Merge master into staging-next · pyrox.dev/nixpkgs@cfc75ee

+6

maintainers/maintainer-list.nix

··· 15043 15043 githubId = 496447; 15044 15044 name = "Robert Hensing"; 15045 15045 }; 15046 + robert-manchester = { 15047 + email = "robert.manchester@gmail.com"; 15048 + github = "robert-manchester"; 15049 + githubId = 86313040; 15050 + name = "Robert Manchester"; 15051 + }; 15046 15052 robertodr = { 15047 15053 email = "roberto.diremigio@gmail.com"; 15048 15054 github = "robertodr";

+4 -1

maintainers/scripts/pluginupdate.py

··· 786 786 autocommit = not args.no_commit 787 787 788 788 if autocommit: 789 + from datetime import date 789 790 editor.nixpkgs_repo = git.Repo(editor.root, search_parent_directories=True) 790 - commit(editor.nixpkgs_repo, f"{editor.attr_path}: update", [args.outfile]) 791 + updated = date.today().strftime('%m-%d-%Y') 792 + 793 + commit(editor.nixpkgs_repo, f"{editor.attr_path}: updated the {updated}", [args.outfile]) 791 794 792 795 if redirects: 793 796 update()

+4

nixos/doc/manual/development/what-happens-during-a-system-switch.chapter.md

··· 44 44 - Inspect what changed during these actions and print units that failed and 45 45 that were newly started 46 46 47 + By default, some units are filtered from the outputs to make it less spammy. 48 + This can be disabled for development or testing by setting the environment variable 49 + `STC_DISPLAY_ALL_UNITS=1` 50 + 47 51 Most of these actions are either self-explaining but some of them have to do 48 52 with our units or the activation script. For this reason, these topics are 49 53 explained in the next sections.

+2

nixos/doc/manual/release-notes/rl-2311.section.md

··· 359 359 360 360 - The application firewall `opensnitch` now uses the process monitor method eBPF as default as recommended by upstream. The method can be changed with the setting [services.opensnitch.settings.ProcMonitorMethod](#opt-services.opensnitch.settings.ProcMonitorMethod). 361 361 362 + - `services.hedgedoc` has been heavily refactored, reducing the amount of declared options in the module. Most of the options should still work without any changes. Some options have been deprecated, as they no longer have any effect. See [#244941](https://github.com/NixOS/nixpkgs/pull/244941) for more details. 363 + 362 364 - The module [services.ankisyncd](#opt-services.ankisyncd.package) has been switched to [anki-sync-server-rs](https://github.com/ankicommunity/anki-sync-server-rs) from the old python version, which was difficult to update, had not been updated in a while, and did not support recent versions of anki. 363 365 Unfortunately all servers supporting new clients (newer version of anki-sync-server, anki's built in sync server and this new rust package) do not support the older sync protocol that was used in the old server, so such old clients will also need updating and in particular the anki package in nixpkgs is also being updated in this release. 364 366 The module update takes care of the new config syntax and the data itself (user login and cards) are compatible, so users of the module will be able to just log in again after updating both client and server without any extra action.

+1 -1

nixos/modules/config/iproute2.nix

··· 7 7 in 8 8 { 9 9 options.networking.iproute2 = { 10 - enable = mkEnableOption (lib.mdDoc "copy IP route configuration files"); 10 + enable = mkEnableOption (lib.mdDoc "copying IP route configuration files"); 11 11 rttablesExtraConfig = mkOption { 12 12 type = types.lines; 13 13 default = "";

+1 -1

nixos/modules/config/stevenblack.nix

··· 15 15 in 16 16 { 17 17 options.networking.stevenblack = { 18 - enable = mkEnableOption (mdDoc "Enable the stevenblack hosts file blocklist"); 18 + enable = mkEnableOption (mdDoc "the stevenblack hosts file blocklist"); 19 19 20 20 block = mkOption { 21 21 type = types.listOf (types.enum [ "fakenews" "gambling" "porn" "social" ]);

+2 -2

nixos/modules/hardware/corectrl.nix

··· 8 8 { 9 9 options.programs.corectrl = { 10 10 enable = mkEnableOption (lib.mdDoc '' 11 - A tool to overclock amd graphics cards and processors. 11 + CoreCtrl, a tool to overclock amd graphics cards and processors. 12 12 Add your user to the corectrl group to run corectrl without needing to enter your password 13 13 ''); 14 14 15 15 gpuOverclock = { 16 16 enable = mkEnableOption (lib.mdDoc '' 17 - true 17 + GPU overclocking 18 18 ''); 19 19 ppfeaturemask = mkOption { 20 20 type = types.str;

+1 -1

nixos/modules/hardware/i2c.nix

··· 11 11 enable = mkEnableOption (lib.mdDoc '' 12 12 i2c devices support. By default access is granted to users in the "i2c" 13 13 group (will be created if non-existent) and any user with a seat, meaning 14 - logged on the computer locally. 14 + logged on the computer locally 15 15 ''); 16 16 17 17 group = mkOption {

+1 -1

nixos/modules/hardware/keyboard/uhk.nix

··· 11 11 non-root access to the firmware of UHK keyboards. 12 12 You need it when you want to flash a new firmware on the keyboard. 13 13 Access to the keyboard is granted to users in the "input" group. 14 - You may want to install the uhk-agent package. 14 + You may want to install the uhk-agent package 15 15 ''); 16 16 17 17 };

+1 -1

nixos/modules/hardware/keyboard/zsa.nix

··· 11 11 udev rules for keyboards from ZSA like the ErgoDox EZ, Planck EZ and Moonlander Mark I. 12 12 You need it when you want to flash a new configuration on the keyboard 13 13 or use their live training in the browser. 14 - You may want to install the wally-cli package. 14 + You may want to install the wally-cli package 15 15 ''); 16 16 }; 17 17

+1 -1

nixos/modules/hardware/openrazer.nix

··· 50 50 options = { 51 51 hardware.openrazer = { 52 52 enable = mkEnableOption (lib.mdDoc '' 53 - OpenRazer drivers and userspace daemon. 53 + OpenRazer drivers and userspace daemon 54 54 ''); 55 55 56 56 verboseLogging = mkOption {

+1 -1

nixos/modules/hardware/tuxedo-keyboard.nix

··· 9 9 { 10 10 options.hardware.tuxedo-keyboard = { 11 11 enable = mkEnableOption (lib.mdDoc '' 12 - Enables the tuxedo-keyboard driver. 12 + the tuxedo-keyboard driver. 13 13 14 14 To configure the driver, pass the options to the {option}`boot.kernelParams` configuration. 15 15 There are several parameters you can change. It's best to check at the source code description which options are supported.

+13 -13

nixos/modules/hardware/video/nvidia.nix

··· 24 24 options = { 25 25 hardware.nvidia = { 26 26 datacenter.enable = lib.mkEnableOption (lib.mdDoc '' 27 - Data Center drivers for NVIDIA cards on a NVLink topology. 27 + Data Center drivers for NVIDIA cards on a NVLink topology 28 28 ''); 29 29 datacenter.settings = lib.mkOption { 30 30 type = settingsFormat.type; ··· 79 79 80 80 powerManagement.enable = lib.mkEnableOption (lib.mdDoc '' 81 81 experimental power management through systemd. For more information, see 82 - the NVIDIA docs, on Chapter 21. Configuring Power Management Support. 82 + the NVIDIA docs, on Chapter 21. Configuring Power Management Support 83 83 ''); 84 84 85 85 powerManagement.finegrained = lib.mkEnableOption (lib.mdDoc '' 86 86 experimental power management of PRIME offload. For more information, see 87 - the NVIDIA docs, on Chapter 22. PCI-Express Runtime D3 (RTD3) Power Management. 87 + the NVIDIA docs, on Chapter 22. PCI-Express Runtime D3 (RTD3) Power Management 88 88 ''); 89 89 90 90 dynamicBoost.enable = lib.mkEnableOption (lib.mdDoc '' 91 91 dynamic Boost balances power between the CPU and the GPU for improved 92 92 performance on supported laptops using the nvidia-powerd daemon. For more 93 - information, see the NVIDIA docs, on Chapter 23. Dynamic Boost on Linux. 93 + information, see the NVIDIA docs, on Chapter 23. Dynamic Boost on Linux 94 94 ''); 95 95 96 96 modesetting.enable = lib.mkEnableOption (lib.mdDoc '' ··· 99 99 Enabling this fixes screen tearing when using Optimus via PRIME (see 100 100 {option}`hardware.nvidia.prime.sync.enable`. This is not enabled 101 101 by default because it is not officially supported by NVIDIA and would not 102 - work with SLI. 102 + work with SLI 103 103 ''); 104 104 105 105 prime.nvidiaBusId = lib.mkOption { ··· 153 153 154 154 Note that this configuration will only be successful when a display manager 155 155 for which the {option}`services.xserver.displayManager.setupCommands` 156 - option is supported is used. 156 + option is supported is used 157 157 ''); 158 158 159 159 prime.allowExternalGpu = lib.mkEnableOption (lib.mdDoc '' 160 - configuring X to allow external NVIDIA GPUs when using Prime [Reverse] sync optimus. 160 + configuring X to allow external NVIDIA GPUs when using Prime [Reverse] sync optimus 161 161 ''); 162 162 163 163 prime.offload.enable = lib.mkEnableOption (lib.mdDoc '' ··· 166 166 If this is enabled, then the bus IDs of the NVIDIA and Intel/AMD GPUs have to 167 167 be specified ({option}`hardware.nvidia.prime.nvidiaBusId` and 168 168 {option}`hardware.nvidia.prime.intelBusId` or 169 - {option}`hardware.nvidia.prime.amdgpuBusId`). 169 + {option}`hardware.nvidia.prime.amdgpuBusId`) 170 170 ''); 171 171 172 172 prime.offload.enableOffloadCmd = lib.mkEnableOption (lib.mdDoc '' ··· 174 174 for offloading programs to an nvidia device. To work, should have also enabled 175 175 {option}`hardware.nvidia.prime.offload.enable` or {option}`hardware.nvidia.prime.reverseSync.enable`. 176 176 177 - Example usage `nvidia-offload sauerbraten_client`. 177 + Example usage `nvidia-offload sauerbraten_client` 178 178 ''); 179 179 180 180 prime.reverseSync.enable = lib.mkEnableOption (lib.mdDoc '' ··· 202 202 203 203 Note that this configuration will only be successful when a display manager 204 204 for which the {option}`services.xserver.displayManager.setupCommands` 205 - option is supported is used. 205 + option is supported is used 206 206 ''); 207 207 208 208 nvidiaSettings = 209 209 (lib.mkEnableOption (lib.mdDoc '' 210 - nvidia-settings, NVIDIA's GUI configuration tool. 210 + nvidia-settings, NVIDIA's GUI configuration tool 211 211 '')) 212 212 // {default = true;}; 213 213 214 214 nvidiaPersistenced = lib.mkEnableOption (lib.mdDoc '' 215 215 nvidia-persistenced a update for NVIDIA GPU headless mode, i.e. 216 - It ensures all GPUs stay awake even during headless mode. 216 + It ensures all GPUs stay awake even during headless mode 217 217 ''); 218 218 219 219 forceFullCompositionPipeline = lib.mkEnableOption (lib.mdDoc '' 220 220 forcefully the full composition pipeline. 221 221 This sometimes fixes screen tearing issues. 222 222 This has been reported to reduce the performance of some OpenGL applications and may produce issues in WebGL. 223 - It also drastically increases the time the driver needs to clock down after load. 223 + It also drastically increases the time the driver needs to clock down after load 224 224 ''); 225 225 226 226 package = lib.mkOption {

