about summary refs log tree commit diff
path: root/pkgs/development/libraries
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/development/libraries')
-rw-r--r--pkgs/development/libraries/boehm-gc/default.nix7
-rw-r--r--pkgs/development/libraries/ffmpeg/4.nix13
-rw-r--r--pkgs/development/libraries/gd/default.nix20
-rw-r--r--pkgs/development/libraries/gettext/default.nix4
-rw-r--r--pkgs/development/libraries/glibc/common.nix15
-rw-r--r--pkgs/development/libraries/glibc/locales-builder.sh1
-rw-r--r--pkgs/development/libraries/gtk-sharp/builder.sh1
-rw-r--r--pkgs/development/libraries/libarchive/default.nix4
-rw-r--r--pkgs/development/libraries/libdevil/default.nix44
-rw-r--r--pkgs/development/libraries/librsvg/default.nix4
-rw-r--r--pkgs/development/libraries/nghttp2/default.nix4
-rw-r--r--pkgs/development/libraries/oniguruma/default.nix18
-rw-r--r--pkgs/development/libraries/openssl/3.0/CVE-2022-3996.patch36
-rw-r--r--pkgs/development/libraries/openssl/default.nix3
-rw-r--r--pkgs/development/libraries/pcre2/default.nix4
-rw-r--r--pkgs/development/libraries/polkit/default.nix2
-rw-r--r--pkgs/development/libraries/spirv-headers/default.nix4
-rw-r--r--pkgs/development/libraries/vulkan-headers/default.nix4
-rw-r--r--pkgs/development/libraries/vulkan-loader/default.nix4
-rw-r--r--pkgs/development/libraries/wtk/builder.sh1
-rw-r--r--pkgs/development/libraries/x265/default.nix3
-rw-r--r--pkgs/development/libraries/xapian/default.nix2
22 files changed, 128 insertions, 70 deletions
diff --git a/pkgs/development/libraries/boehm-gc/default.nix b/pkgs/development/libraries/boehm-gc/default.nix
index 34e26f5470937..de5aff6c3b6eb 100644
--- a/pkgs/development/libraries/boehm-gc/default.nix
+++ b/pkgs/development/libraries/boehm-gc/default.nix
@@ -1,7 +1,6 @@
 { lib
 , stdenv
 , fetchurl
-, autoreconfHook
 # doc: https://github.com/ivmai/bdwgc/blob/v8.2.2/doc/README.macros (LARGE_CONFIG)
 , enableLargeConfig ? false
 , enableMmap ? true
@@ -36,14 +35,14 @@ stdenv.mkDerivation (finalAttrs: {
   # don't forget to disable the fix (and if the next release does
   # not fix the problem the test failure will be a reminder to
   # extend the set of versions requiring the workaround).
-  makeFlags = if (stdenv.hostPlatform.isPower64 &&
+  makeFlags = lib.optionals (stdenv.hostPlatform.isPower64 &&
                   finalAttrs.version == "8.2.2")
-    then [
+    [
       # do not use /proc primitives to track dirty bits; see:
       # https://github.com/ivmai/bdwgc/issues/479#issuecomment-1279687537
       # https://github.com/ivmai/bdwgc/blob/54522af853de28f45195044dadfd795c4e5942aa/include/private/gcconfig.h#L741
       "CFLAGS_EXTRA=-DNO_SOFT_VDB"
-    ] else null;
+    ];
 
   # `gctest` fails under emulation on aarch64-darwin
   doCheck = !(stdenv.isDarwin && stdenv.isx86_64);
diff --git a/pkgs/development/libraries/ffmpeg/4.nix b/pkgs/development/libraries/ffmpeg/4.nix
index e37e90d553a3b..ac88df930768a 100644
--- a/pkgs/development/libraries/ffmpeg/4.nix
+++ b/pkgs/development/libraries/ffmpeg/4.nix
@@ -1,15 +1,8 @@
-{ callPackage, fetchpatch, ... }@args:
+{ callPackage, ... }@args:
 
 callPackage ./generic.nix (rec {
-  version = "4.4.2";
+  version = "4.4.3";
   branch = version;
-  sha256 = "sha256-+YpIJSDEdQdSGpB5FNqp77wThOBZG1r8PaGKqJfeKUg=";
+  sha256 = "sha256-M7jC281TD+HbVxBBU0Vgm0yiJ70NoeOpMy27DxH9Jzo=";
 
