diff options
Diffstat (limited to 'pkgs/development')
81 files changed, 488 insertions, 230 deletions
diff --git a/pkgs/development/compilers/aspectj/builder.sh b/pkgs/development/compilers/aspectj/builder.sh index 3b43937200423..7ea0a40d37484 100755 --- a/pkgs/development/compilers/aspectj/builder.sh +++ b/pkgs/development/compilers/aspectj/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup export JAVA_HOME=$jre diff --git a/pkgs/development/compilers/chicken/4/fetchegg/builder.sh b/pkgs/development/compilers/chicken/4/fetchegg/builder.sh index 2046610630905..5f41a36263a9c 100644 --- a/pkgs/development/compilers/chicken/4/fetchegg/builder.sh +++ b/pkgs/development/compilers/chicken/4/fetchegg/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup header "exporting egg ${eggName} (version $version) into $out" diff --git a/pkgs/development/compilers/chicken/5/fetchegg/builder.sh b/pkgs/development/compilers/chicken/5/fetchegg/builder.sh index d9adf510f22d5..f02e017577873 100644 --- a/pkgs/development/compilers/chicken/5/fetchegg/builder.sh +++ b/pkgs/development/compilers/chicken/5/fetchegg/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup header "exporting egg ${eggName} (version $version) into $out" diff --git a/pkgs/development/compilers/fpc/binary-builder-darwin.sh b/pkgs/development/compilers/fpc/binary-builder-darwin.sh index f9bdf18e7d682..39db0518281da 100755 --- a/pkgs/development/compilers/fpc/binary-builder-darwin.sh +++ b/pkgs/development/compilers/fpc/binary-builder-darwin.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup pkgdir=$(pwd)/pkg diff --git a/pkgs/development/compilers/fpc/binary-builder.sh b/pkgs/development/compilers/fpc/binary-builder.sh index 4308c1ed211ae..c471378c275f5 100755 --- a/pkgs/development/compilers/fpc/binary-builder.sh +++ b/pkgs/development/compilers/fpc/binary-builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup tar xf $src diff --git a/pkgs/development/compilers/gcc/builder.sh b/pkgs/development/compilers/gcc/builder.sh index c73e9e0c10759..113bd83ea53fc 100644 --- a/pkgs/development/compilers/gcc/builder.sh +++ b/pkgs/development/compilers/gcc/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup diff --git a/pkgs/development/compilers/glslang/default.nix b/pkgs/development/compilers/glslang/default.nix index d93f647f84629..f5f46ff9f4f7f 100644 --- a/pkgs/development/compilers/glslang/default.nix +++ b/pkgs/development/compilers/glslang/default.nix @@ -10,13 +10,13 @@ }: stdenv.mkDerivation rec { pname = "glslang"; - version = "1.3.231.0"; + version = "1.3.236.0"; src = fetchFromGitHub { owner = "KhronosGroup"; repo = "glslang"; rev = "sdk-${version}"; - hash = "sha256-huPrQr+lPi7QCF8CufAavHEKGDDimGrcskiojhH9QYk="; + hash = "sha256-iVcx1j7OMJEU4cPydNwQSFufTUiqq7GKp69Y6pEt7Wc="; }; # These get set at all-packages, keep onto them for child drvs @@ -28,12 +28,6 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ cmake python3 bison jq ]; patches = [ - # https://github.com/NixOS/nixpkgs/pull/201747 - (fetchpatch { - name = "Fix-locations-of-cmake-files-in-side-compat-shims.patch"; - url = "https://github.com/KhronosGroup/glslang/commit/88fd417b0bb7d91755961c70e846d274c182f2b0.patch"; - hash = "sha256-rjeaPX5Ieem6zkICNvPd2SjvvLzG5wBERZfDLZEJsAk="; - }) (fetchpatch { name = "Use-CMAKE_INSTALL_FULL_LIBDIR-in-compat-cmake-files.patch"; url = "https://github.com/KhronosGroup/glslang/commit/7627bd89583c5aafb8b38c81c15494019271fabf.patch"; diff --git a/pkgs/development/compilers/ios-cross-compile/9.2_builder.sh b/pkgs/development/compilers/ios-cross-compile/9.2_builder.sh index 68ba3ed3a920a..47459664af0a5 100644 --- a/pkgs/development/compilers/ios-cross-compile/9.2_builder.sh +++ b/pkgs/development/compilers/ios-cross-compile/9.2_builder.sh @@ -1,4 +1,5 @@ # -*- shell-script -*- +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup function extract diff --git a/pkgs/development/compilers/ocaml/builder.sh b/pkgs/development/compilers/ocaml/builder.sh index a1807682d8674..88acc0654cf2b 100644 --- a/pkgs/development/compilers/ocaml/builder.sh +++ b/pkgs/development/compilers/ocaml/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup configureFlags="-prefix $out $configureFlags" diff --git a/pkgs/development/compilers/openjdk/11.nix b/pkgs/development/compilers/openjdk/11.nix index 820469ab8f156..72b25bff777b6 100644 --- a/pkgs/development/compilers/openjdk/11.nix +++ b/pkgs/development/compilers/openjdk/11.nix @@ -11,8 +11,8 @@ let major = "11"; minor = "0"; - update = "15"; - build = "10"; + update = "17"; + build = "8"; openjdk = stdenv.mkDerivation rec { pname = "openjdk" + lib.optionalString headless "-headless"; @@ -22,7 +22,7 @@ let owner = "openjdk"; repo = "jdk${major}u"; rev = "jdk-${version}"; - sha256 = "le2JDxPJPSuga4JxLJNRZwCaodptSb2kh4TsJXumTXs="; + sha256 = "sha256-kvgLYqQZPqyuigVyzbDHc3TMff0clvzM8IdzYLYcxPU="; }; nativeBuildInputs = [ pkg-config autoconf unzip ]; @@ -131,12 +131,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort | uniq | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/12.nix b/pkgs/development/compilers/openjdk/12.nix index a8de9fe43ffc6..bd3defbd6b98c 100644 --- a/pkgs/development/compilers/openjdk/12.nix +++ b/pkgs/development/compilers/openjdk/12.nix @@ -135,12 +135,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort | uniq | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/13.nix b/pkgs/development/compilers/openjdk/13.nix index 5b7e87b0ef3ac..40dc753f7955c 100644 --- a/pkgs/development/compilers/openjdk/13.nix +++ b/pkgs/development/compilers/openjdk/13.nix @@ -135,12 +135,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort | uniq | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/14.nix b/pkgs/development/compilers/openjdk/14.nix index 1381b0995a76c..047e1a3908191 100644 --- a/pkgs/development/compilers/openjdk/14.nix +++ b/pkgs/development/compilers/openjdk/14.nix @@ -131,12 +131,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort | uniq | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/15.nix b/pkgs/development/compilers/openjdk/15.nix index 6ea1d0b1dd31c..c33e937f9f24b 100644 --- a/pkgs/development/compilers/openjdk/15.nix +++ b/pkgs/development/compilers/openjdk/15.nix @@ -131,12 +131,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort | uniq | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/16.nix b/pkgs/development/compilers/openjdk/16.nix index 0e1911bb1a703..461cd724144ed 100644 --- a/pkgs/development/compilers/openjdk/16.nix +++ b/pkgs/development/compilers/openjdk/16.nix @@ -138,12 +138,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort | uniq | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/17.nix b/pkgs/development/compilers/openjdk/17.nix index bc92b1393fdb3..6d8087d7e948d 100644 --- a/pkgs/development/compilers/openjdk/17.nix +++ b/pkgs/development/compilers/openjdk/17.nix @@ -149,12 +149,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort -u | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/18.nix b/pkgs/development/compilers/openjdk/18.nix index 600899677fed2..37b51a1ee4ce0 100644 --- a/pkgs/development/compilers/openjdk/18.nix +++ b/pkgs/development/compilers/openjdk/18.nix @@ -147,12 +147,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort -u | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/19.nix b/pkgs/development/compilers/openjdk/19.nix index 87c978ec8305e..1af3c920b2c69 100644 --- a/pkgs/development/compilers/openjdk/19.nix +++ b/pkgs/development/compilers/openjdk/19.nix @@ -147,12 +147,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort -u | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/8.nix b/pkgs/development/compilers/openjdk/8.nix index c232b1f01f16d..c65a9fcc66b68 100644 --- a/pkgs/development/compilers/openjdk/8.nix +++ b/pkgs/development/compilers/openjdk/8.nix @@ -20,7 +20,7 @@ let powerpc64le-linux = "ppc64le"; }.