diff options
576 files changed, 3150 insertions, 1525 deletions
diff --git a/lib/deprecated.nix b/lib/deprecated.nix index ddce69f160c..ed14e04bbd6 100644 --- a/lib/deprecated.nix +++ b/lib/deprecated.nix @@ -157,7 +157,36 @@ rec { } ); - closePropagation = list: (uniqList {inputList = (innerClosePropagation [] list);}); + closePropagationSlow = list: (uniqList {inputList = (innerClosePropagation [] list);}); + + # This is an optimisation of lib.closePropagation which avoids the O(n^2) behavior + # Using a list of derivations, it generates the full closure of the propagatedXXXBuildInputs + # The ordering / sorting / comparison is done based on the `outPath` + # attribute of each derivation. + # On some benchmarks, it performs up to 15 times faster than lib.closePropagation. + # See https://github.com/NixOS/nixpkgs/pull/194391 for details. + closePropagationFast = list: + builtins.map (x: x.val) (builtins.genericClosure { + startSet = builtins.map (x: { + key = x.outPath; + val = x; + }) (builtins.filter (x: x != null) list); + operator = item: + if !builtins.isAttrs item.val then + [ ] + else + builtins.concatMap (x: + if x != null then [{ + key = x.outPath; + val = x; + }] else + [ ]) ((item.val.propagatedBuildInputs or [ ]) + ++ (item.val.propagatedNativeBuildInputs or [ ])); + }); + + closePropagation = if builtins ? genericClosure + then closePropagationFast + else closePropagationSlow; # calls a function (f attr value ) for each record item. returns a list mapAttrsFlatten = f: r: map (attr: f attr r.${attr}) (attrNames r); diff --git a/lib/generators.nix b/lib/generators.nix index 28b2e39bf64..b77cca75010 100644 --- a/lib/generators.nix +++ b/lib/generators.nix @@ -378,7 +378,7 @@ rec { attr = let attrFilter = name: value: name != "_module" && value != null; in ind: x: libStr.concatStringsSep "\n" (lib.flatten (lib.mapAttrsToList - (name: value: lib.optional (attrFilter name value) [ + (name: value: lib.optionals (attrFilter name value) [ (key "\t${ind}" name) (expr "\t${ind}" value) ]) x)); diff --git a/nixos/doc/manual/administration/declarative-containers.section.md b/nixos/doc/manual/administration/declarative-containers.section.md index 00fd244bb91..eaa50d3c663 100644 --- a/nixos/doc/manual/administration/declarative-containers.section.md +++ b/nixos/doc/manual/administration/declarative-containers.section.md @@ -9,7 +9,7 @@ containers.database = { config = { config, pkgs, ... }: { services.postgresql.enable = true; - services.postgresql.package = pkgs.postgresql_10; + services.postgresql.package = pkgs.postgresql_14; }; }; ``` diff --git a/nixos/doc/manual/configuration/config-file.section.md b/nixos/doc/manual/configuration/config-file.section.md index f21ba113bf8..efd231fd1f4 100644 --- a/nixos/doc/manual/configuration/config-file.section.md +++ b/nixos/doc/manual/configuration/config-file.section.md @@ -166,7 +166,7 @@ Packages pkgs.emacs ]; - services.postgresql.package = pkgs.postgresql_10; + services.postgresql.package = pkgs.postgresql_14; ``` The latter option definition changes the default PostgreSQL package diff --git a/nixos/doc/manual/from_md/administration/declarative-containers.section.xml b/nixos/doc/manual/from_md/administration/declarative-containers.section.xml index b8179dca1f8..4831c9c74e8 100644 --- a/nixos/doc/manual/from_md/administration/declarative-containers.section.xml +++ b/nixos/doc/manual/from_md/administration/declarative-containers.section.xml @@ -11,7 +11,7 @@ containers.database = { config = { config, pkgs, ... }: { services.postgresql.enable = true; - services.postgresql.package = pkgs.postgresql_10; + services.postgresql.package = pkgs.postgresql_14; }; }; </programlisting> diff --git a/nixos/doc/manual/from_md/configuration/config-file.section.xml b/nixos/doc/manual/from_md/configuration/config-file.section.xml index 952c6e60030..9792116eb08 100644 --- a/nixos/doc/manual/from_md/configuration/config-file.section.xml +++ b/nixos/doc/manual/from_md/configuration/config-file.section.xml @@ -217,7 +217,7 @@ environment.systemPackages = pkgs.emacs ]; -services.postgresql.package = pkgs.postgresql_10; +services.postgresql.package = pkgs.postgresql_14; </programlisting> <para> The latter option definition changes the default PostgreSQL diff --git a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml index f0cd6e93329..8fbe6f7c37b 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml @@ -157,6 +157,15 @@ </listitem> <listitem> <para> + Improved performances of + <literal>lib.closePropagation</literal> which was previously + quadratic. This is used in e.g. + <literal>ghcWithPackages</literal>. Please see backward + incompatibilities notes below. + </para> + </listitem> + <listitem> + <para> Cinnamon has been updated to 5.4. While at it, the cinnamon module now defaults to blueman as bluetooth manager and slick-greeter as lightdm greeter to match upstream. @@ -507,6 +516,16 @@ </listitem> <listitem> <para> + <literal>openssh</literal> was updated to version 9.1, + disabling the generation of DSA keys when using + <literal>ssh-keygen -A</literal> as they are insecure. Also, + <literal>SetEnv</literal> directives in + <literal>ssh_config</literal> and + <literal>sshd_config</literal> are now first-match-wins + </para> + </listitem> + <listitem> + <para> <literal>bsp-layout</literal> no longer uses the command <literal>cycle</literal> to switch to other window layouts, as it got replaced by the commands <literal>previous</literal> @@ -613,6 +632,12 @@ </listitem> <listitem> <para> + <literal>lib.closePropagation</literal> now needs that all + gathered sets have an <literal>outPath</literal> attribute. + </para> + </listitem> + <listitem> + <para> lemmy module option <literal>services.lemmy.settings.database.createLocally</literal> moved to diff --git a/nixos/doc/manual/release-notes/rl-2211.section.md b/nixos/doc/manual/release-notes/rl-2211.section.md index 93faf15f9d1..2570167e00a 100644 --- a/nixos/doc/manual/release-notes/rl-2211.section.md +++ b/nixos/doc/manual/release-notes/rl-2211.section.md @@ -65,6 +65,8 @@ In addition to numerous new and upgraded packages, this release has the followin - Perl has been updated to 5.36, and its core module `HTTP::Tiny` was patched to verify SSL/TLS certificates by default. +- Improved performances of `lib.closePropagation` which was previously quadratic. This is used in e.g. `ghcWithPackages`. Please see backward incompatibilities notes below. + - Cinnamon has been updated to 5.4. While at it, the cinnamon module now defaults to blueman as bluetooth manager and slick-greeter as lightdm greeter to match upstream. @@ -172,6 +174,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable). - The `fetchgit` fetcher now uses [cone mode](https://www.git-scm.com/docs/git-sparse-checkout/2.37.0#_internalscone_mode_handling) by default for sparse checkouts. [Non-cone mode](https://www.git-scm.com/docs/git-sparse-checkout/2.37.0#_internalsnon_cone_problems) can be enabled by passing `nonConeMode = true`, but note that non-cone mode is deprecated and this option may be removed alongside a future Git update without notice. +- `openssh` was updated to version 9.1, disabling the generation of DSA keys when using `ssh-keygen -A` as they are insecure. Also, `SetEnv` directives in `ssh_config` and `sshd_config` are now first-match-wins + - `bsp-layout` no longer uses the command `cycle` to switch to other window layouts, as it got replaced by the commands `previous` and `next`. - The Barco ClickShare driver/client package `pkgs.clickshare-csc1` and the option `programs.clickshare-csc1.enable` have been removed, @@ -205,6 +209,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable). - `teleport` has been upgraded to major version 10. Please see upstream [upgrade instructions](https://goteleport.com/docs/ver/10.0/management/operations/upgrading/) and [release notes](https://goteleport.com/docs/ver/10.0/changelog/#1000). +- `lib.closePropagation` now needs that all gathered sets have an `outPath` attribute. + - lemmy module option `services.lemmy.settings.database.createLocally` moved to `services.lemmy.database.createLocally`. diff --git a/nixos/lib/make-options-doc/default.nix b/nixos/lib/make-options-doc/default.nix index 6a1bb868c20..9a75956b0d6 100644 --- a/nixos/lib/make-options-doc/default.nix +++ b/nixos/lib/make-options-doc/default.nix @@ -122,7 +122,7 @@ in rec { optionsJSON = pkgs.runCommand "options.json" { meta.description = "List of NixOS options in JSON format"; - buildInputs = [ + nativeBuildInputs = [ pkgs.brotli (let self = (pkgs.python3Minimal.override { diff --git a/nixos/modules/config/users-groups.nix b/nixos/modules/config/users-groups.nix index dae2fde0b4e..b538a0119c0 100644 --- a/nixos/modules/config/users-groups.nix +++ b/nixos/modules/config/users-groups.nix @@ -697,7 +697,7 @@ in { value = "[a-zA-Z0-9/+.-]+"; options = "${id}(=${value})?(,${id}=${value})*"; scheme = "${id}(${sep}${options})?"; - content = "${base64}${sep}${base64}"; + content = "${base64}${sep}${base64}(${sep}${base64})?"; mcf = "^${sep}${scheme}${sep}${content}$"; in if (allowsLogin user.hashedPassword diff --git a/nixos/modules/hardware/video/nvidia.nix b/nixos/modules/hardware/video/nvidia.nix index 25cab061197..cee230ac41c 100644 --- a/nixos/modules/hardware/video/nvidia.nix +++ b/nixos/modules/hardware/video/nvidia.nix @@ -261,7 +261,7 @@ in in optional primeEnabled { name = igpuDriver; display = offloadCfg.enable; - modules = optional (igpuDriver == "amdgpu") [ pkgs.xorg.xf86videoamdgpu ]; + modules = optionals (igpuDriver == "amdgpu") [ pkgs.xorg.xf86videoamdgpu ]; deviceSection = '' BusID "${igpuBusId}" ${optionalString (syncCfg.enable && igpuDriver != "amdgpu") ''Option "AccelMethod" "none"''} diff --git a/nixos/modules/services/desktops/pipewire/daemon/filter-chain.conf.json b/nixos/modules/services/desktops/pipewire/daemon/filter-chain.conf.json new file mode 100644 index 00000000000..689fca88359 --- /dev/null +++ b/nixos/modules/services/desktops/pipewire/daemon/filter-chain.conf.json @@ -0,0 +1,28 @@ +{ + "context.properties": { + "log.level": 0 + }, + "context.spa-libs": { + "audio.convert.*": "audioconvert/libspa-audioconvert", + "support.*": "support/libspa-support" + }, + "context.modules": [ + { + "name": "libpipewire-module-rt", + "args": {}, + "flags": [ + "ifexists", + "nofail" + ] + }, + { + "name": "libpipewire-module-protocol-native" + }, + { + "name": "libpipewire-module-client-node" + }, + { + "name": "libpipewire-module-adapter" + } + ] +} diff --git a/nixos/modules/services/desktops/pipewire/daemon/pipewire-avb.conf.json b/nixos/modules/services/desktops/pipewire/daemon/pipewire-avb.conf.json new file mode 100644 index 00000000000..4f669895d87 --- /dev/null +++ b/nixos/modules/services/desktops/pipewire/daemon/pipewire-avb.conf.json @@ -0,0 +1,38 @@ +{ + "context.properties": {}, + "context.spa-libs": { + "audio.convert.*": "audioconvert/libspa-audioconvert", + "support.*": "support/libspa-support" + }, + "context.modules": [ + { + "name": "libpipewire-module-rt", + "args": { + "nice.level": -11 + }, + "flags": [ + "ifexists", + "nofail" + ] + }, + { + "name": "libpipewire-module-protocol-native" + }, + { + "name": "libpipewire-module-client-node" + }, + { + "name": "libpipewire-module-adapter" + }, + { + "name": "libpipewire-module-avb", + "args": {} + } + ], + "context.exec": [], + "stream.properties": {}, + "avb.properties": { + "ifname": "enp3s0", + "vm.overrides": {} + } +} diff --git a/nixos/modules/services/misc/ethminer.nix b/nixos/modules/services/misc/ethminer.nix index 909c49866e5..c9b2e24b8bf 100644 --- a/nixos/modules/services/misc/ethminer.nix +++ b/nixos/modules/services/misc/ethminer.nix @@ -85,7 +85,7 @@ in config = mkIf cfg.enable { systemd.services.ethminer = { - path = optional (cfg.toolkit == "cuda") [ pkgs.cudaPackages.cudatoolkit ]; + path = optionals (cfg.toolkit == "cuda") [ pkgs.cudaPackages.cudatoolkit ]; description = "ethminer ethereum mining service"; wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; diff --git a/nixos/modules/services/misc/podgrab.nix b/nixos/modules/services/misc/podgrab.nix index 10c7bc96b8f..c0a12471850 100644 --- a/nixos/modules/services/misc/podgrab.nix +++ b/nixos/modules/services/misc/podgrab.nix @@ -36,7 +36,7 @@ in }; serviceConfig = { DynamicUser = true; - EnvironmentFile = lib.optional (cfg.passwordFile != null) [ + EnvironmentFile = lib.optionals (cfg.passwordFile != null) [ cfg.passwordFile ]; ExecStart = "${pkgs.podgrab}/bin/podgrab"; diff --git a/nixos/modules/services/networking/hostapd.nix b/nixos/modules/services/networking/hostapd.nix index ec1a7a58b1e..63bb44256dd 100644 --- a/nixos/modules/services/networking/hostapd.nix +++ b/nixos/modules/services/networking/hostapd.nix @@ -199,7 +199,7 @@ in environment.systemPackages = [ pkgs.hostapd ]; - services.udev.packages = optional (cfg.countryCode != null) [ pkgs.crda ]; + services.udev.packages = optionals (cfg.countryCode != null) [ pkgs.crda ]; systemd.services.hostapd = { description = "hostapd wireless AP"; diff --git a/nixos/modules/services/networking/ntp/chrony.nix b/nixos/modules/services/networking/ntp/chrony.nix index a89c7769152..7e3bb565d10 100644 --- a/nixos/modules/services/networking/ntp/chrony.nix +++ b/nixos/modules/services/networking/ntp/chrony.nix @@ -27,7 +27,7 @@ let ${cfg.extraConfig} ''; - chronyFlags = "-n -m -u chrony -f ${configFile} ${toString cfg.extraFlags}"; + chronyFlags = [ "-n" "-m" "-u" "chrony" "-f" "${configFile}" ] ++ cfg.extraFlags; in { options = { @@ -166,7 +166,7 @@ in unitConfig.ConditionCapability = "CAP_SYS_TIME"; serviceConfig = { Type = "simple"; - ExecStart = "${chronyPkg}/bin/chronyd ${chronyFlags}"; + ExecStart = "${chronyPkg}/bin/chronyd ${builtins.toString chronyFlags}"; ProtectHome = "yes"; ProtectSystem = "full"; diff --git a/nixos/modules/services/networking/ntp/ntpd.nix b/nixos/modules/services/networking/ntp/ntpd.nix index a9dae2c8667..036a8df635d 100644 --- a/nixos/modules/services/networking/ntp/ntpd.nix +++ b/nixos/modules/services/networking/ntp/ntpd.nix @@ -25,7 +25,7 @@ let ${cfg.extraConfig} ''; - ntpFlags = "-c ${configFile} -u ntp:ntp ${toString cfg.extraFlags}"; + ntpFlags = [ "-c" "${configFile}" "-u" "ntp:ntp" ] ++ cfg.extraFlags; in @@ -137,7 +137,7 @@ in ''; serviceConfig = { - ExecStart = "@${ntp}/bin/ntpd ntpd -g ${ntpFlags}"; + ExecStart = "@${ntp}/bin/ntpd ntpd -g ${builtins.toString ntpFlags}"; Type = "forking"; }; }; diff --git a/nixos/modules/services/security/tor.nix b/nixos/modules/services/security/tor.nix index 730802d92cf..b85b78f269a 100644 --- a/nixos/modules/services/security/tor.nix +++ b/nixos/modules/services/security/tor.nix @@ -816,13 +816,13 @@ in always create a container/VM with a separate Tor daemon instance. '' ++ flatten (mapAttrsToList (n: o: - optional (o.settings.HiddenServiceVersion == 2) [ + optionals (o.settings.HiddenServiceVersion == 2) [ (optional (o.settings.HiddenServiceExportCircuitID != null) '' HiddenServiceExportCircuitID is used in the HiddenService: ${n} but this option is only for v3 hidden services. '') ] ++ - optional (o.settings.HiddenServiceVersion != 2) [ + optionals (o.settings.HiddenServiceVersion != 2) [ (optional (o.settings.HiddenServiceAuthorizeClient != null) '' HiddenServiceAuthorizeClient is used in the HiddenService: ${n} but this option is only for v2 hidden services. diff --git a/nixos/modules/services/web-apps/netbox.nix b/nixos/modules/services/web-apps/netbox.nix index 2826e57f2c7..f09a8dfc5b2 100644 --- a/nixos/modules/services/web-apps/netbox.nix +++ b/nixos/modules/services/web-apps/netbox.nix @@ -46,7 +46,7 @@ let ''; })).override { plugins = ps: ((cfg.plugins ps) - ++ optional cfg.enableLdap [ ps.django-auth-ldap ]); + ++ optionals cfg.enableLdap [ ps.django-auth-ldap ]); }; netboxManageScript = with pkgs; (writeScriptBin "netbox-manage" '' #!${stdenv.shell} diff --git a/nixos/modules/system/boot/luksroot.nix b/nixos/modules/system/boot/luksroot.nix index 02b020b61eb..03d03cb348e 100644 --- a/nixos/modules/system/boot/luksroot.nix +++ b/nixos/modules/system/boot/luksroot.nix @@ -905,9 +905,11 @@ in { assertion = config.boot.initrd.systemd.enable -> !luks.gpgSupport; message = "systemd stage 1 does not support GPG smartcards yet."; } - # TODO { assertion = config.boot.initrd.systemd.enable -> !luks.fido2Support; - message = "systemd stage 1 does not support FIDO2 yet."; + message = '' + systemd stage 1 does not support configuring FIDO2 unlocking through `boot.initrd.luks.devices.<name>.fido2`. + Use systemd-cryptenroll(1) to configure FIDO2 support. + ''; } # TODO { assertion = config.boot.initrd.systemd.enable -> !luks.yubikeySupport; diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix index 8f2044a0985..d28e6ed0e27 100644 --- a/nixos/modules/system/boot/systemd.nix +++ b/nixos/modules/system/boot/systemd.nix @@ -151,6 +151,9 @@ let ] ++ optionals cfg.package.withHostnamed [ "dbus-org.freedesktop.hostname1.service" "systemd-hostnamed.service" + ] ++ optionals cfg.package.withPortabled [ + "dbus-org.freedesktop.portable1.service" + "systemd-portabled.service" ] ++ [ "systemd-exit.service" "systemd-update-done.service" diff --git a/nixos/modules/system/boot/systemd/initrd.nix b/nixos/modules/system/boot/systemd/initrd.nix index 03f94c426cb..31702499b0f 100644 --- a/nixos/modules/system/boot/systemd/initrd.nix +++ b/nixos/modules/system/boot/systemd/initrd.nix @@ -332,7 +332,10 @@ in { config = mkIf (config.boot.initrd.enable && cfg.enable) { system.build = { inherit initialRamdisk; }; - boot.initrd.availableKernelModules = [ "autofs4" ]; # systemd needs this for some features + boot.initrd.availableKernelModules = [ + "autofs4" # systemd needs this for some features + "tpm-tis" "tpm-crb" # systemd-cryptenroll + ]; boot.initrd.systemd = { initrdBin = [pkgs.bash pkgs.coreutils cfg.package.kmod cfg.package] ++ config.system.fsPackages; @@ -403,6 +406,17 @@ in { # so NSS can look up usernames "${pkgs.glibc}/lib/libnss_files.so.2" + ] ++ optionals cfg.package.withCryptsetup [ + # tpm2 support + "${cfg.package}/lib/cryptsetup/libcryptsetup-token-systemd-tpm2.so" + pkgs.tpm2-tss + + # fido2 support + "${cfg.package}/lib/cryptsetup/libcryptsetup-token-systemd-fido2.so" + "${pkgs.libfido2}/lib/libfido2.so.1" + + # the unwrapped systemd-cryptsetup executable + "${cfg.package}/lib/systemd/.systemd-cryptsetup-wrapped" ] ++ jobScripts; targets.initrd.aliases = ["default.target"]; diff --git a/nixos/modules/system/boot/systemd/logind.nix b/nixos/modules/system/boot/systemd/logind.nix index 59801603213..b0c927f19f9 100644 --- a/nixos/modules/system/boot/systemd/logind.nix +++ b/nixos/modules/system/boot/systemd/logind.nix @@ -82,6 +82,8 @@ in "dbus-org.freedesktop.import1.service" ] ++ optionals config.systemd.package.withMachined [ "dbus-org.freedesktop.machine1.service" + ] ++ optionals config.systemd.package.withPortabled [ + "dbus-org.freedesktop.portable1.service" ] ++ [ "dbus-org.freedesktop.login1.service" "user@.service" diff --git a/nixos/modules/system/boot/systemd/tmpfiles.nix b/nixos/modules/system/boot/systemd/tmpfiles.nix index e990e953b05..32b9b275d35 100644 --- a/nixos/modules/system/boot/systemd/tmpfiles.nix +++ b/nixos/modules/system/boot/systemd/tmpfiles.nix @@ -79,6 +79,7 @@ in ln -s "${systemd}/example/tmpfiles.d/home.conf" ln -s "${systemd}/example/tmpfiles.d/journal-nocow.conf" + ln -s "${systemd}/example/tmpfiles.d/portables.conf" ln -s "${systemd}/example/tmpfiles.d/static-nodes-permissions.conf" ln -s "${systemd}/example/tmpfiles.d/systemd.conf" ln -s "${systemd}/example/tmpfiles.d/systemd-nologin.conf" diff --git a/nixos/modules/virtualisation/nixos-containers.nix b/nixos/modules/virtualisation/nixos-containers.nix index 22be1d5bff9..6cb21913b21 100644 --- a/nixos/modules/virtualisation/nixos-containers.nix +++ b/nixos/modules/virtualisation/nixos-containers.nix @@ -720,7 +720,7 @@ in { config = { config, pkgs, ... }: { services.postgresql.enable = true; - services.postgresql.package = pkgs.postgresql_10; + services.postgresql.package = pkgs.postgresql_14; system.stateVersion = "21.05"; }; diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 91291d2bbfe..83c1779f265 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -600,8 +600,10 @@ in { systemd-cryptenroll = handleTest ./systemd-cryptenroll.nix {}; systemd-escaping = handleTest ./systemd-escaping.nix {}; systemd-initrd-btrfs-raid = handleTest ./systemd-initrd-btrfs-raid.nix {}; + systemd-initrd-luks-fido2 = handleTest ./systemd-initrd-luks-fido2.nix {}; systemd-initrd-luks-keyfile = handleTest ./systemd-initrd-luks-keyfile.nix {}; systemd-initrd-luks-password = handleTest ./systemd-initrd-luks-password.nix {}; + systemd-initrd-luks-tpm2 = handleTest ./systemd-initrd-luks-tpm2.nix {}; systemd-initrd-modprobe = handleTest ./systemd-initrd-modprobe.nix {}; systemd-initrd-shutdown = handleTest ./systemd-shutdown.nix { systemdStage1 = true; }; systemd-initrd-simple = handleTest ./systemd-initrd-simple.nix {}; @@ -613,8 +615,10 @@ in { systemd-networkd-dhcpserver-static-leases = handleTest ./systemd-networkd-dhcpserver-static-leases.nix {}; systemd-networkd-ipv6-prefix-delegation = handleTest ./systemd-networkd-ipv6-prefix-delegation.nix {}; systemd-networkd-vrf = handleTest ./systemd-networkd-vrf.nix {}; + systemd-no-tainted = handleTest ./systemd-no-tainted.nix {}; systemd-nspawn = handleTest ./systemd-nspawn.nix {}; systemd-oomd = handleTest ./systemd-oomd.nix {}; + systemd-portabled = handleTest ./systemd-portabled.nix {}; systemd-shutdown = handleTest ./systemd-shutdown.nix {}; systemd-timesyncd = handleTest ./systemd-timesyncd.nix {}; systemd-misc = handleTest ./systemd-misc.nix {}; diff --git a/nixos/tests/installed-tests/default.nix b/nixos/tests/installed-tests/default.nix index 2e38cd389c7..78a6325a245 100644 --- a/nixos/tests/installed-tests/default.nix +++ b/nixos/tests/installed-tests/default.nix @@ -28,7 +28,7 @@ let , withX11 ? false # Extra flags to pass to gnome-desktop-testing-runner. - , testRunnerFlags ? "" + , testRunnerFlags ? [] # Extra attributes to pass to makeTest. # They will be recursively merged into the attrset created by this function. @@ -67,7 +67,7 @@ let '' + '' machine.succeed( - "gnome-desktop-testing-runner ${testRunnerFlags} -d '${tested.installedTests}/share'" + "gnome-desktop-testing-runner ${escapeShellArgs testRunnerFlags} -d '${tested.installedTests}/share'" ) ''; } diff --git a/nixos/tests/installed-tests/flatpak-builder.nix b/nixos/tests/installed-tests/flatpak-builder.nix index 41f4060fb69..d5e04fcf975 100644 --- a/nixos/tests/installed-tests/flatpak-builder.nix +++ b/nixos/tests/installed-tests/flatpak-builder.nix @@ -11,5 +11,5 @@ makeInstalledTest { virtualisation.diskSize = 2048; }; - testRunnerFlags = "--timeout 3600"; + testRunnerFlags = [ "--timeout" "3600" ]; } diff --git a/nixos/tests/installed-tests/flatpak.nix b/nixos/tests/installed-tests/flatpak.nix index c7fe9cf4588..9524d890c40 100644 --- a/nixos/tests/installed-tests/flatpak.nix +++ b/nixos/tests/installed-tests/flatpak.nix @@ -13,5 +13,5 @@ makeInstalledTest { virtualisation.diskSize = 3072; }; - testRunnerFlags = "--timeout 3600"; + testRunnerFlags = [ "--timeout" "3600" ]; } diff --git a/nixos/tests/installed-tests/gdk-pixbuf.nix b/nixos/tests/installed-tests/gdk-pixbuf.nix index 3d0011a427a..110efdbf710 100644 --- a/nixos/tests/installed-tests/gdk-pixbuf.nix +++ b/nixos/tests/installed-tests/gdk-pixbuf.nix @@ -9,5 +9,5 @@ makeInstalledTest { virtualisation.memorySize = if pkgs.stdenv.isi686 then 2047 else 4096; }; - testRunnerFlags = "--timeout 1800"; + testRunnerFlags = [ "--timeout" "1800" ]; } diff --git a/nixos/tests/k3s/multi-node.nix b/nixos/tests/k3s/multi-node.nix index ce7e4b6ead1..2a3aa22b96b 100644 --- a/nixos/tests/k3s/multi-node.nix +++ b/nixos/tests/k3s/multi-node.nix @@ -54,15 +54,15 @@ import ../make-test-python.nix ({ pkgs, lib, ... }: role = "server"; package = pkgs.k3s; clusterInit = true; - extraFlags = '' - --disable coredns \ - --disable local-storage \ - --disable metrics-server \ - --disable servicelb \ - --disable traefik \ - --node-ip 192.168.1.1 \ - --pause-image test.local/pause:local - ''; + extraFlags = builtins.toString [ + "--disable" "coredns" + "--disable" "local-storage" + "--disable" "metrics-server" + "--disable" "servicelb" + "--disable" "traefik" + "--node-ip" "192.168.1.1" + "--pause-image" "test.local/pause:local" + ]; }; networking.firewall.allowedTCPPorts = [ 2379 2380 6443 ]; networking.firewall.allowedUDPPorts = [ 8472 ]; @@ -84,15 +84,15 @@ import ../make-test-python.nix ({ pkgs, lib, ... }: enable = true; serverAddr = "https://192.168.1.1:6443"; clusterInit = false; - extraFlags = '' - --disable coredns \ - --disable local-storage \ - --disable metrics-server \ - --disable servicelb \ - --disable traefik \ - --node-ip 192.168.1.3 \ - --pause-image test.local/pause:local - ''; + extraFlags = builtins.toString [ + "--disable" "coredns" + "--disable" "local-storage" + "--disable" "metrics-server" + "--disable" "servicelb" + "--disable" "traefik" + "--node-ip" "192.168.1.3" + "--pause-image" "test.local/pause:local" + ]; }; networking.firewall.allowedTCPPorts = [ 2379 2380 6443 ]; networking.firewall.allowedUDPPorts = [ 8472 ]; @@ -112,7 +112,10 @@ import ../make-test-python.nix ({ pkgs, lib, ... }: enable = true; role = "agent"; serverAddr = "https://192.168.1.3:6443"; - extraFlags = "--pause-image test.local/pause:local --node-ip 192.168.1.2"; + extraFlags = lib.toString [ + "--pause-image" "test.local/pause:local" + "--node-ip" "192.168.1.2" + ]; }; networking.firewall.allowedTCPPorts = [ 6443 ]; networking.firewall.allowedUDPPorts = [ 8472 ]; diff --git a/nixos/tests/k3s/single-node.nix b/nixos/tests/k3s/single-node.nix index ab562500f5d..a95fa4a031e 100644 --- a/nixos/tests/k3s/single-node.nix +++ b/nixos/tests/k3s/single-node.nix @@ -40,15 +40,14 @@ import ../make-test-python.nix ({ pkgs, lib, ... }: services.k3s.role = "server"; services.k3s.package = pkgs.k3s; # Slightly reduce resource usage - services.k3s.extraFlags = '' - --disable coredns \ - --disable local-storage \ - --disable metrics-server \ - --disable servicelb \ - --disable traefik \ - --pause-image \ - test.local/pause:local - ''; + services.k3s.extraFlags = builtins.toString [ + "--disable" "coredns" + "--disable" "local-storage" + "--disable" "metrics-server" + "--disable" "servicelb" + "--disable" "traefik" + "--pause-image" "test.local/pause:local" + ]; users.users = { noprivs = { diff --git a/nixos/tests/shadow.nix b/nixos/tests/shadow.nix index 50a9f712464..baa2e5945c0 100644 --- a/nixos/tests/shadow.nix +++ b/nixos/tests/shadow.nix @@ -3,6 +3,8 @@ let password2 = "helloworld"; password3 = "bazqux"; password4 = "asdf123"; + hashed_bcrypt = "$2b$05$8xIEflrk2RxQtcVXbGIxs.Vl0x7dF1/JSv3cyX6JJt0npzkTCWvxK"; # fnord + hashed_yeshash = "$y$j9T$d8Z4EAf8P1SvM/aDFbxMS0$VnTXMp/Hnc7QdCBEaLTq5ZFOAFo2/PM0/xEAFuOE88."; # fnord in import ./make-test-python.nix ({ pkgs, ... }: { name = "shadow"; meta = with pkgs.lib.maintainers; { maintainers = [ nequissimus ]; }; @@ -27,6 +29,16 @@ in import ./make-test-python.nix ({ pkgs, ... }: { password = password4; shell = pkgs.bash; }; + users.berta = { + isNormalUser = true; + hashedPassword = hashed_bcrypt; + shell = pkgs.bash; + }; + users.yesim = { + isNormalUser = true; + hashedPassword = hashed_yeshash; + shell = pkgs.bash; + }; }; }; @@ -115,5 +127,23 @@ in import ./make-test-python.nix ({ pkgs, ... }: { shadow.wait_until_succeeds("pgrep login") shadow.send_chars("${password2}\n") shadow.wait_until_tty_matches("5", "login:") + + with subtest("check alternate password hashes"): + shadow.send_key("alt-f6") + shadow.wait_until_succeeds("[ $(fgconsole) = 6 ]") + for u in ["berta", "yesim"]: + shadow.wait_for_unit("getty@tty6.service") + shadow.wait_until_succeeds("pgrep -f 'agetty.*tty6'") + shadow.wait_until_tty_matches("6", "login: ") + shadow.send_chars(f"{u}\n") + shadow.wait_until_tty_matches("6", f"login: {u}") + shadow.wait_until_succeeds("pgrep login") + shadow.sleep(2) + shadow.send_chars("fnord\n") + shadow.send_chars(f"whoami > /tmp/{u}\n") + shadow.wait_for_file(f"/tmp/{u}") + print(shadow.succeed(f"cat /tmp/{u}")) + assert u in shadow.succeed(f"cat /tmp/{u}") + shadow.send_chars("logout\n") ''; }) diff --git a/nixos/tests/systemd-initrd-luks-fido2.nix b/nixos/tests/systemd-initrd-luks-fido2.nix new file mode 100644 index 00000000000..133e552a3dc --- /dev/null +++ b/nixos/tests/systemd-initrd-luks-fido2.nix @@ -0,0 +1,45 @@ +import ./make-test-python.nix ({ lib, pkgs, ... }: { + name = "systemd-initrd-luks-fido2"; + + nodes.machine = { pkgs, config, ... }: { + # Use systemd-boot + virtualisation = { + emptyDiskImages = [ 512 ]; + useBootLoader = true; + useEFIBoot = true; + qemu.package = lib.mkForce (pkgs.qemu_test.override { canokeySupport = true; }); + qemu.options = [ "-device canokey,file=/tmp/canokey-file" ]; + }; + boot.loader.systemd-boot.enable = true; + + boot.initrd.systemd.enable = true; + + environment.systemPackages = with pkgs; [ cryptsetup ]; + + specialisation.boot-luks.configuration = { + boot.initrd.luks.devices = lib.mkVMOverride { + cryptroot = { + device = "/dev/vdc"; + crypttabExtraOpts = [ "fido2-device=auto" ]; + }; + }; + virtualisation.bootDevice = "/dev/mapper/cryptroot"; + }; + }; + + testScript = '' + # Create encrypted volume + machine.wait_for_unit("multi-user.target") + machine.succeed("echo -n supersecret | cryptsetup luksFormat -q --iter-time=1 /dev/vdc -") + machine.succeed("PASSWORD=supersecret SYSTEMD_LOG_LEVEL=debug systemd-cryptenroll --fido2-device=auto /dev/vdc |& systemd-cat") + + # Boot from the encrypted disk + machine.succeed("bootctl set-default nixos-generation-1-specialisation-boot-luks.conf") + machine.succeed("sync") + machine.crash() + + # Boot and decrypt the disk + machine.wait_for_unit("multi-user.target") + assert "/dev/mapper/cryptroot on / type ext4" in machine.succeed("mount") + ''; +}) diff --git a/nixos/tests/systemd-initrd-luks-tpm2.nix b/nixos/tests/systemd-initrd-luks-tpm2.nix new file mode 100644 index 00000000000..085088d2ee2 --- /dev/null +++ b/nixos/tests/systemd-initrd-luks-tpm2.nix @@ -0,0 +1,72 @@ +import ./make-test-python.nix ({ lib, pkgs, ... }: { + name = "systemd-initrd-luks-tpm2"; + + nodes.machine = { pkgs, ... }: { + # Use systemd-boot + virtualisation = { + emptyDiskImages = [ 512 ]; + useBootLoader = true; + useEFIBoot = true; + qemu.options = ["-chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock -tpmdev emulator,id=tpm0,chardev=chrtpm -device tpm-tis,tpmdev=tpm0"]; + }; + boot.loader.systemd-boot.enable = true; + + boot.initrd.availableKernelModules = [ "tpm_tis" ]; + + environment.systemPackages = with pkgs; [ cryptsetup ]; + boot.initrd.systemd = { + enable = true; + }; + + specialisation.boot-luks.configuration = { + boot.initrd.luks.devices = lib.mkVMOverride { + cryptroot = { + device = "/dev/vdc"; + crypttabExtraOpts = [ "tpm2-device=auto" ]; + }; + }; + virtualisation.bootDevice = "/dev/mapper/cryptroot"; + }; + }; + + testScript = '' + import subprocess + import os + import time + + + class Tpm: + def __init__(self): + os.mkdir("/tmp/mytpm1") + self.start() + + def start(self): + self.proc = subprocess.Popen(["${pkgs.swtpm}/bin/swtpm", "socket", "--tpmstate", "dir=/tmp/mytpm1", "--ctrl", "type=unixio,path=/tmp/mytpm1/swtpm-sock", "--log", "level=20", "--tpm2"]) + + def wait_for_death_then_restart(self): + while self.proc.poll() is None: + print("waiting for tpm to die") + time.sleep(1) + assert self.proc.returncode == 0 + self.start() + + tpm = Tpm() + + + # Create encrypted volume + machine.wait_for_unit("multi-user.target") + machine.succeed("echo -n supersecret | cryptsetup luksFormat -q --iter-time=1 /dev/vdc -") + machine.succeed("PASSWORD=supersecret SYSTEMD_LOG_LEVEL=debug systemd-cryptenroll --tpm2-pcrs= --tpm2-device=auto /dev/vdc |& systemd-cat") + + # Boot from the encrypted disk + machine.succeed("bootctl set-default nixos-generation-1-specialisation-boot-luks.conf") + machine.succeed("sync") + machine.crash() + + tpm.wait_for_death_then_restart() + + # Boot and decrypt the disk + machine.wait_for_unit("multi-user.target") + assert "/dev/mapper/cryptroot on / type ext4" in machine.succeed("mount") + ''; +}) diff --git a/nixos/tests/systemd-no-tainted.nix b/nixos/tests/systemd-no-tainted.nix new file mode 100644 index 00000000000..f0504065f2a --- /dev/null +++ b/nixos/tests/systemd-no-tainted.nix @@ -0,0 +1,14 @@ +import ./make-test-python.nix ({ pkgs, ... }: { + name = "systemd-no-tainted"; + + nodes.machine = { }; + + testScript = '' + machine.wait_for_unit("multi-user.target") + with subtest("systemctl should not report tainted with unmerged-usr"): + output = machine.succeed("systemctl status") + print(output) + assert "Tainted" not in output + assert "unmerged-usr" not in output + ''; +}) diff --git a/nixos/tests/systemd-portabled.nix b/nixos/tests/systemd-portabled.nix new file mode 100644 index 00000000000..ef38258b0d8 --- /dev/null +++ b/nixos/tests/systemd-portabled.nix @@ -0,0 +1,51 @@ +import ./make-test-python.nix ({pkgs, lib, ...}: let + demo-program = pkgs.writeShellScriptBin "demo" '' + while ${pkgs.coreutils}/bin/sleep 3; do + echo Hello World > /dev/null + done + ''; + demo-service = pkgs.writeText "demo.service" '' + [Unit] + Description=demo service + Requires=demo.socket + After=demo.socket + + [Service] + Type=simple + ExecStart=${demo-program}/bin/demo + Restart=always + + [Install] + WantedBy=multi-user.target + Also=demo.socket + ''; + demo-socket = pkgs.writeText "demo.socket" '' + [Unit] + Description=demo socket + + [Socket] + ListenStream=/run/demo.sock + SocketMode=0666 + + [Install] + WantedBy=sockets.target + ''; + demo-portable = pkgs.portableService { + pname = "demo"; + version = "1.0"; + description = ''A demo "Portable Service" for a shell program built with nix''; + units = [ demo-service demo-socket ]; + }; +in { + + name = "systemd-portabled"; + nodes.machine = {}; + testScript = '' + machine.succeed("portablectl") + machine.wait_for_unit("systemd-portabled.service") + machine.succeed("portablectl attach --now --runtime ${demo-portable}/demo_1.0.raw") + machine.wait_for_unit("demo.service") + machine.succeed("portablectl detach --now --runtime demo_1.0") + machine.fail("systemctl status demo.service") + ''; +}) diff --git a/pkgs/applications/audio/chuck/default.nix b/pkgs/applications/audio/chuck/default.nix index a6509256881..21d58eccb74 100644 --- a/pkgs/applications/audio/chuck/default.nix +++ b/pkgs/applications/audio/chuck/default.nix @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { buildInputs = [ libsndfile ] ++ lib.optional (!stdenv.isDarwin) alsa-lib - ++ lib.optional stdenv.isDarwin [ AppKit Carbon CoreAudio CoreMIDI CoreServices Kernel ]; + ++ lib.optionals stdenv.isDarwin [ AppKit Carbon CoreAudio CoreMIDI CoreServices Kernel ]; patches = [ ./darwin-limits.patch ]; diff --git a/pkgs/applications/audio/flac/default.nix b/pkgs/applications/audio/flac/default.nix index c9e3b946dd1..bebb35f4500 100644 --- a/pkgs/applications/audio/flac/default.nix +++ b/pkgs/applications/audio/flac/default.nix @@ -1,4 +1,12 @@ -{ lib, stdenv, fetchurl, fetchpatch, libogg }: +{ lib +, stdenv +, fetchurl +, cmake +, pkg-config +, doxygen +, graphviz +, libogg +}: stdenv.mkDerivation rec { pname = "flac"; @@ -10,9 +18,25 @@ stdenv.mkDerivation rec { sha256 = "91303c3e5dfde52c3e94e75976c0ab3ee14ced278ab8f60033a3a12db9209ae6"; }; - buildInputs = [ libogg ]; + nativeBuildInputs = [ + cmake + pkg-config + doxygen + graphviz + ]; - #doCheck = true; # takes lots of time + buildInputs = [ + libogg + ]; + + cmakeFlags = lib.optionals (!stdenv.hostPlatform.isStatic) [ + "-DBUILD_SHARED_LIBS=ON" + ]; + + CFLAGS = [ "-O3" "-funroll-loops" ]; + CXXFLAGS = [ "-O3" ]; + + # doCheck = true; # takes lots of time outputs = [ "bin" "dev" "out" "man" "doc" ]; diff --git a/pkgs/applications/audio/grandorgue/default.nix b/pkgs/applications/audio/grandorgue/default.nix index 74b845a01c7..33c64e07946 100644 --- a/pkgs/applications/audio/grandorgue/default.nix +++ b/pkgs/applications/audio/grandorgue/default.nix @@ -29,7 +29,7 @@ stdenv.mkDerivation rec { ++ lib.optionals stdenv.isDarwin [ Cocoa ] ++ lib.optional jackaudioSupport libjack2; - cmakeFlags = lib.optional (!jackaudioSupport) [ + cmakeFlags = lib.optionals (!jackaudioSupport) [ "-DRTAUDIO_USE_JACK=OFF" "-DRTMIDI_USE_JACK=OFF" "-DGO_USE_JACK=OFF" diff --git a/pkgs/applications/audio/muse/default.nix b/pkgs/applications/audio/muse/default.nix index 89ccf00c6d3..065c943764e 100644 --- a/pkgs/applications/audio/muse/default.nix +++ b/pkgs/applications/audio/muse/default.nix @@ -1,6 +1,6 @@ { lib, stdenv, fetchFromGitHub, cmake, pkg-config, qttools, wrapQtAppsHook , alsa-lib, dssi, fluidsynth, ladspaH, lash, libinstpatch, libjack2, liblo -, libsamplerate, libsndfile, lilv, lrdf, lv2, qtsvg, rtaudio, rubberband, sord +, libsamplerate, libsndfile, lilv, lrdf, lv2, qtsvg, rtaudio, rubberband, sord, serd }: stdenv.mkDerivation rec { @@ -25,6 +25,8 @@ stdenv.mkDerivation rec { libsamplerate libsndfile lilv lrdf lv2 qtsvg rtaudio rubberband sord ]; + NIX_CFLAGS_COMPILE = [ "-I${lib.getDev serd}/include/serd-0" ]; + meta = with lib; { homepage = "https://muse-sequencer.github.io/"; description = "MIDI/Audio sequencer with recording and editing capabilities"; diff --git a/pkgs/applications/audio/snapcast/default.nix b/pkgs/applications/audio/snapcast/default.nix index bbaa3fe839b..612d18f1357 100644 --- a/pkgs/applications/audio/snapcast/default.nix +++ b/pkgs/applications/audio/snapcast/default.nix @@ -26,7 +26,7 @@ stdenv.mkDerivation rec { aixlog popl soxr ] ++ lib.optional pulseaudioSupport libpulseaudio ++ lib.optional stdenv.isLinux alsa-lib - ++ lib.optional stdenv.isDarwin [darwin.apple_sdk.frameworks.IOKit darwin.apple_sdk.frameworks.AudioToolbox]; + ++ lib.optionals stdenv.isDarwin [darwin.apple_sdk.frameworks.IOKit darwin.apple_sdk.frameworks.AudioToolbox]; TARGET=lib.optionalString stdenv.isDarwin "MACOS"; diff --git a/pkgs/applications/blockchains/openethereum/default.nix b/pkgs/applications/blockchains/openethereum/default.nix index 7aeb483b5cb..e1b3480d1b0 100644 --- a/pkgs/applications/blockchains/openethereum/default.nix +++ b/pkgs/applications/blockchains/openethereum/default.nix @@ -37,7 +37,7 @@ rustPlatform.buildRustPackage rec { # Exclude some tests that don't work in the sandbox # - Nat test requires network access - checkFlags = "--skip configuration::tests::should_resolve_external_nat_hosts"; + checkFlags = [ "--skip" "configuration::tests::should_resolve_external_nat_hosts" ]; meta = with lib; { broken = stdenv.isDarwin; diff --git a/pkgs/applications/blockchains/polkadot/default.nix b/pkgs/applications/blockchains/polkadot/default.nix index 1ae82eda131..00f15c27d85 100644 --- a/pkgs/applications/blockchains/polkadot/default.nix +++ b/pkgs/applications/blockchains/polkadot/default.nix @@ -34,7 +34,7 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "sha256-mnfA0ecfmMMAy1TZeydbep6hCIu9yZQY7/c5hb1OMGc="; - buildInputs = lib.optional stdenv.isDarwin [ Security ]; + buildInputs = lib.optionals stdenv.isDarwin [ Security ]; nativeBuildInputs = [ clang ]; diff --git a/pkgs/applications/editors/neovim/build-neovim-plugin.nix b/pkgs/applications/editors/neovim/build-neovim-plugin.nix index f89d36741e9..b99733523b8 100644 --- a/pkgs/applications/editors/neovim/build-neovim-plugin.nix +++ b/pkgs/applications/editors/neovim/build-neovim-plugin.nix @@ -1,8 +1,6 @@ { lib , stdenv -, buildVimPluginFrom2Nix -, buildLuarocksPackage -, lua51Packages +, lua , toVimPlugin }: let @@ -19,16 +17,21 @@ in , ... }@attrs: let - originalLuaDrv = lua51Packages.${luaAttr}; - luaDrv = lua51Packages.luaLib.overrideLuarocks originalLuaDrv (drv: { + originalLuaDrv = lua.pkgs.${luaAttr}; + + luaDrv = (lua.pkgs.luaLib.overrideLuarocks originalLuaDrv (drv: { extraConfig = '' -- to create a flat hierarchy lua_modules_path = "lua" ''; + })).overrideAttrs (drv: { + version = attrs.version; + rockspecVersion = drv.rockspecVersion; }); - finalDrv = toVimPlugin (luaDrv.overrideAttrs(oa: { + + finalDrv = toVimPlugin (luaDrv.overrideAttrs(oa: attrs // { nativeBuildInputs = oa.nativeBuildInputs or [] ++ [ - lua51Packages.luarocksMoveDataFolder + lua.pkgs.luarocksMoveDataFolder ]; })); in diff --git a/pkgs/applications/editors/neovim/utils.nix b/pkgs/applications/editors/neovim/utils.nix index d5845ac4a66..05037eafcb8 100644 --- a/pkgs/applications/editors/neovim/utils.nix +++ b/pkgs/applications/editors/neovim/utils.nix @@ -1,11 +1,11 @@ { lib -, buildLuarocksPackage , callPackage , vimUtils , nodejs , neovim-unwrapped , bundlerEnv , ruby +, lua , python3Packages , writeText , wrapNeovimUnstable @@ -193,7 +193,7 @@ in inherit legacyWrapper; buildNeovimPluginFrom2Nix = callPackage ./build-neovim-plugin.nix { - inherit (vimUtils) buildVimPluginFrom2Nix toVimPlugin; - inherit buildLuarocksPackage; + inherit (vimUtils) toVimPlugin; + inherit lua; }; } diff --git a/pkgs/applications/editors/rstudio/default.nix b/pkgs/applications/editors/rstudio/default.nix index 50f69300aa0..70e69503749 100644 --- a/pkgs/applications/editors/rstudio/default.nix +++ b/pkgs/applications/editors/rstudio/default.nix @@ -85,7 +85,7 @@ in makeWrapper pandoc nodejs - ] ++ lib.optional (!server) [ + ] ++ lib.optionals (!server) [ copyDesktopItems ]; @@ -118,7 +118,7 @@ in "-DQUARTO_ENABLED=FALSE" "-DPANDOC_VERSION=${pandoc.version}" "-DCMAKE_INSTALL_PREFIX=${placeholder "out"}/lib/rstudio" - ] ++ lib.optional (!server) [ + ] ++ lib.optionals (!server) [ "-DQT_QMAKE_EXECUTABLE=${qmake}/bin/qmake" ]; diff --git a/pkgs/applications/editors/vim/configurable.nix b/pkgs/applications/editors/vim/configurable.nix index d5dd00b4aa6..11ddddaefc2 100644 --- a/pkgs/applications/editors/vim/configurable.nix +++ b/pkgs/applications/editors/vim/configurable.nix @@ -109,7 +109,7 @@ in stdenv.mkDerivation rec { ++ lib.optionals luaSupport [ "--with-lua-prefix=${lua}" "--enable-luainterp" - ] ++ lib.optional lua.pkgs.isLuaJIT [ + ] ++ lib.optionals lua.pkgs.isLuaJIT [ "--with-luajit" ] ++ lib.optionals pythonSupport [ diff --git a/pkgs/applications/editors/vim/plugins/build-vim-plugin.nix b/pkgs/applications/editors/vim/plugins/build-vim-plugin.nix index 9e7bb1be2d5..66234c2c198 100644 --- a/pkgs/applications/editors/vim/plugins/build-vim-plugin.nix +++ b/pkgs/applications/editors/vim/plugins/build-vim-plugin.nix @@ -8,6 +8,12 @@ }: rec { + addRtp = drv: + drv // { + rtp = lib.warn "`rtp` attribute is deprecated, use `outPath` instead." drv.outPath; + overrideAttrs = f: addRtp (drv.overrideAttrs f); + }; + buildVimPlugin = attrs@{ name ? "${attrs.pname}-${attrs.version}", namePrefix ? "vimplugin-", @@ -36,9 +42,7 @@ rec { runHook postInstall ''; }); - in toVimPlugin(drv.overrideAttrs(oa: { - rtp = "${drv}"; - })); + in addRtp (toVimPlugin drv); buildVimPluginFrom2Nix = attrs: buildVimPlugin ({ # vim plugins may override this diff --git a/pkgs/applications/editors/vim/plugins/overrides.nix b/pkgs/applications/editors/vim/plugins/overrides.nix index dd9518fa013..7bbc763ad8f 100644 --- a/pkgs/applications/editors/vim/plugins/overrides.nix +++ b/pkgs/applications/editors/vim/plugins/overrides.nix @@ -676,8 +676,6 @@ self: super: { inherit parinfer-rust; - # plenary-nvim = super.toVimPlugin(luaPackages.plenary-nvim); - plenary-nvim = super.plenary-nvim.overrideAttrs (old: { postPatch = '' sed -Ei lua/plenary/curl.lua \ diff --git a/pkgs/applications/editors/vim/plugins/vim-utils.nix b/pkgs/applications/editors/vim/plugins/vim-utils.nix index 2e482cdf7df..09c5527cd0e 100644 --- a/pkgs/applications/editors/vim/plugins/vim-utils.nix +++ b/pkgs/applications/editors/vim/plugins/vim-utils.nix @@ -243,10 +243,10 @@ let */ plugImpl = '' - source ${vimPlugins.vim-plug.rtp}/plug.vim + source ${vimPlugins.vim-plug}/plug.vim silent! call plug#begin('/dev/null') - '' + (lib.concatMapStringsSep "\n" (pkg: "Plug '${pkg.rtp}'") plug.plugins) + '' + '' + (lib.concatMapStringsSep "\n" (pkg: "Plug '${pkg}'") plug.plugins) + '' call plug#end() ''; diff --git a/pkgs/applications/editors/vim/vimacs.nix b/pkgs/applications/editors/vim/vimacs.nix index 6eb995f86e0..f8a087cbe6e 100644 --- a/pkgs/applications/editors/vim/vimacs.nix +++ b/pkgs/applications/editors/vim/vimacs.nix @@ -17,7 +17,7 @@ stdenv.mkDerivation rec { --replace '-gvim}' '-@bin@/bin/vim -g}' \ --replace '--cmd "let g:VM_Enabled = 1"' \ '--cmd "let g:VM_Enabled = 1" --cmd "set rtp^=@rtp@" ${vimacsExtraArgs}' \ - --replace @rtp@ ${vimPlugins.vimacs.rtp} \ + --replace @rtp@ ${vimPlugins.vimacs} \ --replace @bin@ ${vimPackage} for prog in vm gvm gvimacs vmdiff vimacsdiff do diff --git a/pkgs/applications/editors/vscode/generic.nix b/pkgs/applications/editors/vscode/generic.nix index d140d7d569f..3c0d5653691 100644 --- a/pkgs/applications/editors/vscode/generic.nix +++ b/pkgs/applications/editors/vscode/generic.nix @@ -65,7 +65,7 @@ let buildInputs = [ libsecret libXScrnSaver libxshmfence ] ++ lib.optionals (!stdenv.isDarwin) ([ at-spi2-atk ] ++ atomEnv.packages); - runtimeDependencies = lib.optional stdenv.isLinux [ (lib.getLib systemd) fontconfig.lib libdbusmenu ]; + runtimeDependencies = lib.optionals stdenv.isLinux [ (lib.getLib systemd) fontconfig.lib libdbusmenu ]; nativeBuildInputs = [ unzip ] ++ lib.optionals stdenv.isLinux [ diff --git a/pkgs/applications/emulators/retroarch/cores.nix b/pkgs/applications/emulators/retroarch/cores.nix index 957188f13d9..65b11762930 100644 --- a/pkgs/applications/emulators/retroarch/cores.nix +++ b/pkgs/applications/emulators/retroarch/cores.nix @@ -676,7 +676,7 @@ in description = "Fast MegaDrive/MegaCD/32X emulator"; license = "MAME"; dontConfigure = true; - makeFlags = lib.optional stdenv.hostPlatform.isAarch64 [ "platform=aarch64" ]; + makeFlags = lib.optionals stdenv.hostPlatform.isAarch64 [ "platform=aarch64" ]; }; play = mkLibRetroCore { diff --git a/pkgs/applications/file-managers/nnn/default.nix b/pkgs/applications/file-managers/nnn/default.nix index 85c372f0040..05f65df87b9 100644 --- a/pkgs/applications/file-managers/nnn/default.nix +++ b/pkgs/applications/file-managers/nnn/default.nix @@ -40,8 +40,8 @@ stdenv.mkDerivation rec { NIX_LDFLAGS = lib.optionalString stdenv.hostPlatform.isMusl "-lfts"; makeFlags = [ "PREFIX=${placeholder "out"}" ] - ++ lib.optional withIcons [ "O_ICONS=1" ] - ++ lib.optional withNerdIcons [ "O_NERD=1" ]; + ++ lib.optionals withIcons [ "O_ICONS=1" ] + ++ lib.optionals withNerdIcons [ "O_NERD=1" ]; binPath = lib.makeBinPath [ file which ]; diff --git a/pkgs/applications/gis/gmt/default.nix b/pkgs/applications/gis/gmt/default.nix index c6e0846e54d..3cc04e37444 100644 --- a/pkgs/applications/gis/gmt/default.nix +++ b/pkgs/applications/gis/gmt/default.nix @@ -47,7 +47,7 @@ stdenv.mkDerivation rec { "-DGMT_INSTALL_MODULE_LINKS:BOOL=FALSE" "-DLICENSE_RESTRICTED=LGPL" # "GPL" and "no" also valid ] ++ (with stdenv; - lib.optional (!isDarwin) [ + lib.optionals (!isDarwin) [ "-DFFTW3_ROOT=${fftwSinglePrec.dev}" "-DLAPACK_LIBRARY=${lapack}/lib/liblapack.so" "-DBLAS_LIBRARY=${blas}/lib/libblas.so" diff --git a/pkgs/applications/graphics/kcc/default.nix b/pkgs/applications/graphics/kcc/default.nix index bbbd4ed351b..2f481252d88 100644 --- a/pkgs/applications/graphics/kcc/default.nix +++ b/pkgs/applications/graphics/kcc/default.nix @@ -23,7 +23,7 @@ mkDerivationWith python3Packages.buildPythonApplication rec { raven ]; - qtWrapperArgs = lib.optional archiveSupport [ "--prefix" "PATH" ":" "${ lib.makeBinPath [ p7zip ] }" ]; + qtWrapperArgs = lib.optionals archiveSupport [ "--prefix" "PATH" ":" "${ lib.makeBinPath [ p7zip ] }" ]; postFixup = '' wrapProgram $out/bin/kcc "''${qtWrapperArgs[@]}" diff --git a/pkgs/applications/graphics/xournalpp/default.nix b/pkgs/applications/graphics/xournalpp/default.nix index c77dfa76042..ce262d73be4 100644 --- a/pkgs/applications/graphics/xournalpp/default.nix +++ b/pkgs/applications/graphics/xournalpp/default.nix @@ -48,7 +48,7 @@ stdenv.mkDerivation rec { ] ++ lib.optional withLua lua; - buildFlags = "translations"; + buildFlags = [ "translations" ]; hardeningDisable = [ "format" ]; diff --git a/pkgs/applications/misc/audio/sox/default.nix b/pkgs/applications/misc/audio/sox/default.nix index d82658f529e..9ddcdc92c5b 100644 --- a/pkgs/applications/misc/audio/sox/default.nix +++ b/pkgs/applications/misc/audio/sox/default.nix @@ -47,7 +47,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ autoreconfHook autoconf-archive - ] ++ lib.optional enableOpusfile [ + ] ++ lib.optionals enableOpusfile [ # configure.ac uses pkg-config only to locate libopusfile pkg-config ]; diff --git a/pkgs/applications/misc/blender/default.nix b/pkgs/applications/misc/blender/default.nix index c6f16733cc2..e6bdd340c97 100644 --- a/pkgs/applications/misc/blender/default.nix +++ b/pkgs/applications/misc/blender/default.nix @@ -127,7 +127,7 @@ stdenv.mkDerivation rec { # Clang doesn't support "-export-dynamic" ++ optional stdenv.cc.isClang "-DPYTHON_LINKFLAGS=" ++ optional jackaudioSupport "-DWITH_JACK=ON" - ++ optional cudaSupport [ + ++ optionals cudaSupport [ "-DWITH_CYCLES_CUDA_BINARIES=ON" "-DWITH_CYCLES_DEVICE_OPTIX=ON" "-DOPTIX_ROOT_DIR=${optix}" diff --git a/pkgs/development/python-modules/notifymuch/default.nix b/pkgs/applications/misc/notifymuch/default.nix index bc1610e2ca9..e94b6f2f156 100644 --- a/pkgs/development/python-modules/notifymuch/default.nix +++ b/pkgs/applications/misc/notifymuch/default.nix @@ -1,19 +1,16 @@ { lib -, buildPythonApplication -, isPy3k , fetchFromGitHub -, notmuch -, pygobject3 , gobject-introspection , libnotify , wrapGAppsHook , gtk3 +, python3 }: -buildPythonApplication rec { +python3.pkgs.buildPythonApplication rec { pname = "notifymuch"; version = "0.1"; - disabled = !isPy3k; + format = "setuptools"; src = fetchFromGitHub { owner = "kspi"; @@ -24,11 +21,12 @@ buildPythonApplication rec { }; propagatedBuildInputs = [ - notmuch - pygobject3 libnotify gtk3 - ]; + ] ++ (with python3.pkgs; [ + notmuch + pygobject3 + ]); nativeBuildInputs = [ gobject-introspection diff --git a/pkgs/applications/networking/browsers/ladybird/default.nix b/pkgs/applications/networking/browsers/ladybird/default.nix index e5d7b8524a1..0bd3cc79df2 100644 --- a/pkgs/applications/networking/browsers/ladybird/default.nix +++ b/pkgs/applications/networking/browsers/ladybird/default.nix @@ -5,6 +5,7 @@ , ninja , unzip , wrapQtAppsHook +, libxcrypt , qtbase , qttools , nixosTests @@ -37,6 +38,7 @@ in gcc11Stdenv.mkDerivation { ]; buildInputs = [ + libxcrypt qtbase ]; diff --git a/pkgs/applications/networking/browsers/links2/default.nix b/pkgs/applications/networking/browsers/links2/default.nix index e01131e193e..4dc06cd466b 100644 --- a/pkgs/applications/networking/browsers/links2/default.nix +++ b/pkgs/applications/networking/browsers/links2/default.nix @@ -20,7 +20,7 @@ stdenv.mkDerivation rec { [ libev librsvg libpng libjpeg libtiff openssl xz bzip2 zlib ] ++ optionals stdenv.isLinux [ gpm ] ++ optionals enableX11 [ libX11 libXau libXt ] - ++ optional enableDirectFB [ directfb ]; + ++ optionals enableDirectFB [ directfb ]; nativeBuildInputs = [ pkg-config bzip2 ]; diff --git a/pkgs/applications/networking/cluster/hadoop/default.nix b/pkgs/applications/networking/cluster/hadoop/default.nix index 365cac59f41..ebe21a2da45 100644 --- a/pkgs/applications/networking/cluster/hadoop/default.nix +++ b/pkgs/applications/networking/cluster/hadoop/default.nix @@ -37,7 +37,7 @@ let doCheck = true; nativeBuildInputs = [ makeWrapper ] - ++ optional (stdenv.isLinux && (nativeLibs != [ ] || libPatches != "")) [ autoPatchelfHook ]; + ++ optionals (stdenv.isLinux && (nativeLibs != [ ] || libPatches != "")) [ autoPatchelfHook ]; buildInputs = [ openssl ] ++ nativeLibs; installPhase = '' diff --git a/pkgs/applications/networking/firehol/default.nix b/pkgs/applications/networking/firehol/default.nix index 8d63a8b4c07..47b69eaed6e 100644 --- a/pkgs/applications/networking/firehol/default.nix +++ b/pkgs/applications/networking/firehol/default.nix @@ -42,7 +42,7 @@ stdenv.mkDerivation rec { configureFlags = [ "--localstatedir=/var" "--disable-doc" "--disable-man" "--disable-update-ipsets" ] ++ - lib.optional onlyQOS [ "--disable-firehol" ]; + lib.optionals onlyQOS [ "--disable-firehol" ]; meta = with lib; { description = "A firewall for humans"; diff --git a/pkgs/applications/networking/instant-messengers/pantalaimon/default.nix b/pkgs/applications/networking/instant-messengers/pantalaimon/default.nix index 41eef4e2045..49114903a59 100644 --- a/pkgs/applications/networking/instant-messengers/pantalaimon/default.nix +++ b/pkgs/applications/networking/instant-messengers/pantalaimon/default.nix @@ -34,7 +34,7 @@ buildPythonApplication rec { peewee prompt-toolkit setuptools - ] ++ lib.optional enableDbusUi [ + ] ++ lib.optionals enableDbusUi [ dbus-python notify2 pygobject3 diff --git a/pkgs/applications/networking/irc/convos/default.nix b/pkgs/applications/networking/irc/convos/default.nix index 7b2a8c3f247..30aac1cb117 100644 --- a/pkgs/applications/networking/irc/convos/default.nix +++ b/pkgs/applications/networking/irc/convos/default.nix @@ -16,7 +16,7 @@ perlPackages.buildPerlPackage rec { }; nativeBuildInputs = [ makeWrapper ] - ++ optional stdenv.isDarwin [ shortenPerlShebang ]; + ++ optionals stdenv.isDarwin [ shortenPerlShebang ]; buildInputs = with perlPackages; [ CryptPassphrase CryptPassphraseArgon2 CryptPassphraseBcrypt diff --git a/pkgs/applications/networking/irc/epic5/default.nix b/pkgs/applications/networking/irc/epic5/default.nix index 9b096eb72e9..969a9da46b1 100644 --- a/pkgs/applications/networking/irc/epic5/default.nix +++ b/pkgs/applications/networking/irc/epic5/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, openssl, ncurses, libiconv, tcl, coreutils, fetchpatch }: +{ lib, stdenv, fetchurl, openssl, ncurses, libiconv, tcl, coreutils, fetchpatch, libxcrypt }: stdenv.mkDerivation rec { pname = "epic5"; @@ -10,7 +10,7 @@ stdenv.mkDerivation rec { }; # Darwin needs libiconv, tcl; while Linux build don't - buildInputs = [ openssl ncurses ] + buildInputs = [ openssl ncurses libxcrypt ] ++ lib.optionals stdenv.isDarwin [ libiconv tcl ]; patches = [ diff --git a/pkgs/applications/networking/irc/weechat/default.nix b/pkgs/applications/networking/irc/weechat/default.nix index 132504a20e1..7234d92840d 100644 --- a/pkgs/applications/networking/irc/weechat/default.nix +++ b/pkgs/applications/networking/irc/weechat/default.nix @@ -50,7 +50,7 @@ let cmakeFlags = with lib; [ "-DENABLE_MAN=ON" - "-DENABLE_DOC=OFF" # TODO(@ncfavier): Documentation fails to build, was deactivated to push through security update + "-DENABLE_DOC=ON" "-DENABLE_TESTS=${if enableTests then "ON" else "OFF"}" ] ++ optionals stdenv.isDarwin ["-DICONV_LIBRARY=${libiconv}/lib/libiconv.dylib"] diff --git a/pkgs/applications/networking/mailreaders/alot/default.nix b/pkgs/applications/networking/mailreaders/alot/default.nix index d8a4d1066ec..889b893ea9c 100644 --- a/pkgs/applications/networking/mailreaders/alot/default.nix +++ b/pkgs/applications/networking/mailreaders/alot/default.nix @@ -15,7 +15,7 @@ with python3.pkgs; buildPythonApplication rec { outputs = [ "out" - ] ++ lib.optional withManpage [ + ] ++ lib.optionals withManpage [ "man" ]; diff --git a/pkgs/applications/networking/mailreaders/alpine/default.nix b/pkgs/applications/networking/mailreaders/alpine/default.nix index 04f1732f7a5..7c168340b1c 100644 --- a/pkgs/applications/networking/mailreaders/alpine/default.nix +++ b/pkgs/applications/networking/mailreaders/alpine/default.nix @@ -1,5 +1,5 @@ {lib, stdenv, fetchurl, ncurses, tcl, openssl, pam, libkrb5 -, openldap +, openldap, libxcrypt }: stdenv.mkDerivation rec { @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { }; buildInputs = [ - ncurses tcl openssl pam libkrb5 openldap + ncurses tcl openssl pam libkrb5 openldap libxcrypt ]; hardeningDisable = [ "format" ]; diff --git a/pkgs/applications/networking/mailreaders/meli/default.nix b/pkgs/applications/networking/mailreaders/meli/default.nix index f998a4366b3..e3da77531a1 100644 --- a/pkgs/applications/networking/mailreaders/meli/default.nix +++ b/pkgs/applications/networking/mailreaders/meli/default.nix @@ -31,7 +31,7 @@ rustPlatform.buildRustPackage rec { checkInputs = [ file ]; - buildFeatures = lib.optional withNotmuch [ "notmuch" ]; + buildFeatures = lib.optionals withNotmuch [ "notmuch" ]; postInstall = '' mkdir -p $out/share/man/man1 diff --git a/pkgs/applications/networking/mpop/default.nix b/pkgs/applications/networking/mpop/default.nix index 21d9d19e03b..7e896038274 100644 --- a/pkgs/applications/networking/mpop/default.nix +++ b/pkgs/applications/networking/mpop/default.nix @@ -25,11 +25,11 @@ stdenv.mkDerivation rec { gnutls gsasl libidn - ] ++ lib.optional stdenv.isDarwin [ + ] ++ lib.optionals stdenv.isDarwin [ Security ]; - configureFlags = lib.optional stdenv.isDarwin [ + configureFlags = lib.optionals stdenv.isDarwin [ "--with-macosx-keyring" ]; diff --git a/pkgs/applications/networking/nntp-proxy/default.nix b/pkgs/applications/networking/nntp-proxy/default.nix index 626913cd60a..a3a136a3269 100644 --- a/pkgs/applications/networking/nntp-proxy/default.nix +++ b/pkgs/applications/networking/nntp-proxy/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, libconfig, pkg-config, libevent, openssl }: +{ lib, stdenv, fetchFromGitHub, libconfig, pkg-config, libevent, openssl, libxcrypt }: stdenv.mkDerivation { pname = "nntp-proxy"; @@ -12,7 +12,7 @@ stdenv.mkDerivation { }; nativeBuildInputs = [ pkg-config ]; - buildInputs = [ libconfig libevent openssl ]; + buildInputs = [ libconfig libevent openssl libxcrypt ]; installFlags = [ "INSTALL_DIR=$(out)/bin/" ]; diff --git a/pkgs/applications/networking/shellhub-agent/default.nix b/pkgs/applications/networking/shellhub-agent/default.nix index 5370835b60f..4016ca04b45 100644 --- a/pkgs/applications/networking/shellhub-agent/default.nix +++ b/pkgs/applications/networking/shellhub-agent/default.nix @@ -4,6 +4,7 @@ , gitUpdater , makeWrapper , openssh +, libxcrypt }: buildGoModule rec { @@ -31,6 +32,7 @@ buildGoModule rec { }; nativeBuildInputs = [ makeWrapper ]; + buildInputs = [ libxcrypt ]; postInstall = '' wrapProgram $out/bin/agent --prefix PATH : ${lib.makeBinPath [ openssh ]} diff --git a/pkgs/applications/networking/sync/lsyncd/default.nix b/pkgs/applications/networking/sync/lsyncd/default.nix index 3e52d664d52..ed4de44049d 100644 --- a/pkgs/applications/networking/sync/lsyncd/default.nix +++ b/pkgs/applications/networking/sync/lsyncd/default.nix @@ -27,7 +27,7 @@ stdenv.mkDerivation rec { # Special flags needed on Darwin: # https://github.com/axkibe/lsyncd/blob/42413cabbedca429d55a5378f6e830f191f3cc86/INSTALL#L51 - cmakeFlags = lib.optional stdenv.isDarwin [ "-DWITH_INOTIFY=OFF" "-DWITH_FSEVENTS=ON" ]; + cmakeFlags = lib.optionals stdenv.isDarwin [ "-DWITH_INOTIFY=OFF" "-DWITH_FSEVENTS=ON" ]; dontUseCmakeBuildDir = true; diff --git a/pkgs/applications/networking/sync/rsync/default.nix b/pkgs/applications/networking/sync/rsync/default.nix index bdddfe4f867..f172a7fc420 100644 --- a/pkgs/applications/networking/sync/rsync/default.nix +++ b/pkgs/applications/networking/sync/rsync/default.nix @@ -20,12 +20,12 @@ stdenv.mkDerivation rec { pname = "rsync"; - version = "3.2.5"; + version = "3.2.6"; src = fetchurl { # signed with key 0048 C8B0 26D4 C96F 0E58 9C2F 6C85 9FB1 4B96 A8C5 url = "mirror://samba/rsync/src/rsync-${version}.tar.gz"; - sha256 = "sha256-KsTSFjXN95GGe8N3w1ym3af1DZGaWL5FBX/VFgDGmro="; + sha256 = "sha256-+zNlurJ4N9Qf6vQulnxXvTpHvI8Qdlo2ce/Wo4NUVNM="; }; nativeBuildInputs = [ perl ]; diff --git a/pkgs/applications/networking/znc/default.nix b/pkgs/applications/networking/znc/default.nix index e5aec911706..f73bb1c4bf7 100644 --- a/pkgs/applications/networking/znc/default.nix +++ b/pkgs/applications/networking/znc/default.nix @@ -36,8 +36,8 @@ stdenv.mkDerivation rec { (lib.enableFeature withTcl "tcl") (lib.withFeatureAs withTcl "tcl" "${tcl}/lib") (lib.enableFeature withCyrus "cyrus") - ] ++ optional (!withIPv6) [ "--disable-ipv6" ] - ++ optional withDebug [ "--enable-debug" ]; + ] ++ optionals (!withIPv6) [ "--disable-ipv6" ] + ++ optionals withDebug [ "--enable-debug" ]; enableParallelBuilding = true; diff --git a/pkgs/applications/radio/rtl-sdr/default.nix b/pkgs/applications/radio/rtl-sdr/default.nix index e7fbb50cfd0..d8180750c7a 100644 --- a/pkgs/applications/radio/rtl-sdr/default.nix +++ b/pkgs/applications/radio/rtl-sdr/default.nix @@ -29,7 +29,7 @@ stdenv.mkDerivation rec { buildInputs = [ libusb1 ]; - cmakeFlags = lib.optional stdenv.isLinux [ + cmakeFlags = lib.optionals stdenv.isLinux [ "-DINSTALL_UDEV_RULES=ON" "-DWITH_RPC=ON" ]; diff --git a/pkgs/applications/science/biology/megahit/default.nix b/pkgs/applications/science/biology/megahit/default.nix index 45cb7560502..7f054a51d5e 100644 --- a/pkgs/applications/science/biology/megahit/default.nix +++ b/pkgs/applications/science/biology/megahit/default.nix @@ -14,7 +14,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ cmake ]; buildInputs = [ zlib ]; - cmakeFlags = lib.optional stdenv.hostPlatform.isStatic [ + cmakeFlags = lib.optionals stdenv.hostPlatform.isStatic [ "-DSTATIC_BUILD=ON" ]; meta = with lib; { diff --git a/pkgs/applications/science/biology/neuron/default.nix b/pkgs/applications/science/biology/neuron/default.nix index 36f1b4c699a..a35d586b9ac 100644 --- a/pkgs/applications/science/biology/neuron/default.nix +++ b/pkgs/applications/science/biology/neuron/default.nix @@ -26,7 +26,7 @@ stdenv.mkDerivation rec { sha256 = "0f26v3qvzblcdjg7isq0m9j2q8q7x3vhmkfllv8lsr3gyj44lljf"; }; - patches = (lib.optional (stdenv.isDarwin) [ ./neuron-carbon-disable.patch ]); + patches = (lib.optionals (stdenv.isDarwin) [ ./neuron-carbon-disable.patch ]); # With LLVM 3.8 and above, clang (really libc++) gets upset if you attempt to redefine these... postPatch = lib.optionalString stdenv.cc.isClang '' diff --git a/pkgs/applications/science/biology/samtools/default.nix b/pkgs/applications/science/biology/samtools/default.nix index 29ba667b055..41129a667e9 100644 --- a/pkgs/applications/science/biology/samtools/default.nix +++ b/pkgs/applications/science/biology/samtools/default.nix @@ -32,7 +32,7 @@ stdenv.mkDerivation rec { configureFlags = [ "--with-htslib=${htslib}" ] ++ lib.optional (ncurses == null) "--without-curses" - ++ lib.optional stdenv.hostPlatform.isStatic ["--without-curses" ] + ++ lib.optionals stdenv.hostPlatform.isStatic ["--without-curses" ] ; preCheck = '' diff --git a/pkgs/applications/science/logic/fast-downward/default.nix b/pkgs/applications/science/logic/fast-downward/default.nix index 1d7c51e64e9..ba0f3ee2e25 100644 --- a/pkgs/applications/science/logic/fast-downward/default.nix +++ b/pkgs/applications/science/logic/fast-downward/default.nix @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ cmake python3.pkgs.wrapPython ]; buildInputs = [ python3 osi ]; - cmakeFlags = lib.optional osi.withCplex [ "-DDOWNWARD_CPLEX_ROOT=${cplex}/cplex" ]; + cmakeFlags = lib.optionals osi.withCplex [ "-DDOWNWARD_CPLEX_ROOT=${cplex}/cplex" ]; configurePhase = '' python build.py release diff --git a/pkgs/applications/science/math/ratpoints/default.nix b/pkgs/applications/science/math/ratpoints/default.nix index dd8258a3456..44c68ebcdce 100644 --- a/pkgs/applications/science/math/ratpoints/default.nix +++ b/pkgs/applications/science/math/ratpoints/default.nix @@ -20,7 +20,7 @@ stdenv.mkDerivation rec { buildInputs = [ gmp ]; makeFlags = [ "CC=${stdenv.cc.targetPrefix}cc" ]; - buildFlags = lib.optional stdenv.isDarwin ["CCFLAGS2=-lgmp -lc -lm" "CCFLAGS=-UUSE_SSE"]; + buildFlags = lib.optionals stdenv.isDarwin ["CCFLAGS2=-lgmp -lc -lm" "CCFLAGS=-UUSE_SSE"]; installFlags = [ "INSTALL_DIR=$(out)" ]; preInstall = ''mkdir -p "$out"/{bin,share,lib,include}''; diff --git a/pkgs/applications/science/misc/root/5.nix b/pkgs/applications/science/misc/root/5.nix index 84443645865..1b4d6bcd048 100644 --- a/pkgs/applications/science/misc/root/5.nix +++ b/pkgs/applications/science/misc/root/5.nix @@ -14,6 +14,7 @@ , libGL , zlib , libxml2 +, libxcrypt , lz4 , xz , gsl_1 @@ -33,7 +34,7 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ cmake pkg-config ]; - buildInputs = [ pcre python2 zlib libxml2 lz4 xz gsl_1 xxHash ] + buildInputs = [ pcre python2 zlib libxml2 lz4 xz gsl_1 xxHash libxcrypt ] ++ lib.optionals (!stdenv.isDarwin) [ libX11 libXpm libXft libXext libGLU libGL ] ++ lib.optionals (stdenv.isDarwin) [ Cocoa OpenGL ] ; diff --git a/pkgs/applications/science/misc/root/default.nix b/pkgs/applications/science/misc/root/default.nix index 457b571be92..5ae80c745bd 100644 --- a/pkgs/applications/science/misc/root/default.nix +++ b/pkgs/applications/science/misc/root/default.nix @@ -16,6 +16,7 @@ , libXext , libGLU , libGL +, libxcrypt , libxml2 , llvm_9 , lz4 @@ -72,6 +73,7 @@ stdenv.mkDerivation rec { zlib zstd lapack + libxcrypt libxml2 _llvm_9 lz4 diff --git a/pkgs/applications/science/networking/sumo/default.nix b/pkgs/applications/science/networking/sumo/default.nix index 9cdf576b9c6..7c5794eb8e8 100644 --- a/pkgs/applications/science/networking/sumo/default.nix +++ b/pkgs/applications/science/networking/sumo/default.nix @@ -1,7 +1,7 @@ { lib, bzip2, cmake, eigen, fetchFromGitHub, ffmpeg, fox_1_6, gdal, git, gl2ps, gpp , gtest, jdk, libGL, libGLU, libX11, libjpeg, - libpng, libtiff, openscenegraph , proj, python3, python37Packages, - stdenv, swig, xercesc, xorg, zlib }: + libpng, libtiff, libxcrypt, openscenegraph , proj, python3, + python37Packages, stdenv, swig, xercesc, xorg, zlib }: stdenv.mkDerivation rec { pname = "sumo"; @@ -36,6 +36,7 @@ stdenv.mkDerivation rec { libjpeg libpng libtiff + libxcrypt openscenegraph proj python37Packages.setuptools diff --git a/pkgs/applications/terminal-emulators/x3270/default.nix b/pkgs/applications/terminal-emulators/x3270/default.nix index 7ce5d95775c..8890d57b320 100644 --- a/pkgs/applications/terminal-emulators/x3270/default.nix +++ b/pkgs/applications/terminal-emulators/x3270/default.nix @@ -18,7 +18,7 @@ in stdenv.mkDerivation rec { sha256 = "0km24rgll0s4ji6iz8lvy5ra76ds162s95y33w5px6697cwqkp9j"; }; - buildFlags = "unix"; + buildFlags = [ "unix" ]; postConfigure = '' pushd c3270 ; ./configure ; popd diff --git a/pkgs/applications/terminal-emulators/xterm/default.nix b/pkgs/applications/terminal-emulators/xterm/default.nix index 40bab79b897..c277e241ca3 100644 --- a/pkgs/applications/terminal-emulators/xterm/default.nix +++ b/pkgs/applications/terminal-emulators/xterm/default.nix @@ -4,14 +4,14 @@ stdenv.mkDerivation rec { pname = "xterm"; - version = "373"; + version = "374"; src = fetchurl { urls = [ "ftp://ftp.invisible-island.net/xterm/${pname}-${version}.tgz" "https://invisible-mirror.net/archives/xterm/${pname}-${version}.tgz" ]; - sha256 = "sha256-3rCYlHOmOQi1qNRN/uqDAchxD2zgH7V86MMAAjdXRrY="; + sha256 = "sha256-EdTWJmcNTW17aft0Z+nsIxgX5a0iUC+RZ3aP2IrBvfU="; }; strictDeps = true; diff --git a/pkgs/applications/version-management/datalad/default.nix b/pkgs/applications/version-management/datalad/default.nix index 65561aded31..cd2c26ea8d4 100644 --- a/pkgs/applications/version-management/datalad/default.nix +++ b/pkgs/applications/version-management/datalad/default.nix @@ -59,8 +59,8 @@ python3.pkgs.buildPythonApplication rec { # python>=3.8 distro - ] ++ lib.optional stdenv.hostPlatform.isWindows [ colorama ] - ++ lib.optional (python3.pythonOlder "3.10") [ importlib-metadata ]; + ] ++ lib.optionals stdenv.hostPlatform.isWindows [ colorama ] + ++ lib.optionals (python3.pythonOlder "3.10") [ importlib-metadata ]; postInstall = '' installShellCompletion --cmd datalad \ diff --git a/pkgs/applications/version-management/dvc/default.nix b/pkgs/applications/version-management/dvc/default.nix index 6f1c4fe1857..40b550cb9e3 100644 --- a/pkgs/applications/version-management/dvc/default.nix +++ b/pkgs/applications/version-management/dvc/default.nix @@ -72,17 +72,17 @@ python3.pkgs.buildPythonApplication rec { typing-extensions voluptuous zc_lockfile - ] ++ lib.optional enableGoogle [ + ] ++ lib.optionals enableGoogle [ gcsfs google-cloud-storage - ] ++ lib.optional enableAWS [ + ] ++ lib.optionals enableAWS [ aiobotocore boto3 s3fs - ] ++ lib.optional enableAzure [ + ] ++ lib.optionals enableAzure [ azure-identity knack - ] ++ lib.optional enableSSH [ + ] ++ lib.optionals enableSSH [ bcrypt ] ++ lib.optionals (pythonOlder "3.8") [ importlib-metadata diff --git a/pkgs/applications/version-management/git-and-tools/git/default.nix b/pkgs/applications/version-management/git-and-tools/git/default.nix index 9b2c755b109..dd244b3687c 100644 --- a/pkgs/applications/version-management/git-and-tools/git/default.nix +++ b/pkgs/applications/version-management/git-and-tools/git/default.nix @@ -28,7 +28,7 @@ assert sendEmailSupport -> perlSupport; assert svnSupport -> perlSupport; let - version = "2.37.3"; + version = "2.38.0"; svn = subversionClient.override { perlBindings = perlSupport; }; gitwebPerlLibs = with perlPackages; [ CGI HTMLParser CGIFast FCGI FCGIProcManager HTMLTagCloud ]; in @@ -41,7 +41,7 @@ stdenv.mkDerivation (finalAttrs: { src = fetchurl { url = "https://www.kernel.org/pub/software/scm/git/git-${version}.tar.xz"; - sha256 = "sha256-gUZB1/YWWc+8F4JdBGJJnKFAPjn/U9dqhRIFDmSD6Ho="; + sha256 = "sha256-kj6t4msYFN540GvajgqfXai3xLMEs/kFD/tGTwMQMgo="; }; outputs = [ "out" ] ++ lib.optional withManual "doc"; @@ -339,6 +339,10 @@ stdenv.mkDerivation (finalAttrs: { disable_test t5319-multi-pack-index disable_test t6421-merge-partial-clone + # Fails reproducibly on ZFS on Linux with formD normalization + disable_test t0021-conversion + disable_test t3910-mac-os-precompose + ${lib.optionalString (!perlSupport) '' # request-pull is a Bash script that invokes Perl, so it is not available # when NO_PERL=1, and the test should be skipped, but the test suite does diff --git a/pkgs/applications/version-management/git-and-tools/tig/default.nix b/pkgs/applications/version-management/git-and-tools/tig/default.nix index 344a10cf2ec..cfce8a35f9e 100644 --- a/pkgs/applications/version-management/git-and-tools/tig/default.nix +++ b/pkgs/applications/version-management/git-and-tools/tig/default.nix @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ makeWrapper autoreconfHook asciidoc xmlto docbook_xsl docbook_xml_dtd_45 findXMLCatalogs pkg-config ]; - autoreconfFlags = "-I tools -v"; + autoreconfFlags = [ "-I" "tools" "-v" ]; buildInputs = [ ncurses readline git ] ++ lib.optionals stdenv.isDarwin [ libiconv ]; diff --git a/pkgs/applications/version-management/gitlab/default.nix b/pkgs/applications/version-management/gitlab/default.nix index 47ca0f4f48d..88f2a5f4cd0 100644 --- a/pkgs/applications/version-management/gitlab/default.nix +++ b/pkgs/applications/version-management/gitlab/default.nix @@ -37,7 +37,7 @@ let railties = x.railties // { dontBuild = false; patches = [ ./railties-remove-yarn-install-enhancement.patch ]; - patchFlags = "-p2"; + patchFlags = [ "-p2" ]; }; }; groups = [ diff --git a/pkgs/applications/version-management/subversion/default.nix b/pkgs/applications/version-management/subversion/default.nix index 5731ef59deb..69a2bce4906 100644 --- a/pkgs/applications/version-management/subversion/default.nix +++ b/pkgs/applications/version-management/subversion/default.nix @@ -40,7 +40,7 @@ let ++ lib.optionals pythonBindings [ python3 py3c ] ++ lib.optional perlBindings perl ++ lib.optional saslSupport sasl - ++ lib.optional stdenv.hostPlatform.isDarwin [ CoreServices Security ]; + ++ lib.optionals stdenv.hostPlatform.isDarwin [ CoreServices Security ]; patches = [ ./apr-1.patch ] ++ extraPatches; diff --git a/pkgs/applications/video/kodi/unwrapped.nix b/pkgs/applications/video/kodi/unwrapped.nix index a37e5c92e24..6eadd06af0f 100644 --- a/pkgs/applications/video/kodi/unwrapped.nix +++ b/pkgs/applications/video/kodi/unwrapped.nix @@ -1,6 +1,6 @@ { stdenv, lib, fetchFromGitHub, autoconf, automake, libtool, makeWrapper , pkg-config, cmake, yasm, python3Packages -, libgcrypt, libgpg-error, libunistring +, libxcrypt, libgcrypt, libgpg-error, libunistring , boost, avahi, lame , gettext, pcre-cpp, yajl, fribidi, which , openssl, gperf, tinyxml2, taglib, libssh, swig, jre_headless @@ -131,14 +131,14 @@ in stdenv.mkDerivation { sqlite libmysqlclient avahi lame curl bzip2 zip unzip glxinfo libcec libcec_platform dcadec libuuid - libgcrypt libgpg-error libunistring + libxcrypt libgcrypt libgpg-error libunistring libcrossguid libplist bluez giflib glib harfbuzz lcms2 libpthreadstubs ffmpeg flatbuffers fstrcmp rapidjson lirc mesa # for libEGL ] - ++ lib.optional x11Support [ + ++ lib.optionals x11Support [ libX11 xorgproto libXt libXmu libXext.dev libXdmcp libXinerama libXrandr.dev libXtst libXfixes ] @@ -158,7 +158,7 @@ in stdenv.mkDerivation { # Not sure why ".dev" is needed here, but CMake doesn't find libxkbcommon otherwise libxkbcommon.dev ] - ++ lib.optional gbmSupport [ + ++ lib.optionals gbmSupport [ libxkbcommon.dev mesa.dev libinput.dev @@ -200,7 +200,7 @@ in stdenv.mkDerivation { # whitelisted directories). This adds the entire nix store to the Kodi # webserver whitelist to avoid this problem. "-DKODI_WEBSERVER_EXTRA_WHITELIST=${builtins.storeDir}" - ] ++ lib.optional waylandSupport [ + ] ++ lib.optionals waylandSupport [ "-DWAYLANDPP_SCANNER=${buildPackages.waylandpp}/bin/wayland-scanner++" ]; diff --git a/pkgs/applications/virtualization/open-vm-tools/default.nix b/pkgs/applications/virtualization/open-vm-tools/default.nix index d62964d1095..7755795306a 100644 --- a/pkgs/applications/virtualization/open-vm-tools/default.nix +++ b/pkgs/applications/virtualization/open-vm-tools/default.nix @@ -1,6 +1,6 @@ { stdenv, lib, fetchFromGitHub, makeWrapper, autoreconfHook , bash, fuse3, libmspack, openssl, pam, xercesc, icu, libdnet, procps, libtirpc, rpcsvc-proto -, libX11, libXext, libXinerama, libXi, libXrender, libXrandr, libXtst +, libX11, libXext, libXinerama, libXi, libXrender, libXrandr, libXtst, libxcrypt , pkg-config, glib, gdk-pixbuf-xlib, gtk3, gtkmm3, iproute2, dbus, systemd, which , libdrm, udev, util-linux , withX ? true @@ -22,7 +22,7 @@ stdenv.mkDerivation rec { outputs = [ "out" "dev" ]; nativeBuildInputs = [ autoreconfHook makeWrapper pkg-config ]; - buildInputs = [ fuse3 glib icu libdnet libdrm libmspack libtirpc openssl pam procps rpcsvc-proto udev xercesc ] + buildInputs = [ fuse3 glib icu libdnet libdrm libmspack libtirpc libxcrypt openssl pam procps rpcsvc-proto udev xercesc ] ++ lib.optionals withX [ gdk-pixbuf-xlib gtk3 gtkmm3 libX11 libXext libXinerama libXi libXrender libXrandr libXtst ]; postPatch = '' diff --git a/pkgs/applications/virtualization/virtualbox/default.nix b/pkgs/applications/virtualization/virtualbox/default.nix index 83c48536b30..d65f101b377 100644 --- a/pkgs/applications/virtualization/virtualbox/default.nix +++ b/pkgs/applications/virtualization/virtualbox/default.nix @@ -23,14 +23,14 @@ let buildType = "release"; # Use maintainers/scripts/update.nix to update the version and all related hashes or # change the hashes in extpack.nix and guest-additions/default.nix as well manually. - version = "6.1.36"; + version = "6.1.40"; in stdenv.mkDerivation { pname = "virtualbox"; inherit version; src = fetchurl { url = "https://download.virtualbox.org/virtualbox/${version}/VirtualBox-${version}.tar.bz2"; - sha256 = "e47942e42892c13c621869865e2b7b320340154f0fa74ecbdaf18fdaf70ef047"; + sha256 = "bc857555d3e836ad9350a8f7b03bb54d2fdc04dddb2043d09813f4634bca4814"; }; outputs = [ "out" "modsrc" ]; diff --git a/pkgs/applications/virtualization/virtualbox/extpack.nix b/pkgs/applications/virtualization/virtualbox/extpack.nix index 83861e648ce..7092ffb33de 100644 --- a/pkgs/applications/virtualization/virtualbox/extpack.nix +++ b/pkgs/applications/virtualization/virtualbox/extpack.nix @@ -12,7 +12,7 @@ fetchurl rec { # Manually sha256sum the extensionPack file, must be hex! # Thus do not use `nix-prefetch-url` but instead plain old `sha256sum`. # Checksums can also be found at https://www.virtualbox.org/download/hashes/${version}/SHA256SUMS - let value = "3c84f0177a47a1969aff7c98e01ddceedd50348f56cc52d63f4c2dd38ad2ca75"; + let value = "29cf8410e2514ea4393f63f5e955b8311787873679fc23ae9a897fb70ef3f84a"; in assert (builtins.stringLength value) == 64; value; meta = { diff --git a/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix b/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix index 75684cb3b99..d6531452c76 100644 --- a/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix +++ b/pkgs/applications/virtualization/virtualbox/guest-additions/default.nix @@ -23,7 +23,7 @@ in stdenv.mkDerivation rec { src = fetchurl { url = "http://download.virtualbox.org/virtualbox/${version}/VBoxGuestAdditions_${version}.iso"; - sha256 = "c987cdc8c08c579f56d921c85269aeeac3faf636babd01d9461ce579c9362cdd"; + sha256 = "d456c559926f1a8fdd7259056e0a50f12339fd494122cf30db7736e2032970c6"; }; KERN_DIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"; diff --git a/pkgs/applications/window-managers/sawfish/default.nix b/pkgs/applications/window-managers/sawfish/default.nix index f75d7ec5d1b..ef001787a59 100644 --- a/pkgs/applications/window-managers/sawfish/default.nix +++ b/pkgs/applications/window-managers/sawfish/default.nix @@ -8,6 +8,7 @@ , imlib , libICE , libSM +, libxcrypt , libXinerama , libXrandr , libXtst @@ -44,6 +45,7 @@ stdenv.mkDerivation rec { imlib libICE libSM + libxcrypt libXinerama libXrandr libXtst diff --git a/pkgs/build-support/cc-wrapper/add-hardening.sh b/pkgs/build-support/cc-wrapper/add-hardening.sh index e5d296f6c9c..b23fda1fed7 100644 --- a/pkgs/build-support/cc-wrapper/add-hardening.sh +++ b/pkgs/build-support/cc-wrapper/add-hardening.sh @@ -38,7 +38,9 @@ for flag in "${!hardeningEnableMap[@]}"; do case $flag in fortify) if (( "${NIX_DEBUG:-0}" >= 1 )); then echo HARDENING: enabling fortify >&2; fi - hardeningCFlags+=('-O2' '-D_FORTIFY_SOURCE=2') + # Use -U_FORTIFY_SOURCE to avoid warnings on toolchains that explicitly + # set -D_FORTIFY_SOURCE=0 (like 'clang -fsanitize=address'). + hardeningCFlags+=('-O2' '-U_FORTIFY_SOURCE' '-D_FORTIFY_SOURCE=2') ;; stackprotector) if (( "${NIX_DEBUG:-0}" >= 1 )); then echo HARDENING: enabling stackprotector >&2; fi diff --git a/pkgs/build-support/cc-wrapper/default.nix b/pkgs/build-support/cc-wrapper/default.nix index 14cd1d43139..f199b1d7e24 100644 --- a/pkgs/build-support/cc-wrapper/default.nix +++ b/pkgs/build-support/cc-wrapper/default.nix @@ -274,7 +274,9 @@ stdenv.mkDerivation { setupHooks = [ ../setup-hooks/role.bash - ] ++ lib.optional (cc.langC or true) ./setup-hook.sh + ] ++ lib.optional (cc.langC or true) + # Temporary hack; see https://github.com/NixOS/nixpkgs/pull/191724#issuecomment-1278602576 + (if stdenv.isLinux then ./setup-hook.sh else ./setup-hook-nonlinux.sh) ++ lib.optional (cc.langFortran or false) ./fortran-hook.sh; postFixup = diff --git a/pkgs/build-support/cc-wrapper/setup-hook-nonlinux.sh b/pkgs/build-support/cc-wrapper/setup-hook-nonlinux.sh new file mode 100644 index 00000000000..6a913cc4eac --- /dev/null +++ b/pkgs/build-support/cc-wrapper/setup-hook-nonlinux.sh @@ -0,0 +1,120 @@ +# CC Wrapper hygiene +# +# For at least cross compilation, we need to depend on multiple cc-wrappers at +# once---specifically up to one per sort of dependency. This follows from having +# different tools targeting different platforms, and different flags for those +# tools. For example: +# +# # Flags for compiling (whether or not linking) C code for the... +# NIX_CFLAGS_COMPILE_FOR_BUILD # ...build platform +# NIX_CFLAGS_COMPILE # ...host platform +# NIX_CFLAGS_COMPILE_FOR_TARGET # ...target platform +# +# Notice that these platforms are the 3 *relative* to the package using +# cc-wrapper, not absolute like `x86_64-pc-linux-gnu`. +# +# The simplest solution would be to have separate cc-wrappers per (3 intended +# use-cases * n absolute concrete platforms). For the use-case axis, we would +# @-splice in 'BUILD_' '' 'TARGET_' to use the write environment variables when +# building the cc-wrapper, and likewise prefix the binaries' names so they didn't +# clobber each other on the PATH. But the need for 3x cc-wrappers, along with +# non-standard name prefixes, is annoying and liable to break packages' build +# systems. +# +# Instead, we opt to have just one cc-wrapper per absolute platform. Matching +# convention, the binaries' names can just be prefixed with their target +# platform. On the other hand, that means packages will depend on not just +# multiple cc-wrappers, but the exact same cc-wrapper derivation multiple ways. +# That means the exact same cc-wrapper derivation must be able to avoid +# conflicting with itself, despite the fact that `setup-hook.sh`, the `addCvars` +# function, and `add-flags.sh` are all communicating with each other with +# environment variables. Yuck. +# +# The basic strategy is: +# +# - Everyone exclusively *adds information* to relative-platform-specific +# environment variables, like `NIX_CFLAGS_COMPILE_FOR_TARGET`, to communicate +# with the wrapped binaries. +# +# - The wrapped binaries will exclusively *read* cc-wrapper-derivation-specific +# environment variables distinguished with with `suffixSalt`, like +# `NIX_CFLAGS_COMPILE_@suffixSalt@`. +# +# - `add-flags`, beyond its old task of reading extra flags stuck inside the +# cc-wrapper derivation, will convert the relative-platform-specific +# variables to cc-wrapper-derivation-specific variables. This conversion is +# the only time all but one of the cc-wrapper-derivation-specific variables +# are set. +# +# This ensures the flow of information is exclusive from +# relative-platform-specific variables to cc-wrapper-derivation-specific +# variables. This allows us to support the general case of a many--many relation +# between relative platforms and cc-wrapper derivations. +# +# For more details, read the individual files where the mechanisms used to +# accomplish this will be individually documented. + +# Skip setup hook if we're neither a build-time dep, nor, temporarily, doing a +# native compile. +# +# TODO(@Ericson2314): No native exception +[[ -z ${strictDeps-} ]] || (( "$hostOffset" < 0 )) || return 0 + +# It's fine that any other cc-wrapper will redefine this. Bash functions close +# over no state, and there's no @-substitutions within, so any redefined +# function is guaranteed to be exactly the same. +ccWrapper_addCVars () { + # See ../setup-hooks/role.bash + local role_post + getHostRoleEnvHook + + if [ -d "$1/include" ]; then + export NIX_CFLAGS_COMPILE${role_post}+=" -isystem $1/include" + fi + + if [ -d "$1/Library/Frameworks" ]; then + export NIX_CFLAGS_COMPILE${role_post}+=" -iframework $1/Library/Frameworks" + fi +} + +# See ../setup-hooks/role.bash +getTargetRole +getTargetRoleWrapper + +# We use the `targetOffset` to choose the right env hook to accumulate the right +# sort of deps (those with that offset). +addEnvHooks "$targetOffset" ccWrapper_addCVars + +# Note 1: these come *after* $out in the PATH (see setup.sh). +# Note 2: phase separation makes this look useless to shellcheck. + +# shellcheck disable=SC2157 +if [ -n "@cc@" ]; then + addToSearchPath _PATH @cc@/bin +fi + +# shellcheck disable=SC2157 +if [ -n "@libc_bin@" ]; then + addToSearchPath _PATH @libc_bin@/bin +fi + +# shellcheck disable=SC2157 +if [ -n "@coreutils_bin@" ]; then + addToSearchPath _PATH @coreutils_bin@/bin +fi + +# Export tool environment variables so various build systems use the right ones. + +export NIX_CC${role_post}=@out@ + +export CC${role_post}=@named_cc@ +export CXX${role_post}=@named_cxx@ +export CC${role_post}=@named_cc@ +export CXX${role_post}=@named_cxx@ + +# If unset, assume the default hardening flags. +: ${NIX_HARDENING_ENABLE="fortify stackprotector pic strictoverflow format relro bindnow"} +export NIX_HARDENING_ENABLE + +# No local scope in sourced file +unset -v role_post diff --git a/pkgs/build-support/cc-wrapper/setup-hook.sh b/pkgs/build-support/cc-wrapper/setup-hook.sh index 6a913cc4eac..94ca721cd91 100644 --- a/pkgs/build-support/cc-wrapper/setup-hook.sh +++ b/pkgs/build-support/cc-wrapper/setup-hook.sh @@ -69,10 +69,12 @@ ccWrapper_addCVars () { getHostRoleEnvHook if [ -d "$1/include" ]; then + (! echo "$NIX_CFLAGS_COMPILE" | grep -q -F "$1/include") && export NIX_CFLAGS_COMPILE${role_post}+=" -isystem $1/include" fi if [ -d "$1/Library/Frameworks" ]; then + (! echo "$NIX_CFLAGS_COMPILE" | grep -q -F "$1/Library/Frameworks") && export NIX_CFLAGS_COMPILE${role_post}+=" -iframework $1/Library/Frameworks" fi } diff --git a/pkgs/build-support/release/default.nix b/pkgs/build-support/release/default.nix index d593ec81197..da1078369a5 100644 --- a/pkgs/build-support/release/default.nix +++ b/pkgs/build-support/release/default.nix @@ -15,7 +15,7 @@ rec { } // args); mvnBuild = args: import ./maven-build.nix ( - { inherit stdenv; + { inherit lib stdenv; } // args); nixBuild = args: import ./nix-build.nix ( diff --git a/pkgs/build-support/release/maven-build.nix b/pkgs/build-support/release/maven-build.nix index eaa47647287..daee44b85ac 100644 --- a/pkgs/build-support/release/maven-build.nix +++ b/pkgs/build-support/release/maven-build.nix @@ -1,4 +1,5 @@ { stdenv +, lib , name , src , doTest ? true @@ -12,7 +13,11 @@ } @ args : let - mvnFlags = "-Dmaven.repo.local=$M2_REPO ${if doTest then "" else "-Dmaven.test.skip.exec=true"} ${extraMvnFlags}"; + mvnFlags = lib.escapeShellArgs [ + "-Dmaven.repo.local=$M2_REPO" + (lib.optionalString (!doTest) "-Dmaven.test.skip.exec=true") + "${extraMvnFlags}" + ]; in stdenv.mkDerivation ( { diff --git a/pkgs/build-support/setup-hooks/auto-patchelf.py b/pkgs/build-support/setup-hooks/auto-patchelf.py index 861d772698d..efb65a80996 100644 --- a/pkgs/build-support/setup-hooks/auto-patchelf.py +++ b/pkgs/build-support/setup-hooks/auto-patchelf.py @@ -5,6 +5,7 @@ import os import pprint import subprocess import sys +from fnmatch import fnmatch from collections import defaultdict from contextlib import contextmanager from dataclasses import dataclass @@ -265,8 +266,10 @@ def auto_patchelf( print(f"auto-patchelf: {len(missing)} dependencies could not be satisfied") failure = False for dep in missing: - if dep.name.name in ignore_missing or "*" in ignore_missing: - print(f"warn: auto-patchelf ignoring missing {dep.name} wanted by {dep.file}") + for pattern in ignore_missing: + if fnmatch(dep.name.name, pattern): + print(f"warn: auto-patchelf ignoring missing {dep.name} wanted by {dep.file}") + break else: print(f"error: auto-patchelf could not satisfy dependency {dep.name} wanted by {dep.file}") failure = True diff --git a/pkgs/build-support/setup-hooks/auto-patchelf.sh b/pkgs/build-support/setup-hooks/auto-patchelf.sh index b56f9ce2dbf..7f5ff146e30 100644 --- a/pkgs/build-support/setup-hooks/auto-patchelf.sh +++ b/pkgs/build-support/setup-hooks/auto-patchelf.sh @@ -53,7 +53,7 @@ autoPatchelf() { esac done - local ignoreMissingDepsArray=($autoPatchelfIgnoreMissingDeps) + readarray -td' ' ignoreMissingDepsArray < <(echo -n "$autoPatchelfIgnoreMissingDeps") if [ "$autoPatchelfIgnoreMissingDeps" == "1" ]; then echo "autoPatchelf: WARNING: setting 'autoPatchelfIgnoreMissingDeps" \ "= true;' is deprecated and will be removed in a future release." \ diff --git a/pkgs/build-support/skaware/build-skaware-package.nix b/pkgs/build-support/skaware/build-skaware-package.nix index 1988d95212c..3ae9b7ce8aa 100644 --- a/pkgs/build-support/skaware/build-skaware-package.nix +++ b/pkgs/build-support/skaware/build-skaware-package.nix @@ -87,7 +87,7 @@ stdenv.mkDerivation { inherit postConfigure; - makeFlags = lib.optional stdenv.cc.isClang [ "AR=${stdenv.cc.targetPrefix}ar" "RANLIB=${stdenv.cc.targetPrefix}ranlib" ]; + makeFlags = lib.optionals stdenv.cc.isClang [ "AR=${stdenv.cc.targetPrefix}ar" "RANLIB=${stdenv.cc.targetPrefix}ranlib" ]; # TODO(Profpatsch): ensure that there is always a $doc output! postInstall = '' diff --git a/pkgs/data/fonts/iosevka/default.nix b/pkgs/data/fonts/iosevka/default.nix index 53e5b4a3db7..d9efb0eedcd 100644 --- a/pkgs/data/fonts/iosevka/default.nix +++ b/pkgs/data/fonts/iosevka/default.nix @@ -86,7 +86,7 @@ stdenv.mkDerivation rec { inherit extraParameters; passAsFile = [ "extraParameters" - ] ++ lib.optional (! (builtins.isString privateBuildPlan && lib.hasPrefix builtins.storeDir privateBuildPlan)) [ + ] ++ lib.optionals (! (builtins.isString privateBuildPlan && lib.hasPrefix builtins.storeDir privateBuildPlan)) [ "buildPlan" ]; diff --git a/pkgs/data/misc/tzdata/0001-Add-exe-extension-for-MS-Windows-binaries.patch b/pkgs/data/misc/tzdata/0001-Add-exe-extension-for-MS-Windows-binaries.patch new file mode 100644 index 00000000000..d44481056c4 --- /dev/null +++ b/pkgs/data/misc/tzdata/0001-Add-exe-extension-for-MS-Windows-binaries.patch @@ -0,0 +1,15 @@ +diff --git a/Makefile b/Makefile +index a9a989e..4da737b 100644 +--- a/Makefile ++++ b/Makefile +@@ -579,8 +579,8 @@ install: all $(DATA) $(REDO) $(MANS) + -t '$(DESTDIR)$(TZDEFAULT)' + cp -f $(TABDATA) '$(DESTDIR)$(TZDIR)/.' + cp tzselect '$(DESTDIR)$(BINDIR)/.' +- cp zdump '$(DESTDIR)$(ZDUMPDIR)/.' +- cp zic '$(DESTDIR)$(ZICDIR)/.' ++ cp zdump.exe '$(DESTDIR)$(ZDUMPDIR)/.' ++ cp zic.exe '$(DESTDIR)$(ZICDIR)/.' + cp libtz.a '$(DESTDIR)$(LIBDIR)/.' + $(RANLIB) '$(DESTDIR)$(LIBDIR)/libtz.a' + cp -f newctime.3 newtzset.3 '$(DESTDIR)$(MANDIR)/man3/.' diff --git a/pkgs/data/misc/tzdata/default.nix b/pkgs/data/misc/tzdata/default.nix index 41004243a55..2d5100906ed 100644 --- a/pkgs/data/misc/tzdata/default.nix +++ b/pkgs/data/misc/tzdata/default.nix @@ -2,21 +2,25 @@ stdenv.mkDerivation rec { pname = "tzdata"; - version = "2022d"; + version = "2022e"; srcs = [ (fetchurl { url = "https://data.iana.org/time-zones/releases/tzdata${version}.tar.gz"; - hash = "sha256-bs2+4n+kPc+knz1P2Lsd/vVMkNoavNgsmrzy3E8yHeA="; + hash = "sha256-jeTCaG3OPRqukDBxnmgUkxwhai1eiR7D0zLm9lFq7M0="; }) (fetchurl { url = "https://data.iana.org/time-zones/releases/tzcode${version}.tar.gz"; - hash = "sha256-1kS6D5OImTdOqMtVTjX7SvoPe9e3FsYXd80AUAuHWeA="; + hash = "sha256-1AKAJTmA6JFo5r5CdahSv5UhUk1HaE3jE1uaXKOHcQs="; }) ]; sourceRoot = "."; + patches = lib.optionals stdenv.hostPlatform.isWindows [ + ./0001-Add-exe-extension-for-MS-Windows-binaries.patch + ]; + outputs = [ "out" "bin" "man" "dev" ]; propagatedBuildOutputs = []; @@ -34,22 +38,17 @@ stdenv.mkDerivation rec { "CFLAGS+=-DZIC_BLOAT_DEFAULT=\\\"fat\\\"" "cc=${stdenv.cc.targetPrefix}cc" "AR=${stdenv.cc.targetPrefix}ar" + ] ++ lib.optionals stdenv.hostPlatform.isWindows [ + "CFLAGS+=-DHAVE_DIRECT_H" + "CFLAGS+=-DHAVE_SYMLINK=0" + "CFLAGS+=-DRESERVE_STD_EXT_IDS" ]; - depsBuildBuild = [ buildPackages.stdenv.cc ]; - doCheck = false; # needs more tools - installFlags = [ "ZIC=./zic-native" ]; - - preInstall = '' - mv zic.o zic.o.orig - mv zic zic.orig - make $makeFlags cc=${stdenv.cc.nativePrefix}cc AR=${stdenv.cc.nativePrefix}ar zic - mv zic zic-native - mv zic.o.orig zic.o - mv zic.orig zic - ''; + installFlags = lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ + "zic=${buildPackages.tzdata.bin}/bin/zic" + ]; postInstall = '' diff --git a/pkgs/desktops/cdesktopenv/default.nix b/pkgs/desktops/cdesktopenv/default.nix index acb423f44bd..2eb54d018bc 100644 --- a/pkgs/desktops/cdesktopenv/default.nix +++ b/pkgs/desktops/cdesktopenv/default.nix @@ -3,7 +3,7 @@ , xorgproto, libX11, bison, ksh, perl, gnum4 , libXinerama, libXt, libXext, libtirpc, motif, libXft, xbitmaps , libjpeg, libXmu, libXdmcp, libXScrnSaver, symlinkJoin, bdftopcf -, ncompress, mkfontdir, tcl, libXaw, gcc, glibcLocales +, ncompress, mkfontdir, tcl, libXaw, libxcrypt, gcc, glibcLocales , autoPatchelfHook, libredirect, makeWrapper, xset, xrdb, fakeroot , rpcsvc-proto }: @@ -40,7 +40,7 @@ in stdenv.mkDerivation rec { buildInputs = [ libX11 libXinerama libXt libXext libtirpc motif libXft xbitmaps - libjpeg libXmu libXdmcp libXScrnSaver tcl libXaw ksh + libjpeg libXmu libXdmcp libXScrnSaver tcl libXaw ksh libxcrypt ]; nativeBuildInputs = [ bison ncompress autoPatchelfHook makeWrapper fakeroot diff --git a/pkgs/desktops/gnome-2/platform/GConf/default.nix b/pkgs/desktops/gnome-2/platform/GConf/default.nix index ec8deb537d0..8419c1a7d73 100644 --- a/pkgs/desktops/gnome-2/platform/GConf/default.nix +++ b/pkgs/desktops/gnome-2/platform/GConf/default.nix @@ -22,7 +22,7 @@ stdenv.mkDerivation rec { configureFlags = # fixes the "libgconfbackend-oldxml.so is not portable" error on darwin - lib.optional stdenv.isDarwin [ "--enable-static" ]; + lib.optionals stdenv.isDarwin [ "--enable-static" ]; postPatch = '' 2to3 --write --nobackup gsettings/gsettings-schema-convert diff --git a/pkgs/desktops/gnome-2/platform/libgnomeui/default.nix b/pkgs/desktops/gnome-2/platform/libgnomeui/default.nix index f59bee32929..29ed44431c3 100644 --- a/pkgs/desktops/gnome-2/platform/libgnomeui/default.nix +++ b/pkgs/desktops/gnome-2/platform/libgnomeui/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, fetchpatch, pkg-config, libxml2, xlibsWrapper, glib, pango +{ lib, stdenv, fetchurl, fetchpatch, pkg-config, libxml2, xorg, glib, pango , intltool, libgnome, libgnomecanvas, libbonoboui, GConf, libtool , gnome_vfs, libgnome-keyring, libglade }: @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ pkg-config intltool ]; buildInputs = - [ xlibsWrapper libxml2 GConf pango glib libgnome-keyring libglade libtool ]; + [ xorg.libX11 xorg.libSM xorg.libICE libxml2 GConf pango glib libgnome-keyring libglade libtool ]; propagatedBuildInputs = [ libgnome libbonoboui libgnomecanvas gnome_vfs ]; } diff --git a/pkgs/development/compilers/dmd/default.nix b/pkgs/development/compilers/dmd/default.nix index 1c15e8b970b..b29190b9b83 100644 --- a/pkgs/development/compilers/dmd/default.nix +++ b/pkgs/development/compilers/dmd/default.nix @@ -129,7 +129,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ makeWrapper unzip which git ]; buildInputs = [ gdb curl tzdata ] - ++ lib.optional stdenv.isDarwin [ Foundation gdb ]; + ++ lib.optionals stdenv.isDarwin [ Foundation gdb ]; osname = if stdenv.isDarwin then diff --git a/pkgs/development/compilers/edk2/default.nix b/pkgs/development/compilers/edk2/default.nix index 90e570f7da4..d5160140486 100644 --- a/pkgs/development/compilers/edk2/default.nix +++ b/pkgs/development/compilers/edk2/default.nix @@ -61,7 +61,7 @@ edk2 = buildStdenv.mkDerivation { ${"GCC5_${targetArch}_PREFIX"}=stdenv.cc.targetPrefix; makeFlags = [ "-C BaseTools" ] - ++ lib.optional (stdenv.cc.isClang) [ "BUILD_CC=clang BUILD_CXX=clang++ BUILD_AS=clang" ]; + ++ lib.optionals (stdenv.cc.isClang) [ "BUILD_CC=clang BUILD_CXX=clang++ BUILD_AS=clang" ]; NIX_CFLAGS_COMPILE = "-Wno-return-type" + lib.optionalString (stdenv.cc.isGNU) " -Wno-error=stringop-truncation"; diff --git a/pkgs/development/compilers/gcc/10/default.nix b/pkgs/development/compilers/gcc/10/default.nix index 78728c3c592..207860b90c0 100644 --- a/pkgs/development/compilers/gcc/10/default.nix +++ b/pkgs/development/compilers/gcc/10/default.nix @@ -26,6 +26,7 @@ , gnused ? null , cloog # unused; just for compat with gcc4, as we override the parameter on some places , buildPackages +, libxcrypt }: # Make sure we get GNU sed. @@ -172,7 +173,7 @@ stdenv.mkDerivation ({ ++ optional targetPlatform.isLinux patchelf; buildInputs = [ - gmp mpfr libmpc + gmp mpfr libmpc libxcrypt targetPackages.stdenv.cc.bintools # For linking code at run-time ] ++ (optional (isl != null) isl) ++ (optional (zlib != null) zlib) @@ -182,10 +183,12 @@ stdenv.mkDerivation ({ NIX_LDFLAGS = lib.optionalString hostPlatform.isSunOS "-lm -ldl"; - preConfigure = import ../common/pre-configure.nix { + preConfigure = (import ../common/pre-configure.nix { inherit lib; inherit version targetPlatform hostPlatform gnatboot langAda langGo langJit crossStageStatic enableMultilib; - }; + }) + '' + ln -sf ${libxcrypt}/include/crypt.h libsanitizer/sanitizer_common/crypt.h + ''; dontDisableStatic = true; diff --git a/pkgs/development/compilers/gcc/11/default.nix b/pkgs/development/compilers/gcc/11/default.nix index 3a61c5820b1..3b03e185dd8 100644 --- a/pkgs/development/compilers/gcc/11/default.nix +++ b/pkgs/development/compilers/gcc/11/default.nix @@ -26,6 +26,7 @@ , gnused ? null , cloog # unused; just for compat with gcc4, as we override the parameter on some places , buildPackages +, libxcrypt }: # Make sure we get GNU sed. @@ -180,7 +181,7 @@ stdenv.mkDerivation ({ ++ optional targetPlatform.isLinux patchelf; buildInputs = [ - gmp mpfr libmpc + gmp mpfr libmpc libxcrypt targetPackages.stdenv.cc.bintools # For linking code at run-time ] ++ (optional (isl != null) isl) ++ (optional (zlib != null) zlib) @@ -190,10 +191,12 @@ stdenv.mkDerivation ({ NIX_LDFLAGS = lib.optionalString hostPlatform.isSunOS "-lm -ldl"; - preConfigure = import ../common/pre-configure.nix { + preConfigure = (import ../common/pre-configure.nix { inherit lib; inherit version targetPlatform hostPlatform gnatboot langAda langGo langJit crossStageStatic enableMultilib; - }; + }) + '' + ln -sf ${libxcrypt}/include/crypt.h libsanitizer/sanitizer_common/crypt.h + ''; dontDisableStatic = true; diff --git a/pkgs/development/compilers/gcc/12/default.nix b/pkgs/development/compilers/gcc/12/default.nix index 10ce704382a..c7fcd5475ad 100644 --- a/pkgs/development/compilers/gcc/12/default.nix +++ b/pkgs/development/compilers/gcc/12/default.nix @@ -26,6 +26,7 @@ , gnused ? null , cloog # unused; just for compat with gcc4, as we override the parameter on some places , buildPackages +, libxcrypt }: # Make sure we get GNU sed. @@ -173,7 +174,7 @@ stdenv.mkDerivation ({ ++ optional targetPlatform.isLinux patchelf; buildInputs = [ - gmp mpfr libmpc + gmp mpfr libmpc libxcrypt targetPackages.stdenv.cc.bintools # For linking code at run-time ] ++ (optional (isl != null) isl) ++ (optional (zlib != null) zlib) @@ -183,10 +184,13 @@ stdenv.mkDerivation ({ NIX_LDFLAGS = lib.optionalString hostPlatform.isSunOS "-lm -ldl"; - preConfigure = import ../common/pre-configure.nix { + + preConfigure = (import ../common/pre-configure.nix { inherit lib; inherit version targetPlatform hostPlatform gnatboot langAda langGo langJit crossStageStatic enableMultilib; - }; + }) + '' + ln -sf ${libxcrypt}/include/crypt.h libsanitizer/sanitizer_common/crypt.h + ''; dontDisableStatic = true; diff --git a/pkgs/development/compilers/gforth/boot-forth.nix b/pkgs/development/compilers/gforth/boot-forth.nix index fc7b5ffa982..74a267687b8 100644 --- a/pkgs/development/compilers/gforth/boot-forth.nix +++ b/pkgs/development/compilers/gforth/boot-forth.nix @@ -13,7 +13,7 @@ stdenv.mkDerivation { buildInputs = [ m4 ]; - configureFlags = lib.optional stdenv.isDarwin [ "--build=x86_64-apple-darwin" ]; + configureFlags = lib.optionals stdenv.isDarwin [ "--build=x86_64-apple-darwin" ]; meta = { description = "The Forth implementation of the GNU project (outdated version used to bootstrap)"; diff --git a/pkgs/development/compilers/ghdl/default.nix b/pkgs/development/compilers/ghdl/default.nix index 383fec786b9..0e11c703d7b 100644 --- a/pkgs/development/compilers/ghdl/default.nix +++ b/pkgs/development/compilers/ghdl/default.nix @@ -38,7 +38,7 @@ stdenv.mkDerivation rec { ]; buildInputs = [ zlib - ] ++ lib.optional (backend == "llvm") [ + ] ++ lib.optionals (backend == "llvm") [ llvm ]; propagatedBuildInputs = [ diff --git a/pkgs/development/compilers/go/1.18.nix b/pkgs/development/compilers/go/1.18.nix index c3ec8ceac00..7490aa8a248 100644 --- a/pkgs/development/compilers/go/1.18.nix +++ b/pkgs/development/compilers/go/1.18.nix @@ -45,11 +45,11 @@ let in stdenv.mkDerivation rec { pname = "go"; - version = "1.18.6"; + version = "1.18.7"; src = fetchurl { url = "https://go.dev/dl/go${version}.src.tar.gz"; - sha256 = "sha256-p/HVBCQ1XavOZtERKxyuQ5tu5eTxXtum8QTApLFz6JU="; + sha256 = "sha256-lGfjO4Gfcb67IfsO4d1nlP0iRK6UkHqYQoZxL5g5qUQ="; }; strictDeps = true; diff --git a/pkgs/development/compilers/idris2/default.nix b/pkgs/development/compilers/idris2/default.nix index 9c7a9e53a2e..bb7d7a7a131 100644 --- a/pkgs/development/compilers/idris2/default.nix +++ b/pkgs/development/compilers/idris2/default.nix @@ -34,7 +34,7 @@ in stdenv.mkDerivation rec { strictDeps = true; nativeBuildInputs = [ makeWrapper clang platformChez ] - ++ lib.optional stdenv.isDarwin [ zsh ]; + ++ lib.optionals stdenv.isDarwin [ zsh ]; buildInputs = [ platformChez gmp ]; prePatch = '' diff --git a/pkgs/development/compilers/idris2/tests.nix b/pkgs/development/compilers/idris2/tests.nix index a8d48c26ca6..54bb6d29eee 100644 --- a/pkgs/development/compilers/idris2/tests.nix +++ b/pkgs/development/compilers/idris2/tests.nix @@ -11,7 +11,7 @@ let # is not the case with pure nix environments. Thus, we need to include zsh # when we build for darwin in tests. While this is impure, this is also what # we find in real darwin hosts. - nativeBuildInputs = lib.optional stdenv.isDarwin [ zsh ]; + nativeBuildInputs = lib.optionals stdenv.isDarwin [ zsh ]; buildCommand = '' set -eo pipefail diff --git a/pkgs/development/compilers/llvm/10/compiler-rt/default.nix b/pkgs/development/compilers/llvm/10/compiler-rt/default.nix index d74aa519b76..4ae59a43177 100644 --- a/pkgs/development/compilers/llvm/10/compiler-rt/default.nix +++ b/pkgs/development/compilers/llvm/10/compiler-rt/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, llvm_meta, version, fetch, cmake, python3, libllvm, libcxxabi }: +{ lib, stdenv, llvm_meta, version, fetch, cmake, python3, libllvm, libcxxabi, libxcrypt }: let @@ -25,6 +25,8 @@ stdenv.mkDerivation { "-DCOMPILER_RT_DEFAULT_TARGET_ONLY=ON" "-DCMAKE_C_COMPILER_TARGET=${stdenv.hostPlatform.config}" "-DCMAKE_ASM_COMPILER_TARGET=${stdenv.hostPlatform.config}" + ] ++ lib.optionals (haveLibc && !isMusl) [ + "-DSANITIZER_COMMON_CFLAGS=-I${libxcrypt}/include" ] ++ lib.optionals (useLLVM || bareMetal || isMusl) [ "-DCOMPILER_RT_BUILD_SANITIZERS=OFF" "-DCOMPILER_RT_BUILD_XRAY=OFF" diff --git a/pkgs/development/compilers/llvm/10/libcxx/default.nix b/pkgs/development/compilers/llvm/10/libcxx/default.nix index d438294bdd0..6a4e645bb30 100644 --- a/pkgs/development/compilers/llvm/10/libcxx/default.nix +++ b/pkgs/development/compilers/llvm/10/libcxx/default.nix @@ -45,7 +45,7 @@ stdenv.mkDerivation { "-DLIBCXX_CXX_ABI=libcxxabi" ] ++ lib.optional (stdenv.hostPlatform.isMusl || stdenv.hostPlatform.isWasi) "-DLIBCXX_HAS_MUSL_LIBC=1" ++ lib.optional (stdenv.hostPlatform.useLLVM or false) "-DLIBCXX_USE_COMPILER_RT=ON" - ++ lib.optional stdenv.hostPlatform.isWasm [ + ++ lib.optionals stdenv.hostPlatform.isWasm [ "-DLIBCXX_ENABLE_THREADS=OFF" "-DLIBCXX_ENABLE_FILESYSTEM=OFF" "-DLIBCXX_ENABLE_EXCEPTIONS=OFF" diff --git a/pkgs/development/compilers/llvm/10/libcxxabi/default.nix b/pkgs/development/compilers/llvm/10/libcxxabi/default.nix index 482ced8e0c3..c61f4848558 100644 --- a/pkgs/development/compilers/llvm/10/libcxxabi/default.nix +++ b/pkgs/development/compilers/llvm/10/libcxxabi/default.nix @@ -42,11 +42,21 @@ stdenv.mkDerivation { preInstall = lib.optionalString stdenv.isDarwin '' for file in lib/*.dylib; do + # Fix up the install name. Preserve the basename, just replace the path. + installName="$out/lib/$(basename $(otool -D $file | tail -n 1))" + # this should be done in CMake, but having trouble figuring out # the magic combination of necessary CMake variables # if you fancy a try, take a look at # https://gitlab.kitware.com/cmake/community/-/wikis/doc/cmake/RPATH-handling - install_name_tool -id $out/$file $file + ${stdenv.cc.targetPrefix}install_name_tool -id $installName $file + + # cc-wrapper passes '-lc++abi' to all c++ link steps, but that causes + # libcxxabi to sometimes link against a different version of itself. + # Here we simply make that second reference point to ourselves. + for other in $(otool -L $file | awk '$1 ~ "/libc\\+\\+abi" { print $1 }'); do + ${stdenv.cc.targetPrefix}install_name_tool -change $other $installName $file + done done ''; diff --git a/pkgs/development/compilers/llvm/11/compiler-rt/default.nix b/pkgs/development/compilers/llvm/11/compiler-rt/default.nix index 4968c8bcfbd..6790910ee83 100644 --- a/pkgs/development/compilers/llvm/11/compiler-rt/default.nix +++ b/pkgs/development/compilers/llvm/11/compiler-rt/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, llvm_meta, version, fetch, cmake, python3, libllvm, libcxxabi }: +{ lib, stdenv, llvm_meta, version, fetch, cmake, python3, xcbuild, libllvm, libcxxabi, libxcrypt }: let @@ -15,7 +15,8 @@ stdenv.mkDerivation { inherit version; src = fetch "compiler-rt" "0x1j8ngf1zj63wlnns9vlibafq48qcm72p4jpaxkmkb4qw0grwfy"; - nativeBuildInputs = [ cmake python3 libllvm.dev ]; + nativeBuildInputs = [ cmake python3 libllvm.dev ] + ++ lib.optional stdenv.isDarwin xcbuild.xcrun; NIX_CFLAGS_COMPILE = [ "-DSCUDO_DEFAULT_OPTIONS=DeleteSizeMismatch=0:DeallocationTypeMismatch=0" @@ -25,6 +26,8 @@ stdenv.mkDerivation { "-DCOMPILER_RT_DEFAULT_TARGET_ONLY=ON" "-DCMAKE_C_COMPILER_TARGET=${stdenv.hostPlatform.config}" "-DCMAKE_ASM_COMPILER_TARGET=${stdenv.hostPlatform.config}" + ] ++ lib.optionals (haveLibc && !isMusl) [ + "-DSANITIZER_COMMON_CFLAGS=-I${libxcrypt}/include" ] ++ lib.optionals (useLLVM || bareMetal || isMusl || isNewDarwinBootstrap) [ "-DCOMPILER_RT_BUILD_SANITIZERS=OFF" "-DCOMPILER_RT_BUILD_XRAY=OFF" @@ -59,8 +62,9 @@ stdenv.mkDerivation { # extra `/`. ./normalize-var.patch ../../common/compiler-rt/libsanitizer-no-cyclades-11.patch - ] ++ lib.optional stdenv.hostPlatform.isAarch32 ./armv7l.patch; - + ../../common/compiler-rt/darwin-plistbuddy-workaround.patch + ./armv7l.patch + ]; preConfigure = lib.optionalString stdenv.hostPlatform.isDarwin '' cmakeFlagsArray+=("-DCMAKE_LIPO=$(command -v ${stdenv.cc.targetPrefix}lipo)") @@ -75,8 +79,6 @@ stdenv.mkDerivation { substituteInPlace cmake/builtin-config-ix.cmake \ --replace 'set(X86 i386)' 'set(X86 i386 i486 i586 i686)' '' + lib.optionalString stdenv.isDarwin '' - substituteInPlace cmake/builtin-config-ix.cmake \ - --replace 'foreach(arch ''${ARM64})' 'foreach(arch)' substituteInPlace cmake/config-ix.cmake \ --replace 'set(COMPILER_RT_HAS_TSAN TRUE)' 'set(COMPILER_RT_HAS_TSAN FALSE)' '' + lib.optionalString (useLLVM) '' diff --git a/pkgs/development/compilers/llvm/11/libcxx/default.nix b/pkgs/development/compilers/llvm/11/libcxx/default.nix index 9aa49c9a009..2a83b36fc42 100644 --- a/pkgs/development/compilers/llvm/11/libcxx/default.nix +++ b/pkgs/development/compilers/llvm/11/libcxx/default.nix @@ -48,7 +48,7 @@ stdenv.mkDerivation { "-DLIBCXX_CXX_ABI=libcxxabi" ] ++ lib.optional (stdenv.hostPlatform.isMusl || stdenv.hostPlatform.isWasi) "-DLIBCXX_HAS_MUSL_LIBC=1" ++ lib.optional (stdenv.hostPlatform.useLLVM or false) "-DLIBCXX_USE_COMPILER_RT=ON" - ++ lib.optional stdenv.hostPlatform.isWasm [ + ++ lib.optionals stdenv.hostPlatform.isWasm [ "-DLIBCXX_ENABLE_THREADS=OFF" "-DLIBCXX_ENABLE_FILESYSTEM=OFF" "-DLIBCXX_ENABLE_EXCEPTIONS=OFF" diff --git a/pkgs/development/compilers/llvm/11/libcxxabi/default.nix b/pkgs/development/compilers/llvm/11/libcxxabi/default.nix index 6c4ca925ab1..2359820ddde 100644 --- a/pkgs/development/compilers/llvm/11/libcxxabi/default.nix +++ b/pkgs/development/compilers/llvm/11/libcxxabi/default.nix @@ -46,11 +46,21 @@ stdenv.mkDerivation { preInstall = lib.optionalString stdenv.isDarwin '' for file in lib/*.dylib; do + # Fix up the install name. Preserve the basename, just replace the path. + installName="$out/lib/$(basename $(otool -D $file | tail -n 1))" + # this should be done in CMake, but having trouble figuring out # the magic combination of necessary CMake variables # if you fancy a try, take a look at # https://gitlab.kitware.com/cmake/community/-/wikis/doc/cmake/RPATH-handling - install_name_tool -id $out/$file $file + ${stdenv.cc.targetPrefix}install_name_tool -id $installName $file + + # cc-wrapper passes '-lc++abi' to all c++ link steps, but that causes + # libcxxabi to sometimes link against a different version of itself. + # Here we simply make that second reference point to ourselves. + for other in $(otool -L $file | awk '$1 ~ "/libc\\+\\+abi" { print $1 }'); do + ${stdenv.cc.targetPrefix}install_name_tool -change $other $installName $file + done done ''; diff --git a/pkgs/development/compilers/llvm/12/compiler-rt/default.nix b/pkgs/development/compilers/llvm/12/compiler-rt/default.nix index d1497e6db1e..ed34d06ed98 100644 --- a/pkgs/development/compilers/llvm/12/compiler-rt/default.nix +++ b/pkgs/development/compilers/llvm/12/compiler-rt/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, llvm_meta, version, fetch, cmake, python3, libllvm, libcxxabi }: +{ lib, stdenv, llvm_meta, version, fetch, cmake, python3, xcbuild, libllvm, libcxxabi, libxcrypt }: let @@ -14,7 +14,8 @@ stdenv.mkDerivation { inherit version; src = fetch "compiler-rt" "1950rg294izdwkaasi7yjrmadc9mzdd5paf0q63jjcq2m3rdbj5l"; - nativeBuildInputs = [ cmake python3 libllvm.dev ]; + nativeBuildInputs = [ cmake python3 libllvm.dev ] + ++ lib.optional stdenv.isDarwin xcbuild.xcrun; buildInputs = lib.optional stdenv.hostPlatform.isDarwin libcxxabi; NIX_CFLAGS_COMPILE = [ @@ -25,6 +26,8 @@ stdenv.mkDerivation { "-DCOMPILER_RT_DEFAULT_TARGET_ONLY=ON" "-DCMAKE_C_COMPILER_TARGET=${stdenv.hostPlatform.config}" "-DCMAKE_ASM_COMPILER_TARGET=${stdenv.hostPlatform.config}" + ] ++ lib.optionals (haveLibc && !isMusl) [ + "-DSANITIZER_COMMON_CFLAGS=-I${libxcrypt}/include" ] ++ lib.optionals (useLLVM || bareMetal || isMusl) [ "-DCOMPILER_RT_BUILD_SANITIZERS=OFF" "-DCOMPILER_RT_BUILD_XRAY=OFF" @@ -59,7 +62,9 @@ stdenv.mkDerivation { # ld-wrapper dislikes `-rpath-link //nix/store`, so we normalize away the # extra `/`. ./normalize-var.patch - ] ++ lib.optional stdenv.hostPlatform.isAarch32 ./armv7l.patch; + ../../common/compiler-rt/darwin-plistbuddy-workaround.patch + ./armv7l.patch + ]; # TSAN requires XPC on Darwin, which we have no public/free source files for. We can depend on the Apple frameworks # to get it, but they're unfree. Since LLVM is rather central to the stdenv, we patch out TSAN support so that Hydra @@ -70,8 +75,6 @@ stdenv.mkDerivation { substituteInPlace cmake/builtin-config-ix.cmake \ --replace 'set(X86 i386)' 'set(X86 i386 i486 i586 i686)' '' + lib.optionalString stdenv.isDarwin '' - substituteInPlace cmake/builtin-config-ix.cmake \ - --replace 'set(ARM64 arm64 arm64e)' 'set(ARM64)' substituteInPlace cmake/config-ix.cmake \ --replace 'set(COMPILER_RT_HAS_TSAN TRUE)' 'set(COMPILER_RT_HAS_TSAN FALSE)' '' + lib.optionalString (useLLVM) '' diff --git a/pkgs/development/compilers/llvm/12/libcxx/default.nix b/pkgs/development/compilers/llvm/12/libcxx/default.nix index 3ddcb799750..1386d3680f9 100644 --- a/pkgs/development/compilers/llvm/12/libcxx/default.nix +++ b/pkgs/development/compilers/llvm/12/libcxx/default.nix @@ -36,7 +36,7 @@ stdenv.mkDerivation { "-DLIBCXX_CXX_ABI=libcxxabi" ] ++ lib.optional (stdenv.hostPlatform.isMusl || stdenv.hostPlatform.isWasi) "-DLIBCXX_HAS_MUSL_LIBC=1" ++ lib.optional (stdenv.hostPlatform.useLLVM or false) "-DLIBCXX_USE_COMPILER_RT=ON" - ++ lib.optional stdenv.hostPlatform.isWasm [ + ++ lib.optionals stdenv.hostPlatform.isWasm [ "-DLIBCXX_ENABLE_THREADS=OFF" "-DLIBCXX_ENABLE_FILESYSTEM=OFF" "-DLIBCXX_ENABLE_EXCEPTIONS=OFF" diff --git a/pkgs/development/compilers/llvm/12/libcxxabi/default.nix b/pkgs/development/compilers/llvm/12/libcxxabi/default.nix index 89b56ad230d..c130a6c1c31 100644 --- a/pkgs/development/compilers/llvm/12/libcxxabi/default.nix +++ b/pkgs/development/compilers/llvm/12/libcxxabi/default.nix @@ -44,11 +44,21 @@ stdenv.mkDerivation { preInstall = lib.optionalString stdenv.isDarwin '' for file in lib/*.dylib; do + # Fix up the install name. Preserve the basename, just replace the path. + installName="$out/lib/$(basename $(otool -D $file | tail -n 1))" + # this should be done in CMake, but having trouble figuring out # the magic combination of necessary CMake variables # if you fancy a try, take a look at # https://gitlab.kitware.com/cmake/community/-/wikis/doc/cmake/RPATH-handling - install_name_tool -id $out/$file $file + ${stdenv.cc.targetPrefix}install_name_tool -id $installName $file + + # cc-wrapper passes '-lc++abi' to all c++ link steps, but that causes + # libcxxabi to sometimes link against a different version of itself. + # Here we simply make that second reference point to ourselves. + for other in $(otool -L $file | awk '$1 ~ "/libc\\+\\+abi" { print $1 }'); do + ${stdenv.cc.targetPrefix}install_name_tool -change $other $installName $file + done done ''; diff --git a/pkgs/development/compilers/llvm/13/compiler-rt/default.nix b/pkgs/development/compilers/llvm/13/compiler-rt/default.nix index 7b9312eecf2..9124686705a 100644 --- a/pkgs/development/compilers/llvm/13/compiler-rt/default.nix +++ b/pkgs/development/compilers/llvm/13/compiler-rt/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, llvm_meta, version, src, cmake, python3, libllvm, libcxxabi }: +{ lib, stdenv, llvm_meta, version, src, cmake, python3, xcbuild, libllvm, libcxxabi, libxcrypt }: let @@ -16,7 +16,8 @@ stdenv.mkDerivation { inherit src; sourceRoot = "source/compiler-rt"; - nativeBuildInputs = [ cmake python3 libllvm.dev ]; + nativeBuildInputs = [ cmake python3 libllvm.dev ] + ++ lib.optional stdenv.isDarwin xcbuild.xcrun; buildInputs = lib.optional stdenv.hostPlatform.isDarwin libcxxabi; NIX_CFLAGS_COMPILE = [ @@ -27,6 +28,8 @@ stdenv.mkDerivation { "-DCOMPILER_RT_DEFAULT_TARGET_ONLY=ON" "-DCMAKE_C_COMPILER_TARGET=${stdenv.hostPlatform.config}" "-DCMAKE_ASM_COMPILER_TARGET=${stdenv.hostPlatform.config}" + ] ++ lib.optionals (haveLibc && !isMusl) [ + "-DSANITIZER_COMMON_CFLAGS=-I${libxcrypt}/include" ] ++ lib.optionals (useLLVM || bareMetal || isMusl || isAarch64) [ "-DCOMPILER_RT_BUILD_LIBFUZZER=OFF" ] ++ lib.optionals (useLLVM || bareMetal || isMusl) [ @@ -62,9 +65,11 @@ stdenv.mkDerivation { # ld-wrapper dislikes `-rpath-link //nix/store`, so we normalize away the # extra `/`. ./normalize-var.patch - ] # Prevent a compilation error on darwin - ++ lib.optional stdenv.hostPlatform.isDarwin ./darwin-targetconditionals.patch - ++ lib.optional stdenv.hostPlatform.isAarch32 ./armv7l.patch; + # Prevent a compilation error on darwin + ./darwin-targetconditionals.patch + ../../common/compiler-rt/darwin-plistbuddy-workaround.patch + ./armv7l.patch + ]; # TSAN requires XPC on Darwin, which we have no public/free source files for. We can depend on the Apple frameworks # to get it, but they're unfree. Since LLVM is rather central to the stdenv, we patch out TSAN support so that Hydra @@ -75,8 +80,6 @@ stdenv.mkDerivation { substituteInPlace cmake/builtin-config-ix.cmake \ --replace 'set(X86 i386)' 'set(X86 i386 i486 i586 i686)' '' + lib.optionalString stdenv.isDarwin '' - substituteInPlace cmake/builtin-config-ix.cmake \ - --replace 'set(ARM64 arm64 arm64e)' 'set(ARM64)' substituteInPlace cmake/config-ix.cmake \ --replace 'set(COMPILER_RT_HAS_TSAN TRUE)' 'set(COMPILER_RT_HAS_TSAN FALSE)' '' + lib.optionalString (useLLVM) '' diff --git a/pkgs/development/compilers/llvm/13/libcxxabi/default.nix b/pkgs/development/compilers/llvm/13/libcxxabi/default.nix index 16ea0b113c7..5da86b96d5a 100644 --- a/pkgs/development/compilers/llvm/13/libcxxabi/default.nix +++ b/pkgs/development/compilers/llvm/13/libcxxabi/default.nix @@ -41,11 +41,21 @@ stdenv.mkDerivation rec { preInstall = lib.optionalString stdenv.isDarwin '' for file in lib/*.dylib; do + # Fix up the install name. Preserve the basename, just replace the path. + installName="$out/lib/$(basename $(otool -D $file | tail -n 1))" + # this should be done in CMake, but having trouble figuring out # the magic combination of necessary CMake variables # if you fancy a try, take a look at # https://gitlab.kitware.com/cmake/community/-/wikis/doc/cmake/RPATH-handling - install_name_tool -id $out/$file $file + ${stdenv.cc.targetPrefix}install_name_tool -id $installName $file + + # cc-wrapper passes '-lc++abi' to all c++ link steps, but that causes + # libcxxabi to sometimes link against a different version of itself. + # Here we simply make that second reference point to ourselves. + for other in $(otool -L $file | awk '$1 ~ "/libc\\+\\+abi" { print $1 }'); do + ${stdenv.cc.targetPrefix}install_name_tool -change $other $installName $file + done done ''; diff --git a/pkgs/development/compilers/llvm/14/clang/add-nostdlibinc-flag.patch b/pkgs/development/compilers/llvm/14/clang/add-nostdlibinc-flag.patch new file mode 100644 index 00000000000..b73cd0185eb --- /dev/null +++ b/pkgs/development/compilers/llvm/14/clang/add-nostdlibinc-flag.patch @@ -0,0 +1,18 @@ +diff --git a/lib/Driver/Driver.cpp b/lib/Driver/Driver.cpp +index 3bfddeefc7b2..05b11d9e562d 100644 +--- a/lib/Driver/Driver.cpp ++++ b/lib/Driver/Driver.cpp +@@ -482,6 +482,13 @@ DerivedArgList *Driver::TranslateInputArgs(const InputArgList &Args) const { + } + #endif + ++ { ++ Arg *A = DAL->MakeFlagArg(/*BaseArg=*/nullptr, ++ Opts.getOption(options::OPT_nostdlibinc)); ++ A->claim(); ++ DAL->append(A); ++ } ++ + return DAL; + } + diff --git a/pkgs/development/compilers/llvm/14/clang/default.nix b/pkgs/development/compilers/llvm/14/clang/default.nix index 5ff02d68de4..6b775efcc03 100644 --- a/pkgs/development/compilers/llvm/14/clang/default.nix +++ b/pkgs/development/compilers/llvm/14/clang/default.nix @@ -45,6 +45,7 @@ let ./purity.patch # https://reviews.llvm.org/D51899 ./gnu-install-dirs.patch + ./add-nostdlibinc-flag.patch (substituteAll { src = ../../clang-11-12-LLVMgold-path.patch; libllvmLibdir = "${libllvm.lib}/lib"; @@ -54,10 +55,6 @@ let postPatch = '' (cd tools && ln -s ../../clang-tools-extra extra) - sed -i -e 's/DriverArgs.hasArg(options::OPT_nostdlibinc)/true/' \ - -e 's/Args.hasArg(options::OPT_nostdlibinc)/true/' \ - lib/Driver/ToolChains/*.cpp - # Patch for standalone doc building sed -i '1s,^,find_package(Sphinx REQUIRED)\n,' docs/CMakeLists.txt '' + lib.optionalString stdenv.hostPlatform.isMusl '' diff --git a/pkgs/development/compilers/llvm/14/compiler-rt/default.nix b/pkgs/development/compilers/llvm/14/compiler-rt/default.nix index 28c77d5ffb3..ef2495714e4 100644 --- a/pkgs/development/compilers/llvm/14/compiler-rt/default.nix +++ b/pkgs/development/compilers/llvm/14/compiler-rt/default.nix @@ -1,6 +1,6 @@ { lib, stdenv, llvm_meta, version , monorepoSrc, runCommand -, cmake, python3, libllvm, libcxxabi +, cmake, python3, xcbuild, libllvm, libcxxabi, libxcrypt }: let @@ -26,7 +26,8 @@ stdenv.mkDerivation { inherit src; sourceRoot = "${src.name}/${baseName}"; - nativeBuildInputs = [ cmake python3 libllvm.dev ]; + nativeBuildInputs = [ cmake python3 libllvm.dev ] + ++ lib.optional stdenv.isDarwin xcbuild.xcrun; buildInputs = lib.optional stdenv.hostPlatform.isDarwin libcxxabi; NIX_CFLAGS_COMPILE = [ @@ -37,6 +38,8 @@ stdenv.mkDerivation { "-DCOMPILER_RT_DEFAULT_TARGET_ONLY=ON" "-DCMAKE_C_COMPILER_TARGET=${stdenv.hostPlatform.config}" "-DCMAKE_ASM_COMPILER_TARGET=${stdenv.hostPlatform.config}" + ] ++ lib.optionals (haveLibc && !isMusl) [ + "-DSANITIZER_COMMON_CFLAGS=-I${libxcrypt}/include" ] ++ lib.optionals (useLLVM || bareMetal || isMusl) [ "-DCOMPILER_RT_BUILD_SANITIZERS=OFF" "-DCOMPILER_RT_BUILD_XRAY=OFF" @@ -73,9 +76,11 @@ stdenv.mkDerivation { # ld-wrapper dislikes `-rpath-link //nix/store`, so we normalize away the # extra `/`. ./normalize-var.patch - ] # Prevent a compilation error on darwin - ++ lib.optional stdenv.hostPlatform.isDarwin ./darwin-targetconditionals.patch - ++ lib.optional stdenv.hostPlatform.isAarch32 ./armv7l.patch; + # Prevent a compilation error on darwin + ./darwin-targetconditionals.patch + ../../common/compiler-rt/darwin-plistbuddy-workaround.patch + ./armv7l.patch + ]; # TSAN requires XPC on Darwin, which we have no public/free source files for. We can depend on the Apple frameworks # to get it, but they're unfree. Since LLVM is rather central to the stdenv, we patch out TSAN support so that Hydra @@ -86,8 +91,6 @@ stdenv.mkDerivation { substituteInPlace cmake/builtin-config-ix.cmake \ --replace 'set(X86 i386)' 'set(X86 i386 i486 i586 i686)' '' + lib.optionalString stdenv.isDarwin '' - substituteInPlace cmake/builtin-config-ix.cmake \ - --replace 'set(ARM64 arm64 arm64e)' 'set(ARM64)' substituteInPlace cmake/config-ix.cmake \ --replace 'set(COMPILER_RT_HAS_TSAN TRUE)' 'set(COMPILER_RT_HAS_TSAN FALSE)' '' + lib.optionalString (useLLVM) '' diff --git a/pkgs/development/compilers/llvm/14/libcxxabi/default.nix b/pkgs/development/compilers/llvm/14/libcxxabi/default.nix index d64708ab040..0487f1d0de8 100644 --- a/pkgs/development/compilers/llvm/14/libcxxabi/default.nix +++ b/pkgs/development/compilers/llvm/14/libcxxabi/default.nix @@ -52,12 +52,23 @@ stdenv.mkDerivation rec { installPhase = if stdenv.isDarwin then '' for file in lib/*.dylib; do + # Fix up the install name. Preserve the basename, just replace the path. + installName="$out/lib/$(basename $(otool -D $file | tail -n 1))" + # this should be done in CMake, but having trouble figuring out # the magic combination of necessary CMake variables # if you fancy a try, take a look at # https://gitlab.kitware.com/cmake/community/-/wikis/doc/cmake/RPATH-handling - install_name_tool -id $out/$file $file + ${stdenv.cc.targetPrefix}install_name_tool -id $installName $file + + # cc-wrapper passes '-lc++abi' to all c++ link steps, but that causes + # libcxxabi to sometimes link against a different version of itself. + # Here we simply make that second reference point to ourselves. + for other in $(otool -L $file | awk '$1 ~ "/libc\\+\\+abi" { print $1 }'); do + ${stdenv.cc.targetPrefix}install_name_tool -change $other $installName $file + done done + make install install -d 755 $out/include install -m 644 ../include/*.h $out/include diff --git a/pkgs/development/compilers/llvm/5/libcxxabi/default.nix b/pkgs/development/compilers/llvm/5/libcxxabi/default.nix index 60a41ab2d83..f2f707ec445 100644 --- a/pkgs/development/compilers/llvm/5/libcxxabi/default.nix +++ b/pkgs/development/compilers/llvm/5/libcxxabi/default.nix @@ -27,11 +27,21 @@ stdenv.mkDerivation { preInstall = lib.optionalString stdenv.isDarwin '' for file in lib/*.dylib; do + # Fix up the install name. Preserve the basename, just replace the path. + installName="$out/lib/$(basename $(otool -D $file | tail -n 1))" + # this should be done in CMake, but having trouble figuring out # the magic combination of necessary CMake variables # if you fancy a try, take a look at # https://gitlab.kitware.com/cmake/community/-/wikis/doc/cmake/RPATH-handling - install_name_tool -id $out/$file $file + ${stdenv.cc.targetPrefix}install_name_tool -id $installName $file + + # cc-wrapper passes '-lc++abi' to all c++ link steps, but that causes + # libcxxabi to sometimes link against a different version of itself. + # Here we simply make that second reference point to ourselves. + for other in $(otool -L $file | awk '$1 ~ "/libc\\+\\+abi" { print $1 }'); do + ${stdenv.cc.targetPrefix}install_name_tool -change $other $installName $file + done done ''; diff --git a/pkgs/development/compilers/llvm/6/libcxxabi/default.nix b/pkgs/development/compilers/llvm/6/libcxxabi/default.nix index d7de130fbaa..63e6eee6f59 100644 --- a/pkgs/development/compilers/llvm/6/libcxxabi/default.nix +++ b/pkgs/development/compilers/llvm/6/libcxxabi/default.nix @@ -27,11 +27,21 @@ stdenv.mkDerivation { preInstall = lib.optionalString stdenv.isDarwin '' for file in lib/*.dylib; do + # Fix up the install name. Preserve the basename, just replace the path. + installName="$out/lib/$(basename $(otool -D $file | tail -n 1))" + # this should be done in CMake, but having trouble figuring out # the magic combination of necessary CMake variables # if you fancy a try, take a look at # https://gitlab.kitware.com/cmake/community/-/wikis/doc/cmake/RPATH-handling - install_name_tool -id $out/$file $file + ${stdenv.cc.targetPrefix}install_name_tool -id $installName $file + + # cc-wrapper passes '-lc++abi' to all c++ link steps, but that causes + # libcxxabi to sometimes link against a different version of itself. + # Here we simply make that second reference point to ourselves. + for other in $(otool -L $file | awk '$1 ~ "/libc\\+\\+abi" { print $1 }'); do + ${stdenv.cc.targetPrefix}install_name_tool -change $other $installName $file + done done ''; diff --git a/pkgs/development/compilers/llvm/7/libcxxabi/default.nix b/pkgs/development/compilers/llvm/7/libcxxabi/default.nix index 1bc9444feda..721200136a5 100644 --- a/pkgs/development/compilers/llvm/7/libcxxabi/default.nix +++ b/pkgs/development/compilers/llvm/7/libcxxabi/default.nix @@ -46,11 +46,21 @@ stdenv.mkDerivation { preInstall = lib.optionalString stdenv.isDarwin '' for file in lib/*.dylib; do + # Fix up the install name. Preserve the basename, just replace the path. + installName="$out/lib/$(basename $(otool -D $file | tail -n 1))" + # this should be done in CMake, but having trouble figuring out # the magic combination of necessary CMake variables # if you fancy a try, take a look at # https://gitlab.kitware.com/cmake/community/-/wikis/doc/cmake/RPATH-handling - install_name_tool -id $out/$file $file + ${stdenv.cc.targetPrefix}install_name_tool -id $installName $file + + # cc-wrapper passes '-lc++abi' to all c++ link steps, but that causes + # libcxxabi to sometimes link against a different version of itself. + # Here we simply make that second reference point to ourselves. + for other in $(otool -L $file | awk '$1 ~ "/libc\\+\\+abi" { print $1 }'); do + ${stdenv.cc.targetPrefix}install_name_tool -change $other $installName $file + done done ''; diff --git a/pkgs/development/compilers/llvm/8/libcxx/default.nix b/pkgs/development/compilers/llvm/8/libcxx/default.nix index 87cd734899f..53680112921 100644 --- a/pkgs/development/compilers/llvm/8/libcxx/default.nix +++ b/pkgs/development/compilers/llvm/8/libcxx/default.nix @@ -49,7 +49,7 @@ stdenv.mkDerivation { "-DLIBCXX_CXX_ABI=libcxxabi" ] ++ lib.optional (stdenv.hostPlatform.isMusl || stdenv.hostPlatform.isWasi) "-DLIBCXX_HAS_MUSL_LIBC=1" ++ lib.optional (stdenv.hostPlatform.useLLVM or false) "-DLIBCXX_USE_COMPILER_RT=ON" - ++ lib.optional stdenv.hostPlatform.isWasm [ + ++ lib.optionals