-  patches = [
-    # SDL2 recently changed their versioning
-    (fetchpatch {
-      url = "https://git.videolan.org/?p=ffmpeg.git;a=patch;h=e5163b1d34381a3319214a902ef1df923dd2eeba";
-      hash = "sha256-nLhP2+34cj5EgpnUrePZp60nYAxmbhZAEDfay4pBVk0=";
-    })
-  ];
 } // args)
diff --git a/pkgs/development/libraries/gd/default.nix b/pkgs/development/libraries/gd/default.nix
index 7ea8ce6d29b44..c9845feb96783 100644
--- a/pkgs/development/libraries/gd/default.nix
+++ b/pkgs/development/libraries/gd/default.nix
@@ -1,4 +1,6 @@
-{ lib, stdenv, fetchurl
+{ lib
+, stdenv
+, fetchurl
 , fetchpatch
 , autoconf
 , automake
@@ -8,6 +10,7 @@
 , libjpeg
 , libwebp
 , libtiff
+, withXorg ? true
 , libXpm
 , libavif
 , fontconfig
@@ -33,20 +36,22 @@ stdenv.mkDerivation rec {
 
   hardeningDisable = [ "format" ];
 
-  configureFlags =
-    [
-      "--enable-gd-formats"
-    ]
+  configureFlags = [
+    "--enable-gd-formats"
+  ]
     # -pthread gets passed to clang, causing warnings
     ++ lib.optional stdenv.isDarwin "--enable-werror=no";
 
   nativeBuildInputs = [ autoconf automake pkg-config ];
 
-  buildInputs = [ zlib fontconfig freetype libpng libjpeg libwebp libtiff libXpm libavif ];
+  buildInputs = [ zlib fontconfig freetype libpng libjpeg libwebp libtiff libavif ]
+    ++ lib.optional withXorg libXpm;
 
   outputs = [ "bin" "dev" "out" ];
 
-  postFixup = ''moveToOutput "bin/gdlib-config" $dev'';
+  postFixup = ''
+    moveToOutput "bin/gdlib-config" $dev
+  '';
 
   enableParallelBuilding = true;
 
@@ -57,5 +62,6 @@ stdenv.mkDerivation rec {
     description = "A dynamic image creation library";
     license = licenses.free; # some custom license
     platforms = platforms.unix;
+    maintainers = with maintainers; [ ];
   };
 }
diff --git a/pkgs/development/libraries/gettext/default.nix b/pkgs/development/libraries/gettext/default.nix
index a1270af259cda..ae5b9f48293a3 100644
--- a/pkgs/development/libraries/gettext/default.nix
+++ b/pkgs/development/libraries/gettext/default.nix
@@ -60,7 +60,9 @@ stdenv.mkDerivation rec {
     ../../../build-support/setup-hooks/role.bash
     ./gettext-setup-hook.sh
   ];
-  gettextNeedsLdflags = stdenv.hostPlatform.libc != "glibc" && !stdenv.hostPlatform.isMusl;
+  env = {
+    gettextNeedsLdflags = stdenv.hostPlatform.libc != "glibc" && !stdenv.hostPlatform.isMusl;
+  };
 
   enableParallelBuilding = true;
   enableParallelChecking = false; # fails sometimes
diff --git a/pkgs/development/libraries/glibc/common.nix b/pkgs/development/libraries/glibc/common.nix
index 61c0c92d5280a..889ca7bf48fd6 100644
--- a/pkgs/development/libraries/glibc/common.nix
+++ b/pkgs/development/libraries/glibc/common.nix
@@ -54,9 +54,6 @@ assert withGd -> gd != null && libpng != null;
 
 stdenv.mkDerivation ({
   version = version + patchSuffix;
-  linuxHeaders = if withLinuxHeaders then linuxHeaders else null;
-
-  inherit (stdenv) is64bit;
 
   enableParallelBuilding = true;
 
