about summary refs log tree commit diff
path: root/pkgs/tools
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/tools')
-rw-r--r--pkgs/tools/compression/crabz/default.nix6
-rw-r--r--pkgs/tools/misc/moar/default.nix4
-rw-r--r--pkgs/tools/misc/onefetch/default.nix6
-rw-r--r--pkgs/tools/networking/ddns-go/default.nix4
-rw-r--r--pkgs/tools/networking/flannel/default.nix6
-rw-r--r--pkgs/tools/package-management/nix-doc/default.nix25
-rw-r--r--pkgs/tools/security/certsync/default.nix9
-rw-r--r--pkgs/tools/security/gopass/default.nix6
-rw-r--r--pkgs/tools/security/gopass/git-credential.nix15
-rw-r--r--pkgs/tools/security/gopass/hibp.nix15
-rw-r--r--pkgs/tools/security/gopass/jsonapi.nix15
-rw-r--r--pkgs/tools/security/gopass/summon.nix15
-rw-r--r--pkgs/tools/security/melt/default.nix6
-rw-r--r--pkgs/tools/security/nuclei/default.nix6
-rw-r--r--pkgs/tools/security/pass/wofi-pass.nix4
-rw-r--r--pkgs/tools/security/silenthound/default.nix9
-rw-r--r--pkgs/tools/system/automatic-timezoned/default.nix6
-rw-r--r--pkgs/tools/typesetting/tex/texlive/bin.nix18
-rw-r--r--pkgs/tools/wayland/wleave/default.nix6
19 files changed, 118 insertions, 63 deletions
diff --git a/pkgs/tools/compression/crabz/default.nix b/pkgs/tools/compression/crabz/default.nix
index f8cb155f272e3..debfef0c3c537 100644
--- a/pkgs/tools/compression/crabz/default.nix
+++ b/pkgs/tools/compression/crabz/default.nix
@@ -6,16 +6,16 @@
 
 rustPlatform.buildRustPackage rec {
   pname = "crabz";
-  version = "0.8.1";
+  version = "0.9.0";
 
   src = fetchFromGitHub {
     owner = "sstadick";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-w/e0NFmBsYNEECT+2zHEm/UUpp5LxPYr0BdKikT2o1M=";
+    sha256 = "sha256-qKyrAao4b+D9KhK0euNcn2/YyXGeUjgCfdVtDxy6cuQ=";
   };
 
-  cargoSha256 = "sha256-9VOJeRvyudZSCaUZ1J9gHMEoWXEnEhCZPxvfYGRKzj0=";
+  cargoHash = "sha256-S3/JDheTBwYS3uEAwwK+bAtzp0LP8FHHxyOnIQkKqlA=";
 
   nativeBuildInputs = [ cmake ];
 
diff --git a/pkgs/tools/misc/moar/default.nix b/pkgs/tools/misc/moar/default.nix
index 9f57849d81c65..9d073c5f50afd 100644
--- a/pkgs/tools/misc/moar/default.nix
+++ b/pkgs/tools/misc/moar/default.nix
@@ -2,13 +2,13 @@
 
 buildGoModule rec {
   pname = "moar";
-  version = "1.23.7";
+  version = "1.23.8";
 
   src = fetchFromGitHub {
     owner = "walles";
     repo = pname;
     rev = "v${version}";
-    hash = "sha256-QQiqi3rt1EQTUWSXAxAb5MHGCFyXZV6LZ6ZAS5P3mO4=";
+    hash = "sha256-AUcnApH8fSCFNEKIJkNOh3Q2I+G2U2QOATHmtI7vPts=";
   };
 
   vendorHash = "sha256-1u/2OlMX2FuZaxWnpU4n5r/4xKe+rK++GoCJiSq/BdE=";
diff --git a/pkgs/tools/misc/onefetch/default.nix b/pkgs/tools/misc/onefetch/default.nix
index fe509320a7122..84762c8b72747 100644
--- a/pkgs/tools/misc/onefetch/default.nix
+++ b/pkgs/tools/misc/onefetch/default.nix
@@ -14,16 +14,16 @@
 
 rustPlatform.buildRustPackage rec {
   pname = "onefetch";
-  version = "2.19.0";
+  version = "2.20.0";
 
   src = fetchFromGitHub {
     owner = "o2sh";
     repo = pname;
     rev = version;
-    hash = "sha256-IaXQyTQMvgfm3CWU6z0T4nTJNgA8/8urG+hhuthB4+U=";
+    hash = "sha256-aQeKzOxRlSGuVewh3HEx1M12vmaxhy6ImnqMDc5b0DI=";
   };
 
