzYnq3ZQ=" - }, - "net/java#jvnet-parent/3": { - "pom": "sha256-MPV4nvo53b+WCVqto/wSYMRWH68vcUaGcXyy3FBJR1o=" - }, - "org/abego/treelayout#org.abego.treelayout.core/1.0.3": { - "jar": "sha256-+l4xOVw5wufUasoPgfcgYJMWB7L6Qb02A46yy2+5MyY=", - "pom": "sha256-o7KyI3lDcDVeeSQzrwEvyZNmfAMxviusrYTbwJrOSgw=" - }, - "org/antlr#ST4/4.1": { - "jar": "sha256-ixzK7Z7cVc0lXZwZxNjaR1bZtvy0NWcSkrQ0cLFtddg=", - "pom": "sha256-cz5r2XyjTMbfk6QkPlEeVnPLm4jHSxiETgQqRdUWmHw=" - }, - "org/antlr#antlr-master/3.5.2": { - "pom": "sha256-QtkaUx6lEA6wm1QaoALDuQjo8oK9c7bi9S83HvEzG9Y=" - }, - "org/antlr#antlr-runtime/3.5.2": { - "jar": "sha256-zj/I7LEPOemjzdy7LONQ0nLZzT0LHhjm/nPDuTichzQ=", - "pom": "sha256-RqnCIAu4sSvXEkqnpQl/9JCZkIMpyFGgTLIFFCCqfyU=" - }, - "org/antlr#antlr4-master/4.7.2": { - "pom": "sha256-upnLJdI5DzhoDHUChCoO4JWdHmQD4BPM/2mP1YVu6tE=" - }, - "org/antlr#antlr4-runtime/4.7.2": { - "jar": "sha256-TFGLh9S9/4tEzYy8GvgW6US2Kj/luAt4FQHPH0dZu8Q=", - "pom": "sha256-3AnLqYwl08BuSuxRaIXUw68DBiulX0/mKD/JzxdqYPs=" - }, - "org/antlr#antlr4/4.7.2": { - "pom": "sha256-z56zaUD6xEiBA4wb4/LFjgbmjRq/v9SmjTS72LrFV3E=" - }, - "org/antlr#antlr4/4.7.2/complete": { - "jar": "sha256-aFI4bXl17/KRcdrgAswiMlFRDTXyka4neUjzgaezgLQ=" - }, - "org/apache#apache/13": { - "pom": "sha256-/1E9sDYf1BI3vvR4SWi8FarkeNTsCpSW+BEHLMrzhB0=" - }, - "org/apache/lucene#lucene-core/7.1.0": { - "jar": "sha256-vG3+7tCrp0MCqSCBH/1snkVlvviTzMOvg2Iz36s8UTo=", - "pom": "sha256-d7ysnMSDKiKSGJgng2ASB8yYvldcyIRDNtWuBzkbPuE=" - }, - "org/apache/lucene#lucene-grouping/7.1.0": { - "jar": "sha256-5wh/sGDRWa1xvW7p6W8BYGpaM1OgxJofHQ49oPUaTlo=", - "pom": "sha256-738k/3YjlZSfxMiDl1npJhD8mx8Nifmbtw+haHNh2Ec=" - }, - "org/apache/lucene#lucene-parent/7.1.0": { - "pom": "sha256-l7M9mcedTRIoIuWDY0cGvGmfRCvp3tksZiKdEn+WoAc=" - }, - "org/apache/lucene#lucene-queries/7.1.0": { - "jar": "sha256-qamOR/ueclsDerV+wZts4QVBIoTLXl2aGs99Xv8TSTY=", - "pom": "sha256-pvMWrRvMdKy3f3mP/AIKy9aD3nx5OUrFNgAdE6vktVY=" - }, - "org/apache/lucene#lucene-queryparser/7.1.0": { - "jar": "sha256-HNuCsiqq3bGJW9OjSVinyaOgb/0NZ6sskNvDegRshlQ=", - "pom": "sha256-K7m67AcL6g3a5aj1rrDOZlJpBeA4THS+18OrIJ52hdM=" - }, - "org/apache/lucene#lucene-sandbox/7.1.0": { - "jar": "sha256-wZA9Xag+IIZp2NkzdJeeFAIUNYsq32c1sa488kkJW+E=", - "pom": "sha256-WL5E6wSMD0If6eul+30xhr7gk7g72F4w5EKbbctVZMU=" - }, - "org/apache/lucene#lucene-solr-grandparent/7.1.0": { - "pom": "sha256-3NW0Q/KK2QPk/wfTMigGxTF4BWuctNQU+2gMyArhGsU=" - }, - "org/apiguardian#apiguardian-api/1.1.2": { - "jar": "sha256-tQlEisUG1gcxnxglN/CzXXEAdYLsdBgyofER5bW3Czg=", - "module": "sha256-4IAoExN1s1fR0oc06aT7QhbahLJAZByz7358fWKCI/w=", - "pom": "sha256-MjVQgdEJCVw9XTdNWkO09MG3XVSemD71ByPidy5TAqA=" - }, - "org/glassfish#javax.json/1.0.4": { - "jar": "sha256-Dh3sQKHt6WWUElHtqWiu7gUsxPUDeLwxbMSOgVm9vrQ=", - "pom": "sha256-a6+Dg