diff options
author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2024-04-03 00:14:13 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-04-03 00:14:13 +0000 |
commit | e1081d775fbd297235b62f424c068ee43596a0e2 (patch) | |
tree | d8fd64ca4b758b4b3c07af33a4034231a3bda535 | |
parent | 4c198fd8df82b8c3b4b9c04979ff871732eb59c9 (diff) | |
parent | 4ffa7f284432341096bc1f1b65017a0fe812a521 (diff) |
Merge staging-next-23.11 into staging-23.11
-rw-r--r-- | pkgs/applications/file-managers/joshuto/default.nix (renamed from pkgs/by-name/jo/joshuto/package.nix) | 6 | ||||
-rw-r--r-- | pkgs/applications/networking/browsers/microsoft-edge/browser.nix | 3 | ||||
-rw-r--r-- | pkgs/applications/video/youtube-tui/default.nix | 10 | ||||
-rw-r--r-- | pkgs/applications/virtualization/podman/buildah-CVE-2024-1753.patch | 27 | ||||
-rw-r--r-- | pkgs/applications/virtualization/podman/default.nix | 1 | ||||
-rw-r--r-- | pkgs/development/tools/buildah/default.nix | 4 | ||||
-rw-r--r-- | pkgs/top-level/all-packages.nix | 2 |
7 files changed, 46 insertions, 7 deletions
diff --git a/pkgs/by-name/jo/joshuto/package.nix b/pkgs/applications/file-managers/joshuto/default.nix index 08f5429fbb5ce..f2bb672923060 100644 --- a/pkgs/by-name/jo/joshuto/package.nix +++ b/pkgs/applications/file-managers/joshuto/default.nix @@ -8,16 +8,16 @@ rustPlatform.buildRustPackage rec { pname = "joshuto"; - version = "0.9.8"; + version = "0.9.6"; src = fetchFromGitHub { owner = "kamiyaa"; repo = "joshuto"; rev = "v${version}"; - hash = "sha256-8OvaL6HqsJjBAbksR4EpC/ZgvdBSKlB37PP77p3T3PY="; + hash = "sha256-d2r8xPGnH/299wjEijilgqy3u/xJgtRmwzJdHt0sA+o="; }; - cargoHash = "sha256-zGqOmebD7kZAsWunWSB2NFOSg0cu8aM1dyhEIQz1j4I="; + cargoHash = "sha256-amgqoL7NYfl3WzTtgvDoBX46rsL9248rbCis6MHVQhE="; nativeBuildInputs = [ installShellFiles ]; diff --git a/pkgs/applications/networking/browsers/microsoft-edge/browser.nix b/pkgs/applications/networking/browsers/microsoft-edge/browser.nix index 9d3da97fff8ce..c0868faa5c2c2 100644 --- a/pkgs/applications/networking/browsers/microsoft-edge/browser.nix +++ b/pkgs/applications/networking/browsers/microsoft-edge/browser.nix @@ -22,6 +22,7 @@ , expat , libdrm , libxkbcommon +, pipewire , gtk3 , pango , cairo @@ -81,7 +82,7 @@ stdenv.mkDerivation rec { xorg.libxcb cups.lib dbus.lib expat libdrm xorg.libXcomposite xorg.libXdamage xorg.libXext xorg.libXfixes xorg.libXrandr libxkbcommon - gtk3 pango cairo gdk-pixbuf mesa + pipewire gtk3 pango cairo gdk-pixbuf mesa alsa-lib at-spi2-core xorg.libxshmfence systemd wayland ]; naclHelper = lib.makeLibraryPath [ diff --git a/pkgs/applications/video/youtube-tui/default.nix b/pkgs/applications/video/youtube-tui/default.nix index bfa1039d5d330..63e9f51304edb 100644 --- a/pkgs/applications/video/youtube-tui/default.nix +++ b/pkgs/applications/video/youtube-tui/default.nix @@ -6,6 +6,7 @@ , xorg , stdenv , python3 +, makeBinaryWrapper , libsixel , mpv , CoreFoundation @@ -19,7 +20,7 @@ rustPlatform.buildRustPackage rec { src = fetchFromGitHub { owner = "Siriusmart"; - repo = pname; + repo = "youtube-tui"; rev = "v${version}"; hash = "sha256-FOiK3yQcQuwdCEjBtRPW4iBd+8uNsvZ6l5tclHVzL+M="; }; @@ -34,6 +35,7 @@ rustPlatform.buildRustPackage rec { nativeBuildInputs = [ pkg-config python3 + makeBinaryWrapper ]; buildInputs = [ @@ -47,6 +49,12 @@ rustPlatform.buildRustPackage rec { AppKit ]; + # sixel-sys is