diff options
| author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2024-06-03 00:02:20 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-06-03 00:02:20 +0000 |
| commit | c987c730bbf2121264ebd68921b443db5bb28543 (patch) | |
| tree | 51d02d7fb83e0b8c0c0d590374cdc85a9d955bb0 /pkgs/applications | |
| parent | 97d15b22bf30c0ea6d3fdc71a73514a8cf3df0cd (diff) | |
| parent | df2577c6a4938e291283b0d8fab175bf72a86b73 (diff) | |
Merge master into staging-next
Diffstat (limited to 'pkgs/applications')
18 files changed, 132 insertions, 35 deletions
diff --git a/pkgs/applications/blockchains/lnd/default.nix b/pkgs/applications/blockchains/lnd/default.nix index d4eef345eb777..a4271b9367951 100644 --- a/pkgs/applications/blockchains/lnd/default.nix +++ b/pkgs/applications/blockchains/lnd/default.nix @@ -7,16 +7,16 @@ buildGoModule rec { pname = "lnd"; - version = "0.17.5-beta"; + version = "0.18.0-beta"; src = fetchFromGitHub { owner = "lightningnetwork"; repo = "lnd"; rev = "v${version}"; - hash = "sha256-q/mzF6LPW/ThgqfGgjtax8GvoC3JEpg0IetfSTo1XYk="; + hash = "sha256-LkVlsmL/NjWtKUnerqTiT/jNfxazYw0B0GhBDCTGmao="; }; - vendorHash = "sha256-unT0zJrOEmKHpoUsrBHKfn5IziGlaqEtMfkeo/74Rfc="; + vendorHash = "sha256-T7jPuhAEeQ0U43J9gTQ+0/BdLAn4BOupAkmmmofhHtY="; subPackages = [ "cmd/lncli" "cmd/lnd" ]; diff --git a/pkgs/applications/blockchains/trezor-suite/default.nix b/pkgs/applications/blockchains/trezor-suite/default.nix index a718d06c714ac..59fdaf825a6f5 100644 --- a/pkgs/applications/blockchains/trezor-suite/default.nix +++ b/pkgs/applications/blockchains/trezor-suite/default.nix @@ -8,7 +8,7 @@ let pname = "trezor-suite"; - version = "24.5.2"; + version = "24.5.3"; name = "${pname}-${version}"; suffix = { @@ -20,7 +20,7 @@ let url = "https://github.com/trezor/${pname}/releases/download/v${version}/Trezor-Suite-${version}-${suffix}.AppImage"; hash = { # curl -Lfs https://github.com/trezor/trezor-suite/releases/latest/download/latest-linux{-arm64,}.yml | grep ^sha512 | sed 's/: /-/' aarch64-linux = "sha512-U3Az5MtsHup+aNO6lVHeAXRAnNLUbQkL5qMTpYZTaLgiZEFQCUigBJXNPaiUiHA1rJAsFh6wpv20iRMcqRr9gA=="; - x86_64-linux = "sha512-9Gz0T9/GpTEzZDNk8tV7dg4QvQIB4IoEcOLIjrig6kmlaUoPwwoWFuJP0BH5WW2AhOZ+CEWBP6zFD7uw6VVDnA=="; + x86_64-linux = "sha512-JgcnCiq/ozrYDMH7zIns5c6x7TwtpJ6VVg6PUkcoDDgmr9ngIJmAdb+/v9mJUv98WNAPKmhCt0/H9DY2qWJ2Bg=="; }.${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}"); }; diff --git a/pkgs/applications/editors/emacs/elisp-packages/manual-packages/el-easydraw/default.nix b/pkgs/applications/editors/emacs/elisp-packages/manual-packages/el-easydraw/default.nix index 608777208bb6b..9cfa97c4346d0 100644 --- a/pkgs/applications/editors/emacs/elisp-packages/manual-packages/el-easydraw/default.nix +++ b/pkgs/applications/editors/emacs/elisp-packages/manual-packages/el-easydraw/default.nix @@ -2,22 +2,22 @@ , melpaBuild , fetchFromGitHub , writeText -, unstableGitUpdater +, writeScript , gzip }: let - rev = "de68851724072c6695e675f090b33a8abec040c9"; + rev = "13c9fa22155066acfb5a2e444fe76245738e7fb7"; in melpaBuild { pname = "edraw"; - version = "1.1.0"; + version = "20240529.1009"; src = fetchFromGitHub { owner = "misohena"; repo = "el-easydraw"; inherit rev; - hash = "sha256-l9i+HCRKnKiDqID+bfAOPE7LpVBZp1AOPkceX8KbDXM="; + hash = "sha256-h2auwVIWjrOBPHPCuLdJv5y3FpoV4V+MEOPf4xprfYg="; }; commit = rev; @@ -33,7 +33,19 @@ melpaBuild { "msg")) ''; - passthru.updateScript = unstableGitUpdater { }; + passthru.updateScript = writeScript "update.sh" '' + #!