diff options
Diffstat (limited to 'pkgs/tools')
-rw-r--r-- | pkgs/tools/compression/crabz/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/misc/moar/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/misc/onefetch/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/networking/ddns-go/default.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/networking/flannel/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/package-management/nix-doc/default.nix | 25 | ||||
-rw-r--r-- | pkgs/tools/security/gopass/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/security/gopass/git-credential.nix | 15 | ||||
-rw-r--r-- | pkgs/tools/security/gopass/hibp.nix | 15 | ||||
-rw-r--r-- | pkgs/tools/security/gopass/jsonapi.nix | 15 | ||||
-rw-r--r-- | pkgs/tools/security/gopass/summon.nix | 15 | ||||
-rw-r--r-- | pkgs/tools/security/melt/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/security/pass/wofi-pass.nix | 4 | ||||
-rw-r--r-- | pkgs/tools/system/automatic-timezoned/default.nix | 6 | ||||
-rw-r--r-- | pkgs/tools/typesetting/tex/texlive/bin.nix | 18 | ||||
-rw-r--r-- | pkgs/tools/wayland/wleave/default.nix | 6 |
16 files changed, 106 insertions, 51 deletions
diff --git a/pkgs/tools/compression/crabz/default.nix b/pkgs/tools/compression/crabz/default.nix index f8cb155f272e3..debfef0c3c537 100644 --- a/pkgs/tools/compression/crabz/default.nix +++ b/pkgs/tools/compression/crabz/default.nix @@ -6,16 +6,16 @@ rustPlatform.buildRustPackage rec { pname = "crabz"; - version = "0.8.1"; + version = "0.9.0"; src = fetchFromGitHub { owner = "sstadick"; repo = pname; rev = "v${version}"; - sha256 = "sha256-w/e0NFmBsYNEECT+2zHEm/UUpp5LxPYr0BdKikT2o1M="; + sha256 = "sha256-qKyrAao4b+D9KhK0euNcn2/YyXGeUjgCfdVtDxy6cuQ="; }; - cargoSha256 = "sha256-9VOJeRvyudZSCaUZ1J9gHMEoWXEnEhCZPxvfYGRKzj0="; + cargoHash = "sha256-S3/JDheTBwYS3uEAwwK+bAtzp0LP8FHHxyOnIQkKqlA="; nativeBuildInputs = [ cmake ]; diff --git a/pkgs/tools/misc/moar/default.nix b/pkgs/tools/misc/moar/default.nix index 9f57849d81c65..9d073c5f50afd 100644 --- a/pkgs/tools/misc/moar/default.nix +++ b/pkgs/tools/misc/moar/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "moar"; - version = "1.23.7"; + version = "1.23.8"; src = fetchFromGitHub { owner = "walles"; repo = pname; rev = "v${version}"; - hash = "sha256-QQiqi3rt1EQTUWSXAxAb5MHGCFyXZV6LZ6ZAS5P3mO4="; + hash = "sha256-AUcnApH8fSCFNEKIJkNOh3Q2I+G2U2QOATHmtI7vPts="; }; vendorHash = "sha256-1u/2OlMX2FuZaxWnpU4n5r/4xKe+rK++GoCJiSq/BdE="; diff --git a/pkgs/tools/misc/onefetch/default.nix b/pkgs/tools/misc/onefetch/default.nix index fe509320a7122..84762c8b72747 100644 --- a/pkgs/tools/misc/onefetch/default.nix +++ b/pkgs/tools/misc/onefetch/default.nix @@ -14,16 +14,16 @@ rustPlatform.buildRustPackage rec { pname = "onefetch"; - version = "2.19.0"; + version = "2.20.0"; src = fetchFromGitHub { owner = "o2sh"; repo = pname; rev = version; - hash = "sha256-IaXQyTQMvgfm3CWU6z0T4nTJNgA8/8urG+hhuthB4+U="; + hash = "sha256-aQeKzOxRlSGuVewh3HEx1M12vmaxhy6ImnqMDc5b0DI="; }; - cargoHash = "sha256-8brPYBVqoBg9wO/Y6LdNgVasJgmyZvdNIC0Cclpyk68="; + cargoHash = "sha256-g+fTmZGyPkQLgnJ9Bb4sLTfDMPPBRA+s6f3OxXTKwsM="; cargoPatches = [ # enable