diff options
Diffstat (limited to 'pkgs')
158 files changed, 1367 insertions, 455 deletions
diff --git a/pkgs/applications/audio/fluidsynth/default.nix b/pkgs/applications/audio/fluidsynth/default.nix index 09abaa862f513..cbed4b36181eb 100644 --- a/pkgs/applications/audio/fluidsynth/default.nix +++ b/pkgs/applications/audio/fluidsynth/default.nix @@ -20,7 +20,11 @@ stdenv.mkDerivation rec { ++ lib.optionals stdenv.isLinux [ alsa-lib libpulseaudio ] ++ lib.optionals stdenv.isDarwin [ AudioUnit CoreAudio CoreMIDI CoreServices ]; - cmakeFlags = [ "-Denable-framework=off" ]; + cmakeFlags = [ + "-Denable-framework=off" + # set CMAKE_INSTALL_NAME_DIR to correct value on darwin + "-DCMAKE_INSTALL_LIBDIR=lib" + ]; meta = with lib; { description = "Real-time software synthesizer based on the SoundFont 2 specifications"; diff --git a/pkgs/applications/misc/adobe-reader/builder.sh b/pkgs/applications/misc/adobe-reader/builder.sh index 41281385c990d..6047c08264301 100644 --- a/pkgs/applications/misc/adobe-reader/builder.sh +++ b/pkgs/applications/misc/adobe-reader/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup echo "unpacking $src..." diff --git a/pkgs/applications/networking/cluster/nomad-autoscaler/default.nix b/pkgs/applications/networking/cluster/nomad-autoscaler/default.nix index 6329ff9ed11c0..eb185f9743c1f 100644 --- a/pkgs/applications/networking/cluster/nomad-autoscaler/default.nix +++ b/pkgs/applications/networking/cluster/nomad-autoscaler/default.nix @@ -45,7 +45,7 @@ let mv bin/nomad-autoscaler $bin/bin ln -s $bin/bin/nomad-autoscaler $out/bin/nomad-autoscaler - for d in $outputs; do + for d in $(getAllOutputNames); do mkdir -p ''${!d}/share done rmdir $bin/share diff --git a/pkgs/applications/office/libreoffice/download-list-builder.sh b/pkgs/applications/office/libreoffice/download-list-builder.sh index c054e2c72cbe9..31cab28fd82e2 100644 --- a/pkgs/applications/office/libreoffice/download-list-builder.sh +++ b/pkgs/applications/office/libreoffice/download-list-builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup tar --extract --file=$src libreoffice-$version/download.lst -O > $out diff --git a/pkgs/applications/terminal-emulators/alacritty/default.nix b/pkgs/applications/terminal-emulators/alacritty/default.nix index 7c0bd8b6410a3..272b875cd7a8c 100644 --- a/pkgs/applications/terminal-emulators/alacritty/default.nix +++ b/pkgs/applications/terminal-emulators/alacritty/default.nix @@ -60,6 +60,8 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "sha256-t6ckX0PYI8UHfXhGRpcX8ly3DzE9A6i9P6f3Ny3DBzw="; + auditable = true; # TODO: remove when this is the default + nativeBuildInputs = [ cmake installShellFiles diff --git a/pkgs/build-support/bintools-wrapper/default.nix b/pkgs/build-support/bintools-wrapper/default.nix index 121b50fe0f523..be2e3567da856 100644 --- a/pkgs/build-support/bintools-wrapper/default.nix +++ b/pkgs/build-support/bintools-wrapper/default.nix @@ -55,9 +55,9 @@ let bintoolsVersion = lib.getVersion bintools; bintoolsName = lib.removePrefix targetPrefix (lib.getName bintools); - libc_bin = if libc == null then null else getBin libc; - libc_dev = if libc == null then null else getDev libc; - libc_lib = if libc == null then null else getLib libc; + libc_bin = if libc == null then "" else getBin libc; + libc_dev = if libc == null then "" else getDev libc; + libc_lib = if libc == null then "" else getLib libc; bintools_bin = if nativeTools then "" else getBin bintools; # The wrapper scripts use 'cat' and 'grep', so we may need coreutils. coreutils_bin = if nativeTools then "" else getBin coreutils; @@ -68,7 +68,7 @@ let # The dynamic linker has different names on different platforms. This is a # shell glob that ought to match it. dynamicLinker = - /**/ if sharedLibraryLoader == null then null + /**/ if sharedLibraryLoader == null then "" else if targetPlatform.libc == "musl" then "${sharedLibraryLoader}/lib/ld-musl-*" else if targetPlatform.libc == "uclibc" then "${sharedLibraryLoader}/lib/ld*-uClibc.so.1" else if (targetPlatform.libc == "bionic" && targetPlatform.is32bit) then "/system/bin/linker" @@ -87,7 +87,7 @@ let else if targetPlatform.isDarwin then "/usr/lib/dyld" else if targetPlatform.isFreeBSD then "/libexec/ld-elf.so.1" else if lib.hasSuffix "pc-gnu" targetPlatform.config then "ld.so.1" - else null; + else ""; expand-response-params = if buildPackages ? stdenv && buildPackages.stdenv.hasCC && buildPackages.stdenv.cc != "/dev/null" @@ -103,15 +103,10 @@ stdenv.mkDerivation { preferLocalBuild = true; - inherit bintools_bin libc_bin libc_dev libc_lib coreutils_bin; - shell = getBin shell + shell.shellPath or ""; - gnugrep_bin = if nativeTools then "" else gnugrep; - - inherit targetPrefix suffixSalt; - outputs = [ "out" ] ++ optionals propagateDoc ([ "man" ] ++ optional (bintools ? info) "info"); passthru = { + inherit targetPrefix suffixSalt; inherit bintools libc nativeTools nativeLibc nativePrefix; emacsBufferSetup = pkgs: '' @@ -193,8 +188,6 @@ stdenv.mkDerivation { strictDeps = true; depsTargetTargetPropagated = extraPackages; - wrapperName = "BINTOOLS_WRAPPER"; - setupHooks = [ ../setup-hooks/role.bash ./setup-hook.sh @@ -366,10 +359,15 @@ stdenv.mkDerivation { ## + extraBuildCommands; - inherit dynamicLinker; - - # for substitution in utils.bash - expandResponseParams = "${expand-response-params}/bin/expand-response-params"; + env = { + # for substitution in utils.bash + expandResponseParams = "${expand-response-params}/bin/expand-response-params"; + shell = getBin shell + shell.shellPath or ""; + gnugrep_bin = if nativeTools then "" else gnugrep; + wrapperName = "BINTOOLS_WRAPPER"; + inherit dynamicLinker targetPrefix suffixSalt coreutils_bin; + inherit bintools_bin libc_bin libc_dev libc_lib; + }; meta = let bintools_ = if bintools != null then bintools else {}; in diff --git a/pkgs/build-support/cc-wrapper/default.nix b/pkgs/build-support/cc-wrapper/default.nix index a59505d082584..abc88910c36d2 100644 --- a/pkgs/build-support/cc-wrapper/default.nix +++ b/pkgs/build-support/cc-wrapper/default.nix @@ -42,9 +42,9 @@ let ccVersion = lib.getVersion cc; ccName = lib.removePrefix targetPrefix (lib.getName cc); - libc_bin = if libc == null then null else getBin libc; - libc_dev = if libc == null then null else getDev libc; - libc_lib = if libc == null then null else getLib libc; + libc_bin = if libc == null then "" else getBin libc; + libc_dev = if libc == null then "" else getDev libc; + libc_lib = if libc == null then "" else getLib libc; cc_solib = getLib cc + optionalString (targetPlatform != hostPlatform) "/${targetPlatform.config}"; @@ -131,22 +131,16 @@ stdenv.mkDerivation { preferLocalBuild = true; - inherit cc libc_bin libc_dev libc_lib bintools coreutils_bin; - shell = getBin shell + shell.shellPath or ""; - gnugrep_bin = if nativeTools then "" else gnugrep; - - inherit targetPrefix suffixSalt; - inherit darwinPlatformForCC darwinMinVersion darwinMinVersionVariable; - outputs = [ "out" ] ++ optionals propagateDoc [ "man" "info" ]; passthru = { + inherit targetPrefix suffixSalt; # "cc" is the generic name for a C compiler, but there is no one for package # providing the linker and related tools. The two we use now are GNU # Binutils, and Apple's "cctools"; "bintools" as an attempt to find an # unused middle-ground name that evokes both. inherit bintools; - inherit libc nativeTools nativeLibc nativePrefix isGNU isClang; + inherit cc libc nativeTools nativeLibc nativePrefix isGNU isClang; emacsBufferSetup = pkgs: '' ; We should handle propagation here too @@ -270,8 +264,6 @@ stdenv.mkDerivation { propagatedBuildInputs = [ bintools ] ++ extraTools ++ optionals cc.langD or false [ zlib ]; depsTargetTargetPropagated = optional (libcxx != null) libcxx ++ extraPackages; - wrapperName = "CC_WRAPPER"; - setupHooks = [ ../setup-hooks/role.bash ] ++ lib.optional (cc.langC or true) ./setup-hook.sh @@ -538,8 +530,16 @@ stdenv.mkDerivation { nixSupport); - # for substitution in utils.bash - expandResponseParams = "${expand-response-params}/bin/expand-response-params"; + env = { + # for substitution in utils.bash + expandResponseParams = "${expand-response-params}/bin/expand-response-params"; + shell = getBin shell + shell.shellPath or ""; + gnugrep_bin = if nativeTools then "" else gnugrep; + wrapperName = "CC_WRAPPER"; + inherit suffixSalt coreutils_bin bintools cc; + inherit libc_bin libc_dev libc_lib; + inherit darwinPlatformForCC darwinMinVersion darwinMinVersionVariable; + }; meta = let cc_ = if cc != null then cc else {}; in diff --git a/pkgs/build-support/fetchbzr/builder.sh b/pkgs/build-support/fetchbzr/builder.sh index e424fd92d51e5..163f6fc60eea3 100644 --- a/pkgs/build-support/fetchbzr/builder.sh +++ b/pkgs/build-support/fetchbzr/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source "$stdenv/setup" header "exporting \`$url' (revision $rev) into \`$out'" diff --git a/pkgs/build-support/fetchcvs/builder.sh b/pkgs/build-support/fetchcvs/builder.sh index fe1019aafc2f5..90363275b9737 100644 --- a/pkgs/build-support/fetchcvs/builder.sh +++ b/pkgs/build-support/fetchcvs/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup (echo "#!$SHELL"; \ diff --git a/pkgs/build-support/fetchdarcs/builder.sh b/pkgs/build-support/fetchdarcs/builder.sh index 301deb98307ff..018852770504a 100644 --- a/pkgs/build-support/fetchdarcs/builder.sh +++ b/pkgs/build-support/fetchdarcs/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup tagtext="" diff --git a/pkgs/build-support/fetchdocker/fetchdocker-builder.sh b/pkgs/build-support/fetchdocker/fetchdocker-builder.sh index 7443591e6569b..e5a1a61b78d30 100644 --- a/pkgs/build-support/fetchdocker/fetchdocker-builder.sh +++ b/pkgs/build-support/fetchdocker/fetchdocker-builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source "${stdenv}/setup" header "exporting ${repository}/${imageName} (tag: ${tag}) into ${out}" mkdir -p "${out}" @@ -8,7 +9,7 @@ cat <<EOF > "${out}/compositeImage.sh" # Create a tar archive of a docker image's layers, docker image config # json, manifest.json, and repositories json; this streams directly to # stdout and is intended to be used in concert with docker load, i.e: -# +# # ${out}/compositeImage.sh | docker load # The first character follow the 's' command for sed becomes the diff --git a/pkgs/build-support/fetchfossil/builder.sh b/pkgs/build-support/fetchfossil/builder.sh index 5f08aca424fed..009b23c406d6b 100644 --- a/pkgs/build-support/fetchfossil/builder.sh +++ b/pkgs/build-support/fetchfossil/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup header "Cloning Fossil $url [$rev] into $out" diff --git a/pkgs/build-support/fetchgit/builder.sh b/pkgs/build-support/fetchgit/builder.sh index 66b6c168e41d3..acb970639ab17 100644 --- a/pkgs/build-support/fetchgit/builder.sh +++ b/pkgs/build-support/fetchgit/builder.sh @@ -2,6 +2,8 @@ # - no revision specified and remote has a HEAD which is used # - revision specified and remote has a HEAD # - revision specified and remote without HEAD +# +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup header "exporting $url (rev $rev) into $out" diff --git a/pkgs/build-support/fetchhg/builder.sh b/pkgs/build-support/fetchhg/builder.sh index 847f18fa59759..cec0e441f2296 100644 --- a/pkgs/build-support/fetchhg/builder.sh +++ b/pkgs/build-support/fetchhg/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup header "getting $url${rev:+ ($rev)} into $out" diff --git a/pkgs/build-support/fetchipfs/builder.sh b/pkgs/build-support/fetchipfs/builder.sh index 7a6a517566f5e..ca77962b53847 100644 --- a/pkgs/build-support/fetchipfs/builder.sh +++ b/pkgs/build-support/fetchipfs/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup # Curl flags to handle redirects, not use EPSV, handle cookies for diff --git a/pkgs/build-support/fetchmtn/builder.sh b/pkgs/build-support/fetchmtn/builder.sh index 73eff9c272529..7db66730dab82 100644 --- a/pkgs/build-support/fetchmtn/builder.sh +++ b/pkgs/build-support/fetchmtn/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup set -x diff --git a/pkgs/build-support/fetchsvn/builder.sh b/pkgs/build-support/fetchsvn/builder.sh index ed3e65f076959..b58e5a88b3cd8 100644 --- a/pkgs/build-support/fetchsvn/builder.sh +++ b/pkgs/build-support/fetchsvn/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup header "exporting $url (r$rev) into $out" diff --git a/pkgs/build-support/fetchsvnssh/builder.sh b/pkgs/build-support/fetchsvnssh/builder.sh index d9c6dc7da31a6..b0441299dd2c6 100644 --- a/pkgs/build-support/fetchsvnssh/builder.sh +++ b/pkgs/build-support/fetchsvnssh/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup header "exporting $url (r$rev) into $out" diff --git a/pkgs/build-support/fetchurl/builder.sh b/pkgs/build-support/fetchurl/builder.sh index 5ca09b6fc77d5..dd987f41b4467 100644 --- a/pkgs/build-support/fetchurl/builder.sh +++ b/pkgs/build-support/fetchurl/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup source $mirrorsFile diff --git a/pkgs/build-support/nuke-references/default.nix b/pkgs/build-support/nuke-references/default.nix index 8dd9704aa4b4a..c2dfe27b2c603 100644 --- a/pkgs/build-support/nuke-references/default.nix +++ b/pkgs/build-support/nuke-references/default.nix @@ -32,8 +32,10 @@ stdenvNoCC.mkDerivation { ''; # FIXME: get rid of perl dependency. - inherit perl; - inherit (builtins) storeDir; - shell = lib.getBin shell + (shell.shellPath or ""); - signingUtils = if darwinCodeSign then signingUtils else null; + env = { + inherit perl; + inherit (builtins) storeDir; + shell = lib.getBin shell + (shell.shellPath or ""); + signingUtils = if darwinCodeSign then signingUtils else ""; + }; } diff --git a/pkgs/build-support/pkg-config-wrapper/default.nix b/pkgs/build-support/pkg-config-wrapper/default.nix index 312d2fe02610a..ca14a4495fed6 100644 --- a/pkgs/build-support/pkg-config-wrapper/default.nix +++ b/pkgs/build-support/pkg-config-wrapper/default.nix @@ -36,13 +36,10 @@ stdenv.mkDerivation { preferLocalBuild = true; - shell = getBin stdenvNoCC.shell + stdenvNoCC.shell.shellPath or ""; - - inherit targetPrefix suffixSalt baseBinName; - outputs = [ "out" ] ++ optionals propagateDoc ([ "man" ] ++ optional (pkg-config ? doc) "doc"); passthru = { + inherit targetPrefix suffixSalt; inherit pkg-config; }; @@ -83,8 +80,6 @@ stdenv.mkDerivation { ln -s ${pkg-config}/share $out/share ''; - wrapperName = "PKG_CONFIG_WRAPPER"; - setupHooks = [ ../setup-hooks/role.bash ./setup-hook.sh @@ -120,6 +115,12 @@ stdenv.mkDerivation { ## + extraBuildCommands; + env = { + shell = getBin stdenvNoCC.shell + stdenvNoCC.shell.shellPath or ""; + wrapperName = "PKG_CONFIG_WRAPPER"; + inherit targetPrefix suffixSalt baseBinName; + }; + meta = let pkg-config_ = if pkg-config != null then pkg-config else {}; in (if pkg-config_ ? meta then removeAttrs pkg-config.meta ["priority"] else {}) // diff --git a/pkgs/build-support/release/nix-build.nix b/pkgs/build-support/release/nix-build.nix index ac51b90e01639..5ed2b0752efc5 100644 --- a/pkgs/build-support/release/nix-build.nix +++ b/pkgs/build-support/release/nix-build.nix @@ -124,7 +124,7 @@ stdenv.mkDerivation ( echo "$system" > $out/nix-support/system if [ -z "${toString doingAnalysis}" ]; then - for i in $outputs; do + for i in $(getAllOutputNames); do if [ "$i" = out ]; then j=none; else j="$i"; fi mkdir -p ''${!i}/nix-support echo "nix-build $j ''${!i}" >> ''${!i}/nix-support/hydra-build-products diff --git a/pkgs/build-support/rust/build-rust-package/default.nix b/pkgs/build-support/rust/build-rust-package/default.nix index 679e10a3442e8..20fb41d0aaa74 100644 --- a/pkgs/build-support/rust/build-rust-package/default.nix +++ b/pkgs/build-support/rust/build-rust-package/default.nix @@ -11,6 +11,8 @@ , cargoInstallHook , cargoNextestHook , cargoSetupHook +, cargo-auditable +, cargo-auditable-cargo-wrapper , rustc , libiconv , windows @@ -42,6 +44,8 @@ , buildFeatures ? [ ] , checkFeatures ? buildFeatures , useNextest ? false +, auditable ? false # TODO: change to true + , depsExtraArgs ? {} # Toggles whether a custom sysroot is created when the target is a .json file. @@ -115,7 +119,11 @@ stdenv.mkDerivation ((removeAttrs args [ "depsExtraArgs" "cargoUpdateHook" "carg patchRegistryDeps = ./patch-registry-deps; - nativeBuildInputs = nativeBuildInputs ++ [ + nativeBuildInputs = nativeBuildInputs ++ lib.optionals auditable [ + (cargo-auditable-cargo-wrapper.override { + inherit cargo-auditable; + }) + ] ++ [ cacert git cargoBuildHook diff --git a/pkgs/build-support/setup-hooks/audit-tmpdir.sh b/pkgs/build-support/setup-hooks/audit-tmpdir.sh index c9dd32d1dd221..9c03bc2ee9354 100644 --- a/pkgs/build-support/setup-hooks/audit-tmpdir.sh +++ b/pkgs/build-support/setup-hooks/audit-tmpdir.sh @@ -16,7 +16,7 @@ auditTmpdir() { header "checking for references to $TMPDIR/ in $dir..." local i - while IFS= read -r -d $'\0' i; do + find "$dir" -type f -print0 | while IFS= read -r -d $'\0' i; do if [[ "$i" =~ .build-id ]]; then continue; fi if isELF "$i"; then @@ -35,7 +35,7 @@ auditTmpdir() { fi fi - done < <(find "$dir" -type f -print0) + done stopNest } diff --git a/pkgs/build-support/setup-hooks/auto-patchelf.sh b/pkgs/build-support/setup-hooks/auto-patchelf.sh index 7f5ff146e30b6..55467b9ec7b8a 100644 --- a/pkgs/build-support/setup-hooks/auto-patchelf.sh +++ b/pkgs/build-support/setup-hooks/auto-patchelf.sh @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +# shellcheck shell=bash declare -a autoPatchelfLibs declare -a extraAutoPatchelfLibs @@ -84,7 +84,7 @@ autoPatchelf() { # (Expressions don't expand in single quotes, use double quotes for that.) postFixupHooks+=(' if [ -z "${dontAutoPatchelf-}" ]; then - autoPatchelf -- $(for output in $outputs; do + autoPatchelf -- $(for output in $(getAllOutputNames); do [ -e "${!output}" ] || continue echo "${!output}" done) diff --git a/pkgs/build-support/setup-hooks/desktop-to-darwin-bundle.sh b/pkgs/build-support/setup-hooks/desktop-to-darwin-bundle.sh index 74c8f6d0b3334..83ea7de3ee211 100644 --- a/pkgs/build-support/setup-hooks/desktop-to-darwin-bundle.sh +++ b/pkgs/build-support/setup-hooks/desktop-to-darwin-bundle.sh @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +# shellcheck shell=bash fixupOutputHooks+=('convertDesktopFiles $prefix') # Get a param out of a desktop file. First parameter is the