/+pi2bqls1b/B7H8teUY7uYrJgFKWSxIcIhLVQ=" - }, - "org/glassfish#json/1.0.4": { - "pom": "sha256-bXxoQjEV+SFxjZRPhZkktMaFIX7AOkn3BFWossqpcuY=" - }, - "org/hamcrest#hamcrest-core/1.3": { - "jar": "sha256-Zv3vkelzk0jfeglqo4SlaF9Oh1WEzOiThqekclHE2Ok=", - "pom": "sha256-/eOGp5BRc6GxA95quCBydYS1DQ4yKC4nl3h8IKZP+pM=" - }, - "org/hamcrest#hamcrest-parent/1.3": { - "pom": "sha256-bVNflO+2Y722gsnyelAzU5RogAlkK6epZ3UEvBvkEps=" - }, - "org/junit#junit-bom/5.8.1": { - "module": "sha256-a4LLpSoTSxPBmC8M+WIsbUhTcdQLmJJG8xJOOwpbGFQ=", - "pom": "sha256-733Ef45KFoZPR3lyjofteFOYGeT7iSdoqdprjvkD+GM=" - }, - "org/junit/jupiter#junit-jupiter-api/5.8.1": { - "jar": "sha256-zjN0p++6YF4tK2mj/vkBNAMrqz7MPthXmkhxscLEcpw=", - "module": "sha256-DWnbwja33Kq0ynNpqlYOmwqbvvf5WIgv+0hTPLunwJ0=", - "pom": "sha256-d61+1KYwutH8h0agpuZ1wj+2lAsnq2LMyzTk/Pz+Ob8=" - }, - "org/junit/jupiter#junit-jupiter-engine/5.8.1": { - "jar": "sha256-Rom8kCJVoZ/pgndoO6MjHAlNEHxUyNNfK2+cl9ImQY4=", - "module": "sha256-aHkP7DP5ew7IQM9HrEDuDHLgVvEiyg88ZkZ0M0mTdpk=", - "pom": "sha256-qjIKMYpyceMyYsSA/POZZbmobap2Zm63dTQrgOnN1F4=" - }, - "org/junit/jupiter#junit-jupiter-params/5.8.1": { - "jar": "sha256-OJuNE6jYhy/L1PDrp7LEavxihBn5obKjqfkyQaBqchg=", - "module": "sha256-Ek1gPG2AMzZtjKRxY2tEbji5zBvQEPMpVCNYGHr6hl4=", - "pom": "sha256-OrrKWfvfJTMg9yRCwQPjnOQDjcEf6MSJ28ScwjoHHws=" - }, - "org/junit/jupiter#junit-jupiter/5.8.1": { - "jar": "sha256-jxBJ7iSzShC2DNgQBICZ94HCZYzeIYHoMUlqswqYKYU=", - "module": "sha256-LjS6TIWMOM0KNlr//syTKnGWzpOF4utUBZQuWBwV/1w=", - "pom": "sha256-rssFDSMtOT9Az/EfjMMPUrZslQpB+IOSXIEULt7l9PU=" - }, - "org/junit/platform#junit-platform-commons/1.8.1": { - "jar": "sha256-+k+mjIvVTdDLScP8vpsuQvTaa+2+fnzPKgXxoeYJtZM=", - "module": "sha256-aY/QVBrLfv/GZZhI/Qx91QEKSfFfDBy6Q+U1gH+Q9ms=", - "pom": "sha256-4ZcoLlLnANEriJie3FSJh0aTUC5KqJB6zwgpgBq6bUQ=" - }, - "org/junit/platform#junit-platform-engine/1.8.1": { - "jar": "sha256-cCho7X6GubRnLt4PHhhekFusqa+rV3RqfGUL48e8oEc=", - "module": "sha256-2fQgpkU5o+32D4DfDG/XIrdQcldEx5ykD30lrlbKS6Q=", - "pom": "sha256-hqrU5ld1TkOgDfIm3VTIrsHsarZTP1ASGQfkZi3i5fI=" - }, - "org/junit/vintage#junit-vintage-engine/5.8.1": { - "jar": "sha256-F2tTzRvb+SM+lsiwx6nluGQoL7veukO1zq/e2ymkkVY=", - "module": "sha256-nOn6Lk7mp0DWEBAlMEYqcc4PqdLxQYUi5LK9tgcvZ5o=", - "pom": "sha256-Ndc3M08dvouMVnZ/oVCKwbVEsB1P5cmXl76QA+5YGxI=" - }, - "org/opentest4j#opentest4j/1.2.0": { - "jar": "sha256-WIEt5giY2Xb7ge87YtoFxmBMGP1KJJ9QRCgkefwoavI=", - "pom": "sha256-qW5nGBbB/4gDvex0ySQfAlvfsnfaXStO4CJmQFk2+ZQ=" - }, - "org/sonatype/oss#oss-parent/7": { - "pom": "sha256-tR+IZ8kranIkmVV/w6H96ne9+e9XRyL+kM5DailVlFQ=" - }, - "org/sonatype/oss#oss-parent/9": { - "pom": "sha256-+0AmX5glSCEv+C42LllzKyGH7G8NgBgohcFO8fmCgno=" - } - } -} diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index a80d55ff72cd626..d7c6bf693018827 