/usr/bin/env nix-shell + #!nix-shell -i bash -p common-updater-scripts coreutils git gnused + set -eu -o pipefail + tmpdir="$(mktemp -d)" + git clone --depth=1 https://github.com/misohena/el-easydraw.git "$tmpdir" + pushd "$tmpdir" + commit=$(git show -s --pretty='format:%H') + # Based on: https://github.com/melpa/melpa/blob/2d8716906a0c9e18d6c979d8450bf1d15dd785eb/package-build/package-build.el#L523-L533 + version=$(TZ=UTC git show -s --pretty='format:%cd' --date='format-local:%Y%m%d.%H%M' | sed 's|\.0*|.|') + popd + update-source-version emacsPackages.el-easydraw $version --rev="$commit" + ''; meta = { homepage = "https://github.com/misohena/el-easydraw"; diff --git a/pkgs/applications/emulators/86box/default.nix b/pkgs/applications/emulators/86box/default.nix index 1e9b887d2d6a5..bcf47838aeeb2 100644 --- a/pkgs/applications/emulators/86box/default.nix +++ b/pkgs/applications/emulators/86box/default.nix @@ -88,6 +88,7 @@ stdenv.mkDerivation (finalAttrs: { rev = "v${finalAttrs.version}"; hash = "sha256-58nNTOLund/KeDlNwzwwihjFVigs/P0K8SN07zExE2c="; }; + updateScript = ./update.sh; }; # Some libraries are loaded dynamically, but QLibrary doesn't seem to search diff --git a/pkgs/applications/emulators/86box/update.sh b/pkgs/applications/emulators/86box/update.sh new file mode 100755 index 0000000000000..8af12478529f3 --- /dev/null +++ b/pkgs/applications/emulators/86box/update.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env nix-shell +#!nix-shell -i bash -p jq nix-prefetch-github common-updater-scripts + +set -euo pipefail + +latest_release=$(curl --silent https://api.github.com/repos/86Box/86Box/releases/latest) +version=$(jq -r '.tag_name' <<<"$latest_release" | cut -c2-) +main_hash=$(nix-prefetch-github --json --rev "v$version" 86Box 86Box | jq -r '.hash') +roms_hash=$(nix-prefetch-github --json --rev "v$version" 86Box roms | jq -r '.hash') + +update-source-version _86Box "_$version" "$main_hash" +update-source-version _86Box "$version" "$roms_hash" --source-key=roms diff --git a/pkgs/applications/emulators/wine/sources.nix b/pkgs/applications/emulators/wine/sources.nix index abede892b5ecf..bd6b5e4d080d0 100644 --- a/pkgs/applications/emulators/wine/sources.nix +++ b/pkgs/applications/emulators/wine/sources.nix @@ -69,9 +69,9 @@ in rec { unstable = fetchurl rec { # NOTE: Don't forget to change the hash for staging as well. - version = "9.9"; + version = "9.10"; url = "https://dl.winehq.org/wine/source/9.x/wine-${version}.tar.xz"; - hash = "sha256-TWengSxKvUo96SMjjmD1qGsWrH+yD2KU4Nxu+ei+yjY="; + hash = "sha256-r8NLSRv6FMYsP99ifdK13Kxefp8/FFrbFDMleK+M8cA="; inherit (stable) patches; ## see http://wiki.winehq.org/Gecko @@ -117,7 +117,7 @@ in rec { staging = fetchFromGitLab rec { # https://gitlab.winehq.org/wine/wine-staging inherit (unstable) version; - hash = "sha256-JJrt2zTCjI8Zectoa5B0eZm2BLQm9u5cHbqVEHygwd0="; + hash = "sha256-ZqajfgPSKTcNBiDWEc9UgZWWmvkJvTA0S+j98Qz/y08="; domain = "gitlab.winehq.org"; owner = "wine"; repo = "wine-staging"; diff --git a/pkgs/applications/misc/houdini/default.nix b/pkgs/applications/misc/houdini/default.nix index 3810136cbf5f2..64536177aaff5 100644 --- a/pkgs/applications/misc/houdini/default.nix +++ b/pkgs/applications/misc/houdini/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, writeScript, callPackage, buildFHSEnv, unwrapped ? callPackage ./runtime.nix {} }: +{ lib, stdenv, writeScript, ncurses5, callPackage, buildFHSEnv, unwrapped ? callPackage ./runtime.nix {} }: buildFHSEnv rec { name = "houdini-${unwrapped.version}"; @@ -30,7 +30,6 @@ buildFHSEnv rec { bintools # needed for ld and other tools, so ctypes can find/load sos from python ocl-icd # needed for opencl numactl # needed by hfs ocl backend - ncurses5 # needed by hfs ocl backend zstd # needed from 20.0 ] ++ (with xorg; [ libICE @@ -83,7 +82,7 @@ buildFHSEnv rec { mkdir -p $out/$(dirname $executable) echo "#!${stdenv.shell}" >> $out/$executable - echo "$WRAPPER ${unwrapped}/$executable \"\$@\"" >> $out/$executable + echo "exec $WRAPPER ${unwrapped}/$executable \"\$@\"" >> $out/$executable done cd $out @@ -96,6 +95,9 @@ buildFHSEnv rec { ]; runScript = writeScript "${name}-wrapper" '' + # ncurses5 is needed by hfs ocl backend + # workaround for this issue: https://github.com/NixOS/nixpkgs/issues/89769 + export LD_LIBRARY_PATH=${lib.makeLibraryPath [ncurses5]}:$LD_LIBRARY_PATH exec "$@" ''; } diff --git a/pkgs/applications/misc/houdini/runtime.nix b/pkgs/applications/misc/houdini/runtime.nix index d0d03d9787174..ef96a689b291a 100644 --- a/pkgs/applications/misc/houdini/runtime.nix +++ b/pkgs/applications/misc/houdini/runtime.nix @@ -1,11 +1,11 @@ { lib, stdenv, requireFile, callPackage}: callPackage ./runtime-build.nix rec { - version = "20.0.506"; + version = "20.0.688"; eulaDate = "2021-10-13"; src = requireFile rec { name = "houdini-${version}-linux_x86_64_gcc11.2.tar.gz"; - sha256 = "10dcb695bf9bb6407ccfd91c67858d69864208ee97e1e9afe216abf99db549f5"; + sha256 = "99f9088824c328de9d351f037f26ff1cba960fbd9b4e2ed1d52601680d3512a6"; url = "https://www.sidefx.com/download/daily-builds/?production=true"; }; } diff --git a/pkgs/applications/networking/cluster/tanka/default.nix b/pkgs/applications/networking/cluster/tanka/default.nix index 61f56f4252160..03b30a7209009 100644 --- a/pkgs/applications/networking/cluster/tanka/default.nix +++ b/pkgs/applications/networking/cluster/tanka/default.nix @@ -23,7 +23,30 @@ buildGoModule rec { postInstall = '' echo "complete -C $out/bin/tk tk" > tk.bash - installShellCompletion tk.bash + + cat >tk.fish <<EOF + + function __complete_tk + set -lx COMP_LINE (commandline -cp) + test -z (commandline -ct) + and set COMP_LINE "\$COMP_LINE " + $out/bin/tk + end + complete -f -c tk -a "(__complete_tk)" + + EOF + + cat >tk.zsh <<EOF + #compdef tk + autoload -U +X bashcompinit && bashcompinit + complete -o nospace -C $out/bin/tk tk + EOF + + installShellCompletion \ + --cmd tk \ + --bash tk.bash \ + --fish tk.fish \ + --zsh tk.zsh ''; meta = with lib; { diff --git a/pkgs/applications/networking/cluster/terraform/default.nix