-  cargoHash = "sha256-8brPYBVqoBg9wO/Y6LdNgVasJgmyZvdNIC0Cclpyk68=";
+  cargoHash = "sha256-g+fTmZGyPkQLgnJ9Bb4sLTfDMPPBRA+s6f3OxXTKwsM=";
 
   cargoPatches = [
     # enable pkg-config feature of zstd
diff --git a/pkgs/tools/networking/ddns-go/default.nix b/pkgs/tools/networking/ddns-go/default.nix
index 720d6757da0a3..c2b635c5e3364 100644
--- a/pkgs/tools/networking/ddns-go/default.nix
+++ b/pkgs/tools/networking/ddns-go/default.nix
@@ -5,13 +5,13 @@
 
 buildGoModule rec {
   pname = "ddns-go";
-  version = "6.2.1";
+  version = "6.2.2";
 
   src = fetchFromGitHub {
     owner = "jeessy2";
     repo = pname;
     rev = "v${version}";
-    hash = "sha256-KfSOhUmV81Z8qp8MrqwJLtQ5SZgiEPbdkA1NacqpNRc=";
+    hash = "sha256-MwDwYoX1OT4TKMD2g+RBAlGfs8cz42dEFnV2b8Xzup8=";
   };
 
   vendorHash = "sha256-zUqsuph0fn1x4dwvBY0W0+S6SzS086SHya2ViNpDXGU=";
diff --git a/pkgs/tools/networking/flannel/default.nix b/pkgs/tools/networking/flannel/default.nix
index 95dda1485ed64..03cf372e2f074 100644
--- a/pkgs/tools/networking/flannel/default.nix
+++ b/pkgs/tools/networking/flannel/default.nix
@@ -2,16 +2,16 @@
 
 buildGoModule rec {
   pname = "flannel";
-  version = "0.24.3";
+  version = "0.24.4";
   rev = "v${version}";
 
-  vendorHash = "sha256-YCedMUxcME0NFEtYhLA4G1WZU8SMBvDOBZ/U7X7Tx3k=";
+  vendorHash = "sha256-meBo4KsM0qcpW/FIF32NG9MYWK945EaBpzopkmT1WMI=";
 
   src = fetchFromGitHub {
     inherit rev;
     owner = "flannel-io";
     repo = "flannel";
-    sha256 = "sha256-f6jHK0h0NVgHaWT6l+WS9P9WXVLzxxujdjXND01lLNM=";
+    sha256 = "sha256-Qw1TAkToKgDt2/GHqlsM5vyTslI0dutJlwTA5xKqbFo=";
   };
 
   ldflags = [ "-X github.com/flannel-io/flannel/pkg/version.Version=${rev}" ];
diff --git a/pkgs/tools/package-management/nix-doc/default.nix b/pkgs/tools/package-management/nix-doc/default.nix
index 2c7940b8d87d4..3d0069c87dba2 100644
--- a/pkgs/tools/package-management/nix-doc/default.nix
+++ b/pkgs/tools/package-management/nix-doc/default.nix
@@ -1,5 +1,17 @@
-{ lib, stdenv, rustPlatform, fetchFromGitHub, boost, nix, pkg-config }:
+{ lib
+, stdenv
+, rustPlatform
+, fetchFromGitHub
+, boost
+, nix
+, pkg-config
+# Whether to build the nix-doc plugin for Nix
+, withPlugin ? true
+}:
 
+let
+  packageFlags = [ "-p" "nix-doc" ] ++ lib.optionals withPlugin [ "-p" "nix-doc-plugin" ];
+in
 rustPlatform.buildRustPackage rec {
   pname = "nix-doc";
   version = "0.6.5";
@@ -12,17 +24,20 @@ rustPlatform.buildRustPackage rec {
   };
 
   doCheck = true;
-  buildInputs = [ boost nix ];
+  buildInputs = lib.optionals withPlugin [ boost nix ];
 