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -1172,6 +1172,7 @@ mapAliases { openjdk20_headless = openjdk20; # Added 2024-08-01 jdk20 = openjdk20; # Added 2024-08-01 jdk20_headless = openjdk20; # Added 2024-08-01 + openjfx11 = throw "OpenJFX 11 was removed as it has reached its end of life"; # Added 2024-10-07 openjfx19 = throw "OpenJFX 19 was removed as it has reached its end of life"; # Added 2024-08-01 openjfx20 = throw "OpenJFX 20 was removed as it has reached its end of life"; # Added 2024-08-01 openjpeg_2 = openjpeg; # Added 2021-01-25 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 8fc604b8c7de8c9..2d966a1b5dd632c 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -15114,7 +15114,7 @@ with pkgs; hugs = callPackage ../development/interpreters/hugs { }; - inherit (javaPackages) openjfx11 openjfx17 openjfx21 openjfx22; + inherit (javaPackages) openjfx17 openjfx21 openjfx22; openjfx = openjfx17; openjdk8-bootstrap = javaPackages.compiler.openjdk8-bootstrap; diff --git a/pkgs/top-level/java-packages.nix b/pkgs/top-level/java-packages.nix index 5b72824f1d7fea3..c92a7295ba90bcc 100644 --- a/pkgs/top-level/java-packages.nix +++ b/pkgs/top-level/java-packages.nix @@ -3,13 +3,12 @@ with pkgs; let - openjfx11 = callPackage ../development/compilers/openjdk/openjfx/11 { }; openjfx17 = callPackage ../development/compilers/openjdk/openjfx/17 { }; openjfx21 = callPackage ../development/compilers/openjdk/openjfx/21 { }; openjfx22 = callPackage ../development/compilers/openjdk/openjfx/22 { }; in { - inherit openjfx11 openjfx17 openjfx21 openjfx22; + inherit openjfx17 openjfx21 openjfx22; compiler = let mkOpenjdk = path-linux: path-darwin: args: @@ -44,7 +43,7 @@ in { openjdk11 = mkOpenjdk ../development/compilers/openjdk/11.nix ../development/compilers/zulu/11.nix - { openjfx = openjfx11; }; + { openjfx = throw "JavaFX is not supported on OpenJDK 11"; }; openjdk17 = mkOpenjdk ../development/compilers/openjdk/17.nix From 5040fbef9f547b330fa4a05ae95cd951c0e33087 Mon Sep 17 00:00:00 2001 From: chris montgomery Date: Mon, 7 Oct 2024 15:25:43 -0400 Subject: [PATCH 25/33] phpPackages.composer: 2.7.9 -> 2.8.1 (#347113) --- pkgs/development/php-packages/composer/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/development/php-packages/composer/default.nix b/pkgs/development/php-packages/composer/default.nix index f8838ba834751a1..1c430e5c2629717 100644 --- a/pkgs/development/php-packages/composer/default.nix +++ b/pkgs/development/php-packages/composer/default.nix @@ -15,13 +15,13 @@ stdenvNoCC.mkDerivation (finalAttrs: { pname = "composer"; - version = "2.7.9"; + version = "2.8.1"; # Hash used by ../../../build-support/php/pkgs/composer-phar.nix to # use together with the version from this package to keep the # bootstrap phar file up-to-date