diff options
Diffstat (limited to 'pkgs/by-name/ni')
27 files changed, 657 insertions, 88 deletions
diff --git a/pkgs/by-name/ni/nickel/Cargo.lock b/pkgs/by-name/ni/nickel/Cargo.lock index a9577c251fd78..2bc24165ac017 100644 --- a/pkgs/by-name/ni/nickel/Cargo.lock +++ b/pkgs/by-name/ni/nickel/Cargo.lock @@ -1287,33 +1287,33 @@ dependencies = [ [[package]] name = "lalrpop" -version = "0.19.12" +version = "0.20.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0a1cbf952127589f2851ab2046af368fd20645491bb4b376f04b7f94d7a9837b" +checksum = "55cb077ad656299f160924eb2912aa147d7339ea7d69e1b5517326fdcec3c1ca" dependencies = [ "ascii-canvas", "bit-set", - "diff", "ena", - "is-terminal", - "itertools 0.10.5", + "itertools 0.11.0", "lalrpop-util", "petgraph", + "pico-args", "regex", - "regex-syntax 0.6.29", + "regex-syntax 0.8.2", "string_cache", "term", "tiny-keccak", "unicode-xid 0.2.4", + "walkdir", ] [[package]] name = "lalrpop-util" -version = "0.19.12" +version = "0.20.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3c48237b9604c5a4702de6b824e02006c3214327564636aef27c1028a8fa0ed" +checksum = "507460a910eb7b32ee961886ff48539633b788a36b65692b95f225b844c82553" dependencies = [ - "regex", + "regex-automata", ] [[package]] @@ -1649,7 +1649,7 @@ dependencies = [ [[package]] name = "nickel-lang-cli" -version = "1.6.0" +version = "1.7.0" dependencies = [ "clap 4.5.2", "clap_complete", @@ -1667,7 +1667,7 @@ dependencies = [ [[package]] name = "nickel-lang-core" -version = "0.7.0" +version = "0.8.0" dependencies = [ "ansi_term", "assert_matches", @@ -1722,7 +1722,7 @@ dependencies = [ [[package]] name = "nickel-lang-lsp" -version = "1.6.0" +version = "1.7.0" dependencies = [ "anyhow", "assert_cmd", @@ -1736,6 +1736,7 @@ dependencies = [ "csv", "derive_more", "env_logger", + "git-version", "glob", "insta", "lalrpop", @@ -1769,7 +1770,7 @@ dependencies = [ [[package]] name = "nickel-wasm-repl" -version = "0.7.0" +version = "0.8.0" dependencies = [ "nickel-lang-core", ] @@ -1936,6 +1937,12 @@ dependencies = [ ] [[package]] +name = "pico-args" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5be167a7af36ee22fe3115051bc51f6e6c7054c9348e28deb4f49bd6f705a315" + +[[package]] name = "pin-project-lite" version = "0.2.13" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2114,7 +2121,7 @@ dependencies = [ [[package]] name = "pyckel" -version = "1.6.0" +version = "1.7.0" dependencies = [ "codespan-reporting", "nickel-lang-core", @@ -3010,8 +3017,9 @@ dependencies = [ [[package]] name = "topiary-core" -version = "0.3.0" -source = "git+https://github.com/tweag/topiary.git?rev=82a94a9f57104b89d4316afaeeab271cc51f7698#82a94a9f57104b89d4316afaeeab271cc51f7698" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b26541394bdbcd5a039deb917b2096a69c6604f733f0d41f534fc6975987040d" dependencies = [ "futures", "itertools 0.11.0", @@ -3028,13 +3036,15 @@ dependencies = [ [[package]] name = "topiary-queries" -version = "0.3.0" -source = "git+https://github.com/tweag/topiary.git?rev=82a94a9f57104b89d4316afaeeab271cc51f7698#82a94a9f57104b89d4316afaeeab271cc51f7698" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "89106b9c504a9e3247b8e40f879a73a922f0d516e1051a6ef739b4cf7d54c8d9" [[package]] name = "topiary-tree-sitter-facade" -version = "0.3.0" -source = "git+https://github.com/tweag/topiary.git?rev=82a94a9f57104b89d4316afaeeab271cc51f7698#82a94a9f57104b89d4316afaeeab271cc51f7698" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ea7c870d9a844bbba0f55be40eaa89624a9f627c155cd22eea70dd808bd71b3d" dependencies = [ "js-sys", "topiary-web-tree-sitter-sys", @@ -3045,8 +3055,9 @@ dependencies = [ [[package]] name = "topiary-web-tree-sitter-sys" -version = "0.3.0" -source = "git+https://github.com/tweag/topiary.git?rev=82a94a9f57104b89d4316afaeeab271cc51f7698#82a94a9f57104b89d4316afaeeab271cc51f7698" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cc9e35caeeb7f07e97b71ee7ea204c89516e7cc490d1c2ae318eca3ff3c08d46" dependencies = [ "js-sys", "wasm-bindgen", @@ -3066,8 +3077,9 @@ dependencies = [ [[package]] name = "tree-sitter-nickel" -version = "0.1.0" -source = "git+https://github.com/nickel-lang/tree-sitter-nickel?rev=58baf89db8fdae54a84bcf22c80ff10ee3f929ed#58baf89db8fdae54a84bcf22c80ff10ee3f929ed" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "449daa9ac0e2a18d7243eaf21d7299d6683ce6750ca225ebd557412d22d106cf" dependencies = [ "cc", "tree-sitter", diff --git a/pkgs/by-name/ni/nickel/package.nix b/pkgs/by-name/ni/nickel/package.nix index