diff options
Diffstat (limited to 'pkgs/tools')
20 files changed, 357 insertions, 91 deletions
diff --git a/pkgs/tools/archivers/7zz/default.nix b/pkgs/tools/archivers/7zz/default.nix index c93a750e48f..c4ccae0272e 100644 --- a/pkgs/tools/archivers/7zz/default.nix +++ b/pkgs/tools/archivers/7zz/default.nix @@ -1,4 +1,14 @@ -{ stdenv, lib, fetchurl, p7zip, uasm, useUasm ? stdenv.isx86_64 }: +{ stdenv +, lib +, fetchurl + +, uasm +, useUasm ? stdenv.isx86_64 + + # RAR code is under non-free unRAR license + # see the meta.license section below for more details +, enableUnfree ? false +}: let inherit (stdenv.hostPlatform) system; @@ -14,17 +24,38 @@ stdenv.mkDerivation rec { version = "21.07"; src = fetchurl { - url = "https://7-zip.org/a/7z${lib.replaceStrings [ "." ] [ "" ] version}-src.7z"; - sha256 = "sha256-0QdNVvQVqrmdmeWXp7ZtxFXbpjSa6KTInfdkdbahKEw="; + url = "https://7-zip.org/a/7z${lib.replaceStrings [ "." ] [ "" ] version}-src.tar.xz"; + sha256 = { + free = "sha256-SMM6kQ6AZ05s4miJjMoE4NnsXQ0tlkdWx0q2HKjhaM8="; + unfree = "sha256-IT1ZRAfLjvy6NmELFSykkh7aFBYzELQ5A9E+aDE+Hjk="; + }.${if enableUnfree then "unfree" else "free"}; + downloadToTemp = (!enableUnfree); + # remove the unRAR related code from the src drv + # > the license requires that you agree to these use restrictions, + # > or you must remove the software (source and binary) from your hard disks + # https://fedoraproject.org/wiki/Licensing:Unrar + postFetch = lib.optionalString (!enableUnfree) '' + mkdir tmp + tar xf $downloadedFile -C ./tmp + rm -r ./tmp/CPP/7zip/Compress/Rar* + tar cfJ $out -C ./tmp . \ + --sort=name \ + --mtime="@$SOURCE_DATE_EPOCH" \ + --owner=0 --group=0 --numeric-owner \ + --pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime + ''; }; sourceRoot = "CPP/7zip/Bundles/Alone2"; - makeFlags = lib.optionals useUasm [ "MY_ASM=uasm" ]; + makeFlags = + lib.optionals useUasm [ "MY_ASM=uasm" ] ++ + # it's the compression code with the restriction, see DOC/License.txt + lib.optionals (!enableUnfree) [ "DISABLE_RAR_COMPRESS=true" ]; makefile = "../../cmpl_gcc${platformSuffix}.mak"; - nativeBuildInputs = [ p7zip ] ++ lib.optionals useUasm [ uasm ]; + nativeBuildInputs = lib.optionals useUasm [ uasm ]; enableParallelBuilding = true; @@ -40,14 +71,27 @@ stdenv.mkDerivation rec { doInstallCheck = true; installCheckPhase = '' + runHook preInstallCheck + $out/bin/7zz --help | grep ${version} + + runHook postInstallCheck ''; + passthru.updateScript = ./update.sh; + meta = with lib; { description = "Command line archiver utility"; homepage = "https://7-zip.org"; - license = licenses.lgpl21Plus; - maintainers = with maintainers; [ anna328p peterhoeg ]; + license = with licenses; + # 7zip code is largely lgpl2Plus + # CPP/7zip/Compress/LzfseDecoder.cpp is bsd3 + [ lgpl2Plus /* and */ bsd3 ] ++ + # and CPP/7zip/Compress/Rar* are unfree with the unRAR license restriction + # the unRAR compression code is disabled by default + lib.optionals enableUnfree [ unfree ]; + maintainers = with maintainers; [ anna328p peterhoeg jk ]; platforms = platforms.linux; + mainProgram = "7zz"; }; } diff --git a/pkgs/tools/archivers/7zz/update.sh b/pkgs/tools/archivers/7zz/update.sh new file mode 100755 index 00000000000..bbc9804799a --- /dev/null +++ b/pkgs/tools/archivers/7zz/update.sh @@ -0,0 +1,50 @@ +#! /usr/bin/env nix-shell +#! nix-shell -i bash -p coreutils gnused curl jq +set -euo pipefail +cd "$(dirname "${BASH_SOURCE[0]}")" + +DRV_DIR="$PWD" + +OLD_VERSION="$(sed -nE 's/\s*version = "(.