stdenv.hostPlatform.isWasm [ "-DLIBCXX_ENABLE_THREADS=OFF" "-DLIBCXX_ENABLE_FILESYSTEM=OFF" "-DLIBCXX_ENABLE_EXCEPTIONS=OFF" diff --git a/pkgs/development/compilers/llvm/8/libcxxabi/default.nix b/pkgs/development/compilers/llvm/8/libcxxabi/default.nix index 50a5eabc170..5ade8a5ae66 100644 --- a/pkgs/development/compilers/llvm/8/libcxxabi/default.nix +++ b/pkgs/development/compilers/llvm/8/libcxxabi/default.nix @@ -42,11 +42,21 @@ stdenv.mkDerivation { preInstall = lib.optionalString stdenv.isDarwin '' for file in lib/*.dylib; do + # Fix up the install name. Preserve the basename, just replace the path. + installName="$out/lib/$(basename $(otool -D $file | tail -n 1))" + # this should be done in CMake, but having trouble figuring out # the magic combination of necessary CMake variables # if you fancy a try, take a look at # https://gitlab.kitware.com/cmake/community/-/wikis/doc/cmake/RPATH-handling - install_name_tool -id $out/$file $file + ${stdenv.cc.targetPrefix}install_name_tool -id $installName $file + + # cc-wrapper passes '-lc++abi' to all c++ link steps, but that causes + # libcxxabi to sometimes link against a different version of itself. + # Here we simply make that second reference point to ourselves. + for other in $(otool -L $file | awk '$1 ~ "/libc\\+\\+abi" { print $1 }'); do + ${stdenv.cc.targetPrefix}install_name_tool -change $other $installName $file + done done ''; diff --git a/pkgs/development/compilers/llvm/9/libcxx/default.nix b/pkgs/development/compilers/llvm/9/libcxx/default.nix index 27197110310..31a00ba5485 100644 --- a/pkgs/development/compilers/llvm/9/libcxx/default.nix +++ b/pkgs/development/compilers/llvm/9/libcxx/default.nix @@ -45,7 +45,7 @@ stdenv.mkDerivation { "-DLIBCXX_CXX_ABI=libcxxabi" ] ++ lib.optional (stdenv.hostPlatform.isMusl || stdenv.hostPlatform.isWasi) "-DLIBCXX_HAS_MUSL_LIBC=1" ++ lib.optional (stdenv.hostPlatform.useLLVM or false) "-DLIBCXX_USE_COMPILER_RT=ON" - ++ lib.optional stdenv.hostPlatform.isWasm [ + ++ lib.optionals stdenv.hostPlatform.isWasm [ "-DLIBCXX_ENABLE_THREADS=OFF" "-DLIBCXX_ENABLE_FILESYSTEM=OFF" "-DLIBCXX_ENABLE_EXCEPTIONS=OFF" diff --git a/pkgs/development/compilers/llvm/9/libcxxabi/default.nix b/pkgs/development/compilers/llvm/9/libcxxabi/default.nix index ee6834affbc..4a235f5c2ef 100644 --- a/pkgs/development/compilers/llvm/9/libcxxabi/default.nix +++ b/pkgs/development/compilers/llvm/9/libcxxabi/default.nix @@ -42,11 +42,21 @@ stdenv.mkDerivation { preInstall = lib.optionalString stdenv.isDarwin '' for file in lib/*.dylib; do + # Fix up the install name. Preserve the basename, just replace the path. + installName="$out/lib/$(basename $(otool -D $file | tail -n 1))" + # this should be done in CMake, but having trouble figuring out # the magic combination of necessary CMake variables # if you fancy a try, take a look at # https://gitlab.kitware.com/cmake/community/-/wikis/doc/cmake/RPATH-handling - install_name_tool -id $out/$file $file + ${stdenv.cc.targetPrefix}install_name_tool -id $installName $file + + # cc-wrapper passes '-lc++abi' to all c++ link steps, but that causes + # libcxxabi to sometimes link against a different version of itself. + # Here we simply make that second reference point to ourselves. + for other in $(otool -L $file | awk '$1 ~ "/libc\\+\\+abi" { print $1 }'); do + ${stdenv.cc.targetPrefix}install_name_tool -change $other $installName $file + done done ''; diff --git a/pkgs/development/compilers/llvm/common/compiler-rt/darwin-plistbuddy-workaround.patch b/pkgs/development/compilers/llvm/common/compiler-rt/darwin-plistbuddy-workaround.patch new file mode 100644 index 00000000000..dae8b3a690a --- /dev/null +++ b/pkgs/development/compilers/llvm/common/compiler-rt/darwin-plistbuddy-workaround.patch @@ -0,0 +1,25 @@ +CMake tries to read a list field from SDKSettings.plist, but the output of +xcbuild PlistBuddy is incompatible with Apple's. (Plus we don't want it in our +dependencies.) + +Simply assume ARM64 is supported by the SDK. We already limit the actual archs +we build for by setting DARWIN_osx_BUILTIN_ARCHS explicitely. + +--- a/cmake/builtin-config-ix.cmake ++++ b/cmake/builtin-config-ix.cmake +@@ -97,14 +97,7 @@ if(APPLE) + set(DARWIN_osx_BUILTIN_MIN_VER 10.5) + set(DARWIN_osx_BUILTIN_MIN_VER_FLAG + -mmacosx-version-min=${DARWIN_osx_BUILTIN_MIN_VER}) +- set(DARWIN_osx_BUILTIN_ALL_POSSIBLE_ARCHS ${X86} ${X86_64}) +- # Add support for arm64 macOS if available in SDK. +- foreach(arch ${ARM64}) +- sdk_has_arch_support(${DARWIN_osx_SYSROOT} macosx ${arch} MACOS_ARM_SUPPORT) +- if (MACOS_ARM_SUPPORT) +- list(APPEND DARWIN_osx_BUILTIN_ALL_POSSIBLE_ARCHS ${arch}) +- endif() +- endforeach(arch) ++ set(DARWIN_osx_BUILTIN_ALL_POSSIBLE_ARCHS ${X86} ${X86_64} ${ARM64}) + + if(COMPILER_RT_ENABLE_IOS) + list(APPEND DARWIN_EMBEDDED_PLATFORMS ios) diff --git a/pkgs/development/compilers/llvm/git/clang/add-nostdlibinc-flag.patch b/pkgs/development/compilers/llvm/git/clang/add-nostdlibinc-flag.patch new file mode 100644 index 00000000000..80c2eb36238 --- /dev/null +++ b/pkgs/development/compilers/llvm/git/clang/add-nostdlibinc-flag.patch @@ -0,0 +1,18 @@ +diff --git a/lib/Driver/Driver.cpp b/lib/Driver/Driver.cpp +index 3f29afd35971..223d2769cdfc 100644 +--- a/lib/Driver/Driver.cpp ++++ b/lib/Driver/Driver.cpp +@@ -491,6 +491,13 @@ DerivedArgList *Driver::TranslateInputArgs(const InputArgList &Args) const { + } + #endif + ++ { ++ Arg *A = DAL->MakeFlagArg(/*BaseArg=*/nullptr, ++ Opts.getOption(options::OPT_nostdlibinc)); ++ A->claim(); ++ DAL->append(A); ++ } ++ + return DAL; + } + diff --git a/pkgs/development/compilers/llvm/git/clang/default.nix b/pkgs/development/compilers/llvm/git/clang/default.nix index 3110bef09e9..3df0e5042b8 100644 --- a/pkgs/development/compilers/llvm/git/clang/default.nix +++ b/pkgs/development/compilers/llvm/git/clang/default.nix @@ -46,6 +46,7 @@ let ./purity.patch # https://reviews.llvm.org/D51899 ./gnu-install-dirs.patch + ./add-nostdlibinc-flag.patch (substituteAll { src = ../../clang-11-12-LLVMgold-path.patch; libllvmLibdir = "${libllvm.lib}/lib"; @@ -55,10 +56,6 @@ let postPatch = '' (cd tools && ln -s ../../clang-tools-extra extra) - sed -i -e 's/DriverArgs.hasArg(options::OPT_nostdlibinc)/true/' \ - -e 's/Args.hasArg(options::OPT_nostdlibinc)/true/' \ - lib/Driver/ToolChains/*.cpp - # Patch for standalone doc building sed -i '1s,^,find_package(Sphinx REQUIRED)\n,' docs/CMakeLists.txt '' + lib.optionalString stdenv.hostPlatform.isMusl '' diff --git a/pkgs/development/compilers/llvm/git/compiler-rt/default.nix b/pkgs/development/compilers/llvm/git/compiler-rt/default.nix index 7ac3e3801ff..9fabce1895a 100644 --- a/pkgs/development/compilers/llvm/git/compiler-rt/default.nix +++ b/pkgs/development/compilers/llvm/git/compiler-rt/default.nix @@ -1,6 +1,6 @@ { lib, stdenv, llvm_meta, version , monorepoSrc, runCommand -, cmake, python3, libllvm, libcxxabi +, cmake, python3, xcbuild, libllvm, libcxxabi }: let @@ -26,7 +26,8 @@ stdenv.mkDerivation { inherit src; sourceRoot = "${src.name}/${baseName}"; - nativeBuildInputs = [ cmake python3 libllvm.dev ]; + nativeBuildInputs = [ cmake python3 libllvm.dev ] + ++ lib.optional stdenv.isDarwin xcbuild.xcrun; buildInputs = lib.optional stdenv.hostPlatform.isDarwin libcxxabi; NIX_CFLAGS_COMPILE = [ @@ -71,9 +72,11 @@ stdenv.mkDerivation { # ld-wrapper dislikes `-rpath-link //nix/store`, so we normalize away the # extra `/`. ./normalize-var.patch - ] # Prevent a compilation error on darwin - ++ lib.optional stdenv.hostPlatform.isDarwin ./darwin-targetconditionals.patch - ++ lib.optional stdenv.hostPlatform.isAarch32 ./armv7l.patch; + # Prevent a compilation error on darwin + ./darwin-targetconditionals.patch + ../../common/compiler-rt/darwin-plistbuddy-workaround.patch + ./armv7l.patch + ]; # TSAN requires XPC on Darwin, which we have no public/free source files for. We can depend on the Apple frameworks # to get it, but they're unfree. Since LLVM is rather central to the stdenv, we patch out TSAN support so that Hydra @@ -84,8 +87,6 @@ stdenv.mkDerivation { substituteInPlace cmake/builtin-config-ix.cmake \ --replace 'set(X86 i386)' 'set(X86 i386 i486 i586 i686)' '' + lib.optionalString stdenv.isDarwin '' - substituteInPlace cmake/builtin-config-ix.cmake \ - --replace 'set(ARM64 arm64 arm64e)' 'set(ARM64)' substituteInPlace cmake/config-ix.cmake \ --replace 'set(COMPILER_RT_HAS_TSAN TRUE)' 'set(COMPILER_RT_HAS_TSAN FALSE)' '' + lib.optionalString (useLLVM) '' diff --git a/pkgs/development/compilers/llvm/git/libcxxabi/default.nix b/pkgs/development/compilers/llvm/git/libcxxabi/default.nix index 2d4fe974c01..b478668ebde 100644 --- a/pkgs/development/compilers/llvm/git/libcxxabi/default.nix +++ b/pkgs/development/compilers/llvm/git/libcxxabi/default.nix @@ -70,11 +70,21 @@ stdenv.mkDerivation rec { preInstall = lib.optionalString stdenv.isDarwin '' for file in lib/*.dylib; do + # Fix up the install name. Preserve the basename, just replace the path. + installName="$out/lib/$(basename $(otool -D $file | tail -n 1))" + # this should be done in CMake, but having trouble figuring out # the magic combination of necessary CMake variables # if you fancy a try, take a look at # https://gitlab.kitware.com/cmake/community/-/wikis/doc/cmake/RPATH-handling - install_name_tool -id $out/$file $file + ${stdenv.cc.targetPrefix}install_name_tool -id $installName $file + + # cc-wrapper passes '-lc++abi' to all c++ link steps, but that causes + # libcxxabi to sometimes link against a different version of itself. + # Here we simply make that second reference point to ourselves. + for other in $(otool -L $file | awk '$1 ~ "/libc\\+\\+abi" { print $1 }'); do + ${stdenv.cc.targetPrefix}install_name_tool -change $other $installName $file + done done ''; diff --git a/pkgs/development/compilers/llvm/rocm/llvm.nix b/pkgs/development/compilers/llvm/rocm/llvm.nix index 557d1946686..c5ad96a6a18 100644 --- a/pkgs/development/compilers/llvm/rocm/llvm.nix +++ b/pkgs/development/compilers/llvm/rocm/llvm.nix @@ -9,6 +9,7 @@ , libxml2 , libffi , libbfd +, libxcrypt , ncurses , zlib , debugVersion ? false @@ -32,7 +33,7 @@ in stdenv.mkDerivation rec { nativeBuildInputs = [ cmake ninja python3 ]; - buildInputs = [ libxml2 ]; + buildInputs = [ libxml2 libxcrypt ]; propagatedBuildInputs = [ ncurses zlib ]; diff --git a/pkgs/development/compilers/manticore/default.nix b/pkgs/development/compilers/manticore/default.nix index 1919f999805..b767ccf150a 100644 --- a/pkgs/development/compilers/manticore/default.nix +++ b/pkgs/development/compilers/manticore/default.nix @@ -19,7 +19,7 @@ in stdenv.mkDerivation { buildInputs = [ coreutils smlnj ]; - autoreconfFlags = "-Iconfig -vfi"; + autoreconfFlags = [ "-Iconfig" "-vfi" ]; unpackPhase = '' mkdir -p $out diff --git a/pkgs/development/compilers/orc/default.nix b/pkgs/development/compilers/orc/default.nix index fa4bf686a2a..5ea72781e41 100644 --- a/pkgs/development/compilers/orc/default.nix +++ b/pkgs/development/compilers/orc/default.nix @@ -26,7 +26,7 @@ in stdenv.mkDerivation rec { outputBin = "dev"; # compilation tools mesonFlags = - optional (!buildDevDoc) [ "-Dgtk_doc=disabled" ] + optionals (!buildDevDoc) [ "-Dgtk_doc=disabled" ] ; nativeBuildInputs = [ meson ninja ] diff --git a/pkgs/development/compilers/p4c/default.nix b/pkgs/development/compilers/p4c/default.nix index 9233489b06a..cf02a656b77 100644 --- a/pkgs/development/compilers/p4c/default.nix +++ b/pkgs/development/compilers/p4c/default.nix @@ -66,8 +66,8 @@ stdenv.mkDerivation rec { flex cmake ] - ++ lib.optional enableDocumentation [ doxygen graphviz ] - ++ lib.optional enableBPF [ libllvm libbpf ]; + ++ lib.optionals enableDocumentation [ doxygen graphviz ] + ++ lib.optionals enableBPF [ libllvm libbpf ]; buildInputs = [ protobuf diff --git a/pkgs/development/compilers/rust/binary.nix b/pkgs/development/compilers/rust/binary.nix index 6c3751cbb57..1de90cdddac 100644 --- a/pkgs/development/compilers/rust/binary.nix +++ b/pkgs/development/compilers/rust/binary.nix @@ -52,6 +52,12 @@ rec { # https://github.com/rust-lang/rust/issues/34722#issuecomment-232164943 ''; + # The strip tool in cctools 973.0.1 and up appears to break rlibs in the + # binaries. The lib.rmeta object inside the ar archive should contain an + # .rmeta section, but it is removed. Luckily, this doesn't appear to be an + # issue for Rust builds produced by Nix. + dontStrip = stdenv.isDarwin; + setupHooks = ./setup-hook.sh; }; diff --git a/pkgs/development/compilers/sbcl/2.0.8.nix b/pkgs/development/compilers/sbcl/2.0.8.nix deleted file mode 100644 index bbc171a8d98..00000000000 --- a/pkgs/development/compilers/sbcl/2.0.8.nix +++ /dev/null @@ -1,4 +0,0 @@ -import ./common.nix { - version = "2.0.8"; - sha256 = "1xwrwvps7drrpyw3wg5h3g2qajmkwqs9gz0fdw1ns9adp7vld390"; -} diff --git a/pkgs/development/compilers/sbcl/2.0.9.nix b/pkgs/development/compilers/sbcl/2.0.9.nix deleted file mode 100644 index 80b30ec87f4..00000000000 --- a/pkgs/development/compilers/sbcl/2.0.9.nix +++ /dev/null @@ -1,4 +0,0 @@ -import ./common.nix { - version = "2.0.9"; - sha256 = "17wvrcwgp45z9b6arik31fjnz7908qhr5ackxq1y0gqi1hsh1xy4"; -} diff --git a/pkgs/development/compilers/sbcl/2.1.1.nix b/pkgs/development/compilers/sbcl/2.1.1.nix deleted file mode 100644 index a32f8a4a28b..00000000000 --- a/pkgs/development/compilers/sbcl/2.1.1.nix +++ /dev/null @@ -1,4 +0,0 @@ -import ./common.nix { - version = "2.1.1"; - sha256 = "15wa66sachhzgvg5n35vihmkpasg100lh561c1d1bdrql0p8kbd9"; -} diff --git a/pkgs/development/compilers/sbcl/2.1.10.nix b/pkgs/development/compilers/sbcl/2.1.10.nix deleted file mode 100644 index 8cf6f50b586..00000000000 --- a/pkgs/development/compilers/sbcl/2.1.10.nix +++ /dev/null @@ -1,4 +0,0 @@ -import ./common.nix { - version = "2.1.10"; - sha256 = "0f5ihj486m7ghh3nc0jlnqa656sbqcmhdv32syz2rjx5b47ky67b"; -} diff --git a/pkgs/development/compilers/sbcl/2.1.11.nix b/pkgs/development/compilers/sbcl/2.1.11.nix deleted file mode 100644 index abe48953a57..00000000000 --- a/pkgs/development/compilers/sbcl/2.1.11.nix +++ /dev/null @@ -1,4 +0,0 @@ -import ./common.nix { - version = "2.1.11"; - sha256 = "1zgypmn19c58pv7j33ga7m1l7lzghj70w3xbybpgmggxwwflihdz"; -} diff --git a/pkgs/development/compilers/sbcl/2.1.2.nix b/pkgs/development/compilers/sbcl/2.1.2.nix deleted file mode 100644 index 4f4c85b286c..00000000000 --- a/pkgs/development/compilers/sbcl/2.1.2.nix +++ /dev/null @@ -1,4 +0,0 @@ -import ./common.nix { - version = "2.1.2"; - sha256 = "sha256:02scrqyp2izsd8xjm2k5j5lhn4pdhd202jlcb54ysmcqjd80awdp"; -} diff --git a/pkgs/development/compilers/sbcl/2.1.9.nix b/pkgs/development/compilers/sbcl/2.1.9.nix deleted file mode 100644 index da26a9aeffb..00000000000 --- a/pkgs/development/compilers/sbcl/2.1.9.nix +++ /dev/null @@ -1,4 +0,0 @@ -import ./common.nix { - version = "2.1.9"; - sha256 = "189gjqzdz10xh3ybiy4ch1r98bsmkcb4hpnrmggd4y2g5kqnyx4y"; -} diff --git a/pkgs/development/compilers/sbcl/2.2.4.nix b/pkgs/development/compilers/sbcl/2.2.4.nix deleted file mode 100644 index 1be043f112e..00000000000 --- a/pkgs/development/compilers/sbcl/2.2.4.nix +++ /dev/null @@ -1,4 +0,0 @@ -import ./common.nix { - version = "2.2.4"; - sha256 = "sha256-/N0lHLxl9/gI7QrXckaEjRvhZqppoX90mWABhLelcgI="; -} diff --git a/pkgs/development/compilers/sbcl/2.2.6.nix b/pkgs/development/compilers/sbcl/2.2.6.nix deleted file mode 100644 index 6fb24da6abe..00000000000 --- a/pkgs/development/compilers/sbcl/2.2.6.nix +++ /dev/null @@ -1,4 +0,0 @@ -import ./common.nix { - version = "2.2.6"; - sha256 = "sha256-PiMEjI+oJvuRMiC+sqw2l9vFwM3y6J/tjbOe0XEjBKA="; -} diff --git a/pkgs/development/compilers/sbcl/common.nix b/pkgs/development/compilers/sbcl/2.x.nix index 05fa6b39089..ec12ccf17b7 100644 --- a/pkgs/development/compilers/sbcl/common.nix +++ b/pkgs/development/compilers/sbcl/2.x.nix @@ -1,5 +1,3 @@ -{ version, sha256 }: - { lib, stdenv, fetchurl, fetchpatch, writeText, sbclBootstrap, zstd , sbclBootstrapHost ? "${sbclBootstrap}/bin/sbcl --disable-debugger --no-userinit --no-sysinit" , threadSupport ? (stdenv.hostPlatform.isx86 || "aarch64-linux" == stdenv.hostPlatform.system || "aarch64-darwin" == stdenv.hostPlatform.system) @@ -11,8 +9,54 @@ , purgeNixReferences ? false , coreCompression ? lib.versionAtLeast version "2.2.6" , texinfo +, version }: +let + versionMap = { + "2.0.8" = { + sha256 = "1xwrwvps7drrpyw3wg5h3g2qajmkwqs9gz0fdw1ns9adp7vld390"; + }; + + "2.0.9" = { + sha256 = "17wvrcwgp45z9b6arik31fjnz7908qhr5ackxq1y0gqi1hsh1xy4"; + }; + + "2.1.1" = { + sha256 = "15wa66sachhzgvg5n35vihmkpasg100lh561c1d1bdrql0p8kbd9"; + }; + + "2.1.2" = { + sha256 = "sha256:02scrqyp2izsd8xjm2k5j5lhn4pdhd202jlcb54ysmcqjd80awdp"; + }; + + "2.1.9" = { + sha256 = "189gjqzdz10xh3ybiy4ch1r98bsmkcb4hpnrmggd4y2g5kqnyx4y"; + }; + + "2.1.10" = { + sha256 = "0f5ihj486m7ghh3nc0jlnqa656sbqcmhdv32syz2rjx5b47ky67b"; + }; + + "2.1.11" = { + sha256 = "1zgypmn19c58pv7j33ga7m1l7lzghj70w3xbybpgmggxwwflihdz"; + }; + + "2.2.4" = { + sha256 = "sha256-/N0lHLxl9/gI7QrXckaEjRvhZqppoX90mWABhLelcgI="; + }; + + "2.2.6" = { + sha256 = "sha256-PiMEjI+oJvuRMiC+sqw2l9vFwM3y6J/tjbOe0XEjBKA="; + }; + + "2.2.9" = { + sha256 = "sha256-fr69bSAj//cHewNy+hFx+IBSm97GEE8gmDKXwv63wXI="; + }; + }; + +in with versionMap.${version}; + stdenv.mkDerivation rec { pname = "sbcl"; inherit version; @@ -32,8 +76,8 @@ stdenv.mkDerivation rec { url = "https://github.com/sbcl/sbcl/commit/8fa3f76fba2e8572e86ac6fc5754e6b2954fc774.patch"; sha256 = "1ic531pjnws1k3xd03a5ixbq8cn10dlh2nfln59k0vbm0253g3lv"; }) - ++ lib.optionals (lib.versionAtLeast version "2.1.10") [ - # Fix pending upstream inclusion on -fno-common toolchains: + ++ lib.optionals (lib.versionAtLeast version "2.1.10" && lib.versionOlder version "2.2.9") [ + # Fix included in SBCL trunk since 2.2.9: # https://bugs.launchpad.net/sbcl/+bug/1980570 (fetchpatch { name = "darwin-fno-common.patch"; @@ -109,7 +153,7 @@ stdenv.mkDerivation rec { optional (!threadSupport) "sb-thread" ++ optionals disableImmobileSpace [ "immobile-space" "immobile-code" "compact-instance-header" ]; - NIX_CFLAGS_COMPILE = lib.optional (lib.versionOlder version "2.1.10") [ + NIX_CFLAGS_COMPILE = lib.optionals (lib.versionOlder version "2.1.10") [ # Workaround build failure on -fno-common toolchains like upstream # clang-13. Without the change build fails as: # duplicate symbol '_static_code_space_free_pointer' in: alloc.o traceroot.o diff --git a/pkgs/development/compilers/sbcl/bootstrap.nix b/pkgs/development/compilers/sbcl/bootstrap.nix index eaf1ff24d3e..b081df1572f 100644 --- a/pkgs/development/compilers/sbcl/bootstrap.nix +++ b/pkgs/development/compilers/sbcl/bootstrap.nix @@ -8,9 +8,9 @@ let sha256 = "sha256-H0ALigXcWIypdA+fTf7jERscwbb7QIAfcoxCtGDh0RU="; }; x86_64-darwin = { - version = "1.2.11"; + version = "2.2.9"; system = "x86-64-darwin"; - sha256 = "0lh4gpvi8hl6g6b9321g5pwh8sk3218i7h4lx7p3vd9z0cf3lz85"; + sha256 = "sha256-b1BLkoLIOELAYBYA9eBmMgm1OxMxJewzNP96C9ADfKY="; }; x86_64-linux = { version = "1.3.16"; diff --git a/pkgs/development/compilers/swi-prolog/default.nix b/pkgs/development/compilers/swi-prolog/default.nix index d53d1426a94..a1eb060d6ba 100644 --- a/pkgs/development/compilers/swi-prolog/default.nix +++ b/pkgs/development/compilers/swi-prolog/default.nix @@ -1,5 +1,5 @@ { lib, stdenv, fetchFromGitHub, jdk, gmp, readline, openssl, unixODBC, zlib -, libarchive, db, pcre, libedit, libossp_uuid, libXpm +, libarchive, db, pcre, libedit, libossp_uuid, libxcrypt,libXpm , libSM, libXt, freetype, pkg-config, fontconfig , cmake, libyaml, Security , libjpeg, libX11, libXext, libXft, libXinerama @@ -59,7 +59,7 @@ stdenv.mkDerivation { nativeBuildInputs = [ cmake pkg-config ]; buildInputs = [ gmp readline openssl - libarchive libyaml db pcre libedit libossp_uuid + libarchive libyaml db pcre libedit libossp_uuid libxcrypt zlib ] ++ lib.optionals (withGui && !stdenv.isDarwin) [ libXpm libX11 libXext libXft libXinerama libjpeg ] ++ extraLibraries diff --git a/pkgs/development/compilers/swift/default.nix b/pkgs/development/compilers/swift/default.nix index 4109d6ee6da..0ea6e7b0759 100644 --- a/pkgs/development/compilers/swift/default.nix +++ b/pkgs/development/compilers/swift/default.nix @@ -14,6 +14,7 @@ , python3 , ncurses , libuuid +, libxcrypt , icu , libgcc , libblocksruntime @@ -195,6 +196,7 @@ let libedit libgcc libuuid + libxcrypt libxml2 ncurses sqlite diff --git a/pkgs/development/coq-modules/coq-record-update/default.nix b/pkgs/development/coq-modules/coq-record-update/default.nix index fcc7b0362a0..77c42fb48d4 100644 --- a/pkgs/development/coq-modules/coq-record-update/default.nix +++ b/pkgs/development/coq-modules/coq-record-update/default.nix @@ -10,7 +10,7 @@ with lib; mkCoqDerivation rec { release."0.3.1".sha256 = "sha256-DyGxO2tqmYZZluXN6Oy5Tw6fuLMyuyxonj8CCToWKkk="; release."0.3.0".sha256 = "1ffr21dd6hy19gxnvcd4if2450iksvglvkd6q5713fajd72hmc0z"; releaseRev = v: "v${v}"; - buildFlags = "NO_TEST=1"; + buildFlags = [ "NO_TEST=1" ]; meta = { description = "Library to create Coq record update functions"; maintainers = with maintainers; [ ineol ]; diff --git a/pkgs/development/haskell-modules/configuration-common.nix b/pkgs/development/haskell-modules/configuration-common.nix index 22e0152547e..409a81c3735 100644 --- a/pkgs/development/haskell-modules/configuration-common.nix +++ b/pkgs/development/haskell-modules/configuration-common.nix @@ -2547,6 +2547,34 @@ self: super: { # Restrictive upper bound on base. # Remove once version 1.* is released monad-bayes = doJailbreak super.monad-bayes; + + crypt-sha512 = overrideCabal (drv: { + librarySystemDepends = [ + pkgs.libxcrypt + ]; + # Test failure after libxcrypt migration, reported upstrem at + # https://github.com/phadej/crypt-sha512/issues/13 + doCheck = false; + }) super.crypt-sha512; + + nano-cryptr = overrideCabal (drv: { + librarySystemDepends = [ + pkgs.libxcrypt + ]; + }) super.nano-cryptr; + + Unixutils = overrideCabal (drv: { + librarySystemDepends = [ + pkgs.libxcrypt + ]; + }) super.Unixutils; + + xmonad-utils = overrideCabal (drv: { + librarySystemDepends = [ + pkgs.libxcrypt + ]; + }) super.xmonad-utils; + } // import ./configuration-tensorflow.nix {inherit pkgs haskellLib;} self super // (let # We need to build purescript with these dependencies and thus also its reverse # dependencies to avoid version mismatches in their dependency closure. diff --git a/pkgs/development/haskell-modules/hoogle.nix b/pkgs/development/haskell-modules/hoogle.nix index 4c8bf8c2d28..b5be7edb6e5 100644 --- a/pkgs/development/haskell-modules/hoogle.nix +++ b/pkgs/development/haskell-modules/hoogle.nix @@ -36,7 +36,6 @@ let This index includes documentation for many Haskell modules. ''; - # TODO: closePropagation is deprecated; replace docPackages = lib.closePropagation # we grab the doc outputs (map (lib.getOutput "doc") packages); diff --git a/pkgs/development/interpreters/acl2/default.nix b/pkgs/development/interpreters/acl2/default.nix index 1ca3742e737..e42f26f0bda 100644 --- a/pkgs/development/interpreters/acl2/default.nix +++ b/pkgs/development/interpreters/acl2/default.nix @@ -77,7 +77,7 @@ in stdenv.mkDerivation rec { ''; preBuild = "mkdir -p $HOME"; - makeFlags = "LISP=${sbcl}/bin/sbcl ACL2_MAKE_LOG=NONE"; + makeFlags = [ "LISP=${sbcl}/bin/sbcl" "ACL2_MAKE_LOG=NONE" ]; doCheck = true; checkTarget = "mini-proveall"; diff --git a/pkgs/development/interpreters/kerf/default.nix b/pkgs/development/interpreters/kerf/default.nix index 5b605c6564b..96db9bbaeb1 100644 --- a/pkgs/development/interpreters/kerf/default.nix +++ b/pkgs/development/interpreters/kerf/default.nix @@ -18,9 +18,9 @@ stdenv.mkDerivation rec { sourceRoot = "source/src"; buildInputs = [ libedit zlib ncurses ] - ++ lib.optional stdenv.isDarwin ([ + ++ lib.optionals stdenv.isDarwin ([ Accelerate - ] ++ lib.optional stdenv.isx86_64 /* && isDarwin */ [ + ] ++ lib.optionals stdenv.isx86_64 /* && isDarwin */ [ CoreGraphics CoreVideo ]); @@ -36,7 +36,7 @@ stdenv.mkDerivation rec { "implicit-function-declaration" "gnu-variable-sized-type-not-at-end" "unused-result" - ] ++ lib.optional stdenv.isDarwin [ "-fcommon" ]; + ] ++ lib.optionals stdenv.isDarwin [ "-fcommon" ]; patchPhase = '' substituteInPlace ./Makefile \ diff --git a/pkgs/development/interpreters/lua-5/build-lua-package.nix b/pkgs/development/interpreters/lua-5/build-lua-package.nix index b2f82ddb469..d11c0d0f039 100644 --- a/pkgs/development/interpreters/lua-5/build-lua-package.nix +++ b/pkgs/development/interpreters/lua-5/build-lua-package.nix @@ -8,9 +8,10 @@ , luaLib }: -{ -pname +{ pname , version +# we need rockspecVersion to find the .rockspec even when version changes +, rockspecVersion ? version # by default prefix `name` e.g. "lua5.2-${name}" , namePrefix ? "${lua.pname}${lua.sourceVersion.major}.${lua.sourceVersion.minor}-" @@ -72,7 +73,7 @@ pname # Keep extra attributes from `attrs`, e.g., `patchPhase', etc. let - generatedRockspecFilename = "${rockspecDir}/${pname}-${version}.rockspec"; + generatedRockspecFilename = "${rockspecDir}/${pname}-${rockspecVersion}.rockspec"; # TODO fix warnings "Couldn't load rockspec for ..." during manifest # construction -- from initial investigation, appears it will require @@ -80,20 +81,6 @@ let # luarocks only looks for rockspecs in the default/system tree instead of all # configured trees) luarocks_config = "luarocks-config.lua"; - luarocks_content = let - generatedConfig = luaLib.generateLuarocksConfig { - externalDeps = externalDeps ++ externalDepsGenerated; - inherit extraVariables; - inherit rocksSubdir; - inherit requiredLuaRocks; - }; - in - '' - ${generatedConfig} - ${extraConfig} - ''; - - rocksSubdir = "${attrs.pname}-${version}-rocks"; # Filter out the lua derivation itself from the Lua module dependency # closure, as it doesn't have a rock tree :) @@ -106,15 +93,28 @@ let ); externalDeps' = lib.filter (dep: !lib.isDerivation dep) externalDeps; - luarocksDrv = luaLib.toLuaModule ( lua.stdenv.mkDerivation ( -builtins.removeAttrs attrs ["disabled" "checkInputs" "externalDeps" "extraVariables"] // { + luarocksDrv = luaLib.toLuaModule ( lua.stdenv.mkDerivation (self: let - name = namePrefix + pname + "-" + version; + rocksSubdir = "${self.pname}-${self.version}-rocks"; + luarocks_content = let + generatedConfig = luaLib.generateLuarocksConfig { + externalDeps = externalDeps ++ externalDepsGenerated; + inherit extraVariables rocksSubdir requiredLuaRocks; + }; + in + '' + ${generatedConfig} + ${extraConfig} + ''; + in builtins.removeAttrs attrs ["disabled" "externalDeps" "extraVariables"] // { + + name = namePrefix + pname + "-" + self.version; + inherit rockspecVersion; nativeBuildInputs = [ wrapLua luarocks - ] ++ lib.optionals doCheck ([ luarocksCheckHook ] ++ checkInputs); + ] ++ lib.optionals doCheck ([ luarocksCheckHook ] ++ self.checkInputs); buildInputs = buildInputs ++ (map (d: d.dep) externalDeps'); diff --git a/pkgs/development/interpreters/lua-5/default.nix b/pkgs/development/interpreters/lua-5/default.nix index 478c5bdb34d..933f42eb26e 100644 --- a/pkgs/development/interpreters/lua-5/default.nix +++ b/pkgs/development/interpreters/lua-5/default.nix @@ -61,6 +61,7 @@ let in rec { buildEnv = callPackage ./wrapper.nix { lua = self; + makeWrapper = makeBinaryWrapper; inherit (luaPackages) requiredLuaModules; }; withPackages = import ./with-packages.nix { inherit buildEnv luaPackages;}; diff --git a/pkgs/development/interpreters/lua-5/hooks/luarocks-move-data.sh b/pkgs/development/interpreters/lua-5/hooks/luarocks-move-data.sh index f0b56178f01..9870c9976ea 100644 --- a/pkgs/development/interpreters/lua-5/hooks/luarocks-move-data.sh +++ b/pkgs/development/interpreters/lua-5/hooks/luarocks-move-data.sh @@ -5,7 +5,7 @@ echo "Sourcing luarocks-move-data-hook.sh" luarocksMoveDataHook () { echo "Executing luarocksMoveDataHook" if [ -d "$out/$rocksSubdir" ]; then - cp -rfv "$out/$rocksSubdir/$pname/$version/." "$out" + cp -rfv "$out/$rocksSubdir/$pname/$rockspecVersion/." "$out" fi echo "Finished executing luarocksMoveDataHook" diff --git a/pkgs/development/interpreters/luajit/2.0.nix b/pkgs/development/interpreters/luajit/2.0.nix index fe7843caeb0..3df2ac457c0 100644 --- a/pkgs/development/interpreters/luajit/2.0.nix +++ b/pkgs/development/interpreters/luajit/2.0.nix @@ -2,10 +2,10 @@ callPackage ./default.nix { sourceVersion = { major = "2"; minor = "0"; patch = "5"; }; inherit self passthruFun; - version = "2.0.5-2022-03-13"; - rev = "93a65d3cc263aef2d2feb3d7ff2206aca3bee17e"; + version = "2.0.5-2022-09-13"; + rev = "46e62cd963a426e83a60f691dcbbeb742c7b3ba2"; isStable = true; - hash = "sha256-Gp7OdfxBGkW59zxWUml2ugPABLUv2SezMiDblA/FZ7g="; + hash = "sha256-/XR9+6NjXs2TrUVKJNkH2h970BkDNFqMDJTWcy/bswU="; extraMeta = { # this isn't precise but it at least stops the useless Hydra build platforms = with lib; filter (p: !hasPrefix "aarch64-" p) (platforms.linux ++ platforms.darwin); diff --git a/pkgs/development/interpreters/luajit/2.1.nix b/pkgs/development/interpreters/luajit/2.1.nix index d5c539331e0..d2233f15819 100644 --- a/pkgs/development/interpreters/luajit/2.1.nix +++ b/pkgs/development/interpreters/luajit/2.1.nix @@ -2,8 +2,8 @@ callPackage ./default.nix { sourceVersion = { major = "2"; minor = "1"; patch = "0"; }; inherit self passthruFun; - version = "2.1.0-2022-04-05"; - rev = "5e3c45c43bb0e0f1f2917d432e9d2dba12c42a6e"; + version = "2.1.0-2022-10-04"; + rev = "6c4826f12c4d33b8b978004bc681eb1eef2be977"; isStable = false; - hash = "sha256-Q+34hJDgyCqmtThHbxR16Nn7zhq4Ql142No2rO57HL0="; + hash = "sha256-GMgoSVHrfIuLdk8mW9XgdemNFsAkkQR4wiGGjaAXAKg="; } diff --git a/pkgs/development/interpreters/perl/default.nix b/pkgs/development/interpreters/perl/default.nix index 79e2bf84a0c..4d95ebf2052 100644 --- a/pkgs/development/interpreters/perl/default.nix +++ b/pkgs/development/interpreters/perl/default.nix @@ -1,9 +1,12 @@ { config, lib, stdenv, fetchurl, fetchFromGitHub, pkgs, buildPackages , callPackage , enableThreading ? true, coreutils, makeWrapper +, enableCrypt ? true, libxcrypt ? null , zlib }: +assert (enableCrypt -> (libxcrypt != null)); + # Note: this package is used for bootstrapping fetchurl, and thus # cannot use fetchpatch! All mutable patches (generated by GitHub or # cgit) that are needed here should be included directly in Nixpkgs as @@ -33,6 +36,8 @@ let optional crossCompiling "mini"; setOutputFlags = false; + propagatedBuildInputs = lib.optional enableCrypt libxcrypt; + disallowedReferences = [ stdenv.cc ]; patches = @@ -82,6 +87,7 @@ let ++ optionals ((builtins.match ''5\.[0-9]*[13579]\..+'' version) != null) [ "-Dusedevel" "-Uversiononly" ] ++ optional stdenv.isSunOS "-Dcc=gcc" ++ optional enableThreading "-Dusethreads" + ++ optional (!enableCrypt) "-A clear:d_crypt_r" ++ optional stdenv.hostPlatform.isStatic "--all-static" ++ optionals (!crossCompiling) [ "-Dprefix=${placeholder "out"}" diff --git a/pkgs/development/interpreters/php/generic.nix b/pkgs/development/interpreters/php/generic.nix index 5984113574c..d1b7c682955 100644 --- a/pkgs/development/interpreters/php/generic.nix +++ b/pkgs/development/interpreters/php/generic.nix @@ -206,7 +206,7 @@ let [ pcre2 ] # Enable sapis - ++ lib.optional pearSupport [ libxml2.dev ] + ++ lib.optionals pearSupport [ libxml2.dev ] # Misc deps ++ lib.optional apxs2Support apacheHttpd @@ -230,7 +230,7 @@ let ++ lib.optional (!cgiSupport) "--disable-cgi" ++ lib.optional (!cliSupport) "--disable-cli" ++ lib.optional fpmSupport "--enable-fpm" - ++ lib.optional pearSupport [ "--with-pear" "--enable-xml" "--with-libxml" ] + ++ lib.optionals pearSupport [ "--with-pear" "--enable-xml" "--with-libxml" ] ++ lib.optional pharSupport "--enable-phar" ++ lib.optional (!phpdbgSupport) "--disable-phpdbg" diff --git a/pkgs/development/interpreters/python-cosmopolitan/default.nix b/pkgs/development/interpreters/python-cosmopolitan/default.nix index a2a512b9cdf..a513c097fbc 100644 --- a/pkgs/development/interpreters/python-cosmopolitan/default.nix +++ b/pkgs/development/interpreters/python-cosmopolitan/default.nix @@ -9,7 +9,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ bintools-unwrapped unzip ]; # slashes are significant because upstream uses o/$(MODE)/foo.o - buildFlags = "o//third_party/python"; + buildFlags = [ "o//third_party/python" ]; checkTarget = "o//third_party/python/test"; enableParallelBuilding = true; diff --git a/pkgs/development/interpreters/python/cpython/2.7/default.nix b/pkgs/development/interpreters/python/cpython/2.7/default.nix index 25446f5fca8..7da2a0047f3 100644 --- a/pkgs/development/interpreters/python/cpython/2.7/default.nix +++ b/pkgs/development/interpreters/python/cpython/2.7/default.nix @@ -166,7 +166,7 @@ let # only works for GCC and Apple Clang. This makes distutils to call C++ # compiler when needed. ./python-2.7-distutils-C++.patch - ] ++ optional (stdenv.hostPlatform != stdenv.buildPlatform) [ + ] ++ optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ ./cross-compile.patch ]; diff --git a/pkgs/development/interpreters/python/cpython/default.nix b/pkgs/development/interpreters/python/cpython/default.nix index ddf0a554847..42425816715 100644 --- a/pkgs/development/interpreters/python/cpython/default.nix +++ b/pkgs/development/interpreters/python/cpython/default.nix @@ -14,6 +14,7 @@ , bluez ? null, bluezSupport ? false , zlib , tzdata ? null +, libxcrypt , self , configd , autoreconfHook @@ -353,6 +354,9 @@ in with passthru; stdenv.mkDerivation { # Never even try to use lchmod on linux, # don't rely on detecting glibc-isms. "ac_cv_func_lchmod=no" + ] ++ optionals (libxcrypt != null) [ + "CFLAGS=-I${libxcrypt}/include" + "LIBS=-L${libxcrypt}/lib" ] ++ optionals tzdataSupport [ "--with-tzpath=${tzdata}/share/zoneinfo" ] ++ optional static "LDFLAGS=-static"; @@ -388,7 +392,7 @@ in with passthru; stdenv.mkDerivation { postInstall = let # References *not* to nuke from (sys)config files keep-references = concatMapStringsSep " " (val: "-e ${val}") ([ - (placeholder "out") + (placeholder "out") libxcrypt ] ++ optionals tzdataSupport [ tzdata ]); diff --git a/pkgs/development/interpreters/python/hooks/python-relax-deps-hook.sh b/pkgs/development/interpreters/python/hooks/python-relax-deps-hook.sh index 82231ee3adc..d404c6021f4 100644 --- a/pkgs/development/interpreters/python/hooks/python-relax-deps-hook.sh +++ b/pkgs/development/interpreters/python/hooks/python-relax-deps-hook.sh @@ -80,6 +80,9 @@ pythonRelaxDepsHook() { @pythonInterpreter@ -m wheel pack "$unpack_dir/$pkg_name" done + # Remove the folder since it will otherwise be in the dist output. + rm -rf "$unpack_dir" + popd } diff --git a/pkgs/development/interpreters/python/mk-python-derivation.nix b/pkgs/development/interpreters/python/mk-python-derivation.nix index abb1ceb7879..bdb4969bf16 100644 --- a/pkgs/development/interpreters/python/mk-python-derivation.nix +++ b/pkgs/development/interpreters/python/mk-python-derivation.nix @@ -109,7 +109,7 @@ else let inherit (python) stdenv; - withDistOutput = lib.elem format ["pyproject" "setuptools" "flit"]; + withDistOutput = lib.elem format ["pyproject" "setuptools" "flit" "wheel"]; name_ = name; diff --git a/pkgs/development/interpreters/python/rustpython/default.nix b/pkgs/development/interpreters/python/rustpython/default.nix index 6f7704e7275..645b1de2d76 100644 --- a/pkgs/development/interpreters/python/rustpython/default.nix +++ b/pkgs/development/interpreters/python/rustpython/default.nix @@ -20,7 +20,7 @@ rustPlatform.buildRustPackage rec { cargoHash = "sha256-Pv7SK64+eoK1VUxDh1oH0g1veWoIvBhiZE9JI/alXJ4="; # freeze the stdlib into the rustpython binary - cargoBuildFlags = "--features=freeze-stdlib"; + cargoBuildFlags = [ "--features=freeze-stdlib" ]; buildInputs = lib.optionals stdenv.isDarwin [ SystemConfiguration ]; diff --git a/pkgs/development/interpreters/qnial/default.nix b/pkgs/development/interpreters/qnial/default.nix index 74360daa876..ae68c1ad6af 100644 --- a/pkgs/development/interpreters/qnial/default.nix +++ b/pkgs/development/interpreters/qnial/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, unzip, pkg-config, makeWrapper, ncurses }: +{ lib, stdenv, fetchFromGitHub, unzip, pkg-config, makeWrapper, ncurses, libxcrypt }: stdenv.mkDerivation { pname = "qnial"; @@ -26,6 +26,7 @@ stdenv.mkDerivation { buildInputs = [ ncurses + libxcrypt ]; meta = { diff --git a/pkgs/development/interpreters/racket/default.nix b/pkgs/development/interpreters/racket/default.nix index 67609132c80..479557e0890 100644 --- a/pkgs/development/interpreters/racket/default.nix +++ b/pkgs/development/interpreters/racket/default.nix @@ -128,8 +128,8 @@ stdenv.mkDerivation rec { shared = if stdenv.isDarwin then "dylib" else "shared"; configureFlags = [ "--enable-${shared}" "--enable-lt=${libtool}/bin/libtool" ] - ++ lib.optional disableDocs [ "--disable-docs" ] - ++ lib.optional stdenv.isDarwin [ "--enable-xonx" ]; + ++ lib.optionals disableDocs [ "--disable-docs" ] + ++ lib.optionals stdenv.isDarwin [ "--enable-xonx" ]; configureScript = "../configure"; diff --git a/pkgs/development/interpreters/racket/racket_7_9.nix b/pkgs/development/interpreters/racket/racket_7_9.nix index 07c0376b42a..ac4b6b5ba18 100644 --- a/pkgs/development/interpreters/racket/racket_7_9.nix +++ b/pkgs/development/interpreters/racket/racket_7_9.nix @@ -83,8 +83,8 @@ stdenv.mkDerivation rec { shared = if stdenv.isDarwin then "dylib" else "shared"; configureFlags = [ "--enable-${shared}" "--enable-lt=${libtool}/bin/libtool" ] - ++ lib.optional disableDocs [ "--disable-docs" ] - ++ lib.optional stdenv.isDarwin [ "--enable-xonx" ]; + ++ lib.optionals disableDocs [ "--disable-docs" ] + ++ lib.optionals stdenv.isDarwin [ "--enable-xonx" ]; configureScript = "../configure"; diff --git a/pkgs/development/interpreters/ruby/default.nix b/pkgs/development/interpreters/ruby/default.nix index 524734b5a5f..dc7594da17d 100644 --- a/pkgs/development/interpreters/ruby/default.nix +++ b/pkgs/development/interpreters/ruby/default.nix @@ -48,7 +48,7 @@ let , buildEnv, bundler, bundix , libiconv, libobjc, libunwind, Foundation , makeWrapper, buildRubyGem, defaultGemConfig - , baseRuby ? buildPackages.ruby.override { + , baseRuby ? buildPackages.ruby_3_1.override { useRailsExpress = false; docSupport = false; rubygemsSupport = false; diff --git a/pkgs/development/interpreters/spidermonkey/common.nix b/pkgs/development/interpreters/spidermonkey/common.nix index 1272e061b0d..d12396396da 100644 --- a/pkgs/development/interpreters/spidermonkey/common.nix +++ b/pkgs/development/interpreters/spidermonkey/common.nix @@ -42,7 +42,7 @@ stdenv.mkDerivation (finalAttrs: rec { inherit hash; }; - patches = lib.optional (lib.versionOlder version "91") [ + patches = lib.optionals (lib.versionOlder version "91") [ # Fix build failure on armv7l using Debian patch # Upstream bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1526653 (fetchpatch { diff --git a/pkgs/development/interpreters/unicon-lang/default.nix b/pkgs/development/interpreters/unicon-lang/default.nix index 848c9541114..593a955c798 100644 --- a/pkgs/development/interpreters/unicon-lang/default.nix +++ b/pkgs/development/interpreters/unicon-lang/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, unzip, libX11, libXt, libnsl }: +{ lib, stdenv, fetchurl, unzip, libX11, libXt, libnsl, libxcrypt }: stdenv.mkDerivation { pname = "unicon-lang"; @@ -8,7 +8,7 @@ stdenv.mkDerivation { sha256 = "1g9l2dfp99dqih2ir2limqfjgagh3v9aqly6x0l3qavx3qkkwf61"; }; nativeBuildInputs = [ unzip ]; - buildInputs = [ libnsl libX11 libXt ]; + buildInputs = [ libnsl libX11 libXt libxcrypt ]; hardeningDisable = [ "fortify" ]; diff --git a/pkgs/development/libraries/accountsservice/default.nix b/pkgs/development/libraries/accountsservice/default.nix index 4bd7a67871f..694aab16d1a 100644 --- a/pkgs/development/libraries/accountsservice/default.nix +++ b/pkgs/development/libraries/accountsservice/default.nix @@ -16,6 +16,7 @@ , python3 , vala , gettext +, libxcrypt }: stdenv.mkDerivation rec { @@ -66,6 +67,7 @@ stdenv.mkDerivation rec { glib polkit systemd + libxcrypt ]; mesonFlags = [ diff --git a/pkgs/development/libraries/ada/gnatcoll/db.nix b/pkgs/development/libraries/ada/gnatcoll/db.nix index 0c597f199c3..6c87d63063f 100644 --- a/pkgs/development/libraries/ada/gnatcoll/db.nix +++ b/pkgs/development/libraries/ada/gnatcoll/db.nix @@ -95,7 +95,7 @@ stdenv.mkDerivation rec { # confusingly, for gprbuild --target is autoconf --host "TARGET=${stdenv.hostPlatform.config}" "prefix=${placeholder "out"}" - ] ++ lib.optional (component == "sqlite") [ + ] ++ lib.optionals (component == "sqlite") [ # link against packaged, not vendored libsqlite3 "GNATCOLL_SQLITE=external" ]; diff --git a/pkgs/development/libraries/apr-util/default.nix b/pkgs/development/libraries/apr-util/default.nix index 6f38bfa0d07..909965bb068 100644 --- a/pkgs/development/libraries/apr-util/default.nix +++ b/pkgs/development/libraries/apr-util/default.nix @@ -2,7 +2,7 @@ , sslSupport ? true, openssl , bdbSupport ? true, db , ldapSupport ? !stdenv.isCygwin, openldap -, libiconv +, libiconv, libxcrypt , cyrus_sasl, autoreconfHook }: @@ -21,7 +21,10 @@ stdenv.mkDerivation rec { sha256 = "0nq3s1yn13vplgl6qfm09f7n0wm08malff9s59bqf9nid9xjzqfk"; }; - patches = optional stdenv.isFreeBSD ./include-static-dependencies.patch; + patches = [ ./fix-libxcrypt-build.patch ] + ++ optional stdenv.isFreeBSD ./include-static-dependencies.patch; + + NIX_CFLAGS_LINK = [ "-lcrypt" ]; outputs = [ "out" "dev" ]; outputBin = "dev"; @@ -38,15 +41,18 @@ stdenv.mkDerivation rec { "--without-freetds" "--without-berkeley-db" "--without-crypto" ] ; - # For some reason, db version 6.9 is selected when cross-compiling. - # It's unclear as to why, it requires someone with more autotools / configure knowledge to go deeper into that. - # Always replacing the link flag with a generic link flag seems to help though, so let's do that for now. - postConfigure = lib.optionalString (stdenv.buildPlatform != stdenv.hostPlatform) '' - substituteInPlace Makefile \ - --replace "-ldb-6.9" "-ldb" + postConfigure = '' + echo '#define APR_HAVE_CRYPT_H 1' >> confdefs.h + '' + + # For some reason, db version 6.9 is selected when cross-compiling. + # It's unclear as to why, it requires someone with more autotools / configure knowledge to go deeper into that. + # Always replacing the link flag with a generic link flag seems to help though, so let's do that for now. + lib.optionalString (stdenv.buildPlatform != stdenv.hostPlatform) '' + substituteInPlace Makefile \ + --replace "-ldb-6.9" "-ldb" ''; - propagatedBuildInputs = [ apr expat libiconv ] + propagatedBuildInputs = [ apr expat libiconv libxcrypt ] ++ optional sslSupport openssl ++ optional bdbSupport db ++ optional ldapSupport openldap diff --git a/pkgs/development/libraries/apr-util/fix-libxcrypt-build.patch b/pkgs/development/libraries/apr-util/fix-libxcrypt-build.patch new file mode 100644 index 00000000000..2994e5de0f7 --- /dev/null +++ b/pkgs/development/libraries/apr-util/fix-libxcrypt-build.patch @@ -0,0 +1,14 @@ +diff --git a/crypto/apr_passwd.c b/crypto/apr_passwd.c +index c961de2..a397f27 100644 +--- a/crypto/apr_passwd.c ++++ b/crypto/apr_passwd.c +@@ -24,9 +24,7 @@ + #if APR_HAVE_STRING_H + #include <string.h> + #endif +-#if APR_HAVE_CRYPT_H + #include <crypt.h> +-#endif + #if APR_HAVE_UNISTD_H + #include <unistd.h> + #endif diff --git a/pkgs/development/libraries/apr/default.nix b/pkgs/development/libraries/apr/default.nix index 536c8a5613a..0d980db9b5a 100644 --- a/pkgs/development/libraries/apr/default.nix +++ b/pkgs/development/libraries/apr/default.nix @@ -49,7 +49,7 @@ stdenv.mkDerivation rec { configureFlagsArray+=("--with-installbuilddir=$dev/share/build") ''; - configureFlags = lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) [ + configureFlags = lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ # For cross builds, provide answers to the configure time tests. # These answers are valid on x86_64-linux and aarch64-linux. "ac_cv_file__dev_zero=yes" diff --git a/pkgs/development/libraries/audio/libopenmpt/default.nix b/pkgs/development/libraries/audio/libopenmpt/default.nix index 270e4632aef..8e5793b0bcd 100644 --- a/pkgs/development/libraries/audio/libopenmpt/default.nix +++ b/pkgs/development/libraries/audio/libopenmpt/default.nix @@ -16,13 +16,13 @@ stdenv.mkDerivation rec { pname = "libopenmpt"; - version = "0.6.5"; + version = "0.6.6"; outputs = [ "out" "dev" "bin" ]; src = fetchurl { url = "https://lib.openmpt.org/files/libopenmpt/src/libopenmpt-${version}+release.autotools.tar.gz"; - sha256 = "8iq+l3za5AX2hbdRUOf7FVsseJa0cA/VSr5ohA9m6cA="; + sha256 = "bdueJqQwYglEiReW/vsbuzi9kUj2z8VYgQwNPyaYdsc="; }; enableParallelBuilding = true; diff --git a/pkgs/development/libraries/avahi/default.nix b/pkgs/development/libraries/avahi/default.nix index e2421743455..fe9ce9a42dc 100644 --- a/pkgs/development/libraries/avahi/default.nix +++ b/pkgs/development/libraries/avahi/default.nix @@ -31,10 +31,16 @@ stdenv.mkDerivation rec { }; patches = [ + # CVE-2021-36217 / CVE-2021-3502 (fetchpatch { url = "https://github.com/lathiat/avahi/commit/9d31939e55280a733d930b15ac9e4dda4497680c.patch"; sha256 = "sha256-BXWmrLWUvDxKPoIPRFBpMS3T4gijRw0J+rndp6iDybU="; }) + # CVE-2021-3468 + (fetchpatch { + url = "https://github.com/lathiat/avahi/commit/447affe29991ee99c6b9732fc5f2c1048a611d3b.patch"; + sha256 = "sha256-qWaCU1ZkCg2PmijNto7t8E3pYRN/36/9FrG8okd6Gu8="; + }) ]; depsBuildBuild = [ diff --git a/pkgs/development/libraries/boost/generic.nix b/pkgs/development/libraries/boost/generic.nix index d4e74b5788a..b6ab49e4b4d 100644 --- a/pkgs/development/libraries/boost/generic.nix +++ b/pkgs/development/libraries/boost/generic.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, icu, expat, zlib, bzip2, python ? null, fixDarwinDylibNames, libiconv +{ lib, stdenv, icu, expat, zlib, bzip2, python ? null, fixDarwinDylibNames, libiconv, libxcrypt , boost-build , fetchpatch , which @@ -218,7 +218,7 @@ stdenv.mkDerivation { ++ optional stdenv.hostPlatform.isDarwin fixDarwinDylibNames; buildInputs = [ expat zlib bzip2 libiconv ] ++ optional (stdenv.hostPlatform == stdenv.buildPlatform) icu - ++ optional enablePython python + ++ optionals enablePython [ libxcrypt python ] ++ optional enableNumpy python.pkgs.numpy; configureScript = "./bootstrap.sh"; diff --git a/pkgs/development/libraries/c-ares/default.nix b/pkgs/development/libraries/c-ares/default.nix index a5a41813bc3..42023990c9e 100644 --- a/pkgs/development/libraries/c-ares/default.nix +++ b/pkgs/development/libraries/c-ares/default.nix @@ -1,54 +1,48 @@ -{ lib, stdenv, fetchurl, writeTextDir }: +{ lib, stdenv, fetchurl, writeTextDir +, fetchpatch +, withCMake ? true, cmake + +# sensitive downstream packages +, curl +, grpc # consumes cmake config +}: # Note: this package is used for bootstrapping fetchurl, and thus # cannot use fetchpatch! All mutable patches (generated by GitHub or # cgit) that are needed here should be included directly in Nixpkgs as # files. -let self = stdenv.mkDerivation rec { pname = "c-ares"; version = "1.18.1"; + outputs = [ "out" "dev" ]; src = fetchurl { url = "https://c-ares.haxx.se/download/${pname}-${version}.tar.gz"; sha256 = "sha256-Gn1SqKhKn7/7G+kTPA9uFyF9kepab6Yfa0cpzaeOu88="; }; + # c-ares is used for fetchpatch, so avoid using it for c-aresMinimal + patches = lib.optionals withCMake [ + # fix .pc paths created by cmake build + (fetchpatch { + url = "https://github.com/jonringer/c-ares/commit/9806a8a2f999a8a3efa3c893f2854dce6919d5bb.patch"; + sha256 = "sha256-nh/ZKdan2/FTrouApRQA7O8KGZrLEUuWhxGOktiiGwU="; + }) + ]; + + nativeBuildInputs = lib.optionals withCMake [ cmake ]; + enableParallelBuilding = true; + passthru.tests = { + inherit curl grpc; + }; + meta = with lib; { description = "A C library for asynchronous DNS requests"; homepage = "https://c-ares.haxx.se"; license = licenses.mit; platforms = platforms.all; }; - - # Adapted from running a cmake build - passthru.cmake-config = let - extension = if stdenv.hostPlatform.isStatic then ".a" else stdenv.hostPlatform.extensions.sharedLibrary; - buildType = if stdenv.hostPlatform.isStatic then "STATIC" else "SHARED"; - buildTypeLower = if stdenv.hostPlatform.isStatic then "static" else "shared"; - in writeTextDir "c-ares-config.cmake" - '' - set(c-ares_INCLUDE_DIR "${self}/include") - - set(c-ares_LIBRARY c-ares::cares) - - add_library(c-ares::cares ${buildType} IMPORTED) - - set_target_properties(c-ares::cares PROPERTIES - INTERFACE_INCLUDE_DIRECTORIES "${self}/include" - ${lib.optionalString stdenv.isLinux ''INTERFACE_LINK_LIBRARIES "nsl;rt"''} - ) - set_property(TARGET c-ares::cares APPEND PROPERTY IMPORTED_CONFIGURATIONS RELEASE) - set_target_properties(c-ares::cares PROPERTIES - IMPORTED_LOCATION_RELEASE "${self}/lib/libcares${extension}" - IMPORTED_SONAME_RELEASE "libcares${extension}" - ) - add_library(c-ares::cares_${buildTypeLower} INTERFACE IMPORTED) - set_target_properties(c-ares::cares_${buildTypeLower} PROPERTIES INTERFACE_LINK_LIBRARIES "c-ares::cares") - set(c-ares_${buildType}_LIBRARY c-ares::cares_${buildTypeLower}) - ''; - -}; in self +} diff --git a/pkgs/development/libraries/cosmopolitan/default.nix b/pkgs/development/libraries/cosmopolitan/default.nix index 63f45f62fd1..88e5bcf5d9d 100644 --- a/pkgs/development/libraries/cosmopolitan/default.nix +++ b/pkgs/development/libraries/cosmopolitan/default.nix @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { outputs = [ "out" "dist" ]; # slashes are significant because upstream uses o/$(MODE)/foo.o - buildFlags = "o/cosmopolitan.h o//cosmopolitan.a o//libc/crt/crt.o o//ape/ape.o o//ape/ape.lds"; + buildFlags = [ "o/cosmopolitan.h" "o//cosmopolitan.a" "o//libc/crt/crt.o" "o//ape/ape.o" "o//ape/ape.lds" ]; checkTarget = "o//test"; enableParallelBuilding = true; diff --git a/pkgs/development/libraries/cxxopts/default.nix b/pkgs/development/libraries/cxxopts/default.nix index cf36a88a35b..a24127ab56d 100644 --- a/pkgs/development/libraries/cxxopts/default.nix +++ b/pkgs/development/libraries/cxxopts/default.nix @@ -21,10 +21,10 @@ stdenv.mkDerivation rec { # CMake does not set CMAKE_LIBRARY_ARCHITECTURE variable in Nix, which breaks architecture-independent library path generation patches = [ ./fix-install-path.patch ]; - buildInputs = lib.optional enableUnicodeHelp [ icu.dev ]; + buildInputs = lib.optionals enableUnicodeHelp [ icu.dev ]; cmakeFlags = [ "-DCXXOPTS_BUILD_EXAMPLES=OFF" ] ++ lib.optional enableUnicodeHelp "-DCXXOPTS_USE_UNICODE_HELP=TRUE"; - nativeBuildInputs = [ cmake ] ++ lib.optional enableUnicodeHelp [ pkg-config ]; + nativeBuildInputs = [ cmake ] ++ lib.optionals enableUnicodeHelp [ pkg-config ]; doCheck = true; diff --git a/pkgs/development/libraries/cyrus-sasl/default.nix b/pkgs/development/libraries/cyrus-sasl/default.nix index be20a9b1678..632c8427e4d 100644 --- a/pkgs/development/libraries/cyrus-sasl/default.nix +++ b/pkgs/development/libraries/cyrus-sasl/default.nix @@ -1,5 +1,5 @@ { lib, stdenv, fetchurl, openssl, openldap, libkrb5, db, gettext -, pam, fixDarwinDylibNames, autoreconfHook, enableLdap ? false +, pam, libxcrypt, fixDarwinDylibNames, autoreconfHook, enableLdap ? false , buildPackages, pruneLibtoolFiles, nixosTests }: with lib; @@ -27,7 +27,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ autoreconfHook pruneLibtoolFiles ] ++ lib.optional stdenv.hostPlatform.isDarwin fixDarwinDylibNames; buildInputs = - [ openssl db gettext libkrb5 ] + [ openssl db gettext libkrb5 libxcrypt ] ++ lib.optional enableLdap openldap ++ lib.optional stdenv.isLinux pam; @@ -39,7 +39,7 @@ stdenv.mkDerivation rec { "--enable-shared" ] ++ lib.optional enableLdap "--with-ldap=${openldap.dev}"; - installFlags = lib.optional stdenv.isDarwin [ "framedir=$(out)/Library/Frameworks/SASL2.framework" ]; + installFlags = lib.optionals stdenv.isDarwin [ "framedir=$(out)/Library/Frameworks/SASL2.framework" ]; passthru.tests = { inherit (nixosTests) parsedmarc postfix; diff --git a/pkgs/development/libraries/dbus/default.nix b/pkgs/development/libraries/dbus/default.nix index 075f2a67b70..2cd6463d5c2 100644 --- a/pkgs/development/libraries/dbus/default.nix +++ b/pkgs/development/libraries/dbus/default.nix @@ -1,6 +1,5 @@ { stdenv , lib -, fetchpatch , fetchurl , pkg-config , expat @@ -20,27 +19,16 @@ stdenv.mkDerivation rec { pname = "dbus"; - version = "1.14.0"; + version = "1.14.4"; src = fetchurl { url = "https://dbus.freedesktop.org/releases/dbus/dbus-${version}.tar.xz"; - sha256 = "sha256-zNfM43WW4KGVWP1mSNEnKrQ/AR2AyGNa6o/QutWK69Q="; + sha256 = "sha256-fA+bjl7A/yR5OD5iwAhKOimvme3xUU6fZZuBsw1ONT4="; }; - patches = [ - # Fix dbus-daemon crashing when running tests due to long XDG_DATA_DIRS. - # https://gitlab.freedesktop.org/dbus/dbus/-/merge_requests/302 - (fetchpatch { - url = "https://gitlab.freedesktop.org/dbus/dbus/-/commit/b551b3e9737958216a1a9d359150a4110a9d0549.patch"; - sha256 = "kOVjlklZzKvBZXmmrE1UiO4XWRoBLViGwdn6/eDH+DY="; - }) - ] ++ (lib.optional stdenv.isSunOS ./implement-getgrouplist.patch); + patches = lib.optional stdenv.isSunOS ./implement-getgrouplist.patch; postPatch = '' - # We need to generate the file ourselves. - # https://gitlab.freedesktop.org/dbus/dbus/-/merge_requests/317 - rm doc/catalog.xml - substituteInPlace bus/Makefile.am \ --replace 'install-data-hook:' 'disabled:' \ --replace '$(mkinstalldirs) $(DESTDIR)$(localstatedir)/run/dbus' ':' diff --git a/pkgs/development/libraries/drogon/default.nix b/pkgs/development/libraries/drogon/default.nix index 9cc3503acd6..de4aaf32d98 100644 --- a/pkgs/development/libraries/drogon/default.nix +++ b/pkgs/development/libraries/drogon/default.nix @@ -37,7 +37,7 @@ stdenv.mkDerivation rec { ++ lib.optional postgresSupport postgresql ++ lib.optional redisSupport hiredis # drogon uses mariadb for mysql (see https://github.com/drogonframework/drogon/wiki/ENG-02-Installation#Library-Dependencies) - ++ lib.optional mysqlSupport [ libmysqlclient mariadb ]; + ++ lib.optionals mysqlSupport [ libmysqlclient mariadb ]; patches = [ # this part of the test would normally fail because it attempts to configure a CMake project that uses find_package on itself diff --git a/pkgs/development/libraries/fcft/default.nix b/pkgs/development/libraries/fcft/default.nix index 531276b90d7..ecc99092a90 100644 --- a/pkgs/development/libraries/fcft/default.nix +++ b/pkgs/development/libraries/fcft/default.nix @@ -20,14 +20,14 @@ in stdenv.mkDerivation rec { pname = "fcft"; - version = "3.1.4"; + version = "3.1.5"; src = fetchFromGitea { domain = "codeberg.org"; owner = "dnkl"; repo = "fcft"; rev = version; - sha256 = "sha256-kSzUZR/5PcYTxPWNh/zAwLQbfeW/44u2elEmGR3NYcM="; + sha256 = "sha256-3gsaXnflGiGOpIkqDQe5u6x8d18x67/dc4Hh1iU89+o="; }; depsBuildBuild = [ pkg-config ]; diff --git a/pkgs/development/libraries/ffmpeg/4.nix b/pkgs/development/libraries/ffmpeg/4.nix index b518b7527ac..e37e90d553a 100644 --- a/pkgs/development/libraries/ffmpeg/4.nix +++ b/pkgs/development/libraries/ffmpeg/4.nix @@ -1,17 +1,12 @@ -{ callPackage, fetchpatch -# Darwin frameworks -, Cocoa, CoreMedia, VideoToolbox -, stdenv, lib -, ... -}@args: +{ callPackage, fetchpatch, ... }@args: callPackage ./generic.nix (rec { version = "4.4.2"; branch = version; sha256 = "sha256-+YpIJSDEdQdSGpB5FNqp77wThOBZG1r8PaGKqJfeKUg="; - darwinFrameworks = [ Cocoa CoreMedia VideoToolbox ]; + patches = [ - # sdl2 recently changed their versioning + # SDL2 recently changed their versioning (fetchpatch { url = "https://git.videolan.org/?p=ffmpeg.git;a=patch;h=e5163b1d34381a3319214a902ef1df923dd2eeba"; hash = "sha256-nLhP2+34cj5EgpnUrePZp60nYAxmbhZAEDfay4pBVk0="; diff --git a/pkgs/development/libraries/ffmpeg/5.nix b/pkgs/development/libraries/ffmpeg/5.nix index d09d7ccd1ce..b19c22a55f3 100644 --- a/pkgs/development/libraries/ffmpeg/5.nix +++ b/pkgs/development/libraries/ffmpeg/5.nix @@ -1,12 +1,7 @@ -{ callPackage -# Darwin frameworks -, Cocoa, CoreMedia, VideoToolbox -, ... -}@args: +{ callPackage, ... }@args: callPackage ./generic.nix (rec { version = "5.1.2"; branch = version; sha256 = "sha256-OaC8yNmFSfFsVwYkZ4JGpqxzbAZs69tAn5UC6RWyLys="; - darwinFrameworks = [ Cocoa CoreMedia VideoToolbox ]; } // args) diff --git a/pkgs/development/libraries/ffmpeg/generic.nix b/pkgs/development/libraries/ffmpeg/generic.nix index 855586649b7..594adc04630 100644 --- a/pkgs/development/libraries/ffmpeg/generic.nix +++ b/pkgs/development/libraries/ffmpeg/generic.nix @@ -1,22 +1,23 @@ { lib, stdenv, buildPackages, fetchurl, pkg-config, addOpenGLRunpath, perl, texinfo, yasm , alsa-lib, bzip2, fontconfig, freetype, gnutls, libiconv, lame, libass, libogg -, libssh, libtheora, libva, libdrm, libvorbis, libvpx, xz, soxr +, libssh, libtheora, libva, libdrm, libvorbis, xz, soxr , x264, x265, xvidcore, zimg, zlib, libopus, speex, nv-codec-headers, dav1d -, srt ? null -, openglSupport ? false, libGLU ? null, libGL ? null -, libmfxSupport ? false, intel-media-sdk ? null -, libaomSupport ? false, libaom ? null +, vpxSupport ? !stdenv.isAarch32, libvpx +, srtSupport ? true, srt +, vaapiSupport ? ((stdenv.isLinux || stdenv.isFreeBSD) && !stdenv.isAarch32) +, openglSupport ? false, libGLU, libGL +, libmfxSupport ? false, intel-media-sdk +, libaomSupport ? false, libaom # Build options , runtimeCpuDetectBuild ? true # Detect CPU capabilities at runtime , multithreadBuild ? true # Multithreading via pthreads/win32 threads -, sdlSupport ? !stdenv.isAarch32, SDL ? null, SDL2 ? null -, vdpauSupport ? !stdenv.isAarch32, libvdpau ? null +, sdlSupport ? !stdenv.isAarch32, SDL2 +, vdpauSupport ? !stdenv.isAarch32, libvdpau # Developer options , debugDeveloper ? false , optimizationsDeveloper ? true , extraWarningsDeveloper ? false -# Darwin frameworks -, Cocoa, darwinFrameworks ? [ Cocoa ] +, Cocoa, CoreMedia, VideoToolbox # Inherit generics , branch, sha256, version, patches ? [], knownVulnerabilities ? [] , doCheck ? true @@ -35,12 +36,6 @@ * pulseaudio * * Known issues: - * 0.6 - fails to compile (unresolved) (so far, only disabling a number of - * features works, but that is not a feasible solution) - * 0.6.90 - mmx: compile errors (fix: disable for 0.6.90-rc0) - * 1.1 - libsoxr: compile error (fix: disable for 1.1) - * Support was initially added in 1.1 before soxr api change, fix - * would probably be to add soxr-1.0 * ALL - Cross-compiling will disable features not present on host OS * (e.g. dxva2 support [DirectX] will not be enabled unless natively * compiled on Cygwin) @@ -48,34 +43,16 @@ */ let - inherit (stdenv) isDarwin isFreeBSD isLinux isAarch32; inherit (lib) optional optionals optionalString enableFeature filter; - cmpVer = builtins.compareVersions; - reqMin = requiredVersion: (cmpVer requiredVersion branch != 1); - reqMatch = requiredVersion: (cmpVer requiredVersion branch == 0); + reqMin = requiredVersion: (builtins.compareVersions requiredVersion branch != 1); ifMinVer = minVer: flag: if reqMin minVer then flag else null; ifVerOlder = maxVer: flag: if (lib.versionOlder branch maxVer) then flag else null; - - # Version specific fix - verFix = withoutFix: fixVer: withFix: if reqMatch fixVer then withFix else withoutFix; - - # Disable dependency that needs fixes before it will work on Darwin or Arm - disDarwinOrArmFix = origArg: minVer: fixArg: if ((isDarwin || isAarch32) && reqMin minVer) then fixArg else origArg; - - vaapiSupport = reqMin "0.6" && ((isLinux || isFreeBSD) && !isAarch32); - - vpxSupport = reqMin "0.6" && !isAarch32; in -assert openglSupport -> libGL != null && libGLU != null; -assert libmfxSupport -> intel-media-sdk != null; -assert libaomSupport -> libaom != null; - stdenv.mkDerivation rec { - pname = "ffmpeg"; inherit version; @@ -87,8 +64,7 @@ stdenv.mkDerivation rec { postPatch = "patchShebangs ."; inherit patches; - outputs = [ "bin" "dev" "out" "man" ] - ++ optional (reqMin "1.0") "doc" ; # just dev-doc + outputs = [ "bin" "dev" "out" "man" "doc" ]; setOutputFlags = false; # doesn't accept all and stores configureFlags in libs! configurePlatforms = []; @@ -100,8 +76,8 @@ stdenv.mkDerivation rec { "--enable-version3" # Build flags "--enable-shared" - (ifMinVer "0.6" "--enable-pic") - (ifMinVer "4.0" (enableFeature (srt != null) "libsrt")) + "--enable-pic" + (ifMinVer "4.0" (enableFeature srtSupport "libsrt")) (enableFeature runtimeCpuDetectBuild "runtime-cpudetect") "--enable-hardcoded-tables" ] ++ @@ -113,63 +89,61 @@ stdenv.mkDerivation rec { else ["--disable-pthreads" "--disable-w32threads"]) ++ [ - (ifMinVer "0.9" "--disable-os2threads") # We don't support OS/2 + "--disable-os2threads" # We don't support OS/2 "--enable-network" - (ifMinVer "2.4" "--enable-pixelutils") + "--enable-pixelutils" # Executables "--enable-ffmpeg" "--disable-ffplay" - (ifMinVer "0.6" "--enable-ffprobe") - (if reqMin "4" then null else "--disable-ffserver") + "--enable-ffprobe" + (ifVerOlder "4" "--disable-ffserver") # Libraries - (ifMinVer "0.6" "--enable-avcodec") - (ifMinVer "0.6" "--enable-avdevice") + "--enable-avcodec" + "--enable-avdevice" "--enable-avfilter" - (ifMinVer "0.6" "--enable-avformat") - (ifMinVer "1.0" (ifVerOlder "5.0" "--enable-avresample")) - (ifMinVer "1.1" "--enable-avutil") + "--enable-avformat" + (ifVerOlder "5.0" "--enable-avresample") + "--enable-avutil" "--enable-postproc" - (ifMinVer "0.9" "--enable-swresample") + "--enable-swresample" "--enable-swscale" # Docs - (ifMinVer "0.6" "--disable-doc") + "--disable-doc" # External Libraries "--enable-libass" "--enable-bzlib" "--enable-gnutls" - (ifMinVer "1.0" "--enable-fontconfig") - (ifMinVer "0.7" "--enable-libfreetype") + "--enable-fontconfig" + "--enable-libfreetype" "--enable-libmp3lame" - (ifMinVer "1.2" "--enable-iconv") + "--enable-iconv" "--enable-libtheora" - (ifMinVer "2.1" "--enable-libssh") - (ifMinVer "0.6" (enableFeature vaapiSupport "vaapi")) - (ifMinVer "3.4" (enableFeature vaapiSupport "libdrm")) + "--enable-libssh" + (enableFeature vaapiSupport "vaapi") + (enableFeature vaapiSupport "libdrm") (enableFeature vdpauSupport "vdpau") "--enable-libvorbis" - (ifMinVer "0.6" (enableFeature vpxSupport "libvpx")) - (ifMinVer "2.4" "--enable-lzma") - (ifMinVer "2.2" (enableFeature openglSupport "opengl")) + (enableFeature vpxSupport "libvpx") + "--enable-lzma" + (enableFeature openglSupport "opengl") (ifMinVer "4.2" (enableFeature libmfxSupport "libmfx")) (ifMinVer "4.2" (enableFeature libaomSupport "libaom")) - (disDarwinOrArmFix (ifMinVer "0.9" (lib.optionalString pulseaudioSupport "--enable-libpulse")) "0.9" "--disable-libpulse") - (ifMinVer "2.5" (if sdlSupport && reqMin "3.2" then "--enable-sdl2" else if sdlSupport then "--enable-sdl" else null)) # autodetected before 2.5, SDL1 support removed in 3.2 for SDL2 - (ifMinVer "1.2" "--enable-libsoxr") + (lib.optionalString pulseaudioSupport "--enable-libpulse") + (enableFeature sdlSupport "sdl2") + "--enable-libsoxr" "--enable-libx264" "--enable-libxvid" "--enable-libzimg" "--enable-zlib" - (ifMinVer "2.8" "--enable-libopus") + "--enable-libopus" "--enable-libspeex" - (ifMinVer "2.8" "--enable-libx265") - (ifMinVer "4.2" (enableFeature (dav1d != null) "libdav1d")) + "--enable-libx265" + (ifMinVer "4.2" (enableFeature (reqMin "4.2") "libdav1d")) # Developer flags (enableFeature debugDeveloper "debug") (enableFeature optimizationsDeveloper "optimizations") (enableFeature extraWarningsDeveloper "extra-warnings") "--disable-stripping" - # Disable mmx support for 0.6.90 - (verFix null "0.6.90" "--disable-mmx") ] ++ optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ "--cross-prefix=${stdenv.cc.targetPrefix}" "--enable-cross-compile" @@ -180,18 +154,18 @@ stdenv.mkDerivation rec { buildInputs = [ bzip2 fontconfig freetype gnutls libiconv lame libass libogg libssh libtheora - libvorbis xz soxr x264 x265 xvidcore zimg zlib libopus speex srt nv-codec-headers + libvorbis xz soxr x264 x265 xvidcore zimg zlib libopus speex nv-codec-headers ] ++ optionals openglSupport [ libGL libGLU ] ++ optional libmfxSupport intel-media-sdk ++ optional libaomSupport libaom ++ optional vpxSupport libvpx - ++ optionals (!isDarwin && !isAarch32 && pulseaudioSupport) [ libpulseaudio ] # Need to be fixed on Darwin and ARM - ++ optional ((isLinux || isFreeBSD) && !isAarch32) libva - ++ optional ((isLinux || isFreeBSD) && !isAarch32) libdrm - ++ optional isLinux alsa-lib - ++ optionals isDarwin darwinFrameworks + ++ optionals (!stdenv.isDarwin && !stdenv.isAarch32 && pulseaudioSupport) [ libpulseaudio ] # Need to be fixed on Darwin and ARM + ++ optionals vaapiSupport [ libva libdrm ] + ++ optional stdenv.isLinux alsa-lib + ++ optionals stdenv.isDarwin [ Cocoa CoreMedia VideoToolbox ] ++ optional vdpauSupport libvdpau - ++ optional sdlSupport (if reqMin "3.2" then SDL2 else SDL) + ++ optional sdlSupport SDL2 + ++ optional srtSupport srt ++ optional (reqMin "4.2") dav1d; enableParallelBuilding = true; diff --git a/pkgs/development/libraries/galario/default.nix b/pkgs/development/libraries/galario/default.nix index ac7e4f4255e..7f757fd4819 100644 --- a/pkgs/development/libraries/galario/default.nix +++ b/pkgs/development/libraries/galario/default.nix @@ -34,13 +34,13 @@ stdenv.mkDerivation rec { ++ lib.optional stdenv.isDarwin llvmPackages.openmp ; - propagatedBuildInputs = lib.optional enablePython [ + propagatedBuildInputs = lib.optionals enablePython [ pythonPackages.numpy pythonPackages.cython pythonPackages.pytest ]; - checkInputs = lib.optional enablePython [ pythonPackages.scipy pythonPackages.pytest-cov ]; + checkInputs = lib.optionals enablePython [ pythonPackages.scipy pythonPackages.pytest-cov ]; preConfigure = '' mkdir -p build/external/src diff --git a/pkgs/development/libraries/glibc/common.nix b/pkgs/development/libraries/glibc/common.nix index 6ed0a4d4da0..83cde077494 100644 --- a/pkgs/development/libraries/glibc/common.nix +++ b/pkgs/development/libraries/glibc/common.nix @@ -36,6 +36,7 @@ , withLinuxHeaders ? false , profilingLibraries ? false , withGd ? false +, withLibcrypt ? false , meta , extraBuildInputs ? [] , extraNativeBuildInputs ? [] @@ -183,7 +184,9 @@ stdenv.mkDerivation ({ # To avoid linking with -lgcc_s (dynamic link) # so the glibc does not depend on its compiler store path "libc_cv_as_needed=no" - ] ++ lib.optional withGd "--with-gd"; + ] + ++ lib.optional withGd "--with-gd" + ++ lib.optional (!withLibcrypt) "--disable-crypt"; makeFlags = [ "OBJCOPY=${stdenv.cc.targetPrefix}objcopy" diff --git a/pkgs/development/libraries/glibc/default.nix b/pkgs/development/libraries/glibc/default.nix index 5f581d7493e..791ac47536f 100644 --- a/pkgs/development/libraries/glibc/default.nix +++ b/pkgs/development/libraries/glibc/default.nix @@ -2,6 +2,7 @@ , withLinuxHeaders ? true , profilingLibraries ? false , withGd ? false +, withLibcrypt? false , buildPackages }: @@ -16,7 +17,7 @@ in callPackage ./common.nix { inherit stdenv; } { pname = "glibc" + lib.optionalString withGd "-gd"; - inherit withLinuxHeaders profilingLibraries withGd; + inherit withLinuxHeaders profilingLibraries withGd withLibcrypt; # Note: # Things you write here override, and do not add to, diff --git a/pkgs/development/libraries/gnutls/default.nix b/pkgs/development/libraries/gnutls/default.nix index d04fda98c7f..f1ec87ba008 100644 --- a/pkgs/development/libraries/gnutls/default.nix +++ b/pkgs/development/libraries/gnutls/default.nix @@ -65,7 +65,7 @@ stdenv.mkDerivation rec { "--with-unbound-root-key-file=${dns-root-data}/root.key" (lib.withFeature withP11-kit "p11-kit") (lib.enableFeature cxxBindings "cxx") - ] ++ lib.optional guileBindings [ + ] ++ lib.optionals guileBindings [ "--enable-guile" "--with-guile-site-dir=\${out}/share/guile/site" "--with-guile-site-ccache-dir=\${out}/share/guile/site" diff --git a/pkgs/development/libraries/gpgme/default.nix b/pkgs/development/libraries/gpgme/default.nix index 8d4e2e7271d..8470c62a890 100644 --- a/pkgs/development/libraries/gpgme/default.nix +++ b/pkgs/development/libraries/gpgme/default.nix @@ -35,6 +35,8 @@ stdenv.mkDerivation rec { }; patches = [ + # Fix compilation on i686, would not be needed after 1.18.1 releases, https://dev.gnupg.org/T5522 + ./t-addexistingsubkey-i686.patch # https://dev.gnupg.org/rMc4cf527ea227edb468a84bf9b8ce996807bd6992 ./fix_gpg_list_keys.diff # https://lists.gnupg.org/pipermail/gnupg-devel/2020-April/034591.html diff --git a/pkgs/development/libraries/gpgme/t-addexistingsubkey-i686.patch b/pkgs/development/libraries/gpgme/t-addexistingsubkey-i686.patch new file mode 100644 index 00000000000..348bd8fa596 --- /dev/null +++ b/pkgs/development/libraries/gpgme/t-addexistingsubkey-i686.patch @@ -0,0 +1,369 @@ +From c977424a1d39751fc5055131ad3f7819d421dcc8 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ingo=20Kl=C3=B6cker?