+1 -1

nixos/modules/hardware/video/webcam/facetimehd.nix

··· 12 12 13 13 { 14 14 15 - options.hardware.facetimehd.enable = mkEnableOption (lib.mdDoc "facetimehd kernel module"); 15 + options.hardware.facetimehd.enable = mkEnableOption (lib.mdDoc "the facetimehd kernel module"); 16 16 17 17 options.hardware.facetimehd.withCalibration = mkOption { 18 18 default = false;

+1 -1

nixos/modules/misc/nixops-autoluks.nix

··· 5 5 6 6 inherit (config.nixops) enableDeprecatedAutoLuks; 7 7 in { 8 - options.nixops.enableDeprecatedAutoLuks = lib.mkEnableOption (lib.mdDoc "Enable the deprecated NixOps AutoLuks module"); 8 + options.nixops.enableDeprecatedAutoLuks = lib.mkEnableOption (lib.mdDoc "the deprecated NixOps AutoLuks module"); 9 9 10 10 config = { 11 11 assertions = [

+1 -1

nixos/modules/programs/calls.nix

··· 8 8 options = { 9 9 programs.calls = { 10 10 enable = mkEnableOption (lib.mdDoc '' 11 - Whether to enable GNOME calls: a phone dialer and call handler. 11 + GNOME calls: a phone dialer and call handler 12 12 ''); 13 13 }; 14 14 };

+1 -1

nixos/modules/programs/cnping.nix

··· 8 8 { 9 9 options = { 10 10 programs.cnping = { 11 - enable = mkEnableOption (lib.mdDoc "Whether to install a setcap wrapper for cnping"); 11 + enable = mkEnableOption (lib.mdDoc "a setcap wrapper for cnping"); 12 12 }; 13 13 }; 14 14

+1 -1

nixos/modules/programs/direnv.nix

··· 11 11 enable = lib.mkEnableOption (lib.mdDoc '' 12 12 direnv integration. Takes care of both installation and 13 13 setting up the sourcing of the shell. Additionally enables nix-direnv 14 - integration. Note that you need to logout and login for this change to apply. 14 + integration. Note that you need to logout and login for this change to apply 15 15 ''); 16 16 17 17 package = lib.mkPackageOptionMD pkgs "direnv" {};

+2 -2

nixos/modules/programs/feedbackd.nix

··· 8 8 options = { 9 9 programs.feedbackd = { 10 10 enable = mkEnableOption (lib.mdDoc '' 11 - Whether to enable the feedbackd D-BUS service and udev rules. 11 + the feedbackd D-BUS service and udev rules. 12 12 13 - Your user needs to be in the `feedbackd` group to trigger effects. 13 + Your user needs to be in the `feedbackd` group to trigger effects 14 14 ''); 15 15 package = mkOption { 16 16 description = lib.mdDoc ''

+1 -1

nixos/modules/programs/kdeconnect.nix

··· 9 9 1714 to 1764 as they are needed for it to function properly. 10 10 You can use the {option}`package` to use 11 11 `gnomeExtensions.gsconnect` as an alternative 12 - implementation if you use Gnome. 12 + implementation if you use Gnome 13 13 ''); 14 14 package = mkOption { 15 15 default = pkgs.plasma5Packages.kdeconnect-kde;

+1 -1

nixos/modules/programs/wayland/wayfire.nix

··· 6 6 meta.maintainers = with lib.maintainers; [ rewine ]; 7 7 8 8 options.programs.wayfire = { 9 - enable = lib.mkEnableOption (lib.mdDoc "Wayfire, a wayland compositor based on wlroots."); 9 + enable = lib.mkEnableOption (lib.mdDoc "Wayfire, a wayland compositor based on wlroots"); 10 10 11 11 package = lib.mkPackageOptionMD pkgs "wayfire" { }; 12 12

+10 -10

nixos/modules/services/backup/znapzend.nix

··· 359 359 }; 360 360 361 361 features.oracleMode = mkEnableOption (lib.mdDoc '' 362 - Destroy snapshots one by one instead of using one long argument list. 362 + destroying snapshots one by one instead of using one long argument list. 363 363 If source and destination are out of sync for a long time, you may have 364 364 so many snapshots to destroy that the argument gets is too long and the 365 - command fails. 365 + command fails 366 366 ''); 367 367 features.recvu = mkEnableOption (lib.mdDoc '' 368 368 recvu feature which uses `-u` on the receiving end to keep the destination 369 - filesystem unmounted. 369 + filesystem unmounted 370 370 ''); 371 371 features.compressed = mkEnableOption (lib.mdDoc '' 372 372 compressed feature which adds the options `-Lce` to ··· 377 377 support and -e is for embedded data support. see 378 378 {manpage}`znapzend(1)` 379 379 and {manpage}`zfs(8)` 380 - for more info. 380 + for more info 381 381 ''); 382 382 features.sendRaw = mkEnableOption (lib.mdDoc '' 383 383 sendRaw feature which adds the options `-w` to the ··· 386 386 backup that can't be read without the encryption key/passphrase, useful 387 387 when the remote isn't fully trusted or not physically secure. This 388 388 option must be used consistently, raw incrementals cannot be based on 389 - non-raw snapshots and vice versa. 389 + non-raw snapshots and vice versa 390 390 ''); 391 391 features.skipIntermediates = mkEnableOption (lib.mdDoc '' 392 - Enable the skipIntermediates feature to send a single increment 392 + the skipIntermediates feature to send a single increment 393 393 between latest common snapshot and the newly made one. It may skip 394 394 several source snaps if the destination was offline for some time, and 395 395 it should skip snapshots not managed by znapzend. Normally for online 396 396 destinations, the new snapshot is sent as soon as it is created on the 397 - source, so there are no automatic increments to skip. 397 + source, so there are no automatic increments to skip 398 398 ''); 399 399 features.lowmemRecurse = mkEnableOption (lib.mdDoc '' 400 400 use lowmemRecurse on systems where you have too many datasets, so a 401 401 recursive listing of attributes to find backup plans exhausts the 402 402 memory available to {command}`znapzend`: instead, go the slower 403 403 way to first list all impacted dataset names, and then query their 404 - configs one by one. 404 + configs one by one 405 405 ''); 406 406 features.zfsGetType = mkEnableOption (lib.mdDoc '' 407 - use zfsGetType if your {command}`zfs get` supports a 407 + using zfsGetType if your {command}`zfs get` supports a 408 408 `-t` argument for filtering by dataset type at all AND 409 409 lists properties for snapshots by default when recursing, so that there 410 410 is too much data to process while searching for backup plans. ··· 412 412 `--recursive` search for backup plans can literally 413 413 differ by hundreds of times (depending on the amount of snapshots in 414 414 that dataset tree... and a decent backup plan will ensure you have a lot 415 - of those), so you would benefit from requesting this feature. 415 + of those), so you would benefit from requesting this feature 416 416 ''); 417 417 }; 418 418 };

+1 -1

nixos/modules/services/databases/cassandra.nix

··· 122 122 options.services.cassandra = { 123 123 124 124 enable = mkEnableOption (lib.mdDoc '' 125 - Apache Cassandra – Scalable and highly available database. 125 + Apache Cassandra – Scalable and highly available database 126 126 ''); 127 127 128 128 clusterName = mkOption {

+1 -1

nixos/modules/services/databases/ferretdb.nix

··· 11 11 12 12 options = { 13 13 services.ferretdb = { 14 - enable = mkEnableOption "FerretDB, an Open Source MongoDB alternative."; 14 + enable = mkEnableOption "FerretDB, an Open Source MongoDB alternative"; 15 15 16 16 package = mkOption { 17 17 type = types.package;

+1 -1

nixos/modules/services/databases/redis.nix

··· 75 75 Note that the NixOS module for Redis disables kernel support 76 76 for Transparent Huge Pages (THP), 77 77 because this features causes major performance problems for Redis, 78 - e.g. (https://redis.io/topics/latency). 78 + e.g. (https://redis.io/topics/latency) 79 79 ''); 80 80 81 81 user = mkOption {

+1 -1

nixos/modules/services/databases/surrealdb.nix

··· 8 8 9 9 options = { 10 10 services.surrealdb = { 11 - enable = mkEnableOption (lib.mdDoc "A scalable, distributed, collaborative, document-graph database, for the realtime web "); 11 + enable = mkEnableOption (lib.mdDoc "SurrealDB, a scalable, distributed, collaborative, document-graph database, for the realtime web"); 12 12 13 13 package = mkOption { 14 14 default = pkgs.surrealdb;

+1 -1

nixos/modules/services/desktops/deepin/app-services.nix

··· 14 14 15 15 services.deepin.app-services = { 16 16 17 - enable = mkEnableOption (lib.mdDoc "Service collection of DDE applications, including dconfig-center"); 17 + enable = mkEnableOption (lib.mdDoc "service collection of DDE applications, including dconfig-center"); 18 18 19 19 }; 20 20

+2 -2

nixos/modules/services/desktops/deepin/dde-api.nix

··· 15 15 services.deepin.dde-api = { 16 16 17 17 enable = mkEnableOption (lib.mdDoc '' 18 - Provides some dbus interfaces that is used for screen zone detecting, 19 - thumbnail generating, and sound playing in Deepin Desktop Environment. 18 + some dbus interfaces that is used for screen zone detecting, 19 + thumbnail generating, and sound playing in Deepin Desktop Environment 20 20 ''); 21 21 22 22 };

+1 -1

nixos/modules/services/desktops/deepin/dde-daemon.nix

··· 14 14 15 15 services.deepin.dde-daemon = { 16 16 17 - enable = mkEnableOption (lib.mdDoc "Daemon for handling the deepin session settings"); 17 + enable = mkEnableOption (lib.mdDoc "daemon for handling the deepin session settings"); 18 18 19 19 }; 20 20

+2 -2

nixos/modules/services/desktops/gnome/gnome-browser-connector.nix

··· 24 24 25 25 options = { 26 26 services.gnome.gnome-browser-connector.enable = mkEnableOption (mdDoc '' 27 - Native host connector for the GNOME Shell browser extension, a DBus service 28 - allowing to install GNOME Shell extensions from a web browser. 27 + native host connector for the GNOME Shell browser extension, a DBus service 28 + allowing to install GNOME Shell extensions from a web browser 29 29 ''); 30 30 }; 31 31

+1 -1

nixos/modules/services/hardware/supergfxd.nix

··· 7 7 { 8 8 options = { 9 9 services.supergfxd = { 10 - enable = lib.mkEnableOption (lib.mdDoc "Enable the supergfxd service"); 10 + enable = lib.mkEnableOption (lib.mdDoc "the supergfxd service"); 11 11 12 12 settings = lib.mkOption { 13 13 type = lib.types.nullOr json.type;

+2 -2

nixos/modules/services/hardware/tuxedo-rs.nix

··· 9 9 { 10 10 options = { 11 11 hardware.tuxedo-rs = { 12 - enable = mkEnableOption (lib.mdDoc "Rust utilities for interacting with hardware from TUXEDO Computers."); 12 + enable = mkEnableOption (lib.mdDoc "Rust utilities for interacting with hardware from TUXEDO Computers"); 13 13 14 - tailor-gui.enable = mkEnableOption (lib.mdDoc "Alternative to TUXEDO Control Center, written in Rust."); 14 + tailor-gui.enable = mkEnableOption (lib.mdDoc "tailor-gui, an alternative to TUXEDO Control Center, written in Rust"); 15 15 }; 16 16 }; 17 17

