diff options
88 files changed, 1402 insertions, 781 deletions
diff --git a/lib/attrsets.nix b/lib/attrsets.nix index 9b4a8684f9b73..99b6869184534 100644 --- a/lib/attrsets.nix +++ b/lib/attrsets.nix @@ -14,6 +14,14 @@ rec { /* Return an attribute from nested attribute sets. + Nix has an [attribute selection operator `. or`](https://nixos.org/manual/nix/stable/language/operators#attribute-selection) which is sufficient for such queries, as long as the number of attributes is static. For example: + + ```nix + (x.a.b or 6) == attrByPath ["a" "b"] 6 x + # and + (x.${f p}."example.com" or 6) == attrByPath [ (f p) "example.com" ] 6 x + ``` + Example: x = { a = { b = 3; }; } # ["a" "b"] is equivalent to x.a.b @@ -51,6 +59,14 @@ rec { /* Return if an attribute from nested attribute set exists. + Nix has a [has attribute operator `?`](https://nixos.org/manual/nix/stable/language/operators#has-attribute), which is sufficient for such queries, as long as the number of attributes is static. For example: + + ```nix + (x?a.b) == hasAttryByPath ["a" "b"] x + # and + (x?${f p}."example.com") == hasAttryByPath [ (f p) "example.com" ] x + ``` + **Laws**: 1. ```nix hasAttrByPath [] x == true @@ -177,6 +193,14 @@ rec { /* Like `attrByPath`, but without a default value. If it doesn't find the path it will throw an error. + Nix has an [attribute selection operator](https://nixos.org/manual/nix/stable/language/operators#attribute-selection) which is sufficient for such queries, as long as the number of attributes is static. For example: + + ```nix + x.a.b == getAttrByPath ["a" "b"] x + # and + x.${f p}."example.com" == getAttrByPath [ (f p) "example.com" ] x + ``` + Example: x = { a = { b = 3; }; } getAttrFromPath ["a" "b"] x diff --git a/lib/meta.nix b/lib/meta.nix index 1a43016d27c44..5d5f71d6c3cba 100644 --- a/lib/meta.nix +++ b/lib/meta.nix @@ -4,8 +4,8 @@ { lib }: let - inherit (lib) matchAttrs any all; - inherit (builtins) isString; + inherit (lib) matchAttrs any all isDerivation getBin assertMsg; + inherit (builtins) isString match typeOf; in rec { @@ -154,16 +154,12 @@ rec { getExe pkgs.mustache-go => "/nix/store/am9ml4f4ywvivxnkiaqwr0hyxka1xjsf-mustache-go-1.3.0/bin/mustache" */ - getExe = x: - let - y = x.meta.mainProgram or ( - # This could be turned into an error when 23.05 is at end of life - lib.warn "getExe: Package ${lib.strings.escapeNixIdentifier x.meta.name or x.pname or x.name} does not have the meta.mainProgram attribute. We'll assume that the main program has the same name for now, but this behavior is deprecated, because it leads to surprising errors when the assumption does not hold. If the package has a main program, please set `meta.mainProgram` in its definition to make this warning go away. Otherwise, if the package does not have a main program, or if you don't control its definition, use getExe' to specify the name to the program, such as lib.getExe' foo \"bar\"." - lib.getName - x - ); - in - getExe' x y; + getExe = x: getExe' x (x.meta.mainProgram or ( + # This could be turned into an error when 23.05 is at end of life + lib.warn "getExe: Package ${lib.strings.escapeNixIdentifier x.meta.name or x.pname or x.name} does not have the meta.mainProgram attribute. We'll assume that the main program has the same name for now, but this behavior is deprecated, because it leads to surprising errors when the assumption does not hold. If the package has a main program, please set `meta.mainProgram` in its definition to make this warning go away. Otherwise, if the package does not have a main program, or if you don't control its definition, use getExe' to specify the name to the program, such as lib.getExe' foo \"bar\"." + lib.getName + x + )); /* Get the path of a program of a derivation. @@ -175,11 +171,11 @@ rec { => "/nix/store/5rs48jamq7k6sal98ymj9l4k2bnwq515-imagemagick-7.1.1-15/bin/convert" */ getExe' = x: y: - assert lib.assertMsg (lib.isDerivation x) - "lib.meta.getExe': The first argument is of type ${builtins.typeOf x}, but it should be a derivation instead."; - assert lib.assertMsg (lib.isString y) - "lib.meta.getExe': The second argument is of type ${builtins.typeOf y}, but it should be a string instead."; - assert lib.assertMsg (builtins.length (lib.splitString "/" y) == 1) - "lib.meta.getExe': The second argument \"${y}\" is a nested path with a \"/\" character, but it should just be the name of the executable instead."; - "${lib.getBin x}/bin/${y}"; + assert assertMsg (isDerivation x) + "lib.meta.getExe': The first argument is of type ${typeOf x}, but it should be a derivation instead."; + assert assertMsg (isString y) + "lib.meta.getExe': The second argument is of type ${typeOf y}, but it should be a string instead."; + assert assertMsg (match ".*\/.*" y == null) + "lib.meta.getExe': The second argument \"${y}\" is a nested path with a \"/\" character, but it should just be the name of the executable instead."; + "${getBin x}/bin/${y}"; } diff --git a/lib/path/default.nix b/lib/path/default.nix index ab8a9e2202e95..e6b385c0aee0c 100644 --- a/lib/path/default.nix +++ b/lib/path/default.nix @@ -9,6 +9,7 @@ let split match typeOf + storeDir ; inherit (lib.lists) @@ -24,6 +25,8 @@ let drop ; + listHasPrefix = lib.lists.hasPrefix; + inherit (lib.strings) concatStringsSep substring @@ -120,6 +123,28 @@ let else recurse ([ (baseNameOf base) ] ++ components) (dirOf base); in recurse []; + # The components of the store directory, typically [ "nix" "store" ] + storeDirComponents = splitRelPath ("./" + storeDir); + # The number of store directory components, typically 2 + storeDirLength = length storeDirComponents; + + # Type: [ String ] -> Bool + # + # Whether path components have a store path as a prefix, according to + # https://nixos.org/manual/nix/stable/store/store-path.html#store-path. + componentsHaveStorePathPrefix = components: + # path starts with the store directory (typically /nix/store) + listHasPrefix storeDirComponents components + # is not the store directory itself, meaning there's at least one extra component + && storeDirComponents != components + # and the first component after the store directory has the expected format. + # NOTE: We could change the hash regex to be [0-9a-df-np-sv-z], + # because these are the actual ASCII characters used by Nix's base32 implementation, + # but this is not fully specified, so let's tie this too much to the currently implemented concept of store paths. + # Similar reasoning applies to the validity of the name part. + # We care more about discerning store path-ness on realistic values. Making it airtight would be fragile and slow. + && match ".{32}-.+" (elemAt components storeDirLength) != null; + in /* No rec! Add dependencies on this file at the top. */ { /* @@ -322,6 +347,62 @@ in /* No rec! Add dependencies on this file at the top. */ { }; /* + Whether a [path](https://nixos.org/manual/nix/stable/language/values.html#type-path) + has a [store path](https://nixos.org/manual/nix/stable/store/store-path.html#store-path) + as a prefix. + + :::{.note} + As with all functions of this `lib.path` library, it does not work on paths in strings, + which is how you'd typically get store paths. + + Instead, this function only handles path values themselves, + which occur when Nix files in the store use relative path expressions. + ::: + + Type: + hasStorePathPrefix :: Path -> Bool + + Example: + # Subpaths of derivation outputs have a store path as a prefix + hasStorePathPrefix /nix/store/nvl9ic0pj1fpyln3zaqrf4cclbqdfn1j-foo/bar/baz + => true + + # The store directory itself is not a store path + hasStorePathPrefix /nix/store + => false + + # Derivation outputs are store paths themselves + hasStorePathPrefix /nix/store/nvl9ic0pj1fpyln3zaqrf4cclbqdfn1j-foo + => true + + # Paths outside the Nix store don't have a store path prefix + hasStorePathPrefix /home/user + => false + + # Not all paths under the Nix store are store paths + hasStorePathPrefix /nix/store/.links/10gg8k3rmbw8p7gszarbk7qyd9jwxhcfq9i6s5i0qikx8alkk4hq + => false + + # Store derivations are also store paths themselves + hasStorePathPrefix /nix/store/nvl9ic0pj1fpyln3zaqrf4cclbqdfn1j-foo.drv + => true + */ + hasStorePathPrefix = path: + let + deconstructed = deconstructPath path; + in + assert assertMsg + (isPath path) + "lib.path.hasStorePathPrefix: Argument is of type ${typeOf path}, but a path was expected"; + assert assertMsg + # This function likely breaks or needs adjustment if used with other filesystem roots, if they ever get implemented. + # Let's try to error nicely in such a case, though it's unclear how an implementation would work even and whether this could be detected. + # See also https://github.com/NixOS/nix/pull/6530#discussion_r1422843117 + (deconstructed.root == /. && toString deconstructed.root == "/") + "lib.path.hasStorePathPrefix: Argument has a filesystem root (${toString deconstructed.root}) that's not /, which is currently not supported."; + componentsHaveStorePathPrefix deconstructed.components; + + /* Whether a value is a valid subpath string. A subpath string points to a specific file or directory within an absolute base directory. diff --git a/lib/path/tests/unit.nix b/lib/path/tests/unit.nix index bad6560f13a98..9b0a0b2714aab 100644 --- a/lib/path/tests/unit.nix +++ b/lib/path/tests/unit.nix @@ -3,7 +3,10 @@ { libpath }: let lib = import libpath; - inherit (lib.path) hasPrefix removePrefix append splitRoot subpath; + inherit (lib.path) hasPrefix removePrefix append splitRoot hasStorePathPrefix subpath; + + # This is not allowed generally, but we're in the tests here, so we'll allow ourselves. + storeDirPath = /. + builtins.storeDir; cases = lib.runTests { # Test examples from the lib.path.append documentation @@ -91,6 +94,31 @@ let expected = false; }; + testHasStorePathPrefixExample1 = { + expr = hasStorePathPrefix (storeDirPath + "/nvl9ic0pj1fpyln3zaqrf4cclbqdfn1j-foo/bar/baz"); + expected = true; + }; + testHasStorePathPrefixExample2 = { + expr = hasStorePathPrefix storeDirPath; + expected = false; + }; + testHasStorePathPrefixExample3 = { + expr = hasStorePathPrefix (storeDirPath + "/nvl9ic0pj1fpyln3zaqrf4cclbqdfn1j-foo"); + expected = true; + }; + testHasStorePathPrefixExample4 = { + expr = hasStorePathPrefix /home/user; + expected = false; + }; + testHasStorePathPrefixExample5 = { + expr = hasStorePathPrefix (storeDirPath + "/.links/10gg8k3rmbw8p7gszarbk7qyd9jwxhcfq9i6s5i0qikx8alkk4hq"); + expected = false; + }; + testHasStorePathPrefixExample6 = { + expr = hasStorePathPrefix (storeDirPath + "/nvl9ic0pj1fpyln3zaqrf4cclbqdfn1j-foo.drv"); + expected = true; + }; + # Test examples from the lib.path.subpath.isValid documentation testSubpathIsValidExample1 = { expr = subpath.isValid null; diff --git a/lib/systems/default.nix b/lib/systems/default.nix index 9eec21cbf21b9..6137d47e91a2a 100644 --- a/lib/systems/default.nix +++ b/lib/systems/default.nix @@ -89,6 +89,13 @@ rec { # is why we use the more obscure "bfd" and not "binutils" for this # choice. else "bfd"; + # The standard lib directory name that non-nixpkgs binaries distributed + # for this platform normally assume. + libDir = if final.isLinux then + if final.isx86_64 || final.isMips64 || final.isPower64 + then "lib64" + else "lib" + else null; extensions = lib.optionalAttrs final.hasSharedLibraries { sharedLibrary = if final.isDarwin then ".dylib" diff --git a/nixos/doc/manual/release-notes/rl-2405.section.md b/nixos/doc/manual/release-notes/rl-2405.section.md index 7658a60660f82..56008da37e249 100644 --- a/nixos/doc/manual/release-notes/rl-2405.section.md +++ b/nixos/doc/manual/release-notes/rl-2405.section.md @@ -10,6 +10,10 @@ In addition to numerous new and upgraded packages, this release has the followin - `screen`'s module has been cleaned, and will now require you to set `programs.screen.enable` in order to populate `screenrc` and add the program to the environment. +- NixOS now installs a stub ELF loader that prints an informative error message when users attempt to run binaries not made for NixOS. + - This can be disabled through the `environment.stub-ld.enable` option. + - If you use `programs.nix-ld.enable`, no changes are needed. The stub will be disabled automatically. + ## New Services {#sec-release-24.05-new-services} <!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. --> diff --git a/nixos/modules/config/ldso.nix b/nixos/modules/config/ldso.nix new file mode 100644 index 0000000000000..e5ae13a21145f --- /dev/null +++ b/nixos/modules/config/ldso.nix @@ -0,0 +1,58 @@ +{ config, lib, pkgs, ... }: + +let + inherit (lib) last splitString mkOption types mdDoc optionals; + + libDir = pkgs.stdenv.hostPlatform.libDir; + ldsoBasename = last (splitString "/" pkgs.stdenv.cc.bintools.dynamicLinker); + + pkgs32 = pkgs.pkgsi686Linux; + libDir32 = pkgs32.stdenv.hostPlatform.libDir; + ldsoBasename32 = last (splitString "/" pkgs32.stdenv.cc.bintools.dynamicLinker); +in { + options = { + environment.ldso = mkOption { + type = types.nullOr types.path; + default = null; + description = mdDoc '' + The executable to link into the normal FHS location of the ELF loader. + ''; + }; + + environment.ldso32 = mkOption { + type = types.nullOr types.path; + default = null; + description = mdDoc '' + The executable to link into the normal FHS location of the 32-bit ELF loader. + + This currently only works on x86_64 architectures. + ''; + }; + }; + + config = { + assertions = [ + { assertion = isNull config.environment.ldso32 || pkgs.stdenv.isx86_64; + message = "Option environment.ldso32 currently only works on x86_64."; + } + ]; + + systemd.tmpfiles.rules = ( + if isNull config.environment.ldso then [ + "r /${libDir}/${ldsoBasename} - - - - -" + ] else [ + "d /${libDir} 0755 root root - -" + "L+ /${libDir}/${ldsoBasename} - - - - ${config.environment.ldso}" + ] + ) ++ optionals pkgs.stdenv.isx86_64 ( + if isNull config.environment.ldso32 then [ + "r /${libDir32}/${ldsoBasename32} - - - - -" + ] else [ + "d /${libDir32} 0755 root root - -" + "L+ /${libDir32}/${ldsoBasename32} - - - - ${config.environment.ldso32}" + ] + ); + }; + + meta.maintainers = with lib.maintainers; [ tejing ]; +} diff --git a/nixos/modules/config/stub-ld.nix b/nixos/modules/config/stub-ld.nix new file mode 100644 index 0000000000000..14c07466d0611 --- /dev/null +++ b/nixos/modules/config/stub-ld.nix @@ -0,0 +1,56 @@ +{ config, lib, pkgs, ... }: + +let + inherit (lib) optionalString mkOption types mdDoc mkIf mkDefault; + + cfg = config.environment.stub-ld; + + message = '' + NixOS cannot run dynamically linked executables intended for generic + linux environments out of the box. For more information, see: + https://nix.dev/permalink/stub-ld + ''; + + stub-ld-for = pkgsArg: messageArg: pkgsArg.pkgsStatic.runCommandCC "stub-ld" { + nativeBuildInputs = [ pkgsArg.unixtools.xxd ]; + inherit messageArg; + } '' + printf "%s" "$messageArg" | xxd -i -n message >main.c + cat <<EOF >>main.c + #include <stdio.h> + int main(int argc, char * argv[]) { + fprintf(stderr, "Could not start dynamically linked executable: %s\n", argv[0]); + fwrite(message, sizeof(unsigned char), message_len, stderr); + return 127; // matches behavior of bash and zsh without a loader. fish uses 139 + } + EOF + $CC -Os main.c -o $out + ''; + + pkgs32 = pkgs.pkgsi686Linux; + + stub-ld = stub-ld-for pkgs message; + stub-ld32 = stub-ld-for pkgs32 message; +in { + options = { + environment.stub-ld = { + enable = mkOption { + type = types.bool; + default = true; + example = false; + description = mdDoc '' + Install a stub ELF loader to print an informative error message + in the event that a user attempts to run an ELF binary not + compiled for NixOS. + ''; + }; + }; + }; + + config = mkIf cfg.enable { + environment.ldso = mkDefault stub-ld; + environment.ldso32 = mkIf pkgs.stdenv.isx86_64 (mkDefault stub-ld32); + }; + + meta.maintainers = with lib.maintainers; [ tejing ]; +} diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 906be0fec0872..dc8abdb1e9c90 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -12,6 +12,7 @@ ./config/iproute2.nix ./config/krb5/default.nix ./config/ldap.nix + ./config/ldso.nix ./config/locale.nix ./config/malloc.nix ./config/mysql.nix @@ -28,6 +29,7 @@ ./config/resolvconf.nix ./config/shells-environment.nix ./config/stevenblack.nix + ./config/stub-ld.nix ./config/swap.nix ./config/sysctl.nix ./config/system-environment.nix diff --git a/nixos/modules/profiles/minimal.nix b/nixos/modules/profiles/minimal.nix index 75f355b4a002b..b76740f7cc587 100644 --- a/nixos/modules/profiles/minimal.nix +++ b/nixos/modules/profiles/minimal.nix @@ -21,6 +21,8 @@ with lib; # Perl is a default package. environment.defaultPackages = mkDefault [ ]; + environment.stub-ld.enable = false; + # The lessopen package pulls in Perl. programs.less.lessopen = mkDefault null; diff --git a/nixos/modules/programs/hyprland.nix b/nixos/modules/programs/hyprland.nix index 166c6cbc5c183..9061ce5da83a8 100644 --- a/nixos/modules/programs/hyprland.nix +++ b/nixos/modules/programs/hyprland.nix @@ -30,7 +30,6 @@ in readOnly = true; default = cfg.package.override { enableXWayland = cfg.xwayland.enable; - enableNvidiaPatches = cfg.enableNvidiaPatches; }; defaultText = literalExpression "`programs.hyprland.package` with applied configuration"; @@ -42,8 +41,6 @@ in portalPackage = mkPackageOption pkgs "xdg-desktop-portal-hyprland" { }; xwayland.enable = mkEnableOption (mdDoc "XWayland") // { default = true; }; - - enableNvidiaPatches = mkEnableOption (mdDoc "patching wlroots for better Nvidia support"); }; config = mkIf cfg.enable { @@ -73,9 +70,13 @@ in [ "programs" "hyprland" "xwayland" "hidpi" ] "XWayland patches are deprecated. Refer to https://wiki.hyprland.org/Configuring/XWayland" ) - (mkRenamedOptionModule - [ "programs" "hyprland" "nvidiaPatches" ] + (mkRemovedOptionModule [ "programs" "hyprland" "enableNvidiaPatches" ] + "Nvidia patches are no longer needed" + ) + (mkRemovedOptionModule + [ "programs" "hyprland" "nvidiaPatches" ] + "Nvidia patches are no longer needed" ) ]; } diff --git a/nixos/modules/programs/nix-ld.nix b/nixos/modules/programs/nix-ld.nix index e3a9bb16410c9..6f36ce33640cd 100644 --- a/nixos/modules/programs/nix-ld.nix +++ b/nixos/modules/programs/nix-ld.nix @@ -47,7 +47,7 @@ in }; config = lib.mkIf config.programs.nix-ld.enable { - systemd.tmpfiles.packages = [ cfg.package ]; + environment.ldso = "${cfg.package}/libexec/nix-ld"; environment.systemPackages = [ nix-ld-libraries ]; diff --git a/nixos/modules/services/backup/restic.nix b/nixos/modules/services/backup/restic.nix index e3eb504e0adfc..b222dd952d159 100644 --- a/nixos/modules/services/backup/restic.nix +++ b/nixos/modules/services/backup/restic.nix @@ -384,10 +384,11 @@ in ${lib.optionalString (backup.environmentFile != null) "source ${backup.environmentFile}"} # set same environment variables as the systemd service ${lib.pipe config.systemd.services."restic-backups-${name}".environment [ - (lib.filterAttrs (_: v: v != null)) + (lib.filterAttrs (n: v: v != null && n != "PATH")) (lib.mapAttrsToList (n: v: "${n}=${v}")) (lib.concatStringsSep "\n") ]} + PATH=${config.systemd.services."restic-backups-${name}".environment.PATH}:$PATH exec ${resticCmd} $@ '') (lib.filterAttrs (_: v: v.createWrapper) config.services.restic.backups); diff --git a/nixos/modules/services/monitoring/prometheus/default.nix b/nixos/modules/services/monitoring/prometheus/default.nix index e78cb4d01dc5b..b4ac8e21451af 100644 --- a/nixos/modules/services/monitoring/prometheus/default.nix +++ b/nixos/modules/services/monitoring/prometheus/default.nix @@ -1435,6 +1435,10 @@ let remote_timeout = mkOpt types.str '' Timeout for requests to the remote write endpoint. ''; + headers = mkOpt (types.attrsOf types.str) '' + Custom HTTP headers to be sent along with each remote write request. + Be aware that headers that are set by Prometheus itself can't be overwritten. + ''; write_relabel_configs = mkOpt (types.listOf promTypes.relabel_config) '' List of remote write relabel configurations. ''; @@ -1530,6 +1534,10 @@ let remote_timeout = mkOpt types.str '' Timeout for requests to the remote read endpoint. ''; + headers = mkOpt (types.attrsOf types.str) '' + Custom HTTP headers to be sent along with each remote read request. + Be aware that headers that are set by Prometheus itself can't be overwritten. + ''; read_recent = mkOpt types.bool '' Whether reads should be made for queries for time ranges that the local storage should have complete data for. diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 6f5ada84701fa..2b2a7ce71ecc5 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -788,6 +788,7 @@ in { step-ca = handleTestOn ["x86_64-linux"] ./step-ca.nix {}; stratis = handleTest ./stratis {}; strongswan-swanctl = handleTest ./strongswan-swanctl.nix {}; + stub-ld = handleTestOn [ "x86_64-linux" "aarch64-linux" ] ./stub-ld.nix {}; stunnel = handleTest ./stunnel.nix {}; sudo = handleTest ./sudo.nix {}; sudo-rs = handleTest ./sudo-rs.nix {}; diff --git a/nixos/tests/nebula.nix b/nixos/tests/nebula.nix index 1bece2200f238..89b91d89fcb3f 100644 --- a/nixos/tests/nebula.nix +++ b/nixos/tests/nebula.nix @@ -144,7 +144,6 @@ in restartAndCheckNebula = name: ip: '' ${name}.systemctl("restart nebula@smoke.service") - ${name}.wait_for_unit("nebula@smoke.service") ${name}.succeed("ping -c5 ${ip}") ''; @@ -180,8 +179,6 @@ in ${nodeB}.succeed("iptables -I INPUT -s " + node_a + " -j DROP") ${nodeA}.systemctl("restart nebula@smoke.service") ${nodeB}.systemctl("restart nebula@smoke.service") - ${nodeA}.wait_for_unit("nebula@smoke.service") - ${nodeB}.wait_for_unit("nebula@smoke.service") ''; allowTrafficBetween = nodeA: nodeB: '' node_a = ${getPublicIp nodeA} @@ -190,8 +187,6 @@ in ${nodeB}.succeed("iptables -D INPUT -s " + node_a + " -j DROP") ${nodeA}.systemctl("restart nebula@smoke.service") ${nodeB}.systemctl("restart nebula@smoke.service") - ${nodeA}.wait_for_unit("nebula@smoke.service") - ${nodeB}.wait_for_unit("nebula@smoke.service") ''; in '' # Create the certificate and sign the lighthouse's keys. diff --git a/nixos/tests/stub-ld.nix b/nixos/tests/stub-ld.nix new file mode 100644 index 0000000000000..25161301741b7 --- /dev/null +++ b/nixos/tests/stub-ld.nix @@ -0,0 +1,73 @@ +import ./make-test-python.nix ({ lib, pkgs, ... }: { + name = "stub-ld"; + + nodes.machine = { lib, ... }: + { + environment.stub-ld.enable = true; + + specialisation.nostub = { + inheritParentConfig = true; + + configuration = { ... }: { + environment.stub-ld.enable = lib.mkForce false; + }; + }; + }; + + testScript = let + libDir = pkgs.stdenv.hostPlatform.libDir; + ldsoBasename = lib.last (lib.splitString "/" pkgs.stdenv.cc.bintools.dynamicLinker); + + check32 = pkgs.stdenv.isx86_64; + pkgs32 = pkgs.pkgsi686Linux; + + libDir32 = pkgs32.stdenv.hostPlatform.libDir; + ldsoBasename32 = lib.last (lib.splitString "/" pkgs32.stdenv.cc.bintools.dynamicLinker); + + test-exec = builtins.mapAttrs (n: v: pkgs.runCommand "test-exec-${n}" { src = pkgs.fetchurl v; } "mkdir -p $out;cd $out;tar -xzf $src") { + x86_64-linux.url = "https://github.com/rustic-rs/rustic/releases/download/v0.6.1/rustic-v0.6.1-x86_64-unknown-linux-gnu.tar.gz"; + x86_64-linux.hash = "sha256-3zySzx8MKFprMOi++yr2ZGASE0aRfXHQuG3SN+kWUCI="; + i686-linux.url = "https://github.com/rustic-rs/rustic/releases/download/v0.6.1/rustic-v0.6.1-i686-unknown-linux-gnu.tar.gz"; + i686-linux.hash = "sha256-fWNiATFeg0B2pfB5zndlnzGn7Ztl8diVS1rFLEDnSLU="; + aarch64-linux.url = "https://github.com/rustic-rs/rustic/releases/download/v0.6.1/rustic-v0.6.1-aarch64-unknown-linux-gnu.tar.gz"; + aarch64-linux.hash = "sha256-hnldbd2cctQIAhIKoEZLIWY8H3jiFBClkNy2UlyyvAs="; + }; + exec-name = "rustic"; + + if32 = pythonStatement: if check32 then pythonStatement else "pass"; + in + '' + machine.start() + machine.wait_for_unit("multi-user.target") + + with subtest("Check for stub (enabled, initial)"): + machine.succeed('test -L /${libDir}/${ldsoBasename}') + ${if32 "machine.succeed('test -L /${libDir32}/${ldsoBasename32}')"} + + with subtest("Try FHS executable"): + machine.copy_from_host('${test-exec.${pkgs.system}}','test-exec') + machine.succeed('if test-exec/${exec-name} 2>outfile; then false; else [ $? -eq 127 ];fi') + machine.succeed('grep -qi nixos outfile') + ${if32 "machine.copy_from_host('${test-exec.${pkgs32.system}}','test-exec32')"} + ${if32 "machine.succeed('if test-exec32/${exec-name} 2>outfile32; then false; else [ $? -eq 127 ];fi')"} + ${if32 "machine.succeed('grep -qi nixos outfile32')"} + + with subtest("Disable stub"): + machine.succeed("/run/booted-system/specialisation/nostub/bin/switch-to-configuration test") + + with subtest("Check for stub (disabled)"): + machine.fail('test -e /${libDir}/${ldsoBasename}') + ${if32 "machine.fail('test -e /${libDir32}/${ldsoBasename32}')"} + + with subtest("Create file in stub location (to be overwritten)"): + machine.succeed('mkdir -p /${libDir};touch /${libDir}/${ldsoBasename}') + ${if32 "machine.succeed('mkdir -p /${libDir32};touch /${libDir32}/${ldsoBasename32}')"} + + with subtest("Re-enable stub"): + machine.succeed("/run/booted-system/bin/switch-to-configuration test") + + with subtest("Check for stub (enabled, final)"): + machine.succeed('test -L /${libDir}/${ldsoBasename}') + ${if32 "machine.succeed('test -L /${libDir32}/${ldsoBasename32}')"} + ''; +}) diff --git a/pkgs/applications/audio/spotify/linux.nix b/pkgs/applications/audio/spotify/linux.nix index a5aec13504b17..a73c00a8fb9d2 100644 --- a/pkgs/applications/audio/spotify/linux.nix +++ b/pkgs/applications/audio/spotify/linux.nix @@ -14,14 +14,14 @@ let # If an update breaks things, one of those might have valuable info: # https://aur.archlinux.org/packages/spotify/ # https://community.spotify.com/t5/Desktop-Linux - version = "1.2.25.1011.g0348b2ea"; + version = "1.2.26.1187.g36b715a1"; # To get the latest stable revision: # curl -H 'X-Ubuntu-Series: 16' 'https://api.snapcraft.io/api/v1/snaps/details/spotify?channel=stable' | jq '.download_url,.version,.last_updated' # To get general information: # curl -H 'Snap-Device-Series: 16' 'https://api.snapcraft.io/v2/snaps/info/spotify' | jq '.' # More examples of api usage: # https://github.com/canonical-websites/snapcraft.io/blob/master/webapp/publisher/snaps/views.py - rev = "73"; + rev = "74"; deps = [ alsa-lib @@ -87,7 +87,7 @@ stdenv.mkDerivation { # https://community.spotify.com/t5/Desktop-Linux/Redistribute-Spotify-on-Linux-Distributions/td-p/1695334 src = fetchurl { url = "https://api.snapcraft.io/api/v1/snaps/download/pOBIoZ2LrCB3rDohMxoYGnbN14EHOgD7_${rev}.snap"; - hash = "sha512-93A+0YfP2/HnQOhSMw3UZ374bpS5ccQqb7a+e4RPSKvyT54wcI6hpmRn8CVo02oLo0yI2hho3Bu3ggsJLVgzbw=="; + hash = "sha512-Muurn4ih54oVTvLGuRfTPCgGSRImE8O0S5k7gZ4Utgrz3TKgVrthY9AXldP8v+qLcfIrrYwixJy2WGuur9E0jg=="; }; nativeBuildInputs = [ wrapGAppsHook makeShellWrapper squashfsTools ]; diff --git a/pkgs/applications/editors/emacs/elisp-packages/manual-packages/lspce/default.nix b/pkgs/applications/editors/emacs/elisp-packages/manual-packages/lspce/default.nix index 29157c802411a..67b1b600390e1 100644 --- a/pkgs/applications/editors/emacs/elisp-packages/manual-packages/lspce/default.nix +++ b/pkgs/applications/editors/emacs/elisp-packages/manual-packages/lspce/default.nix @@ -9,13 +9,13 @@ }: let - version = "unstable-2023-10-30"; + version = "unstable-2023-12-01"; src = fetchFromGitHub { owner = "zbelial"; repo = "lspce"; - rev = "34c59787bcdbf414c92d9b3bf0a0f5306cb98d64"; - hash = "sha256-kUHGdeJo2zXA410FqXGclgXmgWrll30Zv8fSprcmnIo="; + rev = "1958b6fcdfb6288aa17fa42360315d6c4aa85991"; + hash = "sha256-HUIRm1z6xNJWgX7ykujzniBrOTh76D3dJHrm0LR3nuQ="; }; meta = { @@ -30,17 +30,19 @@ let inherit version src meta; pname = "lspce-module"; - cargoHash = "sha256-eqSromwJrFhtJWedDVJivfbKpAtSFEtuCP098qOxFgI="; + cargoHash = "sha256-qMLwdZwqrK7bPXL1bIbOqM7xQPpeiO8FDoje0CEJeXQ="; checkFlags = [ # flaky test "--skip=msg::tests::serialize_request_with_null_params" ]; - postFixup = '' + postInstall = '' + mkdir -p $out/share/emacs/site-lisp for f in $out/lib/*; do - mv $f $out/lib/lspce-module.''${f##*.} + mv $f $out/share/emacs/site-lisp/lspce-module.''${f##*.} done + rmdir $out/lib ''; }; in @@ -48,25 +50,16 @@ trivialBuild rec { inherit version src meta; pname = "lspce"; - preBuild = '' - ln -s ${lspce-module}/lib/lspce-module* . - - # Fix byte-compilation - substituteInPlace lspce-util.el \ - --replace "(require 'yasnippet)" "(require 'yasnippet)(require 'url-util)" - substituteInPlace lspce-calltree.el \ - --replace "(require 'compile)" "(require 'compile)(require 'cl-lib)" - ''; - buildInputs = propagatedUserEnvPkgs; propagatedUserEnvPkgs = [ f markdown-mode yasnippet + lspce-module ]; - postInstall = '' - install lspce-module* $LISPDIR - ''; + passthru = { + inherit lspce-module; + }; } diff --git a/pkgs/applications/editors/vim/plugins/aliases.nix b/pkgs/applications/editors/vim/plugins/aliases.nix index 6915198f09614..174d7416a736e 100644 --- a/pkgs/applications/editors/vim/plugins/aliases.nix +++ b/pkgs/applications/editors/vim/plugins/aliases.nix @@ -93,6 +93,8 @@ mapAliases (with prev; { neoinclude = neoinclude-vim; neomru = neomru-vim; neosnippet = neosnippet-vim; + nvim-ts-rainbow = throw "nvim-ts-rainbow has been deprecated: Use rainbow-delimiters-nvim"; # Added 2023-11-30 + nvim-ts-rainbow2 = throw "nvim-ts-rainbow2 has been deprecated: Use rainbow-delimiters-nvim"; # Added 2023-11-30 The_NERD_Commenter = nerdcommenter; The_NERD_tree = nerdtree; open-browser = open-browser-vim; diff --git a/pkgs/applications/editors/vim/plugins/generated.nix b/pkgs/applications/editors/vim/plugins/generated.nix index c6d5e250ddb86..96a874b9006e6 100644 --- a/pkgs/applications/editors/vim/plugins/generated.nix +++ b/pkgs/applications/editors/vim/plugins/generated.nix @@ -33,8 +33,8 @@ final: prev: src = fetchFromGitHub { owner = "jackMort"; repo = "ChatGPT.nvim"; - rev = "fc0a13f803653051801cfcf7acfd600ce44454a9"; - sha256 = "0csinl0z5jy0wnrl2rbg04kbblwb4kzsx0s6hd4n9iq9iz2k51z8"; + rev = "f189c51d03316b4ab02766c5fed6f876f5d57cbb"; + sha256 = "1h6fggfqifx47vhd3n0c4vldrx5lqbizkijm14nkj55224sq5i61"; }; meta.homepage = "https://github.com/jackMort/ChatGPT.nvim/"; }; @@ -1171,12 +1171,12 @@ final: prev: bufferline-nvim = buildVimPlugin { pname = "bufferline.nvim"; - version = "2023-12-08"; + version = "2023-12-13"; src = fetchFromGitHub { owner = "akinsho"; repo = "bufferline.nvim"; - rev = "ac788fbc493839c1e76daa8d119934b715fdb90e"; - sha256 = "0zy8z80s32hqa6jsffh9wygb77dnp7zhsp2zqgbl63lpyy0ffrvc"; + rev = "e48ce1805697e4bb97bc171c081e849a65859244"; + sha256 = "06af2lvydw7c2yswin968vdh2f06s5xmwx6pip45c4am8q68a2y6"; }; meta.homepage = "https://github.com/akinsho/bufferline.nvim/"; }; @@ -3382,6 +3382,18 @@ final: prev: meta.homepage = "https://github.com/bogado/file-line/"; }; + fileline-nvim = buildVimPlugin { + pname = "fileline.nvim"; + version = "2023-08-30"; + src = fetchFromGitHub { + owner = "lewis6991"; + repo = "fileline.nvim"; + rev = "64fc4b24f559467ff7fdbf4b3d9eaf4724f331e4"; + sha256 = "0q68mz6kd3zbf2blwz84q39wn2kq9svl8516p5vyn9jpn70rnmgv"; + }; + meta.homepage = "https://github.com/lewis6991/fileline.nvim/"; + }; + firenvim = buildVimPlugin { pname = "firenvim"; version = "2023-08-18"; @@ -4824,12 +4836,12 @@ final: prev: lean-nvim = buildVimPlugin { pname = "lean.nvim"; - version = "2023-12-10"; + version = "2023-12-13"; src = fetchFromGitHub { owner = "Julian"; repo = "lean.nvim"; - rev = "1bfcbea057c7daa81427c07440145a065339474a"; - sha256 = "0y5cdk8p0dkqx44h7kzs9f7j4jjmqcg7d029wj00m6wvb81618f3"; + rev = "a5daac8ebccb93af25ace2a2041b503f18ff3dcb"; + sha256 = "1a2qgmpg2j49v5pz8j4bfa5n8q8kiyixfz3jxhh41jkw7myxcqwh"; }; meta.homepage = "https://github.com/Julian/lean.nvim/"; }; @@ -6515,6 +6527,18 @@ final: prev: meta.homepage = "https://github.com/fiatjaf/neuron.vim/"; }; + nfnl = buildVimPlugin { + pname = "nfnl"; + version = "2023-09-08"; + src = fetchFromGitHub { + owner = "Olical"; + repo = "nfnl"; + rev = "979dbfc48bcb601a9107764a99f9459cb5bd4051"; + sha256 = "0m1yf62w4r75amva8708c4i0qvhgfia2i9p64z6i6589mq4mw6ip"; + }; + meta.homepage = "https://github.com/Olical/nfnl/"; + }; + nginx-vim = buildVimPlugin { pname = "nginx.vim"; version = "2023-11-26"; @@ -7714,29 +7738,6 @@ final: prev: meta.homepage = "https://github.com/joosepalviste/nvim-ts-context-commentstring/"; }; - nvim-ts-rainbow = buildVimPlugin { - pname = "nvim-ts-rainbow"; - version = "2023-06-07"; - src = fetchFromGitHub { - owner = "mrjones2014"; - repo = "nvim-ts-rainbow"; - rev = "8312b513ce930e7669a1721befbe56f2e1853301"; - sha256 = "16s8kppsn9m831ymcz5w3kpnq40sxg98nykd0gz3hfj27hinqag5"; - }; - meta.homepage = "https://github.com/mrjones2014/nvim-ts-rainbow/"; - }; - - nvim-ts-rainbow2 = buildVimPlugin { - pname = "nvim-ts-rainbow2"; - version = "2023-07-12"; - src = fetchgit { - url = "https://gitlab.com/HiPhish/nvim-ts-rainbow2"; - rev = "b3120cd5ae9ca524af9cb602f41e12e301fa985f"; - sha256 = "0mjg0pkd8wv8cfar30lkyywdrd3g5lz36bbsfb7lrqi7kbksyzxv"; - }; - meta.homepage = "https://gitlab.com/HiPhish/nvim-ts-rainbow2"; - }; - nvim-ufo = buildVimPlugin { pname = "nvim-ufo"; version = "2023-12-02"; @@ -7763,12 +7764,12 @@ final: prev: nvim-web-devicons = buildVimPlugin { pname = "nvim-web-devicons"; - version = "2023-12-08"; + version = "2023-12-13"; src = fetchFromGitHub { owner = "nvim-tree"; repo = "nvim-web-devicons"; - rev = "8b2e5ef9eb8a717221bd96cb8422686d65a09ed5"; - sha256 = "0s7vhlr71f3n8in2dnpqj1p1jgncn0mdl1y6a7ksl8yx2vrxqdyl"; + rev = "a1425903ab52a0a0460622519e827f224e5b4fee"; + sha256 = "11ag1v91b6pbrvrrmw4dvi9r46zrni9pgg1a5ndli5w5wdy7sf67"; }; meta.homepage = "https://github.com/nvim-tree/nvim-web-devicons/"; }; @@ -8535,11 +8536,11 @@ final: prev: rainbow-delimiters-nvim = buildVimPlugin { pname = "rainbow-delimiters.nvim"; - version = "2023-12-12"; + version = "2023-12-13"; src = fetchgit { url = "https://gitlab.com/HiPhish/rainbow-delimiters.nvim"; - rev = "cc1783ca5f1f9bfed18bfc051bb88e0e4faaf17a"; - sha256 = "174fx4ijyjczqb2lg6s1i3g4m4mvph02s7wfdk2jf0png7dg2mq4"; + rev = "0b4c1ab6724062f3582746c6a5a8c0636bf7ed81"; + sha256 = "0xz7m7xr6v467hglncdqc6jayh7qj4fyh3f7sgv8yyxlm8bf8prd"; }; meta.homepage = "https://gitlab.com/HiPhish/rainbow-delimiters.nvim"; }; @@ -8954,12 +8955,12 @@ final: prev: sg-nvim = buildVimPlugin { pname = "sg.nvim"; - version = "2023-11-15"; + version = "2023-12-13"; src = fetchFromGitHub { owner = "sourcegraph"; repo = "sg.nvim"; - rev = "41378567217097a3d78b624c9f11d29436381e99"; - sha256 = "0dwh7zb8l83d8l63ps6qc5am7r95bnyavz5r8qpxnzgzdic2r5nv"; + rev = "9eeb00c758a394cccd2828720b0eaadce6f1ad51"; + sha256 = "085vpy7vrmzcx5143gcxsgan99g6g9p05rljs0pkrw5kn7fw6szb"; }; meta.homepage = "https://github.com/sourcegraph/sg.nvim/"; }; @@ -10466,8 +10467,8 @@ final: prev: src = fetchFromGitHub { owner = "unisonweb"; repo = "unison"; - rev = "37ca00c65e9ba2f5adfe87780efda8071d894fae"; - sha256 = "07prqlwjlxix80ji537giam6w70699rgn5xslig5ivrmsldr42s7"; + rev = "a91e3c32060862ea2ba1ebdedd3d3eaa636edcdd"; + sha256 = "15wm2jx6vrrx8f00g7p0w3jzqgpg6c0jbzj2n7h6vl93s7d65207"; }; meta.homepage = "https://github.com/unisonweb/unison/"; }; @@ -12912,12 +12913,12 @@ final: prev: vim-just = buildVimPlugin { pname = "vim-just"; - version = "2023-12-12"; + version = "2023-12-13"; src = fetchFromGitHub { owner = "NoahTheDuke"; repo = "vim-just"; - rev = "a9761618b04ee1bf22005661cc8f598398d7b8d9"; - sha256 = "0hyqqk87fijraknkwwx9wzlvb6lpmn0wzrfzfb3j7as7rzbrb8gp"; + rev = "db122b74305993402150e18fad9568a5a0b542e8"; + sha256 = "0d1m1nda6r8wpbywl27xg3dwjfxnxy1vwiq9pp3m77d9blcnwgwf"; }; meta.homepage = "https://github.com/NoahTheDuke/vim-just/"; }; diff --git a/pkgs/applications/editors/vim/plugins/overrides.nix b/pkgs/applications/editors/vim/plugins/overrides.nix index f034ac4bae1c1..e519f4e5268d3 100644 --- a/pkgs/applications/editors/vim/plugins/overrides.nix +++ b/pkgs/applications/editors/vim/plugins/overrides.nix @@ -1007,7 +1007,7 @@ self: super: { pname = "sg-nvim-rust"; inherit (old) version src; - cargoHash = "sha256-ITrjY15Haz8hEztWym4q8YW2h0R8/kOYPaIYJu87sN4="; + cargoHash = "sha256-XaCBFAq/T17fz4Zn1OtG9Or3p4UwxXYKr+PTkl+Ho3k="; nativeBuildInputs = [ pkg-config ]; diff --git a/pkgs/applications/editors/vim/plugins/vim-plugin-names b/pkgs/applications/editors/vim/plugins/vim-plugin-names index 7f9a677b583c3..13fe9fdbc27b3 100644 --- a/pkgs/applications/editors/vim/plugins/vim-plugin-names +++ b/pkgs/applications/editors/vim/plugins/vim-plugin-names @@ -281,6 +281,7 @@ https://github.com/lambdalisue/fern.vim/,, https://github.com/wincent/ferret/,, https://github.com/j-hui/fidget.nvim/,, https://github.com/bogado/file-line/,, +https://github.com/lewis6991/fileline.nvim/,, https://github.com/glacambre/firenvim/,HEAD, https://github.com/andviro/flake8-vim/,, https://github.com/folke/flash.nvim/,HEAD, @@ -547,6 +548,7 @@ https://github.com/Xuyuanp/nerdtree-git-plugin/,, https://github.com/miversen33/netman.nvim/,HEAD, https://github.com/oberblastmeister/neuron.nvim/,, https://github.com/fiatjaf/neuron.vim/,, +https://github.com/Olical/nfnl/,main, https://github.com/chr4/nginx.vim/,, https://github.com/EdenEast/nightfox.nvim/,, https://github.com/zah/nim.vim/,, @@ -648,8 +650,6 @@ https://github.com/nvim-treesitter/nvim-treesitter-textobjects/,, https://github.com/RRethy/nvim-treesitter-textsubjects/,HEAD, https://github.com/windwp/nvim-ts-autotag/,, https://github.com/joosepalviste/nvim-ts-context-commentstring/,, -https://github.com/mrjones2014/nvim-ts-rainbow/,, -https://gitlab.com/HiPhish/nvim-ts-rainbow2,HEAD, https://github.com/kevinhwang91/nvim-ufo/,HEAD, https://github.com/samjwill/nvim-unception/,HEAD, https://github.com/kyazdani42/nvim-web-devicons/,, diff --git a/pkgs/applications/misc/process-compose/default.nix b/pkgs/applications/misc/process-compose/default.nix index 25ff9aed3b743..a7c37aeb964b6 100644 --- a/pkgs/applications/misc/process-compose/default.nix +++ b/pkgs/applications/misc/process-compose/default.nix @@ -8,13 +8,13 @@ let config-module = "github.com/f1bonacc1/process-compose/src/config"; in buildGoModule rec { pname = "process-compose"; - version = "0.69.0"; + version = "0.77.4"; src = fetchFromGitHub { owner = "F1bonacc1"; repo = pname; rev = "v${version}"; - hash = "sha256-YVNcr8oYEOsy0KLOsPdWTZcXYTqyz4RYG9MCEngLn7c="; + hash = "sha256-uouF43SokBD+LCMqSDWJ3pj2LznfJYJoUkoTQ1TyYyI="; # populate values that require us to use git. By doing this in postFetch we # can delete .git afterwards and maintain better reproducibility of the src. leaveDotGit = true; @@ -43,7 +43,7 @@ buildGoModule rec { installShellFiles ]; - vendorHash = "sha256-lU21nRfIi4/eobnHhX/fCWnWtoiQBiWvTUOjBL0I4X4="; + vendorHash = "sha256-0On/Rg8c9g45qbLuwhP/ZIGosu0X1uzXfAoddgTCDkg="; doCheck = false; diff --git a/pkgs/applications/networking/iroh/default.nix b/pkgs/applications/networking/iroh/default.nix index 2e2ef6ee6ccc3..ac525fd2fa11a 100644 --- a/pkgs/applications/networking/iroh/default.nix +++ b/pkgs/applications/networking/iroh/default.nix @@ -7,16 +7,16 @@ rustPlatform.buildRustPackage rec { pname = "iroh"; - version = "0.5.1"; + version = "0.11.0"; src = fetchFromGitHub { owner = "n0-computer"; repo = pname; - rev = "${pname}-v${version}"; - hash = "sha256-p1OvXso5szo8ZCnCTKgDzCEMJgiePXQMhVYOkWVZrbE="; + rev = "v${version}"; + hash = "sha256-b3XpKAV/K+69tQmjM1CGzoOTcaQHB6q3gpoSa/YFwak="; }; - cargoHash = "sha256-QqMBEYaIQ6PqO7w7Yd1jVr0zHARsVaJtZzWytmDksZQ="; + cargoHash = "sha256-dnEEque40qi7vuUxY/UDZ5Kz8LTuz0GvYVjTxl8eMvI="; buildInputs = lib.optionals stdenv.isDarwin ( with darwin.apple_sdk.frameworks; [ diff --git a/pkgs/applications/office/zotero/zotero_7.nix b/pkgs/applications/office/zotero/zotero_7.nix new file mode 100644 index 0000000000000..2164e44154ae4 --- /dev/null +++ b/pkgs/applications/office/zotero/zotero_7.nix @@ -0,0 +1,150 @@ +{ lib +, stdenv +, fetchurl +, wrapGAppsHook +, autoPatchelfHook +, makeDesktopItem +, atk +, cairo +, coreutils +, curl +, cups +, dbus-glib +, dbus +, dconf +, fontconfig +, freetype +, gdk-pixbuf +, glib +, glibc +, gtk3 +, libX11 +, libXScrnSaver +, libxcb +, libXcomposite +, libXcursor +, libXdamage +, libXext +, libXfixes +, libXi +, libXinerama +, libXrender +, libXt +, libnotify +, gnome +, libGLU +, libGL +, nspr +, nss +, pango +, gsettings-desktop-schemas +, alsa-lib +, libXtst +}: + +stdenv.mkDerivation rec { + pname = "zotero"; + version = "7.0.0-beta"; + + src = fetchurl { + url = "https://download.zotero.org/client/beta/${version}.51%2B7c5600913/Zotero-${version}.51%2B7c5600913_linux-x86_64.tar.bz2"; + hash = "sha256-zJ+jG7zlvWq+WEYOPyMIhqHPfsUe9tn0cbRyibQ7bFw="; + }; + + nativeBuildInputs = [ + wrapGAppsHook + autoPatchelfHook + ]; + buildInputs = [ + gsettings-desktop-schemas + glib + gtk3 + gnome.adwaita-icon-theme + dconf + libXtst + alsa-lib + stdenv.cc.cc + atk + cairo + curl + cups + dbus-glib + dbus + fontconfig + freetype + gdk-pixbuf + glib + glibc + gtk3 + libX11 + libXScrnSaver + libXcomposite + libXcursor + libxcb + libXdamage + libXext + libXfixes + libXi + libXinerama + libXrender + libXt + libnotify + libGLU + libGL + nspr + nss + pango + ]; + + dontConfigure = true; + dontBuild = true; + dontStrip = true; + + + desktopItem = makeDesktopItem { + name = "zotero"; + exec = "zotero -url %U"; + icon = "zotero"; + comment = meta.description; + desktopName = "Zotero"; + genericName = "Reference Management"; + categories = [ "Office" "Database" ]; + startupNotify = true; + mimeTypes = [ "x-scheme-handler/zotero" "text/plain" ]; + }; + + + installPhase = '' + runHook preInstall + + mkdir -p "$prefix/usr/lib/zotero-bin-${version}" + cp -r * "$prefix/usr/lib/zotero-bin-${version}" + mkdir -p "$out/bin" + ln -s "$prefix/usr/lib/zotero-bin-${version}/zotero" "$out/bin/" + + # install desktop file and icons. + mkdir -p $out/share/applications + cp ${desktopItem}/share/applications/* $out/share/applications/ + for size in 16 32 48 256; do + install -Dm444 chrome/icons/default/default$size.png \ + $out/share/icons/hicolor/''${size}x''${size}/apps/zotero.png + done + + runHook postInstall + ''; + + preFixup = '' + gappsWrapperArgs+=( + --prefix PATH : ${lib.makeBinPath [ coreutils ]} + ) + ''; + + meta = with lib; { + homepage = "https://www.zotero.org"; + description = "Collect, organize, cite, and share your research sources"; + sourceProvenance = with sourceTypes; [ binaryNativeCode ]; + license = licenses.agpl3Only; + platforms = platforms.linux; + maintainers = with maintainers; [ atila ]; + }; +} diff --git a/pkgs/applications/video/mpv/scripts/buildLua.nix b/pkgs/applications/video/mpv/scripts/buildLua.nix index 4c1e1957c0973..c7f510253f942 100644 --- a/pkgs/applications/video/mpv/scripts/buildLua.nix +++ b/pkgs/applications/video/mpv/scripts/buildLua.nix @@ -20,11 +20,17 @@ lib.makeOverridable (args: stdenvNoCC.mkDerivation (extendedBy , extraScripts ? [] , ... }@args: let + strippedName = with builtins; + let groups = match "mpv[-_](.*)" pname; in + if groups != null + then head groups + else pname + ; # either passthru.scriptName, inferred from scriptPath, or from pname scriptName = (args.passthru or {}).scriptName or ( if args ? scriptPath then fileName args.scriptPath - else "${pname}.lua" + else "${strippedName}.lua" ); scriptPath = args.scriptPath or "./${scriptName}"; in { diff --git a/pkgs/applications/video/mpv/scripts/mpv-playlistmanager.nix b/pkgs/applications/video/mpv/scripts/mpv-playlistmanager.nix index 8ec05a3cf6915..c164bae1495db 100644 --- a/pkgs/applications/video/mpv/scripts/mpv-playlistmanager.nix +++ b/pkgs/applications/video/mpv/scripts/mpv-playlistmanager.nix @@ -17,8 +17,6 @@ buildLua rec { 'youtube_dl_executable = "${lib.getBin yt-dlp}/bin/yt-dlp"', ''; - scriptPath = "playlistmanager.lua"; - meta = with lib; { description = "Mpv lua script to create and manage playlists"; homepage = "https://github.com/jonniek/mpv-playlistmanager"; diff --git a/pkgs/applications/video/mpv/scripts/quality-menu.nix b/pkgs/applications/video/mpv/scripts/quality-menu.nix index e4d82d17ca394..8b9aadaccbc76 100644 --- a/pkgs/applications/video/mpv/scripts/quality-menu.nix +++ b/pkgs/applications/video/mpv/scripts/quality-menu.nix @@ -15,7 +15,6 @@ buildLua rec { hash = "sha256-yrcTxqpLnOI1Tq3khhflO3wzhyeTPuvKifyH5/P57Ns="; }; - scriptPath = "quality-menu.lua"; extraScripts = lib.optional oscSupport "quality-menu-osc.lua"; meta = with lib; { diff --git a/pkgs/applications/video/mpv/scripts/thumbfast.nix b/pkgs/applications/video/mpv/scripts/thumbfast.nix index 4899f556e8b27..3ddb701f6d1d4 100644 --- a/pkgs/applications/video/mpv/scripts/thumbfast.nix +++ b/pkgs/applications/video/mpv/scripts/thumbfast.nix @@ -11,8 +11,6 @@ buildLua { hash = "sha256-5u5WBvWOEydJrnr/vilEgW4+fxkxM6wNjb9Fyyxx/1c="; }; - scriptPath = "thumbfast.lua"; - passthru.extraWrapperArgs = [ "--prefix" "PATH" ":" "${lib.getBin mpv-unwrapped}/bin" ]; diff --git a/pkgs/applications/video/vivictpp/default.nix b/pkgs/applications/video/vivictpp/default.nix index 9b8a8773b1b4b..e2fc34340fc5b 100644 --- a/pkgs/applications/video/vivictpp/default.nix +++ b/pkgs/applications/video/vivictpp/default.nix @@ -7,7 +7,7 @@ , cacert }: let - version = "0.3.1"; + version = "1.0.0"; withSubprojects = stdenv.mkDerivation { name = "sources-with-subprojects"; @@ -15,7 +15,7 @@ let owner = "vivictorg"; repo = "vivictpp"; rev = "v${version}"; - hash = "sha256-6YfYeUrM7cq8hnOPMq0Uq/HToFBDri0N/r0SU0LeT/Y="; + hash = "sha256-dCtMjemEjXe63ELAfQhzJl3GecqWLcjL2y5Htn6hYgU="; }; nativeBuildInputs = [ @@ -33,7 +33,7 @@ let ''; outputHashMode = "recursive"; - outputHash = "sha256-lIm2Bwy61St9d1e6QSm5ZpSIDR9ucaQKBPHATTDEgW4="; + outputHash = "sha256-a7NBQJt5T+KwP8Djc8TQiVLNZF8UcXlXrv2G/dZ54aM="; }; in stdenv.mkDerivation rec { pname = "vivictpp"; diff --git a/pkgs/applications/window-managers/hyprwm/hyprland/default.nix b/pkgs/applications/window-managers/hyprwm/hyprland/default.nix index 402b358474465..ad8079be63c3e 100644 --- a/pkgs/applications/window-managers/hyprwm/hyprland/default.nix +++ b/pkgs/applications/window-managers/hyprwm/hyprland/default.nix @@ -28,7 +28,6 @@ , xcbutilwm , xwayland , debug ? false -, enableNvidiaPatches ? false , enableXWayland ? true , legacyRenderer ? false , withSystemd ? true @@ -36,18 +35,20 @@ # deprecated flags , nvidiaPatches ? false , hidpiXWayland ? false +, enableNvidiaPatches ? false }: -assert lib.assertMsg (!nvidiaPatches) "The option `nvidiaPatches` has been renamed `enableNvidiaPatches`"; +assert lib.assertMsg (!nvidiaPatches) "The option `nvidiaPatches` has been removed."; +assert lib.assertMsg (!enableNvidiaPatches) "The option `enableNvidiaPatches` has been removed."; assert lib.assertMsg (!hidpiXWayland) "The option `hidpiXWayland` has been removed. Please refer https://wiki.hyprland.org/Configuring/XWayland"; stdenv.mkDerivation (finalAttrs: { pname = "hyprland" + lib.optionalString debug "-debug"; - version = "0.32.3"; + version = "0.33.1"; src = fetchFromGitHub { owner = "hyprwm"; repo = finalAttrs.pname; rev = "v${finalAttrs.version}"; - hash = "sha256-8PP26+ybmScq5WpFd2JPqUDzG2VggYOvD6/rzY9/CJ4="; + hash = "sha256-p7el5oQZPy9l1zyIrlHu6nA4BAu59eLoSqBjhkw2jaw="; }; patches = [ @@ -99,7 +100,7 @@ stdenv.mkDerivation (finalAttrs: { wayland-protocols pango pciutils - (wlroots.override { inherit enableNvidiaPatches; }) + wlroots ] ++ lib.optionals stdenv.hostPlatform.isMusl [ libexecinfo ] ++ lib.optionals enableXWayland [ libxcb xcbutilwm xwayland ] diff --git a/pkgs/applications/window-managers/hyprwm/hyprland/wlroots.nix b/pkgs/applications/window-managers/hyprwm/hyprland/wlroots.nix index 8191582dfb3a8..a77526abb508e 100644 --- a/pkgs/applications/window-managers/hyprwm/hyprland/wlroots.nix +++ b/pkgs/applications/window-managers/hyprwm/hyprland/wlroots.nix @@ -1,39 +1,9 @@ { fetchFromGitLab -, hyprland , wlroots -, lib , libdisplay-info , libliftoff , hwdata -, enableNvidiaPatches ? false }: -let - libdisplay-info-new = libdisplay-info.overrideAttrs (old: { - version = "0.1.1+date=2023-03-02"; - src = fetchFromGitLab { - domain = "gitlab.freedesktop.org"; - owner = "emersion"; - repo = old.pname; - rev = "147d6611a64a6ab04611b923e30efacaca6fc678"; - sha256 = "sha256-/q79o13Zvu7x02SBGu0W5yQznQ+p7ltZ9L6cMW5t/o4="; - }; - }); - - libliftoff-new = libliftoff.overrideAttrs (old: { - version = "0.5.0-dev"; - src = fetchFromGitLab { - domain = "gitlab.freedesktop.org"; - owner = "emersion"; - repo = old.pname; - rev = "d98ae243280074b0ba44bff92215ae8d785658c0"; - sha256 = "sha256-DjwlS8rXE7srs7A8+tHqXyUsFGtucYSeq6X0T/pVOc8="; - }; - - NIX_CFLAGS_COMPILE = toString [ - "-Wno-error=sign-conversion" - ]; - }); -in wlroots.overrideAttrs (old: { version = "0.17.0-dev"; @@ -42,29 +12,15 @@ wlroots.overrideAttrs domain = "gitlab.freedesktop.org"; owner = "wlroots"; repo = "wlroots"; - rev = "5de9e1a99d6642c2d09d589aa37ff0a8945dcee1"; - hash = "sha256-HXu98PyBMKEWLqiTb8viuLDznud/SdkdJsx5A5CWx7I="; + rev = "5d639394f3e83b01596dcd166a44a9a1a2583350"; + hash = "sha256-7kvyoA91etzVEl9mkA/EJfB6z/PltxX7Xc4gcr7/xlo="; }; - pname = - old.pname - + "-hyprland" - + lib.optionalString enableNvidiaPatches "-nvidia"; - - patches = - (old.patches or [ ]) - ++ (lib.optionals enableNvidiaPatches [ - "${hyprland.src}/nix/patches/wlroots-nvidia.patch" - ]); - - # don't need old.postPatch for hwdata's path in wlroots 0.16 - postPatch = lib.optionalString enableNvidiaPatches '' - substituteInPlace render/gles2/renderer.c --replace "glFlush();" "glFinish();" - ''; + pname = "${old.pname}-hyprland"; buildInputs = old.buildInputs ++ [ hwdata - libdisplay-info-new - libliftoff-new + libdisplay-info + libliftoff ]; }) diff --git a/pkgs/build-support/build-graalvm-native-image/default.nix b/pkgs/build-support/build-graalvm-native-image/default.nix index e5fe1abe1d11f..0612db2ad79bd 100644 --- a/pkgs/build-support/build-graalvm-native-image/default.nix +++ b/pkgs/build-support/build-graalvm-native-image/default.nix @@ -49,6 +49,13 @@ stdenv.mkDerivation ({ nativeImageBuildArgs = nativeImageBuildArgs ++ extraNativeImageBuildArgs ++ [ graalvmXmx ]; + # Workaround GraalVM issue where the builder does not have access to the + # environment variables since 21.0.0 + # https://github.com/oracle/graal/pull/6095 + # https://github.com/oracle/graal/pull/6095 + # https://github.com/oracle/graal/issues/7502 + env.NATIVE_IMAGE_DEPRECATED_BUILDER_SANITATION = "true"; + buildPhase = args.buildPhase or '' runHook preBuild diff --git a/pkgs/by-name/no/noto-fonts-cjk-sans/package.nix b/pkgs/by-name/no/noto-fonts-cjk-sans/package.nix new file mode 100644 index 0000000000000..5c7ab7684b62c --- /dev/null +++ b/pkgs/by-name/no/noto-fonts-cjk-sans/package.nix @@ -0,0 +1,49 @@ +{ lib +, stdenvNoCC +, fetchFromGitHub +, nixosTests +, gitUpdater +}: + +stdenvNoCC.mkDerivation rec { + pname = "noto-fonts-cjk-sans"; + version = "2.004"; + + src = fetchFromGitHub { + owner = "notofonts"; + repo = "noto-cjk"; + rev = "Sans${version}"; + hash = "sha256-IgalJkiOAVjNxKaPAQWfb5hKeqclliR4qVXCq63FGWY="; + sparseCheckout = [ "Sans/Variable/OTC" ]; + }; + + installPhase = '' + install -m444 -Dt $out/share/fonts/opentype/noto-cjk Sans/Variable/OTC/*.otf.ttc + ''; + + passthru.tests.noto-fonts = nixosTests.noto-fonts; + + passthru.updateScript = gitUpdater { + rev-prefix = "Sans"; + }; + + meta = { + description = "Beautiful and free fonts for CJK languages"; + homepage = "https://www.google.com/get/noto/help/cjk/"; + longDescription = '' + Noto Sans CJK is a sans typeface designed as + an intermediate style between the modern and traditional. It is + intended to be a multi-purpose digital font for user interface + designs, digital content, reading on laptops, mobile devices, and + electronic books. Noto Sans CJK comprehensively covers + Simplified Chinese, Traditional Chinese, Japanese, and Korean in a + unified font family. It supports regional variants of ideographic + characters for each of the four languages. In addition, it supports + Japanese kana, vertical forms, and variant characters (itaiji); it + supports Korean hangeul — both contemporary and archaic. + ''; + license = lib.licenses.ofl; + platforms = lib.platforms.all; + maintainers = with lib.maintainers; [ mathnerd314 emily ]; + }; +} diff --git a/pkgs/by-name/no/noto-fonts-cjk-serif/package.nix b/pkgs/by-name/no/noto-fonts-cjk-serif/package.nix new file mode 100644 index 0000000000000..d9fddcc684c41 --- /dev/null +++ b/pkgs/by-name/no/noto-fonts-cjk-serif/package.nix @@ -0,0 +1,49 @@ +{ lib +, stdenvNoCC +, fetchFromGitHub +, nixosTests +, gitUpdater +}: + +stdenvNoCC.mkDerivation rec { + pname = "noto-fonts-cjk-serif"; + version = "2.002"; + + src = fetchFromGitHub { + owner = "notofonts"; + repo = "noto-cjk"; + rev = "Serif${version}"; + hash = "sha256-GLjpTAiHfygj1J4AdUVDJh8kykkFOglq+h4kyat5W9s="; + sparseCheckout = [ "Serif/Variable/OTC" ]; + }; + + installPhase = '' + install -m444 -Dt $out/share/fonts/opentype/noto-cjk Serif/Variable/OTC/*.otf.ttc + ''; + + passthru.tests.noto-fonts = nixosTests.noto-fonts; + + passthru.updateScript = gitUpdater { + rev-prefix = "Serif"; + }; + + meta = with lib; { + description = "Beautiful and free fonts for CJK languages"; + homepage = "https://www.google.com/get/noto/help/cjk/"; + longDescription = '' + Noto Serif CJK is a serif typeface designed as + an intermediate style between the modern and traditional. It is + intended to be a multi-purpose digital font for user interface + designs, digital content, reading on laptops, mobile devices, and + electronic books. Noto Serif CJK comprehensively covers + Simplified Chinese, Traditional Chinese, Japanese, and Korean in a + unified font family. It supports regional variants of ideographic + characters for each of the four languages. In addition, it supports + Japanese kana, vertical forms, and variant characters (itaiji); it + supports Korean hangeul — both contemporary and archaic. + ''; + license = licenses.ofl; + platforms = platforms.all; + maintainers = with maintainers; [ mathnerd314 emily ]; + }; +} diff --git a/pkgs/by-name/no/noto-fonts-color-emoji/package.nix b/pkgs/by-name/no/noto-fonts-color-emoji/package.nix new file mode 100644 index 0000000000000..37f56db62df19 --- /dev/null +++ b/pkgs/by-name/no/noto-fonts-color-emoji/package.nix @@ -0,0 +1,69 @@ +{ lib +, stdenvNoCC +, fetchFromGitHub +, buildPackages +, pkg-config +, cairo +, imagemagick +, zopfli +, pngquant +, which +}: + +let + emojiPythonEnv = + buildPackages.python3.withPackages (p: with p; [ fonttools nototools ]); +in +stdenvNoCC.mkDerivation rec { + pname = "noto-fonts-color-emoji"; + version = "2.042"; + + src = fetchFromGitHub { + owner = "googlefonts"; + repo = "noto-emoji"; + rev = "v${version}"; + hash = "sha256-otJQMXrBIPrxD1vCdgcrZ2h1a9XAMbqEBFumjz1XJ54="; + }; + + depsBuildBuild = [ + buildPackages.stdenv.cc + pkg-config + cairo + ]; + + nativeBuildInputs = [ + imagemagick + zopfli + pngquant + which + emojiPythonEnv + ]; + + postPatch = '' + patchShebangs *.py + patchShebangs third_party/color_emoji/*.py + # remove check for virtualenv, since we handle + # python requirements using python.withPackages + sed -i '/ifndef VIRTUAL_ENV/,+2d' Makefile + # Make the build verbose so it won't get culled by Hydra thinking that + # it somehow got stuck doing nothing. + sed -i 's;\t@;\t;' Makefile + ''; + + enableParallelBuilding = true; + + installPhase = '' + runHook preInstall + mkdir -p $out/share/fonts/noto + cp NotoColorEmoji.ttf $out/share/fonts/noto + runHook postInstall + ''; + + meta = { + description = "Color emoji font"; + homepage = "https://github.com/googlefonts/noto-emoji"; + license = with lib.licenses; [ ofl asl20 ]; + platforms = lib.platforms.all; + maintainers = with lib.maintainers; [ mathnerd314 sternenseemann ]; + }; +} diff --git a/pkgs/by-name/no/noto-fonts-emoji-blob-bin/package.nix b/pkgs/by-name/no/noto-fonts-emoji-blob-bin/package.nix new file mode 100644 index 0000000000000..311505c3ae48b --- /dev/null +++ b/pkgs/by-name/no/noto-fonts-emoji-blob-bin/package.nix @@ -0,0 +1,30 @@ + { lib +, stdenvNoCC +, fetchurl +}: + +stdenvNoCC.mkDerivation rec { + pname = "noto-fonts-emoji-blob-bin"; + version = "15.0"; + + src = fetchurl { + url = "https://github.com/C1710/blobmoji/releases/download/v${version}/Blobmoji.ttf"; + hash = "sha256-3MPWZ1A2ups171dNIiFTJ3C1vZiGy6I8ZF70aUfrePk="; + }; + + dontUnpack = true; + + installPhase = '' + runHook preInstall + install -Dm 444 $src $out/share/fonts/blobmoji/Blobmoji.ttf + runHook postInstall + ''; + + meta = { + description = "Noto Emoji with extended Blob support"; + homepage = "https://github.com/C1710/blobmoji"; + license = with lib.licenses; [ ofl asl20 ]; + platforms = lib.platforms.all; + maintainers = with lib.maintainers; [ rileyinman jk ]; + }; +} diff --git a/pkgs/data/fonts/noto-fonts/noto-emoji.hashes.json b/pkgs/by-name/no/noto-fonts-monochrome-emoji/noto-emoji.hashes.json index e9ad1c327f4f9..e9ad1c327f4f9 100644 --- a/pkgs/data/fonts/noto-fonts/noto-emoji.hashes.json +++ b/pkgs/by-name/no/noto-fonts-monochrome-emoji/noto-emoji.hashes.json diff --git a/pkgs/data/fonts/noto-fonts/noto-emoji.json b/pkgs/by-name/no/noto-fonts-monochrome-emoji/noto-emoji.json index c729634b9e1e7..c729634b9e1e7 100644 --- a/pkgs/data/fonts/noto-fonts/noto-emoji.json +++ b/pkgs/by-name/no/noto-fonts-monochrome-emoji/noto-emoji.json diff --git a/pkgs/data/fonts/noto-fonts/noto-emoji.py b/pkgs/by-name/no/noto-fonts-monochrome-emoji/noto-emoji.py index 9f1eadd95bca5..9f1eadd95bca5 100755 --- a/pkgs/data/fonts/noto-fonts/noto-emoji.py +++ b/pkgs/by-name/no/noto-fonts-monochrome-emoji/noto-emoji.py diff --git a/pkgs/by-name/no/noto-fonts-monochrome-emoji/package.nix b/pkgs/by-name/no/noto-fonts-monochrome-emoji/package.nix new file mode 100644 index 0000000000000..08f78b613efc7 --- /dev/null +++ b/pkgs/by-name/no/noto-fonts-monochrome-emoji/package.nix @@ -0,0 +1,53 @@ +{ lib +, stdenvNoCC +, fetchurl +}: + +# Metadata fetched from +# https://www.googleapis.com/webfonts/v1/webfonts?key=${GOOGLE_FONTS_TOKEN}&family=Noto+Emoji +let + metadata = with builtins; head (fromJSON (readFile ./noto-emoji.json)).items; + urlHashes = with builtins; fromJSON (readFile ./noto-emoji.hashes.json); +in +stdenvNoCC.mkDerivation { + pname = "noto-fonts-monochrome-emoji"; + version = "${lib.removePrefix "v" metadata.version}.${metadata.lastModified}"; + preferLocalBuild = true; + + dontUnpack = true; + srcs = + let + weightNames = { + "300" = "Light"; + regular = "Regular"; + "500" = "Medium"; + "600" = "SemiBold"; + "700" = "Bold"; + }; + in + lib.mapAttrsToList + (variant: url: fetchurl { + name = "NotoEmoji-${weightNames.${variant}}.ttf"; + hash = urlHashes.${url}; + inherit url; + }) + metadata.files; + + installPhase = '' + runHook preInstall + for src in $srcs; do + install -D $src $out/share/fonts/noto/$(stripHash $src) + done + runHook postInstall + ''; + + meta = { + description = "Monochrome emoji font"; + homepage = "https://fonts.google.com/noto/specimen/Noto+Emoji"; + license = [ lib.licenses.ofl ]; + maintainers = [ lib.maintainers.nicoo ]; + + platforms = lib.platforms.all; + sourceProvenance = [ lib.sourceTypes.binaryBytecode ]; + }; +} diff --git a/pkgs/by-name/no/noto-fonts/package.nix b/pkgs/by-name/no/noto-fonts/package.nix new file mode 100644 index 0000000000000..4f8606095e029 --- /dev/null +++ b/pkgs/by-name/no/noto-fonts/package.nix @@ -0,0 +1,73 @@ +{ lib +, stdenvNoCC +, fetchFromGitHub +, gitUpdater +, variants ? [ ] +, suffix ? "" +, longDescription ? '' + When text is rendered by a computer, sometimes characters are + displayed as “tofu”. They are little boxes to indicate your device + doesn’t have a font to display the text. + Google has been developing a font family called Noto, which aims to + support all languages with a harmonious look and feel. Noto is + Google’s answer to tofu. The name noto is to convey the idea that + Google’s goal is to see “no more tofu”. Noto has multiple styles and + weights, and freely available to all. + '' +}: + +stdenvNoCC.mkDerivation rec { + pname = "noto-fonts${suffix}"; + version = "23.11.1"; + + src = fetchFromGitHub { + owner = "notofonts"; + repo = "notofonts.github.io"; + rev = "noto-monthly-release-${version}"; + hash = "sha256-qBHLCOfVBOn9CV194S4cYw9nhHyAe2AUBJHQMvyEfW8="; + }; + + _variants = map (variant: builtins.replaceStrings [ " " ] [ "" ] variant) variants; + + installPhase = '' + # We check availability in order of variable -> otf -> ttf + # unhinted -- the hinted versions use autohint + # maintaining maximum coverage. + # + # We have a mix of otf and ttf fonts + local out_font=$out/share/fonts/noto + '' + (if _variants == [ ] then '' + for folder in $(ls -d fonts/*/); do + if [[ -d "$folder"unhinted/variable-ttf ]]; then + install -m444 -Dt $out_font "$folder"unhinted/variable-ttf/*.ttf + elif [[ -d "$folder"unhinted/otf ]]; then + install -m444 -Dt $out_font "$folder"unhinted/otf/*.otf + else + install -m444 -Dt $out_font "$folder"unhinted/ttf/*.ttf + fi + done + '' else '' + for variant in $_variants; do + if [[ -d fonts/"$variant"/unhinted/variable-ttf ]]; then + install -m444 -Dt $out_font fonts/"$variant"/unhinted/variable-ttf/*.ttf + elif [[ -d fonts/"$variant"/unhinted/otf ]]; then + install -m444 -Dt $out_font fonts/"$variant"/unhinted/otf/*.otf + else + install -m444 -Dt $out_font fonts/"$variant"/unhinted/ttf/*.ttf + fi + done + ''); + + passthru.updateScript = gitUpdater { + rev-prefix = "noto-monthly-release-"; + }; + + meta = { + description = "Beautiful and free fonts for many languages"; + homepage = "https://www.google.com/get/noto/"; + inherit longDescription; + license = lib.licenses.ofl; + platforms = lib.platforms.all; + maintainers = with lib.maintainers; [ mathnerd314 emily jopejoe1 ]; + }; +} diff --git a/pkgs/data/fonts/noto-fonts/default.nix b/pkgs/data/fonts/noto-fonts/default.nix deleted file mode 100644 index b5a5d26b5122d..0000000000000 --- a/pkgs/data/fonts/noto-fonts/default.nix +++ /dev/null @@ -1,305 +0,0 @@ -{ stdenv -, stdenvNoCC -, lib -, gitUpdater -, fetchFromGitHub -, fetchurl -, cairo -, nixosTests -, pkg-config -, pngquant -, which -, imagemagick -, zopfli -, buildPackages -, variants ? [ ] -}: -let - notoLongDescription = '' - When text is rendered by a computer, sometimes characters are - displayed as “tofu”. They are little boxes to indicate your device - doesn’t have a font to display the text. - - Google has been developing a font family called Noto, which aims to - support all languages with a harmonious look and feel. Noto is - Google’s answer to tofu. The name noto is to convey the idea that - Google’s goal is to see “no more tofu”. Noto has multiple styles and - weights, and freely available to all. - ''; -in -rec { - mkNoto = - { pname - , variants ? [ ] - , longDescription ? notoLongDescription - }: - stdenvNoCC.mkDerivation rec { - inherit pname; - version = "23.11.1"; - - src = fetchFromGitHub { - owner = "notofonts"; - repo = "notofonts.github.io"; - rev = "noto-monthly-release-${version}"; - hash = "sha256-qBHLCOfVBOn9CV194S4cYw9nhHyAe2AUBJHQMvyEfW8="; - }; - - _variants = map (variant: builtins.replaceStrings [ " " ] [ "" ] variant) variants; - - installPhase = '' - # We check availability in order of variable -> otf -> ttf - # unhinted -- the hinted versions use autohint - # maintaining maximum coverage. - # - # We have a mix of otf and ttf fonts - local out_font=$out/share/fonts/noto - '' + (if _variants == [ ] then '' - for folder in $(ls -d fonts/*/); do - if [[ -d "$folder"unhinted/variable-ttf ]]; then - install -m444 -Dt $out_font "$folder"unhinted/variable-ttf/*.ttf - elif [[ -d "$folder"unhinted/otf ]]; then - install -m444 -Dt $out_font "$folder"unhinted/otf/*.otf - else - install -m444 -Dt $out_font "$folder"unhinted/ttf/*.ttf - fi - done - '' else '' - for variant in $_variants; do - if [[ -d fonts/"$variant"/unhinted/variable-ttf ]]; then - install -m444 -Dt $out_font fonts/"$variant"/unhinted/variable-ttf/*.ttf - elif [[ -d fonts/"$variant"/unhinted/otf ]]; then - install -m444 -Dt $out_font fonts/"$variant"/unhinted/otf/*.otf - else - install -m444 -Dt $out_font fonts/"$variant"/unhinted/ttf/*.ttf - fi - done - ''); - - passthru.updateScript = gitUpdater { - rev-prefix = "noto-monthly-release-"; - }; - - meta = with lib; { - description = "Beautiful and free fonts for many languages"; - homepage = "https://www.google.com/get/noto/"; - inherit longDescription; - license = licenses.ofl; - platforms = platforms.all; - maintainers = with maintainers; [ mathnerd314 emily jopejoe1 ]; - }; - }; - - mkNotoCJK = { typeface, version, sha256 }: - stdenvNoCC.mkDerivation { - pname = "noto-fonts-cjk-${lib.toLower typeface}"; - inherit version; - - src = fetchFromGitHub { - owner = "googlefonts"; - repo = "noto-cjk"; - rev = "${typeface}${version}"; - inherit sha256; - sparseCheckout = [ "${typeface}/Variable/OTC" ]; - }; - - installPhase = '' - install -m444 -Dt $out/share/fonts/opentype/noto-cjk ${typeface}/Variable/OTC/*.otf.ttc - ''; - - passthru.tests.noto-fonts = nixosTests.noto-fonts; - - meta = with lib; { - description = "Beautiful and free fonts for CJK languages"; - homepage = "https://www.google.com/get/noto/help/cjk/"; - longDescription = '' - Noto ${typeface} CJK is a ${lib.toLower typeface} typeface designed as - an intermediate style between the modern and traditional. It is - intended to be a multi-purpose digital font for user interface - designs, digital content, reading on laptops, mobile devices, and - electronic books. Noto ${typeface} CJK comprehensively covers - Simplified Chinese, Traditional Chinese, Japanese, and Korean in a - unified font family. It supports regional variants of ideographic - characters for each of the four languages. In addition, it supports - Japanese kana, vertical forms, and variant characters (itaiji); it - supports Korean hangeul — both contemporary and archaic. - ''; - license = licenses.ofl; - platforms = platforms.all; - maintainers = with maintainers; [ mathnerd314 emily ]; - }; - }; - - noto-fonts = mkNoto { - pname = "noto-fonts"; - }; - - noto-fonts-lgc-plus = mkNoto { - pname = "noto-fonts-lgc-plus"; - variants = [ - "Noto Sans" - "Noto Serif" - "Noto Sans Mono" - "Noto Music" - "Noto Sans Symbols" - "Noto Sans Symbols 2" - "Noto Sans Math" - ]; - longDescription = '' - This package provides the Noto Fonts, but only for latin, greek - and cyrillic scripts, as well as some extra fonts. To create a - custom Noto package with custom variants, see the `mkNoto` - helper function. - ''; - }; - - noto-fonts-cjk-sans = mkNotoCJK { - typeface = "Sans"; - version = "2.004"; - sha256 = "sha256-IgalJkiOAVjNxKaPAQWfb5hKeqclliR4qVXCq63FGWY="; - }; - - noto-fonts-cjk-serif = mkNotoCJK { - typeface = "Serif"; - version = "2.002"; - sha256 = "sha256-GLjpTAiHfygj1J4AdUVDJh8kykkFOglq+h4kyat5W9s="; - }; - - noto-fonts-color-emoji = - let - version = "2.042"; - emojiPythonEnv = - buildPackages.python3.withPackages (p: with p; [ fonttools nototools ]); - in - stdenvNoCC.mkDerivation { - pname = "noto-fonts-emoji"; - inherit version; - - src = fetchFromGitHub { - owner = "googlefonts"; - repo = "noto-emoji"; - rev = "v${version}"; - hash = "sha256-otJQMXrBIPrxD1vCdgcrZ2h1a9XAMbqEBFumjz1XJ54="; - }; - - depsBuildBuild = [ - buildPackages.stdenv.cc - pkg-config - cairo - ]; - - nativeBuildInputs = [ - imagemagick - zopfli - pngquant - which - emojiPythonEnv - ]; - - postPatch = '' - patchShebangs *.py - patchShebangs third_party/color_emoji/*.py - # remove check for virtualenv, since we handle - # python requirements using python.withPackages - sed -i '/ifndef VIRTUAL_ENV/,+2d' Makefile - - # Make the build verbose so it won't get culled by Hydra thinking that - # it somehow got stuck doing nothing. - sed -i 's;\t@;\t;' Makefile - ''; - - enableParallelBuilding = true; - - installPhase = '' - runHook preInstall - mkdir -p $out/share/fonts/noto - cp NotoColorEmoji.ttf $out/share/fonts/noto - runHook postInstall - ''; - - meta = with lib; { - description = "Color emoji font"; - homepage = "https://github.com/googlefonts/noto-emoji"; - license = with licenses; [ ofl asl20 ]; - platforms = platforms.all; - maintainers = with maintainers; [ mathnerd314 sternenseemann ]; - }; - }; - - noto-fonts-monochrome-emoji = - # Metadata fetched from - # https://www.googleapis.com/webfonts/v1/webfonts?key=${GOOGLE_FONTS_TOKEN}&family=Noto+Emoji - let metadata = with builtins; head (fromJSON (readFile ./noto-emoji.json)).items; - urlHashes = with builtins; fromJSON (readFile ./noto-emoji.hashes.json); - - in - stdenvNoCC.mkDerivation { - pname = "noto-fonts-monochrome-emoji"; - version = "${lib.removePrefix "v" metadata.version}.${metadata.lastModified}"; - preferLocalBuild = true; - - dontUnpack = true; - srcs = let - weightNames = { - "300" = "Light"; - regular = "Regular"; - "500" = "Medium"; - "600" = "SemiBold"; - "700" = "Bold"; - }; - in lib.mapAttrsToList - (variant: url: fetchurl { name = "NotoEmoji-${weightNames.${variant}}.ttf"; - hash = urlHashes.${url}; - inherit url; } ) - metadata.files; - - installPhase = '' - runHook preInstall - for src in $srcs; do - install -D $src $out/share/fonts/noto/$(stripHash $src) - done - runHook postInstall - ''; - - meta = with lib; { - description = "Monochrome emoji font"; - homepage = "https://fonts.google.com/noto/specimen/Noto+Emoji"; - license = [ licenses.ofl ]; - maintainers = [ maintainers.nicoo ]; - - platforms = platforms.all; - sourceProvenance = [ sourceTypes.binaryBytecode ]; - }; - }; - - noto-fonts-emoji-blob-bin = - let - pname = "noto-fonts-emoji-blob-bin"; - version = "15.0"; - in - stdenvNoCC.mkDerivation { - inherit pname version; - - src = fetchurl { - url = "https://github.com/C1710/blobmoji/releases/download/v${version}/Blobmoji.ttf"; - hash = "sha256-3MPWZ1A2ups171dNIiFTJ3C1vZiGy6I8ZF70aUfrePk="; - }; - - dontUnpack = true; - - installPhase = '' - runHook preInstall - - install -Dm 444 $src $out/share/fonts/blobmoji/Blobmoji.ttf - - runHook postInstall - ''; - - meta = with lib; { - description = "Noto Emoji with extended Blob support"; - homepage = "https://github.com/C1710/blobmoji"; - license = with licenses; [ ofl asl20 ]; - platforms = platforms.all; - maintainers = with maintainers; [ rileyinman jk ]; - }; - }; -} diff --git a/pkgs/development/compilers/emscripten/0001-emulate-clang-sysroot-include-logic.patch b/pkgs/development/compilers/emscripten/0001-emulate-clang-sysroot-include-logic.patch index 6a57e423bd72b..4171906d5e368 100644 --- a/pkgs/development/compilers/emscripten/0001-emulate-clang-sysroot-include-logic.patch +++ b/pkgs/development/compilers/emscripten/0001-emulate-clang-sysroot-include-logic.patch @@ -1,4 +1,4 @@ -From 4bbbb640934aa653bcfec0335798b77a8935b815 Mon Sep 17 00:00:00 2001 +From 86fc9ce2b381748813b372f7e86909be6f955cbd Mon Sep 17 00:00:00 2001 From: Yureka <yuka@yuka.dev> Date: Sat, 7 Aug 2021 09:16:46 +0200 Subject: [PATCH] emulate clang 'sysroot + /include' logic @@ -16,27 +16,23 @@ in the include search order, right after the resource root. Hence usage of -idirafter. Clang also documents an -isystem-after flag but it doesn't appear to work --- - emcc.py | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) + emcc.py | 3 +++ + 1 file changed, 3 insertions(+) diff --git a/emcc.py b/emcc.py -index ba8d1b556..7d89644c5 100755 +index 279f6d4d9..26e20e2cc 100644 --- a/emcc.py +++ b/emcc.py -@@ -883,7 +883,12 @@ def parse_s_args(args): +@@ -400,6 +400,9 @@ def get_cflags(user_args, is_cxx): + # We add these to the user's flags (newargs), but not when building .s or .S assembly files + cflags = get_clang_flags(user_args) + cflags.append('--sysroot=' + cache.get_sysroot(absolute=True)) ++ cflags.append('-resource-dir=@resourceDir@') ++ cflags.append('-idirafter' + cache.get_sysroot(absolute=True) + os.path.join('/include')) ++ cflags.append('-iwithsysroot' + os.path.join('/include','c++','v1')) - - def emsdk_cflags(user_args): -- cflags = ['--sysroot=' + cache.get_sysroot(absolute=True)] -+ cflags = [ -+ '--sysroot=' + cache.get_sysroot(absolute=True), -+ '-resource-dir=@resourceDir@', -+ '-idirafter' + cache.get_sysroot(absolute=True) + os.path.join('/include'), -+ '-iwithsysroot' + os.path.join('/include','c++','v1') -+ ] - - def array_contains_any_of(hay, needles): - for n in needles: + if settings.EMSCRIPTEN_TRACING: + cflags.append('-D__EMSCRIPTEN_TRACING__=1') -- -2.40.0 +2.42.0 diff --git a/pkgs/development/compilers/emscripten/default.nix b/pkgs/development/compilers/emscripten/default.nix index 39c7d58aac850..1f8d2f55da347 100644 --- a/pkgs/development/compilers/emscripten/default.nix +++ b/pkgs/development/compilers/emscripten/default.nix @@ -8,7 +8,7 @@ stdenv.mkDerivation rec { pname = "emscripten"; - version = "3.1.47"; + version = "3.1.50"; llvmEnv = symlinkJoin { name = "emscripten-llvm-${version}"; @@ -32,7 +32,7 @@ stdenv.mkDerivation rec { src = fetchFromGitHub { owner = "emscripten-core"; repo = "emscripten"; - hash = "sha256-cRNkQ+7vUqJLNlf5dieeDcyT1jlBUeVxO8avoUvOPHI="; + hash = "sha256-iFZF+DxGaq279QPPugoLhYmoXmyLPkmn1x4rBCkdW+I="; rev = version; }; @@ -42,7 +42,7 @@ stdenv.mkDerivation rec { patches = [ (substituteAll { src = ./0001-emulate-clang-sysroot-include-logic.patch; - resourceDir = "${llvmEnv}/lib/clang/16/"; + resourceDir = "${llvmEnv}/lib/clang/17/"; }) ]; @@ -51,6 +51,9 @@ stdenv.mkDerivation rec { patchShebangs . + # emscripten 3.1.50 requires LLVM tip-of-tree instead of LLVM 17 + sed -i -e "s/EXPECTED_LLVM_VERSION = 18/EXPECTED_LLVM_VERSION = 17.0/g" tools/shared.py + # fixes cmake support sed -i -e "s/print \('emcc (Emscript.*\)/sys.stderr.write(\1); sys.stderr.flush()/g" emcc.py @@ -106,7 +109,11 @@ stdenv.mkDerivation rec { # TODO: get library cache to build with both enabled and function exported $out/bin/emcc $LTO $BIND test.c $out/bin/emcc $LTO $BIND -s RELOCATABLE test.c - $out/bin/emcc $LTO $BIND -s USE_PTHREADS test.c + # starting with emscripten 3.1.48+, + # to use pthreads, _emscripten_check_mailbox must be exported + # (see https://github.com/emscripten-core/emscripten/pull/20604) + # TODO: get library cache to build with pthreads at all + # $out/bin/emcc $LTO $BIND -s USE_PTHREADS test.c done done popd @@ -131,7 +138,7 @@ stdenv.mkDerivation rec { homepage = "https://github.com/emscripten-core/emscripten"; description = "An LLVM-to-JavaScript Compiler"; platforms = platforms.all; - maintainers = with maintainers; [ qknight matthewbauer raitobezarius ]; + maintainers = with maintainers; [ qknight matthewbauer raitobezarius willcohen ]; license = licenses.ncsa; }; } diff --git a/pkgs/development/compilers/graalvm/community-edition/buildGraalvm.nix b/pkgs/development/compilers/graalvm/community-edition/buildGraalvm.nix index 7d62411f57401..858d7443ff626 100644 --- a/pkgs/development/compilers/graalvm/community-edition/buildGraalvm.nix +++ b/pkgs/development/compilers/graalvm/community-edition/buildGraalvm.nix @@ -63,22 +63,7 @@ let mkdir -p $out/bin ln -s ${lib.getDev musl}/bin/musl-gcc $out/bin/${stdenv.hostPlatform.system}-musl-gcc ''); - # GraalVM 23.0.0+ (i.e.: JDK 21.0.0+) clean-up the environment inside darwin - # So we need to re-added some env vars to make everything work correctly again - darwin-cc = (runCommandCC "darwin-cc" - { - nativeBuildInputs = [ makeWrapper ]; - buildInputs = [ darwin.apple_sdk.frameworks.Foundation zlib ]; - } '' - makeWrapper ${stdenv.cc}/bin/cc $out/bin/cc \ - --prefix NIX_CFLAGS_COMPILE_${stdenv.cc.suffixSalt} : "$NIX_CFLAGS_COMPILE" \ - --prefix NIX_LDFLAGS_${stdenv.cc.suffixSalt} : "$NIX_LDFLAGS" - ''); - binPath = lib.makeBinPath ( - lib.optionals stdenv.isDarwin [ darwin-cc ] - ++ lib.optionals useMusl [ musl-gcc ] - ++ [ stdenv.cc ] - ); + binPath = lib.makeBinPath (lib.optionals useMusl [ musl-gcc ] ++ [ stdenv.cc ]); runtimeLibraryPath = lib.makeLibraryPath ([ cups ] ++ lib.optionals gtkSupport [ cairo glib gtk3 ]); @@ -180,6 +165,14 @@ let echo "Testing GraalVM" $out/bin/java -XX:+UnlockExperimentalVMOptions -XX:+EnableJVMCI -XX:+UseJVMCICompiler HelloWorld | fgrep 'Hello World' + # Workaround GraalVM issue where the builder does not have access to the + # environment variables since 21.0.0 + # Only needed for native-image tests + # https://github.com/oracle/graal/pull/6095 + # https://github.com/oracle/graal/pull/6095 + # https://github.com/oracle/graal/issues/7502 + export NATIVE_IMAGE_DEPRECATED_BUILDER_SANITATION="true"; + echo "Ahead-Of-Time compilation" $out/bin/native-image -H:+UnlockExperimentalVMOptions -H:-CheckToolchain -H:+ReportExceptionStackTraces HelloWorld ./helloworld | fgrep 'Hello World' diff --git a/pkgs/development/compilers/llvm/17/lld/add-table-base.patch b/pkgs/development/compilers/llvm/17/lld/add-table-base.patch new file mode 100644 index 0000000000000..15fc903a5e3f3 --- /dev/null +++ b/pkgs/development/compilers/llvm/17/lld/add-table-base.patch @@ -0,0 +1,190 @@ +From 93adcb770b99351b18553089c164fe3ef2119699 Mon Sep 17 00:00:00 2001 +From: Sam Clegg <sbc@chromium.org> +Date: Fri, 25 Aug 2023 13:56:16 -0700 +Subject: [PATCH] [lld][WebAssembly] Add `--table-base` setting + +This is similar to `--global-base` but determines where to place the +table segments rather than that data segments. + +See https://github.com/emscripten-core/emscripten/issues/20097 + +Differential Revision: https://reviews.llvm.org/D158892 +--- + test/wasm/table-base.s | 72 ++++++++++++++++++++++++++++++++++++++ + wasm/Driver.cpp | 19 ++++++++-- + wasm/Options.td | 5 ++- + wasm/Writer.cpp | 8 ----- + 4 files changed, 93 insertions(+), 11 deletions(-) + create mode 100644 test/wasm/table-base.s + +diff --git a/test/wasm/table-base.s b/test/wasm/table-base.s +new file mode 100644 +index 000000000000000..56fff414fd31d96 +--- /dev/null ++++ b/test/wasm/table-base.s +@@ -0,0 +1,72 @@ ++# RUN: llvm-mc -filetype=obj -triple=wasm32-unknown-unknown %s -o %t.o ++ ++# RUN: wasm-ld --export=__table_base -o %t.wasm %t.o ++# RUN: obj2yaml %t.wasm | FileCheck %s -check-prefix=CHECK-DEFAULT ++ ++# RUN: wasm-ld --table-base=100 --export=__table_base -o %t.wasm %t.o ++# RUN: obj2yaml %t.wasm | FileCheck %s -check-prefix=CHECK-100 ++ ++.globl _start ++_start: ++ .functype _start () -> () ++ i32.const _start ++ drop ++ end_function ++ ++# CHECK-DEFAULT: - Type: TABLE ++# CHECK-DEFAULT-NEXT: Tables: ++# CHECK-DEFAULT-NEXT: - Index: 0 ++# CHECK-DEFAULT-NEXT: ElemType: FUNCREF ++# CHECK-DEFAULT-NEXT: Limits: ++# CHECK-DEFAULT-NEXT: Flags: [ HAS_MAX ] ++# CHECK-DEFAULT-NEXT: Minimum: 0x2 ++# CHECK-DEFAULT-NEXT: Maximum: 0x2 ++ ++# CHECK-DEFAULT: - Type: GLOBAL ++# CHECK-DEFAULT-NEXT: Globals: ++# CHECK-DEFAULT-NEXT: - Index: 0 ++# CHECK-DEFAULT-NEXT: Type: I32 ++# CHECK-DEFAULT-NEXT: Mutable: true ++# CHECK-DEFAULT-NEXT: InitExpr: ++# CHECK-DEFAULT-NEXT: Opcode: I32_CONST ++# CHECK-DEFAULT-NEXT: Value: 66560 ++# CHECK-DEFAULT-NEXT: - Index: 1 ++# CHECK-DEFAULT-NEXT: Type: I32 ++# CHECK-DEFAULT-NEXT: Mutable: false ++# CHECK-DEFAULT-NEXT: InitExpr: ++# CHECK-DEFAULT-NEXT: Opcode: I32_CONST ++# CHECK-DEFAULT-NEXT: Value: 1 ++ ++# CHECK-DEFAULT: - Type: EXPORT ++# CHECK-DEFAULT: - Name: __table_base ++# CHECK-DEFAULT-NEXT: Kind: GLOBAL ++# CHECK-DEFAULT-NEXT: Index: 1 ++ ++# CHECK-100: - Type: TABLE ++# CHECK-100-NEXT: Tables: ++# CHECK-100-NEXT: - Index: 0 ++# CHECK-100-NEXT: ElemType: FUNCREF ++# CHECK-100-NEXT: Limits: ++# CHECK-100-NEXT: Flags: [ HAS_MAX ] ++# CHECK-100-NEXT: Minimum: 0x65 ++# CHECK-100-NEXT: Maximum: 0x65 ++ ++# CHECK-100: - Type: GLOBAL ++# CHECK-100-NEXT: Globals: ++# CHECK-100-NEXT: - Index: 0 ++# CHECK-100-NEXT: Type: I32 ++# CHECK-100-NEXT: Mutable: true ++# CHECK-100-NEXT: InitExpr: ++# CHECK-100-NEXT: Opcode: I32_CONST ++# CHECK-100-NEXT: Value: 66560 ++# CHECK-100-NEXT: - Index: 1 ++# CHECK-100-NEXT: Type: I32 ++# CHECK-100-NEXT: Mutable: false ++# CHECK-100-NEXT: InitExpr: ++# CHECK-100-NEXT: Opcode: I32_CONST ++# CHECK-100-NEXT: Value: 100 ++ ++# CHECK-100: - Type: EXPORT ++# CHECK-100: - Name: __table_base ++# CHECK-100-NEXT: Kind: GLOBAL ++# CHECK-100-NEXT: Index: 1 +diff --git a/wasm/Driver.cpp b/wasm/Driver.cpp +index 84304881f5ca34e..c2f5f0185781f36 100644 +--- a/wasm/Driver.cpp ++++ b/wasm/Driver.cpp +@@ -502,6 +502,7 @@ static void readConfigs(opt::InputArgList &args) { + + config->initialMemory = args::getInteger(args, OPT_initial_memory, 0); + config->globalBase = args::getInteger(args, OPT_global_base, 0); ++ config->tableBase = args::getInteger(args, OPT_table_base, 0); + config->maxMemory = args::getInteger(args, OPT_max_memory, 0); + config->zStackSize = + args::getZOptionValue(args, OPT_z, "stack-size", WasmPageSize); +@@ -573,6 +574,17 @@ static void setConfigs() { + if (config->exportTable) + error("-shared/-pie is incompatible with --export-table"); + config->importTable = true; ++ } else { ++ // Default table