pkg-config feature of zstd diff --git a/pkgs/tools/networking/ddns-go/default.nix b/pkgs/tools/networking/ddns-go/default.nix index 720d6757da0a3..c2b635c5e3364 100644 --- a/pkgs/tools/networking/ddns-go/default.nix +++ b/pkgs/tools/networking/ddns-go/default.nix @@ -5,13 +5,13 @@ buildGoModule rec { pname = "ddns-go"; - version = "6.2.1"; + version = "6.2.2"; src = fetchFromGitHub { owner = "jeessy2"; repo = pname; rev = "v${version}"; - hash = "sha256-KfSOhUmV81Z8qp8MrqwJLtQ5SZgiEPbdkA1NacqpNRc="; + hash = "sha256-MwDwYoX1OT4TKMD2g+RBAlGfs8cz42dEFnV2b8Xzup8="; }; vendorHash = "sha256-zUqsuph0fn1x4dwvBY0W0+S6SzS086SHya2ViNpDXGU="; diff --git a/pkgs/tools/networking/flannel/default.nix b/pkgs/tools/networking/flannel/default.nix index 95dda1485ed64..03cf372e2f074 100644 --- a/pkgs/tools/networking/flannel/default.nix +++ b/pkgs/tools/networking/flannel/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "flannel"; - version = "0.24.3"; + version = "0.24.4"; rev = "v${version}"; - vendorHash = "sha256-YCedMUxcME0NFEtYhLA4G1WZU8SMBvDOBZ/U7X7Tx3k="; + vendorHash = "sha256-meBo4KsM0qcpW/FIF32NG9MYWK945EaBpzopkmT1WMI="; src = fetchFromGitHub { inherit rev; owner = "flannel-io"; repo = "flannel"; - sha256 = "sha256-f6jHK0h0NVgHaWT6l+WS9P9WXVLzxxujdjXND01lLNM="; + sha256 = "sha256-Qw1TAkToKgDt2/GHqlsM5vyTslI0dutJlwTA5xKqbFo="; }; ldflags = [ "-X github.com/flannel-io/flannel/pkg/version.Version=${rev}" ]; diff --git a/pkgs/tools/package-management/nix-doc/default.nix b/pkgs/tools/package-management/nix-doc/default.nix index 2c7940b8d87d4..3d0069c87dba2 100644 --- a/pkgs/tools/package-management/nix-doc/default.nix +++ b/pkgs/tools/package-management/nix-doc/default.nix @@ -1,5 +1,17 @@ -{ lib, stdenv, rustPlatform, fetchFromGitHub, boost, nix, pkg-config }: +{ lib +, stdenv +, rustPlatform +, fetchFromGitHub +, boost +, nix +, pkg-config +# Whether to build the nix-doc plugin for Nix +, withPlugin ? true +}: +let + packageFlags = [ "-p" "nix-doc" ] ++ lib.optionals withPlugin [ "-p" "nix-doc-plugin" ]; +in rustPlatform.buildRustPackage rec { pname = "nix-doc"; version = "0.6.5"; @@ -12,17 +24,20 @@ rustPlatform.buildRustPackage rec { }; doCheck = true; - buildInputs = [ boost nix ]; + buildInputs = lib.optionals withPlugin [ boost nix ]; - nativeBuildInputs = [ pkg-config nix ]; + nativeBuildInputs = lib.optionals withPlugin [ pkg-config nix ]; + + cargoBuildFlags = packageFlags; + cargoTestFlags = packageFlags; # Packaging support for making the nix-doc plugin load cleanly as a no-op on # the wrong Nix version (disabling bindnow permits loading libraries # requiring unavailable symbols if they are unreached) - hardeningDisable = [ "bindnow" ]; + hardeningDisable = lib.optionals withPlugin [ "bindnow" ]; # Due to a Rust bug, setting -Z relro-level to anything including "off" on # macOS will cause link errors - env = lib.optionalAttrs stdenv.isLinux { + env = lib.optionalAttrs (withPlugin && stdenv.isLinux) { # nix-doc does not use nightly features, however, there is no other way to # set relro-level RUSTC_BOOTSTRAP = 1; diff --git a/pkgs/tools/security/gopass/default.nix b/pkgs/tools/security/gopass/default.nix index 6573c511474a7..2b17f935d5113 