file and the second diff --git a/pkgs/build-support/setup-hooks/make-symlinks-relative.sh b/pkgs/build-support/setup-hooks/make-symlinks-relative.sh index 0608d3ca81c4e..cd9c2eaa2d804 100644 --- a/pkgs/build-support/setup-hooks/make-symlinks-relative.sh +++ b/pkgs/build-support/setup-hooks/make-symlinks-relative.sh @@ -1,4 +1,4 @@ -fixupOutputHooks+=(_makeSymlinksRelative) +postFixupHooks+=(_makeSymlinksRelative) # For every symlink in $output that refers to another file in $output # ensure that the symlink is relative. This removes references to the output diff --git a/pkgs/build-support/setup-hooks/move-docs.sh b/pkgs/build-support/setup-hooks/move-docs.sh index e4460f98816da..3f961155d201a 100644 --- a/pkgs/build-support/setup-hooks/move-docs.sh +++ b/pkgs/build-support/setup-hooks/move-docs.sh @@ -1,14 +1,19 @@ -# This setup hook moves $out/{man,doc,info} to $out/share; moves -# $out/share/man to $man/share/man; and moves $out/share/doc to -# $man/share/doc. +# This setup hook moves $out/{man,doc,info} to $out/share. preFixupHooks+=(_moveToShare) _moveToShare() { - forceShare=${forceShare:=man doc info} + if [ -n "$__structuredAttrs" ]; then + if [ -z "${forceShare-}" ]; then + forceShare=( man doc info ) + fi + else + forceShare=( ${forceShare:-man doc info} ) + fi + if [[ -z "$out" ]]; then return; fi - for d in $forceShare; do + for d in "${forceShare[@]}"; do if [ -d "$out/$d" ]; then if [ -d "$out/share/$d" ]; then echo "both $d/ and share/$d/ exist!" @@ -20,4 +25,3 @@ _moveToShare() { fi done } - diff --git a/pkgs/build-support/setup-hooks/move-systemd-user-units.sh b/pkgs/build-support/setup-hooks/move-systemd-user-units.sh index 5963d87c75152..33e89898262f8 100755 --- a/pkgs/build-support/setup-hooks/move-systemd-user-units.sh +++ b/pkgs/build-support/setup-hooks/move-systemd-user-units.sh @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +# shellcheck shell=bash # This setup hook, for each output, moves everything in # $output/lib/systemd/user to $output/share/systemd/user, and replaces diff --git a/pkgs/build-support/setup-hooks/multiple-outputs.sh b/pkgs/build-support/setup-hooks/multiple-outputs.sh index 881cf6c90f483..8a2fc2f915e91 100644 --- a/pkgs/build-support/setup-hooks/multiple-outputs.sh +++ b/pkgs/build-support/setup-hooks/multiple-outputs.sh @@ -47,7 +47,7 @@ _overrideFirst outputInfo "info" "$outputBin" # Add standard flags to put files into the desired outputs. _multioutConfig() { - if [ "$outputs" = "out" ] || [ -z "${setOutputFlags-1}" ]; then return; fi; + if [ "$(getAllOutputNames)" = "out" ] || [ -z "${setOutputFlags-1}" ]; then return; fi; # try to detect share/doc/${shareDocName} # Note: sadly, $configureScript detection comes later in configurePhase, @@ -66,19 +66,17 @@ _multioutConfig() { fi fi - configureFlags="\ - --bindir=${!outputBin}/bin --sbindir=${!outputBin}/sbin \ - --includedir=${!outputInclude}/include --oldincludedir=${!outputInclude}/include \ - --mandir=${!outputMan}/share/man --infodir=${!outputInfo}/share/info \ - --docdir=${!outputDoc}/share/doc/${shareDocName} \ - --libdir=${!outputLib}/lib --libexecdir=${!outputLib}/libexec \ - --localedir=${!outputLib}/share/locale \ - $configureFlags" - - installFlags="\ - pkgconfigdir=${!outputDev}/lib/pkgconfig \ - m4datadir=${!outputDev}/share/aclocal aclocaldir=${!outputDev}/share/aclocal \ - $installFlags" + prependToVar configureFlags \ + --bindir="${!outputBin}"/bin --sbindir="${!outputBin}"/sbin \ + --includedir="${!outputInclude}"/include --oldincludedir="${!outputInclude}"/include \ + --mandir="${!outputMan}"/share/man --infodir="${!outputInfo}"/share/info \ + --docdir="${!outputDoc}"/share/doc/"${shareDocName}" \ + --libdir="${!outputLib}"/lib --libexecdir="${!outputLib}"/libexec \ + --localedir="${!outputLib}"/share/locale + + prependToVar installFlags \ + pkgconfigdir="${!outputDev}"/lib/pkgconfig \ + m4datadir="${!outputDev}"/share/aclocal aclocaldir="${!outputDev}"/share/aclocal } @@ -94,7 +92,7 @@ moveToOutput() { local patt="$1" local dstOut="$2" local output - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "${!output}" = "$dstOut" ]; then continue; fi local srcPath for srcPath in "${!output}"/$patt; do @@ -149,7 +147,7 @@ _multioutDocs() { # Move development-only stuff to the desired outputs. _multioutDevs() { - if [ "$outputs" = "out" ] || [ -z "${moveToDev-1}" ]; then return; fi; + if [ "$(getAllOutputNames)" = "out" ] || [ -z "${moveToDev-1}" ]; then return; fi; moveToOutput include "${!outputInclude}" # these files are sometimes provided even without using the corresponding tool moveToOutput lib/pkgconfig "${!outputDev}" @@ -166,10 +164,10 @@ _multioutDevs() { # Make the "dev" propagate other outputs needed for development. _multioutPropagateDev() { - if [ "$outputs" = "out" ]; then return; fi; + if [ "$(getAllOutputNames)" = "out" ]; then return; fi; local outputFirst - for outputFirst in $outputs; do + for outputFirst in $(getAllOutputNames); do break done local propagaterOutput="$outputDev" diff --git a/pkgs/build-support/setup-hooks/patch-ppd-files/patch-ppd-hook.sh b/pkgs/build-support/setup-hooks/patch-ppd-files/patch-ppd-hook.sh index a450ecd7f963a..77322b245b277 100644 --- a/pkgs/build-support/setup-hooks/patch-ppd-files/patch-ppd-hook.sh +++ b/pkgs/build-support/setup-hooks/patch-ppd-files/patch-ppd-hook.sh @@ -70,7 +70,7 @@ patchPpdFileCommands () { # * outputs of current build before buildInputs # * `/lib/cups/filter' before `/bin` # * add HOST_PATH at end, so we don't miss anything - for path in $outputs; do + for path in $(getAllOutputNames); do addToSearchPath cupspath "${!path}/lib/cups/filter" addToSearchPath cupspath "${!path}/bin" done diff --git a/pkgs/build-support/setup-hooks/strip.sh b/pkgs/build-support/setup-hooks/strip.sh index 9bd7b24cab545..104b5515b3db6 100644 --- a/pkgs/build-support/setup-hooks/strip.sh +++ b/pkgs/build-support/setup-hooks/strip.sh @@ -12,11 +12,20 @@ _doStrip() { local -ra stripCmds=(STRIP STRIP_FOR_TARGET) local -ra ranlibCmds=(RANLIB RANLIB_FOR_TARGET) + # TODO(structured-attrs): This doesn't work correctly if one of + # the items in strip*List or strip*Flags contains a space, + # even with structured attrs enabled. This is OK for now + # because very few packages set any of these, and it doesn't + # affect any of them. + # + # After __structuredAttrs = true is universal, come back and + # push arrays all the way through this logic. + # Strip only host paths by default. Leave targets as is. - stripDebugList=${stripDebugList:-lib lib32 lib64 libexec bin sbin} - stripDebugListTarget=${stripDebugListTarget:-} - stripAllList=${stripAllList:-} - stripAllListTarget=${stripAllListTarget:-} + stripDebugList=${stripDebugList[*]:-lib lib32 lib64 libexec bin sbin} + stripDebugListTarget=${stripDebugListTarget[*]:-} + stripAllList=${stripAllList[*]:-} + stripAllListTarget=${stripAllListTarget[*]:-} local i for i in ${!stripCmds[@]}; do @@ -30,8 +39,8 @@ _doStrip() { if [[ "${dontStrip-}" || "${flag-}" ]] || ! type -f "${stripCmd-}" 2>/dev/null then continue; fi - stripDirs "$stripCmd" "$ranlibCmd" "$debugDirList" "${stripDebugFlags:--S}" - stripDirs "$stripCmd" "$ranlibCmd" "$allDirList" "${stripAllFlags:--s}" + stripDirs "$stripCmd" "$ranlibCmd" "$debugDirList" "${stripDebugFlags[*]:--S}" + stripDirs "$stripCmd" "$ranlibCmd" "$allDirList" "${stripAllFlags[*]:--s}" done } diff --git a/pkgs/build-support/setup-hooks/win-dll-link.sh b/pkgs/build-support/setup-hooks/win-dll-link.sh index 6130f32bef86c..ca4cbb349b6c0 100644 --- a/pkgs/build-support/setup-hooks/win-dll-link.sh +++ b/pkgs/build-support/setup-hooks/win-dll-link.sh @@ -15,7 +15,7 @@ _linkDLLs() { # prefix $PATH by currently-built outputs local DLLPATH="" local outName - for outName in $outputs; do + for outName in $(getAllOutputNames); do addToSearchPath DLLPATH "${!outName}/bin" done DLLPATH="$DLLPATH:$PATH" diff --git a/pkgs/build-support/testers/expect-failure.sh b/pkgs/build-support/testers/expect-failure.sh index 0e1bbe9a678c0..052ee85271766 100644 --- a/pkgs/build-support/testers/expect-failure.sh +++ b/pkgs/build-support/testers/expect-failure.sh @@ -35,7 +35,7 @@ echo "testBuildFailure: Original builder produced exit code: $r" # ----------------------------------------- # Write the build log to the default output -outs=( $outputs ) +outs=( $(getAllOutputNames) ) defOut=${outs[0]} defOutPath=${!defOut} diff --git a/pkgs/data/icons/catppuccin-cursors/default.nix b/pkgs/data/icons/catppuccin-cursors/default.nix index d9eccc96a0291..4559705c169b2 100644 --- a/pkgs/data/icons/catppuccin-cursors/default.nix +++ b/pkgs/data/icons/catppuccin-cursors/default.nix @@ -50,7 +50,7 @@ stdenvNoCC.mkDerivation { installPhase = '' runHook preInstall - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" != "out" ]; then local outputDir="''${!output}" local iconsDir="$outputDir"/share/icons diff --git a/pkgs/data/icons/comixcursors/default.nix b/pkgs/data/icons/comixcursors/default.nix index b63877b282098..1c4fdc195180b 100644 --- a/pkgs/data/icons/comixcursors/default.nix +++ b/pkgs/data/icons/comixcursors/default.nix @@ -52,7 +52,7 @@ stdenvNoCC.mkDerivation rec { ''; installPhase = '' - for outputName in $outputs ; do + for outputName in $(getAllOutputNames) ; do if [ $outputName != out ]; then local outputDir=''${!outputName}; local iconsDir=$outputDir/share/icons diff --git a/pkgs/desktops/gnome/core/gdm/default.nix b/pkgs/desktops/gnome/core/gdm/default.nix index f1fbe7e49d305..a2265387e1ef7 100644 --- a/pkgs/desktops/gnome/core/gdm/default.nix +++ b/pkgs/desktops/gnome/core/gdm/default.nix @@ -143,7 +143,7 @@ stdenv.mkDerivation rec { # We use rsync to merge the directories. rsync --archive "${DESTDIR}/etc" "$out" rm --recursive "${DESTDIR}/etc" - for o in $outputs; do + for o in $(getAllOutputNames); do if [[ "$o" = "debug" ]]; then continue; fi rsync --archive "${DESTDIR}/''${!o}" "$(dirname "''${!o}")" rm --recursive "${DESTDIR}/''${!o}" diff --git a/pkgs/desktops/gnustep/make/builder.sh b/pkgs/desktops/gnustep/make/builder.sh index 39bd77038281c..e5c277e796afd 100644 --- a/pkgs/desktops/gnustep/make/builder.sh +++ b/pkgs/desktops/gnustep/make/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup preConfigure() { diff --git a/pkgs/development/compilers/aspectj/builder.sh b/pkgs/development/compilers/aspectj/builder.sh index 3b43937200423..7ea0a40d37484 100755 --- a/pkgs/development/compilers/aspectj/builder.sh +++ b/pkgs/development/compilers/aspectj/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup export JAVA_HOME=$jre diff --git a/pkgs/development/compilers/chicken/4/fetchegg/builder.sh b/pkgs/development/compilers/chicken/4/fetchegg/builder.sh index 2046610630905..5f41a36263a9c 100644 --- a/pkgs/development/compilers/chicken/4/fetchegg/builder.sh +++ b/pkgs/development/compilers/chicken/4/fetchegg/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup header "exporting egg ${eggName} (version $version) into $out" diff --git a/pkgs/development/compilers/chicken/5/fetchegg/builder.sh b/pkgs/development/compilers/chicken/5/fetchegg/builder.sh index d9adf510f22d5..f02e017577873 100644 --- a/pkgs/development/compilers/chicken/5/fetchegg/builder.sh +++ b/pkgs/development/compilers/chicken/5/fetchegg/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup header "exporting egg ${eggName} (version $version) into $out" diff --git a/pkgs/development/compilers/fpc/binary-builder-darwin.sh b/pkgs/development/compilers/fpc/binary-builder-darwin.sh index f9bdf18e7d682..39db0518281da 100755 --- a/pkgs/development/compilers/fpc/binary-builder-darwin.sh +++ b/pkgs/development/compilers/fpc/binary-builder-darwin.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup pkgdir=$(pwd)/pkg diff --git a/pkgs/development/compilers/fpc/binary-builder.sh b/pkgs/development/compilers/fpc/binary-builder.sh index 4308c1ed211ae..c471378c275f5 100755 --- a/pkgs/development/compilers/fpc/binary-builder.sh +++ b/pkgs/development/compilers/fpc/binary-builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup tar xf $src diff --git a/pkgs/development/compilers/gcc/builder.sh b/pkgs/development/compilers/gcc/builder.sh index c73e9e0c10759..113bd83ea53fc 100644 --- a/pkgs/development/compilers/gcc/builder.sh +++ b/pkgs/development/compilers/gcc/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup diff --git a/pkgs/development/compilers/glslang/default.nix b/pkgs/development/compilers/glslang/default.nix index d93f647f84629..f5f46ff9f4f7f 100644 --- a/pkgs/development/compilers/glslang/default.nix +++ b/pkgs/development/compilers/glslang/default.nix @@ -10,13 +10,13 @@ }: stdenv.mkDerivation rec { pname = "glslang"; - version = "1.3.231.0"; + version = "1.3.236.0"; src = fetchFromGitHub { owner = "KhronosGroup"; repo = "glslang"; rev = "sdk-${version}"; - hash = "sha256-huPrQr+lPi7QCF8CufAavHEKGDDimGrcskiojhH9QYk="; + hash = "sha256-iVcx1j7OMJEU4cPydNwQSFufTUiqq7GKp69Y6pEt7Wc="; }; # These get set at all-packages, keep onto them for child drvs @@ -28,12 +28,6 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ cmake python3 bison jq ]; patches = [ - # https://github.com/NixOS/nixpkgs/pull/201747 - (fetchpatch { - name = "Fix-locations-of-cmake-files-in-side-compat-shims.patch"; - url = "https://github.com/KhronosGroup/glslang/commit/88fd417b0bb7d91755961c70e846d274c182f2b0.patch"; - hash = "sha256-rjeaPX5Ieem6zkICNvPd2SjvvLzG5wBERZfDLZEJsAk="; - }) (fetchpatch { name = "Use-CMAKE_INSTALL_FULL_LIBDIR-in-compat-cmake-files.patch"; url = "https://github.com/KhronosGroup/glslang/commit/7627bd89583c5aafb8b38c81c15494019271fabf.patch"; diff --git a/pkgs/development/compilers/ios-cross-compile/9.2_builder.sh b/pkgs/development/compilers/ios-cross-compile/9.2_builder.sh index 68ba3ed3a920a..47459664af0a5 100644 --- a/pkgs/development/compilers/ios-cross-compile/9.2_builder.sh +++ b/pkgs/development/compilers/ios-cross-compile/9.2_builder.sh @@ -1,4 +1,5 @@ # -*- shell-script -*- +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup function extract diff --git a/pkgs/development/compilers/ocaml/builder.sh b/pkgs/development/compilers/ocaml/builder.sh index a1807682d8674..88acc0654cf2b 100644 --- a/pkgs/development/compilers/ocaml/builder.sh +++ b/pkgs/development/compilers/ocaml/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup configureFlags="-prefix $out $configureFlags" diff --git a/pkgs/development/compilers/openjdk/11.nix b/pkgs/development/compilers/openjdk/11.nix index 820469ab8f156..72b25bff777b6 100644 --- a/pkgs/development/compilers/openjdk/11.nix +++ b/pkgs/development/compilers/openjdk/11.nix @@ -11,8 +11,8 @@ let major = "11"; minor = "0"; - update = "15"; - build = "10"; + update = "17"; + build = "8"; openjdk = stdenv.mkDerivation rec { pname = "openjdk" + lib.optionalString headless "-headless"; @@ -22,7 +22,7 @@ let owner = "openjdk"; repo = "jdk${major}u"; rev = "jdk-${version}"; - sha256 = "le2JDxPJPSuga4JxLJNRZwCaodptSb2kh4TsJXumTXs="; + sha256 = "sha256-kvgLYqQZPqyuigVyzbDHc3TMff0clvzM8IdzYLYcxPU="; }; nativeBuildInputs = [ pkg-config autoconf unzip ]; @@ -131,12 +131,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort | uniq | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/12.nix b/pkgs/development/compilers/openjdk/12.nix index a8de9fe43ffc6..bd3defbd6b98c 100644 --- a/pkgs/development/compilers/openjdk/12.nix +++ b/pkgs/development/compilers/openjdk/12.nix @@ -135,12 +135,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort | uniq | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/13.nix b/pkgs/development/compilers/openjdk/13.nix index 5b7e87b0ef3ac..40dc753f7955c 100644 --- a/pkgs/development/compilers/openjdk/13.nix +++ b/pkgs/development/compilers/openjdk/13.nix @@ -135,12 +135,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort | uniq | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/14.nix b/pkgs/development/compilers/openjdk/14.nix index 1381b0995a76c..047e1a3908191 100644 --- a/pkgs/development/compilers/openjdk/14.nix +++ b/pkgs/development/compilers/openjdk/14.nix @@ -131,12 +131,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort | uniq | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/15.nix b/pkgs/development/compilers/openjdk/15.nix index 6ea1d0b1dd31c..c33e937f9f24b 100644 --- a/pkgs/development/compilers/openjdk/15.nix +++ b/pkgs/development/compilers/openjdk/15.nix @@ -131,12 +131,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort | uniq | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/16.nix b/pkgs/development/compilers/openjdk/16.nix index 0e1911bb1a703..461cd724144ed 100644 --- a/pkgs/development/compilers/openjdk/16.nix +++ b/pkgs/development/compilers/openjdk/16.nix @@ -138,12 +138,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort | uniq | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/17.nix b/pkgs/development/compilers/openjdk/17.nix index bc92b1393fdb3..6d8087d7e948d 100644 --- a/pkgs/development/compilers/openjdk/17.nix +++ b/pkgs/development/compilers/openjdk/17.nix @@ -149,12 +149,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort -u | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/18.nix b/pkgs/development/compilers/openjdk/18.nix index 600899677fed2..37b51a1ee4ce0 100644 --- a/pkgs/development/compilers/openjdk/18.nix +++ b/pkgs/development/compilers/openjdk/18.nix @@ -147,12 +147,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort -u | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/19.nix b/pkgs/development/compilers/openjdk/19.nix index 87c978ec8305e..1af3c920b2c69 100644 --- a/pkgs/development/compilers/openjdk/19.nix +++ b/pkgs/development/compilers/openjdk/19.nix @@ -147,12 +147,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort -u | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/8.nix b/pkgs/development/compilers/openjdk/8.nix index c232b1f01f16d..c65a9fcc66b68 100644 --- a/pkgs/development/compilers/openjdk/8.nix +++ b/pkgs/development/compilers/openjdk/8.nix @@ -20,7 +20,7 @@ let powerpc64le-linux = "ppc64le"; }.