diff options
146 files changed, 1075 insertions, 1469 deletions
diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index 87687572f3f02..cba46849dbd14 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -15043,6 +15043,12 @@ githubId = 496447; name = "Robert Hensing"; }; + robert-manchester = { + email = "robert.manchester@gmail.com"; + github = "robert-manchester"; + githubId = 86313040; + name = "Robert Manchester"; + }; robertodr = { email = "roberto.diremigio@gmail.com"; github = "robertodr"; diff --git a/maintainers/scripts/pluginupdate.py b/maintainers/scripts/pluginupdate.py index 5ceaab8db901a..52e9af399709b 100644 --- a/maintainers/scripts/pluginupdate.py +++ b/maintainers/scripts/pluginupdate.py @@ -786,8 +786,11 @@ def update_plugins(editor: Editor, args): autocommit = not args.no_commit if autocommit: + from datetime import date editor.nixpkgs_repo = git.Repo(editor.root, search_parent_directories=True) - commit(editor.nixpkgs_repo, f"{editor.attr_path}: update", [args.outfile]) + updated = date.today().strftime('%m-%d-%Y') + + commit(editor.nixpkgs_repo, f"{editor.attr_path}: updated the {updated}", [args.outfile]) if redirects: update() diff --git a/nixos/doc/manual/development/what-happens-during-a-system-switch.chapter.md b/nixos/doc/manual/development/what-happens-during-a-system-switch.chapter.md index 5d6d67f1aa92c..82522b33740e7 100644 --- a/nixos/doc/manual/development/what-happens-during-a-system-switch.chapter.md +++ b/nixos/doc/manual/development/what-happens-during-a-system-switch.chapter.md @@ -44,6 +44,10 @@ of actions is always the same: - Inspect what changed during these actions and print units that failed and that were newly started +By default, some units are filtered from the outputs to make it less spammy. +This can be disabled for development or testing by setting the environment variable +`STC_DISPLAY_ALL_UNITS=1` + Most of these actions are either self-explaining but some of them have to do with our units or the activation script. For this reason, these topics are explained in the next sections. diff --git a/nixos/doc/manual/release-notes/rl-2311.section.md b/nixos/doc/manual/release-notes/rl-2311.section.md index 38e249c9bb5e1..4c8b9898629b4 100644 --- a/nixos/doc/manual/release-notes/rl-2311.section.md +++ b/nixos/doc/manual/release-notes/rl-2311.section.md @@ -359,6 +359,8 @@ - The application firewall `opensnitch` now uses the process monitor method eBPF as default as recommended by upstream. The method can be changed with the setting [services.opensnitch.settings.ProcMonitorMethod](#opt-services.opensnitch.settings.ProcMonitorMethod). +- `services.hedgedoc` has been heavily refactored, reducing the amount of declared options in the module. Most of the options should still work without any changes. Some options have been deprecated, as they no longer have any effect. See [#244941](https://github.com/NixOS/nixpkgs/pull/244941) for more details. + - The module [services.ankisyncd](#opt-services.ankisyncd.package) has been switched to [anki-sync-server-rs](https://github.com/ankicommunity/anki-sync-server-rs) from the old python version, which was difficult to update, had not been updated in a while, and did not support recent versions of anki. Unfortunately all servers supporting new clients (newer version of anki-sync-server, anki's built in sync server and this new rust package) do not support the older sync protocol that was used in the old server, so such old clients will also need updating and in particular the anki package in nixpkgs is also being updated in this release. The module update takes care of the new config syntax and the data itself (user login and cards) are compatible, so users of the module will be able to just log in again after updating both client and server without any extra action. diff --git a/nixos/modules/config/iproute2.nix b/nixos/modules/config/iproute2.nix index 8f49e7dbf7de5..7e4fb4d848e39 100644 --- a/nixos/modules/config/iproute2.nix +++ b/nixos/modules/config/iproute2.nix @@ -7,7 +7,7 @@ let in { options.networking.iproute2 = { - enable = mkEnableOption (lib.mdDoc "copy IP route configuration files"); + enable = mkEnableOption (lib.mdDoc "copying IP route configuration files"); rttablesExtraConfig = mkOption { type = types.lines; default = ""; diff --git a/nixos/modules/config/stevenblack.nix b/nixos/modules/config/stevenblack.nix index 07a0aa339a561..30ef7ff259f09 100644 --- a/nixos/modules/config/stevenblack.nix +++ b/nixos/modules/config/stevenblack.nix @@ -15,7 +15,7 @@ let in { options.networking.stevenblack = { - enable = mkEnableOption (mdDoc "Enable the stevenblack hosts file blocklist"); + enable = mkEnableOption (mdDoc "the stevenblack hosts file blocklist"); block = mkOption { type = types.listOf (types.enum [ "fakenews" "gambling" "porn" "social" ]); diff --git a/nixos/modules/hardware/corectrl.nix b/nixos/modules/hardware/corectrl.nix index 965cbe0267e08..8ef61a158d5ce 100644 --- a/nixos/modules/hardware/corectrl.nix +++ b/nixos/modules/hardware/corectrl.nix @@ -8,13 +8,13 @@ in { options.programs.corectrl = { enable = mkEnableOption (lib.mdDoc '' - A tool to overclock amd graphics cards and processors. + CoreCtrl, a tool to overclock amd graphics cards and processors. Add your user to the corectrl group to run corectrl without needing to enter your password ''); gpuOverclock = { enable = mkEnableOption (lib.mdDoc '' - true + GPU overclocking ''); ppfeaturemask = mkOption { type = types.str; diff --git a/nixos/modules/hardware/i2c.nix b/nixos/modules/hardware/i2c.nix index 9a5a2e44813ed..bd4c4ebe21bde 100644 --- a/nixos/modules/hardware/i2c.nix +++ b/nixos/modules/hardware/i2c.nix @@ -11,7 +11,7 @@ in enable = mkEnableOption (lib.mdDoc '' i2c devices support. By default access is granted to users in the "i2c" group (will be created if non-existent) and any user with a seat, meaning - logged on the computer locally. + logged on the computer locally ''); group = mkOption { diff --git a/nixos/modules/hardware/keyboard/uhk.nix b/nixos/modules/hardware/keyboard/uhk.nix index 17baff83d886b..ff984fa5daa6b 100644 --- a/nixos/modules/hardware/keyboard/uhk.nix +++ b/nixos/modules/hardware/keyboard/uhk.nix @@ -11,7 +11,7 @@ in non-root access to the firmware of UHK keyboards. You need it when you want to flash a new firmware on the keyboard. Access to the keyboard is granted to users in the "input" group. - You may want to install the uhk-agent package. + You may want to install the uhk-agent package ''); }; diff --git a/nixos/modules/hardware/keyboard/zsa.nix b/nixos/modules/hardware/keyboard/zsa.nix index a04b67b5c8d0e..191fb12cca4f9 100644 --- a/nixos/modules/hardware/keyboard/zsa.nix +++ b/nixos/modules/hardware/keyboard/zsa.nix @@ -11,7 +11,7 @@ in udev rules for keyboards from ZSA like the ErgoDox EZ, Planck EZ and Moonlander Mark I. You need it when you want to flash a new configuration on the keyboard or use their live training in the browser. - You may want to install the wally-cli package. + You may want to install the wally-cli package ''); }; diff --git a/nixos/modules/hardware/openrazer.nix b/nixos/modules/hardware/openrazer.nix index aaa4000e758ff..abbafaee89501 100644 --- a/nixos/modules/hardware/openrazer.nix +++ b/nixos/modules/hardware/openrazer.nix @@ -50,7 +50,7 @@ in options = { hardware.openrazer = { enable = mkEnableOption (lib.mdDoc '' - OpenRazer drivers and userspace daemon. + OpenRazer drivers and userspace daemon ''); verboseLogging = mkOption { diff --git a/nixos/modules/hardware/tuxedo-keyboard.nix b/nixos/modules/hardware/tuxedo-keyboard.nix index 3ae876bd1f18b..fd8b48a5e9eaf 100644 --- a/nixos/modules/hardware/tuxedo-keyboard.nix +++ b/nixos/modules/hardware/tuxedo-keyboard.nix @@ -9,7 +9,7 @@ in { options.hardware.tuxedo-keyboard = { enable = mkEnableOption (lib.mdDoc '' - Enables the tuxedo-keyboard driver. + the tuxedo-keyboard driver. To configure the driver, pass the options to the {option}`boot.kernelParams` configuration. There are several parameters you can change. It's best to check at the source code description which options are supported. diff --git a/nixos/modules/hardware/video/nvidia.nix b/nixos/modules/hardware/video/nvidia.nix index a40713ac25c75..4320edf60da51 100644 --- a/nixos/modules/hardware/video/nvidia.nix +++ b/nixos/modules/hardware/video/nvidia.nix @@ -24,7 +24,7 @@ in { options = { hardware.nvidia = { datacenter.enable = lib.mkEnableOption (lib.mdDoc '' - Data Center drivers for NVIDIA cards on a NVLink topology. + Data Center drivers for NVIDIA cards on a NVLink topology ''); datacenter.settings = lib.mkOption { type = settingsFormat.type; @@ -79,18 +79,18 @@ in { powerManagement.enable = lib.mkEnableOption (lib.mdDoc '' experimental power management through systemd. For more information, see - the NVIDIA docs, on Chapter 21. Configuring Power Management Support. + the NVIDIA docs, on Chapter 21. Configuring Power Management Support ''); powerManagement.finegrained = lib.mkEnableOption (lib.mdDoc '' experimental power management of PRIME offload. For more information, see - the NVIDIA docs, on Chapter 22. PCI-Express Runtime D3 (RTD3) Power Management. + the NVIDIA docs, on Chapter 22. PCI-Express Runtime D3 (RTD3) Power Management ''); dynamicBoost.enable = lib.mkEnableOption (lib.mdDoc '' dynamic Boost balances power between the CPU and the GPU for improved performance on supported laptops using the nvidia-powerd daemon. For more - information, see the NVIDIA docs, on Chapter 23. Dynamic Boost on Linux. + information, see the NVIDIA docs, on Chapter 23. Dynamic Boost on Linux ''); modesetting.enable = lib.mkEnableOption (lib.mdDoc '' @@ -99,7 +99,7 @@ in { Enabling this fixes screen tearing when using Optimus via PRIME (see {option}`hardware.nvidia.prime.sync.enable`. This is not enabled by default because it is not officially supported by NVIDIA and would not - work with SLI. + work with SLI ''); prime.nvidiaBusId = lib.mkOption { @@ -153,11 +153,11 @@ in { Note that this configuration will only be successful when a display manager for which the {option}`services.xserver.displayManager.setupCommands` - option is supported is used. + option is supported is used ''); prime.allowExternalGpu = lib.mkEnableOption (lib.mdDoc '' - configuring X to allow external NVIDIA GPUs when using Prime [Reverse] sync optimus. + configuring X to allow external NVIDIA GPUs when using Prime [Reverse] sync optimus ''); prime.offload.enable = lib.mkEnableOption (lib.mdDoc '' @@ -166,7 +166,7 @@ in { If this is enabled, then the bus IDs of the NVIDIA and Intel/AMD GPUs have to be specified ({option}`hardware.nvidia.prime.nvidiaBusId` and {option}`hardware.nvidia.prime.intelBusId` or - {option}`hardware.nvidia.prime.amdgpuBusId`). + {option}`hardware.nvidia.prime.amdgpuBusId`) ''); prime.offload.enableOffloadCmd = lib.mkEnableOption (lib.mdDoc '' @@ -174,7 +174,7 @@ in { for offloading programs to an nvidia device. To work, should have also enabled {option}`hardware.nvidia.prime.offload.enable` or {option}`hardware.nvidia.prime.reverseSync.enable`. - Example usage `nvidia-offload sauerbraten_client`. + Example usage `nvidia-offload sauerbraten_client` ''); prime.reverseSync.enable = lib.mkEnableOption (lib.mdDoc '' @@ -202,25 +202,25 @@ in { Note that this configuration will only be successful when a display manager for which the {option}`services.xserver.displayManager.setupCommands` - option is supported is used. + option is supported is used ''); nvidiaSettings = (lib.mkEnableOption (lib.mdDoc '' - nvidia-settings, NVIDIA's GUI configuration tool. + nvidia-settings, NVIDIA's GUI configuration tool '')) // {default = true;}; nvidiaPersistenced = lib.mkEnableOption (lib.mdDoc '' nvidia-persistenced a update for NVIDIA GPU headless mode, i.e. - It ensures all GPUs stay awake even during headless mode. + It ensures all GPUs stay awake even during headless mode ''); forceFullCompositionPipeline = lib.mkEnableOption (lib.mdDoc '' forcefully the full composition pipeline. This sometimes fixes screen tearing issues. This has been reported to reduce the performance of some OpenGL applications and may produce issues in WebGL. - It also drastically increases the time the driver needs to clock down after load. + It also drastically increases the time the driver needs to clock down after load ''); package = lib.mkOption { diff --git a/nixos/modules/hardware/video/webcam/facetimehd.nix b/nixos/modules/hardware/video/webcam/facetimehd.nix index 480c636aa0d9d..a0ec9c98a54c9 100644 --- a/nixos/modules/hardware/video/webcam/facetimehd.nix +++ b/nixos/modules/hardware/video/webcam/facetimehd.nix @@ -12,7 +12,7 @@ in { - options.hardware.facetimehd.enable = mkEnableOption (lib.mdDoc "facetimehd kernel module"); + options.hardware.facetimehd.enable = mkEnableOption (lib.mdDoc "the facetimehd kernel module"); options.hardware.facetimehd.withCalibration = mkOption { default = false; diff --git a/nixos/modules/misc/nixops-autoluks.nix b/nixos/modules/misc/nixops-autoluks.nix index 221b34f3cc366..e6817633119d9 100644 --- a/nixos/modules/misc/nixops-autoluks.nix +++ b/nixos/modules/misc/nixops-autoluks.nix @@ -5,7 +5,7 @@ let inherit (config.nixops) enableDeprecatedAutoLuks; in { - options.nixops.enableDeprecatedAutoLuks = lib.mkEnableOption (lib.mdDoc "Enable the deprecated NixOps AutoLuks module"); + options.nixops.enableDeprecatedAutoLuks = lib.mkEnableOption (lib.mdDoc "the deprecated NixOps AutoLuks module"); config = { assertions = [ diff --git a/nixos/modules/programs/calls.nix b/nixos/modules/programs/calls.nix index 7a18982915a9f..3d757bc1fc320 100644 --- a/nixos/modules/programs/calls.nix +++ b/nixos/modules/programs/calls.nix @@ -8,7 +8,7 @@ in { options = { programs.calls = { enable = mkEnableOption (lib.mdDoc '' - Whether to enable GNOME calls: a phone dialer and call handler. + GNOME calls: a phone dialer and call handler ''); }; }; diff --git a/nixos/modules/programs/cnping.nix b/nixos/modules/programs/cnping.nix index d3cf659d4297f..143267fc9a426 100644 --- a/nixos/modules/programs/cnping.nix +++ b/nixos/modules/programs/cnping.nix @@ -8,7 +8,7 @@ in { options = { programs.cnping = { - enable = mkEnableOption (lib.mdDoc "Whether to install a setcap wrapper for cnping"); + enable = mkEnableOption (lib.mdDoc "a setcap wrapper for cnping"); }; }; diff --git a/nixos/modules/programs/direnv.nix b/nixos/modules/programs/direnv.nix index 1a80cb2028066..77a6568e73b88 100644 --- a/nixos/modules/programs/direnv.nix +++ b/nixos/modules/programs/direnv.nix @@ -11,7 +11,7 @@ in { enable = lib.mkEnableOption (lib.mdDoc '' direnv integration. Takes care of both installation and setting up the sourcing of the shell. Additionally enables nix-direnv - integration. Note that you need to logout and login for this change to apply. + integration. Note that you need to logout and login for this change to apply ''); package = lib.mkPackageOptionMD pkgs "direnv" {}; diff --git a/nixos/modules/programs/feedbackd.nix b/nixos/modules/programs/feedbackd.nix index cee8daa314622..e3fde947a3dfe 100644 --- a/nixos/modules/programs/feedbackd.nix +++ b/nixos/modules/programs/feedbackd.nix @@ -8,9 +8,9 @@ in { options = { programs.feedbackd = { enable = mkEnableOption (lib.mdDoc '' - Whether to enable the feedbackd D-BUS service and udev rules. + the feedbackd D-BUS service and udev rules. - Your user needs to be in the `feedbackd` group to trigger effects. + Your user needs to be in the `feedbackd` group to trigger effects ''); package = mkOption { description = lib.mdDoc '' diff --git a/nixos/modules/programs/kdeconnect.nix b/nixos/modules/programs/kdeconnect.nix index 4978c428ce341..4ba156f2db8d3 100644 --- a/nixos/modules/programs/kdeconnect.nix +++ b/nixos/modules/programs/kdeconnect.nix @@ -9,7 +9,7 @@ with lib; 1714 to 1764 as they are needed for it to function properly. You can use the {option}`package` to use `gnomeExtensions.gsconnect` as an alternative - implementation if you use Gnome. + implementation if you use Gnome ''); package = mkOption { default = pkgs.plasma5Packages.kdeconnect-kde; diff --git a/nixos/modules/programs/wayland/wayfire.nix b/nixos/modules/programs/wayland/wayfire.nix index d0b280e3940fc..9ea2010cf59c8 100644 --- a/nixos/modules/programs/wayland/wayfire.nix +++ b/nixos/modules/programs/wayland/wayfire.nix @@ -6,7 +6,7 @@ in meta.maintainers = with lib.maintainers; [ rewine ]; options.programs.wayfire = { - enable = lib.mkEnableOption (lib.mdDoc "Wayfire, a wayland compositor based on wlroots."); + enable = lib.mkEnableOption (lib.mdDoc "Wayfire, a wayland compositor based on wlroots"); package = lib.mkPackageOptionMD pkgs "wayfire" { }; diff --git a/nixos/modules/services/backup/znapzend.nix b/nixos/modules/services/backup/znapzend.nix index 76f147c18affa..2ebe8ad2f69ae 100644 --- a/nixos/modules/services/backup/znapzend.nix +++ b/nixos/modules/services/backup/znapzend.nix @@ -359,14 +359,14 @@ in }; features.oracleMode = mkEnableOption (lib.mdDoc '' - Destroy snapshots one by one instead of using one long argument list. + destroying snapshots one by one instead of using one long argument list. If source and destination are out of sync for a long time, you may have so many snapshots to destroy that the argument gets is too long and the - command fails. + command fails ''); features.recvu = mkEnableOption (lib.mdDoc '' recvu feature which uses `-u` on the receiving end to keep the destination - filesystem unmounted. + filesystem unmounted ''); features.compressed = mkEnableOption (lib.mdDoc '' compressed feature which adds the options `-Lce` to @@ -377,7 +377,7 @@ in support and -e is for embedded data support. see {manpage}`znapzend(1)` and {manpage}`zfs(8)` - for more info. + for more info ''); features.sendRaw = mkEnableOption (lib.mdDoc '' sendRaw feature which adds the options `-w` to the @@ -386,25 +386,25 @@ in backup that can't be read without the encryption key/passphrase, useful when the remote isn't fully trusted or not physically secure. This option must be used consistently, raw incrementals cannot be based on - non-raw snapshots and vice versa. + non-raw snapshots and vice versa ''); features.skipIntermediates = mkEnableOption (lib.mdDoc '' - Enable the skipIntermediates feature to send a single increment + the skipIntermediates feature to send a single increment between latest common snapshot and the newly made one. It may skip several source snaps if the destination was offline for some time, and it should skip snapshots not managed by znapzend. Normally for online destinations, the new snapshot is sent as soon as it is created on the - source, so there are no automatic increments to skip. + source, so there are no automatic increments to skip ''); features.lowmemRecurse = mkEnableOption (lib.mdDoc '' use lowmemRecurse on systems where you have too many datasets, so a recursive listing of attributes to find backup plans exhausts the memory available to {command}`znapzend`: instead, go the slower way to first list all impacted dataset names, and then query their - configs one by one. + configs one by one ''); features.zfsGetType = mkEnableOption (lib.mdDoc '' - use zfsGetType if your {command}`zfs get` supports a + using zfsGetType if your {command}`zfs get` supports a `-t` argument for filtering by dataset type at all AND lists properties for snapshots by default when recursing, so that there is too much data to process while searching for backup plans. @@ -412,7 +412,7 @@ in `--recursive` search for backup plans can literally differ by hundreds of times (depending on the amount of snapshots in that dataset tree... and a decent backup plan will ensure you have a lot - of those), so you would benefit from requesting this feature. + of those), so you would benefit from requesting this feature ''); }; }; diff --git a/nixos/modules/services/databases/cassandra.nix b/nixos/modules/services/databases/cassandra.nix index e26acb88d8c85..cd816ffaf0dde 100644 --- a/nixos/modules/services/databases/cassandra.nix +++ b/nixos/modules/services/databases/cassandra.nix @@ -122,7 +122,7 @@ in options.services.cassandra = { enable = mkEnableOption (lib.mdDoc '' - Apache Cassandra – Scalable and highly available database. + Apache Cassandra – Scalable and highly available database ''); clusterName = mkOption { diff --git a/nixos/modules/services/databases/ferretdb.nix b/nixos/modules/services/databases/ferretdb.nix index 5b2cc59d8c068..45f822d646910 100644 --- a/nixos/modules/services/databases/ferretdb.nix +++ b/nixos/modules/services/databases/ferretdb.nix @@ -11,7 +11,7 @@ in options = { services.ferretdb = { - enable = mkEnableOption "FerretDB, an Open Source MongoDB alternative."; + enable = mkEnableOption "FerretDB, an Open Source MongoDB alternative"; package = mkOption { type = types.package; diff --git a/nixos/modules/services/databases/redis.nix b/nixos/modules/services/databases/redis.nix index 1464f4487e39d..86b295dadf494 100644 --- a/nixos/modules/services/databases/redis.nix +++ b/nixos/modules/services/databases/redis.nix @@ -75,7 +75,7 @@ in { Note that the NixOS module for Redis disables kernel support for Transparent Huge Pages (THP), because this features causes major performance problems for Redis, - e.g. (https://redis.io/topics/latency). + e.g. (https://redis.io/topics/latency) ''); user = mkOption { diff --git a/nixos/modules/services/databases/surrealdb.nix b/nixos/modules/services/databases/surrealdb.nix index 28bd97cd731ea..e1a1faed1f8f7 100644 --- a/nixos/modules/services/databases/surrealdb.nix +++ b/nixos/modules/services/databases/surrealdb.nix @@ -8,7 +8,7 @@ in { options = { services.surrealdb = { - enable = mkEnableOption (lib.mdDoc "A scalable, distributed, collaborative, document-graph database, for the realtime web "); + enable = mkEnableOption (lib.mdDoc "SurrealDB, a scalable, distributed, collaborative, document-graph database, for