100644 --- a/pkgs/tools/security/gopass/default.nix +++ b/pkgs/tools/security/gopass/default.nix @@ -13,7 +13,7 @@ buildGoModule rec { pname = "gopass"; - version = "1.15.11"; + version = "1.15.12"; nativeBuildInputs = [ installShellFiles makeWrapper ]; @@ -21,10 +21,10 @@ buildGoModule rec { owner = "gopasspw"; repo = "gopass"; rev = "v${version}"; - hash = "sha256-wgrZkRRMEWA9Lk9eW+iGi+dZNYfDVhRu1phimZC079c="; + hash = "sha256-sg3I/h0mkkWmK4GD1yoX14gM2oqwRjMXpX3KULHFJsg="; }; - vendorHash = "sha256-TvohrwSFVv5ylVRd6jPdRDyRRhqqWa0xey9KN9vtyY8="; + vendorHash = "sha256-jbwtxOfBL/5aXdWcsXZ5HQi83Oy00SSnLcvuWeCPBug="; subPackages = [ "." ]; diff --git a/pkgs/tools/security/gopass/git-credential.nix b/pkgs/tools/security/gopass/git-credential.nix index 8654d05d9d13a..cf05591bbbfce 100644 --- a/pkgs/tools/security/gopass/git-credential.nix +++ b/pkgs/tools/security/gopass/git-credential.nix @@ -2,21 +2,30 @@ , makeWrapper , buildGoModule , fetchFromGitHub +, fetchpatch , gopass }: buildGoModule rec { pname = "git-credential-gopass"; - version = "1.15.11"; + version = "1.15.12"; src = fetchFromGitHub { owner = "gopasspw"; repo = "git-credential-gopass"; rev = "v${version}"; - hash = "sha256-qnWgrpcj3DZQu5haP/5xqoO7eogkRjBmc8XpgFFNT6I="; + hash = "sha256-5j5+so4LT3x+epEZf9OVn/kLNHBk2ENQxxRrzbziEA4="; }; - vendorHash = "sha256-bit4+YgQ+Y/TA2q7KdZwYTE3ZKBwL6tUam+tHzBMiQw="; + patches = [ + # go mod tidy. Remove with next release + (fetchpatch { + url = "https://github.com/gopasspw/git-credential-gopass/commit/88d11d2b1b49f00b7fba9a917cf90f7ea14c9d1b.patch"; + hash = "sha256-mXxI9GXan0zYL8msL83VLqxOp4oAOwMyCOFaUOLAg5E="; + }) + ]; + + vendorHash = "sha256-y1PH0+tt/kcHw2I4LWD2XfLud3JtsYqrRd/yVRPdaTA="; subPackages = [ "." ]; diff --git a/pkgs/tools/security/gopass/hibp.nix b/pkgs/tools/security/gopass/hibp.nix index 11ee0a94dbf9b..c9fca15f90582 100644 --- a/pkgs/tools/security/gopass/hibp.nix +++ b/pkgs/tools/security/gopass/hibp.nix @@ -2,21 +2,30 @@ , makeWrapper , buildGoModule , fetchFromGitHub +, fetchpatch , gopass }: buildGoModule rec { pname = "gopass-hibp"; - version = "1.15.11"; + version = "1.15.12"; src = fetchFromGitHub { owner = "gopasspw"; repo = "gopass-hibp"; rev = "v${version}"; - hash = "sha256-2XhvUIa8RxQ6CAKPGpL8/rBiJSX/WsSGtIpaHLIBM1E="; + hash = "sha256-5BnCaxF2XZ4f26KsTbapcZ2+Ii58nR/14pCj0c0QLKE="; }; - vendorHash = "sha256-i9PUqircNf+jz5gcr3rVIR4tD9/bkV2h6LiDFhjiLaw="; + patches = [ + # go mod tidy. Remove with next release + (fetchpatch { + url = "https://github.com/gopasspw/gopass-hibp/commit/cdfdbc6da154874c74d7c8fc83bb11a98dd8fd81.patch"; + hash = "sha256-jCzg3c8EizhoRYvWUZCys6/q2ChVWy/psPofNGIYdxs="; + }) + ]; + + vendorHash = "sha256-GLqtwUg3fa1okdPoQBkF+ygpm8GLmDyIyUiC7/TTTaE="; subPackages = [ "." ]; diff --git a/pkgs/tools/security/gopass/jsonapi.nix b/pkgs/tools/security/gopass/jsonapi.nix index 37ac46356c3a4..ca0ad5a96fd3e 100644 --- a/pkgs/tools/security/gopass/jsonapi.nix +++ b/pkgs/tools/security/gopass/jsonapi.nix @@ -2,22 +2,31 @@ , makeWrapper , buildGoModule , fetchFromGitHub +, fetchpatch , installShellFiles , gopass }: buildGoModule rec { pname = "gopass-jsonapi"; - version = "1.15.11"; + version = "1.15.12"; src = fetchFromGitHub { owner = "gopasspw"; repo = "gopass-jsonapi"; rev = "v${version}"; - hash = "sha256-wJlnm+sgFg55LW4RWGjcT538DgNhJtFjwgwgqwLWH50="; + hash = "sha256-sR+48MRBHj3XpKLp/AOGf2H4ltZD1fHlIA2HPYSHdp0="; }; - vendorHash = "sha256-qRmPO2WM9RD43twl5a47IT3xC1LGFwNF99ojIU2xg6A="; + patches = [ + # go mod tidy. Remove with next release + (fetchpatch { + url = "https://github.com/gopasspw/gopass-jsonapi/commit/cab33faab113d0c9702ebaa14cde13e5ccd465d2.patch"; + hash = "sha256-IoxU5r1k0Y6N+PKAZH8LEO/fXHjryx5y58RRFeHP7Bc="; + }) + ]; + + vendorHash = "sha256-2JADTyBgAK2j524G+ksKLJC255PmvMViFFCwmgtXZzA="; subPackages = [ "." ]; diff --git a/pkgs/tools/security/gopass/summon.nix b/pkgs/tools/security/gopass/summon.nix index 97aed94c05fe1..fca94219cf076 100644 --- a/pkgs/tools/security/gopass/summon.nix +++ b/pkgs/tools/security/gopass/summon.nix @@ -2,21 +2,30 @@ , makeWrapper , buildGoModule , fetchFromGitHub +, fetchpatch , gopass }: buildGoModule rec { pname = "gopass-summon-provider"; - version = "1.15.11"; + version = "1.15.12"; src = fetchFromGitHub { owner = "gopasspw"; repo = "gopass-summon-provider"; rev = "v${version}"; - hash = "sha256-rbfzmr6HtGUBCjO9jkocSghTAN+aNXTsSsMC38HqgW0="; + hash = "sha256-gvgHqeVB+4d8UJhMv3CYYidttCcaRPkgI7PXasv7pCI="; }; - vendorHash = "sha256-bit4+YgQ+Y/TA2q7KdZwYTE3ZKBwL6tUam+tHzBMiQw="; + patches = [ + # go mod tidy. Remove with next release + (fetchpatch { + url = "https://github.com/gopasspw/gopass-summon-provider/commit/b3085cab14588cb6a5a383033947d9266fe0cd56.patch"; + hash = "sha256-8mvJqejqmuOloj9mW9zzsE/Xr0DtPhJeDItzVFVv4+c="; + }) + ]; + + vendorHash = "sha256-y1PH0+tt/kcHw2I4LWD2XfLud3JtsYqrRd/yVRPdaTA="; subPackages = [ "." ]; diff --git a/pkgs/tools/security/melt/default.nix b/pkgs/tools/security/melt/default.nix index 01664f2118b12..43ecd5566fa9f 100644 --- a/pkgs/tools/security/melt/default.nix +++ b/pkgs/tools/security/melt/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "melt"; - version = "0.6.0"; + version = "0.6.1"; src = fetchFromGitHub { owner = "charmbracelet"; repo = "melt"; rev = "v${version}"; - sha256 = "sha256-LKHAVVzVhHlYRDgQCIQDQ8MLnTzxsKo198BITdHjTDA="; + sha256 = "sha256-AfFsw1Xjj0RsP2LOeMBDffkcqgmxsqsE1iguP/0IDtM="; }; - vendorHash = "sha256-xTisSPACxuBrv0R2GYinFGYNXD0zoCD8DFkirdc9gIE="; + vendorHash = "sha256-Ec3RWH7I8nv6ZVYLrX0b/2RWwZ6cO4qbs0XqQemUYnE="; ldflags = [ "-s" "-w" "-X=main.Version=${version}" ]; diff --git a/pkgs/tools/security/pass/wofi-pass.nix b/pkgs/tools/security/pass/wofi-pass.nix index 46ba88ec8cd37..9db6a7ffda35e 100644 --- a/pkgs/tools/security/pass/wofi-pass.nix +++ b/pkgs/tools/security/pass/wofi-pass.nix @@ -29,13 +29,13 @@ let in stdenv.mkDerivation rec { pname = "wofi-pass"; - version = "24.0.0"; + version = "24.0.2"; src = fetchFromGitHub { owner = "schmidtandreas"; repo = "wofi-pass"; rev = "v${version}"; - sha256 = "sha256-tmRfbcX83AfPx7yPajQIqrJVXzzhQhi9JZN8TIIpRrc="; + sha256 = "sha256-OtUz0YLKuEzA4kv+llrOll0L84nMTkYH6JPxrkQKB6I="; }; nativeBuildInputs = [ makeWrapper ]; diff --git a/pkgs/tools/system/automatic-timezoned/default.nix b/pkgs/tools/system/automatic-timezoned/default.nix index 2e65b6c7e5f46..c25decf1ae24b 