${stdenv.system} or (throw "Unsupported platform ${stdenv.system}"); - update = "322"; + update = "352"; build = "ga"; openjdk8 = stdenv.mkDerivation rec { @@ -31,7 +31,7 @@ let owner = "openjdk"; repo = "jdk8u"; rev = "jdk${version}"; - sha256 = "sha256-e39Yv+NDQG7z6fGmpKEnkKd5MoHZ50SXlq/Q7lzWcDA="; + sha256 = "sha256-xDiiALDjStD9IPhbBr997rm/v2Q/WdS10cILBCmdJIQ="; }; outputs = [ "out" "jre" ]; @@ -187,12 +187,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort | uniq | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/openjfx/11.nix b/pkgs/development/compilers/openjdk/openjfx/11.nix index 1bbb4e42dbc5b..164677c3b8dcd 100644 --- a/pkgs/development/compilers/openjdk/openjfx/11.nix +++ b/pkgs/development/compilers/openjdk/openjfx/11.nix @@ -1,13 +1,13 @@ -{ stdenv, lib, fetchurl, writeText, gradle_4, pkg-config, perl, cmake -, gperf, gtk2, gtk3, libXtst, libXxf86vm, glib, alsa-lib, ffmpeg_4-headless, python3, ruby +{ stdenv, lib, fetchFromGitHub, writeText, gradle_7, pkg-config, perl, cmake +, gperf, gtk2, gtk3, libXtst, libXxf86vm, glib, alsa-lib, ffmpeg_4-headless, python3, ruby, icu68 , openjdk11-bootstrap }: let major = "11"; - update = ".0.11"; + update = ".0.17"; build = "1"; repover = "${major}${update}+${build}"; - gradle_ = (gradle_4.override { + gradle_ = (gradle_7.override { java = openjdk11-bootstrap; }); @@ -24,12 +24,14 @@ let makePackage = args: stdenv.mkDerivation ({ version = "${major}${update}-${build}"; - src = fetchurl { - url = "https://hg.openjdk.java.net/openjfx/${major}-dev/rt/archive/${repover}.tar.gz"; - sha256 = "sha256-mbEALUxuwbtlGeZ2Xsm3m3aNDdthLYWd6QHmdkAILxc="; + src = fetchFromGitHub { + owner = "openjdk"; + repo = "jfx${major}u"; + rev = repover; + sha256 = "sha256-uKb6k+tIFdwy1BYiHWeGmKNz82X4CZjFlGYqLDpSFY0="; }; - buildInputs = [ gtk2 gtk3 libXtst libXxf86vm glib alsa-lib ffmpeg_4-headless ]; + buildInputs = [ gtk2 gtk3 libXtst libXxf86vm glib alsa-lib ffmpeg_4-headless icu68 ]; nativeBuildInputs = [ gradle_ perl pkg-config cmake gperf python3 ruby ]; dontUseCmakeConfigure = true; @@ -44,8 +46,6 @@ let JDK_HOME = ${openjdk11-bootstrap.home} '' + args.gradleProperties or ""); - inherit NIX_CFLAGS_COMPILE; - buildPhase = '' runHook preBuild @@ -74,10 +74,7 @@ let outputHashAlgo = "sha256"; outputHashMode = "recursive"; - # Downloaded AWT jars differ by platform. - outputHash = { - x86_64-linux = "sha256-syceJMUEknBDCHK8eGs6rUU3IQn+HnQfURfCrDxYPa8="; - }.${stdenv.system} or (throw "Unsupported platform"); + outputHash = "sha256-syceJMUEknBDCHK8eGs6rUU3IQn+HnQfURfCrDxYPa9="; }; in makePackage { @@ -85,7 +82,7 @@ in makePackage { gradleProperties = '' COMPILE_MEDIA = true - COMPILE_WEBKIT = true + COMPILE_WEBKIT = false ''; preBuild = '' @@ -99,8 +96,6 @@ in makePackage { cp -r build/modular-sdk $out ''; - inherit NIX_CFLAGS_COMPILE; - stripDebugList = [ "." ]; postFixup = '' diff --git a/pkgs/development/compilers/openjdk/openjfx/15.nix b/pkgs/development/compilers/openjdk/openjfx/15.nix index d2903c685a90c..788baabde848f 100644 --- a/pkgs/development/compilers/openjdk/openjfx/15.nix +++ b/pkgs/development/compilers/openjdk/openjfx/15.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchFromGitHub, writeText, openjdk11_headless, gradle_5 +{ stdenv, lib, fetchFromGitHub, writeText, openjdk11_headless, gradle_6 , pkg-config, perl, cmake, gperf, gtk2, gtk3, libXtst, libXxf86vm, glib, alsa-lib , ffmpeg_4-headless, python3, ruby }: @@ -7,7 +7,7 @@ let update = ".0.1"; build = "+1"; repover = "${major}${update}${build}"; - gradle_ = (gradle_5.override { + gradle_ = (gradle_6.override { java = openjdk11_headless; }); @@ -69,10 +69,7 @@ let outputHashAlgo = "sha256"; outputHashMode = "recursive"; - # Downloaded AWT jars differ by platform. - outputHash = { - x86_64-linux = "0hmyr5nnjgwyw3fcwqf0crqg9lny27jfirycg3xmkzbcrwqd6qkw"; - }.${stdenv.system} or (throw "Unsupported platform"); + outputHash = "sha256-fGLTMM9s/Vn7eMzn6OQR3tL0cGbAYc7c4J4/aW3JvkI="; }; in makePackage { @@ -80,7 +77,7 @@ in makePackage { gradleProperties = '' COMPILE_MEDIA = true - COMPILE_WEBKIT = true + COMPILE_WEBKIT = false ''; preBuild = '' @@ -120,6 +117,9 @@ in makePackage { license = licenses.gpl2; description = "The next-generation Java client toolkit"; maintainers = with maintainers; [ abbradar ]; + knownVulnerabilities = [ + "This OpenJFX version has reached its end of life." + ]; platforms = [ "x86_64-linux" ]; }; } diff --git a/pkgs/development/compilers/openjdk/openjfx/17.nix b/pkgs/development/compilers/openjdk/openjfx/17.nix index 1c1fb89ce8e17..8d4d47df32e7f 100644 --- a/pkgs/development/compilers/openjdk/openjfx/17.nix +++ b/pkgs/development/compilers/openjdk/openjfx/17.nix @@ -4,7 +4,7 @@ let major = "17"; - update = ".0.0.1"; + update = ".0.5"; build = "+1"; repover = "${major}${update}${build}"; gradle_ = (gradle_7.override { @@ -16,9 +16,9 @@ let src = fetchFromGitHub { owner = "openjdk"; - repo = "jfx"; + repo = "jfx${major}u"; rev = repover; - sha256 = "sha256-PSiE9KbF/4u9VyBl9PAMLGzKyGFB86/XByeh7vhL6Kw="; + sha256 = "sha256-jzLOlWuhkUS0/4+nXtjd1/IYbAHHnJrusFRTh7aPt8U="; }; buildInputs = [ gtk2 gtk3 libXtst libXxf86vm glib alsa-lib ffmpeg_4-headless icu68 ]; diff --git a/pkgs/development/compilers/rust/cargo.nix b/pkgs/development/compilers/rust/cargo.nix index 2c9a3b1af472a..5571918fdc62d 100644 --- a/pkgs/development/compilers/rust/cargo.nix +++ b/pkgs/development/compilers/rust/cargo.nix @@ -2,6 +2,7 @@ , file, curl, pkg-config, python3, openssl, cmake, zlib , installShellFiles, makeWrapper, cacert, rustPlatform, rustc , libiconv, CoreFoundation, Security +, auditable ? false # TODO: change to true when this is the default }: rustPlatform.buildRustPackage { @@ -12,6 +13,8 @@ rustPlatform.buildRustPackage { cargoVendorDir = "vendor"; buildAndTestSubdir = "src/tools/cargo"; + inherit auditable; + passthru = { rustc = rustc; inherit (rustc) tests; diff --git a/pkgs/development/interpreters/python/cpython/default.nix b/pkgs/development/interpreters/python/cpython/default.nix index 8d55ea6c39cb0..388802fca8c66 100644 --- a/pkgs/development/interpreters/python/cpython/default.nix +++ b/pkgs/development/interpreters/python/cpython/default.nix @@ -293,15 +293,17 @@ in with passthru; stdenv.mkDerivation { substituteInPlace "Lib/tkinter/tix.py" --replace "os.environ.get('TIX_LIBRARY')" "os.environ.get('TIX_LIBRARY') or '${tix}/lib'" ''; - CPPFLAGS = concatStringsSep " " (map (p: "-I${getDev p}/include") buildInputs); - LDFLAGS = concatStringsSep " " (map (p: "-L${getLib p}/lib") buildInputs); - LIBS = "${optionalString (!stdenv.isDarwin) "-lcrypt"}"; - NIX_LDFLAGS = lib.optionalString (stdenv.cc.isGNU && !stdenv.hostPlatform.isStatic) ({ - "glibc" = "-lgcc_s"; - "musl" = "-lgcc_eh"; - }."${stdenv.hostPlatform.libc}" or ""); - # Determinism: We fix the hashes of str, bytes and datetime objects. - PYTHONHASHSEED=0; + env = { + CPPFLAGS = concatStringsSep " " (map (p: "-I${getDev p}/include") buildInputs); + LDFLAGS = concatStringsSep " " (map (p: "-L${getLib p}/lib") buildInputs); + LIBS = "${optionalString (!stdenv.isDarwin) "-lcrypt"}"; + NIX_LDFLAGS = lib.optionalString (stdenv.cc.isGNU && !stdenv.hostPlatform.isStatic) ({ + "glibc" = "-lgcc_s"; + "musl" = "-lgcc_eh"; + }."