pyrox.dev / nixpkgs
lol
fork atom

Merge staging-next into staging

authored by nixpkgs-ci[bot] and committed by GitHub 4d8b4225 9883ef53

+365 -353
unified split
+7
.github/labeler-no-sync.yml
··· 22 22 - doc/**/* 23 23 - nixos/doc/**/* 24 24 25 + "backport release-24.11": 26 + - any: 27 + - changed-files: 28 + - any-glob-to-any-file: 29 + - .github/workflows/* 30 + - ci/**/*.* 31 + 25 32 "backport release-25.05": 26 33 - any: 27 34 - changed-files:
-30
.github/workflows/dismissed-review.yml
··· 1 - name: Dismissed Review 2 - 3 - on: 4 - pull_request_review: 5 - types: [dismissed] 6 - 7 - permissions: 8 - pull-requests: write 9 - 10 - jobs: 11 - # The check-cherry-picks workflow creates review comments, 12 - # that should sometimes be manually dismissed. 13 - # When a CI-generated review is dismissed, this job automatically 14 - # minimizes it, to prevent it from cluttering the PR. 15 - minimize: 16 - name: Minimize as resolved 17 - if: github.event.review.user.login == 'github-actions[bot]' 18 - runs-on: ubuntu-24.04-arm 19 - steps: 20 - - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 21 - with: 22 - script: | 23 - await github.graphql(`mutation($node_id:ID!) { 24 - minimizeComment(input: { 25 - classifier: RESOLVED, 26 - subjectId: $node_id 27 - }) 28 - { clientMutationId } 29 - }`, { node_id: context.payload.review.node_id }) 30 -
+1
ci/OWNERS
··· 227 227 /nixos/tests/snapcast.nix @mweinelt 228 228 229 229 # Browsers 230 + /pkgs/applications/networking/browsers/librewolf @squalus @DominicWrege @fpletz @LordGrimmauld 230 231 /pkgs/applications/networking/browsers/firefox @mweinelt 231 232 /pkgs/applications/networking/browsers/chromium @emilylange @networkException 232 233 /nixos/tests/chromium.nix @emilylange @networkException
+2 -22
ci/README.md
··· 7 7 8 8 CI may need certain packages from Nixpkgs. 9 9 In order to ensure that the needed packages are generally available without building, 10 - [`pinned-nixpkgs.json`](./pinned-nixpkgs.json) contains a pinned Nixpkgs version tested by Hydra. 10 + [`pinned.json`](./pinned.json) contains a pinned Nixpkgs version tested by Hydra. 11 11 12 - Run [`update-pinned-nixpkgs.sh`](./update-pinned-nixpkgs.sh) to update it. 12 + Run [`update-pinned.sh`](./update-pinned.sh) to update it. 13 13 14 14 ## `ci/nixpkgs-vet.sh BASE_BRANCH [REPOSITORY]` 15 15 ··· 20 20 21 21 - `BASE_BRANCH`: The base branch to use, e.g. master or release-24.05 22 22 - `REPOSITORY`: The repository from which to fetch the base branch. Defaults to <https://github.com/NixOS/nixpkgs.git>. 23 - 24 - ## `ci/nixpkgs-vet` 25 - 26 - This directory contains scripts and files used and related to [`nixpkgs-vet`](https://github.com/NixOS/nixpkgs-vet/), which the CI uses to implement `pkgs/by-name` checks, along with many other Nixpkgs architecture rules. 27 - See also the [CI GitHub Action](../.github/workflows/nixpkgs-vet.yml). 28 - 29 - ## `ci/nixpkgs-vet/update-pinned-tool.sh` 30 - 31 - Updates the pinned [`nixpkgs-vet` tool](https://github.com/NixOS/nixpkgs-vet) in [`ci/nixpkgs-vet/pinned-version.txt`](./nixpkgs-vet/pinned-version.txt) to the latest [release](https://github.com/NixOS/nixpkgs-vet/releases). 32 - 33 - Each release contains a pre-built `x86_64-linux` version of the tool which is used by CI. 34 - 35 - This script currently needs to be called manually when the CI tooling needs to be updated. 36 - 37 - Why not just build the tooling right from the PRs Nixpkgs version? 38 - 39 - - Because it allows CI to check all PRs, even if they would break the CI tooling. 40 - - Because it makes the CI check very fast, since no Nix builds need to be done, even for mass rebuilds. 41 - - Because it improves security, since we don't have to build potentially untrusted code from PRs. 42 - The tool only needs a very minimal Nix evaluation at runtime, which can work with [readonly-mode](https://nixos.org/manual/nix/stable/command-ref/opt-common.html#opt-readonly-mode) and [restrict-eval](https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-restrict-eval).
+1 -1
ci/codeowners-validator/default.nix
··· 20 20 }) 21 21 # Undoes part of the above PR: We don't want to require write access 22 22 # to the repository, that's only needed for GitHub's native CODEOWNERS. 23 - # Furthermore, it removes an unneccessary check from the code 23 + # Furthermore, it removes an unnecessary check from the code 24 24 # that breaks tokens generated for GitHub Apps. 25 25 ./permissions.patch 26 26 # Allows setting a custom CODEOWNERS path using the OWNERS_FILE env var
+5 -6
ci/default.nix
··· 1 1 let 2 - pinnedNixpkgs = builtins.fromJSON (builtins.readFile ./pinned-nixpkgs.json); 2 + pinned = (builtins.fromJSON (builtins.readFile ./pinned.json)).pins; 3 3 in 4 4 { 5 5 system ? builtins.currentSystem, ··· 10 10 nixpkgs' = 11 11 if nixpkgs == null then 12 12 fetchTarball { 13 - url = "https://github.com/NixOS/nixpkgs/archive/${pinnedNixpkgs.rev}.tar.gz"; 14 - sha256 = pinnedNixpkgs.sha256; 13 + inherit (pinned.nixpkgs) url; 14 + sha256 = pinned.nixpkgs.hash; 15 15 } 16 16 else 17 17 nixpkgs; ··· 25 25 fmt = 26 26 let 27 27 treefmtNixSrc = fetchTarball { 28 - # Master at 2025-02-12 29 - url = "https://github.com/numtide/treefmt-nix/archive/4f09b473c936d41582dd744e19f34ec27592c5fd.tar.gz"; 30 - sha256 = "051vh6raskrxw5k6jncm8zbk9fhbzgm1gxpq9gm5xw1b6wgbgcna"; 28 + inherit (pinned.treefmt-nix) url; 29 + sha256 = pinned.treefmt-nix.hash; 31 30 }; 32 31 treefmtEval = (import treefmtNixSrc).evalModule pkgs { 33 32 # Important: The auto-rebase script uses `git filter-branch --tree-filter`,
-3
ci/nixpkgs-vet.sh
··· 61 61 trace -n "Merging base branch into the HEAD commit in $tmp/merged.. " 62 62 git -C "$tmp/merged" merge -q --no-edit "$baseSha" 63 63 trace -e "\e[34m$(git -C "$tmp/merged" rev-parse HEAD)\e[0m" 64 - trace -n "Reading pinned nixpkgs-vet version from pinned-version.txt.. " 65 - toolVersion=$(<"$tmp/merged/ci/nixpkgs-vet/pinned-version.txt") 66 - trace -e "\e[34m$toolVersion\e[0m" 67 64 68 65 trace "Running nixpkgs-vet.." 69 66 nix-build ci -A nixpkgs-vet --argstr base "$tmp/base" --argstr head "$tmp/merged"
-1
ci/nixpkgs-vet/pinned-version.txt
··· 1 - 0.1.4
-22
ci/nixpkgs-vet/update-pinned-tool.sh
··· 1 - #!/usr/bin/env nix-shell 2 - #!nix-shell -i bash -p jq curl 3 - 4 - set -o pipefail -o errexit -o nounset 5 - 6 - trace() { echo >&2 "$@"; } 7 - 8 - SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) 9 - 10 - repository=NixOS/nixpkgs-vet 11 - pin_file=$SCRIPT_DIR/pinned-version.txt 12 - 13 - trace -n "Fetching latest release of $repository.. " 14 - latestRelease=$(curl -sSfL \ 15 - -H "Accept: application/vnd.github+json" \ 16 - -H "X-GitHub-Api-Version: 2022-11-28" \ 17 - https://api.github.com/repos/"$repository"/releases/latest) 18 - latestVersion=$(jq .tag_name -r <<< "$latestRelease") 19 - trace "$latestVersion" 20 - 21 - trace "Updating $pin_file" 22 - echo "$latestVersion" > "$pin_file"
-4
ci/pinned-nixpkgs.json
··· 1 - { 2 - "rev": "3d1f29646e4b57ed468d60f9d286cde23a8d1707", 3 - "sha256": "1wzvc9h9a6l9wyhzh892xb5x88kxmbzxb1k8s7fizyyw2q4nqw07" 4 - }
+31
ci/pinned.json
··· 1 + { 2 + "pins": { 3 + "nixpkgs": { 4 + "type": "Git", 5 + "repository": { 6 + "type": "GitHub", 7 + "owner": "NixOS", 8 + "repo": "nixpkgs" 9 + }, 10 + "branch": "nixpkgs-unstable", 11 + "submodules": false, 12 + "revision": "8ca7ec685bbee55d6dcb326abe23945c0806c39e", 13 + "url": "https://github.com/NixOS/nixpkgs/archive/8ca7ec685bbee55d6dcb326abe23945c0806c39e.tar.gz", 14 + "hash": "1hkxm871m66mjsc4acdki32qqnpgk3n6vi3zrzns2bwlwp6ivcjx" 15 + }, 16 + "treefmt-nix": { 17 + "type": "Git", 18 + "repository": { 19 + "type": "GitHub", 20 + "owner": "numtide", 21 + "repo": "treefmt-nix" 22 + }, 23 + "branch": "main", 24 + "submodules": false, 25 + "revision": "1f3f7b784643d488ba4bf315638b2b0a4c5fb007", 26 + "url": "https://github.com/numtide/treefmt-nix/archive/1f3f7b784643d488ba4bf315638b2b0a4c5fb007.tar.gz", 27 + "hash": "13qisjalw9qvd6lkd9g8225r46j5wdjrp3zw6jrs81q2vxwdz37m" 28 + } 29 + }, 30 + "version": 5 31 + }
-17
ci/update-pinned-nixpkgs.sh
··· 1 - #!/usr/bin/env nix-shell 2 - #!nix-shell -i bash -p jq 3 - 4 - set -euo pipefail 5 - 6 - # https://stackoverflow.com/a/246128 7 - SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) 8 - 9 - repo=https://github.com/nixos/nixpkgs 10 - branch=nixpkgs-unstable 11 - file=$SCRIPT_DIR/pinned-nixpkgs.json 12 - 13 - defaultRev=$(git ls-remote "$repo" refs/heads/"$branch" | cut -f1) 14 - rev=${1:-$defaultRev} 15 - sha256=$(nix-prefetch-url --unpack "$repo/archive/$rev.tar.gz" --name source) 16 - 17 - jq -n --arg rev "$rev" --arg sha256 "$sha256" '$ARGS.named' | tee /dev/stderr > $file
+8
ci/update-pinned.sh
··· 1 + #!/usr/bin/env nix-shell 2 + #!nix-shell -i bash -p npins 3 + 4 + set -euo pipefail 5 + 6 + cd "$(dirname "${BASH_SOURCE[0]}")" 7 + 8 + npins --lock-file pinned.json update
+15
doc/languages-frameworks/go.section.md
··· 195 195 Defaults to `null` 196 196 197 197 198 + ## Versioned toolchains and builders {#ssec-go-toolchain-versions} 199 + 200 + Beside `buildGoModule`, there are also versioned builders available that pin a specific Go version, like `buildGo124Module` for Go 1.24. 201 + Similar, versioned toolchains are available, like `go_1_24` for Go 1.24. 202 + Both builder and toolchain of a certain version will be removed as soon as the Go version reaches end of life. 203 + 204 + As toolchain updates in nixpkgs cause mass rebuilds and must go through the staging cycle, it can take a while until a new Go minor version is available to consumers of nixpkgs. 205 + If you want quicker access to the latest minor, use `go_latest` toolchain and `buildGoLatestModule` builder. 206 + To learn more about the Go maintenance and upgrade procedure in nixpkgs, check out the [Go toolchain/builder upgrade policy](https://github.com/NixOS/nixpkgs/blob/master/pkgs/build-support/go/README.md#go-toolchainbuilder-upgrade-policy). 207 + 208 + ::: {.warning} 209 + The use of `go_latest` and `buildGoLatestModule` is restricted within nixpkgs. 210 + The [Go toolchain/builder upgrade policy](https://github.com/NixOS/nixpkgs/blob/master/pkgs/build-support/go/README.md#go-toolchainbuilder-upgrade-policy) must be followed. 211 + ::: 212 + 198 213 ## Overriding `goModules` {#buildGoModule-goModules-override} 199 214 200 215 Overriding `<pkg>.goModules` by calling `goModules.overrideAttrs` is unsupported. Still, it is possible to override the `vendorHash` (`goModules`'s `outputHash`) and the `pre`/`post` hooks for both the build and patch phases of the primary and `goModules` derivation.