+1 -1

nixos/modules/services/mail/dovecot.nix

··· 302 302 303 303 enablePAM = mkEnableOption (lib.mdDoc "creating a own Dovecot PAM service and configure PAM user logins") // { default = true; }; 304 304 305 - enableDHE = mkEnableOption (lib.mdDoc "enable ssl_dh and generation of primes for the key exchange") // { default = true; }; 305 + enableDHE = mkEnableOption (lib.mdDoc "ssl_dh and generation of primes for the key exchange") // { default = true; }; 306 306 307 307 sieveScripts = mkOption { 308 308 type = types.attrsOf types.path;

+1 -1

nixos/modules/services/mail/mailman.nix

··· 260 260 }; 261 261 262 262 serve = { 263 - enable = mkEnableOption (lib.mdDoc "Automatic nginx and uwsgi setup for mailman-web"); 263 + enable = mkEnableOption (lib.mdDoc "automatic nginx and uwsgi setup for mailman-web"); 264 264 265 265 virtualRoot = mkOption { 266 266 default = "/";

+2 -2

nixos/modules/services/matrix/mjolnir.nix

··· 96 96 type = types.submodule { 97 97 options = { 98 98 enable = mkEnableOption (lib.mdDoc '' 99 - If true, accessToken is ignored and the username/password below will be 100 - used instead. The access token of the bot will be stored in the dataPath. 99 + ignoring the accessToken. If true, accessToken is ignored and the username/password below will be 100 + used instead. The access token of the bot will be stored in the dataPath 101 101 ''); 102 102 103 103 username = mkOption {

+2 -2

nixos/modules/services/misc/klipper.nix

··· 111 111 (submodule { 112 112 options = { 113 113 enable = mkEnableOption (lib.mdDoc '' 114 - building of firmware for manual flashing. 114 + building of firmware for manual flashing 115 115 ''); 116 116 enableKlipperFlash = mkEnableOption (lib.mdDoc '' 117 117 flashings scripts for firmware. This will add `klipper-flash-$mcu` scripts to your environment which can be called to flash the firmware. 118 - Please check the configs at [klipper](https://github.com/Klipper3d/klipper/tree/master/config) whether your board supports flashing via `make flash`. 118 + Please check the configs at [klipper](https://github.com/Klipper3d/klipper/tree/master/config) whether your board supports flashing via `make flash` 119 119 ''); 120 120 serial = mkOption { 121 121 type = types.nullOr path;

+2 -2

nixos/modules/services/misc/packagekit.nix

··· 40 40 41 41 options.services.packagekit = { 42 42 enable = mkEnableOption (lib.mdDoc '' 43 - PackageKit provides a cross-platform D-Bus abstraction layer for 43 + PackageKit, a cross-platform D-Bus abstraction layer for 44 44 installing software. Software utilizing PackageKit can install 45 - software regardless of the package manager. 45 + software regardless of the package manager 46 46 ''); 47 47 48 48 settings = mkOption {

+1 -1

nixos/modules/services/misc/rshim.nix

··· 12 12 in 13 13 { 14 14 options.services.rshim = { 15 - enable = lib.mkEnableOption (lib.mdDoc "User-space rshim driver for the BlueField SoC"); 15 + enable = lib.mkEnableOption (lib.mdDoc "user-space rshim driver for the BlueField SoC"); 16 16 17 17 package = lib.mkPackageOptionMD pkgs "rshim-user-space" { }; 18 18

+1 -1

nixos/modules/services/misc/sourcehut/default.nix

··· 438 438 }; 439 439 440 440 options."lists.sr.ht" = commonServiceSettings "lists" // { 441 - allow-new-lists = mkEnableOption (lib.mdDoc "Allow creation of new lists"); 441 + allow-new-lists = mkEnableOption (lib.mdDoc "creation of new lists"); 442 442 notify-from = mkOption { 443 443 description = lib.mdDoc "Outgoing email for notifications generated by users."; 444 444 type = types.str;

+1 -1

nixos/modules/services/misc/tp-auto-kbbl.nix

··· 9 9 10 10 options = { 11 11 services.tp-auto-kbbl = { 12 - enable = mkEnableOption (lib.mdDoc "Auto toggle keyboard back-lighting on Thinkpads (and maybe other laptops) for Linux"); 12 + enable = mkEnableOption (lib.mdDoc "auto toggle keyboard back-lighting on Thinkpads (and maybe other laptops) for Linux"); 13 13 14 14 package = mkOption { 15 15 type = types.package;

+2 -2

nixos/modules/services/misc/zoneminder.nix

··· 67 67 options = { 68 68 services.zoneminder = with lib; { 69 69 enable = lib.mkEnableOption (lib.mdDoc '' 70 - ZoneMinder 70 + ZoneMinder. 71 71 72 72 If you intend to run the database locally, you should set 73 73 `config.services.zoneminder.database.createLocally` to true. Otherwise, 74 74 when set to `false` (the default), you will have to create the database 75 75 and database user as well as populate the database yourself. 76 76 Additionally, you will need to run `zmupdate.pl` yourself when 77 - upgrading to a newer version. 77 + upgrading to a newer version 78 78 ''); 79 79 80 80 webserver = mkOption {

+3 -3

nixos/modules/services/monitoring/mackerel-agent.nix

··· 11 11 12 12 # the upstream package runs as root, but doesn't seem to be strictly 13 13 # necessary for basic functionality 14 - runAsRoot = mkEnableOption (lib.mdDoc "Whether to run as root"); 14 + runAsRoot = mkEnableOption (lib.mdDoc "running as root"); 15 15 16 16 autoRetirement = mkEnableOption (lib.mdDoc '' 17 - Whether to automatically retire the host upon OS shutdown. 17 + retiring the host upon OS shutdown 18 18 ''); 19 19 20 20 apiKeyFile = mkOption { ··· 59 59 }; 60 60 61 61 options.diagnostic = 62 - mkEnableOption (lib.mdDoc "Collect memory usage for the agent itself"); 62 + mkEnableOption (lib.mdDoc "collecting memory usage for the agent itself"); 63 63 }; 64 64 }; 65 65 };

+1 -1

nixos/modules/services/monitoring/prometheus/exporters/wireguard.nix

··· 11 11 ({ options.warnings = options.warnings; options.assertions = options.assertions; }) 12 12 ]; 13 13 extraOpts = { 14 - verbose = mkEnableOption (lib.mdDoc "Verbose logging mode for prometheus-wireguard-exporter"); 14 + verbose = mkEnableOption (lib.mdDoc "verbose logging mode for prometheus-wireguard-exporter"); 15 15 16 16 wireguardConfig = mkOption { 17 17 type = with types; nullOr (either path str);

+2 -2

nixos/modules/services/network-filesystems/openafs/server.nix

··· 177 177 178 178 backup = { 179 179 enable = mkEnableOption (lib.mdDoc '' 180 - Backup server role. When using OpenAFS built-in buserver, use in conjunction with the 180 + the backup server role. When using OpenAFS built-in buserver, use in conjunction with the 181 181 `database` role to maintain the Backup 182 182 Database. Normally only used in conjunction with tape storage 183 183 or IBM's Tivoli Storage Manager. 184 184 185 185 For a modern backup server, enable this role and see 186 - {option}`enableFabs`. 186 + {option}`enableFabs` 187 187 ''); 188 188 189 189 enableFabs = mkEnableOption (lib.mdDoc ''

+1 -1

nixos/modules/services/networking/create_ap.nix

··· 8 8 in { 9 9 options = { 10 10 services.create_ap = { 11 - enable = mkEnableOption (lib.mdDoc "setup wifi hotspots using create_ap"); 11 + enable = mkEnableOption (lib.mdDoc "setting up wifi hotspots using create_ap"); 12 12 settings = mkOption { 13 13 type = with types; attrsOf (oneOf [ int bool str ]); 14 14 default = {};

+3 -3

nixos/modules/services/networking/dae.nix

··· 14 14 options = { 15 15 services.dae = with lib;{ 16 16 enable = mkEnableOption 17 - (mdDoc "A Linux high-performance transparent proxy solution based on eBPF"); 17 + (mdDoc "dae, a Linux high-performance transparent proxy solution based on eBPF"); 18 18 19 19 package = mkPackageOptionMD pkgs "dae" { }; 20 20 ··· 46 46 openFirewall = mkOption { 47 47 type = with types; submodule { 48 48 options = { 49 - enable = mkEnableOption "enable"; 49 + enable = mkEnableOption (mdDoc "opening {option}`port` in the firewall"); 50 50 port = mkOption { 51 51 type = types.port; 52 52 description = '' ··· 91 91 }; 92 92 93 93 disableTxChecksumIpGeneric = 94 - mkEnableOption (mdDoc "See <https://github.com/daeuniverse/dae/issues/43>"); 94 + mkEnableOption "" // { description = mdDoc "See <https://github.com/daeuniverse/dae/issues/43>"; }; 95 95 96 96 }; 97 97 };

+4 -4

nixos/modules/services/networking/deconz.nix

··· 54 54 description = "TCP port for the WebSocket."; 55 55 }; 56 56 57 - openFirewall = lib.mkEnableOption "open up the service ports in the firewall"; 57 + openFirewall = lib.mkEnableOption "opening up the service ports in the firewall"; 58 58 59 - allowRebootSystem = lib.mkEnableOption "allow rebooting the system"; 59 + allowRebootSystem = lib.mkEnableOption "rebooting the system"; 60 60 61 - allowRestartService = lib.mkEnableOption "allow killing/restarting processes"; 61 + allowRestartService = lib.mkEnableOption "killing/restarting processes"; 62 62 63 - allowSetSystemTime = lib.mkEnableOption "allow setting the system time"; 63 + allowSetSystemTime = lib.mkEnableOption "setting the system time"; 64 64 65 65 extraArgs = lib.mkOption { 66 66 type = lib.types.listOf lib.types.str;

+1 -1

nixos/modules/services/networking/go-neb.nix

··· 9 9 configFile = settingsFormat.generate "config.yaml" cfg.config; 10 10 in { 11 11 options.services.go-neb = { 12 - enable = mkEnableOption (lib.mdDoc "Extensible matrix bot written in Go"); 12 + enable = mkEnableOption (lib.mdDoc "an extensible matrix bot written in Go"); 13 13 14 14 bindAddress = mkOption { 15 15 type = types.str;

+2 -2

nixos/modules/services/networking/hostapd.nix

··· 116 116 options = { 117 117 services.hostapd = { 118 118 enable = mkEnableOption (mdDoc '' 119 - Whether to enable hostapd. hostapd is a user space daemon for access point and 119 + hostapd, a user space daemon for access point and 120 120 authentication servers. It implements IEEE 802.11 access point management, 121 121 IEEE 802.1X/WPA/WPA2/EAP Authenticators, RADIUS client, EAP server, and RADIUS 122 - authentication server. 122 + authentication server 123 123 ''); 124 124 125 125 package = mkPackageOption pkgs "hostapd" {};

