about summary refs log tree commit diff
path: root/pkgs/development/libraries/nss
AgeCommit message (Collapse)AuthorFilesLines
2021-11-02nss_3_53: dropMartin Weinelt1-180/+0
2021-10-15Merge remote-tracking branch 'origin/staging' into staging-nextMartin Weinelt1-2/+2
2021-10-13treewide: use stdenv.hostPlatform.extensions.sharedLibrary where appropriateAlyssa Ross2-6/+2
2021-09-30nss: 3.70 -> 3.71ajs1241-2/+2
2021-09-16nss: Add updateScriptTim Steinbach2-0/+12
2021-09-09nss: 3.68 -> 3.70Tim Steinbach1-2/+2
2021-08-10nss: format, cleanupSandro Jäckel1-71/+85
2021-08-10nss: format, cleanupSandro Jäckel1-66/+82
2021-07-18Merge staging-next into staginggithub-actions[bot]1-5/+2
2021-07-17various: cleanup of "inherit version;"Felix Buehler1-5/+2
2021-07-12nss: 3.67 -> 3.68ajs1241-2/+2
2021-06-14nss: 3.66 -> 3.67ajs1241-2/+2
2021-06-02Merge pull request #125280 from zhaofengli/nss-use-64Martin Weinelt1-1/+1
nss: Set NSS_USE_64=1 for 64-bit platforms
2021-06-01nss: 3.64 -> 3.66ajs1241-2/+2
2021-06-01nss: Set NSS_USE_64=1 for 64-bit platformsZhaofeng Li1-1/+1
The config script does that automatically for a few architectures [1], but on 64-bit platforms that are not listed (like riscv64) the freebl build fails. Debian always adds the USE_64=1 flag when compiling on 64-bit architectures (they use legacy make instead of gyp), and we should do that as well to fix the general problem at the cost of a mass rebuild. [1] https://hg.mozilla.org/projects/nss/file/0ef2306a623f8fcd90f094281678f3ee9e7e4738/coreconf/config.gypi#l212 [2] https://salsa.debian.org/mozilla-team/nss/-/blob/c446c61808a3a30bb0c6c62cc6628ede3f7bc205/debian/rules#L66
2021-05-15nss_3_44: dropajs1242-225/+0
2021-04-16nss: 3.63 -> 3.64ajs1241-2/+2
2021-03-20nss: 3.62 -> 3.63ajs1241-2/+2
2021-03-14nss: 3.61 -> 3.62Martin Weinelt1-2/+2
2021-03-14nss: 3.60 -> 3.61ajs1241-2/+2
2021-01-31nss: remove usage of stdenv.libSandro Jäckel1-1/+1
2021-01-24nss: add option to use p11-kitrnhmjoj1-1/+9
This commit adds an option to replace libnssckbi with the p11-kit-trust[1] module. It makes all NSS application (like Firefox, Chromium, etc.) use the system trust store (/etc/ssl/certs/ in NixOS) and other PKCS#11 modules without ad-hoc configuration. This approach was first implemented in Fedora[2] and other distributions like Arch Linux, later. [1]: https://p11-glue.github.io/p11-glue/p11-kit/manual/trust-nss.html [2]: https://fedoraproject.org/wiki/Features/SharedSystemCertificates
2021-01-21pkgs/development/libraries: stdenv.lib -> libBen Siraphob3-24/+24
2020-12-17nss: 3.59 -> 3.60ajs1241-2/+2
2020-11-18nss: 3.58 -> 3.59ajs1241-2/+2
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.59_release_notes
2020-11-18nss: 3.57 -> 3.58Andreas Rammhold1-2/+2
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes
2020-11-18nss_3_53: initAndreas Rammhold1-0/+169
2020-11-18cacert: decouple from NSS to reduce rebuild amountAndreas Rammhold1-0/+6
In [#100765] @vcunat pointed out that we could decouple cacert from the NSS package to make it more rebuild friendly. Just rebuilding packages that depend on NSS seems to be about ~100. Rebuilding all the packages that depend on cacert is >9k as of this writing. This makes it much more feasible to upgrade high-profile packages that are (rightfully) pedantic on their NSS version like firefox and thunderbird. [#100765]: https://github.com/NixOS/nixpkgs/pull/100765
2020-11-15Merge pull request #102428 from r-burns/nssMichael Raskin1-0/+3
nss: fix build on ppc64[le]
2020-11-02fixup! nss: make reproducible (#102156)zimbatm1-2/+2
Fixes a precedence issue from fe9f55907e2a42b675e161de3d5e6a740385c479 `lib.optionalString <cond> 'text' + 'text2'` will always have 'text2' as part of the result.