@@ -175,10 +172,14 @@ stdenv.mkDerivation ({
   nativeBuildInputs = [ bison python3Minimal ] ++ extraNativeBuildInputs;
   buildInputs = [ linuxHeaders ] ++ lib.optionals withGd [ gd libpng ] ++ extraBuildInputs;
 
-  # Needed to install share/zoneinfo/zone.tab.  Set to impure /bin/sh to
-  # prevent a retained dependency on the bootstrap tools in the stdenv-linux
-  # bootstrap.
-  BASH_SHELL = "/bin/sh";
+  env = {
+    linuxHeaders = if withLinuxHeaders then linuxHeaders else "";
+    inherit (stdenv) is64bit;
+    # Needed to install share/zoneinfo/zone.tab.  Set to impure /bin/sh to
+    # prevent a retained dependency on the bootstrap tools in the stdenv-linux
+    # bootstrap.
+    BASH_SHELL = "/bin/sh";
+  };
 
   # Used by libgcc, elf-header, and others to determine ABI
   passthru = { inherit version; minorRelease = version; };
diff --git a/pkgs/development/libraries/glibc/locales-builder.sh b/pkgs/development/libraries/glibc/locales-builder.sh
index d732e208fa22a..d91f936c937b1 100644
--- a/pkgs/development/libraries/glibc/locales-builder.sh
+++ b/pkgs/development/libraries/glibc/locales-builder.sh
@@ -1,3 +1,4 @@
+if [ -e .attrs.sh ]; then source .attrs.sh; fi
 # Glibc cannot have itself in its RPATH.
 export NIX_NO_SELF_RPATH=1
 
diff --git a/pkgs/development/libraries/gtk-sharp/builder.sh b/pkgs/development/libraries/gtk-sharp/builder.sh
index 4b8f757540b55..73914495d6d41 100644
--- a/pkgs/development/libraries/gtk-sharp/builder.sh
+++ b/pkgs/development/libraries/gtk-sharp/builder.sh
@@ -1,3 +1,4 @@
+if [ -e .attrs.sh ]; then source .attrs.sh; fi
 source $stdenv/setup
 
 genericBuild
diff --git a/pkgs/development/libraries/libarchive/default.nix b/pkgs/development/libraries/libarchive/default.nix
index 066ea8b60ddcf..c7e9f117f94cb 100644
--- a/pkgs/development/libraries/libarchive/default.nix
+++ b/pkgs/development/libraries/libarchive/default.nix
@@ -28,13 +28,13 @@ assert xarSupport -> libxml2 != null;
 
 stdenv.mkDerivation rec {
   pname = "libarchive";
-  version = "3.6.1";
+  version = "3.6.2";
 
   src = fetchFromGitHub {
     owner = "libarchive";
     repo = "libarchive";
     rev = "v${version}";
-    hash = "sha256-G4wL5DDbX0FqaA4cnOlVLZ25ObN8dNsRtxyas29tpDA=";
+    hash = "sha256-wQbA6vlXH8pnpY7LJLkjrRFEBpcaPR1SqxnK71UVwxg=";
   };
 
   postPatch = ''
diff --git a/pkgs/development/libraries/libdevil/default.nix b/pkgs/development/libraries/libdevil/default.nix
index a79e5371c01b4..35637512e0a55 100644
--- a/pkgs/development/libraries/libdevil/default.nix
+++ b/pkgs/development/libraries/libdevil/default.nix
@@ -1,22 +1,36 @@
-{ lib, stdenv, fetchurl, libjpeg, libpng, libmng, lcms1, libtiff, openexr, libGL
-, libX11, pkg-config, OpenGL
+{ lib
+, stdenv
+, fetchurl
+, libjpeg
+, libpng
+, libmng
+, lcms1
+, libtiff
+, openexr
+, libGL
+, libX11
+, pkg-config
+, OpenGL
+, runtimeShell
+, withXorg ? true
 }:
 
 stdenv.mkDerivation rec {
-
   pname = "libdevil";
   version = "1.7.8";
 
