diff options
| author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2023-05-11 18:01:45 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-05-11 18:01:45 +0000 |
| commit | 0e5b6eaeea58f7bcf129845f377b449bbd05538b (patch) | |
| tree | bbb62e915393597bf87efa4665b80bf43296311e | |
| parent | 57efe13bc2bc845104bee2d0a6e650e414c63584 (diff) | |
| parent | b9c14e0e615d9e2322eece29b0f50d91cb8d54c0 (diff) | |
| download | nixpkgs-0e5b6eaeea58f7bcf129845f377b449bbd05538b.tar nixpkgs-0e5b6eaeea58f7bcf129845f377b449bbd05538b.tar.gz nixpkgs-0e5b6eaeea58f7bcf129845f377b449bbd05538b.tar.bz2 nixpkgs-0e5b6eaeea58f7bcf129845f377b449bbd05538b.tar.lz nixpkgs-0e5b6eaeea58f7bcf129845f377b449bbd05538b.tar.xz nixpkgs-0e5b6eaeea58f7bcf129845f377b449bbd05538b.tar.zst nixpkgs-0e5b6eaeea58f7bcf129845f377b449bbd05538b.zip | |
Merge staging-next into staging
44 files changed, 1124 insertions, 212 deletions
diff --git a/flake.nix b/flake.nix index f9442d8ea2d..fa00bffcdf9 100644 --- a/flake.nix +++ b/flake.nix @@ -57,6 +57,19 @@ nixosModules = { notDetected = ./nixos/modules/installer/scan/not-detected.nix; + + /* + Make the `nixpkgs.*` configuration read-only. Guarantees that `pkgs` + is the way you initialize it. + + Example: + + { + imports = [ nixpkgs.nixosModules.readOnlyPkgs ]; + nixpkgs.pkgs = nixpkgs.legacyPackages.x86_64-linux; + } + */ + readOnlyPkgs = ./nixos/modules/misc/nixpkgs/read-only.nix; }; }; } diff --git a/lib/types.nix b/lib/types.nix index e0da18a2feb..373d0ce7876 100644 --- a/lib/types.nix +++ b/lib/types.nix @@ -476,6 +476,14 @@ rec { check = x: isDerivation x && hasAttr "shellPath" x; }; + pkgs = addCheck + (unique { message = "A Nixpkgs pkgs set can not be merged with another pkgs set."; } attrs // { + name = "pkgs"; + descriptionClass = "noun"; + description = "Nixpkgs package set"; + }) + (x: (x._type or null) == "pkgs"); + path = mkOptionType { name = "path"; descriptionClass = "noun"; diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index f630ba6e445..8c29969375a 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -15950,6 +15950,12 @@ githubId = 8577941; name = "Kevin Rauscher"; }; + tomaskala = { + email = "public+nixpkgs@tomaskala.com"; + github = "tomaskala"; + githubId = 7727887; + name = "Tomas Kala"; + }; tomberek = { email = "tomberek@gmail.com"; matrix = "@tomberek:matrix.org"; diff --git a/maintainers/scripts/copy-tarballs.pl b/maintainers/scripts/copy-tarballs.pl index 2f8d250fd52..b17cd82f4d1 100755 --- a/maintainers/scripts/copy-tarballs.pl +++ b/maintainers/scripts/copy-tarballs.pl @@ -162,13 +162,18 @@ elsif (defined $expr) { # Check every fetchurl call discovered by find-tarballs.nix. my $mirrored = 0; my $have = 0; - foreach my $fetch (sort { $a->{url} cmp $b->{url} } @{$fetches}) { - my $url = $fetch->{url}; + foreach my $fetch (sort { $a->{urls}->[0] cmp $b->{urls}->[0] } @{$fetches}) { + my $urls = $fetch->{urls}; my $algo = $fetch->{type}; my $hash = $fetch->{hash}; my $name = $fetch->{name}; my $isPatch = $fetch->{isPatch}; + if ($isPatch) { + print STDERR "skipping $urls->[0] (support for patches is missing)\n"; + next; + } + if ($hash =~ /^([a-z0-9]+)-([A-Za-z0-9+\/=]+)$/) { $algo = $1; $hash = `nix hash to-base16 $hash` or die; @@ -183,62 +188,60 @@ elsif (defined $expr) { chomp $hash; } - if (defined $ENV{DEBUG}) { - print "$url $algo $hash\n"; - next; - } - - if ($url !~ /^http:/ && $url !~ /^https:/ && $url !~ /^ftp:/ && $url !~ /^mirror:/) { - print STDERR "skipping $url (unsupported scheme)\n"; - next; - } - - if ($isPatch) { - print STDERR "skipping $url (support for patches is missing)\n"; - next; - } + my $storePath = makeFixedOutputPath(0, $algo, $hash, $name); - next if defined $exclude && $url =~ /$exclude/; + for my $url (@$urls) { + if (defined $ENV{DEBUG}) { + print "$url $algo $hash\n"; + next; + } - if (alreadyMirrored($algo, $hash)) { - $have++; - next; - } + if ($url !~ /^http:/ && $url !~ /^https:/ && $url !~ /^ftp:/ && $url !~ /^mirror:/) { + print STDERR "skipping $url (unsupported scheme)\n"; + next; + } - my $storePath = makeFixedOutputPath(0, $algo, $hash, $name); + next if defined $exclude && $url =~ /$exclude/; - print STDERR "mirroring $url ($storePath, $algo, $hash)...\n"; + if (alreadyMirrored($algo, $hash)) { + $have++; + last; + } - if ($dryRun) { - $mirrored++; - next; - } + print STDERR "mirroring $url ($storePath, $algo, $hash)...\n"; - # Substitute the output. - if (!isValidPath($storePath)) { - system("nix-store", "-r", $storePath); - } + if ($dryRun) { + $mirrored++; + last; + } - # Otherwise download the file using nix-prefetch-url. - if (!isValidPath($storePath)) { - $ENV{QUIET} = 1; - $ENV{PRINT_PATH} = 1; - my $fh; - my $pid = open($fh, "-|", "nix-prefetch-url", "--type", $algo, $url, $hash) or die; - waitpid($pid, 0) or die; - if ($? != 0) { - print STDERR "failed to fetch $url: $?\n"; - next; + # Substitute the output. + if (!isValidPath($storePath)) { + system("nix-store", "-r", $storePath); } - <$fh>; my $storePath2 = <$fh>; chomp $storePath2; - if ($storePath ne $storePath2) { - warn "strange: $storePath != $storePath2\n"; - next; + + # Otherwise download the file using nix-prefetch-url. + if (!isValidPath($storePath)) { + $ENV{QUIET} = 1; + $ENV{PRINT_PATH} = 1; + my $fh; + my $pid = open($fh, "-|", "nix-prefetch-url", "--type", $algo, $url, $hash) or die; + waitpid($pid, 0) or die; + if ($? != 0) { + print STDERR "failed to fetch $url: $?\n"; + next; + } + <$fh>; my $storePath2 = <$fh>; chomp $storePath2; + if ($storePath ne $storePath2) { + warn "strange: $storePath != $storePath2\n"; + next; + } } - } - uploadFile($storePath, $url); - $mirrored++; + uploadFile($storePath, $url); + $mirrored++; + last; + } } print STDERR "mirrored $mirrored files, already have $have files\n"; diff --git a/maintainers/scripts/find-tarballs.nix b/maintainers/scripts/find-tarballs.nix index 685a33d137c..c47b5168abd 100644 --- a/maintainers/scripts/find-tarballs.nix +++ b/maintainers/scripts/find-tarballs.nix @@ -9,12 +9,12 @@ let root = expr; - uniqueUrls = map (x: x.file) (genericClosure { - startSet = map (file: { key = file.url; inherit file; }) urls; + uniqueFiles = map (x: x.file) (genericClosure { + startSet = map (file: { key = with file; (if type == null then "" else type + "+") + hash; inherit file; }) files; operator = const [ ]; }); - urls = map (drv: { url = head (drv.urls or [ drv.url ]); hash = drv.outputHash; isPatch = (drv?postFetch && drv.postFetch != ""); type = drv.outputHashAlgo; name = drv.name; }) fetchurlDependencies; + files = map (drv: { urls = drv.urls or [ drv.url ]; hash = drv.outputHash; isPatch = (drv?postFetch && drv.postFetch != ""); type = drv.outputHashAlgo; name = drv.name; }) fetchurlDependencies; fetchurlDependencies = filter @@ -47,4 +47,4 @@ let canEval = val: (builtins.tryEval val).success; -in uniqueUrls +in uniqueFiles diff --git a/nixos/doc/manual/development/option-types.section.md b/nixos/doc/manual/development/option-types.section.md index 9e2ecb8e356..9e156ebff9d 100644 --- a/nixos/doc/manual/development/option-types.section.md +++ b/nixos/doc/manual/development/option-types.section.md @@ -99,6 +99,10 @@ merging is handled. problems. ::: +`types.pkgs` + +: A type for the top level Nixpkgs package set. + ### Numeric types {#sec-option-types-numeric} `types.int` diff --git a/nixos/lib/eval-config.nix b/nixos/lib/eval-config.nix index 1e086271e52..058ab7280cc 100644 --- a/nixos/lib/eval-config.nix +++ b/nixos/lib/eval-config.nix @@ -38,6 +38,8 @@ let pkgs_ = pkgs; in let + inherit (lib) optional; + evalModulesMinimal = (import ./default.nix { inherit lib; # Implicit use of feature is noted in implementation. @@ -47,15 +49,19 @@ let pkgsModule = rec { _file = ./eval-config.nix; key = _file; - config = { - # Explicit `nixpkgs.system` or `nixpkgs.localSystem` should override - # this. Since the latter defaults to the former, the former should - # default to the argument. That way this new default could propagate all - # they way through, but has the last priority behind everything else. - nixpkgs.system = lib.mkIf (system != null) (lib.mkDefault system); - - _module.args.pkgs = lib.mkIf (pkgs_ != null) (lib.mkForce pkgs_); - }; + config = lib.mkMerge ( + (optional (system != null) { + # Explicit `nixpkgs.system` or `nixpkgs.localSystem` should