+4 -4

nixos/modules/services/networking/hylafax/options.nix

··· 272 272 }; 273 273 274 274 faxcron.enable.spoolInit = mkEnableOption (lib.mdDoc '' 275 - Purge old files from the spooling area with 275 + purging old files from the spooling area with 276 276 {file}`faxcron` 277 - each time the spooling area is initialized. 277 + each time the spooling area is initialized 278 278 ''); 279 279 faxcron.enable.frequency = mkOption { 280 280 type = nullOr nonEmptyStr; 281 281 default = null; 282 282 example = "daily"; 283 283 description = lib.mdDoc '' 284 - Purge old files from the spooling area with 284 + purging old files from the spooling area with 285 285 {file}`faxcron` with the given frequency 286 - (see systemd.time(7)). 286 + (see systemd.time(7)) 287 287 ''; 288 288 }; 289 289 faxcron.infoDays = mkOption {

+4 -4

nixos/modules/services/networking/i2pd.nix

··· 265 265 ''; 266 266 }; 267 267 268 - logCLFTime = mkEnableOption (lib.mdDoc "Full CLF-formatted date and time to log"); 268 + logCLFTime = mkEnableOption (lib.mdDoc "full CLF-formatted date and time to log"); 269 269 270 270 address = mkOption { 271 271 type = with types; nullOr str; ··· 456 456 ''; 457 457 }; 458 458 459 - trust.enable = mkEnableOption (lib.mdDoc "Explicit trust options"); 459 + trust.enable = mkEnableOption (lib.mdDoc "explicit trust options"); 460 460 461 461 trust.family = mkOption { 462 462 type = with types; nullOr str; ··· 474 474 ''; 475 475 }; 476 476 477 - trust.hidden = mkEnableOption (lib.mdDoc "Router concealment"); 477 + trust.hidden = mkEnableOption (lib.mdDoc "router concealment"); 478 478 479 479 websocket = mkEndpointOpt "websockets" "127.0.0.1" 7666; 480 480 ··· 552 552 553 553 proto.http = (mkEndpointOpt "http" "127.0.0.1" 7070) // { 554 554 555 - auth = mkEnableOption (lib.mdDoc "Webconsole authentication"); 555 + auth = mkEnableOption (lib.mdDoc "webconsole authentication"); 556 556 557 557 user = mkOption { 558 558 type = types.str;

+1 -1

nixos/modules/services/networking/iscsi/initiator.nix

··· 7 7 enable = mkEnableOption (lib.mdDoc "the openiscsi iscsi daemon"); 8 8 enableAutoLoginOut = mkEnableOption (lib.mdDoc '' 9 9 automatic login and logout of all automatic targets. 10 - You probably do not want this. 10 + You probably do not want this 11 11 ''); 12 12 discoverPortal = mkOption { 13 13 type = nullOr str;

+1 -1

nixos/modules/services/networking/nar-serve.nix

··· 10 10 }; 11 11 options = { 12 12 services.nar-serve = { 13 - enable = mkEnableOption (lib.mdDoc "Serve NAR file contents via HTTP"); 13 + enable = mkEnableOption (lib.mdDoc "serving NAR file contents via HTTP"); 14 14 15 15 port = mkOption { 16 16 type = types.port;

+1 -1

nixos/modules/services/networking/nftables.nix

··· 103 103 ''; 104 104 }; 105 105 106 - networking.nftables.flushRuleset = mkEnableOption (lib.mdDoc "Flush the entire ruleset on each reload."); 106 + networking.nftables.flushRuleset = mkEnableOption (lib.mdDoc "flushing the entire ruleset on each reload"); 107 107 108 108 networking.nftables.extraDeletions = mkOption { 109 109 type = types.lines;

+1 -1

nixos/modules/services/networking/snowflake-proxy.nix

··· 8 8 { 9 9 options = { 10 10 services.snowflake-proxy = { 11 - enable = mkEnableOption (lib.mdDoc "System to defeat internet censorship"); 11 + enable = mkEnableOption (lib.mdDoc "snowflake-proxy, a system to defeat internet censorship"); 12 12 13 13 broker = mkOption { 14 14 description = lib.mdDoc "Broker URL (default \"https://snowflake-broker.torproject.net/\")";

+2 -2

nixos/modules/services/networking/yggdrasil.nix

··· 116 116 }; 117 117 118 118 persistentKeys = mkEnableOption (lib.mdDoc '' 119 - If enabled then keys will be generated once and Yggdrasil 119 + persistent keys. If enabled then keys will be generated once and Yggdrasil 120 120 will retain the same IPv6 address when the service is 121 - restarted. Keys are stored at ${keysPath}. 121 + restarted. Keys are stored at ${keysPath} 122 122 ''); 123 123 124 124 extraArgs = mkOption {

+1 -1

nixos/modules/services/system/earlyoom.nix

··· 11 11 in 12 12 { 13 13 options.services.earlyoom = { 14 - enable = mkEnableOption (lib.mdDoc "Early out of memory killing"); 14 + enable = mkEnableOption (lib.mdDoc "early out of memory killing"); 15 15 16 16 freeMemThreshold = mkOption { 17 17 type = types.ints.between 1 100;

+1 -1

nixos/modules/services/system/systembus-notify.nix

··· 13 13 14 14 WARNING: enabling this option (while convenient) should *not* be done on a 15 15 machine where you do not trust the other users as it allows any other 16 - local user to DoS your session by spamming notifications. 16 + local user to DoS your session by spamming notifications 17 17 ''); 18 18 }; 19 19

+1 -1

nixos/modules/services/torrent/flexget.nix

··· 14 14 in { 15 15 options = { 16 16 services.flexget = { 17 - enable = mkEnableOption (lib.mdDoc "Run FlexGet Daemon"); 17 + enable = mkEnableOption (lib.mdDoc "FlexGet daemon"); 18 18 19 19 package = mkPackageOptionMD pkgs "flexget" {}; 20 20

+1 -1

nixos/modules/services/video/mediamtx.nix

··· 40 40 }; 41 41 42 42 allowVideoAccess = lib.mkEnableOption (lib.mdDoc '' 43 - Enable access to video devices like cameras on the system. 43 + access to video devices like cameras on the system 44 44 ''); 45 45 }; 46 46 };

+1 -1

nixos/modules/services/web-apps/cloudlog.nix

··· 69 69 in 70 70 { 71 71 options.services.cloudlog = with types; { 72 - enable = mkEnableOption (mdDoc "Whether to enable Cloudlog"); 72 + enable = mkEnableOption (mdDoc "Cloudlog"); 73 73 dataDir = mkOption { 74 74 type = str; 75 75 default = "/var/lib/cloudlog";