bd829aa6ba43f..c55cc55cf3ea3 100644 --- a/pkgs/by-name/ni/nickel/package.nix +++ b/pkgs/by-name/ni/nickel/package.nix @@ -8,21 +8,17 @@ rustPlatform.buildRustPackage rec { pname = "nickel"; - version = "1.6.0"; + version = "1.7.0"; src = fetchFromGitHub { owner = "tweag"; repo = "nickel"; rev = "refs/tags/${version}"; - hash = "sha256-AL5YkdITO9CPFYzMGQwHbuFZrMDUvF1yTt2XTotoymM="; + hash = "sha256-EwiZg0iyF9EQ0Z65Re5WgeV7xgs/wPtTQ9XA0iEMEIQ="; }; cargoLock = { lockFile = ./Cargo.lock; - outputHashes = { - "topiary-core-0.3.0" = "sha256-KWfgbVFV2zbCuNNFp9yeSgAa0Cc7cT090KK2J1ynfKg="; - "tree-sitter-nickel-0.1.0" = "sha256-WuY6X1mnXdjiy4joIcY8voK2sqICFf0GvudulZ9lwqg="; - }; }; cargoBuildFlags = [ "-p nickel-lang-cli" "-p nickel-lang-lsp" ]; diff --git a/pkgs/by-name/ni/nicotine-plus/package.nix b/pkgs/by-name/ni/nicotine-plus/package.nix index 10919ee87c04f..44539d8fd407c 100644 --- a/pkgs/by-name/ni/nicotine-plus/package.nix +++ b/pkgs/by-name/ni/nicotine-plus/package.nix @@ -41,7 +41,7 @@ python3Packages.buildPythonApplication rec { doCheck = false; meta = with lib; { - description = "A graphical client for the SoulSeek peer-to-peer system"; + description = "Graphical client for the SoulSeek peer-to-peer system"; longDescription = '' Nicotine+ aims to be a pleasant, free and open source (FOSS) alternative to the official Soulseek client, providing additional functionality while diff --git a/pkgs/by-name/ni/nightfox-gtk-theme/package.nix b/pkgs/by-name/ni/nightfox-gtk-theme/package.nix index 2e19c9ea50e22..84ff857e81684 100644 --- a/pkgs/by-name/ni/nightfox-gtk-theme/package.nix +++ b/pkgs/by-name/ni/nightfox-gtk-theme/package.nix @@ -34,7 +34,7 @@ stdenvNoCC.mkDerivation { ''; meta = with lib; { - description = "A GTK theme based on the Nightfox colour palette"; + description = "GTK theme based on the Nightfox colour palette"; homepage = "https://github.com/Fausto-Korpsvart/Nightfox-GTK-Theme"; license = licenses.agpl3Plus; maintainers = with maintainers; [ d3vil0p3r ]; diff --git a/pkgs/by-name/ni/nim_builder/package.nix b/pkgs/by-name/ni/nim_builder/package.nix index 50fa519b7a927..8466ab8535c93 100644 --- a/pkgs/by-name/ni/nim_builder/package.nix +++ b/pkgs/by-name/ni/nim_builder/package.nix @@ -13,7 +13,7 @@ stdenv.mkDerivation { install -Dt $out/bin nim_builder ''; meta = { - description = "Internal Nixpkgs utility for buildNimPackage."; + description = "Internal Nixpkgs utility for buildNimPackage"; mainProgram = "nim_builder"; maintainers = [ lib.maintainers.ehmry ]; }; diff --git a/pkgs/by-name/ni/nimlangserver/package.nix b/pkgs/by-name/ni/nimlangserver/package.nix index 634b6831330ce..2a5f7d36e14de 100644 --- a/pkgs/by-name/ni/nimlangserver/package.nix +++ b/pkgs/by-name/ni/nimlangserver/package.nix @@ -22,7 +22,7 @@ buildNimPackage (final: prev: { meta = with lib; final.src.meta // { - description = "The Nim language server implementation (based on nimsuggest)"; + description = "Nim language server implementation (based on nimsuggest)"; homepage = "https://github.com/nim-lang/langserver"; license = licenses.mit; mainProgram = "nimlangserver"; diff --git a/pkgs/by-name/ni/nimlsp/package.nix b/pkgs/by-name/ni/nimlsp/package.nix index 40e1b0fb9ec2d..0cd648b74790d 100644 --- a/pkgs/by-name/ni/nimlsp/package.nix +++ b/pkgs/by-name/ni/nimlsp/package.nix @@ -1,11 +1,9 @@ -{ lib, buildNimPackage, fetchFromGitHub, srcOnly, nim-unwrapped-1 }: +{ lib, buildNimPackage, fetchFromGitHub, srcOnly, nim-unwrapped-2 }: buildNimPackage (finalAttrs: { pname = "nimlsp"; version = "0.4.6"; - requiredNimVersion = 1; - src = fetchFromGitHub { owner = "PMunch"; repo = "nimlsp"; @@ -29,7 +27,7 @@ buildNimPackage (finalAttrs: { nimFlags = [ "--threads:on" - "-d:explicitSourcePath=${srcOnly nim-unwrapped-1}" + "-d:explicitSourcePath=${srcOnly nim-unwrapped-2}" "-d:tempDir=/tmp" ]; @@ -41,6 +39,6 @@ buildNimPackage (finalAttrs: { description = "Language Server Protocol implementation for Nim"; homepage = "https://github.com/PMunch/nimlsp"; license = lib.licenses.mit; - maintainers = [ ]; + maintainers = with lib.maintainers; [ xtrayambak ]; }; }) diff --git a/pkgs/by-name/ni/ninja/package.nix b/pkgs/by-name/ni/ninja/package.nix new file mode 100644 index 0000000000000..23d279e362d76 --- /dev/null +++ b/pkgs/by-name/ni/ninja/package.nix @@ -0,0 +1,101 @@ +{ lib +, stdenv +, fetchFromGitHub +, asciidoc +, docbook_xml_dtd_45 +, docbook_xsl +, installShellFiles +, libxslt +, python3 +, re2c +, buildPackages +, buildDocs ? true +, nix-update-script +}: + +stdenv.mkDerivation (finalAttrs: { + pname = "ninja"; + version = "1.12.1"; + + src = fetchFromGitHub { + owner = "ninja-build"; + repo = "ninja"; + rev = "v${finalAttrs.version}"; + hash = "sha256-RT5u+TDvWxG5EVQEYj931EZyrHUSAqK73OKDAascAwA="; + }; + + depsBuildBuild = [ buildPackages.stdenv.cc ]; + + nativeBuildInputs = [ + python3 + re2c + installShellFiles + ] + ++ lib.optionals buildDocs [ + asciidoc + docbook_xml_dtd_45 + docbook_xsl + libxslt.bin + ]; + + postPatch = '' + # write rebuild args to file after bootstrap + substituteInPlace configure.py --replace "subprocess.check_call(rebuild_args)" "open('rebuild_args','w').write(rebuild_args[0])" + ''; + + buildPhase = '' + runHook preBuild + + # for list of env vars + # see https://github.com/ninja-build/ninja/blob/v1.11.1/configure.py#L264 + CXX="$CXX_FOR_BUILD" \ + AR="$AR_FOR_BUILD" \ + CFLAGS="$CFLAGS_FOR_BUILD" \ + CXXFLAGS="$CXXFLAGS_FOR_BUILD" \ + LDFLAGS="$LDFLAGS_FOR_BUILD" \ + python configure.py --bootstrap + python configure.py + + source rebuild_args + '' + lib.optionalString buildDocs '' + # "./ninja -vn manual" output copied here to support cross compilation. + asciidoc -b docbook -d book -o build/manual.xml doc/manual.asciidoc + xsltproc --nonet doc/docbook.xsl build/manual.xml > doc/manual.html + '' + '' + + runHook postBuild + ''; + + installPhase = '' + runHook preInstall + + install -Dm555 -t $out/bin ninja + installShellCompletion --name ninja \ + --bash misc/bash-completion \ + --zsh misc/zsh-completion + '' + lib.optionalString buildDocs '' + install -Dm444 -t $out/share/doc/ninja doc/manual.asciidoc doc/manual.html + '' + '' + + runHook postInstall + ''; + + setupHook = ./setup-hook.sh; + + passthru.updateScript = nix-update-script {}; + + meta = { + description = "Small build system with a focus on speed"; + mainProgram = "ninja"; + longDescription = '' + Ninja is a small build system with a focus on speed. It differs from + other build systems in two major respects: it is designed to have its + input files generated by a higher-level build system, and it is designed + to run builds as fast as possible. + ''; + homepage = "https://ninja-build.org/"; + license = lib.licenses.asl20; + platforms = lib.platforms.unix; + maintainers = with lib.maintainers; [ thoughtpolice bjornfor orivej ]; + }; +}) diff --git a/pkgs/by-name/ni/ninja/setup-hook.sh b/pkgs/by-name/ni/ninja/setup-hook.sh new file mode 100644 index 0000000000000..7fa5e4675f39b --- /dev/null +++ b/pkgs/by-name/ni/ninja/setup-hook.sh @@ -0,0 +1,86 @@ +ninjaBuildPhase() { + runHook preBuild + + local buildCores=1 + + # Parallel building is enabled by default. + if [ "${enableParallelBuilding-1}" ]; then + buildCores="$NIX_BUILD_CORES" + fi + + local flagsArray=( + -j$buildCores + $ninjaFlags "${ninjaFlagsArray[@]}" + ) + + echoCmd 'build flags' "${flagsArray[@]}" + TERM=dumb ninja "${flagsArray[@]}" + + runHook postBuild +} + +ninjaCheckPhase() { + runHook preCheck + + if [ -z "${checkTarget:-}" ]; then + if ninja -t query test >/dev/null 2>&1; then + checkTarget=test + fi + fi + + if [ -z "${checkTarget:-}" ]; then + echo "no test target found in ninja, doing nothing" + else + local buildCores=1 + + if [ "${enableParallelChecking-1}" ]; then + buildCores="$NIX_BUILD_CORES" + fi + + local flagsArray=( + -j$buildCores + $ninjaFlags "${ninjaFlagsArray[@]}" + $checkTarget + ) + + echoCmd 'check flags' "${flagsArray[@]}" + TERM=dumb ninja "${flagsArray[@]}" + fi + + runHook postCheck +} + +ninjaInstallPhase() { + runHook preInstall + + local buildCores=1 + + # Parallel building is enabled by default. + if [ "${enableParallelInstalling-1}" ]; then + buildCores="$NIX_BUILD_CORES" + fi + + # shellcheck disable=SC2086 + local flagsArray=( + -j$buildCores + $ninjaFlags "${ninjaFlagsArray[@]}" + ${installTargets:-install} + ) + + echoCmd 'install flags' "${flagsArray[@]}" + TERM=dumb ninja "${flagsArray[@]}" + + runHook postInstall +} + +if [ -z "${dontUseNinjaBuild-}" -a -z "${buildPhase-}" ]; then + buildPhase=ninjaBuildPhase +fi + +if [ -z "${dontUseNinjaCheck-}" -a -z "${checkPhase-}" ]; then + checkPhase=ninjaCheckPhase +fi + +if [ -z "${dontUseNinjaInstall-}" -a -z "${installPhase-}" ]; then + installPhase=ninjaInstallPhase +fi diff --git a/pkgs/by-name/ni/niri/package.nix b/pkgs/by-name/ni/niri/package.nix index baa8fb2761767..8799988a4bed7 100644 --- a/pkgs/by-name/ni/niri/package.nix +++ b/pkgs/by-name/ni/niri/package.nix @@ -77,7 +77,7 @@ rustPlatform.buildRustPackage rec { ''; meta = with lib; { - description = "A scrollable-tiling Wayland compositor"; + description = "Scrollable-tiling Wayland compositor"; homepage = "https://github.com/YaLTeR/niri"; license = licenses.gpl3Only; maintainers = with maintainers; [ iogamaster foo-dogsquared sodiboo ]; diff --git a/pkgs/by-name/ni/nix-btm/package.nix b/pkgs/by-name/ni/nix-btm/package.nix new file mode 100644 index 0000000000000..42496a5bff030 --- /dev/null +++ b/pkgs/by-name/ni/nix-btm/package.nix @@ -0,0 +1,24 @@ +{ lib, stdenv, rustPlatform, fetchCrate, darwin }: + +rustPlatform.buildRustPackage rec { + pname = "nix-btm"; + version = "0.2.0"; + + src = fetchCrate { + inherit version; + pname = "nix-btm"; + hash = "sha256-f8XFWlx+gwhF/OD8+tPcLGV/v0QnsDWOcqpY3Js+FAo="; + }; + + cargoHash = "sha256-qUZ3zJjQrteFQerBKFH/+Ys0uOzvI7DH9rCaVtseJMM="; + + buildInputs = lib.optionals stdenv.isDarwin + (with darwin.apple_sdk.frameworks; [ CoreServices SystemConfiguration ]); + + meta = with lib; { + description = "Rust tool to monitor Nix processes"; + homepage = "https://github.com/DieracDelta/nix-btm"; + license = licenses.mit; + maintainers = with maintainers; [ DieracDelta ]; + }; +} diff --git a/pkgs/by-name/ni/nix-direnv/package.nix b/pkgs/by-name/ni/nix-direnv/package.nix index 74fc9d9c63362..214c603ee2ded 100644 --- a/pkgs/by-name/ni/nix-direnv/package.nix +++ b/pkgs/by-name/ni/nix-direnv/package.nix @@ -4,13 +4,13 @@ # https://github.com/abathur/resholve/issues/107 resholve.mkDerivation rec { pname = "nix-direnv"; - version = "3.0.4"; + version = "3.0.5"; src = fetchFromGitHub { owner = "nix-community"; repo = "nix-direnv"; rev = version; - hash = "sha256-3Fkat0HWU/hdQKwJYx5KWVzX8sVbGtFTon6G6/F9zFk="; + hash = "sha256-imUlc5v/Ow7dgjCjTyEeet+4lNHLeEwfqGQcB4dKcao="; }; # skip min version checks which are redundant when built with nix @@ -56,7 +56,7 @@ resholve.mkDerivation rec { }; meta = { - description = "A fast, persistent use_nix implementation for direnv"; + description = "Fast, persistent use_nix implementation for direnv"; homepage = "https://github.com/nix-community/nix-direnv"; license = lib.licenses.mit; platforms = lib.platforms.unix; diff --git a/pkgs/by-name/ni/nix-janitor/package.nix b/pkgs/by-name/ni/nix-janitor/package.nix index 25595ee83822e..d62d8853751a4 100644 --- a/pkgs/by-name/ni/nix-janitor/package.nix +++ b/pkgs/by-name/ni/nix-janitor/package.nix @@ -34,7 +34,7 @@ rustPlatform.buildRustPackage rec { meta = { homepage = "https://github.com/nobbz/nix-janitor"; changelog = "https://github.com/NobbZ/nix-janitor/blob/${version}/CHANGELOG.md"; - description = "A tool to clean up old profile generations"; + description = "Tool to clean up old profile generations"; mainProgram = "janitor"; platforms = lib.platforms.linux; license = lib.licenses.mit; diff --git a/pkgs/by-name/ni/nix-lib-nmd/package.nix b/pkgs/by-name/ni/nix-lib-nmd/package.nix index 6365989a2ae24..2fbfa758056cd 100644 --- a/pkgs/by-name/ni/nix-lib-nmd/package.nix +++ b/pkgs/by-name/ni/nix-lib-nmd/package.nix @@ -22,7 +22,7 @@ in stdenv.mkDerivation { meta = { homepage = "https://git.sr.ht/~rycee/nmd"; - description = "A documentation framework for projects based on NixOS modules"; + description = "Documentation framework for projects based on NixOS modules"; license = lib.licenses.mit; maintainers = with lib.maintainers; [ rycee ]; }; diff --git a/pkgs/by-name/ni/nix-lib-nmt/package.nix b/pkgs/by-name/ni/nix-lib-nmt/package.nix index 7cb6ff1971399..ed792ae2883d9 100644 --- a/pkgs/by-name/ni/nix-lib-nmt/package.nix +++ b/pkgs/by-name/ni/nix-lib-nmt/package.nix @@ -22,7 +22,7 @@ in stdenv.mkDerivation { meta = { homepage = "https://git.sr.ht/~rycee/nmt"; - description = "A basic test framework for projects using the Nixpkgs module system"; + description = "Basic test framework for projects using the Nixpkgs module system"; license = lib.licenses.mit; maintainers = with lib.maintainers; [ rycee ]; }; diff --git a/pkgs/by-name/ni/nix-required-mounts/closure.nix b/pkgs/by-name/ni/nix-required-mounts/closure.nix new file mode 100644 index 0000000000000..3e361114bc4cb --- /dev/null +++ b/pkgs/by-name/ni/nix-required-mounts/closure.nix @@ -0,0 +1,37 @@ +# Use exportReferencesGraph to capture the possible dependencies of the +# drivers (e.g. libc linked through DT_RUNPATH) and ensure they are mounted +# in the sandbox as well. In practice, things seemed to have worked without +# this as well, but we go with the safe option until we understand why. + +{ + lib, + runCommand, + python3Packages, + allowedPatterns, +}: +runCommand "allowed-patterns.json" + { + nativeBuildInputs = [ python3Packages.python ]; + exportReferencesGraph = builtins.concatMap ( + name: + builtins.concatMap ( + path: + let + prefix = "${builtins.storeDir}/"; + # Has to start with a letter: https://github.com/NixOS/nix/blob/516e7ddc41f39ff939b5d5b5dc71e590f24890d4/src/libstore/build/local-derivation-goal.cc#L568 + exportName = ''references-${lib.strings.removePrefix prefix "${path}"}''; + isStorePath = lib.isStorePath path && (lib.hasPrefix prefix "${path}"); + in + lib.optionals isStorePath [ + exportName + path + ] + ) allowedPatterns.