${stdenv.system} or (throw "Unsupported platform ${stdenv.system}"); - update = "322"; + update = "352"; build = "ga"; openjdk8 = stdenv.mkDerivation rec { @@ -31,7 +31,7 @@ let owner = "openjdk"; repo = "jdk8u"; rev = "jdk${version}"; - sha256 = "sha256-e39Yv+NDQG7z6fGmpKEnkKd5MoHZ50SXlq/Q7lzWcDA="; + sha256 = "sha256-xDiiALDjStD9IPhbBr997rm/v2Q/WdS10cILBCmdJIQ="; }; outputs = [ "out" "jre" ]; @@ -187,12 +187,12 @@ let postFixup = '' # Build the set of output library directories to rpath against LIBDIRS="" - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi LIBDIRS="$(find $(eval echo \$$output) -name \*.so\* -exec dirname {} \+ | sort | uniq | tr '\n' ':'):$LIBDIRS" done # Add the local library paths to remove dependencies on the bootstrap - for output in $outputs; do + for output in $(getAllOutputNames); do if [ "$output" = debug ]; then continue; fi OUTPUTDIR=$(eval echo \$$output) BINLIBS=$(find $OUTPUTDIR/bin/ -type f; find $OUTPUTDIR -name \*.so\*) diff --git a/pkgs/development/compilers/openjdk/openjfx/11.nix b/pkgs/development/compilers/openjdk/openjfx/11.nix index 1bbb4e42dbc5b..164677c3b8dcd 100644 --- a/pkgs/development/compilers/openjdk/openjfx/11.nix +++ b/pkgs/development/compilers/openjdk/openjfx/11.nix @@ -1,13 +1,13 @@ -{ stdenv, lib, fetchurl, writeText, gradle_4, pkg-config, perl, cmake -, gperf, gtk2, gtk3, libXtst, libXxf86vm, glib, alsa-lib, ffmpeg_4-headless, python3, ruby +{ stdenv, lib, fetchFromGitHub, writeText, gradle_7, pkg-config, perl, cmake +, gperf, gtk2, gtk3, libXtst, libXxf86vm, glib, alsa-lib, ffmpeg_4-headless, python3, ruby, icu68 , openjdk11-bootstrap }: let major = "11"; - update = ".0.11"; + update = ".0.17"; build = "1"; repover = "${major}${update}+${build}"; - gradle_ = (gradle_4.override { + gradle_ = (gradle_7.override { java = openjdk11-bootstrap; }); @@ -24,12 +24,14 @@ let makePackage = args: stdenv.mkDerivation ({ version = "${major}${update}-${build}"; - src = fetchurl { - url = "https://hg.openjdk.java.net/openjfx/${major}-dev/rt/archive/${repover}.tar.gz"; - sha256 = "sha256-mbEALUxuwbtlGeZ2Xsm3m3aNDdthLYWd6QHmdkAILxc="; + src = fetchFromGitHub { + owner = "openjdk"; + repo = "jfx${major}u"; + rev = repover; + sha256 = "sha256-uKb6k+tIFdwy1BYiHWeGmKNz82X4CZjFlGYqLDpSFY0="; }; - buildInputs = [ gtk2 gtk3 libXtst libXxf86vm glib alsa-lib ffmpeg_4-headless ]; + buildInputs = [ gtk2 gtk3 libXtst libXxf86vm glib alsa-lib ffmpeg_4-headless icu68 ]; nativeBuildInputs = [ gradle_ perl pkg-config cmake gperf python3 ruby ]; dontUseCmakeConfigure = true; @@ -44,8 +46,6 @@ let JDK_HOME = ${openjdk11-bootstrap.home} '' + args.gradleProperties or ""); - inherit NIX_CFLAGS_COMPILE; - buildPhase = '' runHook preBuild @@ -74,10 +74,7 @@ let outputHashAlgo = "sha256"; outputHashMode = "recursive"; - # Downloaded AWT jars differ by platform. - outputHash = { - x86_64-linux = "sha256-syceJMUEknBDCHK8eGs6rUU3IQn+HnQfURfCrDxYPa8="; - }.${stdenv.system} or (throw "Unsupported platform"); + outputHash = "sha256-syceJMUEknBDCHK8eGs6rUU3IQn+HnQfURfCrDxYPa9="; }; in makePackage { @@ -85,7 +82,7 @@ in makePackage { gradleProperties = '' COMPILE_MEDIA = true - COMPILE_WEBKIT = true + COMPILE_WEBKIT = false ''; preBuild = '' @@ -99,8 +96,6 @@ in makePackage { cp -r build/modular-sdk $out ''; - inherit NIX_CFLAGS_COMPILE; - stripDebugList = [ "." ]; postFixup = '' diff --git a/pkgs/development/compilers/openjdk/openjfx/15.nix b/pkgs/development/compilers/openjdk/openjfx/15.nix index d2903c685a90c..788baabde848f 100644 --- a/pkgs/development/compilers/openjdk/openjfx/15.nix +++ b/pkgs/development/compilers/openjdk/openjfx/15.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchFromGitHub, writeText, openjdk11_headless, gradle_5 +{ stdenv, lib, fetchFromGitHub, writeText, openjdk11_headless, gradle_6 , pkg-config, perl, cmake, gperf, gtk2, gtk3, libXtst, libXxf86vm, glib, alsa-lib , ffmpeg_4-headless, python3, ruby }: @@ -7,7 +7,7 @@ let update = ".0.1"; build = "+1"; repover = "${major}${update}${build}"; - gradle_ = (gradle_5.override { + gradle_ = (gradle_6.override { java = openjdk11_headless; }); @@ -69,10 +69,7 @@ let outputHashAlgo = "sha256"; outputHashMode = "recursive"; - # Downloaded AWT jars differ by platform. - outputHash = { - x86_64-linux = "0hmyr5nnjgwyw3fcwqf0crqg9lny27jfirycg3xmkzbcrwqd6qkw"; - }.${stdenv.system} or (throw "Unsupported platform"); + outputHash = "sha256-fGLTMM9s/Vn7eMzn6OQR3tL0cGbAYc7c4J4/aW3JvkI="; }; in makePackage { @@ -80,7 +77,7 @@ in makePackage { gradleProperties = '' COMPILE_MEDIA = true - COMPILE_WEBKIT = true + COMPILE_WEBKIT = false ''; preBuild = '' @@ -120,6 +117,9 @@ in makePackage { license = licenses.gpl2; description = "The next-generation Java client toolkit"; maintainers = with maintainers; [ abbradar ]; + knownVulnerabilities = [ + "This OpenJFX version has reached its end of life." + ]; platforms = [ "x86_64-linux" ]; }; } diff --git a/pkgs/development/compilers/openjdk/openjfx/17.nix b/pkgs/development/compilers/openjdk/openjfx/17.nix index 1c1fb89ce8e17..8d4d47df32e7f 100644 --- a/pkgs/development/compilers/openjdk/openjfx/17.nix +++ b/pkgs/development/compilers/openjdk/openjfx/17.nix @@ -4,7 +4,7 @@ let major = "17"; - update = ".0.0.1"; + update = ".0.5"; build = "+1"; repover = "${major}${update}${build}"; gradle_ = (gradle_7.override { @@ -16,9 +16,9 @@ let src = fetchFromGitHub { owner = "openjdk"; - repo = "jfx"; + repo = "jfx${major}u"; rev = repover; - sha256 = "sha256-PSiE9KbF/4u9VyBl9PAMLGzKyGFB86/XByeh7vhL6Kw="; + sha256 = "sha256-jzLOlWuhkUS0/4+nXtjd1/IYbAHHnJrusFRTh7aPt8U="; }; buildInputs = [ gtk2 gtk3 libXtst libXxf86vm glib alsa-lib ffmpeg_4-headless icu68 ]; diff --git a/pkgs/development/compilers/rust/cargo.nix b/pkgs/development/compilers/rust/cargo.nix index 2c9a3b1af472a..5571918fdc62d 100644 --- a/pkgs/development/compilers/rust/cargo.nix +++ b/pkgs/development/compilers/rust/cargo.nix @@ -2,6 +2,7 @@ , file, curl, pkg-config, python3, openssl, cmake, zlib , installShellFiles, makeWrapper, cacert, rustPlatform, rustc , libiconv, CoreFoundation, Security +, auditable ? false # TODO: change to true when this is the default }: rustPlatform.buildRustPackage { @@ -12,6 +13,8 @@ rustPlatform.buildRustPackage { cargoVendorDir = "vendor"; buildAndTestSubdir = "src/tools/cargo"; + inherit auditable; + passthru = { rustc = rustc; inherit (rustc) tests; diff --git a/pkgs/development/interpreters/python/cpython/default.nix b/pkgs/development/interpreters/python/cpython/default.nix index 8d55ea6c39cb0..388802fca8c66 100644 --- a/pkgs/development/interpreters/python/cpython/default.nix +++ b/pkgs/development/interpreters/python/cpython/default.nix @@ -293,15 +293,17 @@ in with passthru; stdenv.mkDerivation { substituteInPlace "Lib/tkinter/tix.py" --replace "os.environ.get('TIX_LIBRARY')" "os.environ.get('TIX_LIBRARY') or '${tix}/lib'" ''; - CPPFLAGS = concatStringsSep " " (map (p: "-I${getDev p}/include") buildInputs); - LDFLAGS = concatStringsSep " " (map (p: "-L${getLib p}/lib") buildInputs); - LIBS = "${optionalString (!stdenv.isDarwin) "-lcrypt"}"; - NIX_LDFLAGS = lib.optionalString (stdenv.cc.isGNU && !stdenv.hostPlatform.isStatic) ({ - "glibc" = "-lgcc_s"; - "musl" = "-lgcc_eh"; - }."${stdenv.hostPlatform.libc}" or ""); - # Determinism: We fix the hashes of str, bytes and datetime objects. - PYTHONHASHSEED=0; + env = { + CPPFLAGS = concatStringsSep " " (map (p: "-I${getDev p}/include") buildInputs); + LDFLAGS = concatStringsSep " " (map (p: "-L${getLib p}/lib") buildInputs); + LIBS = "${optionalString (!stdenv.isDarwin) "-lcrypt"}"; + NIX_LDFLAGS = lib.optionalString (stdenv.cc.isGNU && !stdenv.hostPlatform.isStatic) ({ + "glibc" = "-lgcc_s"; + "musl" = "-lgcc_eh"; + }."${stdenv.hostPlatform.libc}" or ""); + # Determinism: We fix the hashes of str, bytes and datetime objects. + PYTHONHASHSEED=0; + }; configureFlags = [ "--without-ensurepip" diff --git a/pkgs/development/interpreters/python/setup-hook.nix b/pkgs/development/interpreters/python/setup-hook.nix index 29ce079317f03..8cfb9dd46784d 100644 --- a/pkgs/development/interpreters/python/setup-hook.nix +++ b/pkgs/development/interpreters/python/setup-hook.nix @@ -6,7 +6,9 @@ let hook = ./setup-hook.sh; in runCommand "python-setup-hook.sh" { strictDeps = true; - inherit sitePackages; + env = { + inherit sitePackages; + }; } '' cp ${hook} hook.sh substituteAllInPlace hook.sh diff --git a/pkgs/development/interpreters/ruby/default.nix b/pkgs/development/interpreters/ruby/default.nix index c7e01ea0f94d8..bc93190490e09 100644 --- a/pkgs/development/interpreters/ruby/default.nix +++ b/pkgs/development/interpreters/ruby/default.nix @@ -187,6 +187,18 @@ let sed -i '/CC_VERSION_MESSAGE/d' $rbConfig '' } + + # Allow to override compiler. This is important for cross compiling as + # we need to set a compiler that is different from the build one. + awk -i inplace -F' = ' \ + ' # operate on the line starting with + /^ CONFIG\["CC"\]/ { + # replace the right hand side + sub($2, "ENV[\"CC\"] || \"1\"") + }; { print }' "$rbConfig" + # test that the line isn't mangled in case upstream made the above unnecessary + grep -qx ' CONFIG\["CC"\] = ENV\["CC"\] || "1"' "$rbConfig" + # Remove unnecessary external intermediate files created by gems extMakefiles=$(find $out/${passthru.gemPath} -name Makefile) for makefile in $extMakefiles; do diff --git a/pkgs/development/libraries/boehm-gc/default.nix b/pkgs/development/libraries/boehm-gc/default.nix index 34e26f5470937..de5aff6c3b6eb 100644 --- a/pkgs/development/libraries/boehm-gc/default.nix +++ b/pkgs/development/libraries/boehm-gc/default.nix @@ -1,7 +1,6 @@ { lib , stdenv , fetchurl -, autoreconfHook # doc: https://github.com/ivmai/bdwgc/blob/v8.2.2/doc/README.macros (LARGE_CONFIG) , enableLargeConfig ? false , enableMmap ? true @@ -36,14 +35,14 @@ stdenv.mkDerivation (finalAttrs: { # don't forget to disable the fix (and if the next release does # not fix the problem the test failure will be a reminder to # extend the set of versions requiring the workaround). - makeFlags = if (stdenv.hostPlatform.isPower64 && + makeFlags = lib.optionals (stdenv.hostPlatform.isPower64 && finalAttrs.version == "8.2.2") - then [ + [ # do not use /proc primitives to track dirty bits; see: # https://github.com/ivmai/bdwgc/issues/479#issuecomment-1279687537 # https://github.com/ivmai/bdwgc/blob/54522af853de28f45195044dadfd795c4e5942aa/include/private/gcconfig.h#L741 "CFLAGS_EXTRA=-DNO_SOFT_VDB" - ] else null; + ]; # `gctest` fails under emulation on aarch64-darwin doCheck = !(stdenv.isDarwin && stdenv.isx86_64); diff --git a/pkgs/development/libraries/ffmpeg/4.nix b/pkgs/development/libraries/ffmpeg/4.nix index e37e90d553a3b..ac88df930768a 100644 --- a/pkgs/development/libraries/ffmpeg/4.nix +++ b/pkgs/development/libraries/ffmpeg/4.nix @@ -1,15 +1,8 @@ -{ callPackage, fetchpatch, ... }@args: +{ callPackage, ... }@args: callPackage ./generic.nix (rec { - version = "4.4.2"; + version = "4.4.3"; branch = version; - sha256 = "sha256-+YpIJSDEdQdSGpB5FNqp77wThOBZG1r8PaGKqJfeKUg="; + sha256 = "sha256-M7jC281TD+HbVxBBU0Vgm0yiJ70NoeOpMy27DxH9Jzo="; - patches = [ - # SDL2 recently changed their versioning - (fetchpatch { - url = "https://git.videolan.org/?p=ffmpeg.git;a=patch;h=e5163b1d34381a3319214a902ef1df923dd2eeba"; - hash = "sha256-nLhP2+34cj5EgpnUrePZp60nYAxmbhZAEDfay4pBVk0="; - }) - ]; } // args) diff --git a/pkgs/development/libraries/gd/default.nix b/pkgs/development/libraries/gd/default.nix index 7ea8ce6d29b44..c9845feb96783 100644 --- a/pkgs/development/libraries/gd/default.nix +++ b/pkgs/development/libraries/gd/default.nix @@ -1,4 +1,6 @@ -{ lib, stdenv, fetchurl +{ lib +, stdenv +, fetchurl , fetchpatch , autoconf , automake @@ -8,6 +10,7 @@ , libjpeg , libwebp , libtiff +, withXorg ? true , libXpm , libavif , fontconfig @@ -33,20 +36,22 @@ stdenv.mkDerivation rec { hardeningDisable = [ "format" ]; - configureFlags = - [ - "--enable-gd-formats" - ] + configureFlags = [ + "--enable-gd-formats" + ] # -pthread gets passed to clang, causing warnings ++ lib.optional stdenv.isDarwin "--enable-werror=no"; nativeBuildInputs = [ autoconf automake pkg-config ]; - buildInputs = [ zlib fontconfig freetype libpng libjpeg libwebp libtiff libXpm libavif ]; + buildInputs = [ zlib fontconfig freetype libpng libjpeg libwebp libtiff libavif ] + ++ lib.optional withXorg libXpm; outputs = [ "bin" "dev" "out" ]; - postFixup = ''moveToOutput "bin/gdlib-config" $dev''; + postFixup = '' + moveToOutput "bin/gdlib-config" $dev + ''; enableParallelBuilding = true; @@ -57,5 +62,6 @@ stdenv.mkDerivation rec { description = "A dynamic image creation library"; license = licenses.free; # some custom license platforms = platforms.unix; + maintainers = with maintainers; [ ]; }; } diff --git a/pkgs/development/libraries/gettext/default.nix b/pkgs/development/libraries/gettext/default.nix index a1270af259cda..ae5b9f48293a3 100644 --- a/pkgs/development/libraries/gettext/default.nix +++ b/pkgs/development/libraries/gettext/default.nix @@ -60,7 +60,9 @@ stdenv.mkDerivation rec { ../../../build-support/setup-hooks/role.bash ./gettext-setup-hook.sh ]; - gettextNeedsLdflags = stdenv.hostPlatform.libc != "glibc" && !stdenv.hostPlatform.isMusl; + env = { + gettextNeedsLdflags = stdenv.hostPlatform.libc != "glibc" && !stdenv.hostPlatform.isMusl; + }; enableParallelBuilding = true; enableParallelChecking = false; # fails sometimes diff --git a/pkgs/development/libraries/glibc/common.nix b/pkgs/development/libraries/glibc/common.nix index 61c0c92d5280a..889ca7bf48fd6 100644 --- a/pkgs/development/libraries/glibc/common.nix +++ b/pkgs/development/libraries/glibc/common.nix @@ -54,9 +54,6 @@ assert withGd -> gd != null && libpng != null; stdenv.mkDerivation ({ version = version + patchSuffix; - linuxHeaders = if withLinuxHeaders then linuxHeaders else null; - - inherit (stdenv) is64bit; enableParallelBuilding = true; @@ -175,10 +172,14 @@ stdenv.mkDerivation ({ nativeBuildInputs = [ bison python3Minimal ] ++ extraNativeBuildInputs; buildInputs = [ linuxHeaders ] ++ lib.optionals withGd [ gd libpng ] ++ extraBuildInputs; - # Needed to install share/zoneinfo/zone.tab. Set to impure /bin/sh to - # prevent a retained dependency on the bootstrap tools in the stdenv-linux - # bootstrap. - BASH_SHELL = "/bin/sh"; + env = { + linuxHeaders = if withLinuxHeaders then linuxHeaders else ""; + inherit (stdenv) is64bit; + # Needed to install share/zoneinfo/zone.tab. Set to impure /bin/sh to + # prevent a retained dependency on the bootstrap tools in the stdenv-linux + # bootstrap. + BASH_SHELL = "/bin/sh"; + }; # Used by libgcc, elf-header, and others to determine ABI passthru = { inherit version; minorRelease = version; }; diff --git a/pkgs/development/libraries/glibc/locales-builder.sh b/pkgs/development/libraries/glibc/locales-builder.sh index d732e208fa22a..d91f936c937b1 100644 --- a/pkgs/development/libraries/glibc/locales-builder.sh +++ b/pkgs/development/libraries/glibc/locales-builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi # Glibc cannot have itself in its RPATH. export NIX_NO_SELF_RPATH=1 diff --git a/pkgs/development/libraries/gtk-sharp/builder.sh b/pkgs/development/libraries/gtk-sharp/builder.sh index 4b8f757540b55..73914495d6d41 100644 --- a/pkgs/development/libraries/gtk-sharp/builder.sh +++ b/pkgs/development/libraries/gtk-sharp/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup genericBuild diff --git a/pkgs/development/libraries/libarchive/default.nix b/pkgs/development/libraries/libarchive/default.nix index 066ea8b60ddcf..c7e9f117f94cb 100644 --- a/pkgs/development/libraries/libarchive/default.nix +++ b/pkgs/development/libraries/libarchive/default.nix @@ -28,13 +28,13 @@ assert xarSupport -> libxml2 != null; stdenv.mkDerivation rec { pname = "libarchive"; - version = "3.6.1"; + version = "3.6.2"; src = fetchFromGitHub { owner = "libarchive"; repo = "libarchive"; rev = "v${version}"; - hash = "sha256-G4wL5DDbX0FqaA4cnOlVLZ25ObN8dNsRtxyas29tpDA="; + hash = "sha256-wQbA6vlXH8pnpY7LJLkjrRFEBpcaPR1SqxnK71UVwxg="; }; postPatch = '' diff --git a/pkgs/development/libraries/libdevil/default.nix b/pkgs/development/libraries/libdevil/default.nix index a79e5371c01b4..35637512e0a55 100644 --- a/pkgs/development/libraries/libdevil/default.nix +++ b/pkgs/development/libraries/libdevil/default.nix @@ -1,22 +1,36 @@ -{ lib, stdenv, fetchurl, libjpeg, libpng, libmng, lcms1, libtiff, openexr, libGL -, libX11, pkg-config, OpenGL +{ lib +, stdenv +, fetchurl +, libjpeg +, libpng +, libmng +, lcms1 +, libtiff +, openexr +, libGL +, libX11 +, pkg-config +, OpenGL +, runtimeShell +, withXorg ? true }: stdenv.mkDerivation rec { - pname = "libdevil"; version = "1.7.8"; + outputs = [ "out" "dev" ]; + src = fetchurl { url = "mirror://sourceforge/openil/DevIL-${version}.tar.gz"; sha256 = "1zd850nn7nvkkhasrv7kn17kzgslr5ry933v6db62s4lr0zzlbv8"; }; - outputs = [ "out" "dev" ]; + nativeBuildInputs = [ pkg-config ]; - buildInputs = [ libjpeg libpng libmng lcms1 libtiff openexr libGL libX11 ] + buildInputs = [ libjpeg libpng libmng lcms1 libtiff openexr ] + ++ lib.optionals withXorg [ libX11 libGL ] ++ lib.optionals stdenv.isDarwin [ OpenGL ]; - nativeBuildInputs = [ pkg-config ]; configureFlags = [ "--enable-ILU" "--enable-ILUT" ]; @@ -31,29 +45,29 @@ stdenv.mkDerivation rec { sed -i '/RESTRICT_KEYWORD/d' include/IL/config.h ''; - patches = - [ ( fetchurl { + patches = [ + (fetchurl { url = "https://sources.debian.org/data/main/d/devil/1.7.8-10/debian/patches/03_CVE-2009-3994.diff"; sha256 = "0qkx2qfv02igbrmsn6z5a3lbrbwjfh3rb0c2sj54wy0j1f775hbc"; - } ) - ./ftbfs-libpng15.patch - ./il_endian.h.patch - ]; + }) + ./ftbfs-libpng15.patch + ./il_endian.h.patch + ]; enableParallelBuilding = true; postPatch = '' for a in test/Makefile.in test/format_test/format_checks.sh.in ; do substituteInPlace $a \ - --replace /bin/bash ${stdenv.shell} + --replace /bin/bash ${runtimeShell} done ''; meta = with lib; { - homepage = "http://openil.sourceforge.net/"; + homepage = "https://openil.sourceforge.net/"; description = "An image library which can can load, save, convert, manipulate, filter and display a wide variety of image formats"; license = licenses.lgpl2; platforms = platforms.mesaPlatforms; - maintainers = [ ]; + maintainers = with maintainers; [ ]; }; } diff --git a/pkgs/development/libraries/librsvg/default.nix b/pkgs/development/libraries/librsvg/default.nix index 6b174a7dfa4df..a60da602e0709 100644 --- a/pkgs/development/libraries/librsvg/default.nix +++ b/pkgs/development/libraries/librsvg/default.nix @@ -15,7 +15,7 @@ , rustPlatform , rustc , rust -, cargo +, cargo-auditable-cargo-wrapper , gi-docgen , python3Packages , gnome @@ -57,7 +57,7 @@ stdenv.mkDerivation rec { gdk-pixbuf pkg-config rustc - cargo + cargo-auditable-cargo-wrapper python3Packages.docutils vala rustPlatform.cargoSetupHook diff --git a/pkgs/development/libraries/nghttp2/default.nix b/pkgs/development/libraries/nghttp2/default.nix index 8e3264dcbc510..f118467b56cf4 100644 --- a/pkgs/development/libraries/nghttp2/default.nix +++ b/pkgs/development/libraries/nghttp2/default.nix @@ -31,11 +31,11 @@ assert enableJemalloc -> enableApp; stdenv.mkDerivation rec { pname = "nghttp2"; - version = "1.49.0"; + version = "1.51.0"; src = fetchurl { url = "https://github.com/${pname}/${pname}/releases/download/v${version}/${pname}-${version}.tar.bz2"; - sha256 = "sha256-LNTbfXX3FJQVMknL6UoJLaTG7NdCQPirGM9kTZ1l9u4="; + sha256 = "sha256-6z6m9bYMbT7b8GXgT0NOjtYpGlyxoHkZxBcwqx/MAOA="; }; outputs = [ "bin" "out" "dev" "lib" ] diff --git a/pkgs/development/libraries/oniguruma/default.nix b/pkgs/development/libraries/oniguruma/default.nix index bc084829e7bb5..3062c3cb4e11c 100644 --- a/pkgs/development/libraries/oniguruma/default.nix +++ b/pkgs/development/libraries/oniguruma/default.nix @@ -1,16 +1,18 @@ -{ lib, stdenv, fetchFromGitHub, autoreconfHook }: +{ lib, stdenv, fetchurl, autoreconfHook }: stdenv.mkDerivation rec { - pname = "onig"; + pname = "oniguruma"; version = "6.9.8"; - src = fetchFromGitHub { - owner = "kkos"; - repo = "oniguruma"; - rev = "v${version}"; - sha256 = "sha256-8aFZdhh6ovLCR0A17rvWq/Oif66rSMnHcCYHjClNElw="; + # Note: do not use fetchpatch or fetchFromGitHub to keep this package available in __bootPackages + src = fetchurl { + url = "https://github.com/kkos/oniguruma/releases/download/v${version}/onig-${version}.tar.gz"; + sha256 = "sha256-KM1iwUZGI8eRBWX7HMqqAQSy/osSvNZG6B9ztHU1IT4="; }; + outputs = [ "dev" "lib" "out" ]; + outputBin = "dev"; # onig-config + nativeBuildInputs = [ autoreconfHook ]; configureFlags = [ "--enable-posix-api=yes" ]; @@ -18,7 +20,7 @@ stdenv.mkDerivation rec { homepage = "https://github.com/kkos/oniguruma"; description = "Regular expressions library"; license = licenses.bsd2; - maintainers = with maintainers; [ ]; + maintainers = with maintainers; [ artturin ]; platforms = platforms.unix; }; } diff --git a/pkgs/development/libraries/openssl/3.0/CVE-2022-3996.patch b/pkgs/development/libraries/openssl/3.0/CVE-2022-3996.patch new file mode 100644 index 0000000000000..2acedda0e3a49 --- /dev/null +++ b/pkgs/development/libraries/openssl/3.0/CVE-2022-3996.patch @@ -0,0 +1,36 @@ +From 7725e7bfe6f2ce8146b6552b44e0d226be7638e7 Mon Sep 17 00:00:00 2001 +From: Pauli <pauli@openssl.org> +Date: Fri, 11 Nov 2022 09:40:19 +1100 +Subject: [PATCH] x509: fix double locking problem + +This reverts commit 9aa4be691f5c73eb3c68606d824c104550c053f7 and removed the +redundant flag setting. + +Fixes #19643 + +Fixes LOW CVE-2022-3996 + +Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> +Reviewed-by: Tomas Mraz <tomas@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/19652) + +(cherry picked from commit 4d0340a6d2f327700a059f0b8f954d6160f8eef5) +--- + crypto/x509/pcy_map.c | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/crypto/x509/pcy_map.c b/crypto/x509/pcy_map.c +index 05406c6493fc..60dfd1e3203b 100644 +--- a/crypto/x509/pcy_map.c ++++ b/crypto/x509/pcy_map.c +@@ -73,10 +73,6 @@ int ossl_policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps) + + ret = 1; + bad_mapping: +- if (ret == -1 && CRYPTO_THREAD_write_lock(x->lock)) { +- x->ex_flags |= EXFLAG_INVALID_POLICY; +- CRYPTO_THREAD_unlock(x->lock); +- } + sk_POLICY_MAPPING_pop_free(maps, POLICY_MAPPING_free); + return ret; + diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix index 45a34971c8f04..4c322997963a6 100644 --- a/pkgs/development/libraries/openssl/default.nix +++ b/pkgs/development/libraries/openssl/default.nix @@ -241,6 +241,9 @@ in { (if stdenv.hostPlatform.isDarwin then ./use-etc-ssl-certs-darwin.patch else ./use-etc-ssl-certs.patch) + + # Remove with 3.0.8 release + ./3.0/CVE-2022-3996.patch ]; withDocs = true; diff --git a/pkgs/development/libraries/pcre2/default.nix b/pkgs/development/libraries/pcre2/default.nix index 226b92ccfdd35..82fc33670bc56 100644 --- a/pkgs/development/libraries/pcre2/default.nix +++ b/pkgs/development/libraries/pcre2/default.nix @@ -6,11 +6,11 @@ stdenv.mkDerivation rec { pname = "pcre2"; - version = "10.40"; + version = "10.42"; src = fetchurl { url = "https://github.com/PhilipHazel/pcre2/releases/download/pcre2-${version}/pcre2-${version}.tar.bz2"; - hash = "sha256-FOS4PEeDkz3BfpZDGOYyT3yuG8ddjzx5vGlp8AwVnWg="; + hash = "sha256-jTbNjLbqKkwrs1j/ZBGwx4hjOipF2rvxrrS3AdG16EA="; }; configureFlags = [ diff --git a/pkgs/development/libraries/polkit/default.nix b/pkgs/development/libraries/polkit/default.nix index e9f9120620ac4..6d2a56d03ac35 100644 --- a/pkgs/development/libraries/polkit/default.nix +++ b/pkgs/development/libraries/polkit/default.nix @@ -167,7 +167,7 @@ stdenv.mkDerivation rec { rsync --archive "${DESTDIR}${system}"/* "$out" rm --recursive "${DESTDIR}${system}"/* rmdir --parents --ignore-fail-on-non-empty "${DESTDIR}${system}" - for o in $outputs; do + for o in $(getAllOutputNames); do rsync --archive "${DESTDIR}/''${!o}" "$(dirname "''${!o}")" rm --recursive "${DESTDIR}/''${!o}" done diff --git a/pkgs/development/libraries/spirv-headers/default.nix b/pkgs/development/libraries/spirv-headers/default.nix index 8abdea5249b79..78dc373d4ab6e 100644 --- a/pkgs/development/libraries/spirv-headers/default.nix +++ b/pkgs/development/libraries/spirv-headers/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "spirv-headers"; - version = "1.3.231.0"; + version = "1.3.236.0"; src = fetchFromGitHub { owner = "KhronosGroup"; repo = "SPIRV-Headers"; rev = "sdk-${version}"; - hash = "sha256-lUWgZYGPu+IaLUrbtyC7R0o3Hq/q7C7BE8r7DAsiC30="; + hash = "sha256-eWI1MyIWxcg1JepRsnHBmitehDigDa+dR8kXvIkYejY="; }; nativeBuildInputs = [ cmake ]; diff --git a/pkgs/development/libraries/vulkan-headers/default.nix b/pkgs/development/libraries/vulkan-headers/default.nix index 1db531e3732cd..8f1202088e58e 100644 --- a/pkgs/development/libraries/vulkan-headers/default.nix +++ b/pkgs/development/libraries/vulkan-headers/default.nix @@ -1,7 +1,7 @@ { lib, stdenv, fetchFromGitHub, cmake }: stdenv.mkDerivation rec { pname = "vulkan-headers"; - version = "1.3.231.0"; + version = "1.3.236.0"; nativeBuildInputs = [ cmake ]; @@ -9,7 +9,7 @@ stdenv.mkDerivation rec { owner = "KhronosGroup"; repo = "Vulkan-Headers"; rev = "sdk-${version}"; - hash = "sha256-EoD48jBoJmIet4BDC6bYxOsKK2358SZ/NcZeM61q/5g="; + hash = "sha256-b1q9QugFH4lieS8CTOyZ3uoQ7bd44G8NPEwRtUPD+24="; }; meta = with lib; { diff --git a/pkgs/development/libraries/vulkan-loader/default.nix b/pkgs/development/libraries/vulkan-loader/default.nix index 27c1423d94e50..8d38f725a64d6 100644 --- a/pkgs/development/libraries/vulkan-loader/default.nix +++ b/pkgs/development/libraries/vulkan-loader/default.nix @@ -3,14 +3,14 @@ stdenv.mkDerivation rec { pname = "vulkan-loader"; - version = "1.3.231.0"; + version = "1.3.236.0"; src = (assert version == vulkan-headers.version; fetchFromGitHub { owner = "KhronosGroup"; repo = "Vulkan-Loader"; rev = "sdk-${version}"; - hash = "sha256-HWaa3JT0znhvqbvZdcsAwy8Dr6HDQp4rgpVmMOuCo0s="; + hash = "sha256-Y6OakowZlb40ZatITQCFBK/qSZqSdgTNew1XUFD/jMo="; }); patches = [ ./fix-pkgconfig.patch ]; diff --git a/pkgs/development/libraries/wtk/builder.sh b/pkgs/development/libraries/wtk/builder.sh index 86f2719537cd0..c3ad173b09338 100644 --- a/pkgs/development/libraries/wtk/builder.sh +++ b/pkgs/development/libraries/wtk/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup mkdir unzipped diff --git a/pkgs/development/libraries/x265/default.nix b/pkgs/development/libraries/x265/default.nix index 92f7f11170f6e..b63b0101d54be 100644 --- a/pkgs/development/libraries/x265/default.nix +++ b/pkgs/development/libraries/x265/default.nix @@ -35,8 +35,7 @@ let (mkFlag vtuneSupport "ENABLE_VTUNE") (mkFlag werrorSupport "WARNINGS_AS_ERRORS") # Potentially riscv cross could be fixed by providing the correct CMAKE_SYSTEM_PROCESSOR flag - (mkFlag (with stdenv; !(isCross && hostPlatform.isRiscV || isDarwin && isAarch64)) "ENABLE_ASSEMBLY") - ]; + ] ++ lib.optional (isCross && stdenv.hostPlatform.isRiscV) "-DENABLE_ASSEMBLY=OFF"; cmakeStaticLibFlags = [ "-DHIGH_BIT_DEPTH=ON" diff --git a/pkgs/development/libraries/xapian/default.nix b/pkgs/development/libraries/xapian/default.nix index 700fa1d13dd12..3c0a555dd9780 100644 --- a/pkgs/development/libraries/xapian/default.nix +++ b/pkgs/development/libraries/xapian/default.nix @@ -26,7 +26,7 @@ let nativeBuildInputs = [ autoreconfHook ]; doCheck = true; - AUTOMATED_TESTING = true; # https://trac.xapian.org/changeset/8be35f5e1/git + env.AUTOMATED_TESTING = true; # https://trac.xapian.org/changeset/8be35f5e1/git patches = lib.optionals stdenv.isDarwin [ ./skip-flaky-darwin-test.patch ]; diff --git a/pkgs/development/nim-packages/fetch-nimble/builder.sh b/pkgs/development/nim-packages/fetch-nimble/builder.sh index 693ab339408ed..bc2f9bfc94f1b 100644 --- a/pkgs/development/nim-packages/fetch-nimble/builder.sh +++ b/pkgs/development/nim-packages/fetch-nimble/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup export HOME=$NIX_BUILD_TOP diff --git a/pkgs/development/perl-modules/generic/builder.sh b/pkgs/development/perl-modules/generic/builder.sh index 9b42401fc4dcd..110094ad8a494 100644 --- a/pkgs/development/perl-modules/generic/builder.sh +++ b/pkgs/development/perl-modules/generic/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup PERL5LIB="$PERL5LIB${PERL5LIB:+:}$out/lib/perl5/site_perl" diff --git a/pkgs/development/perl-modules/generic/default.nix b/pkgs/development/perl-modules/generic/default.nix index 2d1c550d3168c..3dca6550ad688 100644 --- a/pkgs/development/perl-modules/generic/default.nix +++ b/pkgs/development/perl-modules/generic/default.nix @@ -24,6 +24,8 @@ # https://metacpan.org/pod/release/XSAWYERX/perl-5.26.0/pod/perldelta.pod#Removal-of-the-current-directory-%28%22.%22%29-from-@INC , PERL_USE_UNSAFE_INC ? "1" +, env ? {} + , ... }@attrs: @@ -43,10 +45,11 @@ lib.throwIf (attrs ? name) "buildPerlPackage: `name` (\"${attrs.name}\") is depr buildInputs = buildInputs ++ [ perl ]; nativeBuildInputs = nativeBuildInputs ++ [ (perl.mini or perl) ]; - fullperl = buildPerl; - inherit outputs src doCheck checkTarget enableParallelBuilding; - inherit PERL_AUTOINSTALL AUTOMATED_TESTING PERL_USE_UNSAFE_INC; + env = { + inherit PERL_AUTOINSTALL AUTOMATED_TESTING PERL_USE_UNSAFE_INC; + fullperl = buildPerl; + } // env; meta = defaultMeta // (attrs.meta or { }); }); diff --git a/pkgs/development/python-modules/aiosignal/default.nix b/pkgs/development/python-modules/aiosignal/default.nix index 9d815dfac0590..b7a3bc9d9deef 100644 --- a/pkgs/development/python-modules/aiosignal/default.nix +++ b/pkgs/development/python-modules/aiosignal/default.nix @@ -9,14 +9,16 @@ buildPythonPackage rec { pname = "aiosignal"; - version = "1.2.0"; - disabled = pythonOlder "3.6"; + version = "1.3.1"; + format = "setuptools"; + + disabled = pythonOlder "3.7"; src = fetchFromGitHub { owner = "aio-libs"; repo = pname; rev = "v${version}"; - sha256 = "1pamfc2l95s1q86jvmbp17chjy129gk01kwy8xm88d2ijy8s1caq"; + hash = "sha256-vx3Fe28r+0it1UFwyDSD9NNyeIN4tywTyr4pVp49WuU="; }; propagatedBuildInputs = [ @@ -29,16 +31,19 @@ buildPythonPackage rec { ]; postPatch = '' - substituteInPlace pytest.ini \ + substituteInPlace setup.cfg \ --replace "filterwarnings = error" "" \ --replace "--cov=aiosignal" "" ''; - pythonImportsCheck = [ "aiosignal" ]; + pythonImportsCheck = [ + "aiosignal" + ]; meta = with lib; { description = "Python list of registered asynchronous callbacks"; homepage = "https://github.com/aio-libs/aiosignal"; + changelog = "https://github.com/aio-libs/aiosignal/blob/v${version}/CHANGES.rst"; license = with licenses; [ asl20 ]; maintainers = with maintainers; [ fab ]; }; diff --git a/pkgs/development/python-modules/h2/default.nix b/pkgs/development/python-modules/h2/default.nix index 97ccb7b912063..4e6c830c25a23 100644 --- a/pkgs/development/python-modules/h2/default.nix +++ b/pkgs/development/python-modules/h2/default.nix @@ -2,6 +2,7 @@ , buildPythonPackage , pythonOlder , fetchPypi +, fetchpatch , hpack , hyperframe , pytestCheckHook @@ -20,6 +21,15 @@ buildPythonPackage rec { sha256 = "sha256-qDrKCPvnqst5/seIycC6yTY0NWDtnsGLgqE6EsKNKrs="; }; + patches = [ + # https://github.com/python-hyper/h2/pull/1274 + (fetchpatch { + name = "fix-tests-in-python-3.11.patch"; + url = "https://github.com/python-hyper/h2/commit/8952c91606cd014720ccf202a25b5ee1fbed1591.patch"; + hash = "sha256-skAdAVHMZo1xJEqqKa6FOKPvoQQbGUgGsQjE11jIjtw="; + }) + ]; + propagatedBuildInputs = [ hpack hyperframe @@ -30,6 +40,11 @@ buildPythonPackage rec { hypothesis ]; + disabledTests = [ + # timing sensitive + "test_changing_max_frame_size" + ]; + pythonImportsCheck = [ "h2.connection" "h2.config" diff --git a/pkgs/development/python-modules/jsonschema/default.nix b/pkgs/development/python-modules/jsonschema/default.nix index 69dba8bd472ea..833a76399edd0 100644 --- a/pkgs/development/python-modules/jsonschema/default.nix +++ b/pkgs/development/python-modules/jsonschema/default.nix @@ -15,14 +15,14 @@ buildPythonPackage rec { pname = "jsonschema"; - version = "4.17.0"; + version = "4.17.3"; format = "pyproject"; disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - sha256 = "sha256-W/zyvKFqCHreF+ArKC00r3zNdJ73YkHn+b18DLipQk0="; + sha256 = "sha256-D4ZEN6uLYHa6ZwdFPvj5imoNUSqA6T+KvbZ29zfstg0="; }; postPatch = '' diff --git a/pkgs/development/python-modules/limits/default.nix b/pkgs/development/python-modules/limits/default.nix index 2b4499e29e8e1..f298bef4892f9 100644 --- a/pkgs/development/python-modules/limits/default.nix +++ b/pkgs/development/python-modules/limits/default.nix @@ -17,7 +17,7 @@ buildPythonPackage rec { pname = "limits"; - version = "2.7.0"; + version = "2.7.2"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -32,7 +32,7 @@ buildPythonPackage rec { postFetch = '' rm "$out/limits/_version.py" ''; - hash = "sha256-TBZElCogPtoR2qX1YjBgpYh99LhrvLHFtr2ogemo9/c="; + hash = "sha256-sL4/BE1qNfR33rZwBcwHo3UeVMfkNz7rwBNF4LBtSIw="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/multidict/default.nix b/pkgs/development/python-modules/multidict/default.nix index 6ee071732691b..ebc4daae0bc10 100644 --- a/pkgs/development/python-modules/multidict/default.nix +++ b/pkgs/development/python-modules/multidict/default.nix @@ -7,13 +7,15 @@ buildPythonPackage rec { pname = "multidict"; - version = "6.0.2"; + version = "6.0.3"; - disabled = pythonOlder "3.6"; + disabled = pythonOlder "3.7"; + + format = "setuptools"; src = fetchPypi { inherit pname version; - sha256 = "sha256-X/O9dfOOTEPx9HDy33pNQwuCHEziK+OE4UWctX1rsBM="; + hash = "sha256-JSOikAbANGh+zNPucAk6aXEpo//ocyU107Lfak7MJ50="; }; postPatch = '' @@ -25,6 +27,7 @@ buildPythonPackage rec { pythonImportsCheck = [ "multidict" ]; meta = with lib; { + changelog = "https://github.com/aio-libs/multidict/blob/v${version}/CHANGES.rst"; description = "Multidict implementation"; homepage = "https://github.com/aio-libs/multidict/"; license = licenses.asl20; diff --git a/pkgs/development/python-modules/poetry-core/default.nix b/pkgs/development/python-modules/poetry-core/default.nix index e90529dac6d0b..c669de8b03f60 100644 --- a/pkgs/development/python-modules/poetry-core/default.nix +++ b/pkgs/development/python-modules/poetry-core/default.nix @@ -15,7 +15,7 @@ buildPythonPackage rec { pname = "poetry-core"; - version = "1.3.2"; + version = "1.4.0"; format = "pyproject"; disabled = pythonOlder "3.7"; @@ -24,7 +24,7 @@ buildPythonPackage rec { owner = "python-poetry"; repo = pname; rev = version; - hash = "sha256-3Ryfq0MwrL/mKP8DmkhLOyFlulf3c73z9fFIzMuqOrg="; + hash = "sha256-SCzs2v0LIgx3vBYTavPqc7uwAQdWsdmkbDyHgIjOxrk="; }; propagatedBuildInputs = lib.optionals (pythonOlder "3.8") [ @@ -58,6 +58,7 @@ buildPythonPackage rec { ]; meta = with lib; { + changelog = "https://github.com/python-poetry/poetry-core/blob/${src.rev}/CHANGELOG.md"; description = "Core utilities for Poetry"; homepage = "https://github.com/python-poetry/poetry-core/"; license = licenses.mit; diff --git a/pkgs/development/python-modules/poetry-plugin-export/default.nix b/pkgs/development/python-modules/poetry-plugin-export/default.nix index bbf6013e4fd33..8711a4a527d0b 100644 --- a/pkgs/development/python-modules/poetry-plugin-export/default.nix +++ b/pkgs/development/python-modules/poetry-plugin-export/default.nix @@ -6,14 +6,14 @@ buildPythonPackage rec { pname = "poetry-plugin-export"; - version = "1.1.2"; + version = "1.2.0"; format = "pyproject"; src = fetchFromGitHub { owner = "python-poetry"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-+BDBQwYaiddq3OQDHKmLap3ehWJe+Gh5D3TwuNXycjg="; + hash = "sha256-xrAGjHFYRT6n+r/16b0xyoI7+1Q1Hsw3lEK92UabIqo="; }; postPatch = '' @@ -29,6 +29,7 @@ buildPythonPackage rec { pythonImportsCheck = []; meta = with lib; { + changelog = "https://github.com/python-poetry/poetry-plugin-export/blob/${src.rev}/CHANGELOG.md"; description = "Poetry plugin to export the dependencies to various formats"; license = licenses.mit; homepage = "https://github.com/python-poetry/poetry-plugin-export"; diff --git a/pkgs/development/python-modules/poetry/default.nix b/pkgs/development/python-modules/poetry/default.nix index 2e81f7e553122..ff5d4c91a5d69 100644 --- a/pkgs/development/python-modules/poetry/default.nix +++ b/pkgs/development/python-modules/poetry/default.nix @@ -8,6 +8,7 @@ , deepdiff , dulwich , fetchFromGitHub +, filelock , flatdict , html5lib , httpretty @@ -32,7 +33,9 @@ , requests-toolbelt , shellingham , stdenv +, tomli , tomlkit +, trove-classifiers , urllib3 , virtualenv , xattr @@ -40,7 +43,7 @@ buildPythonPackage rec { pname = "poetry"; - version = "1.2.2"; + version = "1.3.0"; format = "pyproject"; disabled = pythonOlder "3.7"; @@ -49,25 +52,19 @@ buildPythonPackage rec { owner = "python-poetry"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-huIjLv1T42HEmePCQNJpKnNxJKdyD9MlEtc2WRPOjRE="; + hash = "sha256-e60lGOu/g3SahArQXUuW8nIFgReILF5/lPOfOn0qz5o="; }; - postPatch = '' - substituteInPlace pyproject.toml \ - --replace 