the realtime web"); package = mkOption { default = pkgs.surrealdb; diff --git a/nixos/modules/services/desktops/deepin/app-services.nix b/nixos/modules/services/desktops/deepin/app-services.nix index 6f9932e487336..4592bc7bb340c 100644 --- a/nixos/modules/services/desktops/deepin/app-services.nix +++ b/nixos/modules/services/desktops/deepin/app-services.nix @@ -14,7 +14,7 @@ with lib; services.deepin.app-services = { - enable = mkEnableOption (lib.mdDoc "Service collection of DDE applications, including dconfig-center"); + enable = mkEnableOption (lib.mdDoc "service collection of DDE applications, including dconfig-center"); }; diff --git a/nixos/modules/services/desktops/deepin/dde-api.nix b/nixos/modules/services/desktops/deepin/dde-api.nix index 472d9860c1089..459876febf21f 100644 --- a/nixos/modules/services/desktops/deepin/dde-api.nix +++ b/nixos/modules/services/desktops/deepin/dde-api.nix @@ -15,8 +15,8 @@ with lib; services.deepin.dde-api = { enable = mkEnableOption (lib.mdDoc '' - Provides some dbus interfaces that is used for screen zone detecting, - thumbnail generating, and sound playing in Deepin Desktop Environment. + some dbus interfaces that is used for screen zone detecting, + thumbnail generating, and sound playing in Deepin Desktop Environment ''); }; diff --git a/nixos/modules/services/desktops/deepin/dde-daemon.nix b/nixos/modules/services/desktops/deepin/dde-daemon.nix index 9377f523ebf9c..356d323bcbdf9 100644 --- a/nixos/modules/services/desktops/deepin/dde-daemon.nix +++ b/nixos/modules/services/desktops/deepin/dde-daemon.nix @@ -14,7 +14,7 @@ with lib; services.deepin.dde-daemon = { - enable = mkEnableOption (lib.mdDoc "Daemon for handling the deepin session settings"); + enable = mkEnableOption (lib.mdDoc "daemon for handling the deepin session settings"); }; diff --git a/nixos/modules/services/desktops/gnome/gnome-browser-connector.nix b/nixos/modules/services/desktops/gnome/gnome-browser-connector.nix index 9a45d839629b5..d18e303891e47 100644 --- a/nixos/modules/services/desktops/gnome/gnome-browser-connector.nix +++ b/nixos/modules/services/desktops/gnome/gnome-browser-connector.nix @@ -24,8 +24,8 @@ in options = { services.gnome.gnome-browser-connector.enable = mkEnableOption (mdDoc '' - Native host connector for the GNOME Shell browser extension, a DBus service - allowing to install GNOME Shell extensions from a web browser. + native host connector for the GNOME Shell browser extension, a DBus service + allowing to install GNOME Shell extensions from a web browser ''); }; diff --git a/nixos/modules/services/hardware/supergfxd.nix b/nixos/modules/services/hardware/supergfxd.nix index bd82775e82461..f7af993d7238c 100644 --- a/nixos/modules/services/hardware/supergfxd.nix +++ b/nixos/modules/services/hardware/supergfxd.nix @@ -7,7 +7,7 @@ in { options = { services.supergfxd = { - enable = lib.mkEnableOption (lib.mdDoc "Enable the supergfxd service"); + enable = lib.mkEnableOption (lib.mdDoc "the supergfxd service"); settings = lib.mkOption { type = lib.types.nullOr json.type; diff --git a/nixos/modules/services/hardware/tuxedo-rs.nix b/nixos/modules/services/hardware/tuxedo-rs.nix index 343f6845fabbd..0daccfef3a530 100644 --- a/nixos/modules/services/hardware/tuxedo-rs.nix +++ b/nixos/modules/services/hardware/tuxedo-rs.nix @@ -9,9 +9,9 @@ in { options = { hardware.tuxedo-rs = { - enable = mkEnableOption (lib.mdDoc "Rust utilities for interacting with hardware from TUXEDO Computers."); + enable = mkEnableOption (lib.mdDoc "Rust utilities for interacting with hardware from TUXEDO Computers"); - tailor-gui.enable = mkEnableOption (lib.mdDoc "Alternative to TUXEDO Control Center, written in Rust."); + tailor-gui.enable = mkEnableOption (lib.mdDoc "tailor-gui, an alternative to TUXEDO Control Center, written in Rust"); }; }; diff --git a/nixos/modules/services/mail/dovecot.nix b/nixos/modules/services/mail/dovecot.nix index 21bafd859c3c2..abbb2f32e6ccc 100644 --- a/nixos/modules/services/mail/dovecot.nix +++ b/nixos/modules/services/mail/dovecot.nix @@ -302,7 +302,7 @@ in enablePAM = mkEnableOption (lib.mdDoc "creating a own Dovecot PAM service and configure PAM user logins") // { default = true; }; - enableDHE = mkEnableOption (lib.mdDoc "enable ssl_dh and generation of primes for the key exchange") // { default = true; }; + enableDHE = mkEnableOption (lib.mdDoc "ssl_dh and generation of primes for the key exchange") // { default = true; }; sieveScripts = mkOption { type = types.attrsOf types.path; diff --git a/nixos/modules/services/mail/mailman.nix b/nixos/modules/services/mail/mailman.nix index 6a950ce255360..a7e8aee1f2a26 100644 --- a/nixos/modules/services/mail/mailman.nix +++ b/nixos/modules/services/mail/mailman.nix @@ -260,7 +260,7 @@ in { }; serve = { - enable = mkEnableOption (lib.mdDoc "Automatic nginx and uwsgi setup for mailman-web"); + enable = mkEnableOption (lib.mdDoc "automatic nginx and uwsgi setup for mailman-web"); virtualRoot = mkOption { default = "/"; diff --git a/nixos/modules/services/matrix/mjolnir.nix b/nixos/modules/services/matrix/mjolnir.nix index 0824be663340b..4e9a915c23c7b 100644 --- a/nixos/modules/services/matrix/mjolnir.nix +++ b/nixos/modules/services/matrix/mjolnir.nix @@ -96,8 +96,8 @@ in type = types.submodule { options = { enable = mkEnableOption (lib.mdDoc '' - If true, accessToken is ignored and the username/password below will be - used instead. The access token of the bot will be stored in the dataPath. + ignoring the accessToken. If true, accessToken is ignored and the username/password below will be + used instead. The access token of the bot will be stored in the dataPath ''); username = mkOption { diff --git a/nixos/modules/services/misc/klipper.nix b/nixos/modules/services/misc/klipper.nix index 67a217c994e45..9eb2fdb465932 100644 --- a/nixos/modules/services/misc/klipper.nix +++ b/nixos/modules/services/misc/klipper.nix @@ -111,11 +111,11 @@ in (submodule { options = { enable = mkEnableOption (lib.mdDoc '' - building of firmware for manual flashing. + building of firmware for manual flashing ''); enableKlipperFlash = mkEnableOption (lib.mdDoc '' flashings scripts for firmware. This will add `klipper-flash-$mcu` scripts to your environment which can be called to flash the firmware. - Please check the configs at [klipper](https://github.com/Klipper3d/klipper/tree/master/config) whether your board supports flashing via `make flash`. + Please check the configs at [klipper](https://github.com/Klipper3d/klipper/tree/master/config) whether your board supports flashing via `make flash` ''); serial = mkOption { type = types.nullOr path; diff --git a/nixos/modules/services/misc/packagekit.nix b/nixos/modules/services/misc/packagekit.nix index f3e6bf50e9b2f..5a0d314d25cd6 100644 --- a/nixos/modules/services/misc/packagekit.nix +++ b/nixos/modules/services/misc/packagekit.nix @@ -40,9 +40,9 @@ in options.services.packagekit = { enable = mkEnableOption (lib.mdDoc '' - PackageKit provides a cross-platform D-Bus abstraction layer for + PackageKit, a cross-platform D-Bus abstraction layer for installing software. Software utilizing PackageKit can install - software regardless of the package manager. + software regardless of the package manager ''); settings = mkOption { diff --git a/nixos/modules/services/misc/rshim.nix b/nixos/modules/services/misc/rshim.nix index 0fef2cc228c91..706cf9136b005 100644 --- a/nixos/modules/services/misc/rshim.nix +++ b/nixos/modules/services/misc/rshim.nix @@ -12,7 +12,7 @@ let in { options.services.rshim = { - enable = lib.mkEnableOption (lib.mdDoc "User-space rshim driver for the BlueField SoC"); + enable = lib.mkEnableOption (lib.mdDoc "user-space rshim driver for the BlueField SoC"); package = lib.mkPackageOptionMD pkgs "rshim-user-space" { }; diff --git a/nixos/modules/services/misc/sourcehut/default.nix b/nixos/modules/services/misc/sourcehut/default.nix index 580a009a0ad39..bee9716629722 100644 --- a/nixos/modules/services/misc/sourcehut/default.nix +++ b/nixos/modules/services/misc/sourcehut/default.nix @@ -438,7 +438,7 @@ in }; options."lists.sr.ht" = commonServiceSettings "lists" // { - allow-new-lists = mkEnableOption (lib.mdDoc "Allow creation of new lists"); + allow-new-lists = mkEnableOption (lib.mdDoc "creation of new lists"); notify-from = mkOption { description = lib.mdDoc "Outgoing email for notifications generated by users."; type = types.str; diff --git a/nixos/modules/services/misc/tp-auto-kbbl.nix b/nixos/modules/services/misc/tp-auto-kbbl.nix index 8d92d3d936773..1076c814e86cd 100644 --- a/nixos/modules/services/misc/tp-auto-kbbl.nix +++ b/nixos/modules/services/misc/tp-auto-kbbl.nix @@ -9,7 +9,7 @@ in { options = { services.tp-auto-kbbl = { - enable = mkEnableOption (lib.mdDoc "Auto toggle keyboard back-lighting on Thinkpads (and maybe other laptops) for Linux"); + enable = mkEnableOption (lib.mdDoc "auto toggle keyboard back-lighting on Thinkpads (and maybe other laptops) for Linux"); package = mkOption { type = types.package; diff --git a/nixos/modules/services/misc/zoneminder.nix b/nixos/modules/services/misc/zoneminder.nix index b2e4e760d8287..fca03b2ad4e10 100644 --- a/nixos/modules/services/misc/zoneminder.nix +++ b/nixos/modules/services/misc/zoneminder.nix @@ -67,14 +67,14 @@ in { options = { services.zoneminder = with lib; { enable = lib.mkEnableOption (lib.mdDoc '' - ZoneMinder + ZoneMinder. If you intend to run the database locally, you should set `config.services.zoneminder.database.createLocally` to true. Otherwise, when set to `false` (the default), you will have to create the database and database user as well as populate the database yourself. Additionally, you will need to run `zmupdate.pl` yourself when - upgrading to a newer version. + upgrading to a newer version ''); webserver = mkOption { diff --git a/nixos/modules/services/monitoring/mackerel-agent.nix b/nixos/modules/services/monitoring/mackerel-agent.nix index 67dc1bc19edd8..62a7858500f24 100644 --- a/nixos/modules/services/monitoring/mackerel-agent.nix +++ b/nixos/modules/services/monitoring/mackerel-agent.nix @@ -11,10 +11,10 @@ in { # the upstream package runs as root, but doesn't seem to be strictly # necessary for basic functionality - runAsRoot = mkEnableOption (lib.mdDoc "Whether to run as root"); + runAsRoot = mkEnableOption (lib.mdDoc "running as root"); autoRetirement = mkEnableOption (lib.mdDoc '' - Whether to automatically retire the host upon OS shutdown. + retiring the host upon OS shutdown ''); apiKeyFile = mkOption { @@ -59,7 +59,7 @@ in { }; options.diagnostic = - mkEnableOption (lib.mdDoc "Collect memory usage for the agent itself"); + mkEnableOption (lib.mdDoc "collecting memory usage for the agent itself"); }; }; }; diff --git a/nixos/modules/services/monitoring/prometheus/exporters/wireguard.nix b/nixos/modules/services/monitoring/prometheus/exporters/wireguard.nix index c98dcd9f64bfb..9b7590314936e 100644 --- a/nixos/modules/services/monitoring/prometheus/exporters/wireguard.nix +++ b/nixos/modules/services/monitoring/prometheus/exporters/wireguard.nix @@ -11,7 +11,7 @@ in { ({ options.warnings = options.warnings; options.assertions = options.assertions; }) ]; extraOpts = { - verbose = mkEnableOption (lib.mdDoc "Verbose logging mode for prometheus-wireguard-exporter"); + verbose = mkEnableOption (lib.mdDoc "verbose logging mode for prometheus-wireguard-exporter"); wireguardConfig = mkOption { type = with types; nullOr (either path str); diff --git a/nixos/modules/services/network-filesystems/openafs/server.nix b/nixos/modules/services/network-filesystems/openafs/server.nix index ad0fd7835670d..fbaa7cfc19293 100644 --- a/nixos/modules/services/network-filesystems/openafs/server.nix +++ b/nixos/modules/services/network-filesystems/openafs/server.nix @@ -177,13 +177,13 @@ in { backup = { enable = mkEnableOption (lib.mdDoc '' - Backup server role. When using OpenAFS built-in buserver, use in conjunction with the + the backup server role. When using OpenAFS built-in buserver, use in conjunction with the `database` role to maintain the Backup Database. Normally only used in conjunction with tape storage or IBM's Tivoli Storage Manager. For a modern backup server, enable this role and see - {option}`enableFabs`. + {option}`enableFabs` ''); enableFabs = mkEnableOption (lib.mdDoc '' diff --git a/nixos/modules/services/networking/create_ap.nix b/nixos/modules/services/networking/create_ap.nix index e772cf21ec573..994aa6d36d2ae 100644 --- a/nixos/modules/services/networking/create_ap.nix +++ b/nixos/modules/services/networking/create_ap.nix @@ -8,7 +8,7 @@ let in { options = { services.create_ap = { - enable = mkEnableOption (lib.mdDoc "setup wifi hotspots using create_ap"); + enable = mkEnableOption (lib.mdDoc "setting up wifi hotspots using create_ap"); settings = mkOption { type = with types; attrsOf (oneOf [ int bool str ]); default = {}; diff --git a/nixos/modules/services/networking/dae.nix b/nixos/modules/services/networking/dae.nix index 3c7f386d2d482..cf3fead19be58 100644 --- a/nixos/modules/services/networking/dae.nix +++ b/nixos/modules/services/networking/dae.nix @@ -14,7 +14,7 @@ in options = { services.dae = with lib;{ enable = mkEnableOption - (mdDoc "A Linux high-performance transparent proxy solution based on eBPF"); + (mdDoc "dae, a Linux high-performance transparent proxy solution based on eBPF"); package = mkPackageOptionMD pkgs "dae" { }; @@ -46,7 +46,7 @@ in openFirewall = mkOption { type = with types; submodule { options = { - enable = mkEnableOption "enable"; + enable = mkEnableOption (mdDoc "opening {option}`port` in the firewall"); port = mkOption { type = types.port; description = '' @@ -91,7 +91,7 @@ in }; disableTxChecksumIpGeneric = - mkEnableOption (mdDoc "See <https://github.com/daeuniverse/dae/issues/43>"); + mkEnableOption "" // { description = mdDoc "See <https://github.com/daeuniverse/dae/issues/43>"; }; }; }; diff --git a/nixos/modules/services/networking/deconz.nix b/nixos/modules/services/networking/deconz.nix index 1fe103733212f..05b7247087771 100644 --- a/nixos/modules/services/networking/deconz.nix +++ b/nixos/modules/services/networking/deconz.nix @@ -54,13 +54,13 @@ in description = "TCP port for the WebSocket."; }; - openFirewall = lib.mkEnableOption "open up the service ports in the firewall"; + openFirewall = lib.mkEnableOption "opening up the service ports in the firewall"; - allowRebootSystem = lib.mkEnableOption "allow rebooting the system"; + allowRebootSystem = lib.mkEnableOption "rebooting the system"; - allowRestartService = lib.mkEnableOption "allow killing/restarting processes"; + allowRestartService = lib.mkEnableOption "killing/restarting processes"; - allowSetSystemTime = lib.mkEnableOption "allow setting the system time"; + allowSetSystemTime = lib.mkEnableOption "setting the system time"; extraArgs = lib.mkOption { type = lib.types.listOf lib.types.str; diff --git a/nixos/modules/services/networking/go-neb.nix b/nixos/modules/services/networking/go-neb.nix index b65bb5f548ee8..78d24ecf17d98 100644 --- a/nixos/modules/services/networking/go-neb.nix +++ b/nixos/modules/services/networking/go-neb.nix @@ -9,7 +9,7 @@ let configFile = settingsFormat.generate "config.yaml" cfg.config; in { options.services.go-neb = { - enable = mkEnableOption (lib.mdDoc "Extensible matrix bot written in Go"); + enable = mkEnableOption (lib.mdDoc "an extensible matrix bot written in Go"); bindAddress = mkOption { type = types.str; diff --git a/nixos/modules/services/networking/hostapd.nix b/nixos/modules/services/networking/hostapd.nix index 4ec066c2ec970..ffb1544630531 100644 --- a/nixos/modules/services/networking/hostapd.nix +++ b/nixos/modules/services/networking/hostapd.nix @@ -116,10 +116,10 @@ in { options = { services.hostapd = { enable = mkEnableOption (mdDoc '' - Whether to enable hostapd. hostapd is a user space daemon for access point and + hostapd, a user space daemon for access point and authentication servers. It implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP Authenticators, RADIUS client, EAP server, and RADIUS - authentication server. + authentication server ''); package = mkPackageOption pkgs "hostapd" {}; diff --git a/nixos/modules/services/networking/hylafax/options.nix b/nixos/modules/services/networking/hylafax/options.nix index 82c144236f3b8..49b2bef90a5fe 100644 --- a/nixos/modules/services/networking/hylafax/options.nix +++ b/nixos/modules/services/networking/hylafax/options.nix @@ -272,18 +272,18 @@ in }; faxcron.enable.spoolInit = mkEnableOption (lib.mdDoc '' - Purge old files from the spooling area with + purging old files from the spooling area with {file}`faxcron` - each time the spooling area is initialized. + each time the spooling area is initialized ''); faxcron.enable.frequency = mkOption { type = nullOr nonEmptyStr; default = null; example = "daily"; description = lib.mdDoc '' - Purge old files from the spooling area with + purging old files from the spooling area with {file}`faxcron` with the given frequency - (see systemd.time(7)). + (see systemd.time(7)) ''; }; faxcron.infoDays = mkOption { diff --git a/nixos/modules/services/networking/i2pd.nix b/nixos/modules/services/networking/i2pd.nix index c940324ad0964..f872daf05b8f0 100644 --- a/nixos/modules/services/networking/i2pd.nix +++ b/nixos/modules/services/networking/i2pd.nix @@ -265,7 +265,7 @@ in ''; }; - logCLFTime = mkEnableOption (lib.mdDoc "Full CLF-formatted date and time to log"); + logCLFTime = mkEnableOption (lib.mdDoc "full CLF-formatted date and time to log"); address = mkOption { type = with types; nullOr str; @@ -456,7 +456,7 @@ in ''; }; - trust.enable = mkEnableOption (lib.mdDoc "Explicit trust options"); + trust.enable = mkEnableOption (lib.mdDoc "explicit trust options"); trust.family = mkOption { type = with types; nullOr str; @@ -474,7 +474,7 @@ in ''; }; - trust.hidden = mkEnableOption (lib.mdDoc "Router concealment"); + trust.hidden = mkEnableOption (lib.mdDoc "router concealment"); websocket = mkEndpointOpt "websockets" "127.0.0.1" 7666; @@ -552,7 +552,7 @@ in proto.http = (mkEndpointOpt "http" "127.0.0.1" 7070) // { - auth = mkEnableOption (lib.mdDoc "Webconsole authentication"); + auth = mkEnableOption (lib.mdDoc "webconsole authentication"); user = mkOption { type = types.str; diff --git a/nixos/modules/services/networking/iscsi/initiator.nix b/nixos/modules/services/networking/iscsi/initiator.nix index d2865a660ead0..9c71a988f29cc 100644 --- a/nixos/modules/services/networking/iscsi/initiator.nix +++ b/nixos/modules/services/networking/iscsi/initiator.nix @@ -7,7 +7,7 @@ in enable = mkEnableOption (lib.mdDoc "the openiscsi iscsi daemon"); enableAutoLoginOut = mkEnableOption (lib.mdDoc '' automatic login and logout of all automatic targets. - You probably do not want this. + You probably do not want this ''); discoverPortal = mkOption { type = nullOr str; diff --git a/nixos/modules/services/networking/nar-serve.nix b/nixos/modules/services/networking/nar-serve.nix index beee53c8a2425..b8b76120e44f6 100644 --- a/nixos/modules/services/networking/nar-serve.nix +++ b/nixos/modules/services/networking/nar-serve.nix @@ -10,7 +10,7 @@ in }; options = { services.nar-serve = { - enable = mkEnableOption (lib.mdDoc "Serve NAR file contents via HTTP"); + enable = mkEnableOption (lib.mdDoc "serving NAR file contents via HTTP"); port = mkOption { type = types.port; diff --git a/nixos/modules/services/networking/nftables.nix b/nixos/modules/services/networking/nftables.nix index a0afdb4527528..424d005dc0b5e 100644 --- a/nixos/modules/services/networking/nftables.nix +++ b/nixos/modules/services/networking/nftables.nix @@ -103,7 +103,7 @@ in ''; }; - networking.nftables.flushRuleset = mkEnableOption (lib.mdDoc "Flush the entire ruleset on each reload."); + networking.nftables.flushRuleset = mkEnableOption (lib.mdDoc "flushing the entire ruleset on each reload"); networking.nftables.extraDeletions = mkOption { type = types.lines; diff --git a/nixos/modules/services/networking/snowflake-proxy.nix b/nixos/modules/services/networking/snowflake-proxy.nix index ca015ed9d44bc..19b68f1e20ba6 100644 --- a/nixos/modules/services/networking/snowflake-proxy.nix +++ b/nixos/modules/services/networking/snowflake-proxy.nix @@ -8,7 +8,7 @@ in { options = { services.snowflake-proxy = { - enable = mkEnableOption (lib.mdDoc "System to defeat internet censorship"); + enable = mkEnableOption (lib.mdDoc "snowflake-proxy, a system to defeat internet censorship"); broker = mkOption { description = lib.mdDoc "Broker URL (default \"https://snowflake-broker.torproject.net/\")"; diff --git a/nixos/modules/services/networking/yggdrasil.nix b/nixos/modules/services/networking/yggdrasil.nix index 8335583d2dadc..56d81fb040137 100644 --- a/nixos/modules/services/networking/yggdrasil.nix +++ b/nixos/modules/services/networking/yggdrasil.nix @@ -116,9 +116,9 @@ in }; persistentKeys = mkEnableOption (lib.mdDoc '' - If enabled then keys will be generated once and Yggdrasil + persistent keys. If enabled then keys will be generated once and Yggdrasil will retain the same IPv6 address when the service is - restarted. Keys are stored at ${keysPath}. + restarted. Keys are stored at ${keysPath} ''); extraArgs = mkOption { diff --git a/nixos/modules/services/system/earlyoom.nix b/nixos/modules/services/system/earlyoom.nix index 3f501d4534603..38805eba2ca10 100644 --- a/nixos/modules/services/system/earlyoom.nix +++ b/nixos/modules/services/system/earlyoom.nix @@ -11,7 +11,7 @@ let in { options.services.earlyoom = { - enable = mkEnableOption (lib.mdDoc "Early out of memory killing"); + enable = mkEnableOption (lib.mdDoc "early out of memory killing"); freeMemThreshold = mkOption { type = types.ints.between 1 100; diff --git a/nixos/modules/services/system/systembus-notify.nix b/nixos/modules/services/system/systembus-notify.nix index 269197b3997e3..f79879fa13606 100644 --- a/nixos/modules/services/system/systembus-notify.nix +++ b/nixos/modules/services/system/systembus-notify.nix @@ -13,7 +13,7 @@ in WARNING: enabling this option (while convenient) should *not* be done on a machine where you do not trust the other users as it allows any other - local user to DoS your session by spamming notifications. + local user to DoS your session by spamming notifications ''); }; diff --git a/nixos/modules/services/torrent/flexget.nix b/nixos/modules/services/torrent/flexget.nix index 1b971838b32e0..5cd7ae6ad7db3 100644 --- a/nixos/modules/services/torrent/flexget.nix +++ b/nixos/modules/services/torrent/flexget.nix @@ -14,7 +14,7 @@ let in { options = { services.flexget = { - enable = mkEnableOption (lib.mdDoc "Run FlexGet Daemon"); + enable = mkEnableOption (lib.mdDoc "FlexGet daemon"); package = mkPackageOptionMD pkgs "flexget" {}; diff --git a/nixos/modules/services/video/mediamtx.nix b/nixos/modules/services/video/mediamtx.nix index c3abd9cdcc5cb..50f8e8810278b 100644 --- a/nixos/modules/services/video/mediamtx.nix +++ b/nixos/modules/services/video/mediamtx.nix @@ -40,7 +40,7 @@ in }; allowVideoAccess = lib.mkEnableOption (lib.mdDoc '' - Enable access to video devices like cameras on the system. + access to video devices like cameras on the system ''); }; }; diff --git a/nixos/modules/services/web-apps/cloudlog.nix b/nixos/modules/services/web-apps/cloudlog.nix index da2cf93d7f1c8..5519d6967a128 100644 --- a/nixos/modules/services/web-apps/cloudlog.nix +++ b/nixos/modules/services/web-apps/cloudlog.nix @@ -69,7 +69,7 @@ let in { options.services.cloudlog = with types; { - enable = mkEnableOption (mdDoc "Whether to enable Cloudlog"); + enable = mkEnableOption (mdDoc "Cloudlog"); dataDir = mkOption { type = str; default = "/var/lib/cloudlog"; diff --git a/nixos/modules/services/web-apps/hedgedoc.nix b/nixos/modules/services/web-apps/hedgedoc.nix index bfa5fd5aff25f..1a66f077b09d7 100644 --- a/nixos/modules/services/web-apps/hedgedoc.nix +++ b/nixos/modules/services/web-apps/hedgedoc.