= <dev@ingo-kloecker.de> +Date: Wed, 17 Aug 2022 14:51:19 +0200 +Subject: [PATCH 1/5] qt: Make sure expiration time is interpreted as unsigned + number + +* lang/qt/src/qgpgmeaddexistingsubkeyjob.cpp (add_subkey): Convert +expiration time to uint_least32_t. +-- + +This fixes the corresponding test on 32-bit systems where time_t (the +return type of expirationTime()) is a signed 32-bit integer type. + +GnuPG-bug-id: 6137 +--- + lang/qt/src/qgpgmeaddexistingsubkeyjob.cpp | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/lang/qt/src/qgpgmeaddexistingsubkeyjob.cpp b/lang/qt/src/qgpgmeaddexistingsubkeyjob.cpp +index 32e2c292..b74e7a06 100644 +--- a/lang/qt/src/qgpgmeaddexistingsubkeyjob.cpp ++++ b/lang/qt/src/qgpgmeaddexistingsubkeyjob.cpp +@@ -64,7 +64,8 @@ static QGpgMEAddExistingSubkeyJob::result_type add_subkey(Context *ctx, const Ke + std::unique_ptr<GpgAddExistingSubkeyEditInteractor> interactor{new GpgAddExistingSubkeyEditInteractor{subkey.keyGrip()}}; + + if (!subkey.neverExpires()) { +- const auto expiry = QDateTime::fromSecsSinceEpoch(subkey.expirationTime(), Qt::UTC).toString(u"yyyyMMdd'T'hhmmss").toStdString(); ++ const auto expiry = QDateTime::fromSecsSinceEpoch(uint_least32_t(subkey.expirationTime()), ++ Qt::UTC).toString(u"yyyyMMdd'T'hhmmss").toStdString(); + interactor->setExpiry(expiry); + } + +-- +2.36.0.windows.1 + + +From 81d4b7f2d7077297d76af5728949d8f2bdff8cd5 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ingo=20Kl=C3=B6cker?= <dev@ingo-kloecker.de> +Date: Wed, 17 Aug 2022 14:56:13 +0200 +Subject: [PATCH 2/5] qt,tests: Log the actual error code if the assertion + fails + +* lang/qt/tests/t-addexistingsubkey.cpp ( +AddExistingSubkeyJobTest::testAddExistingSubkeyAsync, +AddExistingSubkeyJobTest::testAddExistingSubkeySync, +AddExistingSubkeyJobTest::testAddExistingSubkeyWithExpiration): Use +QCOMPARE instead of QVERIFY for asserting equality. +-- + +GnuPG-bug-id: 6137 +--- + lang/qt/tests/t-addexistingsubkey.cpp | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/lang/qt/tests/t-addexistingsubkey.cpp b/lang/qt/tests/t-addexistingsubkey.cpp +index 589c90bf..2e654cec 100644 +--- a/lang/qt/tests/t-addexistingsubkey.cpp ++++ b/lang/qt/tests/t-addexistingsubkey.cpp +@@ -168,7 +168,7 @@ private Q_SLOTS: + QSignalSpy spy (this, SIGNAL(asyncDone())); + QVERIFY(spy.wait(QSIGNALSPY_TIMEOUT)); + +- QVERIFY(result.code() == GPG_ERR_NO_ERROR); ++ QCOMPARE(result.code(), static_cast<int>(GPG_ERR_NO_ERROR)); + key.update(); + QCOMPARE(key.numSubkeys(), 3u); + } +@@ -190,7 +190,7 @@ private Q_SLOTS: + + const auto result = job->exec(key, sourceSubkey); + +- QVERIFY(result.code() == GPG_ERR_NO_ERROR); ++ QCOMPARE(result.code(), static_cast<int>(GPG_ERR_NO_ERROR)); + key.update(); + QCOMPARE(key.numSubkeys(), 3u); + QCOMPARE(key.subkey(2).expirationTime(), 0); +@@ -213,7 +213,7 @@ private Q_SLOTS: + + const auto result = job->exec(key, sourceSubkey); + +- QVERIFY(result.code() == GPG_ERR_NO_ERROR); ++ QCOMPARE(result.code(), static_cast<int>(GPG_ERR_NO_ERROR)); + key.update(); + QCOMPARE(key.numSubkeys(), 3u); + +-- +2.36.0.windows.1 + + +From f2b48de26b8f8c48c293423eda712831544924f6 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ingo=20Kl=C3=B6cker?= <dev@ingo-kloecker.de> +Date: Wed, 17 Aug 2022 15:22:29 +0200 +Subject: [PATCH 3/5] qt,tests: Make sure expiration time is interpreted as + unsigned number + +* lang/qt/tests/t-addexistingsubkey.cpp, +lang/qt/tests/t-changeexpiryjob.cpp: Convert expiration time to +uint_least32_t. +-- + +This doesn't change the outcome of the tests (they also pass without +this change because of the expiration dates of the test keys), but it's +still good practise to treat the expiration time as an unsigned number +if the assertions check that the expiration time is in some range. + +GnuPG-bug-id: 6137 +--- + lang/qt/tests/t-addexistingsubkey.cpp | 6 +++--- + lang/qt/tests/t-changeexpiryjob.cpp | 26 +++++++++++++------------- + 2 files changed, 16 insertions(+), 16 deletions(-) + +diff --git a/lang/qt/tests/t-addexistingsubkey.cpp b/lang/qt/tests/t-addexistingsubkey.cpp +index 2e654cec..87eadf43 100644 +--- a/lang/qt/tests/t-addexistingsubkey.cpp ++++ b/lang/qt/tests/t-addexistingsubkey.cpp +@@ -222,9 +222,9 @@ private Q_SLOTS: + // several times + const auto allowedDeltaTSeconds = 1; + const auto expectedExpirationRange = std::make_pair( +- sourceSubkey.expirationTime() - allowedDeltaTSeconds, +- sourceSubkey.expirationTime() + allowedDeltaTSeconds); +- const auto actualExpiration = key.subkey(2).expirationTime(); ++ uint_least32_t(sourceSubkey.expirationTime()) - allowedDeltaTSeconds, ++ uint_least32_t(sourceSubkey.expirationTime()) + allowedDeltaTSeconds); ++ const auto actualExpiration = uint_least32_t(key.subkey(2).expirationTime()); + QVERIFY2(actualExpiration >= expectedExpirationRange.first, + ("actual: " + std::to_string(actualExpiration) + + "; expected: " + std::to_string(expectedExpirationRange.first)).c_str()); +diff --git a/lang/qt/tests/t-changeexpiryjob.cpp b/lang/qt/tests/t-changeexpiryjob.cpp +index 090002f3..3da74d46 100644 +--- a/lang/qt/tests/t-changeexpiryjob.cpp ++++ b/lang/qt/tests/t-changeexpiryjob.cpp +@@ -70,7 +70,7 @@ private Q_SLOTS: + QVERIFY(!key.isNull()); + QVERIFY(!key.subkey(0).isNull()); + QVERIFY(!key.subkey(1).isNull()); +- const auto subkeyExpiration = key.subkey(1).expirationTime(); ++ const auto subkeyExpiration = uint_least32_t(key.subkey(1).expirationTime()); + + { + // Create the job +@@ -101,7 +101,7 @@ private Q_SLOTS: + newExpirationDate.toSecsSinceEpoch() - 10, + QDateTime::currentDateTime().addDays(1).toSecsSinceEpoch()); + { +- const auto actualExpiration = key.subkey(0).expirationTime(); ++ const auto actualExpiration = uint_least32_t(key.subkey(0).expirationTime()); + QVERIFY2(actualExpiration >= expectedExpirationRange.first, + ("actual: " + std::to_string(actualExpiration) + + "; expected: " + std::to_string(expectedExpirationRange.first)).c_str()); +@@ -110,7 +110,7 @@ private Q_SLOTS: + "; expected: " + std::to_string(expectedExpirationRange.second)).c_str()); + } + { +- const auto actualExpiration = key.subkey(1).expirationTime(); ++ const auto actualExpiration = uint_least32_t(key.subkey(1).expirationTime()); + QCOMPARE(actualExpiration, subkeyExpiration); // unchanged + } + } +@@ -133,7 +133,7 @@ private Q_SLOTS: + QVERIFY(!key.isNull()); + QVERIFY(!key.subkey(0).isNull()); + QVERIFY(!key.subkey(1).isNull()); +- const auto primaryKeyExpiration = key.subkey(0).expirationTime(); ++ const auto primaryKeyExpiration = uint_least32_t(key.subkey(0).expirationTime()); + + { + // Create the job +@@ -164,11 +164,11 @@ private Q_SLOTS: + newExpirationDate.toSecsSinceEpoch() - 10, + QDateTime::currentDateTime().addDays(2).toSecsSinceEpoch()); + { +- const auto actualExpiration = key.subkey(0).expirationTime(); ++ const auto actualExpiration = uint_least32_t(key.subkey(0).expirationTime()); + QCOMPARE(actualExpiration, primaryKeyExpiration); // unchanged + } + { +- const auto actualExpiration = key.subkey(1).expirationTime(); ++ const auto actualExpiration = uint_least32_t(key.subkey(1).expirationTime()); + QVERIFY2(actualExpiration >= expectedExpirationRange.first, + ("actual: " + std::to_string(actualExpiration) + + "; expected: " + std::to_string(expectedExpirationRange.first)).c_str()); +@@ -196,7 +196,7 @@ private Q_SLOTS: + QVERIFY(!key.isNull()); + QVERIFY(!key.subkey(0).isNull()); + QVERIFY(!key.subkey(1).isNull()); +- const auto subkeyExpiration = key.subkey(1).expirationTime(); ++ const auto subkeyExpiration = uint_least32_t(key.subkey(1).expirationTime()); + + { + // Create the job +@@ -228,7 +228,7 @@ private Q_SLOTS: + newExpirationDate.toSecsSinceEpoch() - 10, + QDateTime::currentDateTime().addDays(3).toSecsSinceEpoch()); + { +- const auto actualExpiration = key.subkey(0).expirationTime(); ++ const auto actualExpiration = uint_least32_t(key.subkey(0).expirationTime()); + QVERIFY2(actualExpiration >= expectedExpirationRange.first, + ("actual: " + std::to_string(actualExpiration) + + "; expected: " + std::to_string(expectedExpirationRange.first)).c_str()); +@@ -237,7 +237,7 @@ private Q_SLOTS: + "; expected: " + std::to_string(expectedExpirationRange.second)).c_str()); + } + { +- const auto actualExpiration = key.subkey(1).expirationTime(); ++ const auto actualExpiration = uint_least32_t(key.subkey(1).expirationTime()); + QCOMPARE(actualExpiration, subkeyExpiration); // unchanged + } + } +@@ -291,7 +291,7 @@ private Q_SLOTS: + newExpirationDate.toSecsSinceEpoch() - 10, + QDateTime::currentDateTime().addDays(4).toSecsSinceEpoch()); + { +- const auto actualExpiration = key.subkey(0).expirationTime(); ++ const auto actualExpiration = uint_least32_t(key.subkey(0).expirationTime()); + QVERIFY2(actualExpiration >= expectedExpirationRange.first, + ("actual: " + std::to_string(actualExpiration) + + "; expected: " + std::to_string(expectedExpirationRange.first)).c_str()); +@@ -300,7 +300,7 @@ private Q_SLOTS: + "; expected: " + std::to_string(expectedExpirationRange.second)).c_str()); + } + { +- const auto actualExpiration = key.subkey(1).expirationTime(); ++ const auto actualExpiration = uint_least32_t(key.subkey(1).expirationTime()); + QVERIFY2(actualExpiration >= expectedExpirationRange.first, + ("actual: " + std::to_string(actualExpiration) + + "; expected: " + std::to_string(expectedExpirationRange.first)).c_str()); +@@ -359,7 +359,7 @@ private Q_SLOTS: + newExpirationDate.toSecsSinceEpoch() - 10, + QDateTime::currentDateTime().addDays(5).toSecsSinceEpoch()); + { +- const auto actualExpiration = key.subkey(0).expirationTime(); ++ const auto actualExpiration = uint_least32_t(key.subkey(0).expirationTime()); + QVERIFY2(actualExpiration >= expectedExpirationRange.first, + ("actual: " + std::to_string(actualExpiration) + + "; expected: " + std::to_string(expectedExpirationRange.first)).c_str()); +@@ -368,7 +368,7 @@ private Q_SLOTS: + "; expected: " + std::to_string(expectedExpirationRange.second)).c_str()); + } + { +- const auto actualExpiration = key.subkey(1).expirationTime(); ++ const auto actualExpiration = uint_least32_t(key.subkey(1).expirationTime()); + QVERIFY2(actualExpiration >= expectedExpirationRange.first, + ("actual: " + std::to_string(actualExpiration) + + "; expected: " + std::to_string(expectedExpirationRange.first)).c_str()); +-- +2.36.0.windows.1 + + +From 2fa5c80aeba4528b3bdf41ec5740e7db5d4b6d2b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ingo=20Kl=C3=B6cker?= <dev@ingo-kloecker.de> +Date: Thu, 18 Aug 2022 10:43:19 +0200 +Subject: [PATCH 4/5] cpp: Fix handling of "no key" or "invalid time" + situations + +* lang/cpp/src/gpgaddexistingsubkeyeditinteractor.cpp +(GpgAddExistingSubkeyEditInteractor::Private::nextState): Fix inverted +logic of string comparisons. +-- + +This fixes the problem that the interactor didn't return the proper +error code if gpg didn't accept the key grip or the expiration date. + +GnuPG-bug-id: 6137 +--- + lang/cpp/src/gpgaddexistingsubkeyeditinteractor.cpp | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/lang/cpp/src/gpgaddexistingsubkeyeditinteractor.cpp b/lang/cpp/src/gpgaddexistingsubkeyeditinteractor.cpp +index 547e613d..8eec7460 100644 +--- a/lang/cpp/src/gpgaddexistingsubkeyeditinteractor.cpp ++++ b/lang/cpp/src/gpgaddexistingsubkeyeditinteractor.cpp +@@ -136,7 +136,7 @@ unsigned int GpgAddExistingSubkeyEditInteractor::Private::nextState(unsigned int + strcmp(args, "keygen.flags") == 0) { + return FLAGS; + } else if (status == GPGME_STATUS_GET_LINE && +- strcmp(args, "keygen.keygrip")) { ++ strcmp(args, "keygen.keygrip") == 0) { + err = NO_KEY_ERROR; + return ERROR; + } +@@ -157,7 +157,7 @@ unsigned int GpgAddExistingSubkeyEditInteractor::Private::nextState(unsigned int + strcmp(args, "keyedit.prompt") == 0) { + return QUIT; + } else if (status == GPGME_STATUS_GET_LINE && +- strcmp(args, "keygen.valid")) { ++ strcmp(args, "keygen.valid") == 0) { + err = INV_TIME_ERROR; + return ERROR; + } +-- +2.36.0.windows.1 + + +From 2e7a61b898fccc1c20000b79dee83cd980901fa9 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ingo=20Kl=C3=B6cker?= <dev@ingo-kloecker.de> +Date: Thu, 18 Aug 2022 10:55:09 +0200 +Subject: [PATCH 5/5] qt,tests: Make test pass on 32-bit systems + +* lang/qt/tests/t-addexistingsubkey.cpp +(AddExistingSubkeyJobTest::testAddExistingSubkeyWithExpiration): Handle +negative expiration date. +-- + +On 32-bit systems the expiration date of the test key overflows. This +will cause the AddExistingSubkeyJob to fail. We expect it to fail with +an "invalid time" error. + +GnuPG-bug-id: 6137 +--- + lang/qt/tests/t-addexistingsubkey.cpp | 42 +++++++++++++++------------ + 1 file changed, 24 insertions(+), 18 deletions(-) + +diff --git a/lang/qt/tests/t-addexistingsubkey.cpp b/lang/qt/tests/t-addexistingsubkey.cpp +index 87eadf43..c0eee57b 100644 +--- a/lang/qt/tests/t-addexistingsubkey.cpp ++++ b/lang/qt/tests/t-addexistingsubkey.cpp +@@ -213,24 +213,30 @@ private Q_SLOTS: + + const auto result = job->exec(key, sourceSubkey); + +- QCOMPARE(result.code(), static_cast<int>(GPG_ERR_NO_ERROR)); +- key.update(); +- QCOMPARE(key.numSubkeys(), 3u); +- +- // allow 1 second different expiration because gpg calculates with +- // expiration as difference to current time and takes current time +- // several times +- const auto allowedDeltaTSeconds = 1; +- const auto expectedExpirationRange = std::make_pair( +- uint_least32_t(sourceSubkey.expirationTime()) - allowedDeltaTSeconds, +- uint_least32_t(sourceSubkey.expirationTime()) + allowedDeltaTSeconds); +- const auto actualExpiration = uint_least32_t(key.subkey(2).expirationTime()); +- QVERIFY2(actualExpiration >= expectedExpirationRange.first, +- ("actual: " + std::to_string(actualExpiration) + +- "; expected: " + std::to_string(expectedExpirationRange.first)).c_str()); +- QVERIFY2(actualExpiration <= expectedExpirationRange.second, +- ("actual: " + std::to_string(actualExpiration) + +- "; expected: " + std::to_string(expectedExpirationRange.second)).c_str()); ++ if (sourceSubkey.expirationTime() > 0) { ++ QCOMPARE(result.code(), static_cast<int>(GPG_ERR_NO_ERROR)); ++ key.update(); ++ QCOMPARE(key.numSubkeys(), 3u); ++ ++ // allow 1 second different expiration because gpg calculates with ++ // expiration as difference to current time and takes current time ++ // several times ++ const auto allowedDeltaTSeconds = 1; ++ const auto expectedExpirationRange = std::make_pair( ++ uint_least32_t(sourceSubkey.expirationTime()) - allowedDeltaTSeconds, ++ uint_least32_t(sourceSubkey.expirationTime()) + allowedDeltaTSeconds); ++ const auto actualExpiration = uint_least32_t(key.subkey(2).expirationTime()); ++ QVERIFY2(actualExpiration >= expectedExpirationRange.first, ++ ("actual: " + std::to_string(actualExpiration) + ++ "; expected: " + std::to_string(expectedExpirationRange.first)).c_str()); ++ QVERIFY2(actualExpiration <= expectedExpirationRange.second, ++ ("actual: " + std::to_string(actualExpiration) + ++ "; expected: " + std::to_string(expectedExpirationRange.second)).c_str()); ++ } else { ++ // on 32-bit systems the expiration date of the test key overflows; ++ // in this case we expect an appropriate error code ++ QCOMPARE(result.code(), static_cast<int>(GPG_ERR_INV_TIME)); ++ } + } + + private: +-- +2.36.0.windows.1 + diff --git a/pkgs/development/libraries/grpc/default.nix b/pkgs/development/libraries/grpc/default.nix index 4cba9c1b511..d44b85337dd 100644 --- a/pkgs/development/libraries/grpc/default.nix +++ b/pkgs/development/libraries/grpc/default.nix @@ -51,7 +51,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ cmake pkg-config ] ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) grpc; propagatedBuildInputs = [ c-ares re2 zlib abseil-cpp ]; - buildInputs = [ c-ares.cmake-config openssl protobuf ] + buildInputs = [ openssl protobuf ] ++ lib.optionals stdenv.isLinux [ libnsl ]; cmakeFlags = [ diff --git a/pkgs/development/libraries/gstreamer/base/default.nix b/pkgs/development/libraries/gstreamer/base/default.nix index a53ffb4f1b3..dac712e8238 100644 --- a/pkgs/development/libraries/gstreamer/base/default.nix +++ b/pkgs/development/libraries/gstreamer/base/default.nix @@ -79,7 +79,7 @@ stdenv.mkDerivation rec { libjpeg tremor libGL - ] ++ lib.optional (!stdenv.isDarwin) [ + ] ++ lib.optionals (!stdenv.isDarwin) [ libvisual ] ++ lib.optionals stdenv.isDarwin [ pango diff --git a/pkgs/development/libraries/gvm-libs/default.nix b/pkgs/development/libraries/gvm-libs/default.nix index a141d36e330..ba08fc61f56 100644 --- a/pkgs/development/libraries/gvm-libs/default.nix +++ b/pkgs/development/libraries/gvm-libs/default.nix @@ -12,6 +12,7 @@ , libpcap , libssh , libuuid +, libxcrypt , libxml2 , pkg-config , zlib @@ -46,6 +47,7 @@ stdenv.mkDerivation rec { libpcap libssh libuuid + libxcrypt libxml2 zlib ]; diff --git a/pkgs/development/libraries/harfbuzz/default.nix b/pkgs/development/libraries/harfbuzz/default.nix index c9f8f83f0f8..0bb6546543d 100644 --- a/pkgs/development/libraries/harfbuzz/default.nix +++ b/pkgs/development/libraries/harfbuzz/default.nix @@ -1,7 +1,6 @@ { lib , stdenv -, fetchFromGitHub -, fetchpatch +, fetchurl , pkg-config , glib , freetype @@ -31,7 +30,7 @@ }: let - version = "5.1.0"; + version = "5.2.0"; inherit (lib) optional optionals optionalString; mesonFeatureFlag = opt: b: "-D${opt}=${if b then "enabled" else "disabled"}"; @@ -41,21 +40,11 @@ stdenv.mkDerivation { pname = "harfbuzz${optionalString withIcu "-icu"}"; inherit version; - src = fetchFromGitHub { - owner = "harfbuzz"; - repo = "harfbuzz"; - rev = version; - sha256 = "sha256-K6iScmg1vNfwb1UYqtXsnijLVpcC+am2ZL+W5bLFzsI="; + src = fetchurl { + url = "https://github.com/harfbuzz/harfbuzz/releases/download/${version}/harfbuzz-${version}.tar.xz"; + sha256 = "0b4lpkidwx0lf8slczjji652yll6g5zgmm5lmisnb4s7gf8r8nkk"; }; - patches = [ - (fetchpatch { - name = "aarch64-test-narrowing.diff"; - url = "https://github.com/harfbuzz/harfbuzz/commit/04d28d94e576aab099891e6736fd0088dfac3366.diff"; - sha256 = "sha256-099GP8t1G0kyYl79A6xJhfyrs3WXYitvn+He7sEz+Oo="; - }) - ]; - postPatch = '' patchShebangs src/*.py test '' + lib.optionalString stdenv.isDarwin '' diff --git a/pkgs/development/libraries/hunspell/default.nix b/pkgs/development/libraries/hunspell/default.nix index baaa07d7e7e..8b82af58670 100644 --- a/pkgs/development/libraries/hunspell/default.nix +++ b/pkgs/development/libraries/hunspell/default.nix @@ -24,7 +24,7 @@ stdenv.mkDerivation rec { patchShebangs tests ''; - autoreconfFlags = "-vfi"; + autoreconfFlags = [ "-vfi" ]; configureFlags = [ "--with-ui" "--with-readline" ]; diff --git a/pkgs/development/libraries/json-glib/default.nix b/pkgs/development/libraries/json-glib/default.nix index e095945daba..9885384e00e 100644 --- a/pkgs/development/libraries/json-glib/default.nix +++ b/pkgs/development/libraries/json-glib/default.nix @@ -45,7 +45,7 @@ stdenv.mkDerivation rec { libxslt gobject-introspection gi-docgen - ] ++ lib.optional stdenv.hostPlatform.isDarwin [ + ] ++ lib.optionals stdenv.hostPlatform.isDarwin [ fixDarwinDylibNames ]; diff --git a/pkgs/development/libraries/kerberos/krb5.nix b/pkgs/development/libraries/kerberos/krb5.nix index a7197f9ff98..fc8fb739870 100644 --- a/pkgs/development/libraries/kerberos/krb5.nix +++ b/pkgs/development/libraries/kerberos/krb5.nix @@ -31,7 +31,7 @@ stdenv.mkDerivation rec { configureFlags = [ "--localstatedir=/var/lib" ] # krb5's ./configure does not allow passing --enable-shared and --enable-static at the same time. # See https://bbs.archlinux.org/viewtopic.php?pid=1576737#p1576737 - ++ lib.optional staticOnly [ "--enable-static" "--disable-shared" ] + ++ lib.optionals staticOnly [ "--enable-static" "--disable-shared" ] ++ lib.optional stdenv.isFreeBSD ''WARN_CFLAGS=""'' ++ lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ "krb5_cv_attr_constructor_destructor=yes,yes" diff --git a/pkgs/development/libraries/libaom/default.nix b/pkgs/development/libraries/libaom/default.nix index 575c2613e5b..5ec8c75e2af 100644 --- a/pkgs/development/libraries/libaom/default.nix +++ b/pkgs/development/libraries/libaom/default.nix @@ -5,11 +5,11 @@ stdenv.mkDerivation rec { pname = "libaom"; - version = "3.4.0"; + version = "3.5.0"; src = fetchzip { url = "https://aomedia.googlesource.com/aom/+archive/v${version}.tar.gz"; - sha256 = "sha256-NgzpVxQmsgOPzKkGpJIJrLiNQcruhpEoCi/CYJx5b3A="; + sha256 = "sha256-kEU8DVgB4JoyB6Lbh/XfC3LZcsVEM2STkZV8iZBCNis="; stripRoot = false; }; diff --git a/pkgs/development/libraries/libav/default.nix b/pkgs/development/libraries/libav/default.nix index a3de9225d1c..283c2034be7 100644 --- a/pkgs/development/libraries/libav/default.nix +++ b/pkgs/development/libraries/libav/default.nix @@ -17,7 +17,7 @@ assert faacSupport -> enableUnfree; -let inherit (lib) optional hasPrefix enableFeature; in +let inherit (lib) optional optionals hasPrefix enableFeature; in /* ToDo: - more deps, inspiration: https://packages.ubuntu.com/raring/libav-tools @@ -77,7 +77,7 @@ let (enableFeature vaapiSupport "vaapi") (enableFeature vdpauSupport "vdpau") (enableFeature freetypeSupport "libfreetype") - ] ++ optional (stdenv.hostPlatform != stdenv.buildPlatform) [ + ] ++ optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ "--cross-prefix=${stdenv.cc.targetPrefix}" "--enable-cross-compile" ]; diff --git a/pkgs/development/libraries/libcli/default.nix b/pkgs/development/libraries/libcli/default.nix index 8aa06bfb19b..da076a590e1 100644 --- a/pkgs/development/libraries/libcli/default.nix +++ b/pkgs/development/libraries/libcli/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, fetchurl }: +{ lib, stdenv, fetchFromGitHub, fetchurl, libxcrypt }: stdenv.mkDerivation rec { pname = "libcli"; @@ -18,6 +18,8 @@ stdenv.mkDerivation rec { }) ]; + buildInputs = [ libxcrypt ]; + enableParallelBuilding = true; makeFlags = [ "CC=${stdenv.cc.targetPrefix}cc" "AR=${stdenv.cc.targetPrefix}ar" "PREFIX=$(out)" ]; diff --git a/pkgs/development/libraries/libdaemon/default.nix b/pkgs/development/libraries/libdaemon/default.nix index 51df4580978..581cc723dc4 100644 --- a/pkgs/development/libraries/libdaemon/default.nix +++ b/pkgs/development/libraries/libdaemon/default.nix @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { patches = [ ./fix-includes.patch ]; configureFlags = [ "--disable-lynx" ] - ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) + ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ # Can't run this test while cross-compiling "ac_cv_func_setpgrp_void=yes" ]; diff --git a/pkgs/development/libraries/libdeflate/default.nix b/pkgs/development/libraries/libdeflate/default.nix index 449a3d309cd..39b80238b71 100644 --- a/pkgs/development/libraries/libdeflate/default.nix +++ b/pkgs/development/libraries/libdeflate/default.nix @@ -22,7 +22,7 @@ stdenv.mkDerivation rec { substituteInPlace Makefile --replace /usr/local $out ''; - makeFlags = lib.optional stdenv.hostPlatform.isStatic [ "DISABLE_SHARED=1"]; + makeFlags = lib.optionals stdenv.hostPlatform.isStatic [ "DISABLE_SHARED=1"]; nativeBuildInputs = lib.optional stdenv.hostPlatform.isDarwin fixDarwinDylibNames; diff --git a/pkgs/development/libraries/libeatmydata/default.nix b/pkgs/development/libraries/libeatmydata/default.nix index 3a3abdc5e9a..886caaada47 100644 --- a/pkgs/development/libraries/libeatmydata/default.nix +++ b/pkgs/development/libraries/libeatmydata/default.nix @@ -13,7 +13,7 @@ stdenv.mkDerivation rec { patches = [ ./find-shell-lib.patch ]; - patchFlags = "-p0"; + patchFlags = [ "-p0" ]; postPatch = '' substituteInPlace eatmydata.in \ diff --git a/pkgs/development/libraries/libff/default.nix b/pkgs/development/libraries/libff/default.nix index 35b7a33cc38..36e8bb78c83 100644 --- a/pkgs/development/libraries/libff/default.nix +++ b/pkgs/development/libraries/libff/default.nix @@ -13,7 +13,7 @@ stdenv.mkDerivation rec { }; cmakeFlags = [ "-DWITH_PROCPS=Off" ] - ++ lib.optional stdenv.isAarch64 [ "-DCURVE=ALT_BN128" "-DUSE_ASM=OFF" ]; + ++ lib.optionals stdenv.isAarch64 [ "-DCURVE=ALT_BN128" "-DUSE_ASM=OFF" ]; # CMake is hardcoded to always build static library which causes linker # failure for Haskell applications depending on haskellPackages.hevm on macOS. diff --git a/pkgs/development/libraries/libfido2/default.nix b/pkgs/development/libraries/libfido2/default.nix index bd4d21fe1b9..04b2c0af951 100644 --- a/pkgs/development/libraries/libfido2/default.nix +++ b/pkgs/development/libraries/libfido2/default.nix @@ -13,12 +13,12 @@ stdenv.mkDerivation rec { pname = "libfido2"; - version = "1.11.0"; + version = "1.12.0"; # releases on https://developers.yubico.com/libfido2/Releases/ are signed src = fetchurl { url = "https://developers.yubico.com/${pname}/Releases/${pname}-${version}.tar.gz"; - sha256 = "sha256-CDDFhT47RAmalxZuDOxUpltUt/qqwHBxhy93uOTXswI="; + sha256 = "sha256-gT1tJRFhQ9FtLpZ5FxinSCXaFrd0qNCT2W8Grhcw2cU="; }; nativeBuildInputs = [ cmake pkg-config ]; diff --git a/pkgs/development/libraries/libfilezilla/default.nix b/pkgs/development/libraries/libfilezilla/default.nix index 0465a380081..9d1c2f27b3b 100644 --- a/pkgs/development/libraries/libfilezilla/default.nix +++ b/pkgs/development/libraries/libfilezilla/default.nix @@ -6,6 +6,7 @@ , nettle , pkg-config , libiconv +, libxcrypt , ApplicationServices }: @@ -20,7 +21,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ autoreconfHook pkg-config ]; - buildInputs = [ gettext gnutls nettle ] + buildInputs = [ gettext gnutls nettle libxcrypt ] ++ lib.optionals stdenv.isDarwin [ libiconv ApplicationServices ]; enableParallelBuilding = true; diff --git a/pkgs/development/libraries/libguestfs/default.nix b/pkgs/development/libraries/libguestfs/default.nix index e2da1a30ff1..745b1a18000 100644 --- a/pkgs/development/libraries/libguestfs/default.nix +++ b/pkgs/development/libraries/libguestfs/default.nix @@ -4,6 +4,7 @@ , pkg-config , autoreconfHook , makeWrapper +, libxcrypt , ncurses , cpio , gperf @@ -65,6 +66,7 @@ stdenv.mkDerivation rec { ] ++ (with perlPackages; [ perl libintl-perl GetoptLong ModuleBuild ]) ++ (with ocamlPackages; [ ocaml findlib ]); buildInputs = [ + libxcrypt ncurses jansson pcre2 diff --git a/pkgs/development/libraries/libical/default.nix b/pkgs/development/libraries/libical/default.nix index 3fef461874c..3e03d18ced8 100644 --- a/pkgs/development/libraries/libical/default.nix +++ b/pkgs/development/libraries/libical/default.nix @@ -1,6 +1,7 @@ { lib , stdenv , fetchFromGitHub +, fetchurl , buildPackages , cmake , glib @@ -19,7 +20,7 @@ stdenv.mkDerivation rec { pname = "libical"; - version = "3.0.14"; + version = "3.0.15"; outputs = [ "out" "dev" ]; # "devdoc" ]; @@ -27,7 +28,7 @@ stdenv.mkDerivation rec { owner = "libical"; repo = "libical"; rev = "v${version}"; - sha256 = "sha256-gZ6IBjG5pNKJ+hWcTzXMP7yxL4he4LTklZGoC9vXra8="; + sha256 = "sha256-7M5GBteFKmKCB6556XXV4s6iIC/+3c3Ck17s/QX3Jus="; }; strictDeps = true; @@ -74,6 +75,17 @@ stdenv.mkDerivation rec { # Will appear in 3.1.0 # https://github.com/libical/libical/issues/350 ./respect-env-tzdir.patch + + # Fixes tests with 32-bit time_t + # Remove with next version update (v3.0.16+) + (fetchurl { + url = "https://github.com/libical/libical/commit/4adc6f1d2b39a1cc3363b57215e12fa81076498b.patch"; + sha256 = "1k3hav0z86kc1xd1sk23b57aqqjk4gf73574w7f1m66cyz98bxr3"; + }) + (fetchurl { + url = "https://github.com/libical/libical/commit/cce20bd051408b00521385c0bfb616ba068450d3.patch"; + sha256 = "097hqmagl0q5p38r1kvx0592cfac2y7jbdqlis6m8gbs812pbqfc"; + }) ]; # Using install check so we do not have to manually set @@ -98,7 +110,6 @@ stdenv.mkDerivation rec { ''; meta = with lib; { - broken = stdenv.isDarwin; homepage = "https://github.com/libical/libical"; description = "An Open Source implementation of the iCalendar protocols"; license = licenses.mpl20; diff --git a/pkgs/development/libraries/libksba/default.nix b/pkgs/development/libraries/libksba/default.nix index e6fb5162b7a..5bfb0d029cd 100644 --- a/pkgs/development/libraries/libksba/default.nix +++ b/pkgs/development/libraries/libksba/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "libksba"; - version = "1.6.0"; + version = "1.6.2"; src = fetchurl { url = "mirror://gnupg/libksba/libksba-${version}.tar.bz2"; - sha256 = "sha256-2taD5vLZFdiAqkvtXOqaEVaQuJNbeKG74BZpGJMHpIs="; + sha256 = "fce01ccac59812bddadffacff017dac2e4762bdb6ebc6ffe06f6ed4f6192c971"; }; outputs = [ "out" "dev" "info" ]; diff --git a/pkgs/development/libraries/liblc3/default.nix b/pkgs/development/libraries/liblc3/default.nix new file mode 100644 index 00000000000..d0d95fd47da --- /dev/null +++ b/pkgs/development/libraries/liblc3/default.nix @@ -0,0 +1,36 @@ +{ lib +, stdenv +, fetchFromGitHub +, meson +, ninja +}: + +let + name = "liblc3"; + version = "1.0.1"; +in +stdenv.mkDerivation { + pname = name; + version = version; + + src = fetchFromGitHub { + owner = "google"; + repo = "liblc3"; + rev = "v${version}"; + sha256 = "sha256-W0pCfFmM+6N6+HdGdQ/GBNHjBspkwtlxZC2m2noKGx0="; + }; + + nativeBuildInputs = [ + meson + ninja + ]; + + meta = with lib; { + description = "LC3 (Low Complexity Communication Codec) is an efficient low latency audio codec"; + homepage = "https://github.com/google/liblc3"; + license = licenses.asl20; + platforms = platforms.linux; + maintainers = with maintainers; [ jansol ]; + }; +} + diff --git a/pkgs/development/libraries/libmcrypt/default.nix b/pkgs/development/libraries/libmcrypt/default.nix index 50bbf8383e6..953a6d03e5e 100644 --- a/pkgs/development/libraries/libmcrypt/default.nix +++ b/pkgs/development/libraries/libmcrypt/default.nix @@ -13,7 +13,7 @@ stdenv.mkDerivation rec { buildInputs = optional stdenv.isDarwin darwin.cctools; - configureFlags = optional disablePosixThreads + configureFlags = optionals disablePosixThreads [ "--disable-posix-threads" ]; meta = { diff --git a/pkgs/development/libraries/libpam-wrapper/default.nix b/pkgs/development/libraries/libpam-wrapper/default.nix index 10d5c98b668..0701ae0fc55 100644 --- a/pkgs/development/libraries/libpam-wrapper/default.nix +++ b/pkgs/development/libraries/libpam-wrapper/default.nix @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { sha256 = "00mqhsashx7njrvxz085d0b88nizhdy7m3x17ip5yhvwsl63km6p"; }; - nativeBuildInputs = [ cmake ] ++ lib.optional enablePython [ python ]; + nativeBuildInputs = [ cmake ] ++ lib.optionals enablePython [ python ]; # We must use linux-pam, using openpam will result in broken fprintd. buildInputs = [ linux-pam ]; diff --git a/pkgs/development/libraries/libvdpau/default.nix b/pkgs/development/libraries/libvdpau/default.nix index e3be4db26cd..906a3c59234 100644 --- a/pkgs/development/libraries/libvdpau/default.nix +++ b/pkgs/development/libraries/libvdpau/default.nix @@ -17,7 +17,7 @@ stdenv.mkDerivation rec { propagatedBuildInputs = [ xorg.libX11 ]; - mesonFlags = lib.optional stdenv.isLinux + mesonFlags = lib.optionals stdenv.isLinux [ "-Dmoduledir=${mesa.drivers.driverLink}/lib/vdpau" ]; NIX_LDFLAGS = lib.optionalString stdenv.isDarwin "-lX11"; diff --git a/pkgs/development/libraries/libvncserver/default.nix b/pkgs/development/libraries/libvncserver/default.nix index b9da7135f92..c111a81b0cc 100644 --- a/pkgs/development/libraries/libvncserver/default.nix +++ b/pkgs/development/libraries/libvncserver/default.nix @@ -36,7 +36,7 @@ stdenv.mkDerivation rec { libpng ] ++ lib.optionals stdenv.isLinux [ systemd - ] ++ lib.optional stdenv.isDarwin [ + ] ++ lib.optionals stdenv.isDarwin [ Carbon ]; diff --git a/pkgs/development/libraries/libxcrypt/default.nix b/pkgs/development/libraries/libxcrypt/default.nix index eadf6f91e1e..db5f5026f2c 100644 --- a/pkgs/development/libraries/libxcrypt/default.nix +++ b/pkgs/development/libraries/libxcrypt/default.nix @@ -1,44 +1,44 @@ -{ lib, stdenv, fetchFromGitHub, autoconf, automake, libtool, pkg-config, perl, fetchpatch }: +{ lib, stdenv, fetchurl, perl, nixosTests }: stdenv.mkDerivation rec { pname = "libxcrypt"; version = "4.4.28"; - src = fetchFromGitHub { - owner = "besser82"; - repo = "libxcrypt"; - rev = "v${version}"; - sha256 = "sha256-Ohf+RCOXnoCxAFnXXV9e2TCqpfZziQl+FGJTGDSQTF0="; + src = fetchurl { + url = "https://github.com/besser82/libxcrypt/releases/download/v${version}/libxcrypt-${version}.tar.xz"; + sha256 = "sha256-npNoEfn60R28ozyhm9l8VcUus8oVkB8nreBGzHnmnoc="; }; - patches = [ - # Fix for tests on musl is being upstreamed: - # https://github.com/besser82/libxcrypt/pull/157 - # Applied in all environments to prevent patchrot - (fetchpatch { - url = "https://github.com/besser82/libxcrypt/commit/a4228faa0b96986abc076125cf97d352a063d92f.patch"; - sha256 = "sha256-iGNz8eer6OkA0yR74WisE6GbFTYyXKw7koXl/R7DhVE="; - }) + outputs = [ + "out" + "man" ]; - preConfigure = '' - patchShebangs autogen.sh - ./autogen.sh - ''; - configureFlags = [ + "--enable-hashes=all" + "--enable-obsolete-api=glibc" + "--disable-failure-tokens" + ] ++ lib.optionals stdenv.hostPlatform.isMusl [ "--disable-werror" ]; - nativeBuildInputs = [ autoconf automake libtool pkg-config perl ]; + nativeBuildInputs = [ + perl + ]; + + enableParallelBuilding = true; - doCheck = true; + doCheck = !stdenv.hostPlatform.isMusl; + + passthru.tests = { + inherit (nixosTests) login shadow; + }; meta = with lib; { description = "Extended crypt library for descrypt, md5crypt, bcrypt, and others"; homepage = "https://github.com/besser82/libxcrypt/"; platforms = platforms.all; - maintainers = with maintainers; [ dottedmag ]; + maintainers = with maintainers; [ dottedmag hexa ]; license = licenses.lgpl21Plus; }; } diff --git a/pkgs/development/libraries/libxml2/default.nix b/pkgs/development/libraries/libxml2/default.nix index 474afc4ba6c..ae97292b683 100644 --- a/pkgs/development/libraries/libxml2/default.nix +++ b/pkgs/development/libraries/libxml2/default.nix @@ -1,7 +1,6 @@ { stdenv , lib , fetchurl -, fetchpatch , zlib , pkg-config , autoreconfHook @@ -12,7 +11,7 @@ , ncurses , findXMLCatalogs , libiconv -, pythonSupport ? enableShared && stdenv.buildPlatform == stdenv.hostPlatform +, pythonSupport ? enableShared , icuSupport ? false , icu , enableShared ? stdenv.hostPlatform.libc != "msvcrt" && !stdenv.hostPlatform.isStatic @@ -20,9 +19,19 @@ , gnome }: +let + # Newer versions fail with minimal python, probably because + # https://gitlab.gnome.org/GNOME/libxml2/-/commit/b706824b612adb2c8255819c9a55e78b52774a3c + # This case is encountered "temporarily" during stdenv bootstrapping on darwin. + # Beware that the old version has known security issues, so the final set shouldn't use it. + oldVer = python.pname == "python3-minimal"; +in + assert oldVer -> stdenv.isDarwin; # reduce likelihood of using old libxml2 unintentionally + stdenv.mkDerivation rec { pname = "libxml2"; - version = "2.10.0"; + version = if oldVer then "2.10.1" else + "2.10.2"; outputs = [ "bin" "dev" "out" "doc" ] ++ lib.optional pythonSupport "py" @@ -31,7 +40,8 @@ stdenv.mkDerivation rec { src = fetchurl { url = "mirror://gnome/sources/${pname}/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz"; - sha256 = "LdMxEOp3hnbeFL6kmZ7hFzxMpV1f8UUryiJOBvAVJZU="; + sha256 = if oldVer then "21a9e13cc7c4717a6c36268d0924f92c3f67a1ece6b7ff9d588958a6db9fb9d8" else + "0kCr5tqcZcsZAN2b86NQHM+Is8Khy5gxfQPyct2lsmU="; }; patches = [ @@ -47,19 +57,10 @@ stdenv.mkDerivation rec { # https://github.com/NixOS/nixpkgs/pull/63174 # https://github.com/NixOS/nixpkgs/pull/72342 ./utf8-xmlErrorFuncHandler.patch - - # Fix PostgreSQL tests - # https://gitlab.gnome.org/GNOME/libxml2/-/issues/397 - (fetchpatch { - url = "https://gitlab.gnome.org/GNOME/libxml2/-/commit/4ad71c2d72beef0d10cf75aa417db10d77846f75.patch"; - sha256 = "gubGDhBhHNYdEty+sFQFd3pSWB9isN5AjD//ksujGQk="; - }) - (fetchpatch { - url = "https://gitlab.gnome.org/GNOME/libxml2/-/commit/5b2d07a72670513e41b481a9d922c983a64027ca.patch"; - sha256 = "7jYvMW6bgImXubbaWpQhrIw3xBBnaNn+iJt3EQiW3yU="; - }) ]; + strictDeps = true; + nativeBuildInputs = [ pkg-config autoreconfHook @@ -94,7 +95,8 @@ stdenv.mkDerivation rec { (lib.enableFeature enableStatic "static") (lib.enableFeature enableShared "shared") (lib.withFeature icuSupport "icu") - (lib.withFeatureAs pythonSupport "python" python) + (lib.withFeature pythonSupport "python") + (lib.optionalString pythonSupport "PYTHON=${python.pythonForBuild.interpreter}") ]; installFlags = lib.optionals pythonSupport [ diff --git a/pkgs/development/libraries/libxslt/default.nix b/pkgs/development/libraries/libxslt/default.nix index 29c69389116..9d39c6bf8b3 100644 --- a/pkgs/development/libraries/libxslt/default.nix +++ b/pkgs/development/libraries/libxslt/default.nix @@ -8,32 +8,35 @@ , gettext , python , ncurses +, libxcrypt , libgcrypt , cryptoSupport ? false -, pythonSupport ? stdenv.buildPlatform == stdenv.hostPlatform +, pythonSupport ? true , gnome }: stdenv.mkDerivation rec { pname = "libxslt"; - version = "1.1.36"; + version = "1.1.37"; outputs = [ "bin" "dev" "out" "doc" "devdoc" ] ++ lib.optional pythonSupport "py"; outputMan = "bin"; src = fetchurl { url = "mirror://gnome/sources/${pname}/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz"; - sha256 = "EoSPCkQI9ltTDTlizZ/2cLaueWGRz+/zdSK1dy3o3I4="; + sha256 = "Oksn3IAnzNYUZyWVAzbx7FIJKPMg8UTrX6eZCuYSOrQ="; }; + strictDeps = true; + nativeBuildInputs = [ pkg-config autoreconfHook ]; buildInputs = [ - libxml2.dev - ] ++ lib.optional stdenv.isDarwin [ + libxml2.dev libxcrypt + ] ++ lib.optionals stdenv.isDarwin [ gettext ] ++ lib.optionals pythonSupport [ libxml2.py @@ -51,7 +54,8 @@ stdenv.mkDerivation rec { "--without-debug" "--without-mem-debug" "--without-debugger" - (lib.withFeatureAs pythonSupport "python" python) + (lib.withFeature pythonSupport "python") + (lib.optionalString pythonSupport "PYTHON=${python.pythonForBuild.interpreter}") ] ++ lib.optionals (!cryptoSupport) [ "--without-crypto" ]; diff --git a/pkgs/development/libraries/mesa/aarch64-darwin.patch b/pkgs/development/libraries/mesa/aarch64-darwin.patch deleted file mode 100644 index e60a4ffa308..00000000000 --- a/pkgs/development/libraries/mesa/aarch64-darwin.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 8ac29b952e638ec1ea8c3734a3b91253e50c336d Mon Sep 17 00:00:00 2001 -From: Jeremy Huddleston Sequoia <jeremyhu@apple.com> -Date: Sun, 24 Jan 2021 21:10:29 -0800 -Subject: [PATCH 4/4] Hack to address build failure when using newer macOS SDKs - with older deployment targets - -Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com> ---- - include/c11/threads_posix.h | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) - -diff --git a/include/c11/threads_posix.h b/include/c11/threads_posix.h -index 45cb6075e6e..355d725f7da 100644 ---- a/include/c11/threads_posix.h -+++ b/include/c11/threads_posix.h -@@ -382,7 +382,13 @@ tss_set(tss_t key, void *val) - - /*-------------------- 7.25.7 Time functions --------------------*/ - // 7.25.6.1 --#ifndef HAVE_TIMESPEC_GET -+#if !defined(HAVE_TIMESPEC_GET) || defined(__APPLE__) -+ -+#ifdef __APPLE__ -+#include <time.h> -+#define timespec_get(ts, b) mesa_timespec_get(ts, b) -+#endif -+ - static inline int - timespec_get(struct timespec *ts, int base) - { --- -2.29.2 (Apple Git-129) - diff --git a/pkgs/development/libraries/mesa/default.nix b/pkgs/development/libraries/mesa/default.nix index 6b78a570ccc..0fbc3f0c216 100644 --- a/pkgs/development/libraries/mesa/default.nix +++ b/pkgs/development/libraries/mesa/default.nix @@ -5,7 +5,7 @@ , llvmPackages, libffi, libomxil-bellagio, libva-minimal , libelf, libvdpau , libglvnd, libunwind -, vulkan-loader +, vulkan-loader, glslang , galliumDrivers ? ["auto"] , vulkanDrivers ? ["auto"] , eglPlatforms ? [ "x11" ] ++ lib.optionals stdenv.isLinux [ "wayland" ] @@ -14,6 +14,7 @@ , enableGalliumNine ? stdenv.isLinux , enableOSMesa ? stdenv.isLinux , enableOpenCL ? stdenv.isLinux && stdenv.isx86_64 +, enablePatentEncumberedCodecs ? true , libclc , jdupes }: @@ -34,7 +35,7 @@ with lib; let # Release calendar: https://www.mesa3d.org/release-calendar.html # Release frequency: https://www.mesa3d.org/releasing.html#schedule - version = "22.1.7"; + version = "22.2.1"; branch = versions.major version; self = stdenv.mkDerivation { @@ -43,12 +44,13 @@ self = stdenv.mkDerivation { src = fetchurl { urls = [ + "https://archive.mesa3d.org/mesa-${version}.tar.xz" "https://mesa.freedesktop.org/archive/mesa-${version}.tar.xz" "ftp://ftp.freedesktop.org/pub/mesa/mesa-${version}.tar.xz" "ftp://ftp.freedesktop.org/pub/mesa/${version}/mesa-${version}.tar.xz" "ftp://ftp.freedesktop.org/pub/mesa/older-versions/${branch}.x/${version}/mesa-${version}.tar.xz" ]; - sha256 = "da838eb2cf11d0e08d0e9944f6bd4d96987fdc59ea2856f8c70a31a82b355d89"; + sha256 = "0079beac0a33f45e7e0aec59e6913eafbc4268a3f1e2e330017440494f91b13c"; }; # TODO: @@ -57,25 +59,9 @@ self = stdenv.mkDerivation { patches = [ # fixes pkgsMusl.mesa build ./musl.patch - (fetchpatch { - url = "https://raw.githubusercontent.com/void-linux/void-packages/b9f58f303ae23754c95d5d1fe87a98b5a2d8f271/srcpkgs/mesa/patches/musl-endian.patch"; - hash = "sha256-eRc91qCaFlVzrxFrNUPpAHd1gsqKsLCCN0IW8pBQcqk="; - }) - (fetchpatch { - url = "https://raw.githubusercontent.com/void-linux/void-packages/b9f58f303ae23754c95d5d1fe87a98b5a2d8f271/srcpkgs/mesa/patches/musl-stacksize.patch"; - hash = "sha256-bEp0AWddsw1Pc3rxdKN8fsrX4x2TQEzMUa5afhLXGsg="; - }) ./opencl.patch ./disk_cache-include-dri-driver-path-in-cache-key.patch - ] ++ optionals (stdenv.isDarwin && stdenv.isAarch64) [ - # Fix aarch64-darwin build, remove when upstreaam supports it out of the box. - # See: https://gitlab.freedesktop.org/mesa/mesa/-/issues/1020 - ./aarch64-darwin.patch - ] ++ optionals stdenv.isDarwin [ - # 22.1 on darwin won't build: https://gitlab.freedesktop.org/mesa/mesa/-/issues/6519 - # (already in-tree for 22.2) - ./drop-dri2.patch ]; postPatch = '' @@ -86,6 +72,8 @@ self = stdenv.mkDerivation { 'DATADIR "/drirc.d"' '"${placeholder "out"}/share/drirc.d"' substituteInPlace src/util/meson.build --replace \ "get_option('datadir')" "'${placeholder "out"}/share'" + substituteInPlace src/amd/vulkan/meson.build --replace \ + "get_option('datadir')" "'${placeholder "out"}/share'" ''; outputs = [ "out" "dev" "drivers" ] @@ -130,7 +118,8 @@ self = stdenv.mkDerivation { ] ++ optionals enableOpenCL [ "-Dgallium-opencl=icd" # Enable the gallium OpenCL frontend "-Dclang-libdir=${llvmPackages.clang-unwrapped.lib}/lib" - ]; + ] ++ optional enablePatentEncumberedCodecs + "-Dvideo-codecs=h264dec,h264enc,h265dec,h265enc,vc1dec"; buildInputs = with xorg; [ expat llvmPackages.libllvm libglvnd xorgproto @@ -151,7 +140,7 @@ self = stdenv.mkDerivation { meson pkg-config ninja intltool bison flex file python3Packages.python python3Packages.Mako - jdupes + jdupes glslang ] ++ lib.optionals (elem "wayland" eglPlatforms) [ wayland-scanner ]; diff --git a/pkgs/development/libraries/mesa/disk_cache-include-dri-driver-path-in-cache-key.patch b/pkgs/development/libraries/mesa/disk_cache-include-dri-driver-path-in-cache-key.patch index fa78f4ae730..445f26c6bd1 100644 --- a/pkgs/development/libraries/mesa/disk_cache-include-dri-driver-path-in-cache-key.patch +++ b/pkgs/development/libraries/mesa/disk_cache-include-dri-driver-path-in-cache-key.patch @@ -1,21 +1,16 @@ -From 980164fd92f5c2302624cd046d30ff21e6e4ba8a Mon Sep 17 00:00:00 2001 -From: David McFarland <corngood@gmail.com> -Date: Mon, 6 Aug 2018 15:52:11 -0300 -Subject: [PATCH] disk_cache: include dri driver path in cache key +Author: David McFarland <corngood@gmail.com> +Date: Mon Aug 6 15:52:11 2018 -0300 -This fixes invalid cache hits on NixOS where all shared library -timestamps in /nix/store are zero. ---- - meson_options.txt | 6 ++++++ - src/util/disk_cache.c | 3 +++ - src/util/meson.build | 7 ++++++- - 3 files changed, 15 insertions(+), 1 deletion(-) + [PATCH] disk_cache: include dri driver path in cache key + + This fixes invalid cache hits on NixOS where all shared library + timestamps in /nix/store are zero. diff --git a/meson_options.txt b/meson_options.txt -index 2d39d13b6ad..daf06480a60 100644 +index b8f753e2e1a..70d9071c8be 100644 --- a/meson_options.txt +++ b/meson_options.txt -@@ -368,6 +368,12 @@ option( +@@ -452,6 +452,12 @@ option( value : true, description : 'Enable direct rendering in GLX and EGL for DRI', ) @@ -25,14 +20,14 @@ index 2d39d13b6ad..daf06480a60 100644 + value : '', + description : 'Mesa cache key.' +) - option( - 'prefer-iris', - type : 'boolean', + option('egl-lib-suffix', + type : 'string', + value : '', diff --git a/src/util/disk_cache.c b/src/util/disk_cache.c -index a92d621927a..3bd65c6890c 100644 +index 8dbe0938d11..498fe42de70 100644 --- a/src/util/disk_cache.c +++ b/src/util/disk_cache.c -@@ -401,8 +401,10 @@ disk_cache_create(const char *gpu_name, const char *driver_id, +@@ -194,8 +194,10 @@ disk_cache_create(const char *gpu_name, const char *driver_id, /* Create driver id keys */ size_t id_size = strlen(driver_id) + 1; @@ -43,7 +38,7 @@ index a92d621927a..3bd65c6890c 100644 cache->driver_keys_blob_size += gpu_name_size; /* We sometimes store entire structs that contains a pointers in the cache, -@@ -423,6 +425,7 @@ disk_cache_create(const char *gpu_name, const char *driver_id, +@@ -216,6 +218,7 @@ disk_cache_create(const char *gpu_name, const char *driver_id, uint8_t *drv_key_blob = cache->driver_keys_blob; DRV_KEY_CPY(drv_key_blob, &cache_version, cv_size) DRV_KEY_CPY(drv_key_blob, driver_id, id_size) @@ -52,13 +47,13 @@ index a92d621927a..3bd65c6890c 100644 DRV_KEY_CPY(drv_key_blob, &ptr_size, ptr_size_size) DRV_KEY_CPY(drv_key_blob, &driver_flags, driver_flags_size) diff --git a/src/util/meson.build b/src/util/meson.build -index 0893f64793b..d46ce85a85f 100644 +index cd44e49bfb4..f17115515a5 100644 --- a/src/util/meson.build +++ b/src/util/meson.build -@@ -179,7 +179,12 @@ _libmesa_util = static_library( +@@ -268,7 +268,12 @@ _libmesa_util = static_library( include_directories : [inc_include, inc_src, inc_mapi, inc_mesa, inc_gallium, inc_gallium_aux], dependencies : deps_for_libmesa_util, - link_with: libmesa_format, + link_with: [libmesa_format, libmesa_util_sse41], - c_args : [c_msvc_compat_args], + c_args : [ + c_msvc_compat_args, @@ -69,6 +64,3 @@ index 0893f64793b..d46ce85a85f 100644 gnu_symbol_visibility : 'hidden', build_by_default : false ) --- -2.28.0 - diff --git a/pkgs/development/libraries/mesa/drop-dri2.patch b/pkgs/development/libraries/mesa/drop-dri2.patch deleted file mode 100644 index 8c2b85a55aa..00000000000 --- a/pkgs/development/libraries/mesa/drop-dri2.patch +++ /dev/null @@ -1,40 +0,0 @@ -diff --git a/a/src/gallium/frontends/dri/dri_util.c b/b/src/gallium/frontends/dri/dri_util.c -index 8d60526..782360d 100644 ---- a/src/gallium/frontends/dri/dri_util.c -+++ b/src/gallium/frontends/dri/dri_util.c -@@ -808,35 +808,6 @@ const __DRIcoreExtension driCoreExtension = { - .unbindContext = driUnbindContext - }; - --/** DRI2 interface */ --const __DRIdri2Extension driDRI2Extension = { -- .base = { __DRI_DRI2, 4 }, -- -- .createNewScreen = dri2CreateNewScreen, -- .createNewDrawable = driCreateNewDrawable, -- .createNewContext = driCreateNewContext, -- .getAPIMask = driGetAPIMask, -- .createNewContextForAPI = driCreateNewContextForAPI, -- .allocateBuffer = dri2AllocateBuffer, -- .releaseBuffer = dri2ReleaseBuffer, -- .createContextAttribs = driCreateContextAttribs, -- .createNewScreen2 = driCreateNewScreen2, --}; -- --const __DRIdri2Extension swkmsDRI2Extension = { -- .base = { __DRI_DRI2, 4 }, -- -- .createNewScreen = swkmsCreateNewScreen, -- .createNewDrawable = driCreateNewDrawable, -- .createNewContext = driCreateNewContext, -- .getAPIMask = driGetAPIMask, -- .createNewContextForAPI = driCreateNewContextForAPI, -- .allocateBuffer = dri2AllocateBuffer, -- .releaseBuffer = dri2ReleaseBuffer, -- .createContextAttribs = driCreateContextAttribs, -- .createNewScreen2 = driCreateNewScreen2, --}; -- - const __DRIswrastExtension driSWRastExtension = { - .base = { __DRI_SWRAST, 4 }, - diff --git a/pkgs/development/libraries/mesa/opencl.patch b/pkgs/development/libraries/mesa/opencl.patch index ce6e3d57508..d220239770d 100644 --- a/pkgs/development/libraries/mesa/opencl.patch +++ b/pkgs/development/libraries/mesa/opencl.patch @@ -1,5 +1,5 @@ diff --git a/meson_options.txt b/meson_options.txt -index a7030aba31e..1d2d8814992 100644 +index b8f753e2e1a..2163e3ab7ee 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -18,6 +18,12 @@ @@ -16,7 +16,7 @@ index a7030aba31e..1d2d8814992 100644 'platforms', type : 'array', diff --git a/src/gallium/targets/opencl/meson.build b/src/gallium/targets/opencl/meson.build -index b77826b6e1e..14fa9ba7177 100644 +index 14df6b86f7f..adcd5110342 100644 --- a/src/gallium/targets/opencl/meson.build +++ b/src/gallium/targets/opencl/meson.build @@ -30,6 +30,7 @@ if with_ld_version_script @@ -60,11 +60,12 @@ index b77826b6e1e..14fa9ba7177 100644 polly_dep, polly_isl_dep, ] # check clang once more -@@ -120,6 +121,6 @@ if with_opencl_icd +@@ -112,7 +113,7 @@ if with_opencl_icd input : 'mesa.icd.in', output : 'mesa.icd', install : true, - install_dir : join_paths(get_option('sysconfdir'), 'OpenCL', 'vendors'), + install_dir : join_paths(get_option('prefix'), 'etc', 'OpenCL', 'vendors'), ) - endif + + if meson.version().version_compare('>= 0.58') diff --git a/pkgs/development/libraries/mimalloc/default.nix b/pkgs/development/libraries/mimalloc/default.nix index cc67e207094..6dcf1978edc 100644 --- a/pkgs/development/libraries/mimalloc/default.nix +++ b/pkgs/development/libraries/mimalloc/default.nix @@ -24,7 +24,7 @@ stdenv.mkDerivation rec { ''; nativeBuildInputs = [ cmake ninja ]; - cmakeFlags = [ "-DMI_INSTALL_TOPLEVEL=ON" ] ++ lib.optional secureBuild [ "-DMI_SECURE=ON" ]; + cmakeFlags = [ "-DMI_INSTALL_TOPLEVEL=ON" ] ++ lib.optionals secureBuild [ "-DMI_SECURE=ON" ]; postInstall = let rel = lib.versions.majorMinor version; diff --git a/pkgs/development/libraries/nghttp2/default.nix b/pkgs/development/libraries/nghttp2/default.nix index 6d28b79565e..8e3264dcbc5 100644 --- a/pkgs/development/libraries/nghttp2/default.nix +++ b/pkgs/development/libraries/nghttp2/default.nix @@ -6,7 +6,7 @@ # Optional dependencies , enableApp ? with stdenv.hostPlatform; !isWindows && !isStatic -, c-ares, libev, openssl, zlib +, c-aresMinimal, libev, openssl, zlib , enableAsioLib ? false, boost , enableGetAssets ? false, libxml2 , enableHpack ? false, jansson @@ -45,7 +45,7 @@ stdenv.mkDerivation rec { ++ lib.optionals (enableApp) [ installShellFiles ] ++ lib.optionals (enablePython) [ python3Packages.cython ]; - buildInputs = lib.optionals enableApp [ c-ares libev openssl zlib ] + buildInputs = lib.optionals enableApp [ c-aresMinimal libev openssl zlib ] ++ lib.optionals (enableAsioLib) [ boost ] ++ lib.optionals (enableGetAssets) [ libxml2 ] ++ lib.optionals (enableHpack) [ jansson ] diff --git a/pkgs/development/libraries/nng/default.nix b/pkgs/development/libraries/nng/default.nix index 9acc64fea64..7f0bd15aa54 100644 --- a/pkgs/development/libraries/nng/default.nix +++ b/pkgs/development/libraries/nng/default.nix @@ -14,7 +14,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ cmake ninja ] ++ lib.optionals mbedtlsSupport [ mbedtls ]; - buildInputs = lib.optional mbedtlsSupport [ mbedtls ]; + buildInputs = lib.optionals mbedtlsSupport [ mbedtls ]; cmakeFlags = [ "-G Ninja" "-DNNG_ENABLE_TLS=ON" ] ++ lib.optionals mbedtlsSupport [ "-DMBEDTLS_ROOT_DIR=${mbedtls}" ]; diff --git a/pkgs/development/libraries/openbsm/default.nix b/pkgs/development/libraries/openbsm/default.nix index 4719b7fb747..627e9b83071 100644 --- a/pkgs/development/libraries/openbsm/default.nix +++ b/pkgs/development/libraries/openbsm/default.nix @@ -11,7 +11,7 @@ stdenv.mkDerivation rec { sha256 = "0b98359hd8mm585sh145ss828pg2y8vgz38lqrb7nypapiyqdnd1"; }; - patches = lib.optional stdenv.isDarwin [ ./bsm-add-audit_token_to_pid.patch ]; + patches = lib.optionals stdenv.isDarwin [ ./bsm-add-audit_token_to_pid.patch ]; preConfigure = lib.optionalString (lib.versionAtLeast stdenv.hostPlatform.darwinMinVersion "11") '' MACOSX_DEPLOYMENT_TARGET=10.16 diff --git a/pkgs/development/libraries/opencl-headers/default.nix b/pkgs/development/libraries/opencl-headers/default.nix index 273cdea6f8c..e5300e9731a 100644 --- a/pkgs/development/libraries/opencl-headers/default.nix +++ b/pkgs/development/libraries/opencl-headers/default.nix @@ -3,13 +3,13 @@ stdenv.mkDerivation rec { pname = "opencl-headers"; - version = "2022.09.23"; + version = "2022.09.30"; src = fetchFromGitHub { owner = "KhronosGroup"; repo = "OpenCL-Headers"; rev = "v${version}"; - sha256 = "sha256-kBXkevcapVfpFmI5C77DwULrC8zjcoto+veb49Ksixk="; + sha256 = "sha256-Vbh+bt/g+7glEyqMYCKTANggaIOW/n1L3TaCNouc/28="; }; installPhase = '' diff --git a/pkgs/development/libraries/opencv/3.x.nix b/pkgs/development/libraries/opencv/3.x.nix index 550a7f39373..56b022d03b9 100644 --- a/pkgs/development/libraries/opencv/3.x.nix +++ b/pkgs/development/libraries/opencv/3.x.nix @@ -248,7 +248,7 @@ stdenv.mkDerivation { "-DBUILD_opencv_videoio=OFF" ] ++ lib.optionals enablePython [ "-DOPENCV_SKIP_PYTHON_LOADER=ON" - ] ++ lib.optional enableEigen [ + ] ++ lib.optionals enableEigen [ # Autodetection broken by https://github.com/opencv/opencv/pull/13337 "-DEIGEN_INCLUDE_PATH=${eigen}/include/eigen3" ]; diff --git a/pkgs/development/libraries/openldap/default.nix b/pkgs/development/libraries/openldap/default.nix index f357b8d4b72..97a84356f81 100644 --- a/pkgs/development/libraries/openldap/default.nix +++ b/pkgs/development/libraries/openldap/default.nix @@ -11,6 +11,7 @@ , libtool , openssl , systemdMinimal +, libxcrypt }: stdenv.mkDerivation rec { @@ -43,6 +44,7 @@ stdenv.mkDerivation rec { libtool openssl ] ++ lib.optionals (stdenv.isLinux) [ + libxcrypt # causes linking issues on *-darwin systemdMinimal ]; diff --git a/pkgs/development/libraries/openmpi/default.nix b/pkgs/development/libraries/openmpi/default.nix index 723f1848c6a..f2392bb0072 100644 --- a/pkgs/development/libraries/openmpi/default.nix +++ b/pkgs/development/libraries/openmpi/default.nix @@ -50,7 +50,7 @@ in stdenv.mkDerivation rec { ++ lib.optionals cudaSupport [ cudatoolkit ] ++ [ libevent hwloc ] ++ lib.optional (stdenv.isLinux || stdenv.isFreeBSD) rdma-core - ++ lib.optional fabricSupport [ libpsm2 libfabric ]; + ++ lib.optionals fabricSupport [ libpsm2 libfabric ]; nativeBuildInputs = [ perl ] ++ lib.optionals fortranSupport [ gfortran ]; diff --git a/pkgs/development/libraries/openvino/default.nix b/pkgs/development/libraries/openvino/default.nix index dabf56d9056..e3ebb97cbdf 100644 --- a/pkgs/development/libraries/openvino/default.nix +++ b/pkgs/development/libraries/openvino/default.nix @@ -68,7 +68,7 @@ stdenv.mkDerivation rec { "-DNGRAPH_UNIT_TEST_ENABLE:BOOL=OFF" "-DENABLE_SAMPLES:BOOL=OFF" "-DENABLE_CPPLINT:BOOL=OFF" - ] ++ lib.optional enablePython [ + ] ++ lib.optionals enablePython [ "-DENABLE_PYTHON:BOOL=ON" ]; @@ -106,7 +106,7 @@ stdenv.mkDerivation rec { python tbb shellcheck - ] ++ lib.optional enablePython (with python.pkgs; [ + ] ++ lib.optionals enablePython (with python.pkgs; [ cython pybind11 ]); diff --git a/pkgs/development/libraries/p11-kit/default.nix b/pkgs/development/libraries/p11-kit/default.nix index fee4a2e8259..1f2646a0363 100644 --- a/pkgs/development/libraries/p11-kit/default.nix +++ b/pkgs/development/libraries/p11-kit/default.nix @@ -63,6 +63,7 @@ stdenv.mkDerivation rec { "/etc/ssl/certs/ca-certificates.crt" # NixOS + Debian/Ubuntu/Arch/Gentoo... "/etc/pki/tls/certs/ca-bundle.crt" # Fedora/CentOS "/var/lib/ca-certificates/ca-bundle.pem" # openSUSE + "/etc/ssl/cert.pem" # Darwin/macOS ]}" ]; diff --git a/pkgs/development/libraries/pangomm/2.48.nix b/pkgs/development/libraries/pangomm/2.48.nix index 478378f64c2..52affe360f8 100644 --- a/pkgs/development/libraries/pangomm/2.48.nix +++ b/pkgs/development/libraries/pangomm/2.48.nix @@ -28,7 +28,7 @@ stdenv.mkDerivation rec { meson ninja python3 - ] ++ lib.optional stdenv.isDarwin [ + ] ++ lib.optionals stdenv.isDarwin [ ApplicationServices ]; diff --git a/pkgs/development/libraries/physics/cernlib/default.nix b/pkgs/development/libraries/physics/cernlib/default.nix index 77ad6e201a3..8eae6fcaad5 100644 --- a/pkgs/development/libraries/physics/cernlib/default.nix +++ b/pkgs/development/libraries/physics/cernlib/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, gfortran, imake, makedepend, motif, xorg }: +{ lib, stdenv, fetchurl, gfortran, imake, makedepend, motif, xorg, libxcrypt }: stdenv.mkDerivation rec { version = "2006"; @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { sha256 = "0awla1rl96z82br7slcmg8ks1d2a7slk6dj79ywb871j2ksi3fky"; }; - buildInputs = with xorg; [ gfortran motif libX11 libXft libXt ]; + buildInputs = with xorg; [ gfortran motif libX11 libXft libXt libxcrypt ]; nativeBuildInputs = [ imake makedepend ]; sourceRoot = "."; diff --git a/pkgs/development/libraries/pipewire/default.nix b/pkgs/development/libraries/pipewire/default.nix index a02ecc1e9b7..f2907afab01 100644 --- a/pkgs/development/libraries/pipewire/default.nix +++ b/pkgs/development/libraries/pipewire/default.nix @@ -2,6 +2,7 @@ , lib , buildPackages , fetchFromGitLab +, fetchpatch , removeReferencesTo , python3 , meson @@ -45,6 +46,7 @@ , sbc , libfreeaptx , ldacbt +, liblc3 , fdk_aac , libopus , nativeHspSupport ? true @@ -70,7 +72,7 @@ let self = stdenv.mkDerivation rec { pname = "pipewire"; - version = "0.3.58"; + version = "0.3.59"; outputs = [ "out" @@ -88,7 +90,7 @@ let owner = "pipewire"; repo = "pipewire"; rev = version; - sha256 = "sha256-r8sDXyXwtA2o2xqglOI8XflttSScrqJ57cj1//k2tZ8="; + sha256 = "sha256-4wDtdgkjBRlthhwbI3cSQFnbr+gxPQP5j5YnrWiQVp4="; }; patches = [ @@ -104,6 +106,12 @@ let ./0090-pipewire-config-template-paths.patch # Place SPA data files in lib output to avoid dependency cycles ./0095-spa-data-dir.patch + + # remove when updating to 0.3.60 + (fetchpatch { # filter-chain: iterate the port correctly + url = "https://gitlab.freedesktop.org/pipewire/pipewire/-/commit/94a64268613adac8ef6f3e6c1f04468220540d00.patch"; + sha256 = "sha256-IDTB7NgadgR3vKv97Nvd9pBfnOnMi21YsvLdD1Ew7HE="; + }) ]; nativeBuildInputs = [ @@ -134,7 +142,7 @@ let ++ lib.optionals gstreamerSupport [ gst_all_1.gst-plugins-base gst_all_1.gstreamer ] ++ lib.optionals libcameraSupport [ libcamera libdrm ] ++ lib.optional ffmpegSupport ffmpeg - ++ lib.optionals bluezSupport [ bluez libfreeaptx ldacbt sbc fdk_aac libopus ] + ++ lib.optionals bluezSupport [ bluez libfreeaptx ldacbt liblc3 sbc fdk_aac libopus ] ++ lib.optional pulseTunnelSupport libpulseaudio ++ lib.optional zeroconfSupport avahi ++ lib.optional raopSupport openssl @@ -167,6 +175,7 @@ let "-Dbluez5-backend-ofono=${mesonEnableFeature ofonoSupport}" "-Dbluez5-backend-hsphfpd=${mesonEnableFeature hsphfpdSupport}" "-Dbluez5-codec-lc3plus=disabled" + "-Dbluez5-codec-lc3=${mesonEnableFeature bluezSupport}" "-Dsysconfdir=/etc" "-Dpipewire_confdata_dir=${placeholder "lib"}/share/pipewire" "-Draop=${mesonEnableFeature raopSupport}" diff --git a/pkgs/development/libraries/poppler/default.nix b/pkgs/development/libraries/poppler/default.nix index cba1af70460..8ff218b7931 100644 --- a/pkgs/development/libraries/poppler/default.nix +++ b/pkgs/development/libraries/poppler/default.nix @@ -77,7 +77,7 @@ stdenv.mkDerivation (finalAttrs: rec { pcre libiconv libintl - ] ++ lib.optional withData [ + ] ++ lib.optionals withData [ poppler_data ]; diff --git a/pkgs/development/libraries/popt/default.nix b/pkgs/development/libraries/popt/default.nix index 307408e4db1..37d83ff5b2b 100644 --- a/pkgs/development/libraries/popt/default.nix +++ b/pkgs/development/libraries/popt/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "popt"; - version = "1.18"; + version = "1.19"; src = fetchurl { url = "https://ftp.osuosl.org/pub/rpm/popt/releases/popt-1.x/popt-${version}.tar.gz"; - sha256 = "1lf5zlj5rbg6s4bww7hbhpca97prgprnarx978vcwa0bl81vqnai"; + sha256 = "sha256-wlpIOPyOTByKrLi9Yg7bMISj1jv4mH/a08onWMYyQPk="; }; patches = lib.optionals stdenv.isCygwin [ diff --git a/pkgs/development/libraries/precice/default.nix b/pkgs/development/libraries/precice/default.nix index bc6a9359e61..01ab32577cb 100644 --- a/pkgs/development/libraries/precice/default.nix +++ b/pkgs/development/libraries/precice/default.nix @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { "-DPYTHON_INCLUDE_DIR=${python3}/include/${python3.libPrefix}" ]; - NIX_CFLAGS_COMPILE = lib.optional stdenv.isDarwin [ "-D_GNU_SOURCE" ]; + NIX_CFLAGS_COMPILE = lib.optionals stdenv.isDarwin [ "-D_GNU_SOURCE" ]; nativeBuildInputs = [ cmake gcc ]; buildInputs = [ boost eigen libxml2 mpi python3 python3.pkgs.numpy ]; diff --git a/pkgs/development/libraries/qt-5/modules/qtlocation.nix b/pkgs/development/libraries/qt-5/modules/qtlocation.nix index 687571f18d2..b5fdc918dc6 100644 --- a/pkgs/development/libraries/qt-5/modules/qtlocation.nix +++ b/pkgs/development/libraries/qt-5/modules/qtlocation.nix @@ -4,7 +4,7 @@ qtModule { pname = "qtlocation"; qtInputs = [ qtbase qtmultimedia ]; outputs = [ "bin" "out" "dev" ]; - qmakeFlags = lib.optional stdenv.isDarwin [ + qmakeFlags = lib.optionals stdenv.isDarwin [ # boost uses std::auto_ptr which has been disabled in clang with libcxx # This flag re-enables this feature # https://libcxx.llvm.org/docs/UsingLibcxx.html#c-17-specific-configuration-macros diff --git a/pkgs/development/libraries/redis-plus-plus/default.nix b/pkgs/development/libraries/redis-plus-plus/default.nix index 7d3d7d48671..61e593d28c9 100644 --- a/pkgs/development/libraries/redis-plus-plus/default.nix +++ b/pkgs/development/libraries/redis-plus-plus/default.nix @@ -22,9 +22,9 @@ stdenv.mkDerivation rec { cmakeFlags = [ "-DREDIS_PLUS_PLUS_BUILD_TEST=OFF" - ] ++ lib.optional (!enableShared) [ + ] ++ lib.optionals (!enableShared) [ "-DREDIS_PLUS_PLUS_BUILD_SHARED=OFF" - ] ++ lib.optional (!enableStatic) [ + ] ++ lib.optionals (!enableStatic) [ "-DREDIS_PLUS_PLUS_BUILD_STATIC=OFF" ]; diff --git a/pkgs/development/libraries/rustc-demangle/default.nix b/pkgs/development/libraries/rustc-demangle/default.nix index be02fedfde7..e0329085bd5 100644 --- a/pkgs/development/libraries/rustc-demangle/default.nix +++ b/pkgs/development/libraries/rustc-demangle/default.nix @@ -16,7 +16,7 @@ rustPlatform.buildRustPackage rec { ./add-Cargo.lock.patch ]; cargoSha256 = "sha256-1tW5TOap5MstxTXAFij3IB8TIpI+FryEX9TXlVXjRl4="; - cargoBuildFlags = "-p rustc-demangle-capi"; + cargoBuildFlags = [ "-p" "rustc-demangle-capi" ]; postInstall = '' mkdir -p $out/lib cp target/${rust.toRustTargetSpec stdenv.hostPlatform}/release/librustc_demangle.so $out/lib diff --git a/pkgs/development/libraries/science/math/faiss/default.nix b/pkgs/development/libraries/science/math/faiss/default.nix index 2f180725ab1..3e4e227f83e 100644 --- a/pkgs/development/libraries/science/math/faiss/default.nix +++ b/pkgs/development/libraries/science/math/faiss/default.nix @@ -59,7 +59,7 @@ stdenv.mkDerivation { nativeBuildInputs = [ cmake ] ++ lib.optionals cudaSupport [ cudatoolkit addOpenGLRunpath - ] ++ lib.optional pythonSupport [ + ] ++ lib.optionals pythonSupport [ pythonPackages.python ]; diff --git a/pkgs/development/libraries/science/math/openblas/default.nix b/pkgs/development/libraries/science/math/openblas/default.nix index 69e529234f0..f3ec52f6a5d 100644 --- a/pkgs/development/libraries/science/math/openblas/default.nix +++ b/pkgs/development/libraries/science/math/openblas/default.nix @@ -179,6 +179,8 @@ stdenv.mkDerivation rec { buildPackages.stdenv.cc ]; + enableParallelBuilding = true; + makeFlags = mkMakeFlagsFromConfig (config // { FC = "${stdenv.cc.targetPrefix}gfortran"; CC = "${stdenv.cc.targetPrefix}${if stdenv.cc.isClang then "clang" else "cc"}"; @@ -196,6 +198,10 @@ stdenv.mkDerivation rec { NO_BINARY_MODE = if stdenv.isx86_64 then toString (stdenv.hostPlatform != stdenv.buildPlatform) else stdenv.hostPlatform != stdenv.buildPlatform; + # This disables automatic build job count detection (which honours neither enableParallelBuilding nor NIX_BUILD_CORES) + # and uses the main make invocation's job count, falling back to 1 if no parallelism is used. + # https://github.com/xianyi/OpenBLAS/blob/v0.3.20/getarch.c#L1781-L1792 + MAKE_NB_JOBS = 0; } // (lib.optionalAttrs singleThreaded { # As described on https://github.com/xianyi/OpenBLAS/wiki/Faq/4bded95e8dc8aadc70ce65267d1093ca7bdefc4c#multi-threaded USE_THREAD = false; diff --git a/pkgs/development/libraries/science/networking/ns-3/default.nix b/pkgs/development/libraries/science/networking/ns-3/default.nix index b9f7946f716..9f80470eff2 100644 --- a/pkgs/development/libraries/science/networking/ns-3/default.nix +++ b/pkgs/development/libraries/science/networking/ns-3/default.nix @@ -53,8 +53,8 @@ stdenv.mkDerivation rec { # ncurses is a hidden dependency of waf when checking python buildInputs = lib.optionals pythonSupport [ castxml ncurses ] - ++ lib.optional enableDoxygen [ doxygen graphviz imagemagick ] - ++ lib.optional withManual [ dia tetex ghostscript texlive.combined.scheme-medium ]; + ++ lib.optionals enableDoxygen [ doxygen graphviz imagemagick ] + ++ lib.optionals withManual [ dia tetex ghostscript texlive.combined.scheme-medium ]; propagatedBuildInputs = [ pythonEnv ]; diff --git a/pkgs/development/libraries/sord/default.nix b/pkgs/development/libraries/sord/default.nix index dee53bd3b2a..efb8bf0b895 100644 --- a/pkgs/development/libraries/sord/default.nix +++ b/pkgs/development/libraries/sord/default.nix @@ -1,31 +1,42 @@ -{ lib, stdenv, fetchFromGitHub, pkg-config, python3, serd, pcre, wafHook }: +{ lib +, stdenv +, doxygen +, fetchFromGitHub +, meson +, ninja +, pcre +, pkg-config +, python3 +, serd +}: stdenv.mkDerivation rec { pname = "sord"; - version = "unstable-2021-01-12"; + version = "0.16.14"; - # Commit picked in mitigation of #109729 src = fetchFromGitHub { owner = "drobilla"; repo = pname; - rev = "d2efdb2d026216449599350b55c2c85c0d3efb89"; - sha256 = "hHTwK+K6cj9MGO77a1IXiUZtEbXZ08cLGkYZ5eMOIVA="; - fetchSubmodules = true; + rev = "v${version}"; + hash = "sha256-S22Szpg6iXeana5t6EpbOtRstthgrJ4Z2cBrf7a9ZBk="; }; - preConfigure = '' - export PKGCONFIG="$PKG_CONFIG" - ''; - - nativeBuildInputs = [ pkg-config python3 wafHook ]; + nativeBuildInputs = [ + doxygen + meson + ninja + pkg-config + python3 + ]; buildInputs = [ pcre ]; propagatedBuildInputs = [ serd ]; - dontAddWafCrossFlags = true; + + doCheck = true; meta = with lib; { homepage = "http://drobilla.net/software/sord"; description = "A lightweight C library for storing RDF data in memory"; - license = licenses.mit; + license = with licenses; [ bsd0 isc ]; maintainers = [ maintainers.goibhniu ]; platforms = platforms.unix; }; diff --git a/pkgs/development/libraries/speechd/default.nix b/pkgs/development/libraries/speechd/default.nix index d27eabecf46..021246d7302 100644 --- a/pkgs/development/libraries/speechd/default.nix +++ b/pkgs/development/libraries/speechd/default.nix @@ -69,9 +69,9 @@ in stdenv.mkDerivation rec { espeak sonic pcaudiolib - ] ++ lib.optional withFlite [ + ] ++ lib.optionals withFlite [ flite - ] ++ lib.optional withPico [ + ] ++ lib.optionals withPico [ svox ]; @@ -83,17 +83,17 @@ in stdenv.mkDerivation rec { # Audio method falls back from left to right. "--with-default-audio-method=\"libao,pulse,alsa,oss\"" "--with-systemdsystemunitdir=${placeholder "out"}/lib/systemd/system" - ] ++ lib.optional withPulse [ + ] ++ lib.optionals withPulse [ "--with-pulse" - ] ++ lib.optional withAlsa [ + ] ++ lib.optionals withAlsa [ "--with-alsa" - ] ++ lib.optional withLibao [ + ] ++ lib.optionals withLibao [ "--with-libao" - ] ++ lib.optional withOss [ + ] ++ lib.optionals withOss [ "--with-oss" - ] ++ lib.optional withEspeak [ + ] ++ lib.optionals withEspeak [ "--with-espeak-ng" - ] ++ lib.optional withPico [ + ] ++ lib.optionals withPico [ "--with-pico" ]; diff --git a/pkgs/development/libraries/speex/default.nix b/pkgs/development/libraries/speex/default.nix index 5509be7822d..cc7f8abd670 100644 --- a/pkgs/development/libraries/speex/default.nix +++ b/pkgs/development/libraries/speex/default.nix @@ -1,26 +1,18 @@ -{ lib, stdenv, fetchurl, fetchpatch, autoreconfHook, pkg-config, fftw, speexdsp }: +{ lib, stdenv, fetchurl, autoreconfHook, pkg-config, fftw, speexdsp }: stdenv.mkDerivation rec { pname = "speex"; - version = "1.2.0"; + version = "1.2.1"; src = fetchurl { url = "http://downloads.us.xiph.org/releases/speex/speex-${version}.tar.gz"; - sha256 = "150047wnllz4r94whb9r73l5qf0z5z3rlhy98bawfbblmkq8mbpa"; + sha256 = "sha256-S0TU8rOKNwotmKeDKf78VqDPk9HBvnACkhe6rmYo/uo="; }; postPatch = '' sed -i '/AC_CONFIG_MACRO_DIR/i PKG_PROG_PKG_CONFIG' configure.ac ''; - patches = [ - (fetchpatch { - name = "CVE-2020-23903.patch"; - url = "https://github.com/xiph/speex/commit/870ff845b32f314aec0036641ffe18aba4916887.patch"; - sha256 = "sha256-uEMDhDTw/LIWNPPCXW6kF+udBmNO88G/jJTojAA9fs8="; - }) - ]; - outputs = [ "out" "dev" "doc" ]; nativeBuildInputs = [ autoreconfHook pkg-config ]; diff --git a/pkgs/development/libraries/sqlite/default.nix b/pkgs/development/libraries/sqlite/default.nix index 786c3c9e313..085e330bed4 100644 --- a/pkgs/development/libraries/sqlite/default.nix +++ b/pkgs/development/libraries/sqlite/default.nix @@ -17,13 +17,13 @@ in stdenv.mkDerivation rec { pname = "sqlite${optionalString interactive "-interactive"}"; - version = "3.39.3"; + version = "3.39.4"; # nixpkgs-update: no auto update # NB! Make sure to update ./tools.nix src (in the same directory). src = fetchurl { url = "https://sqlite.org/2022/sqlite-autoconf-${archiveVersion version}.tar.gz"; - sha256 = "sha256-eGj7MIK+Pyz0SRxvum3ivdy8KTo1/vsGJO48E/AUIrk="; + sha256 = "sha256-8x1EW0jmfihM8gZxfMFwq2PL5P1/eagnk7dyKF54/bs="; }; outputs = [ "bin" "dev" "out" ]; diff --git a/pkgs/development/libraries/sqlite/tools.nix b/pkgs/development/libraries/sqlite/tools.nix index 92d521b1916..4467f38b047 100644 --- a/pkgs/development/libraries/sqlite/tools.nix +++ b/pkgs/development/libraries/sqlite/tools.nix @@ -4,12 +4,12 @@ let archiveVersion = import ./archive-version.nix lib; mkTool = { pname, makeTarget, description, homepage, mainProgram }: stdenv.mkDerivation rec { inherit pname; - version = "3.39.3"; + version = "3.39.4"; # nixpkgs-update: no auto update src = assert version == sqlite.version; fetchurl { url = "https://sqlite.org/2022/sqlite-src-${archiveVersion version}.zip"; - sha256 = "sha256-GMEvLh2hEkIRc8hcT4rtQyYScsGwR0qgdZKI/TD6ufw="; + sha256 = "sha256-AtlsbM+BGrm2ORnvcX9+UqRQxCDga9Ep+0g81ww7O7o="; }; nativeBuildInputs = [ unzip ]; diff --git a/pkgs/development/libraries/talloc/default.nix b/pkgs/development/libraries/talloc/default.nix index cb7af61a63e..fb52f75f8c1 100644 --- a/pkgs/development/libraries/talloc/default.nix +++ b/pkgs/development/libraries/talloc/default.nix @@ -4,6 +4,7 @@ , pkg-config , readline , libxslt +, libxcrypt , docbook-xsl-nons , docbook_xml_dtd_42 , fixDarwinDylibNames @@ -33,6 +34,7 @@ stdenv.mkDerivation rec { python3 readline libxslt + libxcrypt ]; wafPath = "buildtools/bin/waf"; diff --git a/pkgs/development/libraries/tdb/default.nix b/pkgs/development/libraries/tdb/default.nix index f040022cc91..9a534c4c146 100644 --- a/pkgs/development/libraries/tdb/default.nix +++ b/pkgs/development/libraries/tdb/default.nix @@ -5,6 +5,7 @@ , python3 , readline , libxslt +, libxcrypt , docbook-xsl-nons , docbook_xml_dtd_45 }: @@ -30,6 +31,7 @@ stdenv.mkDerivation rec { buildInputs = [ python3 readline # required to build python + libxcrypt ]; wafPath = "buildtools/bin/waf"; diff --git a/pkgs/development/libraries/vtk/generic.nix b/pkgs/development/libraries/vtk/generic.nix index b88ddee6b24..555e7d0a45d 100644 --- a/pkgs/development/libraries/vtk/generic.nix +++ b/pkgs/development/libraries/vtk/generic.nix @@ -48,7 +48,7 @@ in stdenv.mkDerivation rec { ImageIO OpenGL GLUT - ] ++ optional enablePython [ + ] ++ optionals enablePython [ pythonInterpreter ]; propagatedBuildInputs = optionals stdenv.isDarwin [ libobjc ]; diff --git a/pkgs/development/libraries/wavpack/default.nix b/pkgs/development/libraries/wavpack/default.nix index e3527ac32a4..67d8bccf51f 100644 --- a/pkgs/development/libraries/wavpack/default.nix +++ b/pkgs/development/libraries/wavpack/default.nix @@ -1,19 +1,22 @@ -{ lib, stdenv, fetchFromGitHub, autoreconfHook, libiconv }: +{ lib, stdenv, fetchFromGitHub, gettext, autoreconfHook, libiconv }: stdenv.mkDerivation rec { pname = "wavpack"; - version = "5.4.0"; + version = "5.5.0"; enableParallelBuilding = true; nativeBuildInputs = [ autoreconfHook ]; buildInputs = lib.optional stdenv.isDarwin libiconv; + # autogen.sh:9 + preAutoreconf = "cp ${gettext}/share/gettext/config.rpath ."; + src = fetchFromGitHub { owner = "dbry"; repo = "WavPack"; rev = version; - sha256 = "1b6szk2vmnqnv5w7h8yc1iazjlidlraq1lwjbmc3fi0snbn6qj44"; + hash = "sha256-4QDtLywu0PT+YsMV26M74bL2P7p4s1tk8ZBQtQcubaU="; }; meta = with lib; { diff --git a/pkgs/development/libraries/x264/default.nix b/pkgs/development/libraries/x264/default.nix index df248f6b4d4..15379000239 100644 --- a/pkgs/development/libraries/x264/default.nix +++ b/pkgs/development/libraries/x264/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchFromGitLab, nasm +{ stdenv, lib, fetchFromGitLab, fetchpatch, nasm , enableShared ? !stdenv.hostPlatform.isStatic }: @@ -16,7 +16,15 @@ stdenv.mkDerivation rec { # Upstream ./configure greps for (-mcpu|-march|-mfpu) in CFLAGS, which in nix # is put in the cc wrapper anyway. - patches = [ ./disable-arm-neon-default.patch ]; + patches = [ + ./disable-arm-neon-default.patch + (fetchpatch { + # https://code.videolan.org/videolan/x264/-/merge_requests/114 + name = "fix-parallelism.patch"; + url = "https://code.videolan.org/videolan/x264/-/commit/e067ab0b530395f90b578f6d05ab0a225e2efdf9.patch"; + hash = "sha256-16h2IUCRjYlKI2RXYq8QyXukAdfoQxyBKsK/nI6vhRI="; + }) + ]; postPatch = '' patchShebangs . diff --git a/pkgs/development/libraries/zeroc-ice/default.nix b/pkgs/development/libraries/zeroc-ice/default.nix index 4eef03c4a61..3050525c2a2 100644 --- a/pkgs/development/libraries/zeroc-ice/default.nix +++ b/pkgs/development/libraries/zeroc-ice/default.nix @@ -1,5 +1,5 @@ { stdenv, lib, fetchFromGitHub -, bzip2, expat, libedit, lmdb, openssl +, bzip2, expat, libedit, lmdb, openssl, libxcrypt , python3 # for tests only , cpp11 ? false }: @@ -31,7 +31,7 @@ in stdenv.mkDerivation rec { sha256 = "sha256-h455isEmnRyoasXhh1UaA5PICcEEM8/C3IJf5yHRl5g="; }; - buildInputs = [ zeroc_mcpp bzip2 expat libedit lmdb openssl ]; + buildInputs = [ zeroc_mcpp bzip2 expat libedit lmdb openssl libxcrypt ]; preBuild = '' makeFlagsArray+=( diff --git a/pkgs/development/lua-modules/overrides.nix b/pkgs/development/lua-modules/overrides.nix index a59f1d94da9..5becc91699b 100644 --- a/pkgs/development/lua-modules/overrides.nix +++ b/pkgs/development/lua-modules/overrides.nix @@ -22,6 +22,7 @@ , libmysqlclient , libuuid , libuv +, libxcrypt , libyaml , mariadb , mpfr @@ -336,6 +337,12 @@ with prev; ]; }); + luaposix = prev.luaLib.overrideLuarocks prev.luaposix (drv: { + externalDeps = [ + { name = "CRYPT"; dep = libxcrypt; } + ]; + }); + luasec = prev.luaLib.overrideLuarocks prev.luasec (drv: { externalDeps = [ { name = "OPENSSL"; dep = openssl_1_1; } @@ -513,7 +520,6 @@ with prev; make all ''; }); - vusted = prev.vusted.overrideAttrs (_: { # make sure vusted_entry.vim doesn't get wrapped postInstall = '' @@ -521,11 +527,6 @@ with prev; ''; }); - # TODO just while testing, remove afterwards - # toVimPlugin should do it instead - gitsigns-nvim = prev.gitsigns-nvim.overrideAttrs (oa: { - nativeBuildInputs = oa.nativeBuildInputs or [ ] ++ [ vimUtils.vimGenDocHook ]; - }); # aliases cjson = prev.lua-cjson; diff --git a/pkgs/development/mobile/androidenv/cmake.nix b/pkgs/development/mobile/androidenv/cmake.nix index 3abad6b41f6..7df24ad4cc2 100644 --- a/pkgs/development/mobile/androidenv/cmake.nix +++ b/pkgs/development/mobile/androidenv/cmake.nix @@ -3,7 +3,7 @@ deployAndroidPackage { inherit package os; nativeBuildInputs = lib.optionals stdenv.isLinux [ autoPatchelfHook ]; - buildInputs = lib.optional (os == "linux") [ pkgs.stdenv.cc.libc pkgs.stdenv.cc.cc pkgs.ncurses5 ]; + buildInputs = lib.optionals (os == "linux") [ pkgs.stdenv.cc.libc pkgs.stdenv.cc.cc pkgs.ncurses5 ]; patchInstructions = lib.optionalString (os == "linux") '' autoPatchelf $packageBaseDir/bin ''; diff --git a/pkgs/development/mobile/androidenv/ndk-bundle/default.nix b/pkgs/development/mobile/androidenv/ndk-bundle/default.nix index 0f3e7e4faa2..ad729e24fb8 100644 --- a/pkgs/development/mobile/androidenv/ndk-bundle/default.nix +++ b/pkgs/development/mobile/androidenv/ndk-bundle/default.nix @@ -12,7 +12,7 @@ deployAndroidPackage { nativeBuildInputs = [ makeWrapper ] ++ lib.optionals stdenv.isLinux [ autoPatchelfHook ]; autoPatchelfIgnoreMissingDeps = true; - buildInputs = lib.optional (os == "linux") [ pkgs.zlib ]; + buildInputs = lib.optionals (os == "linux") [ pkgs.zlib ]; patchInstructions = lib.optionalString (os == "linux") ('' patchShebangs . diff --git a/pkgs/development/mobile/androidenv/tools/25.nix b/pkgs/development/mobile/androidenv/tools/25.nix index 28ea249df25..82642e04280 100644 --- a/pkgs/development/mobile/androidenv/tools/25.nix +++ b/pkgs/development/mobile/androidenv/tools/25.nix @@ -3,7 +3,7 @@ deployAndroidPackage { name = "androidsdk"; nativeBuildInputs = [ autoPatchelfHook makeWrapper ]; - buildInputs = lib.optional (os == "linux") [ pkgs.glibc pkgs.xorg.libX11 pkgs.xorg.libXext pkgs.xorg.libXdamage pkgs.xorg.libxcb pkgs.xorg.libXfixes pkgs.xorg.libXrender pkgs.fontconfig.lib pkgs.freetype pkgs.libGL pkgs.zlib pkgs.ncurses5 pkgs.libpulseaudio pkgs_i686.glibc pkgs_i686.xorg.libX11 pkgs_i686.xorg.libXrender pkgs_i686.fontconfig pkgs_i686.freetype pkgs_i686.zlib ]; + buildInputs = lib.optionals (os == "linux") [ pkgs.glibc pkgs.xorg.libX11 pkgs.xorg.libXext pkgs.xorg.libXdamage pkgs.xorg.libxcb pkgs.xorg.libXfixes pkgs.xorg.libXrender pkgs.fontconfig.lib pkgs.freetype pkgs.libGL pkgs.zlib pkgs.ncurses5 pkgs.libpulseaudio pkgs_i686.glibc pkgs_i686.xorg.libX11 pkgs_i686.xorg.libXrender pkgs_i686.fontconfig pkgs_i686.freetype pkgs_i686.zlib ]; inherit package os; patchInstructions = '' diff --git a/pkgs/development/node-packages/overrides.nix b/pkgs/development/node-packages/overrides.nix index 32d51ac52f3..496e80c175a 100644 --- a/pkgs/development/node-packages/overrides.nix +++ b/pkgs/development/node-packages/overrides.nix @@ -96,13 +96,13 @@ final: prev: { nativeBuildInputs = with pkgs; [ pkg-config ] ++ lib.optionals stdenv.isDarwin [ - xcbuild darwin.apple_sdk.frameworks.CoreText ]; buildInputs = with pkgs; [ pixman cairo pango + giflib ]; }; @@ -147,14 +147,13 @@ final: prev: { # ../../applications/video/epgstation epgstation = prev."epgstation-../../applications/video/epgstation".override (oldAttrs: { buildInputs = [ pkgs.postgresql ]; - nativeBuildInputs = [ final.node-pre-gyp final.node-gyp-build pkgs.which ] ++ lib.optionals stdenv.isDarwin [ pkgs.xcbuild ]; + nativeBuildInputs = [ final.node-pre-gyp final.node-gyp-build pkgs.which ]; meta = oldAttrs.meta // { platforms = lib.platforms.none; }; }); # NOTE: this is a stub package to fetch npm dependencies for # ../../applications/video/epgstation/client epgstation-client = prev."epgstation-client-../../applications/video/epgstation/client".override (oldAttrs: { - nativeBuildInputs = lib.optionals stdenv.isDarwin [ pkgs.xcbuild ]; meta = oldAttrs.meta // { platforms = lib.platforms.none; }; }); @@ -222,11 +221,7 @@ final: prev: { }); joplin = prev.joplin.override { - nativeBuildInputs = with pkgs; [ - pkg-config - ] ++ lib.optionals stdenv.isDarwin [ - xcbuild - ]; + nativeBuildInputs = [ pkgs.pkg-config ]; buildInputs = with pkgs; [ # required by sharp # https://sharp.pixelplumbing.com/install @@ -292,10 +287,6 @@ final: prev: { ''; }; - mastodon-bot = prev.mastodon-bot.override { - nativeBuildInputs = lib.optionals stdenv.isDarwin [ pkgs.xcbuild ]; - }; - mermaid-cli = prev."@mermaid-js/mermaid-cli".override ( if stdenv.isDarwin then {} @@ -432,7 +423,7 @@ final: prev: { pulp = prev.pulp.override { # tries to install purescript - npmFlags = "--ignore-scripts"; + npmFlags = builtins.toString [ "--ignore-scripts" ]; nativeBuildInputs = [ pkgs.buildPackages.makeWrapper ]; postInstall = '' @@ -513,11 +504,7 @@ final: prev: { }; thelounge-plugin-giphy = prev.thelounge-plugin-giphy.override { - nativeBuildInputs = [ - final.node-pre-gyp - ] ++ lib.optionals stdenv.isDarwin [ - pkgs.xcbuild - ]; + nativeBuildInputs = [ final.node-pre-gyp ]; }; thelounge-theme-flat-blue = prev.thelounge-theme-flat-blue.override { diff --git a/pkgs/development/ocaml-modules/bz2/default.nix b/pkgs/development/ocaml-modules/bz2/default.nix index 6d8b56ae232..835570dc9ab 100644 --- a/pkgs/development/ocaml-modules/bz2/default.nix +++ b/pkgs/development/ocaml-modules/bz2/default.nix @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { sha256 = "sha256-jBFEkLN2fbC3LxTu7C0iuhvNg64duuckBHWZoBxrV/U="; }; - autoreconfFlags = "-I ."; + autoreconfFlags = [ "-I" "." ]; nativeBuildInputs = [ autoreconfHook diff --git a/pkgs/development/ocaml-modules/cudf/default.nix b/pkgs/development/ocaml-modules/cudf/default.nix index fe9793ea532..54e96e047e5 100644 --- a/pkgs/development/ocaml-modules/cudf/default.nix +++ b/pkgs/development/ocaml-modules/cudf/default.nix @@ -38,7 +38,7 @@ stdenv.mkDerivation { doCheck = true; preInstall = "mkdir -p $OCAMLFIND_DESTDIR"; - installFlags = "BINDIR=$(out)/bin"; + installFlags = [ "BINDIR=$(out)/bin" ]; meta = with lib; { description = "A library for CUDF format"; diff --git a/pkgs/development/python-modules/aiodns/default.nix b/pkgs/development/python-modules/aiodns/default.nix index 9c626618ff0..a5cf035aa06 100644 --- a/pkgs/development/python-modules/aiodns/default.nix +++ b/pkgs/development/python-modules/aiodns/default.nix @@ -20,7 +20,7 @@ buildPythonPackage rec { propagatedBuildInputs = [ pycares - ] ++ lib.optional (pythonOlder "3.7") [ + ] ++ lib.optionals (pythonOlder "3.7") [ typing ]; diff --git a/pkgs/development/python-modules/ansible-runner/default.nix b/pkgs/development/python-modules/ansible-runner/default.nix index c261e5b163b..14dfb65cfea 100644 --- a/pkgs/development/python-modules/ansible-runner/default.nix +++ b/pkgs/development/python-modules/ansible-runner/default.nix @@ -65,7 +65,7 @@ buildPythonPackage rec { "test_large_stdout_blob" # Failed: DID NOT RAISE <class 'RuntimeError'> "test_validate_pattern" - ] ++ lib.optional stdenv.isDarwin [ + ] ++ lib.optionals stdenv.isDarwin [ # test_process_isolation_settings is currently broken on Darwin Catalina # https://github.com/ansible/ansible-runner/issues/413 "process_isolation_settings" diff --git a/pkgs/development/python-modules/aspy-refactor-imports/default.nix b/pkgs/development/python-modules/aspy-refactor-imports/default.nix index cfe935e16e8..a19002449df 100644 --- a/pkgs/development/python-modules/aspy-refactor-imports/default.nix +++ b/pkgs/development/python-modules/aspy-refactor-imports/default.nix @@ -27,7 +27,7 @@ buildPythonPackage rec { ]; # fails on darwin due to case-insensitive file system - disabledTests = lib.optional stdenv.isDarwin ["test_application_directory_case"]; + disabledTests = lib.optionals stdenv.isDarwin ["test_application_directory_case"]; meta = with lib; { description = "Utilities for refactoring imports in python-like syntax."; diff --git a/pkgs/development/python-modules/asyncio_mqtt/default.nix b/pkgs/development/python-modules/asyncio_mqtt/default.nix index c0ae1cea95f..a87bca43964 100644 --- a/pkgs/development/python-modules/asyncio_mqtt/default.nix +++ b/pkgs/development/python-modules/asyncio_mqtt/default.nix @@ -19,7 +19,7 @@ buildPythonPackage rec { propagatedBuildInputs = [ paho-mqtt - ] ++ lib.optional (pythonOlder "3.7") [ + ] ++ lib.optionals (pythonOlder "3.7") [ async_generator ]; diff --git a/pkgs/development/python-modules/azure-core/default.nix b/pkgs/development/python-modules/azure-core/default.nix index 5237130f59f..75cf3958761 100644 --- a/pkgs/development/python-modules/azure-core/default.nix +++ b/pkgs/development/python-modules/azure-core/default.nix @@ -63,7 +63,7 @@ buildPythonPackage rec { # disable 8 tests failing on some darwin machines with errors: # azure.core.polling.base_polling.BadStatus: Invalid return status 403 for 'GET' operation # azure.core.exceptions.HttpResponseError: Operation returned an invalid status 'Forbidden' - ] ++ lib.optional stdenv.isDarwin [ + ] ++ lib.optionals stdenv.isDarwin [ "location_polling_fail" ]; disabledTestPaths = [ diff --git a/pkgs/development/python-modules/behave/default.nix b/pkgs/development/python-modules/behave/default.nix index 5254f79c4b2..1030e589a21 100644 --- a/pkgs/development/python-modules/behave/default.nix +++ b/pkgs/development/python-modules/behave/default.nix @@ -1,11 +1,11 @@ { lib, stdenv, fetchFromGitHub -, buildPythonApplication, python +, buildPythonPackage, python , pytestCheckHook, mock, path, pyhamcrest, pytest-html , glibcLocales , colorama, cucumber-tag-expressions, parse, parse-type, six }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "behave"; version = "1.2.7.dev2"; diff --git a/pkgs/development/python-modules/betterproto/default.nix b/pkgs/development/python-modules/betterproto/default.nix index 2f6ba2e29a2..b49204ee8c4 100644 --- a/pkgs/development/python-modules/betterproto/default.nix +++ b/pkgs/development/python-modules/betterproto/default.nix @@ -35,7 +35,7 @@ buildPythonPackage rec { propagatedBuildInputs = [ grpclib python-dateutil - ] ++ lib.optional (pythonOlder "3.7") [ + ] ++ lib.optionals (pythonOlder "3.7") [ dataclasses ]; diff --git a/pkgs/development/python-modules/catboost/default.nix b/pkgs/development/python-modules/catboost/default.nix index 02e107f27e1..9a395bc6c98 100644 --- a/pkgs/development/python-modules/catboost/default.nix +++ b/pkgs/development/python-modules/catboost/default.nix @@ -19,7 +19,7 @@ buildPythonPackage rec { nativeBuildInputs = [ clang_12 python2 ]; propagatedBuildInputs = [ graphviz matplotlib numpy pandas scipy plotly six ] - ++ lib.optional withCuda [ cudatoolkit ]; + ++ lib.optionals withCuda [ cudatoolkit ]; patches = [ ./nix-support.patch diff --git a/pkgs/development/python-modules/certifi/default.nix b/pkgs/development/python-modules/certifi/default.nix index 674fc1183d8..ecf7ed49aa5 100644 --- a/pkgs/development/python-modules/certifi/default.nix +++ b/pkgs/development/python-modules/certifi/default.nix @@ -7,22 +7,24 @@ buildPythonPackage rec { pname = "certifi"; - version = "2022.06.15"; + version = "2022.09.24"; - disabled = pythonOlder "3.5"; + disabled = pythonOlder "3.6"; src = fetchFromGitHub { owner = pname; repo = "python-certifi"; rev = version; - sha256 = "sha256-CKO8wF5FMGLIZbTd7YrKE9OWV9MbfQ2+BMc5IPk1FFU="; + hash = "sha256-B6LO6AfG9cfpyNI7hj3VjmGTFsrrIkDYO4gPMkZY74w="; }; checkInputs = [ pytestCheckHook ]; - pythonImportsCheck = [ "certifi" ]; + pythonImportsCheck = [ + "certifi" + ]; meta = with lib; { homepage = "https://github.com/certifi/python-certifi"; diff --git a/pkgs/development/python-modules/ciso8601/default.nix b/pkgs/development/python-modules/ciso8601/default.nix index e210e974414..79afe850007 100644 --- a/pkgs/development/python-modules/ciso8601/default.nix +++ b/pkgs/development/python-modules/ciso8601/default.nix @@ -19,7 +19,7 @@ buildPythonPackage rec { checkInputs = [ pytz - ] ++ lib.optional (isPy27) [ + ] ++ lib.optionals (isPy27) [ unittest2 ]; diff --git a/pkgs/development/python-modules/clintermission/default.nix b/pkgs/development/python-modules/clintermission/default.nix index a0e5dcb7142..b5df005978c 100644 --- a/pkgs/development/python-modules/clintermission/default.nix +++ b/pkgs/development/python-modules/clintermission/default.nix @@ -1,8 +1,15 @@ -{ lib, buildPythonApplication, fetchFromGitHub, isPy3k, prompt-toolkit }: +{ lib +, buildPythonPackage +, fetchFromGitHub +, isPy3k +, prompt-toolkit }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "clintermission"; version = "0.2.0"; + format = "setuptools"; + + disabled = !isPy3k; src = fetchFromGitHub { owner = "sebageek"; @@ -11,14 +18,16 @@ buildPythonApplication rec { sha256 = "09wl0rpw6c9hab51rs957z64b0v9j4fcbqbn726wnapf4z5w6yxv"; }; - propagatedBuildInputs = [ prompt-toolkit ]; - - disabled = !isPy3k; + propagatedBuildInputs = [ + prompt-toolkit + ]; # repo contains no tests doCheck = false; - pythonImportsCheck = [ "clintermission" ]; + pythonImportsCheck = [ + "clintermission" + ]; meta = with lib; { description = "Non-fullscreen command-line selection menu"; diff --git a/pkgs/development/python-modules/coconut/default.nix b/pkgs/development/python-modules/coconut/default.nix index b7301cf1e73..dec024fa838 100644 --- a/pkgs/development/python-modules/coconut/default.nix +++ b/pkgs/development/python-modules/coconut/default.nix @@ -1,5 +1,5 @@ { lib -, buildPythonApplication +, buildPythonPackage , fetchFromGitHub , cpyparsing , ipykernel @@ -12,7 +12,7 @@ , watchdog }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "coconut"; version = "1.6.0"; diff --git a/pkgs/development/python-modules/deprecation/default.nix b/pkgs/development/python-modules/deprecation/default.nix index 441971fa6e7..0e15f2d74c6 100644 --- a/pkgs/development/python-modules/deprecation/default.nix +++ b/pkgs/development/python-modules/deprecation/default.nix @@ -30,7 +30,7 @@ buildPythonPackage rec { # avoiding mass rebuilds for python3.9, but no longer # needed with patch - checkInputs = [ unittestCheckHook ] ++ lib.optional (pythonOlder "3.10") [ + checkInputs = [ unittestCheckHook ] ++ lib.optionals (pythonOlder "3.10") [ unittest2 ]; diff --git a/pkgs/development/python-modules/dnspython/default.nix b/pkgs/development/python-modules/dnspython/default.nix index 1dbbba48b10..4b714859649 100644 --- a/pkgs/development/python-modules/dnspython/default.nix +++ b/pkgs/development/python-modules/dnspython/default.nix @@ -21,7 +21,7 @@ buildPythonPackage rec { checkInputs = [ pytestCheckHook - ] ++ lib.optional stdenv.isDarwin [ + ] ++ lib.optionals stdenv.isDarwin [ cacert ]; diff --git a/pkgs/development/python-modules/drivelib/default.nix b/pkgs/development/python-modules/drivelib/default.nix index 526e58d1434..7b0a629e8a8 100644 --- a/pkgs/development/python-modules/drivelib/default.nix +++ b/pkgs/development/python-modules/drivelib/default.nix @@ -1,5 +1,5 @@ { lib -, buildPythonApplication +, buildPythonPackage , fetchPypi , expiringdict , google-auth-httplib2 @@ -7,7 +7,7 @@ , google-api-python-client }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "drivelib"; version = "0.3.0"; diff --git a/pkgs/development/python-modules/enlighten/default.nix b/pkgs/development/python-modules/enlighten/default.nix index 8ac970ebd78..1946aa61497 100644 --- a/pkgs/development/python-modules/enlighten/default.nix +++ b/pkgs/development/python-modules/enlighten/default.nix @@ -36,7 +36,7 @@ buildPythonPackage rec { disabledTests = [ # AssertionError: <_io.TextIOWrapper name='<stdout>' mode='w' encoding='utf-8'> is not... "test_init" - ] ++ lib.optional stdenv.isDarwin [ + ] ++ lib.optionals stdenv.isDarwin [ # https://github.com/Rockhopper-Technologies/enlighten/issues/44 "test_autorefresh" ]; diff --git a/pkgs/development/python-modules/expiringdict/default.nix b/pkgs/development/python-modules/expiringdict/default.nix index 942feff4513..9dfe60aca7e 100644 --- a/pkgs/development/python-modules/expiringdict/default.nix +++ b/pkgs/development/python-modules/expiringdict/default.nix @@ -1,5 +1,5 @@ { lib -, buildPythonApplication +, buildPythonPackage , fetchFromGitHub , dill , coverage @@ -8,16 +8,17 @@ , nose }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "expiringdict"; version = "1.2.2"; + format = "setuptools"; # use fetchFromGitHub instead of fetchPypi because the test suite of # the package is not included into the PyPI tarball src = fetchFromGitHub { owner = "mailgun"; repo = pname; - rev = "v${version}"; + rev = "refs/tags/v${version}"; sha256 = "sha256-vRhJSHIqc51I+s/wndtfANM44CKW3QS1iajqyoSBf0I="; }; @@ -30,14 +31,18 @@ buildPythonApplication rec { ]; checkPhase = '' + runHook preCheck nosetests -v --with-coverage --cover-package=expiringdict + runHook postCheck ''; - pythonImportsCheck = [ "expiringdict" ]; + pythonImportsCheck = [ + "expiringdict" + ]; meta = with lib; { description = "Dictionary with auto-expiring values for caching purposes"; - homepage = "https://pypi.org/project/expiringdict/"; + homepage = "https://github.com/mailgun/expiringdict"; license = licenses.asl20; maintainers = with maintainers; [ gravndal ]; }; diff --git a/pkgs/development/python-modules/filecheck/default.nix b/pkgs/development/python-modules/filecheck/default.nix index 2480c196881..9cbd8bde211 100644 --- a/pkgs/development/python-modules/filecheck/default.nix +++ b/pkgs/development/python-modules/filecheck/default.nix @@ -1,10 +1,11 @@ { lib -, buildPythonApplication +, buildPythonPackage , fetchFromGitHub -, poetry +, poetry-core +, pytestCheckHook }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "filecheck"; version = "0.0.22"; format = "pyproject"; @@ -16,9 +17,23 @@ buildPythonApplication rec { sha256 = "sha256-I2SypKkgcVuLyLiwNw5oWDb9qT56TbC6vbui8PEcziI="; }; - nativeBuildInputs = [ poetry ]; + postPatch = '' + substituteInPlace pyproject.toml \ + --replace "poetry>=0.12" "poetry-core" \ + --replace "poetry.masonry.api" "poetry.core.masonry.api" + ''; - pythonImportsCheck = [ "filecheck" ]; + nativeBuildInputs = [ + poetry-core + ]; + + checkInputs = [ + pytestCheckHook + ]; + + pythonImportsCheck = [ + "filecheck" + ]; meta = with lib; { homepage = "https://github.com/mull-project/FileCheck.py"; diff --git a/pkgs/development/python-modules/fixtures/default.nix b/pkgs/development/python-modules/fixtures/default.nix index 3e9f9943327..2bc6612ba70 100644 --- a/pkgs/development/python-modules/fixtures/default.nix +++ b/pkgs/development/python-modules/fixtures/default.nix @@ -19,7 +19,7 @@ buildPythonPackage rec { sha256 = "fcf0d60234f1544da717a9738325812de1f42c2fa085e2d9252d8fff5712b2ef"; }; - patches = lib.optional (pythonAtLeast "3.9") [ + patches = lib.optionals (pythonAtLeast "3.9") [ # drop tests that try to monkeypatch a classmethod, which fails on python3.9 # https://github.com/testing-cabal/fixtures/issues/44 (fetchpatch { diff --git a/pkgs/development/python-modules/funcsigs/default.nix b/pkgs/development/python-modules/funcsigs/default.nix index 115d358cb78..a59b6f33b5f 100644 --- a/pkgs/development/python-modules/funcsigs/default.nix +++ b/pkgs/development/python-modules/funcsigs/default.nix @@ -12,7 +12,7 @@ buildPythonPackage rec { }; # https://github.com/testing-cabal/funcsigs/issues/10 - patches = lib.optional (isPyPy && isPy3k) [ ./fix-pypy3-tests.patch ]; + patches = lib.optionals (isPyPy && isPy3k) [ ./fix-pypy3-tests.patch ]; # requires, unittest2 and package hasn't been maintained since 2013 doCheck = false; diff --git a/pkgs/development/python-modules/gdown/default.nix b/pkgs/development/python-modules/gdown/default.nix index 91154649c1a..8e958598ab4 100644 --- a/pkgs/development/python-modules/gdown/default.nix +++ b/pkgs/development/python-modules/gdown/default.nix @@ -1,6 +1,6 @@ { lib , beautifulsoup4 -, buildPythonApplication +, buildPythonPackage , fetchPypi , filelock , requests @@ -10,7 +10,7 @@ , pythonOlder }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "gdown"; version = "4.5.3"; format = "setuptools"; diff --git a/pkgs/development/python-modules/glymur/default.nix b/pkgs/development/python-modules/glymur/default.nix index 40748f86954..9c652994a8c 100644 --- a/pkgs/development/python-modules/glymur/default.nix +++ b/pkgs/development/python-modules/glymur/default.nix @@ -26,7 +26,7 @@ buildPythonPackage rec { propagatedBuildInputs = [ numpy - ] ++ lib.optional isPy27 [ contextlib2 mock importlib-resources ]; + ] ++ lib.optionals isPy27 [ contextlib2 mock importlib-resources ]; checkInputs = [ scikitimage diff --git a/pkgs/development/python-modules/gprof2dot/default.nix b/pkgs/development/python-modules/gprof2dot/default.nix index 4eb3a79e5e8..1536c5fcbdb 100644 --- a/pkgs/development/python-modules/gprof2dot/default.nix +++ b/pkgs/development/python-modules/gprof2dot/default.nix @@ -1,13 +1,14 @@ { lib , fetchFromGitHub -, buildPythonApplication +, buildPythonPackage , python , graphviz }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "gprof2dot"; version = "2021.02.21"; + format = "setuptools"; src = fetchFromGitHub { owner = "jrfonseca"; @@ -36,6 +37,6 @@ buildPythonApplication rec { homepage = "https://github.com/jrfonseca/gprof2dot"; description = "Python script to convert the output from many profilers into a dot graph"; license = licenses.lgpl3Plus; - maintainers = [ maintainers.pmiddend ]; + maintainers = with maintainers; [ pmiddend ]; }; } diff --git a/pkgs/development/python-modules/griffe/default.nix b/pkgs/development/python-modules/griffe/default.nix index f7e9fd75855..43191ca0b89 100644 --- a/pkgs/development/python-modules/griffe/default.nix +++ b/pkgs/development/python-modules/griffe/default.nix @@ -1,6 +1,6 @@ { lib , aiofiles -, buildPythonApplication +, buildPythonPackage , cached-property , fetchFromGitHub , git @@ -9,7 +9,7 @@ , pythonOlder }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "griffe"; version = "0.22.0"; format = "pyproject"; diff --git a/pkgs/development/python-modules/hatch-fancy-pypi-readme/default.nix b/pkgs/development/python-modules/hatch-fancy-pypi-readme/default.nix index 4e1a32236f0..4d1ba69c93d 100644 --- a/pkgs/development/python-modules/hatch-fancy-pypi-readme/default.nix +++ b/pkgs/development/python-modules/hatch-fancy-pypi-readme/default.nix @@ -5,11 +5,13 @@ , pythonOlder , build , hatchling +, tomli +, typing-extensions }: buildPythonPackage rec { pname = "hatch-fancy-pypi-readme"; - version = "22.7.0"; + version = "22.8.0"; format = "pyproject"; disabled = pythonOlder "3.7"; @@ -17,7 +19,7 @@ buildPythonPackage rec { src = fetchPypi { pname = "hatch_fancy_pypi_readme"; inherit version; - hash = "sha256-3t8roLgaKXWrsd7ukxCy64XSI4D9oNUoaedgtUNapZY="; + hash = "sha256-2pEoLKCWAcGK3tjjeNr4tXjHAhSGbwlxFW7pu5zmwmo="; }; nativeBuildInputs = [ @@ -26,6 +28,10 @@ buildPythonPackage rec { propagatedBuildInputs = [ hatchling + ] ++ lib.optionals (pythonOlder "3.11") [ + tomli + ] ++ lib.optionals (pythonOlder "3.8") [ + typing-extensions ]; checkInputs = [ diff --git a/pkgs/development/python-modules/hupper/default.nix b/pkgs/development/python-modules/hupper/default.nix index 97260697460..a9e8bd11216 100644 --- a/pkgs/development/python-modules/hupper/default.nix +++ b/pkgs/development/python-modules/hupper/default.nix @@ -19,7 +19,7 @@ buildPythonPackage rec { # segfaults in the testsuite that end up failing the tests in a background thread (in myapp) checkInputs = [ pytestCheckHook - ] ++ lib.optional (!stdenv.isDarwin) [ + ] ++ lib.optionals (!stdenv.isDarwin) [ watchdog ]; diff --git a/pkgs/development/python-modules/importlib-resources/default.nix b/pkgs/development/python-modules/importlib-resources/default.nix index 7e5d7e1448a..12473356872 100644 --- a/pkgs/development/python-modules/importlib-resources/default.nix +++ b/pkgs/development/python-modules/importlib-resources/default.nix @@ -27,7 +27,7 @@ buildPythonPackage rec { propagatedBuildInputs = [ importlib-metadata - ] ++ lib.optional (pythonOlder "3.5") [ + ] ++ lib.optionals (pythonOlder "3.5") [ typing ]; diff --git a/pkgs/development/python-modules/iso8601/default.nix b/pkgs/development/python-modules/iso8601/default.nix index 14cef7c62a8..e189e3778bc 100644 --- a/pkgs/development/python-modules/iso8601/default.nix +++ b/pkgs/development/python-modules/iso8601/default.nix @@ -10,14 +10,14 @@ buildPythonPackage rec { pname = "iso8601"; - version = "1.0.2"; + version = "1.1.0"; format = "pyproject"; - disabled = pythonOlder "3.6"; + disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - sha256 = "sha256-J/UDIg5oRdnblU+yErlbA2LYt+bBsjJqhwYcPek1lLE="; + hash = "sha256-MoEee4He7iBj6m0ulPiBmobR84EeSdI2I6QfqDK+8D8="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/jaraco_text/default.nix b/pkgs/development/python-modules/jaraco_text/default.nix index 341c744a429..4891b2ea38c 100644 --- a/pkgs/development/python-modules/jaraco_text/default.nix +++ b/pkgs/development/python-modules/jaraco_text/default.nix @@ -37,13 +37,13 @@ buildPythonPackage rec { jaraco-context jaraco_functools inflect - ] ++ lib.optional (pythonOlder "3.9") [ + ] ++ lib.optionals (pythonOlder "3.9") [ importlib-resources ]; checkInputs = [ pytestCheckHook - ] ++ lib.optional (pythonOlder "3.10") [ + ] ++ lib.optionals (pythonOlder "3.10") [ pathlib2 ]; diff --git a/pkgs/development/python-modules/jaxlib/default.nix b/pkgs/development/python-modules/jaxlib/default.nix index a47e4e3d952..37bfe4d739f 100644 --- a/pkgs/development/python-modules/jaxlib/default.nix +++ b/pkgs/development/python-modules/jaxlib/default.nix @@ -219,11 +219,11 @@ let # relevant dependencies can be downloaded. bazelFlags = [ "-c opt" - ] ++ lib.optional (stdenv.targetPlatform.isx86_64 && stdenv.targetPlatform.isUnix) [ + ] ++ lib.optionals (stdenv.targetPlatform.isx86_64 && stdenv.targetPlatform.isUnix) [ "--config=avx_posix" - ] ++ lib.optional cudaSupport [ + ] ++ lib.optionals cudaSupport [ "--config=cuda" - ] ++ lib.optional mklSupport [ + ] ++ lib.optionals mklSupport [ "--config=mkl_open_source_only" ] ++ lib.optionals stdenv.cc.isClang [ # bazel depends on the compiler frontend automatically selecting these flags based on file diff --git a/pkgs/development/python-modules/jsbeautifier/default.nix b/pkgs/development/python-modules/jsbeautifier/default.nix index 242b282d4dd..62ca71d52fd 100644 --- a/pkgs/development/python-modules/jsbeautifier/default.nix +++ b/pkgs/development/python-modules/jsbeautifier/default.nix @@ -1,13 +1,13 @@ { lib , fetchPypi -, buildPythonApplication +, buildPythonPackage , editorconfig , pytestCheckHook , pythonOlder , six }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "jsbeautifier"; version = "1.14.6"; format = "setuptools"; diff --git a/pkgs/development/python-modules/language-data/default.nix b/pkgs/development/python-modules/language-data/default.nix index 803df3abaea..ff04b036dc0 100644 --- a/pkgs/development/python-modules/language-data/default.nix +++ b/pkgs/development/python-modules/language-data/default.nix @@ -1,5 +1,5 @@ { lib -, buildPythonApplication +, buildPythonPackage , fetchFromGitHub , marisa-trie , poetry-core @@ -7,7 +7,7 @@ , setuptools }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "language-data"; version = "1.0.1"; format = "pyproject"; diff --git a/pkgs/development/python-modules/lightgbm/default.nix b/pkgs/development/python-modules/lightgbm/default.nix index 015417151b7..ad54268c8cf 100644 --- a/pkgs/development/python-modules/lightgbm/default.nix +++ b/pkgs/development/python-modules/lightgbm/default.nix @@ -23,7 +23,7 @@ buildPythonPackage rec { dontUseCmakeConfigure = true; - buildInputs = lib.optional stdenv.cc.isClang [ llvmPackages.openmp ]; + buildInputs = lib.optionals stdenv.cc.isClang [ llvmPackages.openmp ]; propagatedBuildInputs = [ numpy scipy diff --git a/pkgs/development/python-modules/markdown-it-py/default.nix b/pkgs/development/python-modules/markdown-it-py/default.nix index f4c83d5df34..d408c007100 100644 --- a/pkgs/development/python-modules/markdown-it-py/default.nix +++ b/pkgs/development/python-modules/markdown-it-py/default.nix @@ -35,7 +35,7 @@ buildPythonPackage rec { attrs linkify-it-py mdurl - ] ++ lib.optional (pythonOlder "3.8") [ + ] ++ lib.optionals (pythonOlder "3.8") [ typing-extensions ]; diff --git a/pkgs/development/python-modules/matplotlib/default.nix b/pkgs/development/python-modules/matplotlib/default.nix index ad32c3db7eb..6a507d01ef3 100644 --- a/pkgs/development/python-modules/matplotlib/default.nix +++ b/pkgs/development/python-modules/matplotlib/default.nix @@ -39,9 +39,9 @@ buildPythonPackage rec { buildInputs = [ which sphinx - ] ++ lib.optional enableGhostscript [ + ] ++ lib.optionals enableGhostscript [ ghostscript - ] ++ lib.optional stdenv.isDarwin [ + ] ++ lib.optionals stdenv.isDarwin [ Cocoa ]; diff --git a/pkgs/development/python-modules/mkdocs-autorefs/default.nix b/pkgs/development/python-modules/mkdocs-autorefs/default.nix index ea1dffdf0db..dd88bd332e0 100644 --- a/pkgs/development/python-modules/mkdocs-autorefs/default.nix +++ b/pkgs/development/python-modules/mkdocs-autorefs/default.nix @@ -1,5 +1,5 @@ { lib -, buildPythonApplication +, buildPythonPackage , fetchFromGitHub , markdown , mkdocs @@ -8,7 +8,7 @@ , pythonOlder }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "mkdocs-autorefs"; version = "0.4.1"; format = "pyproject"; diff --git a/pkgs/development/python-modules/mkdocs-material/default.nix b/pkgs/development/python-modules/mkdocs-material/default.nix index f58bbf2e69d..d82c1a65436 100644 --- a/pkgs/development/python-modules/mkdocs-material/default.nix +++ b/pkgs/development/python-modules/mkdocs-material/default.nix @@ -1,6 +1,6 @@ { lib , callPackage -, buildPythonApplication +, buildPythonPackage , fetchFromGitHub , jinja2 , markdown @@ -11,7 +11,7 @@ , pythonOlder }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "mkdocs-material"; version = "8.4.3"; format = "setuptools"; diff --git a/pkgs/development/python-modules/mkdocs-minify/default.nix b/pkgs/development/python-modules/mkdocs-minify/default.nix index 0beeb516416..ee6765d3175 100644 --- a/pkgs/development/python-modules/mkdocs-minify/default.nix +++ b/pkgs/development/python-modules/mkdocs-minify/default.nix @@ -1,14 +1,15 @@ { lib , callPackage -, buildPythonApplication +, buildPythonPackage , fetchFromGitHub , mkdocs , csscompressor , htmlmin , jsmin +, pytestCheckHook }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "mkdocs-minify"; version = "0.5.0"; @@ -26,6 +27,11 @@ buildPythonApplication rec { mkdocs ]; + checkInputs = [ + mkdocs + pytestCheckHook + ]; + pythonImportsCheck = [ "mkdocs" ]; meta = with lib; { diff --git a/pkgs/development/python-modules/mkdocs-redirects/default.nix b/pkgs/development/python-modules/mkdocs-redirects/default.nix index 94bf504a76b..9394692fc5c 100644 --- a/pkgs/development/python-modules/mkdocs-redirects/default.nix +++ b/pkgs/development/python-modules/mkdocs-redirects/default.nix @@ -1,11 +1,12 @@ { lib , callPackage -, buildPythonApplication +, buildPythonPackage , fetchFromGitHub , mkdocs +, pytestCheckHook }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "mkdocs-redirects"; version = "1.2.0"; @@ -20,7 +21,13 @@ buildPythonApplication rec { mkdocs ]; - pythonImportsCheck = [ "mkdocs" ]; + checkInputs = [ + pytestCheckHook + ]; + + pythonImportsCheck = [ + "mkdocs_redirects" + ]; meta = with lib; { description = "Open source plugin for Mkdocs page redirects"; diff --git a/pkgs/development/python-modules/mkdocstrings-python/default.nix b/pkgs/development/python-modules/mkdocstrings-python/default.nix index 4e10c4287d8..58ead577449 100644 --- a/pkgs/development/python-modules/mkdocstrings-python/default.nix +++ b/pkgs/development/python-modules/mkdocstrings-python/default.nix @@ -1,5 +1,5 @@ { lib -, buildPythonApplication +, buildPythonPackage , fetchFromGitHub , griffe , mkdocs-material @@ -9,7 +9,7 @@ , pythonOlder }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "mkdocstrings-python"; version = "0.7.1"; format = "pyproject"; diff --git a/pkgs/development/python-modules/mkdocstrings/default.nix b/pkgs/development/python-modules/mkdocstrings/default.nix index b151727a8fb..5d20ea1a6e9 100644 --- a/pkgs/development/python-modules/mkdocstrings/default.nix +++ b/pkgs/development/python-modules/mkdocstrings/default.nix @@ -1,5 +1,5 @@ { lib -, buildPythonApplication +, buildPythonPackage , fetchFromGitHub , jinja2 , markdown @@ -12,7 +12,7 @@ , pythonOlder }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "mkdocstrings"; version = "0.19.0"; format = "pyproject"; diff --git a/pkgs/development/python-modules/mypy-protobuf/default.nix b/pkgs/development/python-modules/mypy-protobuf/default.nix index 007fd2fd015..c63910abc56 100644 --- a/pkgs/development/python-modules/mypy-protobuf/default.nix +++ b/pkgs/development/python-modules/mypy-protobuf/default.nix @@ -1,6 +1,14 @@ -{ lib, fetchPypi, buildPythonApplication, protobuf, types-protobuf, grpcio-tools, pythonOlder }: +{ lib +, fetchPypi +, buildPythonPackage +, protobuf +, types-protobuf +, grpcio-tools +, pytestCheckHook +, pythonOlder +}: -buildPythonApplication rec { +buildPythonPackage rec { pname = "mypy-protobuf"; version = "3.3.0"; format = "pyproject"; @@ -12,7 +20,21 @@ buildPythonApplication rec { sha256 = "sha256-JPOwrssGZW6YP1jgfHMqkFd7nXrz4QZvwrZju/A3Akg="; }; - propagatedBuildInputs = [ protobuf types-protobuf grpcio-tools ]; + propagatedBuildInputs = [ + protobuf + types-protobuf + grpcio-tools + ]; + + doCheck = false; # ModuleNotFoundError: No module named 'testproto' + + checkInputs = [ + pytestCheckHook + ]; + + pythonImportsCheck = [ + "mypy_protobuf" + ]; meta = with lib; { description = "Generate mypy stub files from protobuf specs"; diff --git a/pkgs/development/python-modules/nipy/default.nix b/pkgs/development/python-modules/nipy/default.nix index 5bdf6fdcd44..d5e399701dc 100644 --- a/pkgs/development/python-modules/nipy/default.nix +++ b/pkgs/development/python-modules/nipy/default.nix @@ -21,7 +21,7 @@ buildPythonPackage rec { sha256 = "a8a2c97ce854fece4aced5a6394b9fdca5846150ad6d2a36b86590924af3c848"; }; - buildInputs = lib.optional doCheck [ nose ]; + buildInputs = lib.optionals doCheck [ nose ]; propagatedBuildInputs = [ matplotlib nibabel numpy scipy sympy ]; checkPhase = '' # wants to be run in a different directory diff --git a/pkgs/development/python-modules/notebook/default.nix b/pkgs/development/python-modules/notebook/default.nix index 4efaaf3f9ec..fdb599466ff 100644 --- a/pkgs/development/python-modules/notebook/default.nix +++ b/pkgs/development/python-modules/notebook/default.nix @@ -68,7 +68,7 @@ buildPythonPackage rec { "sock_server" "test_list_formats" # tries to find python MIME type "KernelCullingTest" # has a race condition failing on slower hardware - ] ++ lib.optional stdenv.isDarwin [ + ] ++ lib.optionals stdenv.isDarwin [ "test_delete" "test_checkpoints_follow_file" ]; diff --git a/pkgs/development/python-modules/numba/default.nix b/pkgs/development/python-modules/numba/default.nix index 2ca0e08ba5b..965130658c4 100644 --- a/pkgs/development/python-modules/numba/default.nix +++ b/pkgs/development/python-modules/numba/default.nix @@ -40,7 +40,7 @@ in buildPythonPackage rec { NIX_CFLAGS_COMPILE = lib.optionalString stdenv.isDarwin "-I${lib.getDev libcxx}/include/c++/v1"; - nativeBuildInputs = lib.optional cudaSupport [ + nativeBuildInputs = lib.optionals cudaSupport [ addOpenGLRunpath ]; diff --git a/pkgs/development/python-modules/paho-mqtt/default.nix b/pkgs/development/python-modules/paho-mqtt/default.nix index fb249acf633..e25f5474868 100644 --- a/pkgs/development/python-modules/paho-mqtt/default.nix +++ b/pkgs/development/python-modules/paho-mqtt/default.nix @@ -22,7 +22,7 @@ buildPythonPackage rec { checkInputs = [ pytestCheckHook six - ] ++ lib.optional (!isPy3k) [ + ] ++ lib.optionals (!isPy3k) [ mock ]; diff --git a/pkgs/development/python-modules/peewee/default.nix b/pkgs/development/python-modules/peewee/default.nix index 0afb0dab52e..089088a09bd 100644 --- a/pkgs/development/python-modules/peewee/default.nix +++ b/pkgs/development/python-modules/peewee/default.nix @@ -34,9 +34,9 @@ buildPythonPackage rec { propagatedBuildInputs = [ apsw - ] ++ lib.optional withPostgres [ + ] ++ lib.optionals withPostgres [ psycopg2 - ] ++ lib.optional withMysql [ + ] ++ lib.optionals withMysql [ mysql-connector ]; diff --git a/pkgs/development/python-modules/phonemizer/default.nix b/pkgs/development/python-modules/phonemizer/default.nix index 550a4fefd25..38e5f8533eb 100644 --- a/pkgs/development/python-modules/phonemizer/default.nix +++ b/pkgs/development/python-modules/phonemizer/default.nix @@ -1,7 +1,7 @@ { lib , stdenv , substituteAll -, buildPythonApplication +, buildPythonPackage , fetchPypi , joblib , segments @@ -13,17 +13,18 @@ , pytest-cov }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "phonemizer"; version = "3.2.1"; + format = "setuptools"; src = fetchPypi { inherit pname version; - sha256 = "sha256-Bo+F+FqKmtxjijeHrqyvcaU+R1eLEtdzwJdDNQDNiSs="; + hash = "sha256-Bo+F+FqKmtxjijeHrqyvcaU+R1eLEtdzwJdDNQDNiSs="; }; postPatch = '' - sed -i -e '/\'pytest-runner\'/d setup.py + sed -i '/pytest-runner/d setup.py ''; patches = [ diff --git a/pkgs/development/python-modules/pillow-simd/default.nix b/pkgs/development/python-modules/pillow-simd/default.nix index e856c2f5785..b39a86a7fbf 100644 --- a/pkgs/development/python-modules/pillow-simd/default.nix +++ b/pkgs/development/python-modules/pillow-simd/default.nix @@ -1,5 +1,5 @@ { lib, stdenv, buildPythonPackage, fetchFromGitHub, isPyPy, isPy3k -, olefile, freetype, libjpeg, zlib, libtiff, libwebp, tcl, lcms2 +, olefile, freetype, libjpeg, zlib, libtiff, libwebp, libxcrypt, tcl, lcms2 , libxcb, tk, libX11, openjpeg, libimagequant, pyroma, numpy, defusedxml , pytestCheckHook }@args: diff --git a/pkgs/development/python-modules/pillow/default.nix b/pkgs/development/python-modules/pillow/default.nix index 017069a7dd2..6e50be53f99 100644 --- a/pkgs/development/python-modules/pillow/default.nix +++ b/pkgs/development/python-modules/pillow/default.nix @@ -4,7 +4,7 @@ , pythonOlder , fetchPypi , isPyPy -, defusedxml, olefile, freetype, libjpeg, zlib, libtiff, libwebp, tcl, lcms2, tk, libX11 +, defusedxml, olefile, freetype, libjpeg, zlib, libtiff, libwebp, libxcrypt, tcl, lcms2, tk, libX11 , libxcb, openjpeg, libimagequant, pyroma, numpy, pytestCheckHook # for passthru.tests , imageio, matplotlib, pilkit, pydicom, reportlab diff --git a/pkgs/development/python-modules/pillow/generic.nix b/pkgs/development/python-modules/pillow/generic.nix index ec4f0526382..54f73075107 100644 --- a/pkgs/development/python-modules/pillow/generic.nix +++ b/pkgs/development/python-modules/pillow/generic.nix @@ -38,7 +38,7 @@ buildPythonPackage rec { checkInputs = [ pytestCheckHook pyroma numpy ]; - buildInputs = [ freetype libjpeg openjpeg libimagequant zlib libtiff libwebp tcl lcms2 ] + buildInputs = [ freetype libjpeg openjpeg libimagequant zlib libtiff libwebp libxcrypt tcl lcms2 ] ++ lib.optionals (lib.versionAtLeast version "7.1.0") [ libxcb ] ++ lib.optionals (isPyPy) [ tk libX11 ]; diff --git a/pkgs/development/python-modules/poetry-core/default.nix b/pkgs/development/python-modules/poetry-core/default.nix index 737985ece24..e90529dac6d 100644 --- a/pkgs/development/python-modules/poetry-core/default.nix +++ b/pkgs/development/python-modules/poetry-core/default.nix @@ -15,15 +15,16 @@ buildPythonPackage rec { pname = "poetry-core"; - version = "1.1.0"; + version = "1.3.2"; format = "pyproject"; + disabled = pythonOlder "3.7"; src = fetchFromGitHub { owner = "python-poetry"; repo = pname; rev = version; - sha256 = "sha256-WUgBrO9h1E7N2SVFD47UPv39DMx1yQviV5tcNPmR+/g="; + hash = "sha256-3Ryfq0MwrL/mKP8DmkhLOyFlulf3c73z9fFIzMuqOrg="; }; propagatedBuildInputs = lib.optionals (pythonOlder "3.8") [ @@ -41,13 +42,20 @@ buildPythonPackage rec { virtualenv ]; - # requires git history to work correctly - disabledTests = [ "default_with_excluded_data" "default_src_with_excluded_data" ]; + # Requires git history to work correctly + disabledTests = [ + "default_with_excluded_data" + "default_src_with_excluded_data" + ]; - pythonImportsCheck = [ "poetry.core" ]; + pythonImportsCheck = [ + "poetry.core" + ]; - # allow for package to use pep420's native namespaces - pythonNamespaces = [ "poetry" ]; + # Allow for package to use pep420's native namespaces + pythonNamespaces = [ + "poetry" + ]; meta = with lib; { description = "Core utilities for Poetry"; diff --git a/pkgs/development/python-modules/poetry-plugin-export/default.nix b/pkgs/development/python-modules/poetry-plugin-export/default.nix index bd953fb6127..bbf6013e4fd 100644 --- a/pkgs/development/python-modules/poetry-plugin-export/default.nix +++ b/pkgs/development/python-modules/poetry-plugin-export/default.nix @@ -6,14 +6,14 @@ buildPythonPackage rec { pname = "poetry-plugin-export"; - version = "1.0.6"; + version = "1.1.2"; format = "pyproject"; src = fetchFromGitHub { owner = "python-poetry"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-wZbXIAGKTvbcYN1Sx9MCPVIiHxHzdpbLOVShHBEWUVU="; + hash = "sha256-+BDBQwYaiddq3OQDHKmLap3ehWJe+Gh5D3TwuNXycjg="; }; postPatch = '' diff --git a/pkgs/development/python-modules/poetry/default.nix b/pkgs/development/python-modules/poetry/default.nix index 3105187c98a..81766441aaa 100644 --- a/pkgs/development/python-modules/poetry/default.nix +++ b/pkgs/development/python-modules/poetry/default.nix @@ -41,7 +41,7 @@ buildPythonPackage rec { pname = "poetry"; - version = "1.2.0"; + version = "1.2.2"; format = "pyproject"; disabled = pythonOlder "3.7"; @@ -50,7 +50,7 @@ buildPythonPackage rec { owner = "python-poetry"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-+Nsg7oPh9tAHEKt1R9C+nY9UPy+9vbf/+A6vQWgTi+4="; + hash = "sha256-huIjLv1T42HEmePCQNJpKnNxJKdyD9MlEtc2WRPOjRE="; }; postPatch = '' diff --git a/pkgs/development/python-modules/pygit2/default.nix b/pkgs/development/python-modules/pygit2/default.nix index 565cd6d67ec..413b79c562b 100644 --- a/pkgs/development/python-modules/pygit2/default.nix +++ b/pkgs/development/python-modules/pygit2/default.nix @@ -35,11 +35,11 @@ buildPythonPackage rec { propagatedBuildInputs = [ cached-property pycparser - ] ++ lib.optional (!isPyPy) [ + ] ++ lib.optionals (!isPyPy) [ cffi ]; - propagatedNativeBuildInputs = lib.optional (!isPyPy) [ + propagatedNativeBuildInputs = lib.optionals (!isPyPy) [ cffi ]; diff --git a/pkgs/development/python-modules/pyls-mypy/default.nix b/pkgs/development/python-modules/pyls-mypy/default.nix index acce4469eed..ad387106e88 100644 --- a/pkgs/development/python-modules/pyls-mypy/default.nix +++ b/pkgs/development/python-modules/pyls-mypy/default.nix @@ -38,7 +38,7 @@ buildPythonPackage rec { propagatedBuildInputs = [ mypy python-language-server configparser - ] ++ lib.optional (isPy27) [ + ] ++ lib.optionals (isPy27) [ future ]; diff --git a/pkgs/development/python-modules/pypass/default.nix b/pkgs/development/python-modules/pypass/default.nix index 85d6c9d49bb..f70e4002999 100644 --- a/pkgs/development/python-modules/pypass/default.nix +++ b/pkgs/development/python-modules/pypass/default.nix @@ -18,10 +18,8 @@ , xclip }: -# NOTE: pypass can also be used as an application, but probably the most -# important usecase is as a library. So, let's use buildPythonPackage and -# support any Python version instead of defining it as an application with -# buildPythonApplication. +# Use the `pypass` top-level attribute, if you're interested in the +# application buildPythonPackage rec { pname = "pypass"; version = "0.2.1"; diff --git a/pkgs/development/python-modules/pytest-xdist/setup-hook.sh b/pkgs/development/python-modules/pytest-xdist/setup-hook.sh index 5523a7f360f..61d0f64d1a4 100644 --- a/pkgs/development/python-modules/pytest-xdist/setup-hook.sh +++ b/pkgs/development/python-modules/pytest-xdist/setup-hook.sh @@ -3,6 +3,14 @@ pytestXdistHook() { "--numprocesses=$NIX_BUILD_CORES" "--forked" ) + + # Using --forked on darwin leads to crashes when fork safety is + # enabled. This often happens when urllib tries to request proxy + # settings on MacOS through `urllib.request.getproxies()` + # - https://github.com/python/cpython/issues/77906 + if [[ "$OSTYPE" == "darwin"* ]]; then + export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=YES + fi } # the flags should be added before pytestCheckHook runs so diff --git a/pkgs/development/python-modules/python-csxcad/default.nix b/pkgs/development/python-modules/python-csxcad/default.nix index e6f22d37b55..66c1939c7ed 100644 --- a/pkgs/development/python-modules/python-csxcad/default.nix +++ b/pkgs/development/python-modules/python-csxcad/default.nix @@ -32,7 +32,7 @@ buildPythonPackage rec { matplotlib ]; - setupPyBuildFlags = "-I${openems}/include -L${openems}/lib -R${openems}/lib"; + setupPyBuildFlags = [ "-I${openems}/include" "-L${openems}/lib" "-R${openems}/lib" ]; meta = with lib; { description = "Python interface to CSXCAD"; diff --git a/pkgs/development/python-modules/python-glanceclient/default.nix b/pkgs/development/python-modules/python-glanceclient/default.nix index 4f63cca8a8b..390aad8b55c 100644 --- a/pkgs/development/python-modules/python-glanceclient/default.nix +++ b/pkgs/development/python-modules/python-glanceclient/default.nix @@ -1,5 +1,5 @@ { lib -, buildPythonApplication +, buildPythonPackage , fetchPypi , coreutils , pbr @@ -18,7 +18,7 @@ , requests-mock }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "python-glanceclient"; version = "4.1.0"; format = "setuptools"; diff --git a/pkgs/development/python-modules/python-heatclient/default.nix b/pkgs/development/python-modules/python-heatclient/default.nix index c51c222dd6f..df1fc0dc459 100644 --- a/pkgs/development/python-modules/python-heatclient/default.nix +++ b/pkgs/development/python-modules/python-heatclient/default.nix @@ -1,6 +1,6 @@ { lib , babel -, buildPythonApplication +, buildPythonPackage , cliff , fetchPypi , iso8601 @@ -20,7 +20,7 @@ , testscenarios }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "python-heatclient"; version = "3.1.0"; format = "setuptools"; diff --git a/pkgs/development/python-modules/python-ironicclient/default.nix b/pkgs/development/python-modules/python-ironicclient/default.nix index 5f0f1d8dea5..bf41e95739e 100644 --- a/pkgs/development/python-modules/python-ironicclient/default.nix +++ b/pkgs/development/python-modules/python-ironicclient/default.nix @@ -1,5 +1,5 @@ { lib -, buildPythonApplication +, buildPythonPackage , fetchPypi , pbr , appdirs @@ -18,7 +18,7 @@ , oslotest }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "python-ironicclient"; version = "5.0.1"; diff --git a/pkgs/development/python-modules/python-manilaclient/default.nix b/pkgs/development/python-modules/python-manilaclient/default.nix index 9a9e01ff4be..301ce42f0c7 100644 --- a/pkgs/development/python-modules/python-manilaclient/default.nix +++ b/pkgs/development/python-modules/python-manilaclient/default.nix @@ -1,5 +1,5 @@ { lib -, buildPythonApplication +, buildPythonPackage , fetchPypi , installShellFiles , pbr @@ -21,7 +21,7 @@ , pythonOlder }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "python-manilaclient"; version = "4.1.0"; format = "setuptools"; diff --git a/pkgs/development/python-modules/python-miio/default.nix b/pkgs/development/python-modules/python-miio/default.nix index d1497c43bcb..32d5d542c30 100644 --- a/pkgs/development/python-modules/python-miio/default.nix +++ b/pkgs/development/python-modules/python-miio/default.nix @@ -54,7 +54,7 @@ buildPythonPackage rec { pyyaml tqdm zeroconf - ] ++ lib.optional (pythonOlder "3.8") [ + ] ++ lib.optionals (pythonOlder "3.8") [ importlib-metadata ]; diff --git a/pkgs/development/python-modules/python-openems/default.nix b/pkgs/development/python-modules/python-openems/default.nix index dd669cf5475..348f10b3aee 100644 --- a/pkgs/development/python-modules/python-openems/default.nix +++ b/pkgs/development/python-modules/python-openems/default.nix @@ -36,7 +36,7 @@ buildPythonPackage rec { h5py ]; - setupPyBuildFlags = "-I${openems}/include -L${openems}/lib -R${openems}/lib"; + setupPyBuildFlags = [ "-I${openems}/include" "-L${openems}/lib" "-R${openems}/lib" ]; pythonImportsCheck = [ "openEMS" ]; meta = with lib; { diff --git a/pkgs/development/python-modules/python-swiftclient/default.nix b/pkgs/development/python-modules/python-swiftclient/default.nix index 3329753d633..f5a15a34f0c 100644 --- a/pkgs/development/python-modules/python-swiftclient/default.nix +++ b/pkgs/development/python-modules/python-swiftclient/default.nix @@ -1,5 +1,5 @@ { lib -, buildPythonApplication +, buildPythonPackage , fetchPypi , installShellFiles , mock @@ -10,7 +10,7 @@ , stestr }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "python-swiftclient"; version = "4.1.0"; format = "setuptools"; diff --git a/pkgs/development/python-modules/python-telegram-bot/default.nix b/pkgs/development/python-modules/python-telegram-bot/default.nix index 677322fc50d..47d716d1c86 100644 --- a/pkgs/development/python-modules/python-telegram-bot/default.nix +++ b/pkgs/development/python-modules/python-telegram-bot/default.nix @@ -43,7 +43,7 @@ buildPythonPackage rec { --replace "tornado==6.1" "tornado" ''; - setupPyGlobalFlags = "--with-upstream-urllib3"; + setupPyGlobalFlags = [ "--with-upstream-urllib3" ]; # tests not included with release doCheck = false; diff --git a/pkgs/development/python-modules/pytz-deprecation-shim/default.nix b/pkgs/development/python-modules/pytz-deprecation-shim/default.nix index e438936f7e4..6ea1c2c8f2e 100644 --- a/pkgs/development/python-modules/pytz-deprecation-shim/default.nix +++ b/pkgs/development/python-modules/pytz-deprecation-shim/default.nix @@ -43,6 +43,10 @@ buildPythonPackage rec { # https://github.com/pganssle/pytz-deprecation-shim/issues/27 doCheck = pythonAtLeast "3.9"; + disabledTests = [ + "test_localize_explicit_is_dst" + ]; + meta = with lib; { description = "Shims to make deprecation of pytz easier"; homepage = "https://github.com/pganssle/pytz-deprecation-shim"; diff --git a/pkgs/development/python-modules/qutip/default.nix b/pkgs/development/python-modules/qutip/default.nix index e99deef489f..519cb9957bc 100644 --- a/pkgs/development/python-modules/qutip/default.nix +++ b/pkgs/development/python-modules/qutip/default.nix @@ -46,7 +46,7 @@ buildPythonPackage rec { ] ++ passthru.optional-dependencies.graphics; # Disabling OpenMP support on Darwin. - setupPyGlobalFlags = lib.optional (!stdenv.isDarwin) [ + setupPyGlobalFlags = lib.optionals (!stdenv.isDarwin) [ "--with-openmp" ]; diff --git a/pkgs/development/python-modules/rdflib/default.nix b/pkgs/development/python-modules/rdflib/default.nix index 1aa995d85d7..27356390cfd 100644 --- a/pkgs/development/python-modules/rdflib/default.nix +++ b/pkgs/development/python-modules/rdflib/default.nix @@ -68,7 +68,7 @@ buildPythonPackage rec { # Requires network access "test_service" "testGuessFormatForParse" - ] ++ lib.optional stdenv.isDarwin [ + ] ++ lib.optionals stdenv.isDarwin [ # Require loopback network access "TestGraphHTTP" ]; diff --git a/pkgs/development/python-modules/remarshal/default.nix b/pkgs/development/python-modules/remarshal/default.nix index 99c868eb0b8..2b7a20a2dd0 100644 --- a/pkgs/development/python-modules/remarshal/default.nix +++ b/pkgs/development/python-modules/remarshal/default.nix @@ -1,5 +1,5 @@ { lib -, buildPythonApplication +, buildPythonPackage , fetchFromGitHub # build deps @@ -16,7 +16,7 @@ , pytestCheckHook }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "remarshal"; version = "0.14.0"; format = "pyproject"; diff --git a/pkgs/development/python-modules/rfc-bibtex/default.nix b/pkgs/development/python-modules/rfc-bibtex/default.nix deleted file mode 100644 index b9b7cdb76c4..00000000000 --- a/pkgs/development/python-modules/rfc-bibtex/default.