+3
doc/redirects.json
··· 3012 3012 "ex-buildGoModule": [ 3013 3013 "index.html#ex-buildGoModule" 3014 3014 ], 3015 + "ssec-go-toolchain-versions" : [ 3016 + "index.html#ssec-go-toolchain-versions" 3017 + ], 3015 3018 "buildGoModule-goModules-override": [ 3016 3019 "index.html#buildGoModule-goModules-override" 3017 3020 ],
+5
doc/release-notes/rl-2505.section.md
··· 230 230 231 231 - `buildGoModule` now supports a `goSum` attribute (`null` by default) to optionally provide a path to `go.sum` and correctly enabling rebuilds when the file changes. 232 232 233 + - The newly added aliases `go_latest` and `buildGoLatestModule` are now available and can be use to prevent packages like `gopls` from breaking whenever the default toolchain minor version is lagging behind. 234 + It can also be used _outside of nixpkgs_ to get fast access to new Go minor versions without having to wait for a staging cycle that will update the default builder/toolchain. 235 + 236 + - A [policy documenting the details of Go toolchain and builder upgrades](https://github.com/NixOS/nixpkgs/blob/master/pkgs/build-support/go/README.md#go-toolchainbuilder-upgrade-policy) in nixpkgs, as well as rules related to using non-default builders like `buildGo1xxModule` and `buildGoLatestModule` has been added in-tree. 237 + 233 238 - top-level `playwright` now refers to the github Microsoft/playwright package 234 239 instead of the python tester launcher. You can still refer to the python 235 240 launcher via `python3Packages.toPythonApplication python3Packages.playwright`
+1 -1
lib/attrsets.nix
··· 1747 1747 1748 1748 /** 1749 1749 Get the first of the `outputs` provided by the package, or the default. 1750 - This function is alligned with `_overrideFirst()` from the `multiple-outputs.sh` setup hook. 1750 + This function is aligned with `_overrideFirst()` from the `multiple-outputs.sh` setup hook. 1751 1751 Like `getOutput`, the function is idempotent. 1752 1752 1753 1753 # Inputs
+1 -1
lib/fixed-points.nix
··· 389 389 390 390 extensions = composeManyExtensions [ overlayA overlayB ]; 391 391 392 - # Caluculate the fixed point of all composed overlays. 392 + # Calculate the fixed point of all composed overlays. 393 393 fixedpoint = lib.fix (lib.extends extensions original ); 394 394 395 395 in fixedpoint
+2 -2
lib/options.nix
··· 404 404 ```nix 405 405 myType = mkOptionType { 406 406 name = "myType"; 407 - merge = mergeDefaultOption; # <- This line is redundant. It is the default aready. 407 + merge = mergeDefaultOption; # <- This line is redundant. It is the default already. 408 408 }; 409 409 ``` 410 410 ··· 470 470 args@{ 471 471 message, 472 472 # WARNING: the default merge function assumes that the definition is a valid (option) value. You MUST pass a merge function if the return value needs to be 473 - # - type checked beyond what .check does (which should be very litte; only on the value head; not attribute values, etc) 473 + # - type checked beyond what .check does (which should be very little; only on the value head; not attribute values, etc) 474 474 # - if you want attribute values to be checked, or list items 475 475 # - if you want coercedTo-like behavior to work 476 476 merge ? loc: defs: (head defs).value,
+8 -2
lib/types.nix
··· 75 75 if pos == null then "" else " at ${pos.file}:${toString pos.line}:${toString pos.column}"; 76 76 77 77 # Internal functor to help for migrating functor.wrapped to functor.payload.elemType 78 - # Note that individual attributes can be overriden if needed. 78 + # Note that individual attributes can be overridden if needed. 79 79 elemTypeFunctor = 80 80 name: 81 81 { elemType, ... }@payload: ··· 1455 1455 nestedTypes.coercedType = coercedType; 1456 1456 nestedTypes.finalType = finalType; 1457 1457 }; 1458 + /** 1459 + Augment the given type with an additional type check function. 1458 1460 1459 - # Augment the given type with an additional type check function. 1461 + :::{.warning} 1462 + This function has some broken behavior see: [#396021](https://github.com/NixOS/nixpkgs/issues/396021) 1463 + Fixing is not trivial, we appreciate any help! 1464 + ::: 1465 + */ 1460 1466 addCheck = elemType: check: elemType // { check = x: elemType.check x && check x; }; 1461 1467 1462 1468 };
+2 -2
nixos/lib/make-options-doc/default.nix
··· 45 45 46 46 Documentation rendered as AsciiDoc. This is useful for e.g. man pages. 47 47 48 - > Note: NixOS itself uses this ouput to to build the configuration.nix man page" 48 + > Note: NixOS itself uses this output to to build the configuration.nix man page" 49 49 50 50 ## optionsNix 51 51 ··· 59 59 let 60 60 # Evaluate a NixOS configuration 61 61 eval = import (pkgs.path + "/nixos/lib/eval-config.nix") { 62 - # Overriden explicitly here, this would include all modules from NixOS otherwise. 62 + # Overridden explicitly here, this would include all modules from NixOS otherwise. 63 63 # See: docs of eval-config.nix for more details 64 64 baseModules = []; 65 65 modules = [
+3 -7
nixos/lib/systemd-unit-options.nix
··· 15 15 inherit (lib) 16 16 any 17 17 concatMap 18 - filterOverrides 19 18 isList 20 19 literalExpression 21 20 mergeEqualOption ··· 56 55 name = "systemd option"; 57 56 merge = 58 57 loc: defs: 59 - let 60 - defs' = filterOverrides defs; 61 - in 62 - if any (def: isList def.value) defs' then 63 - concatMap (def: toList def.value) defs' 58 + if any (def: isList def.value) defs then 59 + concatMap (def: toList def.value) defs 64 60 else 65 - mergeEqualOption loc defs'; 61 + mergeEqualOption loc defs; 66 62 }; 67 63 68 64 sharedOptions = {
+1 -1
nixos/lib/testing/network.nix
··· 130 130 virtualisation.test.nodeName = mkOption { 131 131 internal = true; 132 132 default = name; 133 - # We need to force this in specilisations, otherwise it'd be 133 + # We need to force this in specialisations, otherwise it'd be 134 134 # readOnly = true; 135 135 description = '' 136 136 The `name` in `nodes.<name>`; stable across `specialisations`.
+1 -1
nixos/maintainers/option-usages.nix
··· 60 60 inherit (eval) pkgs; 61 61 62 62 excludedTestOptions = [ 63 - # We cannot evluate _module.args, as it is used during the computation 63 + # We cannot evaluate _module.args, as it is used during the computation 64 64 # of the modules list. 65 65 "_module.args" 66 66
+2 -4
nixos/modules/config/sysctl.nix
··· 9 9 checkType = x: lib.isBool x || lib.isString x || lib.isInt x || x == null; 10 10 in 11 11 checkType val || (val._type or "" == "override" && checkType val.content); 12 - merge = loc: defs: lib.mergeOneOption loc (lib.filterOverrides defs); 12 + merge = loc: defs: lib.mergeOneOption loc defs; 13 13 }; 14 14 15 15 in ··· 22 22 type = 23 23 let 24 24 highestValueType = lib.types.ints.unsigned // { 25 - merge = 26 - loc: defs: 27 - lib.foldl (a: b: if b.value == null then null else lib.max a b.value) 0 (lib.filterOverrides defs); 25 + merge = loc: defs: lib.foldl (a: b: if b.value == null then null else lib.max a b.value) 0 defs; 28 26 }; 29 27 in 30 28 lib.types.submodule {
+3 -3
nixos/modules/misc/ids.nix
··· 273 273 caddy = 239; 274 274 taskd = 240; 275 275 # factorio = 241; # DynamicUser = true 276 - # emby = 242; # unusued, removed 2019-05-01 276 + # emby = 242; # unused, removed 2019-05-01 277 277 #graylog = 243;# dynamically allocated as of 2021-09-03 278 278 sniproxy = 244; 279 279 nzbget = 245; ··· 371 371 # system user or group of the same id in someone else's NixOS. 372 372 # This could break their system and make that person upset for a whole day. 373 373 # 374 - # Sidenote: the default is defined in `shadow` module[2], and the relavent change 374 + # Sidenote: the default is defined in `shadow` module[2], and the relevant change 375 375 # was made way back in 2014[3]. 376 376 # 377 377 # [1]: https://man7.org/linux/man-pages/man5/login.defs.5.html#:~:text=SYS_UID_MAX%20(number)%2C%20SYS_UID_MIN%20(number) ··· 700 700 # system user or group of the same id in someone else's NixOS. 701 701 # This could break their system and make that person upset for a whole day. 702 702 # 703 - # Sidenote: the default is defined in `shadow` module[2], and the relavent change 703 + # Sidenote: the default is defined in `shadow` module[2], and the relevant change 704 704 # was made way back in 2014[3]. 705 705 # 706 706 # [1]: https://man7.org/linux/man-pages/man5/login.defs.5.html#:~:text=SYS_UID_MAX%20(number)%2C%20SYS_UID_MIN%20(number)
+1 -1
nixos/modules/profiles/image-based-appliance.nix
··· 1 - # This profile sets up a sytem for image based appliance usage. An appliance is 1 + # This profile sets up a system for image based appliance usage. An appliance is 2 2 # installed as an image, cannot be re-built, has no Nix available, and is 3 3 # generally not meant for interactive use. Updates to such an appliance are 4 4 # handled by updating whole partition images via a tool like systemd-sysupdate.
+1 -1
nixos/modules/programs/turbovnc.nix
··· 45 45 # software rendering to implement GLX (OpenGL on Xorg). 46 46 # However, just building TurboVNC with support for that is not enough 47 47 # (it only takes care of the X server side part of OpenGL); 48 - # the indiviudual applications (e.g. `glxgears`) also need to directly load 48 + # the individual applications (e.g. `glxgears`) also need to directly load 49 49 # the OpenGL libs. 50 50 # Thus, this creates `/run/opengl-driver` populated by Mesa so that the applications 51 51 # can find the llvmpipe `swrast.so` software rendering DRI lib via `libglvnd`.
+1 -1
nixos/modules/services/cluster/k3s/default.nix
··· 139 139 [ 140 140 (yamlFormat.generate "helm-chart-manifest-${name}.yaml" (mkHelmChartCR name value)) 141 141 ] 142 - # alternate the YAML doc seperator (---) and extraDeploy manifests to create 142 + # alternate the YAML doc separator (---) and extraDeploy manifests to create 143 143 # multi document YAMLs 144 144 ++ (lib.concatMap (x: [ 145 145 yamlDocSeparator
+1 -1
nixos/modules/services/desktops/bonsaid.nix
··· 143 143 lib.mkDefault (json.generate "bonsai_tree.json" (filterNulls cfg.settings)); 144 144 145 145 # bonsaid is controlled by bonsaictl, so place the latter in the environment by default. 146 - # bonsaictl is typically invoked by scripts or a DE so this isn't strictly necesssary, 146 + # bonsaictl is typically invoked by scripts or a DE so this isn't strictly necessary, 147 147 # but it's helpful while administering the service generally. 148 148 environment.systemPackages = [ cfg.package ]; 149 149
+1 -1
nixos/modules/services/games/crossfire-server.nix
··· 176 176 # need to be writeable, so we can't just point at the ones in the nix 177 177 # store. Instead we take the approach of copying them out of the store 178 178 # on first run. If `bookarch` already exists, we assume the rest of the 179 - # files do as well, and copy nothing -- otherwise we risk ovewriting 179 + # files do as well, and copy nothing -- otherwise we risk overwriting 180 180 # server state information every time the server is upgraded. 181 181 preStart = '' 182 182 if [ ! -e "${cfg.stateDir}"/bookarch ]; then
+1 -1
nixos/modules/services/hardware/kmonad.nix
··· 201 201 # the old service and then starts the new service after config updates. 202 202 # Since we use path-based activation[1] here, the service unit will 203 203 # immediately[2] be started by the path unit. Probably that start is 204 - # before config updates, whcih causes the service unit to use the old 204 + # before config updates, which causes the service unit to use the old 205 205 # config after nixos-rebuild switch. Setting stopIfChanged to false works 206 206 # around this issue by restarting the service after config updates. 207 207 # [0]: https://nixos.org/manual/nixos/unstable/#sec-switching-systems
+1 -1
nixos/modules/services/misc/ntfy-sh.nix
··· 107 107 RestrictNamespaces = true; 108 108 RestrictRealtime = true; 109 109 MemoryDenyWriteExecute = true; 110 - # Upstream Recommandation 110 + # Upstream Recommendation 111 111 LimitNOFILE = 20500; 112 112 }; 113 113 };
+1 -1
nixos/modules/services/monitoring/below.nix
··· 91 91 92 92 config = lib.mkIf cfg.enable { 93 93 environment.systemPackages = [ pkgs.below ]; 94 - # /etc/below.conf is also refered to by the `below` CLI tool, 94 + # /etc/below.conf is also referred to by the `below` CLI tool, 95 95 # so this can't be a store-only file whose path is passed to the service 96 96 environment.etc."below/below.conf".text = cfgContents; 97 97
+1 -1
nixos/modules/services/networking/cato-client.nix
··· 55 55 wantedBy = [ "multi-user.target" ]; 56 56 }; 57 57 58 - # set up Security wrapper Same as inteded in deb post install 58 + # set up Security wrapper Same as intended in deb post install 59 59 security.wrappers.cato-clientd = { 60 60 source = "${cfg.package}/bin/cato-clientd"; 61 61 owner = "root";
+1 -1
nixos/modules/services/networking/fedimintd.nix
··· 289 289 290 290 { 291 291 # Note: we want by default to enable OpenSSL, but it seems anything 100 and above is 292 - # overriden by default value from vhost-options.nix 292 + # overridden by default value from vhost-options.nix 293 293 enableACME = mkOverride 99 true; 294 294 forceSSL = mkOverride 99 true; 295 295 locations.${cfg.nginx.path} = {
+1 -1
nixos/modules/services/networking/netbird.nix
··· 550 550 User = client.user.name; 551 551 Group = client.user.group; 552 552 553 - # settings implied by DynamicUser=true, without actully using it, 553 + # settings implied by DynamicUser=true, without actually using it, 554 554 # see https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#DynamicUser= 555 555 RemoveIPC = true; 556 556 PrivateTmp = true;
+1 -1
nixos/modules/services/networking/netbird/dashboard.nix
··· 102 102 # special options as its public anyway 103 103 # As far as I know leaking this secret is just 104 104 # an information leak as one can fetch some basic app 105 - # informations from the IDP 105 + # information from the IDP 106 106 # To actually do something one still needs to have login 107 107 # data and this secret so this being public will not 108 108 # suffice for anything just decreasing security
+1 -1
nixos/modules/services/networking/ssh/sshd.nix
··· 42 42 # values must be separated by whitespace or even commas. 43 43 # Consult either sshd_config(5) or, as last resort, the OpehSSH source for parsing 44 44 # the options at servconf.c:process_server_config_line_depth() to determine the right "mode" 45 - # for each. But fortunaly this fact is documented for most of them in the manpage. 45 + # for each. But fortunately this fact is documented for most of them in the manpage. 46 46 commaSeparated = [ 47 47 "Ciphers" 48 48 "KexAlgorithms"
+1 -1
nixos/modules/services/networking/yggdrasil-jumper.nix
··· 133 133 134 134 services.yggdrasil.settings.Listen = 135 135 let 136 - # By default linux dynamically alocates ports in range 32768..60999 136 + # By default linux dynamically allocates ports in range 32768..60999 137 137 # `sysctl net.ipv4.ip_local_port_range` 138 138 # See: https://xkcd.com/221/ 139 139 prot_port = {
+1 -1
nixos/modules/services/security/tor.nix
··· 295 295 ( 296 296 lib.mapAttrs ( 297 297 k: v: 298 - # Not necesssary, but prettier rendering 298 + # Not necessary, but prettier rendering 299 299 if 300 300 lib.elem k [ 301 301 "AutomapHostsSuffixes"
+1 -1
nixos/modules/services/web-apps/davis.nix
··· 348 348 else if 349 349 pgsqlLocal 350 350 # note: davis expects a non-standard postgres uri (due to the underlying doctrine library) 351 - # specifically the dummy hostname which is overriden by the host query parameter 351 + # specifically the dummy hostname which is overridden by the host query parameter 352 352 then 353 353 "postgres://${user}@localhost/${db.name}?host=/run/postgresql" 354 354 else if mysqlLocal then
+1 -1
nixos/modules/services/web-apps/plausible.nix
··· 224 224 # Thus, disable distribution for improved simplicity and security: 225 225 # 226 226 # When distribution is enabled, 227 - # Elixir spwans the Erlang VM, which will listen by default on all 227 + # Elixir spawns the Erlang VM, which will listen by default on all 228 228 # interfaces for messages between Erlang nodes (capable of 229 229 # remote code execution); it can be protected by a cookie; see 230 230 # https://erlang.org/doc/reference_manual/distributed.html#security).