-  nativeBuildInputs = [ pkg-config nix ];
+  nativeBuildInputs = lib.optionals withPlugin [ pkg-config nix ];
+
+  cargoBuildFlags = packageFlags;
+  cargoTestFlags = packageFlags;
 
   # Packaging support for making the nix-doc plugin load cleanly as a no-op on
   # the wrong Nix version (disabling bindnow permits loading libraries
   # requiring unavailable symbols if they are unreached)
-  hardeningDisable = [ "bindnow" ];
+  hardeningDisable = lib.optionals withPlugin [ "bindnow" ];
   # Due to a Rust bug, setting -Z relro-level to anything including "off" on
   # macOS will cause link errors
-  env = lib.optionalAttrs stdenv.isLinux {
+  env = lib.optionalAttrs (withPlugin && stdenv.isLinux) {
     # nix-doc does not use nightly features, however, there is no other way to
     # set relro-level
     RUSTC_BOOTSTRAP = 1;
diff --git a/pkgs/tools/security/certsync/default.nix b/pkgs/tools/security/certsync/default.nix
index 15878c7826fbe..e12868ac7f9c8 100644
--- a/pkgs/tools/security/certsync/default.nix
+++ b/pkgs/tools/security/certsync/default.nix
@@ -5,14 +5,14 @@
 
 python3.pkgs.buildPythonApplication rec {
   pname = "certsync";
-  version = "unstable-2023-04-14";
-  format = "pyproject";
+  version = "1.5-unstable-2024-03-08";
+  pyproject = true;
 
   src = fetchFromGitHub {
     owner = "zblurx";
     repo = "certsync";
-    rev = "f3c8b61f0967a6403d4c592dcbfa8921682452a6";
-    hash = "sha256-7Pzss83jf3zKmgQZki18R47OWn5VniZZ/d4N8JgZs+0=";
+    rev = "712e34c54a63537efd630561aa55dc9d35962c3f";
+    hash = "sha256-YkxEExeu3sBJ93WJGtU5oe3rDS0Ki88vAeGpE23xRwo=";
   };
 
   nativeBuildInputs = with python3.pkgs; [
@@ -33,5 +33,6 @@ python3.pkgs.buildPythonApplication rec {
     homepage = "https://github.com/zblurx/certsync";
     license = licenses.mit;
     maintainers = with maintainers; [ fab ];
+    mainProgram = "certsync";
   };
 }
diff --git a/pkgs/tools/security/gopass/default.nix b/pkgs/tools/security/gopass/default.nix
index 6573c511474a7..2b17f935d5113 100644
--- a/pkgs/tools/security/gopass/default.nix
+++ b/pkgs/tools/security/gopass/default.nix
@@ -13,7 +13,7 @@
 
 buildGoModule rec {
   pname = "gopass";
-  version = "1.15.11";
+  version = "1.15.12";
 
   nativeBuildInputs = [ installShellFiles makeWrapper ];
 
@@ -21,10 +21,10 @@ buildGoModule rec {
     owner = "gopasspw";
     repo = "gopass";
     rev = "v${version}";
-    hash = "sha256-wgrZkRRMEWA9Lk9eW+iGi+dZNYfDVhRu1phimZC079c=";
+    hash = "sha256-sg3I/h0mkkWmK4GD1yoX14gM2oqwRjMXpX3KULHFJsg=";
   };
 
-  vendorHash = "sha256-TvohrwSFVv5ylVRd6jPdRDyRRhqqWa0xey9KN9vtyY8=";
+  vendorHash = "sha256-jbwtxOfBL/5aXdWcsXZ5HQi83Oy00SSnLcvuWeCPBug=";
 
   subPackages = [ "." ];
 
diff --git a/pkgs/tools/security/gopass/git-credential.nix b/pkgs/tools/security/gopass/git-credential.nix
index 8654d05d9d13a..cf05591bbbfce 100644
--- a/pkgs/tools/security/gopass/git-credential.nix
+++ b/pkgs/tools/security/gopass/git-credential.nix
@@ -2,21 +2,30 @@
 , makeWrapper
 , buildGoModule
 , fetchFromGitHub
+, fetchpatch
 , gopass
 }:
 
 buildGoModule rec {
   pname = "git-credential-gopass";
-  version = "1.15.11";
+  version = "1.15.12";
 
   src = fetchFromGitHub {
     owner = "gopasspw";
     repo = "git-credential-gopass";
     rev = "v${version}";
-    hash = "sha256-qnWgrpcj3DZQu5haP/5xqoO7eogkRjBmc8XpgFFNT6I=";
+    hash = "sha256-5j5+so4LT3x+epEZf9OVn/kLNHBk2ENQxxRrzbziEA4=";
   };
 