2020-11-01nss: fix build on ppc64[le]Ryan Burns1-0/+3
NSS configure scripts use the abbreviated form ppc64/ppc64le: https://github.com/nss-dev/nss/blob/NSS_3_57_RTM/coreconf/config.gypi#L209 Whereas nixpkgs uses the longer form: `nix eval nixpkgs.pkgsCross.powernv.hostPlatform.parsed.cpu.name` `powerpc64le`
2020-10-31nss: make reproducible (#102156)zimbatm1-3/+10
According to https://hg.mozilla.org/projects/nss/file/c1fad130dce2081a5d6ce9f539c72d999f59afce/build.sh#l129 the FIPS mode is not enabled by default. Yet we generate the .chk files that are only meant to be used for that mode. I have a sense that those have been cargo-culted around. Adding FIPS is still possible but you have to explictily build the lib with `pkgs.nss.override { enableFIPS = true; }` More info on what FIPS is: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_Tech_Notes/nss_tech_note6 Other distros wrangling with the same issue: https://bugzilla.opensuse.org/show_bug.cgi?id=1081723
2020-10-26Re-Revert "Merge #101508: libraw: 0.20.0 -> 0.20.2"Vladimír Čunát2-6/+5
This reverts commit c778945806b44d46ec16bc4302e7e7163e6bab97. I believe this is exactly what brings the staging branch into the right shape after the last merge from master (through staging-next); otherwise part of staging changes would be lost (due to being already reachable from master but reverted).
2020-10-25Revert "Merge #101508: libraw: 0.20.0 -> 0.20.2"Vladimír Čunát2-5/+6
I'm sorry; I didn't notice it contained staging commits. This reverts commit 17f5305b6c20df795c365368d2d868266519599e, reversing changes made to a8a018ddc0a8b5c3d4fa94c94b672c37356bc075.
2020-10-21treewide: move fixDarwinDylibNames to nativeBuildInputsAndrew Childs2-6/+5
This hook runs at build time and depends on executing install_name_tool from binutils.
2020-09-19nss: 3.56 -> 3.57Vladimír Čunát1-2/+2
Release notes seem "boring": https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.57_release_notes My understanding is that this version will be needed in Firefox 82 released in one month from now: https://wiki.mozilla.org/NSS:Release_Versions
2020-08-26nss: 3.55 -> 3.56ajs1241-2/+2
2020-08-06Merge #94587: nss: fix on darwinVladimír Čunát1-0/+5
2020-08-02nss: set install name correctlyMatthew Bauer1-0/+5
2020-07-30Merge staging-next into stagingFrederik Rietdijk1-0/+1
2020-07-29nss: enable libpkix buildajs1241-0/+1
this was enabled by default with the old build system, but requires this flag with the new one fixes ##93955
2020-07-26nss: 3.54 -> 3.55ajs1241-2/+2
2020-07-20nss: try to fix darwin buildajs1241-6/+3
2020-07-20nss: gyp supports python3 nowajs1241-1/+1
2020-07-19nss_3_44: bring back this older branch for firefox-esrVladimír Čunát2-0/+225
/cc nss PR #91746
2020-07-15nss: 3.52.1 -> 3.54ajs1243-64/+78
2020-06-12Merge master into staging-nextFrederik Rietdijk1-0/+1
2020-06-10nss: fix build on darwinMario Rodas1-0/+1
2020-06-05nss: 3.52 -> 3.52.1ajs1241-2/+2
Needed to compile firefox 77. Taken from PR #89438.
2020-05-14nss: fix building for aarch32 on aarch64Gaelan Steele1-2/+6
There are two ways to build a package for aarch32 on an aarch64 machine: either by cross compiling as normal, or by adding armv6l/armv7l to extraPlatforms and doing a non-cross compile. Previously, NSS failed to build with both methods: when using extraPlatforms, things failed because NSS includes an armv8-specific file (presumably based on the result of uname); when cross compiling, NSS's build system expects to receive an architecture name of arm (not armv6l or whatever), so was failing to include some arch-specific code and failed with a linker error. This commit fixes those things by a) always passing the arch, even when not cross-compiling, and b) special-casing aarch32 to always pass in an arch of arm.
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-10-13 22:15:47 +0000