dynamically linked to libsixel + postInstall = lib.optionalString stdenv.isDarwin '' + wrapProgram $out/bin/youtube-tui \ + --prefix DYLD_LIBRARY_PATH : "${lib.makeLibraryPath [libsixel]}" + ''; + meta = with lib; { description = "An aesthetically pleasing YouTube TUI written in Rust"; homepage = "https://siriusmart.github.io/youtube-tui"; diff --git a/pkgs/applications/virtualization/podman/buildah-CVE-2024-1753.patch b/pkgs/applications/virtualization/podman/buildah-CVE-2024-1753.patch new file mode 100644 index 0000000000000..5171547bc9516 --- /dev/null +++ b/pkgs/applications/virtualization/podman/buildah-CVE-2024-1753.patch @@ -0,0 +1,27 @@ +Based on patch listed @ +https://github.com/containers/podman/security/advisories/GHSA-874v-pj72-92f3 +with necessary path adjustments + +--- a/vendor/github.com/containers/buildah/internal/volumes/volumes.go ++++ b/vendor/github.com/containers/buildah/internal/volumes/volumes.go +@@ -11,6 +11,7 @@ import ( + + "errors" + ++ "github.com/containers/buildah/copier" + "github.com/containers/buildah/define" + "github.com/containers/buildah/internal" + internalParse "github.com/containers/buildah/internal/parse" +@@ -189,7 +190,11 @@ func GetBindMount(ctx *types.SystemContext, args []string, contextDir string, st + // buildkit parity: support absolute path for sources from current build context + if contextDir != "" { + // path should be /contextDir/specified path +- newMount.Source = filepath.Join(contextDir, filepath.Clean(string(filepath.Separator)+newMount.Source)) ++ evaluated, err := copier.Eval(contextDir, newMount.Source, copier.EvalOptions{}) ++ if err != nil { ++ return newMount, "", err ++ } ++ newMount.Source = evaluated + } else { + // looks like its coming from `build run --mount=type=bind` allow using absolute path + // error out if no source is set diff --git a/pkgs/applications/virtualization/podman/default.nix b/pkgs/applications/virtualization/podman/default.nix index 0a35d6bf5e7f7..e93461e9b09ce 100644 --- a/pkgs/applications/virtualization/podman/default.nix +++ b/pkgs/applications/virtualization/podman/default.nix @@ -74,6 +74,7 @@ buildGoModule rec { patches = [ # we intentionally don't build and install the helper so we shouldn't display messages to users about it ./rm-podman-mac-helper-msg.patch + ./buildah-CVE-2024-1753.patch ]; vendorHash = null; diff --git a/pkgs/development/tools/buildah/default.nix b/pkgs/development/tools/buildah/default.nix index a6761a7350c78..dae6c9416b0a4 100644 --- a/pkgs/development/tools/buildah/default.nix +++ b/pkgs/development/tools/buildah/default.nix @@ -17,13 +17,13 @@ buildGoModule rec { pname = "buildah"; - version = "1.32.2"; + version = "1.32.3"; src = fetchFromGitHub { owner = "containers"; repo = "buildah"; rev = "v${version}"; - hash = "sha256-Av4wrJ+anVu1pTSFTpaseBhj+7ECsRoKb1bATrUKYuo="; + hash = "sha256-De1ix4MFHfFdQfeTzAh1sSGtTzp2Du+NEh+TRcoHWDc="; }; outputs = [ "out" "man" ]; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index b4e317d45f8c2..4f6167cf6555e 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -2949,6 +2949,8 @@ with pkgs; felix-fm = callPackage ../applications/file-managers/felix-fm { }; + joshuto = callPackage ../applications/file-managers/joshuto { }; + krusader = libsForQt5.callPackage ../applications/file-managers/krusader { }; lesscpy = callPackage ../development/compilers/lesscpy { }; |