b/pkgs/applications/networking/cluster/terraform/default.nix index d2a33c129310b..a217c9e3763db 100644 --- a/pkgs/applications/networking/cluster/terraform/default.nix +++ b/pkgs/applications/networking/cluster/terraform/default.nix @@ -56,7 +56,6 @@ let license = licenses.bsl11; maintainers = with maintainers; [ Chili-Man - babariviere kalbasit timstott zimbatm diff --git a/pkgs/applications/science/biology/kent/default.nix b/pkgs/applications/science/biology/kent/default.nix index b6e4661ccfd61..400e073f69057 100644 --- a/pkgs/applications/science/biology/kent/default.nix +++ b/pkgs/applications/science/biology/kent/default.nix @@ -13,13 +13,13 @@ }: stdenv.mkDerivation rec { pname = "kent"; - version = "446"; + version = "465"; src = fetchFromGitHub { owner = "ucscGenomeBrowser"; repo = pname; rev = "v${version}_base"; - hash = "sha256-d8gcoyMwINdHoD6xaNKt4rCKrKir99+i4KIzJ2YnxRw="; + hash = "sha256-QeHqXSbad5LCmQ8DfLxl2pyXJvKV4G7uLXBtRd7LME0="; }; buildInputs = [ libpng libuuid zlib bzip2 xz openssl curl libmysqlclient ]; diff --git a/pkgs/applications/science/logic/prooftree/default.nix b/pkgs/applications/science/logic/prooftree/default.nix index d0d95818ff93b..ce8badf8f6536 100644 --- a/pkgs/applications/science/logic/prooftree/default.nix +++ b/pkgs/applications/science/logic/prooftree/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "prooftree"; - version = "0.13"; + version = "0.14"; src = fetchurl { url = "https://askra.de/software/prooftree/releases/prooftree-${version}.tar.gz"; - sha256 = "0z1z4wqbqwgppkh2bm89fgy07a0y2m6g4lvcyzs09sm1ysklk2dh"; + sha256 = "sha256-nekV2UnjibOk4h0jZ1jV7W5pE/hXWb3fUoLTJb3Jzc0="; }; strictDeps = true; diff --git a/pkgs/applications/terminal-emulators/kitty/default.nix b/pkgs/applications/terminal-emulators/kitty/default.nix index 708ffd8ecbbe9..ea09667c06485 100644 --- a/pkgs/applications/terminal-emulators/kitty/default.nix +++ b/pkgs/applications/terminal-emulators/kitty/default.nix @@ -31,20 +31,20 @@ with python3Packages; buildPythonApplication rec { pname = "kitty"; - version = "0.35.0"; + version = "0.35.1"; format = "other"; src = fetchFromGitHub { owner = "kovidgoyal"; repo = "kitty"; rev = "refs/tags/v${version}"; - hash = "sha256-d/pPoa+bY7FAjFcd+32aXKDevJRoCGA209uLZ/4WRpQ="; + hash = "sha256-Hp8phZIVvg1oH6ajSmpcQ0uDXRzMQjVBIRYqpgro/24="; }; goModules = (buildGo122Module { pname = "kitty-go-modules"; inherit src version; - vendorHash = "sha256-rEG3mmghvEih2swm+2gp/G9EC2YdyjaOnvq+tALC3jo="; + vendorHash = "sha256-mpyotGzv8UU9pg/3UNZBx0Rkm5kzMzIlDSHuhtNALfw="; }).goModules; buildInputs = [ diff --git a/pkgs/applications/version-management/git/update.sh b/pkgs/applications/version-management/git/update.sh index 54574722b02b7..1f70dcff42940 100755 --- a/pkgs/applications/version-management/git/update.sh +++ b/pkgs/applications/version-management/git/update.sh @@ -10,7 +10,7 @@ targetVersion="${1:-$latestTag}" if [ ! "${oldVersion}" = "${targetVersion}" ]; then update-source-version git "${targetVersion}" nixpkgs="$(git rev-parse --show-toplevel)" - default_nix="$nixpkgs/pkgs/applications/version-management/git-and-tools/git/default.nix" + default_nix="$nixpkgs/pkgs/applications/version-management/git/default.nix" nix-build -A git git add "${default_nix}" git commit -m "git: ${oldVersion} -> ${targetVersion}" diff --git a/pkgs/applications/virtualization/docker/compose.nix b/pkgs/applications/virtualization/docker/compose.nix index 99ce94c4976db..a5919f709971c 100644 --- a/pkgs/applications/virtualization/docker/compose.nix +++ b/pkgs/applications/virtualization/docker/compose.nix @@ -35,6 +35,6 @@ buildGoModule rec { mainProgram = "docker-compose"; homepage = "https://github.com/docker/compose"; license = licenses.asl20; - maintainers = with maintainers; [ babariviere ]; + maintainers = with maintainers; [ ]; }; } diff --git a/pkgs/applications/virtualization/podman-tui/default.nix b/pkgs/applications/virtualization/podman-tui/default.nix index b1ff999cd89c2..0d7947a3f2511 100644 --- a/pkgs/applications/virtualization/podman-tui/default.nix +++ b/pkgs/applications/virtualization/podman-tui/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "podman-tui"; - version = "1.0.1"; + version = "1.1.0"; src = fetchFromGitHub { owner = "containers"; repo = "podman-tui"; rev = "v${version}"; - hash = "sha256-t1vrUXv0ZP+vmOcUIue/yvB34DP+gduopuN0U9oixBQ="; + hash = "sha256-my/y2cgF7F0wk5VJKfmqotBrV3HPmRQGPjlSdMe7wXk="; }; vendorHash = null; diff --git a/pkgs/applications/virtualization/singularity/generic.nix b/pkgs/applications/virtualization/singularity/generic.nix index da7c8accf873a..f27f58fda4876 100644 --- a/pkgs/applications/virtualization/singularity/generic.nix +++ b/pkgs/applications/virtualization/singularity/generic.nix @@ -44,6 +44,7 @@ in gpgme, libseccomp, libuuid, + mount, # This is for nvidia-container-cli nvidia-docker, openssl, @@ -79,6 +80,20 @@ in externalLocalStateDir ? null, # Remove the symlinks to `singularity*` when projectName != "singularity" removeCompat ? false, + # The defaultPath values to substitute in each source files. + # + # `defaultPath` are PATH variables hard-coded inside Apptainer/Singularity + # binaries to search for third-party utilities, as a hardening for + # `$out/bin/starter-suid`. + # + # The upstream provided values are suitable for FHS-conformant environment. + # We substitute them and insert Nixpkgs-specific values. + # + # Example: + # { + # "path/to/source/file1" = [ "<originalDefaultPath11>" "<originalDefaultPath12>" ... ]; + # } + sourceFilesWithDefaultPaths ? { }, # Workaround #86349 # should be removed when the issue is resolved vendorHash ? _defaultGoVendorArgs.vendorHash, @@ -87,7 +102,6 @@ in }: let - defaultPathOriginal = "/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin"; privileged-un-utils = if ((newuidmapPath == null) && (newgidmapPath == null)) then null @@ -97,6 +111,12 @@ let ln -s ${lib.escapeShellArg newuidmapPath} "$out/bin/newuidmap" ln -s ${lib.escapeShellArg newgidmapPath} "$out/bin/newgidmap" ''); + + concatMapStringAttrsSep = + sep: f: attrs: + lib.concatMapStringsSep sep (name: f name attrs.