+1 -1
nixos/modules/services/web-apps/windmill.nix
··· 132 132 { 133 133 134 134 # coming from https://github.com/windmill-labs/windmill/blob/main/init-db-as-superuser.sql 135 - # modified to not grant priviledges on all tables 135 + # modified to not grant privileges on all tables 136 136 # create role windmill_user and windmill_admin only if they don't exist 137 137 postgresql.postStart = lib.mkIf cfg.database.createLocally ( 138 138 lib.mkAfter ''
+1 -1
nixos/modules/virtualisation/azure-common.nix
··· 26 26 27 27 # Enable cloud-init by default for waagent. 28 28 # Otherwise waagent would try manage networking using ifupdown, 29 - # which is currently not availeble in nixpkgs. 29 + # which is currently not available in nixpkgs. 30 30 services.cloud-init.enable = true; 31 31 services.cloud-init.network.enable = true; 32 32 systemd.services.cloud-config.serviceConfig.Restart = "on-failure";
+1 -1
nixos/modules/virtualisation/azure-image.nix
··· 105 105 splashImage = null; 106 106 # For Gen 1 VM, configurate grub output to serial_com0. 107 107 # Not needed for Gen 2 VM wbere serial_com0 does not exist, 108 - # and outputing to console is enough to make Azure Serial Console working 108 + # and outputting to console is enough to make Azure Serial Console working 109 109 extraConfig = lib.mkIf (!efiSupport) '' 110 110 serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1 111 111 terminal_input --append serial
+1 -1
nixos/modules/virtualisation/waagent.nix
··· 67 67 convert = 68 68 attrs: 69 69 pipe (recurse [ ] attrs) [ 70 - # Filter out null values and emoty lists 70 + # Filter out null values and empty lists 71 71 (filter (kv: kv.value != null && kv.value != [ ])) 72 72 # Transform to Key=Value form, then concatenate 73 73 (map (kv: "${kv.name}=${transform kv.value}"))
+2 -2
nixos/tests/appliance-repart-image.nix
··· 65 65 repartConfig = { 66 66 Type = "esp"; 67 67 Format = "vfat"; 68 - # Minimize = "guess" seems to not work very vell for vfat 69 - # partitons. It's better to set a sensible default instead. The 68 + # Minimize = "guess" seems to not work very well for vfat 69 + # partitions. It's better to set a sensible default instead. The 70 70 # aarch64 kernel seems to generally be a little bigger than the 71 71 # x86_64 kernel. To stay on the safe side, leave some more slack 72 72 # for every platform other than x86_64.
+1 -1
nixos/tests/common/acme/server/default.nix
··· 94 94 ) cfg.configuration.security.acme.certs 95 95 ) 96 96 # A specialisation's config is nested under its configuration attribute. 97 - # For ease of use, nest the root node's configuration simiarly. 97 + # For ease of use, nest the root node's configuration similarly. 98 98 ([ { configuration = node; } ] ++ (builtins.attrValues node.specialisation)) 99 99 ) 100 100 );
+1 -1
nixos/tests/ntfy-sh-migration.nix
··· 4 4 # this test works doing a migration and asserting ntfy-sh runs properly. first, 5 5 # ntfy-sh is configured to use a static user and group. then ntfy-sh is 6 6 # started and tested. after that, ntfy-sh is shut down and a systemd drop 7 - # in configuration file is used to upate the service configuration to use 7 + # in configuration file is used to update the service configuration to use 8 8 # DynamicUser=true. then the ntfy-sh is started again and tested. 9 9 10 10 import ./make-test-python.nix {
+2 -2
nixos/tests/sftpgo.nix
··· 6 6 # - downloading the file over sftp 7 7 # - assert that the ACLs are respected 8 8 # - share a file between alice and bob (using sftp) 9 - # - assert that eve cannot acceess the shared folder between alice and bob. 9 + # - assert that eve cannot access the shared folder between alice and bob. 10 10 # 11 11 # Additional test coverage for the remaining protocols (i.e. ftp, http and webdav) 12 12 # would be a nice to have for the future. ··· 333 333 testScript = 334 334 { nodes, ... }: 335 335 let 336 - # A function to generate test cases for wheter 336 + # A function to generate test cases for whether 337 337 # a specified username is expected to access the shared folder. 338 338 accessSharedFoldersSubtest = 339 339 {
+1 -1
nixos/tests/systemd-sysupdate.nix
··· 1 - # Tests downloading a signed update aritfact from a server to a target machine. 1 + # Tests downloading a signed update artifact from a server to a target machine. 2 2 # This test does not rely on the `systemd.timer` units provided by the 3 3 # `systemd-sysupdate` module but triggers the `systemd-sysupdate` service 4 4 # manually to make the test more robust.
+1 -1
nixos/tests/systemd-timesyncd-nscd-dnssec.nix
··· 4 4 # correct time, we need to connect to an NTP server, which usually requires resolving its hostname. 5 5 # 6 6 # This test does the following: 7 - # - Sets up a DNS server (tinydns) listening on the eth1 ip addess, serving .ntp and fake.ntp records. 7 + # - Sets up a DNS server (tinydns) listening on the eth1 ip address, serving .ntp and fake.ntp records. 8 8 # - Configures that DNS server as a resolver and enables DNSSEC in systemd-resolved settings. 9 9 # - Configures systemd-timesyncd to use fake.ntp hostname as an NTP server. 10 10 # - Performs a regular DNS lookup, to ensure it fails due to broken DNSSEC.
+4 -4
pkgs/applications/editors/emacs/elisp-packages/melpa-packages.nix
··· 17 17 ./update-from-overlay 18 18 19 19 It will update both melpa and elpa packages using 20 - https://github.com/nix-community/emacs-overlay. It's almost instantenous and 20 + https://github.com/nix-community/emacs-overlay. It's almost instantaneous and 21 21 formats commits for you. 22 22 */ 23 23 ··· 1355 1355 hyperbole = ignoreCompilationError (addPackageRequires (mkHome super.hyperbole) [ self.el-mock ]); # elisp error 1356 1356 1357 1357 # needs non-existent "browser database directory" during compilation 1358 - # TODO report to upsteam about missing dependency websocket 1358 + # TODO report to upstream about missing dependency websocket 1359 1359 ibrowse = ignoreCompilationError (addPackageRequires super.ibrowse [ self.websocket ]); 1360 1360 1361 1361 # elisp error and missing optional dependencies ··· 1368 1368 1369 1369 indium = mkHome super.indium; 1370 1370 1371 - # TODO report to upsteam 1371 + # TODO report to upstream 1372 1372 inlineR = addPackageRequires super.inlineR [ self.ess ]; 1373 1373 1374 1374 # https://github.com/duelinmarkers/insfactor.el/issues/7 ··· 1547 1547 1548 1548 org-gtd = ignoreCompilationError super.org-gtd; # elisp error 1549 1549 1550 - # needs newer org than the Eamcs 29.4 builtin one 1550 + # needs newer org than the Emacs 29.4 builtin one 1551 1551 org-link-beautify = addPackageRequires super.org-link-beautify [ 1552 1552 self.org 1553 1553 self.qrencode
+5 -5
pkgs/applications/editors/vscode/extensions/default.nix
··· 1240 1240 mktplcRef = { 1241 1241 name = "dart-code"; 1242 1242 publisher = "dart-code"; 1243 - version = "3.110.0"; 1244 - hash = "sha256-YLdhL5xNj8sidZUzMVZgOK6zTXgQnWdKWRrDg0on90s="; 1243 + version = "3.112.0"; 1244 + hash = "sha256-nnEEKijl5ZdsHyBAWCL+MucjNGIuup75xSJaVzNawrs="; 1245 1245 }; 1246 1246 1247 1247 meta.license = lib.licenses.mit; ··· 1251 1251 mktplcRef = { 1252 1252 name = "flutter"; 1253 1253 publisher = "dart-code"; 1254 - version = "3.110.0"; 1255 - hash = "sha256-Zi+q56XcHZGUKgF3TNpaYSwwdqLT8Q1fxf8dFVAEuQY="; 1254 + version = "3.112.0"; 1255 + hash = "sha256-S+srv0zUCobM3IPXOME5oT0xdXdPmMHSs7rwNTBcnhk="; 1256 1256 }; 1257 1257 1258 1258 meta.license = lib.licenses.mit; ··· 5709 5709 }; 5710 5710 5711 5711 # TODO: add overrides overlay, so that we can have a generated.nix 5712 - # then apply extension specific modifcations to packages. 5712 + # then apply extension specific modifications to packages. 5713 5713 5714 5714 # overlays will be applied left to right, overrides should come after aliases. 5715 5715 overlays = lib.optionals config.allowAliases [
+1 -1
pkgs/applications/editors/vscode/extensions/ms-vscode.cpptools/default.nix
··· 33 33 34 34 <https://github.com/Microsoft/vscode-cpptools/issues/35> 35 35 36 - Once the symbolic link temporary solution taken, everything shoud run smootly. 36 + Once the symbolic link temporary solution taken, everything should run smootly. 37 37 */ 38 38 39 39 let
+1 -1
pkgs/applications/graphics/yacreader/default.nix
··· 49 49 libsForQt5.qtmacextras # can be removed when using qt6 50 50 ]; 51 51 52 - # custom Darwin install instructions taken from the upsteam compileOSX.sh script 52 + # custom Darwin install instructions taken from the upstream compileOSX.sh script 53 53 installPhase = lib.optionalString stdenv.hostPlatform.isDarwin '' 54 54 runHook preInstall 55 55
+1
pkgs/applications/networking/browsers/librewolf/default.nix
··· 29 29 description = "Fork of Firefox, focused on privacy, security and freedom"; 30 30 homepage = "https://librewolf.net/"; 31 31 maintainers = with lib.maintainers; [ 32 + # Also update ci/OWNERS entry when changing maintainers 32 33 squalus 33 34 dwrege 34 35 fpletz
+3 -3
pkgs/applications/networking/ktailctl/default.nix
··· 26 26 }: 27 27 28 28 let 29 - version = "0.20.1"; 29 + version = "0.20.2"; 30 30 31 31 src = fetchFromGitHub { 32 32 owner = "f-koehler"; 33 33 repo = "KTailctl"; 34 34 rev = "v${version}"; 35 - hash = "sha256-8vtNAqCDXbzEuGXqUZL26EMmVLJqSFu+E/zhK8VafLE="; 35 + hash = "sha256-yMP+oAc1ZHr402j3NQOFLGFT/AK/PQ+figoVyOMEaus="; 36 36 }; 37 37 38 38 goDeps = ··· 40 40 pname = "ktailctl-go-wrapper"; 41 41 inherit src version; 42 42 modRoot = "src/wrapper"; 43 - vendorHash = "sha256-F0fY9ZqibZNIUQSIlLRO3rX4gYAFHWMdFtwRNigpGZE="; 43 + vendorHash = "sha256-kX2L/ET6saxn73T4414ShRSeOIpX8i1HHjKkPbdjse0="; 44 44 }).goModules; 45 45 in 46 46 stdenv.mkDerivation {
+2 -2
pkgs/applications/virtualization/OVMF/default.nix
··· 96 96 "debian/python" 97 97 "debian/PkKek-1-*.pem" 98 98 ]; 99 - rev = "refs/tags/debian/2024.05-1"; 100 - hash = "sha256-uAjXJaHOVh944ZxcA2IgCsrsncxuhc0JKlsXs0E03s0="; 99 + rev = "refs/tags/debian/2025.02-8"; 100 + hash = "sha256-kAwfS8TBdN1PTm5kxTvqFuA9edBfBuMt6XmRWnFnolQ="; 101 101 }; 102 102 103 103 buildPrefix = "Build/*/*";
+7 -6
pkgs/build-support/go/README.md
··· 3 3 Go promises that "programs written to the Go 1 specification will continue to compile and run correctly, unchanged, over the lifetime of that specification" [1]. 4 4 Newer toolchain versions should build projects developed against older toolchains without problems. 5 5 6 + **Definition(a "toolchain-breaking" package):** 6 7 There are however Go packages depending on internal APIs of the toolchain/runtime/stdlib that are not covered by the Go compatibility promise. 7 - These packages may break on toolchain updates. 8 - We name packages that (often) break on toolchain updates `toolchain-breaking`. 8 + These packages may break on toolchain minor version upgrades. 9 9 10 - There is another set of packages that depends on the toolchain, but in another way: 11 - Packages providing development support for the Go language (like `gopls`, `golangci-lint`,...) must be compiled with the version they should be used for. 10 + **Definition(a "toolchain-latest" package):** 11 + Packages providing development support for the Go language (like `gopls`, `golangci-lint`,...) depend on the toolchain in another way: they must be compiled at least with the version they should be used for. 12 12 If `gopls` is compiled for Go 1.23, it won't work for projects that require Go 1.24. 13 - We name packages that must be built with the latest toolchain to work as expected `toolchain-latest`. 14 13 15 14 Go only ever has two supported toolchains. With a new minor release, the second last Go toolchain is automatically end of life, meaning it won't receive security updates anymore. 16 15 ··· 26 25 A comment MUST be added explaining why this is the case for a certain package. 27 26 It is important to keep the number of packages using this builder within nixpkgs low, so the bump won't cause a mass rebuild. 28 27 29 - Consumer outside of nixpkgs on the other hand MAY rely on this toolchain/builder if they prefer being upgraded earlier to the newest toolchain. 28 + `go_latest` MUST not point to release candidates of Go. 29 + 30 + Consumer outside of nixpkgs on the other hand MAY rely on this toolchain/builder if they prefer being upgraded earlier to the newest toolchain minor version. 30 31 31 32 3. Packages in `toolchain-breaking` SHOULD pin a toolchain version by using a builder with a fixed Go version (`buildGo1xxModule`). 32 33 The use of `buildGo1xxModule` MUST be accompanied with a comment explaining why this has a dependency on a specific Go version.