-  vendorHash = "sha256-bit4+YgQ+Y/TA2q7KdZwYTE3ZKBwL6tUam+tHzBMiQw=";
+  patches = [
+    # go mod tidy. Remove with next release
+    (fetchpatch {
+      url = "https://github.com/gopasspw/git-credential-gopass/commit/88d11d2b1b49f00b7fba9a917cf90f7ea14c9d1b.patch";
+      hash = "sha256-mXxI9GXan0zYL8msL83VLqxOp4oAOwMyCOFaUOLAg5E=";
+    })
+  ];
+
+  vendorHash = "sha256-y1PH0+tt/kcHw2I4LWD2XfLud3JtsYqrRd/yVRPdaTA=";
 
   subPackages = [ "." ];
 
diff --git a/pkgs/tools/security/gopass/hibp.nix b/pkgs/tools/security/gopass/hibp.nix
index 11ee0a94dbf9b..c9fca15f90582 100644
--- a/pkgs/tools/security/gopass/hibp.nix
+++ b/pkgs/tools/security/gopass/hibp.nix
@@ -2,21 +2,30 @@
 , makeWrapper
 , buildGoModule
 , fetchFromGitHub
+, fetchpatch
 , gopass
 }:
 
 buildGoModule rec {
   pname = "gopass-hibp";
-  version = "1.15.11";
+  version = "1.15.12";
 
   src = fetchFromGitHub {
     owner = "gopasspw";
     repo = "gopass-hibp";
     rev = "v${version}";
-    hash = "sha256-2XhvUIa8RxQ6CAKPGpL8/rBiJSX/WsSGtIpaHLIBM1E=";
+    hash = "sha256-5BnCaxF2XZ4f26KsTbapcZ2+Ii58nR/14pCj0c0QLKE=";
   };
 
-  vendorHash = "sha256-i9PUqircNf+jz5gcr3rVIR4tD9/bkV2h6LiDFhjiLaw=";
+  patches = [
+    # go mod tidy. Remove with next release
+    (fetchpatch {
+      url = "https://github.com/gopasspw/gopass-hibp/commit/cdfdbc6da154874c74d7c8fc83bb11a98dd8fd81.patch";
+      hash = "sha256-jCzg3c8EizhoRYvWUZCys6/q2ChVWy/psPofNGIYdxs=";
+    })
+  ];
+
+  vendorHash = "sha256-GLqtwUg3fa1okdPoQBkF+ygpm8GLmDyIyUiC7/TTTaE=";
 
   subPackages = [ "." ];
 
diff --git a/pkgs/tools/security/gopass/jsonapi.nix b/pkgs/tools/security/gopass/jsonapi.nix
index 37ac46356c3a4..ca0ad5a96fd3e 100644
--- a/pkgs/tools/security/gopass/jsonapi.nix
+++ b/pkgs/tools/security/gopass/jsonapi.nix
@@ -2,22 +2,31 @@
 , makeWrapper
 , buildGoModule
 , fetchFromGitHub
+, fetchpatch
 , installShellFiles
 , gopass
 }:
 
 buildGoModule rec {
   pname = "gopass-jsonapi";
-  version = "1.15.11";
+  version = "1.15.12";
 
   src = fetchFromGitHub {
     owner = "gopasspw";
     repo = "gopass-jsonapi";
     rev = "v${version}";
-    hash = "sha256-wJlnm+sgFg55LW4RWGjcT538DgNhJtFjwgwgqwLWH50=";
+    hash = "sha256-sR+48MRBHj3XpKLp/AOGf2H4ltZD1fHlIA2HPYSHdp0=";
   };
 