+  outputs = [ "out" "dev" ];
+
   src = fetchurl {
     url = "mirror://sourceforge/openil/DevIL-${version}.tar.gz";
     sha256 = "1zd850nn7nvkkhasrv7kn17kzgslr5ry933v6db62s4lr0zzlbv8";
   };
 
-  outputs = [ "out" "dev" ];
+  nativeBuildInputs = [ pkg-config ];
 
-  buildInputs = [ libjpeg libpng libmng lcms1 libtiff openexr libGL libX11 ]
+  buildInputs = [ libjpeg libpng libmng lcms1 libtiff openexr ]
+    ++ lib.optionals withXorg [ libX11 libGL ]
     ++ lib.optionals stdenv.isDarwin [ OpenGL ];
-  nativeBuildInputs = [ pkg-config ];
 
   configureFlags = [ "--enable-ILU" "--enable-ILUT" ];
 
@@ -31,29 +45,29 @@ stdenv.mkDerivation rec {
     sed -i '/RESTRICT_KEYWORD/d' include/IL/config.h
   '';
 
-  patches =
-    [ ( fetchurl {
+  patches = [
+    (fetchurl {
         url = "https://sources.debian.org/data/main/d/devil/1.7.8-10/debian/patches/03_CVE-2009-3994.diff";
         sha256 = "0qkx2qfv02igbrmsn6z5a3lbrbwjfh3rb0c2sj54wy0j1f775hbc";
-      } )
-      ./ftbfs-libpng15.patch
-      ./il_endian.h.patch
-    ];
+    })
+    ./ftbfs-libpng15.patch
+    ./il_endian.h.patch
+  ];
 
   enableParallelBuilding = true;
 
   postPatch = ''
     for a in test/Makefile.in test/format_test/format_checks.sh.in ; do
       substituteInPlace $a \
-        --replace /bin/bash ${stdenv.shell}
+        --replace /bin/bash ${runtimeShell}
     done
   '';
 
   meta = with lib; {
-    homepage = "http://openil.sourceforge.net/";
+    homepage = "https://openil.sourceforge.net/";
     description = "An image library which can can load, save, convert, manipulate, filter and display a wide variety of image formats";
     license = licenses.lgpl2;
     platforms = platforms.mesaPlatforms;
-    maintainers = [ ];
+    maintainers = with maintainers; [ ];
   };
 }
diff --git a/pkgs/development/libraries/librsvg/default.nix b/pkgs/development/libraries/librsvg/default.nix
index 6b174a7dfa4df..a60da602e0709 100644
--- a/pkgs/development/libraries/librsvg/default.nix
+++ b/pkgs/development/libraries/librsvg/default.nix
@@ -15,7 +15,7 @@
 , rustPlatform
 , rustc
 , rust
-, cargo
+, cargo-auditable-cargo-wrapper
 , gi-docgen
 , python3Packages
 , gnome
@@ -57,7 +57,7 @@ stdenv.mkDerivation rec {
     gdk-pixbuf
     pkg-config
     rustc
-    cargo
+    cargo-auditable-cargo-wrapper
     python3Packages.docutils
     vala
     rustPlatform.cargoSetupHook
diff --git a/pkgs/development/libraries/nghttp2/default.nix b/pkgs/development/libraries/nghttp2/default.nix
index 8e3264dcbc510..f118467b56cf4 100644
--- a/pkgs/development/libraries/nghttp2/default.nix
+++ b/pkgs/development/libraries/nghttp2/default.nix
@@ -31,11 +31,11 @@ assert enableJemalloc -> enableApp;
 
 stdenv.mkDerivation rec {
   pname = "nghttp2";
-  version = "1.49.0";
+  version = "1.51.0";
 