${name}.paths + ) (builtins.attrNames allowedPatterns); + env.storeDir = "${builtins.storeDir}/"; + shallowConfig = builtins.toJSON allowedPatterns; + passAsFile = [ "shallowConfig" ]; + } + '' + python ${./scripts/nix_required_mounts_closure.py} + '' diff --git a/pkgs/by-name/ni/nix-required-mounts/nix_required_mounts.py b/pkgs/by-name/ni/nix-required-mounts/nix_required_mounts.py new file mode 100644 index 0000000000000..6f05ee913a5a4 --- /dev/null +++ b/pkgs/by-name/ni/nix-required-mounts/nix_required_mounts.py @@ -0,0 +1,201 @@ +#!/usr/bin/env python3 + +import glob +import json +import subprocess +import textwrap +from argparse import ArgumentParser +from collections import deque +from itertools import chain +from pathlib import Path +from typing import Deque, Dict, List, Set, Tuple, TypeAlias, TypedDict +import logging + +Glob: TypeAlias = str +PathString: TypeAlias = str + + +class Mount(TypedDict): + host: PathString + guest: PathString + + +class Pattern(TypedDict): + onFeatures: List[str] + paths: List[Glob | Mount] + unsafeFollowSymlinks: bool + + +AllowedPatterns: TypeAlias = Dict[str, Pattern] + + +parser = ArgumentParser("pre-build-hook") +parser.add_argument("derivation_path") +parser.add_argument("sandbox_path", nargs="?") +parser.add_argument("--patterns", type=Path, required=True) +parser.add_argument("--nix-exe", type=Path, required=True) +parser.add_argument( + "--issue-command", + choices=("always", "conditional", "never"), + default="conditional", + help="Whether to print extra-sandbox-paths", +) +parser.add_argument( + "--issue-stop", + choices=("always", "conditional", "never"), + default="conditional", + help="Whether to print the final empty line", +) +parser.add_argument("-v", "--verbose", action="count", default=0) + + +def symlink_parents(p: Path) -> List[Path]: + out = [] + while p.is_symlink() and p not in out: + parent = p.readlink() + if parent.is_relative_to("."): + p = p / parent + else: + p = parent + out.append(p) + return out + + +def get_strings(drv_env: dict, name: str) -> List[str]: + if "__json" in drv_env: + return list(json.loads(drv_env["__json"]).get(name, [])) + else: + return drv_env.get(name, "").split() + + +def validate_mounts(pattern: Pattern) -> List[Tuple[PathString, PathString, bool]]: + roots = [] + for mount in pattern["paths"]: + if isinstance(mount, PathString): + matches = glob.glob(mount) + assert matches, f"Specified host paths do not exist: {mount}" + + roots.extend((m, m, pattern["unsafeFollowSymlinks"]) for m in matches) + else: + assert isinstance(mount, dict) and "host" in mount, mount + assert Path( + mount["host"] + ).exists(), f"Specified host paths do not exist: {mount['host']}" + roots.append( + ( + mount["guest"], + mount["host"], + pattern["unsafeFollowSymlinks"], + ) + ) + + return roots + + +def entrypoint(): + args = parser.parse_args() + + VERBOSITY_LEVELS = [logging.ERROR, logging.INFO, logging.DEBUG] + + level_index = min(args.verbose, len(VERBOSITY_LEVELS) - 1) + logging.basicConfig(level=VERBOSITY_LEVELS[level_index]) + + drv_path = args.derivation_path + + with open(args.patterns, "r") as f: + allowed_patterns = json.load(f) + + if not Path(drv_path).exists(): + logging.error( + f"{drv_path} doesn't exist." + " Cf. https://github.com/NixOS/nix/issues/9272" + " Exiting the hook", + ) + + proc = subprocess.run( + [ + args.nix_exe, + "show-derivation", + drv_path, + ], + capture_output=True, + ) + try: + parsed_drv = json.loads(proc.stdout) + except json.JSONDecodeError: + logging.error( + "Couldn't parse the output of" + "`nix show-derivation`" + f". Expected JSON, observed: {proc.stdout}", + ) + logging.error(textwrap.indent(proc.stdout.decode("utf8"), prefix=" " * 4)) + logging.info("Exiting the nix-required-binds hook") + return + [canon_drv_path] = parsed_drv.keys() + + known_features = set( + chain.from_iterable( + pattern["onFeatures"] for pattern in allowed_patterns.values() + ) + ) + + parsed_drv = parsed_drv[canon_drv_path] + drv_env = parsed_drv.get("env", {}) + required_features = get_strings(drv_env, "requiredSystemFeatures") + required_features = list(filter(known_features.