${stdenv.hostPlatform.libc}" or ""); + # Determinism: We fix the hashes of str, bytes and datetime objects. + PYTHONHASHSEED=0; + }; configureFlags = [ "--without-ensurepip" diff --git a/pkgs/development/interpreters/python/setup-hook.nix b/pkgs/development/interpreters/python/setup-hook.nix index 29ce079317f03..8cfb9dd46784d 100644 --- a/pkgs/development/interpreters/python/setup-hook.nix +++ b/pkgs/development/interpreters/python/setup-hook.nix @@ -6,7 +6,9 @@ let hook = ./setup-hook.sh; in runCommand "python-setup-hook.sh" { strictDeps = true; - inherit sitePackages; + env = { + inherit sitePackages; + }; } '' cp ${hook} hook.sh substituteAllInPlace hook.sh diff --git a/pkgs/development/interpreters/ruby/default.nix b/pkgs/development/interpreters/ruby/default.nix index c7e01ea0f94d8..bc93190490e09 100644 --- a/pkgs/development/interpreters/ruby/default.nix +++ b/pkgs/development/interpreters/ruby/default.nix @@ -187,6 +187,18 @@ let sed -i '/CC_VERSION_MESSAGE/d' $rbConfig '' } + + # Allow to override compiler. This is important for cross compiling as + # we need to set a compiler that is different from the build one. + awk -i inplace -F' = ' \ + ' # operate on the line starting with + /^ CONFIG\["CC"\]/ { + # replace the right hand side + sub($2, "ENV[\"CC\"] || \"1\"") + }; { print }' "$rbConfig" + # test that the line isn't mangled in case upstream made the above unnecessary + grep -qx ' CONFIG\["CC"\] = ENV\["CC"\] || "1"' "$rbConfig" + # Remove unnecessary external intermediate files created by gems extMakefiles=$(find $out/${passthru.gemPath} -name Makefile) for makefile in $extMakefiles; do diff --git a/pkgs/development/libraries/boehm-gc/default.nix b/pkgs/development/libraries/boehm-gc/default.nix index 34e26f5470937..de5aff6c3b6eb 100644 --- a/pkgs/development/libraries/boehm-gc/default.nix +++ b/pkgs/development/libraries/boehm-gc/default.nix @@ -1,7 +1,6 @@ { lib , stdenv , fetchurl -, autoreconfHook # doc: https://github.com/ivmai/bdwgc/blob/v8.2.2/doc/README.macros (LARGE_CONFIG) , enableLargeConfig ? false , enableMmap ? true @@ -36,14 +35,14 @@ stdenv.mkDerivation (finalAttrs: { # don't forget to disable the fix (and if the next release does # not fix the problem the test failure will be a reminder to # extend the set of versions requiring the workaround). - makeFlags = if (stdenv.hostPlatform.isPower64 && + makeFlags = lib.optionals (stdenv.hostPlatform.isPower64 && finalAttrs.version == "8.2.2") - then [ + [ # do not use /proc primitives to track dirty bits; see: # https://github.com/ivmai/bdwgc/issues/479#issuecomment-1279687537 # https://github.com/ivmai/bdwgc/blob/54522af853de28f45195044dadfd795c4e5942aa/include/private/gcconfig.h#L741 "CFLAGS_EXTRA=-DNO_SOFT_VDB" - ] else null; + ]; # `gctest` fails under emulation on aarch64-darwin doCheck = !(stdenv.isDarwin && stdenv.isx86_64); diff --git a/pkgs/development/libraries/ffmpeg/4.nix b/pkgs/development/libraries/ffmpeg/4.nix index e37e90d553a3b..ac88df930768a 100644 --- a/pkgs/development/libraries/ffmpeg/4.nix +++ b/pkgs/development/libraries/ffmpeg/4.nix @@ -1,15 +1,8 @@ -{ callPackage, fetchpatch, ... }@args: +{ callPackage, ... }@args: callPackage ./generic.nix (rec { - version = "4.4.2"; + version = "4.4.3"; branch = version; - sha256 = "sha256-+YpIJSDEdQdSGpB5FNqp77wThOBZG1r8PaGKqJfeKUg="; + sha256 = "sha256-M7jC281TD+HbVxBBU0Vgm0yiJ70NoeOpMy27DxH9Jzo="; - patches = [ - # SDL2 recently changed their versioning - (fetchpatch { - url = "https://git.videolan.org/?p=ffmpeg.git;a=patch;h=e5163b1d34381a3319214a902ef1df923dd2eeba"; - hash = "sha256-nLhP2+34cj5EgpnUrePZp60nYAxmbhZAEDfay4pBVk0="; - }) - ]; } // args) diff --git a/pkgs/development/libraries/gd/default.nix b/pkgs/development/libraries/gd/default.nix index 7ea8ce6d29b44..c9845feb96783 100644 --- a/pkgs/development/libraries/gd/default.nix +++ b/pkgs/development/libraries/gd/default.nix @@ -1,4 +1,6 @@ -{ lib, stdenv, fetchurl +{ lib +, stdenv +, fetchurl , fetchpatch , autoconf , automake @@ -8,6 +10,7 @@ , libjpeg , libwebp , libtiff +, withXorg ? true , libXpm , libavif , fontconfig @@ -33,20 +36,22 @@ stdenv.mkDerivation rec { hardeningDisable = [ "format" ]; - configureFlags = - [ - "--enable-gd-formats" - ] + configureFlags = [ + "--enable-gd-formats" + ] # -pthread gets passed to clang, causing warnings ++ lib.optional stdenv.isDarwin "--enable-werror=no"; nativeBuildInputs = [ autoconf automake pkg-config ]; - buildInputs = [ zlib fontconfig freetype libpng libjpeg libwebp libtiff libXpm libavif ]; + buildInputs = [ zlib fontconfig freetype libpng libjpeg libwebp libtiff libavif ] + ++ lib.optional withXorg libXpm; outputs = [ "bin" "dev" "out" ]; - postFixup = ''moveToOutput "bin/gdlib-config" $dev''; + postFixup = '' + moveToOutput "bin/gdlib-config" $dev + ''; enableParallelBuilding = true; @@ -57,5 +62,6 @@ stdenv.mkDerivation rec { description = "A dynamic image creation library"; license = licenses.free; # some custom license platforms = platforms.unix; + maintainers = with maintainers; [ ]; }; } diff --git a/pkgs/development/libraries/gettext/default.nix b/pkgs/development/libraries/gettext/default.nix index a1270af259cda..ae5b9f48293a3 100644 --- a/pkgs/development/libraries/gettext/default.nix +++ b/pkgs/development/libraries/gettext/default.nix @@ -60,7 +60,9 @@ stdenv.mkDerivation rec { ../../../build-support/setup-hooks/role.bash ./gettext-setup-hook.sh ]; - gettextNeedsLdflags = stdenv.hostPlatform.libc != "glibc" && !stdenv.hostPlatform.isMusl; + env = { + gettextNeedsLdflags = stdenv.hostPlatform.libc != "glibc" && !stdenv.hostPlatform.isMusl; + }; enableParallelBuilding = true; enableParallelChecking = false; # fails sometimes diff --git a/pkgs/development/libraries/glibc/common.nix b/pkgs/development/libraries/glibc/common.nix index 61c0c92d5280a..889ca7bf48fd6 100644 --- a/pkgs/development/libraries/glibc/common.nix +++ b/pkgs/development/libraries/glibc/common.nix @@ -54,9 +54,6 @@ assert withGd -> gd != null && libpng != null; stdenv.mkDerivation ({ version = version + patchSuffix; - linuxHeaders = if withLinuxHeaders then linuxHeaders else null; - - inherit (stdenv) is64bit; enableParallelBuilding = true; @@ -175,10 +172,14 @@ stdenv.mkDerivation ({ nativeBuildInputs = [ bison python3Minimal ] ++ extraNativeBuildInputs; buildInputs = [ linuxHeaders ] ++ lib.optionals withGd [ gd libpng ] ++ extraBuildInputs; - # Needed to install share/zoneinfo/zone.tab. Set to impure /bin/sh to - # prevent a retained dependency on the bootstrap tools in the stdenv-linux - # bootstrap. - BASH_SHELL = "/bin/sh"; + env = { + linuxHeaders = if withLinuxHeaders then linuxHeaders else ""; + inherit (stdenv) is64bit; + # Needed to install share/zoneinfo/zone.tab. Set to impure /bin/sh to + # prevent a retained dependency on the bootstrap tools in the stdenv-linux + # bootstrap. + BASH_SHELL = "/bin/sh"; + }; # Used by libgcc, elf-header, and others to determine ABI passthru = { inherit version; minorRelease = version; }; diff --git a/pkgs/development/libraries/glibc/locales-builder.sh b/pkgs/development/libraries/glibc/locales-builder.sh index d732e208fa22a..d91f936c937b1 100644 --- a/pkgs/development/libraries/glibc/locales-builder.sh +++ b/pkgs/development/libraries/glibc/locales-builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi # Glibc cannot have itself in its RPATH. export NIX_NO_SELF_RPATH=1 diff --git a/pkgs/development/libraries/gtk-sharp/builder.sh b/pkgs/development/libraries/gtk-sharp/builder.sh index 4b8f757540b55..73914495d6d41 100644 --- a/pkgs/development/libraries/gtk-sharp/builder.sh +++ b/pkgs/development/libraries/gtk-sharp/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup genericBuild diff --git a/pkgs/development/libraries/libarchive/default.nix b/pkgs/development/libraries/libarchive/default.nix index 066ea8b60ddcf..c7e9f117f94cb 100644 --- a/pkgs/development/libraries/libarchive/default.nix +++ b/pkgs/development/libraries/libarchive/default.nix @@ -28,13 +28,13 @@ assert xarSupport -> libxml2 != null; stdenv.mkDerivation rec { pname = "libarchive"; - version = "3.6.1"; + version = "3.6.2"; src = fetchFromGitHub { owner = "libarchive"; repo = "libarchive"; rev = "v${version}"; - hash = "sha256-G4wL5DDbX0FqaA4cnOlVLZ25ObN8dNsRtxyas29tpDA="; + hash = "sha256-wQbA6vlXH8pnpY7LJLkjrRFEBpcaPR1SqxnK71UVwxg="; }; postPatch = '' diff --git a/pkgs/development/libraries/libdevil/default.nix b/pkgs/development/libraries/libdevil/default.nix index a79e5371c01b4..35637512e0a55 100644 --- a/pkgs/development/libraries/libdevil/default.nix +++ b/pkgs/development/libraries/libdevil/default.nix @@ -1,22 +1,36 @@ -{ lib, stdenv, fetchurl, libjpeg, libpng, libmng, lcms1, libtiff, openexr, libGL -, libX11, pkg-config, OpenGL +{ lib +, stdenv +, fetchurl +, libjpeg +, libpng +, libmng +, lcms1 +, libtiff +, openexr +, libGL +, libX11 +, pkg-config +, OpenGL +, runtimeShell +, withXorg ? true }: stdenv.mkDerivation rec { - pname = "libdevil"; version = "1.7.8"; + outputs = [ "out" "dev" ]; + src = fetchurl { url = "mirror://sourceforge/openil/DevIL-${version}.tar.gz"; sha256 = "1zd850nn7nvkkhasrv7kn17kzgslr5ry933v6db62s4lr0zzlbv8"; }; - outputs = [ "out" "dev" ]; + nativeBuildInputs = [ pkg-config ]; - buildInputs = [ libjpeg libpng libmng lcms1 libtiff openexr libGL libX11 ] + buildInputs = [ libjpeg libpng libmng lcms1 libtiff openexr ] + ++ lib.optionals withXorg [ libX11 libGL ] ++ lib.optionals stdenv.isDarwin [ OpenGL ]; - nativeBuildInputs = [ pkg-config ]; configureFlags = [ "--enable-ILU" "--enable-ILUT" ]; @@ -31,29 +45,29 @@ stdenv.mkDerivation rec { sed -i '/RESTRICT_KEYWORD/d' include/IL/config.h ''; - patches = - [ ( fetchurl { + patches = [ + (fetchurl { url = "https://sources.debian.org/data/main/d/devil/1.7.8-10/debian/patches/03_CVE-2009-3994.diff"; sha256 = "0qkx2qfv02igbrmsn6z5a3lbrbwjfh3rb0c2sj54wy0j1f775hbc"; - } ) - ./ftbfs-libpng15.patch - ./il_endian.h.patch - ]; + }) + ./ftbfs-libpng15.patch + ./il_endian.h.patch + ]; enableParallelBuilding = true; postPatch = '' for a in test/Makefile.in test/format_test/format_checks.sh.in ; do substituteInPlace $a \ - --replace /bin/bash ${stdenv.shell} + --replace /bin/bash ${runtimeShell} done ''; meta = with lib; { - homepage = "http://openil.sourceforge.net/"; + homepage = "https://openil.sourceforge.net/"; description = "An image library which can can load, save, convert, manipulate, filter and display a wide variety of image formats"; license = licenses.lgpl2; platforms = platforms.mesaPlatforms; - maintainers = [ ]; + maintainers = with maintainers; [ ]; }; } diff --git a/pkgs/development/libraries/librsvg/default.nix b/pkgs/development/libraries/librsvg/default.nix index 6b174a7dfa4df..a60da602e0709 100644 --- a/pkgs/development/libraries/librsvg/default.nix +++ b/pkgs/development/libraries/librsvg/default.nix @@ -15,7 +15,7 @@ , rustPlatform , rustc , rust -, cargo +, cargo-auditable-cargo-wrapper , gi-docgen , python3Packages , gnome @@ -57,7 +57,7 @@ stdenv.mkDerivation rec { gdk-pixbuf pkg-config rustc - cargo + cargo-auditable-cargo-wrapper python3Packages.docutils vala rustPlatform.cargoSetupHook diff --git a/pkgs/development/libraries/nghttp2/default.nix b/pkgs/development/libraries/nghttp2/default.nix index 8e3264dcbc510..f118467b56cf4 100644 --- a/pkgs/development/libraries/nghttp2/default.nix +++ b/pkgs/development/libraries/nghttp2/default.nix @@ -31,11 +31,11 @@ assert enableJemalloc -> enableApp; stdenv.mkDerivation rec { pname = "nghttp2"; - version = "1.49.0"; + version = "1.51.0"; src = fetchurl { url = "https://github.com/${pname}/${pname}/releases/download/v${version}/${pname}-${version}.tar.bz2"; - sha256 = "sha256-LNTbfXX3FJQVMknL6UoJLaTG7NdCQPirGM9kTZ1l9u4="; + sha256 = "sha256-6z6m9bYMbT7b8GXgT0NOjtYpGlyxoHkZxBcwqx/MAOA="; }; outputs = [ "bin" "out" "dev" "lib" ] diff --git a/pkgs/development/libraries/oniguruma/default.nix b/pkgs/development/libraries/oniguruma/default.nix index bc084829e7bb5..3062c3cb4e11c 100644 --- a/pkgs/development/libraries/oniguruma/default.nix +++ b/pkgs/development/libraries/oniguruma/default.nix @@ -1,16 +1,18 @@ -{ lib, stdenv, fetchFromGitHub, autoreconfHook }: +{ lib, stdenv, fetchurl, autoreconfHook }: stdenv.mkDerivation rec { - pname = "onig"; + pname = "oniguruma"; version = "6.9.8"; - src = fetchFromGitHub { - owner = "kkos"; - repo = "oniguruma"; - rev = "v${version}"; - sha256 = "sha256-8aFZdhh6ovLCR0A17rvWq/Oif66rSMnHcCYHjClNElw="; + # Note: do not use fetchpatch or fetchFromGitHub to keep this package available in __bootPackages + src = fetchurl { + url = "https://github.com/kkos/oniguruma/releases/download/v${version}/onig-${version}.tar.gz"; + sha256 = "sha256-KM1iwUZGI8eRBWX7HMqqAQSy/osSvNZG6B9ztHU1IT4="; }; + outputs = [ "dev" "lib" "out" ]; + outputBin = "dev"; # onig-config + nativeBuildInputs = [ autoreconfHook ]; configureFlags = [ "--enable-posix-api=yes" ]; @@ -18,7 +20,7 @@ stdenv.mkDerivation rec { homepage = "https://github.com/kkos/oniguruma"; description = "Regular expressions library"; license = licenses.bsd2; - maintainers = with maintainers; [ ]; + maintainers = with maintainers; [ artturin ]; platforms = platforms.unix; }; } diff --git a/pkgs/development/libraries/openssl/3.0/CVE-2022-3996.patch b/pkgs/development/libraries/openssl/3.0/CVE-2022-3996.patch new file mode 100644 index 0000000000000..2acedda0e3a49 --- /dev/null +++ b/pkgs/development/libraries/openssl/3.0/CVE-2022-3996.patch @@ -0,0 +1,36 @@ +From 7725e7bfe6f2ce8146b6552b44e0d226be7638e7 Mon Sep 17 00:00:00 2001 +From: Pauli <pauli@openssl.org> +Date: Fri, 11 Nov 2022 09:40:19 +1100 +Subject: [PATCH] x509: fix double locking problem + +This reverts commit 9aa4be691f5c73eb3c68606d824c104550c053f7 and removed the +redundant flag setting. + +Fixes #19643 + +Fixes LOW CVE-2022-3996 + +Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> +Reviewed-by: Tomas Mraz <tomas@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/19652) + +(cherry picked from commit 4d0340a6d2f327700a059f0b8f954d6160f8eef5) +--- + crypto/x509/pcy_map.c | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/crypto/x509/pcy_map.c b/crypto/x509/pcy_map.c +index 05406c6493fc..60dfd1e3203b 100644 +--- a/crypto/x509/pcy_map.c ++++ b/crypto/x509/pcy_map.c +@@ -73,10 +73,6 @@ int ossl_policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps) + + ret = 1; + bad_mapping: +- if (ret == -1 && CRYPTO_THREAD_write_lock(x->lock)) { +- x->ex_flags |= EXFLAG_INVALID_POLICY; +- CRYPTO_THREAD_unlock(x->lock); +- } + sk_POLICY_MAPPING_pop_free(maps, POLICY_MAPPING_free); + return ret; + diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix index 45a34971c8f04..4c322997963a6 100644 --- a/pkgs/development/libraries/openssl/default.nix +++ b/pkgs/development/libraries/openssl/default.nix @@ -241,6 +241,9 @@ in { (if stdenv.hostPlatform.isDarwin then ./use-etc-ssl-certs-darwin.patch else ./use-etc-ssl-certs.patch) + + # Remove with 3.0.8 release + ./3.0/CVE-2022-3996.patch ]; withDocs = true; diff --git a/pkgs/development/libraries/pcre2/default.nix b/pkgs/development/libraries/pcre2/default.nix index 226b92ccfdd35..82fc33670bc56 100644 --- a/pkgs/development/libraries/pcre2/default.nix +++ b/pkgs/development/libraries/pcre2/default.nix @@ -6,11 +6,11 @@ stdenv.mkDerivation rec { pname = "pcre2"; - version = "10.40"; + version = "10.42"; src = fetchurl { url = "https://github.com/PhilipHazel/pcre2/releases/download/pcre2-${version}/pcre2-${version}.tar.bz2"; - hash = "sha256-FOS4PEeDkz3BfpZDGOYyT3yuG8ddjzx5vGlp8AwVnWg="; + hash = "sha256-jTbNjLbqKkwrs1j/ZBGwx4hjOipF2rvxrrS3AdG16EA="; }; configureFlags = [ diff --git a/pkgs/development/libraries/polkit/default.nix b/pkgs/development/libraries/polkit/default.nix index e9f9120620ac4..6d2a56d03ac35 100644 --- a/pkgs/development/libraries/polkit/default.nix +++ b/pkgs/development/libraries/polkit/default.nix @@ -167,7 +167,7 @@ stdenv.mkDerivation rec { rsync --archive "${DESTDIR}${system}"/* "$out" rm --recursive "${DESTDIR}${system}"/* rmdir --parents --ignore-fail-on-non-empty "${DESTDIR}${system}" - for o in $outputs; do + for o in $(getAllOutputNames); do rsync --archive "${DESTDIR}/''${!o}" "$(dirname "''${!o}")" rm --recursive "${DESTDIR}/''${!o}" done diff --git a/pkgs/development/libraries/spirv-headers/default.nix b/pkgs/development/libraries/spirv-headers/default.nix index 8abdea5249b79..78dc373d4ab6e 100644 --- a/pkgs/development/libraries/spirv-headers/default.nix +++ b/pkgs/development/libraries/spirv-headers/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "spirv-headers"; - version = "1.3.231.0"; + version = "1.3.236.0"; src = fetchFromGitHub { owner = "KhronosGroup"; repo = "SPIRV-Headers"; rev = "sdk-${version}"; - hash = "sha256-lUWgZYGPu+IaLUrbtyC7R0o3Hq/q7C7BE8r7DAsiC30="; + hash = "sha256-eWI1MyIWxcg1JepRsnHBmitehDigDa+dR8kXvIkYejY="; }; nativeBuildInputs = [ cmake ]; diff --git a/pkgs/development/libraries/vulkan-headers/default.nix b/pkgs/development/libraries/vulkan-headers/default.nix index 1db531e3732cd..8f1202088e58e 100644 --- a/pkgs/development/libraries/vulkan-headers/default.nix +++ b/pkgs/development/libraries/vulkan-headers/default.nix @@ -1,7 +1,7 @@ { lib, stdenv, fetchFromGitHub, cmake }: stdenv.mkDerivation rec { pname = "vulkan-headers"; - version = "1.3.231.0"; + version = "1.3.236.0"; nativeBuildInputs = [ cmake ]; @@ -9,7 +9,7 @@ stdenv.mkDerivation rec { owner = "KhronosGroup"; repo = "Vulkan-Headers"; rev = "sdk-${version}"; - hash = "sha256-EoD48jBoJmIet4BDC6bYxOsKK2358SZ/NcZeM61q/5g="; + hash = "sha256-b1q9QugFH4lieS8CTOyZ3uoQ7bd44G8NPEwRtUPD+24="; }; meta = with lib; { diff --git a/pkgs/development/libraries/vulkan-loader/default.nix b/pkgs/development/libraries/vulkan-loader/default.nix index 27c1423d94e50..8d38f725a64d6 100644 --- a/pkgs/development/libraries/vulkan-loader/default.nix +++ b/pkgs/development/libraries/vulkan-loader/default.nix @@ -3,14 +3,14 @@ stdenv.mkDerivation rec { pname = "vulkan-loader"; - version = "1.3.231.0"; + version = "1.3.236.0"; src = (assert version == vulkan-headers.version; fetchFromGitHub { owner = "KhronosGroup"; repo = "Vulkan-Loader"; rev = "sdk-${version}"; - hash = "sha256-HWaa3JT0znhvqbvZdcsAwy8Dr6HDQp4rgpVmMOuCo0s="; + hash = "sha256-Y6OakowZlb40ZatITQCFBK/qSZqSdgTNew1XUFD/jMo="; }); patches = [ ./fix-pkgconfig.patch ]; diff --git a/pkgs/development/libraries/wtk/builder.sh b/pkgs/development/libraries/wtk/builder.sh index 86f2719537cd0..c3ad173b09338 100644 --- a/pkgs/development/libraries/wtk/builder.sh +++ b/pkgs/development/libraries/wtk/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup mkdir unzipped diff --git a/pkgs/development/libraries/x265/default.nix b/pkgs/development/libraries/x265/default.nix index 92f7f11170f6e..b63b0101d54be 100644 --- a/pkgs/development/libraries/x265/default.nix +++ b/pkgs/development/libraries/x265/default.nix @@ -35,8 +35,7 @@ let (mkFlag vtuneSupport "ENABLE_VTUNE") (mkFlag werrorSupport "WARNINGS_AS_ERRORS") # Potentially riscv cross could be fixed by providing the correct CMAKE_SYSTEM_PROCESSOR flag - (mkFlag (with stdenv; !(isCross && hostPlatform.isRiscV || isDarwin && isAarch64)) "ENABLE_ASSEMBLY") - ]; + ] ++ lib.optional (isCross && stdenv.hostPlatform.isRiscV) "-DENABLE_ASSEMBLY=OFF"; cmakeStaticLibFlags = [ "-DHIGH_BIT_DEPTH=ON" diff --git a/pkgs/development/libraries/xapian/default.nix b/pkgs/development/libraries/xapian/default.nix index 700fa1d13dd12..3c0a555dd9780 100644 --- a/pkgs/development/libraries/xapian/default.nix +++ b/pkgs/development/libraries/xapian/default.nix @@ -26,7 +26,7 @@ let nativeBuildInputs = [ autoreconfHook ]; doCheck = true; - AUTOMATED_TESTING = true; # https://trac.xapian.org/changeset/8be35f5e1/git + env.AUTOMATED_TESTING = true; # https://trac.xapian.org/changeset/8be35f5e1/git patches = lib.optionals stdenv.isDarwin [ ./skip-flaky-darwin-test.patch ]; diff --git a/pkgs/development/nim-packages/fetch-nimble/builder.sh b/pkgs/development/nim-packages/fetch-nimble/builder.sh index 693ab339408ed..bc2f9bfc94f1b 100644 --- a/pkgs/development/nim-packages/fetch-nimble/builder.sh +++ b/pkgs/development/nim-packages/fetch-nimble/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup export HOME=$NIX_BUILD_TOP diff --git a/pkgs/development/perl-modules/generic/builder.sh b/pkgs/development/perl-modules/generic/builder.sh index 9b42401fc4dcd..110094ad8a494 100644 --- a/pkgs/development/perl-modules/generic/builder.sh +++ b/pkgs/development/perl-modules/generic/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup PERL5LIB="$PERL5LIB${PERL5LIB:+:}$out/lib/perl5/site_perl" diff --git a/pkgs/development/perl-modules/generic/default.nix b/pkgs/development/perl-modules/generic/default.nix index 2d1c550d3168c..3dca6550ad688 100644 --- a/pkgs/development/perl-modules/generic/default.nix +++ b/pkgs/development/perl-modules/generic/default.nix @@ -24,6 +24,8 @@ # https://metacpan.org/pod/release/XSAWYERX/perl-5.26.0/pod/perldelta.pod#Removal-of-the-current-directory-%28%22.%22%29-from-@INC , PERL_USE_UNSAFE_INC ? "1" +, env ? {} + , ... }@attrs: @@ -43,10 +45,11 @@ lib.throwIf (attrs ? name) "buildPerlPackage: `name` (\"${attrs.name}\") is depr buildInputs = buildInputs ++ [ perl ]; nativeBuildInputs = nativeBuildInputs ++ [ (perl.mini or perl) ]; - fullperl = buildPerl; - inherit outputs src doCheck checkTarget enableParallelBuilding; - inherit PERL_AUTOINSTALL AUTOMATED_TESTING PERL_USE_UNSAFE_INC; + env = { + inherit PERL_AUTOINSTALL AUTOMATED_TESTING PERL_USE_UNSAFE_INC; + fullperl = buildPerl; + } // env; meta = defaultMeta // (attrs.meta or { }); }); diff --git a/pkgs/development/python-modules/aiosignal/default.nix b/pkgs/development/python-modules/aiosignal/default.nix index 9d815dfac0590..b7a3bc9d9deef 100644 --- a/pkgs/development/python-modules/aiosignal/default.nix +++ b/pkgs/development/python-modules/aiosignal/default.nix @@ -9,14 +9,16 @@ buildPythonPackage rec { pname = "aiosignal"; - version = "1.2.0"; - disabled = pythonOlder "3.6"; + version = "1.3.1"; + format = "setuptools"; + + disabled = pythonOlder "3.7"; src = fetchFromGitHub { owner = "aio-libs"; repo = pname; rev = "v${version}"; - sha256 = "1pamfc2l95s1q86jvmbp17chjy129gk01kwy8xm88d2ijy8s1caq"; + hash = "sha256-vx3Fe28r+0it1UFwyDSD9NNyeIN4tywTyr4pVp49WuU="; }; propagatedBuildInputs = [ @@ -29,16 +31,19 @@ buildPythonPackage rec { ]; postPatch = '' - substituteInPlace pytest.ini \ + substituteInPlace setup.cfg \ --replace "filterwarnings = error" "" \ --replace "--cov=aiosignal" "" ''; - pythonImportsCheck = [ "aiosignal" ]; + pythonImportsCheck = [ + "aiosignal" + ]; meta = with lib; { description = "Python list of registered asynchronous callbacks"; homepage = "https://github.com/aio-libs/aiosignal"; + changelog = "https://github.com/aio-libs/aiosignal/blob/v${version}/CHANGES.rst"; license = with licenses; [ asl20 ]; maintainers = with maintainers; [ fab ]; }; diff --git a/pkgs/development/python-modules/h2/default.nix b/pkgs/development/python-modules/h2/default.nix index 97ccb7b912063..4e6c830c25a23 100644 --- a/pkgs/development/python-modules/h2/default.nix +++ b/pkgs/development/python-modules/h2/default.nix @@ -2,6 +2,7 @@ , buildPythonPackage , pythonOlder , fetchPypi +, fetchpatch , hpack , hyperframe , pytestCheckHook @@ -20,6 +21,15 @@ buildPythonPackage rec { sha256 = "sha256-qDrKCPvnqst5/seIycC6yTY0NWDtnsGLgqE6EsKNKrs="; }; + patches = [ + # https://github.com/python-hyper/h2/pull/1274 + (fetchpatch { + name = "fix-tests-in-python-3.11.patch"; + url = "https://github.com/python-hyper/h2/commit/8952c91606cd014720ccf202a25b5ee1fbed1591.patch"; + hash = "sha256-skAdAVHMZo1xJEqqKa6FOKPvoQQbGUgGsQjE11jIjtw="; + }) + ]; + propagatedBuildInputs = [ hpack hyperframe @@ -30,6 +40,11 @@ buildPythonPackage rec { hypothesis ]; + disabledTests = [ + # timing sensitive + "test_changing_max_frame_size" + ]; + pythonImportsCheck = [ "h2.connection" "h2.config" diff --git a/pkgs/development/python-modules/jsonschema/default.nix b/pkgs/development/python-modules/jsonschema/default.nix index 69dba8bd472ea..833a76399edd0 100644 --- a/pkgs/development/python-modules/jsonschema/default.nix +++ b/pkgs/development/python-modules/jsonschema/default.nix @@ -15,14 +15,14 @@ buildPythonPackage rec { pname = "jsonschema"; - version = "4.17.0"; + version = "4.17.3"; format = "pyproject"; disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - sha256 = "sha256-W/zyvKFqCHreF+ArKC00r3zNdJ73YkHn+b18DLipQk0="; + sha256 = "sha256-D4ZEN6uLYHa6ZwdFPvj5imoNUSqA6T+KvbZ29zfstg0="; }; postPatch = '' diff --git a/pkgs/development/python-modules/limits/default.nix b/pkgs/development/python-modules/limits/default.nix index 2b4499e29e8e1..f298bef4892f9 100644 --- a/pkgs/development/python-modules/limits/default.nix +++ b/pkgs/development/python-modules/limits/default.nix @@ -17,7 +17,7 @@ buildPythonPackage rec { pname = "limits"; - version = "2.7.0"; + version = "2.7.2"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -32,7 +32,7 @@ buildPythonPackage rec { postFetch = '' rm "$out/limits/_version.py" ''; - hash = "sha256-TBZElCogPtoR2qX1YjBgpYh99LhrvLHFtr2ogemo9/c="; + hash = "sha256-sL4/BE1qNfR33rZwBcwHo3UeVMfkNz7rwBNF4LBtSIw="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/multidict/default.nix