+236 -988

nixos/modules/services/web-apps/hedgedoc.nix

··· 1 1 { config, lib, pkgs, ... }: 2 2 3 3 let 4 - inherit (lib) literalExpression mdDoc mkEnableOption mkIf mkOption mkPackageOptionMD mkRenamedOptionModule types versionAtLeast; 4 + inherit (lib) mkOption types mdDoc literalExpression; 5 5 6 6 cfg = config.services.hedgedoc; 7 7 ··· 9 9 # versionAtLeast statement remains set to 21.03 for backwards compatibility. 10 10 # See https://github.com/NixOS/nixpkgs/pull/108899 and 11 11 # https://github.com/NixOS/rfcs/blob/master/rfcs/0080-nixos-release-schedule.md. 12 - name = if versionAtLeast config.system.stateVersion "21.03" 13 - then "hedgedoc" 14 - else "codimd"; 15 - 16 - settingsFormat = pkgs.formats.json {}; 12 + name = if lib.versionAtLeast config.system.stateVersion "21.03" then 13 + "hedgedoc" 14 + else 15 + "codimd"; 17 16 18 - prettyJSON = conf: 19 - pkgs.runCommandLocal "hedgedoc-config.json" { 20 - nativeBuildInputs = [ pkgs.jq ]; 21 - } '' 22 - jq '{production:del(.[]|nulls)|del(.[][]?|nulls)}' \ 23 - < ${settingsFormat.generate "hedgedoc-ugly.json" cfg.settings} \ 24 - > $out 25 - ''; 17 + settingsFormat = pkgs.formats.json { }; 26 18 in 27 19 { 20 + meta.maintainers = with lib.maintainers; [ SuperSandro2000 h7x4 ]; 21 + 28 22 imports = [ 29 - (mkRenamedOptionModule [ "services" "codimd" ] [ "services" "hedgedoc" ]) 30 - (mkRenamedOptionModule 31 - [ "services" "hedgedoc" "configuration" ] [ "services" "hedgedoc" "settings" ]) 23 + (lib.mkRenamedOptionModule [ "services" "codimd" ] [ "services" "hedgedoc" ]) 24 + (lib.mkRenamedOptionModule [ "services" "hedgedoc" "configuration" ] [ "services" "hedgedoc" "settings" ]) 25 + (lib.mkRenamedOptionModule [ "services" "hedgedoc" "groups" ] [ "users" "users" "hedgedoc" "extraGroups" ]) 26 + (lib.mkRemovedOptionModule [ "services" "hedgedoc" "workDir" ] '' 27 + This option has been removed in favor of systemd managing the state directory. 28 + 29 + If you have set this option without specifying `services.settings.uploadsDir`, 30 + please move these files to `/var/lib/hedgedoc/uploads`, or set the option to point 31 + at the correct location. 32 + '') 32 33 ]; 33 34 34 35 options.services.hedgedoc = { 35 - package = mkPackageOptionMD pkgs "hedgedoc" { }; 36 - enable = mkEnableOption (lib.mdDoc "the HedgeDoc Markdown Editor"); 36 + package = lib.mkPackageOptionMD pkgs "hedgedoc" { }; 37 + enable = lib.mkEnableOption (mdDoc "the HedgeDoc Markdown Editor"); 37 38 38 - groups = mkOption { 39 - type = types.listOf types.str; 40 - default = []; 41 - description = lib.mdDoc '' 42 - Groups to which the service user should be added. 43 - ''; 44 - }; 45 - 46 - workDir = mkOption { 47 - type = types.path; 48 - default = "/var/lib/${name}"; 49 - description = lib.mdDoc '' 50 - Working directory for the HedgeDoc service. 51 - ''; 52 - }; 39 + settings = mkOption { 40 + type = types.submodule { 41 + freeformType = settingsFormat.type; 42 + options = { 43 + domain = mkOption { 44 + type = with types; nullOr str; 45 + default = null; 46 + example = "hedgedoc.org"; 47 + description = mdDoc '' 48 + Domain to use for website. 53 49 54 - settings = let options = { 55 - debug = mkEnableOption (lib.mdDoc "debug mode"); 56 - domain = mkOption { 57 - type = types.nullOr types.str; 58 - default = null; 59 - example = "hedgedoc.org"; 60 - description = lib.mdDoc '' 61 - Domain name for the HedgeDoc instance. 62 - ''; 63 - }; 64 - urlPath = mkOption { 65 - type = types.nullOr types.str; 66 - default = null; 67 - example = "/url/path/to/hedgedoc"; 68 - description = lib.mdDoc '' 69 - Path under which HedgeDoc is accessible. 70 - ''; 71 - }; 72 - host = mkOption { 73 - type = types.str; 74 - default = "localhost"; 75 - description = lib.mdDoc '' 76 - Address to listen on. 77 - ''; 78 - }; 79 - port = mkOption { 80 - type = types.port; 81 - default = 3000; 82 - example = 80; 83 - description = lib.mdDoc '' 84 - Port to listen on. 85 - ''; 86 - }; 87 - path = mkOption { 88 - type = types.nullOr types.str; 89 - default = null; 90 - example = "/run/hedgedoc.sock"; 91 - description = lib.mdDoc '' 92 - Specify where a UNIX domain socket should be placed. 93 - ''; 94 - }; 95 - allowOrigin = mkOption { 96 - type = types.listOf types.str; 97 - default = []; 98 - example = [ "localhost" "hedgedoc.org" ]; 99 - description = lib.mdDoc '' 100 - List of domains to whitelist. 101 - ''; 102 - }; 103 - useSSL = mkOption { 104 - type = types.bool; 105 - default = false; 106 - description = lib.mdDoc '' 107 - Enable to use SSL server. This will also enable 108 - {option}`protocolUseSSL`. 109 - ''; 110 - }; 111 - enableStatsApi = mkOption { 112 - type = types.bool; 113 - default = false; 114 - description = lib.mdDoc '' 115 - Enables or disables the /status and /metrics endpoint. 116 - ''; 117 - }; 118 - hsts = { 119 - enable = mkOption { 120 - type = types.bool; 121 - default = true; 122 - description = lib.mdDoc '' 123 - Whether to enable HSTS if HTTPS is also enabled. 124 - ''; 125 - }; 126 - maxAgeSeconds = mkOption { 127 - type = types.int; 128 - default = 31536000; 129 - description = lib.mdDoc '' 130 - Max duration for clients to keep the HSTS status. 131 - ''; 132 - }; 133 - includeSubdomains = mkOption { 134 - type = types.bool; 135 - default = true; 136 - description = lib.mdDoc '' 137 - Whether to include subdomains in HSTS. 138 - ''; 139 - }; 140 - preload = mkOption { 141 - type = types.bool; 142 - default = true; 143 - description = lib.mdDoc '' 144 - Whether to allow preloading of the site's HSTS status. 145 - ''; 146 - }; 147 - }; 148 - csp = mkOption { 149 - type = types.nullOr types.attrs; 150 - default = null; 151 - example = literalExpression '' 152 - { 153 - enable = true; 154 - directives = { 155 - scriptSrc = "trustworthy.scripts.example.com"; 156 - }; 157 - upgradeInsecureRequest = "auto"; 158 - addDefaults = true; 159 - } 160 - ''; 161 - description = lib.mdDoc '' 162 - Specify the Content Security Policy which is passed to Helmet. 163 - For configuration details see <https://helmetjs.github.io/docs/csp/>. 164 - ''; 165 - }; 166 - protocolUseSSL = mkOption { 167 - type = types.bool; 168 - default = false; 169 - description = lib.mdDoc '' 170 - Enable to use TLS for resource paths. 171 - This only applies when {option}`domain` is set. 172 - ''; 173 - }; 174 - urlAddPort = mkOption { 175 - type = types.bool; 176 - default = false; 177 - description = lib.mdDoc '' 178 - Enable to add the port to callback URLs. 179 - This only applies when {option}`domain` is set 180 - and only for ports other than 80 and 443. 181 - ''; 182 - }; 183 - useCDN = mkOption { 184 - type = types.bool; 185 - default = false; 186 - description = lib.mdDoc '' 187 - Whether to use CDN resources or not. 188 - ''; 189 - }; 190 - allowAnonymous = mkOption { 191 - type = types.bool; 192 - default = true; 193 - description = lib.mdDoc '' 194 - Whether to allow anonymous usage. 195 - ''; 196 - }; 197 - allowAnonymousEdits = mkOption { 198 - type = types.bool; 199 - default = false; 200 - description = lib.mdDoc '' 201 - Whether to allow guests to edit existing notes with the `freely` permission, 202 - when {option}`allowAnonymous` is enabled. 203 - ''; 204 - }; 205 - allowFreeURL = mkOption { 206 - type = types.bool; 207 - default = false; 208 - description = lib.mdDoc '' 209 - Whether to allow note creation by accessing a nonexistent note URL. 210 - ''; 211 - }; 212 - requireFreeURLAuthentication = mkOption { 213 - type = types.bool; 214 - default = false; 215 - description = lib.mdDoc '' 216 - Whether to require authentication for FreeURL mode style note creation. 217 - ''; 218 - }; 219 - defaultPermission = mkOption { 220 - type = types.enum [ "freely" "editable" "limited" "locked" "private" ]; 221 - default = "editable"; 222 - description = lib.mdDoc '' 223 - Default permissions for notes. 224 - This only applies for signed-in users. 225 - ''; 226 - }; 227 - dbURL = mkOption { 228 - type = types.nullOr types.str; 229 - default = null; 230 - example = '' 231 - postgres://user:pass@host:5432/dbname 232 - ''; 233 - description = lib.mdDoc '' 234 - Specify which database to use. 235 - HedgeDoc supports mysql, postgres, sqlite and mssql. 236 - See [ 237 - https://sequelize.readthedocs.io/en/v3/](https://sequelize.readthedocs.io/en/v3/) for more information. 238 - Note: This option overrides {option}`db`. 239 - ''; 240 - }; 241 - db = mkOption { 242 - type = types.attrs; 243 - default = {}; 244 - example = literalExpression '' 245 - { 246 - dialect = "sqlite"; 247 - storage = "/var/lib/${name}/db.${name}.sqlite"; 248 - } 249 - ''; 250 - description = lib.mdDoc '' 251 - Specify the configuration for sequelize. 252 - HedgeDoc supports mysql, postgres, sqlite and mssql. 253 - See [ 254 - https://sequelize.readthedocs.io/en/v3/](https://sequelize.readthedocs.io/en/v3/) for more information. 255 - Note: This option overrides {option}`db`. 256 - ''; 257 - }; 258 - sslKeyPath= mkOption { 259 - type = types.nullOr types.str; 260 - default = null; 261 - example = "/var/lib/hedgedoc/hedgedoc.key"; 262 - description = lib.mdDoc '' 263 - Path to the SSL key. Needed when {option}`useSSL` is enabled. 264 - ''; 265 - }; 266 - sslCertPath = mkOption { 267 - type = types.nullOr types.str; 268 - default = null; 269 - example = "/var/lib/hedgedoc/hedgedoc.crt"; 270 - description = lib.mdDoc '' 271 - Path to the SSL cert. Needed when {option}`useSSL` is enabled. 272 - ''; 273 - }; 274 - sslCAPath = mkOption { 275 - type = types.listOf types.str; 276 - default = []; 277 - example = [ "/var/lib/hedgedoc/ca.crt" ]; 278 - description = lib.mdDoc '' 279 - SSL ca chain. Needed when {option}`useSSL` is enabled. 280 - ''; 281 - }; 282 - dhParamPath = mkOption { 283 - type = types.nullOr types.str; 284 - default = null; 285 - example = "/var/lib/hedgedoc/dhparam.pem"; 286 - description = lib.mdDoc '' 287 - Path to the SSL dh params. Needed when {option}`useSSL` is enabled. 288 - ''; 289 - }; 290 - tmpPath = mkOption { 291 - type = types.str; 292 - default = "/tmp"; 293 - description = lib.mdDoc '' 294 - Path to the temp directory HedgeDoc should use. 295 - Note that {option}`serviceConfig.PrivateTmp` is enabled for 296 - the HedgeDoc systemd service by default. 297 - (Non-canonical paths are relative to HedgeDoc's base directory) 298 - ''; 299 - }; 300 - defaultNotePath = mkOption { 301 - type = types.nullOr types.str; 302 - default = "${cfg.package}/public/default.md"; 303 - defaultText = literalExpression "\"\${cfg.package}/public/default.md\""; 304 - description = lib.mdDoc '' 305 - Path to the default Note file. 306 - (Non-canonical paths are relative to HedgeDoc's base directory) 307 - ''; 308 - }; 309 - docsPath = mkOption { 310 - type = types.nullOr types.str; 311 - default = "${cfg.package}/public/docs"; 312 - defaultText = literalExpression "\"\${cfg.package}/public/docs\""; 313 - description = lib.mdDoc '' 314 - Path to the docs directory. 315 - (Non-canonical paths are relative to HedgeDoc's base directory) 316 - ''; 317 - }; 318 - indexPath = mkOption { 319 - type = types.nullOr types.str; 320 - default = "${cfg.package}/public/views/index.ejs"; 321 - defaultText = literalExpression "\"\${cfg.package}/public/views/index.ejs\""; 322 - description = lib.mdDoc '' 323 - Path to the index template file. 324 - (Non-canonical paths are relative to HedgeDoc's base directory) 325 - ''; 326 - }; 327 - hackmdPath = mkOption { 328 - type = types.nullOr types.str; 329 - default = "${cfg.package}/public/views/hackmd.ejs"; 330 - defaultText = literalExpression "\"\${cfg.package}/public/views/hackmd.ejs\""; 331 - description = lib.mdDoc '' 332 - Path to the hackmd template file. 333 - (Non-canonical paths are relative to HedgeDoc's base directory) 334 - ''; 335 - }; 336 - errorPath = mkOption { 337 - type = types.nullOr types.str; 338 - default = "${cfg.package}/public/views/error.ejs"; 339 - defaultText = literalExpression "\"\${cfg.package}/public/views/error.ejs\""; 340 - description = lib.mdDoc '' 341 - Path to the error template file. 342 - (Non-canonical paths are relative to HedgeDoc's base directory) 343 - ''; 344 - }; 345 - prettyPath = mkOption { 346 - type = types.nullOr types.str; 347 - default = "${cfg.package}/public/views/pretty.ejs"; 348 - defaultText = literalExpression "\"\${cfg.package}/public/views/pretty.ejs\""; 349 - description = lib.mdDoc '' 350 - Path to the pretty template file. 351 - (Non-canonical paths are relative to HedgeDoc's base directory) 352 - ''; 353 - }; 354 - slidePath = mkOption { 355 - type = types.nullOr types.str; 356 - default = "${cfg.package}/public/views/slide.hbs"; 357 - defaultText = literalExpression "\"\${cfg.package}/public/views/slide.hbs\""; 358 - description = lib.mdDoc '' 359 - Path to the slide template file. 360 - (Non-canonical paths are relative to HedgeDoc's base directory) 361 - ''; 362 - }; 363 - uploadsPath = mkOption { 364 - type = types.str; 365 - default = "${cfg.workDir}/uploads"; 366 - defaultText = literalExpression "\"\${cfg.workDir}/uploads\""; 367 - description = lib.mdDoc '' 368 - Path under which uploaded files are saved. 