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ lib, buildPythonApplication, fetchPypi, isPy3k }: - -buildPythonApplication rec { - pname = "rfc-bibtex"; - version = "0.3.2"; - - src = fetchPypi { - inherit pname version; - sha256 = "60419a2043ef37ac2438f3eae7a3207d0a4cb2dd56ab21697f874a35ee52927f"; - }; - - disabled = !isPy3k; - - meta = with lib; { - homepage = "https://github.com/iluxonchik/rfc-bibtex/"; - description = "Generate Bibtex entries for IETF RFCs and Internet-Drafts"; - license = licenses.mit; - maintainers = with maintainers; [ teto ]; - }; -} diff --git a/pkgs/development/python-modules/rich/default.nix b/pkgs/development/python-modules/rich/default.nix index 36e7ca24fbd..c2cd935c651 100644 --- a/pkgs/development/python-modules/rich/default.nix +++ b/pkgs/development/python-modules/rich/default.nix @@ -35,9 +35,9 @@ buildPythonPackage rec { propagatedBuildInputs = [ CommonMark pygments - ] ++ lib.optional (pythonOlder "3.7") [ + ] ++ lib.optionals (pythonOlder "3.7") [ dataclasses - ] ++ lib.optional (pythonOlder "3.9") [ + ] ++ lib.optionals (pythonOlder "3.9") [ typing-extensions ]; diff --git a/pkgs/development/python-modules/scipy/default.nix b/pkgs/development/python-modules/scipy/default.nix index aa578d21d25..e791454b901 100644 --- a/pkgs/development/python-modules/scipy/default.nix +++ b/pkgs/development/python-modules/scipy/default.nix @@ -54,6 +54,7 @@ buildPythonPackage rec { checkPhase = '' runHook preCheck pushd "$out" + export OMP_NUM_THREADS=$(( $NIX_BUILD_CORES / 4 )) ${python.interpreter} -c "import scipy; scipy.test('fast', verbose=10, parallel=$NIX_BUILD_CORES)" popd runHook postCheck diff --git a/pkgs/development/python-modules/screeninfo/default.nix b/pkgs/development/python-modules/screeninfo/default.nix index f67d68b0ddd..574d3159494 100644 --- a/pkgs/development/python-modules/screeninfo/default.nix +++ b/pkgs/development/python-modules/screeninfo/default.nix @@ -1,6 +1,6 @@ { stdenv , lib -, buildPythonApplication +, buildPythonPackage , dataclasses , fetchFromGitHub , libX11 @@ -11,7 +11,7 @@ , pythonOlder }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "screeninfo"; version = "0.8.1"; format = "pyproject"; diff --git a/pkgs/development/python-modules/simple-di/default.nix b/pkgs/development/python-modules/simple-di/default.nix index c79b58f8a62..150eb52f8d4 100644 --- a/pkgs/development/python-modules/simple-di/default.nix +++ b/pkgs/development/python-modules/simple-di/default.nix @@ -23,7 +23,7 @@ buildPythonPackage rec { propagatedBuildInputs = [ setuptools typing-extensions - ] ++ lib.optional (pythonOlder "3.7") [ + ] ++ lib.optionals (pythonOlder "3.7") [ dataclasses ]; diff --git a/pkgs/development/python-modules/spacy/default.nix b/pkgs/development/python-modules/spacy/default.nix index cc1c01adf28..f197b1080fb 100644 --- a/pkgs/development/python-modules/spacy/default.nix +++ b/pkgs/development/python-modules/spacy/default.nix @@ -63,7 +63,7 @@ buildPythonPackage rec { tqdm typer wasabi - ] ++ lib.optional (pythonOlder "3.8") [ + ] ++ lib.optionals (pythonOlder "3.8") [ typing-extensions ]; diff --git a/pkgs/development/python-modules/sphinx/default.nix b/pkgs/development/python-modules/sphinx/default.nix index 0983fb7e7a7..5a27f04bd0e 100644 --- a/pkgs/development/python-modules/sphinx/default.nix +++ b/pkgs/development/python-modules/sphinx/default.nix @@ -107,7 +107,7 @@ buildPythonPackage rec { # requires imagemagick (increases build closure size), doesn't # test anything substantial "test_ext_imgconverter" - ] ++ lib.optional stdenv.isDarwin [ + ] ++ lib.optionals stdenv.isDarwin [ # Due to lack of network sandboxing can't guarantee port 7777 isn't bound "test_inspect_main_url" "test_auth_header_uses_first_match" diff --git a/pkgs/development/python-modules/starlette/default.nix b/pkgs/development/python-modules/starlette/default.nix index d1e8f789fc3..78a428a2a72 100644 --- a/pkgs/development/python-modules/starlette/default.nix +++ b/pkgs/development/python-modules/starlette/default.nix @@ -50,7 +50,7 @@ buildPythonPackage rec { typing-extensions ] ++ lib.optionals (pythonOlder "3.7") [ contextlib2 - ] ++ lib.optional stdenv.isDarwin [ + ] ++ lib.optionals stdenv.isDarwin [ ApplicationServices ]; diff --git a/pkgs/development/python-modules/sybil/default.nix b/pkgs/development/python-modules/sybil/default.nix index 41baf697fff..2667f0af546 100644 --- a/pkgs/development/python-modules/sybil/default.nix +++ b/pkgs/development/python-modules/sybil/default.nix @@ -1,11 +1,11 @@ { lib -, buildPythonApplication +, buildPythonPackage , fetchPypi , pytestCheckHook , pythonOlder }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "sybil"; version = "3.0.1"; format = "setuptools"; diff --git a/pkgs/development/python-modules/tempest/default.nix b/pkgs/development/python-modules/tempest/default.nix index 7f50fc8f302..654c8a9e2ab 100644 --- a/pkgs/development/python-modules/tempest/default.nix +++ b/pkgs/development/python-modules/tempest/default.nix @@ -1,5 +1,5 @@ { lib -, buildPythonApplication +, buildPythonPackage , fetchPypi , pbr , cliff @@ -26,7 +26,7 @@ , python }: -buildPythonApplication rec { +buildPythonPackage rec { pname = "tempest"; version = "32.0.0"; diff --git a/pkgs/development/python-modules/tensorflow/bin.nix b/pkgs/development/python-modules/tensorflow/bin.nix index b266f837f84..ca3c818d34a 100644 --- a/pkgs/development/python-modules/tensorflow/bin.nix +++ b/pkgs/development/python-modules/tensorflow/bin.nix @@ -82,7 +82,7 @@ in buildPythonPackage { ++ lib.optionals (pythonOlder "3.4") [ backports_weakref ]; # remove patchelfUnstable once patchelf 0.14 with https://github.com/NixOS/patchelf/pull/256 becomes the default - nativeBuildInputs = [ wheel ] ++ lib.optional cudaSupport [ addOpenGLRunpath patchelfUnstable ]; + nativeBuildInputs = [ wheel ] ++ lib.optionals cudaSupport [ addOpenGLRunpath patchelfUnstable ]; preConfigure = '' unset SOURCE_DATE_EPOCH diff --git a/pkgs/development/python-modules/tensorflow/default.nix b/pkgs/development/python-modules/tensorflow/default.nix index 31fff483205..c8308b2f80a 100644 --- a/pkgs/development/python-modules/tensorflow/default.nix +++ b/pkgs/development/python-modules/tensorflow/default.nix @@ -483,7 +483,7 @@ in buildPythonPackage { ]; # remove patchelfUnstable once patchelf 0.14 with https://github.com/NixOS/patchelf/pull/256 becomes the default - nativeBuildInputs = lib.optional cudaSupport [ addOpenGLRunpath patchelfUnstable ]; + nativeBuildInputs = lib.optionals cudaSupport [ addOpenGLRunpath patchelfUnstable ]; postFixup = lib.optionalString cudaSupport '' find $out -type f \( -name '*.so' -or -name '*.so.*' \) | while read lib; do diff --git a/pkgs/development/python-modules/thinc/default.nix b/pkgs/development/python-modules/thinc/default.nix index 51ee2803f3c..6da1ae89445 100644 --- a/pkgs/development/python-modules/thinc/default.nix +++ b/pkgs/development/python-modules/thinc/default.nix @@ -66,9 +66,9 @@ buildPythonPackage rec { tqdm pydantic wasabi - ] ++ lib.optional (pythonOlder "3.8") [ + ] ++ lib.optionals (pythonOlder "3.8") [ typing-extensions - ] ++ lib.optional (pythonOlder "3.7") [ + ] ++ lib.optionals (pythonOlder "3.7") [ contextvars dataclasses ]; diff --git a/pkgs/development/python-modules/threadpoolctl/default.nix b/pkgs/development/python-modules/threadpoolctl/default.nix index 3a0b523784a..c55bb108530 100644 --- a/pkgs/development/python-modules/threadpoolctl/default.nix +++ b/pkgs/development/python-modules/threadpoolctl/default.nix @@ -22,11 +22,25 @@ buildPythonPackage rec { sha256 = "sha256-/qt7cgFbvpc1BLZC7a4S0RToqSggKXAqF1Xr6xOqzw8="; }; - checkInputs = [ pytestCheckHook numpy scipy ]; + checkInputs = [ + pytestCheckHook + numpy + scipy + ]; + disabledTests = [ # accepts a limited set of cpu models based on project # developers' hardware "test_architecture" + # https://github.com/joblib/threadpoolctl/issues/128 + "test_threadpool_limits_by_prefix" + "test_controller_info_actualized" + "test_command_line_command_flag" + "test_command_line_import_flag" + ]; + + pythonImportsCheck = [ + "threadpoolctl" ]; meta = with lib; { diff --git a/pkgs/development/python-modules/torch/default.nix b/pkgs/development/python-modules/torch/default.nix index 672fcf75d33..2c619f46ac3 100644 --- a/pkgs/development/python-modules/torch/default.nix +++ b/pkgs/development/python-modules/torch/default.nix @@ -25,6 +25,8 @@ # ninja (https://ninja-build.org) must be available to run C++ extensions tests, ninja, + linuxHeaders_5_19, + # dependencies for torch.utils.tensorboard pillow, six, future, tensorboard, protobuf, @@ -224,6 +226,7 @@ in buildPythonPackage rec { ] ++ lib.optionals cudaSupport [ cudatoolkit_joined ]; buildInputs = [ blas blas.provider pybind11 ] + ++ [ linuxHeaders_5_19 ] # TMP: avoid "flexible array member" errors for now ++ lib.optionals cudaSupport [ cudnn magma nccl ] ++ lib.optionals stdenv.isLinux [ numactl ] ++ lib.optionals stdenv.isDarwin [ CoreServices libobjc ]; diff --git a/pkgs/development/python-modules/twisted/default.nix b/pkgs/development/python-modules/twisted/default.nix index fa6c4726222..fae5ef8cf10 100644 --- a/pkgs/development/python-modules/twisted/default.nix +++ b/pkgs/development/python-modules/twisted/default.nix @@ -97,6 +97,9 @@ buildPythonPackage rec { echo 'MulticastTests.test_multicast.skip = "Reactor was unclean"'>> src/twisted/test/test_udp.py echo 'MulticastTests.test_multiListen.skip = "No such device"'>> src/twisted/test/test_udp.py + # fails since migrating to libxcrypt + echo 'HelperTests.test_refuteCryptedPassword.skip = "OSError: Invalid argument"' >> src/twisted/conch/test/test_checkers.py + # not packaged substituteInPlace src/twisted/test/test_failure.py \ --replace "from cython_test_exception_raiser import raiser # type: ignore[import]" "raiser = None" diff --git a/pkgs/development/python-modules/tzdata/default.nix b/pkgs/development/python-modules/tzdata/default.nix index c701d3683cd..d1fed0b21fa 100644 --- a/pkgs/development/python-modules/tzdata/default.nix +++ b/pkgs/development/python-modules/tzdata/default.nix @@ -25,7 +25,7 @@ buildPythonPackage rec { checkInputs = [ pytestCheckHook pytest-subtests - ] ++ lib.optional (pythonOlder "3.7") [ + ] ++ lib.optionals (pythonOlder "3.7") [ importlib-resources ]; diff --git a/pkgs/development/python-modules/wandb/default.nix b/pkgs/development/python-modules/wandb/default.nix index b1ad380f04b..090b7a24765 100644 --- a/pkgs/development/python-modules/wandb/default.nix +++ b/pkgs/development/python-modules/wandb/default.nix @@ -157,7 +157,7 @@ buildPythonPackage rec { # Disable test that fails on darwin due to issue with python3Packages.psutil: # https://github.com/giampaolo/psutil/issues/1219 - disabledTests = lib.optional stdenv.isDarwin [ + disabledTests = lib.optionals stdenv.isDarwin [ "test_tpu_system_stats" ]; diff --git a/pkgs/development/python-modules/web3/default.nix b/pkgs/development/python-modules/web3/default.nix index b07bc9cee9d..8515ccda362 100644 --- a/pkgs/development/python-modules/web3/default.nix +++ b/pkgs/development/python-modules/web3/default.nix @@ -56,7 +56,7 @@ buildPythonPackage rec { protobuf requests websockets - ] ++ lib.optional (pythonOlder "3.8") [ + ] ++ lib.optionals (pythonOlder "3.8") [ typing-extensions ] ++ eth-hash.optional-dependencies.pycryptodome; diff --git a/pkgs/development/python-modules/yamllint/default.nix b/pkgs/development/python-modules/yamllint/default.nix index 58d47d1fff9..ca092cef8c7 100644 --- a/pkgs/development/python-modules/yamllint/default.nix +++ b/pkgs/development/python-modules/yamllint/default.nix @@ -30,7 +30,7 @@ buildPythonPackage rec { disabledTests = [ # test failure reported upstream: https://github.com/adrienverge/yamllint/issues/373 "test_find_files_recursively" - ] ++ lib.optional stdenv.isDarwin [ + ] ++ lib.optionals stdenv.isDarwin [ # locale tests are broken on BSDs; see https://github.com/adrienverge/yamllint/issues/307 "test_locale_accents" "test_locale_case" diff --git a/pkgs/development/python-modules/yolk/default.nix b/pkgs/development/python-modules/yolk/default.nix deleted file mode 100644 index d241e3f8edc..00000000000 --- a/pkgs/development/python-modules/yolk/default.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ lib, fetchurl, buildPythonApplication, pythonPackages }: - -with lib; - -buildPythonApplication rec { - pname = "yolk"; - version = "0.4.3"; - - src = fetchurl { - url = "mirror://pypi/y/yolk/yolk-${version}.tar.gz"; - sha256 = "1f6xwx210jnl5nq0m3agh2p1cxmaizawaf3fwq43q4yw050fn1qw"; - }; - - buildInputs = with pythonPackages; [ nose ]; - - meta = { - description = "Command-line tool for querying PyPI and Python packages installed on your system"; - homepage = "https://github.com/cakebread/yolk"; - maintainers = with maintainers; []; - license = licenses.bsd3; - }; -} - diff --git a/pkgs/development/ruby-modules/bundler-app/default.nix b/pkgs/development/ruby-modules/bundler-app/default.nix index 826ce9e5937..5bb9e47cf5a 100644 --- a/pkgs/development/ruby-modules/bundler-app/default.nix +++ b/pkgs/development/ruby-modules/bundler-app/default.nix @@ -35,7 +35,9 @@ }@args: let - basicEnv = (callPackage ../bundled-common {}) args; + basicEnv = (callPackage ../bundled-common { + inherit ruby; + }) args; cmdArgs = removeAttrs args [ "pname" "postBuild" "gemConfig" "passthru" "gemset" "gemdir" ] // { inherit preferLocalBuild allowSubstitutes; # pass the defaults diff --git a/pkgs/development/ruby-modules/bundler/default.nix b/pkgs/development/ruby-modules/bundler/default.nix index 4961173658e..13848a602dc 100644 --- a/pkgs/development/ruby-modules/bundler/default.nix +++ b/pkgs/development/ruby-modules/bundler/default.nix @@ -4,8 +4,8 @@ buildRubyGem rec { inherit ruby; name = "${gemName}-${version}"; gemName = "bundler"; - version = "2.3.22"; - source.sha256 = "sha256-vOfZB6poOsiYPULaGhUXD9aSxlBGeK2ghF70ouz0IJ4="; + version = "2.3.23"; + source.sha256 = "sha256-xYrUhtzNfN3X9r8GqGj9d1aeZkcPozFrk/2c9oVkKx8="; dontPatchShebangs = true; passthru.updateScript = writeScript "gem-update-script" '' diff --git a/pkgs/development/ruby-modules/gem-config/default.nix b/pkgs/development/ruby-modules/gem-config/default.nix index 0fbab154062..2885eeb0411 100644 --- a/pkgs/development/ruby-modules/gem-config/default.nix +++ b/pkgs/development/ruby-modules/gem-config/default.nix @@ -545,6 +545,10 @@ in buildInputs = [ openssl ]; }; + "pygments.rb" = attrs: { + buildInputs = [ python3 ]; + }; + rack = attrs: { meta.mainProgram = "rackup"; }; diff --git a/pkgs/development/tools/analysis/radare2/default.nix b/pkgs/development/tools/analysis/radare2/default.nix index 63594300e83..905e78fd765 100644 --- a/pkgs/development/tools/analysis/radare2/default.nix +++ b/pkgs/development/tools/analysis/radare2/default.nix @@ -97,10 +97,10 @@ stdenv.mkDerivation rec { zlib openssl libuv - ] ++ lib.optional useX11 [ gtkdialog vte gtk2 ] - ++ lib.optional rubyBindings [ ruby ] - ++ lib.optional pythonBindings [ python3 ] - ++ lib.optional luaBindings [ lua ]; + ] ++ lib.optionals useX11 [ gtkdialog vte gtk2 ] + ++ lib.optionals rubyBindings [ ruby ] + ++ lib.optionals pythonBindings [ python3 ] + ++ lib.optionals luaBindings [ lua ]; propagatedBuildInputs = [ # radare2 exposes r_lib which depends on these libraries diff --git a/pkgs/development/tools/analysis/rr/default.nix b/pkgs/development/tools/analysis/rr/default.nix index 733bd2f969c..e9437d718cf 100644 --- a/pkgs/development/tools/analysis/rr/default.nix +++ b/pkgs/development/tools/analysis/rr/default.nix @@ -1,4 +1,6 @@ -{ lib, stdenv, fetchFromGitHub, cmake, libpfm, zlib, pkg-config, python3Packages, which, procps, gdb, capnproto }: +{ lib, stdenv, fetchFromGitHub, fetchpatch +, cmake, libpfm, zlib, pkg-config, python3Packages, which, procps, gdb, capnproto +}: stdenv.mkDerivation rec { version = "5.6.0"; @@ -11,6 +13,14 @@ stdenv.mkDerivation rec { sha256 = "H39HPkAQGubXVQV3jCpH4Pz+7Q9n03PrS70utk7Tt2k="; }; + patches = [ + (fetchpatch { + name = "fix-flexible-array-member.patch"; + url = "https://github.com/rr-debugger/rr/commit/2979c60ef8bbf7c940afd90172ddc5d8863f766e.diff"; + sha256 = "cmdCJetQr3ELPOyWl37h1fGfG/xvaiJpywxIAnqb5YY="; + }) + ]; + postPatch = '' substituteInPlace src/Command.cc --replace '_BSD_SOURCE' '_DEFAULT_SOURCE' sed '7i#include <math.h>' -i src/Scheduler.cc diff --git a/pkgs/development/tools/analysis/rr/zen_workaround.nix b/pkgs/development/tools/analysis/rr/zen_workaround.nix index 193e70d0d95..3ec69aabf8d 100644 --- a/pkgs/development/tools/analysis/rr/zen_workaround.nix +++ b/pkgs/development/tools/analysis/rr/zen_workaround.nix @@ -22,7 +22,7 @@ stdenv.mkDerivation rec { postConfigure = '' makeFlags="$makeFlags M=$(pwd)" ''; - buildFlags = "modules"; + buildFlags = [ "modules" ]; installPhase = let modDestDir = "$out/lib/modules/${kernel.modDirVersion}/kernel"; #TODO: longer path? diff --git a/pkgs/development/tools/analysis/sparse/default.nix b/pkgs/development/tools/analysis/sparse/default.nix index ecc57a58b4b..7842954cde6 100644 --- a/pkgs/development/tools/analysis/sparse/default.nix +++ b/pkgs/development/tools/analysis/sparse/default.nix @@ -20,7 +20,7 @@ in stdenv.mkDerivation rec { nativeBuildInputs = [ pkg-config ]; buildInputs = [ gtk3 libxml2 llvm perl sqlite ]; doCheck = true; - buildFlags = "GCC_BASE:=${GCC_BASE}"; + buildFlags = [ "GCC_BASE:=${GCC_BASE}" ]; passthru.tests = { simple-execution = callPackage ./tests.nix { }; diff --git a/pkgs/development/python-modules/codespell/default.nix b/pkgs/development/tools/codespell/default.nix index 016ffadd0bc..87fab56778c 100644 --- a/pkgs/development/python-modules/codespell/default.nix +++ b/pkgs/development/tools/codespell/default.nix @@ -1,17 +1,13 @@ { lib -, aspell-python -, aspellDicts -, buildPythonApplication -, chardet , fetchFromGitHub -, pytestCheckHook -, pytest-dependency -, setuptools-scm +, aspellDicts +, python3 }: -buildPythonApplication rec { +python3.pkgs.buildPythonApplication rec { pname = "codespell"; version = "2.2.2"; + format = "pyproject"; src = fetchFromGitHub { owner = "codespell-project"; @@ -26,17 +22,19 @@ buildPythonApplication rec { --replace "--cov-report=" "" ''; - nativeBuildInputs = [ setuptools-scm ]; - - SETUPTOOLS_SCM_PRETEND_VERSION = version; + nativeBuildInputs = with python3.pkgs; [ + setuptools-scm + ]; - checkInputs = [ + checkInputs = with python3.pkgs; [ aspell-python chardet pytestCheckHook pytest-dependency ]; + SETUPTOOLS_SCM_PRETEND_VERSION = version; + preCheck = '' export ASPELL_CONF="dict-dir ${aspellDicts.en}/lib/aspell" ''; diff --git a/pkgs/development/tools/database/prisma-engines/default.nix b/pkgs/development/tools/database/prisma-engines/default.nix index 515551cbd02..19fa3f18d61 100644 --- a/pkgs/development/tools/database/prisma-engines/default.nix +++ b/pkgs/development/tools/database/prisma-engines/default.nix @@ -45,7 +45,13 @@ rustPlatform.buildRustPackage rec { export SQLITE_MAX_EXPR_DEPTH=10000 ''; - cargoBuildFlags = "-p query-engine -p query-engine-node-api -p migration-engine-cli -p introspection-core -p prisma-fmt"; + cargoBuildFlags = [ + "-p" "query-engine" + "-p" "query-engine-node-api" + "-p" "migration-engine-cli" + "-p" "introspection-core" + "-p" "prisma-fmt" + ]; postInstall = '' mv $out/lib/libquery_engine${stdenv.hostPlatform.extensions.sharedLibrary} $out/lib/libquery_engine.node diff --git a/pkgs/development/tools/godot/default.nix b/pkgs/development/tools/godot/default.nix index f04d4e9ab7c..97c9786e8fd 100644 --- a/pkgs/development/tools/godot/default.nix +++ b/pkgs/development/tools/godot/default.nix @@ -67,7 +67,7 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; - sconsFlags = "target=release_debug platform=x11"; + sconsFlags = [ "target=release_debug" "platform=x11" ]; preConfigure = '' sconsFlags+=" ${ lib.concatStringsSep " " diff --git a/pkgs/development/tools/godot/export-templates.nix b/pkgs/development/tools/godot/export-templates.nix index 9d306365f19..74a78573a98 100644 --- a/pkgs/development/tools/godot/export-templates.nix +++ b/pkgs/development/tools/godot/export-templates.nix @@ -3,7 +3,7 @@ # https://docs.godotengine.org/en/stable/development/compiling/compiling_for_x11.html#building-export-templates godot.overrideAttrs (oldAttrs: rec { pname = "godot-export-templates"; - sconsFlags = "target=release platform=x11 tools=no"; + sconsFlags = [ "target=release" "platform=x11" "tools=no" ]; installPhase = '' # The godot export command expects the export templates at # .../share/godot/templates/3.2.3.stable with 3.2.3 being the godot version. diff --git a/pkgs/development/tools/godot/headless.nix b/pkgs/development/tools/godot/headless.nix index a8d640eba1a..3e43a4f27f0 100644 --- a/pkgs/development/tools/godot/headless.nix +++ b/pkgs/development/tools/godot/headless.nix @@ -1,7 +1,7 @@ { godot, lib }: godot.overrideAttrs (oldAttrs: rec { pname = "godot-headless"; - sconsFlags = "target=release_debug platform=server tools=yes"; + sconsFlags = [ "target=release_debug" "platform=server" "tools=yes" ]; installPhase = '' mkdir -p "$out/bin" cp bin/godot_server.* $out/bin/godot-headless diff --git a/pkgs/development/tools/godot/server.nix b/pkgs/development/tools/godot/server.nix index 4254dc746b6..06adf1bbfeb 100644 --- a/pkgs/development/tools/godot/server.nix +++ b/pkgs/development/tools/godot/server.nix @@ -1,7 +1,7 @@ { godot, lib }: godot.overrideAttrs (oldAttrs: rec { pname = "godot-server"; - sconsFlags = "target=release platform=server tools=no"; + sconsFlags = [ "target=release" "platform=server" "tools=no" ]; installPhase = '' mkdir -p "$out/bin" cp bin/godot_server.* $out/bin/godot-server diff --git a/pkgs/development/tools/libsigrokdecode/default.nix b/pkgs/development/tools/libsigrokdecode/default.nix index 06b5f5c35bb..672dddfc5ca 100644 --- a/pkgs/development/tools/libsigrokdecode/default.nix +++ b/pkgs/development/tools/libsigrokdecode/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, pkg-config, glib, python3, check }: +{ lib, stdenv, fetchurl, pkg-config, glib, python3, check, libxcrypt }: stdenv.mkDerivation rec { pname = "libsigrokdecode"; @@ -10,7 +10,7 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ pkg-config ]; - buildInputs = [ glib python3 ]; + buildInputs = [ glib python3 libxcrypt ]; checkInputs = [ check ]; doCheck = true; diff --git a/pkgs/development/tools/misc/bashdb/default.nix b/pkgs/development/tools/misc/bashdb/default.nix index 918dd90aa83..c7d261e6f5a 100644 --- a/pkgs/development/tools/misc/bashdb/default.nix +++ b/pkgs/development/tools/misc/bashdb/default.nix @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { sha256 = "19zfzcnxavndyn6kfxp775kjcd0gigsm4y3bnh6fz5ilhnnbbbgr"; }) ]; - patchFlags = "-p0"; + patchFlags = [ "-p0" ]; nativeBuildInputs = [ makeWrapper diff --git a/pkgs/development/tools/misc/luarocks/default.nix b/pkgs/development/tools/misc/luarocks/default.nix index 01b0f39567e..da61e1f8a41 100644 --- a/pkgs/development/tools/misc/luarocks/default.nix +++ b/pkgs/development/tools/misc/luarocks/default.nix @@ -1,23 +1,30 @@ -{lib, stdenv, fetchFromGitHub, buildPackages +{ lib +, stdenv +, fetchFromGitHub , fetchpatch -, curl, makeWrapper, which, unzip +, curl +, makeWrapper +, which +, unzip , lua -# for 'luarocks pack' +, file +, nix-prefetch-git + # for 'luarocks pack' , zip , nix-update-script -# some packages need to be compiled with cmake + # some packages need to be compiled with cmake , cmake , installShellFiles }: -stdenv.mkDerivation rec { +stdenv.mkDerivation (self: { pname = "luarocks"; version = "3.9.1"; src = fetchFromGitHub { owner = "luarocks"; repo = "luarocks"; - rev = "v${version}"; + rev = "v${self.version}"; sha256 = "sha256-G6HDap3pspeQtGDBq+ukN7kftDaT/CozMVdYM60F6HI="; }; @@ -67,12 +74,16 @@ stdenv.mkDerivation rec { --suffix LUA_PATH ";" "$(echo "$out"/share/lua/*/)?.lua" \ --suffix LUA_PATH ";" "$(echo "$out"/share/lua/*/)?/init.lua" \ --suffix LUA_CPATH ";" "$(echo "$out"/lib/lua/*/)?.so" \ - --suffix LUA_CPATH ";" "$(echo "$out"/share/lua/*/)?/init.lua" + --suffix LUA_CPATH ";" "$(echo "$out"/share/lua/*/)?/init.lua" \ + --suffix PATH : ${lib.makeBinPath ([ unzip ] ++ + lib.optionals (self.pname == "luarocks-nix") [ file nix-prefetch-git ])} } done '' + lib.optionalString (stdenv.buildPlatform.canExecute stdenv.hostPlatform) '' - installShellCompletion --cmd luarocks --bash <($out/bin/luarocks completion bash) - installShellCompletion --cmd luarocks --zsh <($out/bin/luarocks completion zsh) + installShellCompletion --cmd luarocks \ + --bash <($out/bin/luarocks completion bash) \ + --fish <($out/bin/luarocks completion fish) \ + --zsh <($out/bin/luarocks completion zsh) ''; propagatedBuildInputs = [ zip unzip cmake ]; @@ -94,15 +105,15 @@ stdenv.mkDerivation rec { passthru = { updateScript = nix-update-script { - attrPath = pname; + attrPath = self.pname; }; }; meta = with lib; { description = "A package manager for Lua"; - license = licenses.mit ; - maintainers = with maintainers; [raskin teto]; + license = licenses.mit; + maintainers = with maintainers; [ raskin teto ]; platforms = platforms.linux ++ platforms.darwin; downloadPage = "http://luarocks.org/releases/"; }; -} +}) diff --git a/pkgs/development/tools/misc/pahole/default.nix b/pkgs/development/tools/misc/pahole/default.nix index 1e923c380d6..7a60da1e53a 100644 --- a/pkgs/development/tools/misc/pahole/default.nix +++ b/pkgs/development/tools/misc/pahole/default.nix @@ -11,7 +11,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ cmake pkg-config ]; buildInputs = [ elfutils zlib libbpf ] - ++ lib.optional stdenv.hostPlatform.isMusl [ + ++ lib.optionals stdenv.hostPlatform.isMusl [ argp-standalone musl-obstack ]; diff --git a/pkgs/development/tools/misc/pkg-config/default.nix b/pkgs/development/tools/misc/pkg-config/default.nix index 70370e42126..f2721ab952c 100644 --- a/pkgs/development/tools/misc/pkg-config/default.nix +++ b/pkgs/development/tools/misc/pkg-config/default.nix @@ -28,9 +28,9 @@ stdenv.mkDerivation rec { buildInputs = optional (stdenv.isCygwin || stdenv.isDarwin || stdenv.isSunOS) libiconv; configureFlags = [ "--with-internal-glib" ] - ++ optional (stdenv.isSunOS) [ "--with-libiconv=gnu" "--with-system-library-path" "--with-system-include-path" "CFLAGS=-DENABLE_NLS" ] + ++ optionals (stdenv.isSunOS) [ "--with-libiconv=gnu" "--with-system-library-path" "--with-system-include-path" "CFLAGS=-DENABLE_NLS" ] # Can't run these tests while cross-compiling - ++ optional (stdenv.hostPlatform != stdenv.buildPlatform) + ++ optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ "glib_cv_stack_grows=no" "glib_cv_uscore=no" "ac_cv_func_posix_getpwuid_r=yes" diff --git a/pkgs/development/tools/misc/texinfo/common.nix b/pkgs/development/tools/misc/texinfo/common.nix index df3b12ea5b6..036e992e973 100644 --- a/pkgs/development/tools/misc/texinfo/common.nix +++ b/pkgs/development/tools/misc/texinfo/common.nix @@ -58,7 +58,7 @@ stdenv.mkDerivation { && !stdenv.isDarwin && !stdenv.isSunOS; # flaky - checkFlagsArray = [ + checkFlags = lib.optionals (!stdenv.hostPlatform.isMusl) [ # Test is known to fail on various locales on texinfo-6.8: # https://lists.gnu.org/r/bug-texinfo/2021-07/msg00012.html "XFAIL_TESTS=test_scripts/layout_formatting_fr_icons.sh" diff --git a/pkgs/development/python-modules/mutmut/default.nix b/pkgs/development/tools/mutmut/default.nix index 626c768f2a8..4b40930c646 100644 --- a/pkgs/development/python-modules/mutmut/default.nix +++ b/pkgs/development/tools/mutmut/default.nix @@ -1,16 +1,9 @@ { lib , fetchFromGitHub -, buildPythonApplication -, click -, glob2 -, parso -, pony -, junit-xml -, pythonOlder -, testers +, python3 }: -let self = buildPythonApplication rec { +let self = with python3.pkgs; buildPythonApplication rec { pname = "mutmut"; version = "2.2.0"; diff --git a/pkgs/development/tools/ocaml/dune/2.nix b/pkgs/development/tools/ocaml/dune/2.nix index 30962eeba31..65f8c7eda3c 100644 --- a/pkgs/development/tools/ocaml/dune/2.nix +++ b/pkgs/development/tools/ocaml/dune/2.nix @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ ocaml findlib ]; strictDeps = true; - buildFlags = "release"; + buildFlags = [ "release" ]; dontAddPrefix = true; dontAddStaticConfigureFlags = true; diff --git a/pkgs/development/tools/ocaml/dune/3.nix b/pkgs/development/tools/ocaml/dune/3.nix index 2917a4905bd..01145e0237c 100644 --- a/pkgs/development/tools/ocaml/dune/3.nix +++ b/pkgs/development/tools/ocaml/dune/3.nix @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { strictDeps = true; - buildFlags = "release"; + buildFlags = [ "release" ]; dontAddPrefix = true; dontAddStaticConfigureFlags = true; diff --git a/pkgs/development/tools/parsing/ragel/default.nix b/pkgs/development/tools/parsing/ragel/default.nix index 81d7d9f0b35..0e8777e9f3f 100644 --- a/pkgs/development/tools/parsing/ragel/default.nix +++ b/pkgs/development/tools/parsing/ragel/default.nix @@ -13,7 +13,7 @@ let inherit sha256; }; - buildInputs = lib.optional build-manual [ fig2dev ghostscript tex ]; + buildInputs = lib.optionals build-manual [ fig2dev ghostscript tex ]; preConfigure = lib.optionalString build-manual '' sed -i "s/build_manual=no/build_manual=yes/g" DIST diff --git a/pkgs/development/tools/poetry2nix/poetry2nix/overrides/default.nix b/pkgs/development/tools/poetry2nix/poetry2nix/overrides/default.nix index 50d3889e373..e169aced4a1 100644 --- a/pkgs/development/tools/poetry2nix/poetry2nix/overrides/default.nix +++ b/pkgs/development/tools/poetry2nix/poetry2nix/overrides/default.nix @@ -385,7 +385,7 @@ lib.composeManyExtensions [ ( old: { nativeBuildInputs = (old.nativeBuildInputs or [ ]) - ++ lib.optional (lib.versionAtLeast old.version "3.4") [ self.setuptools-rust ] + ++ lib.optionals (lib.versionAtLeast old.version "3.4") [ self.setuptools-rust ] ++ lib.optional (!self.isPyPy) pyBuildPackages.cffi ++ lib.optional (lib.versionAtLeast old.version "3.5" && !isWheel) (with pkgs.rustPlatform; [ cargoSetupHook rust.cargo rust.rustc ]); @@ -1061,9 +1061,9 @@ lib.composeManyExtensions [ buildInputs = old.buildInputs or [ ] ++ [ pkgs.which - ] ++ lib.optional enableGhostscript [ + ] ++ lib.optionals enableGhostscript [ pkgs.ghostscript - ] ++ lib.optional stdenv.isDarwin [ + ] ++ lib.optionals stdenv.isDarwin [ Cocoa ]; @@ -1080,7 +1080,7 @@ lib.composeManyExtensions [ nativeBuildInputs = (old.nativeBuildInputs or [ ]) ++ [ pkg-config - ] ++ lib.optional (lib.versionAtLeast super.matplotlib.version "3.5.0") [ + ] ++ lib.optionals (lib.versionAtLeast super.matplotlib.version "3.5.0") [ self.setuptools-scm self.setuptools-scm-git-archive ]; @@ -2030,7 +2030,7 @@ lib.composeManyExtensions [ if old.format != "wheel" then { nativeBuildInputs = (old.nativeBuildInputs or [ ]) ++ [ pkgs.gfortran ] ++ - lib.optional (lib.versionAtLeast super.scipy.version "1.7.0") [ self.pythran ]; + lib.optionals (lib.versionAtLeast super.scipy.version "1.7.0") [ self.pythran ]; propagatedBuildInputs = (old.propagatedBuildInputs or [ ]) ++ [ self.pybind11 ]; setupPyBuildFlags = [ "--fcompiler='gnu95'" ]; enableParallelBuilding = true; diff --git a/pkgs/development/tools/summon/default.nix b/pkgs/development/tools/summon/default.nix index 5c811aaf239..2ed17061c21 100644 --- a/pkgs/development/tools/summon/default.nix +++ b/pkgs/development/tools/summon/default.nix @@ -19,7 +19,7 @@ buildGoModule rec { # Patches provider resolver to support resolving unqualified names # from $PATH, e.g. `summon -p gopass` instead of `summon -p $(which gopass)` - patches = optional patchResolver [ ./resolve-paths.patch ]; + patches = optionals patchResolver [ ./resolve-paths.patch ]; postInstall = '' mv $out/bin/cmd $out/bin/summon diff --git a/pkgs/development/web/nodejs/bypass-darwin-xcrun-node16.patch b/pkgs/development/web/nodejs/bypass-darwin-xcrun-node16.patch new file mode 100644 index 00000000000..e86fcc4d297 --- /dev/null +++ b/pkgs/development/web/nodejs/bypass-darwin-xcrun-node16.patch @@ -0,0 +1,41 @@ +Avoids needing xcrun or xcodebuild in PATH for native package builds + +diff --git a/deps/npm/node_modules/node-gyp/gyp/pylib/gyp/xcode_emulation.py b/deps/npm/node_modules/node-gyp/gyp/pylib/gyp/xcode_emulation.py +index a75d8ee..476440d 100644 +--- a/deps/npm/node_modules/node-gyp/gyp/pylib/gyp/xcode_emulation.py ++++ b/deps/npm/node_modules/node-gyp/gyp/pylib/gyp/xcode_emulation.py +@@ -522,7 +522,13 @@ class XcodeSettings: + # Since the CLT has no SDK paths anyway, returning None is the + # most sensible route and should still do the right thing. + try: +- return GetStdoutQuiet(["xcrun", "--sdk", sdk, infoitem]) ++ #return GetStdoutQuiet(["xcrun", "--sdk", sdk, infoitem]) ++ return { ++ "--show-sdk-platform-path": "/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform", ++ "--show-sdk-path": "/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.15.sdk", ++ "--show-sdk-build-version": "19A547", ++ "--show-sdk-version": "10.15" ++ }[infoitem] + except GypError: + pass + +@@ -1499,7 +1505,8 @@ def XcodeVersion(): + version = "" + build = "" + try: +- version_list = GetStdoutQuiet(["xcodebuild", "-version"]).splitlines() ++ #version_list = GetStdoutQuiet(["xcodebuild", "-version"]).splitlines() ++ version_list = [] + # In some circumstances xcodebuild exits 0 but doesn't return + # the right results; for example, a user on 10.7 or 10.8 with + # a bogus path set via xcode-select +@@ -1510,7 +1517,8 @@ def XcodeVersion(): + version = version_list[0].split()[-1] # Last word on first line + build = version_list[-1].split()[-1] # Last word on last line + except GypError: # Xcode not installed so look for XCode Command Line Tools +- version = CLTVersion() # macOS Catalina returns 11.0.0.0.1.1567737322 ++ #version = CLTVersion() # macOS Catalina returns 11.0.0.0.1.1567737322 ++ version = "11.0.0.0.1.1567737322" + if not version: + raise GypError("No Xcode or CLT version detected!") + # Be careful to convert "4.2.3" to "0423" and "11.0.0" to "1100": diff --git a/pkgs/development/web/nodejs/nodejs.nix b/pkgs/development/web/nodejs/nodejs.nix index ab9a8b95d1a..6d9a3392a7a 100644 --- a/pkgs/development/web/nodejs/nodejs.nix +++ b/pkgs/development/web/nodejs/nodejs.nix @@ -123,7 +123,6 @@ let --replace "/usr/bin/env" "${coreutils}/bin/env" done '' + optionalString stdenv.isDarwin '' - sed -i 's/raise.*No Xcode or CLT version detected.*/version = "7.0.0"/' tools/gyp/pylib/gyp/xcode_emulation.py sed -i -e "s|tr1/type_traits|type_traits|g" \ -e "s|std::tr1|std|" src/util.h ''; @@ -176,8 +175,6 @@ let Libs: -L$libv8/lib -lv8 -pthread -licui18n Cflags: -I$libv8/include EOF - '' + optionalString (stdenv.isDarwin && enableNpm) '' - sed -i 's/raise.*No Xcode or CLT version detected.*/version = "7.0.0"/' $out/lib/node_modules/npm/node_modules/node-gyp/gyp/pylib/gyp/xcode_emulation.py ''; passthru.updateScript = import ./update.nix { diff --git a/pkgs/development/web/nodejs/v16.nix b/pkgs/development/web/nodejs/v16.nix index 0b6a127bd26..5e0ea0a996c 100644 --- a/pkgs/development/web/nodejs/v16.nix +++ b/pkgs/development/web/nodejs/v16.nix @@ -12,6 +12,7 @@ in sha256 = "sha256-ZyH+tBUtVtLGs1jOOXq9Wn8drwnuLiXFAhubTT+GozA="; patches = [ ./disable-darwin-v8-system-instrumentation.patch + ./bypass-darwin-xcrun-node16.patch # Fix npm silently fail without a HOME directory https://github.com/npm/cli/issues/4996 (fetchpatch { url = "https://github.com/npm/cli/commit/9905d0e24c162c3f6cc006fa86b4c9d0205a4c6f.patch"; diff --git a/pkgs/development/web/nodejs/v18.nix b/pkgs/development/web/nodejs/v18.nix index c4050087cfe..9cb626a93d9 100644 --- a/pkgs/development/web/nodejs/v18.nix +++ b/pkgs/development/web/nodejs/v18.nix @@ -8,8 +8,8 @@ let in buildNodejs { inherit enableNpm; - version = "18.9.1"; - sha256 = "sha256-84GWPUNWi6aZkVyIYp3G2koZY4BNzTey5uHRDZI91dk="; + version = "18.10.0"; + sha256 = "17z8081bqsldx4dl7399dp9gdsmd04lgnwvwycj7sjmyw9a1nwdd"; patches = [ (fetchpatch { # Fixes cross compilation to aarch64-linux by reverting https://github.com/nodejs/node/pull/43200 @@ -20,5 +20,6 @@ buildNodejs { }) ./disable-darwin-v8-system-instrumentation.patch + ./bypass-darwin-xcrun-node16.patch ]; } diff --git a/pkgs/games/anki/default.nix b/pkgs/games/anki/default.nix index 3796741f96c..71575c35fd3 100644 --- a/pkgs/games/anki/default.nix +++ b/pkgs/games/anki/default.nix @@ -101,7 +101,7 @@ buildPythonApplication rec { setuptools ] ++ lib.optional plotsSupport matplotlib - ++ lib.optional stdenv.isDarwin [ CoreAudio ] + ++ lib.optionals stdenv.isDarwin [ CoreAudio ] ; checkInputs = [ pytest glibcLocales nose ]; diff --git a/pkgs/games/blightmud/default.nix b/pkgs/games/blightmud/default.nix index 1937f84f88f..ba469c29461 100644 --- a/pkgs/games/blightmud/default.nix +++ b/pkgs/games/blightmud/default.nix @@ -26,7 +26,7 @@ rustPlatform.buildRustPackage rec { nativeBuildInputs = [ pkg-config rustPlatform.bindgenHook ]; - buildInputs = [ alsa-lib openssl ] ++ lib.optional withTTS [ speechd ]; + buildInputs = [ alsa-lib openssl ] ++ lib.optionals withTTS [ speechd ]; checkFlags = let diff --git a/pkgs/games/darkplaces/default.nix b/pkgs/games/darkplaces/default.nix index e7b70036cdf..86e2a572747 100644 --- a/pkgs/games/darkplaces/default.nix +++ b/pkgs/games/darkplaces/default.nix @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { SDL2 ]; - buildFlags = "release"; + buildFlags = [ "release" ]; installPhase = '' runHook preInstall diff --git a/pkgs/games/freeciv/default.nix b/pkgs/games/freeciv/default.nix index 2edecbf9ae5..b83b37f66aa 100644 --- a/pkgs/games/freeciv/default.nix +++ b/pkgs/games/freeciv/default.nix @@ -27,8 +27,8 @@ stdenv.mkDerivation rec { ''; nativeBuildInputs = [ autoreconfHook pkg-config ] - ++ lib.optional qtClient [ qt5.wrapQtAppsHook ] - ++ lib.optional gtkClient [ wrapGAppsHook ]; + ++ lib.optionals qtClient [ qt5.wrapQtAppsHook ] + ++ lib.optionals gtkClient [ wrapGAppsHook ]; buildInputs = [ lua5_3 zlib bzip2 curl xz gettext libiconv icu ] ++ [ SDL2 SDL2_mixer SDL2_image SDL2_ttf SDL2_gfx freetype fluidsynth ] diff --git a/pkgs/games/gimx/default.nix b/pkgs/games/gimx/default.nix index 2728afe2c49..785d38a759a 100644 --- a/pkgs/games/gimx/default.nix +++ b/pkgs/games/gimx/default.nix @@ -37,7 +37,7 @@ in stdenv.mkDerivation rec { --replace "5E048E021001" "6F0E13020001" ''; - makeFlags = "build-core"; + makeFlags = [ "build-core" ]; installPhase = '' runHook preInstall diff --git a/pkgs/games/snis/default.nix b/pkgs/games/snis/default.nix index ed09ed46eff..b74fef45182 100644 --- a/pkgs/games/snis/default.nix +++ b/pkgs/games/snis/default.nix @@ -18,6 +18,7 @@ , sox , libopus , openscad +, libxcrypt }: stdenv.mkDerivation { @@ -46,7 +47,7 @@ stdenv.mkDerivation { ''; nativeBuildInputs = [ pkg-config openscad makeWrapper ]; - buildInputs = [ coreutils portaudio libbsd libpng libvorbis SDL2 lua5_2 glew openssl picotts sox alsa-utils libopus ]; + buildInputs = [ coreutils portaudio libbsd libpng libvorbis SDL2 lua5_2 glew openssl picotts sox alsa-utils libopus libxcrypt ]; postBuild = '' make models -j$NIX_BUILD_CORES diff --git a/pkgs/games/xonotic/default.nix b/pkgs/games/xonotic/default.nix index d29e43850fb..cad021ff570 100644 --- a/pkgs/games/xonotic/default.nix +++ b/pkgs/games/xonotic/default.nix @@ -66,8 +66,8 @@ let nativeBuildInputs = [ unzip ]; buildInputs = [ libjpeg zlib libvorbis curl gmp ] - ++ lib.optional withGLX [ libX11.dev libGLU.dev libGL.dev libXpm.dev libXext.dev libXxf86vm.dev alsa-lib.dev ] - ++ lib.optional withSDL [ SDL2.dev ]; + ++ lib.optionals withGLX [ libX11.dev libGLU.dev libGL.dev libXpm.dev libXext.dev libXxf86vm.dev alsa-lib.dev ] + ++ lib.optionals withSDL [ SDL2.dev ]; sourceRoot = "Xonotic/source/darkplaces"; diff --git a/pkgs/misc/ghostscript/default.nix b/pkgs/misc/ghostscript/default.nix index 28344c3fc5a..922941c55e8 100644 --- a/pkgs/misc/ghostscript/default.nix +++ b/pkgs/misc/ghostscript/default.nix @@ -2,7 +2,7 @@ , libjpeg, libpng, libtiff, freetype, fontconfig, libpaper, jbig2dec , libiconv, ijs, lcms2, callPackage, bash, buildPackages, openjpeg , cupsSupport ? config.ghostscript.cups or (!stdenv.isDarwin), cups -, x11Support ? cupsSupport, xlibsWrapper # with CUPS, X11 only adds very little +, x11Support ? cupsSupport, xorg # with CUPS, X11 only adds very little }: let @@ -58,7 +58,7 @@ stdenv.mkDerivation rec { libjpeg libpng libtiff freetype fontconfig libpaper jbig2dec libiconv ijs lcms2 bash openjpeg ] - ++ lib.optional x11Support xlibsWrapper + ++ lib.optionals x11Support [ xorg.libICE xorg.libX11 xorg.libXext xorg.libXt ] ++ lib.optional cupsSupport cups ; diff --git a/pkgs/misc/jackaudio/default.nix b/pkgs/misc/jackaudio/default.nix index 2f7ffeb89f3..441f3ccb37f 100644 --- a/pkgs/misc/jackaudio/default.nix +++ b/pkgs/misc/jackaudio/default.nix @@ -48,7 +48,7 @@ stdenv.mkDerivation rec { --replace /bin/bash ${bash}/bin/bash ''; - dontAddWafCrossFlags = "true"; + dontAddWafCrossFlags = true; wafConfigureFlags = [ "--classic" "--autostart=${if (optDbus != null) then "dbus" else "classic"}" diff --git a/pkgs/misc/screensavers/slock/default.nix b/pkgs/misc/screensavers/slock/default.nix index 9f364ba520c..c23b5fdc249 100644 --- a/pkgs/misc/screensavers/slock/default.nix +++ b/pkgs/misc/screensavers/slock/default.nix @@ -1,5 +1,5 @@ { lib, stdenv, fetchurl, writeText -, xorgproto, libX11, libXext, libXrandr +, xorgproto, libX11, libXext, libXrandr, libxcrypt # default header can be obtained from # https://git.suckless.org/slock/tree/config.def.h , conf ? null }: @@ -14,7 +14,7 @@ stdenv.mkDerivation rec { sha256 = "0sif752303dg33f14k6pgwq2jp1hjyhqv6x4sy3sj281qvdljf5m"; }; - buildInputs = [ xorgproto libX11 libXext libXrandr ]; + buildInputs = [ xorgproto libX11 libXext libXrandr libxcrypt ]; installFlags = [ "PREFIX=$(out)" ]; diff --git a/pkgs/os-specific/bsd/netbsd/compat-cxx-safe-header.patch b/pkgs/os-specific/bsd/netbsd/compat-cxx-safe-header.patch index f67ca2e5079..2aaa90b7614 100644 --- a/pkgs/os-specific/bsd/netbsd/compat-cxx-safe-header.patch +++ b/pkgs/os-specific/bsd/netbsd/compat-cxx-safe-header.patch @@ -1,6 +1,6 @@ diff -u -r1.35.2.1 nbtool_config.h.in ---- a/nbtool_config.h.in 22 Apr 2015 07:18:58 -0000 1.35.2.1 -+++ b/nbtool_config.h.in 31 May 2018 01:46:53 -0000 +--- a/tools/compat/nbtool_config.h.in 22 Apr 2015 07:18:58 -0000 1.35.2.1 ++++ b/tools/compat/nbtool_config.h.in 31 May 2018 01:46:53 -0000 @@ -680,5 +680,14 @@ /* Define if you have u_int8_t, but not uint8_t. */ #undef uint8_t diff --git a/pkgs/os-specific/bsd/netbsd/compat-dont-configure-twice.patch b/pkgs/os-specific/bsd/netbsd/compat-dont-configure-twice.patch index 1a69e73e255..2758e256a61 100644 --- a/pkgs/os-specific/bsd/netbsd/compat-dont-configure-twice.patch +++ b/pkgs/os-specific/bsd/netbsd/compat-dont-configure-twice.patch @@ -6,8 +6,8 @@ Date: Wed Sep 1 15:38:56 2021 +0000 diff --git a/Makefile b/Makefile index b5adb8a5f2e9..1a914ef16739 100644 ---- a/Makefile -+++ b/Makefile +--- a/tools/compat/Makefile ++++ b/tools/compat/Makefile @@ -76,11 +76,6 @@ _CURDIR:= ${.CURDIR} SRCS:= ${SRCS:M*.c} diff --git a/pkgs/os-specific/bsd/netbsd/compat-no-force-native.patch b/pkgs/os-specific/bsd/netbsd/compat-no-force-native.patch index cd442d95f41..117fb7e0429 100644 --- a/pkgs/os-specific/bsd/netbsd/compat-no-force-native.patch +++ b/pkgs/os-specific/bsd/netbsd/compat-no-force-native.patch @@ -8,8 +8,8 @@ Date: Wed Sep 1 15:38:56 2021 +0000 diff --git a/Makefile b/Makefile index 4bcf227f0e75..9ed1d6eea6ff 100644 ---- a/Makefile -+++ b/Makefile +--- a/tools/compat/Makefile ++++ b/tools/compat/Makefile @@ -1,6 +1,6 @@ # $NetBSD: Makefile,v 1.87 2019/05/08 02:25:50 thorpej Exp $ diff --git a/pkgs/os-specific/bsd/netbsd/default.nix b/pkgs/os-specific/bsd/netbsd/default.nix index 82efb1f6a75..4219706a352 100644 --- a/pkgs/os-specific/bsd/netbsd/default.nix +++ b/pkgs/os-specific/bsd/netbsd/default.nix @@ -3,7 +3,7 @@ , buildPackages, splicePackages, newScope , bsdSetupHook, makeSetupHook, fetchcvs, groff, mandoc, byacc, flex , zlib -, writeText, symlinkJoin +, writeShellScript, writeText, runtimeShell, symlinkJoin }: let @@ -94,7 +94,7 @@ in lib.makeScopeWithSplicing }.${stdenv'.hostPlatform.parsed.cpu.name} or stdenv'.hostPlatform.parsed.cpu.name; - BSD_PATH = attrs.path; + COMPONENT_PATH = attrs.path; makeFlags = defaultMakeFlags; @@ -121,12 +121,12 @@ in lib.makeScopeWithSplicing installPhase = "includesPhase"; dontBuild = true; } // attrs // { + # Files that use NetBSD-specific macros need to have nbtool_config.h + # included ahead of them on non-NetBSD platforms. postPatch = lib.optionalString (!stdenv'.hostPlatform.isNetBSD) '' - # Files that use NetBSD-specific macros need to have nbtool_config.h - # included ahead of them on non-NetBSD platforms. set +e grep -Zlr "^__RCSID - ^__BEGIN_DECLS" | xargs -0r grep -FLZ nbtool_config.h | + ^__BEGIN_DECLS" $COMPONENT_PATH | xargs -0r grep -FLZ nbtool_config.h | xargs -0tr sed -i '0,/^#/s//#include <nbtool_config.h>\n\0/' set -e '' + attrs.postPatch or ""; @@ -146,7 +146,7 @@ in lib.makeScopeWithSplicing skipIncludesPhase = true; postPatch = '' - patchShebangs configure + patchShebangs $COMPONENT_PATH/configure ${self.make.postPatch} ''; @@ -281,11 +281,11 @@ in lib.makeScopeWithSplicing # HACK: to ensure parent directories exist. This emulates GNU # install’s -D option. No alternative seems to exist in BSD install. - install = let binstall = writeText "binstall" '' - #!${stdenv.shell} - for last in $@; do true; done + install = let binstall = writeShellScript "binstall" '' + set -eu + for last in "$@"; do true; done mkdir -p $(dirname $last) - xinstall "$@" + @out@/bin/xinstall "$@" ''; in mkDerivation { path = "usr.bin/xinstall"; version = "9.2"; @@ -297,13 +297,18 @@ in lib.makeScopeWithSplicing mandoc groff rsync ]; skipIncludesPhase = true; - buildInputs = with self; compatIfNeeded ++ [ fts ]; + buildInputs = with self; compatIfNeeded + # fts header is needed. glibc already has this header, but musl doesn't, + # so make sure pkgsMusl.netbsd.install still builds in case you want to + # remove it! + ++ [ fts ]; installPhase = '' runHook preInstall install -D install.1 $out/share/man/man1/install.1 install -D xinstall $out/bin/xinstall install -D -m 0550 ${binstall} $out/bin/binstall + substituteInPlace $out/bin/binstall --subst-var out ln -s $out/bin/binstall $out/bin/install runHook postInstall @@ -391,6 +396,7 @@ in lib.makeScopeWithSplicing install mandoc groff rsync ]; }; + ## ## END BOOTSTRAPPING ## @@ -706,10 +712,10 @@ in lib.makeScopeWithSplicing SHLIBINSTALLDIR = "$(out)/lib"; makeFlags = defaultMakeFlags ++ [ "LIBDO.terminfo=${self.libterminfo}/lib" ]; postPatch = '' - sed -i '1i #undef bool_t' el.h - substituteInPlace config.h \ + sed -i '1i #undef bool_t' $COMPONENT_PATH/el.h + substituteInPlace $COMPONENT_PATH/config.h \ --replace "#define HAVE_STRUCT_DIRENT_D_NAMLEN 1" "" - substituteInPlace readline/Makefile --replace /usr/include "$out/include" + substituteInPlace $COMPONENT_PATH/readline/Makefile --replace /usr/include "$out/include" ''; NIX_CFLAGS_COMPILE = [ "-D__noinline=" @@ -729,8 +735,8 @@ in lib.makeScopeWithSplicing buildInputs = with self; compatIfNeeded; SHLIBINSTALLDIR = "$(out)/lib"; postPatch = '' - substituteInPlace term.c --replace /usr/share $out/share - substituteInPlace setupterm.c \ + substituteInPlace $COMPONENT_PATH/term.c --replace /usr/share $out/share + substituteInPlace $COMPONENT_PATH/setupterm.c \ --replace '#include <curses.h>' 'void use_env(bool);' ''; postBuild = '' @@ -758,10 +764,10 @@ in lib.makeScopeWithSplicing MKDOC = "no"; # missing vfontedpr makeFlags = defaultMakeFlags ++ [ "LIBDO.terminfo=${self.libterminfo}/lib" ]; postPatch = lib.optionalString (!stdenv.isDarwin) '' - substituteInPlace printw.c \ + substituteInPlace $COMPONENT_PATH/printw.c \ --replace "funopen(win, NULL, __winwrite, NULL, NULL)" NULL \ --replace "__strong_alias(vwprintw, vw_printw)" 'extern int vwprintw(WINDOW*, const char*, va_list) __attribute__ ((alias ("vw_printw")));' - substituteInPlace scanw.c \ + substituteInPlace $COMPONENT_PATH/scanw.c \ --replace "__strong_alias(vwscanw, vw_scanw)" 'extern int vwscanw(WINDOW*, const char*, va_list) __attribute__ ((alias ("vw_scanw")));' ''; }; @@ -986,7 +992,7 @@ in lib.makeScopeWithSplicing # man0 generates a man.pdf using ps2pdf, but doesn't install it later, # so we can avoid the dependency on ghostscript postPatch = '' - substituteInPlace man0/Makefile --replace "ps2pdf" "echo noop " + substituteInPlace $COMPONENT_PATH/man0/Makefile --replace "ps2pdf" "echo noop " ''; makeFlags = defaultMakeFlags ++ [ "FILESDIR=$(out)/share" diff --git a/pkgs/os-specific/bsd/netbsd/getent.patch b/pkgs/os-specific/bsd/netbsd/getent.patch index e9e34d19a31..18258b64861 100644 --- a/pkgs/os-specific/bsd/netbsd/getent.patch +++ b/pkgs/os-specific/bsd/netbsd/getent.patch @@ -1,8 +1,8 @@ Author: Matthew Bauer Description: Remove unavailable getent databases Version: 7.1.2 ---- a/getent.c 2018-04-16 13:33:49.000000000 -0500 -+++ b/getent.c 2018-04-16 13:29:30.000000000 -0500 +--- a/usr.bin/getent/getent.c 2018-04-16 13:33:49.000000000 -0500 ++++ b/usr.bin/getent/getent.c 2018-04-16 13:29:30.000000000 -0500 @@ -42,7 +42,6 @@ #include <grp.h> #include <limits.h> diff --git a/pkgs/os-specific/bsd/netbsd/locale.patch b/pkgs/os-specific/bsd/netbsd/locale.patch index 1df9eb38562..4b7f4785528 100644 --- a/pkgs/os-specific/bsd/netbsd/locale.patch +++ b/pkgs/os-specific/bsd/netbsd/locale.patch @@ -1,5 +1,5 @@ ---- a/locale.c 2018-06-11 14:39:06.449762000 -0400 -+++ b/locale.c 2018-06-11 14:42:28.461122899 -0400 +--- a/usr.bin/locale/locale.c 2018-06-11 14:39:06.449762000 -0400 ++++ b/usr.bin/locale/locale.c 2018-06-11 14:42:28.461122899 -0400 @@ -56,14 +56,8 @@ #include <stringlist.h> #include <unistd.h> diff --git a/pkgs/os-specific/bsd/netbsd/no-dynamic-linker.patch b/pkgs/os-specific/bsd/netbsd/no-dynamic-linker.patch index 5a2b9092a5c..b3e9f3c88a1 100644 --- a/pkgs/os-specific/bsd/netbsd/no-dynamic-linker.patch +++ b/pkgs/os-specific/bsd/netbsd/no-dynamic-linker.patch @@ -4,8 +4,8 @@ rcsdiff: /ftp/cvs/cvsroot/src/sys/arch/i386/stand/efiboot/Makefile.efiboot,v: wa retrieving revision 1.16 retrieving revision 1.17 diff -u -p -r1.16 -r1.17 ---- sys/arch/i386/stand/efiboot/Makefile.efiboot 2019/09/13 02:19:45 1.16 -+++ sys/arch/i386/stand/efiboot/Makefile.efiboot 2020/04/04 15:30:46 1.17 +--- a/sys/arch/i386/stand/efiboot/Makefile.efiboot 2019/09/13 02:19:45 1.16 ++++ b/sys/arch/i386/stand/efiboot/Makefile.efiboot 2020/04/04 15:30:46 1.17 @@ -41,6 +41,7 @@ BINMODE=444 .PATH: ${.CURDIR}/../../libsa diff --git a/pkgs/os-specific/bsd/netbsd/sys-headers-incsdir.patch b/pkgs/os-specific/bsd/netbsd/sys-headers-incsdir.patch index ed85f8ea5b0..5cfb2a54c8d 100644 --- a/pkgs/os-specific/bsd/netbsd/sys-headers-incsdir.patch +++ b/pkgs/os-specific/bsd/netbsd/sys-headers-incsdir.patch @@ -1,7 +1,7 @@ diff --git a/Makefile b/Makefile index 3f1e18dc659d..163362b82f94 100644 ---- a/Makefile -+++ b/Makefile +--- a/sys/Makefile ++++ b/sys/Makefile @@ -2,6 +2,8 @@ .include <bsd.own.mk> diff --git a/pkgs/os-specific/bsd/setup-hook.sh b/pkgs/os-specific/bsd/setup-hook.sh index 4bdfde68b62..e0afefcd73f 100644 --- a/pkgs/os-specific/bsd/setup-hook.sh +++ b/pkgs/os-specific/bsd/setup-hook.sh @@ -48,6 +48,7 @@ addMakeFlags() { makeFlags="BINDIR=${!outputBin}/bin $makeFlags" makeFlags="LIBDIR=${!outputLib}/lib $makeFlags" makeFlags="SHLIBDIR=${!outputLib}/lib $makeFlags" + makeFlags="SHAREDIR=${!outputLib}/share $makeFlags" makeFlags="MANDIR=${!outputMan}/share/man $makeFlags" makeFlags="INFODIR=${!outputInfo}/share/info $makeFlags" makeFlags="DOCDIR=${!outputDoc}/share/doc $makeFlags" @@ -61,10 +62,13 @@ setBSDSourceDir() { sourceRoot=$PWD/$sourceRoot export BSDSRCDIR=$sourceRoot export _SRC_TOP_=$BSDSRCDIR - cd $sourceRoot - if [ -d "$BSD_PATH" ] - then sourceRoot=$sourceRoot/$BSD_PATH +} + +cdBSDPath() { + if [ -d "$COMPONENT_PATH" ] + then sourceRoot=$sourceRoot/$COMPONENT_PATH + cd $COMPONENT_PATH fi } @@ -104,6 +108,7 @@ moveUsrDir() { } postUnpackHooks+=(setBSDSourceDir) +postPatchHooks+=(cdBSDPath) preConfigureHooks+=(addMakeFlags) preInstallHooks+=(includesPhase) fixupOutputHooks+=(moveUsrDir) diff --git a/pkgs/os-specific/darwin/apple-source-releases/ICU/default.nix b/pkgs/os-specific/darwin/apple-source-releases/ICU/default.nix index cdebfe6d2f7..ed5e998714a 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/ICU/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/ICU/default.nix @@ -13,7 +13,7 @@ in appleDerivation { nativeBuildInputs = [ python3 ]; - depsBuildBuild = lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) [ buildPackages.stdenv.cc ]; + depsBuildBuild = lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ buildPackages.stdenv.cc ]; postPatch = '' substituteInPlace makefile \ diff --git a/pkgs/os-specific/darwin/apple-source-releases/xnu/default.nix b/pkgs/os-specific/darwin/apple-source-releases/xnu/default.nix index 8b0d2054d58..266c2ef4dfe 100644 --- a/pkgs/os-specific/darwin/apple-source-releases/xnu/default.nix +++ b/pkgs/os-specific/darwin/apple-source-releases/xnu/default.nix @@ -12,7 +12,7 @@ appleDerivation' (if headersOnly then stdenvNoCC else stdenv) ( nativeBuildInputs = [ bootstrap_cmds bison flex gnum4 unifdef perl python3 ]; - patches = lib.optional stdenv.isx86_64 [ ./python3.patch ]; + patches = lib.optionals stdenv.isx86_64 [ ./python3.patch ]; postPatch = '' substituteInPlace Makefile \ diff --git a/pkgs/os-specific/darwin/cctools/darwin-no-memstream.patch b/pkgs/os-specific/darwin/cctools/darwin-no-memstream.patch new file mode 100644 index 00000000000..bb8a4ad68f3 --- /dev/null +++ b/pkgs/os-specific/darwin/cctools/darwin-no-memstream.patch @@ -0,0 +1,21 @@ +MacOS SDKs before 10.13 don't support open_memstream. This is already replaced +by a runtime check in cctools-port, but because we build with SDK 10.12 by +default, linking still fails for us. Disable it entirely here. + +--- a/cctools/include/stuff/diagnostics.h ++++ b/cctools/include/stuff/diagnostics.h +@@ -60,13 +60,6 @@ void diagnostics_log_msg(enum diagnostic_level level, const char* message); + */ + void diagnostics_write(void); + +-#if defined(__APPLE__ ) && defined(__has_builtin) +-# if __has_builtin(__builtin_available) +-# define HAVE_OPENMEMSTREAM_RUNTIME __builtin_available(macOS 10.13, *) +-# endif +-#endif +-#ifndef HAVE_OPENMEMSTREAM_RUNTIME +-# define HAVE_OPENMEMSTREAM_RUNTIME 1 +-#endif ++#define HAVE_OPENMEMSTREAM_RUNTIME 0 + + #endif /* diagnostics_h */ diff --git a/pkgs/os-specific/darwin/cctools/port.nix b/pkgs/os-specific/darwin/cctools/port.nix index bace6f0689d..3c48c3ebc0c 100644 --- a/pkgs/os-specific/darwin/cctools/port.nix +++ b/pkgs/os-specific/darwin/cctools/port.nix @@ -19,13 +19,17 @@ assert (!stdenv.hostPlatform.isDarwin) -> maloader != null; stdenv.mkDerivation { pname = "${targetPrefix}cctools-port"; - version = "949.0.1"; + version = "973.0.1"; src = fetchFromGitHub { owner = "tpoechtrager"; repo = "cctools-port"; - rev = "43f32a4c61b5ba7fde011e816136c550b1b3146f"; - sha256 = "10yc5smiczzm62q6ijqccc58bwmfhc897f3bwa5i9j98csqsjj0k"; + # This is the commit before: https://github.com/tpoechtrager/cctools-port/pull/114 + # That specific change causes trouble for us (see the PR discussion), but + # is also currently the last commit on master at the time of writing, so we + # can just go back one step. + rev = "457dc6ddf5244ebf94f28e924e3a971f1566bd66"; + sha256 = "0ns12q7vg9yand4dmdsps1917cavfbw67yl5q7bm6kb4ia5kkx13"; }; outputs = [ "out" "dev" "man" ]; @@ -35,7 +39,11 @@ stdenv.mkDerivation { ++ lib.optionals stdenv.isDarwin [ libobjc ] ++ lib.optional enableTapiSupport libtapi; - patches = [ ./ld-ignore-rpath-link.patch ./ld-rpath-nonfinal.patch ]; + patches = [ + ./ld-ignore-rpath-link.patch + ./ld-rpath-nonfinal.patch + ] + ++ lib.optional stdenv.isDarwin ./darwin-no-memstream.patch; __propagatedImpureHostDeps = [ # As far as I can tell, otool from cctools is the only thing that depends on these two, and we should fix them @@ -64,32 +72,99 @@ stdenv.mkDerivation { --replace "-isystem /usr/local/include -isystem /usr/pkg/include" "" \ --replace "-L/usr/local/lib" "" \ - substituteInPlace cctools/include/Makefile \ - --replace "/bin/" "" + # Appears to use new libdispatch API not available in macOS SDK 10.12. + substituteInPlace cctools/ld64/src/ld/libcodedirectory.c \ + --replace "#define LIBCD_PARALLEL 1" "" patchShebangs tools sed -i -e 's/which/type -P/' tools/*.sh - # Workaround for https://www.sourceware.org/bugzilla/show_bug.cgi?id=11157 - cat > cctools/include/unistd.h <<EOF - #ifdef __block - # undef __block - # include_next "unistd.h" - # define __block __attribute__((__blocks__(byref))) - #else - # include_next "unistd.h" - #endif - EOF - cd cctools ''; preInstall = '' - pushd include - make DSTROOT=$out/include RC_OS=common install + installManPage ar/ar.