-  vendorHash = "sha256-qRmPO2WM9RD43twl5a47IT3xC1LGFwNF99ojIU2xg6A=";
+  patches = [
+    # go mod tidy. Remove with next release
+    (fetchpatch {
+      url = "https://github.com/gopasspw/gopass-jsonapi/commit/cab33faab113d0c9702ebaa14cde13e5ccd465d2.patch";
+      hash = "sha256-IoxU5r1k0Y6N+PKAZH8LEO/fXHjryx5y58RRFeHP7Bc=";
+    })
+  ];
+
+  vendorHash = "sha256-2JADTyBgAK2j524G+ksKLJC255PmvMViFFCwmgtXZzA=";
 
   subPackages = [ "." ];
 
diff --git a/pkgs/tools/security/gopass/summon.nix b/pkgs/tools/security/gopass/summon.nix
index 97aed94c05fe1..fca94219cf076 100644
--- a/pkgs/tools/security/gopass/summon.nix
+++ b/pkgs/tools/security/gopass/summon.nix
@@ -2,21 +2,30 @@
 , makeWrapper
 , buildGoModule
 , fetchFromGitHub
+, fetchpatch
 , gopass
 }:
 
 buildGoModule rec {
   pname = "gopass-summon-provider";
-  version = "1.15.11";
+  version = "1.15.12";
 
   src = fetchFromGitHub {
     owner = "gopasspw";
     repo = "gopass-summon-provider";
     rev = "v${version}";
-    hash = "sha256-rbfzmr6HtGUBCjO9jkocSghTAN+aNXTsSsMC38HqgW0=";
+    hash = "sha256-gvgHqeVB+4d8UJhMv3CYYidttCcaRPkgI7PXasv7pCI=";
   };
 
-  vendorHash = "sha256-bit4+YgQ+Y/TA2q7KdZwYTE3ZKBwL6tUam+tHzBMiQw=";
+  patches = [
+    # go mod tidy. Remove with next release
+    (fetchpatch {
+      url = "https://github.com/gopasspw/gopass-summon-provider/commit/b3085cab14588cb6a5a383033947d9266fe0cd56.patch";
+      hash = "sha256-8mvJqejqmuOloj9mW9zzsE/Xr0DtPhJeDItzVFVv4+c=";
+    })
+  ];
+
+  vendorHash = "sha256-y1PH0+tt/kcHw2I4LWD2XfLud3JtsYqrRd/yVRPdaTA=";
 
   subPackages = [ "." ];
 
diff --git a/pkgs/tools/security/melt/default.nix b/pkgs/tools/security/melt/default.nix
index 01664f2118b12..43ecd5566fa9f 100644
--- a/pkgs/tools/security/melt/default.nix
+++ b/pkgs/tools/security/melt/default.nix
@@ -2,16 +2,16 @@
 
 buildGoModule rec {
   pname = "melt";
-  version = "0.6.0";
+  version = "0.6.1";
 
   src = fetchFromGitHub {
     owner = "charmbracelet";
     repo = "melt";
     rev = "v${version}";
-    sha256 = "sha256-LKHAVVzVhHlYRDgQCIQDQ8MLnTzxsKo198BITdHjTDA=";
+    sha256 = "sha256-AfFsw1Xjj0RsP2LOeMBDffkcqgmxsqsE1iguP/0IDtM=";
   };
 
-  vendorHash = "sha256-xTisSPACxuBrv0R2GYinFGYNXD0zoCD8DFkirdc9gIE=";
+  vendorHash = "sha256-Ec3RWH7I8nv6ZVYLrX0b/2RWwZ6cO4qbs0XqQemUYnE=";
 
   ldflags = [ "-s" "-w" "-X=main.Version=${version}" ];
 
diff --git a/pkgs/tools/security/nuclei/default.nix b/pkgs/tools/security/nuclei/default.nix
index 6d2c932d47d82..a89bb3cbf62ec 100644
--- a/pkgs/tools/security/nuclei/default.nix
+++ b/pkgs/tools/security/nuclei/default.nix
@@ -5,16 +5,16 @@
 
 buildGoModule rec {
   pname = "nuclei";
-  version = "3.2.0";
+  version = "3.2.2";
 
   src = fetchFromGitHub {
     owner = "projectdiscovery";
     repo = "nuclei";
     rev = "refs/tags/v${version}";
-    hash = "sha256-LjRhJoPK/zaM0Wuy2IC3H3jfmNvhAP5hZpywjaRM6t4=";
+    hash = "sha256-eYFHKXB6TSCLPMKiXvuSpt/2B+rbn7VZqoGEHp2vito=";
   };
 