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: let - inherit (lib) literalExpression mdDoc mkEnableOption mkIf mkOption mkPackageOptionMD mkRenamedOptionModule types versionAtLeast; + inherit (lib) mkOption types mdDoc literalExpression; cfg = config.services.hedgedoc; @@ -9,990 +9,189 @@ let # versionAtLeast statement remains set to 21.03 for backwards compatibility. # See https://github.com/NixOS/nixpkgs/pull/108899 and # https://github.com/NixOS/rfcs/blob/master/rfcs/0080-nixos-release-schedule.md. - name = if versionAtLeast config.system.stateVersion "21.03" - then "hedgedoc" - else "codimd"; + name = if lib.versionAtLeast config.system.stateVersion "21.03" then + "hedgedoc" + else + "codimd"; - settingsFormat = pkgs.formats.json {}; - - prettyJSON = conf: - pkgs.runCommandLocal "hedgedoc-config.json" { - nativeBuildInputs = [ pkgs.jq ]; - } '' - jq '{production:del(.[]|nulls)|del(.[][]?|nulls)}' \ - < ${settingsFormat.generate "hedgedoc-ugly.json" cfg.settings} \ - > $out - ''; + settingsFormat = pkgs.formats.json { }; in { + meta.maintainers = with lib.maintainers; [ SuperSandro2000 h7x4 ]; + imports = [ - (mkRenamedOptionModule [ "services" "codimd" ] [ "services" "hedgedoc" ]) - (mkRenamedOptionModule - [ "services" "hedgedoc" "configuration" ] [ "services" "hedgedoc" "settings" ]) + (lib.mkRenamedOptionModule [ "services" "codimd" ] [ "services" "hedgedoc" ]) + (lib.mkRenamedOptionModule [ "services" "hedgedoc" "configuration" ] [ "services" "hedgedoc" "settings" ]) + (lib.mkRenamedOptionModule [ "services" "hedgedoc" "groups" ] [ "users" "users" "hedgedoc" "extraGroups" ]) + (lib.mkRemovedOptionModule [ "services" "hedgedoc" "workDir" ] '' + This option has been removed in favor of systemd managing the state directory. + + If you have set this option without specifying `services.settings.uploadsDir`, + please move these files to `/var/lib/hedgedoc/uploads`, or set the option to point + at the correct location. + '') ]; options.services.hedgedoc = { - package = mkPackageOptionMD pkgs "hedgedoc" { }; - enable = mkEnableOption (lib.mdDoc "the HedgeDoc Markdown Editor"); + package = lib.mkPackageOptionMD pkgs "hedgedoc" { }; + enable = lib.mkEnableOption (mdDoc "the HedgeDoc Markdown Editor"); - groups = mkOption { - type = types.listOf types.str; - default = []; - description = lib.mdDoc '' - Groups to which the service user should be added. - ''; - }; - - workDir = mkOption { - type = types.path; - default = "/var/lib/${name}"; - description = lib.mdDoc '' - Working directory for the HedgeDoc service. - ''; - }; + settings = mkOption { + type = types.submodule { + freeformType = settingsFormat.type; + options = { + domain = mkOption { + type = with types; nullOr str; + default = null; + example = "hedgedoc.org"; + description = mdDoc '' + Domain to use for website. - settings = let options = { - debug = mkEnableOption (lib.mdDoc "debug mode"); - domain = mkOption { - type = types.nullOr types.str; - default = null; - example = "hedgedoc.org"; - description = lib.mdDoc '' - Domain name for the HedgeDoc instance. - ''; - }; - urlPath = mkOption { - type = types.nullOr types.str; - default = null; - example = "/url/path/to/hedgedoc"; - description = lib.mdDoc '' - Path under which HedgeDoc is accessible. - ''; - }; - host = mkOption { - type = types.str; - default = "localhost"; - description = lib.mdDoc '' - Address to listen on. - ''; - }; - port = mkOption { - type = types.port; - default = 3000; - example = 80; - description = lib.mdDoc '' - Port to listen on. - ''; - }; - path = mkOption { - type = types.nullOr types.str; - default = null; - example = "/run/hedgedoc.sock"; - description = lib.mdDoc '' - Specify where a UNIX domain socket should be placed. - ''; - }; - allowOrigin = mkOption { - type = types.listOf types.str; - default = []; - example = [ "localhost" "hedgedoc.org" ]; - description = lib.mdDoc '' - List of domains to whitelist. - ''; - }; - useSSL = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Enable to use SSL server. This will also enable - {option}`protocolUseSSL`. - ''; - }; - enableStatsApi = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Enables or disables the /status and /metrics endpoint. - ''; - }; - hsts = { - enable = mkOption { - type = types.bool; - default = true; - description = lib.mdDoc '' - Whether to enable HSTS if HTTPS is also enabled. - ''; - }; - maxAgeSeconds = mkOption { - type = types.int; - default = 31536000; - description = lib.mdDoc '' - Max duration for clients to keep the HSTS status. - ''; - }; - includeSubdomains = mkOption { - type = types.bool; - default = true; - description = lib.mdDoc '' - Whether to include subdomains in HSTS. - ''; - }; - preload = mkOption { - type = types.bool; - default = true; - description = lib.mdDoc '' - Whether to allow preloading of the site's HSTS status. - ''; - }; - }; - csp = mkOption { - type = types.nullOr types.attrs; - default = null; - example = literalExpression '' - { - enable = true; - directives = { - scriptSrc = "trustworthy.scripts.example.com"; - }; - upgradeInsecureRequest = "auto"; - addDefaults = true; - } - ''; - description = lib.mdDoc '' - Specify the Content Security Policy which is passed to Helmet. - For configuration details see <https://helmetjs.github.io/docs/csp/>. - ''; - }; - protocolUseSSL = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Enable to use TLS for resource paths. - This only applies when {option}`domain` is set. - ''; - }; - urlAddPort = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Enable to add the port to callback URLs. - This only applies when {option}`domain` is set - and only for ports other than 80 and 443. - ''; - }; - useCDN = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Whether to use CDN resources or not. - ''; - }; - allowAnonymous = mkOption { - type = types.bool; - default = true; - description = lib.mdDoc '' - Whether to allow anonymous usage. - ''; - }; - allowAnonymousEdits = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Whether to allow guests to edit existing notes with the `freely` permission, - when {option}`allowAnonymous` is enabled. - ''; - }; - allowFreeURL = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Whether to allow note creation by accessing a nonexistent note URL. - ''; - }; - requireFreeURLAuthentication = mkOption { - type = types.bool; - default = false; - description = lib.mdDoc '' - Whether to require authentication for FreeURL mode style note creation. - ''; - }; - defaultPermission = mkOption { - type = types.enum [ "freely" "editable" "limited" "locked" "private" ]; - default = "editable"; - description = lib.mdDoc '' - Default permissions for notes. - This only applies for signed-in users. - ''; - }; - dbURL = mkOption { - type = types.nullOr types.str; - default = null; - example = '' - postgres://user:pass@host:5432/dbname - ''; - description = lib.mdDoc '' - Specify which database to use. - HedgeDoc supports mysql, postgres, sqlite and mssql. - See [ - https://sequelize.readthedocs.io/en/v3/](https://sequelize.readthedocs.io/en/v3/) for more information. - Note: This option overrides {option}`db`. - ''; - }; - db = mkOption { - type = types.attrs; - default = {}; - example = literalExpression '' - { - dialect = "sqlite"; - storage = "/var/lib/${name}/db.${name}.sqlite"; - } - ''; - description = lib.mdDoc '' - Specify the configuration for sequelize. - HedgeDoc supports mysql, postgres, sqlite and mssql. - See [ - https://sequelize.readthedocs.io/en/v3/](https://sequelize.readthedocs.io/en/v3/) for more information. - Note: This option overrides {option}`db`. - ''; - }; - sslKeyPath= mkOption { - type = types.nullOr types.str; - default = null; - example = "/var/lib/hedgedoc/hedgedoc.key"; - description = lib.mdDoc '' - Path to the SSL key. Needed when {option}`useSSL` is enabled. - ''; - }; - sslCertPath = mkOption { - type = types.nullOr types.str; - default = null; - example = "/var/lib/hedgedoc/hedgedoc.crt"; - description = lib.mdDoc '' - Path to the SSL cert. Needed when {option}`useSSL` is enabled. - ''; - }; - sslCAPath = mkOption { - type = types.listOf types.str; - default = []; - example = [ "/var/lib/hedgedoc/ca.crt" ]; - description = lib.mdDoc '' - SSL ca chain. Needed when {option}`useSSL` is enabled. - ''; - }; - dhParamPath = mkOption { - type = types.nullOr types.str; - default = null; - example = "/var/lib/hedgedoc/dhparam.pem"; - description = lib.mdDoc '' - Path to the SSL dh params. Needed when {option}`useSSL` is enabled. - ''; - }; - tmpPath = mkOption { - type = types.str; - default = "/tmp"; - description = lib.mdDoc '' - Path to the temp directory HedgeDoc should use. - Note that {option}`serviceConfig.PrivateTmp` is enabled for - the HedgeDoc systemd service by default. - (Non-canonical paths are relative to HedgeDoc's base directory) - ''; - }; - defaultNotePath = mkOption { - type = types.nullOr types.str; - default = "${cfg.package}/public/default.md"; - defaultText = literalExpression "\"\${cfg.package}/public/default.md\""; - description = lib.mdDoc '' - Path to the default Note file. - (Non-canonical paths are relative to HedgeDoc's base directory) - ''; - }; - docsPath = mkOption { - type = types.nullOr types.str; - default = "${cfg.package}/public/docs"; - defaultText = literalExpression "\"\${cfg.package}/public/docs\""; - description = lib.mdDoc '' - Path to the docs directory. - (Non-canonical paths are relative to HedgeDoc's base directory) - ''; - }; - indexPath = mkOption { - type = types.nullOr types.str; - default = "${cfg.package}/public/views/index.ejs"; - defaultText = literalExpression "\"\${cfg.package}/public/views/index.ejs\""; - description = lib.mdDoc '' - Path to the index template file. - (Non-canonical paths are relative to HedgeDoc's base directory) - ''; - }; - hackmdPath = mkOption { - type = types.nullOr types.str; - default = "${cfg.package}/public/views/hackmd.ejs"; - defaultText = literalExpression "\"\${cfg.package}/public/views/hackmd.ejs\""; - description = lib.mdDoc '' - Path to the hackmd template file. - (Non-canonical paths are relative to HedgeDoc's base directory) - ''; - }; - errorPath = mkOption { - type = types.nullOr types.str; - default = "${cfg.package}/public/views/error.ejs"; - defaultText = literalExpression "\"\${cfg.package}/public/views/error.ejs\""; - description = lib.mdDoc '' - Path to the error template file. - (Non-canonical paths are relative to HedgeDoc's base directory) - ''; - }; - prettyPath = mkOption { - type = types.nullOr types.str; - default = "${cfg.package}/public/views/pretty.ejs"; - defaultText = literalExpression "\"\${cfg.package}/public/views/pretty.ejs\""; - description = lib.mdDoc '' - Path to the pretty template file. - (Non-canonical paths are relative to HedgeDoc's base directory) - ''; - }; - slidePath = mkOption { - type = types.nullOr types.str; - default = "${cfg.package}/public/views/slide.hbs"; - defaultText = literalExpression "\"\${cfg.package}/public/views/slide.hbs\""; - description = lib.mdDoc '' - Path to the slide template file. - (Non-canonical paths are relative to HedgeDoc's base directory) - ''; - }; - uploadsPath = mkOption { - type = types.str; - default = "${cfg.workDir}/uploads"; - defaultText = literalExpression "\"\${cfg.workDir}/uploads\""; - description = lib.mdDoc '' - Path under which uploaded files are saved. - ''; - }; - sessionName = mkOption { - type = types.str; - default = "connect.sid"; - description = lib.mdDoc '' - Specify the name of the session cookie. - ''; - }; - sessionSecret = mkOption { - type = types.nullOr types.str; - default = null; - description = lib.mdDoc '' - Specify the secret used to sign the session cookie. - If unset, one will be generated on startup. - ''; - }; - sessionLife = mkOption { - type = types.int; - default = 1209600000; - description = lib.mdDoc '' - Session life time in milliseconds. - ''; - }; - heartbeatInterval = mkOption { - type = types.int; - default = 5000; - description = lib.mdDoc '' - Specify the socket.io heartbeat interval. - ''; - }; - heartbeatTimeout = mkOption { - type = types.int; - default = 10000; - description = lib.mdDoc '' - Specify the socket.io heartbeat timeout. - ''; - }; - documentMaxLength = mkOption { - type = types.int; - default = 100000; - description = lib.mdDoc '' - Specify the maximum document length. - ''; - }; - email = mkOption { - type = types.bool; - default = true; - description = lib.mdDoc '' - Whether to enable email sign-in. - ''; - }; - allowEmailRegister = mkOption { - type = types.bool; - default = true; - description = lib.mdDoc '' - Whether to enable email registration. - ''; - }; - allowGravatar = mkOption { - type = types.bool; - default = true; - description = lib.mdDoc '' - Whether to use gravatar as profile picture source. - ''; - }; - imageUploadType = mkOption { - type = types.enum [ "imgur" "s3" "minio" "filesystem" ]; - default = "filesystem"; - description = lib.mdDoc '' - Specify where to upload images. - ''; - }; - minio = mkOption { - type = types.nullOr (types.submodule { - options = { - accessKey = mkOption { - type = types.str; - description = lib.mdDoc '' - Minio access key. - ''; - }; - secretKey = mkOption { - type = types.str; - description = lib.mdDoc '' - Minio secret key. - ''; - }; - endPoint = mkOption { - type = types.str; - description = lib.mdDoc '' - Minio endpoint. - ''; - }; - port = mkOption { - type = types.port; - default = 9000; - description = lib.mdDoc '' - Minio listen port. - ''; - }; - secure = mkOption { - type = types.bool; - default = true; - description = lib.mdDoc '' - Whether to use HTTPS for Minio. - ''; - }; + This is useful if you are trying to run hedgedoc behind + a reverse proxy. + ''; }; - }); - default = null; - description = lib.mdDoc "Configure the minio third-party integration."; - }; - s3 = mkOption { - type = types.nullOr (types.submodule { - options = { - accessKeyId = mkOption { - type = types.str; - description = lib.mdDoc '' - AWS access key id. - ''; - }; - secretAccessKey = mkOption { - type = types.str; - description = lib.mdDoc '' - AWS access key. - ''; - }; - region = mkOption { - type = types.str; - description = lib.mdDoc '' - AWS S3 region. - ''; - }; - }; - }); - default = null; - description = lib.mdDoc "Configure the s3 third-party integration."; - }; - s3bucket = mkOption { - type = types.nullOr types.str; - default = null; - description = lib.mdDoc '' - Specify the bucket name for upload types `s3` and `minio`. - ''; - }; - allowPDFExport = mkOption { - type = types.bool; - default = true; - description = lib.mdDoc '' - Whether to enable PDF exports. - ''; - }; - imgur.clientId = mkOption { - type = types.nullOr types.str; - default = null; - description = lib.mdDoc '' - Imgur API client ID. - ''; - }; - azure = mkOption { - type = types.nullOr (types.submodule { - options = { - connectionString = mkOption { - type = types.str; - description = lib.mdDoc '' - Azure Blob Storage connection string. - ''; - }; - container = mkOption { - type = types.str; - description = lib.mdDoc '' - Azure Blob Storage container name. - It will be created if non-existent. - ''; - }; - }; - }); - default = null; - description = lib.mdDoc "Configure the azure third-party integration."; - }; - oauth2 = mkOption { - type = types.nullOr (types.submodule { - options = { - authorizationURL = mkOption { - type = types.str; - description = lib.mdDoc '' - Specify the OAuth authorization URL. - ''; - }; - tokenURL = mkOption { - type = types.str; - description = lib.mdDoc '' - Specify the OAuth token URL. - ''; - }; - baseURL = mkOption { - type = with types; nullOr str; - default = null; - description = lib.mdDoc '' - Specify the OAuth base URL. - ''; - }; - userProfileURL = mkOption { - type = with types; nullOr str; - default = null; - description = lib.mdDoc '' - Specify the OAuth userprofile URL. - ''; - }; - userProfileUsernameAttr = mkOption { - type = with types; nullOr str; - default = null; - description = lib.mdDoc '' - Specify the name of the attribute for the username from the claim. - ''; - }; - userProfileDisplayNameAttr = mkOption { - type = with types; nullOr str; - default = null; - description = lib.mdDoc '' - Specify the name of the attribute for the display name from the claim. - ''; - }; - userProfileEmailAttr = mkOption { - type = with types; nullOr str; - default = null; - description = lib.mdDoc '' - Specify the name of the attribute for the email from the claim. - ''; - }; - scope = mkOption { - type = with types; nullOr str; - default = null; - description = lib.mdDoc '' - Specify the OAuth scope. - ''; - }; - providerName = mkOption { - type = with types; nullOr str; - default = null; - description = lib.mdDoc '' - Specify the name to be displayed for this strategy. - ''; - }; - rolesClaim = mkOption { - type = with types; nullOr str; - default = null; - description = lib.mdDoc '' - Specify the role claim name. - ''; - }; - accessRole = mkOption { - type = with types; nullOr str; - default = null; - description = lib.mdDoc '' - Specify role which should be included in the ID token roles claim to grant access - ''; - }; - clientID = mkOption { - type = types.str; - description = lib.mdDoc '' - Specify the OAuth client ID. - ''; - }; - clientSecret = mkOption { - type = with types; nullOr str; - default = null; - description = lib.mdDoc '' - Specify the OAuth client secret. - ''; - }; + urlPath = mkOption { + type = with types; nullOr str; + default = null; + example = "hedgedoc"; + description = mdDoc '' + URL path for the website. + + This is useful if you are hosting hedgedoc on a path like + `www.example.com/hedgedoc` + ''; }; - }); - default = null; - description = lib.mdDoc "Configure the OAuth integration."; - }; - facebook = mkOption { - type = types.nullOr (types.submodule { - options = { - clientID = mkOption { - type = types.str; - description = lib.mdDoc '' - Facebook API client ID. - ''; - }; - clientSecret = mkOption { - type = types.str; - description = lib.mdDoc '' - Facebook API client secret. - ''; - }; + host = mkOption { + type = with types; nullOr str; + default = "localhost"; + description = mdDoc '' + Address to listen on. + ''; }; - }); - default = null; - description = lib.mdDoc "Configure the facebook third-party integration"; - }; - twitter = mkOption { - type = types.nullOr (types.submodule { - options = { - consumerKey = mkOption { - type = types.str; - description = lib.mdDoc '' - Twitter API consumer key. - ''; - }; - consumerSecret = mkOption { - type = types.str; - description = lib.mdDoc '' - Twitter API consumer secret. - ''; - }; + port = mkOption { + type = types.port; + default = 3000; + example = 80; + description = mdDoc '' + Port to listen on. + ''; }; - }); - default = null; - description = lib.mdDoc "Configure the Twitter third-party integration."; - }; - github = mkOption { - type = types.nullOr (types.submodule { - options = { - clientID = mkOption { - type = types.str; - description = lib.mdDoc '' - GitHub API client ID. - ''; - }; - clientSecret = mkOption { - type = types.str; - description = lib.mdDoc '' - Github API client secret. - ''; - }; + path = mkOption { + type = with types; nullOr path; + default = null; + example = "/run/hedgedoc/hedgedoc.sock"; + description = mdDoc '' + Path to UNIX domain socket to listen on + + ::: {.note} + If specified, {option}`host` and {option}`port` will be ignored. + ::: + ''; }; - }); - default = null; - description = lib.mdDoc "Configure the GitHub third-party integration."; - }; - gitlab = mkOption { - type = types.nullOr (types.submodule { - options = { - baseURL = mkOption { - type = types.str; - default = ""; - description = lib.mdDoc '' - GitLab API authentication endpoint. - Only needed for other endpoints than gitlab.com. - ''; - }; - clientID = mkOption { - type = types.str; - description = lib.mdDoc '' - GitLab API client ID. - ''; - }; - clientSecret = mkOption { - type = types.str; - description = lib.mdDoc '' - GitLab API client secret. - ''; - }; - scope = mkOption { - type = types.enum [ "api" "read_user" ]; - default = "api"; - description = lib.mdDoc '' - GitLab API requested scope. - GitLab snippet import/export requires api scope. - ''; - }; + protocolUseSSL = mkOption { + type = types.bool; + default = false; + example = true; + description = mdDoc '' + Use `https://` for all links. + + This is useful if you are trying to run hedgedoc behind + a reverse proxy. + + ::: {.note} + Only applied if {option}`domain` is set. + ::: + ''; }; - }); - default = null; - description = lib.mdDoc "Configure the GitLab third-party integration."; - }; - mattermost = mkOption { - type = types.nullOr (types.submodule { - options = { - baseURL = mkOption { - type = types.str; - description = lib.mdDoc '' - Mattermost authentication endpoint. - ''; - }; - clientID = mkOption { - type = types.str; - description = lib.mdDoc '' - Mattermost API client ID. - ''; - }; - clientSecret = mkOption { - type = types.str; - description = lib.mdDoc '' - Mattermost API client secret. - ''; - }; + allowOrigin = mkOption { + type = with types; listOf str; + default = with cfg.settings; [ host ] ++ lib.optionals (domain != null) [ domain ]; + defaultText = literalExpression '' + with config.services.hedgedoc.settings; [ host ] ++ lib.optionals (domain != null) [ domain ] + ''; + example = [ "localhost" "hedgedoc.org" ]; + description = mdDoc '' + List of domains to whitelist. + ''; }; - }); - default = null; - description = lib.mdDoc "Configure the Mattermost third-party integration."; - }; - dropbox = mkOption { - type = types.nullOr (types.submodule { - options = { - clientID = mkOption { - type = types.str; - description = lib.mdDoc '' - Dropbox API client ID. - ''; - }; - clientSecret = mkOption { - type = types.str; - description = lib.mdDoc '' - Dropbox API client secret. - ''; - }; - appKey = mkOption { - type = types.str; - description = lib.mdDoc '' - Dropbox app key. - ''; - }; + db = mkOption { + type = types.attrs; + default = { + dialect = "sqlite"; + storage = "/var/lib/${name}/db.sqlite"; + }; + defaultText = literalExpression '' + { + dialect = "sqlite"; + storage = "/var/lib/hedgedoc/db.sqlite"; + } + ''; + example = literalExpression '' + db = { + username = "hedgedoc"; + database = "hedgedoc"; + host = "localhost:5432"; + # or via socket + # host = "/run/postgresql"; + dialect = "postgresql"; + }; + ''; + description = mdDoc '' + Specify the configuration for sequelize. + HedgeDoc supports `mysql`, `postgres`, `sqlite` and `mssql`. + See <https://sequelize.readthedocs.io/en/v3/> + for more information. + + ::: {.note} + The relevant parts will be overriden if you set {option}`dbURL`. + ::: + ''; }; - }); - default = null; - description = lib.mdDoc "Configure the Dropbox third-party integration."; - }; - google = mkOption { - type = types.nullOr (types.submodule { - options = { - clientID = mkOption { - type = types.str; - description = lib.mdDoc '' - Google API client ID. - ''; - }; - clientSecret = mkOption { - type = types.str; - description = lib.mdDoc '' - Google API client secret. - ''; - }; + useSSL = mkOption { + type = types.bool; + default = false; + description = mdDoc '' + Enable to use SSL server. + + ::: {.note} + This will also enable {option}`protocolUseSSL`. + + It will also require you to set the following: + + - {option}`sslKeyPath` + - {option}`sslCertPath` + - {option}`sslCAPath` + - {option}`dhParamPath` + ::: + ''; }; - }); - default = null; - description = lib.mdDoc "Configure the Google third-party integration."; - }; - ldap = mkOption { - type = types.nullOr (types.submodule { - options = { - providerName = mkOption { - type = types.str; - default = ""; - description = lib.mdDoc '' - Optional name to be displayed at login form, indicating the LDAP provider. - ''; - }; - url = mkOption { - type = types.str; - example = "ldap://localhost"; - description = lib.mdDoc '' - URL of LDAP server. - ''; - }; - bindDn = mkOption { - type = types.str; - description = lib.mdDoc '' - Bind DN for LDAP access. - ''; - }; - bindCredentials = mkOption { - type = types.str; - description = lib.mdDoc '' - Bind credentials for LDAP access. - ''; - }; - searchBase = mkOption { - type = types.str; - example = "o=users,dc=example,dc=com"; - description = lib.mdDoc '' - LDAP directory to begin search from. - ''; - }; - searchFilter = mkOption { - type = types.str; - example = "(uid={{username}})"; - description = lib.mdDoc '' - LDAP filter to search with. - ''; - }; - searchAttributes = mkOption { - type = types.nullOr (types.listOf types.str); - default = null; - example = [ "displayName" "mail" ]; - description = lib.mdDoc '' - LDAP attributes to search with. - ''; - }; - userNameField = mkOption { - type = types.str; - default = ""; - description = lib.mdDoc '' - LDAP field which is used as the username on HedgeDoc. - By default {option}`useridField` is used. - ''; - }; - useridField = mkOption { - type = types.str; - example = "uid"; - description = lib.mdDoc '' - LDAP field which is a unique identifier for users on HedgeDoc. - ''; - }; - tlsca = mkOption { - type = types.str; - default = "/etc/ssl/certs/ca-certificates.crt"; - example = "server-cert.pem,root.pem"; - description = lib.mdDoc '' - Root CA for LDAP TLS in PEM format. - ''; - }; + uploadsPath = mkOption { + type = types.path; + default = "/var/lib/${name}/uploads"; + defaultText = "/var/lib/hedgedoc/uploads"; + description = mdDoc '' + Directory for storing uploaded images. + ''; }; - }); - default = null; - description = lib.mdDoc "Configure the LDAP integration."; - }; - saml = mkOption { - type = types.nullOr (types.submodule { - options = { - idpSsoUrl = mkOption { - type = types.str; - example = "https://idp.example.com/sso"; - description = lib.mdDoc '' - IdP authentication endpoint. - ''; - }; - idpCert = mkOption { - type = types.path; - example = "/path/to/cert.pem"; - description = lib.mdDoc '' - Path to IdP certificate file in PEM format. - ''; - }; - issuer = mkOption { - type = types.str; - default = ""; - description = lib.mdDoc '' - Optional identity of the service provider. - This defaults to the server URL. - ''; - }; - identifierFormat = mkOption { - type = types.str; - default = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"; - description = lib.mdDoc '' - Optional name identifier format. - ''; - }; - groupAttribute = mkOption { - type = types.str; - default = ""; - example = "memberOf"; - description = lib.mdDoc '' - Optional attribute name for group list. - ''; - }; - externalGroups = mkOption { - type = types.listOf types.str; - default = []; - example = [ "Temporary-staff" "External-users" ]; - description = lib.mdDoc '' - Excluded group names. - ''; - }; - requiredGroups = mkOption { - type = types.listOf types.str; - default = []; - example = [ "Hedgedoc-Users" ]; - description = lib.mdDoc '' - Required group names. - ''; - }; - providerName = mkOption { - type = types.str; - default = ""; - example = "My institution"; - description = lib.mdDoc '' - Optional name to be displayed at login form indicating the SAML provider. - ''; - }; - attribute = { - id = mkOption { - type = types.str; - default = ""; - description = lib.mdDoc '' - Attribute map for `id`. - Defaults to `NameID` of SAML response. - ''; - }; - username = mkOption { - type = types.str; - default = ""; - description = lib.mdDoc '' - Attribute map for `username`. - Defaults to `NameID` of SAML response. - ''; - }; - email = mkOption { - type = types.str; - default = ""; - description = lib.mdDoc '' - Attribute map for `email`. - Defaults to `NameID` of SAML response if - {option}`identifierFormat` has - the default value. - ''; - }; - }; + + # Declared because we change the default to false. + allowGravatar = mkOption { + type = types.bool; + default = false; + example = true; + description = mdDoc '' + Whether to enable [Libravatar](https://wiki.libravatar.org/) as + profile picture source on your instance. + + Despite the naming of the setting, Hedgedoc replaced Gravatar + with Libravatar in [CodiMD 1.4.0](https://hedgedoc.org/releases/1.4.0/) + ''; }; - }); - default = null; - description = lib.mdDoc "Configure the SAML integration."; - }; - }; in lib.mkOption { - type = lib.types.submodule { - freeformType = settingsFormat.type; - inherit options; + }; }; - description = lib.mdDoc '' + + description = mdDoc '' HedgeDoc configuration, see <https://docs.hedgedoc.org/configuration/> for documentation. @@ -1003,7 +202,7 @@ in type = with types; nullOr path; default = null; example = "/var/lib/hedgedoc/hedgedoc.env"; - description = lib.mdDoc '' + description = mdDoc '' Environment file as defined in {manpage}`systemd.exec(5)`. Secrets may be passed to the service without adding them to the world-readable @@ -1028,45 +227,94 @@ in }; }; - config = mkIf cfg.enable { - assertions = [ - { assertion = cfg.settings.db == {} -> ( - cfg.settings.dbURL != "" && cfg.settings.dbURL != null - ); - message = "Database configuration for HedgeDoc missing."; } - ]; - users.groups.${name} = {}; + config = lib.mkIf cfg.enable { + users.groups.${name} = { }; users.users.${name} = { description = "HedgeDoc service user"; group = name; - extraGroups = cfg.groups; - home = cfg.workDir; - createHome = true; isSystemUser = true; }; + services.hedgedoc.settings = { + defaultNotePath = lib.mkDefault "${cfg.package}/public/default.md"; + docsPath = lib.mkDefault "${cfg.package}/public/docs"; + viewPath = lib.mkDefault "${cfg.package}/public/views"; + }; + systemd.services.hedgedoc = { description = "HedgeDoc Service"; + documentation = [ "https://docs.hedgedoc.org/" ]; wantedBy = [ "multi-user.target" ]; after = [ "networking.target" ]; - preStart = '' - ${pkgs.envsubst}/bin/envsubst \ - -o ${cfg.workDir}/config.json \ - -i ${prettyJSON cfg.settings} - mkdir -p ${cfg.settings.uploadsPath} - ''; + preStart = + let + configFile = settingsFormat.generate "hedgedoc-config.json" { + production = cfg.settings; + }; + in + '' + ${pkgs.envsubst}/bin/envsubst \ + -o /run/${name}/config.json \ + -i ${configFile} + ${pkgs.coreutils}/bin/mkdir -p ${cfg.settings.uploadsPath} + ''; serviceConfig = { - WorkingDirectory = cfg.workDir; - StateDirectory = [ cfg.workDir cfg.settings.uploadsPath ]; - ExecStart = "${lib.getExe cfg.package}"; - EnvironmentFile = mkIf (cfg.environmentFile != null) [ cfg.environmentFile ]; + User = name; + Group = name; + + Restart = "always"; + ExecStart = "${cfg.package}/bin/hedgedoc"; + RuntimeDirectory = [ name ]; + StateDirectory = [ name ]; + WorkingDirectory = "/run/${name}"; + ReadWritePaths = [ + "-${cfg.settings.uploadsPath}" + ] ++ lib.optionals (cfg.settings.db ? "storage") [ "-${cfg.settings.db.storage}" ]; + EnvironmentFile = lib.mkIf (cfg.environmentFile != null) [ cfg.environmentFile ]; Environment = [ - "CMD_CONFIG_FILE=${cfg.workDir}/config.json" + "CMD_CONFIG_FILE=/run/${name}/config.json" "NODE_ENV=production" ]; - Restart = "always"; - User = name; + + # Hardening + AmbientCapabilities = ""; + CapabilityBoundingSet = ""; + LockPersonality = true; + NoNewPrivileges = true; + PrivateDevices = true; + PrivateMounts = true; PrivateTmp = true; + PrivateUsers = true; + ProcSubset = "pid"; + ProtectClock = true; + ProtectControlGroups = true; + ProtectHome = true; + ProtectHostname = true; + ProtectKernelLogs = true; + ProtectKernelModules = true; + ProtectKernelTunables = true; + ProtectProc = "invisible"; + ProtectSystem = "strict"; + RemoveIPC = true; + RestrictAddressFamilies = [ + "AF_INET" + "AF_INET6" + # Required for connecting to database sockets, + # and listening to unix socket at `cfg.settings.path` + "AF_UNIX" + ]; + RestrictNamespaces = true; + RestrictRealtime = true; + RestrictSUIDSGID = true; + SocketBindAllow = lib.mkIf (cfg.settings.path == null) cfg.settings.port; + SocketBindDeny = "any"; + SystemCallArchitectures = "native"; + SystemCallFilter = [ + "@system-service" + "~@privileged @obsolete" + "@pkey" + ]; + UMask = "0007"; }; }; }; diff --git a/nixos/modules/services/web-apps/hledger-web.nix b/nixos/modules/services/web-apps/hledger-web.nix index 0fc283ff52191..be8ecc645e59c 100644 --- a/nixos/modules/services/web-apps/hledger-web.nix +++ b/nixos/modules/services/web-apps/hledger-web.nix @@ -7,7 +7,7 @@ in { enable = mkEnableOption (lib.mdDoc "hledger-web service"); - serveApi = mkEnableOption (lib.mdDoc "Serve only the JSON web API, without the web UI"); + serveApi = mkEnableOption (lib.mdDoc "serving only the JSON web API, without the web UI"); host = mkOption { type = types.str; diff --git a/nixos/modules/services/web-apps/isso.nix b/nixos/modules/services/web-apps/isso.nix index 1a852ec352f2c..6cb2d9ec785eb 100644 --- a/nixos/modules/services/web-apps/isso.nix +++ b/nixos/modules/services/web-apps/isso.nix @@ -12,11 +12,11 @@ in { options = { services.isso = { enable = mkEnableOption (lib.mdDoc '' - A commenting server similar to Disqus. + isso, a commenting server similar to Disqus. Note: The application's author suppose to run isso behind a reverse proxy. The embedded solution offered by NixOS is also only suitable for small installations - below 20 requests per second. + below 20 requests per second ''); settings = mkOption { diff --git a/nixos/modules/services/web-apps/jitsi-meet.nix b/nixos/modules/services/web-apps/jitsi-meet.nix index 3825b03c24496..21416be358773 100644 --- a/nixos/modules/services/web-apps/jitsi-meet.nix +++ b/nixos/modules/services/web-apps/jitsi-meet.nix @@ -105,9 +105,9 @@ in type = bool; default = true; description = lib.mdDoc '' - Whether to enable Jitsi Videobridge instance and configure it to connect to Prosody. + Jitsi Videobridge instance and configure it to connect to Prosody. - Additional configuration is possible with {option}`services.jitsi-videobridge`. + Additional configuration is possible with {option}`services.jitsi-videobridge` ''; }; diff --git a/nixos/modules/services/web-apps/meme-bingo-web.nix b/nixos/modules/services/web-apps/meme-bingo-web.nix index cb864321ef276..652dc8840252d 100644 --- a/nixos/modules/services/web-apps/meme-bingo-web.nix +++ b/nixos/modules/services/web-apps/meme-bingo-web.nix @@ -8,9 +8,9 @@ in { options = { services.meme-bingo-web = { enable = mkEnableOption (mdDoc '' - A web app for the meme bingo, rendered entirely on the web server and made interactive with forms. + a web app for the meme bingo, rendered entirely on the web server and made interactive with forms. - Note: The application's author suppose to run meme-bingo-web behind a reverse proxy for SSL and HTTP/3. + Note: The application's author suppose to run meme-bingo-web behind a reverse proxy for SSL and HTTP/3 ''); package = mkOption { diff --git a/nixos/modules/services/web-apps/phylactery.nix b/nixos/modules/services/web-apps/phylactery.nix index 4801bd203b489..723b38ee75d93 100644 --- a/nixos/modules/services/web-apps/phylactery.nix +++ b/nixos/modules/services/web-apps/phylactery.nix @@ -4,7 +4,7 @@ with lib; let cfg = config.services.phylactery; in { options.services.phylactery = { - enable = mkEnableOption (lib.mdDoc "Whether to enable Phylactery server"); + enable = mkEnableOption (lib.mdDoc "Phylactery server"); host = mkOption { type = types.str; diff --git a/nixos/modules/services/web-apps/snipe-it.nix b/nixos/modules/services/web-apps/snipe-it.nix index e861a41851945..9cba5cb4fa9e0 100644 --- a/nixos/modules/services/web-apps/snipe-it.nix +++ b/nixos/modules/services/web-apps/snipe-it.nix @@ -30,7 +30,7 @@ let in { options.services.snipe-it = { - enable = mkEnableOption (lib.mdDoc "A free open source IT asset/license management system"); + enable = mkEnableOption (lib.mdDoc "snipe-it, a free open source IT asset/license management system"); user = mkOption { default = "snipeit"; diff --git a/nixos/modules/services/web-apps/zitadel.nix b/nixos/modules/services/web-apps/zitadel.nix index f225d138cc434..99b0a0bc56f67 100644 --- a/nixos/modules/services/web-apps/zitadel.nix +++ b/nixos/modules/services/web-apps/zitadel.nix @@ -9,7 +9,7 @@ in options.services.zitadel = let inherit (lib) mkEnableOption mkOption mkPackageOption types; in { - enable = mkEnableOption "ZITADEL, a user and identity access management platform."; + enable = mkEnableOption "ZITADEL, a user and identity access management platform"; package = mkPackageOption pkgs "ZITADEL" { default = [ "zitadel" ]; }; diff --git a/nixos/modules/services/web-servers/keter/default.nix b/nixos/modules/services/web-servers/keter/default.nix index 3916c486475de..0cd9c30cea14d 100644 --- a/nixos/modules/services/web-servers/keter/default.nix +++ b/nixos/modules/services/web-servers/keter/default.nix @@ -16,7 +16,7 @@ in options.services.keter = { enable = lib.mkEnableOption (lib.mdDoc ''keter, a web app deployment manager. Note that this module only support loading of webapps: -Keep an old app running and swap the ports when the new one is booted. +Keep an old app running and swap the ports when the new one is booted ''); root = lib.mkOption { diff --git a/nixos/modules/services/web-servers/rustus.nix b/nixos/modules/services/web-servers/rustus.nix index 878d790e36667..6d3b2e6a65d98 100644 --- a/nixos/modules/services/web-servers/rustus.nix +++ b/nixos/modules/services/web-servers/rustus.nix @@ -8,7 +8,7 @@ in options.services.rustus = { - enable = mkEnableOption (lib.mdDoc "TUS protocol implementation in Rust."); + enable = mkEnableOption (lib.mdDoc "TUS protocol implementation in Rust"); host = mkOption { type = types.str; diff --git a/nixos/modules/services/x11/desktop-managers/deepin.nix b/nixos/modules/services/x11/desktop-managers/deepin.nix index b2369e2426f82..28d751305892b 100644 --- a/nixos/modules/services/x11/desktop-managers/deepin.nix +++ b/nixos/modules/services/x11/desktop-managers/deepin.nix @@ -15,7 +15,7 @@ in options = { services.xserver.desktopManager.deepin = { - enable = mkEnableOption (lib.mdDoc "Enable Deepin desktop manager"); + enable = mkEnableOption (lib.mdDoc "Deepin desktop manager"); extraGSettingsOverrides = mkOption { default = ""; type = types.lines; diff --git a/nixos/modules/system/activation/bootspec.nix b/nixos/modules/system/activation/bootspec.nix index 9e1fa309d5db0..98c234bc340d0 100644 --- a/nixos/modules/system/activation/bootspec.nix +++ b/nixos/modules/system/activation/bootspec.nix @@ -79,7 +79,7 @@ in // { default = true; internal = true; }; enableValidation = lib.mkEnableOption (lib.mdDoc ''the validation of bootspec documents for each build. This will introduce Go in the build-time closure as we are relying on [Cuelang](https://cuelang.org/) for schema validation. - Enable this option if you want to ascertain that your documents are correct. + Enable this option if you want to ascertain that your documents are correct '' ); diff --git a/nixos/modules/system/activation/switch-to-configuration.pl b/nixos/modules/system/activation/switch-to-configuration.pl index e05f89bb0fb4b..b3ff3ac0abf30 100755 --- a/nixos/modules/system/activation/switch-to-configuration.pl +++ b/nixos/modules/system/activation/switch-to-configuration.pl @@ -599,7 +599,9 @@ while (my ($unit, $state) = each(%{$active_cur})) { $units_to_start{$unit} = 1; record_unit($start_list_file, $unit); # Don't spam the user with target units that always get started. - $units_to_filter{$unit} = 1; + if (($ENV{"STC_DISPLAY_ALL_UNITS"} // "") ne "1") { + $units_to_filter{$unit} = 1; + } } } diff --git a/nixos/modules/system/boot/grow-partition.nix b/nixos/modules/system/boot/grow-partition.nix index 1ce4d5e562337..897602f9826ab 100644 --- a/nixos/modules/system/boot/grow-partition.nix +++ b/nixos/modules/system/boot/grow-partition.nix @@ -12,7 +12,7 @@ with lib; ]; options = { - boot.growPartition = mkEnableOption (lib.mdDoc "grow the root partition on boot"); + boot.growPartition = mkEnableOption (lib.mdDoc "growing the root partition on boot"); }; config = mkIf config.boot.growPartition { diff --git a/nixos/modules/system/boot/loader/external/external.nix b/nixos/modules/system/boot/loader/external/external.nix index 926cbd2b4b3f3..78982356a9ea8 100644 --- a/nixos/modules/system/boot/loader/external/external.nix +++ b/nixos/modules/system/boot/loader/external/external.nix @@ -12,7 +12,7 @@ in }; options.boot.loader.external = { - enable = mkEnableOption (lib.mdDoc "use an external tool to install your bootloader"); + enable = mkEnableOption (lib.mdDoc "using an external tool to install your bootloader"); installHook = mkOption { type = with types; path; diff --git a/nixos/modules/system/boot/systemd/homed.nix b/nixos/modules/system/boot/systemd/homed.nix index 403d1690124db..b216820c0c0cd 100644 --- a/nixos/modules/system/boot/systemd/homed.nix +++ b/nixos/modules/system/boot/systemd/homed.nix @@ -5,7 +5,7 @@ let in { options.services.homed.enable = lib.mkEnableOption (lib.mdDoc '' - Enable systemd home area/user account manager + systemd home area/user account manager ''); config = lib.mkIf cfg.enable { diff --git a/nixos/modules/system/boot/systemd/userdbd.nix b/nixos/modules/system/boot/systemd/userdbd.nix index 994aa3ca3b8c1..e7f6d42341c4e 100644 --- a/nixos/modules/system/boot/systemd/userdbd.nix +++ b/nixos/modules/system/boot/systemd/userdbd.nix @@ -5,7 +5,7 @@ let in { options.services.userdbd.enable = lib.mkEnableOption (lib.mdDoc '' - Enables the systemd JSON user/group record lookup service + the systemd JSON user/group record lookup service ''); config = lib.mkIf cfg.enable { systemd.additionalUpstreamSystemUnits = [ diff --git a/nixos/tests/hedgedoc.nix b/nixos/tests/hedgedoc.nix index 410350d83627c..16e0dc14e947b 100644 --- a/nixos/tests/hedgedoc.nix +++ b/nixos/tests/hedgedoc.nix @@ -8,25 +8,54 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: nodes = { hedgedocSqlite = { ... }: { + services.hedgedoc.enable = true; + }; + + hedgedocPostgresWithTCPSocket = { ... }: { + systemd.services.hedgedoc.after = [ "postgresql.service" ]; services = { hedgedoc = { enable = true; - settings.dbURL = "sqlite:///var/lib/hedgedoc/hedgedoc.db"; + settings.db = { + dialect = "postgres"; + user = "hedgedoc"; + password = "$DB_PASSWORD"; + host = "localhost"; + port = 5432; + database = "hedgedocdb"; + }; + + /* + * Do not use pkgs.writeText for secrets as + * they will end up in the world-readable Nix store. + */ + environmentFile = pkgs.writeText "hedgedoc-env" '' + DB_PASSWORD=snakeoilpassword + ''; + }; + postgresql = { + enable = true; + initialScript = pkgs.writeText "pg-init-script.sql" '' + CREATE ROLE hedgedoc LOGIN PASSWORD 'snakeoilpassword'; + CREATE DATABASE hedgedocdb OWNER hedgedoc; + ''; }; }; }; - hedgedocPostgres = { ... }: { + hedgedocPostgresWithUNIXSocket = { ... }: { systemd.services.hedgedoc.after = [ "postgresql.service" ]; services = { hedgedoc = { enable = true; - settings.dbURL = "postgres://hedgedoc:\${DB_PASSWORD}@localhost:5432/hedgedocdb"; + settings.db = { + dialect = "postgres"; + user = "hedgedoc"; + password = "$DB_PASSWORD"; + host = "/run/postgresql"; + database = "hedgedocdb"; + }; - /* - * Do not use pkgs.writeText for secrets as - * they will end up in the world-readable Nix store. - */ environmentFile = pkgs.writeText "hedgedoc-env" '' DB_PASSWORD=snakeoilpassword ''; @@ -50,11 +79,18 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: hedgedocSqlite.wait_for_open_port(3000) hedgedocSqlite.wait_until_succeeds("curl -sSf http://localhost:3000/new") - with subtest("HedgeDoc postgres"): - hedgedocPostgres.wait_for_unit("postgresql.service") - hedgedocPostgres.wait_for_unit("hedgedoc.service") - hedgedocPostgres.wait_for_open_port(5432) - hedgedocPostgres.wait_for_open_port(3000) - hedgedocPostgres.wait_until_succeeds("curl -sSf http://localhost:3000/new") + with subtest("HedgeDoc postgres with TCP socket"): + hedgedocPostgresWithTCPSocket.wait_for_unit("postgresql.service") + hedgedocPostgresWithTCPSocket.wait_for_unit("hedgedoc.service") + hedgedocPostgresWithTCPSocket.wait_for_open_port(5432) + hedgedocPostgresWithTCPSocket.wait_for_open_port(3000) + hedgedocPostgresWithTCPSocket.wait_until_succeeds("curl -sSf http://localhost:3000/new") + + with subtest("HedgeDoc postgres with UNIX socket"): + hedgedocPostgresWithUNIXSocket.wait_for_unit("postgresql.service") + hedgedocPostgresWithUNIXSocket.wait_for_unit("hedgedoc.service") + hedgedocPostgresWithUNIXSocket.wait_for_open_port(5432) + hedgedocPostgresWithUNIXSocket.wait_for_open_port(3000) + hedgedocPostgresWithUNIXSocket.wait_until_succeeds("curl -sSf http://localhost:3000/new") ''; }) diff --git a/pkgs/applications/blockchains/bitcoin/default.nix b/pkgs/applications/blockchains/bitcoin/default.nix index 24f7d78e4f56f..1d0736244b68a 100644 --- a/pkgs/applications/blockchains/bitcoin/default.nix +++ b/pkgs/applications/blockchains/bitcoin/default.nix @@ -33,14 +33,14 @@ let in stdenv.mkDerivation rec { pname = if withGui then "bitcoin" else "bitcoind"; - version = "25.0"; + version = "25.1"; src = fetchurl { urls = [ "https://bitcoincore.org/bin/bitcoin-core-${version}/bitcoin-${version}.tar.gz" ]; # hash retrieved from signed SHA256SUMS - sha256 = "5df67cf42ca3b9a0c38cdafec5bbb517da5b58d251f32c8d2a47511f9be1ebc2"; + sha256 = "bec2a598d8dfa8c2365b77f13012a733ec84b8c30386343b7ac1996e901198c9"; }; nativeBuildInputs = diff --git a/pkgs/applications/blockchains/lighthouse/default.nix b/pkgs/applications/blockchains/lighthouse/default.nix index 20792dd8fd950..44cbb147bd206 100644 --- a/pkgs/applications/blockchains/lighthouse/default.nix +++ b/pkgs/applications/blockchains/lighthouse/default.nix @@ -14,6 +14,7 @@ , rustPlatform , Security , sqlite +, rust-jemalloc-sys , stdenv , SystemConfiguration , testers @@ -70,6 +71,7 @@ rustPlatform.buildRustPackage rec { buildInputs = [ sqlite + rust-jemalloc-sys ] ++ lib.optionals stdenv.isDarwin [ CoreFoundation Security diff --git a/pkgs/applications/blockchains/polkadot/default.nix b/pkgs/applications/blockchains/polkadot/default.nix index 1ed5d9819110a..4be874ef5ce19 100644 --- a/pkgs/applications/blockchains/polkadot/default.nix +++ b/pkgs/applications/blockchains/polkadot/default.nix @@ -2,6 +2,7 @@ , lib , protobuf , rocksdb +, rust-jemalloc-sys-unprefixed , rustPlatform , rustc-wasm32 , stdenv @@ -60,7 +61,9 @@ rustPlatform.buildRustPackage rec { rustc-wasm32.llvmPackages.lld ]; - buildInputs = lib.optionals stdenv.isDarwin [ Security SystemConfiguration ]; + buildInputs = [ + rust-jemalloc-sys-unprefixed + ] ++ lib.optionals stdenv.isDarwin [ Security SystemConfiguration ]; # NOTE: we need to force lld otherwise rust-lld is not found for wasm32 target CARGO_TARGET_WASM32_UNKNOWN_UNKNOWN_LINKER = "lld"; diff --git a/pkgs/applications/editors/hexdino/default.nix b/pkgs/applications/editors/hexdino/default.nix index cc3b39ed4bf78..5eb023f8b9ed0 100644 --- a/pkgs/applications/editors/hexdino/default.nix +++ b/pkgs/applications/editors/hexdino/default.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "hexdino"; - version = "0.1.2"; + version = "0.1.3"; src = fetchFromGitHub { owner = "Luz"; repo = pname; rev = version; - sha256 = "sha256-OFtOa6StpOuLgkULnY5MlqDcSTEiMxogowHIBEiGr4E="; + hash = "sha256-glbyftCJiP0/5trW7DOcVCU2q4ZH3zFK96eyGuYR8eY="; }; - cargoSha256 = "sha256-lvLiRQNH3rpu+JTXWhQtXczmGRWGtnnLDknZaMp3d0s="; + cargoHash = "sha256-nldA8gDMj0iO+HgatiuMqzR6ZCjbxFsTp5pDGbFKA1k="; meta = with lib; { description = "A hex editor with vim like keybindings written in Rust"; diff --git a/pkgs/applications/editors/tecoc/default.nix b/pkgs/applications/editors/tecoc/default.nix index 94889a13ef6db..778115dfbfa78 100644 --- a/pkgs/applications/editors/tecoc/default.nix +++ b/pkgs/applications/editors/tecoc/default.nix @@ -7,13 +7,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "tecoc"; - version = "unstable-2023-04-21"; + version = "unstable-2023-06-21"; src = fetchFromGitHub { owner = "blakemcbride"; repo = "TECOC"; - rev = "021d1d15242b9d6c84d70c9ffcf1871793898f0a"; - hash = "sha256-VGIO+uiAZkdzLYmJztmnKTS4HDIVow4AimaneHj7E1M="; + rev = "b4a96395a18c7e64ccaef0e25fdde3b7ef33ac4b"; + hash = "sha256-KTOGsTtxJh2sneU2VoDNUHcL3m8zt+3rBZTDvK1n02A="; }; buildInputs = [ ncurses ]; diff --git a/pkgs/applications/misc/octoprint/default.nix b/pkgs/applications/misc/octoprint/default.nix index aa918ddce9e26..810b13afbf2a0 100644 --- a/pkgs/applications/misc/octoprint/default.nix +++ b/pkgs/applications/misc/octoprint/default.nix @@ -86,7 +86,7 @@ let owner = "OctoPrint"; repo = "OctoPrint"; rev = version; - hash = "sha256-SYN/BrcukHMDwk70XGu/pO45fSPr/KOEyd4wxtz2Fo0="; + hash = "sha256-71uE8JvcS++xH8WSVWj5x0+9s3XIwf3A64c6YtxpSRc="; }; propagatedBuildInputs = with self; [ @@ -114,7 +114,6 @@ let netifaces octoprint-filecheck octoprint-firmwarecheck - octoprint-pisupport passlib pathvalidate pkginfo @@ -142,6 +141,8 @@ let pydantic ] ++ lib.optionals stdenv.isDarwin [ py.pkgs.appdirs + ] ++ lib.optionals (!stdenv.isDarwin) [ + octoprint-pisupport ]; nativeCheckInputs = with self; [ diff --git a/pkgs/applications/networking/browsers/chromium/common.nix b/pkgs/applications/networking/browsers/chromium/common.nix index e3bb552d57c0d..22d71e8975f80 100644 --- a/pkgs/applications/networking/browsers/chromium/common.nix +++ b/pkgs/applications/networking/browsers/chromium/common.nix @@ -148,36 +148,39 @@ let else throw "no chromium Rosetta Stone entry for os: ${platform.config}"; }; + recompressTarball = { version, sha256 ? "" }: fetchzip { + name = "chromium-${version}.tar.zstd"; + url = "https://commondatastorage.googleapis.com/chromium-browser-official/chromium-${version}.tar.xz"; + inherit sha256; + + nativeBuildInputs = [ zstd ]; + + postFetch = '' + echo removing unused code from tarball to stay under hydra limit + rm -r $out/third_party/{rust-src,llvm} + + echo moving remains out of \$out + mv $out source + + echo recompressing final contents into new tarball + # try to make a deterministic tarball + tar \ + --use-compress-program "zstd -T$NIX_BUILD_CORES" \ + --sort name \ + --mtime 1970-01-01 \ + --owner=root --group=root \ + --numeric-owner --mode=go=rX,u+rw,a-s \ + -cf $out source + ''; + }; + + base = rec { pname = "${packageName}-unwrapped"; inherit (upstream-info) version; inherit packageName buildType buildPath; - src = fetchzip { - name = "chromium-${version}.tar.zstd"; - url = "https://commondatastorage.googleapis.com/chromium-browser-official/chromium-${version}.tar.xz"; - inherit (upstream-info) sha256; - - nativeBuildInputs = [ zstd ]; - - postFetch = '' - echo removing unused code from tarball to stay under hydra limit - rm -r $out/third_party/{rust-src,llvm} - - echo moving remains out of \$out - mv $out source - - echo recompressing final contents into new tarball - # try to make a deterministic tarball - tar \ - --use-compress-program "zstd -T$NIX_BUILD_CORES" \ - --sort name \ - --mtime 1970-01-01 \ - --owner=root --group=root \ - --numeric-owner --mode=go=rX,u+rw,a-s \ - -cf $out source - ''; - }; + src = recompressTarball { inherit version; inherit (upstream-info) sha256; }; nativeBuildInputs = [ ninja pkg-config @@ -486,6 +489,7 @@ let chromiumDeps = { gn = gnChromium; }; + inherit recompressTarball; }; } # overwrite `version` with the exact same `version` from the same source, diff --git a/pkgs/applications/networking/browsers/chromium/update.py b/pkgs/applications/networking/browsers/chromium/update.py index f8dae95936019..fd8f367784059 100755 --- a/pkgs/applications/networking/browsers/chromium/update.py +++ b/pkgs/applications/networking/browsers/chromium/update.py @@ -21,12 +21,11 @@ from urllib.request import urlopen RELEASES_URL = 'https://versionhistory.googleapis.com/v1/chrome/platforms/linux/channels/all/versions/all/releases' DEB_URL = 'https://dl.google.com/linux/chrome/deb/pool/main/g' -BUCKET_URL = 'https://commondatastorage.googleapis.com/chromium-browser-official' PIN_PATH = dirname(abspath(__file__)) + '/upstream-info.nix' UNGOOGLED_FLAGS_PATH = dirname(abspath(__file__)) + '/ungoogled-flags.toml' COMMIT_MESSAGE_SCRIPT = dirname(abspath(__file__)) + '/get-commit-message.py' - +NIXPKGS_PATH = subprocess.check_output(["git", "rev-parse", "--show-toplevel"], cwd=dirname(PIN_PATH)).strip() def load_as_json(path): """Loads the given nix file as JSON.""" @@ -41,6 +40,23 @@ def save_dict_as_nix(path, input): with open(path, 'w') as out: out.write(formatted.decode()) +def prefetch_src_sri_hash(attr_path, version): + """Prefetches the fixed-output-derivation source tarball and returns its SRI-Hash.""" + print(f'nix-build (FOD prefetch) {attr_path} {version}') + out = subprocess.run( + ["nix-build", "--expr", f'(import ./. {{}}).{attr_path}.browser.passthru.recompressTarball {{ version = "{version}"; }}'], + cwd=NIXPKGS_PATH, + stderr=subprocess.PIPE + ).stderr.decode() + + for line in iter(out.split("\n")): + match = re.match(r"\s+got:\s+(.+)$", line) + if match: + print(f'Hash: {match.group(1)}') + return match.group(1) + print(f'{out}\n\nError: Expected hash in nix-build stderr output.', file=sys.stderr) + sys.exit(1) + def nix_prefetch_url(url, algo='sha256'): """Prefetches the content of the given URL.""" print(f'nix-prefetch-url {url}') @@ -206,7 +222,10 @@ with urlopen(RELEASES_URL) as resp: google_chrome_suffix = channel_name try: - channel['sha256'] = nix_prefetch_url(f'{BUCKET_URL}/chromium-{release["version"]}.tar.xz') + channel['sha256'] = prefetch_src_sri_hash( + channel_name_to_attr_name(channel_name), + release["version"] + ) channel['sha256bin64'] = nix_prefetch_url( f'{DEB_URL}/google-chrome-{google_chrome_suffix}/' + f'google-chrome-{google_chrome_suffix}_{release["version"]}-1_amd64.deb') diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.nix b/pkgs/applications/networking/browsers/chromium/upstream-info.nix index 3086f82c9c48c..b8004a7d4b390 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.nix +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.nix @@ -41,9 +41,9 @@ version = "2023-08-10"; }; }; - sha256 = "1g8rllmnmhmmpjzrmi3cww0nszxicq0kim2wd0l0ip2mzk2p8qlp"; - sha256bin64 = "1bq170l0g9yq17x6xlg6fjar6gv3hdi0zijwmx4s02pmw6727484"; - version = "118.0.5993.70"; + sha256 = "sha256-CTkw92TiRD2tkYu5a5dy8fjpR2MMOMCvcbxXhJ36Bp8="; + sha256bin64 = "06rbsjh4khhl408181ns5nsdwasklb277fdjfajdv5h1j9a190k3"; + version = "118.0.5993.88"; }; ungoogled-chromium = { deps = { @@ -54,12 +54,12 @@ version = "2023-08-10"; }; ungoogled-patches = { - rev = "118.0.5993.70-1"; - sha256 = "0k6684cy1ks6yba2bdz17g244f05qy9769cvis4h2jzhgbf5rysh"; + rev = "118.0.5993.88-1"; + sha256 = "17j47d64l97ascp85h8cnfnr5wr4va3bdk95wmagqss7ym5c7zsf"; }; }; - sha256 = "1g8rllmnmhmmpjzrmi3cww0nszxicq0kim2wd0l0ip2mzk2p8qlp"; - sha256bin64 = "1bq170l0g9yq17x6xlg6fjar6gv3hdi0zijwmx4s02pmw6727484"; - version = "118.0.5993.70"; + sha256 = "sha256-CTkw92TiRD2tkYu5a5dy8fjpR2MMOMCvcbxXhJ36Bp8="; + sha256bin64 = "06rbsjh4khhl408181ns5nsdwasklb277fdjfajdv5h1j9a190k3"; + version = "118.0.5993.88"; }; } diff --git a/pkgs/applications/networking/cluster/starboard/default.nix b/pkgs/applications/networking/cluster/starboard/default.nix index ddfa4443d826c..8f456f3fb4de9 100644 --- a/pkgs/applications/networking/cluster/starboard/default.nix +++ b/pkgs/applications/networking/cluster/starboard/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "starboard"; - version = "0.15.15"; + version = "0.15.16"; src = fetchFromGitHub { owner = "aquasecurity"; repo = pname; rev = "v${version}"; - sha256 = "sha256-aKxRjPXvj9rGUheUjpjGWlzg9I6LaCxfc6FJV8Kzj3I="; + sha256 = "sha256-n4gChQQMVdtEKW2WqQAEVtlU2fFxLxBem2yAJzDjx2Q="; # populate values that require us to use git. By doing this in postFetch we # can delete .git afterwards and maintain better reproducibility of the src. leaveDotGit = true; diff --git a/pkgs/applications/networking/cluster/tektoncd-cli/default.nix b/pkgs/applications/networking/cluster/tektoncd-cli/default.nix index 3b9962b84a0fb..a729e62783b14 100644 --- a/pkgs/applications/networking/cluster/tektoncd-cli/default.nix +++ b/pkgs/applications/networking/cluster/tektoncd-cli/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "tektoncd-cli"; - version = "0.32.0"; + version = "0.32.1"; src = fetchFromGitHub { owner = "tektoncd"; repo = "cli"; rev = "v${version}"; - sha256 = "sha256-Ilue0stXko8bkMMzXEHrdgJYIV5ZcI39hwFUya8X4ac="; + sha256 = "sha256-qxKWyNQRWc0krdIfG6Mkn8ZZSkCkb0V41nIUsN5azGo="; }; vendorHash = null; diff --git a/pkgs/applications/networking/cluster/terraform-backend-git/default.nix b/pkgs/applications/networking/cluster/terraform-backend-git/default.nix index 09cc62352d7b5..2e7f70eaf57d2 100644 --- a/pkgs/applications/networking/cluster/terraform-backend-git/default.nix +++ b/pkgs/applications/networking/cluster/terraform-backend-git/default.nix @@ -6,13 +6,13 @@ buildGoModule rec { pname = "terraform-backend-git"; - version = "0.1.5"; + version = "0.1.6"; src = fetchFromGitHub { owner = "plumber-cd"; repo = "terraform-backend-git"; rev = "v${version}"; - hash = "sha256-ryHFuHIEJ4i1R3oBW3w3aAvtv+vIrO745qwx0+SqBF4="; + hash = "sha256-ZbQfL7uKCFD98HcoeqscZaIsWFvWH0Ytzlqr6fMmXUs="; }; vendorHash = "sha256-Y/4UgG/2Vp+gxBnGrNpAgRNfPZWJXhVo8TVa/VfOYt0="; diff --git a/pkgs/applications/networking/instant-messengers/discord/default.nix b/pkgs/applications/networking/instant-messengers/discord/default.nix index 2cd7ee2d2c5bf..0420ae8ca946b 100644 --- a/pkgs/applications/networking/instant-messengers/discord/default.nix +++ b/pkgs/applications/networking/instant-messengers/discord/default.nix @@ -1,52 +1,52 @@ { branch ? "stable", callPackage, fetchurl, lib, stdenv }: let versions = if stdenv.isLinux then { - stable = "0.0.31"; - ptb = "0.0.49"; - canary = "0.0.170"; - development = "0.0.234"; + stable = "0.0.32"; + ptb = "0.0.51"; + canary = "0.0.171"; + development = "0.0.1"; } else { - stable = "0.0.280"; - ptb = "0.0.80"; - canary = "0.0.315"; - development = "0.0.8797"; + stable = "0.0.281"; + ptb = "0.0.82"; + canary = "0.0.320"; + development = "0.0.2"; }; version = versions.${branch}; srcs = rec { x86_64-linux = { stable = fetchurl { url = "https://dl.discordapp.net/apps/linux/${version}/discord-${version}.tar.gz"; - hash = "sha256-toWwiMsEFsGaOYaPZziSmZtpzxGd9m+2MtxTrJwqFbw="; + hash = "sha256-XeGDKRKnvDyl0AWm9Vs/PDeIfAq/FL9AsjLt+dNg1HQ="; }; ptb = fetchurl { url = "https://dl-ptb.discordapp.net/apps/linux/${version}/discord-ptb-${version}.tar.gz"; - hash = "sha256-o8cDoBe6A0wBjVLjp4JXrv3QsG7TZ/Kj4+T5lj6WHdY="; + hash = "sha256-VlvGZ5qy61zse0mhvrROYwr0C94Zy1Kh4D4dp+sJTN0="; }; canary = fetchurl { url = "https://dl-canary.discordapp.net/apps/linux/${version}/discord-canary-${version}.tar.gz"; - hash = "sha256-Lw+qLAAwyoDBKDPOBA9HR79gcnqwTshFq6GMpFS0tXA="; + hash = "sha256-NcmV+DPI5hfNdBUgoaOLsjG32QfjF+x7f01B6PR10Vc="; }; development = fetchurl { url = "https://dl-development.discordapp.net/apps/linux/${version}/discord-development-${version}.tar.gz"; - hash = "sha256-R5UwgpXgb32mEohTzyRVXmumcgPl8UPan3UjmLFLxLo="; + hash = "sha256-ogLOZZ9pTXB01TqdnmdORIzZ8GbGzskUzbG4E68gZwY="; }; }; x86_64-darwin = { stable = fetchurl { url = "https://dl.discordapp.net/apps/osx/${version}/Discord.dmg"; - hash = "sha256-SUbpzd8RIf+e+so/dXZh5OkjCvWRC+EyqgeIg4u32Hg="; + hash = "sha256-Qxh9K0u99xfsVPJyAD3bFeZPxBXg2EeDyM+rbF80EC8="; }; ptb = fetchurl { url = "https://dl-ptb.discordapp.net/apps/osx/${version}/DiscordPTB.dmg"; - hash = "sha256-IvrCjiZ5Oa616+U8C2ihg8THj7ePV2A8+82wUWqWoPY="; + hash = "sha256-U99FiR3IUL8saGtVrWblWqsCIJc0rK5ZMII9/BL5H7w="; }; canary = fetchurl { url = "https://dl-canary.discordapp.net/apps/osx/${version}/DiscordCanary.dmg"; - hash = "sha256-m43SijSBxcAvYAlSFpQKIFILUm4AgSQ5F4XyQJyftts="; + hash = "sha256-7fPlb4x116HIXEJr1G7wVHriOQu6/2u69SpbU9qxHNw="; }; development = fetchurl { url = "https://dl-development.discordapp.net/apps/osx/${version}/DiscordDevelopment.dmg"; - hash = "sha256-ra0El4Y7SqanY6ZBbHE1Y+pqel4OD7nXKKfg/vndULo="; + hash = "sha256-iMw61dXtThXvz2GnZiM4+tURMRfXhrN/ze1RTBL6zy8="; }; }; aarch64-darwin = x86_64-darwin; diff --git a/pkgs/applications/office/activitywatch/default.nix b/pkgs/applications/office/activitywatch/default.nix index 04d58e74dadd9..4187da1bfabb2 100644 --- a/pkgs/applications/office/activitywatch/default.nix +++ b/pkgs/applications/office/activitywatch/default.nix @@ -5,6 +5,7 @@ , pkg-config , perl , openssl +, rust-jemalloc-sys , python3 , wrapQtAppsHook , qtbase @@ -173,6 +174,7 @@ rec { buildInputs = [ openssl + rust-jemalloc-sys ]; postFixup = '' diff --git a/pkgs/applications/science/molecular-dynamics/gromacs/default.nix b/pkgs/applications/science/molecular-dynamics/gromacs/default.nix index cb1dbc15b3367..2ca47d812bbfe 100644 --- a/pkgs/applications/science/molecular-dynamics/gromacs/default.nix +++ b/pkgs/applications/science/molecular-dynamics/gromacs/default.nix @@ -20,11 +20,11 @@ let in stdenv.mkDerivation rec { pname = "gromacs"; - version = "2023.2"; + version = "2023.3"; src = fetchurl { url = "ftp://ftp.gromacs.org/pub/gromacs/gromacs-${version}.tar.gz"; - sha256 = "sha256-vOFIByfksruQBBO3XZmjJm81B4d9pPWy1JHfeY+fza4="; + sha256 = "sha256-Tsj40MevdrE/j9FtuOLBIOdJ3kOa6VVNn2U/gS140cs="; }; patches = [ ./pkgconfig.patch ]; diff --git a/pkgs/applications/version-management/git-mit/default.nix b/pkgs/applications/version-management/git-mit/default.nix index ebfae6fa356e7..f53f021a80c0e 100644 --- a/pkgs/applications/version-management/git-mit/default.nix +++ b/pkgs/applications/version-management/git-mit/default.nix @@ -10,7 +10,7 @@ }: let - version = "5.12.161"; + version = "5.12.162"; in rustPlatform.buildRustPackage { pname = "git-mit"; @@ -20,10 +20,10 @@ rustPlatform.buildRustPackage { owner = "PurpleBooth"; repo = "git-mit"; rev = "v${version}"; - hash = "sha256-r0gRBOf/CC4HDh/N4Qi1/3DkPuuNlqfbvl4o5JqobKE="; + hash = "sha256-qwnzq1CKo7kJXITpPjKAhk1dbGSj6TXat7ioP7o3ifg="; }; - cargoHash = "sha256-LgiO/wPoPjmxymcXl9zQ8n/xOnFfpravwpqEsUctxxw="; + cargoHash = "sha256-AGE+zA5DHabqgzCC/T1DDG9bGPciSdl1euZbbCeKPzQ="; nativeBuildInputs = [ pkg-config ]; diff --git a/pkgs/applications/version-management/stgit/default.nix b/pkgs/applications/version-management/stgit/default.nix index 12450fc440d82..196cdea93dbab 100644 --- a/pkgs/applications/version-management/stgit/default.nix +++ b/pkgs/applications/version-management/stgit/default.nix @@ -18,15 +18,15 @@ rustPlatform.buildRustPackage rec { pname = "stgit"; - version = "2.3.2"; + version = "2.4.0"; src = fetchFromGitHub { owner = "stacked-git"; repo = "stgit"; rev = "v${version}"; - hash = "sha256-rQNX54zmVHZKplEUNaKyVtCrC8Q4DdxLzNSStiYvDGA="; + hash = "sha256-+ipNSdEaz3nVBTYS+A4Fauan0DaKZR69No95FTS2/4o="; }; - cargoHash = "sha256-ju8JQnohidBsydwwm6gNx1L24brmDWYXwNgfCl7G/aA="; + cargoHash = "sha256-G0g+53HWxhJfozMGByhmgnxws6P10FY9fAOleqhn+Mk="; nativeBuildInputs = [ pkg-config installShellFiles makeWrapper asciidoc xmlto docbook_xsl diff --git a/pkgs/by-name/km/kmsvnc/package.nix b/pkgs/by-name/km/kmsvnc/package.nix new file mode 100644 index 0000000000000..000dc8115b2b6 --- /dev/null +++ b/pkgs/by-name/km/kmsvnc/package.nix @@ -0,0 +1,43 @@ +{ lib +, stdenv +, fetchFromGitHub +, cmake +, pkg-config +, libdrm +, libvncserver +, libxkbcommon +, libva +}: + +stdenv.mkDerivation rec { + pname = "kmsvnc"; + version = "0.0.5"; + + src = fetchFromGitHub { + owner = "isjerryxiao"; + repo = "kmsvnc"; + rev = "v${version}"; + hash = "sha256-Dz1y4t8u9/rnmOiYMWMq6aEq3kV47uiIK7K4DSvjZNc="; + }; + + nativeBuildInputs = [ + cmake + pkg-config + ]; + + buildInputs = [ + libdrm + libvncserver + libxkbcommon + libva + ]; + + meta = with lib; { + description = "A VNC server for DRM/KMS capable GNU/Linux devices"; + homepage = "https://github.com/isjerryxiao/kmsvnc"; + license = licenses.gpl3Only; + maintainers = with maintainers; [ nickcao ]; + mainProgram = "kmsvnc"; + platforms = platforms.linux; + }; +} diff --git a/pkgs/by-name/pg/pgmoneta/package.nix b/pkgs/by-name/pg/pgmoneta/package.nix new file mode 100644 index 0000000000000..bbfbb1a64476f --- /dev/null +++ b/pkgs/by-name/pg/pgmoneta/package.nix @@ -0,0 +1,61 @@ +{ lib +, stdenv +, bzip2 +, cjson +, cmake +, curl +, docutils +, fetchFromGitHub +, libarchive +, libev +, libgccjit +, libssh +, lz4 +, openssl +, systemd +, zlib +, zstd +}: + +stdenv.mkDerivation rec { + pname = "pgmoneta"; + version = "0.7.0"; + + src = fetchFromGitHub { + owner = "pgmoneta"; + repo = "pgmoneta"; + rev = version; + hash = "sha256-Acg60QFMmRTubYWkPxbHTciVOYoIWc3GZGQVauewZik="; + }; + + nativeBuildInputs = [ + cmake + docutils # for rst2man + ]; + + buildInputs = [ + bzip2 + cjson + curl + libarchive + libev + libgccjit + libssh + lz4 + openssl + systemd + zlib + zstd + ]; + + env.NIX_CFLAGS_COMPILE = "-Wno-error"; + + meta = with lib; { + description = "Backup / restore solution for PostgreSQL"; + homepage = "https://pgmoneta.github.io/"; + changelog = "https://github.com/pgmoneta/pgmoneta/releases/tag/${version}"; + license = licenses.bsd3; + maintainers = [ maintainers.marsam ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/by-name/tk/tkdiff/189.patch b/pkgs/by-name/tk/tkdiff/189.patch new file mode 100644 index 0000000000000..c638727d3bd48 --- /dev/null +++ b/pkgs/by-name/tk/tkdiff/189.patch @@ -0,0 +1,71 @@ +Index: tkdiff +=================================================================== +diff --git a/tkdiff b/tkdiff +--- a/tkdiff (revision 188) ++++ b/tkdiff (revision 189) +@@ -111,7 +111,7 @@ + } + + # Determine the name of the temporary directory, the rc file name, +-# and possible VPATH EnvVar, all of which are platform dependent. ++# NULLdev, and possible VPATH EnvVar, all of which are platform dependent. + # + # Much MAY likely be overridden by a preference in .tkdiffrc, + # EXCEPT (obviously) when no such file actually exists yet +@@ -126,6 +126,9 @@ + set opts(tmpdir) C:/temp + } + ++ # Reserved filename which is actually a NULL device ++ set opts(NULLdev) "nul" ++ + # Split up and store a VPATH if it exists + if {[info exists ::env(VPATH)]} { + set finfo(Vpath) [split $::env(VPATH) ";"] +@@ -145,6 +148,9 @@ + set opts(tmpdir) $::env(TMPDIR) + } {set opts(tmpdir) /tmp } + ++ # Reserved filename which is actually a NULL device (Unix-like platforms) ++ set opts(NULLdev) "/dev/null" ++ + # Split up and store a VPATH if it exists + if {[info exists ::env(VPATH)]} { + set finfo(Vpath) [split $::env(VPATH) ":"] +@@ -2106,7 +2112,7 @@ + # 1 Failed (PLUS a 'pushed' HARD-error message to the caller) + ############################################################################### + proc get-file {fn ndx {probe 0}} { +- global g finfo ++ global g opts finfo + + # Ancestor files are stored into a slightly adjusted array element name + # N.B> 'ndx' AS PASSED *can* be an EXPRESSION (not just a number): resolve! +@@ -2121,7 +2127,7 @@ + } elseif {!