'crashtest = "^0.3.0"' 'crashtest = "*"' \ - --replace 'xattr = { version = "^0.9.7"' 'xattr = { version = "^0.10.0"' - ''; - nativeBuildInputs = [ installShellFiles ]; propagatedBuildInputs = [ cachecontrol - cachy cleo crashtest dulwich + filelock html5lib jsonschema keyring @@ -81,9 +78,12 @@ buildPythonPackage rec { requests-toolbelt shellingham tomlkit + trove-classifiers virtualenv ] ++ lib.optionals (stdenv.isDarwin) [ xattr + ] ++ lib.optionals (pythonOlder "3.11") [ + tomli ] ++ lib.optionals (pythonOlder "3.10") [ importlib-metadata ] ++ lib.optionals (pythonOlder "3.8") [ @@ -98,6 +98,7 @@ buildPythonPackage rec { ''; checkInputs = [ + cachy deepdiff flatdict pytestCheckHook @@ -142,6 +143,7 @@ buildPythonPackage rec { ]; meta = with lib; { + changelog = "https://github.com/python-poetry/poetry/blob/${src.rev}/CHANGELOG.md"; homepage = "https://python-poetry.org/"; description = "Python dependency management and packaging made easy"; license = licenses.mit; diff --git a/pkgs/development/python-modules/six/default.nix b/pkgs/development/python-modules/six/default.nix index 24fe639211d1a..61e6a178660d6 100644 --- a/pkgs/development/python-modules/six/default.nix +++ b/pkgs/development/python-modules/six/default.nix @@ -1,30 +1,31 @@ { lib , buildPythonPackage , fetchPypi -, pytest +, pytestCheckHook }: buildPythonPackage rec { pname = "six"; version = "1.16.0"; + format = "setuptools"; + src = fetchPypi { inherit pname version; sha256 = "1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926"; }; - checkInputs = [ pytest ]; - - checkPhase = '' - py.test test_six.py - ''; + checkInputs = [ + pytestCheckHook + ]; - # To prevent infinite recursion with pytest - doCheck = false; + pythonImportsCheck = [ "six" ]; meta = { - description = "A Python 2 and 3 compatibility library"; - homepage = "https://pypi.python.org/pypi/six/"; + changelog = "https://github.com/benjaminp/six/blob/${version}/CHANGES"; + description = "Python 2 and 3 compatibility library"; + homepage = "https://github.com/benjaminp/six"; license = lib.licenses.mit; + maintainers = with lib.maintainers; [ dotlambda ]; }; } diff --git a/pkgs/development/python-modules/tomlkit/default.nix b/pkgs/development/python-modules/tomlkit/default.nix index 6bd461db75a22..03ccef3a78322 100644 --- a/pkgs/development/python-modules/tomlkit/default.nix +++ b/pkgs/development/python-modules/tomlkit/default.nix @@ -10,11 +10,11 @@ buildPythonPackage rec { pname = "tomlkit"; - version = "0.11.4"; + version = "0.11.6"; src = fetchPypi { inherit pname version; - sha256 = "sha256-MjWpAQ+uVDI+cnw6wG+3IHUv5mNbNCbjedrsYPvUSoM="; + hash = "sha256-cblS5XIWiJN/sCz501TbzweFBmFJ0oVeRFMevdK2XXM="; }; propagatedBuildInputs = @@ -30,6 +30,7 @@ buildPythonPackage rec { meta = with lib; { homepage = "https://github.com/sdispater/tomlkit"; + changelog = "https://github.com/sdispater/tomlkit/blob/${version}/CHANGELOG.md"; description = "Style-preserving TOML library for Python"; license = licenses.mit; maintainers = with maintainers; [ jakewaksbaum ]; diff --git a/pkgs/development/python-modules/trove-classifiers/default.nix b/pkgs/development/python-modules/trove-classifiers/default.nix new file mode 100644 index 0000000000000..4e87963e9e8d0 --- /dev/null +++ b/pkgs/development/python-modules/trove-classifiers/default.nix @@ -0,0 +1,35 @@ +{ lib +, buildPythonPackage +, fetchPypi +, calver +, pytestCheckHook +}: + +buildPythonPackage rec { + pname = "trove-classifiers"; + version = "2022.12.1"; + + format = "setuptools"; + + src = fetchPypi { + inherit pname version; + sha256 = "8eccd9c075038ef2ec73276e2422d0dbf4d632f9133f029632d0df35374caf77"; + }; + + nativeBuildInputs = [ + calver + ]; + + checkInputs = [ + pytestCheckHook + ]; + + pythonImportsCheck = [ "trove_classifiers" ]; + + meta = { + description = "Canonical source for classifiers on PyPI"; + homepage = "https://github.com/pypa/trove-classifiers"; + license = lib.licenses.asl20; + maintainers = with lib.maintainers; [ dotlambda ]; + }; +} diff --git a/pkgs/development/python-modules/urllib3/default.nix b/pkgs/development/python-modules/urllib3/default.nix index ec63f5f21ed95..86083a4cc5736 100644 --- a/pkgs/development/python-modules/urllib3/default.nix +++ b/pkgs/development/python-modules/urllib3/default.nix @@ -20,12 +20,12 @@ buildPythonPackage rec { pname = "urllib3"; - version = "1.26.12"; + version = "1.26.13"; format = "setuptools"; src = fetchPypi { inherit pname version; - hash = "sha256-P6ls9CPmmHmX/DJq6N85bbKot8ZndH1H3djsupH0p04="; + hash = "sha256-wIPdDc5o2/vhEp1SccuQ+UR96n1SCXxuASYSDFId3qg="; }; # FIXME: remove backwards compatbility hack @@ -64,15 +64,27 @@ buildPythonPackage rec { ]; passthru.optional-dependencies = { - brotli = if isPyPy then [ brotlicffi ] else [ brotli ]; + brotli = if isPyPy then [ + brotlicffi + ] else [ + brotli + ]; # Use carefully since pyopenssl is not supported aarch64-darwin - secure = [ certifi cryptography idna pyopenssl ]; - socks = [ pysocks ]; + secure = [ + certifi + cryptography + idna + pyopenssl + ]; + socks = [ + pysocks + ]; }; meta = with lib; { description = "Powerful, sanity-friendly HTTP client for Python"; homepage = "https://github.com/shazow/urllib3"; + changelog = "https://github.com/urllib3/urllib3/blob/${version}/CHANGES.rst"; license = licenses.mit; maintainers = with maintainers; [ fab ]; }; diff --git a/pkgs/development/python-modules/yarl/default.nix b/pkgs/development/python-modules/yarl/default.nix index 249bf974322e2..171f6569cfd85 100644 --- a/pkgs/development/python-modules/yarl/default.nix +++ b/pkgs/development/python-modules/yarl/default.nix @@ -10,11 +10,15 @@ buildPythonPackage rec { pname = "yarl"; - version = "1.8.1"; + version = "1.8.2"; + + disabled = pythonOlder "3.7"; + + format = "setuptools"; src = fetchPypi { inherit pname version; - sha256 = "sha256-r4h4RbjC4GDrVgX/crby3SqrenYTeTc/2J0xT0dSq78="; + hash = "sha256-SdQ0AsbjATrQl4YCv2v1MoU1xI0ZIwS5G5ejxnkLFWI="; }; postPatch = '' @@ -44,6 +48,7 @@ buildPythonPackage rec { pythonImportsCheck = [ "yarl" ]; meta = with lib; { + changelog = "https://github.com/aio-libs/yarl/blob/v${version}/CHANGES.rst"; description = "Yet another URL library"; homepage = "https://github.com/aio-libs/yarl"; license = licenses.asl20; diff --git a/pkgs/development/tools/ansible-language-server/default.nix b/pkgs/development/tools/ansible-language-server/default.nix index 8d9b1f0ca50f7..4daa90a80a547 100644 --- a/pkgs/development/tools/ansible-language-server/default.nix +++ b/pkgs/development/tools/ansible-language-server/default.nix @@ -18,7 +18,7 @@ buildNpmPackage rec { npmDepsHash = "sha256-8FP6hF85w1Zbhiwi2V350ZWFAykAfvsXRGL8bvGk1XE="; npmBuildScript = "compile"; - # We remove the prepare and prepack scripts because they run the + # We remove/ignore the prepare and prepack scripts because they run the # build script, and therefore are redundant. # # Additionally, the prepack script runs npm ci in addition to the @@ -27,9 +27,10 @@ buildNpmPackage rec { # wiping out node_modules, which causes a mysterious error stating that tsc isn't installed. postPatch = '' sed -i '/"prepare"/d' package.json - sed -i '/"prepack"/d' package.json ''; + npmPackFlags = [ "--ignore-scripts" ]; + passthru.updateScript = nix-update-script { attrPath = pname; }; diff --git a/pkgs/development/tools/build-managers/apache-maven/builder.sh b/pkgs/development/tools/build-managers/apache-maven/builder.sh index dcc38b9ec74a1..96fe8ebfac295 100644 --- a/pkgs/development/tools/build-managers/apache-maven/builder.sh +++ b/pkgs/development/tools/build-managers/apache-maven/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup unpackPhase diff --git a/pkgs/development/tools/build-managers/boot/builder.sh b/pkgs/development/tools/build-managers/boot/builder.sh index c1481dc6a1445..e007cbac9582d 100644 --- a/pkgs/development/tools/build-managers/boot/builder.sh +++ b/pkgs/development/tools/build-managers/boot/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup boot_bin=$out/bin/boot diff --git a/pkgs/development/tools/jq/default.nix b/pkgs/development/tools/jq/default.nix index 5671f5dbe6412..6b41cc9862b9b 100644 --- a/pkgs/development/tools/jq/default.nix +++ b/pkgs/development/tools/jq/default.nix @@ -1,7 +1,6 @@ { lib , stdenv -, fetchpatch -, fetchFromGitHub +, fetchurl , autoreconfHook , onigurumaSupport ? true , oniguruma @@ -11,19 +10,14 @@ stdenv.mkDerivation rec { pname = "jq"; version = "1.6"; - src = fetchFromGitHub { - owner = "stedolan"; - repo = "jq"; - rev = "${pname}-${version}"; - hash = "sha256-CIE8vumQPGK+TFAncmpBijANpFALLTadOvkob0gVzro"; + # Note: do not use fetchpatch or fetchFromGitHub to keep this package available in __bootPackages + src = fetchurl { + url = "https://github.com/stedolan/jq/releases/download/jq-${version}/jq-${version}.tar.gz"; + sha256 = "sha256-XejI4pqqP7nMa0e7JymfJxNU67clFOOsytx9OLW7qnI="; }; patches = [ - (fetchpatch { - name = "fix-tests-when-building-without-regex-supports.patch"; - url = "https://github.com/stedolan/jq/pull/2292/commits/f6a69a6e52b68a92b816a28eb20719a3d0cb51ae.patch"; - sha256 = "pTM5FZ6hFs5Rdx+W2dICSS2lcoLY1Q//Lan3Hu8Gr58="; - }) + ./fix-tests-when-building-without-regex-supports.patch ]; outputs = [ "bin" "doc" "man" "dev" "lib" "out" ]; @@ -69,7 +63,7 @@ stdenv.mkDerivation rec { description = "A lightweight and flexible command-line JSON processor"; homepage = "https://stedolan.github.io/jq/"; license = licenses.mit; - maintainers = with maintainers; [ raskin globin ]; + maintainers = with maintainers; [ raskin globin artturin ]; platforms = platforms.unix; downloadPage = "https://stedolan.github.io/jq/download/"; }; diff --git a/pkgs/development/tools/jq/fix-tests-when-building-without-regex-supports.patch b/pkgs/development/tools/jq/fix-tests-when-building-without-regex-supports.patch new file mode 100644 index 0000000000000..ac7614ed80b27 --- /dev/null +++ b/pkgs/development/tools/jq/fix-tests-when-building-without-regex-supports.patch @@ -0,0 +1,38 @@ +From f6a69a6e52b68a92b816a28eb20719a3d0cb51ae Mon Sep 17 00:00:00 2001 +From: Dmitry Bogatov <git#v1@kaction.cc> +Date: Sat, 27 Mar 2021 00:00:00 +0000 +Subject: [PATCH] Disable some tests when building without regex support + +--- + Makefile.am | 5 ++++- + configure.ac | 1 + + 2 files changed, 5 insertions(+), 1 deletion(-) + +diff --git a/Makefile.am b/Makefile.am +index f5c1db594..f3f44bb9e 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -130,7 +130,10 @@ endif + + ### Tests (make check) + +-TESTS = tests/optionaltest tests/mantest tests/jqtest tests/onigtest tests/shtest tests/utf8test tests/base64test ++TESTS = tests/optionaltest tests/jqtest tests/shtest tests/utf8test tests/base64test ++if WITH_ONIGURUMA ++TESTS += tests/mantest tests/onigtest ++endif + TESTS_ENVIRONMENT = NO_VALGRIND=$(NO_VALGRIND) + + # This is a magic make variable that causes it to treat tests/man.test as a +diff --git a/configure.ac b/configure.ac +index 0441d4a2c..987d94e0a 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -278,6 +278,7 @@ AC_SUBST(onig_CFLAGS) + AC_SUBST(onig_LDFLAGS) + + AM_CONDITIONAL([BUILD_ONIGURUMA], [test "x$build_oniguruma" = xyes]) ++AM_CONDITIONAL([WITH_ONIGURUMA], [test "x$with_oniguruma" = xyes]) + AC_SUBST([BUNDLER], ["$bundle_cmd"]) + + AC_CONFIG_MACRO_DIR([config/m4]) diff --git a/pkgs/development/tools/misc/automake/builder.sh b/pkgs/development/tools/misc/automake/builder.sh index e54a2acca67e8..0cb1d5d61e33b 100644 --- a/pkgs/development/tools/misc/automake/builder.sh +++ b/pkgs/development/tools/misc/automake/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup # Wrap the given `aclocal' program, appending extra `-I' flags diff --git a/pkgs/development/tools/parsing/antlr/builder.sh b/pkgs/development/tools/parsing/antlr/builder.sh index b8e7791b6fc9b..55259b9321249 100644 --- a/pkgs/development/tools/parsing/antlr/builder.sh +++ b/pkgs/development/tools/parsing/antlr/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup tar zxvf $src diff --git a/pkgs/development/tools/rust/cargo-auditable/cargo-wrapper.nix b/pkgs/development/tools/rust/cargo-auditable/cargo-wrapper.nix new file mode 100644 index 0000000000000..3afa59739a374 --- /dev/null +++ b/pkgs/development/tools/rust/cargo-auditable/cargo-wrapper.nix @@ -0,0 +1,13 @@ +{ lib, writeShellApplication, cargo, cargo-auditable }: + +(writeShellApplication { + name = "cargo"; + runtimeInputs = [ cargo cargo-auditable ]; + text = '' + CARGO_AUDITABLE_IGNORE_UNSUPPORTED=1 cargo auditable "$@" + ''; +}) // { + meta = cargo-auditable.meta // { + mainProgram = "cargo"; + }; +} diff --git a/pkgs/development/tools/rust/cargo-auditable/default.nix b/pkgs/development/tools/rust/cargo-auditable/default.nix index 64580d8ad8b34..1c621276021aa 100644 --- a/pkgs/development/tools/rust/cargo-auditable/default.nix +++ b/pkgs/development/tools/rust/cargo-auditable/default.nix @@ -1,23 +1,40 @@ -{ lib, rustPlatform, fetchFromGitHub }: +{ lib, fetchFromGitHub, makeRustPlatform, rustc, cargo }: -rustPlatform.buildRustPackage rec { - pname = "cargo-auditable"; - version = "0.5.5"; +let + args = rec { + pname = "cargo-auditable"; + version = "0.6.0"; - src = fetchFromGitHub { - owner = "rust-secure-code"; - repo = pname; - rev = "v${version}"; - sha256 = "sha256-mEmTgd7sC2jmYeb5pEO985v/aWWKlq/mSQUAGi32loY="; - }; + src = fetchFromGitHub { + owner = "rust-secure-code"; + repo = pname; + rev = "v${version}"; + sha256 = "sha256-mSiEC+9QtRjWmywJnGgUqp+q8fhY0qUYrgjrAVaY114="; + }; + + cargoSha256 = "sha256-Wz5My/QxPpZVsPBUe3KHT3ttD6CTU8NCY8rhFEC+UlA="; - cargoSha256 = "sha256-G72UUqvFaTY/GQSkpz1wIzjb7vIWuAjvKMZosUB6YsA="; + meta = with lib; { + description = "A tool to make production Rust binaries auditable"; + homepage = "https://github.com/rust-secure-code/cargo-auditable"; + changelog = "https://github.com/rust-secure-code/cargo-auditable/blob/v${version}/cargo-auditable/CHANGELOG.md"; + license = with licenses; [ mit /* or */ asl20 ]; + maintainers = with maintainers; [ figsoda ]; + }; + }; - meta = with lib; { - description = "A tool to make production Rust binaries auditable"; - homepage = "https://github.com/rust-secure-code/cargo-auditable"; - changelog = "https://github.com/rust-secure-code/cargo-auditable/blob/v${version}/cargo-auditable/CHANGELOG.md"; - license = with licenses; [ mit /* or */ asl20 ]; - maintainers = with maintainers; [ figsoda ]; + rustPlatform = makeRustPlatform { + inherit rustc; + cargo = cargo.override { + auditable = false; + }; }; -} + + bootstrap = rustPlatform.buildRustPackage (args // { + auditable = false; + }); +in + +rustPlatform.buildRustPackage.override { cargo-auditable = bootstrap; } (args // { + auditable = true; # TODO: remove when this is the default +}) diff --git a/pkgs/development/tools/rust/maturin/default.nix b/pkgs/development/tools/rust/maturin/default.nix index b276a618110f1..384030c903d96 100644 --- a/pkgs/development/tools/rust/maturin/default.nix +++ b/pkgs/development/tools/rust/maturin/default.nix @@ -11,16 +11,16 @@ rustPlatform.buildRustPackage rec { pname = "maturin"; - version = "0.13.0"; + version = "0.14.5"; src = fetchFromGitHub { owner = "PyO3"; repo = "maturin"; rev = "v${version}"; - hash = "sha256-uKpYI+Oc49xgoIZCh72baBMZLcpMXk7g2Jb1DQxW9lk="; + hash = "sha256-3TEEmraQ9KGx29ok7IUdVzTW0ilaAci1dOZUlKvQYJE="; }; - cargoHash = "sha256-levBWghFIXOXe+NGXvwBqQpPmWeUK53ruSyLik1urSU="; + cargoHash = "sha256-/biWBTNIysg6HDozyF8UdKoxlgkHl9tnyean8+333hI="; nativeBuildInputs = [ pkg-config ]; diff --git a/pkgs/development/tools/rust/rust-analyzer/default.nix b/pkgs/development/tools/rust/rust-analyzer/default.nix index 0cd55e1f820b1..bfa2c1b782168 100644 --- a/pkgs/development/tools/rust/rust-analyzer/default.nix +++ b/pkgs/development/tools/rust/rust-analyzer/default.nix @@ -22,6 +22,8 @@ rustPlatform.buildRustPackage rec { sha256 = "sha256-QLKX/JhK+jRE61teK+Cr4f2KuAzgYuawStxOgJymqRg="; }; + auditable = true; # TODO: remove when this is the default + cargoBuildFlags = [ "--bin" "rust-analyzer" "--bin" "rust-analyzer-proc-macro-srv" ]; cargoTestFlags = [ "--package" "rust-analyzer" "--package" "proc-macro-srv-cli" ]; diff --git a/pkgs/development/tools/spirv-tools/default.nix b/pkgs/development/tools/spirv-tools/default.nix index 7edba948586e7..6f95ded63e15e 100644 --- a/pkgs/development/tools/spirv-tools/default.nix +++ b/pkgs/development/tools/spirv-tools/default.nix @@ -2,14 +2,14 @@ stdenv.mkDerivation rec { pname = "spirv-tools"; - version = "1.3.231.0"; + version = "1.3.236.0"; src = (assert version == spirv-headers.version; fetchFromGitHub { owner = "KhronosGroup"; repo = "SPIRV-Tools"; rev = "sdk-${version}"; - hash = "sha256-sqjQoz9v9alSPc0ujEcWZxDAWh2S6oAPP1+JZmNCpA0="; + hash = "sha256-BV7V/jS782zdvtuw/wNY5fyAdx8Z2niWSocNaW0Atho="; } ); diff --git a/pkgs/development/tools/vulkan-validation-layers/default.nix b/pkgs/development/tools/vulkan-validation-layers/default.nix index 4f6a766e5e96b..17e8983019561 100644 --- a/pkgs/development/tools/vulkan-validation-layers/default.nix +++ b/pkgs/development/tools/vulkan-validation-layers/default.nix @@ -22,7 +22,7 @@ let in stdenv.mkDerivation rec { pname = "vulkan-validation-layers"; - version = "1.3.231.0"; + version = "1.3.236.0"; # If we were to use "dev" here instead of headers, the setupHook would be # placed in that output instead of "out". @@ -34,7 +34,7 @@ stdenv.mkDerivation rec { owner = "KhronosGroup"; repo = "Vulkan-ValidationLayers"; rev = "sdk-${version}"; - hash = "sha256-5bzUauu8081zyRaWmRUtOxHjUU4gc1GWoJtU783Msh0="; + hash = "sha256-+VbiXtxzYaF5o+wIrJ+09LmgBdaLv/0VJGFDnBkrXms="; }); # Include absolute paths to layer libraries in their associated diff --git a/pkgs/development/web/nodejs/npm-patches.nix b/pkgs/development/web/nodejs/npm-patches.nix new file mode 100644 index 0000000000000..28432f806dc60 --- /dev/null +++ b/pkgs/development/web/nodejs/npm-patches.nix @@ -0,0 +1,23 @@ +{ fetchpatch }: + +[ + # Makes `npm pack` obey `--foreground-scripts` + (fetchpatch { + name = "libnpmpack-obey-foreground-scripts.patch"; + url = "https://github.com/npm/cli/commit/e4e8ae20aef9e27e57282e87e8757d5b364abb39.patch"; + hash = "sha256-NQ8CZBfRqAOMe0Ysg3cq1FiferWKTzXC1QXgzX+f8OU="; + stripLen = 2; + extraPrefix = "deps/npm/node_modules/"; + includes = [ "deps/npm/node_modules/libnpmpack/lib/index.js" ]; + }) + + # Makes `npm pack` obey `--ignore-scripts` + (fetchpatch { + name = "libnpmpack-obey-ignore-scripts.patch"; + url = "https://github.com/npm/cli/commit/a990c3c9a0e67f0a8b6454213675e159fe49432d.patch"; + hash = "sha256-eA5YST9RxMMjk5FCwEbl1HQUpXZuwWZkx5WC4yJium8="; + stripLen = 2; + extraPrefix = "deps/npm/node_modules/"; + includes = [ "deps/npm/node_modules/libnpmpack/lib/index.js" ]; + }) +] diff --git a/pkgs/development/web/nodejs/v16.nix b/pkgs/development/web/nodejs/v16.nix index a35c347c3d143..8483e7251b4e8 100644 --- a/pkgs/development/web/nodejs/v16.nix +++ b/pkgs/development/web/nodejs/v16.nix @@ -5,6 +5,8 @@ let inherit openssl; python = python3; }; + + npmPatches = callPackage ./npm-patches.nix { }; in buildNodejs { inherit enableNpm; @@ -13,5 +15,5 @@ in patches = [ ./disable-darwin-v8-system-instrumentation.patch ./bypass-darwin-xcrun-node16.patch - ]; + ] ++ npmPatches; } diff --git a/pkgs/development/web/nodejs/v18.nix b/pkgs/development/web/nodejs/v18.nix index 29f133a811052..b91f2c9f2c2b0 100644 --- a/pkgs/development/web/nodejs/v18.nix +++ b/pkgs/development/web/nodejs/v18.nix @@ -5,6 +5,8 @@ let inherit openssl; python = python3; }; + + npmPatches = callPackage ./npm-patches.nix { }; in buildNodejs { inherit enableNpm; @@ -21,5 +23,5 @@ buildNodejs { ./disable-darwin-v8-system-instrumentation.patch ./bypass-darwin-xcrun-node16.patch - ]; + ] ++ npmPatches; } diff --git a/pkgs/development/web/nodejs/v19.nix b/pkgs/development/web/nodejs/v19.nix index cbed3bbef9aa2..335477aa7ddc3 100644 --- a/pkgs/development/web/nodejs/v19.nix +++ b/pkgs/development/web/nodejs/v19.nix @@ -5,6 +5,8 @@ let inherit openssl; python = python3; }; + + npmPatches = callPackage ./npm-patches.nix { }; in buildNodejs { inherit enableNpm; @@ -14,5 +16,5 @@ buildNodejs { ./revert-arm64-pointer-auth.patch ./disable-darwin-v8-system-instrumentation-node19.patch ./bypass-darwin-xcrun-node16.patch - ]; + ] ++ npmPatches; } diff --git a/pkgs/games/jumpy/default.nix b/pkgs/games/jumpy/default.nix index 332db4a7a0fea..f4611ca3d20f9 100644 --- a/pkgs/games/jumpy/default.nix +++ b/pkgs/games/jumpy/default.nix @@ -26,6 +26,8 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "sha256-cK5n75T+Kkd6F4q4MFZNn0R6W6Nk2/H23AGhIe2FCig="; + auditable = true; # TODO: remove when this is the default + nativeBuildInputs = [ makeWrapper ] ++ lib.optionals stdenv.isLinux [ diff --git a/pkgs/misc/cups/drivers/samsung/4.00.39/builder.sh b/pkgs/misc/cups/drivers/samsung/4.00.39/builder.sh index f750df6e50639..bdb522744182e 100644 --- a/pkgs/misc/cups/drivers/samsung/4.00.39/builder.sh +++ b/pkgs/misc/cups/drivers/samsung/4.00.39/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup arch=$(uname -m) diff --git a/pkgs/os-specific/darwin/signing-utils/auto-sign-hook.sh b/pkgs/os-specific/darwin/signing-utils/auto-sign-hook.sh index cca65661f8a9c..6a254cd821236 100644 --- a/pkgs/os-specific/darwin/signing-utils/auto-sign-hook.sh +++ b/pkgs/os-specific/darwin/signing-utils/auto-sign-hook.sh @@ -25,7 +25,7 @@ signDarwinBinariesIn() { signDarwinBinariesInAllOutputs() { local output - for output in $outputs; do + for output in $(getAllOutputNames); do signDarwinBinariesIn "${!output}" done } diff --git a/pkgs/os-specific/linux/kernel-headers/default.nix b/pkgs/os-specific/linux/kernel-headers/default.nix index d8bfb59bf12a5..34fbde9d676ac 100644 --- a/pkgs/os-specific/linux/kernel-headers/default.nix +++ b/pkgs/os-specific/linux/kernel-headers/default.nix @@ -114,12 +114,12 @@ let in { inherit makeLinuxHeaders; - linuxHeaders = let version = "6.0"; in + linuxHeaders = let version = "6.1"; in makeLinuxHeaders { inherit version; src = fetchurl { url = "mirror://kernel/linux/kernel/v${lib.versions.major version}.x/linux-${version}.tar.xz"; - sha256 = "sha256-XCRDpVON5SaI77VcJ6sFOcH161jAz9FqK5+7CP2BeI4="; + sha256 = "sha256-LKHxcFGkMPb+0RluSVJxdQcXGs/ZfZZXchJQJwOyXes="; }; patches = [ ./no-relocs.patch # for building x86 kernel headers on non-ELF platforms diff --git a/pkgs/os-specific/linux/nvidia-x11/builder.sh b/pkgs/os-specific/linux/nvidia-x11/builder.sh index eadf88fd11680..1cf1400f996b7 100755 --- a/pkgs/os-specific/linux/nvidia-x11/builder.sh +++ b/pkgs/os-specific/linux/nvidia-x11/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup unpackManually() { diff --git a/pkgs/os-specific/linux/opengl/xorg-sys/builder.sh b/pkgs/os-specific/linux/opengl/xorg-sys/builder.sh index cd21899e60e7d..34f9b15794557 100644 --- a/pkgs/os-specific/linux/opengl/xorg-sys/builder.sh +++ b/pkgs/os-specific/linux/opengl/xorg-sys/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup mkdir -p $out/lib diff --git a/pkgs/os-specific/linux/shadow/default.nix b/pkgs/os-specific/linux/shadow/default.nix index c6fd417d0d6fa..9ba8984bb0321 100644 --- a/pkgs/os-specific/linux/shadow/default.nix +++ b/pkgs/os-specific/linux/shadow/default.nix @@ -10,22 +10,17 @@ let then glibcCross else assert stdenv.hostPlatform.libc == "glibc"; stdenv.cc.libc; - dots_in_usernames = fetchpatch { - url = "https://gitweb.gentoo.org/repo/gentoo.git/plain/sys-apps/shadow/files/shadow-4.1.3-dots-in-usernames.patch"; - sha256 = "1fj3rg6x3jppm5jvi9y7fhd2djbi4nc5pgwisw00xlh4qapgz692"; - }; - in stdenv.mkDerivation rec { pname = "shadow"; - version = "4.11.1"; + version = "4.13"; src = fetchFromGitHub { owner = "shadow-maint"; - repo = "shadow"; - rev = "v${version}"; - sha256 = "sha256-PxLX5V0t18JftT5wT41krNv18Ew7Kz3MfZkOi/80ODA="; + repo = pname; + rev = version; + sha256 = "sha256-L54DhdBYthfB9436t/XWXiqKhW7rfd0GLS7pYGB32rA="; }; buildInputs = [ libxcrypt ] @@ -34,13 +29,17 @@ stdenv.mkDerivation rec { docbook_xml_dtd_45 docbook_xsl flex bison itstool ]; - patches = - [ ./keep-path.patch - # Obtain XML resources from XML catalog (patch adapted from gtk-doc) - ./respect-xml-catalog-files-var.patch - dots_in_usernames - ./runtime-shell.patch - ]; + patches = [ + ./keep-path.patch + # Obtain XML resources from XML catalog (patch adapted from gtk-doc) + ./respect-xml-catalog-files-var.patch + ./runtime-shell.patch + # Fix HAVE_SHADOWGRP configure check + (fetchpatch { + url = "https://github.com/shadow-maint/shadow/commit/a281f241b592aec636d1b93a99e764499d68c7ef.patch"; + sha256 = "sha256-GJWg/8ggTnrbIgjI+HYa26DdVbjTHTk/IHhy7GU9G5w="; + }) + ]; RUNTIME_SHELL = runtimeShell; @@ -49,7 +48,7 @@ stdenv.mkDerivation rec { ''sed 's/^\(s[ug]idperms\) = [0-9]755/\1 = 0755/' -i src/Makefile.am ''; - outputs = [ "out" "su" "man" ]; + outputs = [ "out" "su" "dev" "man" ]; enableParallelBuilding = true; diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 91746b9f10903..7a872c3b54562 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -123,7 +123,7 @@ assert withHomed -> withCryptsetup; let wantCurl = withRemote || withImportd; wantGcrypt = withResolved || withImportd; - version = "252.1"; + version = "252.3"; # Bump this variable on every (major) version change. See below (in the meson options list) for why. # command: @@ -140,7 +140,7 @@ stdenv.mkDerivation { owner = "systemd"; repo = "systemd-stable"; rev = "v${version}"; - hash = "sha256-G43qbNF7znTITSM78sOL0qi8nqaA7qIhmiqP/rZKjXY="; + hash = "sha256-F2wtg12amigd5KNCWmG3b9Yu6PUOby9mQgZ2VFtxl5A=="; }; # On major changes, or when otherwise required, you *must* reformat the patches, diff --git a/pkgs/servers/http/tomcat/axis2/builder.sh b/pkgs/servers/http/tomcat/axis2/builder.sh index 2e36367e9dcf5..d334ab6f927f4 100644 --- a/pkgs/servers/http/tomcat/axis2/builder.sh +++ b/pkgs/servers/http/tomcat/axis2/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi source $stdenv/setup unzip $src diff --git a/pkgs/servers/monitoring/munin/default.nix b/pkgs/servers/monitoring/munin/default.nix index c05dbe28f2493..ad2eb36913142 100644 --- a/pkgs/servers/monitoring/munin/default.nix +++ b/pkgs/servers/monitoring/munin/default.nix @@ -55,7 +55,7 @@ stdenv.mkDerivation rec { ]; # needs to find a local perl module during build - PERL_USE_UNSAFE_INC = "1"; + env.PERL_USE_UNSAFE_INC = "1"; # TODO: tests are failing https://munin-monitoring.org/ticket/1390#comment:1 # NOTE: important, test command always exits with 0, think of a way to abort the build once tests pass diff --git a/pkgs/servers/x11/xorg/builder.sh b/pkgs/servers/x11/xorg/builder.sh index 5a832cb14d539..9ee81091584b5 100644 --- a/pkgs/servers/x11/xorg/builder.sh +++ b/pkgs/servers/x11/xorg/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi # This is the builder for all X.org components. source $stdenv/setup diff --git a/pkgs/stdenv/darwin/default.nix b/pkgs/stdenv/darwin/default.nix index 9a7cd9aa9dee5..76c44870f4ad6 100644 --- a/pkgs/stdenv/darwin/default.nix +++ b/pkgs/stdenv/darwin/default.nix @@ -262,11 +262,12 @@ rec { ln -s ${bootstrapTools}/bin/rewrite-tbd $out/bin ''; - binutils-unwrapped = { name = "bootstrap-stage0-binutils"; outPath = bootstrapTools; }; + binutils-unwrapped = bootstrapTools // { + name = "bootstrap-stage0-binutils"; + }; - cctools = { + cctools = bootstrapTools // { name = "bootstrap-stage0-cctools"; - outPath = bootstrapTools; targetPrefix = ""; }; diff --git a/pkgs/stdenv/generic/default-builder.sh b/pkgs/stdenv/generic/default-builder.sh index 273fc55c75523..8c6fec7873b6e 100644 --- a/pkgs/stdenv/generic/default-builder.sh +++ b/pkgs/stdenv/generic/default-builder.sh @@ -1,2 +1,6 @@ +if [ -f .attrs.sh ]; then + . .attrs.sh +fi + source $stdenv/setup genericBuild diff --git a/pkgs/stdenv/generic/default.nix b/pkgs/stdenv/generic/default.nix index 81255726284b5..cf194be92bd75 100644 --- a/pkgs/stdenv/generic/default.nix +++ b/pkgs/stdenv/generic/default.nix @@ -57,28 +57,21 @@ argsStdenv@{ name ? "stdenv", preHook ? "", initialPath let defaultNativeBuildInputs = extraNativeBuildInputs ++ - [ ../../build-support/setup-hooks/move-docs.sh - ../../build-support/setup-hooks/make-symlinks-relative.sh - ../../build-support/setup-hooks/compress-man-pages.sh - ../../build-support/setup-hooks/strip.sh - ../../build-support/setup-hooks/patch-shebangs.sh - ../../build-support/setup-hooks/prune-libtool-files.sh - ] - # FIXME this on Darwin; see - # https://github.com/NixOS/nixpkgs/commit/94d164dd7#commitcomment-22030369 - ++ lib.optionals hostPlatform.isLinux [ + [ ../../build-support/setup-hooks/audit-tmpdir.sh + ../../build-support/setup-hooks/compress-man-pages.sh + ../../build-support/setup-hooks/make-symlinks-relative.sh + ../../build-support/setup-hooks/move-docs.sh + ../../build-support/setup-hooks/move-lib64.sh + ../../build-support/setup-hooks/move-sbin.sh ../../build-support/setup-hooks/move-systemd-user-units.sh - ] - ++ [ ../../build-support/setup-hooks/multiple-outputs.sh - ../../build-support/setup-hooks/move-sbin.sh - ../../build-support/setup-hooks/move-lib64.sh - ../../build-support/setup-hooks/set-source-date-epoch-to-latest.sh + ../../build-support/setup-hooks/patch-shebangs.sh + ../../build-support/setup-hooks/prune-libtool-files.sh ../../build-support/setup-hooks/reproducible-builds.sh - # TODO use lib.optional instead - (if hasCC then cc else null) - ]; + ../../build-support/setup-hooks/set-source-date-epoch-to-latest.sh + ../../build-support/setup-hooks/strip.sh + ] ++ lib.optionals hasCC [ cc ]; defaultBuildInputs = extraBuildInputs; diff --git a/pkgs/stdenv/generic/make-derivation.nix b/pkgs/stdenv/generic/make-derivation.nix index 510537aac9f39..81fc31d67289a 100644 --- a/pkgs/stdenv/generic/make-derivation.nix +++ b/pkgs/stdenv/generic/make-derivation.nix @@ -154,6 +154,12 @@ let (! attrs ? outputHash) # Fixed-output drvs can't be content addressed too && config.contentAddressedByDefault +# Experimental. For simple packages mostly just works, +# but for anything complex, be prepared to debug if enabling. +, __structuredAttrs ? config.structuredAttrsByDefault or false + +, env ? { } + , ... } @ attrs: let @@ -259,13 +265,16 @@ else let lib.unique (lib.concatMap (input: input.__propagatedImpureHostDeps or []) (lib.concatLists propagatedDependencies)); + envIsExportable = lib.isAttrs env && !lib.isDerivation env; + derivationArg = (removeAttrs attrs - ["meta" "passthru" "pos" + (["meta" "passthru" "pos" "checkInputs" "installCheckInputs" "__darwinAllowLocalNetworking" "__impureHostDeps" "__propagatedImpureHostDeps" - "sandboxProfile" "propagatedSandboxProfile"]) + "sandboxProfile" "propagatedSandboxProfile"] + ++ lib.optional (__structuredAttrs || envIsExportable) "env")) // (lib.optionalAttrs (attrs ? name || (attrs ? pname && attrs ? version)) { name = let @@ -289,7 +298,7 @@ else let then attrs.name + hostSuffix else "${attrs.pname}${staticMarker}${hostSuffix}-${attrs.version}" ); - }) // { + }) // lib.optionalAttrs __structuredAttrs { env = checkedEnv; } // { builder = attrs.realBuilder or stdenv.shell; args = attrs.args or ["-e" (attrs.builder or ./default-builder.sh)]; inherit stdenv; @@ -304,8 +313,7 @@ else let userHook = config.stdenv.userHook or null; __ignoreNulls = true; - - inherit strictDeps; + inherit __structuredAttrs strictDeps; depsBuildBuild = lib.elemAt (lib.elemAt dependencies 0) 0; nativeBuildInputs = lib.elemAt (lib.elemAt dependencies 0) 1; @@ -410,6 +418,7 @@ else let outputHashAlgo = attrs.outputHashAlgo or "sha256"; outputHashMode = attrs.outputHashMode or "recursive"; } // lib.optionalAttrs (enableParallelBuilding) { + inherit enableParallelBuilding; enableParallelChecking = attrs.enableParallelChecking or true; } // lib.optionalAttrs (hardeningDisable != [] || hardeningEnable != [] || stdenv.hostPlatform.isMusl) { NIX_HARDENING_ENABLE = enabledHardeningOptions; @@ -473,6 +482,19 @@ else let else true); }; + checkedEnv = + let + overlappingNames = lib.attrNames (builtins.intersectAttrs env derivationArg); + in + assert lib.assertMsg envIsExportable + "When using structured attributes, `env` must be an attribute set of environment variables."; + assert lib.assertMsg (overlappingNames == [ ]) + "The ‘env’ attribute set cannot contain any attributes passed to derivation. The following attributes are overlapping: ${lib.concatStringsSep ", " overlappingNames}"; + lib.mapAttrs + (n: v: assert lib.assertMsg (lib.isString v || lib.isBool v || lib.isInt v || lib.isDerivation v) + "The ‘env’ attribute set can only contain derivation, string, boolean or integer attributes. The ‘${n}’ attribute is of type ${builtins.typeOf v}."; v) + env; + in lib.extendDerivation @@ -509,7 +531,7 @@ lib.extendDerivation # should be made available to Nix expressions using the # derivation (e.g., in assertions). passthru) - (derivation derivationArg); + (derivation (derivationArg // lib.optionalAttrs envIsExportable checkedEnv)); in fnOrAttrs: diff --git a/pkgs/stdenv/generic/setup.sh b/pkgs/stdenv/generic/setup.sh index c6cdb6c3df750..b07420bb4185c 100644 --- a/pkgs/stdenv/generic/setup.sh +++ b/pkgs/stdenv/generic/setup.sh @@ -15,8 +15,33 @@ if (( "${NIX_DEBUG:-0}" >= 6 )); then set -x fi -: ${outputs:=out} +if [ -f .attrs.sh ]; then + __structuredAttrs=1 + echo "structuredAttrs is enabled" +else + __structuredAttrs= +fi +if [ -n "$__structuredAttrs" ]; then + for outputName in "${!outputs[@]}"; do + # ex: out=/nix/store/... + export "$outputName=${outputs[$outputName]}" + done + # $NIX_ATTRS_JSON_FILE points to the wrong location in sandbox + # https://github.com/NixOS/nix/issues/6736 + export NIX_ATTRS_JSON_FILE="$NIX_BUILD_TOP/.attrs.json" + export NIX_ATTRS_SH_FILE="$NIX_BUILD_TOP/.attrs.sh" +else + : ${outputs:=out} +fi + +getAllOutputNames() { + if [ -n "$__structuredAttrs" ]; then + echo "${!outputs[*]}" + else + echo "$outputs" + fi +} ###################################################################### # Hook handling. @@ -175,6 +200,109 @@ addToSearchPath() { addToSearchPathWithCustomDelimiter ":" "$@" } +# Prepend elements to variable "$1", which may come from an attr. +# +# This is useful in generic setup code, which must (for now) support +# both derivations with and without __structuredAttrs true, so the +# variable may be an array or a space-separated string. +# +# Expressions for individual packages should simply switch to array +# syntax when they switch to setting __structuredAttrs = true. +prependToVar() { + local -n nameref="$1" + + useArray= + if [ -n "$__structuredAttrs" ]; then + useArray=true + else + useArray=false + fi + + # check if variable already exist and if it does then do extra checks + if declare -p "$1" 2> /dev/null | grep -q '^'; then + type="$(declare -p "$1")" + if [[ "$type" =~ "declare -A" ]]; then + echo "prependToVar(): ERROR: trying to use prependToVar on an associative array." >&2 + return 1 + elif [[ "$type" =~ "declare -a" ]]; then + useArray=true + else + useArray=false + fi + fi + + shift + + if $useArray; then + nameref=( "$@" ${nameref+"${nameref[@]}"} ) + else + nameref="$* ${nameref-}" + fi +} + +# Same as above +appendToVar() { + local -n nameref="$1" + + useArray= + if [ -n "$__structuredAttrs" ]; then + useArray=true + else + useArray=false + fi + + # check if variable already exist and if it does then do extra checks + if declare -p "$1" 2> /dev/null | grep -q '^'; then + type="$(declare -p "$1")" + if [[ "$type" =~ "declare -A" ]]; then + echo "appendToVar(): ERROR: trying to use appendToVar on an associative array, use variable+=([\"X\"]=\"Y\") instead." >&2 + return 1 + elif [[ "$type" =~ "declare -a" ]]; then + useArray=true + else + useArray=false + fi + fi + + shift + + if $useArray; then + nameref=( ${nameref+"${nameref[@]}"} "$@" ) + else + nameref="${nameref-} $*" + fi +} + +# Accumulate into `flagsArray` the flags from the named variables. +# +# If __structuredAttrs, the variables are all treated as arrays +# and simply concatenated onto `flagsArray`. +# +# If not __structuredAttrs, then: +# * Each variable is treated as a string, and split on whitespace; +# * except variables whose names end in "Array", which are treated +# as arrays. +_accumFlagsArray() { + local name + if [ -n "$__structuredAttrs" ]; then + for name in "$@"; do + local -n nameref="$name" + flagsArray+=( ${nameref+"${nameref[@]}"} ) + done + else + for name in "$@"; do + local -n nameref="$name" + case "$name" in + *Array) + flagsArray+=( ${nameref+"${nameref[@]}"} ) ;; + *) + flagsArray+=( ${nameref-} ) ;; + esac + done + fi + +} + # Add $1/lib* into rpaths. # The function is used in multiple-outputs.sh hook, # so it is defined here but tried after the hook. @@ -255,6 +383,14 @@ printWords() { ###################################################################### # Initialisation. +# If using structured attributes, export variables from `env` to the environment. +# When not using structured attributes, those variables are already exported. +if [[ -n $__structuredAttrs ]]; then + for envVar in "${!env[@]}"; do + declare -x "${envVar}=${env[${envVar}]}" + done +fi + # Set a fallback default value for SOURCE_DATE_EPOCH, used by some build tools # to provide a deterministic substitute for the "current" time. Note that @@ -469,6 +605,10 @@ findInputs() { done } +# The way we handle deps* and *Inputs works with structured attrs +# either enabled or disabled. For this it's convenient that the items +# in each list must be store paths, and therefore space-free. + # Make sure all are at least defined as empty : ${depsBuildBuild=} ${depsBuildBuildPropagated=} : ${nativeBuildInputs=} ${propagatedNativeBuildInputs=} ${defaultNativeBuildInputs=} @@ -477,29 +617,29 @@ findInputs() { : ${buildInputs=} ${propagatedBuildInputs=} ${defaultBuildInputs=} : ${depsTargetTarget=} ${depsTargetTargetPropagated=} -for pkg in $depsBuildBuild $depsBuildBuildPropagated; do +for pkg in ${depsBuildBuild[@]} ${depsBuildBuildPropagated[@]}; do findInputs "$pkg" -1 -1 done -for pkg in $nativeBuildInputs $propagatedNativeBuildInputs; do +for pkg in ${nativeBuildInputs[@]} ${propagatedNativeBuildInputs[@]}; do findInputs "$pkg" -1 0 done -for pkg in $depsBuildTarget $depsBuildTargetPropagated; do +for pkg in ${depsBuildTarget[@]} ${depsBuildTargetPropagated[@]}; do findInputs "$pkg" -1 1 done -for pkg in $depsHostHost $depsHostHostPropagated; do +for pkg in ${depsHostHost[@]} ${depsHostHostPropagated[@]}; do findInputs "$pkg" 0 0 done -for pkg in $buildInputs $propagatedBuildInputs ; do +for pkg in ${buildInputs[@]} ${propagatedBuildInputs[@]} ; do findInputs "$pkg" 0 1 done -for pkg in $depsTargetTarget $depsTargetTargetPropagated; do +for pkg in ${depsTargetTarget[@]} ${depsTargetTargetPropagated[@]}; do findInputs "$pkg" 1 1 done # Default inputs must be processed last -for pkg in $defaultNativeBuildInputs; do +for pkg in ${defaultNativeBuildInputs[@]}; do findInputs "$pkg" -1 0 done -for pkg in $defaultBuildInputs; do +for pkg in ${defaultBuildInputs[@]}; do findInputs "$pkg" 0 1 done @@ -787,6 +927,10 @@ substituteInPlace() { } _allFlags() { + # export some local variables for the awk below + # so some substitutions such as name don't have to be in the env attrset + # when __structuredAttrs is enabled + export system pname name version for varName in $(awk 'BEGIN { for (v in ENVIRON) if (v ~ /^[a-z][a-zA-Z0-9_]*$/) print v }'); do if (( "${NIX_DEBUG:-0}" >= 1 )); then printf "@%s@ -> %q\n" "${varName}" "${!varName}" @@ -909,6 +1053,13 @@ unpackPhase() { srcs="$src" fi + local -a srcsArray + if [ -n "$__structuredAttrs" ]; then + srcsArray=( "${srcs[@]}" ) + else + srcsArray=( $srcs ) + fi + # To determine the source directory created by unpacking the # source archives, we record the contents of the current # directory, then look below which directory got added. Yeah, @@ -921,7 +1072,7 @@ unpackPhase() { done # Unpack all source archives. - for i in $srcs; do + for i in "${srcsArray[@]}"; do unpackFile "$i" done @@ -971,7 +1122,14 @@ unpackPhase() { patchPhase() { runHook prePatch - for i in ${patches:-}; do + local -a patchesArray + if [ -n "$__structuredAttrs" ]; then + patchesArray=( ${patches:+"${patches[@]}"} ) + else + patchesArray=( ${patches:-} ) + fi + + for i in "${patchesArray[@]}"; do header "applying patch $i" 3 local uncompress=cat case "$i" in @@ -988,9 +1146,17 @@ patchPhase() { uncompress="lzma -d" ;; esac + + local -a flagsArray + if [ -n "$__structuredAttrs" ]; then + flagsArray=( "${patchFlags[@]:--p1}" ) + else + # shellcheck disable=SC2086 + flagsArray=( ${patchFlags:--p1} ) + fi # "2>&1" is a hack to make patch fail if the decompressor fails (nonexistent patch, etc.) # shellcheck disable=SC2086 - $uncompress < "$i" 2>&1 | patch ${patchFlags:--p1} + $uncompress < "$i" 2>&1 | patch "${flagsArray[@]}" done runHook postPatch @@ -1018,7 +1184,6 @@ configurePhase() { # set to empty if unset : ${configureScript=} - : ${configureFlags=} if [[ -z "$configureScript" && -x ./configure ]]; then configureScript=./configure @@ -1049,31 +1214,29 @@ configurePhase() { fi if [[ -z "${dontAddPrefix:-}" && -n "$prefix" ]]; then - configureFlags="${prefixKey:---prefix=}$prefix $configureFlags" + prependToVar configureFlags "${prefixKey:---prefix=}$prefix" fi if [[ -f "$configureScript" ]]; then # Add --disable-dependency-tracking to speed up some builds. if [ -z "${dontAddDisableDepTrack:-}" ]; then if grep -q dependency-tracking "$configureScript"; then - configureFlags="--disable-dependency-tracking $configureFlags" + prependToVar configureFlags --disable-dependency-tracking fi fi # By default, disable static builds. if [ -z "${dontDisableStatic:-}" ]; then if grep -q enable-static "$configureScript"; then - configureFlags="--disable-static $configureFlags" + prependToVar configureFlags --disable-static fi fi fi if [ -n "$configureScript" ]; then - # Old bash empty array hack - # shellcheck disable=SC2086 - local flagsArray=( - $configureFlags "${configureFlagsArray[@]}" - ) + local -a flagsArray + _accumFlagsArray configureFlags configureFlagsArray + echoCmd 'configure flags' "${flagsArray[@]}" # shellcheck disable=SC2086 $configureScript "${flagsArray[@]}" @@ -1089,22 +1252,17 @@ configurePhase() { buildPhase() { runHook preBuild - # set to empty if unset - : ${makeFlags=} - - if [[ -z "$makeFlags" && -z "${makefile:-}" && ! ( -e Makefile || -e makefile || -e GNUmakefile ) ]]; then + if [[ -z "${makeFlags-}" && -z "${makefile:-}" && ! ( -e Makefile || -e makefile || -e GNUmakefile ) ]]; then echo "no Makefile, doing nothing" else foundMakefile=1 - # Old bash empty array hack # shellcheck disable=SC2086 local flagsArray=( ${enableParallelBuilding:+-j${NIX_BUILD_CORES}} SHELL=$SHELL - $makeFlags "${makeFlagsArray[@]}" - $buildFlags "${buildFlagsArray[@]}" ) + _accumFlagsArray makeFlags makeFlagsArray buildFlags buildFlagsArray echoCmd 'build flags' "${flagsArray[@]}" make ${makefile:+-f $makefile} "${flagsArray[@]}" @@ -1141,11 +1299,17 @@ checkPhase() { local flagsArray=( ${enableParallelChecking:+-j${NIX_BUILD_CORES}} SHELL=$SHELL - $makeFlags "${makeFlagsArray[@]}" - ${checkFlags:-VERBOSE=y} "${checkFlagsArray[@]}" - ${checkTarget} ) + _accumFlagsArray makeFlags makeFlagsArray + if [ -n "$__structuredAttrs" ]; then + flagsArray+=( "${checkFlags[@]:-VERBOSE=y}" ) + else + flagsArray+=( ${checkFlags:-VERBOSE=y} ) + fi + _accumFlagsArray checkFlagsArray + flagsArray+=( ${checkTarget} ) + echoCmd 'check flags' "${flagsArray[@]}" make ${makefile:+-f $makefile} "${flagsArray[@]}" @@ -1163,14 +1327,16 @@ installPhase() { mkdir -p "$prefix" fi - # Old bash empty array hack # shellcheck disable=SC2086 local flagsArray=( SHELL=$SHELL - $makeFlags "${makeFlagsArray[@]}" - $installFlags "${installFlagsArray[@]}" - ${installTargets:-install} ) + _accumFlagsArray makeFlags makeFlagsArray installFlags installFlagsArray + if [ -n "$__structuredAttrs" ]; then + flagsArray+=( "${installTargets[@]:-install}" ) + else + flagsArray+=( ${installTargets:-install} ) + fi echoCmd 'install flags' "${flagsArray[@]}" make ${makefile:+-f $makefile} "${flagsArray[@]}" @@ -1186,7 +1352,7 @@ installPhase() { fixupPhase() { # Make sure everything is writable so "strip" et al. work. local output - for output in $outputs; do + for output in $(getAllOutputNames); do if [ -e "${!output}" ]; then chmod -R u+w "${!output}"; fi done @@ -1194,7 +1360,7 @@ fixupPhase() { # Apply fixup to each output. local output - for output in $outputs; do + for output in $(getAllOutputNames); do prefix="${!output}" runHook fixupOutput done @@ -1239,7 +1405,10 @@ fixupPhase() { if [ -n "${setupHooks:-}" ]; then mkdir -p "${!outputDev}/nix-support" local hook - for hook in $setupHooks; do + # have to use ${setupHooks[@]} without quotes because it needs to support setupHooks being a array or a whitespace separated string + # # values of setupHooks won't have spaces so it won't cause problems + # shellcheck disable=2068 + for hook in ${setupHooks[@]}; do local content consumeEntire content < "$hook" substituteAllStream content "file '$hook'" >> "${!outputDev}/nix-support/setup-hook" @@ -1275,11 +1444,12 @@ installCheckPhase() { local flagsArray=( ${enableParallelChecking:+-j${NIX_BUILD_CORES}} SHELL=$SHELL - $makeFlags "${makeFlagsArray[@]}" - $installCheckFlags "${installCheckFlagsArray[@]}" - ${installCheckTarget:-installcheck} ) + _accumFlagsArray makeFlags makeFlagsArray \ + installCheckFlags installCheckFlagsArray + flagsArray+=( ${installCheckTarget:-installcheck} ) + echoCmd 'installcheck flags' "${flagsArray[@]}" make ${makefile:+-f $makefile} "${flagsArray[@]}" unset flagsArray @@ -1292,11 +1462,9 @@ installCheckPhase() { distPhase() { runHook preDist - # Old bash empty array hack - # shellcheck disable=SC2086 - local flagsArray=( - $distFlags "${distFlagsArray[@]}" ${distTarget:-dist} - ) + local flagsArray=() + _accumFlagsArray distFlags distFlagsArray + flagsArray+=( ${distTarget:-dist} ) echo 'dist flags: %q' "${flagsArray[@]}" make ${makefile:+-f $makefile} "${flagsArray[@]}" @@ -1307,7 +1475,7 @@ distPhase() { # Note: don't quote $tarballs, since we explicitly permit # wildcards in there. # shellcheck disable=SC2086 - cp -pvd ${tarballs:-*.tar.gz} "$out/tarballs" + cp -pvd ${tarballs[*]:-*.tar.gz} "$out/tarballs" fi runHook postDist @@ -1357,14 +1525,18 @@ genericBuild() { return fi - if [ -z "${phases:-}" ]; then - phases="${prePhases:-} unpackPhase patchPhase ${preConfigurePhases:-} \ - configurePhase ${preBuildPhases:-} buildPhase checkPhase \ - ${preInstallPhases:-} installPhase ${preFixupPhases:-} fixupPhase installCheckPhase \ - ${preDistPhases:-} distPhase ${postPhases:-}"; + if [ -z "${phases[*]:-}" ]; then + phases="${prePhases[*]:-} unpackPhase patchPhase ${preConfigurePhases[*]:-} \ + configurePhase ${preBuildPhases[*]:-} buildPhase checkPhase \ + ${preInstallPhases[*]:-} installPhase ${preFixupPhases[*]:-} fixupPhase installCheckPhase \ + ${preDistPhases[*]:-} distPhase ${postPhases[*]:-}"; fi - for curPhase in $phases; do + # The use of ${phases[*]} gives the correct behavior both with and + # without structured attrs. This relies on the fact that each + # phase name is space-free, which it must be because it's the name + # of either a shell variable or a shell function. + for curPhase in ${phases[*]}; do if [[ "$curPhase" = unpackPhase && -n "${dontUnpack:-}" ]]; then continue; fi if [[ "$curPhase" = patchPhase && -n "${dontPatch:-}" ]]; then continue; fi if [[ "$curPhase" = configurePhase && -n "${dontConfigure:-}" ]]; then continue; fi @@ -1414,6 +1586,7 @@ runHook userHook dumpVars + # Restore the original options for nix-shell [[ $__nixpkgs_setup_set_original == *e* ]] || set +e [[ $__nixpkgs_setup_set_original == *u* ]] || set +u diff --git a/pkgs/stdenv/linux/default.nix b/pkgs/stdenv/linux/default.nix index dbaff342fb1af..6a1211f9cc48f 100644 --- a/pkgs/stdenv/linux/default.nix +++ b/pkgs/stdenv/linux/default.nix @@ -249,7 +249,7 @@ in # Apparently iconv won't work with bootstrap glibc, but it will be used # with glibc built later where we keep *this* build of libunistring, # so we need to trick it into supporting libiconv. - am_cv_func_iconv_works = "yes"; + env = attrs.env or {} // { am_cv_func_iconv_works = "yes"; }; }); libidn2 = super.libidn2.overrideAttrs (attrs: { postFixup = attrs.postFixup or "" + '' diff --git a/pkgs/test/default.nix b/pkgs/test/default.nix index e72afbb399801..9cf5487372d04 100644 --- a/pkgs/test/default.nix +++ b/pkgs/test/default.nix @@ -21,11 +21,14 @@ with pkgs; cc-wrapper-clang-9 = callPackage ./cc-wrapper { stdenv = llvmPackages_9.stdenv; }; cc-wrapper-libcxx-9 = callPackage ./cc-wrapper { stdenv = llvmPackages_9.libcxxStdenv; }; stdenv-inputs = callPackage ./stdenv-inputs { }; + stdenv = callPackage ./stdenv { }; config = callPackage ./config.nix { }; haskell = callPackage ./haskell { }; + hooks = callPackage ./hooks { }; + cc-multilib-gcc = callPackage ./cc-wrapper/multilib.nix { stdenv = gccMultiStdenv; }; cc-multilib-clang = callPackage ./cc-wrapper/multilib.nix { stdenv = clangMultiStdenv; }; diff --git a/pkgs/test/hooks/default.nix b/pkgs/test/hooks/default.nix new file mode 100644 index 0000000000000..aabf939b68657 --- /dev/null +++ b/pkgs/test/hooks/default.nix @@ -0,0 +1,8 @@ +# To run these tests: +# nix-build -A tests.hooks + +{ stdenv, tests, lib }: + +{ + default-stdenv-hooks = lib.recurseIntoAttrs tests.stdenv.hooks; +} diff --git a/pkgs/test/simple/builder.sh b/pkgs/test/simple/builder.sh index 65f7e4c11ba1b..908faec3c3888 100644 --- a/pkgs/test/simple/builder.sh +++ b/pkgs/test/simple/builder.sh @@ -1,3 +1,4 @@ +if [ -e .attrs.sh ]; then source .attrs.sh; fi set -x export NIX_DEBUG=1 diff --git a/pkgs/test/stdenv/default.nix b/pkgs/test/stdenv/default.nix new file mode 100644 index 0000000000000..5ff18298f217a --- /dev/null +++ b/pkgs/test/stdenv/default.nix @@ -0,0 +1,256 @@ +# To run these tests: +# nix-build -A tests.stdenv + +{ stdenv +, pkgs +, lib +, +}: + +let + # early enough not to rebuild gcc but late enough to have patchelf + earlyPkgs = stdenv.__bootPackages.stdenv.__bootPackages; + # use a early stdenv so when hacking on stdenv this test can be run quickly + bootStdenv = stdenv.__bootPackages.stdenv.__bootPackages.stdenv.__bootPackages.stdenv.__bootPackages.stdenv; + pkgsStructured = import pkgs.path { config = { structuredAttrsByDefault = true; }; inherit (stdenv.hostPlatform) system; }; + bootStdenvStructuredAttrsByDefault = pkgsStructured.stdenv.__bootPackages.stdenv.__bootPackages.stdenv.__bootPackages.stdenv.__bootPackages.stdenv; + + + ccWrapperSubstitutionsTest = { name, stdenv', extraAttrs ? { } }: + + stdenv'.cc.overrideAttrs (previousAttrs: ({ + inherit name; + + postFixup = previousAttrs.postFixup + '' + declare -p wrapperName + echo "env.wrapperName = $wrapperName" + [[ $wrapperName == "CC_WRAPPER" ]] || (echo "'\$wrapperName' was not 'CC_WRAPPER'" && false) + declare -p suffixSalt + echo "env.suffixSalt = $suffixSalt" + [[ $suffixSalt == "${stdenv'.cc.suffixSalt}" ]] || (echo "'\$suffxSalt' was not '${stdenv'.cc.suffixSalt}'" && false) + + grep -q "@out@" $out/bin/cc || echo "@out@ in $out/bin/cc was substituted" + grep -q "@suffixSalt@" $out/bin/cc && (echo "$out/bin/cc contains unsubstituted variables" && false) + + touch $out + ''; + } // extraAttrs)); + + testEnvAttrset = { name, stdenv', extraAttrs ? { } }: + stdenv'.mkDerivation + ({ + inherit name; + env = { + string = "testing-string"; + }; + + passAsFile = [ "buildCommand" ]; + buildCommand = '' + declare -p string + echo "env.string = $string" + [[ $string == "testing-string" ]] || (echo "'\$string' was not 'testing-string'" && false) + [[ "$(declare -p string)" == 'declare -x string="testing-string"' ]] || (echo "'\$string' was not exported" && false) + touch $out + ''; + } // extraAttrs); + + testPrependAndAppendToVar = { name, stdenv', extraAttrs ? { } }: + stdenv'.mkDerivation + ({ + inherit name; + env = { + string = "testing-string"; + }; + + passAsFile = [ "buildCommand" ] ++ lib.optionals (extraAttrs ? extraTest) [ "extraTest" ]; + buildCommand = '' + declare -p string + appendToVar string hello + # test that quoted strings work + prependToVar string "world" + declare -p string + + declare -A associativeArray=(["X"]="Y") + [[ $(appendToVar associativeArray "fail" 2>&1) =~ "trying to use" ]] || (echo "prependToVar did not catch prepending associativeArray" && false) + [[ $(prependToVar associativeArray "fail" 2>&1) =~ "trying to use" ]] || (echo "prependToVar did not catch prepending associativeArray" && false) + + [[ $string == "world testing-string hello" ]] || (echo "'\$string' was not 'world testing-string hello'" && false) + + # test appending to a unset variable + appendToVar nonExistant created hello + typeset -p nonExistant + if [[ -n $__structuredAttrs ]]; then + [[ "''${nonExistant[@]}" == "created hello" ]] + else + # there's a extra " " in front here and a extra " " in the end of prependToVar + # shouldn't matter because these functions will mostly be used for $*Flags and the Flag variable will in most cases already exit + [[ "$nonExistant" == " created hello" ]] + fi + + eval "$extraTest" + + touch $out + ''; + } // extraAttrs); + +in + +{ + # tests for hooks in `stdenv.defaultNativeBuildInputs` + hooks = lib.recurseIntoAttrs (import ./hooks.nix { stdenv = bootStdenv; pkgs = earlyPkgs; }); + + test-env-attrset = testEnvAttrset { name = "test-env-attrset"; stdenv' = bootStdenv; }; + + # Test compatibility with derivations using `env` as a regular variable. + test-env-derivation = bootStdenv.mkDerivation rec { + name = "test-env-derivation"; + env = bootStdenv.mkDerivation { + name = "foo"; + buildCommand = '' + mkdir "$out" + touch "$out/bar" + ''; + }; + + passAsFile = [ "buildCommand" ]; + buildCommand = '' + declare -p env + [[ $env == "${env}" ]] + touch "$out" + ''; + }; + + test-prepend-append-to-var = testPrependAndAppendToVar { + name = "test-prepend-append-to-var"; + stdenv' = bootStdenv; + }; + + test-structured-env-attrset = testEnvAttrset { + name = "test-structured-env-attrset"; + stdenv' = bootStdenv; + extraAttrs = { __structuredAttrs = true; }; + }; + + test-cc-wrapper-substitutions = ccWrapperSubstitutionsTest { + name = "test-cc-wrapper-substitutions"; + stdenv' = bootStdenv; + }; + + structuredAttrsByDefault = lib.recurseIntoAttrs { + + hooks = lib.recurseIntoAttrs (import ./hooks.nix { stdenv = bootStdenvStructuredAttrsByDefault; pkgs = earlyPkgs; }); + + test-cc-wrapper-substitutions = ccWrapperSubstitutionsTest { + name = "test-cc-wrapper-substitutions-structuredAttrsByDefault"; + stdenv' = bootStdenvStructuredAttrsByDefault; + }; + + test-structured-env-attrset = testEnvAttrset { + name = "test-structured-env-attrset-structuredAttrsByDefault"; + stdenv' = bootStdenvStructuredAttrsByDefault; + }; + + test-prepend-append-to-var = testPrependAndAppendToVar { + name = "test-prepend-append-to-var-structuredAttrsByDefault"; + stdenv' = bootStdenvStructuredAttrsByDefault; + extraAttrs = { + # will be a bash indexed array