base. Defaults to 1, reserving 0 for the NULL function ++ // pointer. ++ if (!config->tableBase) ++ config->tableBase = 1; ++ // The default offset for static/global data, for when --global-base is ++ // not specified on the command line. The precise value of 1024 is ++ // somewhat arbitrary, and pre-dates wasm-ld (Its the value that ++ // emscripten used prior to wasm-ld). ++ if (!config->globalBase && !config->relocatable && !config->stackFirst) ++ config->globalBase = 1024; + } + + if (config->relocatable) { +@@ -666,8 +678,11 @@ static void checkOptions(opt::InputArgList &args) { + warn("-Bsymbolic is only meaningful when combined with -shared"); + } + +- if (config->globalBase && config->isPic) { +- error("--global-base may not be used with -shared/-pie"); ++ if (config->isPic) { ++ if (config->globalBase) ++ error("--global-base may not be used with -shared/-pie"); ++ if (config->tableBase) ++ error("--table-base may not be used with -shared/-pie"); + } + } + +diff --git a/wasm/Options.td b/wasm/Options.td +index 50417d2928e0a34..bb764396bf4df14 100644 +--- a/wasm/Options.td ++++ b/wasm/Options.td +@@ -191,7 +191,7 @@ def growable_table: FF<"growable-table">, + HelpText<"Remove maximum size from function table, allowing table to grow">; + + def global_base: JJ<"global-base=">, +- HelpText<"Where to start to place global data">; ++ HelpText<"Memory offset at which to place global data (Defaults to 1024)">; + + def import_memory: FF<"import-memory">, + HelpText<"Import the module's memory from the default module of \"env\" with the name \"memory\".">; +@@ -224,6 +224,9 @@ def no_entry: FF<"no-entry">, + def stack_first: FF<"stack-first">, + HelpText<"Place stack at start of linear memory rather than after data">; + ++def table_base: JJ<"table-base=">, ++ HelpText<"Table offset at which to place address taken functions (Defaults to 1)">; ++ + defm whole_archive: B<"whole-archive", + "Force load of all members in a static library", + "Do not force load of all members in a static library (default)">; +diff --git a/wasm/Writer.cpp b/wasm/Writer.cpp +index f25d358dc5bae6f..0576bf2907e49c4 100644 +--- a/wasm/Writer.cpp ++++ b/wasm/Writer.cpp +@@ -358,13 +358,6 @@ void Writer::layoutMemory() { + memoryPtr = config->globalBase; + } + } else { +- if (!config->globalBase && !config->relocatable && !config->isPic) { +- // The default offset for static/global data, for when --global-base is +- // not specified on the command line. The precise value of 1024 is +- // somewhat arbitrary, and pre-dates wasm-ld (Its the value that +- // emscripten used prior to wasm-ld). +- config->globalBase = 1024; +- } + memoryPtr = config->globalBase; + } + +@@ -1685,7 +1678,6 @@ void Writer::run() { + // For PIC code the table base is assigned dynamically by the loader. + // For non-PIC, we start at 1 so that accessing table index 0 always traps. + if (!config->isPic) { +- config->tableBase = 1; + if (WasmSym::definedTableBase) + WasmSym::definedTableBase->setVA(config->tableBase); + if (WasmSym::definedTableBase32) diff --git a/pkgs/development/compilers/llvm/17/lld/default.nix b/pkgs/development/compilers/llvm/17/lld/default.nix index cc18aee76a448..84943e8effce1 100644 --- a/pkgs/development/compilers/llvm/17/lld/default.nix +++ b/pkgs/development/compilers/llvm/17/lld/default.nix @@ -26,6 +26,7 @@ stdenv.mkDerivation rec { patches = [ ./gnu-install-dirs.patch + ./add-table-base.patch ]; nativeBuildInputs = [ cmake ninja ]; diff --git a/pkgs/development/cuda-modules/generic-builders/manifest.nix b/pkgs/development/cuda-modules/generic-builders/manifest.nix index 95140ca651cd5..71c914c8c8f24 100644 --- a/pkgs/development/cuda-modules/generic-builders/manifest.nix +++ b/pkgs/development/cuda-modules/generic-builders/manifest.nix @@ -189,6 +189,9 @@ backendStdenv.mkDerivation ( '' # Move the outputs into their respective outputs. + strings.concatMapStringsSep "\n" mkMoveToOutputCommand (builtins.tail finalAttrs.outputs) + # Add a newline to the end of the installPhase, so that the post-install hook doesn't + # get concatenated with the last moveToOutput command. + + "\n" # Post-install hook + '' runHook postInstall diff --git a/pkgs/development/haskell-modules/configuration-ghc-9.6.x.nix b/pkgs/development/haskell-modules/configuration-ghc-9.6.x.nix index 803e34163f9d9..7fce340d5c563 100644 --- a/pkgs/development/haskell-modules/configuration-ghc-9.6.x.nix +++ b/pkgs/development/haskell-modules/configuration-ghc-9.6.x.nix @@ -119,7 +119,6 @@ self: super: { # Forbids base >= 4.18, fix proposed: https://github.com/sjakobi/newtype-generics/pull/25 newtype-generics = jailbreakForCurrentVersion super.newtype-generics "0.6.2"; - cborg-json = jailbreakForCurrentVersion super.cborg-json "0.2.5.0"; serialise = jailbreakForCurrentVersion super.serialise "0.2.6.0"; # diff --git a/pkgs/development/interpreters/wamr/default.nix b/pkgs/development/interpreters/wamr/default.nix index 9396f3361afae..f7761d5037f9d 100644 --- a/pkgs/development/interpreters/wamr/default.nix +++ b/pkgs/development/interpreters/wamr/default.nix @@ -31,8 +31,6 @@ stdenv.mkDerivation (finalAttrs: { license = licenses.asl20; mainProgram = "iwasm"; maintainers = with maintainers; [ ereslibre ]; - # TODO (ereslibre): this derivation should be improved to support - # more platforms. - broken = !stdenv.isLinux; + platforms = platforms.unix; }; }) diff --git a/pkgs/development/libraries/librealsense/default.nix b/pkgs/development/libraries/librealsense/default.nix index aec9cfaaf91a2..9a127fcd92ad3 100644 --- a/pkgs/development/libraries/librealsense/default.nix +++ b/pkgs/development/libraries/librealsense/default.nix @@ -23,7 +23,7 @@ assert enablePython -> pythonPackages != null; stdenv.mkDerivation rec { pname = "librealsense"; - version = "2.45.0"; + version = "2.54.2"; outputs = [ "out" "dev" ]; @@ -31,7 +31,7 @@ stdenv.mkDerivation rec { owner = "IntelRealSense"; repo = pname; rev = "v${version}"; - sha256 = "0aqf48zl7825v7x8c3x5w4d17m4qq377f1mn6xyqzf9b0dnk4i1j"; + sha256 = "sha256-EbnIHnsUgsqN/SVv4m9H7K8gfwni+u82+M55QBstAGI="; }; buildInputs = [ @@ -42,22 +42,10 @@ stdenv.mkDerivation rec { ++ lib.optionals enableGUI [ mesa gtk3 glfw libGLU curl ]; patches = [ - # fix build on aarch64-darwin - # https://github.com/IntelRealSense/librealsense/pull/9253 - (fetchpatch { - url = "https://github.com/IntelRealSense/librealsense/commit/beb4c44debc8336de991c983274cad841eb5c323.patch"; - sha256 = "05mxsd2pz3xrvywdqyxkwdvxx8hjfxzcgl51897avz4v2j89pyq8"; - }) - ./py_sitepackage_dir.patch ./py_pybind11_no_external_download.patch + ./install-presets.patch ]; - postPatch = '' - # https://github.com/IntelRealSense/librealsense/issues/11092 - # insert a "#include <iostream" at beginning of file - sed '1i\#include <iostream>' -i wrappers/python/pyrs_device.cpp - ''; - nativeBuildInputs = [ cmake ninja diff --git a/pkgs/development/libraries/librealsense/install-presets.patch b/pkgs/development/libraries/librealsense/install-presets.patch new file mode 100644 index 0000000000000..347aa43453230 --- /dev/null +++ b/pkgs/development/libraries/librealsense/install-presets.patch @@ -0,0 +1,13 @@ +diff --git a/tools/realsense-viewer/CMakeLists.txt b/tools/realsense-viewer/CMakeLists.txt +index 44be6278f..1a4531dff 100644 +--- a/tools/realsense-viewer/CMakeLists.txt ++++ b/tools/realsense-viewer/CMakeLists.txt +@@ -253,7 +253,7 @@ install( + ) + #https://cmake.org/cmake/help/latest/command/install.html + install(DIRECTORY presets/ +- DESTINATION $ENV{HOME}/Documents/librealsense2/presets ++ DESTINATION $ENV{out}/share/librealsense2/presets + FILES_MATCHING PATTERN "*.preset" + ) + endif() diff --git a/pkgs/development/libraries/librealsense/py_pybind11_no_external_download.patch b/pkgs/development/libraries/librealsense/py_pybind11_no_external_download.patch index 2b48edb62e37b..c91945fa15232 100644 --- a/pkgs/development/libraries/librealsense/py_pybind11_no_external_download.patch +++ b/pkgs/development/libraries/librealsense/py_pybind11_no_external_download.patch @@ -1,39 +1,15 @@ -From 01e51b9c90ba51b2d0ca797dde676812cf3db415 Mon Sep 17 00:00:00 2001 -From: "Robert T. McGibbon" <rmcgibbo@gmail.com> -Date: Mon, 10 May 2021 17:26:04 -0400 -Subject: [PATCH 1/1] V1 - ---- - wrappers/python/CMakeLists.txt | 15 +-------------- - 1 file changed, 1 insertion(+), 14 deletions(-) - -diff --git a/wrappers/python/CMakeLists.txt b/wrappers/python/CMakeLists.txt -index aa83e4c77..4ec92ccfa 100644 ---- a/wrappers/python/CMakeLists.txt -+++ b/wrappers/python/CMakeLists.txt -@@ -8,21 +8,8 @@ if (NOT BUILD_PYTHON_BINDINGS) - endif() - - set(DEPENDENCIES realsense2) --# In order for the external project clone to occur during cmake configure step(rather than during compilation, as would normally happen), --# we copy the external project declaration to the build folder and then execute it --configure_file(${CMAKE_SOURCE_DIR}/third-party/pybind11/CMakeLists.txt ${CMAKE_BINARY_DIR}/external-projects/pybind11/CMakeLists.txt) --execute_process(COMMAND "${CMAKE_COMMAND}" -G "${CMAKE_GENERATOR}" . -- WORKING_DIRECTORY "${CMAKE_BINARY_DIR}/external-projects/pybind11" --) --execute_process(COMMAND "${CMAKE_COMMAND}" --build . -- WORKING_DIRECTORY "${CMAKE_BINARY_DIR}/external-projects/pybind11" --) +diff --git a/CMake/global_config.cmake b/CMake/global_config.cmake +index 350f7a268..2cf125c67 100644 +--- a/CMake/global_config.cmake ++++ b/CMake/global_config.cmake +@@ -69,7 +69,8 @@ macro(global_set_flags) --# Add pybind11 makefile --add_subdirectory("${CMAKE_BINARY_DIR}/third-party/pybind11" -- "${CMAKE_BINARY_DIR}/third-party/pybind11" -- EXCLUDE_FROM_ALL --) -+find_package(pybind11 REQUIRED) + if(BUILD_PYTHON_BINDINGS) + include(libusb_config) +- include(CMake/external_pybind11.cmake) ++ find_package(pybind11 REQUIRED) ++ set(PYTHON_INSTALL_DIR "${XXNIX_PYTHON_SITEPACKAGES}/pyrealsense2" CACHE PATH "Installation directory for Python bindings") + endif() - set(PYBIND11_CPP_STANDARD -std=c++11) - # Force Pybind11 not to share pyrealsense2 resources with other pybind modules. --- -2.29.3 + if(CHECK_FOR_UPDATES) diff --git a/pkgs/development/libraries/librealsense/py_sitepackage_dir.patch b/pkgs/development/libraries/librealsense/py_sitepackage_dir.patch deleted file mode 100644 index 99b567a429ed2..0000000000000 --- a/pkgs/development/libraries/librealsense/py_sitepackage_dir.patch +++ /dev/null @@ -1,15 +0,0 @@ ---- a/wrappers/python/CMakeLists.txt -+++ b/wrappers/python/CMakeLists.txt -@@ -10,11 +10,11 @@ - if (CMAKE_VERSION VERSION_LESS 3.12) - find_package(PythonInterp REQUIRED) - find_package(PythonLibs REQUIRED) -- set(PYTHON_INSTALL_DIR "${CMAKE_INSTALL_LIBDIR}/python${PYTHON_VERSION_MAJOR}.${PYTHON_VERSION_MINOR}/pyrealsense2" CACHE PATH "Installation directory for Python bindings") -+ set(PYTHON_INSTALL_DIR "${XXNIX_PYTHON_SITEPACKAGES}/pyrealsense2" CACHE PATH "Installation directory for Python bindings") - set(CMAKECONFIG_PY_INSTALL_DIR "${CMAKE_INSTALL_LIBDIR}/cmake/pyrealsense2") - else() - find_package(Python REQUIRED COMPONENTS Interpreter Development) -- set(PYTHON_INSTALL_DIR "${Python_SITEARCH}/pyrealsense2" CACHE PATH "Installation directory for Python bindings") -+ set(PYTHON_INSTALL_DIR "${XXNIX_PYTHON_SITEPACKAGES}/pyrealsense2" CACHE PATH "Installation directory for Python bindings") - set(CMAKECONFIG_PY_INSTALL_DIR "${CMAKE_INSTALL_LIBDIR}/cmake/pyrealsense2") - endif() diff --git a/pkgs/development/lisp-modules/packages.nix b/pkgs/development/lisp-modules/packages.nix index 90e36dc882cdc..afb2d834579ab 100644 --- a/pkgs/development/lisp-modules/packages.nix +++ b/pkgs/development/lisp-modules/packages.nix @@ -224,21 +224,21 @@ let version = "0.5.4"; src = pkgs.fetchgit { - url = "https://notabug.org/cage/cl-colors2"; - rev = "refs/tags/v0.5.4"; + url = "https://codeberg.org/cage/cl-colors2"; + rev = "v0.5.4"; sha256 = "sha256-JbT1BKjaXDwdlzHLPjX1eg0RMIOT86R17SPgbe2h+tA="; }; }; - prompter = build-asdf-system { + prompter = build-asdf-system rec { pname = "prompter"; - version = "0.1.0"; + version = "0.1.1"; src = pkgs.fetchFromGitHub { owner = "atlas-engineer"; repo = "prompter"; - rev = "0.1.0"; - sha256 = "sha256-Duv7L2lMjr3VXsoujQDOMNHCbdUDX4RWoncVm9LDCZE="; + rev = version; + sha256 = "sha256-A9gIUBj0oUDFGR5aqHz+tdNR6t03LPMrx0n9qM3ACwE="; }; lispLibs = [ @@ -256,67 +256,55 @@ let }; - nasdf = build-asdf-system { - pname = "nasdf"; - version = "20230911-git"; - src = pkgs.fetchFromGitHub { - owner = "atlas-engineer"; - repo = "ntemplate"; - rev = "ab7a018f3a67a999c72710644b10b4545130c139"; - sha256 = "sha256-fXGh0h6CXLoBgK1jRxkSNyQVAY1gvi4iyHQBuzueR5Y="; - }; - }; - - njson = build-asdf-system { + njson = build-asdf-system rec { pname = "njson"; - version = "1.1.0"; + version = "1.2.2"; src = pkgs.fetchFromGitHub { owner = "atlas-engineer"; repo = "njson"; - rev = "1.1.0"; - sha256 = "sha256-hVo5++QCns7Mv3zATpAP3EVz1pbj+jbQmzSLqs6hqQo="; + rev = version; + sha256 = "sha256-kw5DD0GJp/TeCiYATBY8GL8UKqYS6Q4j0a0eQsdcZRc="; }; - lispLibs = [ self.nasdf super.cl-json super.com_dot_inuoe_dot_jzon]; + lispLibs = [ super.cl-json super.com_dot_inuoe_dot_jzon]; systems = [ "njson" "njson/cl-json" "njson/jzon"]; }; - nsymbols = build-asdf-system { + nsymbols = build-asdf-system rec { pname = "nsymbols"; - version = "0.3.1"; + version = "0.3.2"; src = pkgs.fetchFromGitHub { owner = "atlas-engineer"; repo = "nsymbols"; - rev = "0.3.1"; - sha256 = "sha256-KcrE06bG5Khp5/807wb/TbPG3nWTlNWHrDpmK6bm7ZM="; + rev = version; + sha256 = "sha256-psk29WEA7Hxgp29oUniBNvI+lyZfMkdpa5A7okc6kKs="; }; lispLibs = [ super.closer-mop ]; systems = [ "nsymbols" "nsymbols/star" ]; }; - nclasses = build-asdf-system { + nclasses = build-asdf-system rec { pname = "nclasses"; - version = "0.6.0"; + version = "0.6.1"; src = pkgs.fetchFromGitHub { owner = "atlas-engineer"; repo = "nclasses"; - rev = "0.6.0"; - sha256 = "sha256-JupP+TIxavUoyOPnp57FqpEjWfgKspdFoSRnV2rk5U4="; + rev = version; + sha256 = "sha256-foXmaLxMYMFieB2Yd2iPsU4EX5kLXq7kyElqGZ47OgI="; }; - lispLibs = [ self.nasdf super.moptilities ]; + lispLibs = [ super.moptilities ]; }; - nfiles = build-asdf-system { + nfiles = build-asdf-system rec { pname = "nfiles"; - version = "20230705-git"; + version = "1.1.4"; src = pkgs.fetchFromGitHub { owner = "atlas-engineer"; repo = "nfiles"; - rev = "3626e8d512a84efc12479ceb3969d194511757f7"; - sha256 = "sha256-MoJdbTOVfw2rJk4cf/rEnR55BxdXkoqqu9Txd/R9OYQ="; + rev = version; + sha256 = "sha256-4rhpBErQgZHcwZRblxgiYaUmKalvllSbJjnRteDVH6k="; }; lispLibs = [ - self.nasdf self.nclasses super.quri super.alexandria @@ -328,26 +316,26 @@ let ]; }; - nhooks = build-asdf-system { + nhooks = build-asdf-system rec { pname = "nhooks"; - version = "1.2.1"; + version = "1.2.2"; src = pkgs.fetchFromGitHub { owner = "atlas-engineer"; repo = "nhooks"; - rev = "1.2.1"; - hash = "sha256-D61QHxHTceIu5mCGKf3hy53niQMfs0idEYQK1ZYn1YM="; + rev = version; + hash = "sha256-6A3fsemsv2KbTmdGMQeL9iHFUBHc4kK6CRNVyc91LdU="; }; lispLibs = with self; [ bordeaux-threads closer-mop serapeum ]; }; nkeymaps = build-asdf-system rec { pname = "nkeymaps"; - version = "1.1.0"; + version = "1.1.1"; src = pkgs.fetchFromGitHub { owner = "atlas-engineer"; repo = "nkeymaps"; rev = version; - hash = "sha256-ewMu2IgEzCYY72vG91IA7l8X78Ph6jpQvbKeOFZdAyM="; + hash = "sha256-/t85Yh4EvnSyIM6xeDBLmfVz3wddmavInXzeYafNMJ0="; }; lispLibs = with self; [ alexandria fset trivial-package-local-nicknames str ]; @@ -356,18 +344,17 @@ let history-tree = build-asdf-system rec { pname = "history-tree"; - version = "0.1.1"; + version = "0.1.2"; src = pkgs.fetchFromGitHub { owner = "atlas-engineer"; repo = "history-tree"; rev = version; - hash = "sha256-lOORalyTybdut/If+dBXS4PlZt2AnZrEI/qjQWS03pk="; + hash = "sha256-wpVONvShNnvrPOlbNoX/t9sYiwxnIKnnJaJyALEyeNg="; }; lispLibs = with self; [ alexandria cl-custom-hash-table local-time - nasdf nclasses trivial-package-local-nicknames ]; @@ -375,7 +362,7 @@ let nyxt-gtk = build-asdf-system { pname = "nyxt"; - version = "3.9.0"; + version = "3.10.0"; lispLibs = (with super; [ alexandria @@ -413,7 +400,6 @@ let plump clss spinneret - slynk trivia trivial-features trivial-garbage @@ -429,8 +415,8 @@ let src = pkgs.fetchFromGitHub { owner = "snmsts"; repo = "trivial-clipboard"; - rev = "6ddf8d5dff8f5c2102af7cd1a1751cbe6408377b"; - sha256 = "sha256-n15IuTkqAAh2c1OfNbZfCAQJbH//QXeH0Bl1/5OpFRM="; + rev = "f7b2c96fea00ca06a83f20b00b7b1971e76e03e7"; + sha256 = "sha256-U6Y9BiM2P1t9P8fdX8WIRQPRWl2v2ZQuKdP1IUqvOAk="; };})) (cl-gobject-introspection.overrideAttrs (final: prev: { src = pkgs.fetchFromGitHub { @@ -447,26 +433,45 @@ let sha256 = "sha256-t/B9CvQTekEEsM/ZEp47Mn6NeZaTYFsTdRqclfX9BNg="; }; })) + (slynk.overrideAttrs (final: prev: { + src = pkgs.fetchFromGitHub { + owner = "joaotavora"; + repo = "sly"; + rev = "9c43bf65b967e12cef1996f1af5f0671d8aecbf4"; + hash = "sha256-YlHZ/7VwvHe2PBPRshN+Gr3WuGK9MpkOJprP6QXI3pY="; + }; + systems = [ "slynk" "slynk/arglists" "slynk/fancy-inspector" + "slynk/package-fu" "slynk/mrepl" "slynk/trace-dialog" + "slynk/profiler" "slynk/stickers" "slynk/indentation" + "slynk/retro" ]; + })) ]) ++ (with self; [ history-tree nhooks nkeymaps - nasdf prompter cl-colors2_0_5_4 njson nsymbols nclasses nfiles - swank cl-containers + (swank.overrideAttrs (final: prev: { + src = pkgs.fetchFromGitHub { + owner = "slime"; + repo = "slime"; + rev = "735258a26bb97e85d25f39e4bef83c1f80c12f5d"; + hash = "sha256-vMMer6qLJDKTwNE3unsOQezujISqFtn2AYl8cxsJvrc="; + }; + systems = [ "swank" "swank/exts" ]; + })) ]); src = pkgs.fetchFromGitHub { owner = "atlas-engineer"; repo = "nyxt"; - rev = "3.9.0"; - sha256 = "sha256-bZoAE0FErgXPylOzh6AfMq3befms9dHms8+slbYdctk="; + rev = "3.10.0"; + sha256 = "sha256-yEa5Lx1egkg9Jh3EQfvaBQicm31uxIq/3s2NOQUC4uc="; }; nativeBuildInputs = [ pkgs.makeWrapper ]; @@ -486,8 +491,14 @@ let # see: https://gitlab.common-lisp.net/asdf/asdf/-/blob/master/doc/asdf.texinfo#L2582 patches = [ ./patches/nyxt-remove-build-operation.patch ]; + NASDF_USE_LOGICAL_PATHS = true; + buildScript = pkgs.writeText "build-nyxt.lisp" '' (load "${super.alexandria.asdfFasl}/asdf.