369 - ''; 370 - }; 371 - sessionName = mkOption { 372 - type = types.str; 373 - default = "connect.sid"; 374 - description = lib.mdDoc '' 375 - Specify the name of the session cookie. 376 - ''; 377 - }; 378 - sessionSecret = mkOption { 379 - type = types.nullOr types.str; 380 - default = null; 381 - description = lib.mdDoc '' 382 - Specify the secret used to sign the session cookie. 383 - If unset, one will be generated on startup. 384 - ''; 385 - }; 386 - sessionLife = mkOption { 387 - type = types.int; 388 - default = 1209600000; 389 - description = lib.mdDoc '' 390 - Session life time in milliseconds. 391 - ''; 392 - }; 393 - heartbeatInterval = mkOption { 394 - type = types.int; 395 - default = 5000; 396 - description = lib.mdDoc '' 397 - Specify the socket.io heartbeat interval. 398 - ''; 399 - }; 400 - heartbeatTimeout = mkOption { 401 - type = types.int; 402 - default = 10000; 403 - description = lib.mdDoc '' 404 - Specify the socket.io heartbeat timeout. 405 - ''; 406 - }; 407 - documentMaxLength = mkOption { 408 - type = types.int; 409 - default = 100000; 410 - description = lib.mdDoc '' 411 - Specify the maximum document length. 412 - ''; 413 - }; 414 - email = mkOption { 415 - type = types.bool; 416 - default = true; 417 - description = lib.mdDoc '' 418 - Whether to enable email sign-in. 419 - ''; 420 - }; 421 - allowEmailRegister = mkOption { 422 - type = types.bool; 423 - default = true; 424 - description = lib.mdDoc '' 425 - Whether to enable email registration. 426 - ''; 427 - }; 428 - allowGravatar = mkOption { 429 - type = types.bool; 430 - default = true; 431 - description = lib.mdDoc '' 432 - Whether to use gravatar as profile picture source. 433 - ''; 434 - }; 435 - imageUploadType = mkOption { 436 - type = types.enum [ "imgur" "s3" "minio" "filesystem" ]; 437 - default = "filesystem"; 438 - description = lib.mdDoc '' 439 - Specify where to upload images. 440 - ''; 441 - }; 442 - minio = mkOption { 443 - type = types.nullOr (types.submodule { 444 - options = { 445 - accessKey = mkOption { 446 - type = types.str; 447 - description = lib.mdDoc '' 448 - Minio access key. 449 - ''; 450 - }; 451 - secretKey = mkOption { 452 - type = types.str; 453 - description = lib.mdDoc '' 454 - Minio secret key. 455 - ''; 456 - }; 457 - endPoint = mkOption { 458 - type = types.str; 459 - description = lib.mdDoc '' 460 - Minio endpoint. 461 - ''; 462 - }; 463 - port = mkOption { 464 - type = types.port; 465 - default = 9000; 466 - description = lib.mdDoc '' 467 - Minio listen port. 468 - ''; 469 - }; 470 - secure = mkOption { 471 - type = types.bool; 472 - default = true; 473 - description = lib.mdDoc '' 474 - Whether to use HTTPS for Minio. 475 - ''; 476 - }; 50 + This is useful if you are trying to run hedgedoc behind 51 + a reverse proxy. 52 + ''; 477 53 }; 478 - }); 479 - default = null; 480 - description = lib.mdDoc "Configure the minio third-party integration."; 481 - }; 482 - s3 = mkOption { 483 - type = types.nullOr (types.submodule { 484 - options = { 485 - accessKeyId = mkOption { 486 - type = types.str; 487 - description = lib.mdDoc '' 488 - AWS access key id. 489 - ''; 490 - }; 491 - secretAccessKey = mkOption { 492 - type = types.str; 493 - description = lib.mdDoc '' 494 - AWS access key. 495 - ''; 496 - }; 497 - region = mkOption { 498 - type = types.str; 499 - description = lib.mdDoc '' 500 - AWS S3 region. 501 - ''; 502 - }; 503 - }; 504 - }); 505 - default = null; 506 - description = lib.mdDoc "Configure the s3 third-party integration."; 507 - }; 508 - s3bucket = mkOption { 509 - type = types.nullOr types.str; 510 - default = null; 511 - description = lib.mdDoc '' 512 - Specify the bucket name for upload types `s3` and `minio`. 513 - ''; 514 - }; 515 - allowPDFExport = mkOption { 516 - type = types.bool; 517 - default = true; 518 - description = lib.mdDoc '' 519 - Whether to enable PDF exports. 520 - ''; 521 - }; 522 - imgur.clientId = mkOption { 523 - type = types.nullOr types.str; 524 - default = null; 525 - description = lib.mdDoc '' 526 - Imgur API client ID. 527 - ''; 528 - }; 529 - azure = mkOption { 530 - type = types.nullOr (types.submodule { 531 - options = { 532 - connectionString = mkOption { 533 - type = types.str; 534 - description = lib.mdDoc '' 535 - Azure Blob Storage connection string. 536 - ''; 537 - }; 538 - container = mkOption { 539 - type = types.str; 540 - description = lib.mdDoc '' 541 - Azure Blob Storage container name. 542 - It will be created if non-existent. 543 - ''; 544 - }; 545 - }; 546 - }); 547 - default = null; 548 - description = lib.mdDoc "Configure the azure third-party integration."; 549 - }; 550 - oauth2 = mkOption { 551 - type = types.nullOr (types.submodule { 552 - options = { 553 - authorizationURL = mkOption { 554 - type = types.str; 555 - description = lib.mdDoc '' 556 - Specify the OAuth authorization URL. 557 - ''; 558 - }; 559 - tokenURL = mkOption { 560 - type = types.str; 561 - description = lib.mdDoc '' 562 - Specify the OAuth token URL. 563 - ''; 564 - }; 565 - baseURL = mkOption { 566 - type = with types; nullOr str; 567 - default = null; 568 - description = lib.mdDoc '' 569 - Specify the OAuth base URL. 570 - ''; 571 - }; 572 - userProfileURL = mkOption { 573 - type = with types; nullOr str; 574 - default = null; 575 - description = lib.mdDoc '' 576 - Specify the OAuth userprofile URL. 577 - ''; 578 - }; 579 - userProfileUsernameAttr = mkOption { 580 - type = with types; nullOr str; 581 - default = null; 582 - description = lib.mdDoc '' 583 - Specify the name of the attribute for the username from the claim. 584 - ''; 585 - }; 586 - userProfileDisplayNameAttr = mkOption { 587 - type = with types; nullOr str; 588 - default = null; 589 - description = lib.mdDoc '' 590 - Specify the name of the attribute for the display name from the claim. 591 - ''; 592 - }; 593 - userProfileEmailAttr = mkOption { 594 - type = with types; nullOr str; 595 - default = null; 596 - description = lib.mdDoc '' 597 - Specify the name of the attribute for the email from the claim. 598 - ''; 599 - }; 600 - scope = mkOption { 601 - type = with types; nullOr str; 602 - default = null; 603 - description = lib.mdDoc '' 604 - Specify the OAuth scope. 605 - ''; 606 - }; 607 - providerName = mkOption { 608 - type = with types; nullOr str; 609 - default = null; 610 - description = lib.mdDoc '' 611 - Specify the name to be displayed for this strategy. 612 - ''; 613 - }; 614 - rolesClaim = mkOption { 615 - type = with types; nullOr str; 616 - default = null; 617 - description = lib.mdDoc '' 618 - Specify the role claim name. 619 - ''; 620 - }; 621 - accessRole = mkOption { 622 - type = with types; nullOr str; 623 - default = null; 624 - description = lib.mdDoc '' 625 - Specify role which should be included in the ID token roles claim to grant access 626 - ''; 627 - }; 628 - clientID = mkOption { 629 - type = types.str; 630 - description = lib.mdDoc '' 631 - Specify the OAuth client ID. 632 - ''; 633 - }; 634 - clientSecret = mkOption { 635 - type = with types; nullOr str; 636 - default = null; 637 - description = lib.mdDoc '' 638 - Specify the OAuth client secret. 639 - ''; 640 - }; 54 + urlPath = mkOption { 55 + type = with types; nullOr str; 56 + default = null; 57 + example = "hedgedoc"; 58 + description = mdDoc '' 59 + URL path for the website. 60 + 61 + This is useful if you are hosting hedgedoc on a path like 62 + `www.example.com/hedgedoc` 63 + ''; 641 64 }; 642 - }); 643 - default = null; 644 - description = lib.mdDoc "Configure the OAuth integration."; 645 - }; 646 - facebook = mkOption { 647 - type = types.nullOr (types.submodule { 648 - options = { 649 - clientID = mkOption { 650 - type = types.str; 651 - description = lib.mdDoc '' 652 - Facebook API client ID. 653 - ''; 654 - }; 655 - clientSecret = mkOption { 656 - type = types.str; 657 - description = lib.mdDoc '' 658 - Facebook API client secret. 659 - ''; 660 - }; 65 + host = mkOption { 66 + type = with types; nullOr str; 67 + default = "localhost"; 68 + description = mdDoc '' 69 + Address to listen on. 70 + ''; 661 71 }; 662 - }); 663 - default = null; 664 - description = lib.mdDoc "Configure the facebook third-party integration"; 665 - }; 666 - twitter = mkOption { 667 - type = types.nullOr (types.submodule { 668 - options = { 669 - consumerKey = mkOption { 670 - type = types.str; 671 - description = lib.mdDoc '' 672 - Twitter API consumer key. 673 - ''; 674 - }; 675 - consumerSecret = mkOption { 676 - type = types.str; 677 - description = lib.mdDoc '' 678 - Twitter API consumer secret. 679 - ''; 680 - }; 72 + port = mkOption { 73 + type = types.port; 74 + default = 3000; 75 + example = 80; 76 + description = mdDoc '' 77 + Port to listen on. 78 + ''; 681 79 }; 682 - }); 683 - default = null; 684 - description = lib.mdDoc "Configure the Twitter third-party integration."; 685 - }; 686 - github = mkOption { 687 - type = types.nullOr (types.submodule { 688 - options = { 689 - clientID = mkOption { 690 - type = types.str; 691 - description = lib.mdDoc '' 692 - GitHub API client ID. 693 - ''; 694 - }; 695 - clientSecret = mkOption { 696 - type = types.str; 697 - description = lib.mdDoc '' 698 - Github API client secret. 699 - ''; 700 - }; 80 + path = mkOption { 81 + type = with types; nullOr path; 82 + default = null; 83 + example = "/run/hedgedoc/hedgedoc.sock"; 84 + description = mdDoc '' 85 + Path to UNIX domain socket to listen on 86 + 87 + ::: {.note} 88 + If specified, {option}`host` and {option}`port` will be ignored. 89 + ::: 90 + ''; 701 91 }; 702 - }); 703 - default = null; 704 - description = lib.mdDoc "Configure the GitHub third-party integration."; 705 - }; 706 - gitlab = mkOption { 707 - type = types.nullOr (types.submodule { 708 - options = { 709 - baseURL = mkOption { 710 - type = types.str; 711 - default = ""; 712 - description = lib.mdDoc '' 713 - GitLab API authentication endpoint. 714 - Only needed for other endpoints than gitlab.com. 715 - ''; 716 - }; 717 - clientID = mkOption { 718 - type = types.str; 719 - description = lib.mdDoc '' 720 - GitLab API client ID. 721 - ''; 722 - }; 723 - clientSecret = mkOption { 724 - type = types.str; 725 - description = lib.mdDoc '' 726 - GitLab API client secret. 727 - ''; 728 - }; 729 - scope = mkOption { 730 - type = types.enum [ "api" "read_user" ]; 731 - default = "api"; 732 - description = lib.mdDoc '' 733 - GitLab API requested scope. 734 - GitLab snippet import/export requires api scope. 735 - ''; 736 - }; 92 + protocolUseSSL = mkOption { 93 + type = types.bool; 94 + default = false; 95 + example = true; 96 + description = mdDoc '' 97 + Use `https://` for all links. 98 + 99 + This is useful if you are trying to run hedgedoc behind 100 + a reverse proxy. 101 + 102 + ::: {.note} 103 + Only applied if {option}`domain` is set. 104 + ::: 105 + ''; 737 106 }; 738 - }); 739 - default = null; 740 - description = lib.mdDoc "Configure the GitLab third-party integration."; 741 - }; 742 - mattermost = mkOption { 743 - type = types.nullOr (types.submodule { 744 - options = { 745 - baseURL = mkOption { 746 - type = types.str; 747 - description = lib.mdDoc '' 748 - Mattermost authentication endpoint. 749 - ''; 750 - }; 751 - clientID = mkOption { 752 - type = types.str; 753 - description = lib.mdDoc '' 754 - Mattermost API client ID. 755 - ''; 756 - }; 757 - clientSecret = mkOption { 758 - type = types.str; 759 - description = lib.mdDoc '' 760 - Mattermost API client secret. 761 - ''; 762 - }; 107 + allowOrigin = mkOption { 108 + type = with types; listOf str; 109 + default = with cfg.settings; [ host ] ++ lib.optionals (domain != null) [ domain ]; 110 + defaultText = literalExpression '' 111 + with config.services.hedgedoc.settings; [ host ] ++ lib.optionals (domain != null) [ domain ] 112 + ''; 113 + example = [ "localhost" "hedgedoc.org" ]; 114 + description = mdDoc '' 115 + List of domains to whitelist. 