in attrs.sh + # declare -a list=('a' 'b' ) + # and a json array in attrs.json + # "list":["a","b"] + list = [ "a" "b" ]; + # will be a bash associative array(dictionary) in attrs.sh + # declare -A array=(['a']='1' ['b']='2' ) + # and a json object in attrs.json + # {"array":{"a":"1","b":"2"} + array = { a = "1"; b = "2"; }; + extraTest = '' + declare -p array + array+=(["c"]="3") + declare -p array + + [[ "''${array[c]}" == "3" ]] || (echo "c element of '\$array' was not '3'" && false) + + declare -p list + prependToVar list hello + # test that quoted strings work + appendToVar list "world" + declare -p list + + [[ "''${list[0]}" == "hello" ]] || (echo "first element of '\$list' was not 'hello'" && false) + [[ "''${list[1]}" == "a" ]] || (echo "first element of '\$list' was not 'a'" && false) + [[ "''${list[-1]}" == "world" ]] || (echo "last element of '\$list' was not 'world'" && false) + ''; + }; + }; + + test-golden-example-structuredAttrs = + let + goldenSh = earlyPkgs.writeText "goldenSh" '' + declare -A EXAMPLE_ATTRS=(['foo']='bar' ) + declare EXAMPLE_BOOL_FALSE= + declare EXAMPLE_BOOL_TRUE=1 + declare EXAMPLE_INT=123 + declare EXAMPLE_INT_NEG=-123 + declare -a EXAMPLE_LIST=('foo' 'bar' ) + declare EXAMPLE_STR='foo bar' + ''; + goldenJson = earlyPkgs.writeText "goldenSh" '' + { + "EXAMPLE_ATTRS": { + "foo": "bar" + }, + "EXAMPLE_BOOL_FALSE": false, + "EXAMPLE_BOOL_TRUE": true, + "EXAMPLE_INT": 123, + "EXAMPLE_INT_NEG": -123, + "EXAMPLE_LIST": [ + "foo", + "bar" + ], + "EXAMPLE_NESTED_ATTRS": { + "foo": { + "bar": "baz" + } + }, + "EXAMPLE_NESTED_LIST": [ + [ + "foo", + "bar" + ], + [ + "baz" + ] + ], + "EXAMPLE_STR": "foo bar" + } + ''; + in + bootStdenvStructuredAttrsByDefault.mkDerivation { + name = "test-golden-example-structuredAttrsByDefault"; + nativeBuildInputs = [ earlyPkgs.jq ]; + + EXAMPLE_BOOL_TRUE = true; + EXAMPLE_BOOL_FALSE = false; + EXAMPLE_INT = 123; + EXAMPLE_INT_NEG = -123; + EXAMPLE_STR = "foo bar"; + EXAMPLE_LIST = [ "foo" "bar" ]; + EXAMPLE_NESTED_LIST = [ [ "foo" "bar" ] [ "baz" ] ]; + EXAMPLE_ATTRS = { foo = "bar"; }; + EXAMPLE_NESTED_ATTRS = { foo.bar = "baz"; }; + + inherit goldenSh; + inherit goldenJson; + + buildCommand = '' + mkdir -p $out + cat $NIX_ATTRS_SH_FILE | grep "EXAMPLE" | grep -v -E 'installPhase|jq' > $out/sh + jq 'with_entries(select(.key|match("EXAMPLE")))' $NIX_ATTRS_JSON_FILE > $out/json + diff $out/sh $goldenSh + diff $out/json $goldenJson + ''; + }; + + }; +} diff --git a/pkgs/test/stdenv/hooks.nix b/pkgs/test/stdenv/hooks.nix new file mode 100644 index 0000000000000..7f25d7dbd2db0 --- /dev/null +++ b/pkgs/test/stdenv/hooks.nix @@ -0,0 +1,126 @@ +{ stdenv, pkgs }: + +# ordering should match defaultNativeBuildInputs + +{ + # TODO: add audit-tmpdir + compress-man-pages = + let + manFile = pkgs.writeText "small-man" '' + .TH HELLO "1" "May 2022" "hello 2.12.1" "User Commands" + .SH NAME + hello - friendly greeting program + ''; + in + stdenv.mkDerivation { + name = "test-compress-man-pages"; + buildCommand = '' + mkdir -p $out/share/man + cp ${manFile} $out/share/man/small-man.1 + compressManPages $out + [[ -e $out/share/man/small-man.1.gz ]] + ''; + }; + make-symlinks-relative = stdenv.mkDerivation { + name = "test-make-symlinks-relative"; + buildCommand = '' + mkdir -p $out/{bar,baz} + source1="$out/bar/foo" + destination1="$out/baz/foo" + echo foo > $source1 + ln -s $source1 $destination1 + echo "symlink before patching: $(readlink $destination1)" + + _makeSymlinksRelative + + echo "symlink after patching: $(readlink $destination1)" + ([[ -e $destination1 ]] && echo "symlink isn't broken") || (echo "symlink is broken" && exit 1) + ([[ $(readlink $destination1) == "../bar/foo" ]] && echo "absolute symlink was made relative") || (echo "symlink was not made relative" && exit 1) + ''; + }; + move-docs = stdenv.mkDerivation { + name = "test-move-docs"; + buildCommand = '' + mkdir -p $out/{man,doc,info} + touch $out/{man,doc,info}/foo + cat $out/{man,doc,info}/foo + + _moveToShare + + (cat $out/share/{man,doc,info}/foo 2>/dev/null && echo "man,doc,info were moved") || (echo "man,doc,info were not moved" && exit 1) + ''; + }; + move-lib64 = stdenv.mkDerivation { + name = "test-move-lib64"; + buildCommand = '' + mkdir -p $out/lib64 + touch $out/lib64/foo + cat $out/lib64/foo + + _moveLib64 + + # check symlink + [[ -h $out/lib64 ]] + ([[ -e $out/lib64 ]] && echo "symlink isn't broken") || (echo "symlink is broken" && exit 1) + [[ -e $out/lib/foo ]] + ''; + }; + move-sbin = stdenv.mkDerivation { + name = "test-move-sbin"; + buildCommand = '' + mkdir -p $out/sbin + touch $out/sbin/foo + cat $out/sbin/foo + + _moveSbin + + # check symlink + [[ -h $out/sbin ]] + ([[ -e $out/sbin ]] && echo "symlink isn't broken") || (echo "symlink is broken" && exit 1) + [[ -e $out/bin/foo ]] + ''; + }; + # TODO: add multiple-outputs + # TODO: move patch-shebangs test from pkgs/test/patch-shebangs/default.nix to here + prune-libtool-files = + let + libFoo = pkgs.writeText "libFoo" '' + # Generated by libtool (GNU libtool) 2.4.6 + old_library=''' + dependency_libs=' -Lbar.la -Lbaz.la' + ''; + in + stdenv.mkDerivation { + name = "test-prune-libtool-files"; + buildCommand = '' + mkdir -p $out/lib + cp ${libFoo} $out/lib/libFoo.la + _pruneLibtoolFiles + grep "^dependency_libs=''' #pruned" $out/lib/libFoo.la + # confirm file doesn't only contain the above + grep "^old_library='''" $out/lib/libFoo.la + ''; + }; + reproducible-builds = stdenv.mkDerivation { + name = "test-reproducible-builds"; + buildCommand = '' + # can't be tested more precisely because the value of random-seed changes depending on the output + [[ $NIX_CFLAGS_COMPILE =~ "-frandom-seed=" ]] + touch $out + ''; + }; + set-source-date-epoch-to-latest = stdenv.mkDerivation { + name = "test-set-source-date-epoch-to-latest"; + buildCommand = '' + sourceRoot=$NIX_BUILD_TOP/source + mkdir -p $sourceRoot + touch --date=1/1/2015 $sourceRoot/foo + + _updateSourceDateEpochFromSourceRoot + + [[ $SOURCE_DATE_EPOCH == "1420070400" ]] + touch $out + ''; + }; + # TODO: add strip +} diff --git a/pkgs/tools/graphics/vulkan-extension-layer/default.nix b/pkgs/tools/graphics/vulkan-extension-layer/default.nix index 6a8056dfe41df..bf60e8ed85f32 100644 --- a/pkgs/tools/graphics/vulkan-extension-layer/default.nix +++ b/pkgs/tools/graphics/vulkan-extension-layer/default.nix @@ -2,14 +2,14 @@ stdenv.mkDerivation rec { pname = "vulkan-extension-layer"; - version = "1.3.231.0"; + version = "1.3.236.0"; src = (assert version == vulkan-headers.version; fetchFromGitHub { owner = "KhronosGroup"; repo = "Vulkan-ExtensionLayer"; rev = "sdk-${version}"; - hash = "sha256-8Z9w+3WFPYp8QKEUVkEQCGy9LXMWYlZDgGt8i34T5DU="; + hash = "sha256-NlBS7UuV2AZPY5VyoqTnTf63M7fHIPQDZRtMZ4XwMzA="; }); nativeBuildInputs = [ cmake jq ]; diff --git a/pkgs/tools/graphics/vulkan-tools-lunarg/default.nix b/pkgs/tools/graphics/vulkan-tools-lunarg/default.nix index e8d3907251bae..11cef8eeb886b 100644 --- a/pkgs/tools/graphics/vulkan-tools-lunarg/default.nix +++ b/pkgs/tools/graphics/vulkan-tools-lunarg/default.nix @@ -11,6 +11,7 @@ , libffi , libxcb , wayland +, which , xcbutilkeysyms , xcbutilwm , vulkan-headers @@ -23,18 +24,18 @@ stdenv.mkDerivation rec { pname = "vulkan-tools-lunarg"; # The version must match that in vulkan-headers - version = "1.3.231.0"; + version = "1.3.236.0"; src = (assert version == vulkan-headers.version; fetchFromGitHub { owner = "LunarG"; repo = "VulkanTools"; rev = "sdk-${version}"; - hash = "sha256-qomhouuKVv4Dat9Sv7X68Dw6bRnaUjj6iEXC9pCqX4E="; + hash = "sha256-0dGD3InmEd9hO8+uVGMqBHXXfyX8tswyuOaZCftudz0="; fetchSubmodules = true; }); - nativeBuildInputs = [ cmake python3 jq ]; + nativeBuildInputs = [ cmake python3 jq which ]; buildInputs = [ expat diff --git a/pkgs/tools/graphics/vulkan-tools/default.nix b/pkgs/tools/graphics/vulkan-tools/default.nix index cb3fb8456a8d1..8e94997db6c8e 100644 --- a/pkgs/tools/graphics/vulkan-tools/default.nix +++ b/pkgs/tools/graphics/vulkan-tools/default.nix @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { pname = "vulkan-tools"; - version = "1.3.231.0"; + version = "1.3.236.0"; # It's not strictly necessary to have matching versions here, however # since we're using the SDK version we may as well be consistent with @@ -31,7 +31,7 @@ stdenv.mkDerivation rec { owner = "KhronosGroup"; repo = "Vulkan-Tools"; rev = "sdk-${version}"; - hash = "sha256-6oimP4ISa0dX4bLU3Nch8Ur6MzEMQscnL8EfRrqT/Es="; + hash = "sha256-PmNTpdAkXJkARLohRtUOuKTZPoKgeVF4DAo1wsAq5xE="; }); nativeBuildInputs = [ diff --git a/pkgs/tools/misc/fd/default.nix b/pkgs/tools/misc/fd/default.nix index 18169a7943843..85bc47dab545c 100644 --- a/pkgs/tools/misc/fd/default.nix +++ b/pkgs/tools/misc/fd/default.nix @@ -13,6 +13,8 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "sha256-PT95U1l+BVX7sby3GKktZMmbNNQoPYR8nL+H90EnqZY="; + auditable = true; # TODO: remove when this is the default + nativeBuildInputs = [ installShellFiles ]; # skip flaky test diff --git a/pkgs/tools/networking/dnsmasq/default.nix b/pkgs/tools/networking/dnsmasq/default.nix index 1eb8b85166fe5..6d4e28f6cb6b4 100644 --- a/pkgs/tools/networking/dnsmasq/default.nix +++ b/pkgs/tools/networking/dnsmasq/default.nix @@ -18,11 +18,11 @@ let in stdenv.mkDerivation rec { pname = "dnsmasq"; - version = "2.87"; + version = "2.88"; src = fetchurl { url = "https://www.thekelleys.org.uk/dnsmasq/${pname}-${version}.tar.xz"; - sha256 = "sha256-AijANkp/I1b9fn8VSZN8vzCZp407LrG6W7DDHiuJ3no="; + sha256 = "sha256-I1RN7aEDQMBTvqbxWpP+1up/WqqFMWv8Zx/6bSL7wbM="; }; postPatch = lib.optionalString stdenv.hostPlatform.isLinux '' diff --git a/pkgs/tools/security/rhash/default.nix b/pkgs/tools/security/rhash/default.nix index b539772213bb6..4b4103ff9fb14 100644 --- a/pkgs/tools/security/rhash/default.nix +++ b/pkgs/tools/security/rhash/default.nix @@ -1,30 +1,21 @@ { lib , stdenv , fetchFromGitHub -, fetchpatch , which , enableStatic ? stdenv.hostPlatform.isStatic }: stdenv.mkDerivation rec { - version = "1.4.2"; + version = "1.4.3"; pname = "rhash"; src = fetchFromGitHub { owner = "rhash"; repo = "RHash"; rev = "v${version}"; - sha256 = "sha256-HkDgWwHoRWCNtWyfP4sj3veEd+KT5J7yL4J4Z/hJcrE="; + sha256 = "sha256-R+dHYG0DBI1uo+yF/pxoTv/V9WSfph043bH6erZjeCE="; }; - patches = [ - # Fix clang configuration; remove with next release - (fetchpatch { - url = "https://github.com/rhash/RHash/commit/4dc506066cf1727b021e6352535a8bb315c3f8dc.patch"; - sha256 = "0i5jz2s37h278c8d36pzphhp8rjy660zmhpg2cqlp960f6ny8wwj"; - }) - ]; - nativeBuildInputs = [ which ]; # configure script is not autotools-based, doesn't support these options diff --git a/pkgs/tools/text/mdbook/default.nix b/pkgs/tools/text/mdbook/default.nix index 7a89064f0d09a..adc84f8779a8c 100644 --- a/pkgs/tools/text/mdbook/default.nix +++ b/pkgs/tools/text/mdbook/default.nix @@ -13,6 +13,8 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "sha256-74LyxlDx9tVjw0KGPml6EZbAIbDiW3tvM/CEj5BW7pI="; + auditable = true; # TODO: remove when this is the default + buildInputs = lib.optionals stdenv.isDarwin [ CoreServices ]; passthru = { diff --git a/pkgs/tools/text/ripgrep/default.nix b/pkgs/tools/text/ripgrep/default.nix index 022f8bd25bb7b..be989994dbff0 100644 --- a/pkgs/tools/text/ripgrep/default.nix +++ b/pkgs/tools/text/ripgrep/default.nix @@ -22,6 +22,8 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "1kfdgh8dra4jxgcdb0lln5wwrimz0dpp33bq3h7jgs8ngaq2a9wp"; + auditable = true; # TODO: remove when this is the default + nativeBuildInputs = [ asciidoctor installShellFiles ] ++ lib.optional withPCRE2 pkg-config; buildInputs = lib.optional withPCRE2 pcre2 diff --git a/pkgs/tools/typesetting/lout/builder.sh b/pkgs/tools/typesetting/lout/builder.sh index eab37c3c68fb5..cd513337f6f36 100755 --- a/pkgs/tools/typesetting/lout/builder.sh +++ b/pkgs/tools/typesetting/lout/builder.sh @@ -1,6 +1,7 @@ # Prepare a makefile specifying the appropriate output directories. # # Written by Ludovic Courtès <ludo@gnu.org>. +if [ -e .attrs.sh ]; then source .attrs.sh; fi source "$stdenv/setup" || exit 1 diff --git a/pkgs/tools/typesetting/tex/texlive/bin.nix b/pkgs/tools/typesetting/tex/texlive/bin.nix index 6c7d8880a3167..d874f443f4a35 100644 --- a/pkgs/tools/typesetting/tex/texlive/bin.nix +++ b/pkgs/tools/typesetting/tex/texlive/bin.nix @@ -247,7 +247,7 @@ core-big = stdenv.mkDerivation { #TODO: upmendex "xetex" ]; postInstall = '' - for output in $outputs; do + for output in $(getAllOutputNames); do mkdir -p "''${!output}/bin" done diff --git a/pkgs/tools/typesetting/tex/texlive/default.nix b/pkgs/tools/typesetting/tex/texlive/default.nix index e58bdde501a62..180897e0bce26 100644 --- a/pkgs/tools/typesetting/tex/texlive/default.nix +++ b/pkgs/tools/typesetting/tex/texlive/default.nix @@ -3,7 +3,7 @@ - current html: https://nixos.org/nixpkgs/manual/#sec-language-texlive */ { stdenv, lib, fetchurl, runCommand, writeText, buildEnv -, callPackage, ghostscriptX, harfbuzz +, callPackage, ghostscript_headless, harfbuzz , makeWrapper, python3, ruby, perl, gnused, gnugrep, coreutils , libfaketime , useFixedHashes ? true @@ -12,7 +12,7 @@ let # various binaries (compiled) bin = callPackage ./bin.nix { - ghostscript = ghostscriptX; + ghostscript = ghostscript_headless; harfbuzz = harfbuzz.override { withIcu = true; withGraphite2 = true; }; @@ -25,7 +25,7 @@ let combine = import ./combine.nix { inherit bin combinePkgs buildEnv lib makeWrapper writeText stdenv python3 ruby perl gnused gnugrep coreutils libfaketime; - ghostscript = ghostscriptX; # could be without X, probably, but we use X above + ghostscript = ghostscript_headless; }; # the set of TeX Live packages, collections, and schemes; using upstream naming diff --git a/pkgs/tools/video/rav1e/default.nix b/pkgs/tools/video/rav1e/default.nix index 8a2d6f7444220..f75c38111a574 100644 --- a/pkgs/tools/video/rav1e/default.nix +++ b/pkgs/tools/video/rav1e/default.nix @@ -22,6 +22,8 @@ in rustPlatform.buildRustPackage rec { cargoHash = "sha256-iHOmItooNsGq6iTIb9M5IPXMwYh2nQ03qfjomkgCdgw="; + auditable = true; # TODO: remove when this is the default + nativeBuildInputs = [ nasm cargo-c ]; buildInputs = lib.optionals stdenv.isDarwin [ diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 780477ad777b5..d55ddeeca6f97 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -13986,9 +13986,11 @@ with pkgs; wrapNonDeterministicGcc = stdenv: ccWrapper: if ccWrapper.isGNU then ccWrapper.overrideAttrs(old: { - cc = old.cc.override { - reproducibleBuild = false; - profiledCompiler = with stdenv; (!isDarwin && hostPlatform.isx86); + env = old.env // { + cc = old.env.cc.override { + reproducibleBuild = false; + profiledCompiler = with stdenv; (!isDarwin && hostPlatform.isx86); + }; }; }) else ccWrapper; @@ -15269,6 +15271,7 @@ with pkgs; inherit (darwin.apple_sdk.frameworks) Security; }; cargo-auditable = callPackage ../development/tools/rust/cargo-auditable { }; + cargo-auditable-cargo-wrapper = callPackage ../development/tools/rust/cargo-auditable/cargo-wrapper.nix { }; cargo-bisect-rustc = callPackage ../development/tools/rust/cargo-bisect-rustc { inherit (darwin.apple_sdk.frameworks) Security; openssl = openssl_1_1; @@ -20361,8 +20364,7 @@ with pkgs; }; libdevil-nox = libdevil.override { - libX11 = null; - libGL = null; + withXorg = false; }; libdecor = callPackage ../development/libraries/libdecor { }; @@ -36731,6 +36733,11 @@ with pkgs; x11Support = true; }; + ghostscript_headless = ghostscript.override { + cupsSupport = false; + x11Support = false; + }; + glava = callPackage ../applications/misc/glava {}; gnuk = callPackage ../misc/gnuk { diff --git a/pkgs/top-level/config.nix b/pkgs/top-level/config.nix index a47655f114243..1de93a9f3fdea 100644 --- a/pkgs/top-level/config.nix +++ b/pkgs/top-level/config.nix @@ -47,6 +47,10 @@ let feature = "set `strictDeps` to true by default"; }; + structuredAttrsByDefault = mkMassRebuild { + feature = "set `__structuredAttrs` to true by default"; + }; + enableParallelBuildingByDefault = mkMassRebuild { feature = "set `enableParallelBuilding` to true by default"; }; diff --git a/pkgs/top-level/perl-packages.nix b/pkgs/top-level/perl-packages.nix index 624eacbd26f17..37c1b350b9cc2 100644 --- a/pkgs/top-level/perl-packages.nix +++ b/pkgs/top-level/perl-packages.nix @@ -23029,7 +23029,7 @@ let # For some crazy reason Makefile.PL doesn't generate a Makefile if # AUTOMATED_TESTING is set. - AUTOMATED_TESTING = false; + env.AUTOMATED_TESTING = false; # Makefile.PL looks for ncurses in Glibc's prefix. preConfigure = @@ -27058,7 +27058,7 @@ let hash = "sha256-gxxY8549/ebS3QORjSs8IgdBs2aD05Tu+9Bn70gu7gQ="; }) ]; - AUTOMATED_TESTING = false; + env.AUTOMATED_TESTING = false; nativeBuildInputs = [ pkgs.pkg-config ]; buildInputs = [ pkgs.xorg.libxcb pkgs.xorg.xcbproto pkgs.xorg.xcbutil pkgs.xorg.xcbutilwm ExtUtilsDepends ExtUtilsPkgConfig TestDeep TestException XSObjectMagic ]; propagatedBuildInputs = [ DataDump MouseXNativeTraits XMLDescent XMLSimple ]; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 405b9de1c9db8..077c04a8c2f1f 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -5622,6 +5622,7 @@ self: super: with self; { matplotlib = callPackage ../development/python-modules/matplotlib { stdenv = if stdenv.isDarwin then pkgs.clangStdenv else pkgs.stdenv; inherit (pkgs.darwin.apple_sdk.frameworks) Cocoa; + ghostscript = pkgs.ghostscript_headless; }; matplotlib-inline = callPackage ../development/python-modules/matplotlib-inline { }; @@ -11395,6 +11396,8 @@ self: super: with self; { troposphere = callPackage ../development/python-modules/troposphere { }; + trove-classifiers = callPackage ../development/python-modules/trove-classifiers { }; + trueskill = callPackage ../development/python-modules/trueskill { }; trustme = callPackage ../development/python-modules/trustme { }; diff --git a/pkgs/top-level/python2-packages.nix b/pkgs/top-level/python2-packages.nix index 00d28e73854f6..83a90a2a5e6d9 100644 --- a/pkgs/top-level/python2-packages.nix +++ b/pkgs/top-level/python2-packages.nix @@ -79,6 +79,10 @@ with self; with super; { typing = callPackage ../development/python2-modules/typing { }; + six = super.six.overridePythonAttrs (_: { + doCheck = false; # circular dependency with pytest + }); + zeek = disabled super.zeek; zipp = callPackage ../development/python2-modules/zipp { }; |