diff options
author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2023-09-05 00:02:14 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-09-05 00:02:14 +0000 |
commit | 77a8486bb356bc6a6f19637164dedff0fa9136d9 (patch) | |
tree | e3ca237a6a275c5785f332d1b4577706a78b9596 /pkgs/tools | |
parent | bcbbfd86e08623eaf33a5b9838533c841f9ca59a (diff) | |
parent | 4c160598a8af79291085a6172a6d349c4cd46460 (diff) |
Merge master into staging-next
Diffstat (limited to 'pkgs/tools')
-rw-r--r-- | pkgs/tools/nix/fh/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/security/nuclei/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/security/sudo-rs/default.nix | 83 | ||||
-rw-r--r-- | pkgs/tools/system/ttop/default.nix | 4 |
4 files changed, 91 insertions, 8 deletions
diff --git a/pkgs/tools/nix/fh/default.nix b/pkgs/tools/nix/fh/default.nix index 441d63c2befc8..e4368e58012b2 100644 --- a/pkgs/tools/nix/fh/default.nix +++ b/pkgs/tools/nix/fh/default.nix @@ -9,16 +9,16 @@ rustPlatform.buildRustPackage rec { pname = "fh"; - version = "0.1.2"; + version = "0.1.3"; src = fetchFromGitHub { owner = "DeterminateSystems"; repo = "fh"; rev = "v${version}"; - hash = "sha256-4IpfVkmSTMTZKsm+eXPtcenMgbis12RaPrJpM1kYaE8="; + hash = "sha256-9dWd0syDzoyjnhVoOCazRVA4pAAXud+cxggVlxXzJFg="; }; - cargoHash = "sha256-RHUMrA+mzvT9xXOt/flGfvK0uBBUnAtgHOrgvYivTGs="; + cargoHash = "sha256-GzS/grxiMlrpJ2OG5BSne4RmSMUXXjKiwYyW4Aj69gc="; nativeBuildInputs = [ rustPlatform.bindgenHook diff --git a/pkgs/tools/security/nuclei/default.nix b/pkgs/tools/security/nuclei/default.nix index 344ba03a361ea..33df3a04656a8 100644 --- a/pkgs/tools/security/nuclei/default.nix +++ b/pkgs/tools/security/nuclei/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "nuclei"; - version = "2.9.13"; + version = "2.9.14"; src = fetchFromGitHub { owner = "projectdiscovery"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-mjb7U7F4OZ9nRjtLjZk1s7T+n/VqV/RPMbnGodxRVUE="; + hash = "sha256-73MOUzIWA2sO6Y+Xku7f7DlUtsoa0GpfaqJzpEHCV/M="; }; - vendorHash = "sha256-/1F2aY3cRLRz06s1KXQ6bt7UgaZgiXEjS/5stGi7xIw="; + vendorHash = "sha256-H4QBt00WSvCJi7P6gh4JBDCLSZwt/H5LWcahusdQoRE="; modRoot = "./v2"; subPackages = [ diff --git a/pkgs/tools/security/sudo-rs/default.nix b/pkgs/tools/security/sudo-rs/default.nix new file mode 100644 index 0000000000000..6730cdf1869f1 --- /dev/null +++ b/pkgs/tools/security/sudo-rs/default.nix @@ -0,0 +1,83 @@ +{ lib +, bash +, fetchFromGitHub +, fetchpatch +, installShellFiles +, pam +, pandoc +, rustPlatform +}: + +rustPlatform.buildRustPackage rec { + pname = "sudo-rs"; + version = "0.2.0"; + + src = fetchFromGitHub { + owner = "memorysafety"; + repo = "sudo-rs"; + rev = "v${version}"; + hash = "sha256-Kk5D3387hdl6eGWTSV003r+XajuDh6YgHuqYlj9NnaQ="; + }; + cargoHash = "sha256-yeMK37tOgJcs9pW3IclpR5WMXx0gMDJ2wcmInxJYbQ8="; + + nativeBuildInputs = [ installShellFiles pandoc ]; + + buildInputs = [ pam ]; + + patches = [ + (fetchpatch { + # @R-VdP's patch to work with NixOS' suid wrappers + name = "Skip self_check when executed as root.patch"; + url = "https://github.com/R-VdP/sudo-rs/commit/a44541dcb36b94f938daaed66b3ff06cfc1c2b40.patch"; + hash = "sha256-PdmOqp/NDjFy8ve4jEOi58e0N9xUnaVKioQwdC5Jf1U="; + }) + ]; + + # Don't attempt to generate the docs in a (pan)Docker container + postPatch = '' + substituteInPlace util/generate-docs.sh \ + --replace "/usr/bin/env bash" ${lib.getExe bash} \ + --replace util/pandoc.sh pandoc + ''; + + postInstall = '' + ./util/generate-docs.sh + installManPage target/docs/man/* + ''; + + checkFlags = map (t: "--skip=${t}") [ + # Those tests make path assumptions + "common::command::test::test_build_command_and_args" + "common::context::tests::test_build_context" + "common::resolve::test::canonicalization" + "common::resolve::tests::test_resolve_path" + "system::tests::kill_test" + + # Assumes $SHELL is an actual shell + "su::context::tests::su_to_root" + + # Attempts to access /etc files from the build sandbox + "system::audit::test::secure_open_is_predictable" + + # Assume there is a `daemon` user and group + "system::interface::test::test_unix_group" + "system::interface::test::test_unix_user" + "system::tests::test_get_user_and_group_by_id" + + # This expects some PATH_TZINFO environment var + "env::environment::tests::test_tzinfo" + + # Unsure why those are failing + "env::tests::test_environment_variable_filtering" + "su::context::tests::invalid_shell" + ]; + + meta = with lib; { + description = "A memory safe implementation of sudo and su."; + homepage = "https://github.com/memorysafety/sudo-rs"; + changelog = "${meta.homepage}/blob/v${version}/CHANGELOG.md"; + license = with licenses; [ asl20 mit ]; + maintainers = with maintainers; [ nicoo ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/tools/system/ttop/default.nix b/pkgs/tools/system/ttop/default.nix index 67edfe27274dc..ceccaea7ce3df 100644 --- a/pkgs/tools/system/ttop/default.nix +++ b/pkgs/tools/system/ttop/default.nix @@ -2,14 +2,14 @@ nimPackages.buildNimPackage (finalAttrs: { pname = "ttop"; - version = "1.2.0"; + version = "1.2.1"; nimBinOnly = true; src = fetchFromGitHub { owner = "inv2004"; repo = "ttop"; rev = "v${finalAttrs.version}"; - hash = "sha256-4Tjf4Qdpiu0ErH3dkff4cwYyw/8F8+VdFV9NZt8p/3o="; + hash = "sha256-3wRGeRR1M3jx6GKVd7wSjTdfVlBGF6u3jY3wtK3lAYI="; }; buildInputs = with nimPackages; [ asciigraph illwill jsony parsetoml zippy ]; |