override + # this. Since the latter defaults to the former, the former should + # default to the argument. That way this new default could propagate all + # they way through, but has the last priority behind everything else. + nixpkgs.system = lib.mkDefault system; + }) + ++ + (optional (pkgs_ != null) { + _module.args.pkgs = lib.mkForce pkgs_; + }) + ); }; withWarnings = x: diff --git a/nixos/lib/testing/nodes.nix b/nixos/lib/testing/nodes.nix index c538ab468c5..6e439fd814d 100644 --- a/nixos/lib/testing/nodes.nix +++ b/nixos/lib/testing/nodes.nix @@ -1,13 +1,22 @@ testModuleArgs@{ config, lib, hostPkgs, nodes, ... }: let - inherit (lib) mkOption mkForce optional types mapAttrs mkDefault mdDoc; - - system = hostPkgs.stdenv.hostPlatform.system; + inherit (lib) + literalExpression + literalMD + mapAttrs + mdDoc + mkDefault + mkIf + mkOption mkForce + optional + optionalAttrs + types + ; baseOS = import ../eval-config.nix { - inherit system; + system = null; # use modularly defined system inherit (config.node) specialArgs; modules = [ config.defaults ]; baseModules = (import ../../modules/module-list.nix) ++ @@ -17,11 +26,17 @@ let ({ config, ... }: { virtualisation.qemu.package = testModuleArgs.config.qemu.package; - + }) + (optionalAttrs (!config.node.pkgsReadOnly) { + key = "nodes.nix-pkgs"; + config = { # Ensure we do not use aliases. Ideally this is only set # when the test framework is used by Nixpkgs NixOS tests. nixpkgs.config.allowAliases = false; - }) + # TODO: switch to nixpkgs.hostPlatform and make sure containers-imperative test still evaluates. + nixpkgs.system = hostPkgs.stdenv.hostPlatform.system; + }; + }) testModuleArgs.config.extraBaseModules ]; }; @@ -68,6 +83,30 @@ in default = { }; }; + node.pkgs = mkOption { + description = mdDoc '' + The Nixpkgs to use for the nodes. + + Setting this will make the `nixpkgs.*` options read-only, to avoid mistakenly testing with a Nixpkgs configuration that diverges from regular use. + ''; + type = types.nullOr types.pkgs; + default = null; + defaultText = literalMD '' + `null`, so construct `pkgs` according to the `nixpkgs.*` options as usual. + ''; + }; + + node.pkgsReadOnly = mkOption { + description = mdDoc '' + Whether to make the `nixpkgs.*` options read-only. This is only relevant when [`node.pkgs`](#test-opt-node.pkgs) is set. + + Set this to `false` when any of the [`nodes`](#test-opt-nodes) needs to configure any of the `nixpkgs.*` options. This will slow down evaluation of your test a bit. + ''; + type = types.bool; + default = config.node.pkgs != null; + defaultText = literalExpression ''node.pkgs != null''; + }; + node.specialArgs = mkOption { type = types.lazyAttrsOf types.raw; default = { }; @@ -100,5 +139,11 @@ in config.nodes; passthru.nodes = config.nodesCompat; + + defaults = mkIf config.node.pkgsReadOnly { + nixpkgs.pkgs = config.node.pkgs; + imports = [ ../../modules/misc/nixpkgs/read-only.nix ]; + }; + }; } diff --git a/nixos/modules/misc/nixpkgs.nix b/nixos/modules/misc/nixpkgs.nix index 7f44c3f6f3f..55ec08acf44 100644 --- a/nixos/modules/misc/nixpkgs.nix +++ b/nixos/modules/misc/nixpkgs.nix @@ -49,10 +49,10 @@ let merge = lib.mergeOneOption; }; - pkgsType = mkOptionType { - name = "nixpkgs"; + pkgsType = types.pkgs // { + # This type is only used by itself, so let's elaborate the description a bit + # for the purpose of documentation. description = "An evaluation of Nixpkgs; the top level attribute set of packages"; - check = builtins.isAttrs; }; # Whether `pkgs` was constructed by this module - not if nixpkgs.pkgs or diff --git a/nixos/modules/misc/nixpkgs/read-only.nix b/nixos/modules/misc/nixpkgs/read-only.nix new file mode 100644 index 00000000000..2a783216a9d --- /dev/null +++ b/nixos/modules/misc/nixpkgs/read-only.nix @@ -0,0 +1,74 @@ +# A replacement for the traditional nixpkgs module, such that none of the modules +# can add their own configuration. This ensures that the Nixpkgs configuration is +# exactly as the user intends. +# This may also be used as a performance optimization when evaluating multiple +# configurations at once, with a shared `pkgs`. + +# This is a separate module, because merging this logic into the nixpkgs module +# is too burdensome, considering that it is already burdened with legacy. +# Moving this logic into a module does not lose any composition benefits, because +# its purpose is not something that composes anyway. + +{ lib, config, ... }: + +let + cfg = config.nixpkgs; + inherit (lib) mkOption types; + +in +{ + disabledModules = [ + ../nixpkgs.nix + ]; + options = { + nixpkgs = { + pkgs = mkOption { + type = lib.types.pkgs; + description = lib.mdDoc ''The pkgs module argument.''; + }; + config = mkOption { + internal = true; + type = types.unique { message = "nixpkgs.config is set to read-only"; } types.anything; + description = lib.mdDoc '' + The Nixpkgs `config` that `pkgs` was initialized with. + ''; + }; + overlays = mkOption { + internal = true; + type = types.unique { message = "nixpkgs.overlays is set to read-only"; } types.anything; + description = lib.mdDoc '' + The Nixpkgs overlays that `pkgs` was initialized with. + ''; + }; + hostPlatform = mkOption { + internal = true; + readOnly = true; + description = lib.mdDoc '' + The platform of the machine that is running the NixOS configuration. + ''; + }; + buildPlatform = mkOption { + internal = true; + readOnly = true; + description = lib.mdDoc '' + The platform of the machine that built the NixOS configuration. + ''; + }; + # NOTE: do not add the legacy options such as localSystem here. Let's keep + # this module simple and let module authors upgrade their code instead. + }; + }; + config = { + _module.args.pkgs = + # find mistaken definitions + builtins.seq cfg.config + builtins.seq cfg.overlays + builtins.seq cfg.hostPlatform + builtins.seq cfg.buildPlatform + cfg.pkgs; + nixpkgs.config = cfg.pkgs.config; + nixpkgs.overlays = cfg.pkgs.overlays; + nixpkgs.hostPlatform = cfg.pkgs.stdenv.hostPlatform; + nixpkgs.buildPlatform = cfg.pkgs.stdenv.buildPlatform; + }; +} diff --git a/nixos/modules/misc/nixpkgs/test.nix b/nixos/modules/misc/nixpkgs/test.nix index a6d8877ae07..0536cfc9624 100644 --- a/nixos/modules/misc/nixpkgs/test.nix +++ b/nixos/modules/misc/nixpkgs/test.nix @@ -1,3 +1,5 @@ +# [nixpkgs]$ nix-build -A nixosTests.nixpkgs --show-trace + { evalMinimalConfig, pkgs, lib, stdenv }: let eval = mod: evalMinimalConfig { @@ -27,6 +29,47 @@ let let uncheckedEval = lib.evalModules { modules = [ ../nixpkgs.nix module ]; }; in map (ass: ass.message) (lib.filter (ass: !ass.assertion) uncheckedEval.config.assertions); + + readOnlyUndefined = evalMinimalConfig { + imports = [ ./read-only.nix ]; + }; + + readOnlyBad = evalMinimalConfig { + imports = [ ./read-only.nix ]; + nixpkgs.pkgs = { }; + }; + + readOnly = evalMinimalConfig { + imports = [ ./read-only.nix ]; + nixpkgs.pkgs = pkgs; + }; + + readOnlyBadConfig = evalMinimalConfig { + imports = [ ./read-only.nix ]; + nixpkgs.pkgs = pkgs; + nixpkgs.config.allowUnfree = true; # do in pkgs instead! + }; + + readOnlyBadOverlays = evalMinimalConfig { + imports = [ ./read-only.nix ]; + nixpkgs.pkgs = pkgs; + nixpkgs.overlays = [ (_: _: {}) ]; # do in pkgs instead! + }; + + readOnlyBadHostPlatform = evalMinimalConfig { + imports = [ ./read-only.nix ]; + nixpkgs.pkgs = pkgs; + nixpkgs.hostPlatform = "foo-linux"; # do in pkgs instead! + }; + + readOnlyBadBuildPlatform = evalMinimalConfig { + imports = [ ./read-only.nix ]; + nixpkgs.pkgs = pkgs; + nixpkgs.buildPlatform = "foo-linux"; # do in pkgs instead! + }; + + throws = x: ! (builtins.tryEval x).success; + in lib.recurseIntoAttrs { invokeNixpkgsSimple = @@ -65,5 +108,21 @@ lib.recurseIntoAttrs { nixpkgs.pkgs = pkgs; } == []; + + # Tests for the read-only.nix module + assert readOnly._module.args.pkgs.stdenv.hostPlatform.system == pkgs.stdenv.hostPlatform.system; + assert throws readOnlyBad._module.args.pkgs.stdenv; + assert throws readOnlyUndefined._module.args.pkgs.stdenv; + assert throws readOnlyBadConfig._module.args.pkgs.stdenv; + assert throws readOnlyBadOverlays._module.args.pkgs.stdenv; + assert throws readOnlyBadHostPlatform._module.args.pkgs.stdenv; + assert throws readOnlyBadBuildPlatform._module.args.pkgs.stdenv; + # read-only.nix does not provide legacy options, for