   src = fetchurl {
     url = "https://github.com/${pname}/${pname}/releases/download/v${version}/${pname}-${version}.tar.bz2";
-    sha256 = "sha256-LNTbfXX3FJQVMknL6UoJLaTG7NdCQPirGM9kTZ1l9u4=";
+    sha256 = "sha256-6z6m9bYMbT7b8GXgT0NOjtYpGlyxoHkZxBcwqx/MAOA=";
   };
 
   outputs = [ "bin" "out" "dev" "lib" ]
diff --git a/pkgs/development/libraries/oniguruma/default.nix b/pkgs/development/libraries/oniguruma/default.nix
index bc084829e7bb5..3062c3cb4e11c 100644
--- a/pkgs/development/libraries/oniguruma/default.nix
+++ b/pkgs/development/libraries/oniguruma/default.nix
@@ -1,16 +1,18 @@
-{ lib, stdenv, fetchFromGitHub, autoreconfHook }:
+{ lib, stdenv, fetchurl, autoreconfHook }:
 
 stdenv.mkDerivation rec {
-  pname = "onig";
+  pname = "oniguruma";
   version = "6.9.8";
 
-  src = fetchFromGitHub {
-    owner = "kkos";
-    repo = "oniguruma";
-    rev = "v${version}";
-    sha256 = "sha256-8aFZdhh6ovLCR0A17rvWq/Oif66rSMnHcCYHjClNElw=";
+  # Note: do not use fetchpatch or fetchFromGitHub to keep this package available in __bootPackages
+  src = fetchurl {
+    url = "https://github.com/kkos/oniguruma/releases/download/v${version}/onig-${version}.tar.gz";
+    sha256 = "sha256-KM1iwUZGI8eRBWX7HMqqAQSy/osSvNZG6B9ztHU1IT4=";
   };
 
+  outputs = [ "dev" "lib" "out" ];
+  outputBin = "dev"; # onig-config
+
   nativeBuildInputs = [ autoreconfHook ];
   configureFlags = [ "--enable-posix-api=yes" ];
 
@@ -18,7 +20,7 @@ stdenv.mkDerivation rec {
     homepage = "https://github.com/kkos/oniguruma";
     description = "Regular expressions library";
     license = licenses.bsd2;
-    maintainers = with maintainers; [ ];
+    maintainers = with maintainers; [ artturin ];
     platforms = platforms.unix;
   };
 }
diff --git a/pkgs/development/libraries/openssl/3.0/CVE-2022-3996.patch b/pkgs/development/libraries/openssl/3.0/CVE-2022-3996.patch
new file mode 100644
index 0000000000000..2acedda0e3a49
--- /dev/null
+++ b/pkgs/development/libraries/openssl/3.0/CVE-2022-3996.patch
@@ -0,0 +1,36 @@
+From 7725e7bfe6f2ce8146b6552b44e0d226be7638e7 Mon Sep 17 00:00:00 2001
+From: Pauli <pauli@openssl.org>
+Date: Fri, 11 Nov 2022 09:40:19 +1100
+Subject: [PATCH] x509: fix double locking problem
+
+This reverts commit 9aa4be691f5c73eb3c68606d824c104550c053f7 and removed the
+redundant flag setting.
+
+Fixes #19643
+
+Fixes LOW CVE-2022-3996
+
+Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
+Reviewed-by: Tomas Mraz <tomas@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/19652)
+
+(cherry picked from commit 4d0340a6d2f327700a059f0b8f954d6160f8eef5)
+---
+ crypto/x509/pcy_map.c | 4 ----
+ 1 file changed, 4 deletions(-)
+
+diff --git a/crypto/x509/pcy_map.c b/crypto/x509/pcy_map.c
+index 05406c6493fc..60dfd1e3203b 100644
+--- a/crypto/x509/pcy_map.c
++++ b/crypto/x509/pcy_map.c
+@@ -73,10 +73,6 @@ int ossl_policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps)
+ 
+     ret = 1;
+  bad_mapping:
+-    if (ret == -1 && CRYPTO_THREAD_write_lock(x->lock)) {
+-        x->ex_flags |= EXFLAG_INVALID_POLICY;
+-        CRYPTO_THREAD_unlock(x->lock);
+-    }
+     sk_POLICY_MAPPING_pop_free(maps, POLICY_MAPPING_free);
+     return ret;
+ 
diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix
index 45a34971c8f04..4c322997963a6 100644
--- a/pkgs/development/libraries/openssl/default.nix
+++ b/pkgs/development/libraries/openssl/default.nix
@@ -241,6 +241,9 @@ in {
       (if stdenv.hostPlatform.isDarwin
        then ./use-etc-ssl-certs-darwin.patch
        else ./use-etc-ssl-certs.patch)
+
+       # Remove with 3.0.8 release
+       ./3.0/CVE-2022-3996.patch
     ];
 