+1 -1
pkgs/build-support/rust/build-rust-crate/default.nix
··· 15 15 jq, 16 16 libiconv, 17 17 # Controls codegen parallelization for all crates. 18 - # May be overriden on a per-crate level. 18 + # May be overridden on a per-crate level. 19 19 # See <https://doc.rust-lang.org/rustc/codegen-options/index.html#codegen-units> 20 20 defaultCodegenUnits ? 1, 21 21 }:
+3 -3
pkgs/build-support/rust/build-rust-crate/test/rcgen-crates.nix
··· 20 20 defaultCrateOverrides ? pkgs.defaultCrateOverrides, 21 21 # The features to enable for the root_crate or the workspace_members. 22 22 rootFeatures ? [ "default" ], 23 - # If true, throw errors instead of issueing deprecation warnings. 23 + # If true, throw errors instead of issuing deprecation warnings. 24 24 strictDeprecation ? false, 25 25 # Used for conditional compilation based on CPU feature detection. 26 26 targetFeatures ? [ ], ··· 4485 4485 runTests ? false, 4486 4486 testCrateFlags ? [ ], 4487 4487 testInputs ? [ ], 4488 - # Any command to run immediatelly before a test is executed. 4488 + # Any command to run immediately before a test is executed. 4489 4489 testPreRun ? "", 4490 - # Any command run immediatelly after a test is executed. 4490 + # Any command run immediately after a test is executed. 4491 4491 testPostRun ? "", 4492 4492 }: 4493 4493 lib.makeOverridable
+1 -1
pkgs/by-name/ad/adios2/package.nix
··· 85 85 yaml-cpp 86 86 nlohmann_json 87 87 88 - # Todo: add these optional dependcies in nixpkgs. 88 + # Todo: add these optional dependencies in nixpkgs. 89 89 # sz 90 90 # mgard 91 91 # catalyst
+4 -4
pkgs/by-name/am/amp-cli/package-lock.json
··· 5 5 "packages": { 6 6 "": { 7 7 "dependencies": { 8 - "@sourcegraph/amp": "^0.0.1748404992-ga3f78f" 8 + "@sourcegraph/amp": "^0.0.1748865683-g71e54e" 9 9 } 10 10 }, 11 11 "node_modules/@colors/colors": { ··· 29 29 } 30 30 }, 31 31 "node_modules/@sourcegraph/amp": { 32 - "version": "0.0.1748404992-ga3f78f", 33 - "resolved": "https://registry.npmjs.org/@sourcegraph/amp/-/amp-0.0.1748404992-ga3f78f.tgz", 34 - "integrity": "sha512-+BvCW8zrbO7ENRzMg0LdAeKigjzL+ASIDBjJ/m2uL2CVT8WPk1h34FTNCbvnO6kssimEtdP8FcxR/2O4AHwUbA==", 32 + "version": "0.0.1748865683-g71e54e", 33 + "resolved": "https://registry.npmjs.org/@sourcegraph/amp/-/amp-0.0.1748865683-g71e54e.tgz", 34 + "integrity": "sha512-ZiNbIbgCb/l7Q7wRT0sva6Ju7VDtq7+lijMWK8jotPorTq1DYUy3h7XJIOjyJEdvqlQkEfwrnbOfREmsnwlPyg==", 35 35 "dependencies": { 36 36 "@types/runes": "^0.4.3", 37 37 "@vscode/ripgrep": "1.15.11",
+12 -7
pkgs/by-name/am/amp-cli/package.nix
··· 4 4 fetchzip, 5 5 ripgrep, 6 6 makeWrapper, 7 + testers, 7 8 }: 8 9 9 - buildNpmPackage rec { 10 + buildNpmPackage (finalAttrs: { 10 11 pname = "amp-cli"; 11 - version = "0.0.1748404992-ga3f78f"; 12 + version = "0.0.1748865683-g71e54e"; 12 13 13 14 src = fetchzip { 14 - url = "https://registry.npmjs.org/@sourcegraph/amp/-/amp-${version}.tgz"; 15 - hash = "sha256-axd5VP7afa4ptAl/y8CEVguqoRKVRhWfRDSI0sgyXqA="; 15 + url = "https://registry.npmjs.org/@sourcegraph/amp/-/amp-${finalAttrs.version}.tgz"; 16 + hash = "sha256-kkQKjw1SzDjV8/206i+NUyxeDhZ/35My9gyXRe/U7I8="; 16 17 }; 17 18 18 19 postPatch = '' ··· 25 26 "version": "0.0.0", 26 27 "license": "UNLICENSED", 27 28 "dependencies": { 28 - "@sourcegraph/amp": "${version}" 29 + "@sourcegraph/amp": "${finalAttrs.version}" 29 30 }, 30 31 "bin": { 31 32 "amp": "./bin/amp-wrapper.js" ··· 44 45 chmod +x bin/amp-wrapper.js 45 46 ''; 46 47 47 - npmDepsHash = "sha256-05+hBr+eX3I92U9TsqPQrYcJCmKXTvz3n6ZTxR1XvC8="; 48 + npmDepsHash = "sha256-yeZ5UCVUCbVjpYTYYN5mI6eCkShtnCKxumjpb5GRCws="; 48 49 49 50 propagatedBuildInputs = [ 50 51 ripgrep ··· 69 70 ''; 70 71 71 72 passthru.updateScript = ./update.sh; 73 + passthru.tests.version = testers.testVersion { 74 + package = finalAttrs.finalPackage; 75 + command = "HOME=$(mktemp -d) amp --version"; 76 + }; 72 77 73 78 meta = { 74 79 description = "CLI for Amp, an agentic coding agent in research preview from Sourcegraph"; ··· 81 86 ]; 82 87 mainProgram = "amp"; 83 88 }; 84 - } 89 + })
+10 -10
pkgs/by-name/co/containerlab/package.nix
··· 6 6 versionCheckHook, 7 7 }: 8 8 9 - buildGoModule rec { 9 + buildGoModule (finalAttrs: { 10 10 pname = "containerlab"; 11 11 version = "0.68.0"; 12 12 13 13 src = fetchFromGitHub { 14 14 owner = "srl-labs"; 15 15 repo = "containerlab"; 16 - rev = "v${version}"; 16 + tag = "v${finalAttrs.version}"; 17 17 hash = "sha256-x6QDwduAMCD+Trj0awQXW0Tdleb2U6YBi/7mdMB6V/8="; 18 18 }; 19 19 20 20 vendorHash = "sha256-XRgKfRw6VGg+lkbtPWUVNfAk5a7ZdFwVmhjtM7uSwHs="; 21 21 22 - nativeBuildInputs = [ installShellFiles ]; 22 + nativeBuildInputs = [ 23 + installShellFiles 24 + versionCheckHook 25 + ]; 23 26 24 27 ldflags = [ 25 28 "-s" 26 29 "-w" 27 - "-X github.com/srl-labs/containerlab/cmd/version.Version=${version}" 28 - "-X github.com/srl-labs/containerlab/cmd/version.commit=${src.rev}" 30 + "-X github.com/srl-labs/containerlab/cmd/version.Version=${finalAttrs.version}" 31 + "-X github.com/srl-labs/containerlab/cmd/version.commit=${finalAttrs.src.rev}" 29 32 "-X github.com/srl-labs/containerlab/cmd/version.date=1970-01-01T00:00:00Z" 30 33 ]; 31 34 ··· 42 45 --zsh <($out/bin/containerlab completion zsh) 43 46 ''; 44 47 45 - nativeInstallCheckInputs = [ 46 - versionCheckHook 47 - ]; 48 48 doInstallCheck = true; 49 49 versionCheckProgramArg = "version"; 50 50 51 51 meta = { 52 52 description = "Container-based networking lab"; 53 53 homepage = "https://containerlab.dev/"; 54 - changelog = "https://github.com/srl-labs/containerlab/releases/tag/${src.rev}"; 54 + changelog = "https://github.com/srl-labs/containerlab/releases/tag/v${finalAttrs.version}"; 55 55 license = lib.licenses.bsd3; 56 56 platforms = lib.platforms.linux; 57 57 maintainers = with lib.maintainers; [ aaronjheng ]; 58 58 mainProgram = "containerlab"; 59 59 }; 60 - } 60 + })
+2 -2
pkgs/by-name/du/duplicity/package.nix
··· 22 22 let 23 23 self = python3.pkgs.buildPythonApplication rec { 24 24 pname = "duplicity"; 25 - version = "3.0.4"; 25 + version = "3.0.4.1"; 26 26 27 27 src = fetchFromGitLab { 28 28 owner = "duplicity"; 29 29 repo = "duplicity"; 30 30 rev = "rel.${version}"; 31 - hash = "sha256-FoaKuB0mo2RFksMHnIUx984+h/U0tdvk+bvsuYt3r5g="; 31 + hash = "sha256-cVzGdn3a9/Kvu/QYWaTXJ1llkPRvj0g8qb7TUjennws="; 32 32 }; 33 33 34 34 patches = [
+2 -2
pkgs/by-name/fl/fly/package.nix
··· 8 8 9 9 buildGoModule rec { 10 10 pname = "fly"; 11 - version = "7.13.0"; 11 + version = "7.13.2"; 12 12 13 13 src = fetchFromGitHub { 14 14 owner = "concourse"; 15 15 repo = "concourse"; 16 16 rev = "v${version}"; 17 - hash = "sha256-myvYACdTqnEb8aBpBeCA1qvcnF0lwYbSo6kMgSz7iiA="; 17 + hash = "sha256-onowKvN8YLDWRRn3rGEMoMxc6XaAcBKJcFOHSVh9Yy8="; 18 18 }; 19 19 20 20 vendorHash = "sha256-WC4uzTgvW15IumwmsWXXeiF5qagbeb5XWRaSjd1XLvA=";
+1 -1
pkgs/by-name/hy/hyperhdr/package.nix
··· 45 45 ]; 46 46 47 47 patches = [ 48 - # Allow completly unvendoring hyperhdr 48 + # Allow completely unvendoring hyperhdr 49 49 # This can be removed on the next hyperhdr release 50 50 ./unvendor.patch 51 51 ];
+1 -1
pkgs/by-name/il/ilmbase/package.nix
··· 3 3 lib, 4 4 buildPackages, 5 5 cmake, 6 - # explicitely depending on openexr_2 because ilmbase doesn't exist for v3 6 + # explicitly depending on openexr_2 because ilmbase doesn't exist for v3 7 7 openexr_2, 8 8 }: 9 9
+1 -1
pkgs/by-name/im/imlib2/package.nix
··· 75 75 enableParallelBuilding = true; 76 76 77 77 # Do not build amd64 assembly code on Darwin, because it fails to compile 78 - # with unknow directive errors 78 + # with unknown directive errors 79 79 configureFlags = 80 80 optional stdenv.hostPlatform.isDarwin "--enable-amd64=no" 81 81 ++ optional (!svgSupport) "--without-svg"
+1 -1
pkgs/by-name/ki/kissfft/package.nix
··· 57 57 (lib.cmakeFeature "KISSFFT_DATATYPE" datatype) 58 58 (lib.cmakeBool "KISSFFT_STATIC" enableStatic) 59 59 # `test/testkiss.py` expects this… 60 - (lib.cmakeFeature "KISSFFT_OPENMP" (if enableOpenmp then "ON" else "OFF")) 60 + (lib.cmakeBool "KISSFFT_OPENMP" enableOpenmp) 61 61 ]; 62 62 63 63 # Required for `test/testcpp.c`.