the sake of simplicity + # If you're bothered by this, upgrade your configs to use the new *Platform + # options. + assert !readOnly.options.nixpkgs?system; + assert !readOnly.options.nixpkgs?localSystem; + assert !readOnly.options.nixpkgs?crossSystem; + pkgs.emptyFile; } diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 5459dd161b8..9f35dca5cc4 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -46,7 +46,7 @@ let inherit (rec { doRunTest = arg: ((import ../lib/testing-python.nix { inherit system pkgs; }).evalTest { - imports = [ arg ]; + imports = [ arg readOnlyPkgs ]; }).config.result; findTests = tree: if tree?recurseForDerivations && tree.recurseForDerivations @@ -65,6 +65,23 @@ let runTestOn ; + # Using a single instance of nixpkgs makes test evaluation faster. + # To make sure we don't accidentally depend on a modified pkgs, we make the + # related options read-only. We need to test the right configuration. + # + # If your service depends on a nixpkgs setting, first try to avoid that, but + # otherwise, you can remove the readOnlyPkgs import and test your service as + # usual. + readOnlyPkgs = + # TODO: We currently accept this for nixosTests, so that the `pkgs` argument + # is consistent with `pkgs` in `pkgs.nixosTests`. Can we reinitialize + # it with `allowAliases = false`? + # warnIf pkgs.config.allowAliases "nixosTests: pkgs includes aliases." + { + _class = "nixosTest"; + node.pkgs = pkgs; + }; + in { # Testing the test driver @@ -267,7 +284,7 @@ in { gitdaemon = handleTest ./gitdaemon.nix {}; gitea = handleTest ./gitea.nix { giteaPackage = pkgs.gitea; }; github-runner = handleTest ./github-runner.nix {}; - gitlab = handleTest ./gitlab.nix {}; + gitlab = runTest ./gitlab.nix; gitolite = handleTest ./gitolite.nix {}; gitolite-fcgiwrap = handleTest ./gitolite-fcgiwrap.nix {}; glusterfs = handleTest ./glusterfs.nix {}; diff --git a/nixos/tests/gitlab.nix b/nixos/tests/gitlab.nix index c2a11bada0a..672b497e7ec 100644 --- a/nixos/tests/gitlab.nix +++ b/nixos/tests/gitlab.nix @@ -6,7 +6,10 @@ # - Creating Merge Requests and merging them # - Opening and closing issues. # - Downloading repository archives as tar.gz and tar.bz2 -import ./make-test-python.nix ({ pkgs, lib, ... }: +# Run with +# [nixpkgs]$ nix-build -A nixosTests.gitlab + +{ pkgs, lib, ... }: with lib; @@ -174,7 +177,7 @@ in { gitlab.wait_for_unit("gitlab.service") gitlab.wait_for_unit("gitlab-pages.service") gitlab.wait_for_unit("gitlab-sidekiq.service") - gitlab.wait_for_file("${nodes.gitlab.config.services.gitlab.statePath}/tmp/sockets/gitlab.socket") + gitlab.wait_for_file("${nodes.gitlab.services.gitlab.statePath}/tmp/sockets/gitlab.socket") gitlab.wait_until_succeeds("curl -sSf http://gitlab/users/sign_in") ''; @@ -419,15 +422,15 @@ in { + '' gitlab.systemctl("start gitlab-backup.service") gitlab.wait_for_unit("gitlab-backup.service") - gitlab.wait_for_file("${nodes.gitlab.config.services.gitlab.statePath}/backup/dump_gitlab_backup.tar") + gitlab.wait_for_file("${nodes.gitlab.services.gitlab.statePath}/backup/dump_gitlab_backup.tar") gitlab.systemctl("stop postgresql.service gitlab.target") gitlab.succeed( - "find ${nodes.gitlab.config.services.gitlab.statePath} -mindepth 1 -maxdepth 1 -not -name backup -execdir rm -r {} +" + "find ${nodes.gitlab.services.gitlab.statePath} -mindepth 1 -maxdepth 1 -not -name backup -execdir rm -r {} +" ) gitlab.succeed("systemd-tmpfiles --create") - gitlab.succeed("rm -rf ${nodes.gitlab.config.services.postgresql.dataDir}") + gitlab.succeed("rm -rf ${nodes.gitlab.services.postgresql.dataDir}") gitlab.systemctl("start gitlab-config.service gitaly.service gitlab-postgresql.service") - gitlab.wait_for_file("${nodes.gitlab.config.services.gitlab.statePath}/tmp/sockets/gitaly.socket") + gitlab.wait_for_file("${nodes.gitlab.services.gitlab.statePath}/tmp/sockets/gitaly.socket") gitlab.succeed( "sudo -u gitlab -H gitlab-rake gitlab:backup:restore RAILS_ENV=production BACKUP=dump force=yes" ) @@ -435,4 +438,4 @@ in { '' + waitForServices + test false; -}) +} diff --git a/nixos/tests/harmonia.nix b/nixos/tests/harmonia.nix index 3057caf7016..6cf9ad4d233 100644 --- a/nixos/tests/harmonia.nix +++ b/nixos/tests/harmonia.nix @@ -8,6 +8,7 @@ services.harmonia = { enable = true; signKeyPath = pkgs.writeText "cache-key" "cache.example.com-1:9FhO0w+7HjZrhvmzT1VlAZw4OSAlFGTgC24Seg3tmPl4gZBdwZClzTTHr9cVzJpwsRSYLTu7hEAQe3ljy92CWg=="; + settings.priority = 35; }; networking.firewall.allowedTCPPorts = [ 5000 ]; @@ -26,7 +27,8 @@ start_all() harmonia.wait_for_unit("harmonia.service") - client01.wait_until_succeeds("curl -f http://harmonia:5000/nix-cache-info") + + client01.wait_until_succeeds("curl -f http://harmonia:5000/nix-cache-info | grep '${toString nodes.harmonia.services.harmonia.settings.priority}' >&2") client01.succeed("curl -f http://harmonia:5000/version | grep '${nodes.harmonia.services.harmonia.package.version}' >&2") client01.succeed("cat /etc/nix/nix.conf >&2") diff --git a/pkgs/applications/audio/cyanrip/default.nix b/pkgs/applications/audio/cyanrip/default.nix index 358c769ea07..1828858b3cd 100644 --- a/pkgs/applications/audio/cyanrip/default.nix +++ b/pkgs/applications/audio/cyanrip/default.nix @@ -12,13 +12,13 @@ }: stdenv.mkDerivation rec { pname = "cyanrip"; - version = "0.8.1"; + version = "0.9.0"; src = fetchFromGitHub { owner = "cyanreg"; repo = pname; rev = "v${version}"; - sha256 = "17bi2xhjv3f3i870whkyqckvjlg32wqkspash87zi0jw7m7jm229"; + sha256 = "sha256-gH/rWTRYX10Q2Y9oSaMu0bOy3SMbcSNmH3dkXHFAw90"; }; nativeBuildInputs = [ meson ninja pkg-config ]; diff --git a/pkgs/applications/misc/megacmd/default.nix b/pkgs/applications/misc/megacmd/default.nix index 32358aee2b7..9875631466c 100644 --- a/pkgs/applications/misc/megacmd/default.nix +++ b/pkgs/applications/misc/megacmd/default.nix @@ -23,13 +23,13 @@ stdenv.mkDerivation rec { pname = "megacmd"; - version = "1.6.1"; + version = "1.6.3"; src = fetchFromGitHub { owner = "meganz"; repo = "MEGAcmd"; rev = "${version}_Linux"; - sha256 = "sha256-X8ysTVr4oZS3VHuCyq96J6TL9nvtAT/HVnMyz5iXSXo="; + sha256 = "sha256-JnxfFbM+NyeUrEMok62zlsQIxjrUvLLg4tUTiKPDZFc="; fetchSubmodules = true; }; diff --git a/pkgs/applications/misc/swaynotificationcenter/default.nix b/pkgs/applications/misc/swaynotificationcenter/default.nix index 41a065349c4..e9d9a9ef387 100644 --- a/pkgs/applications/misc/swaynotificationcenter/default.nix +++ b/pkgs/applications/misc/swaynotificationcenter/default.nix @@ -83,6 +83,7 @@ stdenv.mkDerivation (finalAttrs: rec { changelog = "https://github.com/ErikReider/SwayNotificationCenter/releases/tag/v${version}"; license = licenses.gpl3; platforms = platforms.linux; + mainProgram = "swaync"; maintainers = with maintainers; [ berbiche pedrohlc ]; }; }) diff --git a/pkgs/applications/networking/cluster/cmctl/default.nix b/pkgs/applications/networking/cluster/cmctl/default.nix index 9f313f3ae1b..ab4789741fb 100644 --- a/pkgs/applications/networking/cluster/cmctl/default.nix +++ b/pkgs/applications/networking/cluster/cmctl/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "cmctl"; - version = "1.11.1"; + version = "1.11.2"; src = fetchFromGitHub { owner = "cert-manager"; repo = "cert-manager"; - rev = "e3a2a803e8ed7f8a88d5f535d6e9a061c1571194"; - sha256 = "0484dh520plgmrv39lbih44z1dz0r3sf115kqvcpfmg13b0328d0"; + rev = "4767427a40e0e193c976fd6bc228f50de8950572"; + sha256 = "128s5vd4hp5mr0rnb21grzmijzx0ibpv71as36dcgw7z4v3gq7lx"; }; - vendorSha256 = "sha256-tKvvqYGwLEoSfGzBRLx8xC/0Kz1uLmHYQ+gcHOW+550="; + vendorSha256 = "sha256-+r0QpD97r6dokUr07Qjb9kvoK+oz2rvml0cIebtYuHg="; subPackages = [ "cmd/ctl" ]; diff --git a/pkgs/applications/networking/cluster/kubefirst/default.nix b/pkgs/applications/networking/cluster/kubefirst/default.nix new file mode 100644 index 00000000000..c90460d1692 --- /dev/null +++ b/pkgs/applications/networking/cluster/kubefirst/default.nix @@ -0,0 +1,26 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "kubefirst"; + version = "2.0.8"; + + src = fetchFromGitHub { + owner = "kubefirst"; + repo = pname; + rev = "v${version}"; + hash = "sha256-JGseXRUehRuH1kuTfmkAJcfRN3vM0zN7K8pnOfJ0LAs="; + }; + + vendorHash = "sha256-Sc6HXJXkZ9vW6sxEKCTo6LDHeOGLTz0oN9JH11iUA/k="; + + ldflags = [ "-s" "-w" "-X github.com/kubefirst/runtime/configs.K1Version=v${version}"]; + + doCheck = false; + + meta = with lib; { + description = "The Kubefirst CLI creates instant GitOps platforms that integrate some of the best tools in cloud native from scratch."; + homepage = "https://github.com/kubefirst/kubefirst/"; + license = licenses.mit; + maintainers = with maintainers; [ qjoly ]; + }; +} diff --git a/pkgs/applications/networking/cluster/tfautomv/default.nix b/pkgs/applications/networking/cluster/tfautomv/default.nix new file mode 100644 index 00000000000..94dc0754ff7 --- /dev/null +++ b/pkgs/applications/networking/cluster/tfautomv/default.nix @@ -0,0 +1,27 @@ +{ lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "tfautomv"; + version = "0.5.1"; + + src = fetchFromGitHub { + owner = "padok-team"; + repo = pname; + rev = "v${version}"; + hash = "sha256-shpoi/N/gfzisjj1tvZGSEuorqaoOJMhYOjx+Y8F/Ds="; + }; + + vendorHash = "sha256-BjmtUamecTSwT7gHM/6uz1r/P8O0TWzp9Dk43rdmxXU="; + + ldflags = [ "-s" "-w" ]; + + meta = with lib; { + homepage = "https://github.com/padok-team/tfautomv"; + description = "When refactoring a Terraform codebase, you often need to write moved blocks. This can be tedious. Let tfautomv do it for you"; + license = licenses.asl20; + maintainers = with maintainers; [ qjoly ]; + }; +} diff --git a/pkgs/applications/virtualization/pods/Cargo.lock b/pkgs/applications/virtualization/pods/Cargo.lock index 02fabce58d1..bd7e65b1014 100644 --- a/pkgs/applications/virtualization/pods/Cargo.lock +++ b/pkgs/applications/virtualization/pods/Cargo.lock @@ -120,9 +120,9 @@ dependencies = [ [[package]] name = "bumpalo" -version = "3.12.1" +version = "3.12.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9b1ce199063694f33ffb7dd4e0ee620741495c32833cde5aa08f02a0bf96f0c8" +checksum = "3c6ed94e98ecff0c12dd1b04c15ec0d7d9458ca8fe806cea6f12954efe74c63b" [[package]] name = "byteorder" @@ -1092,9 +1092,9 @@ checksum = "453ad9f582a441959e5f0d088b02ce04cfe8d51a8eaf077f12ac6d3e94164ca6" [[package]] name = "js-sys" -version = "0.3.61" +version = "0.3.62" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "445dde2150c55e483f3d8416706b97ec8e8237c307e5b7b4b8dd15e6af2a0730" +checksum = "68c16e1bfd491478ab155fd8b4896b86f9ede344949b641e61501e07c2b8b4d5" dependencies = [ "wasm-bindgen", ] @@ -1142,9 +1142,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.142" +version = "0.2.144" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6a987beff54b60ffa6d51982e1aa1146bc42f19bd26be28b0586f252fccf5317" +checksum = "2b00cc1c228a6782d0f076e7b232802e0c5689d41bb5df366f2a6b6621cfdfe1" [[package]] name = "libpanel" @@ -1188,9 +1188,9 @@ dependencies = [ [[package]] name = "linux-raw-sys" -version = "0.3.6" +version = "0.3.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b64f40e5e03e0d54f03845c8197d0291253cdbedfb1cb46b13c2c117554a9f4c" +checksum = "ece97ea872ece730aed82664c424eb4c8291e1ff2480247ccf7409044bc6479f" [[package]] name = "locale_config" @@ -1477,9 +1477,9 @@ checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" [[package]] name = "pkg-config" -version = "0.3.26" +version = "0.3.27" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6ac9a59f73473f1b8d852421e59e64809f025994837ef743615c6d0c5b305160" +checksum = "26072860ba924cbfa98ea39c8c19b4dd6a4a25423dbdf219c1eca91aa0cf6964" [[package]] name = "podman-api" @@ -1518,7 +1518,7 @@ dependencies = [ [[package]] name = "pods" -version = "1.1.1" +version = "1.1.2" dependencies = [ "anyhow", "ashpd", @@ -1594,9 +1594,9 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.26" +version = "1.0.27" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4424af4bf778aae2051a77b60283332f386554255d722233d09fbfc7e30da2fc" +checksum = "8f4f29d145265ec1c483c7c654450edde0bfe043d3938d6972630663356d9500" dependencies = [ "proc-macro2", ] @@ -1677,9 +1677,9 @@ dependencies = [ [[package]] name = "rustix" -version = "0.37.18" +version = "0.37.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8bbfc1d1c7c40c01715f47d71444744a81669ca84e8b63e25a55e169b1f86433" +checksum = "acf8729d8542766f1b2cf77eb034d52f40d375bb8b615d0b147089946e16613d" dependencies = [ "bitflags", "errno", @@ -1709,18 +1709,18 @@ checksum = "bebd363326d05ec3e2f532ab7660680f3b02130d780c299bca73469d521bc0ed" [[package]] name = "serde" -version = "1.0.160" +version = "1.0.162" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bb2f3770c8bce3bcda7e149193a069a0f4365bda1fa5cd88e03bca26afc1216c" +checksum = "71b2f6e1ab5c2b98c05f0f35b236b22e8df7ead6ffbf51d7808da7f8817e7ab6" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.160" +version = "1.0.162" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "291a097c63d8497e00160b166a967a4a79c64f3facdd01cbd7502231688d77df" +checksum = "a2a0814352fd64b58489904a44ea8d90cb1a91dcb6b4f5ebabc32c8318e93cb6" dependencies = [ "proc-macro2", "quote", @@ -1868,14 +1868,14 @@ dependencies = [ "hostname", "libc", "log", - "time 0.3.20", + "time 0.3.21", ] [[package]] name = "system-deps" -version = "6.0.5" +version = "6.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d0fe581ad25d11420b873cf9aedaca0419c2b411487b134d4d21065f3d092055" +checksum = "e5fa6fb9ee296c0dc2df41a656ca7948546d061958115ddb0bcaae43ad0d17d2" dependencies = [ "cfg-expr", "heck", @@ -1962,9 +1962,9 @@ dependencies = [ [[package]] name = "time" -version = "0.3.20" +version = "0.3.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cd0cbfecb4d19b5ea75bb31ad904eb5b9fa13f21079c3b92017ebdf4999a5890" +checksum = "8f3403384eaacbca9923fa06940178ac13e4edb725486d70e8e15881d0c836cc" dependencies = [ "itoa", "libc", @@ -1976,15 +1976,15 @@ dependencies = [ [[package]] name = "time-core" -version = "0.1.0" +version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2e153e1f1acaef8acc537e68b44906d2db6436e2b35ac2c6b42640fff91f00fd" +checksum = "7300fbefb4dadc1af235a9cef3737cea692a9d97e1b9cbcd4ebdae6f8868e6fb" [[package]] name = "time-macros" -version = "0.2.8" +version = "0.2.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fd80a657e71da814b8e5d60d3374fc6d35045062245d80224748ae522dd76f36" +checksum = "372950940a5f07bf38dbe211d7283c9e6d7327df53794992d293e534c733d09b" dependencies = [ "time-core", ] @@ -2006,9 +2006,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.28.0" +version = "1.28.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c3c786bf8134e5a3a166db9b29ab8f48134739014a3eca7bc6bfa95d673b136f" +checksum = "0aa32867d44e6f2ce3385e89dceb990188b8bb0fb25b0cf576647a6f98ac5105" dependencies = [ "autocfg", "bytes 1.4.0", @@ -2274,9 +2274,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasm-bindgen" -version = "0.2.84" +version = "0.2.85" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "31f8dcbc21f30d9b8f2ea926ecb58f6b91192c17e9d33594b3df58b2007ca53b" +checksum = "5b6cb788c4e39112fbe1822277ef6fb3c55cd86b95cb3d3c4c1c9597e4ac74b4" dependencies = [ "cfg-if", "wasm-bindgen-macro", @@ -2284,24 +2284,24 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.84" +version = "0.2.85" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "95ce90fd5bcc06af55a641a86428ee4229e44e07033963a2290a8e241607ccb9" +checksum = "35e522ed4105a9d626d885b35d62501b30d9666283a5c8be12c14a8bdafe7822" dependencies = [ "bumpalo", "log", "once_cell", "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.15", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-macro" -version = "0.2.84" +version = "0.2.85" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c21f77c0bedc37fd5dc21f897894a5ca01e7bb159884559461862ae90c0b4c5" +checksum = "358a79a0cb89d21db8120cbfb91392335913e4890665b1a7981d9e956903b434" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -2309,22 +2309,22 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.84" +version = "0.2.85" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2aff81306fcac3c7515ad4e177f521b5c9a15f2b08f4e32d823066102f35a5f6" +checksum = "4783ce29f09b9d93134d41297aded3a712b7b979e9c6f28c32cb88c973a94869" dependencies = [ "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.15", "wasm-bindgen-backend", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-shared" -version = "0.2.84" +version = "0.2.85" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0046fef7e28c3804e5e38bfa31ea2a0f73905319b677e57ebe37e49358989b5d" +checksum = "a901d592cafaa4d711bc324edfaff879ac700b19c3dfd60058d2b445be2691eb" [[package]] name = "winapi" diff --git a/pkgs/applications/virtualization/pods/default.nix b/pkgs/applications/virtualization/pods/default.nix index 966f67eb39c..acbf557dd25 100644 --- a/pkgs/applications/virtualization/pods/default.nix +++ b/pkgs/applications/virtualization/pods/default.nix @@ -17,13 +17,13 @@ stdenv.mkDerivation rec { pname = "pods"; - version = "1.1.1"; + version = "1.1.2"; src = fetchFromGitHub { owner = "marhkb"; repo = pname; rev = "v${version}"; - sha256 = "sha256-GTRHysG1zPr6MorGoSKYq8TgAdTH/bU/AxVrP2Ghqec="; + sha256 = "sha256-5euSMmyumZbUFsZuP7fa3wCm4n0Hx+F8bPlv4Xw/Hvw="; }; cargoDeps = rustPlatform.importCargoLock { diff --git a/pkgs/development/interpreters/ruby/default.nix b/pkgs/development/interpreters/ruby/default.nix index daa512500a4..f390e67182a 100644 --- a/pkgs/development/interpreters/ruby/default.nix +++ b/pkgs/development/interpreters/ruby/default.nix @@ -84,8 +84,8 @@ let ++ (op fiddleSupport libffi) ++ (ops cursesSupport [ ncurses readline ]) ++ (op zlibSupport zlib) - ++ (op (!atLeast30 && opensslSupport) openssl_1_1) - ++ (op (atLeast30 && opensslSupport) openssl) + ++ (op (!atLeast31 && opensslSupport) openssl_1_1) + ++ (op (atLeast31 && opensslSupport) openssl) ++ (op gdbmSupport gdbm) ++ (op yamlSupport libyaml) # Looks like ruby fails to build on darwin without readline even if curses diff --git a/pkgs/development/libraries/opencl-headers/default.nix b/pkgs/development/libraries/opencl-headers/default.nix index ca5e24e8557..6bb2b4c235a 100644 --- a/pkgs/development/libraries/opencl-headers/default.nix +++ b/pkgs/development/libraries/opencl-headers/default.nix @@ -3,13 +3,13 @@ stdenv.mkDerivation rec { pname = "opencl-headers"; - version = "2023.04.17"; + version = "2023.02.06"; src = fetchFromGitHub { owner = "KhronosGroup"; repo = "OpenCL-Headers"; rev = "v${version}"; - sha256 = "sha256-FK6pbIqNVVW9p6ozUVzuRxfxvibCA4cNFfhT22WjSzE="; + sha256 = "sha256-BJDaDokyHgmyl+bGqCwG1J7iOvu0E3P3iYZ1/krot8s="; }; installPhase = '' diff --git a/pkgs/development/python-modules/aws-secretsmanager-caching/default.nix b/pkgs/development/python-modules/aws-secretsmanager-caching/default.nix new file mode 100644 index 00000000000..95343fbf373 --- /dev/null +++ b/pkgs/development/python-modules/aws-secretsmanager-caching/default.nix @@ -0,0 +1,63 @@ +{ lib +, buildPythonPackage +, pythonOlder +, fetchPypi +, setuptools-scm +, botocore +, pytestCheckHook +}: + +buildPythonPackage rec { + pname = "aws_secretsmanager_caching"; + version = "1.1.1.5"; + format = "setuptools"; + + disabled = pythonOlder "3.7"; + + src = fetchPypi { + inherit pname version; + sha256 = "5cee2762bb89b72f3e5123feee8e45fbe44ffe163bfca08b28f27b2e2b7772e1"; + }; + + nativeBuildInputs = [ + setuptools-scm + ]; + + propagatedBuildInputs = [ + botocore + ]; + + patches = [ + # Remove coverage tests from the pytest invocation in setup.cfg. + ./remove-coverage-tests.patch + ]; + + postPatch = '' + substituteInPlace setup.py \ + --replace "'pytest-runner'," "" + ''; + + nativeCheckInputs = [ + pytestCheckHook + ]; + + disabledTestPaths = [ + # Integration tests require networking. + "test/integ" + ]; + + pythonImportsCheck = [ + "aws_secretsmanager_caching" + ]; + + meta = with lib; { + description = "Client-side AWS secrets manager caching library"; + homepage = "https://github.com/aws/aws-secretsmanager-caching-python"; + changelog = "https://github.com/aws/aws-secretsmanager-caching-python/releases/tag/v${version}"; + longDescription = '' + The AWS Secrets Manager Python caching client enables in-process caching of secrets for Python applications. + ''; + license = licenses.asl20; + maintainers = with maintainers; [ tomaskala ]; + }; +} diff --git a/pkgs/development/python-modules/aws-secretsmanager-caching/remove-coverage-tests.patch b/pkgs/development/python-modules/aws-secretsmanager-caching/remove-coverage-tests.patch new file mode 100644 index 00000000000..57af75dcb4f --- /dev/null +++ b/pkgs/development/python-modules/aws-secretsmanager-caching/remove-coverage-tests.patch @@ -0,0 +1,14 @@ +diff --git a/setup.cfg b/setup.cfg +index 5aa81b2..0c02ded 100644 +--- a/setup.cfg ++++ b/setup.cfg +@@ -3,9 +3,6 @@ xfail_strict = true + addopts = + --verbose + --doctest-modules +- --cov aws_secretsmanager_caching +- --cov-fail-under 90 +- --cov-report term-missing + --ignore doc/ + + [aliases] diff --git a/pkgs/development/python-modules/azure-mgmt-datafactory/default.nix b/pkgs/development/python-modules/azure-mgmt-datafactory/default.nix index 8104cfd3402..735bcba46c3 100644 --- a/pkgs/development/python-modules/azure-mgmt-datafactory/default.nix +++ b/pkgs/development/python-modules/azure-mgmt-datafactory/default.nix @@ -10,7 +10,7 @@ buildPythonPackage rec { pname = "azure-mgmt-datafactory"; - version = "3.0.0"; + version = "3.1.0"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -18,7 +18,7 @@ buildPythonPackage rec { src = fetchPypi { inherit pname version; extension = "zip"; - hash = "sha256-aVfH65fJnsTSr0MR0Fr5yamxIOv2+aST953uCr7QXOk="; + hash = "sha256-lsOUxDoXocf1fUIcY4q74/vd86LO7yumJg7rJ6i3zcg="; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/riscv-isac/default.nix b/pkgs/development/python-modules/riscv-isac/default.nix index 98fff40285b..13aca2c0d7b 100644 --- a/pkgs/development/python-modules/riscv-isac/default.nix +++ b/pkgs/development/python-modules/riscv-isac/default.nix @@ -1,44 +1,62 @@ -{ buildPythonPackage +{ lib +, buildPythonPackage , fetchFromGitHub -, lib , click , colorlog , gitpython +, pluggy , pyelftools , pytablewriter -, pytest +, pytestCheckHook , pyyaml , ruamel-yaml +, pythonOlder }: buildPythonPackage rec { pname = "riscv-isac"; - version = "0.16.1"; + version = "0.17.0"; + format = "setuptools"; + + disabled = pythonOlder "3.7"; src = fetchFromGitHub { owner = "riscv-software-src"; repo = pname; - rev = version; - hash = "sha256-Krjr9bvpoOeNfMbYj/QbJ+Y+AVLjwrzj8KKMUXCfnMA="; + rev = "refs/tags/${version}"; + hash = "sha256-I0RsvSCrSlNGVj8z+WUQx6vbdNkKCRyMFvNx+0mTBAE="; }; - postPatch = "substituteInPlace riscv_isac/requirements.txt --replace 'pyelftools==0.26' pyelftools"; + postPatch = '' + substituteInPlace riscv_isac/requirements.txt \ + --replace "pyelftools==0.26" "pyelftools" \ + --replace "pytest" "" + ''; propagatedBuildInputs = [ click colorlog gitpython + pluggy pyelftools pytablewriter - pytest pyyaml ruamel-yaml ]; + nativeCheckInputs = [ + pytestCheckHook + ]; + + pythonImportsCheck = [ + "riscv_isac" + ]; + meta = with lib; { - homepage = "https://github.com/riscv/riscv-isac"; description = "An ISA coverage extraction tool"; - maintainers = with maintainers; [ genericnerdyusername ]; + homepage = "https://github.com/riscv/riscv-isac"; + changelog = "https://github.com/riscv-software-src/riscv-isac/blob/${version}/CHANGELOG.md"; license = licenses.bsd3; + maintainers = with maintainers; [ genericnerdyusername ]; }; } diff --git a/pkgs/development/python-modules/twisted/default.nix b/pkgs/development/python-modules/twisted/default.nix index bcd2f6d5e06..f45acbe87a4 100644 --- a/pkgs/development/python-modules/twisted/default.nix +++ b/pkgs/development/python-modules/twisted/default.nix @@ -69,6 +69,13 @@ buildPythonPackage rec { url = "https://github.com/mweinelt/twisted/commit/e69e652de671aac0abf5c7e6c662fc5172758c5a.patch"; hash = "sha256-LmvKUTViZoY/TPBmSlx4S9FbJNZfB5cxzn/YcciDmoI="; }) + # remove half broken pyasn1 integration that blow up with pyasn 0.5.0 + # https://github.com/twisted/twisted/pull/11843 + (fetchpatch { + url = "https://github.com/twisted/twisted/commit/bdee0eb835a76b2982beaf10c85269ff25ea09fa.patch"; + excludes = [ "pyproject.toml" "tox.ini" ]; + hash = "sha256-oGAHmZMpMWfK+2zEDjHD115sW7exCYqfORVOLw+Wa6M="; + }) ] ++ lib.optionals (pythonAtLeast "3.11") [ (fetchpatch { url = "https://github.com/twisted/twisted/pull/11734.diff"; @@ -95,6 +102,9 @@ buildPythonPackage rec { ]; postPatch = '' + substituteInPlace pyproject.toml \ + --replace '"pyasn1 >= 0.4",' "" + echo 'ListingTests.test_localeIndependent.skip = "Timezone issue"'>> src/twisted/conch/test/test_cftp.py echo 'ListingTests.test_newFile.skip = "Timezone issue"'>> src/twisted/conch/test/test_cftp.py echo 'ListingTests.test_newSingleDigitDayOfMonth.skip = "Timezone issue"'>> src/twisted/conch/test/test_cftp.py diff --git