116 + ''; 763 117 }; 764 - }); 765 - default = null; 766 - description = lib.mdDoc "Configure the Mattermost third-party integration."; 767 - }; 768 - dropbox = mkOption { 769 - type = types.nullOr (types.submodule { 770 - options = { 771 - clientID = mkOption { 772 - type = types.str; 773 - description = lib.mdDoc '' 774 - Dropbox API client ID. 775 - ''; 118 + db = mkOption { 119 + type = types.attrs; 120 + default = { 121 + dialect = "sqlite"; 122 + storage = "/var/lib/${name}/db.sqlite"; 776 123 }; 777 - clientSecret = mkOption { 778 - type = types.str; 779 - description = lib.mdDoc '' 780 - Dropbox API client secret. 781 - ''; 782 - }; 783 - appKey = mkOption { 784 - type = types.str; 785 - description = lib.mdDoc '' 786 - Dropbox app key. 787 - ''; 788 - }; 124 + defaultText = literalExpression '' 125 + { 126 + dialect = "sqlite"; 127 + storage = "/var/lib/hedgedoc/db.sqlite"; 128 + } 129 + ''; 130 + example = literalExpression '' 131 + db = { 132 + username = "hedgedoc"; 133 + database = "hedgedoc"; 134 + host = "localhost:5432"; 135 + # or via socket 136 + # host = "/run/postgresql"; 137 + dialect = "postgresql"; 138 + }; 139 + ''; 140 + description = mdDoc '' 141 + Specify the configuration for sequelize. 142 + HedgeDoc supports `mysql`, `postgres`, `sqlite` and `mssql`. 143 + See <https://sequelize.readthedocs.io/en/v3/> 144 + for more information. 145 + 146 + ::: {.note} 147 + The relevant parts will be overriden if you set {option}`dbURL`. 148 + ::: 149 + ''; 789 150 }; 790 - }); 791 - default = null; 792 - description = lib.mdDoc "Configure the Dropbox third-party integration."; 793 - }; 794 - google = mkOption { 795 - type = types.nullOr (types.submodule { 796 - options = { 797 - clientID = mkOption { 798 - type = types.str; 799 - description = lib.mdDoc '' 800 - Google API client ID. 801 - ''; 802 - }; 803 - clientSecret = mkOption { 804 - type = types.str; 805 - description = lib.mdDoc '' 806 - Google API client secret. 807 - ''; 808 - }; 151 + useSSL = mkOption { 152 + type = types.bool; 153 + default = false; 154 + description = mdDoc '' 155 + Enable to use SSL server. 156 + 157 + ::: {.note} 158 + This will also enable {option}`protocolUseSSL`. 159 + 160 + It will also require you to set the following: 161 + 162 + - {option}`sslKeyPath` 163 + - {option}`sslCertPath` 164 + - {option}`sslCAPath` 165 + - {option}`dhParamPath` 166 + ::: 167 + ''; 809 168 }; 810 - }); 811 - default = null; 812 - description = lib.mdDoc "Configure the Google third-party integration."; 813 - }; 814 - ldap = mkOption { 815 - type = types.nullOr (types.submodule { 816 - options = { 817 - providerName = mkOption { 818 - type = types.str; 819 - default = ""; 820 - description = lib.mdDoc '' 821 - Optional name to be displayed at login form, indicating the LDAP provider. 822 - ''; 823 - }; 824 - url = mkOption { 825 - type = types.str; 826 - example = "ldap://localhost"; 827 - description = lib.mdDoc '' 828 - URL of LDAP server. 829 - ''; 830 - }; 831 - bindDn = mkOption { 832 - type = types.str; 833 - description = lib.mdDoc '' 834 - Bind DN for LDAP access. 835 - ''; 836 - }; 837 - bindCredentials = mkOption { 838 - type = types.str; 839 - description = lib.mdDoc '' 840 - Bind credentials for LDAP access. 841 - ''; 842 - }; 843 - searchBase = mkOption { 844 - type = types.str; 845 - example = "o=users,dc=example,dc=com"; 846 - description = lib.mdDoc '' 847 - LDAP directory to begin search from. 848 - ''; 849 - }; 850 - searchFilter = mkOption { 851 - type = types.str; 852 - example = "(uid={{username}})"; 853 - description = lib.mdDoc '' 854 - LDAP filter to search with. 855 - ''; 856 - }; 857 - searchAttributes = mkOption { 858 - type = types.nullOr (types.listOf types.str); 859 - default = null; 860 - example = [ "displayName" "mail" ]; 861 - description = lib.mdDoc '' 862 - LDAP attributes to search with. 863 - ''; 864 - }; 865 - userNameField = mkOption { 866 - type = types.str; 867 - default = ""; 868 - description = lib.mdDoc '' 869 - LDAP field which is used as the username on HedgeDoc. 870 - By default {option}`useridField` is used. 871 - ''; 872 - }; 873 - useridField = mkOption { 874 - type = types.str; 875 - example = "uid"; 876 - description = lib.mdDoc '' 877 - LDAP field which is a unique identifier for users on HedgeDoc. 878 - ''; 879 - }; 880 - tlsca = mkOption { 881 - type = types.str; 882 - default = "/etc/ssl/certs/ca-certificates.crt"; 883 - example = "server-cert.pem,root.pem"; 884 - description = lib.mdDoc '' 885 - Root CA for LDAP TLS in PEM format. 886 - ''; 887 - }; 169 + uploadsPath = mkOption { 170 + type = types.path; 171 + default = "/var/lib/${name}/uploads"; 172 + defaultText = "/var/lib/hedgedoc/uploads"; 173 + description = mdDoc '' 174 + Directory for storing uploaded images. 175 + ''; 888 176 }; 889 - }); 890 - default = null; 891 - description = lib.mdDoc "Configure the LDAP integration."; 892 - }; 893 - saml = mkOption { 894 - type = types.nullOr (types.submodule { 895 - options = { 896 - idpSsoUrl = mkOption { 897 - type = types.str; 898 - example = "https://idp.example.com/sso"; 899 - description = lib.mdDoc '' 900 - IdP authentication endpoint. 901 - ''; 902 - }; 903 - idpCert = mkOption { 904 - type = types.path; 905 - example = "/path/to/cert.pem"; 906 - description = lib.mdDoc '' 907 - Path to IdP certificate file in PEM format. 908 - ''; 909 - }; 910 - issuer = mkOption { 911 - type = types.str; 912 - default = ""; 913 - description = lib.mdDoc '' 914 - Optional identity of the service provider. 915 - This defaults to the server URL. 916 - ''; 917 - }; 918 - identifierFormat = mkOption { 919 - type = types.str; 920 - default = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"; 921 - description = lib.mdDoc '' 922 - Optional name identifier format. 923 - ''; 924 - }; 925 - groupAttribute = mkOption { 926 - type = types.str; 927 - default = ""; 928 - example = "memberOf"; 929 - description = lib.mdDoc '' 930 - Optional attribute name for group list. 931 - ''; 932 - }; 933 - externalGroups = mkOption { 934 - type = types.listOf types.str; 935 - default = []; 936 - example = [ "Temporary-staff" "External-users" ]; 937 - description = lib.mdDoc '' 938 - Excluded group names. 939 - ''; 940 - }; 941 - requiredGroups = mkOption { 942 - type = types.listOf types.str; 943 - default = []; 944 - example = [ "Hedgedoc-Users" ]; 945 - description = lib.mdDoc '' 946 - Required group names. 947 - ''; 948 - }; 949 - providerName = mkOption { 950 - type = types.str; 951 - default = ""; 952 - example = "My institution"; 953 - description = lib.mdDoc '' 954 - Optional name to be displayed at login form indicating the SAML provider. 955 - ''; 956 - }; 957 - attribute = { 958 - id = mkOption { 959 - type = types.str; 960 - default = ""; 961 - description = lib.mdDoc '' 962 - Attribute map for `id`. 963 - Defaults to `NameID` of SAML response. 964 - ''; 965 - }; 966 - username = mkOption { 967 - type = types.str; 968 - default = ""; 969 - description = lib.mdDoc '' 970 - Attribute map for `username`. 971 - Defaults to `NameID` of SAML response. 972 - ''; 973 - }; 974 - email = mkOption { 975 - type = types.str; 976 - default = ""; 977 - description = lib.mdDoc '' 978 - Attribute map for `email`. 979 - Defaults to `NameID` of SAML response if 980 - {option}`identifierFormat` has 981 - the default value. 982 - ''; 983 - }; 984 - }; 177 + 178 + # Declared because we change the default to false. 179 + allowGravatar = mkOption { 180 + type = types.bool; 181 + default = false; 182 + example = true; 183 + description = mdDoc '' 184 + Whether to enable [Libravatar](https://wiki.libravatar.org/) as 185 + profile picture source on your instance. 186 + 187 + Despite the naming of the setting, Hedgedoc replaced Gravatar 188 + with Libravatar in [CodiMD 1.4.0](https://hedgedoc.org/releases/1.4.0/) 189 + ''; 985 190 }; 986 - }); 987 - default = null; 988 - description = lib.mdDoc "Configure the SAML integration."; 191 + }; 989 192 }; 990 - }; in lib.mkOption { 991 - type = lib.types.submodule { 992 - freeformType = settingsFormat.type; 993 - inherit options; 994 - }; 995 - description = lib.mdDoc '' 193 + 194 + description = mdDoc '' 996 195 HedgeDoc configuration, see 997 196 <https://docs.hedgedoc.org/configuration/> 998 197 for documentation. ··· 1003 202 type = with types; nullOr path; 1004 203 default = null; 1005 204 example = "/var/lib/hedgedoc/hedgedoc.env"; 1006 - description = lib.mdDoc '' 205 + description = mdDoc '' 1007 206 Environment file as defined in {manpage}`systemd.exec(5)`. 1008 207 1009 208 Secrets may be passed to the service without adding them to the world-readable ··· 1028 227 }; 1029 228 }; 1030 229 1031 - config = mkIf cfg.enable { 1032 - assertions = [ 1033 - { assertion = cfg.settings.db == {} -> ( 1034 - cfg.settings.dbURL != "" && cfg.settings.dbURL != null 1035 - ); 1036 - message = "Database configuration for HedgeDoc missing."; } 1037 - ]; 1038 - users.groups.${name} = {}; 230 + config = lib.mkIf cfg.enable { 231 + users.groups.${name} = { }; 1039 232 users.users.${name} = { 1040 233 description = "HedgeDoc service user"; 1041 234 group = name; 1042 - extraGroups = cfg.groups; 1043 - home = cfg.workDir; 1044 - createHome = true; 1045 235 isSystemUser = true; 1046 236 }; 1047 237 238 + services.hedgedoc.settings = { 239 + defaultNotePath = lib.mkDefault "${cfg.package}/public/default.md"; 240 + docsPath = lib.mkDefault "${cfg.package}/public/docs"; 241 + viewPath = lib.mkDefault "${cfg.package}/public/views"; 242 + }; 243 + 1048 244 systemd.services.hedgedoc = { 1049 245 description = "HedgeDoc Service"; 246 + documentation = [ "https://docs.hedgedoc.org/" ]; 1050 247 wantedBy = [ "multi-user.target" ]; 1051 248 after = [ "networking.target" ]; 1052 - preStart = '' 1053 - ${pkgs.envsubst}/bin/envsubst \ 1054 - -o ${cfg.workDir}/config.json \ 1055 - -i ${prettyJSON cfg.settings} 1056 - mkdir -p ${cfg.settings.uploadsPath} 1057 - ''; 249 + preStart = 250 + let 251 + configFile = settingsFormat.generate "hedgedoc-config.json" { 252 + production = cfg.settings; 253 + }; 254 + in 255 + '' 256 + ${pkgs.envsubst}/bin/envsubst \ 257 + -o /run/${name}/config.json \ 258 + -i ${configFile} 259 + ${pkgs.coreutils}/bin/mkdir -p ${cfg.settings.uploadsPath} 260 + ''; 1058 261 serviceConfig = { 1059 - WorkingDirectory = cfg.workDir; 1060 - StateDirectory = [ cfg.workDir cfg.settings.uploadsPath ]; 1061 - ExecStart = "${lib.getExe cfg.package}"; 1062 - EnvironmentFile = mkIf (cfg.environmentFile != null) [ cfg.environmentFile ]; 262 + User = name; 263 + Group = name; 264 + 265 + Restart = "always"; 266 + ExecStart = "${cfg.package}/bin/hedgedoc"; 267 + RuntimeDirectory = [ name ]; 268 + StateDirectory = [ name ]; 269 + WorkingDirectory = "/run/${name}"; 270 + ReadWritePaths = [ 271 + "-${cfg.settings.uploadsPath}" 272 + ] ++ lib.optionals (cfg.settings.db ? "storage") [ "-${cfg.settings.db.storage}" ]; 273 + EnvironmentFile = lib.mkIf (cfg.environmentFile != null) [ cfg.environmentFile ]; 1063 274 Environment = [ 1064 - "CMD_CONFIG_FILE=${cfg.workDir}/config.json" 275 + "CMD_CONFIG_FILE=/run/${name}/config.json" 1065 276 "NODE_ENV=production" 1066 277 ]; 1067 - Restart = "always"; 1068 - User = name; 278 + 279 + # Hardening 280 + AmbientCapabilities = ""; 281 + CapabilityBoundingSet = ""; 282 + LockPersonality = true; 283 + NoNewPrivileges = true; 284 + PrivateDevices = true; 285 + PrivateMounts = true; 1069 286 PrivateTmp = true; 287 + PrivateUsers = true; 288 + ProcSubset = "pid"; 289 + ProtectClock = true; 290 + ProtectControlGroups = true; 291 + ProtectHome = true; 292 + ProtectHostname = true; 293 + ProtectKernelLogs = true; 294 + ProtectKernelModules = true; 295 + ProtectKernelTunables = true; 296 + ProtectProc = "invisible"; 297 + ProtectSystem = "strict"; 298 + RemoveIPC = true; 299 + RestrictAddressFamilies = [ 300 + "AF_INET" 301 + "AF_INET6" 302 + # Required for connecting to database sockets, 303 + # and listening to unix socket at `cfg.settings.path` 304 + "AF_UNIX" 305 + ]; 306 + RestrictNamespaces = true; 307 + RestrictRealtime = true; 308 + RestrictSUIDSGID = true; 309 + SocketBindAllow = lib.mkIf (cfg.settings.path == null) cfg.settings.port; 310 + SocketBindDeny = "any"; 311 + SystemCallArchitectures = "native"; 312 + SystemCallFilter = [ 313 + "@system-service" 314 + "~@privileged @obsolete" 315 + "@pkey" 316 + ]; 317 + UMask = "0007"; 1070 318 }; 1071 319 }; 1072 320 };