${super.alexandria.faslExt}") + (require :uiop) + (let ((pwd (uiop:ensure-directory-pathname (uiop/os:getcwd)))) + (asdf:load-asd (uiop:merge-pathnames* "libraries/nasdf/nasdf.asd" pwd)) + (asdf:load-asd (uiop:merge-pathnames* "nyxt.asd" pwd))) ;; There's a weird error while copy/pasting in Nyxt that manifests with sb-ext:save-lisp-and-die, so we use asdf:operare :program-op instead (asdf:operate :program-op :nyxt/gi-gtk-application) ''; diff --git a/pkgs/development/python-modules/bellows/default.nix b/pkgs/development/python-modules/bellows/default.nix index 03ebff7aea5f0..112c50ca038c1 100644 --- a/pkgs/development/python-modules/bellows/default.nix +++ b/pkgs/development/python-modules/bellows/default.nix @@ -16,7 +16,7 @@ buildPythonPackage rec { pname = "bellows"; - version = "0.37.1"; + version = "0.37.3"; pyproject = true; disabled = pythonOlder "3.8"; @@ -25,7 +25,7 @@ buildPythonPackage rec { owner = "zigpy"; repo = "bellows"; rev = "refs/tags/${version}"; - hash = "sha256-JkaCM9XOdGZE9/C2BUV3g9QL5+k/HlVYd4WsAMS2mgk="; + hash = "sha256-WVVOJrQWWC4tuREjSs8bOA0J9Y/y2BLE2s3YysSaBt8="; }; postPatch = '' diff --git a/pkgs/development/python-modules/can/default.nix b/pkgs/development/python-modules/can/default.nix index 4688c65074951..28c401b667fe1 100644 --- a/pkgs/development/python-modules/can/default.nix +++ b/pkgs/development/python-modules/can/default.nix @@ -19,7 +19,7 @@ buildPythonPackage rec { pname = "can"; - version = "4.3.0"; + version = "4.3.1"; pyproject = true; disabled = pythonOlder "3.7"; @@ -28,7 +28,7 @@ buildPythonPackage rec { owner = "hardbyte"; repo = "python-can"; rev = "refs/tags/v${version}"; - hash = "sha256-JsYAh5Z6RIX6aWpSuW+VIzJRPf5MfNbBGg36v3CQiLU="; + hash = "sha256-t2zt54nPOYcEE0RPb4fbW7sN4HzFXlDIHvHudstBwrM="; }; postPatch = '' diff --git a/pkgs/data/fonts/noto-fonts/tools.nix b/pkgs/development/python-modules/nototools/default.nix index 1b515b486f5f9..1b515b486f5f9 100644 --- a/pkgs/data/fonts/noto-fonts/tools.nix +++ b/pkgs/development/python-modules/nototools/default.nix diff --git a/pkgs/development/python-modules/plugwise/default.nix b/pkgs/development/python-modules/plugwise/default.nix index 14e77c816b888..9888ef279f478 100644 --- a/pkgs/development/python-modules/plugwise/default.nix +++ b/pkgs/development/python-modules/plugwise/default.nix @@ -20,7 +20,7 @@ buildPythonPackage rec { pname = "plugwise"; - version = "0.35.1"; + version = "0.35.3"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -29,7 +29,7 @@ buildPythonPackage rec { owner = pname; repo = "python-plugwise"; rev = "refs/tags/v${version}"; - hash = "sha256-eHJQXLiuWmJo/Eo4B8gEo44rwpPA7ASjxKSmdu6Tv9M="; + hash = "sha256-DCG1sKpUUV2/2mVJ2ltCkzCxQxAkDtxzNX6uMSpJhi4="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/pyhiveapi/default.nix b/pkgs/development/python-modules/pyhiveapi/default.nix index ec6d51191966f..989b1d115d8d5 100644 --- a/pkgs/development/python-modules/pyhiveapi/default.nix +++ b/pkgs/development/python-modules/pyhiveapi/default.nix @@ -14,7 +14,7 @@ buildPythonPackage rec { pname = "pyhiveapi"; - version = "0.5.15"; + version = "0.5.16"; format = "pyproject"; @@ -24,7 +24,7 @@ buildPythonPackage rec { owner = "Pyhass"; repo = "Pyhiveapi"; rev = "refs/tags/v${version}"; - hash = "sha256-tR2PCR1qGn4KnqAjEpcRTcVlMEpKCwn5RAm99AXBSnk="; + hash = "sha256-gPou5KGLFEFP29qSpRg+6sCiXOwfoF1gyhBVERYJ1LI="; }; postPatch = '' diff --git a/pkgs/development/python-modules/zigpy-deconz/default.nix b/pkgs/development/python-modules/zigpy-deconz/default.nix index b5ed6bbd11d0f..99cdb83515cfc 100644 --- a/pkgs/development/python-modules/zigpy-deconz/default.nix +++ b/pkgs/development/python-modules/zigpy-deconz/default.nix @@ -12,7 +12,7 @@ buildPythonPackage rec { pname = "zigpy-deconz"; - version = "0.22.0"; + version = "0.22.2"; pyproject = true; disabled = pythonOlder "3.7"; @@ -21,7 +21,7 @@ buildPythonPackage rec { owner = "zigpy"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-pdWWI+yZh0uf2TzVbyJFIrxM2zfmaPG/PGZWaNNrZ6M="; + hash = "sha256-gkIo56SGqthLq2Ycjl/MqKLJvTxhkm8reUmwVhphxhg="; }; postPatch = '' diff --git a/pkgs/development/python-modules/zigpy-xbee/default.nix b/pkgs/development/python-modules/zigpy-xbee/default.nix index d40e2b17b6cc1..848f253243cf6 100644 --- a/pkgs/development/python-modules/zigpy-xbee/default.nix +++ b/pkgs/development/python-modules/zigpy-xbee/default.nix @@ -12,7 +12,7 @@ buildPythonPackage rec { pname = "zigpy-xbee"; - version = "0.20.0"; + version = "0.20.1"; pyproject = true; disabled = pythonOlder "3.8"; @@ -21,7 +21,7 @@ buildPythonPackage rec { owner = "zigpy"; repo = "zigpy-xbee"; rev = "refs/tags/${version}"; - hash = "sha256-Ja9U/X9YblS6uUD7MX3t2tItG9AMiNF7OFgvIotdvQs="; + hash = "sha256-H0rs4EOzz2Nx5YuwqTZp2FGF1z2phBgSIyraKHHx4RA="; }; postPatch = '' diff --git a/pkgs/development/python-modules/zigpy/default.nix b/pkgs/development/python-modules/zigpy/default.nix index 80934e280d40d..1185f63e19033 100644 --- a/pkgs/development/python-modules/zigpy/default.nix +++ b/pkgs/development/python-modules/zigpy/default.nix @@ -18,7 +18,7 @@ buildPythonPackage rec { pname = "zigpy"; - version = "0.60.0"; + version = "0.60.1"; format = "pyproject"; disabled = pythonOlder "3.8"; @@ -27,7 +27,7 @@ buildPythonPackage rec { owner = "zigpy"; repo = "zigpy"; rev = "refs/tags/${version}"; - hash = "sha256-1i92YyOIoWSMDHgfnXiXQuvDnmEPlSHwoSLmmsoTkDU="; + hash = "sha256-Ejf/Z9mgyO8y99rmuPPVOleyHWgYzxq3AO3TB8jkmtY="; }; postPatch = '' diff --git a/pkgs/development/tools/analysis/checkov/default.nix b/pkgs/development/tools/analysis/checkov/default.nix index 22157b26baeaf..482b0f092bb8b 100644 --- a/pkgs/development/tools/analysis/checkov/default.nix +++ b/pkgs/development/tools/analysis/checkov/default.nix @@ -5,14 +5,14 @@ python3.pkgs.buildPythonApplication rec { pname = "checkov"; - version = "3.1.34"; + version = "3.1.38"; pyproject = true; src = fetchFromGitHub { owner = "bridgecrewio"; repo = "checkov"; rev = "refs/tags/${version}"; - hash = "sha256-F0zXvxxnfiCoEzhDL5v82OImqOX3y5umyRy5PbVCls0="; + hash = "sha256-03tukEuNaQP3YNv66FuDKzeTPcPfPY4PT6ZWRLFDu6c="; }; patches = [ diff --git a/pkgs/development/tools/bearer/default.nix b/pkgs/development/tools/bearer/default.nix index a073c2b2b248e..e1f56a56fbc62 100644 --- a/pkgs/development/tools/bearer/default.nix +++ b/pkgs/development/tools/bearer/default.nix @@ -7,16 +7,16 @@ buildGoModule rec { pname = "bearer"; - version = "1.32.0"; + version = "1.33.0"; src = fetchFromGitHub { owner = "bearer"; repo = "bearer"; rev = "refs/tags/v${version}"; - hash = "sha256-fqc/+eYrUcFHgC+st0LogLLIW/jRyp0M5VwxMBWkPKY="; + hash = "sha256-sdtZOj3jksXDVVYi+Uy/zXgZoqlhGlPKjokXNErBe9k="; }; - vendorHash = "sha256-QDtjB1h7mNBEpTwoQfex3c6oba/kztKlgQpbmNHvoz0="; + vendorHash = "sha256-u3pqG74o8xRxxepS5u3lTo4rPgbFABDC/dLWD1JAyxA="; subPackages = [ "cmd/bearer" diff --git a/pkgs/development/tools/buildah/default.nix b/pkgs/development/tools/buildah/default.nix index a6761a7350c78..81d00d6304e06 100644 --- a/pkgs/development/tools/buildah/default.nix +++ b/pkgs/development/tools/buildah/default.nix @@ -17,13 +17,13 @@ buildGoModule rec { pname = "buildah"; - version = "1.32.2"; + version = "1.33.2"; src = fetchFromGitHub { owner = "containers"; repo = "buildah"; rev = "v${version}"; - hash = "sha256-Av4wrJ+anVu1pTSFTpaseBhj+7ECsRoKb1bATrUKYuo="; + hash = "sha256-jkUEGaECBNidKreoyezWw7LN38uHqyYo40dOwfuuuI4="; }; outputs = [ "out" "man" ]; diff --git a/pkgs/development/tools/rust/cargo-cyclonedx/default.nix b/pkgs/development/tools/rust/cargo-cyclonedx/default.nix index c8769abc8a68f..acfd450f209a7 100644 --- a/pkgs/development/tools/rust/cargo-cyclonedx/default.nix +++ b/pkgs/development/tools/rust/cargo-cyclonedx/default.nix @@ -12,16 +12,16 @@ rustPlatform.buildRustPackage rec { pname = "cargo-cyclonedx"; - version = "0.3.8"; + version = "0.4.1"; src = fetchFromGitHub { owner = "CycloneDX"; repo = "cyclonedx-rust-cargo"; rev = "${pname}-${version}"; - hash = "sha256-6XW8aCXepbVnTubbM4sfRIC87uYSCEbuj+jJcPayEEU="; + hash = "sha256-JrusJsMjaWAsWAssU+q87BCH2ouLfthIw47ypwBkR9o="; }; - cargoHash = "sha256-BG/vfa5L6Iibfon3A5TP8/K8jbJsWqc+axdvIXc7GmM="; + cargoHash = "sha256-QzEojbwBF7s3C+LlFWle0+8DVtyEljuqAcMAyRJqFcs="; nativeBuildInputs = [ pkg-config diff --git a/pkgs/development/tools/rust/cargo-mobile2/default.nix b/pkgs/development/tools/rust/cargo-mobile2/default.nix index 3564862e19fc2..b29c7bb64fb15 100644 --- a/pkgs/development/tools/rust/cargo-mobile2/default.nix +++ b/pkgs/development/tools/rust/cargo-mobile2/default.nix @@ -12,7 +12,7 @@ let inherit (darwin.apple_sdk.frameworks) CoreServices; pname = "cargo-mobile2"; - version = "0.7.0"; + version = "0.9.0"; in rustPlatform.buildRustPackage { inherit pname version; @@ -20,14 +20,14 @@ rustPlatform.buildRustPackage { owner = "tauri-apps"; repo = pname; rev = "cargo-mobile2-v${version}"; - hash = "sha256-aJPiPhDbu7Nwnd65kPMxeULrcjdSu0EF34ma3n/NTYI="; + hash = "sha256-zLArfCUgBWx/xrcjvyhQbSxjH0JKI3JhoDVRX2/kBnQ="; }; # Manually specify the sourceRoot since this crate depends on other crates in the workspace. Relevant info at # https://discourse.nixos.org/t/difficulty-using-buildrustpackage-with-a-src-containing-multiple-cargo-workspaces/10202 # sourceRoot = "${src.name}/tooling/cli"; - cargoHash = "sha256-Inc+PWJO+PM99YYwQEG1J0/17RkLauraFVzO2CO15rQ="; + cargoHash = "sha256-13iCSd2BQ4fEeXSOfDBVgnzFSl1fUAPrbZZJ3qx7oHc="; preBuild = '' mkdir -p $out/share/ diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index d8f8bb2fa73f9..cc410ae8b8af8 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -2,81 +2,81 @@ "4.14": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.14.328-hardened1.patch", - "sha256": "1qq2l4nwhxgl4drx6isc1ly892kffjq4hqb4zadqs6sxvsdm7x57", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.328-hardened1/linux-hardened-4.14.328-hardened1.patch" + "name": "linux-hardened-4.14.332-hardened1.patch", + "sha256": "1nda3z8hkyfw53dzk1v5zwpzhm75gizsixfmrh8ylaghhk5s8yw3", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.332-hardened1/linux-hardened-4.14.332-hardened1.patch" }, - "sha256": "1igcpvnhwwrczfdsafmszvi0456k7f6j4cgpfw6v6afw09p95d8x", - "version": "4.14.328" + "sha256": "1f4q0acbp917myjmgiy4haxp78yak5h1rj5g937r6mkykwb6nb14", + "version": "4.14.332" }, "4.19": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-4.19.297-hardened1.patch", - "sha256": "1qj09bynl7ml880xpc2956jn0b1gmm77yf3jc45v3jq3610jhna4", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.297-hardened1/linux-hardened-4.19.297-hardened1.patch" + "name": "linux-hardened-4.19.301-hardened1.patch", + "sha256": "0arlwp0g4anqlnivyc8y6rq9mhq1ivmy4i0d8kqvwpc2b3wcc525", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.301-hardened1/linux-hardened-4.19.301-hardened1.patch" }, - "sha256": "0c9xxqgv2i36hrr06dwz7f3idc04xpv0a5pxg08xdh03cnyf12cx", - "version": "4.19.297" + "sha256": "1fr05fl8fyyjgsqj8fppd5v378d7sazvpqlq4sl875851fd9nmb2", + "version": "4.19.301" }, "5.10": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.10.199-hardened1.patch", - "sha256": "10vwd5wygfnxpbz15bq56pjygba3vqqal0d7xry2bch4p444pp5f", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.199-hardened1/linux-hardened-5.10.199-hardened1.patch" + "name": "linux-hardened-5.10.203-hardened1.patch", + "sha256": "19inx95ynyzhh2h9xdg2yw4yfa5nfcw2dh2a7vw4mf0bqdv2iqvc", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.203-hardened1/linux-hardened-5.10.203-hardened1.patch" }, - "sha256": "1h944syk7n6c4j1djlx19n77alzwbxcdza77c9ykicgfynhpgsm0", - "version": "5.10.199" + "sha256": "0xr8p7kfr1v3s41fv55ph0l8d9s2p146dl2fh3r2y09lrvwwxssn", + "version": "5.10.203" }, "5.15": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.15.137-hardened1.patch", - "sha256": "19gs1w380qgvazwjwhxypizpfx71faa7hsji0x5cgyw6vxhi6l1b", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.137-hardened1/linux-hardened-5.15.137-hardened1.patch" + "name": "linux-hardened-5.15.142-hardened1.patch", + "sha256": "0x4bsf638rrdrp9b389i6nlprwsfc25qpld50yfcjinqhiykd269", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.15.142-hardened1/linux-hardened-5.15.142-hardened1.patch" }, - "sha256": "1xxjbxldrhmnh2q6rykpxyfbj8xqgl82q30n8sfavrzr14bb4jcp", - "version": "5.15.137" + "sha256": "0xjn16b02f8d6c0m8vrbmk85kdyfy8m46s80rnkb0nnwfx9cjxld", + "version": "5.15.142" }, "5.4": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-5.4.259-hardened1.patch", - "sha256": "1w8ipflgisd127gmx6wyz8p5qfi8cfd2a5j2xgibspkf45nzfwi8", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.259-hardened1/linux-hardened-5.4.259-hardened1.patch" + "name": "linux-hardened-5.4.263-hardened1.patch", + "sha256": "1v59qzjp9v78y7fkj884a77pjsk4ggplkfh1fq2blj04g7v1zhgv", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.263-hardened1/linux-hardened-5.4.263-hardened1.patch" }, - "sha256": "195v4fidavzm637glj6580006mrcaygnbj4za874imb62bxf9rpz", - "version": "5.4.259" + "sha256": "1y1mfwjsilrx8x8jnjlyh8r9zlygjjqdf7pay92jv2qijjddpl2h", + "version": "5.4.263" }, "6.1": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-6.1.61-hardened1.patch", - "sha256": "0d9zhh32dx1q828q50kmznmsa6yinppbklhgg8ix7b7k23857ha6", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.1.61-hardened1/linux-hardened-6.1.61-hardened1.patch" + "name": "linux-hardened-6.1.67-hardened1.patch", + "sha256": "0jcn2k79l90dys4nrwqha89jv9d1ffghhvlqk9vibfs7y3zrlpbr", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.1.67-hardened1/linux-hardened-6.1.67-hardened1.patch" }, - "sha256": "1kk4d7ph6pvgdrdmaklg15wf58nw9n7yqgkag7jdvqinzh99sb5d", - "version": "6.1.61" + "sha256": "11cjqll3b7iq3mblwyzjrd5ph8avgk23f4mw4shm8j6ai5rdndvm", + "version": "6.1.67" }, - "6.4": { + "6.5": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-6.4.16-hardened1.patch", - "sha256": "10lydnnhhq9ynng1gfaqh1mncsb0dmr27zzcbygs1xigy2bl70n9", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.4.16-hardened1/linux-hardened-6.4.16-hardened1.patch" + "name": "linux-hardened-6.5.13-hardened1.patch", + "sha256": "1fj6yaq2gdjlj2h19vkm13jrx0yiczj6pvric1kq1r6cprqrkkki", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.5.13-hardened1/linux-hardened-6.5.13-hardened1.patch" }, - "sha256": "0zgj1z97jyx7wf12zrnlcp0mj4cl43ais9qsy6dh1jwylf2fq9ln", - "version": "6.4.16" + "sha256": "1dfbbydmayfj9npx3z0g38p574pmcx3qgs49dv0npigl48wd9yvq", + "version": "6.5.13" }, - "6.5": { + "6.6": { "patch": { "extra": "-hardened1", - "name": "linux-hardened-6.5.10-hardened1.patch", - "sha256": "0p2lj7ryiizr1sxvm2kgds3l8sg9fns35y2fcyqq61lg7ymzj1fi", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.5.10-hardened1/linux-hardened-6.5.10-hardened1.patch" + "name": "linux-hardened-6.6.6-hardened1.patch", + "sha256": "0jhhixayka13rb0cd0qbsqpb7awayjdbn8qyx7wya1y83cgyn2ly", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/6.6.6-hardened1/linux-hardened-6.6.6-hardened1.patch" }, - "sha256": "12sswml8jvabv6bqx35lg3jj6gq8jjk365rghjngdy5d0j34jpx1", - "version": "6.5.10" + "sha256": "1j14n8b012pv3r7i9p762jyabzn2nv1ranxyw5lk3c9lg68hmxzb", + "version": "6.6.6" } } diff --git a/pkgs/os-specific/linux/kernel/zen-kernels.nix b/pkgs/os-specific/linux/kernel/zen-kernels.nix index 4a1bd7543b1b9..55d32587766c6 100644 --- a/pkgs/os-specific/linux/kernel/zen-kernels.nix +++ b/pkgs/os-specific/linux/kernel/zen-kernels.nix @@ -4,16 +4,16 @@ let # comments with variant added for update script # ./update-zen.py zen zenVariant = { - version = "6.6.4"; #zen + version = "6.6.6"; #zen suffix = "zen1"; #zen - sha256 = "1zks4fpbw788aaw9rysdpfhmqzr8l5y6afq92md1gizyyl1rjhq1"; #zen + sha256 = "13lxj1841mykfmbd8pwshr8jjxpxw1d8dyzkzq4ks6nviivnqfsn"; #zen isLqx = false; }; # ./update-zen.py lqx lqxVariant = { - version = "6.6.4"; #lqx + version = "6.6.6"; #lqx suffix = "lqx1"; #lqx - sha256 = "049pga9bc5pbnwki5vmnz9pdx0p5r7sssb66b4580h9x9skzi9m2"; #lqx + sha256 = "0p3ilsikd0v2k6d40n5s3smipww817yw2y47ayi1xj8m44rlp8gg"; #lqx isLqx = true; }; zenKernelsFor = { version, suffix, sha256, isLqx }: buildLinux (args // { diff --git a/pkgs/os-specific/linux/nix-ld/default.nix b/pkgs/os-specific/linux/nix-ld/default.nix index 5eebe67731476..bb6489ecdb17d 100644 --- a/pkgs/os-specific/linux/nix-ld/default.nix +++ b/pkgs/os-specific/linux/nix-ld/default.nix @@ -5,11 +5,7 @@ , ninja , nixosTests }: -let - libDir = if builtins.elem stdenv.system [ "x86_64-linux" "mips64-linux" "powerpc64le-linux" ] - then "/lib64" - else "/lib"; -in + stdenv.mkDerivation rec { pname = "nix-ld"; version = "1.2.2"; @@ -36,7 +32,7 @@ stdenv.mkDerivation rec { postInstall = '' mkdir -p $out/nix-support - ldpath=${libDir}/$(basename $(< ${stdenv.cc}/nix-support/dynamic-linker)) + ldpath=/${stdenv.hostPlatform.libDir}/$(basename $(< ${stdenv.cc}/nix-support/dynamic-linker)) echo "$ldpath" > $out/nix-support/ldpath mkdir -p $out/lib/tmpfiles.d/ cat > $out/lib/tmpfiles.d/nix-ld.conf <<EOF diff --git a/pkgs/servers/home-assistant/component-packages.nix b/pkgs/servers/home-assistant/component-packages.nix index f22263d55c0f0..b7b7d702cc79d 100644 --- a/pkgs/servers/home-assistant/component-packages.nix +++ b/pkgs/servers/home-assistant/component-packages.nix @@ -2,7 +2,7 @@ # Do not edit! { - version = "2023.12.1"; + version = "2023.12.2"; components = { "3_day_blinds" = ps: with ps; [ ]; diff --git a/pkgs/servers/home-assistant/default.nix b/pkgs/servers/home-assistant/default.nix index 3d76446d34061..55a368af3bb60 100644 --- a/pkgs/servers/home-assistant/default.nix +++ b/pkgs/servers/home-assistant/default.nix @@ -311,7 +311,7 @@ let extraBuildInputs = extraPackages python.pkgs; # Don't forget to run parse-requirements.py after updating - hassVersion = "2023.12.1"; + hassVersion = "2023.12.2"; in python.pkgs.buildPythonApplication rec { pname = "homeassistant"; @@ -329,13 +329,13 @@ in python.pkgs.buildPythonApplication rec { owner = "home-assistant"; repo = "core"; rev = "refs/tags/${version}"; - hash = "sha256-S9o1xhhqiSRan1BXnN0AndFPfLL0KqqH42WKOi3Yl+g="; + hash = "sha256-uP4aX8Fo4GopvzpZGKFw99rXxudEgsKfhdeMHhXv47s="; }; # Secondary source is pypi sdist for translations sdist = fetchPypi { inherit pname version; - hash = "sha256-e9OtUsluYlNBVmQ8u71dF0Q+wDdV8mvmYFdN8syl5rI="; + hash = "sha256-1KMTn/iuey/Cug1gq4+54J+ZJTqcU+sW5Zw5tS+DwcQ="; }; nativeBuildInputs = with python.pkgs; [ diff --git a/pkgs/servers/monitoring/buildkite-agent-metrics/default.nix b/pkgs/servers/monitoring/buildkite-agent-metrics/default.nix index 10bf273497dd9..67a1218d1bd16 100644 --- a/pkgs/servers/monitoring/buildkite-agent-metrics/default.nix +++ b/pkgs/servers/monitoring/buildkite-agent-metrics/default.nix @@ -4,7 +4,7 @@ }: buildGoModule rec { pname = "buildkite-agent-metrics"; - version = "5.8.0"; + version = "5.9.2"; outputs = [ "out" "lambda" ]; @@ -12,10 +12,10 @@ buildGoModule rec { owner = "buildkite"; repo = "buildkite-agent-metrics"; rev = "v${version}"; - hash = "sha256-QPtjKjUGKlqgklZ0wUOJ1lXuXHhWVC83cEJ4QVtgdl4="; + hash = "sha256-JYpsQUIKTlQz1VUmPfTzvgh++0p3NAoa105mvGoqgt8="; }; - vendorHash = "sha256-KgTzaF8dFD4VwcuSqmOy2CSfLuA0rjFwtCqGNYHFFlc="; + vendorHash = "sha256-2EbZLLaddR7oWXb9H9E35foevp6gMbWfoymDf2lQuto="; postInstall = '' mkdir -p $lambda/bin diff --git a/pkgs/servers/monitoring/prometheus/xmpp-alerts.nix b/pkgs/servers/monitoring/prometheus/xmpp-alerts.nix index f9d9ce499b5f2..da6013b9b5ec4 100644 --- a/pkgs/servers/monitoring/prometheus/xmpp-alerts.nix +++ b/pkgs/servers/monitoring/prometheus/xmpp-alerts.nix @@ -9,27 +9,18 @@ python3Packages.buildPythonApplication rec { pname = "prometheus-xmpp-alerts"; - version = "0.5.6"; + version = "0.5.8"; + format = "pyproject"; src = fetchFromGitHub { owner = "jelmer"; repo = pname; rev = "v${version}"; - sha256 = "sha256-PwShGS1rbfZCK5OS6Cnn+mduOpWAD4fC69mcGB5GB1c="; + sha256 = "sha256-iwqcowwJktZQfdxykpsw/MweAPY0KF7ojVwvk1LP8a4="; }; - patches = [ - # Required until https://github.com/jelmer/prometheus-xmpp-alerts/pull/33 is merged - # and contained in a release - (fetchpatch { - name = "Fix-outdated-entrypoint-definiton.patch"; - url = "https://github.com/jelmer/prometheus-xmpp-alerts/commit/c41dd41dbd3c781b874bcf0708f6976e6252b621.patch"; - hash = "sha256-G7fRLSXbkI5EDgGf4n9xSVs54IPD0ev8rTEFffRvLY0="; - }) - ]; - postPatch = '' - substituteInPlace setup.cfg \ + substituteInPlace pyproject.toml \ --replace "bs4" "beautifulsoup4" ''; @@ -46,6 +37,7 @@ python3Packages.buildPythonApplication rec { ]); nativeCheckInputs = with python3Packages; [ + setuptools unittestCheckHook pytz ]; diff --git a/pkgs/servers/zigbee2mqtt/default.nix b/pkgs/servers/zigbee2mqtt/default.nix index 6b655c63cd867..a215b7d771b85 100644 --- a/pkgs/servers/zigbee2mqtt/default.nix +++ b/pkgs/servers/zigbee2mqtt/default.nix @@ -1,7 +1,7 @@ { lib , buildNpmPackage , fetchFromGitHub -, python3 +, nodejs_18 , nixosTests , nix-update-script }: @@ -19,9 +19,7 @@ buildNpmPackage rec { npmDepsHash = "sha256-MXTKZNERxryt7L42dHxKx7XfXByNQ67oU+4FKTd0u4U="; - nativeBuildInputs = [ - python3 - ]; + nodejs = nodejs_18; passthru.tests.zigbee2mqtt = nixosTests.zigbee2mqtt; passthru.updateScript = nix-update-script { }; diff --git a/pkgs/stdenv/darwin/make-bootstrap-tools.nix b/pkgs/stdenv/darwin/make-bootstrap-tools.nix index 1324c78c5fd64..384567739d0e8 100644 --- a/pkgs/stdenv/darwin/make-bootstrap-tools.nix +++ b/pkgs/stdenv/darwin/make-bootstrap-tools.nix @@ -32,11 +32,16 @@ let cross = if crossSystem != null in with import pkgspath ({ inherit localSystem overlays; } // cross // custom-bootstrap); rec { - coreutils_ = coreutils.override (args: { + coreutils_ = (coreutils.override (args: { # We want coreutils without ACL support. aclSupport = false; # Cannot use a single binary build, or it gets dynamically linked against gmp. singleBinary = false; + })).overrideAttrs (oa: { + # Increase header size to be able to inject extra RPATHs. Otherwise + # x86_64-darwin build fails as: + # https://cache.nixos.org/log/g5wyq9xqshan6m3kl21bjn1z88hx48rh-stdenv-bootstrap-tools.drv + NIX_LDFLAGS = (oa.NIX_LDFLAGS or "") + " -headerpad_max_install_names"; }); cctools_ = darwin.cctools; diff --git a/pkgs/tools/admin/cf-vault/default.nix b/pkgs/tools/admin/cf-vault/default.nix index 3dd693b13d593..13d3ea13d9f40 100644 --- a/pkgs/tools/admin/cf-vault/default.nix +++ b/pkgs/tools/admin/cf-vault/default.nix @@ -1,16 +1,16 @@ {buildGoModule, fetchFromGitHub, lib}: buildGoModule rec { pname = "cf-vault"; - version = "0.0.16"; + version = "0.0.17"; src = fetchFromGitHub { owner = "jacobbednarz"; repo = pname; rev = version; - sha256 = "sha256-puuP7L8KJ3MvlWz5tOeov8HZad+Lvo64DqTbaKPfg6o="; + sha256 = "sha256-wSTbg+dQrTbfL4M4XdwZXS04mjIFtD0RY1vK0CUHkso="; }; - vendorHash = "sha256-cnv3vustgougdfU9RlyP4O3e7kx9nNzzJm1Q2d+sCDo="; + vendorHash = "sha256-b9Ni4H2sk2gU+0zLOBg0P4ssqSJYTHnAvnmMHXha5us="; meta = with lib; { description = '' diff --git a/pkgs/tools/backup/borgbackup/default.nix b/pkgs/tools/backup/borgbackup/default.nix index e11f3f1ad498a..33c5aa5272188 100644 --- a/pkgs/tools/backup/borgbackup/default.nix +++ b/pkgs/tools/backup/borgbackup/default.nix @@ -16,12 +16,12 @@ python3Packages.buildPythonApplication rec { pname = "borgbackup"; - version = "1.2.6"; + version = "1.2.7"; format = "pyproject"; src = fetchPypi { inherit pname version; - hash = "sha256-t6b48IYDnu7HkHC5FPPGUe1/NhLJZTdK+RDSd8eiE50="; + hash = "sha256-9j8oozg8BBlxzsh7BhyjmoFbX9RF2ySqgXLKxBfZQRo="; }; postPatch = '' diff --git a/pkgs/tools/security/exploitdb/default.nix b/pkgs/tools/security/exploitdb/default.nix index 123c5ba74c322..6572b0561fadb 100644 --- a/pkgs/tools/security/exploitdb/default.nix +++ b/pkgs/tools/security/exploitdb/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "exploitdb"; - version = "2023-12-12"; + version = "2023-12-13"; src = fetchFromGitLab { owner = "exploit-database"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-OHx9UV5IhNt9/jKUKAzAUILdjxpQgOe5BQdXz3k38RE="; + hash = "sha256-DnGHtEF31MN82IrCPcH5HlRdcu6A5XACkOTT3ytzrig="; }; nativeBuildInputs = [ diff --git a/pkgs/tools/security/opensc/default.nix b/pkgs/tools/security/opensc/default.nix index 9b5b6fba8b24f..856921edbf18f 100644 --- a/pkgs/tools/security/opensc/default.nix +++ b/pkgs/tools/security/opensc/default.nix @@ -8,23 +8,15 @@ stdenv.mkDerivation rec { pname = "opensc"; - version = "0.23.0"; + version = "0.24.0"; src = fetchFromGitHub { owner = "OpenSC"; repo = "OpenSC"; rev = version; - sha256 = "sha256-Yo8dwk7+d6q+hi7DmJ0GJM6/pmiDOiyEm/tEBSbCU8k="; + sha256 = "sha256-1mm0b4AAtX0AgjShpU1FR6e7pUkea5TOJdIGkNQgjuE="; }; - patches = [ - (fetchpatch { - name = "CVE-2023-2977.patch"; - url = "https://github.com/OpenSC/OpenSC/commit/81944d1529202bd28359bede57c0a15deb65ba8a.patch"; - hash = "sha256-rCeYYKPtv3pii5zgDP5x9Kl2r98p3uxyBSCYlPJZR/s="; - }) - ]; - nativeBuildInputs = [ pkg-config autoreconfHook ]; buildInputs = [ zlib readline openssl libassuan diff --git a/pkgs/tools/security/vault/default.nix b/pkgs/tools/security/vault/default.nix index c13f33f9115e9..e86c160dbd4bb 100644 --- a/pkgs/tools/security/vault/default.nix +++ b/pkgs/tools/security/vault/default.nix @@ -6,13 +6,13 @@ buildGoModule rec { pname = "vault"; - version = "1.14.7"; + version = "1.14.8"; src = fetchFromGitHub { owner = "hashicorp"; repo = "vault"; rev = "v${version}"; - sha256 = "sha256-ubMHvKV5OOmQOrjm2J56/XCxsj+qDBPOKgS6hF75g28="; + sha256 = "sha256-sGCODCBgsxyr96zu9ntPmMM/gHVBBO+oo5+XsdbCK4E="; }; vendorHash = "sha256-zpHjZjgCgf4b2FAJQ22eVgq0YGoVvxGYJ3h/3ZRiyrQ="; diff --git a/pkgs/tools/security/vault/vault-bin.nix b/pkgs/tools/security/vault/vault-bin.nix index e7516cc83d0dc..abb548e687757 100644 --- a/pkgs/tools/security/vault/vault-bin.nix +++ b/pkgs/tools/security/vault/vault-bin.nix @@ -2,7 +2,7 @@ stdenv.mkDerivation rec { pname = "vault-bin"; - version = "1.15.3"; + version = "1.15.4"; src = let @@ -16,11 +16,11 @@ stdenv.mkDerivation rec { aarch64-darwin = "darwin_arm64"; }; sha256 = selectSystem { - x86_64-linux = "sha256-rRXpRxuslOvvNgK6W0BG/LWs2sAGGCuSxcbVbsmrtN0="; - aarch64-linux = "sha256-vD/S+aZGa+JFRBV9WML9WbhrFpB8FynM62ZJ0zkWtDU="; - i686-linux = "sha256-Y9KpL0kZxlgfkBSyXJVSND2hSJ1y+FuXKPK0/P2YX2w="; - x86_64-darwin = "sha256-i85GQSJK7dPoLP7XBrz7CiISCG8KbGylL++ecy/CXRY="; - aarch64-darwin = "sha256-eZAuUNbigJ/kye8p3yu+Qf+p47IkxKJntR2sGFpM+j8="; + x86_64-linux = "sha256-E1tNqPkaZVnJXtV+ENt2Ajpdq0AYMPZSFMLAFiSxknY="; + aarch64-linux = "sha256-p+pYU4WenDHZmQQQFTm2ttHjxL+63NWy8G+cbAZLJEI="; + i686-linux = "sha256-FoClSgz/QAD7uktFcYmKsCXnS8kIm8a7BLd2N29Z/fE="; + x86_64-darwin = "sha256-Lykhs/tTFDBqk8SJ26k712oMUAhXlmBeNNi3Ve/M1B4="; + aarch64-darwin = "sha256-r9OamlIgFUGgIFX1baQCdBsDGmPwZoTVu+Zab99KnhM="; }; in fetchzip { diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index cfef92b9ceeb6..f336845487029 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7947,7 +7947,7 @@ with pkgs; easeprobe = callPackage ../tools/misc/easeprobe { }; emscripten = callPackage ../development/compilers/emscripten { - llvmPackages = llvmPackages_16; + llvmPackages = llvmPackages_17; }; emscriptenPackages = recurseIntoAttrs (callPackage ./emscripten-packages.nix { }); @@ -28198,6 +28198,8 @@ with pkgs; linux_6_1_hardened = linuxKernel.kernels.linux_6_1_hardened; linuxPackages_6_5_hardened = linuxKernel.packages.linux_6_5_hardened; linux_6_5_hardened = linuxKernel.kernels.linux_6_5_hardened; + linuxPackages_6_6_hardened = linuxKernel.packages.linux_6_6_hardened; + linux_6_6_hardened = linuxKernel.kernels.linux_6_6_hardened; # GNU Linux-libre kernels linuxPackages-libre = linuxKernel.packages.linux_libre; @@ -29767,16 +29769,22 @@ with pkgs; nordzy-icon-theme = callPackage ../data/icons/nordzy-icon-theme { }; - inherit (callPackages ../data/fonts/noto-fonts {}) - mkNoto - noto-fonts - noto-fonts-lgc-plus - noto-fonts-cjk-sans - noto-fonts-cjk-serif - noto-fonts-color-emoji - noto-fonts-emoji-blob-bin - noto-fonts-monochrome-emoji - ; + noto-fonts-lgc-plus = callPackage ../by-name/no/noto-fonts/package.nix { + suffix = "-lgc-plus"; + variants = [ + "Noto Sans" + "Noto Serif" + "Noto Sans Mono" + "Noto Music" + "Noto Sans Symbols" + "Noto Sans Symbols 2" + "Noto Sans Math" + ]; + longDescription = '' + This package provides the Noto Fonts, but only for latin, greek + and cyrillic scripts, as well as some extra fonts. + ''; + }; nuclear = callPackage ../applications/audio/nuclear { }; @@ -36987,6 +36995,8 @@ with pkgs; zotero = callPackage ../applications/office/zotero { }; + zotero_7 = callPackage ../applications/office/zotero/zotero_7.nix { }; + zscroll = callPackage ../applications/misc/zscroll { }; zsteg = callPackage ../tools/security/zsteg { }; @@ -41396,7 +41406,7 @@ with pkgs; wacomtablet = libsForQt5.callPackage ../tools/misc/wacomtablet { }; - wamr = callPackage ../development/interpreters/wamr { }; + wamr = darwin.apple_sdk_11_0.callPackage ../development/interpreters/wamr { }; wasmer = callPackage ../development/interpreters/wasmer { llvmPackages = llvmPackages_14; diff --git a/pkgs/top-level/linux-kernels.nix b/pkgs/top-level/linux-kernels.nix index efd25b37fa60e..8602914660179 100644 --- a/pkgs/top-level/linux-kernels.nix +++ b/pkgs/top-level/linux-kernels.nix @@ -255,6 +255,7 @@ in { linux_5_15_hardened = hardenedKernelFor kernels.linux_5_15 { }; linux_6_1_hardened = hardenedKernelFor kernels.linux_6_1 { }; linux_6_5_hardened = hardenedKernelFor kernels.linux_6_5 { }; + linux_6_6_hardened = hardenedKernelFor kernels.linux_6_6 { }; } // lib.optionalAttrs config.allowAliases { linux_4_9 = throw "linux 4.9 was removed because it will reach its end of life within 22.11"; @@ -627,6 +628,7 @@ in { linux_5_15_hardened = recurseIntoAttrs (packagesFor kernels.linux_5_15_hardened); linux_6_1_hardened = recurseIntoAttrs (packagesFor kernels.linux_6_1_hardened); linux_6_5_hardened = recurseIntoAttrs (packagesFor kernels.linux_6_5_hardened); + linux_6_6_hardened = recurseIntoAttrs (packagesFor kernels.linux_6_6_hardened); linux_zen = recurseIntoAttrs (packagesFor kernels.linux_zen); linux_lqx = recurseIntoAttrs (packagesFor kernels.linux_lqx); diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 44d0c86001b73..0aff609305a29 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -8374,7 +8374,7 @@ self: super: with self; { inherit (pkgs) notmuch; }; - nototools = callPackage ../data/fonts/noto-fonts/tools.nix { }; + nototools = callPackage ../development/python-modules/nototools { }; notus-scanner = callPackage ../development/python-modules/notus-scanner { }; |