a/pkgs/development/python-modules/xhtml2pdf/default.nix b/pkgs/development/python-modules/xhtml2pdf/default.nix index c7f768ab2a8..931d08e12c1 100644 --- a/pkgs/development/python-modules/xhtml2pdf/default.nix +++ b/pkgs/development/python-modules/xhtml2pdf/default.nix @@ -15,18 +15,16 @@ buildPythonPackage rec { pname = "xhtml2pdf"; - version = "0.2.9"; + version = "0.2.11"; format = "setuptools"; disabled = pythonOlder "3.7"; - # Tests are only available on GitHub src = fetchFromGitHub { owner = pname; repo = pname; - # Currently it is not possible to fetch from version as there is a branch with the same name - rev = "refs/tags/${version}"; - hash = "sha256-MrzAsa0AZX3+0LN/Can3QBoPBRxb0a/F2jLBd8rD5H4="; + rev = "refs/tags/v${version}"; + hash = "sha256-L/HCw+O8bidtE5nDdO+cLS54m64dlJL+9Gjcye5gM+w="; }; propagatedBuildInputs = [ @@ -51,6 +49,7 @@ buildPythonPackage rec { meta = with lib; { description = "A PDF generator using HTML and CSS"; homepage = "https://github.com/xhtml2pdf/xhtml2pdf"; + changelog = "https://github.com/xhtml2pdf/xhtml2pdf/releases/tag/v${version}"; license = licenses.asl20; maintainers = with maintainers; [ ]; }; diff --git a/pkgs/development/tools/rust/cargo-audit/default.nix b/pkgs/development/tools/rust/cargo-audit/default.nix index 9845cca7925..ed794a22896 100644 --- a/pkgs/development/tools/rust/cargo-audit/default.nix +++ b/pkgs/development/tools/rust/cargo-audit/default.nix @@ -9,14 +9,14 @@ rustPlatform.buildRustPackage rec { pname = "cargo-audit"; - version = "0.17.5"; + version = "0.17.6"; src = fetchCrate { inherit pname version; - sha256 = "sha256-qsHy4MKQHBzChcOJ9TrlUbEnEtVxlzxDgZlahhDsoxM="; + sha256 = "sha256-ICNcBqlkX1k3J5vc/bfoXw/+l2LdHOchv4PfY0G7Y94="; }; - cargoSha256 = "sha256-7uBRybAkexBl3SldV4qudwPZ8JcKCUaAlwbAcT9JXy8="; + cargoSha256 = "sha256-ViqaiSLVfDJhMuHjHGi+NVRLPcRhe2a+oKXl4UNM+K8="; nativeBuildInputs = [ pkg-config diff --git a/pkgs/os-specific/darwin/apple-sdk-11.0/default.nix b/pkgs/os-specific/darwin/apple-sdk-11.0/default.nix index 1133cca002a..e4cc740ba1e 100644 --- a/pkgs/os-specific/darwin/apple-sdk-11.0/default.nix +++ b/pkgs/os-specific/darwin/apple-sdk-11.0/default.nix @@ -70,7 +70,7 @@ let stdenv = mkStdenv stdenv; } // builtins.listToAttrs (map (v: { name = "clang${v}Stdenv"; value = mkStdenv pkgs."llvmPackages_${v}".stdenv; }) - [ "12" "13" "14" "15" ] + [ "12" "13" "14" "15" "16" ] ); callPackage = newScope (packages // pkgs.darwin // { inherit MacOSX-SDK; }); diff --git a/pkgs/os-specific/linux/minimal-bootstrap/default.nix b/pkgs/os-specific/linux/minimal-bootstrap/default.nix index 509b7fe2059..97c9a26b53f 100644 --- a/pkgs/os-specific/linux/minimal-bootstrap/default.nix +++ b/pkgs/os-specific/linux/minimal-bootstrap/default.nix @@ -10,15 +10,21 @@ lib.makeScope # declared here. (extra: lib.callPackageWith ({ inherit lib config buildPlatform hostPlatform; } // extra)) (self: with self; { - inherit (callPackage ./utils.nix { }) fetchurl derivationWithMeta writeTextFile writeText runCommand; - inherit (callPackage ./stage0-posix { }) kaem m2libc mescc-tools mescc-tools-extra; + gnupatch = callPackage ./gnupatch { tinycc = tinycc-mes; }; + + gnumake = callPackage ./gnumake { tinycc = tinycc-mes; }; + + ln-boot = callPackage ./ln-boot { }; mes = callPackage ./mes { }; mes-libc = callPackage ./mes/libc.nix { }; - ln-boot = callPackage ./ln-boot { }; + inherit (callPackage ./stage0-posix { }) kaem m2libc mescc-tools mescc-tools-extra; tinycc-bootstrappable = callPackage ./tinycc/bootstrappable.nix { }; tinycc-mes = callPackage ./tinycc/mes.nix { }; + + inherit (callPackage ./utils.nix { }) fetchurl derivationWithMeta writeTextFile writeText runCommand; + }) diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gnumake/0001-No-impure-bin-sh.patch b/pkgs/os-specific/linux/minimal-bootstrap/gnumake/0001-No-impure-bin-sh.patch new file mode 100644 index 00000000000..58ee2d6fe09 --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/gnumake/0001-No-impure-bin-sh.patch @@ -0,0 +1,35 @@ +From e00a5257a6ca5fedbf68b09eee7df3502971a057 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io> +Date: Sat, 24 Apr 2021 10:11:40 +0200 +Subject: [PATCH 1/2] No impure bin sh + +default_shell is used to populuate default shell used to execute jobs. +Unless SHELL is set to a different value this would be /bin/sh. +Our stdenv provides sh in form of bash anyway. Having this value not +hard-coded has some advantages: + +- It would ensure that on all systems it uses sh from its PATH rather + than /bin/sh, which helps as different systems might have different + shells there (bash vs. dash) +- In the past I had issues with LD_PRELOAD with BEAR, where /bin/sh + used a different glibc than BEAR which came from my development shell. +--- + src/job.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/job.c b/src/job.c +index ae1f18b..6b4ddb3 100644 +--- a/src/job.c ++++ b/src/job.c +@@ -77,7 +77,7 @@ char * vms_strsignal (int status); + + #else + +-const char *default_shell = "/bin/sh"; ++const char *default_shell = "sh"; + int batch_mode_shell = 0; + + #endif +-- +2.31.1 + diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gnumake/0002-remove-impure-dirs.patch b/pkgs/os-specific/linux/minimal-bootstrap/gnumake/0002-remove-impure-dirs.patch new file mode 100644 index 00000000000..e62aee7d999 --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/gnumake/0002-remove-impure-dirs.patch @@ -0,0 +1,40 @@ +From 795d63d3c8b5c0dbb7e544954f75507b371b7228 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io> +Date: Sat, 24 Apr 2021 10:20:16 +0200 +Subject: [PATCH 2/2] remove impure dirs + +--- + src/read.c | 3 --- + src/remake.c | 2 -- + 2 files changed, 5 deletions(-) + +diff --git a/src/read.c b/src/read.c +index fa197fb..defacfb 100644 +--- a/src/read.c ++++ b/src/read.c +@@ -109,9 +109,6 @@ static const char *default_include_directories[] = + #endif + INCLUDEDIR, + #ifndef _AMIGA +- "/usr/gnu/include", +- "/usr/local/include", +- "/usr/include", + #endif + 0 + }; +diff --git a/src/remake.c b/src/remake.c +index fb237c5..94bff7d 100644 +--- a/src/remake.c ++++ b/src/remake.c +@@ -1601,8 +1601,6 @@ library_search (const char *lib, FILE_TIMESTAMP *mtime_ptr) + static const char *dirs[] = + { + #ifndef _AMIGA +- "/lib", +- "/usr/lib", + #endif + #if defined(WINDOWS32) && !defined(LIBDIR) + /* +-- +2.31.1 + diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gnumake/0003-tinycc-support.patch b/pkgs/os-specific/linux/minimal-bootstrap/gnumake/0003-tinycc-support.patch new file mode 100644 index 00000000000..e2e3f339515 --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/gnumake/0003-tinycc-support.patch @@ -0,0 +1,58 @@ +diff --git a/src/dir.c b/src/dir.c +index 3e94b98..cfaa6a2 100644 +--- a/src/dir.c ++++ b/src/dir.c +@@ -1331,10 +1331,9 @@ local_stat (const char *path, struct stat *buf) + + /* Similarly for lstat. */ + #if !defined(lstat) && !defined(WINDOWS32) || defined(VMS) +-# ifndef VMS +-# ifndef HAVE_SYS_STAT_H ++// mes-libc implements but does not declare lstat ++# if (!defined(VMS) && !defined(HAVE_SYS_STAT_H)) || defined(__TINYC__) + int lstat (const char *path, struct stat *sbuf); +-# endif + # else + /* We are done with the fake lstat. Go back to the real lstat */ + # ifdef lstat +diff --git a/src/job.c b/src/job.c +index ea88561..8388a82 100644 +--- a/src/job.c ++++ b/src/job.c +@@ -2052,7 +2052,8 @@ job_next_command (struct child *child) + static int + load_too_high (void) + { +-#if defined(__MSDOS__) || defined(VMS) || defined(_AMIGA) || defined(__riscos__) ++// mes-libc does not support getloadavg ++#if defined(__MSDOS__) || defined(VMS) || defined(_AMIGA) || defined(__riscos__) || defined (__TINYC__) + return 1; + #else + static double last_sec; +diff --git a/src/main.c b/src/main.c +index a9d3a64..664d40f 100644 +--- a/src/main.c ++++ b/src/main.c +@@ -2770,7 +2770,7 @@ main (int argc, char **argv, char **envp) + char *b = alloca (40); + sprintf (b, "MAKE_RESTARTS=%s%u", + OUTPUT_IS_TRACED () ? "-" : "", restarts); +- putenv (b); ++ // mes-libc does not support putenv + } + + fflush (stdout); +diff --git a/src/misc.c b/src/misc.c +index eb14f40..bffca82 100644 +--- a/src/misc.c ++++ b/src/misc.c +@@ -653,7 +653,8 @@ get_tmppath () + + # ifdef HAVE_MKTEMP + path = get_tmptemplate (); +- if (*mktemp (path) == '\0') ++ // tinycc: "src/misc.c:656: error: pointer expected" ++ if (!strcmp(mktemp (path), "")) + { + OSS (error, NILF, + _("cannot generate temp path from %s: %s"), path, strerror (errno)); diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gnumake/default.nix b/pkgs/os-specific/linux/minimal-bootstrap/gnumake/default.nix new file mode 100644 index 00000000000..0db52e28742 --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/gnumake/default.nix @@ -0,0 +1,190 @@ +{ lib +, runCommand +, fetchurl +, tinycc +, gnupatch +}: +let + pname = "gnumake"; + version = "4.4.1"; + + src = fetchurl { + url = "mirror://gnu/make/make-${version}.tar.gz"; + sha256 = "1cwgcmwdn7gqn5da2ia91gkyiqs9birr10sy5ykpkaxzcwfzn5nx"; + }; + + patches = [ + # Replaces /bin/sh with sh, see patch file for reasoning + ./0001-No-impure-bin-sh.patch + # Purity: don't look for library dependencies (of the form `-lfoo') in /lib + # and /usr/lib. It's a stupid feature anyway. Likewise, when searching for + # included Makefiles, don't look in /usr/include and friends. + ./0002-remove-impure-dirs.patch + # Fixes for tinycc. See comments in patch file for reasoning + ./0003-tinycc-support.patch + ]; + + CFLAGS = [ + "-I./src" + "-I./lib" + "-DHAVE_CONFIG_H" + "-DMAKE_MAINTAINER_MODE" + "-DLIBDIR=\\\"${placeholder "out"}/lib\\\"" + "-DLOCALEDIR=\\\"/fake-locale\\\"" + "-DPOSIX=1" + # mes-libc doesn't implement osync_* methods + "-DNO_OUTPUT_SYNC=1" + # mes-libc doesn't define O_TMPFILE + "-DO_TMPFILE=020000000" + ] ++ config; + + /* + Maintenance notes: + + Generated by + ./configure \ + --build i686-pc-linux-gnu \ + --host i686-pc-linux-gnu \ + CC="${tinycc-mes}/bin/tcc -static" \ + ac_cv_func_dup=no + - `ac_cv_func_dup` disabled as mes-libc doesn't implement tmpfile() + + The output src/config.h was then manually filtered, removing definitions that + didn't have uses in the source code + */ + config = [ + "-DFILE_TIMESTAMP_HI_RES=0" + "-DHAVE_ALLOCA" + "-DHAVE_ALLOCA_H" + "-DHAVE_ATEXIT" + "-DHAVE_DECL_BSD_SIGNAL=0" + "-DHAVE_DECL_GETLOADAVG=0" + "-DHAVE_DECL_SYS_SIGLIST=0" + "-DHAVE_DECL__SYS_SIGLIST=0" + "-DHAVE_DECL___SYS_SIGLIST=0" + "-DHAVE_DIRENT_H" + "-DHAVE_DUP2" + "-DHAVE_FCNTL_H" + "-DHAVE_FDOPEN" + "-DHAVE_GETCWD" + "-DHAVE_GETTIMEOFDAY" + "-DHAVE_INTTYPES_H" + "-DHAVE_ISATTY" + "-DHAVE_LIMITS_H" + "-DHAVE_LOCALE_H" + "-DHAVE_MEMORY_H" + "-DHAVE_MKTEMP" + "-DHAVE_SA_RESTART" + "-DHAVE_SETVBUF" + "-DHAVE_SIGACTION" + "-DHAVE_SIGSETMASK" + "-DHAVE_STDINT_H" + "-DHAVE_STDLIB_H" + "-DHAVE_STRDUP" + "-DHAVE_STRERROR" + "-DHAVE_STRINGS_H" + "-DHAVE_STRING_H" + "-DHAVE_STRTOLL" + "-DHAVE_SYS_FILE_H" + "-DHAVE_SYS_PARAM_H" + "-DHAVE_SYS_RESOURCE_H" + "-DHAVE_SYS_SELECT_H" + "-DHAVE_SYS_STAT_H" + "-DHAVE_SYS_TIMEB_H" + "-DHAVE_SYS_TIME_H" + "-DHAVE_SYS_WAIT_H" + "-DHAVE_TTYNAME" + "-DHAVE_UMASK" + "-DHAVE_UNISTD_H" + "-DHAVE_WAITPID" + "-DMAKE_JOBSERVER" + "-DMAKE_SYMLINKS" + "-DPATH_SEPARATOR_CHAR=':'" + "-DSCCS_GET=\\\"get\\\"" + "-DSTDC_HEADERS" + "-Dsig_atomic_t=int" + "-Dvfork=fork" + ]; + + # Maintenance note: list of source files derived from Basic.mk + make_SOURCES = [ + "src/ar.c" + "src/arscan.c" + "src/commands.c" + "src/default.c" + "src/dir.c" + "src/expand.c" + "src/file.c" + "src/function.c" + "src/getopt.c" + "src/getopt1.c" + "src/guile.c" + "src/hash.c" + "src/implicit.c" + "src/job.c" + "src/load.c" + "src/loadapi.c" + "src/main.c" + "src/misc.c" + "src/output.c" + "src/read.c" + "src/remake.c" + "src/rule.c" + "src/shuffle.c" + "src/signame.c" + "src/strcache.c" + "src/variable.c" + "src/version.c" + "src/vpath.c" + ]; + glob_SOURCES = [ "lib/fnmatch.c" "lib/glob.c" ]; + remote_SOURCES = [ "src/remote-stub.c" ]; + sources = make_SOURCES ++ glob_SOURCES ++ remote_SOURCES ++ [ + "src/posixos.c" + ]; + + objects = map (x: lib.replaceStrings [".c"] [".o"] (builtins.baseNameOf x)) sources; +in +runCommand "${pname}-${version}" { + inherit pname version; + + nativeBuildInputs = [ tinycc gnupatch ]; + + meta = with lib; { + description = "A tool to control the generation of non-source files from sources"; + homepage = "https://www.gnu.org/software/make"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ emilytrau ]; + mainProgram = "make"; + platforms = platforms.unix; + }; +} '' + # Unpack + ungz --file ${src} --output make.tar + untar --file make.tar + rm make.tar + cd make-${version} + + # Patch + ${lib.concatMapStringsSep "\n" (f: "patch -Np1 -i ${f}") patches} + + # Configure + catm src/config.h src/mkconfig.h src/mkcustom.h + cp lib/glob.in.h lib/glob.h + cp lib/fnmatch.in.h lib/fnmatch.h + + # Compile + alias CC="tcc ${lib.concatStringsSep " " CFLAGS}" + ${lib.concatMapStringsSep "\n" (f: "CC -c ${f}") sources} + + # Link + CC -static -o make ${lib.concatStringsSep " " objects} + + # Check + ./make --version + + # Install + mkdir -p ''${out}/bin + cp ./make ''${out}/bin + chmod 555 ''${out}/bin/make +'' diff --git a/pkgs/os-specific/linux/minimal-bootstrap/gnupatch/default.nix b/pkgs/os-specific/linux/minimal-bootstrap/gnupatch/default.nix new file mode 100644 index 00000000000..2a44f3805d4 --- /dev/null +++ b/pkgs/os-specific/linux/minimal-bootstrap/gnupatch/default.nix @@ -0,0 +1,107 @@ +{ lib +, runCommand +, fetchurl +, tinycc +}: +let + pname = "gnupatch"; + # 2.6.x and later use features not implemented in mes-libc (eg. quotearg.h) + version = "2.5.9"; + + src = fetchurl { + url = "mirror://gnu/patch/patch-${version}.tar.gz"; + sha256 = "12nv7jx3gxfp50y11nxzlnmqqrpicjggw6pcsq0wyavkkm3cddgc"; + }; + + # Thanks to the live-bootstrap project! + # https://github.com/fosslinux/live-bootstrap/blob/1bc4296091c51f53a5598050c8956d16e945b0f5/sysa/patch-2.5.9/mk/main.mk + CFLAGS = [ + "-I." + "-DHAVE_DECL_GETENV" + "-DHAVE_DECL_MALLOC" + "-DHAVE_DIRENT_H" + "-DHAVE_LIMITS_H" + "-DHAVE_GETEUID" + "-DHAVE_MKTEMP" + "-DPACKAGE_BUGREPORT=" + "-Ded_PROGRAM=\\\"/nullop\\\"" + "-Dmbstate_t=int" # When HAVE_MBRTOWC is not enabled uses of mbstate_t are always a no-op + "-DRETSIGTYPE=int" + "-DHAVE_MKDIR" + "-DHAVE_RMDIR" + "-DHAVE_FCNTL_H" + "-DPACKAGE_NAME=\\\"patch\\\"" + "-DPACKAGE_VERSION=\\\"${version}\\\"" + "-DHAVE_MALLOC" + "-DHAVE_REALLOC" + "-DSTDC_HEADERS" + "-DHAVE_STRING_H" + "-DHAVE_STDLIB_H" + ]; + + # Maintenance note: List of sources from Makefile.in + SRCS = [ + "addext.c" + "argmatch.c" + "backupfile.c" + "basename.c" + "dirname.c" + "getopt.c" + "getopt1.c" + "inp.c" + "maketime.c" + "partime.c" + "patch.c" + "pch.c" + "quote.c" + "quotearg.c" + "quotesys.c" + "util.c" + "version.c" + "xmalloc.c" + ]; + sources = SRCS ++ [ + # mes-libc doesn't implement `error()` + "error.c" + ]; + + objects = map (x: lib.replaceStrings [".c"] [".o"] (builtins.baseNameOf x)) sources; +in +runCommand "${pname}-${version}" { + inherit pname version; + + nativeBuildInputs = [ tinycc ]; + + meta = with lib; { + description = "GNU Patch, a program to apply differences to files"; + homepage = "https://www.gnu.org/software/patch"; + license = licenses.gpl3Plus; + maintainers = with maintainers; [ emilytrau ]; + mainProgram = "patch"; + platforms = platforms.unix; + }; +} '' + # Unpack + ungz --file ${src} --output patch.tar + untar --file patch.tar + rm patch.tar + cd patch-${version} + + # Configure + catm config.h + + # Build + alias CC="tcc ${lib.concatStringsSep " " CFLAGS}" + ${lib.concatMapStringsSep "\n" (f: "CC -c ${f}") sources} + + # Link + CC -static -o patch ${lib.concatStringsSep " " objects} + + # Check + ./patch --version + + # Install + mkdir -p ''${out}/bin + cp ./patch ''${out}/bin + chmod 555 ''${out}/bin/patch +'' diff --git a/pkgs/servers/http/couchdb/3.nix b/pkgs/servers/http/couchdb/3.nix index 17130c422bb..3ce5272c1d9 100644 --- a/pkgs/servers/http/couchdb/3.nix +++ b/pkgs/servers/http/couchdb/3.nix @@ -1,31 +1,55 @@ -{ lib, stdenv, fetchurl, erlang, icu, openssl, spidermonkey_91 -, coreutils, bash, python3, nixosTests }: +{ lib +, stdenv +, fetchurl +, erlang +, icu +, openssl +, spidermonkey_91 +, python3 +, nixosTests +}: stdenv.mkDerivation rec { pname = "couchdb"; - version = "3.3.1"; + version = "3.3.2"; src = fetchurl { url = "mirror://apache/couchdb/source/${version}/apache-${pname}-${version}.tar.gz"; - sha256 = "sha256-m4nXtU9+9StCvVGmoKLTsbBszjld8smdjx9H+TVeK+4="; + hash = "sha256-PWgj1C0Qzw1PhsnE/lnJkyyJ1oV4/LbEtCeNx2kwjao="; }; - nativeBuildInputs = [ - erlang - ]; - buildInputs = [ icu openssl spidermonkey_91 (python3.withPackages(ps: with ps; [ requests ]))]; postPatch = '' substituteInPlace src/couch/rebar.config.script --replace '/usr/include/mozjs-91' "${spidermonkey_91.dev}/include/mozjs-91" + substituteInPlace configure --replace '/usr/include/''${SM_HEADERS}' "${spidermonkey_91.dev}/include/mozjs-91" patchShebangs bin/rebar ''; + nativeBuildInputs = [ + erlang + ]; + + buildInputs = [ + icu + openssl + spidermonkey_91 + (python3.withPackages(ps: with ps; [ requests ])) + ]; + dontAddPrefix= "True"; - configureFlags = ["--spidermonkey-version=91"]; - buildFlags = ["release"]; + + configureFlags = [ + "--spidermonkey-version=91" + ]; + + buildFlags = [ + "release" + ]; installPhase = '' + runHook preInstall mkdir -p $out cp -r rel/couchdb/* $out + runHook postInstall ''; passthru.tests = { diff --git a/pkgs/servers/ldap/lldap/default.nix b/pkgs/servers/ldap/lldap/default.nix index 50249e9dbe4..c4c6e1cc438 100644 --- a/pkgs/servers/ldap/lldap/default.nix +++ b/pkgs/servers/ldap/lldap/default.nix @@ -1,68 +1,115 @@ -{ fetchFromGitHub +{ binaryen +, fetchFromGitHub +, fetchpatch , fetchzip , lib , lldap , nixosTests , rustPlatform +, stdenv +, wasm-bindgen-cli +, wasm-pack +, which }: let - # We cannot build the wasm frontend from source, as the - # wasm32-unknown-unknown rustc target isn't available in nixpkgs yet. - # Tracking issue: https://github.com/NixOS/nixpkgs/issues/89426 - frontend = fetchzip { - url = "https://github.com/lldap/lldap/releases/download/v${lldap.version}/amd64-lldap.tar.gz"; - hash = "sha256-/Ml4L5Gxpnmt1pLSiLNuxtzQYjTCatsVe/hE+Btl8BI="; - name = "lldap-frontend-${lldap.version}"; - postFetch = '' - mv $out $TMPDIR/extracted - mv $TMPDIR/extracted/app $out + + # version of wasm-opt, with https://github.com/rustwasm/wasm-pack/pull/1257 backported + wasm-pack-git = wasm-pack.overrideAttrs (oldAttrs: { + version = oldAttrs.version + "-git"; + patches = [(fetchpatch { + url = "https://patch-diff.githubusercontent.com/raw/rustwasm/wasm-pack/pull/1257.patch"; + sha256 = "sha256-npi9ewh0NaD67crTcje9AYxaLLOJOMzqjqEJXZF2LbQ="; + })]; + }); + + # replace with upstream wasm rustc, after resolution of + # https://github.com/NixOS/nixpkgs/issues/89426 + rustc-wasm = (rustPlatform.rust.rustc.override { + stdenv = stdenv.override { + targetPlatform = stdenv.targetPlatform // { + parsed = { + cpu.name = "wasm32"; + vendor.name = "unknown"; + kernel.name = "unknown"; + abi.name = "unknown"; + }; + }; + }; + }).overrideAttrs (attrs: { + configureFlags = attrs.configureFlags ++ ["--set=build.docs=false"]; + }); + + commonDerivationAttrs = rec { + pname = "lldap"; + version = "0.4.3"; + + src = fetchFromGitHub { + owner = "lldap"; + repo = "lldap"; + rev = "v${version}"; + hash = "sha256-FAUTykFh2eGVpx6LrCjV9xWbBPH8pCgAJv3vOXFMFZ4="; + }; + + postPatch = '' + ln -s --force ${./Cargo.lock} Cargo.lock ''; - }; -in -rustPlatform.buildRustPackage rec { - pname = "lldap"; - version = "0.4.3"; - - src = fetchFromGitHub { - owner = "lldap"; - repo = "lldap"; - rev = "v${version}"; - hash = "sha256-FAUTykFh2eGVpx6LrCjV9xWbBPH8pCgAJv3vOXFMFZ4="; - }; - # `Cargo.lock` has git dependencies, meaning can't use `cargoHash` - cargoLock = { - # 0.4.3 has been tagged before the actual Cargo.lock bump, resulting in an inconsitent lock file. - # To work around this, the Cargo.lock below is from the commit right after the tag: - # https://github.com/lldap/lldap/commit/7b4188a376baabda48d88fdca3a10756da48adda - lockFile = ./Cargo.lock; - outputHashes = { - "lber-0.4.1" = "sha256-2rGTpg8puIAXggX9rEbXPdirfetNOHWfFc80xqzPMT4="; - "opaque-ke-0.6.1" = "sha256-99gaDv7eIcYChmvOKQ4yXuaGVzo2Q6BcgSQOzsLF+fM="; - "yew_form-0.1.8" = "sha256-1n9C7NiFfTjbmc9B5bDEnz7ZpYJo9ZT8/dioRXJ65hc="; + # `Cargo.lock` has git dependencies, meaning can't use `cargoHash` + cargoLock = { + # 0.4.3 has been tagged before the actual Cargo.lock bump, resulting in an inconsitent lock file. + # To work around this, the Cargo.lock below is from the commit right after the tag: + # https://github.com/lldap/lldap/commit/7b4188a376baabda48d88fdca3a10756da48adda + lockFile = ./Cargo.lock; + outputHashes = { + "lber-0.4.1" = "sha256-2rGTpg8puIAXggX9rEbXPdirfetNOHWfFc80xqzPMT4="; + "opaque-ke-0.6.1" = "sha256-99gaDv7eIcYChmvOKQ4yXuaGVzo2Q6BcgSQOzsLF+fM="; + "yew_form-0.1.8" = "sha256-1n9C7NiFfTjbmc9B5bDEnz7ZpYJo9ZT8/dioRXJ65hc="; + }; }; }; + frontend = rustPlatform.buildRustPackage (commonDerivationAttrs // { + pname = commonDerivationAttrs.pname + "-frontend"; + + nativeBuildInputs = [ + wasm-pack-git wasm-bindgen-cli binaryen which rustc-wasm rustc-wasm.llvmPackages.lld + ]; + + buildPhase = '' + HOME=`pwd` RUSTFLAGS="-C linker=lld" ./app/build.sh + ''; + + installPhase = '' + mkdir -p $out + cp -R app/{index.html,pkg,static} $out/ + ''; + + doCheck = false; + }); + +in rustPlatform.buildRustPackage (commonDerivationAttrs // { patches = [ ./static-frontend-path.patch ]; - postPatch = '' - ln -s --force ${./Cargo.lock} Cargo.lock + postPatch = commonDerivationAttrs.postPatch + '' substituteInPlace server/src/infra/tcp_server.rs --subst-var-by frontend '${frontend}' ''; - passthru.tests = { - inherit (nixosTests) lldap; + passthru = { + inherit frontend; + tests = { + inherit (nixosTests) lldap; + }; }; meta = with lib; { description = "A lightweight authentication server that provides an opinionated, simplified LDAP interface for authentication"; homepage = "https://github.com/lldap/lldap"; - changelog = "https://github.com/lldap/lldap/blob/v${version}/CHANGELOG.md"; + changelog = "https://github.com/lldap/lldap/blob/v${lldap.version}/CHANGELOG.md"; license = licenses.gpl3Only; platforms = platforms.linux; - maintainers = with maintainers; [ indeednotjames ]; + maintainers = with maintainers; [ indeednotjames bendlas ]; }; -} +}) diff --git a/pkgs/servers/tailscale/default.nix b/pkgs/servers/tailscale/default.nix index fce7a5ad3e7..77727c3ad34 100644 --- a/pkgs/servers/tailscale/default.nix +++ b/pkgs/servers/tailscale/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "tailscale"; - version = "1.40.0"; + version = "1.40.1"; src = fetchFromGitHub { owner = "tailscale"; repo = "tailscale"; rev = "v${version}"; - hash = "sha256-iPf3ams613VHPesbxoBaaw9eav5p781+wEmbJ+15yfY="; + hash = "sha256-OCKWr62peDrh6zQVAS2iPPzgB1uZb1Fev23szvNNPkE="; }; vendorHash = "sha256-lirn07XE3JOS6oiwZBMwxzywkbXHowOJUMWWLrZtccY="; diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index 384d3a2377d..ec4af806469 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -236,6 +236,7 @@ mapAliases ({ clang13Stdenv = lowPrio llvmPackages_13.stdenv; clang14Stdenv = lowPrio llvmPackages_14.stdenv; clang15Stdenv = lowPrio llvmPackages_15.stdenv; + clang16Stdenv = lowPrio llvmPackages_16.stdenv; clangAnalyzer = throw "'clangAnalyzer' has been renamed to/replaced by 'clang-analyzer'"; # Converted to throw 2022-02-22 clasp = clingo; # added 2022-12-22 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 5849923c62b..0d6e0769785 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -31688,6 +31688,8 @@ with pkgs; kubecfg = callPackage ../applications/networking/cluster/kubecfg { }; + kubefirst = callPackage ../applications/networking/cluster/kubefirst { }; + kube-score = callPackage ../applications/networking/cluster/kube-score { }; kubectl-evict-pod = callPackage ../applications/networking/cluster/kubectl-evict-pod { @@ -39508,6 +39510,8 @@ with pkgs; terragrunt = callPackage ../applications/networking/cluster/terragrunt { }; + tfautomv = callPackage ../applications/networking/cluster/tfautomv { }; + terranix = callPackage ../applications/networking/cluster/terranix { }; terraspace = callPackage ../applications/networking/cluster/terraspace { }; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index a5466c5504e..f331d198332 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -873,6 +873,8 @@ self: super: with self; { aws-sam-translator = callPackage ../development/python-modules/aws-sam-translator { }; + aws-secretsmanager-caching = callPackage ../development/python-modules/aws-secretsmanager-caching { }; + aws-xray-sdk = callPackage ../development/python-modules/aws-xray-sdk { }; awscrt = callPackage ../development/python-modules/awscrt { |