b/pkgs/development/python-modules/multidict/default.nix index 6ee071732691b..ebc4daae0bc10 100644 --- a/pkgs/development/python-modules/multidict/default.nix +++ b/pkgs/development/python-modules/multidict/default.nix @@ -7,13 +7,15 @@ buildPythonPackage rec { pname = "multidict"; - version = "6.0.2"; + version = "6.0.3"; - disabled = pythonOlder "3.6"; + disabled = pythonOlder "3.7"; + + format = "setuptools"; src = fetchPypi { inherit pname version; - sha256 = "sha256-X/O9dfOOTEPx9HDy33pNQwuCHEziK+OE4UWctX1rsBM="; + hash = "sha256-JSOikAbANGh+zNPucAk6aXEpo//ocyU107Lfak7MJ50="; }; postPatch = '' @@ -25,6 +27,7 @@ buildPythonPackage rec { pythonImportsCheck = [ "multidict" ]; meta = with lib; { + changelog = "https://github.com/aio-libs/multidict/blob/v${version}/CHANGES.rst"; description = "Multidict implementation"; homepage = "https://github.com/aio-libs/multidict/"; license = licenses.asl20; diff --git a/pkgs/development/python-modules/poetry-core/default.nix b/pkgs/development/python-modules/poetry-core/default.nix index e90529dac6d0b..c669de8b03f60 100644 --- a/pkgs/development/python-modules/poetry-core/default.nix +++ b/pkgs/development/python-modules/poetry-core/default.nix @@ -15,7 +15,7 @@ buildPythonPackage rec { pname = "poetry-core"; - version = "1.3.2"; + version = "1.4.0"; format = "pyproject"; disabled = pythonOlder "3.7"; @@ -24,7 +24,7 @@ buildPythonPackage rec { owner = "python-poetry"; repo = pname; rev = version; - hash = "sha256-3Ryfq0MwrL/mKP8DmkhLOyFlulf3c73z9fFIzMuqOrg="; + hash = "sha256-SCzs2v0LIgx3vBYTavPqc7uwAQdWsdmkbDyHgIjOxrk="; }; propagatedBuildInputs = lib.optionals (pythonOlder "3.8") [ @@ -58,6 +58,7 @@ buildPythonPackage rec { ]; meta = with lib; { + changelog = "https://github.com/python-poetry/poetry-core/blob/${src.rev}/CHANGELOG.md"; description = "Core utilities for Poetry"; homepage = "https://github.com/python-poetry/poetry-core/"; license = licenses.mit; diff --git a/pkgs/development/python-modules/poetry-plugin-export/default.nix b/pkgs/development/python-modules/poetry-plugin-export/default.nix index bbf6013e4fd33..8711a4a527d0b 100644 --- a/pkgs/development/python-modules/poetry-plugin-export/default.nix +++ b/pkgs/development/python-modules/poetry-plugin-export/default.nix @@ -6,14 +6,14 @@ buildPythonPackage rec { pname = "poetry-plugin-export"; - version = "1.1.2"; + version = "1.2.0"; format = "pyproject"; src = fetchFromGitHub { owner = "python-poetry"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-+BDBQwYaiddq3OQDHKmLap3ehWJe+Gh5D3TwuNXycjg="; + hash = "sha256-xrAGjHFYRT6n+r/16b0xyoI7+1Q1Hsw3lEK92UabIqo="; }; postPatch = '' @@ -29,6 +29,7 @@ buildPythonPackage rec { pythonImportsCheck = []; meta = with lib; { + changelog = "https://github.com/python-poetry/poetry-plugin-export/blob/${src.rev}/CHANGELOG.md"; description = "Poetry plugin to export the dependencies to various formats"; license = licenses.mit; homepage = "https://github.com/python-poetry/poetry-plugin-export"; diff --git a/pkgs/development/python-modules/poetry/default.nix b/pkgs/development/python-modules/poetry/default.nix index 2e81f7e553122..ff5d4c91a5d69 100644 --- a/pkgs/development/python-modules/poetry/default.nix +++ b/pkgs/development/python-modules/poetry/default.nix @@ -8,6 +8,7 @@ , deepdiff , dulwich , fetchFromGitHub +, filelock , flatdict , html5lib , httpretty @@ -32,7 +33,9 @@ , requests-toolbelt , shellingham , stdenv +, tomli , tomlkit +, trove-classifiers , urllib3 , virtualenv , xattr @@ -40,7 +43,7 @@ buildPythonPackage rec { pname = "poetry"; - version = "1.2.2"; + version = "1.3.0"; format = "pyproject"; disabled = pythonOlder "3.7"; @@ -49,25 +52,19 @@ buildPythonPackage rec { owner = "python-poetry"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-huIjLv1T42HEmePCQNJpKnNxJKdyD9MlEtc2WRPOjRE="; + hash = "sha256-e60lGOu/g3SahArQXUuW8nIFgReILF5/lPOfOn0qz5o="; }; - postPatch = '' - substituteInPlace pyproject.toml \ - --replace 'crashtest = "^0.3.0"' 'crashtest = "*"' \ - --replace 'xattr = { version = "^0.9.7"' 'xattr = { version = "^0.10.0"' - ''; - nativeBuildInputs = [ installShellFiles ]; propagatedBuildInputs = [ cachecontrol - cachy cleo crashtest dulwich + filelock html5lib jsonschema keyring @@ -81,9 +78,12 @@ buildPythonPackage rec { requests-toolbelt shellingham tomlkit + trove-classifiers virtualenv ] ++ lib.optionals (stdenv.isDarwin) [ xattr + ] ++ lib.optionals (pythonOlder "3.11") [ + tomli ] ++ lib.optionals (pythonOlder "3.10") [ importlib-metadata ] ++ lib.optionals (pythonOlder "3.8") [ @@ -98,6 +98,7 @@ buildPythonPackage rec { ''; checkInputs = [ + cachy deepdiff flatdict pytestCheckHook @@ -142,6 +143,7 @@ buildPythonPackage rec { ]; meta = with lib; { + changelog = "https://github.com/python-poetry/poetry/blob/${src.rev}/CHANGELOG.md"; homepage = "https://python-poetry.org/"; description = "Python dependency management and packaging made easy"; license = licenses.mit; diff --git a/pkgs/development/python-modules/six/default.nix b/pkgs/development/python-modules/six/default.nix index 24fe639211d1a..61e6a178660d6 100644 --- a/pkgs/development/python-modules/six/default.nix +++ b/pkgs/development/python-modules/six/default.nix @@ -1,30 +1,31 @@ { lib , buildPythonPackage , fetchPypi -, pytest +, pytestCheckHook }: buildPythonPackage rec { pname = "six"; version = "1.16.0"; + format = "setuptools"; + src = fetchPypi { inherit pname version; sha256 = "1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926"; }; - checkInputs = [ pytest ]; - - checkPhase = '' - py.test test_six.py - ''; + checkInputs = [ + pytestCheckHook + ]; - # To prevent infinite recursion with pytest - doCheck = false; + pythonImportsCheck = [ "six" ]; meta = { - description = "A Python 2 and 3 compatibility library"; - homepage = "https://pypi.python.org/pypi/six/"; + changelog = "https://github.com/benjaminp/six/blob/${version}/CHANGES"; + description = "Python 2 and 3 compatibility library"; + homepage = "https://github.com/benjaminp/six"; license = lib.licenses.mit; + maintainers = with lib.maintainers; [ dotlambda ]; }; } diff --git a/pkgs/development/python-modules/tomlkit/default.nix b/pkgs/development/python-modules/tomlkit/default.nix index 6bd461db75a22..03ccef3a78322 100644 --- a/pkgs/development/python-modules/tomlkit/default.nix +++ b/pkgs/development/python-modules/tomlkit/default.nix @@ -10,11 +10,11 @@ buildPythonPackage rec { pname = "tomlkit"; - version = "0.11.4"; + version = "0.11.6"; src = fetchPypi { inherit pname version; - sha256 = "sha256-MjWpAQ+uVDI+cnw6wG+3IHUv5mNbNCbjedrsYPvUSoM="; + hash = "sha256-cblS5XIWiJN/sCz501TbzweFBmFJ0oVeRFMevdK2XXM="; }; propagatedBuildInputs = @@ -30,6 +30,7 @@ buildPythonPackage rec { meta = with lib; { homepage = "https://github.com/sdispater/tomlkit"; + changelog = "https://github.com/sdispater/tomlkit/blob/${version}/CHANGELOG.md"; description = "Style-preserving TOML library for Python"; license = licenses.mit; maintainers = with maintainers; [ jakewaksbaum ]; diff --git a/pkgs/development/python-modules/trove-classifiers/default.nix b/pkgs/development/python-modules/trove-classifiers/default.nix new file mode 100644 index 0000000000000..4e87963e9e8d0 --- /dev/null +++ b/pkgs/development/python-modules/trove-classifiers/default.nix @@ -0,0 +1,35 @@ +{ lib +, buildPythonPackage +, fetchPypi +, calver +, pytestCheckHook +}: + +buildPythonPackage rec { + pname = "trove-classifiers"; + version = "2022.12.1"; + + format = "setuptools"; + + src = fetchPypi { + inherit pname version; + sha256 = "8eccd9c075038ef2ec73276e2422d0dbf4d632f9133f029632d0df35374caf77"; + }; + + nativeBuildInputs = [ + calver + ]; + + checkInputs = [ + pytestCheckHook + ]; + + pythonImportsCheck = [ "trove_classifiers" ]; + + meta = { + description = "Canonical source for classifiers on PyPI"; + homepage = "https://github.com/pypa/trove-classifiers"; + license = lib.licenses.asl20; + maintainers = with lib.maintainers; [ dotlambda ]; + }; +} diff --git a/pkgs/development/python-modules/urllib3/default.nix b/pkgs/development/python-modules/urllib3/default.nix