+1 -1
pkgs/by-name/li/libcredis/package.nix
··· 13 13 sha256 = "1l3hlw9rrc11qggbg9a2303p3bhxxx2vqkmlk8avsrbqw15r1ayr"; 14 14 }; 15 15 16 - # credis build system has no install actions, provide our own. 16 + # credits build system has no install actions, provide our own. 17 17 installPhase = '' 18 18 mkdir -p "$out/bin" 19 19 mkdir -p "$out/lib"
+1 -1
pkgs/by-name/mi/miktex/package.nix
··· 106 106 patches = [ 107 107 ./startup-config-support-nix-store.patch 108 108 # Miktex will search exectables in "GetMyPrefix(true)/bin". 109 - # The path evalutate to "/usr/bin" in FHS style linux distrubution, 109 + # The path evaluate to "/usr/bin" in FHS style linux distribution, 110 110 # compared to "/nix/store/.../bin" in NixOS. 111 111 # As a result, miktex will fail to find e.g. 'pkexec','ksudo','gksu' 112 112 # under /run/wrappers/bin in NixOS.
+1 -1
pkgs/by-name/mx/mxnet/package.nix
··· 14 14 perl, 15 15 # mxnet cuda support is turned off, but dependencies like opencv can still be built with cudaSupport 16 16 # and fail to compile without the cudatoolkit 17 - # mxnet cuda support will not be availaible, as mxnet requires version <=11 17 + # mxnet cuda support will not be available, as mxnet requires version <=11 18 18 cudaSupport ? config.cudaSupport, 19 19 cudaPackages ? { }, 20 20 }:
+3 -3
pkgs/by-name/na/namespace-cli/package.nix
··· 6 6 7 7 buildGoModule rec { 8 8 pname = "namespace-cli"; 9 - version = "0.0.415"; 9 + version = "0.0.416"; 10 10 11 11 src = fetchFromGitHub { 12 12 owner = "namespacelabs"; 13 13 repo = "foundation"; 14 14 rev = "v${version}"; 15 - hash = "sha256-mWiY2HbOE7R9ltunpSLiM84iscTuSJTQtWCbk2O/HIQ="; 15 + hash = "sha256-Te2BFbzrGU7iw+CqDafOiIByUfHEb8QGBAci+6imIm4="; 16 16 }; 17 17 18 - vendorHash = "sha256-waO9D0wSluzLl0pULeWMCYKh5IUqcS+VIvwDVwedx64="; 18 + vendorHash = "sha256-hPZmNH4bhIds+Ps0pQCjYPfvVBaX8e3Bq/onq91Fzq8="; 19 19 20 20 subPackages = [ 21 21 "cmd/nsc"
+3 -3
pkgs/by-name/ne/neothesia/package.nix
··· 12 12 xorg, 13 13 }: 14 14 let 15 - version = "0.3.0"; 15 + version = "0.3.1"; 16 16 17 17 src = fetchFromGitHub { 18 18 owner = "PolyMeilex"; 19 19 repo = "Neothesia"; 20 20 rev = "v${version}"; 21 - hash = "sha256-JD1jQ/a6GHtB/d/fRMCiE4ZOO676BIiZ980VIYUloU0="; 21 + hash = "sha256-qYwBSye6RYClSlWmHwuy/rxq9w5932tR33Z+o2S1l8k="; 22 22 }; 23 23 in 24 24 rustPlatform.buildRustPackage { ··· 38 38 ]; 39 39 40 40 useFetchCargoVendor = true; 41 - cargoHash = "sha256-OYdKuYOL3X6eqVYANvmfTRA8TGd4+QLg0zodDH0jxXk="; 41 + cargoHash = "sha256-mXeNAVYqPsBWiUZFV/atx/xjLgFNarm2HwI7k/NaAbc="; 42 42 43 43 cargoBuildFlags = [ 44 44 "-p neothesia -p neothesia-cli"
+2 -2
pkgs/by-name/oc/ocenaudio/package.nix
··· 14 14 15 15 stdenv.mkDerivation (finalAttrs: { 16 16 pname = "ocenaudio"; 17 - version = "3.14.11"; 17 + version = "3.15"; 18 18 19 19 src = fetchurl { 20 20 name = "ocenaudio.deb"; 21 21 url = "https://www.ocenaudio.com/downloads/index.php/ocenaudio_debian12.deb?version=v${finalAttrs.version}"; 22 - hash = "sha256-+UQ4veSoqwNC6ENQVWmOFebiI6RQlV7rBL7n238xxyc="; 22 + hash = "sha256-MZjgdCBE+3dG6Ov+wwDKa/0Y8XIihwM50Gc/cgEf2FQ="; 23 23 }; 24 24 25 25 nativeBuildInputs = [
+3 -3
pkgs/by-name/pd/pdfarranger/package.nix
··· 12 12 13 13 python3Packages.buildPythonApplication rec { 14 14 pname = "pdfarranger"; 15 - version = "1.11.1"; 15 + version = "1.12.0"; 16 16 pyproject = true; 17 17 18 18 src = fetchFromGitHub { 19 19 owner = "pdfarranger"; 20 20 repo = "pdfarranger"; 21 21 tag = version; 22 - hash = "sha256-94qziqJaKW8/L/6+U1yojxdG8BmeAStn+qbfGemTrVA="; 22 + hash = "sha256-//JjIPDeyI+JZoFT2GU+wCP+tkKCchgS9ftMT5rUEOM="; 23 23 }; 24 24 25 25 nativeBuildInputs = [ wrapGAppsHook3 ] ++ lib.optionals stdenv.hostPlatform.isDarwin [ gettext ]; ··· 64 64 endle 65 65 ]; 66 66 license = lib.licenses.gpl3Plus; 67 - changelog = "https://github.com/pdfarranger/pdfarranger/releases/tag/${version}"; 67 + changelog = "https://github.com/pdfarranger/pdfarranger/releases/tag/${src.tag}"; 68 68 }; 69 69 }
+3 -3
pkgs/by-name/ph/phel/package.nix
··· 7 7 8 8 php.buildComposerProject2 (finalAttrs: { 9 9 pname = "phel"; 10 - version = "0.16.1"; 10 + version = "0.17.0"; 11 11 12 12 src = fetchFromGitHub { 13 13 owner = "phel-lang"; 14 14 repo = "phel-lang"; 15 15 tag = "v${finalAttrs.version}"; 16 - hash = "sha256-irN1Dnov6vDiU4xGsf2nxz7/kz1YOMq0yOLYt4HY1EM="; 16 + hash = "sha256-iS887QNUphe+czx1IEz+uESBqee73/mHzmg2Fvi26do="; 17 17 }; 18 18 19 - vendorHash = "sha256-SDLpl2gBvtVjREfcy1WDFqsGRK1fKr2wKPuBkPhApNI="; 19 + vendorHash = "sha256-lhxgL41gyHVOv1MqjwwnWQTQZz4WU2kWGCSV2EZoJrg="; 20 20 21 21 doInstallCheck = true; 22 22 nativeInstallCheckInputs = [ versionCheckHook ];
+2 -2
pkgs/by-name/sc/scalafmt/package.nix
··· 9 9 10 10 let 11 11 baseName = "scalafmt"; 12 - version = "3.9.6"; 12 + version = "3.9.7"; 13 13 deps = stdenv.mkDerivation { 14 14 name = "${baseName}-deps-${version}"; 15 15 buildCommand = '' ··· 19 19 cp $(< deps) $out/share/java/ 20 20 ''; 21 21 outputHashMode = "recursive"; 22 - outputHash = "sha256-qn3by++aYx/azaoDJFQfo8PHyjd3w4qI7g6NMIzLiPE="; 22 + outputHash = "sha256-x1hEJtzZ0DmFDc7X5Tua3F0BcWz/Atm2zmMr7GgfkUM="; 23 23 }; 24 24 in 25 25 stdenv.mkDerivation {
+13 -7
pkgs/by-name/sd/sdl2-compat/package.nix
··· 2 2 cmake, 3 3 lib, 4 4 fetchFromGitHub, 5 - monado, 6 5 ninja, 6 + sdl3, 7 + stdenv, 8 + testers, 9 + libX11, 10 + libGL, 7 11 nix-update-script, 12 + 13 + # passthru tests 8 14 SDL2_ttf, 9 15 SDL2_net, 10 16 SDL2_gfx, 11 17 SDL2_sound, 12 18 SDL2_mixer, 13 19 SDL2_image, 14 - sdl3, 15 - stdenv, 16 - testers, 17 - libX11, 18 - libGL, 20 + SDL_compat, 21 + ffmpeg, 22 + qemu, 19 23 }: 20 24 21 25 stdenv.mkDerivation (finalAttrs: { ··· 76 80 pkg-config = testers.testMetaPkgConfig finalAttrs.finalPackage; 77 81 78 82 inherit 83 + SDL_compat 79 84 SDL2_ttf 80 85 SDL2_net 81 86 SDL2_gfx 82 87 SDL2_sound 83 88 SDL2_mixer 84 89 SDL2_image 90 + ffmpeg 85 91 ; 86 92 } 87 93 // lib.optionalAttrs stdenv.hostPlatform.isLinux { 88 - inherit monado; 94 + inherit qemu; 89 95 }; 90 96 91 97 updateScript = nix-update-script {
+14
pkgs/by-name/si/signal-desktop/dont-strip-absolute-paths.patch
··· 1 + diff --git a/node/build_node_bridge.py b/node/build_node_bridge.py 2 + index c983fc3..2ab06dc 100755 3 + --- a/node/build_node_bridge.py 4 + +++ b/node/build_node_bridge.py 5 + @@ -138,9 +138,6 @@ def main(args: Optional[List[str]] = None) -> int: 6 + cargo_env['CARGO_PROFILE_RELEASE_LTO'] = 'thin' 7 + # Enable ARMv8 cryptography acceleration when available 8 + cargo_env['RUSTFLAGS'] += ' --cfg aes_armv8' 9 + - # Strip absolute paths 10 + - for path in build_helpers.rust_paths_to_remap(): 11 + - cargo_env['RUSTFLAGS'] += f' --remap-path-prefix {path}=' 12 + 13 + # If set (below), will post-process the build library using this instead of just `cp`-ing it. 14 + objcopy = None
+10 -9
pkgs/by-name/si/signal-desktop/libsignal-node.nix
··· 24 24 in 25 25 rustPlatform.buildRustPackage (finalAttrs: { 26 26 pname = "libsignal-node"; 27 - version = "0.70.0"; 27 + version = "0.72.1"; 28 28 29 29 src = fetchFromGitHub { 30 30 owner = "signalapp"; 31 31 repo = "libsignal"; 32 32 tag = "v${finalAttrs.version}"; 33 - hash = "sha256-6CBhLvD0UflLzJHAMB21wSH8MWTUNx0uPdqOUo/Eq44="; 33 + hash = "sha256-A8EAHHcBFSD4ZlvFig64g4+eoZQCuqE/qv509hA3I4s="; 34 34 }; 35 35 useFetchCargoVendor = true; 36 - cargoHash = "sha256-4bSPPf16nUQTl6INa3mLhPIe8iiFfpPw1E5fpNvnKqs="; 36 + cargoHash = "sha256-+vJrywIi/RcGGGns42XlN6S63RBil3fB4XByTLsaFVc="; 37 37 38 38 npmRoot = "node"; 39 39 npmDeps = fetchNpmDeps { 40 40 name = "${finalAttrs.pname}-npm-deps"; 41 41 inherit (finalAttrs) version src; 42 42 sourceRoot = "${finalAttrs.src.name}/${finalAttrs.npmRoot}"; 43 - hash = "sha256-djk+YGZ/eUq6MXjUEE47bgKnQlUSuaoUPx8hUMtjvyQ="; 43 + hash = "sha256-ZD0ZN2b7KReGbnvarqvGpOlQ5TsJfnaHmmOWQ42Y48E="; 44 44 }; 45 45 46 46 nativeBuildInputs = [ ··· 56 56 env.BORING_BSSL_PATH = "${boringssl-wrapper}"; 57 57 env.NIX_LDFLAGS = if stdenv.hostPlatform.isDarwin then "-lc++" else "-lstdc++"; 58 58 59 - patchPhase = '' 60 - runHook prePatch 61 - 59 + patches = [ 60 + # This is used to strip absolute paths of dependencies to avoid leaking info about build machine. Nix builders 61 + # already solve this problem by chrooting os this is not needed. 62 + ./dont-strip-absolute-paths.patch 63 + ]; 64 + postPatch = '' 62 65 substituteInPlace node/binding.gyp \ 63 66 --replace-fail "'--out-dir', '<(PRODUCT_DIR)/'," \ 64 67 "'--out-dir', '$out/lib/<(NODE_OS_NAME)-<(target_arch)/'," \ ··· 68 71 substituteInPlace node/build_node_bridge.py \ 69 72 --replace-fail "dst_base = 'libsignal_client_%s_%s' % (node_os_name, node_arch)" \ 70 73 "dst_base = '@signalapp+libsignal-client'" 71 - 72 - runHook postPatch 73 74 ''; 74 75 75 76 buildPhase = ''
+8 -8
pkgs/by-name/si/signal-desktop/package.nix