$tildechk} { + # DO NOT REPORT non-existence if this attempt was ONLY a probe + if {$probe} { return 1 } { set MSG "File '$fn' does not exist" } +- } elseif {[file isfile $fn]} { ++ } elseif {[file isfile $fn] || $fn == $opts(NULLdev)} { + set finfo(${A}lbl,$ndx) [shortNm [set finfo(${A}pth,$ndx) "$fn"]] + } else { set MSG "'$fn' exists, but is not a file" } + +@@ -2857,7 +2863,7 @@ + # Align various label decorations to the CURRENT input file pairing + ############################################################################### + proc alignDecor {pairnum} { +- global g w finfo ++ global g w opts finfo + + # Establish if 3way mode is NOW active and what file indices are in use + set g(is3way) [info exists finfo(albl,$pairnum)] +@@ -2874,7 +2880,8 @@ + set finfo(lbl,$LR) $finfo(ulbl,$ndx($n)) ;# Override lbl display + } else {set finfo(lbl,$LR) $finfo(lbl,$ndx($n))} + +- if {![info exists finfo(tmp,$ndx($n))]} { ++ if {![info exists finfo(tmp,$ndx($n))] \ ++ && $finfo(pth,$ndx($n)) != $opts(NULLdev)} { + # (N.B> Tip data will ALSO be used by report generation heading) + set g(tooltip,${LR}Label) "{$finfo(pth,$ndx($n))\n" + append g(tooltip,${LR}Label) \ diff --git a/pkgs/by-name/tk/tkdiff/package.nix b/pkgs/by-name/tk/tkdiff/package.nix new file mode 100644 index 0000000000000..478ee4e29ff9e --- /dev/null +++ b/pkgs/by-name/tk/tkdiff/package.nix @@ -0,0 +1,43 @@ +{ diffutils, fetchzip, lib, makeBinaryWrapper, stdenv, tk }: + +stdenv.mkDerivation (finalAttrs: { + pname = "tkdiff"; + version = "5.6"; + + src = fetchzip { + url = "mirror://sourceforge/tkdiff/tkdiff-${builtins.replaceStrings ["."] ["-"] finalAttrs.version}.zip"; + hash = "sha256-EpbIdjsejkkTaSpoZRM5AHz0r1Cio+YzRryK0BoghBk="; + }; + + # fix regression: allow /dev/null again. eg: "tkdiff /dev/null file" + # svn diff --git -r188:189 https://svn.code.sf.net/p/tkdiff/code/trunk + patches = [ ./189.patch ]; + + nativeBuildInputs = [ makeBinaryWrapper ]; + + installPhase = '' + runHook preInstall + + install -Dm755 -t $out/bin tkdiff + wrapProgram $out/bin/tkdiff \ + --prefix PATH : ${lib.makeBinPath [ diffutils tk ]} + + runHook postInstall + ''; + + meta = { + description = "A graphical front end to the diff program"; + homepage = "https://tkdiff.sourceforge.io/"; + license = lib.licenses.gpl2Plus; + longDescription = '' + TkDiff is a graphical front end to the diff program. It provides a + side-by-side view of the differences between two text files, along + with several innovative features such as diff bookmarks, a graphical + map of differences for quick navigation, and a facility for slicing + diff regions to achieve exactly the merge output desired. + ''; + mainProgram = "tkdiff"; + maintainers = with lib.maintainers; [ robert-manchester ]; + platforms = tk.meta.platforms; + }; +}) diff --git a/pkgs/data/icons/tela-circle-icon-theme/default.nix b/pkgs/data/icons/tela-circle-icon-theme/default.nix index 6e32d09dac680..518f0d11efd79 100644 --- a/pkgs/data/icons/tela-circle-icon-theme/default.nix +++ b/pkgs/data/icons/tela-circle-icon-theme/default.nix @@ -19,13 +19,13 @@ lib.checkListOfEnum "${pname}: color variants" [ "standard" "black" "blue" "brow stdenvNoCC.mkDerivation rec { inherit pname; - version = "2023-06-25"; + version = "2023-10-07"; src = fetchFromGitHub { owner = "vinceliuice"; repo = pname; rev = version; - sha256 = "nob0Isx785YRP4QIj2CK+v99CUiRwtkge1dNXCCwaDs="; + sha256 = "il+bYIcwm0BQF6U0J6h6rlzHSGSHYN/O8BezehYIpQ4="; }; nativeBuildInputs = [ diff --git a/pkgs/desktops/xfce/applications/xfce4-notifyd/default.nix b/pkgs/desktops/xfce/applications/xfce4-notifyd/default.nix index 8d75389b079df..54f51ee2518cc 100644 --- a/pkgs/desktops/xfce/applications/xfce4-notifyd/default.nix +++ b/pkgs/desktops/xfce/applications/xfce4-notifyd/default.nix @@ -1,9 +1,12 @@ { lib , mkXfceDerivation +, dbus , glib , gtk3 +, gtk-layer-shell , libcanberra-gtk3 , libnotify +, libX11 , libxfce4ui , libxfce4util , sqlite @@ -14,15 +17,19 @@ mkXfceDerivation { category = "apps"; pname = "xfce4-notifyd"; - version = "0.8.2"; + version = "0.9.2"; + odd-unstable = false; - sha256 = "sha256-M8L2HWTuQDl/prD7s6uptkW4XDscpk6fc+epoxjFNS8="; + sha256 = "sha256-BHhz5LURXLeILxQ+iNQ+50yHd/oIF7twHAqxiBQ2hFE="; buildInputs = [ + dbus gtk3 + gtk-layer-shell glib libcanberra-gtk3 libnotify + libX11 libxfce4ui libxfce4util sqlite diff --git a/pkgs/development/libraries/jemalloc/rust.nix b/pkgs/development/libraries/jemalloc/rust.nix new file mode 100644 index 0000000000000..1a9968933b1e9 --- /dev/null +++ b/pkgs/development/libraries/jemalloc/rust.nix @@ -0,0 +1,24 @@ +{ lib +, stdenv +, jemalloc +, writeText + +, unprefixed ? false +}: + +let + # On some platforms the unprefixed feature will be ignored: + # https://github.com/tikv/jemallocator/blob/ab0676d77e81268cd09b059260c75b38dbef2d51/jemalloc-sys/src/env.rs + unprefixed' = unprefixed && !stdenv.hostPlatform.isMusl && !stdenv.hostPlatform.isDarwin && !stdenv.hostPlatform.isAndroid; + +in jemalloc.overrideAttrs (oldAttrs: { + configureFlags = oldAttrs.configureFlags ++ [ + "--with-private-namespace=_rjem_" + ] ++ lib.optionals (!unprefixed') [ + "--with-jemalloc-prefix=_rjem_" + ]; + + setupHook = writeText "setup-hook.sh" '' + export JEMALLOC_OVERRIDE="@out@/lib/libjemalloc${stdenv.hostPlatform.extensions.library}" + ''; +}) diff --git a/pkgs/development/php-packages/xdebug/default.nix b/pkgs/development/php-packages/xdebug/default.nix index 61e83d9187655..3aa24ce15e43c 100644 --- a/pkgs/development/php-packages/xdebug/default.nix +++ b/pkgs/development/php-packages/xdebug/default.nix @@ -1,7 +1,7 @@ { buildPecl, lib, fetchFromGitHub }: let - version = "3.2.2"; + version = "3.3.0alpha3"; in buildPecl { inherit version; @@ -11,7 +11,7 @@ in buildPecl { owner = "xdebug"; repo = "xdebug"; rev = version; - hash = "sha256-zbgJw2oPzyUTK0UwLAqpShBi+toVsEQcjoG4tIBder0="; + hash = "sha256-LBrKQCR4qpV3yJpTknUNKX6mq+qSdBSveIoYmk5Vmoc="; }; doCheck = true; diff --git a/pkgs/development/python-modules/argilla/default.nix b/pkgs/development/python-modules/argilla/default.nix index 8ac1ccdc65f8e..8179d054a97f3 100644 --- a/pkgs/development/python-modules/argilla/default.nix +++ b/pkgs/development/python-modules/argilla/default.nix @@ -65,7 +65,7 @@ }: let pname = "argilla"; - version = "1.16.0"; + version = "1.17.0"; optional-dependencies = { server = [ fastapi @@ -126,7 +126,7 @@ buildPythonPackage { owner = "argilla-io"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-SKxIc7T9wmMMGQeebcRVOrB4Y5ETz9LSeKzzqI+wf80="; + hash = "sha256-ggw6ABPn3d+aOj+0ETKYWWTha/2Recdnp/LGBXG1HY4="; }; pythonRelaxDeps = [ diff --git a/pkgs/development/python-modules/bespon/default.nix b/pkgs/development/python-modules/bespon/default.nix index da6820ef6ecc2..a942651dcb73e 100644 --- a/pkgs/development/python-modules/bespon/default.nix +++ b/pkgs/development/python-modules/bespon/default.nix @@ -1,18 +1,20 @@ { lib , buildPythonPackage , fetchPypi +, setuptools }: buildPythonPackage rec { - version = "0.6.0"; - pname = "BespON"; + version = "0.7.0"; + pname = "bespon"; + format = "pyproject"; src = fetchPypi { inherit pname version; - sha256 = "2f2bda67fea8ee95c8aa7e885835ab88bdbfa392a94077ce1c9d29017420ce7a"; + hash = "sha256-dGtXw4uq6pdyXBVfSi9s7kCFUqA1PO7qWEGY0JNAz8Q="; }; - propagatedBuildInputs = [ ]; + nativeBuildInputs = [ setuptools ]; # upstream doesn't contain tests doCheck = false; diff --git a/pkgs/development/python-modules/chex/default.nix b/pkgs/development/python-modules/chex/default.nix index 047073587b261..6bee1641242c0 100644 --- a/pkgs/development/python-modules/chex/default.nix +++ b/pkgs/development/python-modules/chex/default.nix @@ -15,16 +15,16 @@ buildPythonPackage rec { pname = "chex"; - version = "0.1.83"; + version = "0.1.84"; format = "setuptools"; disabled = pythonOlder "3.9"; src = fetchFromGitHub { owner = "deepmind"; - repo = pname; + repo = "chex"; rev = "refs/tags/v${version}"; - hash = "sha256-iEachJf5NjOnkMWdP0aVQHWNPgUUBkMnzHKq3GP7t4w="; + hash = "sha256-LsUMvSMVGjqZuFDcb+/61RtFxweeG6bSFzmJUUMv6rA="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/jax/default.nix b/pkgs/development/python-modules/jax/default.nix index 9453ba1c0c6c5..d9293e0734801 100644 --- a/pkgs/development/python-modules/jax/default.nix +++ b/pkgs/development/python-modules/jax/default.nix @@ -27,17 +27,17 @@ let in buildPythonPackage rec { pname = "jax"; - version = "0.4.18"; + version = "0.4.19"; pyproject = true; disabled = pythonOlder "3.9"; src = fetchFromGitHub { owner = "google"; - repo = pname; + repo = "jax"; # google/jax contains tags for jax and jaxlib. Only use jax tags! rev = "refs/tags/${pname}-v${version}"; - hash = "sha256-rDvWHa8jYCAA9iKbWaFUXdE/9L7AepFiNzmqOcc/090="; + hash = "sha256-l5uLPqhg/hqtO9oJSaioow5cH/0jKHDVziGezkfnVcc="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/jaxlib/bin.nix b/pkgs/development/python-modules/jaxlib/bin.nix index 68a1275246aa0..8b673d6040d53 100644 --- a/pkgs/development/python-modules/jaxlib/bin.nix +++ b/pkgs/development/python-modules/jaxlib/bin.nix @@ -39,7 +39,7 @@ in assert cudaSupport -> lib.versionAtLeast cudatoolkit.version "11.1" && lib.versionAtLeast cudnn.version "8.2" && stdenv.isLinux; let - version = "0.4.18"; + version = "0.4.19"; inherit (python) pythonVersion; @@ -60,15 +60,15 @@ let { "x86_64-linux" = getSrcFromPypi { platform = "manylinux2014_x86_64"; - hash = "sha256-MpNomovvSVx4N6gsowOLksTyEgTK261vSXMGxYqlVOE="; + hash = "sha256-ksnY+CPEstact5lKjbSg+ZSPJtSt0Y0NFWEFufBCByk="; }; "aarch64-darwin" = getSrcFromPypi { platform = "macosx_11_0_arm64"; - hash = "sha256-if/5O5DQVHFdsLw9O1creZBx5j8ftE7fsWMMX1NjHP0="; + hash = "sha256-O7dHvdKLKfNELGfF4TKy7N5EX6Ca7Zu8OtLXWvFykR8="; }; "x86_64-darwin" = getSrcFromPypi { platform = "macosx_10_14_x86_64"; - hash = "sha256-4NeHA/0SGdmHXyDGxpK7oJc7dE1meR4LPjzbIwxloqU="; + hash = "sha256-gqKMUZSXrt8sQtTAoQbzAfCzO8gM9Y1/tZpuJVWyN0Y="; }; }; @@ -78,7 +78,7 @@ let # https://github.com/google/jax/issues/12879 as to why this specific URL is the correct index. gpuSrc = fetchurl { url = "https://storage.googleapis.com/jax-releases/cuda12/jaxlib-${version}+cuda12.cudnn89-cp310-cp310-manylinux2014_x86_64.whl"; - hash = "sha256-p6BNvhhRzVDQdpEoIRau5JovC+eDjlW3bXrahtsGvmI="; + hash = "sha256-zfN0n31+5GohwBkeQrqHus4qOyhM/GEdqG6KUupCZ4o="; }; in diff --git a/pkgs/development/python-modules/jaxlib/default.nix b/pkgs/development/python-modules/jaxlib/default.nix index 35d56ff1a1eb6..d02cb0aa5dee2 100644 --- a/pkgs/development/python-modules/jaxlib/default.nix +++ b/pkgs/development/python-modules/jaxlib/default.nix @@ -54,7 +54,7 @@ let inherit (cudaPackages) backendStdenv cudatoolkit cudaFlags cudnn nccl; pname = "jaxlib"; - version = "0.4.18"; + version = "0.4.19"; meta = with lib; { description = "JAX is Autograd and XLA, brought together for high-performance machine learning research."; @@ -151,7 +151,7 @@ let repo = "jax"; # google/jax contains tags for jax and jaxlib. Only use jaxlib tags! rev = "refs/tags/${pname}-v${version}"; - hash = "sha256-rDvWHa8jYCAA9iKbWaFUXdE/9L7AepFiNzmqOcc/090="; + hash = "sha256-l5uLPqhg/hqtO9oJSaioow5cH/0jKHDVziGezkfnVcc="; }; nativeBuildInputs = [ @@ -264,10 +264,10 @@ let ]; sha256 = (if cudaSupport then { - x86_64-linux = "sha256-0CfGWlwKsUFP1DHUN6+6wX3cHr5x3TE6NbqYlV5me1E="; + x86_64-linux = "sha256-Z5cSgdRxdKxidaz4b1RlUF4rVcQiUTmQ1OorlBWlpt0="; } else { - x86_64-linux = "sha256-sljmyIligXC7d9fdlpqR32xyMR0UslWs04gXJBD8FTA="; - aarch64-linux = "sha256-eJ4KIkHdcA2EVvyBoNum2cOPcHPFoBOtUTAGufO8FJA="; + x86_64-linux = "sha256-sn7p8FFHWIVdBWnsLsVj5jLiSaTlRm7s/qj2RqvQ3jU="; + aarch64-linux = "sha256-oAYF5AeuPHTlwtpDMs2+tAhRAJH0yeSVnB7Ni7wmzS8="; }).${stdenv.system} or (throw "jaxlib: unsupported system: ${stdenv.system}"); }; diff --git a/pkgs/development/python-modules/lsprotocol/default.nix b/pkgs/development/python-modules/lsprotocol/default.nix index a2e17eb400421..5ee4d3ed11260 100644 --- a/pkgs/development/python-modules/lsprotocol/default.nix +++ b/pkgs/development/python-modules/lsprotocol/default.nix @@ -4,6 +4,7 @@ , cattrs , fetchFromGitHub , flit-core +, importlib-resources , jsonschema , nox , pyhamcrest @@ -13,7 +14,7 @@ buildPythonPackage rec { pname = "lsprotocol"; - version = "2023.0.0a2"; + version = "2023.0.0b1"; format = "pyproject"; disabled = pythonOlder "3.7"; @@ -22,7 +23,7 @@ buildPythonPackage rec { owner = "microsoft"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-AEvs2fb8nhWEFMyLvwNv9HoxxxE50/KW3TGZ5pDf4dc="; + hash = "sha256-Y/Mp/8MskRB6irNU3CBOKmo2Zt5S69h+GyMg71sQ9Uw="; }; nativeBuildInputs = [ @@ -40,6 +41,7 @@ buildPythonPackage rec { ]; checkInputs = [ + importlib-resources jsonschema pyhamcrest ]; diff --git a/pkgs/development/python-modules/polars/default.nix b/pkgs/development/python-modules/polars/default.nix index b070ae37978fa..ccd6f2b79ba98 100644 --- a/pkgs/development/python-modules/polars/default.nix +++ b/pkgs/development/python-modules/polars/default.nix @@ -6,6 +6,7 @@ , libiconv , fetchFromGitHub , typing-extensions +, rust-jemalloc-sys , darwin }: let @@ -49,7 +50,9 @@ buildPythonPackage { nativeBuildInputs = with rustPlatform; [ cargoSetupHook maturinBuildHook ]; - buildInputs = lib.optionals stdenv.isDarwin [ + buildInputs = [ + rust-jemalloc-sys + ] ++ lib.optionals stdenv.isDarwin [ libiconv darwin.apple_sdk.frameworks.Security ]; diff --git a/pkgs/development/python-modules/pytensor/default.nix b/pkgs/development/python-modules/pytensor/default.nix index dcb41604102f3..06d0dffb24689 100644 --- a/pkgs/development/python-modules/pytensor/default.nix +++ b/pkgs/development/python-modules/pytensor/default.nix @@ -26,7 +26,7 @@ buildPythonPackage rec { pname = "pytensor"; - version = "2.17.2"; + version = "2.17.3"; pyproject = true; disabled = pythonOlder "3.9"; @@ -35,7 +35,7 @@ buildPythonPackage rec { owner = "pymc-devs"; repo = "pytensor"; rev = "refs/tags/rel-${version}"; - hash = "sha256-u1CbOjU3rQ6G3SSwYR3UlebymkupGMJWID4RH4v9PIk="; + hash = "sha256-FufPCFzSjG8BrHes7t3XsdovX9gqUBG0gMDGKvkRkSA="; }; postPatch = '' diff --git a/pkgs/development/python-modules/pyyardian/default.nix b/pkgs/development/python-modules/pyyardian/default.nix index 63318cbfcaef2..0216d562faea7 100644 --- a/pkgs/development/python-modules/pyyardian/default.nix +++ b/pkgs/development/python-modules/pyyardian/default.nix @@ -9,7 +9,7 @@ buildPythonPackage rec { pname = "pyyardian"; - version = "1.1.1"; + version = "1.2.0"; pyproject = true; disabled = pythonOlder "3.7"; @@ -18,7 +18,7 @@ buildPythonPackage rec { owner = "h3l1o5"; repo = "pyyardian"; rev = "refs/tags/${version}"; - hash = "sha256-dnHHRGt3TsWJb6tzx+i1gb9hkLJYPVdCt92UGKuO6Mg="; + hash = "sha256-JBb62pFDuVcXIGRc6UOp5/ciUtbGm4XnKZjt1icF/jQ="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/recaptcha_client/default.nix b/pkgs/development/python-modules/recaptcha_client/default.nix deleted file mode 100644 index dce24cfa7a8f9..0000000000000 --- a/pkgs/development/python-modules/recaptcha_client/default.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ lib -, buildPythonPackage -, fetchPypi -, pythonAtLeast -}: - -buildPythonPackage rec { - pname = "recaptcha-client"; - version = "1.0.6"; - disabled = pythonAtLeast "3.5"; - - src = fetchPypi { - inherit pname version; - sha256 = "28c6853c1d13d365b7dc71a6b05e5ffb56471f70a850de318af50d3d7c0dea2f"; - }; - - meta = with lib; { - description = "A CAPTCHA for Python using the reCAPTCHA service"; - homepage = "http://recaptcha.net/"; - license = licenses.mit; - }; - -} diff --git a/pkgs/development/python-modules/twilio/default.nix b/pkgs/development/python-modules/twilio/default.nix index d342c3d330c68..e12271c48645f 100644 --- a/pkgs/development/python-modules/twilio/default.nix +++ b/pkgs/development/python-modules/twilio/default.nix @@ -18,7 +18,7 @@ buildPythonPackage rec { pname = "twilio"; - version = "8.9.1"; + version = "8.10.0"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -27,7 +27,7 @@ buildPythonPackage rec { owner = "twilio"; repo = "twilio-python"; rev = "refs/tags/${version}"; - hash = "sha256-F+0nYZIvZVH0QuEkuiV2lwA62r6T/amWFWg7rfBqddU="; + hash = "sha256-1y9kETu2E7dN7fmE0qP6yAVwMcVGCYnyPQYzIIApKjU="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/tools/electron/binary/generic.nix b/pkgs/development/tools/electron/binary/generic.nix index f7e8f6461a4cf..cbd9080989655 100644 --- a/pkgs/development/tools/electron/binary/generic.nix +++ b/pkgs/development/tools/electron/binary/generic.nix @@ -24,6 +24,7 @@ , xorg , pango , systemd +, pciutils }: version: hashes: @@ -92,6 +93,7 @@ let xorg.libXrandr xorg.libxkbfile pango + pciutils stdenv.cc.cc.lib systemd ] diff --git a/pkgs/development/tools/mold/default.nix b/pkgs/development/tools/mold/default.nix index 530fbb1666c78..fadbe57a5690b 100644 --- a/pkgs/development/tools/mold/default.nix +++ b/pkgs/development/tools/mold/default.nix @@ -23,13 +23,13 @@ stdenv.mkDerivation rec { pname = "mold"; - version = "2.3.0"; + version = "2.3.1"; src = fetchFromGitHub { owner = "rui314"; repo = "mold"; rev = "v${version}"; - hash = "sha256-TgDGAYdJjqGQradB7UJlV2emvG7q4F9ctzPaGRUgvxU="; + hash = "sha256-SahpgmkeGVXqQebtw36IjFwHcbvi0JeiEWkNV3hk3lM="; }; nativeBuildInputs = [ diff --git a/pkgs/development/tools/ruff/default.nix b/pkgs/development/tools/ruff/default.nix index b7c5ab87a6443..8b42bfbe85c55 100644 --- a/pkgs/development/tools/ruff/default.nix +++ b/pkgs/development/tools/ruff/default.nix @@ -4,6 +4,7 @@ , installShellFiles , stdenv , darwin +, rust-jemalloc-sys # tests , ruff-lsp }: @@ -31,19 +32,15 @@ rustPlatform.buildRustPackage rec { installShellFiles ]; - buildInputs = lib.optionals stdenv.isDarwin [ + buildInputs = [ + rust-jemalloc-sys + ] ++ lib.optionals stdenv.isDarwin [ darwin.apple_sdk.frameworks.CoreServices ]; cargoBuildFlags = [ "--package=ruff_cli" ]; cargoTestFlags = cargoBuildFlags; - preBuild = lib.optionalString (stdenv.isDarwin && stdenv.isx86_64) '' - # See https://github.com/jemalloc/jemalloc/issues/1997 - # Using a value of 48 should work on both emulated and native x86_64-darwin. - export JEMALLOC_SYS_WITH_LG_VADDR=48 - ''; - # tests expect no colors preCheck = '' export NO_COLOR=1 diff --git a/pkgs/os-specific/linux/ryzenadj/default.nix b/pkgs/os-specific/linux/ryzenadj/default.nix index efdb9f3ed39b7..0744ed2896fff 100644 --- a/pkgs/os-specific/linux/ryzenadj/default.nix +++ b/pkgs/os-specific/linux/ryzenadj/default.nix @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { description = "Adjust power management settings for Ryzen Mobile Processors."; homepage = "https://github.com/FlyGoat/RyzenAdj"; license = licenses.lgpl3Only; - maintainers = with maintainers; [ ]; + maintainers = with maintainers; [ rhendric ]; platforms = [ "x86_64-linux" ]; }; } diff --git a/pkgs/servers/computing/slurm/default.nix b/pkgs/servers/computing/slurm/default.nix