     withDocs = true;
diff --git a/pkgs/development/libraries/pcre2/default.nix b/pkgs/development/libraries/pcre2/default.nix
index 226b92ccfdd35..82fc33670bc56 100644
--- a/pkgs/development/libraries/pcre2/default.nix
+++ b/pkgs/development/libraries/pcre2/default.nix
@@ -6,11 +6,11 @@
 
 stdenv.mkDerivation rec {
   pname = "pcre2";
-  version = "10.40";
+  version = "10.42";
 
   src = fetchurl {
     url = "https://github.com/PhilipHazel/pcre2/releases/download/pcre2-${version}/pcre2-${version}.tar.bz2";
-    hash = "sha256-FOS4PEeDkz3BfpZDGOYyT3yuG8ddjzx5vGlp8AwVnWg=";
+    hash = "sha256-jTbNjLbqKkwrs1j/ZBGwx4hjOipF2rvxrrS3AdG16EA=";
   };
 
   configureFlags = [
diff --git a/pkgs/development/libraries/polkit/default.nix b/pkgs/development/libraries/polkit/default.nix
index e9f9120620ac4..6d2a56d03ac35 100644
--- a/pkgs/development/libraries/polkit/default.nix
+++ b/pkgs/development/libraries/polkit/default.nix
@@ -167,7 +167,7 @@ stdenv.mkDerivation rec {
     rsync --archive "${DESTDIR}${system}"/* "$out"
     rm --recursive "${DESTDIR}${system}"/*
     rmdir --parents --ignore-fail-on-non-empty "${DESTDIR}${system}"
-    for o in $outputs; do
+    for o in $(getAllOutputNames); do
         rsync --archive "${DESTDIR}/''${!o}" "$(dirname "''${!o}")"
         rm --recursive "${DESTDIR}/''${!o}"
     done
diff --git a/pkgs/development/libraries/spirv-headers/default.nix b/pkgs/development/libraries/spirv-headers/default.nix
index 8abdea5249b79..78dc373d4ab6e 100644
--- a/pkgs/development/libraries/spirv-headers/default.nix
+++ b/pkgs/development/libraries/spirv-headers/default.nix
@@ -2,13 +2,13 @@
 
 stdenv.mkDerivation rec {
   pname = "spirv-headers";
-  version = "1.3.231.0";
+  version = "1.3.236.0";
 
   src = fetchFromGitHub {
     owner = "KhronosGroup";
     repo = "SPIRV-Headers";
     rev = "sdk-${version}";
-    hash = "sha256-lUWgZYGPu+IaLUrbtyC7R0o3Hq/q7C7BE8r7DAsiC30=";
+    hash = "sha256-eWI1MyIWxcg1JepRsnHBmitehDigDa+dR8kXvIkYejY=";
   };
 
   nativeBuildInputs = [ cmake ];
diff --git a/pkgs/development/libraries/vulkan-headers/default.nix b/pkgs/development/libraries/vulkan-headers/default.nix
index 1db531e3732cd..8f1202088e58e 100644
--- a/pkgs/development/libraries/vulkan-headers/default.nix
+++ b/pkgs/development/libraries/vulkan-headers/default.nix
@@ -1,7 +1,7 @@
 { lib, stdenv, fetchFromGitHub, cmake }:
 stdenv.mkDerivation rec {
   pname = "vulkan-headers";
-  version = "1.3.231.0";
+  version = "1.3.236.0";
 
   nativeBuildInputs = [ cmake ];
 