${name}) (lib.attrNames attrs); + + addShellDoubleQuotes = s: lib.escapeShellArg ''"'' + s + lib.escapeShellArg ''"''; in (buildGoModule { inherit pname version src; @@ -185,6 +205,7 @@ in fakeroot fuse2fs # Mount ext3 filesystems go + mount # mount privileged-un-utils squashfsTools # mksquashfs unsquashfs # Make / unpack squashfs image squashfuse # squashfuse_ll squashfuse # Mount (without unpacking) a squashfs image without privileges @@ -199,8 +220,19 @@ in patchShebangs --build "$configureScript" makeit e2e scripts mlocal/scripts # Patching the hard-coded defaultPath by prefixing the packages in defaultPathInputs - substituteInPlace cmd/internal/cli/actions.go \ - --replace "defaultPath = \"${defaultPathOriginal}\"" "defaultPath = \"''${defaultPathInputs// /\/bin:}''${defaultPathInputs:+/bin:}${defaultPathOriginal}\"" + ${concatMapStringAttrsSep "\n" (fileName: originalDefaultPaths: '' + substituteInPlace ${lib.escapeShellArg fileName} \ + ${ + lib.concatMapStringsSep " \\\n " ( + originalDefaultPath: + lib.concatStringsSep " " [ + "--replace-fail" + (addShellDoubleQuotes (lib.escapeShellArg originalDefaultPath)) + (addShellDoubleQuotes ''$inputsDefaultPath''${inputsDefaultPath:+:}${lib.escapeShellArg originalDefaultPath}'') + ] + ) originalDefaultPaths + } + '') sourceFilesWithDefaultPaths} substituteInPlace internal/pkg/util/gpu/nvidia.go \ --replace \ @@ -236,7 +268,7 @@ in substituteInPlace "$out/bin/run-singularity" \ --replace "/usr/bin/env ${projectName}" "$out/bin/${projectName}" wrapProgram "$out/bin/${projectName}" \ - --prefix PATH : "''${defaultPathInputs// /\/bin:}''${defaultPathInputs:+/bin:}" + --prefix PATH : "$inputsDefaultPath" # Make changes in the config file ${lib.optionalString forceNvcCli '' substituteInPlace "$out/etc/${projectName}/${projectName}.conf" \ @@ -294,7 +326,9 @@ in }).overrideAttrs ( finalAttrs: prevAttrs: { + inputsDefaultPath = lib.makeBinPath finalAttrs.defaultPathInputs; passthru = prevAttrs.passthru or { } // { + inherit sourceFilesWithDefaultPaths; tests = { image-hello-cowsay = singularity-tools.buildImage { name = "hello-cowsay"; diff --git a/pkgs/applications/virtualization/singularity/packages.nix b/pkgs/applications/virtualization/singularity/packages.nix index eca8c914e6aae..f03bdf9631c56 100644 --- a/pkgs/applications/virtualization/singularity/packages.nix +++ b/pkgs/applications/virtualization/singularity/packages.nix @@ -35,6 +35,12 @@ let # when building on a system with disabled unprivileged namespace. # See https://github.com/NixOS/nixpkgs/pull/215690#issuecomment-1426954601 defaultToSuid = null; + + sourceFilesWithDefaultPaths = { + "cmd/internal/cli/actions.go" = [ "/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin" ]; + "e2e/env/env.go" = [ "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ]; + "internal/pkg/util/env/env.go" = [ "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ]; + }; }; singularity = @@ -71,6 +77,14 @@ let # on UNIX-like platforms, # and only have --without-suid but not --with-suid. defaultToSuid = true; + + sourceFilesWithDefaultPaths = { + "cmd/internal/cli/actions.go" = [ "/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin" ]; + "e2e/env/env.go" = [ "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ]; + "internal/pkg/util/env/clean.go" = [ + "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" + ]; + }; }; genOverridenNixos = |