index 321e988af7f5e..226755b14c9ef 100644 --- a/pkgs/servers/computing/slurm/default.nix +++ b/pkgs/servers/computing/slurm/default.nix @@ -14,7 +14,7 @@ stdenv.mkDerivation rec { pname = "slurm"; - version = "23.02.5.1"; + version = "23.02.6.1"; # N.B. We use github release tags instead of https://www.schedmd.com/downloads.php # because the latter does not keep older releases. @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { repo = "slurm"; # The release tags use - instead of . rev = "${pname}-${builtins.replaceStrings ["."] ["-"] version}"; - sha256 = "sha256-9VvZ8xySYFyBa5tZzf5WCShbEDpqE1/5t76jXX6t+bc="; + sha256 = "sha256-azgGM4qfS0xtUaiGfXtu8MNYdgpZRUfx+zBgAAlmt6g="; }; outputs = [ "out" "dev" ]; diff --git a/pkgs/servers/kanidm/default.nix b/pkgs/servers/kanidm/default.nix index e6c49b846f4be..65450e0e3eb9e 100644 --- a/pkgs/servers/kanidm/default.nix +++ b/pkgs/servers/kanidm/default.nix @@ -11,6 +11,7 @@ , sqlite , pam , bashInteractive +, rust-jemalloc-sys }: let @@ -59,6 +60,7 @@ rustPlatform.buildRustPackage rec { openssl sqlite pam + rust-jemalloc-sys ]; # The UI needs to be in place before the tests are run. diff --git a/pkgs/servers/matrix-conduit/default.nix b/pkgs/servers/matrix-conduit/default.nix index 6cb8f16d203cd..cc162e6373d67 100644 --- a/pkgs/servers/matrix-conduit/default.nix +++ b/pkgs/servers/matrix-conduit/default.nix @@ -7,6 +7,7 @@ , darwin , nixosTests , rocksdb +, rust-jemalloc-sys }: rustPlatform.buildRustPackage rec { @@ -42,7 +43,10 @@ rustPlatform.buildRustPackage rec { pkg-config ]; - buildInputs = [ sqlite ] ++ lib.optionals stdenv.isDarwin [ + buildInputs = [ + sqlite + rust-jemalloc-sys + ] ++ lib.optionals stdenv.isDarwin [ darwin.apple_sdk.frameworks.Security ]; diff --git a/pkgs/servers/monitoring/telegraf/default.nix b/pkgs/servers/monitoring/telegraf/default.nix index 52605250cff6c..ac13d678ff1fc 100644 --- a/pkgs/servers/monitoring/telegraf/default.nix +++ b/pkgs/servers/monitoring/telegraf/default.nix @@ -8,7 +8,7 @@ buildGoModule rec { pname = "telegraf"; - version = "1.28.1"; + version = "1.28.2"; subPackages = [ "cmd/telegraf" ]; @@ -16,10 +16,10 @@ buildGoModule rec { owner = "influxdata"; repo = "telegraf"; rev = "v${version}"; - hash = "sha256-ag5Hk/LAHS2XDZ0MUAycLfDLr9awMl3T+5NoQGUIl/w="; + hash = "sha256-gD4xdKjIx0zLKJySx8UdSKvMIZJaIXtubWQX/mLu+TI="; }; - vendorHash = "sha256-3hmYyUDlBPEcoM/1MhH6yoH/Kb21rITrAzy7APQpLqI="; + vendorHash = "sha256-OzAAchUHNno58Em2oDnMt9P1B03HtQylFBFEkv4bAkU="; proxyVendor = true; ldflags = [ diff --git a/pkgs/servers/search/qdrant/default.nix b/pkgs/servers/search/qdrant/default.nix index 005514819820f..6d70b5e4b3dac 100644 --- a/pkgs/servers/search/qdrant/default.nix +++ b/pkgs/servers/search/qdrant/default.nix @@ -5,6 +5,7 @@ , stdenv , pkg-config , openssl +, rust-jemalloc-sys , nix-update-script , Security }: @@ -32,7 +33,10 @@ rustPlatform.buildRustPackage rec { # Needed to get openssl-sys to use pkg-config. OPENSSL_NO_VENDOR = 1; - buildInputs = [ openssl ] ++ lib.optionals stdenv.isDarwin [ Security ]; + buildInputs = [ + openssl + rust-jemalloc-sys + ] ++ lib.optionals stdenv.isDarwin [ Security ]; nativeBuildInputs = [ protobuf rustPlatform.bindgenHook pkg-config ]; diff --git a/pkgs/servers/search/quickwit/default.nix b/pkgs/servers/search/quickwit/default.nix index 9fdcbef3e7129..f4d75be434ecb 100644 --- a/pkgs/servers/search/quickwit/default.nix +++ b/pkgs/servers/search/quickwit/default.nix @@ -4,6 +4,7 @@ , rustPlatform , nix-update-script , protobuf +, rust-jemalloc-sys , Security }: @@ -32,7 +33,9 @@ rustPlatform.buildRustPackage rec { sourceRoot = "${src.name}/quickwit"; - buildInputs = lib.optionals stdenv.isDarwin [ Security ]; + buildInputs = [ + rust-jemalloc-sys + ] ++ lib.optionals stdenv.isDarwin [ Security ]; cargoLock = { lockFile = ./Cargo.lock; diff --git a/pkgs/servers/sickbeard/sickgear.nix b/pkgs/servers/sickbeard/sickgear.nix index 2e723c9b3ea3f..e75dc72a13540 100644 --- a/pkgs/servers/sickbeard/sickgear.nix +++ b/pkgs/servers/sickbeard/sickgear.nix @@ -4,13 +4,13 @@ let pythonEnv = python3.withPackages(ps: with ps; [ cheetah3 lxml ]); in stdenv.mkDerivation rec { pname = "sickgear"; - version = "3.30.0"; + version = "3.30.4"; src = fetchFromGitHub { owner = "SickGear"; repo = "SickGear"; rev = "release_${version}"; - hash = "sha256-Y9FXaDODeuMaXeqmfBCd96JgwrqDe5k6RCtGKvTOMKw="; + hash = "sha256-me52Ji+IWPN6IEDWsAlIoGPS45uA22+dxHJjqnYPniE="; }; patches = [ diff --git a/pkgs/servers/soft-serve/default.nix b/pkgs/servers/soft-serve/default.nix index a3f35d32885ab..5072869c39b67 100644 --- a/pkgs/servers/soft-serve/default.nix +++ b/pkgs/servers/soft-serve/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "soft-serve"; - version = "0.6.1"; + version = "0.6.2"; src = fetchFromGitHub { owner = "charmbracelet"; repo = "soft-serve"; rev = "v${version}"; - hash = "sha256-Xst/eNam3HuHixEmPUl2J7B7cLYaeGVaUnzXIVugBbw="; + hash = "sha256-gmgIuQk+8MRkuFZaJq82hHNdUMSqrylwgk6vi/Q0OQ0="; }; - vendorHash = "sha256-tzJu2DmbvPU1tPIWP88q66PBtC1XEduQac8cIxwb/sM="; + vendorHash = "sha256-7lzdngj6xBpEe2nZdPW1GLbarPBdCHMnf+Dyxuq2Ikw="; doCheck = false; diff --git a/pkgs/servers/web-apps/lemmy/package.json b/pkgs/servers/web-apps/lemmy/package.json index f9b990ec203b9..5b7f477f7c296 100644 --- a/pkgs/servers/web-apps/lemmy/package.json +++ b/pkgs/servers/web-apps/lemmy/package.json @@ -1,6 +1,6 @@ { "name": "lemmy-ui", - "version": "0.18.4", + "version": "0.18.5", "description": "An isomorphic UI for lemmy", "repository": "https://github.com/LemmyNet/lemmy-ui", "license": "AGPL-3.0", diff --git a/pkgs/servers/web-apps/lemmy/pin.json b/pkgs/servers/web-apps/lemmy/pin.json index a2cd105158331..f7a4d855f406c 100644 --- a/pkgs/servers/web-apps/lemmy/pin.json +++ b/pkgs/servers/web-apps/lemmy/pin.json @@ -1,8 +1,8 @@ { - "serverVersion": "0.18.4", - "uiVersion": "0.18.4", - "serverHash": "sha256-J+kjsirEcLz0th3IGVheSShVLbQma1Eip329/q5/3S8=", - "serverCargoHash": "sha256-0UDhHa2QvHoNYJIArpc/o+lkq87tBX/XVgXsr7y/+Rk=", - "uiHash": "sha256-E/rSNWVjiZE5Hl0iIocQfkIdOFSeB0zYXQDq9A3h3lI=", + "serverVersion": "0.18.5", + "uiVersion": "0.18.5", + "serverHash": "sha256-tj8zryCzW3r6VGiNGlI5eo0I+rJfhTUOGtb3YieodpQ=", + "serverCargoHash": "sha256-80jk1GhnXos+lil3joEtPwJjsE8qSEm/WinCfZ3CF/c=", + "uiHash": "sha256-fyXKhVTFc1+gG2TXb9l/YkcwRt/p7DWtB1FO5mpQ3i4=", "uiYarnDepsHash": "sha256-rLP1CQd75nVfI6C0sC21TUskzVfbGHm2fblcYr6JcGc=" } diff --git a/pkgs/tools/admin/pgadmin/default.nix b/pkgs/tools/admin/pgadmin/default.nix index 3040258c0ca7a..beecd6412bcfb 100644 --- a/pkgs/tools/admin/pgadmin/default.nix +++ b/pkgs/tools/admin/pgadmin/default.nix @@ -14,14 +14,14 @@ let pname = "pgadmin"; - version = "7.5"; - yarnSha256 = "sha256-rEKMUZksmR2jPwtXy6drNwAJktK/3Dee6EZVFHPngWs="; + version = "7.7"; + yarnHash = "sha256-8EbbyZHodrYz4a2IYuIWYGutqvrjauSv34o9KFvR/6c="; src = fetchFromGitHub { owner = "pgadmin-org"; repo = "pgadmin4"; rev = "REL-${lib.versions.major version}_${lib.versions.minor version}"; - hash = "sha256-o8jPqp4jLF/lZ0frCzPDCSxCy51Nt0mbdeNB44ZwNHI="; + hash = "sha256-+KD05hzghNFpuw2xW3NUVyKwspCUO9fyJgMPzYk1Xt8="; }; # keep the scope, as it is used throughout the derivation and tests @@ -30,7 +30,7 @@ let offlineCache = fetchYarnDeps { yarnLock = ./yarn.lock; - hash = yarnSha256; + hash = yarnHash; }; in diff --git a/pkgs/tools/admin/pgadmin/expose-setup.py.patch b/pkgs/tools/admin/pgadmin/expose-setup.py.patch index 13f7d5069c69b..ac68eabd411d6 100644 --- a/pkgs/tools/admin/pgadmin/expose-setup.py.patch +++ b/pkgs/tools/admin/pgadmin/expose-setup.py.patch @@ -58,3 +58,31 @@ index 2204ffb..d5fda9f 100644 + +if __name__ == '__main__': + main() + +diff --git a/web/pgadmin/model/__init__.py b/web/pgadmin/model/__init__.py +index 4c36dd1..a492365 100644 +--- a/web/pgadmin/model/__init__.py ++++ b/web/pgadmin/model/__init__.py +@@ -23,7 +23,6 @@ from flask_sqlalchemy import SQLAlchemy + from sqlalchemy.ext.mutable import MutableDict + import sqlalchemy.types as types + import uuid +-import config + + ########################################################################## + # +@@ -41,10 +40,12 @@ SCHEMA_VERSION = 35 + # + ########################################################################## + ++# hardcode poolsize and max_overflow due to a circular import (config imports model, ++# model now tries to import config) + db = SQLAlchemy( + engine_options={ +- 'pool_size': config.CONFIG_DATABASE_CONNECTION_POOL_SIZE, +- 'max_overflow': config.CONFIG_DATABASE_CONNECTION_MAX_OVERFLOW}) ++ 'pool_size': 5, ++ 'max_overflow': 100}) + + + USER_ID = 'user.id' diff --git a/pkgs/tools/admin/pgadmin/update.sh b/pkgs/tools/admin/pgadmin/update.sh index a819c94ebc980..90b52f18ad513 100755 --- a/pkgs/tools/admin/pgadmin/update.sh +++ b/pkgs/tools/admin/pgadmin/update.sh @@ -104,7 +104,7 @@ cp yarn.lock "$nixpkgs/pkgs/tools/admin/pgadmin/" printf "Done\n" popd -sed -i -E -e "s#yarnSha256 = \".*\"#yarnSha256 = \"$YARN_HASH\"#" ${scriptDir}/default.nix +sed -i -E -e "s#yarnHash = \".*\"#yarnHash = \"$YARN_HASH\"#" ${scriptDir}/default.nix update-source-version pgadmin4 "$newest_version" --print-changes touch $TMPDIR/.done diff --git a/pkgs/tools/admin/pgadmin/yarn.lock b/pkgs/tools/admin/pgadmin/yarn.lock index 04815260d4962..8ced96dcb781f 100644 --- a/pkgs/tools/admin/pgadmin/yarn.lock +++ b/pkgs/tools/admin/pgadmin/yarn.lock @@ -1640,16 +1640,31 @@ rc-resize-observer "^1.3.1" rc-util "^5.33.0" +"@react-dnd/asap@^4.0.0": + version "4.0.1" + resolved "https://registry.npmjs.org/@react-dnd/asap/-/asap-4.0.1.tgz#5291850a6b58ce6f2da25352a64f1b0674871aab" + integrity sha512-kLy0PJDDwvwwTXxqTFNAAllPHD73AycE9ypWeln/IguoGBEbvFcPDbCV03G52bEcC5E+YgupBE0VzHGdC8SIXg== + "@react-dnd/asap@^5.0.1": version "5.0.2" resolved "https://registry.npmjs.org/@react-dnd/asap/-/asap-5.0.2.tgz#1f81f124c1cd6f39511c11a881cfb0f715343488" integrity sha512-WLyfoHvxhs0V9U+GTsGilGgf2QsPl6ZZ44fnv0/b8T3nQyvzxidxsg/ZltbWssbsRDlYW8UKSQMTGotuTotZ6A== +"@react-dnd/invariant@^2.0.0": + version "2.0.0" + resolved "https://registry.npmjs.org/@react-dnd/invariant/-/invariant-2.0.0.tgz#09d2e81cd39e0e767d7da62df9325860f24e517e" + integrity sha512-xL4RCQBCBDJ+GRwKTFhGUW8GXa4yoDfJrPbLblc3U09ciS+9ZJXJ3Qrcs/x2IODOdIE5kQxvMmE2UKyqUictUw== + "@react-dnd/invariant@^4.0.1": version "4.0.2" resolved "https://registry.npmjs.org/@react-dnd/invariant/-/invariant-4.0.2.tgz#b92edffca10a26466643349fac7cdfb8799769df" integrity sha512-xKCTqAK/FFauOM9Ta2pswIyT3D8AQlfrYdOi/toTPEhqCuAs1v5tcJ3Y08Izh1cJ5Jchwy9SeAXmMg6zrKs2iw== +"@react-dnd/shallowequal@^2.0.0": + version "2.0.0" + resolved "https://registry.npmjs.org/@react-dnd/shallowequal/-/shallowequal-2.0.0.tgz#a3031eb54129f2c66b2753f8404266ec7bf67f0a" + integrity sha512-Pc/AFTdwZwEKJxFJvlxrSmGe/di+aAOBn60sremrpLo6VI/6cmiUYNNwlI5KNYttg7uypzA3ILPMPgxB2GYZEg== + "@react-dnd/shallowequal@^4.0.1": version "4.0.2" resolved "https://registry.npmjs.org/@react-dnd/shallowequal/-/shallowequal-4.0.2.tgz#d1b4befa423f692fa4abf1c79209702e7d8ae4b4" @@ -2635,6 +2650,11 @@ async@^3.2.3: resolved "https://registry.npmjs.org/async/-/async-3.2.4.tgz#2d22e00f8cddeb5fde5dd33522b56d1cf569a81c" integrity sha512-iAB+JbDEGXhyIUavoDl9WP/Jj106Kz9DEn1DPgYw5ruDn0e3Wgi3sKFm55sASdGBNOQB8F59d9qQ7deqrHA8wQ== +asynckit@^0.4.0: + version "0.4.0" + resolved "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" + integrity sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q== + attr-accept@^2.2.2: version "2.2.2" resolved "https://registry.npmjs.org/attr-accept/-/attr-accept-2.2.2.tgz#646613809660110749e92f2c10833b70968d929b" @@ -2665,12 +2685,14 @@ axios-mock-adapter@^1.17.0: fast-deep-equal "^3.1.3" is-buffer "^2.0.5" -axios@^0.21.1: - version "0.21.4" - resolved "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz#c67b90dc0568e5c1cf2b0b858c43ba28e2eda575" - integrity sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg== +axios@^1.4.0: + version "1.4.0" + resolved "https://registry.npmjs.org/axios/-/axios-1.4.0.tgz#38a7bf1224cd308de271146038b551d725f0be1f" + integrity sha512-S4XCWMEmzvo64T9GfvQDOXgYRDJ/wsSZc7Jvdgx5u1sd0JwsuPLqb3SYmusag+edF6ziyMensPVqLTSc1PiSEA== dependencies: - follow-redirects "^1.14.0" + follow-redirects "^1.15.0" + form-data "^4.0.0" + proxy-from-env "^1.1.0" babel-code-frame@^6.26.0: version "6.26.0" @@ -2906,7 +2928,7 @@ bin-version@^3.0.0: execa "^1.0.0" find-versions "^3.0.0" -"bin-wrapper@^4.0.0", "bin-wrapper@^4.0.1": +bin-wrapper@^4.0.0: version "4.1.0" resolved "https://registry.npmjs.org/bin-wrapper/-/bin-wrapper-4.1.0.tgz#99348f2cf85031e3ef7efce7e5300aeaae960605" integrity sha512-hfRmo7hWIXPkbpi0ZltboCMVrU+0ClXR/JgbCKKjlDjQf6igXa7OwdqNcFWQZPZTgiY7ZpzE3+LjjkLiTN2T7Q== @@ -3546,6 +3568,13 @@ colorette@^2.0.14: lodash.memoize "~3.0.3" source-map "~0.5.3" +combined-stream@^1.0.8: + version "1.0.8" + resolved "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz#c3d45a8b34fd730631a110a8a2520682b31d5a7f" + integrity sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg== + dependencies: + delayed-stream "~1.0.0" + "commander@^2.19.0", "commander@^2.20.0", "commander@^2.8.1": version "2.20.3" resolved "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz#fd485e84c03eb4881c20722ba48035e8531aeb33" @@ -4211,6 +4240,11 @@ defined@^1.0.0: resolved "https://registry.npmjs.org/defined/-/defined-1.0.1.tgz#c0b9db27bfaffd95d6f61399419b893df0f91ebf" integrity sha512-hsBd2qSVCRE+5PmNdHt1uzyrFu5d3RwmFDKzyNZMFq/EwDNJF7Ee5+D5oEKF0hU6LhtoUF1macFvOe4AskQC1Q== +delayed-stream@~1.0.0: + version "1.0.0" + resolved "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz#df3ae199acadfb7d440aaae0b29e2272b24ec619" + integrity sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ== + delegates@^1.0.0: version "1.0.0" resolved "https://registry.npmjs.org/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a" @@ -4294,6 +4328,15 @@ discontinuous-range@1.0.0: resolved "https://registry.npmjs.org/discontinuous-range/-/discontinuous-range-1.0.0.tgz#e38331f0844bba49b9a9cb71c771585aab1bc65a" integrity sha512-c68LpLbO+7kP/b1Hr1qs8/BJ09F5khZGTxqxZuhzxpmwJKOgRFHJWIb9/KmqnqHhLdO55aOxFH/EGBvUQbL/RQ== +dnd-core@14.0.1: + version "14.0.1" + resolved "https://registry.npmjs.org/dnd-core/-/dnd-core-14.0.1.tgz#76d000e41c494983210fb20a48b835f81a203c2e" + integrity sha512-+PVS2VPTgKFPYWo3vAFEA8WPbTf7/xo43TifH9G8S1KqnrQu0o77A3unrF5yOugy4mIz7K5wAVFHUcha7wsz6A== + dependencies: + "@react-dnd/asap" "^4.0.0" + "@react-dnd/invariant" "^2.0.0" + redux "^4.1.1" + dnd-core@^16.0.1: version "16.0.1" resolved "https://registry.npmjs.org/dnd-core/-/dnd-core-16.0.1.tgz#a1c213ed08961f6bd1959a28bb76f1a868360d19" @@ -4368,20 +4411,20 @@ domain-browser@^1.2.0: resolved "https://registry.npmjs.org/domelementtype/-/domelementtype-2.3.0.tgz#5c45e8e869952626331d7aab326d01daf65d589d" integrity sha512-OLETBj6w0OsagBwdXnPdN0cnMfF9opN69co+7ZrbfPGrdpPVNBUj02spi6B1N7wChLQiPn4CSH/zJvXw56gmHw== -"domhandler@4.3.1", "domhandler@^4.2.0", "domhandler@^4.2.2", "domhandler@^4.3.1": - version "4.3.1" - resolved "https://registry.npmjs.org/domhandler/-/domhandler-4.3.1.tgz#8d792033416f59d68bc03a5aa7b018c1ca89279c" - integrity sha512-GrwoxYN+uWlzO8uhUXRl0P+kHE4GtVPfYzVLcUxPL7KNdHKj66vvlhiweIHqYYXWlw+T8iLMp42Lm67ghw4WMQ== - dependencies: - domelementtype "^2.2.0" - -"domhandler@^5.0.2", "domhandler@^5.0.3": +"domhandler@5.0.3", "domhandler@^5.0.2", "domhandler@^5.0.3": version "5.0.3" resolved "https://registry.npmjs.org/domhandler/-/domhandler-5.0.3.tgz#cc385f7f751f1d1fc650c21374804254538c7d31" integrity sha512-cgwlv/1iFQiFnU96XXgROh8xTeetsnJiDsTc7TYCLFd9+/WNkIqPTxiM/8pSd8VIrhXGTf1Ny1q1hquVqDJB5w== dependencies: domelementtype "^2.3.0" +"domhandler@^4.2.0", "domhandler@^4.3.1": + version "4.3.1" + resolved "https://registry.npmjs.org/domhandler/-/domhandler-4.3.1.tgz#8d792033416f59d68bc03a5aa7b018c1ca89279c" + integrity sha512-GrwoxYN+uWlzO8uhUXRl0P+kHE4GtVPfYzVLcUxPL7KNdHKj66vvlhiweIHqYYXWlw+T8iLMp42Lm67ghw4WMQ== + dependencies: + domelementtype "^2.2.0" + domutils@^2.8.0: version "2.8.0" resolved "https://registry.npmjs.org/domutils/-/domutils-2.8.0.tgz#4437def5db6e2d1f5d6ee859bd95ca7d02048135" @@ -4391,7 +4434,7 @@ domutils@^2.8.0: domelementtype "^2.2.0" domhandler "^4.2.0" -domutils@^3.0.1: +"domutils@^3.0.1", "domutils@^3.1.0": version "3.1.0" resolved "https://registry.npmjs.org/domutils/-/domutils-3.1.0.tgz#c47f551278d3dc4b0b1ab8cbb42d751a6f0d824e" integrity sha512-H78uMmQtI2AhgDJjWeQmHwJJ2bLPD3GMmO7Zja/ZZh84wkm+4ut+IUnUdRa8uCGX88DiVx1j6FRe1XfxEgjEZA== @@ -4571,12 +4614,7 @@ entities@^2.0.0: resolved "https://registry.npmjs.org/entities/-/entities-2.2.0.tgz#098dc90ebb83d8dffa089d55256b351d34c4da55" integrity sha512-p92if5Nz619I0w+akJrLZH0MX0Pb5DX39XOwQTtXSdQQOaYH03S1uIQp4mhOZtAXrxq4ViO67YTiLBo2638o9A== -entities@^3.0.1: - version "3.0.1" - resolved "https://registry.npmjs.org/entities/-/entities-3.0.1.tgz#2b887ca62585e96db3903482d336c1006c3001d4" - integrity sha512-WiyBqoomrwMdFG1e0kqvASYfnlb0lp8M5o5Fw2OFq1hNZxxcNk8Ik0Xm7LxzBhuidnZB/UtBqVCgUz3kBOP51Q== - -"entities@^4.2.0", "entities@^4.4.0": +"entities@^4.2.0", "entities@^4.4.0", "entities@^4.5.0": version "4.5.0" resolved "https://registry.npmjs.org/entities/-/entities-4.5.0.tgz#5d268ea5e7113ec74c4d033b79ea5a35a488fb48" integrity sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw== @@ -4948,21 +4986,6 @@ execa@^1.0.0: signal-exit "^3.0.0" strip-eof "^1.0.0" -execa@^4.0.0: - version "4.1.0" - resolved "https://registry.npmjs.org/execa/-/execa-4.1.0.tgz#4e5491ad1572f2f17a77d388c6c857135b22847a" - integrity sha512-j5W0//W7f8UxAn8hXVnwG8tLwdiUy4FJLcSupCg6maBYZDpyBvTApK7KyuI4bKj8KOh1r2YH+6ucuYtJv1bTZA== - dependencies: - cross-spawn "^7.0.0" - get-stream "^5.0.0" - human-signals "^1.1.1" - is-stream "^2.0.0" - merge-stream "^2.0.0" - npm-run-path "^4.0.0" - onetime "^5.1.0" - signal-exit "^3.0.2" - strip-final-newline "^2.0.0" - execa@^6.0.0: version "6.1.0" resolved "https://registry.npmjs.org/execa/-/execa-6.1.0.tgz#cea16dee211ff011246556388effa0818394fb20" @@ -5221,7 +5244,7 @@ flat-cache@^3.0.4: resolved "https://registry.npmjs.org/flatted/-/flatted-3.2.7.tgz#609f39207cb614b89d0765b477cb2d437fbf9787" integrity sha512-5nqDSxl8nn5BSNxyR3n4I6eDmbolI6WT+QqR547RwxQapgjQBmtktdP+HTBb/a/zLsbzERTONyUB5pefh5TtjQ== -"follow-redirects@^1.0.0", "follow-redirects@^1.14.0": +"follow-redirects@^1.0.0", "follow-redirects@^1.15.0": version "1.15.2" resolved "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz#b460864144ba63f2681096f274c4e57026da2c13" integrity sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA== @@ -5241,6 +5264,15 @@ foreground-child@^3.1.0: cross-spawn "^7.0.0" signal-exit "^4.0.1" +form-data@^4.0.0: + version "4.0.0" + resolved "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz#93919daeaf361ee529584b9b31664dc12c9fa452" + integrity sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww== + dependencies: + asynckit "^0.4.0" + combined-stream "^1.0.8" + mime-types "^2.1.12" + fraction.js@^4.2.0: version "4.2.0" resolved "https://registry.npmjs.org/fraction.js/-/fraction.js-4.2.0.tgz#448e5109a313a3527f5a3ab2119ec4cf0e0e2950" @@ -5385,13 +5417,6 @@ get-stream@^4.0.0: dependencies: pump "^3.0.0" -get-stream@^5.0.0: - version "5.2.0" - resolved "https://registry.npmjs.org/get-stream/-/get-stream-5.2.0.tgz#4966a1795ee5ace65e706c4b7beb71257d6e22d3" - integrity sha512-nBF+F1rAZVCu/p7rjzgA+Yb4lfYXrpl7a6VmJrU8wF9I1CKvP/QwPNZHnOlwbTkY6dvtFIzFMSyQXbLoTQPRpA== - dependencies: - pump "^3.0.0" - get-stream@^6.0.1: version "6.0.1" resolved "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz#a262d8eef67aced57c2852ad6167526a43cbf7b7" @@ -5726,13 +5751,13 @@ hosted-git-info@^4.0.1: dependencies: lru-cache "^6.0.0" -html-dom-parser@1.2.0: - version "1.2.0" - resolved "https://registry.npmjs.org/html-dom-parser/-/html-dom-parser-1.2.0.tgz#8f689b835982ffbf245eda99730e92b8462c111e" - integrity sha512-2HIpFMvvffsXHFUFjso0M9LqM+1Lm22BF+Df2ba+7QHJXjk63pWChEnI6YG27eaWqUdfnh5/Vy+OXrNTtepRsg== +html-dom-parser@4.0.0: + version "4.0.0" + resolved "https://registry.npmjs.org/html-dom-parser/-/html-dom-parser-4.0.0.tgz#dc382fbbc9306f8c9b5aae4e3f2822e113a48709" + integrity sha512-TUa3wIwi80f5NF8CVWzkopBVqVAtlawUzJoLwVLHns0XSJGynss4jiY0mTWpiDOsuyw+afP+ujjMgRh9CoZcXw== dependencies: - domhandler "4.3.1" - htmlparser2 "7.2.0" + domhandler "5.0.3" + htmlparser2 "9.0.0" html-element-map@^1.2.0: version "1.3.1" @@ -5747,15 +5772,15 @@ html-escaper@^2.0.0: resolved "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz#dfd60027da36a36dfcbe236262c00a5822681453" integrity sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg== -html-react-parser@^1.2.7: - version "1.4.14" - resolved "https://registry.npmjs.org/html-react-parser/-/html-react-parser-1.4.14.tgz#577b7a90be0c61eebbbc488d914ad08398c79ef5" - integrity sha512-pxhNWGie8Y+DGDpSh8cTa0k3g8PsDcwlfolA+XxYo1AGDeB6e2rdlyv4ptU9bOTiZ2i3fID+6kyqs86MN0FYZQ== +html-react-parser@^4.2.0: + version "4.2.0" + resolved "https://registry.npmjs.org/html-react-parser/-/html-react-parser-4.2.0.tgz#9168eda80dbfe0335a87fde3fb3ed6c2e91b1188" + integrity sha512-gzU55AS+FI6qD7XaKe5BLuLFM2Xw0/LodfMWZlxV9uOHe7LCD5Lukx/EgYuBI3c0kLu0XlgFXnSzO0qUUn3Vrg== dependencies: - domhandler "4.3.1" - html-dom-parser "1.2.0" + domhandler "5.0.3" + html-dom-parser "4.0.0" react-property "2.0.0" - style-to-js "1.1.1" + style-to-js "1.1.3" html2canvas@^1.0.0-rc.7: version "1.4.1" @@ -5770,15 +5795,15 @@ htmlescape@^1.1.0: resolved "https://registry.npmjs.org/htmlescape/-/htmlescape-1.1.1.tgz#3a03edc2214bca3b66424a3e7959349509cb0351" integrity sha512-eVcrzgbR4tim7c7soKQKtxa/kQM4TzjnlU83rcZ9bHU6t31ehfV7SktN6McWgwPWg+JYMA/O3qpGxBvFq1z2Jg== -htmlparser2@7.2.0: - version "7.2.0" - resolved "https://registry.npmjs.org/htmlparser2/-/htmlparser2-7.2.0.tgz#8817cdea38bbc324392a90b1990908e81a65f5a5" - integrity sha512-H7MImA4MS6cw7nbyURtLPO1Tms7C5H602LRETv95z1MxO/7CP7rDVROehUYeYBUYEON94NXXDEPmZuq+hX4sog== +htmlparser2@9.0.0: + version "9.0.0" + resolved "https://registry.npmjs.org/htmlparser2/-/htmlparser2-9.0.0.tgz#e431142b7eeb1d91672742dea48af8ac7140cddb" + integrity sha512-uxbSI98wmFT/G4P2zXx4OVx04qWUmyFPrD2/CNepa2Zo3GPNaCaaxElDgwUrwYWkK1nr9fft0Ya8dws8coDLLQ== dependencies: - domelementtype "^2.0.1" - domhandler "^4.2.2" - domutils "^2.8.0" - entities "^3.0.1" + domelementtype "^2.3.0" + domhandler "^5.0.3" + domutils "^3.1.0" + entities "^4.5.0" htmlparser2@^8.0.1: version "8.0.2" @@ -5842,11 +5867,6 @@ https-proxy-agent@^5.0.0: agent-base 6 debug 4 -human-signals@^1.1.1: - version "1.1.1" - resolved "https://registry.npmjs.org/human-signals/-/human-signals-1.1.1.tgz#c5b1cd14f50aeae09ab6c59fe63ba3395fe4dfa3" - integrity sha512-SEQu7vl8KjNL2eoGBLF3+wAjpsNfA9XMlXAYj/3EdaNfAlxKthD1xjEQfGOUhllCGGJVNY34bRr6lPINhNjyZw== - human-signals@^3.0.1: version "3.0.1" resolved "https://registry.npmjs.org/human-signals/-/human-signals-3.0.1.tgz#c740920859dafa50e5a3222da9d3bf4bb0e5eef5" @@ -5919,17 +5939,6 @@ imagemin-optipng@^8.0.0: is-png "^2.0.0" optipng-bin "^7.0.0" -imagemin-pngquant@^9.0.2: - version "9.0.2" - resolved "https://registry.npmjs.org/imagemin-pngquant/-/imagemin-pngquant-9.0.2.tgz#38155702b0cc4f60f671ba7c2b086ea3805d9567" - integrity sha512-cj//bKo8+Frd/DM8l6Pg9pws1pnDUjgb7ae++sUX1kUVdv2nrngPykhiUOgFeE0LGY/LmUbCf4egCHC4YUcZSg== - dependencies: - execa "^4.0.0" - is-png "^2.0.0" - is-stream "^2.0.0" - ow "^0.17.0" - pngquant-bin "^6.0.0" - imagemin@^8.0.1: version "8.0.1" resolved "https://registry.npmjs.org/imagemin/-/imagemin-8.0.1.tgz#8b29ecb78197d8f0eac6a782f2e6b38fb3780d9e" @@ -6303,11 +6312,6 @@ is-shared-array-buffer@^1.0.2: resolved "https://registry.npmjs.org/is-stream/-/is-stream-1.1.0.tgz#12d4a3dd4e68e0b79ceb8dbc84173ae80d91ca44" integrity sha512-uQPm8kcs47jx38atAcWTVxyltQYoPT68y9aWYdV6yWXSyW8mzSat0TL6CiWdZeCdF3KrAvpVtnHbTv4RN+rqdQ== -is-stream@^2.0.0: - version "2.0.1" - resolved "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz#fac1e3d53b97ad5a9d0ae9cef2389f5810a5c077" - integrity sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg== - is-stream@^3.0.0: version "3.0.0" resolved "https://registry.npmjs.org/is-stream/-/is-stream-3.0.0.tgz#e6bfd7aa6bef69f4f472ce9bb681e3e57b4319ac" @@ -7408,7 +7412,7 @@ miller-rabin@^4.0.0: resolved "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz#bbabcdc02859f4987301c856e3387ce5ec43bf70" integrity sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg== -"mime-types@^2.1.27", "mime-types@~2.1.24", "mime-types@~2.1.34": +"mime-types@^2.1.12", "mime-types@^2.1.27", "mime-types@~2.1.24", "mime-types@~2.1.34": version "2.1.35" resolved "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz#381a871b62a734450660ae3deee44813f70d959a" integrity sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw== @@ -7420,11 +7424,6 @@ mime@^2.5.2: resolved "https://registry.npmjs.org/mime/-/mime-2.6.0.tgz#a2a682a95cd4d0cb1d6257e28f83da7e35800367" integrity sha512-USPkMeET31rOMiarsBNIHZKLGgvKc/LrjofAnBlOttf5ajRvqiRA8QsenbcooctK6d6Ts6aqZXBA+XbkKthiQg== -mimic-fn@^2.1.0: - version "2.1.0" - resolved "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz#7ed2c2ccccaf84d3ffcb7a69b57711fc2083401b" - integrity sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg== - mimic-fn@^4.0.0: version "4.0.0" resolved "https://registry.npmjs.org/mimic-fn/-/mimic-fn-4.0.0.tgz#60a90550d5cb0b239cca65d893b1a53b29871ecc" @@ -7829,13 +7828,6 @@ npm-run-path@^2.0.0: dependencies: path-key "^2.0.0" -npm-run-path@^4.0.0: - version "4.0.1" - resolved "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz#b7ecd1e5ed53da8e37a55e1c2269e0b97ed748ea" - integrity sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw== - dependencies: - path-key "^3.0.0" - npm-run-path@^5.1.0: version "5.1.0" resolved "https://registry.npmjs.org/npm-run-path/-/npm-run-path-5.1.0.tgz#bc62f7f3f6952d9894bd08944ba011a6ee7b7e00" @@ -7949,13 +7941,6 @@ on-finished@~2.3.0: dependencies: wrappy 1 -onetime@^5.1.0: - version "5.1.2" - resolved "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz#d0e96ebb56b07476df1dd9c4806e5237985ca45e" - integrity sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg== - dependencies: - mimic-fn "^2.1.0" - onetime@^6.0.0: version "6.0.0" resolved "https://registry.npmjs.org/onetime/-/onetime-6.0.0.tgz#7c24c18ed1fd2e9bca4bd26806a33613c77d34b4" @@ -8005,13 +7990,6 @@ os-shim@^0.1.3: resolved "https://registry.npmjs.org/os-shim/-/os-shim-0.1.3.tgz#6b62c3791cf7909ea35ed46e17658bb417cb3917" integrity sha512-jd0cvB8qQ5uVt0lvCIexBaROw1KyKm5sbulg2fWOHjETisuCzWyt+eTZKEMs8v6HwzoGs8xik26jg7eCM6pS+A== -ow@^0.17.0: - version "0.17.0" - resolved "https://registry.npmjs.org/ow/-/ow-0.17.0.tgz#4f938999fed6264c9048cd6254356e0f1e7f688c" - integrity sha512-i3keDzDQP5lWIe4oODyDFey1qVrq2hXKTuTH2VpqwpYtzPiKZt2ziRI4NBQmgW40AnV5Euz17OyWweCb+bNEQA== - dependencies: - type-fest "^0.11.0" - p-cancelable@^0.3.0: version "0.3.0" resolved "https://registry.npmjs.org/p-cancelable/-/p-cancelable-0.3.0.tgz#b9e123800bcebb7ac13a479be195b507b98d30fa" @@ -8212,7 +8190,7 @@ path-exists@^4.0.0: resolved "https://registry.npmjs.org/path-key/-/path-key-2.0.1.tgz#411cadb574c5a140d3a4b1910d40d80cc9f40b40" integrity sha512-fEHGKCSmUSDPv4uoj8AlD+joPlq3peND+HRYyxFz4KPw4z926S/b8rIuFs2FYJg3BwsxJf6A9/3eIdLaYC+9Dw== -"path-key@^3.0.0", "path-key@^3.1.0": +path-key@^3.1.0: version "3.1.1" resolved "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz#581f6ade658cbba65a0d3380de7753295054f375" integrity sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q== @@ -8332,15 +8310,6 @@ pinkie@^2.0.0: dependencies: find-up "^4.0.0" -pngquant-bin@^6.0.0: - version "6.0.1" - resolved "https://registry.npmjs.org/pngquant-bin/-/pngquant-bin-6.0.1.tgz#2b5789ca219eeb4d8509ab1ae082092801b7f07e" - integrity sha512-Q3PUyolfktf+hYio6wsg3SanQzEU/v8aICg/WpzxXcuCMRb7H2Q81okfpcEztbMvw25ILjd3a87doj2N9kvbpQ== - dependencies: - bin-build "^3.0.0" - bin-wrapper "^4.0.1" - execa "^4.0.0" - popper.js@1.16.1-lts: version "1.16.1-lts" resolved "https://registry.npmjs.org/popper.js/-/popper.js-1.16.1-lts.tgz#cf6847b807da3799d80ee3d6d2f90df8a3f50b05" @@ -8855,6 +8824,11 @@ proto-list@~1.2.1: resolved "https://registry.npmjs.org/proto-list/-/proto-list-1.2.4.tgz#212d5bfe1318306a420f6402b8e26ff39647a849" integrity sha512-vtK/94akxsTMhe0/cbfpR+syPuszcuwhqVjJq26CuNDgFGj682oRBXOP5MJpv2r7JtE8MsiepGIqvvOTBwn2vA== +proxy-from-env@^1.1.0: + version "1.1.0" + resolved "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz#e102f16ca355424865755d2c9e8ea4f24d58c3e2" + integrity sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg== + pseudomap@^1.0.2: version "1.0.2" resolved "https://registry.npmjs.org/pseudomap/-/pseudomap-1.0.2.tgz#f052a28da70e618917ef0a8ac34c1ae5a68286b3" @@ -9133,6 +9107,17 @@ re-resizable@6.9.6: dependencies: fast-memoize "^2.5.1" +react-arborist@^3.2.0: + version "3.2.0" + resolved "https://registry.npmjs.org/react-arborist/-/react-arborist-3.2.0.tgz#f17d726e7d18fcb1494b83ffadfecc8c9bda5dff" + integrity sha512-sjGL1KIRogwkM5uVifpp01yrfTcIHsm62Kbs78kBbPuksrnJPZ13SAqAqZeXVuyvO0Tbd7odExF/KoHtXHIZaQ== + dependencies: + react-dnd "^14.0.3" + react-dnd-html5-backend "^14.0.1" + react-window "^1.8.6" + redux "^4.1.1" + use-sync-external-store "^1.2.0" + react-aspen@^1.1.0: version "1.2.0" resolved "https://registry.npmjs.org/react-aspen/-/react-aspen-1.2.0.tgz#375fa82a8db627542fc8b9e6e421baa49a65ab95" @@ -9154,6 +9139,13 @@ react-checkbox-tree@^1.7.2: nanoid "^3.0.0" prop-types "^15.5.8" +react-dnd-html5-backend@^14.0.1: + version "14.1.0" + resolved "https://registry.npmjs.org/react-dnd-html5-backend/-/react-dnd-html5-backend-14.1.0.tgz#b35a3a0c16dd3a2bfb5eb7ec62cf0c2cace8b62f" + integrity sha512-6ONeqEC3XKVf4eVmMTe0oPds+c5B9Foyj8p/ZKLb7kL2qh9COYxiBHv3szd6gztqi/efkmriywLUVlPotqoJyw== + dependencies: + dnd-core "14.0.1" + react-dnd-html5-backend@^16.0.1: version "16.0.1" resolved "https://registry.npmjs.org/react-dnd-html5-backend/-/react-dnd-html5-backend-16.0.1.tgz#87faef15845d512a23b3c08d29ecfd34871688b6" @@ -9161,6 +9153,17 @@ react-dnd-html5-backend@^16.0.1: dependencies: dnd-core "^16.0.1" +react-dnd@^14.0.3: + version "14.0.5" + resolved "https://registry.npmjs.org/react-dnd/-/react-dnd-14.0.5.tgz#ecf264e220ae62e35634d9b941502f3fca0185ed" + integrity sha512-9i1jSgbyVw0ELlEVt/NkCUkxy1hmhJOkePoCH713u75vzHGyXhPDm28oLfc2NMSBjZRM1Y+wRjHXJT3sPrTy+A== + dependencies: + "@react-dnd/invariant" "^2.0.0" + "@react-dnd/shallowequal" "^2.0.0" + dnd-core "14.0.1" + fast-deep-equal "^3.1.3" + hoist-non-react-statics "^3.3.2" + react-dnd@^16.0.1: version "16.0.1" resolved "https://registry.npmjs.org/react-dnd/-/react-dnd-16.0.1.tgz#2442a3ec67892c60d40a1559eef45498ba26fa37" @@ -9319,7 +9322,7 @@ react-virtualized-auto-sizer@^1.0.6: resolved "https://registry.npmjs.org/react-virtualized-auto-sizer/-/react-virtualized-auto-sizer-1.0.20.tgz#d9a907253a7c221c52fa57dc775a6ef40c182645" integrity sha512-OdIyHwj4S4wyhbKHOKM1wLSj/UDXm839Z3Cvfg2a9j+He6yDa6i5p0qQvEiCnyQlGO/HyfSnigQwuxvYalaAXA== -"react-window@^1.3.1", "react-window@^1.8.5": +"react-window@^1.3.1", "react-window@^1.8.5", "react-window@^1.8.6": version "1.8.9" resolved "https://registry.npmjs.org/react-window/-/react-window-1.8.9.tgz#24bc346be73d0468cdf91998aac94e32bc7fa6a8" integrity sha512-+Eqx/fj1Aa5WnhRfj9dJg4VYATGwIUP2ItwItiJ6zboKWA6EX3lYDAXfGF2hyNqplEprhbtjbipiADEcwQ823Q== @@ -9422,7 +9425,7 @@ redent@^4.0.0: indent-string "^5.0.0" strip-indent "^4.0.0" -redux@^4.2.0: +"redux@^4.1.1", "redux@^4.2.0": version "4.2.1" resolved "https://registry.npmjs.org/redux/-/redux-4.2.1.tgz#c08f4306826c49b5e9dc901dee0452ea8fce6197" integrity sha512-LAUYz4lc+Do8/g7aeRa8JkyDErK6ekstQaqWQrNRW//MY1TvCEpMtpTWvlQ+FPbWCx+Xixu/6SHt5N0HR+SB4w== @@ -9851,7 +9854,7 @@ side-channel@^1.0.4: get-intrinsic "^1.0.2" object-inspect "^1.9.0" -"signal-exit@^3.0.0", "signal-exit@^3.0.2", "signal-exit@^3.0.7": +"signal-exit@^3.0.0", "signal-exit@^3.0.7": version "3.0.7" resolved "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz#a9a1767f8af84155114eaabd73f99273c8f59ad9" integrity sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ== @@ -10235,11 +10238,6 @@ strip-eof@^1.0.0: resolved "https://registry.npmjs.org/strip-eof/-/strip-eof-1.0.0.tgz#bb43ff5598a6eb05d89b59fcd129c983313606bf" integrity sha512-7FCwGGmx8mD5xQd3RPUvnSpUXHM3BWuzjtpD4TXsfcZ9EL4azvVVUscFYwD9nx8Kh+uCBC00XBtAykoMHwTh8Q== -strip-final-newline@^2.0.0: - version "2.0.0" - resolved "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz#89b852fb2fcbe936f6f4b3187afb0a12c1ab58ad" - integrity sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA== - strip-final-newline@^3.0.0: version "3.0.0" resolved "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-3.0.0.tgz#52894c313fbff318835280aed60ff71ebf12b8fd" @@ -10277,17 +10275,17 @@ style-loader@^3.3.2: resolved "https://registry.npmjs.org/style-loader/-/style-loader-3.3.3.tgz#bba8daac19930169c0c9c96706749a597ae3acff" integrity sha512-53BiGLXAcll9maCYtZi2RCQZKa8NQQai5C4horqKyRmHj9H7QmcUyucrH+4KW/gBQbXM2AsB0axoEcFZPlfPcw== -style-to-js@1.1.1: - version "1.1.1" - resolved "https://registry.npmjs.org/style-to-js/-/style-to-js-1.1.1.tgz#417786986cda61d4525c80aed9d1123a6a7af9b8" - integrity sha512-RJ18Z9t2B02sYhZtfWKQq5uplVctgvjTfLWT7+Eb1zjUjIrWzX5SdlkwLGQozrqarTmEzJJ/YmdNJCUNI47elg== +style-to-js@1.1.3: + version "1.1.3" + resolved "https://registry.npmjs.org/style-to-js/-/style-to-js-1.1.3.tgz#2012d75dc89bf400edc29c545ed61c8626b00184" + integrity sha512-zKI5gN/zb7LS/Vm0eUwjmjrXWw8IMtyA8aPBJZdYiQTXj4+wQ3IucOLIOnF7zCHxvW8UhIGh/uZh/t9zEHXNTQ== dependencies: - style-to-object "0.3.0" + style-to-object "0.4.1" -style-to-object@0.3.0: - version "0.3.0" - resolved "https://registry.npmjs.org/style-to-object/-/style-to-object-0.3.0.tgz#b1b790d205991cc783801967214979ee19a76e46" - integrity sha512-CzFnRRXhzWIdItT3OmF8SQfWyahHhjq3HwcMNCNLn+N7klOOqPjMeG/4JSu77D7ypZdGvSzvkrbyeTMizz2VrA== +style-to-object@0.4.1: + version "0.4.1" + resolved "https://registry.npmjs.org/style-to-object/-/style-to-object-0.4.1.tgz#53cf856f7cf7f172d72939d9679556469ba5de37" + integrity sha512-HFpbb5gr2ypci7Qw+IOhnP2zOU7e77b+rzM+wTzXzfi1PrtBCX0E7Pk4wL4iTLnhzZ+JgEGAhX81ebTg/aYjQw== dependencies: inline-style-parser "0.1.1" @@ -10691,11 +10689,6 @@ tunnel-agent@^0.6.0: dependencies: prelude-ls "^1.2.1" -type-fest@^0.11.0: - version "0.11.0" - resolved "https://registry.npmjs.org/type-fest/-/type-fest-0.11.0.tgz#97abf0872310fed88a5c466b25681576145e33f1" - integrity sha512-OdjXJxnCN1AvyLSzeKIgXTXxV+99ZuXl3Hpo9XpJAv9MBcHrrJOQ5kV7ypXOuQie+AmWG25hLbiKdwYTifzcfQ== - type-fest@^0.20.2: version "0.20.2" resolved "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz#1bf207f4b28f91583666cb5fbd327887301cd5f4" @@ -10905,6 +10898,11 @@ use-isomorphic-layout-effect@^1.1.2: resolved "https://registry.npmjs.org/use-isomorphic-layout-effect/-/use-isomorphic-layout-effect-1.1.2.tgz#497cefb13d863d687b08477d9e5a164ad8c1a6fb" integrity sha512-49L8yCO3iGT/ZF9QttjwLF/ZD9Iwto5LnH5LmEdk/6cFmXddqi2ulF0edxTwjj+7mqvpVVGQWvbXZdn32wRSHA== +use-sync-external-store@^1.2.0: + version "1.2.0" + resolved "https://registry.npmjs.org/use-sync-external-store/-/use-sync-external-store-1.2.0.tgz#7dbefd6ef3fe4e767a0cf5d7287aacfb5846928a" + integrity sha512-eEgnFxGQ1Ife9bzYs6VLi8/4X6CObHMw9Qr9tPY43iKwsPw8xE8+EFsf/2cFZ5S3esXgpWgtSCtLNS41F+sKPA== + "util-deprecate@^1.0.1", "util-deprecate@^1.0.2", "util-deprecate@~1.0.1": version "1.0.2" resolved "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf" diff --git a/pkgs/tools/admin/stripe-cli/default.nix b/pkgs/tools/admin/stripe-cli/default.nix index 45fdbff603213..3fc6a6dba776e 100644 --- a/pkgs/tools/admin/stripe-cli/default.nix +++ b/pkgs/tools/admin/stripe-cli/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "stripe-cli"; - version = "1.17.2"; + version = "1.18.0"; src = fetchFromGitHub { owner = "stripe"; repo = pname; rev = "v${version}"; - hash = "sha256-MzzjrGtqbtZMvfL7dPAsKHF2ZTneSdtDuwHQQcyrQDw="; + hash = "sha256-1AdR0PHAhrMbeCD5zNsU9JoXInQD+qUIYfveBD60wR0="; }; vendorHash = "sha256-DYA6cu2KzEBZ4wsT7wjcdY1endQQOZlj2aOwu6iGLew="; diff --git a/pkgs/tools/graphics/wdisplays/default.nix b/pkgs/tools/graphics/wdisplays/default.nix index b05aa13ea6010..9c7093b58f85e 100644 --- a/pkgs/tools/graphics/wdisplays/default.nix +++ b/pkgs/tools/graphics/wdisplays/default.nix @@ -1,24 +1,20 @@ { lib, stdenv, fetchFromGitHub, meson, ninja, pkg-config, gtk3, libepoxy, wayland, wrapGAppsHook }: -stdenv.mkDerivation rec { +stdenv.mkDerivation (finalAttrs: { pname = "wdisplays"; - version = "unstable-2021-04-03"; + version = "1.1.1"; nativeBuildInputs = [ meson ninja pkg-config wrapGAppsHook ]; buildInputs = [ gtk3 libepoxy wayland ]; src = fetchFromGitHub { - owner = "luispabon"; + owner = "artizirk"; repo = "wdisplays"; - rev = "7f2eac0d2aa81b5f495da7950fd5a94683f7868e"; - sha256 = "sha256-cOF3+T34zPro58maWUouGG+vlLm2C5NfcH7PZhSvApE="; + rev = finalAttrs.version; + sha256 = "sha256-dtvP930ChiDRT60xq6xBDU6k+zHnkrAkxkKz2FxlzRs="; }; - patchPhase = '' - substituteInPlace ./resources/wdisplays.desktop.in --replace "@app_id@" "wdisplays" - ''; - meta = with lib; { description = "A graphical application for configuring displays in Wayland compositors"; homepage = "https://github.com/luispabon/wdisplays"; @@ -27,4 +23,4 @@ stdenv.mkDerivation rec { platforms = platforms.linux; mainProgram = "wdisplays"; }; -} +}) diff --git a/pkgs/tools/misc/fd/default.nix b/pkgs/tools/misc/fd/default.nix index 0f78b752de00b..23e00e00363ce 100644 --- a/pkgs/tools/misc/fd/default.nix +++ b/pkgs/tools/misc/fd/default.nix @@ -1,4 +1,4 @@ -{ lib, rustPlatform, fetchFromGitHub, installShellFiles, testers, fd }: +{ lib, rustPlatform, fetchFromGitHub, installShellFiles, rust-jemalloc-sys, testers, fd }: rustPlatform.buildRustPackage rec { pname = "fd"; @@ -15,6 +15,8 @@ rustPlatform.buildRustPackage rec { nativeBuildInputs = [ installShellFiles ]; + buildInputs = [ rust-jemalloc-sys ]; + # skip flaky test checkFlags = [ "--skip=test_owner_current_group" diff --git a/pkgs/tools/misc/progress/default.nix b/pkgs/tools/misc/progress/default.nix index 94eeace1dc2e6..2a8dc99260179 100644 --- a/pkgs/tools/misc/progress/default.nix +++ b/pkgs/tools/misc/progress/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "progress"; - version = "0.16"; + version = "0.17"; src = fetchFromGitHub { owner = "Xfennec"; repo = "progress"; rev = "v${version}"; - sha256 = "sha256-kkEyflyBaQ5hUVo646NUuC1u54uzLJJsVFej9pMEwT0="; + sha256 = "sha256-riewkageSZIlwDNMjYep9Pb2q1GJ+WMXazokJGbb4bE="; }; nativeBuildInputs = [ pkg-config which ]; diff --git a/pkgs/tools/misc/tbls/default.nix b/pkgs/tools/misc/tbls/default.nix index 5b2d160971641..de880c201446d 100644 --- a/pkgs/tools/misc/tbls/default.nix +++ b/pkgs/tools/misc/tbls/default.nix @@ -7,16 +7,16 @@ buildGoModule rec { pname = "tbls"; - version = "1.68.2"; + version = "1.70.2"; src = fetchFromGitHub { owner = "k1LoW"; repo = "tbls"; rev = "v${version}"; - hash = "sha256-yDWAKkzRb487iZ+5tmIH1qfuHj0TldOT+tTQwtVyX7s="; + hash = "sha256-LSICkg99veFHLmdcQZmnyfTbdqx7k2XI13W7Cjuj3qA="; }; - vendorHash = "sha256-V6TF7Q+9XxBeSVXlotu8tUrNCWDr80BZsQcVSBGikl8="; + vendorHash = "sha256-84h+LQzk/xy/Gapy7IxB8IPvsVGRsJP7udd9HhLskew="; CGO_CFLAGS = [ "-Wno-format-security" ]; diff --git a/pkgs/tools/misc/turbo/default.nix b/pkgs/tools/misc/turbo/default.nix index f3fcd8cd0f306..c887fdc131c22 100644 --- a/pkgs/tools/misc/turbo/default.nix +++ b/pkgs/tools/misc/turbo/default.nix @@ -12,6 +12,7 @@ , openssl , extra-cmake-modules , fontconfig +, rust-jemalloc-sys , testers , turbo , nix-update-script @@ -149,6 +150,7 @@ rustPlatform.buildRustPackage { buildInputs = [ openssl fontconfig + rust-jemalloc-sys ] ++ lib.optionals stdenv.isDarwin [ IOKit CoreServices diff --git a/pkgs/tools/misc/vector/default.nix b/pkgs/tools/misc/vector/default.nix index b1fd29e746734..c50d136d051ea 100644 --- a/pkgs/tools/misc/vector/default.nix +++ b/pkgs/tools/misc/vector/default.nix @@ -8,6 +8,7 @@ , rdkafka , oniguruma , zstd +, rust-jemalloc-sys , Security , libiconv , coreutils @@ -59,7 +60,7 @@ rustPlatform.buildRustPackage { }; }; nativeBuildInputs = [ pkg-config cmake perl git rustPlatform.bindgenHook ]; - buildInputs = [ oniguruma openssl protobuf rdkafka zstd ] + buildInputs = [ oniguruma openssl protobuf rdkafka zstd rust-jemalloc-sys ] ++ lib.optionals stdenv.isDarwin [ Security libiconv coreutils CoreServices ]; # needed for internal protobuf c wrapper library diff --git a/pkgs/tools/networking/sish/default.nix b/pkgs/tools/networking/sish/default.nix index 0bcf6bff9431d..aa64767cc3fe0 100644 --- a/pkgs/tools/networking/sish/default.nix +++ b/pkgs/tools/networking/sish/default.nix @@ -7,16 +7,16 @@ buildGoModule rec { pname = "sish"; - version = "2.9.2"; + version = "2.11.0"; src = fetchFromGitHub { owner = "antoniomika"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-6PCZtiXsDQfPZFw3r1n3rwgxigSnWgggHXzZdBT/fxA="; + hash = "sha256-dNwSMDEt142A0rP212bWBZSX2zhYgL94EJymOvegTa8="; }; - vendorHash = "sha256-RnvkEUvL/bQTTTlg0RF0xjjvVniltequNKRD3z0H3O8="; + vendorHash = "sha256-XtN2RgegmKR/RDFBbHn9kpI1BxmF7jfu7LAwPVaAvEk="; ldflags = [ "-s" diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 76520771a9229..2933463579ed1 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -22283,6 +22283,9 @@ with pkgs; jemalloc = callPackage ../development/libraries/jemalloc { }; + rust-jemalloc-sys = callPackage ../development/libraries/jemalloc/rust.nix { }; + rust-jemalloc-sys-unprefixed = rust-jemalloc-sys.override { unprefixed = true; }; + jose = callPackage ../development/libraries/jose { }; jpcre2 = callPackage ../development/libraries/jpcre2 { }; diff --git a/pkgs/top-level/perl-packages.nix b/pkgs/top-level/perl-packages.nix index 82b716b4aff54..425ece6b7beea 100644 --- a/pkgs/top-level/perl-packages.nix +++ b/pkgs/top-level/perl-packages.nix @@ -5024,12 +5024,12 @@ with self; { CryptPassphraseBcrypt = buildPerlPackage { pname = "Crypt-Passphrase-Bcrypt"; - version = "0.001"; + version = "0.007"; src = fetchurl { - url = "mirror://cpan/authors/id/L/LE/LEONT/Crypt-Passphrase-Bcrypt-0.001.tar.gz"; - hash = "sha256-M44nA4RH/eAjznyaC1dPR+4zeQRKDAgxrJRx8UMNxMU="; + url = "mirror://cpan/authors/id/L/LE/LEONT/Crypt-Passphrase-Bcrypt-0.007.tar.gz"; + hash = "sha256-/k1NHTm9TxODQaJZUFzhE3EnCnZ8nndH90H7dGH9sA8="; }; - propagatedBuildInputs = [ CryptEksblowfish CryptPassphrase ]; + propagatedBuildInputs = [ CryptBcrypt CryptPassphrase ]; meta = { description = "A bcrypt encoder for Crypt::Passphrase"; homepage = "https://github.com/Leont/crypt-passphrase-bcrypt"; diff --git a/pkgs/top-level/python-aliases.nix b/pkgs/top-level/python-aliases.nix index 56314f57f07b0..66be4900a11b1 100644 --- a/pkgs/top-level/python-aliases.nix +++ b/pkgs/top-level/python-aliases.nix @@ -354,6 +354,7 @@ mapAliases ({ qiskit-aqua = throw "qiskit-aqua has been removed due to deprecation, with its functionality moved to different qiskit packages"; rabbitpy = throw "rabbitpy has been removed, since it is unmaintained and broken"; # added 2023-07-01 rdflib-jsonld = throw "rdflib-jsonld is not compatible with rdflib 6"; # added 2021-11-05 + recaptcha_client = throw "recaptcha_client has been removed since it is no longer maintained"; # added 2023-10-20 rednose = throw "rednose is no longer maintained (since February 2018)"; # added 2023-08-06 retworkx = rustworkx; # added 2023-05-14 repeated_test = repeated-test; # added 2022-11-15 diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 51317d3dbaacc..16b5bb4feecd9 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -12048,8 +12048,6 @@ self: super: with self; { rebulk = callPackage ../development/python-modules/rebulk { }; - recaptcha_client = callPackage ../development/python-modules/recaptcha_client { }; - recipe-scrapers = callPackage ../development/python-modules/recipe-scrapers { }; recline = callPackage ../development/python-modules/recline { }; |