together with the end user composer # package. - passthru.pharHash = "sha256-tt5eZcGZ2AuhGJf74TZOBj6FjUg/aoGhdsTWDysdY0c="; + passthru.pharHash = "sha256-kws3b70hR6Yj6ntwTrnTuLDWBymSIHqgU1qiH28FN44="; composer = callPackage ../../../build-support/php/pkgs/composer-phar.nix { inherit (finalAttrs) version; @@ -32,7 +32,7 @@ stdenvNoCC.mkDerivation (finalAttrs: { owner = "composer"; repo = "composer"; rev = finalAttrs.version; - hash = "sha256-aVD3hB7a/Ji1sEsfo0EQ7SDBqjVg6+FRi1dpO94VtZs="; + hash = "sha256-5UcbEx1d5jEz73mTFTacifl6ykxm6yQw3wvkJQtINHs="; }; nativeBuildInputs = [ makeBinaryWrapper ]; @@ -86,7 +86,7 @@ stdenvNoCC.mkDerivation (finalAttrs: { outputHashMode = "recursive"; outputHashAlgo = "sha256"; - outputHash = "sha256-iNx7AXNsfiDeEaGYKVi+kzzPpMeg+R18WYquful5E0o="; + outputHash = "sha256-FfFwx5E2LVDSqo2P31fqtvk2P30XnTm+TUqhNSHTt/M="; }; installPhase = '' From d63466a101b72edba97405dee5f90555afe41260 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Wed, 2 Oct 2024 17:56:18 +0200 Subject: [PATCH 26/33] burpsuite: 2024.7.6 -> 2024.8.2 --- pkgs/tools/networking/burpsuite/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/networking/burpsuite/default.nix b/pkgs/tools/networking/burpsuite/default.nix index 553328442c2a7f3..8bf1f080f2320fb 100644 --- a/pkgs/tools/networking/burpsuite/default.nix +++ b/pkgs/tools/networking/burpsuite/default.nix @@ -9,20 +9,20 @@ }: let - version = "2024.7.6"; + version = "2024.8.2"; product = if proEdition then { productName = "pro"; productDesktop = "Burp Suite Professional Edition"; - hash = "sha256-mQWWRX8Ea0vA/Sw1rjghvnnY5inD0WJILyCSzAyhRQ8="; + hash = "sha256-8CCe/x++0djfLPc/hgDl4hkKexpIcf1tVU7c+kKXdBo="; } else { productName = "community"; productDesktop = "Burp Suite Community Edition"; - hash = "sha256-OrixIA9KfztXwJQxkIe/6U9ZVeL8kMaK7LgLBMMibag="; + hash = "sha256-amaDDHIsdX+8j8ELbFu/etaXWS04XsrHGslJeg04uKU="; }; src = fetchurl { From 77133c78cb579886bab8ad41355a6cf74f7ad8e4 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 7 Oct 2024 17:23:36 +0000 Subject: [PATCH 27/33] python312Packages.jupyter-book: 1.0.2 -> 1.0.3 --- .../python-modules/jupyter-book/default.nix | 22 +++++++++++++------ 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/pkgs/development/python-modules/jupyter-book/default.nix b/pkgs/development/python-modules/jupyter-book/default.nix index 47e36e157eb10a0..c787e16c5cdff0d 100644 --- a/pkgs/development/python-modules/jupyter-book/default.nix +++ b/pkgs/development/python-modules/jupyter-book/default.nix @@ -3,7 +3,11 @@ buildPythonPackage, fetchFromGitHub, pythonOlder, + + # build-system flit-core, + + # dependencies click, jinja2, jsonschema, @@ -22,17 +26,19 @@ sphinx-togglebutton, sphinxcontrib-bibtex, sphinx-multitoc-numbering, - pytestCheckHook, - texsoup, + + # tests