-  vendorHash = "sha256-OInqR1+5XgMlTSbH6E8X7Ljny6BEHk1Sh+72NoDxtAI=";
+  vendorHash = "sha256-s0hspa3fKMHmFPPwB0tCDJoGEH2JpgFUaIbiSQJTtr0=";
 
   subPackages = [
     "cmd/nuclei/"
diff --git a/pkgs/tools/security/pass/wofi-pass.nix b/pkgs/tools/security/pass/wofi-pass.nix
index 46ba88ec8cd37..9db6a7ffda35e 100644
--- a/pkgs/tools/security/pass/wofi-pass.nix
+++ b/pkgs/tools/security/pass/wofi-pass.nix
@@ -29,13 +29,13 @@ let
 in
 stdenv.mkDerivation rec {
   pname = "wofi-pass";
-  version = "24.0.0";
+  version = "24.0.2";
 
   src = fetchFromGitHub {
     owner = "schmidtandreas";
     repo = "wofi-pass";
     rev = "v${version}";
-    sha256 = "sha256-tmRfbcX83AfPx7yPajQIqrJVXzzhQhi9JZN8TIIpRrc=";
+    sha256 = "sha256-OtUz0YLKuEzA4kv+llrOll0L84nMTkYH6JPxrkQKB6I=";
   };
 
   nativeBuildInputs = [ makeWrapper ];
diff --git a/pkgs/tools/security/silenthound/default.nix b/pkgs/tools/security/silenthound/default.nix
index f2915c447675a..22ecb946d4a64 100644
--- a/pkgs/tools/security/silenthound/default.nix
+++ b/pkgs/tools/security/silenthound/default.nix
@@ -5,14 +5,14 @@
 
 python3.pkgs.buildPythonApplication rec {
   pname = "silenthound";
-  version = "unstable-2022-09-02";
+  version = "0-unstable-2022-12-14";
   format = "other";
 
   src = fetchFromGitHub {
     owner = "layer8secure";
     repo = "SilentHound";
-    rev = "44d361f6c95b79bd848603c8050af86db3d072b0";
-    hash = "sha256-6JcU6FIE+9fsMawI1RSNQyx9ubjxmchEKmeg6/kmI4s=";
+    rev = "f04746aaca29e377c8badcbd6d8f6584deb9e919";
+    hash = "sha256-alTgo8/aqwERt/JC4W3KodAdyfNZyG3XqCp3z4OpS68=";
   };
 
   propagatedBuildInputs = with python3.pkgs; [
@@ -36,8 +36,7 @@ python3.pkgs.buildPythonApplication rec {
   meta = with lib; {
     description = "Tool to enumerate an Active Directory Domain";
     homepage = "https://github.com/layer8secure/SilentHound";
-    # Unknown license, https://github.com/layer8secure/SilentHound/issues/1
-    license = licenses.unfree;
+    license = licenses.mit;
     maintainers = with maintainers; [ fab ];
     mainProgram = "silenthound";
   };
diff --git a/pkgs/tools/system/automatic-timezoned/default.nix b/pkgs/tools/system/automatic-timezoned/default.nix
index 2e65b6c7e5f46..c25decf1ae24b 100644
--- a/pkgs/tools/system/automatic-timezoned/default.nix
+++ b/pkgs/tools/system/automatic-timezoned/default.nix
@@ -5,16 +5,16 @@
 
 rustPlatform.buildRustPackage rec {
   pname = "automatic-timezoned";
-  version = "2.0.7";
+  version = "2.0.9";
 
   src = fetchFromGitHub {
     owner = "maxbrunet";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-MMxLy7clzvE5LyrpvKCffBpyV0eiOn7aHMH929aT+KM=";
+    sha256 = "sha256-v8oPKjMG3IRZoXSw349ftcQmjk4zojgmPoLBR6x1+9E=";
   };
 