··· 3 3 lib, 4 4 nodejs_22, 5 5 pnpm_10, 6 - electron_35, 6 + electron_36, 7 7 python3, 8 8 makeWrapper, 9 9 callPackage, ··· 19 19 let 20 20 nodejs = nodejs_22; 21 21 pnpm = pnpm_10.override { inherit nodejs; }; 22 - electron = electron_35; 22 + electron = electron_36; 23 23 24 24 libsignal-node = callPackage ./libsignal-node.nix { inherit nodejs; }; 25 25 signal-sqlcipher = callPackage ./signal-sqlcipher.nix { inherit pnpm nodejs; }; ··· 48 48 ''; 49 49 }); 50 50 51 - version = "7.54.0"; 51 + version = "7.56.0"; 52 52 53 53 src = fetchFromGitHub { 54 54 owner = "signalapp"; 55 55 repo = "Signal-Desktop"; 56 56 tag = "v${version}"; 57 - hash = "sha256-dv1Yi7gSd7kY3MSrsPjcaf2hAEq6Y+XoWtlBfvd86ac="; 57 + hash = "sha256-BrgBlDEgb08oX7Mh/P4nuoM+dkSDpB45zOtDNMYeZr0="; 58 58 }; 59 59 60 60 sticker-creator = stdenv.mkDerivation (finalAttrs: { ··· 64 64 65 65 pnpmDeps = pnpm.fetchDeps { 66 66 inherit (finalAttrs) pname src version; 67 - hash = "sha256-TuPyRVNFIlR0A4YHMpQsQ6m+lm2fsp79FzQ1P5qqjIc="; 67 + hash = "sha256-cT7Ixl/V/mesPHvJUsG63Y/wXwKjbjkjdjP3S7uEOa0="; 68 68 }; 69 69 70 70 strictDeps = true; ··· 116 116 ; 117 117 hash = 118 118 if withAppleEmojis then 119 - "sha256-Kdg0+kLEDFobWEEhJgKuaou/pYwn1dTugye7OcMYfEQ=" 119 + "sha256-RP3d1t4bbvehdCDSL3bHrlJEnn65TDViI5jVjSiuJw8=" 120 120 else 121 - "sha256-cit/Hn7L6qmfIJCDF2wlx/4aKygRYy+zvBQGX6Mg+og="; 121 + "sha256-KJvc+kVcwRKsUVW3lK7fPXUSqDQlJFPbYAzQjhFtfoU="; 122 122 }; 123 123 124 124 env = { 125 125 ELECTRON_SKIP_BINARY_DOWNLOAD = "1"; 126 126 SIGNAL_ENV = "production"; 127 - SOURCE_DATE_EPOCH = 1747170390; 127 + SOURCE_DATE_EPOCH = 1748456277; 128 128 }; 129 129 130 130 preBuild = ''
+3 -3
pkgs/by-name/si/signal-desktop/ringrtc.nix
··· 19 19 in 20 20 rustPlatform.buildRustPackage (finalAttrs: { 21 21 pname = "ringrtc"; 22 - version = "2.51.0"; 22 + version = "2.52.0"; 23 23 24 24 src = fetchFromGitHub { 25 25 owner = "signalapp"; 26 26 repo = "ringrtc"; 27 27 tag = "v${finalAttrs.version}"; 28 - hash = "sha256-PLrGLW6pDoCNpbWASxAqockAJRoeBrkBdxNOHYrQu4s="; 28 + hash = "sha256-Ao1mFJYPnV3lfg4SERwq4dGnBhOVI9pwsqPAsUtV/iY="; 29 29 }; 30 30 useFetchCargoVendor = true; 31 - cargoHash = "sha256-u38VOV2xdNG1WFox+SWT9ejJD1TjK0yAI6lCB9r75iY="; 31 + cargoHash = "sha256-mO9t4ZDDM5Y9cMkmdrYrdGYukN1xfGogPSNq+S1t4Us="; 32 32 33 33 cargoBuildFlags = [ 34 34 "-p"
+2 -2
pkgs/by-name/si/signal-desktop/signal-sqlcipher.nix
··· 11 11 }: 12 12 stdenv.mkDerivation (finalAttrs: { 13 13 pname = "node-sqlcipher"; 14 - version = "2.0.1"; 14 + version = "2.0.3"; 15 15 16 16 src = fetchFromGitHub { 17 17 owner = "signalapp"; 18 18 repo = "node-sqlcipher"; 19 19 tag = "v${finalAttrs.version}"; 20 - hash = "sha256-15t2HuEYdCxShK703/z3bb1VCgSNpziaK5+wM3TqSHg="; 20 + hash = "sha256-H5/+XcXnINRL5BWItWx6YaPP46+k1xTbyfDqHPCRDXk="; 21 21 }; 22 22 23 23 pnpmDeps = pnpm.fetchDeps {
+2 -2
pkgs/by-name/si/signal-desktop/webrtc-sources.json
··· 1 1 { 2 2 "src": { 3 3 "args": { 4 - "hash": "sha256-yomovlwRmrzsN+dvmUgOM6pzBTH41QuHQXnEJBhQglY=", 4 + "hash": "sha256-AFMJmIo7O4fYrVWABciQphTxHQSj4CdfhluIIPpPWAw=", 5 5 "owner": "signalapp", 6 6 "repo": "webrtc", 7 - "tag": "6998b" 7 + "tag": "6998c" 8 8 }, 9 9 "fetcher": "fetchFromGitHub" 10 10 },
+1 -1
pkgs/by-name/ty/typical/package.nix
··· 30 30 31 31 patches = [ 32 32 # Related to https://github.com/stepchowfun/typical/pull/501 33 - # Commiting a slightly different patch because the upstream one doesn't apply cleanly 33 + # Committing a slightly different patch because the upstream one doesn't apply cleanly 34 34 ./lifetime.patch 35 35 ]; 36 36
+1 -1
pkgs/by-name/us/usb-reset/package.nix
··· 8 8 stdenv.mkDerivation { 9 9 pname = "usb-reset"; 10 10 # not tagged, but changelog has this with the date of the e9a9d6c commit 11 - # and no significant change occured between bumping the version in the Makefile and that 11 + # and no significant change occurred between bumping the version in the Makefile and that 12 12 # and the changes since then (up to ff822d8) seem snap related 13 13 version = "0.3"; 14 14
+4 -4
pkgs/by-name/va/vanillatd/package.nix
··· 66 66 ]; 67 67 68 68 cmakeFlags = [ 69 - (lib.cmakeFeature "BUILD_VANILLATD" (if appName == "vanillatd" then "ON" else "OFF")) 70 - (lib.cmakeFeature "BUILD_VANILLARA" (if appName == "vanillara" then "ON" else "OFF")) 71 - (lib.cmakeFeature "BUILD_REMASTERTD" (if appName == "remastertd" then "ON" else "OFF")) 72 - (lib.cmakeFeature "BUILD_REMASTERRA" (if appName == "remasterra" then "ON" else "OFF")) 69 + (lib.cmakeBool "BUILD_VANILLATD" (appName == "vanillatd")) 70 + (lib.cmakeBool "BUILD_VANILLARA" (appName == "vanillara")) 71 + (lib.cmakeBool "BUILD_REMASTERTD" (appName == "remastertd")) 72 + (lib.cmakeBool "BUILD_REMASTERRA" (appName == "remasterra")) 73 73 (lib.cmakeFeature "CMAKE_BUILD_TYPE" CMAKE_BUILD_TYPE) 74 74 ]; 75 75
+2 -2
pkgs/by-name/ve/vectorcode/package.nix
··· 10 10 11 11 python3Packages.buildPythonApplication rec { 12 12 pname = "vectorcode"; 13 - version = "0.6.9"; 13 + version = "0.6.10"; 14 14 pyproject = true; 15 15 16 16 src = fetchFromGitHub { 17 17 owner = "Davidyz"; 18 18 repo = "VectorCode"; 19 19 tag = version; 20 - hash = "sha256-qXrXNt5uI/gePFyJ79y+zksSekq7BzsbL+1tvMQ/zKM="; 20 + hash = "sha256-k9YpsVFV1HkIIIFPB7Iz7Jar+lY5vK6gpzNIlX55ZDY="; 21 21 }; 22 22 23 23 build-system = with python3Packages; [
+19 -10
pkgs/by-name/wa/watchexec/package.nix
··· 4 4 rustPlatform, 5 5 fetchFromGitHub, 6 6 installShellFiles, 7 + nix-update-script, 7 8 }: 8 9 9 - rustPlatform.buildRustPackage rec { 10 + rustPlatform.buildRustPackage (finalAttrs: { 10 11 pname = "watchexec"; 11 - version = "2.3.1"; 12 + version = "2.3.2"; 12 13 13 14 src = fetchFromGitHub { 14 15 owner = "watchexec"; 15 16 repo = "watchexec"; 16 - rev = "v${version}"; 17 - hash = "sha256-ldxB1/WgOe1uGfKXkMEtGHIlWiKJgnZz6j/7eCOGD8s="; 17 + tag = "v${finalAttrs.version}"; 18 + hash = "sha256-BJRvz3rFLaOCNhOsEo0rSOgB9BCJ2LMB9XEw8RBWXXs="; 18 19 }; 19 20 20 21 useFetchCargoVendor = true; 21 - cargoHash = "sha256-LdjJlf4HPN+kZOQKPNSdbYApGBD4Z6tKV9Y0FFKpAf0="; 22 + cargoHash = "sha256-VtSRC4lyjMo2O9dNbVllcDEx08zQWJMQmQ/2bNMup6U="; 22 23 23 24 nativeBuildInputs = [ installShellFiles ]; 24 25 ··· 35 36 36 37 postInstall = '' 37 38 installManPage doc/watchexec.1 38 - installShellCompletion --zsh --name _watchexec completions/zsh 39 + installShellCompletion --cmd watchexec \ 40 + --bash completions/bash \ 41 + --fish completions/fish \ 42 + --zsh completions/zsh 39 43 ''; 40 44 41 - meta = with lib; { 45 + passthru.updateScript = nix-update-script { }; 46 + 47 + meta = { 42 48 description = "Executes commands in response to file modifications"; 43 49 homepage = "https://watchexec.github.io/"; 44 - license = with licenses; [ asl20 ]; 45 - maintainers = [ maintainers.michalrus ]; 50 + license = with lib.licenses; [ asl20 ]; 51 + maintainers = with lib.maintainers; [ 52 + michalrus 53 + prince213 54 + ]; 46 55 mainProgram = "watchexec"; 47 56 }; 48 - } 57 + })
+2 -2
pkgs/by-name/wh/whisper-ctranslate2/package.nix
··· 7 7 }: 8 8 let 9 9 pname = "whisper-ctranslate2"; 10 - version = "0.5.2"; 10 + version = "0.5.3"; 11 11 in 12 12 python3Packages.buildPythonApplication { 13 13 inherit pname version; ··· 17 17 owner = "Softcatala"; 18 18 repo = "whisper-ctranslate2"; 19 19 tag = version; 20 - hash = "sha256-53sKuaZJcH/i2C4oeKcvxRs3OmkvR3USw6nnPh+i+Eo="; 20 + hash = "sha256-rRxadVYv69Jgzai+ANS6oKHOArTI9vPDPeTybtOySww="; 21 21 }; 22 22 23 23 build-system = [ python3Packages.setuptools ];
+1 -1
pkgs/by-name/yt/ytmdesktop/package.nix
··· 38 38 }; 39 39 40 40 patches = [ 41 - # instead of runnning git during the build process 41 + # instead of running git during the build process 42 42 # use the .COMMIT file generated in the fetcher FOD 43 43 ./git-rev-parse.patch 44 44 ];
+2 -2
pkgs/by-name/za/zashboard/package.nix
··· 9 9 10 10 stdenv.mkDerivation (finalAttrs: { 11 11 pname = "zashboard"; 12 - version = "1.90.0"; 12 + version = "1.93.0"; 13 13 14 14 src = fetchFromGitHub { 15 15 owner = "Zephyruso"; 16 16 repo = "zashboard"; 17 17 tag = "v${finalAttrs.version}"; 18 - hash = "sha256-LxA0X2E9Xue79xLAYuCz0ZA0v8hYVxkb+1h6qB4MiDI="; 18 + hash = "sha256-0YlFDmn5XAQiGxGpFJtVgtFdPbxApVlsqRLwIun0YtI="; 19 19 }; 20 20 21 21 nativeBuildInputs = [
+1 -1
pkgs/by-name/ze/zepp-simulator/package.nix
··· 6 6 copyDesktopItems, 7 7 autoPatchelfHook, 8 8 9 - # Upstream is officialy built with Electron 18 9 + # Upstream is officially built with Electron 18 10 10 # (but it works with latest Electron with minor changes, see HACK below) 11 11 electron, 12 12 asar,
+1 -1
pkgs/development/compilers/gcc/common/configure-flags.nix
··· 38 38 39 39 # Note [Windows Exception Handling] 40 40 # sjlj (short jump long jump) exception handling makes no sense on x86_64, 41 - # it's forcably slowing programs down as it produces a constant overhead. 41 + # it's forcibly slowing programs down as it produces a constant overhead. 42 42 # On x86_64 we have SEH (Structured Exception Handling) and we should use 43 43 # that. On i686, we do not have SEH, and have to use sjlj with dwarf2. 44 44 # Hence it's now conditional on x86_32 (i686 is 32bit).