__contains__, required_features)) + + patterns: List[Pattern] = list( + pattern + for pattern in allowed_patterns.values() + for path in pattern["paths"] + if any(feature in required_features for feature in pattern["onFeatures"]) + ) # noqa: E501 + + queue: Deque[Tuple[PathString, PathString, bool]] = deque( + (mnt for pattern in patterns for mnt in validate_mounts(pattern)) + ) + + unique_mounts: Set[Tuple[PathString, PathString]] = set() + mounts: List[Tuple[PathString, PathString]] = [] + + while queue: + guest_path_str, host_path_str, follow_symlinks = queue.popleft() + if (guest_path_str, host_path_str) not in unique_mounts: + mounts.append((guest_path_str, host_path_str)) + unique_mounts.add((guest_path_str, host_path_str)) + + if not follow_symlinks: + continue + + host_path = Path(host_path_str) + if not (host_path.is_dir() or host_path.is_symlink()): + continue + + # assert host_path_str == guest_path_str, (host_path_str, guest_path_str) + + for child in host_path.iterdir() if host_path.is_dir() else [host_path]: + for parent in symlink_parents(child): + parent_str = parent.absolute().as_posix() + queue.append((parent_str, parent_str, follow_symlinks)) + + # the pre-build-hook command + if args.issue_command == "always" or ( + args.issue_command == "conditional" and mounts + ): + print("extra-sandbox-paths") + print_paths = True + else: + print_paths = False + + # arguments, one per line + for guest_path_str, host_path_str in mounts if print_paths else []: + print(f"{guest_path_str}={host_path_str}") + + # terminated by an empty line + something_to_terminate = args.issue_stop == "conditional" and mounts + if args.issue_stop == "always" or something_to_terminate: + print() + + +if __name__ == "__main__": + entrypoint() diff --git a/pkgs/by-name/ni/nix-required-mounts/package.nix b/pkgs/by-name/ni/nix-required-mounts/package.nix new file mode 100644 index 0000000000000..197e0812a8ec5 --- /dev/null +++ b/pkgs/by-name/ni/nix-required-mounts/package.nix @@ -0,0 +1,67 @@ +{ + addOpenGLRunpath, + allowedPatternsPath ? callPackage ./closure.nix { inherit allowedPatterns; }, + allowedPatterns ? rec { + # This config is just an example. + # When the hook observes either of the following requiredSystemFeatures: + nvidia-gpu.onFeatures = [ + "gpu" + "nvidia-gpu" + "opengl" + "cuda" + ]; + # It exposes these paths in the sandbox: + nvidia-gpu.paths = [ + addOpenGLRunpath.driverLink + "/dev/dri" + "/dev/nvidia*" + ]; + nvidia-gpu.unsafeFollowSymlinks = true; + }, + callPackage, + extraWrapperArgs ? [ ], + lib, + makeWrapper, + nix, + nixosTests, + python3Packages, +}: + +let + attrs = builtins.fromTOML (builtins.readFile ./pyproject.toml); + pname = attrs.project.name; + inherit (attrs.project) version; +in + +python3Packages.buildPythonApplication { + inherit pname version; + pyproject = true; + + src = lib.cleanSource ./.; + + nativeBuildInputs = [ + makeWrapper + python3Packages.setuptools + ]; + + postFixup = '' + wrapProgram $out/bin/${pname} \ + --add-flags "--patterns ${allowedPatternsPath}" \ + --add-flags "--nix-exe ${lib.getExe nix}" \ + ${builtins.concatStringsSep " " extraWrapperArgs} + ''; + + passthru = { + inherit allowedPatterns; + tests = { + inherit (nixosTests) nix-required-mounts; + }; + }; + meta = { + inherit (attrs.project) description; + homepage = attrs.project.urls.Homepage; + license = lib.licenses.mit; + mainProgram = attrs.project.name; + maintainers = with lib.maintainers; [ SomeoneSerge ]; + }; +} diff --git a/pkgs/by-name/ni/nix-required-mounts/pyproject.toml b/pkgs/by-name/ni/nix-required-mounts/pyproject.toml new file mode 100644 index 0000000000000..bb754e08ab1d3 --- /dev/null +++ b/pkgs/by-name/ni/nix-required-mounts/pyproject.toml @@ -0,0 +1,20 @@ +[build-system] +build-backend = "setuptools.build_meta" +requires = [ "setuptools" ] + +[project] +name = "nix-required-mounts" +version = "0.0.1" +description = """ +A --pre-build-hook for Nix, \ +that allows to expose extra paths in the build sandbox \ +based on derivations' requiredSystemFeatrues""" + +[project.urls] +Homepage = "https://github.com/NixOS/nixpkgs/tree/master/pkgs/by-name/ni/nix-required-mounts" + +[project.scripts] +nix-required-mounts = "nix_required_mounts:entrypoint" + +[tool.black] +line-length = 79 diff --git a/pkgs/by-name/ni/nix-required-mounts/scripts/nix_required_mounts_closure.py b/pkgs/by-name/ni/nix-required-mounts/scripts/nix_required_mounts_closure.py new file mode 100644 index 0000000000000..4425e98d09251 --- /dev/null +++ b/pkgs/by-name/ni/nix-required-mounts/scripts/nix_required_mounts_closure.py @@ -0,0 +1,45 @@ +import json +import os + +store_dir = os.environ["storeDir"] + +with open(os.environ["shallowConfigPath"], "r") as f: + config = json.load(f) + +cache = {} + + +def read_edges(path: str | dict) -> list[str | dict]: + if isinstance(path, dict): + return [path] + assert isinstance(path, str) + + if not path.startswith(store_dir): + return [path] + if path in cache: + return cache[path] + + name = f"references-{path.removeprefix(store_dir)}" + + assert os.path.exists(name) + + with open(name, "r") as f: + return [p.strip() for p in f.readlines() if p.startswith(store_dir)] + + +def host_path(mount: str | dict) -> str: + if isinstance(mount, dict): + return mount["host"] + assert isinstance(mount, str), mount + return mount + + +for pattern in config: + closure = [] + for path in config[pattern]["paths"]: + closure.append(path) + closure.extend(read_edges(path)) + config[pattern]["paths"] = list({host_path(m): m for m in closure}.values()) + +with open(os.environ["out"], "w") as f: + json.dump(config, f) diff --git a/pkgs/by-name/ni/nix-unit/package.nix b/pkgs/by-name/ni/nix-unit/package.nix index a9f1b7105c29d..ddcf0c2a43a98 100644 --- a/pkgs/by-name/ni/nix-unit/package.nix +++ b/pkgs/by-name/ni/nix-unit/package.nix @@ -15,13 +15,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "nix-unit"; - version = "2.18.0"; + version = "2.23.0"; src = fetchFromGitHub { owner = "nix-community"; repo = "nix-unit"; rev = "v${finalAttrs.version}"; - hash = "sha256-9wq14p+85oW4HlD42NJ0jyA++z3nEYjFQ6uT40xdfbc="; + hash = "sha256-sDYeiwVo6+GL4/AHadeExVqE9j3wzdUsyMLs1OYQW7Y="; }; buildInputs = [ @@ -29,7 +29,7 @@ stdenv.mkDerivation (finalAttrs: { # We pin the nix version to a known working one here as upgrades can likely break the build. # Since the nix language is rather stable we don't always need to have the latest and greatest for unit tests # On each update of nix unit we should re-evaluate what version we need. - nixVersions.nix_2_18 + nixVersions.nix_2_23 boost ]; diff --git a/pkgs/by-name/ni/nix-web/package.nix b/pkgs/by-name/ni/nix-web/package.nix index 50ef3aed969eb..4f73413d28884 100644 --- a/pkgs/by-name/ni/nix-web/package.nix +++ b/pkgs/by-name/ni/nix-web/package.nix @@ -15,27 +15,20 @@ let in rustPlatform.buildRustPackage rec { pname = "nix-web"; - version = "0.3.0"; + version = "0.4.2"; src = fetchFromGitea { domain = "codeberg.org"; owner = "gorgon"; repo = "gorgon"; rev = "nix-web-v${version}"; - hash = "sha256-/tjcin3p+nE9Y7bhTCj7D4lpjKEFGM1bRqKE8T6igJE="; - - # Various unit tests contain /nix/store/* paths. This breaks the fetcher in a very funny way: - # error: illegal path references in fixed-output derivation '/nix/store/52nmkc6v9qhdyzszlvbncndxyrcdfjn3-source.drv' - nativeBuildInputs = [ nukeReferences ]; - postFetch = '' - find $out -name "*.rs" -print0 | xargs -0 nuke-refs - ''; + hash = "sha256-lAk2VfhclHswsctA0RQgEj5oEX1fowh8TCaKykGEioY="; }; - cargoHash = "sha256-5pPn6APz0kdxuBdz9pgqvECTk6KhXnW/YTjxKgiuD9Q="; + cargoHash = "sha256-romL/RALr/pmwUA8/SN4AOwc+Vndspd1Yrqs0AHPYRY="; nativeBuildInputs = [ pkg-config ]; buildInputs = lib.optional (!stdenv.isDarwin) openssl - ++ lib.optional stdenv.isDarwin darwin.apple_sdk.frameworks.Security; + ++ lib.optionals stdenv.isDarwin (with darwin.apple_sdk.frameworks; [ Security SystemConfiguration ]); postPatch = '' substituteInPlace nix-web/nix-web.service \ @@ -47,11 +40,6 @@ rustPlatform.buildRustPackage rec { cargoBuildFlags = cargoFlags; cargoTestFlags = cargoFlags; - checkFlags = [ - # Skip tests that rely on store paths nuked by `nuke-refs`. - "--skip=test_env_value_to_html_store_path_subpath" - "--skip=test_env_value_to_html_store_path" - ]; NIX_WEB_BUILD_NIX_CLI_PATH = "${nixPackage}/bin/nix"; diff --git a/pkgs/by-name/ni/nixfmt-rfc-style/date.txt b/pkgs/by-name/ni/nixfmt-rfc-style/date.txt index f4f1f2ef867ec..c494f5c70a473 100644 --- a/pkgs/by-name/ni/nixfmt-rfc-style/date.txt +++ b/pkgs/by-name/ni/nixfmt-rfc-style/date.txt @@ -1 +1 @@ -2024-03-01 +2024-05-28 diff --git a/pkgs/by-name/ni/nixfmt-rfc-style/generated-package.nix b/pkgs/by-name/ni/nixfmt-rfc-style/generated-package.nix index 