index ec63f5f21ed95..86083a4cc5736 100644 --- a/pkgs/development/python-modules/urllib3/default.nix +++ b/pkgs/development/python-modules/urllib3/default.nix @@ -20,12 +20,12 @@ buildPythonPackage rec { pname = "urllib3"; - version = "1.26.12"; + version = "1.26.13"; format = "setuptools"; src = fetchPypi { inherit pname version; - hash = "sha256-P6ls9CPmmHmX/DJq6N85bbKot8ZndH1H3djsupH0p04="; + hash = "sha256-wIPdDc5o2/vhEp1SccuQ+UR96n1SCXxuASYSDFId3qg="; }; # FIXME: remove backwards compatbility hack @@ -64,15 +64,27 @@ buildPythonPackage rec { ]; passthru.optional-dependencies = { - brotli = if isPyPy then [ brotlicffi ] else [ brotli ]; + brotli = if isPyPy then [ + brotlicffi + ] else [ + brotli + ]; # Use carefully since pyopenssl is not supported aarch64-darwin - secure = [ certifi cryptography idna pyopenssl ]; - socks = [ pysocks ]; + secure = [ + certifi + cryptography + idna + pyopenssl + ]; + socks = [ + pysocks + ]; }; meta = with lib; { description = "Powerful, sanity-friendly HTTP client for Python"; homepage = "https://github.com/shazow/urllib3"; + changelog = "https://github.com/urllib3/urllib3/blob/${version}/CHANGES.rst"; license = licenses.mit; maintainers = with maintainers; [ fab ]; }; diff --git a/pkgs/development/python-modules/yarl/default.nix b/pkgs/development/python-modules/yarl/default.nix index 249bf974322e2..171f6569cfd85 100644 --- a/pkgs/development/python-modules/yarl/default.nix +++ b/pkgs/development/python-modules/yarl/default.nix @@ -10,11 +10,15 @@ buildPythonPackage rec { pname = "yarl"; - version = "1.8.1"; + version = "1.8.2"; + + disabled = pythonOlder "3.7"; + + format = "setuptools"; src = fetchPypi { inherit pname version; - sha256 = "sha256-r4h4RbjC4GDrVgX/crby3SqrenYTeTc/2J0xT0dSq78="; + hash = "sha256-SdQ0AsbjATrQl4YCv2v1MoU1xI0ZIwS5G5ejxnkLFWI="; }; postPatch = '' @@ -44,6 +48,7 @@ buildPythonPackage rec { pythonImportsCheck = [ "yarl" ]; meta = with lib; { + changelog = "https://github.com/aio-libs/yarl/blob/v${version}/CHANGES.rst"; description = "Yet another URL library"; homepage = "https://github.com/aio-libs/yarl"; license = licenses.asl20; diff --git a/pkgs/development/tools/ansible-language-server/default.nix b/pkgs/development/tools/ansible-language-server/default.nix index 8d9b1f0ca50f7..4daa90a80a547 100644 --- a/pkgs/development/tools/ansible-language-server/default.nix +++ b/pkgs/development/tools/ansible-language-server/default.nix @@ -18,7 +18,7 @@ buildNpmPackage rec { npmDepsHash = "sha256-8FP6hF85w1Zbhiwi2V350ZWFAykAfvsXRGL8bvGk1XE="; npmBuildScript = "compile"; - # We remove the prepare and prepack scripts because they run the + # We remove/ignore the prepare and prepack scripts because they run the # build script, and therefore are redundant. # # Additionally, the prepack script runs npm ci in addition to the @@ -27,9 +27,10 @@ buildNpmPackage rec { # wiping out node_modules, which causes a mysterious error stating that tsc isn't installed. postPatch = '' sed -i '/"prepare"/d' package.json - sed -i '/"prepack"/d' package.json ''; + npmPackFlags = [ "--ignore-scripts" ]; + passthru.updateScript = nix-update-script { attrPath = pname; }; diff --git a/pkgs/development/tools/build-managers/apache-maven/builder.sh b/pkgs/development/tools/build-managers/apache-maven/builder.sh index dcc38b9ec74a1..96fe8ebfac295 100644 --- a/pkgs/development/tools/build-managers/apache-maven/builder.sh +++ b/pkgs/development/tools/build-managers/apache-maven/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup unpackPhase diff --git a/pkgs/development/tools/build-managers/boot/builder.sh b/pkgs/development/tools/build-managers/boot/builder.sh index c1481dc6a1445..e007cbac9582d 100644 --- a/pkgs/development/tools/build-managers/boot/builder.sh +++ b/pkgs/development/tools/build-managers/boot/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup boot_bin=$out/bin/boot diff --git a/pkgs/development/tools/jq/default.nix b/pkgs/development/tools/jq/default.nix index 5671f5dbe6412..6b41cc9862b9b 100644 --- a/pkgs/development/tools/jq/default.nix +++ b/pkgs/development/tools/jq/default.nix @@ -1,7 +1,6 @@ { lib , stdenv -, fetchpatch -, fetchFromGitHub +, fetchurl , autoreconfHook , onigurumaSupport ? true , oniguruma @@ -11,19 +10,14 @@ stdenv.mkDerivation rec { pname = "jq"; version = "1.6"; - src = fetchFromGitHub { - owner = "stedolan"; - repo = "jq"; - rev = "${pname}-${version}"; - hash = "sha256-CIE8vumQPGK+TFAncmpBijANpFALLTadOvkob0gVzro"; + # Note: do not use fetchpatch or fetchFromGitHub to keep this package available in __bootPackages + src = fetchurl { + url = "https://github.com/stedolan/jq/releases/download/jq-${version}/jq-${version}.tar.gz"; + sha256 = "sha256-XejI4pqqP7nMa0e7JymfJxNU67clFOOsytx9OLW7qnI="; }; patches = [ - (fetchpatch { - name = "fix-tests-when-building-without-regex-supports.patch"; - url = "https://github.com/stedolan/jq/pull/2292/commits/f6a69a6e52b68a92b816a28eb20719a3d0cb51ae.patch"; - sha256 = "pTM5FZ6hFs5Rdx+W2dICSS2lcoLY1Q//Lan3Hu8Gr58="; - }) + ./fix-tests-when-building-without-regex-supports.patch ]; outputs = [ "bin" "doc" "man" "dev" "lib" "out" ]; @@ -69,7 +63,7 @@ stdenv.mkDerivation rec { description = "A lightweight and flexible command-line JSON processor"; homepage = "https://stedolan.github.io/jq/"; license = licenses.mit; - maintainers = with maintainers; [ raskin globin ]; + maintainers = with maintainers; [ raskin globin artturin ]; platforms = platforms.unix; downloadPage = "https://stedolan.github.io/jq/download/"; }; diff --git a/pkgs/development/tools/jq/fix-tests-when-building-without-regex-supports.patch b/pkgs/development/tools/jq/fix-tests-when-building-without-regex-supports.patch new file mode 100644 index 0000000000000..ac7614ed80b27 --- /dev/null +++ b/pkgs/development/tools/jq/fix-tests-when-building-without-regex-supports.patch @@ -0,0 +1,38 @@ +From f6a69a6e52b68a92b816a28eb20719a3d0cb51ae Mon Sep 17 00:00:00 2001 +From: Dmitry Bogatov <git#v1@kaction.cc> +Date: Sat, 27 Mar 2021 00:00:00 +0000 +Subject: [PATCH] Disable some tests when building without regex support + +--- + Makefile.am | 5 ++++- + configure.ac | 1 + + 2 files changed, 5 insertions(+), 1 deletion(-) + +diff --git a/Makefile.am b/Makefile.am +index f5c1db594..f3f44bb9e 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -130,7 +130,10 @@ endif + + ### Tests (make check) + +-TESTS = tests/optionaltest tests/mantest tests/jqtest tests/onigtest tests/shtest tests/utf8test tests/base64test ++TESTS = tests/optionaltest tests/jqtest tests/shtest tests/utf8test tests/base64test ++if WITH_ONIGURUMA ++TESTS += tests/mantest tests/onigtest ++endif + TESTS_ENVIRONMENT = NO_VALGRIND=$(NO_VALGRIND) + + # This is a magic make variable that causes it to treat tests/man.test as a +diff --git a/configure.ac b/configure.ac +index 0441d4a2c..987d94e0a 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -278,6 +278,7 @@ AC_SUBST(onig_CFLAGS) + AC_SUBST(onig_LDFLAGS) + + AM_CONDITIONAL([BUILD_ONIGURUMA], [test "x$build_oniguruma" = xyes]) ++AM_CONDITIONAL([WITH_ONIGURUMA], [test "x$with_oniguruma" = xyes]) + AC_SUBST([BUNDLER], ["$bundle_cmd"]) + + AC_CONFIG_MACRO_DIR([config/m4]) diff --git a/pkgs/development/tools/misc/automake/builder.sh b/pkgs/development/tools/misc/automake/builder.sh index e54a2acca67e8..0cb1d5d61e33b 100644 --- a/pkgs/development/tools/misc/automake/builder.sh +++ b/pkgs/development/tools/misc/automake/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup # Wrap the given `aclocal' program, appending extra `-I' flags diff --git a/pkgs/development/tools/parsing/antlr/builder.sh b/pkgs/development/tools/parsing/antlr/builder.sh index b8e7791b6fc9b..55259b9321249 100644 --- a/pkgs/development/tools/parsing/antlr/builder.sh +++ b/pkgs/development/tools/parsing/antlr/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup tar zxvf $src diff --git a/pkgs/development/tools/rust/cargo-auditable/cargo-wrapper.nix b/pkgs/development/tools/rust/cargo-auditable/cargo-wrapper.nix new file mode 100644 index 0000000000000..3afa59739a374 --- /dev/null +++ b/pkgs/development/tools/rust/cargo-auditable/cargo-wrapper.nix @@ -0,0 +1,13 @@ +{ lib, writeShellApplication, cargo, cargo-auditable }: + +(writeShellApplication { + name = "cargo"; + runtimeInputs = [ cargo cargo-auditable ]; + text = '' + CARGO_AUDITABLE_IGNORE_UNSUPPORTED=1 cargo auditable "$@" + ''; +}) // { + meta = cargo-auditable.meta // { + mainProgram = "cargo"; + }; +} diff --git a/pkgs/development/tools/rust/cargo-auditable/default.nix b/pkgs/development/tools/rust/cargo-auditable/default.nix index 64580d8ad8b34..1c621276021aa 100644 --- a/pkgs/development/tools/rust/cargo-auditable/default.nix +++ b/pkgs/development/tools/rust/cargo-auditable/default.nix @@ -1,23 +1,40 @@ -{ lib, rustPlatform, fetchFromGitHub }: +{ lib, fetchFromGitHub, makeRustPlatform, rustc, cargo }: -rustPlatform.buildRustPackage rec { - pname = "cargo-auditable"; - version = "0.5.5"; +let + args = rec { + pname = "cargo-auditable"; + version = "0.6.0"; - src = fetchFromGitHub { - owner = "rust-secure-code"; - repo = pname; - rev = "v${version}"; - sha256 = "sha256-mEmTgd7sC2jmYeb5pEO985v/aWWKlq/mSQUAGi32loY="; - }; + src = fetchFromGitHub { + owner = "rust-secure-code"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-mSiEC+9QtRjWmywJnGgUqp+q8fhY0qUYrgjrAVaY114="; + }; + + cargoSha256 = "sha256-Wz5My/QxPpZVsPBUe3KHT3ttD6CTU8NCY8rhFEC+UlA="; - cargoSha256 = "sha256-G72UUqvFaTY/GQSkpz1wIzjb7vIWuAjvKMZosUB6YsA="; + meta = with lib; { + description = "A tool to make production Rust binaries auditable"; + homepage = "https://github.com/rust-secure-code/cargo-auditable"; + changelog = "https://github.com/rust-secure-code/cargo-auditable/blob/v${version}/cargo-auditable/CHANGELOG.md"; + license = with licenses; [ mit /* or */ asl20 ]; + maintainers = with maintainers; [ figsoda ]; + }; + }; - meta = with lib; { - description = "A tool to make production Rust binaries auditable"; - homepage = "https://github.com/rust-secure-code/cargo-auditable"; - changelog = "https://github.com/rust-secure-code/cargo-auditable/blob/v${version}/cargo-auditable/CHANGELOG.md"; - license = with licenses; [ mit /* or */ asl20 ]; - maintainers = with maintainers; [ figsoda ]; + rustPlatform = makeRustPlatform { + inherit rustc; + cargo = cargo.override { + auditable = false; + }; }; -} + + bootstrap = rustPlatform.buildRustPackage (args // { + auditable = false; + }); +in + +rustPlatform.buildRustPackage.override { cargo-auditable = bootstrap; } (args // { + auditable = true; # TODO: remove when this is the default +}) diff --git a/pkgs/development/tools/rust/maturin/default.nix b/pkgs/development/tools/rust/maturin/default.nix index b276a618110f1..384030c903d96 100644 --- a/pkgs/development/tools/rust/maturin/default.nix +++ b/pkgs/development/tools/rust/maturin/default.nix @@ -11,16 +11,16 @@ rustPlatform.buildRustPackage rec { pname = "maturin"; - version = "0.13.0"; + version = "0.14.5"; src = fetchFromGitHub { owner = "PyO3"; repo = "maturin"; rev = "v${version}"; - hash = "sha256-uKpYI+Oc49xgoIZCh72baBMZLcpMXk7g2Jb1DQxW9lk="; + hash = "sha256-3TEEmraQ9KGx29ok7IUdVzTW0ilaAci1dOZUlKvQYJE="; }; - cargoHash = "sha256-levBWghFIXOXe+NGXvwBqQpPmWeUK53ruSyLik1urSU="; + cargoHash = "sha256-/biWBTNIysg6HDozyF8UdKoxlgkHl9tnyean8+333hI="; nativeBuildInputs = [ pkg-config ]; diff --git a/pkgs/development/tools/rust/rust-analyzer/default.nix b/pkgs/development/tools/rust/rust-analyzer/default.nix index 0cd55e1f820b1..bfa2c1b782168 100644 --- a/pkgs/development/tools/rust/rust-analyzer/default.nix +++ b/pkgs/development/tools/rust/rust-analyzer/default.nix @@ -22,6 +22,8 @@ rustPlatform.buildRustPackage rec { sha256 = "sha256-QLKX/JhK+jRE61teK+Cr4f2KuAzgYuawStxOgJymqRg="; }; + auditable = true; # TODO: remove when this is the default + cargoBuildFlags = [ "--bin" "rust-analyzer" "--bin" "rust-analyzer-proc-macro-srv" ]; cargoTestFlags = [ "--package" "rust-analyzer" "--package" "proc-macro-srv-cli" ]; diff --git a/pkgs/development/tools/spirv-tools/default.nix b/pkgs/development/tools/spirv-tools/default.nix index 7edba948586e7..6f95ded63e15e 100644 --- a/pkgs/development/tools/spirv-tools/default.nix +++ b/pkgs/development/tools/spirv-tools/default.nix @@ -2,14 +2,14 @@ stdenv.mkDerivation rec { pname = "spirv-tools"; - version = "1.3.231.0"; + version = "1.3.236.0"; src = (assert version == spirv-headers.version; fetchFromGitHub { owner = "KhronosGroup"; repo = "SPIRV-Tools"; rev = "sdk-${version}"; - hash = "sha256-sqjQoz9v9alSPc0ujEcWZxDAWh2S6oAPP1+JZmNCpA0="; + hash = "sha256-BV7V/jS782zdvtuw/wNY5fyAdx8Z2niWSocNaW0Atho="; } ); diff --git a/pkgs/development/tools/vulkan-validation-layers/default.nix b/pkgs/development/tools/vulkan-validation-layers/default.nix index 4f6a766e5e96b..17e8983019561 100644 --- a/pkgs/development/tools/vulkan-validation-layers/default.nix +++ b/pkgs/development/tools/vulkan-validation-layers/default.nix @@ -22,7 +22,7 @@ let in stdenv.mkDerivation rec { pname = "vulkan-validation-layers"; - version = "1.3.231.0"; + version = "1.3.236.0"; # If we were to use "dev" here instead of headers, the setupHook would be # placed in that output instead of "out". @@ -34,7 +34,7 @@ stdenv.mkDerivation rec { owner = "KhronosGroup"; repo = "Vulkan-ValidationLayers"; rev = "sdk-${version}"; - hash = "sha256-5bzUauu8081zyRaWmRUtOxHjUU4gc1GWoJtU783Msh0="; + hash = "sha256-+VbiXtxzYaF5o+wIrJ+09LmgBdaLv/0VJGFDnBkrXms="; }); # Include absolute paths to layer libraries in their associated diff --git a/pkgs/development/web/nodejs/npm-patches.nix b/pkgs/development/web/nodejs/npm-patches.nix new file mode 100644 index 0000000000000..28432f806dc60 --- /dev/null +++ b/pkgs/development/web/nodejs/npm-patches.nix @@ -0,0 +1,23 @@ +{ fetchpatch }: + +[ + # Makes `npm pack` obey `--foreground-scripts` + (fetchpatch { + name = "libnpmpack-obey-foreground-scripts.patch"; + url = "https://github.com/npm/cli/commit/e4e8ae20aef9e27e57282e87e8757d5b364abb39.patch"; + hash = "sha256-NQ8CZBfRqAOMe0Ysg3cq1FiferWKTzXC1QXgzX+f8OU="; + stripLen = 2; + extraPrefix = "deps/npm/node_modules/"; + includes = [ "deps/npm/node_modules/libnpmpack/lib/index.js" ]; + }) + + # Makes `npm pack` obey `--ignore-scripts` + (fetchpatch { + name = "libnpmpack-obey-ignore-scripts.patch"; + url = "https://github.com/npm/cli/commit/a990c3c9a0e67f0a8b6454213675e159fe49432d.patch"; + hash = "sha256-eA5YST9RxMMjk5FCwEbl1HQUpXZuwWZkx5WC4yJium8="; + stripLen = 2; + extraPrefix = "deps/npm/node_modules/"; + includes = [ "deps/npm/node_modules/libnpmpack/lib/index.js" ]; + }) +] diff --git a/pkgs/development/web/nodejs/v16.nix b/pkgs/development/web/nodejs/v16.nix index a35c347c3d143..8483e7251b4e8 100644 --- a/pkgs/development/web/nodejs/v16.nix +++ b/pkgs/development/web/nodejs/v16.nix @@ -5,6 +5,8 @@ let inherit openssl; python = python3; }; + + npmPatches = callPackage ./npm-patches.nix { }; in buildNodejs { inherit enableNpm; @@ -13,5 +15,5 @@ in patches = [ ./disable-darwin-v8-system-instrumentation.patch ./bypass-darwin-xcrun-node16.patch - ]; + ] ++ npmPatches; } diff --git a/pkgs/development/web/nodejs/v18.nix b/pkgs/development/web/nodejs/v18.nix index 29f133a811052..b91f2c9f2c2b0 100644 --- a/pkgs/development/web/nodejs/v18.nix +++ b/pkgs/development/web/nodejs/v18.nix @@ -5,6 +5,8 @@ let inherit openssl; python = python3; }; + + npmPatches = callPackage ./npm-patches.nix { }; in buildNodejs { inherit enableNpm; @@ -21,5 +23,5 @@ buildNodejs { ./disable-darwin-v8-system-instrumentation.patch ./bypass-darwin-xcrun-node16.patch - ]; + ] ++ npmPatches; } diff --git a/pkgs/development/web/nodejs/v19.nix b/pkgs/development/web/nodejs/v19.nix index cbed3bbef9aa2..335477aa7ddc3 100644 --- a/pkgs/development/web/nodejs/v19.nix +++ b/pkgs/development/web/nodejs/v19.nix @@ -5,6 +5,8 @@ let inherit openssl; python = python3; }; + + npmPatches = callPackage ./npm-patches.nix { }; in buildNodejs { inherit enableNpm; @@ -14,5 +16,5 @@ buildNodejs { ./revert-arm64-pointer-auth.patch ./disable-darwin-v8-system-instrumentation-node19.patch ./bypass-darwin-xcrun-node16.patch - ]; + ] ++ npmPatches; } |