@@ -9,7 +9,7 @@ stdenv.mkDerivation rec {
     owner = "KhronosGroup";
     repo = "Vulkan-Headers";
     rev = "sdk-${version}";
-    hash = "sha256-EoD48jBoJmIet4BDC6bYxOsKK2358SZ/NcZeM61q/5g=";
+    hash = "sha256-b1q9QugFH4lieS8CTOyZ3uoQ7bd44G8NPEwRtUPD+24=";
   };
 
   meta = with lib; {
diff --git a/pkgs/development/libraries/vulkan-loader/default.nix b/pkgs/development/libraries/vulkan-loader/default.nix
index 27c1423d94e50..8d38f725a64d6 100644
--- a/pkgs/development/libraries/vulkan-loader/default.nix
+++ b/pkgs/development/libraries/vulkan-loader/default.nix
@@ -3,14 +3,14 @@
 
 stdenv.mkDerivation rec {
   pname = "vulkan-loader";
-  version = "1.3.231.0";
+  version = "1.3.236.0";
 
   src = (assert version == vulkan-headers.version;
     fetchFromGitHub {
       owner = "KhronosGroup";
       repo = "Vulkan-Loader";
       rev = "sdk-${version}";
-      hash = "sha256-HWaa3JT0znhvqbvZdcsAwy8Dr6HDQp4rgpVmMOuCo0s=";
+      hash = "sha256-Y6OakowZlb40ZatITQCFBK/qSZqSdgTNew1XUFD/jMo=";
     });
 
   patches = [ ./fix-pkgconfig.patch ];
diff --git a/pkgs/development/libraries/wtk/builder.sh b/pkgs/development/libraries/wtk/builder.sh
index 86f2719537cd0..c3ad173b09338 100644
--- a/pkgs/development/libraries/wtk/builder.sh
+++ b/pkgs/development/libraries/wtk/builder.sh
@@ -1,3 +1,4 @@
+if [ -e .attrs.sh ]; then source .attrs.sh; fi
 source $stdenv/setup
 
 mkdir unzipped
diff --git a/pkgs/development/libraries/x265/default.nix b/pkgs/development/libraries/x265/default.nix
index 92f7f11170f6e..b63b0101d54be 100644
--- a/pkgs/development/libraries/x265/default.nix
+++ b/pkgs/development/libraries/x265/default.nix
@@ -35,8 +35,7 @@ let
     (mkFlag vtuneSupport "ENABLE_VTUNE")
     (mkFlag werrorSupport "WARNINGS_AS_ERRORS")
     # Potentially riscv cross could be fixed by providing the correct CMAKE_SYSTEM_PROCESSOR flag
-    (mkFlag (with stdenv; !(isCross && hostPlatform.isRiscV || isDarwin && isAarch64)) "ENABLE_ASSEMBLY")
-  ];
+  ] ++ lib.optional (isCross && stdenv.hostPlatform.isRiscV) "-DENABLE_ASSEMBLY=OFF";
 
   cmakeStaticLibFlags = [
     "-DHIGH_BIT_DEPTH=ON"
diff --git a/pkgs/development/libraries/xapian/default.nix b/pkgs/development/libraries/xapian/default.nix
index 700fa1d13dd12..3c0a555dd9780 100644
--- a/pkgs/development/libraries/xapian/default.nix
+++ b/pkgs/development/libraries/xapian/default.nix
@@ -26,7 +26,7 @@ let
     nativeBuildInputs = [ autoreconfHook ];
 
     doCheck = true;
-    AUTOMATED_TESTING = true; # https://trac.xapian.org/changeset/8be35f5e1/git
+    env.AUTOMATED_TESTING = true; # https://trac.xapian.org/changeset/8be35f5e1/git
 
     patches = lib.optionals stdenv.isDarwin [ ./skip-flaky-darwin-test.patch ];
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-16 13:49:10 +0000