738b3e53c872b..44ae05865fdd5 100644 --- a/pkgs/by-name/ni/nixfmt-rfc-style/generated-package.nix +++ b/pkgs/by-name/ni/nixfmt-rfc-style/generated-package.nix @@ -1,27 +1,28 @@ # This file has been autogenerate with cabal2nix. # Update via ./update.sh { mkDerivation, base, cmdargs, directory, fetchzip, filepath, lib -, megaparsec, mtl, parser-combinators, safe-exceptions, scientific -, text, transformers, unix +, megaparsec, mtl, parser-combinators, pretty-simple +, safe-exceptions, scientific, text, transformers, unix }: mkDerivation { pname = "nixfmt"; - version = "0.5.0"; + version = "0.6.0"; src = fetchzip { - url = "https://github.com/piegamesde/nixfmt/archive/2b5ee820690bae64cb4003e46917ae43541e3e0b.tar.gz"; - sha256 = "1i1jbc1q4gd7fpilwy6s3a583yl5l8d8rlmipygj61mpclg9ihqg"; + url = "https://github.com/nixos/nixfmt/archive/c67a7b65906bd2432730929bd0e4957659c95b8e.tar.gz"; + sha256 = "03f00vwlla6i3m125389h3xjsl5xm07630ahm4w5gqwq1007y3r2"; }; isLibrary = true; isExecutable = true; libraryHaskellDepends = [ - base megaparsec mtl parser-combinators scientific text transformers + base megaparsec mtl parser-combinators pretty-simple scientific + text transformers ]; executableHaskellDepends = [ base cmdargs directory filepath safe-exceptions text unix ]; jailbreak = true; - homepage = "https://github.com/serokell/nixfmt"; - description = "An opinionated formatter for Nix"; + homepage = "https://github.com/NixOS/nixfmt"; + description = "Opinionated formatter for Nix"; license = lib.licenses.mpl20; mainProgram = "nixfmt"; } diff --git a/pkgs/by-name/ni/nixfmt-rfc-style/package.nix b/pkgs/by-name/ni/nixfmt-rfc-style/package.nix index 90e6dbf2e25d0..bf1c093051d57 100644 --- a/pkgs/by-name/ni/nixfmt-rfc-style/package.nix +++ b/pkgs/by-name/ni/nixfmt-rfc-style/package.nix @@ -14,13 +14,6 @@ let passthru.updateScript = ./update.sh; - patches = [ - (fetchpatch { - url = "https://github.com/serokell/nixfmt/commit/ca9c8975ed671112fdfce94f2e9e2ad3de480c9a.patch"; - hash = "sha256-UOSAYahSKBsqPMVcQJ3H26Eg2xpPAsNOjYMI6g+WTYU="; - }) - ]; - maintainers = lib.teams.formatter.members; # These tests can be run with the following command. diff --git a/pkgs/by-name/ni/nixfmt-rfc-style/update.sh b/pkgs/by-name/ni/nixfmt-rfc-style/update.sh index c70a6e88e7884..9213c73964524 100755 --- a/pkgs/by-name/ni/nixfmt-rfc-style/update.sh +++ b/pkgs/by-name/ni/nixfmt-rfc-style/update.sh @@ -13,8 +13,8 @@ derivation_file="${script_dir}/generated-package.nix" date_file="${script_dir}/date.txt" # This is the latest version of nixfmt-rfc-style branch on GitHub. -new_version=$(curl --silent https://api.github.com/repos/piegamesde/nixfmt/git/refs/heads/rfc101-style | jq '.object.sha' --raw-output) -new_date=$(curl --silent https://api.github.com/repos/piegamesde/nixfmt/git/commits/"$new_version" | jq '.committer.date' --raw-output) +new_version=$(curl --silent https://api.github.com/repos/nixos/nixfmt/git/refs/heads/master | jq '.object.sha' --raw-output) +new_date=$(curl --silent https://api.github.com/repos/nixos/nixfmt/git/commits/"$new_version" | jq '.committer.date' --raw-output) echo "Updating nixfmt-rfc-style to version $new_date." echo "Running cabal2nix and outputting to ${derivation_file}..." @@ -25,7 +25,7 @@ cat > "$derivation_file" << EOF EOF cabal2nix --jailbreak \ - "https://github.com/piegamesde/nixfmt/archive/${new_version}.tar.gz" \ + "https://github.com/nixos/nixfmt/archive/${new_version}.tar.gz" \ >> "$derivation_file" date --date="$new_date" -I > "$date_file" diff --git a/pkgs/by-name/ni/nixos-anywhere/package.nix b/pkgs/by-name/ni/nixos-anywhere/package.nix index 36ee25429b817..55a7deb1b4424 100644 --- a/pkgs/by-name/ni/nixos-anywhere/package.nix +++ b/pkgs/by-name/ni/nixos-anywhere/package.nix @@ -2,7 +2,6 @@ , fetchFromGitHub , openssh , gitMinimal -, rsync , nix , coreutils , curl @@ -13,6 +12,7 @@ , lib , makeWrapper , sshpass +, gnutar }: let runtimeDeps = [ @@ -25,17 +25,17 @@ let findutils gnused # needed by ssh-copy-id sshpass # used to provide password for ssh-copy-id - rsync # used to upload extra-files + gnutar # used to upload extra-files ]; in stdenv.mkDerivation (finalAttrs: { pname = "nixos-anywhere"; - version = "1.2.0"; + version = "1.3.0"; src = fetchFromGitHub { owner = "numtide"; repo = "nixos-anywhere"; rev = finalAttrs.version; - hash = "sha256-u3PFJup/XOz2MBhvqCzm94iH6Z4nrE0KmBgT/OnNDqU="; + hash = "sha256-AdSrhQhJb9ObCgM1iXnoIBBl+6cjRbuTST4Lt02AP5Q="; }; nativeBuildInputs = [ makeWrapper ]; installPhase = '' |