100644 --- a/pkgs/tools/system/automatic-timezoned/default.nix +++ b/pkgs/tools/system/automatic-timezoned/default.nix @@ -5,16 +5,16 @@ rustPlatform.buildRustPackage rec { pname = "automatic-timezoned"; - version = "2.0.7"; + version = "2.0.9"; src = fetchFromGitHub { owner = "maxbrunet"; repo = pname; rev = "v${version}"; - sha256 = "sha256-MMxLy7clzvE5LyrpvKCffBpyV0eiOn7aHMH929aT+KM="; + sha256 = "sha256-v8oPKjMG3IRZoXSw349ftcQmjk4zojgmPoLBR6x1+9E="; }; - cargoHash = "sha256-dKcghpc2aaXOtcRpABqTzwtlRM2RBGzAnXZMFbMbdlk="; + cargoHash = "sha256-M7OWLPmHwG+Vt/agkq0YqKiefXsVdmeMdXI5CkxQrwg="; meta = with lib; { description = "Automatically update system timezone based on location"; diff --git a/pkgs/tools/typesetting/tex/texlive/bin.nix b/pkgs/tools/typesetting/tex/texlive/bin.nix index 7aa75106a611e..114b10572aea5 100644 --- a/pkgs/tools/typesetting/tex/texlive/bin.nix +++ b/pkgs/tools/typesetting/tex/texlive/bin.nix @@ -212,14 +212,18 @@ core-big = stdenv.mkDerivation { url = "https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=1009196;filename=lua_fixed_hash.patch;msg=45"; sha256 = "sha256-FTu1eRd3AUU7IRs2/7e7uwHuvZsrzTBPypbcEZkU7y4="; }) - # fixes a security-issue in luatex that allows arbitrary code execution even with shell-escape disabled, see https://tug.org/~mseven/luatex.html - # fixed in LuaTeX 1.17.0, remove patch when upgrading to TL 2024 + # update to LuaTeX 1.16.1 to prepare for 1.17.0 below (fetchpatch { - name = "CVE-2023-32700.patch"; - url = "https://tug.org/~mseven/luatex-files/2023/patch"; - hash = "sha256-AvMedFkZJAFsCJ51eQqBQM4MpzLzn+GeBrzuTzISVkk="; - excludes = [ "build.sh" ]; - stripLen = 1; + name = "luatex-1.16.1.patch"; + url = "https://github.com/TeX-Live/texlive-source/commit/ad8702a45e317fa9d396ef4d50467c37964a9543.patch"; + hash = "sha256-qfzUfkJUfW285w+fnbpO8JLArM7/uj3yb9PONgZrJLE="; + }) + # fixes security issues in luatex that allows arbitrary code execution even with shell-escape disabled and network requests, see https://tug.org/~mseven/luatex.html + # fixed in LuaTeX 1.17.0, shipped as a rare binary update in TL 2023 + (fetchpatch { + name = "luatex-1.17.0.patch"; + url = "https://github.com/TeX-Live/texlive-source/commit/6ace460233115bd42b36e63c7ddce11cc92a1ebd.patch"; + hash = "sha256-2fbIdwnw/XQXci9OqRrb6B5tHiSR0co08NyFgMyXCvc="; }) # Fixes texluajitc crashes on aarch64, backport of the upstream fix # https://github.com/LuaJIT/LuaJIT/commit/e9af1abec542e6f9851ff2368e7f196b6382a44c diff --git a/pkgs/tools/wayland/wleave/default.nix b/pkgs/tools/wayland/wleave/default.nix index d06954d10f1ed..0ddd5c4595aee 100644 --- a/pkgs/tools/wayland/wleave/default.nix +++ b/pkgs/tools/wayland/wleave/default.nix @@ -12,16 +12,16 @@ rustPlatform.buildRustPackage rec { pname = "wleave"; - version = "0.4.0"; + version = "0.4.1"; src = fetchFromGitHub { owner = "AMNatty"; repo = "wleave"; rev = version; - hash = "sha256-FAtAFoPLJsWSFkc5CB90wlI2tvDmoOQ8fHQ8LWQgDww="; + hash = "sha256-PkEj0RlSxhxG9qOJkuMTVj6r0lxsm7V8b1AIaCVaXCQ="; }; - cargoHash = "sha256-MV3mzRrOnHwmJUW3o/PM3g3SY6Hpy1LRpxDcL0hAm2Y="; + cargoHash = "sha256-ivKPGA5UADKT47CL5jSOB4ZEfKh9uJkXgv9vfvEnBzw="; nativeBuildInputs = [ pkg-config |