-  cargoHash = "sha256-dKcghpc2aaXOtcRpABqTzwtlRM2RBGzAnXZMFbMbdlk=";
+  cargoHash = "sha256-M7OWLPmHwG+Vt/agkq0YqKiefXsVdmeMdXI5CkxQrwg=";
 
   meta = with lib; {
     description = "Automatically update system timezone based on location";
diff --git a/pkgs/tools/typesetting/tex/texlive/bin.nix b/pkgs/tools/typesetting/tex/texlive/bin.nix
index 7aa75106a611e..114b10572aea5 100644
--- a/pkgs/tools/typesetting/tex/texlive/bin.nix
+++ b/pkgs/tools/typesetting/tex/texlive/bin.nix
@@ -212,14 +212,18 @@ core-big = stdenv.mkDerivation {
       url = "https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=1009196;filename=lua_fixed_hash.patch;msg=45";
       sha256 = "sha256-FTu1eRd3AUU7IRs2/7e7uwHuvZsrzTBPypbcEZkU7y4=";
     })
-    # fixes a security-issue in luatex that allows arbitrary code execution even with shell-escape disabled, see https://tug.org/~mseven/luatex.html
-    # fixed in LuaTeX 1.17.0, remove patch when upgrading to TL 2024
+    # update to LuaTeX 1.16.1 to prepare for 1.17.0 below
     (fetchpatch {
-      name = "CVE-2023-32700.patch";
-      url = "https://tug.org/~mseven/luatex-files/2023/patch";
-      hash = "sha256-AvMedFkZJAFsCJ51eQqBQM4MpzLzn+GeBrzuTzISVkk=";
-      excludes = [  "build.sh" ];
-      stripLen = 1;
+      name = "luatex-1.16.1.patch";
+      url = "https://github.com/TeX-Live/texlive-source/commit/ad8702a45e317fa9d396ef4d50467c37964a9543.patch";
+      hash = "sha256-qfzUfkJUfW285w+fnbpO8JLArM7/uj3yb9PONgZrJLE=";
+    })
+    # fixes security issues in luatex that allows arbitrary code execution even with shell-escape disabled and network requests, see https://tug.org/~mseven/luatex.html
+    # fixed in LuaTeX 1.17.0, shipped as a rare binary update in TL 2023
+    (fetchpatch {
+      name = "luatex-1.17.0.patch";
+      url = "https://github.com/TeX-Live/texlive-source/commit/6ace460233115bd42b36e63c7ddce11cc92a1ebd.patch";
+      hash = "sha256-2fbIdwnw/XQXci9OqRrb6B5tHiSR0co08NyFgMyXCvc=";
     })
     # Fixes texluajitc crashes on aarch64, backport of the upstream fix
     # https://github.com/LuaJIT/LuaJIT/commit/e9af1abec542e6f9851ff2368e7f196b6382a44c
diff --git a/pkgs/tools/wayland/wleave/default.nix b/pkgs/tools/wayland/wleave/default.nix
index d06954d10f1ed..0ddd5c4595aee 100644
--- a/pkgs/tools/wayland/wleave/default.nix
+++ b/pkgs/tools/wayland/wleave/default.nix
@@ -12,16 +12,16 @@
 
 rustPlatform.buildRustPackage rec {
   pname = "wleave";
-  version = "0.4.0";
+  version = "0.4.1";
 
   src = fetchFromGitHub {
     owner = "AMNatty";
     repo = "wleave";
     rev = version;
-    hash = "sha256-FAtAFoPLJsWSFkc5CB90wlI2tvDmoOQ8fHQ8LWQgDww=";
+    hash = "sha256-PkEj0RlSxhxG9qOJkuMTVj6r0lxsm7V8b1AIaCVaXCQ=";
   };
 
-  cargoHash = "sha256-MV3mzRrOnHwmJUW3o/PM3g3SY6Hpy1LRpxDcL0hAm2Y=";
+  cargoHash = "sha256-ivKPGA5UADKT47CL5jSOB4ZEfKh9uJkXgv9vfvEnBzw=";
 
   nativeBuildInputs = [
     pkg-config
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-22 19:06:34 +0000