+4 -4
pkgs/development/haskell-modules/configuration-common.nix
··· 21 21 # To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. 22 22 self: super: 23 23 { 24 - # Hackage's accelerate is from 2020 and incomptible with our GHC. 24 + # Hackage's accelerate is from 2020 and incompatible with our GHC. 25 25 # The existing derivation also has missing dependencies 26 26 # compared to the source from github. 27 27 # https://github.com/AccelerateHS/accelerate/issues/553 ··· 820 820 katt = dontCheck super.katt; 821 821 language-slice = dontCheck super.language-slice; 822 822 823 - # Bogus lower bound on data-default-class added via Hackage revison 823 + # Bogus lower bound on data-default-class added via Hackage revision 824 824 # https://github.com/mrkkrp/req/pull/180#issuecomment-2628201485 825 825 req = overrideCabal { 826 826 revision = null; ··· 1979 1979 license = lib.licenses.bsd3; 1980 1980 # ghc-bignum is not buildable if none of the three backends 1981 1981 # is explicitly enabled. We enable Native for now as it doesn't 1982 - # depend on anything else as oppossed to GMP and FFI. 1982 + # depend on anything else as opposed to GMP and FFI. 1983 1983 # Apply patch which fixes a compilation failure we encountered. 1984 1984 # Will need to be kept until we can drop ghc-bignum entirely, 1985 1985 # i. e. if GHC 8.10.* and 8.8.* have been removed. ··· 2542 2542 # Missing test files https://github.com/kephas/xdg-basedir-compliant/issues/1 2543 2543 xdg-basedir-compliant = dontCheck super.xdg-basedir-compliant; 2544 2544 2545 - # Test failure after libxcrypt migration, reported upstrem at 2545 + # Test failure after libxcrypt migration, reported upstream at 2546 2546 # https://github.com/phadej/crypt-sha512/issues/13 2547 2547 crypt-sha512 = dontCheck super.crypt-sha512; 2548 2548
+1 -1
pkgs/development/interpreters/ruby/default.nix
··· 207 207 # When using a baseruby, ruby always sets "libdir" to the build 208 208 # directory, which nix rejects due to a reference in to /build/ in 209 209 # the final product. Removing this reference doesn't seem to break 210 - # anything and fixes cross compliation. 210 + # anything and fixes cross compilation. 211 211 ./dont-refer-to-build-dir.patch 212 212 ]; 213 213
+1 -1
pkgs/development/libraries/ffmpeg/generic.nix
··· 34 34 # all dependants in Nixpkgs 35 35 withSmallDeps ? ffmpegVariant == "small" || withFullDeps, 36 36 37 - # Everything enabled; only guarded behind platform exclusivity or brokeness. 37 + # Everything enabled; only guarded behind platform exclusivity or brokenness. 38 38 # If you need to depend on ffmpeg-full because ffmpeg is missing some feature 39 39 # your package needs, you should enable that feature in regular ffmpeg 40 40 # instead.
+1 -1
pkgs/development/libraries/openssl/default.nix
··· 225 225 # This avoids conflicts between man pages of openssl subcommands (for 226 226 # example 'ts' and 'err') man pages and their equivalent top-level 227 227 # command in other packages (respectively man-pages and moreutils). 228 - # This is done in ubuntu and archlinux, and possiibly many other distros. 228 + # This is done in ubuntu and archlinux, and possibly many other distros. 229 229 "MANSUFFIX=ssl" 230 230 ]; 231 231
+1 -1
pkgs/development/libraries/vigra/default.nix
··· 29 29 }; 30 30 31 31 patches = [ 32 - # Pathes to fix compiling on LLVM 19 from https://github.com/ukoethe/vigra/pull/592 32 + # Patches to fix compiling on LLVM 19 from https://github.com/ukoethe/vigra/pull/592 33 33 ./fix-llvm-19-1.patch 34 34 ./fix-llvm-19-2.patch 35 35 ];
+2 -2
pkgs/development/python-modules/aiokem/default.nix
··· 14 14 15 15 buildPythonPackage rec { 16 16 pname = "aiokem"; 17 - version = "0.5.11"; 17 + version = "0.5.12"; 18 18 pyproject = true; 19 19 20 20 disabled = pythonOlder "3.12"; ··· 23 23 owner = "kohlerlibs"; 24 24 repo = "aiokem"; 25 25 tag = "v${version}"; 26 - hash = "sha256-1fBGmsp6DoDP1EUjp2tfWT3nTux0/2iiC6x/LxrCrd8="; 26 + hash = "sha256-/NbPKN47aSfM7SllP04fHXV2fr+QQRr1x6NfbpeTfzc="; 27 27 }; 28 28 29 29 build-system = [ setuptools ];
+1 -1
pkgs/development/python-modules/brotlicffi/default.nix
··· 4 4 buildPythonPackage, 5 5 pythonOlder, 6 6 cffi, 7 - # overriden as pkgs.brotli 7 + # overridden as pkgs.brotli 8 8 brotli, 9 9 setuptools, 10 10 pytestCheckHook,
+1 -1
pkgs/development/python-modules/datadog/default.nix
··· 60 60 # https://github.com/DataDog/datadogpy/issues/746 61 61 "TestDogshell" 62 62 63 - # Flaky: test execution time aganst magic values 63 + # Flaky: test execution time against magic values 64 64 "test_distributed" 65 65 "test_timed" 66 66 "test_timed_in_ms"
+1 -1
pkgs/development/python-modules/dm-haiku/default.nix
··· 60 60 61 61 # AttributeError: jax.core.Var was removed in JAX v0.6.0. Use jax.extend.core.Var instead, and 62 62 # see https://docs.jax.dev/en/latest/jax.extend.html for details. 63 - # Alrady on master: https://github.com/google-deepmind/dm-haiku/commit/cfe8480d253a93100bf5e2d24c40435a95399c96 63 + # Already on master: https://github.com/google-deepmind/dm-haiku/commit/cfe8480d253a93100bf5e2d24c40435a95399c96 64 64 # TODO: remove at the next release 65 65 postPatch = '' 66 66 substituteInPlace haiku/_src/jaxpr_info.py \
+1 -1
pkgs/development/python-modules/flashinfer/default.nix
··· 3 3 # requires the CUDA toolkit (via nvcc) to be available. 4 4 # 5 5 # This means that if you plan to use flashinfer, you will need to set the 6 - # environment varaible `CUDA_HOME` to `cudatoolkit`. 6 + # environment variable `CUDA_HOME` to `cudatoolkit`. 7 7 { 8 8 lib, 9 9 config,
+1 -1
pkgs/development/python-modules/fmpy/default.nix
··· 178 178 }; 179 179 180 180 # FMPy searches for sundials without the "lib"-prefix; strip it 181 - # and symlink the so-files into existance. 181 + # and symlink the so-files into existence. 182 182 postFixup = '' 183 183 pushd $out/lib 184 184 for so in *.so; do
+2 -2
pkgs/development/python-modules/imeon-inverter-api/default.nix
··· 9 9 10 10 buildPythonPackage rec { 11 11 pname = "imeon-inverter-api"; 12 - version = "0.3.13"; 12 + version = "0.3.14"; 13 13 pyproject = true; 14 14 15 15 src = fetchFromGitHub { 16 16 owner = "Imeon-Inverters-for-Home-Assistant"; 17 17 repo = "inverter-api"; 18 18 tag = version; 19 - hash = "sha256-1ovmIG20AcUzyesXT5HC6oPEKofpH2B+AEfmKQnNQ8c="; 19 + hash = "sha256-zjG9rcKdV+o5M3yIRaxz93sP3u4Vfs8JhSSYzKdQi2I="; 20 20 }; 21 21 22 22 build-system = [ pdm-pep517 ];
+1 -1
pkgs/development/python-modules/itables/default.nix
··· 27 27 # itables has 4 different node packages, each with their own 28 28 # package-lock.json, and partially depending on each other. 29 29 # Our fetchNpmDeps tooling in nixpkgs doesn't support this yet, so we fetch 30 - # the source tarball from pypi, wich includes the javascript bundle already. 30 + # the source tarball from pypi, which includes the javascript bundle already. 31 31 src = fetchPypi { 32 32 inherit pname version; 33 33 hash = "sha256-S5HASUVfqTny+Vu15MYSSrEffCaJuL7UhDOc3eudVWI=";
+1 -1
pkgs/development/python-modules/langchain-aws/default.nix
··· 54 54 # Boto @ 1.35 has outstripped the version requirement 55 55 "boto3" 56 56 # Each component release requests the exact latest core. 57 - # That prevents us from updating individul components. 57 + # That prevents us from updating individual components. 58 58 "langchain-core" 59 59 ]; 60 60
+1 -1
pkgs/development/python-modules/langchain-azure-dynamic-sessions/default.nix
··· 44 44 45 45 pythonRelaxDeps = [ 46 46 # Each component release requests the exact latest core. 47 - # That prevents us from updating individul components. 47 + # That prevents us from updating individual components. 48 48 "langchain-core" 49 49 ]; 50 50
+1 -1
pkgs/development/python-modules/langchain-chroma/default.nix
··· 32 32 33 33 pythonRelaxDeps = [ 34 34 # Each component release requests the exact latest core. 35 - # That prevents us from updating individul components. 35 + # That prevents us from updating individual components. 36 36 "langchain-core" 37 37 "numpy" 38 38 ];
+1 -1
pkgs/development/python-modules/langchain-community/default.nix
··· 56 56 57 57 pythonRelaxDeps = [ 58 58 # Each component release requests the exact latest langchain and -core. 59 - # That prevents us from updating individul components. 59 + # That prevents us from updating individual components. 60 60 "langchain" 61 61 "langchain-core" 62 62 "numpy"
+1 -1
pkgs/development/python-modules/langchain-groq/default.nix
··· 34 34 35 35 pythonRelaxDeps = [ 36 36 # Each component release requests the exact latest core. 37 - # That prevents us from updating individul components. 37 + # That prevents us from updating individual components. 38 38 "langchain-core" 39 39 ]; 40 40
+1 -1
pkgs/development/python-modules/langchain-huggingface/default.nix
··· 49 49 50 50 pythonRelaxDeps = [ 51 51 # Each component release requests the exact latest core. 52 - # That prevents us from updating individul components. 52 + # That prevents us from updating individual components. 53 53 "langchain-core" 54 54 ]; 55 55
+1 -1
pkgs/development/python-modules/langchain-mongodb/default.nix
··· 39 39 40 40 pythonRelaxDeps = [ 41 41 # Each component release requests the exact latest core. 42 - # That prevents us from updating individul components. 42 + # That prevents us from updating individual components. 43 43 "langchain-core" 44 44 "numpy" 45 45 ];
+1 -1
pkgs/development/python-modules/langchain-ollama/default.nix
··· 40 40 41 41 pythonRelaxDeps = [ 42 42 # Each component release requests the exact latest core. 43 - # That prevents us from updating individul components. 43 + # That prevents us from updating individual components. 44 44 "langchain-core" 45 45 ]; 46 46
+1 -1
pkgs/development/python-modules/langchain-openai/default.nix
··· 52 52 53 53 pythonRelaxDeps = [ 54 54 # Each component release requests the exact latest core. 55 - # That prevents us from updating individul components. 55 + # That prevents us from updating individual components. 56 56 "langchain-core" 57 57 ]; 58 58
+1 -1
pkgs/development/python-modules/langchain-tests/default.nix
··· 42 42 43 43 pythonRelaxDeps = [ 44 44 # Each component release requests the exact latest core. 45 - # That prevents us from updating individul components. 45 + # That prevents us from updating individual components. 46 46 "langchain-core" 47 47 "numpy" 48 48 ];
+1 -1
pkgs/development/python-modules/langchain-text-splitters/default.nix
··· 34 34 35 35 pythonRelaxDeps = [ 36 36 # Each component release requests the exact latest core. 37 - # That prevents us from updating individul components. 37 + # That prevents us from updating individual components. 38 38 "langchain-core" 39 39 ]; 40 40
+1 -1
pkgs/development/python-modules/langchain/default.nix
··· 60 60 61 61 pythonRelaxDeps = [ 62 62 # Each component release requests the exact latest core. 63 - # That prevents us from updating individul components. 63 + # That prevents us from updating individual components. 64 64 "langchain-core" 65 65 "numpy" 66 66 "tenacity"
+3 -4
pkgs/development/python-modules/mitmproxy/default.nix
··· 15 15 hypothesis, 16 16 kaitaistruct, 17 17 ldap3, 18 - mitmproxy-linux, 19 18 mitmproxy-rs, 20 19 msgpack, 21 20 passlib, ··· 31 30 ruamel-yaml, 32 31 setuptools, 33 32 sortedcontainers, 34 - stdenv, 35 33 tornado, 36 34 urwid, 37 35 wsproto, ··· 40 38 41 39 buildPythonPackage rec { 42 40 pname = "mitmproxy"; 43 - version = "12.0.1"; 41 + version = "12.1.1"; 44 42 pyproject = true; 45 43 46 44 src = fetchFromGitHub { 47 45 owner = "mitmproxy"; 48 46 repo = "mitmproxy"; 49 47 tag = "v${version}"; 50 - hash = "sha256-BKT/qBWlfShAveL1KY5XXgQjhxR3Vr4zoJwiRxtBJkE="; 48 + hash = "sha256-RTHL5+lbR+AbkiE4+z4ZbxZSV2E4NGTmShbMIMRKJPA="; 51 49 }; 52 50 53 51 pythonRelaxDeps = [ ··· 55 53 "h2" 56 54 "passlib" 57 55 "typing-extensions" # https://github.com/NixOS/nixpkgs/pull/397082 56 + "tornado" 58 57 ]; 59 58 60 59 build-system = [ setuptools ];