*)".*/\1/p' ./default.nix)" + +NEW_VERSION="$(curl "https://sourceforge.net/projects/sevenzip/best_release.json" | jq '.platform_releases.linux.filename' -r | cut -d/ -f3)" + +echo "comparing versions $OLD_VERSION => $NEW_VERSION" +if [[ "$OLD_VERSION" == "$NEW_VERSION" ]]; then + echo "Already up to date! Doing nothing" + exit 0 +fi + +NIXPKGS_ROOT="$(realpath "$DRV_DIR/../../../..")" + +echo "getting free source hash" +OLD_FREE_HASH="$(nix-instantiate --eval --strict -E "with import $NIXPKGS_ROOT {}; _7zz.src.drvAttrs.outputHash" | tr -d '"')" +echo "getting unfree source hash" +OLD_UNFREE_HASH="$(nix-instantiate --eval --strict -E "with import $NIXPKGS_ROOT {}; (_7zz.override { enableUnfree = true; }).src.drvAttrs.outputHash" | tr -d '"')" + +NEW_VERSION_FORMATTED="$(echo "$NEW_VERSION" | tr -d '.')" +URL="https://7-zip.org/a/7z${NEW_VERSION_FORMATTED}-src.tar.xz" + + +NEW_FREE_HASH=$(nix-prefetch -f "$NIXPKGS_ROOT" -E "_7zz.src" --url "$URL") + +NEW_UNFREE_OUT=$(nix-prefetch -f "$NIXPKGS_ROOT" -E "(_7zz.override { enableUnfree = true; }).src" --url "$URL" --output raw --print-path) +# first line of raw output is the hash +NEW_UNFREE_HASH="$(echo "$NEW_UNFREE_OUT" | sed -n 1p)" +# second line of raw output is the src path +NEW_UNFREE_SRC="$(echo "$NEW_UNFREE_OUT" | sed -n 2p)" +# make sure to nuke the unfree src from the updater's machine +# > the license requires that you agree to these use restrictions, or you must remove the software (source and binary) from your hard disks +# https://fedoraproject.org/wiki/Licensing:Unrar +nix-store --delete "$NEW_UNFREE_SRC" + + +echo "updating version" +sed -i "s/version = \"$OLD_VERSION\";/version = \"$NEW_VERSION\";/" "$DRV_DIR/default.nix" + +echo "updating free hash" +sed -i "s@free = \"$OLD_FREE_HASH\";@free = \"$NEW_FREE_HASH\";@" "$DRV_DIR/default.nix" +echo "updating unfree hash" +sed -i "s@unfree = \"$OLD_UNFREE_HASH\";@unfree = \"$NEW_UNFREE_HASH\";@" "$DRV_DIR/default.nix" + +echo "done" diff --git a/pkgs/tools/backup/autorestic/default.nix b/pkgs/tools/backup/autorestic/default.nix index 3837c55655e..b1d863c1cf1 100644 --- a/pkgs/tools/backup/autorestic/default.nix +++ b/pkgs/tools/backup/autorestic/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "autorestic"; - version = "1.5.6"; + version = "1.5.7"; src = fetchFromGitHub { owner = "cupcakearmy"; repo = pname; rev = "v${version}"; - sha256 = "sha256-NhKAxybPLBR1Kaw2d4xI8WKS4cG0yAMHbUBDWgr5T0A="; + sha256 = "sha256-o3SO3y26ur16D20rTYtzfyZWNDbeOzvj/BpMykvG698="; }; - vendorSha256 = "sha256-WzmgV0wUsGfMVeho6M8wXJKD9adaAKRYmaJYaAcXwFc="; + vendorSha256 = "sha256-qYXdRpQT7x+Y5h8PuKGjsANXLqjNlsPKO76GQhnufTU="; nativeBuildInputs = [ installShellFiles ]; diff --git a/pkgs/tools/filesystems/dosfstools/default.nix b/pkgs/tools/filesystems/dosfstools/default.nix index 14d054364fd..75a39fdfe92 100644 --- a/pkgs/tools/filesystems/dosfstools/default.nix +++ b/pkgs/tools/filesystems/dosfstools/default.nix @@ -1,21 +1,30 @@ -{ lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config, libiconv }: +{ lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config, libiconv, gettext, xxd }: stdenv.mkDerivation rec { pname = "dosfstools"; - version = "4.1"; + version = "4.2"; src = fetchFromGitHub { owner = "dosfstools"; repo = "dosfstools"; rev = "v${version}"; - sha256 = "1a2zn1655d5f1m6jp9vpn3bp8yfxhcmxx3mx23ai9hmxiydiykr1"; + sha256 = "sha256-2gxB0lQixiHOHw8uTetHekaM57fvUd9zOzSxWnvUz/c="; }; nativeBuildInputs = [ autoreconfHook pkg-config ] ++ lib.optional stdenv.isDarwin libiconv; + # configure.ac:75: error: required file './config.rpath' not found + # https://github.com/dosfstools/dosfstools/blob/master/autogen.sh + postPatch = '' + cp ${gettext}/share/gettext/config.rpath config.rpath + ''; + configureFlags = [ "--enable-compat-symlinks" ]; + checkInputs = [ xxd ]; + doCheck = true; + meta = { description = "Utilities for creating and checking FAT and VFAT file systems"; homepage = "https://github.com/dosfstools/dosfstools"; diff --git a/pkgs/tools/misc/apkeep/default.nix b/pkgs/tools/misc/apkeep/default.nix index d405302282f..ef7699ccf28 100644 --- a/pkgs/tools/misc/apkeep/default.nix +++ b/pkgs/tools/misc/apkeep/default.nix @@ -2,14 +2,14 @@ rustPlatform.buildRustPackage rec { pname = "apkeep"; - version = "0.9.0"; + version = "0.10.0"; src = fetchCrate { inherit pname version; - sha256 = "sha256-ST1ifON25mizKZQX3fKeqBloXWW9LXDq5JkZIeiguRY="; + sha256 = "14vm3b2gbmn9pil0aagwchn4kyvi9311id6qv4a376qfb6r1aybf"; }; - cargoSha256 = "sha256-/Xh1s4PO336B1ioKe0IKVGDACpMuXOpxA82U6zn2lj0="; + cargoSha256 = "0i8wzc58ji317kjdw3ls1908z4bqlh1cgjph0fxsvs5i552qjkzp"; prePatch = '' rm .cargo/config.toml diff --git a/pkgs/tools/misc/chezmoi/default.nix b/pkgs/tools/misc/chezmoi/default.nix index 787e4248d46..4ffffa63609 100644 --- a/pkgs/tools/misc/chezmoi/default.nix +++ b/pkgs/tools/misc/chezmoi/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "chezmoi"; - version = "2.13.1"; + version = "2.14.0"; src = fetchFromGitHub { owner = "twpayne"; repo = "chezmoi"; rev = "v${version}"; - sha256 = "sha256-Ui9zj/PI8vYkbT8M13dZ1N4sxhM8fo8ZVeOP9Oa35xg="; + sha256 = "sha256-WxOpmowRP8KSxxjW4JNQlQL6jZ2EhvpNb87NgeSO890="; }; - vendorSha256 = "sha256-6+T0UQDrCnoRZkMajyw50eH/AFIUzCgxCkWVmTfycD0="; + vendorSha256 = "sha256-ord4jHjgiW+Z2OD/x2ZAFOJYLyoB7Tja6SOd+JqxWDM="; doCheck = false; diff --git a/pkgs/tools/misc/miniserve/default.nix b/pkgs/tools/misc/miniserve/default.nix index 89607f13ac9..d24fae2a1fa 100644 --- a/pkgs/tools/misc/miniserve/default.nix +++ b/pkgs/tools/misc/miniserve/default.nix @@ -11,19 +11,27 @@ rustPlatform.buildRustPackage rec { pname = "miniserve"; - version = "0.19.2"; + version = "0.19.3"; src = fetchFromGitHub { owner = "svenstaro"; repo = "miniserve"; rev = "v${version}"; - sha256 = "sha256-/LmLz4hTmOjpR4Bqf+hABh3PSeaO/sSz/EgHp+nM20o="; + hash = "sha256-JlpjDUX8v7sGADhdKNQXoklbl/fw8DT0A6hEaUG61TQ="; }; - cargoSha256 = "sha256-/KL5c5OeflNDKWuE5Gzqgcew9zf8HFjvmBid+mQSqZE="; + cargoSha256 = "sha256-5V8+Mcuu3fxG399QjW++/uWpPMvVWBfhI/L/6pmbkVY="; - nativeBuildInputs = [ installShellFiles pkg-config zlib ]; - buildInputs = lib.optionals stdenv.isDarwin [ libiconv Security ]; + nativeBuildInputs = [ + installShellFiles + pkg-config + zlib + ]; + + buildInputs = lib.optionals stdenv.isDarwin [ + libiconv + Security + ]; checkFlags = [ "--skip=bind_ipv4_ipv6::case_2" @@ -38,7 +46,7 @@ rustPlatform.buildRustPackage rec { ''; meta = with lib; { - description = "For when you really just want to serve some files over HTTP right now!"; + description = "CLI tool to serve files and directories over HTTP"; homepage = "https://github.com/svenstaro/miniserve"; license = with licenses; [ mit ]; maintainers = with maintainers; [ ]; diff --git a/pkgs/tools/misc/opentelemetry-collector/default.nix b/pkgs/tools/misc/opentelemetry-collector/default.nix index 851d4f2dc18..1feb290bb13 100644 --- a/pkgs/tools/misc/opentelemetry-collector/default.nix +++ b/pkgs/tools/misc/opentelemetry-collector/default.nix @@ -12,17 +12,17 @@ let in buildGoModule rec { pname = "opentelemetry-collector"; - version = "0.46.0"; + version = "0.47.0"; src = fetchFromGitHub { owner = "open-telemetry"; repo = "opentelemetry-collector"; rev = "v${version}"; - sha256 = "sha256-ibaA9oCSsId9A4ul5sfM+L8ExBl+Wv7rhGnb6TZ4WJw="; + sha256 = "sha256-1dMdQWV+gxbMc/2iVsB1LCsYxR0bt5AJEvoFq2/KHCg="; }; # there is a nested go.mod sourceRoot = "source/cmd/otelcorecol"; - vendorSha256 = "sha256-Okmsd/skfBmkyLv9oPFH0QvewFZFPpUH2ahWxHt7cy8="; + vendorSha256 = "sha256-ps6fUVg7vhGgy47WTJv/U1qHQ2MGXIWXNZ5Rddo1yQY="; preBuild = '' # set the build version, can't be done via ldflags diff --git a/pkgs/tools/misc/rockbox-utility/default.nix b/pkgs/tools/misc/rockbox-utility/default.nix index a75b90d6f54..bf191beca3f 100644 --- a/pkgs/tools/misc/rockbox-utility/default.nix +++ b/pkgs/tools/misc/rockbox-utility/default.nix @@ -1,9 +1,13 @@ -{ lib, stdenv, fetchurl, pkg-config, cryptopp -, libusb1, qtbase, qttools, makeWrapper -, qmake, withEspeak ? false, espeak ? null -, qt5 }: - -let inherit (lib) getDev; in +{ lib +, stdenv +, fetchurl +, cryptopp +, libusb1 +, makeWrapper +, pkg-config +, qt5 +, withEspeak ? false, espeak ? null +}: stdenv.mkDerivation rec { pname = "rockbox-utility"; @@ -11,16 +15,27 @@ stdenv.mkDerivation rec { src = fetchurl { url = "https://download.rockbox.org/rbutil/source/RockboxUtility-v${version}-src.tar.bz2"; - sha256 = "0zm9f01a810y7aq0nravbsl0vs9vargwvxnfl4iz9qsqygwlj69y"; + hash = "sha256-PhlJ+fNY4/Qjoc72zV9WO+kNqF5bZQuwOh4EpAJwqX4="; }; - buildInputs = [ cryptopp libusb1 qtbase qttools ] - ++ lib.optional withEspeak espeak; - nativeBuildInputs = [ makeWrapper pkg-config qmake qt5.wrapQtAppsHook ]; + nativeBuildInputs = [ + makeWrapper + pkg-config + qt5.qmake + qt5.wrapQtAppsHook + ]; + + buildInputs = [ + cryptopp + libusb1 + qt5.qtbase + qt5.qttools + ] + ++ lib.optional withEspeak espeak; postPatch = '' sed -i rbutil/rbutilqt/rbutilqt.pro \ - -e '/^lrelease.commands =/ s|$$\[QT_INSTALL_BINS\]/lrelease -silent|${getDev qttools}/bin/lrelease|' + -e '/^lrelease.commands =/ s|$$\[QT_INSTALL_BINS\]/lrelease -silent|${lib.getDev qt5.qttools}/bin/lrelease|' ''; preConfigure = '' @@ -48,10 +63,10 @@ stdenv.mkDerivation rec { enableParallelBuilding = false; meta = with lib; { - description = "Open source firmware for mp3 players"; homepage = "https://www.rockbox.org"; - license = licenses.gpl2; + description = "Open source firmware for digital music players"; + license = licenses.gpl2Plus; + maintainers = with maintainers; [ AndersonTorres goibhniu ]; platforms = platforms.linux; - maintainers = with maintainers; [ goibhniu ]; }; } diff --git a/pkgs/tools/networking/boundary/default.nix b/pkgs/tools/networking/boundary/default.nix index 3745856a8c0..c86c9c5fd68 100644 --- a/pkgs/tools/networking/boundary/default.nix +++ b/pkgs/tools/networking/boundary/default.nix @@ -2,7 +2,7 @@ stdenv.mkDerivation rec { pname = "boundary"; - version = "0.7.5"; + version = "0.7.6"; src = let @@ -15,10 +15,10 @@ stdenv.mkDerivation rec { aarch64-darwin = "darwin_arm64"; }; sha256 = selectSystem { - x86_64-linux = "sha256-wqNeeEQhR8cj7Gpbzp7UQV0j+w0peo41uKqgK9BoLH4="; - aarch64-linux = "sha256-HK/6eMBWUW1IbYE5RpInhcQuIw16X9vQEZmOBje9Yzk="; - x86_64-darwin = "sha256-ghgkPlEN9DHFviQzcGS/+oG+9Qqy2AfJ2IEyiSMJwwY="; - aarch64-darwin = "sha256-F4iOCxAm8s34KktuS5PRPkIg9A0179H6zlOM3OuTyUw="; + x86_64-linux = "sha256-nsc8S63OUEo9db/hs9oA53Lk+amIsxB/O4TJCs4zdNw="; + aarch64-linux = "sha256-KttqYuF7xC88L49f7JKKr77FbKBihptoBIoemgFInm0="; + x86_64-darwin = "sha256-ov4CtiWsOU/AWfAo7x99RshW6+eU9lFD5ypo6MKyPM0="; + aarch64-darwin = "sha256-3E9fv8BSu7XXIwRmTrDECLNQKdoeUqitKbsTrXs+tTE="; }; in fetchzip { diff --git a/pkgs/tools/networking/innernet/default.nix b/pkgs/tools/networking/innernet/default.nix index 67f9a9d793b..68ccdfc3870 100644 --- a/pkgs/tools/networking/innernet/default.nix +++ b/pkgs/tools/networking/innernet/default.nix @@ -13,15 +13,15 @@ rustPlatform.buildRustPackage rec { pname = "innernet"; - version = "1.5.3"; + version = "1.5.4"; src = fetchFromGitHub { owner = "tonarino"; repo = "innernet"; rev = "v${version}"; - sha256 = "sha256-dpoSjGtjGJTF/sQ8vbeAUCjnkYqz4zGnfO8br8gJbsQ="; + sha256 = "sha256-CcZ4241EU+ktPbFsuR/sF4yP6xAOFg+oW8thtAQZr/4="; }; - cargoSha256 = "sha256-EmAlm3W9r6pP1VIxeM2UP1ZG9TjopTarckMfLDonr1k="; + cargoSha256 = "sha256-7APUSDxw6X4KJnFvm6xhiHL1D4NTNS2pC/4UVGyjJYY="; nativeBuildInputs = with llvmPackages; [ llvm diff --git a/pkgs/tools/networking/magic-wormhole-rs/Cargo.toml.patch b/pkgs/tools/networking/magic-wormhole-rs/Cargo.toml.patch new file mode 100644 index 00000000000..debb1e26439 --- /dev/null +++ b/pkgs/tools/networking/magic-wormhole-rs/Cargo.toml.patch @@ -0,0 +1,67 @@ +diff --git a/Cargo.lock b/Cargo.lock +index d33b5d6..ddde8ed 100644 +--- a/Cargo.lock ++++ b/Cargo.lock +@@ -150,33 +150,6 @@ dependencies = [ + "winapi 0.3.9", + ] + +-[[package]] +-name = "async-std" +-version = "1.10.0" +-source = "registry+https://github.com/rust-lang/crates.io-index" +-checksum = "f8056f1455169ab86dd47b47391e4ab0cbd25410a70e9fe675544f49bafaf952" +-dependencies = [ +- "async-channel", +- "async-global-executor", +- "async-io", +- "async-lock", +- "crossbeam-utils", +- "futures-channel", +- "futures-core", +- "futures-io", +- "futures-lite", +- "gloo-timers", +- "kv-log-macro", +- "log", +- "memchr", +- "num_cpus", +- "once_cell", +- "pin-project-lite", +- "pin-utils", +- "slab", +- "wasm-bindgen-futures", +-] +- + [[package]] + name = "async-std" + version = "1.10.0" +@@ -230,7 +203,7 @@ version = "0.16.1" + source = "registry+https://github.com/rust-lang/crates.io-index" + checksum = "5682ea0913e5c20780fe5785abacb85a411e7437bf52a1bedb93ddb3972cb8dd" + dependencies = [ +- "async-std 1.10.0 (registry+https://github.com/rust-lang/crates.io-index)", ++ "async-std", + "async-tls", + "futures-io", + "futures-util", +@@ -1154,7 +1127,7 @@ name = "magic-wormhole" + version = "0.3.0" + dependencies = [ + "async-io", +- "async-std 1.10.0 (git+https://github.com/async-rs/async-std)", ++ "async-std", + "async-tungstenite", + "base64", + "bytecodec", +diff --git a/Cargo.toml b/Cargo.toml +index b4ff2c0..d4094af 100644 +--- a/Cargo.toml ++++ b/Cargo.toml +@@ -82,3 +82,6 @@ required-features = ["bin"] + + [profile.release] + overflow-checks = true ++ ++[patch.crates-io] ++async-std = { version = "1.9.0", features = ["attributes", "unstable"], git = "https://github.com/async-rs/async-std" } diff --git a/pkgs/tools/networking/magic-wormhole-rs/default.nix b/pkgs/tools/networking/magic-wormhole-rs/default.nix new file mode 100644 index 00000000000..951a0664376 --- /dev/null +++ b/pkgs/tools/networking/magic-wormhole-rs/default.nix @@ -0,0 +1,32 @@ +{ lib +, stdenv +, fetchFromGitHub +, rustPlatform +}: +rustPlatform.buildRustPackage rec { + name = "magic-wormhole-rs"; + version = "0.3.0"; + + src = fetchFromGitHub { + owner = "magic-wormhole"; + repo = "magic-wormhole.rs"; + rev = version; + sha256 = "sha256-i4vJ6HmtM42m1x1UtOq9xlmhYIa5ZKXUm1rGFNRprmY="; + }; + + # this patch serves as a workaround for the problems of cargo-vendor described in + # https://github.com/NixOS/nixpkgs/issues/30742 + # and can probably be removed once the issue is resolved + cargoPatches = [ ./Cargo.toml.patch ]; + cargoSha256 = "sha256-DG1kyukgzDbolX9Mg9hK1TRyzIWbAX6f54jSM8clj/c="; + + # all tests involve networking and are bound fail + doCheck = false; + + meta = with lib; { + description = "Rust implementation of Magic Wormhole, with new features and enhancements"; + homepage = "https://github.com/magic-wormhole/magic-wormhole.rs"; + license = licenses.eupl12; + maintainers = with maintainers; [ zeri piegames ]; + }; +} diff --git a/pkgs/tools/package-management/cargo-about/default.nix b/pkgs/tools/package-management/cargo-about/default.nix index a61aff2107d..0ed6f978ba9 100644 --- a/pkgs/tools/package-management/cargo-about/default.nix +++ b/pkgs/tools/package-management/cargo-about/default.nix @@ -2,19 +2,19 @@ rustPlatform.buildRustPackage rec { pname = "cargo-about"; - version = "0.4.8"; + version = "0.5.0"; src = fetchFromGitHub { owner = "EmbarkStudios"; repo = "cargo-about"; rev = version; - sha256 = "sha256-cKzGg3fAXKqnBZES3YUMbv1ZAcLqo6AdrXKXSFSAnis="; + sha256 = "sha256-M09X7UwrTtrOhOphhpGHSAqxneY50jNrFKJCeBQhRfc="; }; # enable pkg-config feature of zstd cargoPatches = [ ./zstd-pkg-config.patch ]; - cargoSha256 = "sha256-OLrxqbTIhHMNPEnSAUbTqoYnaZi/BxbWUCxaTo9Zyww="; + cargoSha256 = "sha256-E1+OfVAzrezXoUz9Nlyhdq1xxEWm4UJhVyp+nG7UmYY="; nativeBuildInputs = [ pkg-config ]; diff --git a/pkgs/tools/security/fulcio/default.nix b/pkgs/tools/security/fulcio/default.nix index 96ef86d18d1..300b996524d 100644 --- a/pkgs/tools/security/fulcio/default.nix +++ b/pkgs/tools/security/fulcio/default.nix @@ -2,33 +2,61 @@ buildGoModule rec { pname = "fulcio"; - version = "0.1.1"; + version = "0.2.0"; src = fetchFromGitHub { owner = "sigstore"; repo = pname; rev = "v${version}"; - sha256 = "sha256-MvLQMGPyJYqYUljLqsr+qJeeYnxdH9aNGkWpDRvOeh8="; + sha256 = "sha256-tCjFx9Ug8rO8cSxQb2vBG/MHSUJCx17lDeGnSGjZLcI="; + # populate values that require us to use git. By doing this in postFetch we + # can delete .git afterwards and maintain better reproducibility of the src. + leaveDotGit = true; + postFetch = '' + cd "$out" + git rev-parse HEAD > $out/COMMIT + # '0000-00-00T00:00:00Z' + date -u -d "@$(git log -1 --pretty=%ct)" "+'%Y-%m-%dT%H:%M:%SZ'" > $out/SOURCE_DATE_EPOCH + find "$out" -name .git -print0 | xargs -0 rm -rf + ''; }; - vendorSha256 = "sha256-pRL0et+UOi/tzuQz/Q7UmSA+pVhLJYR8lG8NAbPN9PU="; + vendorSha256 = "sha256-CmtsReP0JacgNyRqCrYZRONwR5eluymrQgsj/ukhYNQ="; - ldflags = [ "-s" "-w" ]; - - # Install completions post-install + # install completions post-install nativeBuildInputs = [ installShellFiles ]; + ldflags = [ + "-s" + "-w" + "-X github.com/sigstore/fulcio/cmd/app.gitVersion=v${version}" + "-X github.com/sigstore/fulcio/cmd/app.gitTreeState=clean" + ]; + + # ldflags based on metadata from git and source + preBuild = '' + ldflags+=" -X github.com/sigstore/fulcio/cmd/app.gitCommit=$(cat COMMIT)" + ldflags+=" -X github.com/sigstore/fulcio/cmd/app.buildDate=$(cat SOURCE_DATE_EPOCH)" + ''; + + preCheck = '' + # remove test that requires networking + rm pkg/config/config_test.go + ''; + postInstall = '' - mv $out/bin/fulcio $out/bin/fulcio-server - installShellCompletion --cmd fulcio-server \ - --bash <($out/bin/fulcio-server completion bash) \ - --fish <($out/bin/fulcio-server completion fish) \ - --zsh <($out/bin/fulcio-server completion zsh) + installShellCompletion --cmd fulcio \ + --bash <($out/bin/fulcio completion bash) \ + --fish <($out/bin/fulcio completion fish) \ + --zsh <($out/bin/fulcio completion zsh) ''; doInstallCheck = true; installCheckPhase = '' runHook preInstallCheck - $out/bin/fulcio-server --help + + $out/bin/fulcio --help + $out/bin/fulcio version | grep "v${version}" + runHook postInstallCheck ''; diff --git a/pkgs/tools/security/grype/default.nix b/pkgs/tools/security/grype/default.nix index a6ed2168670..1b80d7ecd88 100644 --- a/pkgs/tools/security/grype/default.nix +++ b/pkgs/tools/security/grype/default.nix @@ -6,23 +6,21 @@ buildGoModule rec { pname = "grype"; - version = "0.34.2"; + version = "0.34.3"; src = fetchFromGitHub { owner = "anchore"; repo = pname; rev = "v${version}"; - sha256 = "sha256-tMkMGM45/LcFllEgQ3UTl6FsLJmdsU8SLcLH/8+zMA4="; + sha256 = "sha256-iWmLfQ08+dhjvKQiK2iy2Tegk4jH9dGopu/6kdDRZd0="; # populate values that require us to use git. By doing this in postFetch we # can delete .git afterwards and maintain better reproducibility of the src. leaveDotGit = true; postFetch = '' cd "$out" - commit="$(git rev-parse HEAD)" - source_date_epoch=$(git log --date=format:'%Y-%m-%dT%H:%M:%SZ' -1 --pretty=%ad) - substituteInPlace "$out/internal/version/build.go" \ - --replace 'gitCommit = valueNotProvided' "gitCommit = \"$commit\"" \ - --replace 'buildDate = valueNotProvided' "buildDate = \"$source_date_epoch\"" + git rev-parse HEAD > $out/COMMIT + # 0000-00-00T00:00:00Z + date -u -d "@$(git log -1 --pretty=%ct)" "+%Y-%m-%dT%H:%M:%SZ" > $out/SOURCE_DATE_EPOCH find "$out" -name .git -print0 | xargs -0 rm -rf ''; }; @@ -37,14 +35,17 @@ buildGoModule rec { "-s" "-w" "-X github.com/anchore/grype/internal/version.version=${version}" + "-X github.com/anchore/grype/internal/version.gitDescription=v${version}" "-X github.com/anchore/grype/internal/version.gitTreeState=clean" ]; preBuild = '' # grype version also displays the version of the syft library used # we need to grab it from the go.sum and add an ldflag for it - SYFTVERSION="$(grep "github.com/anchore/syft" go.sum -m 1 | awk '{print $2}')" - ldflags+=" -X github.com/anchore/grype/internal/version.syftVersion=$SYFTVERSION" + SYFT_VERSION="$(grep "github.com/anchore/syft" go.sum -m 1 | awk '{print $2}')" + ldflags+=" -X github.com/anchore/grype/internal/version.syftVersion=$SYFT_VERSION" + ldflags+=" -X github.com/anchore/grype/internal/version.gitCommit=$(cat COMMIT)" + ldflags+=" -X github.com/anchore/grype/internal/version.buildDate=$(cat SOURCE_DATE_EPOCH)" ''; # Tests require a running Docker instance diff --git a/pkgs/tools/security/spire/default.nix b/pkgs/tools/security/spire/default.nix index 5f06abeda1b..9b9e9e93488 100644 --- a/pkgs/tools/security/spire/default.nix +++ b/pkgs/tools/security/spire/default.nix @@ -2,7 +2,7 @@ buildGoModule rec { pname = "spire"; - version = "1.2.0"; + version = "1.2.1"; outputs = [ "out" "agent" "server" ]; @@ -10,10 +10,10 @@ buildGoModule rec { owner = "spiffe"; repo = pname; rev = "v${version}"; - sha256 = "01ph9jzh18bnidrsbnnxm3gxh0cgfllnjvf7a5haqz51lm6a9pny"; + sha256 = "sha256-LK73RGSTwGhCXOglsqK8RAAldovRzliE78vi2ilTSrw="; }; - vendorSha256 = "1fd1k5by4wcjmzfgi3gnrwnb38b0wa3w67kzjlx8s0nwapyfgx0b"; + vendorSha256 = "sha256-am8ZTUX8Vph1Eg013NObMiSVeupS2hlHdpZ/1mO27dY="; subPackages = [ "cmd/spire-agent" "cmd/spire-server" ]; @@ -30,6 +30,7 @@ buildGoModule rec { meta = with lib; { description = "The SPIFFE Runtime Environment"; homepage = "https://github.com/spiffe/spire"; + changelog = "https://github.com/spiffe/spire/releases/tag/v${version}"; license = licenses.asl20; maintainers = with maintainers; [ jonringer fkautz ]; }; diff --git a/pkgs/tools/security/volatility3/default.nix b/pkgs/tools/security/volatility3/default.nix index 393ac90d316..e019d96129f 100644 --- a/pkgs/tools/security/volatility3/default.nix +++ b/pkgs/tools/security/volatility3/default.nix @@ -5,15 +5,13 @@ python3.pkgs.buildPythonApplication rec { pname = "volatility3"; - version = "2.0.0"; - - disabled = python3.pythonOlder "3.6"; + version = "2.0.1"; src = fetchFromGitHub { owner = "volatilityfoundation"; repo = pname; rev = "v${version}"; - sha256 = "141n09cdc17pfdhs01aw8l4cvsqpcz8ji5l4gi7r88cyf4ix2lnz"; + hash = "sha256-rEqp+V5r4Sk4D+r2ukR1uy4IDj9XQGhYwoYSPeMyKpA="; }; propagatedBuildInputs = with python3.pkgs; [ @@ -31,7 +29,9 @@ python3.pkgs.buildPythonApplication rec { # Project has no tests doCheck = false; - pythonImportsCheck = [ "volatility3" ]; + pythonImportsCheck = [ + "volatility3" + ]; meta = with lib; { description = "Volatile memory extraction frameworks"; diff --git a/pkgs/tools/system/hostctl/default.nix b/pkgs/tools/system/hostctl/default.nix index fb3a293a80f..bf3a2511858 100644 --- a/pkgs/tools/system/hostctl/default.nix +++ b/pkgs/tools/system/hostctl/default.nix @@ -1,21 +1,32 @@ -{ buildGoModule, fetchFromGitHub, lib, installShellFiles }: +{ lib +, buildGoModule +, fetchFromGitHub +, installShellFiles +}: buildGoModule rec { pname = "hostctl"; - version = "1.1.1"; + version = "1.1.2"; src = fetchFromGitHub { owner = "guumaster"; repo = pname; rev = "v${version}"; - sha256 = "sha256-VjFjGvIoymGVVRiZUk/qoq/PTYoklp+Jz89zndX0e5A="; + hash = "sha256-rvUm31WRSLusM9VGsIHKGTH6Vs8LWPtzPDs3azA710w="; }; vendorSha256 = "sha256-rGDWrivIdl5FTu/kNR8nAfE2+1hE4cm3uDg7oBobE9M="; - ldflags = [ "-s" "-w" "-X github.com/guumaster/hostctl/cmd/hostctl/actions.version=${version}" ]; + nativeBuildInputs = [ + installShellFiles + ]; + + ldflags = [ + "-s" + "-w" + "-X github.com/guumaster/hostctl/cmd/hostctl/actions.version=${version}" + ]; - nativeBuildInputs = [ installShellFiles ]; postInstall = '' installShellCompletion --cmd hostctl \ --bash <($out/bin/hostctl completion bash) \ @@ -23,7 +34,7 @@ buildGoModule rec { ''; meta = with lib; { - description = "Your dev tool to manage /etc/hosts like a pro!"; + description = "CLI tool to manage the /etc/hosts file"; longDescription = '' This tool gives you more control over the use of your hosts file. You can have multiple profiles and switch them on/off as you need. diff --git a/pkgs/tools/wayland/cliphist/default.nix b/pkgs/tools/wayland/cliphist/default.nix index 9ccad4397dd..473c6fabc5a 100644 --- a/pkgs/tools/wayland/cliphist/default.nix +++ b/pkgs/tools/wayland/cliphist/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "cliphist"; - version = "0.3.0"; + version = "0.3.1"; src = fetchFromGitHub { owner = "sentriz"; repo = pname; rev = "v${version}"; - sha256 = "sha256-fx33m7DCp5N9VGI/H/IO66ECdFLobRRAAuRGNu4gzSk="; + sha256 = "sha256-kmXR8xzjAphgaC2Yd55VwZIJ4ehxP1LEA24hgyAbM7A="; }; - vendorSha256 = "sha256-UrKSDvskGwHjwkb/fjvaJZ8xXFD98BFeSJxwJpc8A+M="; + vendorSha256 = "sha256-LZnefa0FjYG39YJrSN9ef6OnXHXgSrlSL4LvRqLxFx4="; meta = with lib; { description = "Wayland clipboard manager"; |