{1,5} + + # The makefile rules for installing headers are missing in 973.0.1. + # The below is derived from 949.0.1. + mkdir -p $dev/include/mach-o/i386 + mkdir -p $dev/include/mach-o/ppc + mkdir -p $dev/include/mach-o/x86_64 + mkdir -p $dev/include/mach-o/arm + mkdir -p $dev/include/mach-o/arm64 + mkdir -p $dev/include/mach-o/m68k + mkdir -p $dev/include/mach-o/sparc + mkdir -p $dev/include/mach-o/hppa + mkdir -p $dev/include/mach-o/i860 + mkdir -p $dev/include/mach-o/m88k + mkdir -p $dev/include/dyld + mkdir -p $dev/include/cbt + + pushd include/mach-o + install -c -m 444 arch.h ldsyms.h reloc.h \ + stab.h loader.h fat.h swap.h getsect.h nlist.h \ + ranlib.h $dev/include/mach-o popd - installManPage ar/ar.{1,5} + pushd include/mach-o/i386 + install -c -m 444 swap.h \ + $dev/include/mach-o/i386 + popd + + pushd include/mach-o/ppc + install -c -m 444 reloc.h swap.h \ + $dev/include/mach-o/ppc + popd + + pushd include/mach-o/x86_64 + install -c -m 444 reloc.h \ + $dev/include/mach-o/x86_64 + popd + + pushd include/mach-o/arm + install -c -m 444 reloc.h \ + $dev/include/mach-o/arm + popd + + pushd include/mach-o/arm64 + install -c -m 444 reloc.h \ + $dev/include/mach-o/arm64 + popd + + pushd include/mach-o/m68k + install -c -m 444 swap.h \ + $dev/include/mach-o/m68k + popd + + pushd include/mach-o/sparc + install -c -m 444 reloc.h swap.h \ + $dev/include/mach-o/sparc + popd + + pushd include/mach-o/hppa + install -c -m 444 reloc.h swap.h \ + $dev/include/mach-o/hppa + popd + + pushd include/mach-o/i860 + install -c -m 444 reloc.h swap.h \ + $dev/include/mach-o/i860 + popd + + pushd include/mach-o/m88k + install -c -m 444 reloc.h swap.h \ + $dev/include/mach-o/m88k + popd + + pushd include/stuff + install -c -m 444 bool.h \ + $dev/include/dyld + popd + + pushd include/cbt + install -c -m 444 libsyminfo.h \ + $dev/include/cbt + popd ''; passthru = { diff --git a/pkgs/os-specific/darwin/libtapi/default.nix b/pkgs/os-specific/darwin/libtapi/default.nix index eba61a15ccb..d109e0edcbd 100644 --- a/pkgs/os-specific/darwin/libtapi/default.nix +++ b/pkgs/os-specific/darwin/libtapi/default.nix @@ -17,7 +17,7 @@ stdenv.mkDerivation { # Also means we don't have to manually fix the result with install_name_tool. patches = [ ./disable-rpath.patch - ] ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) [ + ] ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ # TODO: make unconditional and rebuild the world # TODO: send upstream ./native-clang-tblgen.patch @@ -30,7 +30,7 @@ stdenv.mkDerivation { buildInputs = [ ncurses ]; cmakeFlags = [ "-DLLVM_INCLUDE_TESTS=OFF" ] - ++ lib.optional (stdenv.buildPlatform != stdenv.hostPlatform) [ + ++ lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ "-DCMAKE_CROSSCOMPILING=True" # This package could probably have a llvm_6 llvm-tblgen and clang-tblgen # provided to reduce some building. This package seems intended to diff --git a/pkgs/os-specific/darwin/sigtool/default.nix b/pkgs/os-specific/darwin/sigtool/default.nix index 4c573af95be..b9c385ebd31 100644 --- a/pkgs/os-specific/darwin/sigtool/default.nix +++ b/pkgs/os-specific/darwin/sigtool/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "sigtool"; - version = "0.1.2"; + version = "0.1.3"; src = fetchFromGitHub { owner = "thefloweringash"; repo = "sigtool"; rev = "v${version}"; - sha256 = "sha256-v4udqW37vwcqBdqfvfwHnoyXpuLFt188ekVCPCPsTPM"; + sha256 = "sha256-K3VSFaqcZEomF7kROJz+AwxdW1MmxxEFDaRnWnzcw54="; }; nativeBuildInputs = [ pkg-config ]; diff --git a/pkgs/os-specific/linux/apparmor/default.nix b/pkgs/os-specific/linux/apparmor/default.nix index 0a74554d6c6..933b4e176f7 100644 --- a/pkgs/os-specific/linux/apparmor/default.nix +++ b/pkgs/os-specific/linux/apparmor/default.nix @@ -18,16 +18,17 @@ , writeShellScript , closureInfo , runCommand +, libxcrypt }: let - apparmor-version = "3.0.7"; + apparmor-version = "3.1.1"; apparmor-meta = component: with lib; { homepage = "https://apparmor.net/"; description = "A mandatory access control system - ${component}"; license = licenses.gpl2; - maintainers = with maintainers; [ joachifm julm thoughtpolice ]; + maintainers = with maintainers; [ julm thoughtpolice ]; platforms = platforms.linux; }; @@ -35,7 +36,7 @@ let owner = "apparmor"; repo = "apparmor"; rev = "v${apparmor-version}"; - hash = "sha256-iLZY0wZQr+YvR8JCwTeECDuqFb1sQCQtkiUksiYCvWs="; + hash = "sha256-phEHfrza0EeX2HEM5ts8wVCFlSLlnEtZd2MwbG/XbFY="; }; aa-teardown = writeShellScript "aa-teardown" '' @@ -93,7 +94,8 @@ let perl ] ++ lib.optional withPython python; - buildInputs = lib.optional withPerl perl + buildInputs = [ libxcrypt ] + ++ lib.optional withPerl perl ++ lib.optional withPython python; # required to build apparmor-parser diff --git a/pkgs/os-specific/linux/bpftools/default.nix b/pkgs/os-specific/linux/bpftools/default.nix index 640ab5f76a9..d3bb96afb3e 100644 --- a/pkgs/os-specific/linux/bpftools/default.nix +++ b/pkgs/os-specific/linux/bpftools/default.nix @@ -8,13 +8,15 @@ stdenv.mkDerivation rec { pname = "bpftools"; - version = "5.19.8"; + version = "5.19.12"; src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "1kl7fifsa6vsm34xg3kd2svhx18n771hfj67nhwnlalmb9whhqv1"; + sha256 = "sha256-xDalSMcxLOb8WjRyy+rYle749ShB++fHH9jki9/isLo="; }; + patches = [ ./strip-binary-name.patch ]; + nativeBuildInputs = [ python3 bison flex ]; buildInputs = (if (lib.versionAtLeast version "5.20") then [ libopcodes libbfd ] diff --git a/pkgs/os-specific/linux/bpftools/strip-binary-name.patch b/pkgs/os-specific/linux/bpftools/strip-binary-name.patch new file mode 100644 index 00000000000..623e90963bd --- /dev/null +++ b/pkgs/os-specific/linux/bpftools/strip-binary-name.patch @@ -0,0 +1,15 @@ +Strip path to the binary from prints. + +I see no sense in including the full path in outputs like bpftool --version +Especially as argv[0] may not include it, based on calling via $PATH or not. +--- a/tools/bpf/bpftool/main.c ++++ b/tools/bpf/bpftool/main.c +@@ -443 +443,7 @@ +- bin_name = argv[0]; ++ /* Strip the path if any. */ ++ const char *bin_name_slash = strrchr(argv[0], '/'); ++ if (bin_name_slash) { ++ bin_name = bin_name_slash + 1; ++ } else { ++ bin_name = argv[0]; ++ } diff --git a/pkgs/os-specific/linux/cryptsetup/default.nix b/pkgs/os-specific/linux/cryptsetup/default.nix index 62f3f0c4db1..1ac2ccf842a 100644 --- a/pkgs/os-specific/linux/cryptsetup/default.nix +++ b/pkgs/os-specific/linux/cryptsetup/default.nix @@ -1,5 +1,12 @@ { lib, stdenv, fetchurl, lvm2, json_c, asciidoctor -, openssl, libuuid, pkg-config, popt }: +, openssl, libuuid, pkg-config, popt, nixosTests + + # The release tarballs contain precomputed manpage files, so we don't need + # to run asciidoctor on the man sources. By avoiding asciidoctor, we make + # the bare NixOS build hash independent of changes to the ruby ecosystem, + # saving mass-rebuilds. +, rebuildMan ? false +}: stdenv.mkDerivation rec { pname = "cryptsetup"; @@ -13,6 +20,11 @@ stdenv.mkDerivation rec { sha256 = "sha256-kYSm672c5+shEVLn90GmyC8tHMDiSoTsnFKTnu4PBUI="; }; + patches = [ + # Allow reading tokens from a relative path, see #167994 + ./relative-token-path.patch + ]; + postPatch = '' patchShebangs tests @@ -28,6 +40,8 @@ stdenv.mkDerivation rec { "--enable-cryptsetup-reencrypt" "--with-crypto_backend=openssl" "--disable-ssh-token" + ] ++ lib.optionals (!rebuildMan) [ + "--disable-asciidoc" ] ++ lib.optionals stdenv.hostPlatform.isStatic [ "--disable-external-tokens" # We have to override this even though we're removing token @@ -36,7 +50,7 @@ stdenv.mkDerivation rec { "--with-luks2-external-tokens-path=/" ]; - nativeBuildInputs = [ pkg-config asciidoctor ]; + nativeBuildInputs = [ pkg-config ] ++ lib.optionals rebuildMan [ asciidoctor ]; buildInputs = [ lvm2 json_c openssl libuuid popt ]; # The test [7] header backup in compat-test fails with a mysterious @@ -44,6 +58,19 @@ stdenv.mkDerivation rec { # Issue filed upstream: https://gitlab.com/cryptsetup/cryptsetup/-/issues/763 doCheck = !stdenv.hostPlatform.isMusl; + passthru = { + tests = { + nixos = + lib.optionalAttrs stdenv.hostPlatform.isLinux ( + lib.recurseIntoAttrs ( + lib.filterAttrs + (name: _value: lib.hasPrefix "luks" name) + nixosTests.installer + ) + ); + }; + }; + meta = { homepage = "https://gitlab.com/cryptsetup/cryptsetup/"; description = "LUKS for dm-crypt"; diff --git a/pkgs/os-specific/linux/cryptsetup/relative-token-path.patch b/pkgs/os-specific/linux/cryptsetup/relative-token-path.patch new file mode 100644 index 00000000000..dffd0ba3bb5 --- /dev/null +++ b/pkgs/os-specific/linux/cryptsetup/relative-token-path.patch @@ -0,0 +1,50 @@ +From 4f95ab1f8110a8ab9d7b0e192731ce467f6e5c26 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Janne=20He=C3=9F?= <janne@hess.ooo> +Date: Sun, 4 Sep 2022 11:15:02 -0600 +Subject: [PATCH] Allow loading token handlers from the default search path + +Since [1] landed in cryptsetup, token handlers (libcryptsetup-token-*.so) +are loaded from a fixed path defined at compile-time. This is +problematic with NixOS since it introduces a dependency cycle +between cryptsetup and systemd. + +This downstream patch [2] allows loading token plugins from the +default library search path. This approach is not accepted upstream [3] +due to security concerns, but the potential attack vectors require +root access and they are sufficiently addressed: + +* cryptsetup could be used as a setuid binary (not used in NixOS). + In this case, LD_LIBRARY_PATH is ignored because of secure-execution + mode. +* cryptsetup running as root could lead to a malicious token handler + being loaded through LD_LIBRARY_PATH. However, fixing the path + doesn't prevent the same malicious .so being loaded through LD_PRELOAD. + +[1] https://gitlab.com/cryptsetup/cryptsetup/-/commit/5b9e98f94178d3cd179d9f6e2a0a68c7d9eb6507 +[2] https://github.com/NixOS/nixpkgs/issues/167994#issuecomment-1094249369 +[3] https://gitlab.com/cryptsetup/cryptsetup/-/issues/733 +--- + lib/luks2/luks2_token.c | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +diff --git a/lib/luks2/luks2_token.c b/lib/luks2/luks2_token.c +index 26467253..6f8329f0 100644 +--- a/lib/luks2/luks2_token.c ++++ b/lib/luks2/luks2_token.c +@@ -151,12 +151,10 @@ crypt_token_load_external(struct crypt_device *cd, const char *name, struct cryp + + token = &ret->u.v2; + +- r = snprintf(buf, sizeof(buf), "%s/libcryptsetup-token-%s.so", crypt_token_external_path(), name); ++ r = snprintf(buf, sizeof(buf), "libcryptsetup-token-%s.so", name); + if (r < 0 || (size_t)r >= sizeof(buf)) + return -EINVAL; + +- assert(*buf == '/'); +- + log_dbg(cd, "Trying to load %s.", buf); + + h = dlopen(buf, RTLD_LAZY); +-- +2.37.2 + diff --git a/pkgs/os-specific/linux/exfat/default.nix b/pkgs/os-specific/linux/exfat/default.nix index d459d240844..ee6f448112d 100644 --- a/pkgs/os-specific/linux/exfat/default.nix +++ b/pkgs/os-specific/linux/exfat/default.nix @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { makeFlags = [ "KDIR=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" "ARCH=${stdenv.hostPlatform.linuxArch}" - ] ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) [ + ] ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ "CROSS_COMPILE=${stdenv.cc.targetPrefix}" ]; diff --git a/pkgs/os-specific/linux/gobi_loader/default.nix b/pkgs/os-specific/linux/gobi_loader/default.nix index b7972007719..2b251242119 100644 --- a/pkgs/os-specific/linux/gobi_loader/default.nix +++ b/pkgs/os-specific/linux/gobi_loader/default.nix @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { substituteInPlace 60-gobi.rules --replace "/lib/firmware" "/run/current-system/firmware" ''; - makeFlags = "prefix=${placeholder "out"}"; + makeFlags = [ "prefix=${placeholder "out"}" ]; meta = with lib; { description = "Firmware loader for Qualcomm Gobi USB chipsets"; diff --git a/pkgs/os-specific/linux/kernel-headers/default.nix b/pkgs/os-specific/linux/kernel-headers/default.nix index daa8c1ae201..ebf20a015c0 100644 --- a/pkgs/os-specific/linux/kernel-headers/default.nix +++ b/pkgs/os-specific/linux/kernel-headers/default.nix @@ -27,7 +27,7 @@ let flex bison python rsync ]; - extraIncludeDirs = lib.optional (with stdenvNoCC.hostPlatform; isPower && is32bit && isBigEndian) ["ppc"]; + extraIncludeDirs = lib.optionals (with stdenvNoCC.hostPlatform; isPower && is32bit && isBigEndian) ["ppc"]; inherit patches; @@ -84,12 +84,12 @@ let in { inherit makeLinuxHeaders; - linuxHeaders = let version = "5.19"; in + linuxHeaders = let version = "6.0"; in makeLinuxHeaders { inherit version; src = fetchurl { - url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "1a05a3hw4w3k530mxhns96xw7hag743xw5w967yazqcykdbhq97z"; + url = "mirror://kernel/linux/kernel/v${lib.versions.major version}.x/linux-${version}.tar.xz"; + sha256 = "sha256-XCRDpVON5SaI77VcJ6sFOcH161jAz9FqK5+7CP2BeI4="; }; patches = [ ./no-relocs.patch # for building x86 kernel headers on non-ELF platforms diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index 2e076063458..57fe7420f48 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -411,6 +411,7 @@ let XFS_QUOTA = option yes; XFS_POSIX_ACL = option yes; XFS_RT = option yes; # XFS Realtime subvolume support + XFS_ONLINE_SCRUB = option yes; OCFS2_DEBUG_MASKLOG = option no; diff --git a/pkgs/os-specific/linux/kexec-tools/default.nix b/pkgs/os-specific/linux/kexec-tools/default.nix index 6faa401eccc..e10f3e4defb 100644 --- a/pkgs/os-specific/linux/kexec-tools/default.nix +++ b/pkgs/os-specific/linux/kexec-tools/default.nix @@ -2,14 +2,14 @@ stdenv.mkDerivation rec { pname = "kexec-tools"; - version = "2.0.23"; + version = "2.0.25"; src = fetchurl { urls = [ "mirror://kernel/linux/utils/kernel/kexec/${pname}-${version}.tar.xz" "http://horms.net/projects/kexec/kexec-tools/${pname}-${version}.tar.xz" ]; - sha256 = "qmPNbH3ZWwbOumJAp/3GeSeJytp1plXmcUmHF1IkJBs="; + sha256 = "sha256-fOLl3vOOwE95/rEH0CJD3VhvvGhWnszwL0S606E+wH0="; }; patches = [ diff --git a/pkgs/os-specific/linux/numactl/default.nix b/pkgs/os-specific/linux/numactl/default.nix index ac17a18273a..28157ffe167 100644 --- a/pkgs/os-specific/linux/numactl/default.nix +++ b/pkgs/os-specific/linux/numactl/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "numactl"; - version = "2.0.15"; + version = "2.0.16"; src = fetchFromGitHub { owner = pname; repo = pname; rev = "v${version}"; - sha256 = "sha256-mowDqCkAHDEV9AWCgAEWL0//sNMUk/K8w3eO7Wg+AwQ="; + sha256 = "sha256-aDKzkmvrPDzQl4n0KgeiU5LOLhQA0tmwzGiXvJDp7ZI="; }; nativeBuildInputs = [ autoreconfHook ]; diff --git a/pkgs/os-specific/linux/nvidia-x11/generic.nix b/pkgs/os-specific/linux/nvidia-x11/generic.nix index 351d71ab8e2..ea9dbcabd0e 100644 --- a/pkgs/os-specific/linux/nvidia-x11/generic.nix +++ b/pkgs/os-specific/linux/nvidia-x11/generic.nix @@ -101,7 +101,7 @@ let nativeBuildInputs = [ perl nukeReferences ] ++ optionals (!libsOnly) kernel.moduleBuildDependencies; - disallowedReferences = optional (!libsOnly) [ kernel.dev ]; + disallowedReferences = optionals (!libsOnly) [ kernel.dev ]; passthru = { open = mapNullable (hash: callPackage ./open.nix { diff --git a/pkgs/os-specific/linux/otpw/default.nix b/pkgs/os-specific/linux/otpw/default.nix index 14381ac68c1..6c53bf16efc 100644 --- a/pkgs/os-specific/linux/otpw/default.nix +++ b/pkgs/os-specific/linux/otpw/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, pam }: +{ lib, stdenv, fetchurl, pam, libxcrypt }: stdenv.mkDerivation rec { pname = "otpw"; @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { cp *.8 $out/share/man/man8 ''; - buildInputs = [ pam ]; + buildInputs = [ pam libxcrypt ]; hardeningDisable = [ "stackprotector" ]; diff --git a/pkgs/os-specific/linux/pam/default.nix b/pkgs/os-specific/linux/pam/default.nix index 72f91e89c74..22e7057e343 100644 --- a/pkgs/os-specific/linux/pam/default.nix +++ b/pkgs/os-specific/linux/pam/default.nix @@ -1,6 +1,6 @@ { lib, stdenv, buildPackages, fetchurl, flex, cracklib, db4, gettext, audit , nixosTests -, withLibxcrypt ? false, libxcrypt +, withLibxcrypt ? true, libxcrypt }: stdenv.mkDerivation rec { diff --git a/pkgs/os-specific/linux/pam_mysql/default.nix b/pkgs/os-specific/linux/pam_mysql/default.nix index 807899cf2b2..036d4b20cb4 100644 --- a/pkgs/os-specific/linux/pam_mysql/default.nix +++ b/pkgs/os-specific/linux/pam_mysql/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, meson, ninja, pam, pkg-config, libmysqlclient, mariadb }: +{ lib, stdenv, fetchFromGitHub, meson, ninja, pam, pkg-config, libmysqlclient, mariadb, libxcrypt }: stdenv.mkDerivation rec { pname = "pam_mysql"; @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ meson pkg-config ninja ]; - buildInputs = [ pam libmysqlclient mariadb ]; + buildInputs = [ pam libmysqlclient mariadb libxcrypt ]; meta = with lib; { description = "PAM authentication module against a MySQL database"; diff --git a/pkgs/os-specific/linux/pam_pgsql/default.nix b/pkgs/os-specific/linux/pam_pgsql/default.nix index 3cfa6733efa..2eabcefe584 100644 --- a/pkgs/os-specific/linux/pam_pgsql/default.nix +++ b/pkgs/os-specific/linux/pam_pgsql/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config, postgresql, libgcrypt, pam }: +{ lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config, postgresql, libgcrypt, pam, libxcrypt }: stdenv.mkDerivation rec { pname = "pam_pgsql"; @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ autoreconfHook pkg-config ]; - buildInputs = [ libgcrypt pam postgresql ]; + buildInputs = [ libgcrypt pam postgresql libxcrypt ]; meta = with lib; { description = "Support to authenticate against PostgreSQL for PAM-enabled appliations"; diff --git a/pkgs/os-specific/linux/policycoreutils/default.nix b/pkgs/os-specific/linux/policycoreutils/default.nix index c066dd4c4c5..33875049747 100644 --- a/pkgs/os-specific/linux/policycoreutils/default.nix +++ b/pkgs/os-specific/linux/policycoreutils/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, gettext, libsepol, libselinux, libsemanage }: +{ lib, stdenv, fetchurl, gettext, libsepol, libselinux, libsemanage, libxcrypt }: stdenv.mkDerivation rec { pname = "policycoreutils"; @@ -20,7 +20,7 @@ stdenv.mkDerivation rec { ''; nativeBuildInputs = [ gettext ]; - buildInputs = [ libsepol libselinux libsemanage ]; + buildInputs = [ libsepol libselinux libsemanage libxcrypt ]; makeFlags = [ "PREFIX=$(out)" diff --git a/pkgs/os-specific/linux/rtl8812au/default.nix b/pkgs/os-specific/linux/rtl8812au/default.nix index 03a5c0f4aeb..6a1c4fc80da 100644 --- a/pkgs/os-specific/linux/rtl8812au/default.nix +++ b/pkgs/os-specific/linux/rtl8812au/default.nix @@ -28,7 +28,7 @@ stdenv.mkDerivation rec { "KSRC=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build" ("CONFIG_PLATFORM_I386_PC=" + (if stdenv.hostPlatform.isx86 then "y" else "n")) ("CONFIG_PLATFORM_ARM_RPI=" + (if stdenv.hostPlatform.isAarch then "y" else "n")) - ] ++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) [ + ] ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ "CROSS_COMPILE=${stdenv.cc.targetPrefix}" ]; diff --git a/pkgs/os-specific/linux/shadow/default.nix b/pkgs/os-specific/linux/shadow/default.nix index 5537f9f6aac..c6fd417d0d6 100644 --- a/pkgs/os-specific/linux/shadow/default.nix +++ b/pkgs/os-specific/linux/shadow/default.nix @@ -1,6 +1,6 @@ { lib, stdenv, nixosTests, fetchpatch, fetchFromGitHub, autoreconfHook, libxslt , libxml2 , docbook_xml_dtd_45, docbook_xsl, itstool, flex, bison, runtimeShell -, pam ? null, glibcCross ? null +, libxcrypt, pam ? null, glibcCross ? null }: let @@ -28,7 +28,8 @@ stdenv.mkDerivation rec { sha256 = "sha256-PxLX5V0t18JftT5wT41krNv18Ew7Kz3MfZkOi/80ODA="; }; - buildInputs = lib.optional (pam != null && stdenv.isLinux) pam; + buildInputs = [ libxcrypt ] + ++ lib.optional (pam != null && stdenv.isLinux) pam; nativeBuildInputs = [autoreconfHook libxslt libxml2 docbook_xml_dtd_45 docbook_xsl flex bison itstool ]; @@ -62,6 +63,8 @@ stdenv.mkDerivation rec { configureFlags = [ "--enable-man" "--with-group-name-max-length=32" + "--with-bcrypt" + "--with-yescrypt" ] ++ lib.optional (stdenv.hostPlatform.libc != "glibc") "--disable-nscd"; preBuild = lib.optionalString (stdenv.hostPlatform.libc == "glibc") diff --git a/pkgs/os-specific/linux/systemd/0018-core-don-t-taint-on-unmerged-usr.patch b/pkgs/os-specific/linux/systemd/0018-core-don-t-taint-on-unmerged-usr.patch new file mode 100644 index 00000000000..1cd3c2105e1 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/0018-core-don-t-taint-on-unmerged-usr.patch @@ -0,0 +1,33 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: oxalica <oxalicc@pm.me> +Date: Tue, 4 Oct 2022 09:18:07 +0800 +Subject: [PATCH] core: don't taint on unmerged /usr + +NixOS has very different approach towards /bin and /sbin - they don't +really exist (except for /bin/sh and /usr/bin/env, because these are used +heavily in shebangs around the world). The concept of merged or unmerged +usr doesn't really apply here at all, it's neither of the two. +Users don't execute things from /bin or /sbin, there's nothing else in +there. In all cases, systemd doesn't look things up from /usr/bin or /bin, +so showing the taint isn't really helpful. + +See also: https://github.com/systemd/systemd/issues/24191 +--- + src/core/manager.c | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/src/core/manager.c b/src/core/manager.c +index 33ded94a7c..8847479799 100644 +--- a/src/core/manager.c ++++ b/src/core/manager.c +@@ -4488,10 +4488,6 @@ char* manager_taint_string(const Manager *m) { + if (m->taint_usr) + stage[n++] = "split-usr"; + +- _cleanup_free_ char *usrbin = NULL; +- if (readlink_malloc("/bin", &usrbin) < 0 || !PATH_IN_SET(usrbin, "usr/bin", "/usr/bin")) +- stage[n++] = "unmerged-usr"; +- + if (access("/proc/cgroups", F_OK) < 0) + stage[n++] = "cgroups-missing"; + diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 5b417369a55..9ccebdff2e0 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -7,6 +7,7 @@ , fetchpatch , fetchzip , buildPackages +, makeBinaryWrapper , ninja , meson , m4 @@ -27,6 +28,7 @@ , util-linux , kbd , kmod +, libxcrypt # Optional dependencies , pam @@ -92,7 +94,7 @@ , withOomd ? true , withPCRE2 ? true , withPolkit ? true -, withPortabled ? false +, withPortabled ? !stdenv.hostPlatform.isMusl , withRemote ? !stdenv.hostPlatform.isMusl , withResolved ? true , withShellCompletions ? true @@ -120,7 +122,7 @@ assert withHomed -> withCryptsetup; let wantCurl = withRemote || withImportd; wantGcrypt = withResolved || withImportd; - version = "251.4"; + version = "251.5"; # Bump this variable on every (major) version change. See below (in the meson options list) for why. # command: @@ -137,7 +139,7 @@ stdenv.mkDerivation { owner = "systemd"; repo = "systemd-stable"; rev = "v${version}"; - sha256 = "sha256-lfG6flT1k8LZBAdDK+cF9RjmJMkHMJquMjQK3MINFd8="; + sha256 = "sha256-2MEmvFT1D+9v8OazBwjnKc7i/x7i196Eoi8bODk1cM4="; }; # On major changes, or when otherwise required, you *must* reformat the patches, @@ -163,6 +165,7 @@ stdenv.mkDerivation { ./0015-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch ./0016-pkg-config-derive-prefix-from-prefix.patch ./0017-inherit-systemd-environment-when-calling-generators.patch + ./0018-core-don-t-taint-on-unmerged-usr.patch ] ++ lib.optional stdenv.hostPlatform.isMusl ( let oe-core = fetchzip { @@ -331,6 +334,7 @@ stdenv.mkDerivation { nativeBuildInputs = [ pkg-config + makeBinaryWrapper gperf ninja meson @@ -359,6 +363,7 @@ stdenv.mkDerivation { acl audit kmod + libxcrypt libcap libidn2 libuuid @@ -571,21 +576,22 @@ stdenv.mkDerivation { ]; # { replacement, search, where } -> List[str] - mkSubstitute = { replacement, search, where, ignore ? [] }: + mkSubstitute = { replacement, search, where, ignore ? [ ] }: map (path: "substituteInPlace ${path} --replace '${search}' \"${replacement}\"") where; - mkEnsureSubstituted = { replacement, search, where, ignore ? [] }: - let - ignore' = lib.concatStringsSep "|" (ignore ++ ["^test" "NEWS"]); - in '' - set +e - search=$(grep '${search}' -r | grep -v "${replacement}" | grep -Ev "${ignore'}") - set -e - if [[ -n "$search" ]]; then - echo "Not all references to '${search}' have been replaced. Found the following matches:" - echo "$search" - exit 1 - fi - ''; + mkEnsureSubstituted = { replacement, search, where, ignore ? [ ] }: + let + ignore' = lib.concatStringsSep "|" (ignore ++ [ "^test" "NEWS" ]); + in + '' + set +e + search=$(grep '${search}' -r | grep -v "${replacement}" | grep -Ev "${ignore'}") + set -e + if [[ -n "$search" ]]; then + echo "Not all references to '${search}' have been replaced. Found the following matches:" + echo "$search" + exit 1 + fi + ''; in '' mesonFlagsArray+=(-Dntp-servers="0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.org") @@ -664,7 +670,14 @@ stdenv.mkDerivation { preFixup = lib.optionalString withEfi '' mv $out/lib/systemd/boot/efi $out/dont-strip-me ''; - postFixup = lib.optionalString withEfi '' + + # Wrap in the correct path for LUKS2 tokens. + postFixup = lib.optionalString withCryptsetup '' + for f in lib/systemd/systemd-cryptsetup bin/systemd-cryptenroll; do + # This needs to be in LD_LIBRARY_PATH because rpath on a binary is not propagated to libraries using dlopen, in this case `libcryptsetup.so` + wrapProgram $out/$f --prefix LD_LIBRARY_PATH : ${placeholder "out"}/lib/cryptsetup + done + '' + lib.optionalString withEfi '' mv $out/dont-strip-me $out/lib/systemd/boot/efi ''; @@ -677,7 +690,7 @@ stdenv.mkDerivation { # runtime; otherwise we can't and we need to reboot. interfaceVersion = 2; - inherit withCryptsetup withHostnamed withImportd withLocaled withMachined withTimedated withUtmp util-linux kmod kbd; + inherit withCryptsetup withHostnamed withImportd withLocaled withMachined withPortabled withTimedated withUtmp util-linux kmod kbd; tests = { inherit (nixosTests) switchTest; diff --git a/pkgs/os-specific/linux/sysvinit/default.nix b/pkgs/os-specific/linux/sysvinit/default.nix index 87b5b81066c..c8ba3164ab0 100644 --- a/pkgs/os-specific/linux/sysvinit/default.nix +++ b/pkgs/os-specific/linux/sysvinit/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, withoutInitTools ? false }: +{ lib, stdenv, fetchurl, libxcrypt, withoutInitTools ? false }: stdenv.mkDerivation rec { pname = if withoutInitTools then "sysvtools" else "sysvinit"; @@ -14,6 +14,8 @@ stdenv.mkDerivation rec { sed -i -e "s,/sbin/,$out/sbin/," src/halt.c src/init.c src/paths.h ''; + buildInputs = [ libxcrypt ]; + makeFlags = [ "SULOGINLIBS=-lcrypt" "ROOT=$(out)" "MANDIR=/share/man" ]; preInstall = diff --git a/pkgs/os-specific/linux/util-linux/default.nix b/pkgs/os-specific/linux/util-linux/default.nix index d57fdba7310..8df231c961e 100644 --- a/pkgs/os-specific/linux/util-linux/default.nix +++ b/pkgs/os-specific/linux/util-linux/default.nix @@ -1,6 +1,7 @@ { lib, stdenv, fetchurl, pkg-config, zlib, shadow , capabilitiesSupport ? true , libcap_ng +, libxcrypt , ncursesSupport ? true , ncurses , pamSupport ? true @@ -68,7 +69,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ pkg-config ] ++ lib.optionals translateManpages [ po4a ]; - buildInputs = [ zlib ] + buildInputs = [ zlib libxcrypt ] ++ lib.optionals pamSupport [ pam ] ++ lib.optionals capabilitiesSupport [ libcap_ng ] ++ lib.optionals ncursesSupport [ ncurses ] diff --git a/pkgs/os-specific/linux/wiringpi/default.nix b/pkgs/os-specific/linux/wiringpi/default.nix index a06e25b9eb8..eed71188eb0 100644 --- a/pkgs/os-specific/linux/wiringpi/default.nix +++ b/pkgs/os-specific/linux/wiringpi/default.nix @@ -2,6 +2,7 @@ , stdenv , symlinkJoin , fetchFromGitHub +, libxcrypt }: let @@ -35,6 +36,9 @@ let inherit mkSubProject; wiringPi = mkSubProject { subprj = "wiringPi"; + buildInputs = [ + libxcrypt + ]; }; devLib = mkSubProject { subprj = "devLib"; @@ -45,6 +49,7 @@ let wiringPiD = mkSubProject { subprj = "wiringPiD"; buildInputs = [ + libxcrypt passthru.wiringPi passthru.devLib ]; @@ -52,6 +57,7 @@ let gpio = mkSubProject { subprj = "gpio"; buildInputs = [ + libxcrypt passthru.wiringPi passthru.devLib ]; diff --git a/pkgs/servers/dante/default.nix b/pkgs/servers/dante/default.nix index dd5967a2407..f5b2e5a785f 100644 --- a/pkgs/servers/dante/default.nix +++ b/pkgs/servers/dante/default.nix @@ -1,4 +1,5 @@ -{ lib, stdenv, fetchurl, fetchpatch, pam, libkrb5, cyrus_sasl, miniupnpc, autoreconfHook }: +{ lib, stdenv, fetchurl, fetchpatch, autoreconfHook +, pam, libkrb5, cyrus_sasl, miniupnpc, libxcrypt }: stdenv.mkDerivation rec { pname = "dante"; @@ -10,7 +11,7 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = lib.optional stdenv.hostPlatform.isMips64 autoreconfHook; - buildInputs = [ pam libkrb5 cyrus_sasl miniupnpc ]; + buildInputs = [ pam libkrb5 cyrus_sasl miniupnpc libxcrypt ]; configureFlags = if !stdenv.isDarwin then [ "--with-libc=libc.so.6" ] @@ -18,7 +19,7 @@ stdenv.mkDerivation rec { dontAddDisableDepTrack = stdenv.isDarwin; - patches = lib.optional stdenv.hostPlatform.isMips64 [ + patches = lib.optionals stdenv.hostPlatform.isMips64 [ (fetchpatch { name = "0002-osdep-m4-Remove-getaddrinfo-too-low-checks.patch"; url = "https://raw.githubusercontent.com/buildroot/buildroot/master/package/dante/0002-osdep-m4-Remove-getaddrinfo-too-low-checks.patch"; diff --git a/pkgs/servers/dico/default.nix b/pkgs/servers/dico/default.nix index 0275046aa25..e372ffe9bad 100644 --- a/pkgs/servers/dico/default.nix +++ b/pkgs/servers/dico/default.nix @@ -1,5 +1,5 @@ { fetchurl, lib, stdenv, libtool, gettext, zlib, readline, gsasl -, guile, python3, pcre, libffi, groff }: +, guile, python3, pcre, libffi, groff, libxcrypt }: stdenv.mkDerivation rec { pname = "dico"; @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ groff ]; buildInputs = - [ libtool gettext zlib readline gsasl guile python3 pcre libffi ]; + [ libtool gettext zlib readline gsasl guile python3 pcre libffi libxcrypt ]; strictDeps = true; diff --git a/pkgs/servers/dns/knot-dns/default.nix b/pkgs/servers/dns/knot-dns/default.nix index 6ed706c5378..286d2f2e93e 100644 --- a/pkgs/servers/dns/knot-dns/default.nix +++ b/pkgs/servers/dns/knot-dns/default.nix @@ -49,7 +49,7 @@ stdenv.mkDerivation rec { CFLAGS = [ "-O2" "-DNDEBUG" ]; doCheck = true; - checkFlags = "V=1"; # verbose output in case some test fails + checkFlags = [ "V=1" ]; # verbose output in case some test fails doInstallCheck = true; postInstall = '' diff --git a/pkgs/servers/foundationdb/cmake.nix b/pkgs/servers/foundationdb/cmake.nix index 98fd6ca7981..9d65198c8ce 100644 --- a/pkgs/servers/foundationdb/cmake.nix +++ b/pkgs/servers/foundationdb/cmake.nix @@ -33,7 +33,7 @@ let buildInputs = [ libressl boost ]; nativeBuildInputs = [ cmake ninja python3 openjdk mono ] - ++ lib.optional useClang [ llvmPackages.lld ]; + ++ lib.optionals useClang [ llvmPackages.lld ]; separateDebugInfo = true; dontFixCmake = true; diff --git a/pkgs/servers/foundationdb/vsmake.nix b/pkgs/servers/foundationdb/vsmake.nix index 284dc9fb3bd..21ee2e4f848 100644 --- a/pkgs/servers/foundationdb/vsmake.nix +++ b/pkgs/servers/foundationdb/vsmake.nix @@ -84,11 +84,11 @@ let makeFlags = [ "all" "fdb_java" "fdb_python" ] # Don't compile FDBLibTLS if we don't need it in 6.0 or later; # it gets statically linked in - ++ lib.optional (lib.versionOlder version "6.0") [ "fdb_c" ] + ++ lib.optionals (lib.versionOlder version "6.0") [ "fdb_c" ] # Needed environment overrides ++ [ "KVRELEASE=1" "NOSTRIP=1" - ] ++ lib.optional officialRelease [ "RELEASE=true" ]; + ] ++ lib.optionals officialRelease [ "RELEASE=true" ]; # on 6.0 and later, we can specify all this information manually configurePhase = lib.optionalString (lib.versionAtLeast version "6.0") '' diff --git a/pkgs/servers/ftp/bftpd/default.nix b/pkgs/servers/ftp/bftpd/default.nix index 6bedb469f4d..73edd94a349 100644 --- a/pkgs/servers/ftp/bftpd/default.nix +++ b/pkgs/servers/ftp/bftpd/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl }: +{ lib, stdenv, fetchurl, libxcrypt }: stdenv.mkDerivation rec { pname = "bftpd"; @@ -9,6 +9,8 @@ stdenv.mkDerivation rec { sha256 = "sha256-lyHQYU4aXQ/muAyaigStqO/ULL393SOelagFmuKDqm8="; }; + buildInputs = [ libxcrypt ]; + preConfigure = '' sed -re 's/-[og] 0//g' -i Makefile* ''; diff --git a/pkgs/servers/ftp/pure-ftpd/default.nix b/pkgs/servers/ftp/pure-ftpd/default.nix index 15f1520b807..fe82f1c4679 100644 --- a/pkgs/servers/ftp/pure-ftpd/default.nix +++ b/pkgs/servers/ftp/pure-ftpd/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, openssl, pam, fetchpatch }: +{ lib, stdenv, fetchurl, openssl, pam, libxcrypt }: stdenv.mkDerivation rec { pname = "pure-ftpd"; @@ -9,7 +9,7 @@ stdenv.mkDerivation rec { sha256 = "sha256-QWD2a3ZhXuojl+rE6j8KFGt5KCB7ebxMwvma17e9lRM="; }; - buildInputs = [ openssl pam ]; + buildInputs = [ openssl pam libxcrypt ]; configureFlags = [ "--with-tls" ]; diff --git a/pkgs/servers/ftp/vsftpd/default.nix b/pkgs/servers/ftp/vsftpd/default.nix index 3a3517f4f23..601d14d342a 100644 --- a/pkgs/servers/ftp/vsftpd/default.nix +++ b/pkgs/servers/ftp/vsftpd/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, libcap, libseccomp, openssl, pam, nixosTests }: +{ lib, stdenv, fetchurl, libcap, libseccomp, openssl, pam, libxcrypt, nixosTests }: stdenv.mkDerivation rec { pname = "vsftpd"; @@ -9,7 +9,7 @@ stdenv.mkDerivation rec { sha256 = "sha256-JrYCrkVLC6bZnvRKCba54N+n9nIoEGc23x8njHC8kdM="; }; - buildInputs = [ libcap openssl libseccomp pam ]; + buildInputs = [ libcap openssl libseccomp pam libxcrypt ]; patches = [ ./CVE-2015-1419.patch ]; diff --git a/pkgs/servers/geospatial/mapserver/default.nix b/pkgs/servers/geospatial/mapserver/default.nix index d7012af0ffe..ac8af5b7de0 100644 --- a/pkgs/servers/geospatial/mapserver/default.nix +++ b/pkgs/servers/geospatial/mapserver/default.nix @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ cmake pkg-config - ] ++ lib.optional withPython [ swig python3.pkgs.setuptools ]; + ] ++ lib.optionals withPython [ swig python3.pkgs.setuptools ]; buildInputs = [ cairo diff --git a/pkgs/servers/http/apache-httpd/2.4.nix b/pkgs/servers/http/apache-httpd/2.4.nix index 72ad91d017e..ec8b3e5c6fa 100644 --- a/pkgs/servers/http/apache-httpd/2.4.nix +++ b/pkgs/servers/http/apache-httpd/2.4.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, perl, zlib, apr, aprutil, pcre2, libiconv, lynx, which +{ lib, stdenv, fetchurl, perl, zlib, apr, aprutil, pcre2, libiconv, lynx, which, libxcrypt , nixosTests , proxySupport ? true , sslSupport ? true, openssl @@ -24,7 +24,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ which ]; - buildInputs = [ perl ] ++ + buildInputs = [ perl libxcrypt ] ++ lib.optional brotliSupport brotli ++ lib.optional sslSupport openssl ++ lib.optional ldapSupport openldap ++ # there is no --with-ldap flag diff --git a/pkgs/servers/http/bozohttpd/default.nix b/pkgs/servers/http/bozohttpd/default.nix index 1574a953b17..b236e1f2621 100644 --- a/pkgs/servers/http/bozohttpd/default.nix +++ b/pkgs/servers/http/bozohttpd/default.nix @@ -6,6 +6,7 @@ , inetutils , wget , openssl +, libxcrypt , minimal ? false , userSupport ? !minimal , cgiSupport ? !minimal @@ -42,7 +43,7 @@ stdenv.mkDerivation rec { ]; patchFlags = [ "-p3" ]; - buildInputs = [ openssl ] ++ optional (luaSupport) lua; + buildInputs = [ openssl libxcrypt ] ++ optional (luaSupport) lua; nativeBuildInputs = [ bmake groff ]; COPTS = [ diff --git a/pkgs/servers/http/hiawatha/default.nix b/pkgs/servers/http/hiawatha/default.nix index 950faf89bed..2ab0b12c483 100644 --- a/pkgs/servers/http/hiawatha/default.nix +++ b/pkgs/servers/http/hiawatha/default.nix @@ -4,6 +4,7 @@ , cmake , ninja , mbedtls +, libxcrypt , enableCache ? true # Internal cache support. , enableIpV6 ? true @@ -27,7 +28,7 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ cmake ninja ]; - buildInputs = [ mbedtls ] ++ lib.optionals enableXslt [ libxslt libxml2 ]; + buildInputs = [ mbedtls libxcrypt ] ++ lib.optionals enableXslt [ libxslt libxml2 ]; prePatch = '' substituteInPlace CMakeLists.txt --replace SETUID "" diff --git a/pkgs/servers/http/tengine/default.nix b/pkgs/servers/http/tengine/default.nix index d7c8ea226fe..d464f7aa3e5 100644 --- a/pkgs/servers/http/tengine/default.nix +++ b/pkgs/servers/http/tengine/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, openssl, zlib, pcre, libxml2, libxslt +{ lib, stdenv, fetchFromGitHub, openssl, zlib, pcre, libxcrypt, libxml2, libxslt , substituteAll, gd, geoip, gperftools, jemalloc, nixosTests , withDebug ? false , withMail ? false @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { }; buildInputs = - [ openssl zlib pcre libxml2 libxslt gd geoip gperftools jemalloc ] + [ openssl zlib pcre libxcrypt libxml2 libxslt gd geoip gperftools jemalloc ] ++ concatMap (mod: mod.inputs or []) modules; patches = singleton (substituteAll { diff --git a/pkgs/servers/http/thttpd/default.nix b/pkgs/servers/http/thttpd/default.nix index 64e7309bc9b..c7a92bbf5f1 100644 --- a/pkgs/servers/http/thttpd/default.nix +++ b/pkgs/servers/http/thttpd/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl }: +{ lib, stdenv, fetchurl, libxcrypt }: stdenv.mkDerivation rec { pname = "thttpd"; @@ -14,6 +14,10 @@ stdenv.mkDerivation rec { sed -i -e 's/chmod 2755/chmod 755/' extras/Makefile.in ''; + buildInputs = [ + libxcrypt + ]; + preInstall = '' mkdir -p "$out/man/man1" sed -i -e 's/-o bin -g bin *//' Makefile diff --git a/pkgs/servers/hylafaxplus/default.nix b/pkgs/servers/hylafaxplus/default.nix index d02f1b5a7e3..c1a8cdc26d8 100644 --- a/pkgs/servers/hylafaxplus/default.nix +++ b/pkgs/servers/hylafaxplus/default.nix @@ -13,6 +13,7 @@ , gnugrep , gnused , libtiff +, libxcrypt , openssl , psmisc , sharutils @@ -79,6 +80,7 @@ stdenv.mkDerivation { file # for `file` command ghostscript libtiff + libxcrypt openssl psmisc # for `fuser` command sharutils # for `uuencode` command diff --git a/pkgs/servers/irc/atheme/default.nix b/pkgs/servers/irc/atheme/default.nix index 9db7ef3aaca..3df18bbe0c9 100644 --- a/pkgs/servers/irc/atheme/default.nix +++ b/pkgs/servers/irc/atheme/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchgit, libmowgli, pkg-config, git, gettext, pcre, libidn, cracklib, openssl }: +{ lib, stdenv, fetchgit, libmowgli, pkg-config, git, gettext, pcre, libidn, libxcrypt, cracklib, openssl }: stdenv.mkDerivation rec { pname = "atheme"; @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ pkg-config git gettext ]; - buildInputs = [ libmowgli pcre libidn cracklib openssl ]; + buildInputs = [ libmowgli pcre libidn libxcrypt cracklib openssl ]; configureFlags = [ "--with-pcre" diff --git a/pkgs/servers/irc/ircd-hybrid/default.nix b/pkgs/servers/irc/ircd-hybrid/default.nix index 346555cf5d7..cda989b8bef 100644 --- a/pkgs/servers/irc/ircd-hybrid/default.nix +++ b/pkgs/servers/irc/ircd-hybrid/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, openssl, zlib }: +{ lib, stdenv, fetchurl, openssl, zlib, libxcrypt }: stdenv.mkDerivation rec { pname = "ircd-hybrid"; @@ -9,7 +9,7 @@ stdenv.mkDerivation rec { sha256 = "sha256-vQNzx4DjCMGm9piQFf8o4cIpme92S3toY2tihXPCUe8="; }; - buildInputs = [ openssl zlib ]; + buildInputs = [ openssl zlib libxcrypt ]; configureFlags = [ "--with-nicklen=100" diff --git a/pkgs/servers/mail/opensmtpd/default.nix b/pkgs/servers/mail/opensmtpd/default.nix index 5f36b139781..3bac9e0c6ef 100644 --- a/pkgs/servers/mail/opensmtpd/default.nix +++ b/pkgs/servers/mail/opensmtpd/default.nix @@ -1,5 +1,5 @@ { lib, stdenv, fetchurl, autoconf, automake, libtool, bison -, libasr, libevent, zlib, libressl, db, pam, nixosTests +, libasr, libevent, zlib, libressl, db, pam, libxcrypt, nixosTests }: stdenv.mkDerivation rec { @@ -7,7 +7,7 @@ stdenv.mkDerivation rec { version = "6.8.0p2"; nativeBuildInputs = [ autoconf automake libtool bison ]; - buildInputs = [ libasr libevent zlib libressl db pam ]; + buildInputs = [ libasr libevent zlib libressl db pam libxcrypt ]; src = fetchurl { url = "https://www.opensmtpd.org/archives/${pname}-${version}.tar.gz"; diff --git a/pkgs/servers/mail/popa3d/default.nix b/pkgs/servers/mail/popa3d/default.nix index 9678bfe3fa2..d36d26b5d52 100644 --- a/pkgs/servers/mail/popa3d/default.nix +++ b/pkgs/servers/mail/popa3d/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, openssl }: +{ lib, stdenv, fetchurl, openssl, libxcrypt }: stdenv.mkDerivation rec { pname = "popa3d"; @@ -9,7 +9,7 @@ stdenv.mkDerivation rec { sha256 = "1g48cd74sqhl496wmljhq44iyfpghaz363a1ip8nyhpjz7d57f03"; }; - buildInputs = [ openssl ]; + buildInputs = [ openssl libxcrypt ]; patches = [ ./fix-mail-spool-path.patch diff --git a/pkgs/servers/matrix-conduit/default.nix b/pkgs/servers/matrix-conduit/default.nix index de6ce56072c..a3d4267b259 100644 --- a/pkgs/servers/matrix-conduit/default.nix +++ b/pkgs/servers/matrix-conduit/default.nix @@ -22,7 +22,7 @@ rustPlatform.buildRustPackage rec { rocksdb ]; - cargoBuildFlags = "--bin conduit"; + cargoBuildFlags = [ "--bin" "conduit" ]; meta = with lib; { broken = stdenv.isDarwin; diff --git a/pkgs/servers/misc/oven-media-engine/default.nix b/pkgs/servers/misc/oven-media-engine/default.nix index 2c49da68461..bcba5ce243a 100644 --- a/pkgs/servers/misc/oven-media-engine/default.nix +++ b/pkgs/servers/misc/oven-media-engine/default.nix @@ -29,7 +29,7 @@ stdenv.mkDerivation rec { }; sourceRoot = "source/src"; - makeFlags = "release CONFIG_LIBRARY_PATHS= CONFIG_PKG_PATHS= GLOBAL_CC=$(CC) GLOBAL_CXX=$(CXX) GLOBAL_LD=$(CXX) SHELL=${stdenv.shell}"; + makeFlags = [ "release" "CONFIG_LIBRARY_PATHS=" "CONFIG_PKG_PATHS=" "GLOBAL_CC=$(CC)" "GLOBAL_CXX=$(CXX)" "GLOBAL_LD=$(CXX)" "SHELL=${stdenv.shell}" ]; enableParallelBuilding = true; nativeBuildInputs = [ bc pkg-config perl ]; diff --git a/pkgs/servers/monitoring/plugins/wmic-bin.nix b/pkgs/servers/monitoring/plugins/wmic-bin.nix index 00e76624d10..7ce7802eaf4 100644 --- a/pkgs/servers/monitoring/plugins/wmic-bin.nix +++ b/pkgs/servers/monitoring/plugins/wmic-bin.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchFromGitHub, autoPatchelfHook, popt }: +{ stdenv, lib, fetchFromGitHub, autoPatchelfHook, popt, libxcrypt }: stdenv.mkDerivation rec { pname = "wmic-bin"; @@ -11,7 +11,7 @@ stdenv.mkDerivation rec { sha256 = "1w1mdbiwz37wzry1q38h8dyjaa6iggmsb9wcyhhlawwm1vj50w48"; }; - buildInputs = [ popt ]; + buildInputs = [ popt libxcrypt ]; nativeBuildInputs = [ autoPatchelfHook ]; diff --git a/pkgs/servers/news/leafnode/default.nix b/pkgs/servers/news/leafnode/default.nix index 03aea95177a..32c59aea2bd 100644 --- a/pkgs/servers/news/leafnode/default.nix +++ b/pkgs/servers/news/leafnode/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, pcre }: +{ lib, stdenv, fetchurl, pcre, libxcrypt }: stdenv.mkDerivation { pname = "leafnode"; @@ -27,7 +27,7 @@ stdenv.mkDerivation { sed -i validatefqdn.c -e 's/int is_validfqdn(const char \*f) {/int is_validfqdn(const char *f) { return 1;/;' ''; - buildInputs = [ pcre]; + buildInputs = [ pcre libxcrypt ]; meta = { homepage = "http://leafnode.sourceforge.net/"; diff --git a/pkgs/servers/nosql/dragonflydb/default.nix b/pkgs/servers/nosql/dragonflydb/default.nix index ff4833cfaa6..db000613480 100644 --- a/pkgs/servers/nosql/dragonflydb/default.nix +++ b/pkgs/servers/nosql/dragonflydb/default.nix @@ -87,7 +87,7 @@ stdenv.mkDerivation { "-DCMAKE_RANLIB=${gcc-unwrapped}/bin/gcc-ranlib" ]; - ninjaFlags = "dragonfly"; + ninjaFlags = [ "dragonfly" ]; doCheck = false; dontUseNinjaInstall = true; diff --git a/pkgs/servers/nosql/redis/default.nix b/pkgs/servers/nosql/redis/default.nix index ab5a5672af6..d10d8b8c073 100644 --- a/pkgs/servers/nosql/redis/default.nix +++ b/pkgs/servers/nosql/redis/default.nix @@ -25,7 +25,7 @@ stdenv.mkDerivation rec { # It's weird that the build isn't failing because of failure to compile dependencies, it's from failure to link them! makeFlags = [ "PREFIX=${placeholder "out"}" ] ++ lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ "AR=${stdenv.cc.targetPrefix}ar" "RANLIB=${stdenv.cc.targetPrefix}ranlib" "MALLOC=libc" ] - ++ lib.optional withSystemd [ "USE_SYSTEMD=yes" ] + ++ lib.optionals withSystemd [ "USE_SYSTEMD=yes" ] ++ lib.optionals tlsSupport [ "BUILD_TLS=yes" ]; enableParallelBuilding = true; diff --git a/pkgs/servers/pies/default.nix b/pkgs/servers/pies/default.nix index d96835c9497..9f5dfafcbea 100644 --- a/pkgs/servers/pies/default.nix +++ b/pkgs/servers/pies/default.nix @@ -1,4 +1,4 @@ -{ fetchurl, lib, stdenv }: +{ fetchurl, lib, stdenv, libxcrypt }: stdenv.mkDerivation rec { pname = "pies"; @@ -9,6 +9,8 @@ stdenv.mkDerivation rec { sha256 = "12r7rjjyibjdj08dvwbp0iflfpzl4s0zhn6cr6zj3hwf9gbzgl1g"; }; + buildInputs = [ libxcrypt ]; + configureFlags = ["--sysconfdir=/etc"]; hardeningDisable = [ "format" ]; diff --git a/pkgs/servers/pleroma/default.nix b/pkgs/servers/pleroma/default.nix index f2abe4458a6..233cafcc9e3 100644 --- a/pkgs/servers/pleroma/default.nix +++ b/pkgs/servers/pleroma/default.nix @@ -1,6 +1,7 @@ { lib, beamPackages , fetchFromGitHub, fetchFromGitLab , file, cmake +, libxcrypt , nixosTests, writeText , ... }: @@ -133,6 +134,8 @@ beamPackages.mixRelease rec { postInstall = "mv $out/lib/erlang/lib/crypt-${version}/priv/{source,crypt}.so"; beamDeps = with final; [ elixir_make ]; + + buildInputs = [ libxcrypt ]; }; web_push_encryption = beamPackages.buildMix rec { name = "web_push_encryption"; diff --git a/pkgs/servers/pounce/default.nix b/pkgs/servers/pounce/default.nix index 0d01f9cb7c4..e03d6e6827a 100644 --- a/pkgs/servers/pounce/default.nix +++ b/pkgs/servers/pounce/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, libressl, fetchzip, pkg-config }: +{ lib, stdenv, libressl, fetchzip, pkg-config, libxcrypt }: stdenv.mkDerivation rec { pname = "pounce"; @@ -9,7 +9,7 @@ stdenv.mkDerivation rec { sha256 = "17vmbfr7ika6kmq9jqa3rpd4cr71arapav7hlmggnj7a9yw5b9mg"; }; - buildInputs = [ libressl ]; + buildInputs = [ libressl libxcrypt ]; nativeBuildInputs = [ pkg-config ]; diff --git a/pkgs/servers/pulseaudio/default.nix b/pkgs/servers/pulseaudio/default.nix index 6b09105ef20..f1fc2a3573b 100644 --- a/pkgs/servers/pulseaudio/default.nix +++ b/pkgs/servers/pulseaudio/default.nix @@ -1,6 +1,6 @@ { lib, stdenv, fetchurl, fetchpatch, pkg-config , libsndfile, libtool, makeWrapper, perlPackages -, xlibsWrapper, xorg, libcap, alsa-lib, glib, dconf +, xorg, libcap, alsa-lib, glib, dconf , avahi, libjack2, libasyncns, lirc, dbus , sbc, bluez5, udev, openssl, fftwFloat , soxr, speexdsp, systemd, webrtc-audio-processing @@ -76,7 +76,7 @@ stdenv.mkDerivation rec { ++ lib.optionals (!libOnly) ( [ libasyncns webrtc-audio-processing ] ++ lib.optional jackaudioSupport libjack2 - ++ lib.optionals x11Support [ xlibsWrapper xorg.libXtst xorg.libXi ] + ++ lib.optionals x11Support [ xorg.libICE xorg.libSM xorg.libX11 xorg.libXi xorg.libXtst ] ++ lib.optional useSystemd systemd ++ lib.optionals stdenv.isLinux [ alsa-lib udev ] ++ lib.optional airtunesSupport openssl diff --git a/pkgs/servers/samba/4.x.nix b/pkgs/servers/samba/4.x.nix index e86527440cf..c5607b4d037 100644 --- a/pkgs/servers/samba/4.x.nix +++ b/pkgs/servers/samba/4.x.nix @@ -141,7 +141,7 @@ stdenv.mkDerivation rec { ++ optional (!enablePam) "--without-pam" ++ optionals (stdenv.hostPlatform != stdenv.buildPlatform) [ "--bundled-libraries=!asn1_compile,!compile_et" - ] ++ optional stdenv.isAarch32 [ + ] ++ optionals stdenv.isAarch32 [ # https://bugs.gentoo.org/683148 "--jobs 1" ]; diff --git a/pkgs/servers/search/groonga/default.nix b/pkgs/servers/search/groonga/default.nix index ffe9f901df5..7b7717828e1 100644 --- a/pkgs/servers/search/groonga/default.nix +++ b/pkgs/servers/search/groonga/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, autoreconfHook, mecab, kytea, libedit, pkg-config +{ lib, stdenv, fetchurl, autoreconfHook, mecab, kytea, libedit, pkg-config, libxcrypt , suggestSupport ? false, zeromq, libevent, msgpack, openssl , lz4Support ? false, lz4 , zlibSupport ? true, zlib @@ -20,7 +20,7 @@ stdenv.mkDerivation rec { ''; buildInputs = with lib; - [ mecab kytea libedit openssl ] + [ mecab kytea libedit openssl libxcrypt ] ++ optional lz4Support lz4 ++ optional zlibSupport zlib ++ optionals suggestSupport [ zeromq libevent msgpack ]; diff --git a/pkgs/servers/sip/freeswitch/default.nix b/pkgs/servers/sip/freeswitch/default.nix index 07311004b66..fb34b3c5af4 100644 --- a/pkgs/servers/sip/freeswitch/default.nix +++ b/pkgs/servers/sip/freeswitch/default.nix @@ -1,7 +1,7 @@ { fetchFromGitHub, stdenv, lib, pkg-config, autoreconfHook , ncurses, gnutls, readline , openssl, perl, sqlite, libjpeg, speex, pcre, libuuid -, ldns, libedit, yasm, which, libsndfile, libtiff +, ldns, libedit, yasm, which, libsndfile, libtiff, libxcrypt , callPackage @@ -116,7 +116,7 @@ stdenv.mkDerivation rec { openssl ncurses gnutls readline libjpeg sqlite pcre speex ldns libedit libsndfile libtiff - libuuid + libuuid libxcrypt ] ++ lib.unique (lib.concatMap (mod: mod.inputs) enabledModules) ++ lib.optionals stdenv.isDarwin [ SystemConfiguration ]; diff --git a/pkgs/servers/sql/mariadb/default.nix b/pkgs/servers/sql/mariadb/default.nix index 7190f1209e0..f75fada0d8a 100644 --- a/pkgs/servers/sql/mariadb/default.nix +++ b/pkgs/servers/sql/mariadb/default.nix @@ -44,7 +44,7 @@ commonOptions = packageSettings: rec { # attributes common to both builds ++ lib.optionals stdenv.hostPlatform.isLinux ([ libkrb5 systemd ] ++ (if (lib.versionOlder version "10.6") then [ libaio ] else [ liburing ])) ++ lib.optionals stdenv.hostPlatform.isDarwin [ CoreServices cctools perl libedit ] - ++ lib.optional (!stdenv.hostPlatform.isDarwin) [ jemalloc ] + ++ lib.optionals (!stdenv.hostPlatform.isDarwin) [ jemalloc ] ++ (if (lib.versionOlder version "10.5") then [ pcre ] else [ pcre2 ]) ++ (if (lib.versionOlder version "10.6") then [ openssl_1_1 (curl.override { openssl = openssl_1_1; }) ] @@ -203,15 +203,15 @@ in stdenv.mkDerivation (common // { "-DWITHOUT_EXAMPLE=1" "-DWITHOUT_FEDERATED=1" "-DWITHOUT_TOKUDB=1" - ] ++ lib.optional (stdenv.hostPlatform.isLinux && !stdenv.hostPlatform.isAarch32) [ + ] ++ lib.optionals (stdenv.hostPlatform.isLinux && !stdenv.hostPlatform.isAarch32) [ "-DWITH_NUMA=ON" - ] ++ lib.optional (!withStorageMroonga) [ + ] ++ lib.optionals (!withStorageMroonga) [ "-DWITHOUT_MROONGA=1" - ] ++ lib.optional (!withStorageRocks) [ + ] ++ lib.optionals (!withStorageRocks) [ "-DWITHOUT_ROCKSDB=1" - ] ++ lib.optional (!stdenv.hostPlatform.isDarwin && withStorageRocks) [ + ] ++ lib.optionals (!stdenv.hostPlatform.isDarwin && withStorageRocks) [ "-DWITH_ROCKSDB_JEMALLOC=ON" - ] ++ lib.optional (!stdenv.hostPlatform.isDarwin) [ + ] ++ lib.optionals (!stdenv.hostPlatform.isDarwin) [ "-DWITH_JEMALLOC=yes" ] ++ lib.optionals stdenv.hostPlatform.isDarwin [ "-DPLUGIN_AUTH_PAM=NO" diff --git a/pkgs/servers/sql/pgpool/default.nix b/pkgs/servers/sql/pgpool/default.nix index 436217f2e63..10b8871c578 100644 --- a/pkgs/servers/sql/pgpool/default.nix +++ b/pkgs/servers/sql/pgpool/default.nix @@ -3,6 +3,7 @@ , fetchurl , postgresql , openssl +, libxcrypt , withPam ? stdenv.isLinux , pam }: @@ -20,6 +21,7 @@ stdenv.mkDerivation rec { buildInputs = [ postgresql openssl + libxcrypt ] ++ lib.optional withPam pam; configureFlags = [ diff --git a/pkgs/servers/sql/postgresql/default.nix b/pkgs/servers/sql/postgresql/default.nix index a5bdbc97838..975f486629a 100644 --- a/pkgs/servers/sql/postgresql/default.nix +++ b/pkgs/servers/sql/postgresql/default.nix @@ -21,7 +21,6 @@ let }: let atLeast = lib.versionAtLeast version; - icuEnabled = atLeast "10"; lz4Enabled = atLeast "14"; in stdenv.mkDerivation rec { @@ -39,14 +38,13 @@ let setOutputFlags = false; # $out retains configureFlags :-/ buildInputs = - [ zlib readline openssl libxml2 ] - ++ lib.optionals icuEnabled [ icu ] + [ zlib readline openssl libxml2 icu ] ++ lib.optionals lz4Enabled [ lz4 ] ++ lib.optionals enableSystemd [ systemd ] ++ lib.optionals gssSupport [ libkrb5 ] ++ lib.optionals (!stdenv.isDarwin) [ libossp_uuid ]; - nativeBuildInputs = [ makeWrapper ] ++ lib.optionals icuEnabled [ pkg-config ]; + nativeBuildInputs = [ makeWrapper pkg-config ]; enableParallelBuilding = !stdenv.isDarwin; @@ -62,14 +60,14 @@ let configureFlags = [ "--with-openssl" "--with-libxml" + "--with-icu" "--sysconfdir=/etc" "--libdir=$(lib)/lib" "--with-system-tzdata=${tzdata}/share/zoneinfo" "--enable-debug" (lib.optionalString enableSystemd "--with-systemd") (if stdenv.isDarwin then "--with-uuid=e2fs" else "--with-ossp-uuid") - ] ++ lib.optionals icuEnabled [ "--with-icu" ] - ++ lib.optionals lz4Enabled [ "--with-lz4" ] + ] ++ lib.optionals lz4Enabled [ "--with-lz4" ] ++ lib.optionals gssSupport [ "--with-gssapi" ] ++ lib.optionals stdenv.hostPlatform.isRiscV [ "--disable-spinlocks" ]; @@ -200,16 +198,6 @@ let in self: { - postgresql_10 = self.callPackage generic { - version = "10.22"; - psqlSchema = "10.0"; # should be 10, but changing it is invasive - hash = "sha256-lVl3VVxp3xpk9EuB1KGYfrdKu9GHBXn1rZ2UYTPdjk0="; - this = self.postgresql_10; - thisAttr = "postgresql_10"; - inherit self; - icu = self.icu67; - }; - postgresql_11 = self.callPackage generic { version = "11.17"; psqlSchema = "11.1"; # should be 11, but changing it is invasive diff --git a/pkgs/servers/uwsgi/default.nix b/pkgs/servers/uwsgi/default.nix index d24c482a889..2dc2c3230a8 100644 --- a/pkgs/servers/uwsgi/default.nix +++ b/pkgs/servers/uwsgi/default.nix @@ -1,4 +1,4 @@ -{ stdenv, nixosTests, lib, fetchurl, pkg-config, jansson, pcre +{ stdenv, nixosTests, lib, fetchurl, pkg-config, jansson, pcre, libxcrypt # plugins: list of strings, eg. [ "python2" "python3" ] , plugins ? [] , pam, withPAM ? stdenv.isLinux @@ -74,7 +74,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ python3 pkg-config ]; - buildInputs = [ jansson pcre ] + buildInputs = [ jansson pcre libxcrypt ] ++ lib.optional withPAM pam ++ lib.optional withSystemd systemd ++ lib.optional withCap libcap diff --git a/pkgs/servers/web-apps/sogo/default.nix b/pkgs/servers/web-apps/sogo/default.nix index 286883722f6..6517ad1a600 100644 --- a/pkgs/servers/web-apps/sogo/default.nix +++ b/pkgs/servers/web-apps/sogo/default.nix @@ -1,4 +1,4 @@ -{ gnustep, lib, fetchFromGitHub, fetchpatch, makeWrapper, python3, lndir +{ gnustep, lib, fetchFromGitHub, fetchpatch, makeWrapper, python3, lndir, libxcrypt , openssl, openldap, sope, libmemcached, curl, libsodium, libytnef, libzip, pkg-config, nixosTests , oath-toolkit , enableActiveSync ? false @@ -15,7 +15,7 @@ gnustep.stdenv.mkDerivation rec { }; nativeBuildInputs = [ gnustep.make makeWrapper python3 pkg-config ]; - buildInputs = [ gnustep.base sope openssl libmemcached curl libsodium libytnef libzip openldap oath-toolkit ] + buildInputs = [ gnustep.base sope openssl libmemcached curl libsodium libytnef libzip openldap oath-toolkit libxcrypt ] ++ lib.optional enableActiveSync libwbxml; patches = lib.optional enableActiveSync ./enable-activesync.patch; diff --git a/pkgs/servers/x11/xorg/default.nix b/pkgs/servers/x11/xorg/default.nix index 6d57f881bea..2449ca6c245 100644 --- a/pkgs/servers/x11/xorg/default.nix +++ b/pkgs/servers/x11/xorg/default.nix @@ -1066,11 +1066,11 @@ lib.makeScope newScope (self: with self; { # THIS IS A GENERATED FILE. DO NOT EDIT! libXft = callPackage ({ stdenv, pkg-config, fetchurl, fontconfig, freetype, libX11, xorgproto, libXrender }: stdenv.mkDerivation { pname = "libXft"; - version = "2.3.4"; + version = "2.3.6"; builder = ./builder.sh; src = fetchurl { - url = "mirror://xorg/individual/lib/libXft-2.3.4.tar.bz2"; - sha256 = "1pdbr6gzfvixc791pjf42i9gg8wvfq6cpq6sdca04h4i42mxmpjp"; + url = "mirror://xorg/individual/lib/libXft-2.3.6.tar.xz"; + sha256 = "08ihq0in7iy5bwrx71nhnlkj7k1ic34brjcqs2wbnf69kwqyg9k0"; }; hardeningDisable = [ "bindnow" "relro" ]; strictDeps = true; @@ -1976,7 +1976,7 @@ lib.makeScope newScope (self: with self; { }) {}; # THIS IS A GENERATED FILE. DO NOT EDIT! - xdm = callPackage ({ stdenv, pkg-config, fetchurl, libX11, libXau, libXaw, libXdmcp, libXext, libXft, libXinerama, libXmu, libXpm, xorgproto, libXrender, libXt }: stdenv.mkDerivation { + xdm = callPackage ({ stdenv, pkg-config, fetchurl, libX11, libXau, libXaw, libXdmcp, libXext, libXft, libXinerama, libXmu, libXpm, libxcrypt, xorgproto, libXrender, libXt }: stdenv.mkDerivation { pname = "xdm"; version = "1.1.12"; builder = ./builder.sh; @@ -1987,7 +1987,7 @@ lib.makeScope newScope (self: with self; { hardeningDisable = [ "bindnow" "relro" ]; strictDeps = true; nativeBuildInputs = [ pkg-config ]; - buildInputs = [ libX11 libXau libXaw libXdmcp libXext libXft libXinerama libXmu libXpm xorgproto libXrender libXt ]; + buildInputs = [ libX11 libXau libXaw libXdmcp libXext libXft libXinerama libXmu libXpm xorgproto libXrender libXt libxcrypt ]; meta.platforms = lib.platforms.unix; }) {}; diff --git a/pkgs/servers/x11/xorg/overrides.nix b/pkgs/servers/x11/xorg/overrides.nix index 75a17a9ef32..26ab03280e7 100644 --- a/pkgs/servers/x11/xorg/overrides.nix +++ b/pkgs/servers/x11/xorg/overrides.nix @@ -203,23 +203,6 @@ self: super: configureFlags = attrs.configureFlags or [] ++ malloc0ReturnsNullCrossFlag; - patches = [ - # The following three patches add color emoji rendering support. - # https://gitlab.freedesktop.org/xorg/lib/libxft/merge_requests/1 - (fetchpatch { - url = "https://gitlab.freedesktop.org/xorg/lib/libxft/commit/723092ece088559f1af299236305911f4ee4d450.patch"; - sha256 = "1y5s6x5b7n2rqxapdx65zlcz35s7i7075qxkfnj859hx7k5ybx53"; - }) - (fetchpatch { - url = "https://gitlab.freedesktop.org/xorg/lib/libxft/commit/e0fc4ce7e87ab9c4b47e5c8e693f070dfd0d2f7b.patch"; - sha256 = "1x7cbhdrprrmngyy3l3b45bz6717dzp881687h5hxa4g2bg5c764"; - }) - (fetchpatch { - url = "https://gitlab.freedesktop.org/xorg/lib/libxft/commit/d385aa3e5320d18918413df0e8aef3a713a47e0b.patch"; - sha256 = "1acnks2g88hari2708x93ywa9m2f4lm60yhn9va45151ma2qb5n0"; - }) - ]; - # the include files need ft2build.h, and Requires.private isn't enough for us postInstall = '' sed "/^Requires:/s/$/, freetype2/" -i "$dev/lib/pkgconfig/xft.pc" diff --git a/pkgs/servers/x11/xorg/tarballs.list b/pkgs/servers/x11/xorg/tarballs.list index d0f8661e93e..6e11417f8f5 100644 --- a/pkgs/servers/x11/xorg/tarballs.list +++ b/pkgs/servers/x11/xorg/tarballs.list @@ -187,7 +187,7 @@ mirror://xorg/individual/lib/libXext-1.3.4.tar.bz2 mirror://xorg/individual/lib/libXfixes-6.0.0.tar.bz2 mirror://xorg/individual/lib/libXfont-1.5.4.tar.bz2 mirror://xorg/individual/lib/libXfont2-2.0.5.tar.bz2 -mirror://xorg/individual/lib/libXft-2.3.4.tar.bz2 +mirror://xorg/individual/lib/libXft-2.3.6.tar.xz mirror://xorg/individual/lib/libXi-1.8.tar.bz2 mirror://xorg/individual/lib/libXinerama-1.1.4.tar.bz2 mirror://xorg/individual/lib/libxkbfile-1.1.0.tar.bz2 diff --git a/pkgs/shells/bash/5.1.nix b/pkgs/shells/bash/5.1.nix index 390dab12c94..0f50c72f5da 100644 --- a/pkgs/shells/bash/5.1.nix +++ b/pkgs/shells/bash/5.1.nix @@ -86,7 +86,7 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; - makeFlags = optional stdenv.hostPlatform.isCygwin [ + makeFlags = optionals stdenv.hostPlatform.isCygwin [ "LOCAL_LDFLAGS=-Wl,--export-all,--out-implib,libbash.dll.a" "SHOBJ_LIBS=-lbash" ]; diff --git a/pkgs/shells/ion/default.nix b/pkgs/shells/ion/default.nix index f20c80810a0..ce15dbf2d25 100644 --- a/pkgs/shells/ion/default.nix +++ b/pkgs/shells/ion/default.nix @@ -20,7 +20,7 @@ rustPlatform.buildRustPackage rec { maintainers = with maintainers; [ dywedir ]; }; - buildInputs = lib.optional stdenv.hostPlatform.isDarwin [ + buildInputs = lib.optionals stdenv.hostPlatform.isDarwin [ Security libiconv ]; diff --git a/pkgs/shells/tcsh/default.nix b/pkgs/shells/tcsh/default.nix index 4fac6eb13d6..8ca3eb5a9ee 100644 --- a/pkgs/shells/tcsh/default.nix +++ b/pkgs/shells/tcsh/default.nix @@ -2,6 +2,7 @@ , stdenv , fetchurl , fetchpatch +, libxcrypt , ncurses }: @@ -16,6 +17,7 @@ stdenv.mkDerivation rec { strictDeps = true; buildInputs = [ + libxcrypt ncurses ]; diff --git a/pkgs/stdenv/linux/default.nix b/pkgs/stdenv/linux/default.nix index 03856d5c071..dbaff342fb1 100644 --- a/pkgs/stdenv/linux/default.nix +++ b/pkgs/stdenv/linux/default.nix @@ -221,7 +221,7 @@ in # This is not an issue for the final stdenv, because this perl # won't be included in the final stdenv and won't be exported to # top-level pkgs as an override either. - perl = super.perl.override { enableThreading = false; }; + perl = super.perl.override { enableThreading = false; enableCrypt = false; }; }; }) diff --git a/pkgs/tools/X11/find-cursor/default.nix b/pkgs/tools/X11/find-cursor/default.nix index c99c86a714e..44a7c766215 100644 --- a/pkgs/tools/X11/find-cursor/default.nix +++ b/pkgs/tools/X11/find-cursor/default.nix @@ -14,7 +14,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ installShellFiles git ]; buildInputs = [ libX11 libXdamage libXrender libXcomposite libXext ]; preInstall = "mkdir -p $out/share/man/man1"; - installFlags = "PREFIX=${placeholder "out"}"; + installFlags = [ "PREFIX=${placeholder "out"}" ]; meta = with lib; { description = "Simple XLib program to highlight the cursor position"; diff --git a/pkgs/tools/X11/xmousepasteblock/default.nix b/pkgs/tools/X11/xmousepasteblock/default.nix index 35db8a133a2..984f6ac70a6 100644 --- a/pkgs/tools/X11/xmousepasteblock/default.nix +++ b/pkgs/tools/X11/xmousepasteblock/default.nix @@ -9,7 +9,7 @@ stdenv.mkDerivation rec { sha256 = "0vidckfp277cg2gsww8a8q5b18m10iy4ppyp2qipr89771nrcmns"; rev = version; }; - makeFlags = "PREFIX=$(out)"; + makeFlags = [ "PREFIX=$(out)" ]; buildInputs = with xorg; [ libX11 libXext libXi libev ]; nativeBuildInputs = [ pkg-config ]; meta = with lib; { diff --git a/pkgs/tools/backup/partimage/default.nix b/pkgs/tools/backup/partimage/default.nix index afb8489e1f4..d5a2863d968 100644 --- a/pkgs/tools/backup/partimage/default.nix +++ b/pkgs/tools/backup/partimage/default.nix @@ -7,6 +7,7 @@ , openssl , pkg-config , slang +, libxcrypt , autoreconfHook }: stdenv.mkDerivation rec { @@ -23,7 +24,7 @@ stdenv.mkDerivation rec { configureFlags = [ "--with-ssl-headers=${openssl.dev}/include/openssl" ]; nativeBuildInputs = [ pkg-config autoreconfHook ]; - buildInputs = [ bzip2 zlib newt newt openssl slang ]; + buildInputs = [ bzip2 zlib newt newt openssl slang libxcrypt ]; patches = [ ./gentoos-zlib.patch diff --git a/pkgs/tools/cd-dvd/dvdisaster/default.nix b/pkgs/tools/cd-dvd/dvdisaster/default.nix index 72f8cc0be2e..55e0e51e5f4 100644 --- a/pkgs/tools/cd-dvd/dvdisaster/default.nix +++ b/pkgs/tools/cd-dvd/dvdisaster/default.nix @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ gettext pkg-config which ]; buildInputs = [ glib gtk2 ]; - patches = lib.optional enableSoftening [ + patches = lib.optionals enableSoftening [ ./encryption.patch ./dvdrom.patch ]; diff --git a/pkgs/tools/compression/bsdiff/default.nix b/pkgs/tools/compression/bsdiff/default.nix index b8a86eae89b..6db5d992467 100644 --- a/pkgs/tools/compression/bsdiff/default.nix +++ b/pkgs/tools/compression/bsdiff/default.nix @@ -17,7 +17,7 @@ stdenv.mkDerivation rec { }) ./CVE-2020-14315.patch ./include-systypes.patch - ] ++ lib.optional stdenv.hostPlatform.isLinux [ + ] ++ lib.optionals stdenv.hostPlatform.isLinux [ (fetchpatch { url = "https://sources.debian.org/data/main/b/bsdiff/4.3-22/debian/patches/30-bug-632585-mmap-src-file-instead-of-malloc-read-it.patch"; sha256 = "sha256-esbhz2/efUiuQDuF7LGfSeEn3/f1WbqCxQpTs2A0ulI="; diff --git a/pkgs/tools/compression/xz/default.nix b/pkgs/tools/compression/xz/default.nix index 86df04c2669..1f898dbdef4 100644 --- a/pkgs/tools/compression/xz/default.nix +++ b/pkgs/tools/compression/xz/default.nix @@ -10,11 +10,11 @@ stdenv.mkDerivation rec { pname = "xz"; - version = "5.2.6"; + version = "5.2.7"; src = fetchurl { url = "https://tukaani.org/xz/xz-${version}.tar.bz2"; - sha256 = "E+NALjAbYBj2px7w5Jf3FMbRHiFK6C2rFWuBwqZKyyU="; + sha256 = "tl8dDCcI5XcW9N0iFpiac4R6xv20Fo/86xVXZ+Irg0s="; }; strictDeps = true; diff --git a/pkgs/tools/graphics/mangohud/default.nix b/pkgs/tools/graphics/mangohud/default.nix index 7202f9f8b56..9639a7881f0 100644 --- a/pkgs/tools/graphics/mangohud/default.nix +++ b/pkgs/tools/graphics/mangohud/default.nix @@ -108,7 +108,7 @@ in stdenv.mkDerivation rec { libdbus = dbus.lib; inherit hwdata libX11; }) - ] ++ lib.optional (stdenv.hostPlatform.system == "x86_64-linux") [ + ] ++ lib.optionals (stdenv.hostPlatform.system == "x86_64-linux") [ # Support 32bit OpenGL applications by appending the mangohud32 # lib path to LD_LIBRARY_PATH. # diff --git a/pkgs/tools/misc/conserver/default.nix b/pkgs/tools/misc/conserver/default.nix index d8bb437404d..30ac050ee0d 100644 --- a/pkgs/tools/misc/conserver/default.nix +++ b/pkgs/tools/misc/conserver/default.nix @@ -3,6 +3,7 @@ , fetchFromGitHub , fetchpatch , autoreconfHook +, libxcrypt , gssapiSupport ? false , libkrb5 , freeipmiSupport ? false @@ -36,7 +37,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ autoreconfHook ]; - buildInputs = [ ] + buildInputs = [ libxcrypt ] ++ lib.optionals freeipmiSupport [ freeipmi ] ++ lib.optionals gssapiSupport [ libkrb5 ] ++ lib.optionals opensslSupport [ openssl ]; diff --git a/pkgs/tools/misc/ethtool/default.nix b/pkgs/tools/misc/ethtool/default.nix index d2c0dfe3716..5ebbbe1e118 100644 --- a/pkgs/tools/misc/ethtool/default.nix +++ b/pkgs/tools/misc/ethtool/default.nix @@ -8,11 +8,11 @@ stdenv.mkDerivation rec { pname = "ethtool"; - version = "5.19"; + version = "6.0"; src = fetchurl { url = "mirror://kernel/software/network/${pname}/${pname}-${version}.tar.xz"; - sha256 = "sha256-O3UqMymCeQesOBLygx3+z1HIxBxV0tac+5xTygZEn8Y="; + sha256 = "sha256-1URsk95XDOaPOx6mnb+hL8/Wf8GYl/ZV0/GCMeK4GNY="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/gigalixir/default.nix b/pkgs/tools/misc/gigalixir/default.nix index c32c98fb3dd..c3710ca9448 100644 --- a/pkgs/development/python-modules/gigalixir/default.nix +++ b/pkgs/tools/misc/gigalixir/default.nix @@ -1,34 +1,26 @@ { stdenv , lib -, buildPythonApplication -, click -, fetchPypi +, python3 , git -, httpretty -, qrcode -, pygments -, pyopenssl -, pytestCheckHook -, requests -, rollbar -, stripe -, pythonOlder -, sure }: -buildPythonApplication rec { +python3.pkgs.buildPythonApplication rec { pname = "gigalixir"; version = "1.3.0"; format = "setuptools"; - disabled = pythonOlder "3.7"; - - src = fetchPypi { + src = python3.pkgs.fetchPypi { inherit pname version; hash = "sha256-kNtybgv8j7t1tl6R5ZuC4vj5fnEcEenuNt0twA1kAh0="; }; - propagatedBuildInputs = [ + postPatch = '' + substituteInPlace setup.py \ + --replace "'pytest-runner'," "" \ + --replace "cryptography==" "cryptography>=" + ''; + + propagatedBuildInputs = with python3.pkgs; [ click pygments pyopenssl @@ -40,16 +32,11 @@ buildPythonApplication rec { checkInputs = [ git + ] ++ (with python3.pkgs; [ httpretty pytestCheckHook sure - ]; - - postPatch = '' - substituteInPlace setup.py \ - --replace "'pytest-runner'," "" \ - --replace "cryptography==" "cryptography>=" - ''; + ]); disabledTests = [ # Test requires network access diff --git a/pkgs/tools/misc/hiksink/default.nix b/pkgs/tools/misc/hiksink/default.nix index 9cc91035afe..05d7e1c9f44 100644 --- a/pkgs/tools/misc/hiksink/default.nix +++ b/pkgs/tools/misc/hiksink/default.nix @@ -26,7 +26,7 @@ rustPlatform.buildRustPackage rec { buildInputs = [ openssl - ] ++ lib.optional stdenv.isDarwin [ + ] ++ lib.optionals stdenv.isDarwin [ Security ]; diff --git a/pkgs/tools/misc/jsonwatch/default.nix b/pkgs/tools/misc/jsonwatch/default.nix index 3fe4f5008fd..6f11e7d97e5 100644 --- a/pkgs/tools/misc/jsonwatch/default.nix +++ b/pkgs/tools/misc/jsonwatch/default.nix @@ -18,7 +18,7 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "sha256-Gjb7v3kz11iOml3Ykxhy43KNxzaprgMbb5DpPNChLTc="; - buildInputs = lib.optional stdenv.isDarwin [ + buildInputs = lib.optionals stdenv.isDarwin [ Security ]; diff --git a/pkgs/tools/misc/kermit/default.nix b/pkgs/tools/misc/kermit/default.nix index 33644e911c6..bccecde01cc 100644 --- a/pkgs/tools/misc/kermit/default.nix +++ b/pkgs/tools/misc/kermit/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, ncurses, glibc }: +{ lib, stdenv, fetchurl, ncurses, libxcrypt }: stdenv.mkDerivation { pname = "kermit"; @@ -9,7 +9,7 @@ stdenv.mkDerivation { sha256 = "0487mh6s99ijqf1pfmbm302pa5i4pzmm8s439hdl1ffs5g8jqpqd"; }; - buildInputs = [ ncurses glibc ]; + buildInputs = [ ncurses libxcrypt ]; unpackPhase = '' mkdir -p src diff --git a/pkgs/tools/misc/ldapvi/default.nix b/pkgs/tools/misc/ldapvi/default.nix index f8862cfa567..dd0d34f50fe 100644 --- a/pkgs/tools/misc/ldapvi/default.nix +++ b/pkgs/tools/misc/ldapvi/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchgit, openldap, openssl, popt, glib, ncurses, readline, pkg-config, cyrus_sasl, autoconf, automake }: +{ lib, stdenv, fetchgit, openldap, openssl, popt, glib, libxcrypt, ncurses, readline, pkg-config, cyrus_sasl, autoconf, automake }: stdenv.mkDerivation { pname = "ldapvi"; @@ -11,7 +11,7 @@ stdenv.mkDerivation { }; nativeBuildInputs = [ pkg-config autoconf automake ]; - buildInputs = [ openldap openssl popt glib ncurses readline cyrus_sasl ]; + buildInputs = [ openldap openssl popt glib libxcrypt ncurses readline cyrus_sasl ]; preConfigure = '' cd ldapvi diff --git a/pkgs/tools/misc/less/default.nix b/pkgs/tools/misc/less/default.nix index df8d9eef22a..a7212ccf764 100644 --- a/pkgs/tools/misc/less/default.nix +++ b/pkgs/tools/misc/less/default.nix @@ -10,7 +10,7 @@ stdenv.mkDerivation rec { }; configureFlags = [ "--sysconfdir=/etc" ] # Look for ‘sysless’ in /etc. - ++ lib.optional lessSecure [ "--with-secure" ]; + ++ lib.optionals lessSecure [ "--with-secure" ]; buildInputs = [ ncurses ]; diff --git a/pkgs/tools/misc/man-db/default.nix b/pkgs/tools/misc/man-db/default.nix index 3e34a81cd4f..4c23143b103 100644 --- a/pkgs/tools/misc/man-db/default.nix +++ b/pkgs/tools/misc/man-db/default.nix @@ -53,7 +53,7 @@ stdenv.mkDerivation rec { "--with-systemdtmpfilesdir=${placeholder "out"}/lib/tmpfiles.d" "--with-systemdsystemunitdir=${placeholder "out"}/lib/systemd/system" "--with-pager=less" - ] ++ lib.optional stdenv.hostPlatform.isDarwin [ + ] ++ lib.optionals stdenv.hostPlatform.isDarwin [ "ac_cv_func__set_invalid_parameter_handler=no" "ac_cv_func_posix_fadvise=no" "ac_cv_func_mempcpy=no" diff --git a/pkgs/tools/misc/otfcc/default.nix b/pkgs/tools/misc/otfcc/default.nix index b233e94f4f6..b6c971dd3c2 100644 --- a/pkgs/tools/misc/otfcc/default.nix +++ b/pkgs/tools/misc/otfcc/default.nix @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { ./move-makefiles.patch ]; - buildFlags = lib.optional stdenv.isAarch64 [ "config=release_arm" ]; + buildFlags = lib.optionals stdenv.isAarch64 [ "config=release_arm" ]; installPhase = '' mkdir -p $out/bin diff --git a/pkgs/tools/misc/pre-commit/default.nix b/pkgs/tools/misc/pre-commit/default.nix index 7fef96dae31..2e11679f451 100644 --- a/pkgs/tools/misc/pre-commit/default.nix +++ b/pkgs/tools/misc/pre-commit/default.nix @@ -37,9 +37,9 @@ buildPythonPackage rec { pyyaml toml virtualenv - ] ++ lib.optional (pythonOlder "3.8") [ + ] ++ lib.optionals (pythonOlder "3.8") [ importlib-metadata - ] ++ lib.optional (pythonOlder "3.7") [ + ] ++ lib.optionals (pythonOlder "3.7") [ importlib-resources ]; diff --git a/pkgs/tools/misc/rust-motd/default.nix b/pkgs/tools/misc/rust-motd/default.nix index a2c7710984e..b881d94438c 100644 --- a/pkgs/tools/misc/rust-motd/default.nix +++ b/pkgs/tools/misc/rust-motd/default.nix @@ -26,7 +26,7 @@ rustPlatform.buildRustPackage rec { buildInputs = [ openssl - ] ++ lib.optional stdenv.isDarwin [ + ] ++ lib.optionals stdenv.isDarwin [ Security ]; diff --git a/pkgs/tools/misc/screen/default.nix b/pkgs/tools/misc/screen/default.nix index b5b3f2b189b..f9d546a30fe 100644 --- a/pkgs/tools/misc/screen/default.nix +++ b/pkgs/tools/misc/screen/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, autoreconfHook, ncurses, utmp, pam ? null }: +{ lib, stdenv, fetchurl, autoreconfHook, ncurses, libxcrypt, utmp, pam ? null }: stdenv.mkDerivation rec { pname = "screen"; @@ -22,6 +22,7 @@ stdenv.mkDerivation rec { ]; buildInputs = [ ncurses + libxcrypt ] ++ lib.optional stdenv.isLinux pam ++ lib.optional stdenv.isDarwin utmp; diff --git a/pkgs/tools/misc/sheldon/default.nix b/pkgs/tools/misc/sheldon/default.nix index db6aa9d8f17..8f2c458fe1d 100644 --- a/pkgs/tools/misc/sheldon/default.nix +++ b/pkgs/tools/misc/sheldon/default.nix @@ -20,7 +20,7 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "sha256-uRcaHuDLQm6OYqt01kLbW/mfZnL4HaDabaweaw1EOfs="; - buildInputs = [ openssl ] ++ lib.optional stdenv.isDarwin [ Security curl ]; + buildInputs = [ openssl ] ++ lib.optionals stdenv.isDarwin [ Security curl ]; nativeBuildInputs = [ installShellFiles pkg-config ]; # Needs network connection diff --git a/pkgs/tools/misc/toybox/default.nix b/pkgs/tools/misc/toybox/default.nix index fc9465f35cd..c94537c0bfd 100644 --- a/pkgs/tools/misc/toybox/default.nix +++ b/pkgs/tools/misc/toybox/default.nix @@ -1,6 +1,6 @@ { stdenv, lib, fetchFromGitHub, which, - buildPackages, + buildPackages, libxcrypt, enableStatic ? stdenv.hostPlatform.isStatic, enableMinimal ? false, extraConfig ? "" @@ -18,8 +18,12 @@ stdenv.mkDerivation rec { }; depsBuildBuild = [ buildPackages.stdenv.cc ]; # needed for cross - buildInputs = lib.optionals (enableStatic && stdenv.cc.libc ? static) - [ stdenv.cc.libc stdenv.cc.libc.static ]; + buildInputs = [ + libxcrypt + ] ++lib.optionals (enableStatic && stdenv.cc.libc ? static) [ + stdenv.cc.libc + stdenv.cc.libc.static + ]; postPatch = "patchShebangs ."; diff --git a/pkgs/tools/misc/ttwatch/default.nix b/pkgs/tools/misc/ttwatch/default.nix index ecfc40bdf6f..273d34ffdb8 100644 --- a/pkgs/tools/misc/ttwatch/default.nix +++ b/pkgs/tools/misc/ttwatch/default.nix @@ -17,7 +17,7 @@ stdenv.mkDerivation { nativeBuildInputs = [ cmake perl pkg-config ]; buildInputs = [ openssl curl libusb1 protobufc ]; - cmakeFlags = lib.optional enableUnsafe [ "-Dunsafe=on" ]; + cmakeFlags = lib.optionals enableUnsafe [ "-Dunsafe=on" ]; preFixup = '' chmod +x $out/bin/ttbin2mysports diff --git a/pkgs/tools/networking/bore-cli/default.nix b/pkgs/tools/networking/bore-cli/default.nix index 5ca16499fe8..ae39bfb6204 100644 --- a/pkgs/tools/networking/bore-cli/default.nix +++ b/pkgs/tools/networking/bore-cli/default.nix @@ -18,7 +18,7 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "sha256-ZnEVTFiPo3AFyo1BoV88X2nCqYzRK6PkcbawiR+QnV0="; - buildInputs = lib.optional stdenv.isDarwin [ + buildInputs = lib.optionals stdenv.isDarwin [ Security ]; diff --git a/pkgs/tools/networking/bore/default.nix b/pkgs/tools/networking/bore/default.nix index 66334e06210..e7934428a95 100644 --- a/pkgs/tools/networking/bore/default.nix +++ b/pkgs/tools/networking/bore/default.nix @@ -12,7 +12,7 @@ rustPlatform.buildRustPackage rec { }; cargoSha256 = "1xlbfzmy0wjyz3jpr17r4ma4i79d9b32yqwwi10vrcjzr7vsyhmx"; - cargoBuildFlags = "-p ${pname}"; + cargoBuildFlags = [ "-p" pname ]; # FIXME can’t test --all-targets and --doc in a single invocation cargoTestFlags = [ "--all-targets" "--workspace" ]; diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix index 07b9e58589a..32d2fbb62de 100644 --- a/pkgs/tools/networking/curl/default.nix +++ b/pkgs/tools/networking/curl/default.nix @@ -1,6 +1,6 @@ { lib, stdenv, fetchurl, pkg-config, perl, nixosTests , brotliSupport ? false, brotli -, c-aresSupport ? false, c-ares +, c-aresSupport ? false, c-aresMinimal , gnutlsSupport ? false, gnutls , gsaslSupport ? false, gsasl , gssSupport ? with stdenv.hostPlatform; ( @@ -75,7 +75,7 @@ stdenv.mkDerivation (finalAttrs: { # applications that use Curl. propagatedBuildInputs = with lib; optional brotliSupport brotli ++ - optional c-aresSupport c-ares ++ + optional c-aresSupport c-aresMinimal ++ optional gnutlsSupport gnutls ++ optional gsaslSupport gsasl ++ optional gssSupport libkrb5 ++ diff --git a/pkgs/tools/networking/dcap/default.nix b/pkgs/tools/networking/dcap/default.nix index f606c3f6cd6..3ee1a389ef9 100644 --- a/pkgs/tools/networking/dcap/default.nix +++ b/pkgs/tools/networking/dcap/default.nix @@ -6,6 +6,7 @@ , libtool , zlib , cunit +, libxcrypt }: stdenv.mkDerivation rec { pname = "dcap"; @@ -19,7 +20,7 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ autoconf automake libtool ]; - buildInputs = [ zlib ]; + buildInputs = [ zlib libxcrypt ]; preConfigure = '' patchShebangs bootstrap.sh diff --git a/pkgs/tools/networking/dnsmasq/default.nix b/pkgs/tools/networking/dnsmasq/default.nix index ba17f10e96c..1eb8b85166f 100644 --- a/pkgs/tools/networking/dnsmasq/default.nix +++ b/pkgs/tools/networking/dnsmasq/default.nix @@ -2,6 +2,7 @@ , libidn, libnetfilter_conntrack, buildPackages , dbusSupport ? stdenv.isLinux , dbus +, nixosTests }: with lib; @@ -17,11 +18,11 @@ let in stdenv.mkDerivation rec { pname = "dnsmasq"; - version = "2.86"; + version = "2.87"; src = fetchurl { url = "https://www.thekelleys.org.uk/dnsmasq/${pname}-${version}.tar.xz"; - sha256 = "sha256-KNUs/J4gBKxPhSdPUrMuFke028l2G4Ln3h5BxJkH6wg="; + sha256 = "sha256-AijANkp/I1b9fn8VSZN8vzCZp407LrG6W7DDHiuJ3no="; }; postPatch = lib.optionalString stdenv.hostPlatform.isLinux '' @@ -77,6 +78,15 @@ stdenv.mkDerivation rec { ++ optionals dbusSupport [ dbus ] ++ optionals stdenv.isLinux [ libnetfilter_conntrack ]; + passthru.tests = { + prometheus-exporter = nixosTests.prometheus-exporters.dnsmasq; + + # these tests use dnsmasq incidentally + inherit (nixosTests) dnscrypt-proxy2; + kubernetes-dns-single = nixosTests.kubernetes.dns-single-node; + kubernetes-dns-multi = nixosTests.kubernetes.dns-multi-node; + }; + meta = { description = "An integrated DNS, DHCP and TFTP server for small networks"; homepage = "https://www.thekelleys.org.uk/dnsmasq/doc.html"; diff --git a/pkgs/tools/networking/dropbear/default.nix b/pkgs/tools/networking/dropbear/default.nix index 30efbcc508d..e15b0072be7 100644 --- a/pkgs/tools/networking/dropbear/default.nix +++ b/pkgs/tools/networking/dropbear/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, glibc, zlib +{ lib, stdenv, fetchurl, glibc, zlib, libxcrypt , enableStatic ? stdenv.hostPlatform.isStatic , enableSCP ? false , sftpPath ? "/run/current-system/sw/libexec/sftp-server" @@ -49,7 +49,7 @@ stdenv.mkDerivation rec { ./pass-path.patch ]; - buildInputs = [ zlib ] ++ lib.optionals enableStatic [ glibc.static zlib.static ]; + buildInputs = [ zlib libxcrypt ] ++ lib.optionals enableStatic [ glibc.static zlib.static ]; meta = with lib; { homepage = "https://matt.ucc.asn.au/dropbear/dropbear.html"; diff --git a/pkgs/tools/networking/eternal-terminal/default.nix b/pkgs/tools/networking/eternal-terminal/default.nix index 05e3152bec1..96315e305ad 100644 --- a/pkgs/tools/networking/eternal-terminal/default.nix +++ b/pkgs/tools/networking/eternal-terminal/default.nix @@ -43,7 +43,7 @@ stdenv.mkDerivation rec { "-DDISABLE_CRASH_LOG=TRUE" ]; - CXXFLAGS = lib.optional stdenv.cc.isClang [ + CXXFLAGS = lib.optionals stdenv.cc.isClang [ "-std=c++17" ]; diff --git a/pkgs/tools/networking/haproxy/default.nix b/pkgs/tools/networking/haproxy/default.nix index e43c58d78d4..7928905762e 100644 --- a/pkgs/tools/networking/haproxy/default.nix +++ b/pkgs/tools/networking/haproxy/default.nix @@ -2,7 +2,7 @@ , usePcre ? true , withPrometheusExporter ? true , stdenv, lib, fetchurl, nixosTests -, openssl, zlib +, openssl, zlib, libxcrypt , lua5_3 ? null, pcre ? null, systemd ? null }: @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { sha256 = "sha256-0MgMkMBK55WYtYuXSdU3h/APe1FRdefYID8nluamWU0="; }; - buildInputs = [ openssl zlib ] + buildInputs = [ openssl zlib libxcrypt ] ++ lib.optional useLua lua5_3 ++ lib.optional usePcre pcre ++ lib.optional stdenv.isLinux systemd; diff --git a/pkgs/tools/networking/ipv6calc/default.nix b/pkgs/tools/networking/ipv6calc/default.nix index 6df96e268ef..8489ffd6f70 100644 --- a/pkgs/tools/networking/ipv6calc/default.nix +++ b/pkgs/tools/networking/ipv6calc/default.nix @@ -43,11 +43,11 @@ stdenv.mkDerivation rec { "--disable-bundled-md5" "--disable-dynamic-load" "--enable-shared" - ] ++ lib.optional (libmaxminddb != null) [ + ] ++ lib.optionals (libmaxminddb != null) [ "--enable-mmdb" - ] ++ lib.optional (geolite-legacy != null) [ + ] ++ lib.optionals (geolite-legacy != null) [ "--with-geoip-db=${geolite-legacy}/share/GeoIP" - ] ++ lib.optional (ip2location-c != null) [ + ] ++ lib.optionals (ip2location-c != null) [ "--enable-ip2location" ]; diff --git a/pkgs/tools/networking/libreswan/default.nix b/pkgs/tools/networking/libreswan/default.nix index b12fdbdbad7..ab3249e57a8 100644 --- a/pkgs/tools/networking/libreswan/default.nix +++ b/pkgs/tools/networking/libreswan/default.nix @@ -11,6 +11,7 @@ , pam , libevent , libcap_ng +, libxcrypt , curl , nspr , bash @@ -66,7 +67,7 @@ stdenv.mkDerivation rec { buildInputs = [ systemd coreutils gnused gawk gmp unbound pam libevent - libcap_ng curl nspr nss ldns + libcap_ng libxcrypt curl nspr nss ldns # needed to patch shebangs python3 bash ] ++ lib.optional stdenv.isLinux libselinux; diff --git a/pkgs/tools/networking/lsh/default.nix b/pkgs/tools/networking/lsh/default.nix index 07f0524d5f4..7c5e09b950a 100644 --- a/pkgs/tools/networking/lsh/default.nix +++ b/pkgs/tools/networking/lsh/default.nix @@ -1,5 +1,5 @@ { lib, stdenv, fetchurl, gperf, guile, gmp, zlib, liboop, readline, gnum4, pam -, nettools, lsof, procps }: +, nettools, lsof, procps, libxcrypt }: stdenv.mkDerivation rec { pname = "lsh"; @@ -38,7 +38,7 @@ stdenv.mkDerivation rec { # Should be present in upcoming 2.1 release. NIX_CFLAGS_COMPILE = "-std=gnu90 -fcommon"; - buildInputs = [ gperf guile gmp zlib liboop readline gnum4 pam ]; + buildInputs = [ gperf guile gmp zlib liboop readline gnum4 pam libxcrypt ]; meta = { description = "GPL'd implementation of the SSH protocol"; diff --git a/pkgs/tools/networking/mailutils/default.nix b/pkgs/tools/networking/mailutils/default.nix index faccef57697..225b208822a 100644 --- a/pkgs/tools/networking/mailutils/default.nix +++ b/pkgs/tools/networking/mailutils/default.nix @@ -22,6 +22,7 @@ , python3 , sasl , system-sendmail +, libxcrypt }: stdenv.mkDerivation rec { @@ -63,6 +64,7 @@ stdenv.mkDerivation rec { python3 readline sasl + libxcrypt ] ++ lib.optionals stdenv.isLinux [ nettools ]; patches = [ diff --git a/pkgs/tools/networking/modemmanager/default.nix b/pkgs/tools/networking/modemmanager/default.nix index 4561661df5a..89ec8508bbf 100644 --- a/pkgs/tools/networking/modemmanager/default.nix +++ b/pkgs/tools/networking/modemmanager/default.nix @@ -1,31 +1,17 @@ { lib, stdenv, fetchurl -, fetchpatch , glib, udev, libgudev, polkit, ppp, gettext, pkg-config, python3 , libmbim, libqmi, systemd, vala, gobject-introspection, dbus }: stdenv.mkDerivation rec { pname = "modemmanager"; - version = "1.18.10"; + version = "1.18.12"; src = fetchurl { url = "https://www.freedesktop.org/software/ModemManager/ModemManager-${version}.tar.xz"; - sha256 = "sha256-FiVfginu6y3+y43RNwNg1G8QFeyF5vulwcvZ9DcdZes="; + sha256 = "sha256-tGTkkl2VWmyobdCGFudjsmrkbX/Tfb4oFnjjQGWx5DA="; }; - patches = [ - # Fix tests with GLib 2.73.2 - # https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/issues/601 - (fetchpatch { - url = "https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/commit/79a5a4eed2189ea87d25cbe00bc824a2572cad66.patch"; - sha256 = "egGXkCzAMyqPjeO6ro23sdTddTDEGJUkV7rH8sSlSGE="; - }) - (fetchpatch { - url = "https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/commit/51a333cd9a6707de7c623fd4c94cb6032477572f.patch"; - sha256 = "1XyJ0GBmpBRwnsKPI4i/EBrF7W08HelL/PMDwmlQWcw="; - }) - ]; - nativeBuildInputs = [ vala gobject-introspection gettext pkg-config ]; buildInputs = [ glib udev libgudev polkit ppp libmbim libqmi systemd ]; diff --git a/pkgs/tools/networking/ocserv/default.nix b/pkgs/tools/networking/ocserv/default.nix index 067c614f585..29801eebbd7 100644 --- a/pkgs/tools/networking/ocserv/default.nix +++ b/pkgs/tools/networking/ocserv/default.nix @@ -1,6 +1,6 @@ { lib, stdenv, fetchFromGitLab, autoreconfHook, pkg-config, nettle, gnutls , libev, protobufc, guile, geoip, libseccomp, gperf, readline -, lz4, libgssglue, ronn, pam +, lz4, libgssglue, ronn, pam, libxcrypt }: stdenv.mkDerivation rec { @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ autoreconfHook gperf pkg-config ronn ]; - buildInputs = [ nettle gnutls libev protobufc guile geoip libseccomp readline lz4 libgssglue pam ]; + buildInputs = [ nettle gnutls libev protobufc guile geoip libseccomp readline lz4 libgssglue pam libxcrypt ]; meta = with lib; { homepage = "https://gitlab.com/openconnect/ocserv"; diff --git a/pkgs/tools/networking/openssh/default.nix b/pkgs/tools/networking/openssh/default.nix index 55aec86bee5..7a2be129b8d 100644 --- a/pkgs/tools/networking/openssh/default.nix +++ b/pkgs/tools/networking/openssh/default.nix @@ -6,11 +6,11 @@ in openssh = common rec { pname = "openssh"; - version = "9.0p1"; + version = "9.1p1"; src = fetchurl { url = "mirror://openbsd/OpenSSH/portable/openssh-${version}.tar.gz"; - sha256 = "12m2f9czvgmi7akp7xah6y7mrrpi280a3ksk47iwr7hy2q1475q3"; + hash = "sha256-GfhQCcfj4jeH8CNvuxV4OSq01L+fjsX+a8HNfov90og="; }; extraPatches = [ ./ssh-keysign-8.5.patch ]; diff --git a/pkgs/tools/networking/ppp/default.nix b/pkgs/tools/networking/ppp/default.nix index d39607338e7..be50397bf1d 100644 --- a/pkgs/tools/networking/ppp/default.nix +++ b/pkgs/tools/networking/ppp/default.nix @@ -3,8 +3,10 @@ , fetchFromGitHub , substituteAll , libpcap +, libxcrypt , openssl , bash +, nixosTests }: stdenv.mkDerivation rec { @@ -31,6 +33,7 @@ stdenv.mkDerivation rec { buildInputs = [ libpcap + libxcrypt openssl bash ]; @@ -48,6 +51,8 @@ stdenv.mkDerivation rec { "CC=${stdenv.cc.targetPrefix}cc" ]; + NIX_LDFLAGS = "-lcrypt"; + installPhase = '' runHook preInstall mkdir -p $out/bin @@ -60,6 +65,10 @@ stdenv.mkDerivation rec { substituteInPlace "$out/bin/pon" --replace "/usr/sbin" "$out/bin" ''; + passthru.tests = { + inherit (nixosTests) pppd; + }; + meta = with lib; { homepage = "https://ppp.samba.org"; description = "Point-to-point implementation to provide Internet connections over serial lines"; diff --git a/pkgs/tools/networking/rathole/default.nix b/pkgs/tools/networking/rathole/default.nix index ceaf89ef92e..cb392114e06 100644 --- a/pkgs/tools/networking/rathole/default.nix +++ b/pkgs/tools/networking/rathole/default.nix @@ -21,7 +21,7 @@ rustPlatform.buildRustPackage rec { nativeBuildInputs = [ pkg-config ]; - buildInputs = [ openssl ] ++ lib.optional stdenv.isDarwin [ CoreServices ]; + buildInputs = [ openssl ] ++ lib.optionals stdenv.isDarwin [ CoreServices ]; __darwinAllowLocalNetworking = true; diff --git a/pkgs/tools/networking/srelay/default.nix b/pkgs/tools/networking/srelay/default.nix index da09395fc7a..709e4f9594a 100644 --- a/pkgs/tools/networking/srelay/default.nix +++ b/pkgs/tools/networking/srelay/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl }: +{ lib, stdenv, fetchurl, libxcrypt }: stdenv.mkDerivation rec { pname = "srelay"; @@ -11,6 +11,8 @@ stdenv.mkDerivation rec { patches = [ ./arm.patch ]; + buildInputs = [ libxcrypt ]; + installPhase = "install -D srelay $out/bin/srelay"; meta = { diff --git a/pkgs/tools/networking/termscp/default.nix b/pkgs/tools/networking/termscp/default.nix index 7fbf30614e7..70e16431994 100644 --- a/pkgs/tools/networking/termscp/default.nix +++ b/pkgs/tools/networking/termscp/default.nix @@ -33,7 +33,7 @@ rustPlatform.buildRustPackage rec { dbus libssh openssl - ] ++ lib.optional stdenv.isDarwin [ + ] ++ lib.optionals stdenv.isDarwin [ AppKit Cocoa Foundation diff --git a/pkgs/tools/networking/toxvpn/default.nix b/pkgs/tools/networking/toxvpn/default.nix index 57a5510bd43..633ecf65492 100644 --- a/pkgs/tools/networking/toxvpn/default.nix +++ b/pkgs/tools/networking/toxvpn/default.nix @@ -26,7 +26,7 @@ stdenv.mkDerivation { nativeBuildInputs = [ cmake ]; - cmakeFlags = lib.optional stdenv.isLinux [ "-DSYSTEMD=1" ]; + cmakeFlags = lib.optionals stdenv.isLinux [ "-DSYSTEMD=1" ]; postInstall = "$out/bin/toxvpn -h"; diff --git a/pkgs/tools/networking/unbound/default.nix b/pkgs/tools/networking/unbound/default.nix index 25fcc1bcc39..3e42eaaaaf9 100644 --- a/pkgs/tools/networking/unbound/default.nix +++ b/pkgs/tools/networking/unbound/default.nix @@ -48,11 +48,11 @@ stdenv.mkDerivation rec { pname = "unbound"; - version = "1.16.3"; + version = "1.17.0"; src = fetchurl { url = "https://nlnetlabs.nl/downloads/unbound/unbound-${version}.tar.gz"; - hash = "sha256-6gxmZeLDMlt2nqwd/M1g/hgo1fz2YmUAOezLP2ftso4="; + hash = "sha256-3LyV14kdn5EMZuTtyfHy/eTeou7Bjjr591rtRKAvE0E="; }; outputs = [ "out" "lib" "man" ]; # "dev" would only split ~20 kB @@ -75,7 +75,7 @@ stdenv.mkDerivation rec { "--with-rootkey-file=${dns-root-data}/root.key" "--enable-pie" "--enable-relro-now" - ] ++ lib.optional stdenv.hostPlatform.isStatic [ + ] ++ lib.optionals stdenv.hostPlatform.isStatic [ "--disable-flto" ] ++ lib.optionals withSystemd [ "--enable-systemd" diff --git a/pkgs/tools/networking/vde2/default.nix b/pkgs/tools/networking/vde2/default.nix index c14aa8bb3c1..83cee2e466a 100644 --- a/pkgs/tools/networking/vde2/default.nix +++ b/pkgs/tools/networking/vde2/default.nix @@ -11,7 +11,7 @@ stdenv.mkDerivation rec { sha256 = "sha256-Yf6QB7j5lYld2XtqhYspK4037lTtimoFc7nCavCP+mU="; }; - patches = lib.optional stdenv.hostPlatform.isMusl [ + patches = lib.optionals stdenv.hostPlatform.isMusl [ (fetchpatch { url = "https://git.alpinelinux.org/aports/plain/main/vde2/musl-build-fix.patch?id=ddee2f86a48e087867d4a2c12849b2e3baccc238"; sha256 = "0b5382v541bkxhqylilcy34bh83ag96g71f39m070jzvi84kx8af"; diff --git a/pkgs/tools/networking/wg-netmanager/default.nix b/pkgs/tools/networking/wg-netmanager/default.nix index 0c74fe4ad04..15dc7b163b5 100644 --- a/pkgs/tools/networking/wg-netmanager/default.nix +++ b/pkgs/tools/networking/wg-netmanager/default.nix @@ -17,7 +17,7 @@ rustPlatform.buildRustPackage rec { # Test 01 tries to create a wireguard interface, which requires sudo. doCheck = true; - checkFlags = "--skip device"; + checkFlags = [ "--skip" "device" ]; meta = with lib; { description = "Wireguard network manager"; diff --git a/pkgs/tools/networking/xrootd/default.nix b/pkgs/tools/networking/xrootd/default.nix index 24354f3ec7c..454ee094462 100644 --- a/pkgs/tools/networking/xrootd/default.nix +++ b/pkgs/tools/networking/xrootd/default.nix @@ -9,6 +9,7 @@ , fuse , libkrb5 , libuuid +, libxcrypt , libxml2 , openssl , readline @@ -48,6 +49,7 @@ stdenv.mkDerivation rec { curl libkrb5 libuuid + libxcrypt libxml2 openssl readline diff --git a/pkgs/tools/package-management/cde/default.nix b/pkgs/tools/package-management/cde/default.nix index 5e86e2affb3..43a32eccda1 100644 --- a/pkgs/tools/package-management/cde/default.nix +++ b/pkgs/tools/package-management/cde/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub }: +{ lib, stdenv, fetchFromGitHub, libxcrypt }: stdenv.mkDerivation rec { pname = "cde"; @@ -17,6 +17,8 @@ stdenv.mkDerivation rec { # useful. preferLocalBuild = true; + buildInputs = [ libxcrypt ]; + patchBuild = '' sed -i -e '/install/d' $src/Makefile ''; diff --git a/pkgs/tools/package-management/nix/common.nix b/pkgs/tools/package-management/nix/common.nix index f69ee083af1..95fbd0782b7 100644 --- a/pkgs/tools/package-management/nix/common.nix +++ b/pkgs/tools/package-management/nix/common.nix @@ -113,7 +113,7 @@ self = stdenv.mkDerivation { propagatedBuildInputs = [ boehmgc - ] ++ lib.optional (atLeast27) [ + ] ++ lib.optionals (atLeast27) [ nlohmann_json ]; diff --git a/pkgs/development/python-modules/poetry2conda/default.nix b/pkgs/tools/package-management/poetry2conda/default.nix index 7f5268a23dc..1e570156f8c 100644 --- a/pkgs/development/python-modules/poetry2conda/default.nix +++ b/pkgs/tools/package-management/poetry2conda/default.nix @@ -1,15 +1,9 @@ { lib -, buildPythonApplication , fetchFromGitHub -, pytest-mock -, pytestCheckHook -, toml -, poetry -, poetry-semver -, pyyaml +, python3 }: -buildPythonApplication rec { +with python3.pkgs; buildPythonApplication rec { pname = "poetry2conda"; version = "0.3.0"; diff --git a/pkgs/tools/security/asc-key-to-qr-code-gif/default.nix b/pkgs/tools/security/asc-key-to-qr-code-gif/default.nix index 13327a84fff..28913c68577 100644 --- a/pkgs/tools/security/asc-key-to-qr-code-gif/default.nix +++ b/pkgs/tools/security/asc-key-to-qr-code-gif/default.nix @@ -23,7 +23,7 @@ stdenv.mkDerivation { substitutions = [ ''--replace "convert" "${imagemagick}/bin/convert"'' ''--replace "qrencode" "${qrencode.bin}/bin/qrencode"'' - ] ++ lib.optional testQR [ + ] ++ lib.optionals testQR [ ''--replace "hash zbarimg" "true"'' # hash does not work on NixOS ''--replace "$(zbarimg --raw" "$(${zbar.out}/bin/zbarimg --raw"'' ]; diff --git a/pkgs/tools/security/chipsec/default.nix b/pkgs/tools/security/chipsec/default.nix index 5b4957139d7..64a4946136f 100644 --- a/pkgs/tools/security/chipsec/default.nix +++ b/pkgs/tools/security/chipsec/default.nix @@ -48,7 +48,7 @@ python3.pkgs.buildPythonApplication rec { setupPyBuildFlags = [ "--build-lib=$CHIPSEC_BUILD_LIB" - ] ++ lib.optional (!withDriver) [ + ] ++ lib.optionals (!withDriver) [ "--skip-driver" ]; diff --git a/pkgs/tools/security/ibm-sw-tpm2/default.nix b/pkgs/tools/security/ibm-sw-tpm2/default.nix index c5b738678aa..012d492aaca 100644 --- a/pkgs/tools/security/ibm-sw-tpm2/default.nix +++ b/pkgs/tools/security/ibm-sw-tpm2/default.nix @@ -1,23 +1,14 @@ -{ stdenv, fetchurl, fetchpatch, lib, openssl }: +{ stdenv, fetchurl, lib, openssl }: stdenv.mkDerivation rec { pname = "ibm-sw-tpm2"; - version = "1661"; + version = "1682"; src = fetchurl { url = "mirror://sourceforge/ibmswtpm2/ibmtpm${version}.tar.gz"; - sha256 = "sha256-VRRZKK0rJPNL5qDqz5+0kuEODqkZuEKMch+pcOhdYUc="; + hash = "sha256-PLZC+HGheyPVCwRuX5X0ScIodBX8HnrrS9u4kg28s48="; }; - patches = [ - (fetchpatch { - url = "https://github.com/kgoldman/ibmswtpm2/commit/e6684009aff9c1bad38875e3319c2e02ef791424.patch"; - sha256 = "1flzlri807c88agmpb0w8xvh5f16mmqv86xw4ic4z272iynzd40j"; - }) - ]; - - patchFlags = [ "-p2" ]; - buildInputs = [ openssl ]; sourceRoot = "src"; diff --git a/pkgs/tools/security/mokutil/default.nix b/pkgs/tools/security/mokutil/default.nix index b408e4d2c80..5a597b73a7c 100644 --- a/pkgs/tools/security/mokutil/default.nix +++ b/pkgs/tools/security/mokutil/default.nix @@ -6,6 +6,7 @@ , openssl , efivar , keyutils +, libxcrypt }: stdenv.mkDerivation rec { @@ -28,6 +29,7 @@ stdenv.mkDerivation rec { openssl efivar keyutils + libxcrypt ]; meta = with lib; { diff --git a/pkgs/tools/security/rhash/default.nix b/pkgs/tools/security/rhash/default.nix index e071f460b1a..b539772213b 100644 --- a/pkgs/tools/security/rhash/default.nix +++ b/pkgs/tools/security/rhash/default.nix @@ -46,7 +46,7 @@ stdenv.mkDerivation rec { installTargets = [ "install" "install-lib-headers" - ] ++ lib.optional (!enableStatic) [ + ] ++ lib.optionals (!enableStatic) [ "install-lib-so-link" ]; diff --git a/pkgs/tools/security/sudo/default.nix b/pkgs/tools/security/sudo/default.nix index 429027df872..d667734ef99 100644 --- a/pkgs/tools/security/sudo/default.nix +++ b/pkgs/tools/security/sudo/default.nix @@ -35,10 +35,10 @@ stdenv.mkDerivation rec { "--with-iologdir=/var/log/sudo-io" "--with-sendmail=${sendmailPath}" "--enable-tmpfiles.d=no" - ] ++ lib.optional withInsults [ + ] ++ lib.optionals withInsults [ "--with-insults" "--with-all-insults" - ] ++ lib.optional withSssd [ + ] ++ lib.optionals withSssd [ "--with-sssd" "--with-sssd-lib=${sssd}/lib" ]; diff --git a/pkgs/tools/security/super/default.nix b/pkgs/tools/security/super/default.nix index eba7def957c..1c2e9cbd4ab 100644 --- a/pkgs/tools/security/super/default.nix +++ b/pkgs/tools/security/super/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, fetchpatch }: +{ lib, stdenv, fetchurl, fetchpatch, libxcrypt }: stdenv.mkDerivation rec { pname = "super"; @@ -37,6 +37,8 @@ stdenv.mkDerivation rec { "--localstatedir=/var" ]; + buildInputs = [ libxcrypt ]; + installFlags = [ "sysconfdir=$(out)/etc" "localstatedir=$(TMPDIR)" ]; meta = { diff --git a/pkgs/tools/system/chase/default.nix b/pkgs/tools/system/chase/default.nix index ff4885b088d..d20d33235cf 100644 --- a/pkgs/tools/system/chase/default.nix +++ b/pkgs/tools/system/chase/default.nix @@ -12,8 +12,7 @@ stdenv.mkDerivation rec { }; doCheck = true; - makeFlags = [ "-e" ]; - makeFlagsArray="LIBS=-lgc"; + makeFlags = [ "-e" "LIBS=-lgc" ]; meta = with lib ; { description = "Follow a symlink and print out its target file"; diff --git a/pkgs/tools/system/fio/default.nix b/pkgs/tools/system/fio/default.nix index 0fc90be2dcb..c2c46e9a5d1 100644 --- a/pkgs/tools/system/fio/default.nix +++ b/pkgs/tools/system/fio/default.nix @@ -31,7 +31,7 @@ stdenv.mkDerivation rec { pythonPath = [ python3.pkgs.six ]; - makeWrapperArgs = lib.optional withGnuplot [ + makeWrapperArgs = lib.optionals withGnuplot [ "--prefix PATH : ${lib.makeBinPath [ gnuplot ]}" ]; diff --git a/pkgs/tools/system/gptfdisk/default.nix b/pkgs/tools/system/gptfdisk/default.nix index 871d309d530..436aec4c552 100644 --- a/pkgs/tools/system/gptfdisk/default.nix +++ b/pkgs/tools/system/gptfdisk/default.nix @@ -12,6 +12,11 @@ stdenv.mkDerivation rec { }; patches = [ + # issues with popt 1.19 (from upstream but not yet released): + # https://sourceforge.net/p/gptfdisk/code/ci/5d5e76d369a412bfb3d2cebb5fc0a7509cef878d/ + # https://github.com/rpm-software-management/popt/issues/80 + ./popt-1-19.patch + # fix UUID generation (from upstream but not yet released): # https://sourceforge.net/p/gptfdisk/code/ci/6a8416cbd12d55f882bb751993b94f72d338d96f/ # https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1853985.html diff --git a/pkgs/tools/system/gptfdisk/popt-1-19.patch b/pkgs/tools/system/gptfdisk/popt-1-19.patch new file mode 100644 index 00000000000..ae971362cdd --- /dev/null +++ b/pkgs/tools/system/gptfdisk/popt-1-19.patch @@ -0,0 +1,13 @@ +diff --git a/gptcl.cc b/gptcl.cc +index 34c9421..0d578eb 100644 +--- a/gptcl.cc ++++ b/gptcl.cc +@@ -155,7 +155,7 @@ int GPTDataCL::DoOptions(int argc, char* argv[]) { + } // while + + // Assume first non-option argument is the device filename.... +- device = (char*) poptGetArg(poptCon); ++ device = strdup((char*) poptGetArg(poptCon)); + poptResetContext(poptCon); + + if (device != NULL) { diff --git a/pkgs/tools/system/monit/default.nix b/pkgs/tools/system/monit/default.nix index b338f6a80d6..07b0163b5ac 100644 --- a/pkgs/tools/system/monit/default.nix +++ b/pkgs/tools/system/monit/default.nix @@ -4,6 +4,7 @@ , bison , flex , zlib +, libxcrypt , usePAM ? stdenv.hostPlatform.isLinux , pam , useSSL ? true @@ -20,7 +21,7 @@ stdenv.mkDerivation rec { }; nativeBuildInputs = [ bison flex ]; - buildInputs = [ zlib.dev ] ++ + buildInputs = [ zlib.dev libxcrypt ] ++ lib.optionals useSSL [ openssl ] ++ lib.optionals usePAM [ pam ]; diff --git a/pkgs/tools/system/netdata/default.nix b/pkgs/tools/system/netdata/default.nix index 96ca146358d..d27ebc4e2a6 100644 --- a/pkgs/tools/system/netdata/default.nix +++ b/pkgs/tools/system/netdata/default.nix @@ -99,9 +99,9 @@ in stdenv.mkDerivation rec { "--sysconfdir=/etc" "--disable-ebpf" "--with-jemalloc=${jemalloc}" - ] ++ optional (!withDBengine) [ + ] ++ optionals (!withDBengine) [ "--disable-dbengine" - ] ++ optional (!withCloud) [ + ] ++ optionals (!withCloud) [ "--disable-cloud" ]; diff --git a/pkgs/tools/system/tre-command/default.nix b/pkgs/tools/system/tre-command/default.nix index f79c1625fbf..971aa29b964 100644 --- a/pkgs/tools/system/tre-command/default.nix +++ b/pkgs/tools/system/tre-command/default.nix @@ -22,7 +22,7 @@ rustPlatform.buildRustPackage rec { ''; # this test requires package to be in a git repo to succeed - checkFlags = "--skip respect_git_ignore"; + checkFlags = [ "--skip" "respect_git_ignore" ]; meta = with lib; { description = "Tree command, improved"; diff --git a/pkgs/tools/typesetting/rfc-bibtex/default.nix b/pkgs/tools/typesetting/rfc-bibtex/default.nix new file mode 100644 index 00000000000..de38b4cd29c --- /dev/null +++ b/pkgs/tools/typesetting/rfc-bibtex/default.nix @@ -0,0 +1,33 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +with python3.pkgs; buildPythonApplication rec { + pname = "rfc-bibtex"; + version = "0.3.2"; + format = "setuptools"; + + src = fetchFromGitHub { + owner = "iluxonchik"; + repo = pname; + rev = "refs/tags/${version}"; + hash = "sha256-bPCNQqiG50vWVFA6J2kyxftwsXunHTNBdSkoIRYkb0s="; + }; + + checkInputs = [ + pytestCheckHook + vcrpy + ]; + + pythonImportsCheck = [ + "rfc_bibtex" + ]; + + meta = with lib; { + homepage = "https://github.com/iluxonchik/rfc-bibtex/"; + description = "Generate Bibtex entries for IETF RFCs and Internet-Drafts"; + license = licenses.mit; + maintainers = with maintainers; [ teto ]; + }; +} diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index cbf77de74f4..79f0cfbffe6 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -1161,6 +1161,7 @@ mapAliases ({ # postgresql postgresql96 = postgresql_9_6; postgresql_9_6 = throw "postgresql_9_6 has been removed from nixpkgs, as this version is no longer supported by upstream"; # Added 2021-12-03 + postgresql_10 = throw "postgresql_10 has been removed from nixpkgs, as this version went EOL on 2022-11-10"; # Added 2022-08-01 # postgresql plugins cstore_fdw = postgresqlPackages.cstore_fdw; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index c6de514afb5..41f8b1888cb 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -749,6 +749,8 @@ with pkgs; owl = callPackage ../tools/networking/owl { }; + mutmut = callPackage ../development/tools/mutmut { }; + packcc = callPackage ../development/tools/packcc { }; packer = callPackage ../development/tools/packer { }; @@ -2446,7 +2448,7 @@ with pkgs; cod = callPackage ../tools/misc/cod { }; - codespell = with python3Packages; toPythonApplication codespell; + codespell = callPackage ../development/tools/codespell { }; coolreader = libsForQt5.callPackage ../applications/misc/coolreader {}; @@ -3133,6 +3135,8 @@ with pkgs; tezos-rust-libs = callPackage ../development/libraries/tezos-rust-libs { }; + behave = with python3Packages; toPythonApplication behave; + behdad-fonts = callPackage ../data/fonts/behdad-fonts { }; bfetch = callPackage ../tools/misc/bfetch { }; @@ -4583,6 +4587,8 @@ with pkgs; notify = callPackage ../tools/misc/notify { }; + notifymuch = callPackage ../applications/misc/notifymuch { }; + npins = callPackage ../tools/nix/npins { }; nrsc5 = callPackage ../applications/misc/nrsc5 { }; @@ -4972,7 +4978,13 @@ with pkgs; enableExtraPlugins = true; }; - asciidoctor = callPackage ../tools/typesetting/asciidoctor { }; + asciidoctor = callPackage ../tools/typesetting/asciidoctor { + bundlerApp = bundlerApp.override { + # asciidoc supports both ruby 2 and 3, + # but we don't want to be stuck on it: + ruby = ruby_3_1; + }; + }; asciidoctor-with-extensions = callPackage ../tools/typesetting/asciidoctor-with-extensions { }; @@ -7354,6 +7366,8 @@ with pkgs; hamlib = hamlib_4; }; + gprof2dot = with python3Packages; toPythonApplication gprof2dot; + gprojector = callPackage ../applications/science/astronomy/gprojector { }; gptfdisk = callPackage ../tools/system/gptfdisk { }; @@ -7816,9 +7830,7 @@ with pkgs; jamulus = libsForQt5.callPackage ../applications/audio/jamulus { }; - ibm-sw-tpm2 = callPackage ../tools/security/ibm-sw-tpm2 { - openssl = openssl_1_1; - }; + ibm-sw-tpm2 = callPackage ../tools/security/ibm-sw-tpm2 { }; ibniz = callPackage ../tools/graphics/ibniz { }; @@ -8144,6 +8156,8 @@ with pkgs; jsawk = callPackage ../tools/text/jsawk { }; + jsbeautifier = with python3Packages; toPythonApplication jsbeautifier; + jscoverage = callPackage ../development/tools/misc/jscoverage { }; jsduck = callPackage ../development/tools/jsduck { }; @@ -10551,6 +10565,8 @@ with pkgs; pyocd = python3Packages.callPackage ../development/embedded/pyocd { }; + pypass = with python3Packages; toPythonApplication pypass; + pyspread = libsForQt5.callPackage ../applications/office/pyspread { }; teapot = callPackage ../applications/office/teapot { }; @@ -13575,6 +13591,8 @@ with pkgs; fasmg = callPackage ../development/compilers/fasmg { }; + filecheck = with python3Packages; toPythonApplication filecheck; + firrtl = callPackage ../development/compilers/firrtl { }; flasm = callPackage ../development/compilers/flasm { }; @@ -15047,16 +15065,17 @@ with pkgs; sagittarius-scheme = callPackage ../development/compilers/sagittarius-scheme {}; sbclBootstrap = callPackage ../development/compilers/sbcl/bootstrap.nix {}; - sbcl_2_0_8 = callPackage ../development/compilers/sbcl/2.0.8.nix {}; - sbcl_2_0_9 = callPackage ../development/compilers/sbcl/2.0.9.nix {}; - sbcl_2_1_1 = callPackage ../development/compilers/sbcl/2.1.1.nix {}; - sbcl_2_1_2 = callPackage ../development/compilers/sbcl/2.1.2.nix {}; - sbcl_2_1_9 = callPackage ../development/compilers/sbcl/2.1.9.nix {}; - sbcl_2_1_10 = callPackage ../development/compilers/sbcl/2.1.10.nix {}; - sbcl_2_1_11 = callPackage ../development/compilers/sbcl/2.1.11.nix {}; - sbcl_2_2_4 = callPackage ../development/compilers/sbcl/2.2.4.nix {}; - sbcl_2_2_6 = callPackage ../development/compilers/sbcl/2.2.6.nix {}; - sbcl = sbcl_2_2_6; + sbcl_2_0_8 = callPackage ../development/compilers/sbcl/2.x.nix { version = "2.0.8"; }; + sbcl_2_0_9 = callPackage ../development/compilers/sbcl/2.x.nix { version = "2.0.9"; }; + sbcl_2_1_1 = callPackage ../development/compilers/sbcl/2.x.nix { version = "2.1.1"; }; + sbcl_2_1_2 = callPackage ../development/compilers/sbcl/2.x.nix { version = "2.1.2"; }; + sbcl_2_1_9 = callPackage ../development/compilers/sbcl/2.x.nix { version = "2.1.9"; }; + sbcl_2_1_10 = callPackage ../development/compilers/sbcl/2.x.nix { version = "2.1.10"; }; + sbcl_2_1_11 = callPackage ../development/compilers/sbcl/2.x.nix { version = "2.1.11"; }; + sbcl_2_2_4 = callPackage ../development/compilers/sbcl/2.x.nix { version = "2.2.4"; }; + sbcl_2_2_6 = callPackage ../development/compilers/sbcl/2.x.nix { version = "2.2.6"; }; + sbcl_2_2_9 = callPackage ../development/compilers/sbcl/2.x.nix { version = "2.2.9"; }; + sbcl = sbcl_2_2_9; roswell = callPackage ../development/tools/roswell { }; @@ -15713,7 +15732,7 @@ with pkgs; inherit pkgs lib; }; - poetry2conda = python3Packages.callPackage ../development/python-modules/poetry2conda { }; + poetry2conda = callPackage ../tools/package-management/poetry2conda { }; pip-audit = callPackage ../development/tools/pip-audit {}; @@ -16907,6 +16926,8 @@ with pkgs; graphene = callPackage ../development/libraries/graphene { }; + griffe = with python3Packages; toPythonApplication griffe; + gtk-doc = callPackage ../development/tools/documentation/gtk-doc { }; gtkdialog = callPackage ../development/tools/misc/gtkdialog { }; @@ -17848,6 +17869,8 @@ with pkgs; mypy = with python3Packages; toPythonApplication mypy; + mypy-protobuf = with python3Packages; toPythonApplication mypy-protobuf; + nsis = callPackage ../development/tools/nsis { }; tockloader = callPackage ../development/tools/misc/tockloader { }; @@ -18091,7 +18114,13 @@ with pkgs; bzrtp = callPackage ../development/libraries/bzrtp { }; - c-ares = callPackage ../development/libraries/c-ares { }; + c-ares = callPackage ../development/libraries/c-ares { + inherit (buildPackages) cmake; + }; + + c-aresMinimal = callPackage ../development/libraries/c-ares { + withCMake = false; + }; c-blosc = callPackage ../development/libraries/c-blosc { }; @@ -19525,8 +19554,6 @@ with pkgs; krb5 = callPackage ../development/libraries/kerberos/krb5.nix { inherit (buildPackages.darwin) bootstrap_cmds; - # TODO: can be removed once we have 1.20 - openssl = openssl_1_1; }; krb5Full = krb5; libkrb5 = krb5.override { type = "lib"; }; @@ -20174,6 +20201,8 @@ with pkgs; liblcf = callPackage ../development/libraries/liblcf { }; + liblc3 = callPackage ../development/libraries/liblc3 { }; + libliftoff = callPackage ../development/libraries/libliftoff { }; liblqr1 = callPackage ../development/libraries/liblqr-1 { @@ -20842,7 +20871,13 @@ with pkgs; libx86 = callPackage ../development/libraries/libx86 {}; - libxcrypt = callPackage ../development/libraries/libxcrypt { }; + libxcrypt = callPackage ../development/libraries/libxcrypt { + fetchurl = stdenv.fetchurlBoot; + perl = buildPackages.perl.override { + enableCrypt = false; + fetchurl = stdenv.fetchurlBoot; + }; + }; libxdg_basedir = callPackage ../development/libraries/libxdg-basedir { }; @@ -21433,6 +21468,10 @@ with pkgs; openslp = callPackage ../development/libraries/openslp {}; openstackclient = with python3Packages; toPythonApplication python-openstackclient; + glanceclient = with python3Packages; toPythonApplication python-glanceclient; + heatclient = with python3Packages; toPythonApplication python-heatclient; + ironicclient = with python3Packages; toPythonApplication python-ironicclient; + manilaclient = with python3Packages; toPythonApplication python-manilaclient; openvdb = callPackage ../development/libraries/openvdb {}; @@ -22204,7 +22243,7 @@ with pkgs; sope = callPackage ../development/libraries/sope { }; - sord = callPackage ../development/libraries/sord {}; + sord = callPackage ../development/libraries/sord { }; soundtouch = callPackage ../development/libraries/soundtouch {}; @@ -22963,9 +23002,9 @@ with pkgs; ### DEVELOPMENT / GO # the unversioned attributes should always point to the same go version - go = go_1_18; - buildGoModule = buildGo118Module; - buildGoPackage = buildGo118Package; + go = go_1_19; + buildGoModule = buildGo119Module; + buildGoPackage = buildGo119Package; go_1_17 = callPackage ../development/compilers/go/1.17.nix ({ inherit (darwin.apple_sdk.frameworks) Foundation Security; @@ -24028,7 +24067,6 @@ with pkgs; timescaledb-tune = callPackage ../development/tools/database/timescaledb-tune { }; inherit (import ../servers/sql/postgresql pkgs) - postgresql_10 postgresql_11 postgresql_12 postgresql_13 @@ -24939,6 +24977,14 @@ with pkgs; inherit (callPackages ../os-specific/linux/kernel-headers { }) linuxHeaders makeLinuxHeaders; + linuxHeaders_5_19 = linuxHeaders.overrideAttrs (_: rec { + version = "5.19.16"; + src = fetchurl { + url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; + sha256 = "13g0c6ljxk3sd0ja39ndih5vrzp2ssj78qxaf8nswn8hgrkazsx1"; + }; + }); + klibc = callPackage ../os-specific/linux/klibc { }; klibcShrunk = lowPrio (callPackage ../os-specific/linux/klibc/shrunk.nix { }); @@ -25578,6 +25624,7 @@ with pkgs; withOomd = false; withPCRE2 = false; withPolkit = false; + withPortabled = false; withRemote = false; withResolved = false; withShellCompletions = false; @@ -27979,7 +28026,7 @@ with pkgs; gg-scm = callPackage ../applications/version-management/git-and-tools/gg { }; - gigalixir = with python3Packages; toPythonApplication gigalixir; + gigalixir = callPackage ../tools/misc/gigalixir { }; go-libp2p-daemon = callPackage ../servers/go-libp2p-daemon { }; @@ -32399,7 +32446,7 @@ with pkgs; }; neovimUtils = callPackage ../applications/editors/neovim/utils.nix { - inherit (lua51Packages) buildLuarocksPackage; + lua = lua5_1; }; neovim = wrapNeovim neovim-unwrapped { }; @@ -33479,6 +33526,8 @@ with pkgs; nux = callPackage ../tools/misc/nux { }; + phonemizer = with python3Packages; toPythonApplication phonemizer; + tts = callPackage ../tools/audio/tts { }; ### GAMES @@ -36816,7 +36865,7 @@ with pkgs; rfc = callPackage ../tools/misc/rfc { }; - rfc-bibtex = python3Packages.callPackage ../development/python-modules/rfc-bibtex { }; + rfc-bibtex = callPackage ../tools/typesetting/rfc-bibtex { }; pick-colour-picker = python3Packages.callPackage ../applications/graphics/pick-colour-picker { inherit glib gtk3 gobject-introspection wrapGAppsHook; diff --git a/pkgs/top-level/perl-packages.nix b/pkgs/top-level/perl-packages.nix index 57a75371dea..659c51f7665 100644 --- a/pkgs/top-level/perl-packages.nix +++ b/pkgs/top-level/perl-packages.nix @@ -849,7 +849,7 @@ let }; buildInputs = [ PodParser ]; propagatedBuildInputs = [ AppPackager FileLoadLines IOString ImageInfo PDFAPI2 StringInterpolateNamed TextLayout ] - ++ lib.optional (!stdenv.isDarwin) [ Wx ]; + ++ lib.optionals (!stdenv.isDarwin) [ Wx ]; nativeBuildInputs = lib.optional stdenv.isDarwin shortenPerlShebang; postInstall = lib.optionalString stdenv.isDarwin '' shortenPerlShebang $out/bin/chordpro @@ -5290,7 +5290,7 @@ let hash = "sha256-+OzKRch+uRMlmSsT8FlPgI5vG8TDuafxQbmoODhNJSw="; }; - makeMakerFlags = "--libpath=${lib.getLib pkgs.openssl}/lib --incpath=${pkgs.openssl.dev}/include"; + makeMakerFlags = [ "--libpath=${lib.getLib pkgs.openssl}/lib" "--incpath=${pkgs.openssl.dev}/include" ]; buildInputs = [ PathClass ]; propagatedBuildInputs = [ BytesRandomSecure LWPProtocolHttps ]; meta = { @@ -6699,7 +6699,7 @@ let }) ]; - makeMakerFlags = "SQLITE_INC=${pkgs.sqlite.dev}/include SQLITE_LIB=${pkgs.sqlite.out}/lib"; + makeMakerFlags = [ "SQLITE_INC=${pkgs.sqlite.dev}/include" "SQLITE_LIB=${pkgs.sqlite.out}/lib" ]; postInstall = '' # Get rid of a pointless copy of the SQLite sources. @@ -6788,7 +6788,7 @@ let buildInputs = [ pkgs.postgresql ]; propagatedBuildInputs = [ DBI ]; - makeMakerFlags = "POSTGRES_HOME=${pkgs.postgresql}"; + makeMakerFlags = [ "POSTGRES_HOME=${pkgs.postgresql}" ]; # tests freeze in a sandbox doCheck = false; @@ -9312,7 +9312,7 @@ let hash = "sha256-Uuax3Hyy2HpM30OboUXguejPKMwmpIo8+Zd8g0Y5Z+4="; }; buildInputs = [ pkgs.file ConfigAutoConf TestFatal ]; - makeMakerFlags = "--lib=${pkgs.file}/lib"; + makeMakerFlags = [ "--lib=${pkgs.file}/lib" ]; preCheck = '' substituteInPlace t/oo-api.t \ --replace "/usr/share/file/magic.mgc" "${pkgs.file}/share/misc/magic.mgc" @@ -9960,7 +9960,7 @@ let # otherwise "cc1: error: -Wformat-security ignored without -Wformat [-Werror=format-security]" hardeningDisable = [ "format" ]; - makeMakerFlags = "--lib_png_path=${pkgs.libpng.out} --lib_jpeg_path=${pkgs.libjpeg.out} --lib_zlib_path=${pkgs.zlib.out} --lib_ft_path=${pkgs.freetype.out} --lib_fontconfig_path=${pkgs.fontconfig.lib} --lib_xpm_path=${pkgs.xorg.libXpm.out}"; + makeMakerFlags = [ "--lib_png_path=${pkgs.libpng.out}" "--lib_jpeg_path=${pkgs.libjpeg.out}" "--lib_zlib_path=${pkgs.zlib.out}" "--lib_ft_path=${pkgs.freetype.out}" "--lib_fontconfig_path=${pkgs.fontconfig.lib}" "--lib_xpm_path=${pkgs.xorg.libXpm.out}" ]; meta = { description = "Perl interface to the gd2 graphics library"; @@ -10019,7 +10019,7 @@ let url = "mirror://cpan/authors/id/M/MA/MAXMIND/Geo-IP-1.51.tar.gz"; hash = "sha256-FjAgMV1cVEGDaseeCKd7Qo8nf9CQvqT6gNpwd7JDaro="; }; - makeMakerFlags = "LIBS=-L${pkgs.geoip}/lib INC=-I${pkgs.geoip}/include"; + makeMakerFlags = [ "LIBS=-L${pkgs.geoip}/lib" "INC=-I${pkgs.geoip}/include" ]; doCheck = false; # seems to access the network meta = { description = "Look up location and network information by IP Address"; @@ -10512,7 +10512,7 @@ let hash = "sha256-fY8se2F2L7TsctLsKBKQ8vh/nH0pgnPaRSVDKmXncNY="; }; propagatedBuildInputs = [ pkgs.krb5Full.dev ]; - makeMakerFlags = "--gssapiimpl ${pkgs.krb5Full.dev}"; + makeMakerFlags = [ "--gssapiimpl" "${pkgs.krb5Full.dev}" ]; meta = { description = "Perl extension providing access to the GSSAPIv2 library"; license = with lib.licenses; [ artistic1 gpl1Plus ]; @@ -11785,7 +11785,7 @@ let hash = "sha256-dNRNcBwfFPxLmE+toelVcmtQTC2LBtJl56hh+llDy0g="; }; buildInputs = [ pkgs.freetype pkgs.fontconfig pkgs.libjpeg pkgs.libpng ]; - makeMakerFlags = "--incpath ${pkgs.libjpeg.dev}/include --libpath ${pkgs.libjpeg.out}/lib --incpath ${pkgs.libpng.dev}/include --libpath ${pkgs.libpng.out}/lib"; + makeMakerFlags = [ "--incpath ${pkgs.libjpeg.dev}/include" "--libpath ${pkgs.libjpeg.out}/lib" "--incpath" "${pkgs.libpng.dev}/include" "--libpath" "${pkgs.libpng.out}/lib" ]; meta = { description = "Perl extension for Generating 24 bit Images"; homepage = "http://imager.perl.org"; @@ -11846,7 +11846,7 @@ let }; buildInputs = [ pkgs.libpng pkgs.libjpeg TestNoWarnings ]; propagatedBuildInputs = [ pkgs.zlib ]; - makeMakerFlags = "--with-jpeg-includes=${pkgs.libjpeg.dev}/include --with-jpeg-libs=${pkgs.libjpeg.out}/lib --with-png-includes=${pkgs.libpng.dev}/include --with-png-libs=${pkgs.libpng.out}/lib"; + makeMakerFlags = [ "--with-jpeg-includes=${pkgs.libjpeg.dev}/include" "--with-jpeg-libs=${pkgs.libjpeg.out}/lib" "--with-png-includes=${pkgs.libpng.dev}/include" "--with-png-libs=${pkgs.libpng.out}/lib" ]; meta = { description = "Fast, high-quality fixed-point image resizing"; license = with lib.licenses; [ gpl2Plus ]; @@ -12576,7 +12576,7 @@ let propagatedBuildInputs = [ Inline ]; # TODO: upgrade https://github.com/NixOS/nixpkgs/pull/89731 - makeMakerFlags = "J2SDK=${pkgs.jdk8}"; + makeMakerFlags = [ "J2SDK=${pkgs.jdk8}" ]; # FIXME: Apparently tests want to access the network. doCheck = false; @@ -12833,7 +12833,7 @@ let outputs = [ "out" "tex" ]; propagatedBuildInputs = [ ArchiveZip DBFile FileWhich IOString ImageMagick ImageSize JSONXS LWP ParseRecDescent PodParser TextUnidecode XMLLibXSLT ]; nativeBuildInputs = [ pkgs.makeWrapper ] ++ lib.optional stdenv.isDarwin shortenPerlShebang; - makeMakerFlags = "TEXMF=\${tex} NOMKTEXLSR"; + makeMakerFlags = [ "TEXMF=\${tex}" "NOMKTEXLSR" ]; # shebangs need to be patched before executables are copied to $out preBuild = '' patchShebangs bin/ @@ -12911,7 +12911,13 @@ let outputs = [ "out" ]; buildInputs = [ pkgs.apacheHttpd pkgs.apr pkgs.aprutil ApacheTest ExtUtilsXSBuilder ]; propagatedBuildInputs = [ (pkgs.apacheHttpdPackages.mod_perl.override { inherit perl; }) ]; - makeMakerFlags = "--with-apache2-src=${pkgs.apacheHttpd.dev} --with-apache2-apxs=${pkgs.apacheHttpd.dev}/bin/apxs --with-apache2-httpd=${pkgs.apacheHttpd.out}/bin/httpd --with-apr-config=${pkgs.apr.dev}/bin/apr-1-config --with-apu-config=${pkgs.aprutil.dev}/bin/apu-1-config"; + makeMakerFlags = [ + "--with-apache2-src=${pkgs.apacheHttpd.dev}" + "--with-apache2-apxs=${pkgs.apacheHttpd.dev}/bin/apxs" + "--with-apache2-httpd=${pkgs.apacheHttpd.out}/bin/httpd" + "--with-apr-config=${pkgs.apr.dev}/bin/apr-1-config" + "--with-apu-config=${pkgs.aprutil.dev}/bin/apu-1-config" + ]; preConfigure = '' # override broken prereq check substituteInPlace configure --replace "prereq_check=\"\$PERL \$PERL_OPTS build/version_check.pl\"" "prereq_check=\"echo\"" @@ -14575,7 +14581,7 @@ let # `overflow'; Pari.o:(.bss+0x80): first defined here NIX_CFLAGS_COMPILE = "-fcommon"; preConfigure = "cp ${pari_tgz} pari-${pariversion}.tgz"; - makeMakerFlags = "pari_tgz=pari-${pariversion}.tgz"; + makeMakerFlags = [ "pari_tgz=pari-${pariversion}.tgz" ]; src = fetchurl { url = "mirror://cpan/authors/id/I/IL/ILYAZ/modules/Math-Pari-2.030518.zip"; hash = "sha256-3DiVWpaQvmuvqN4lJiEjd8Psn+jaXsAiY6nK+UtYu5E="; @@ -15741,7 +15747,7 @@ let hash = "sha256-9bghtZsP3JZw5G7Q/PMtiRHyUSYYmotowWUvkiHu4mk="; }; - makeMakerFlags = "MP_AP_DESTDIR=$out"; + makeMakerFlags = [ "MP_AP_DESTDIR=$out" ]; buildInputs = [ pkgs.apacheHttpd ]; doCheck = false; # would try to start Apache HTTP server passthru.tests = nixosTests.mod_perl; @@ -16439,7 +16445,7 @@ let buildInputs = [ ModuleBuildTiny TestSharedFork pkgs.postgresql ]; propagatedBuildInputs = [ DBDPg DBI FileWhich FunctionParameters Moo TieHashMethod TryTiny TypeTiny ]; - makeMakerFlags = "POSTGRES_HOME=${pkgs.postgresql}"; + makeMakerFlags = [ "POSTGRES_HOME=${pkgs.postgresql}" ]; meta = { description = "PostgreSQL runner for tests"; @@ -17580,7 +17586,7 @@ let hash = "sha256-hS1u6H6PDQFCIwJlgcu1aSS6jN3TzrKcYZHbthItQ8U="; }; propagatedBuildInputs = [ DigestHMAC ]; - makeMakerFlags = "--noonline-tests"; + makeMakerFlags = [ "--noonline-tests" ]; meta = { description = "Perl Interface to the Domain Name System"; license = with lib.licenses; [ mit ]; @@ -22736,8 +22742,8 @@ let pkgs.tk ] ++ lib.optionals stdenv.isDarwin [ darwin.apple_sdk.frameworks.CoreServices ]; - makeMakerFlags = lib.optionalString stdenv.isLinux - "--tclsh=${pkgs.tcl}/bin/tclsh --nousestubs"; + makeMakerFlags = lib.optionals stdenv.isLinux + [ "--tclsh=${pkgs.tcl}/bin/tclsh" "--nousestubs" ]; meta = { description = "Tcl extension module for Perl"; license = with lib.licenses; [ artistic1 gpl1Plus ]; @@ -26158,7 +26164,7 @@ let url = "mirror://cpan/authors/id/S/SR/SREZIC/Tk-804.035.tar.gz"; hash = "sha256-TSuAKRum3jTY7IhqCFptvSt5C5JgNaCH6ZAlYUxf/dQ="; }; - makeMakerFlags = "X11INC=${pkgs.xorg.libX11.dev}/include X11LIB=${pkgs.xorg.libX11.out}/lib"; + makeMakerFlags = [ "X11INC=${pkgs.xorg.libX11.dev}/include" "X11LIB=${pkgs.xorg.libX11.out}/lib" ]; buildInputs = [ pkgs.xorg.libX11 pkgs.libpng ]; doCheck = false; # Expects working X11. meta = { @@ -26174,7 +26180,7 @@ let url = "mirror://cpan/authors/id/A/AS/ASB/Tk-ToolBar-0.12.tar.gz"; hash = "sha256-Rj4oTsRxN+fEJclpGwKo3sXOJytY6h9jWa6AQaI53Q8="; }; - makeMakerFlags = "X11INC=${pkgs.xorg.libX11.dev}/include X11LIB=${pkgs.xorg.libX11.out}/lib"; + makeMakerFlags = [ "X11INC=${pkgs.xorg.libX11.dev}/include" "X11LIB=${pkgs.xorg.libX11.out}/lib" ]; buildInputs = [ Tk ]; doCheck = false; # Expects working X11. meta = { @@ -27281,7 +27287,7 @@ let '' + lib.optionalString stdenv.isCygwin '' sed -i"" -e "s@my \$compiler = File::Spec->catfile(\$path, \$cc\[0\]) \. \$Config{_exe};@my \$compiler = File::Spec->catfile(\$path, \$cc\[0\]) \. (\$^O eq 'cygwin' ? \"\" : \$Config{_exe});@" inc/Devel/CheckLib.pm ''; - makeMakerFlags = "EXPATLIBPATH=${pkgs.expat.out}/lib EXPATINCPATH=${pkgs.expat.dev}/include"; + makeMakerFlags = [ "EXPATLIBPATH=${pkgs.expat.out}/lib" "EXPATINCPATH=${pkgs.expat.dev}/include" ]; propagatedBuildInputs = [ LWP ]; meta = { description = "A perl module for parsing XML documents"; @@ -27808,7 +27814,7 @@ let NIX_CFLAGS_COMPILE = "-I${pkgs.openssl_1_1.dev}/include -I${pkgs.libidn2}.dev}/include"; NIX_CFLAGS_LINK = "-L${lib.getLib pkgs.openssl_1_1}/lib -L${lib.getLib pkgs.libidn2}/lib -lcrypto -lidn2"; - makeMakerFlags = "--prefix-openssl=${pkgs.openssl_1_1.dev}"; + makeMakerFlags = [ "--prefix-openssl=${pkgs.openssl_1_1.dev}" ]; nativeBuildInputs = [ pkgs.pkg-config ]; buildInputs = [ DevelChecklib ModuleInstall ModuleInstallXSUtil TestFatal pkgs.ldns pkgs.libidn2 pkgs.openssl_1_1 ]; diff --git a/pkgs/top-level/python-aliases.nix b/pkgs/top-level/python-aliases.nix index b5002b1ec74..77088aa1bef 100644 --- a/pkgs/top-level/python-aliases.nix +++ b/pkgs/top-level/python-aliases.nix @@ -44,6 +44,7 @@ mapAliases ({ bt_proximity = bt-proximity; # added 2021-07-02 carrot = throw "carrot has been removed, as its development was discontinued in 2012"; # added 2022-01-18 class-registry = phx-class-registry; # added 2021-10-05 + codespell = throw "codespell has been promoted to a top-level attribute"; # Added 2022-10-02 ConfigArgParse = configargparse; # added 2021-03-18 cozy = throw "cozy was removed because it was not actually https://pypi.org/project/Cozy/."; # added 2022-01-14 cryptography_vectors = "cryptography_vectors is no longer exposed in python*Packages because it is used for testing cryptography only."; # Added 2022-03-23 @@ -80,6 +81,7 @@ mapAliases ({ flask_testing = flask-testing; # added 2022-04-25 flask_wtf = flask-wtf; # added 2022-05-24 garminconnect-ha = garminconnect; # added 2022-02-05 + gigalixir = throw "gigalixir has been promoted to a top-level attribute"; # Added 2022-10-02 gitdb2 = throw "gitdb2 has been deprecated, use gitdb instead."; # added 2020-03-14 glances = throw "glances has moved to pkgs.glances"; # added 2020-20-28 google_api_python_client = google-api-python-client; # added 2021-03-19 @@ -110,14 +112,17 @@ mapAliases ({ mailman-web = throw "Please use pkgs.mailman-web"; # added 2022-04-29 mistune_0_8 = throw "mistune_0_8 was removed because it was outdated and insecure"; # added 2022-08-12 mistune_2_0 = mistune; # added 2022-08-12 + mutmut = throw "mutmut has been promoted to a top-level attribute"; # added 2022-10-02 net2grid = gridnet; # add 2022-04-22 nose-cover3 = throw "nose-cover3 has been removed, it was using setuptools 2to3 translation feature, which has been removed in setuptools 58"; # added 2022-02-16 + notifymuch = throw "notifymuch has been promoted to a top-level attribute"; # added 2022-10-02 ordereddict = throw "ordereddict has been removed because it is only useful on unsupported python versions."; # added 2022-05-28 pam = python-pam; # added 2020-09-07. PasteDeploy = pastedeploy; # added 2021-10-07 pathpy = path; # added 2022-04-12 pdfminer = pdfminer-six; # added 2022-05-25 pep257 = pydocstyle; # added 2022-04-12 + poetry2conda = throw "poetry2conda was promoted to a top-level attribute"; # Added 2022-10-02 poster3 = throw "poster3 is unmaintained and source is no longer available"; # added 2023-05-29 postorius = throw "Please use pkgs.mailmanPackages.postorius"; # added 2022-04-29 powerlineMemSegment = powerline-mem-segment; # added 2021-10-08 diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 566303b24f6..e2651496753 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -1973,8 +1973,6 @@ in { codepy = callPackage ../development/python-modules/codepy { }; - codespell = callPackage ../development/python-modules/codespell { }; - cogapp = callPackage ../development/python-modules/cogapp { }; coinmetrics-api-client = callPackage ../development/python-modules/coinmetrics-api-client { }; @@ -3816,8 +3814,6 @@ in { gidgethub = callPackage ../development/python-modules/gidgethub { }; - gigalixir = callPackage ../development/python-modules/gigalixir { }; - gin-config = callPackage ../development/python-modules/gin-config { }; gios = callPackage ../development/python-modules/gios { }; @@ -6040,8 +6036,6 @@ in { mutf8 = callPackage ../development/python-modules/mutf8 { }; - mutmut = callPackage ../development/python-modules/mutmut { }; - mujson = callPackage ../development/python-modules/mujson { }; mwclient = callPackage ../development/python-modules/mwclient { }; @@ -6344,8 +6338,6 @@ in { notify2 = callPackage ../development/python-modules/notify2 { }; - notifymuch = callPackage ../development/python-modules/notifymuch {}; - notmuch = callPackage ../development/python-modules/notmuch { inherit (pkgs) notmuch; }; @@ -7268,8 +7260,6 @@ in { poetry-semver = callPackage ../development/python-modules/poetry-semver { }; - poetry2conda = callPackage ../development/python-modules/poetry2conda { }; - poezio = callPackage ../applications/networking/instant-messengers/poezio { }; polars = callPackage ../development/python-modules/polars { }; |