+2 -2
pkgs/development/python-modules/mkdocs-rss-plugin/default.nix
··· 16 16 17 17 buildPythonPackage rec { 18 18 pname = "mkdocs-rss-plugin"; 19 - version = "1.17.1"; 19 + version = "1.17.3"; 20 20 pyproject = true; 21 21 22 22 disabled = pythonOlder "3.9"; ··· 25 25 owner = "Guts"; 26 26 repo = "mkdocs-rss-plugin"; 27 27 tag = version; 28 - hash = "sha256-Qa8EgjucJaxvKivE45kXSUgTx5RnLEpYCNZJRTO2E1Q="; 28 + hash = "sha256-wgR0uwme7fXNZHx7xdm0HNfXG6qT4qpTJgR2SaXDel4="; 29 29 }; 30 30 31 31 build-system = [ setuptools ];
+1 -1
pkgs/development/python-modules/mpi-pytest/default.nix
··· 21 21 hash = "sha256-r9UB5H+qAJc6k2SVAiOCI2yRDLNv2zKRmfrAan+cX9I="; 22 22 }; 23 23 24 - # A temporary fixup to support fork mode with openmpi implemention 24 + # A temporary fixup to support fork mode with openmpi implementation 25 25 # See https://github.com/firedrakeproject/mpi-pytest/pull/17 26 26 postPatch = lib.optionalString (mpi4py.mpi.pname == "openmpi") '' 27 27 substituteInPlace pytest_mpi/plugin.py \
+1 -1
pkgs/development/python-modules/piano-transcription-inference/default.nix
··· 68 68 # Project has no tests. 69 69 # In order to make pythonImportsCheck work, NUMBA_CACHE_DIR env var need to 70 70 # be set to a writable dir (https://github.com/numba/numba/issues/4032#issuecomment-488102702). 71 - # pythonImportsCheck has no pre* hook, use checkPhase to wordaround that. 71 + # pythonImportsCheck has no pre* hook, use checkPhase to workaround that. 72 72 checkPhase = '' 73 73 export NUMBA_CACHE_DIR="$(mktemp -d)" 74 74 '';
+1 -1
pkgs/development/python-modules/pip/default.nix
··· 24 24 tomli-w, 25 25 werkzeug, 26 26 27 - # coupled downsteam dependencies 27 + # coupled downstream dependencies 28 28 pip-tools, 29 29 }: 30 30
+3 -2
pkgs/development/python-modules/tesla-fleet-api/default.nix
··· 15 15 16 16 buildPythonPackage rec { 17 17 pname = "tesla-fleet-api"; 18 - version = "1.0.17"; 18 + version = "1.1.1"; 19 19 pyproject = true; 20 20 21 21 disabled = pythonOlder "3.10"; ··· 24 24 owner = "Teslemetry"; 25 25 repo = "python-tesla-fleet-api"; 26 26 tag = "v${version}"; 27 - hash = "sha256-3JLC+GXFNBy7xEPuk/ajVROp6IzZ7Jul+1VyOMB7t58="; 27 + hash = "sha256-ykVes0LXvkwdZRX9g1N9WqzDgKzR5u/YLKkdMC9lR64="; 28 28 }; 29 29 30 30 build-system = [ setuptools ]; ··· 47 47 meta = with lib; { 48 48 description = "Python library for Tesla Fleet API and Teslemetry"; 49 49 homepage = "https://github.com/Teslemetry/python-tesla-fleet-api"; 50 + changelog = "https://github.com/Teslemetry/python-tesla-fleet-api/releases/tag/${src.tag}"; 50 51 license = licenses.asl20; 51 52 maintainers = with maintainers; [ fab ]; 52 53 };
+1 -1
pkgs/development/python-modules/twisted/default.nix
··· 110 110 "MulticastTests.test_multiListen" 111 111 ]; 112 112 "src/twisted/trial/test/test_script.py" = [ 113 - # Fails in LXC containers with less than all cores availaible (limits.cpu) 113 + # Fails in LXC containers with less than all cores available (limits.cpu) 114 114 "AutoJobsTests.test_cpuCount" 115 115 ]; 116 116 "src/twisted/internet/test/test_unix.py" = [
+2 -2
pkgs/development/python-modules/types-s3transfer/default.nix
··· 8 8 9 9 buildPythonPackage rec { 10 10 pname = "types-s3transfer"; 11 - version = "0.12.0"; 11 + version = "0.13.0"; 12 12 pyproject = true; 13 13 14 14 disabled = pythonOlder "3.8"; ··· 16 16 src = fetchPypi { 17 17 pname = "types_s3transfer"; 18 18 inherit version; 19 - hash = "sha256-+PWSAUgekENihzvwvjJn8lnWCtlG69/LhH0JKh+ib5g="; 19 + hash = "sha256-ID2ty5hlwvaPtEvARA4dwFt5GXukpkHAl2wmya9171I="; 20 20 }; 21 21 22 22 build-system = [ setuptools ];
+1 -1
pkgs/development/python-modules/yamllint/default.nix
··· 37 37 [ 38 38 # test failure reported upstream: https://github.com/adrienverge/yamllint/issues/373 39 39 "test_find_files_recursively" 40 - # Issue wih fixture 40 + # Issue with fixture 41 41 "test_codec_built_in_equivalent" 42 42 ] 43 43 ++ lib.optionals stdenv.hostPlatform.isDarwin [
+1 -1
pkgs/development/tools/build-managers/bazel/bazel_6/default.nix
··· 241 241 # guarantee that it will always run in any nix context. 242 242 # 243 243 # See also ./bazel_darwin_sandbox.patch in bazel_5. That patch uses 244 - # NIX_BUILD_TOP env var to conditionnally disable sleep features inside the 244 + # NIX_BUILD_TOP env var to conditionally disable sleep features inside the 245 245 # sandbox. 246 246 # 247 247 # If you want to investigate the sandbox profile path,
+3 -3
pkgs/development/tools/build-managers/bazel/bazel_7/default.nix
··· 323 323 # --{,tool_}java_runtime_version=local_jdk and rely on the fact no java 324 324 # toolchain registered by default uses the local_jdk, making the selection 325 325 # unambiguous. 326 - # This toolchain has the advantage that it can use any ambiant java jdk, 326 + # This toolchain has the advantage that it can use any ambient java jdk, 327 327 # not only a given, fixed version. It allows bazel to work correctly in any 328 328 # environment where JAVA_HOME is set to the right java version, like inside 329 329 # nix derivations. 330 - # However, this patch breaks bazel hermeticity, by picking the ambiant java 330 + # However, this patch breaks bazel hermeticity, by picking the ambient java 331 331 # version instead of the more hermetic remote_jdk prebuilt binaries that 332 332 # rules_java provide by default. It also requires the user to have a 333 333 # JAVA_HOME set to the exact version required by the project. ··· 347 347 # guarantee that it will always run in any nix context. 348 348 # 349 349 # See also ./bazel_darwin_sandbox.patch in bazel_5. That patch uses 350 - # NIX_BUILD_TOP env var to conditionnally disable sleep features inside the 350 + # NIX_BUILD_TOP env var to conditionally disable sleep features inside the 351 351 # sandbox. 352 352 # 353 353 # If you want to investigate the sandbox profile path,
+5 -2
pkgs/development/tools/build-managers/rebar3/default.nix
··· 12 12 git, 13 13 gnused, 14 14 nix, 15 + nixfmt-rfc-style, 15 16 rebar3-nix, 16 17 }: 17 18 18 19 let 19 - version = "3.24.0"; 20 + version = "3.25.0"; 20 21 owner = "erlang"; 21 22 deps = import ./rebar-deps.nix { inherit fetchFromGitHub fetchgit fetchHex; }; 22 23 rebar3 = stdenv.mkDerivation rec { ··· 29 30 inherit owner; 30 31 repo = pname; 31 32 rev = version; 32 - sha256 = "OhzgDipFhscHtRGlfc33ZewBgHgQLa9Zhjby/r1m49A="; 33 + sha256 = "uiKgB+YuqKnfs9TZbnudp6TZd6ZGXfpF9c8jJffCs/U="; 33 34 }; 34 35 35 36 buildInputs = [ erlang ]; ··· 94 95 git 95 96 gnused 96 97 nix 98 + nixfmt-rfc-style 97 99 (rebar3WithPlugins { globalPlugins = [ rebar3-nix ]; }) 98 100 ] 99 101 } ··· 105 107 tmpdir=$(mktemp -d) 106 108 cp -R $(nix-build $nixpkgs --no-out-link -A rebar3.src)/* "$tmpdir" 107 109 (cd "$tmpdir" && rebar3 as test nix lock -o "$nix_path/rebar-deps.nix") 110 + nixfmt "$nix_path/rebar-deps.nix" 108 111 else 109 112 echo "rebar3 is already up-to-date" 110 113 fi
+2 -2
pkgs/servers/home-assistant/default.nix
··· 151 151 ]; 152 152 }); 153 153 154 - # Pinned due to home-assistant still needing 1.10.0 verison 155 - # Remove this when home-assistant upates the jellyfin-apiclient-python version 154 + # Pinned due to home-assistant still needing 1.10.0 version 155 + # Remove this when home-assistant updates the jellyfin-apiclient-python version 156 156 jellyfin-apiclient-python = super.jellyfin-apiclient-python.overridePythonAttrs (oldAttrs: rec { 157 157 version = "1.10.0"; 158 158 src = fetchFromGitHub {
+1 -1
pkgs/servers/samba/4.x.nix
··· 167 167 libbsd 168 168 ] 169 169 ++ optionals stdenv.hostPlatform.isLinux [ 170 - liburing 170 + #liburing # FIXME: better solution 171 171 systemd 172 172 ] 173 173 ++ optionals stdenv.hostPlatform.isDarwin [ libiconv ]
+1 -1
pkgs/stdenv/generic/check-meta.nix
··· 120 120 121 121 isMarkedInsecure = attrs: (attrs.meta.knownVulnerabilities or [ ]) != [ ]; 122 122 123 - # Alow granular checks to allow only some unfree packages 123 + # Allow granular checks to allow only some unfree packages 124 124 # Example: 125 125 # {pkgs, ...}: 126 126 # {
+1 -1
pkgs/test/texlive/default.nix
··· 625 625 "outocp" 626 626 "pmxab" 627 627 628 - # GUI scripts that accept no argument or crash without a graphics server; please test manualy 628 + # GUI scripts that accept no argument or crash without a graphics server; please test manually 629 629 "epspdftk" 630 630 "texdoctk" 631 631 "tlshell"
+6 -6
pkgs/top-level/all-packages.nix
··· 3660 3660 3661 3661 libhandy = callPackage ../development/libraries/libhandy { }; 3662 3662 3663 - # Needed for apps that still depend on the unstable verison of the library (not libhandy-1) 3663 + # Needed for apps that still depend on the unstable version of the library (not libhandy-1) 3664 3664 libhandy_0 = callPackage ../development/libraries/libhandy/0.x.nix { }; 3665 3665 3666 3666 libint = callPackage ../development/libraries/libint { }; ··· 4855 4855 4856 4856 zbar = libsForQt5.callPackage ../tools/graphics/zbar { }; 4857 4857 4858 - # Nvidia support does not require any propietary libraries, so CI can build it. 4858 + # Nvidia support does not require any proprietary libraries, so CI can build it. 4859 4859 # Note that when enabling this unconditionally, non-nvidia users will always have an empty "GPU" section. 4860 4860 zenith-nvidia = zenith.override { 4861 4861 nvidiaSupport = true; ··· 7059 7059 # host platform. 7060 7060 # 7061 7061 # Because this is the *next* stages choice, it's a bit non-modular to put 7062 - # here. In theory, bootstraping is supposed to not be a chain but at tree, 7062 + # here. In theory, bootstrapping is supposed to not be a chain but at tree, 7063 7063 # where each stage supports many "successor" stages, like multiple possible 7064 7064 # futures. We don't have a better alternative, but with this downside in 7065 7065 # mind, please be judicious when using this attribute. E.g. for building ··· 8209 8209 stdenv = stdenvNoLibc; 8210 8210 }; 8211 8211 8212 - # These are used when buiding compiler-rt / libgcc, prior to building libc. 8212 + # These are used when building compiler-rt / libgcc, prior to building libc. 8213 8213 preLibcCrossHeaders = 8214 8214 let 8215 8215 inherit (stdenv.targetPlatform) libc; ··· 10572 10572 10573 10573 nginxModules = recurseIntoAttrs (callPackage ../servers/http/nginx/modules.nix { }); 10574 10574 10575 - # We should move to dynmaic modules and create a nginxFull package with all modules 10575 + # We should move to dynamic modules and create a nginxFull package with all modules 10576 10576 nginxShibboleth = nginxStable.override { 10577 10577 modules = [ 10578 10578 nginxModules.rtmp ··· 13700 13700 jdk = jdk17; 13701 13701 }; 13702 13702 13703 - # perhaps there are better apps for this task? It's how I had configured my preivous system. 13703 + # perhaps there are better apps for this task? It's how I had configured my previous system. 13704 13704 # And I don't want to rewrite all rules 13705 13705 profanity = callPackage ../applications/networking/instant-messengers/profanity ( 13706 13706 {
+1 -1
pkgs/top-level/stage.nix
··· 328 328 329 329 # The complete chain of package set builders, applied from top to bottom. 330 330 # stdenvOverlays must be last as it brings package forward from the 331 - # previous bootstrapping phases which have already been overlayed. 331 + # previous bootstrapping phases which have already been overlaid. 332 332 toFix = lib.foldl' (lib.flip lib.extends) (self: { }) ( 333 333 [ 334 334 stdenvBootstappingAndPlatforms