jupytext, pytest-regressions, pytest-xdist, + pytestCheckHook, sphinx-inline-tabs, + texsoup, }: buildPythonPackage rec { pname = "jupyter-book"; - version = "1.0.2"; + version = "1.0.3"; pyproject = true; disabled = pythonOlder "3.9"; @@ -41,7 +47,7 @@ buildPythonPackage rec { owner = "jupyter-book"; repo = "jupyter-book"; rev = "refs/tags/v${version}"; - hash = "sha256-NlCMfkfvquonqf7FdaJ7AC9ebM7VSifn+zM7gWh32LQ="; + hash = "sha256-MBSf2/+4+efWHJ530jdezeh5OLTtUZlAEOl5SqoWOuE="; }; build-system = [ flit-core ]; @@ -108,12 +114,14 @@ buildPythonPackage rec { "tests/test_pdf.py" ]; - meta = with lib; { + __darwinAllowLocalNetworking = true; + + meta = { description = "Build a book with Jupyter Notebooks and Sphinx"; homepage = "https://jupyterbook.org/"; changelog = "https://github.com/jupyter-book/jupyter-book/blob/${src.rev}/CHANGELOG.md"; - license = licenses.bsd3; - maintainers = teams.jupyter.members; + license = lib.licenses.bsd3; + maintainers = lib.teams.jupyter.members; mainProgram = "jupyter-book"; }; } From 5edc9a24b0aec0e002f143202a74fddff1c9b42e Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 7 Oct 2024 06:03:45 +0000 Subject: [PATCH 28/33] grails: 6.1.2 -> 6.2.1 --- pkgs/development/web/grails/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/web/grails/default.nix b/pkgs/development/web/grails/default.nix index 3daeaa7d41b47a7..b2cae35485b1bb0 100644 --- a/pkgs/development/web/grails/default.nix +++ b/pkgs/development/web/grails/default.nix @@ -11,11 +11,11 @@ let in stdenv.mkDerivation rec { pname = "grails"; - version = "6.1.2"; + version = "6.2.1"; src = fetchurl { url = "https://github.com/grails/grails-core/releases/download/v${version}/grails-${version}.zip"; - sha256 = "sha256-PoiXZuAJbKsyBRVaxwsKSDh1BzPYlgAwe/xC0qfeDgs="; + sha256 = "sha256-+xwQPd9a7NQcrl0pZNCqktGryLTXXI8V/81a8pk/j48="; }; nativeBuildInputs = [ unzip ]; From d9c6ee2f171a8ee6664d08c129182728f327c676 Mon Sep 17 00:00:00 2001 From: Thomas Gerbet Date: Mon, 7 Oct 2024 21:48:17 +0200 Subject: [PATCH 29/33] libgsf: 1.14.52 -> 1.14.53 Fixes CVE-2024-42415. Changes: https://gitlab.gnome.org/GNOME/libgsf/-/compare/LIBGSF_1_14_52...LIBGSF_1_14_53?from_project_id=1545&straight=false --- pkgs/development/libraries/libgsf/default.nix | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/pkgs/development/libraries/libgsf/default.nix b/pkgs/development/libraries/libgsf/default.nix index dcb460272d16dbd..1f93139eb02d4fb 100644 --- a/pkgs/development/libraries/libgsf/default.nix +++ b/pkgs/development/libraries/libgsf/default.nix @@ -2,7 +2,6 @@ , lib , stdenv , autoreconfHook -, fetchpatch2 , gtk-doc , pkg-config , intltool @@ -20,7 +19,7 @@ stdenv.mkDerivation rec { pname = "libgsf"; - version = "1.14.52"; + version = "1.14.53"; outputs = [ "out" "dev" ]; @@ -29,17 +28,9 @@ stdenv.mkDerivation rec { owner = "GNOME"; repo = "libgsf"; rev = "LIBGSF_${lib.replaceStrings ["."] ["_"] version}"; - hash = "sha256-uSi2/pZiST07YutU8SHNoY2LifEQhohQeyaH9spyG2s="; + hash = "sha256-vC/6QEoV6FvFxQ0YlMkBbTmAtqbkvgZf+9BU8epi8yo="; }; - patches = [ - # Fixes building when nanohttp is not enabled in libxml2, which is the default since libxml2 2.13. - (fetchpatch2 { - url = "https://gitlab.gnome.org/GNOME/libgsf/-/commit/5d4bb55095d3d6ef793c1908a88504183e28644c.diff"; - hash = "sha256-2TF1KDUxJtSMTDze2/dOJQRkW8S1GA9OyFpYzYeKpjQ="; - }) - ]; - postPatch = '' # Fix cross-compilation substituteInPlace configure.ac \ From 200d88a4e82049a6513f75a92965ba304d388b29 Mon Sep 17 00:00:00 2001 From: Gavin John Date: Mon, 7 Oct 2024 13:09:27 -0700 Subject: [PATCH 30/33] vscode-extensions.chrischinchilla.vscode-pandoc: init at 0.4.8 (#347131) --- .../chrischinchilla.vscode-pandoc/default.nix | 30 +++++++++++++++++++ .../editors/vscode/extensions/default.nix | 2 ++ 2 files changed, 32 insertions(+) create mode 100644 pkgs/applications/editors/vscode/extensions/chrischinchilla.vscode-pandoc/default.nix diff --git a/pkgs/applications/editors/vscode/extensions/chrischinchilla.vscode-pandoc/default.nix b/pkgs/applications/editors/vscode/extensions/chrischinchilla.vscode-pandoc/default.nix new file mode 100644 index 000000000000000..775206fa0c53119 --- /dev/null +++ b/pkgs/applications/editors/vscode/extensions/chrischinchilla.vscode-pandoc/default.nix @@ -0,0 +1,30 @@ +{ + lib, + vscode-utils, + jq, + moreutils, + pandoc, +}: + +vscode-utils.buildVscodeMarketplaceExtension { + mktplcRef = { + name = "vscode-pandoc"; + publisher = "chrischinchilla"; + version = "0.4.8"; + hash = "sha256-+U6AtT2wf1mE92IR+mv4aKD9/78ULus2GuwwgxdCvBA="; + }; + nativeBuildInputs = [ + jq + moreutils + ]; + postInstall = '' + jq '.contributes.configuration.properties."pandoc.executable".default = "${lib.getExe pandoc}"' $out/$installPrefix/package.json | sponge $out/$installPrefix/package.json + ''; + meta = { + description = "Converts Markdown files to pdf, docx, or html files using pandoc"; + homepage = "https://github.com/ChrisChinchilla/vscode-pandoc#readme"; + downloadPage = "https://marketplace.visualstudio.com/items?itemName=yzane.markdown-pdf"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ pandapip1 ]; + }; +} diff --git a/pkgs/applications/editors/vscode/extensions/default.nix b/pkgs/applications/editors/vscode/extensions/default.nix index e093d4be1b0f75f..117a934b6fb57c7 100644 --- a/pkgs/applications/editors/vscode/extensions/default.nix +++ b/pkgs/applications/editors/vscode/extensions/default.nix @@ -905,6 +905,8 @@ let }; }; + chrischinchilla.vscode-pandoc = callPackage ./chrischinchilla.vscode-pandoc { }; + christian-kohler.npm-intellisense = buildVscodeMarketplaceExtension { mktplcRef = { name = "npm-intellisense"; From 4ef5937cf6fb0784049a3a383cc82dfe39f53414 Mon Sep 17 00:00:00 2001 From: Bruno Bigras Date: Mon, 7 Oct 2024 16:10:00 -0400 Subject: [PATCH 31/33] lazyjj: 0.3.1 -> 0.4.0 (#347120) --- pkgs/by-name/la/lazyjj/package.nix | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) diff --git a/pkgs/by-name/la/lazyjj/package.nix b/pkgs/by-name/la/lazyjj/package.nix index 611de0ed4ec66ff..738e7fb546b615a 100644 --- a/pkgs/by-name/la/lazyjj/package.nix +++ b/pkgs/by-name/la/lazyjj/package.nix @@ -6,35 +6,25 @@ rustPlatform, testers, lazyjj, - fetchpatch, }: rustPlatform.buildRustPackage rec { pname = "lazyjj"; - version = "0.3.1"; + version = "0.4.0"; src = fetchFromGitHub { owner = "Cretezy"; repo = "lazyjj"; rev = "v${version}"; - hash = "sha256-VlGmOdF/XsrZ/9vQ14UuK96LIK8NIkPZk4G4mbS8brg="; + hash = "sha256-aglLPEps88D15iv3toNnhRC06gTuM6ITnvZDJg17u6M="; }; - cargoHash = "sha256-TAq9FufGsNVsmqCE41REltYRSSLihWJwTMoj0bTxdFc="; + cargoHash = "sha256-P5k7C18PP9/y5P5kKWpQcMnT4BeYpFT6IH+M1AgGaPw="; postInstall = '' wrapProgram $out/bin/lazyjj \ --prefix PATH : ${lib.makeBinPath [ jujutsu ]} ''; - patches = [ - # https://github.com/Cretezy/lazyjj/pull/61 - (fetchpatch { - name = "adapt_test_traces_to_jj_0.22.0.patch"; - url = "https://github.com/Cretezy/lazyjj/commit/d5e949fb0e62bc93969c27011963582e12bbe3f6.patch"; - hash = "sha256-u+IMLW4iZxMmpa+dwggMfQ4E7ygc0T4I6lvzBcPJT3s="; - }) - ]; - nativeBuildInputs = [ makeWrapper ]; nativeCheckInputs = [ jujutsu ]; From 7cedc7ecbc9308d54abcc4a6e146dcf1f0f3eb05 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 7 Oct 2024 17:56:39 +0000 Subject: [PATCH 32/33] trompeloeil: 48 -> 49 --- pkgs/development/libraries/trompeloeil/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/trompeloeil/default.nix b/pkgs/development/libraries/trompeloeil/default.nix index 09c7ff795d3d7d7..3f6a8bb98c62e5a 100644 --- a/pkgs/development/libraries/trompeloeil/default.nix +++ b/pkgs/development/libraries/trompeloeil/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "trompeloeil"; - version = "48"; + version = "49"; src = fetchFromGitHub { owner = "rollbear"; repo = "trompeloeil"; rev = "v${version}"; - sha256 = "sha256-7MXMbqksHqcyvwJsW8+wPWfnKTbQhUlGa4GcidpiBFw="; + sha256 = "sha256-AyTBHsPYaruq0jadifVqOs80YZ5xwajHdHgMINl3i1Q="; }; nativeBuildInputs = [ cmake ]; From 16caf1231bf847016eabe7c701af04cf09732212 Mon Sep 17 00:00:00 2001 From: Thomas Gerbet Date: Mon, 7 Oct 2024 22:26:24 +0200 Subject: [PATCH 33/33] cups-filters: remove support for legacy CUPS browsing and for LDAP Fixes CVE-2024-47176 and CVE-2024-47850. NixOS is not affected by these security issues by default because we do not ship the default configuration file so it fallbacks to `BrowseRemoteProtocols dnssd`. 631/udp is removed from the open firewall ports, it was by the CUPS browsing protocol. --- nixos/doc/manual/release-notes/rl-2411.section.md | 2 ++ nixos/modules/services/printing/cupsd.nix | 5 ++--- pkgs/misc/cups/filters.nix | 8 +++++++- 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/nixos/doc/manual/release-notes/rl-2411.section.md b/nixos/doc/manual/release-notes/rl-2411.section.md index 7c1cb9801a3c7a1..b3b2af8d0778c40 100644 --- a/nixos/doc/manual/release-notes/rl-2411.section.md +++ b/nixos/doc/manual/release-notes/rl-2411.section.md @@ -494,6 +494,8 @@ - The `xdg.portal.gtkUsePortal` option has been removed, as it had been deprecated for over 2 years. Using the `GTK_USE_PORTAL` environment variable in this manner is not intended nor encouraged by the GTK developers, but can still be done manually via `environment.sessionVariables`. +- Support for the legacy CUPS browsing and LDAP have been removed from `services.printing`. If `cups` or `ldap` are in the `BrowseRemoteProtocols` setting in `services.printing.browsedConf`, it needs to be removed. + - The `services.trust-dns` module has been renamed to `services.hickory-dns`. - The option `services.prometheus.exporters.pgbouncer.connectionStringFile` has been removed since diff --git a/nixos/modules/services/printing/cupsd.nix b/nixos/modules/services/printing/cupsd.nix index ef80ffe0ad41fb9..a1fb0b3951e4537 100644 --- a/nixos/modules/services/printing/cupsd.nix +++ b/nixos/modules/services/printing/cupsd.nix @@ -184,8 +184,8 @@ in type = types.bool; default = false; description = '' - Whether to open the firewall for TCP/UDP ports specified in - listenAdrresses option. + Whether to open the firewall for TCP ports specified in + listenAddresses option. ''; }; @@ -493,7 +493,6 @@ in listenPorts = parsePorts cfg.listenAddresses; in mkIf cfg.openFirewall { allowedTCPPorts = listenPorts; - allowedUDPPorts = listenPorts; }; }; diff --git a/pkgs/misc/cups/filters.nix b/pkgs/misc/cups/filters.nix index b4a7b66c02e3a42..d5688d3bc3514c4 100644 --- a/pkgs/misc/cups/filters.nix +++ b/pkgs/misc/cups/filters.nix @@ -18,6 +18,7 @@ , liblouis , libpng , makeWrapper +, autoreconfHook , mupdf , perl , pkg-config @@ -53,9 +54,14 @@ stdenv.mkDerivation rec { url = "https://github.com/OpenPrinting/libcupsfilters/commit/95576ec3d20c109332d14672a807353cdc551018.patch"; hash = "sha256-MXWllrdWt8n7zqvumQNg34dBgWMwMTwf9lrD+ZZP8Wk="; }) + (fetchpatch { + name = "remove-cups-ldap-browse-protocols_CVE-2024-47176_CVE-2024-47850.patch"; + url = "https://github.com/OpenPrinting/cups-filters/commit/6fd2bdfbdce76149af531ce9fca9062304238451.patch"; + hash = "sha256-XS1ODy7i7ilgEjsKuEvOUiRN9pqsj+bOktKoshKcg8Q="; + }) ]; - nativeBuildInputs = [ pkg-config makeWrapper ]; + nativeBuildInputs = [ pkg-config makeWrapper autoreconfHook ]; buildInputs = [ cups