+1 -1

nixos/modules/services/web-apps/hledger-web.nix

··· 7 7 8 8 enable = mkEnableOption (lib.mdDoc "hledger-web service"); 9 9 10 - serveApi = mkEnableOption (lib.mdDoc "Serve only the JSON web API, without the web UI"); 10 + serveApi = mkEnableOption (lib.mdDoc "serving only the JSON web API, without the web UI"); 11 11 12 12 host = mkOption { 13 13 type = types.str;

+2 -2

nixos/modules/services/web-apps/isso.nix

··· 12 12 options = { 13 13 services.isso = { 14 14 enable = mkEnableOption (lib.mdDoc '' 15 - A commenting server similar to Disqus. 15 + isso, a commenting server similar to Disqus. 16 16 17 17 Note: The application's author suppose to run isso behind a reverse proxy. 18 18 The embedded solution offered by NixOS is also only suitable for small installations 19 - below 20 requests per second. 19 + below 20 requests per second 20 20 ''); 21 21 22 22 settings = mkOption {

+2 -2

nixos/modules/services/web-apps/jitsi-meet.nix

··· 105 105 type = bool; 106 106 default = true; 107 107 description = lib.mdDoc '' 108 - Whether to enable Jitsi Videobridge instance and configure it to connect to Prosody. 108 + Jitsi Videobridge instance and configure it to connect to Prosody. 109 109 110 - Additional configuration is possible with {option}`services.jitsi-videobridge`. 110 + Additional configuration is possible with {option}`services.jitsi-videobridge` 111 111 ''; 112 112 }; 113 113

+2 -2

nixos/modules/services/web-apps/meme-bingo-web.nix

··· 8 8 options = { 9 9 services.meme-bingo-web = { 10 10 enable = mkEnableOption (mdDoc '' 11 - A web app for the meme bingo, rendered entirely on the web server and made interactive with forms. 11 + a web app for the meme bingo, rendered entirely on the web server and made interactive with forms. 12 12 13 - Note: The application's author suppose to run meme-bingo-web behind a reverse proxy for SSL and HTTP/3. 13 + Note: The application's author suppose to run meme-bingo-web behind a reverse proxy for SSL and HTTP/3 14 14 ''); 15 15 16 16 package = mkOption {

+1 -1

nixos/modules/services/web-apps/phylactery.nix

··· 4 4 let cfg = config.services.phylactery; 5 5 in { 6 6 options.services.phylactery = { 7 - enable = mkEnableOption (lib.mdDoc "Whether to enable Phylactery server"); 7 + enable = mkEnableOption (lib.mdDoc "Phylactery server"); 8 8 9 9 host = mkOption { 10 10 type = types.str;

+1 -1

nixos/modules/services/web-apps/snipe-it.nix

··· 30 30 in { 31 31 options.services.snipe-it = { 32 32 33 - enable = mkEnableOption (lib.mdDoc "A free open source IT asset/license management system"); 33 + enable = mkEnableOption (lib.mdDoc "snipe-it, a free open source IT asset/license management system"); 34 34 35 35 user = mkOption { 36 36 default = "snipeit";

+1 -1

nixos/modules/services/web-apps/zitadel.nix

··· 9 9 options.services.zitadel = 10 10 let inherit (lib) mkEnableOption mkOption mkPackageOption types; 11 11 in { 12 - enable = mkEnableOption "ZITADEL, a user and identity access management platform."; 12 + enable = mkEnableOption "ZITADEL, a user and identity access management platform"; 13 13 14 14 package = mkPackageOption pkgs "ZITADEL" { default = [ "zitadel" ]; }; 15 15

+1 -1

nixos/modules/services/web-servers/keter/default.nix

··· 16 16 options.services.keter = { 17 17 enable = lib.mkEnableOption (lib.mdDoc ''keter, a web app deployment manager. 18 18 Note that this module only support loading of webapps: 19 - Keep an old app running and swap the ports when the new one is booted. 19 + Keep an old app running and swap the ports when the new one is booted 20 20 ''); 21 21 22 22 root = lib.mkOption {

+1 -1

nixos/modules/services/web-servers/rustus.nix

··· 8 8 9 9 options.services.rustus = { 10 10 11 - enable = mkEnableOption (lib.mdDoc "TUS protocol implementation in Rust."); 11 + enable = mkEnableOption (lib.mdDoc "TUS protocol implementation in Rust"); 12 12 13 13 host = mkOption { 14 14 type = types.str;

+1 -1

nixos/modules/services/x11/desktop-managers/deepin.nix

··· 15 15 options = { 16 16 17 17 services.xserver.desktopManager.deepin = { 18 - enable = mkEnableOption (lib.mdDoc "Enable Deepin desktop manager"); 18 + enable = mkEnableOption (lib.mdDoc "Deepin desktop manager"); 19 19 extraGSettingsOverrides = mkOption { 20 20 default = ""; 21 21 type = types.lines;

+1 -1

nixos/modules/system/activation/bootspec.nix

··· 79 79 // { default = true; internal = true; }; 80 80 enableValidation = lib.mkEnableOption (lib.mdDoc ''the validation of bootspec documents for each build. 81 81 This will introduce Go in the build-time closure as we are relying on [Cuelang](https://cuelang.org/) for schema validation. 82 - Enable this option if you want to ascertain that your documents are correct. 82 + Enable this option if you want to ascertain that your documents are correct 83 83 '' 84 84 ); 85 85

+3 -1

nixos/modules/system/activation/switch-to-configuration.pl

··· 599 599 $units_to_start{$unit} = 1; 600 600 record_unit($start_list_file, $unit); 601 601 # Don't spam the user with target units that always get started. 602 - $units_to_filter{$unit} = 1; 602 + if (($ENV{"STC_DISPLAY_ALL_UNITS"} // "") ne "1") { 603 + $units_to_filter{$unit} = 1; 604 + } 603 605 } 604 606 } 605 607

+1 -1

nixos/modules/system/boot/grow-partition.nix

··· 12 12 ]; 13 13 14 14 options = { 15 - boot.growPartition = mkEnableOption (lib.mdDoc "grow the root partition on boot"); 15 + boot.growPartition = mkEnableOption (lib.mdDoc "growing the root partition on boot"); 16 16 }; 17 17 18 18 config = mkIf config.boot.growPartition {

+1 -1

nixos/modules/system/boot/loader/external/external.nix

··· 12 12 }; 13 13 14 14 options.boot.loader.external = { 15 - enable = mkEnableOption (lib.mdDoc "use an external tool to install your bootloader"); 15 + enable = mkEnableOption (lib.mdDoc "using an external tool to install your bootloader"); 16 16 17 17 installHook = mkOption { 18 18 type = with types; path;

+1 -1

nixos/modules/system/boot/systemd/homed.nix

··· 5 5 in 6 6 { 7 7 options.services.homed.enable = lib.mkEnableOption (lib.mdDoc '' 8 - Enable systemd home area/user account manager 8 + systemd home area/user account manager 9 9 ''); 10 10 11 11 config = lib.mkIf cfg.enable {

+1 -1

nixos/modules/system/boot/systemd/userdbd.nix

··· 5 5 in 6 6 { 7 7 options.services.userdbd.enable = lib.mkEnableOption (lib.mdDoc '' 8 - Enables the systemd JSON user/group record lookup service 8 + the systemd JSON user/group record lookup service 9 9 ''); 10 10 config = lib.mkIf cfg.enable { 11 11 systemd.additionalUpstreamSystemUnits = [

+49 -13

nixos/tests/hedgedoc.nix

··· 8 8 9 9 nodes = { 10 10 hedgedocSqlite = { ... }: { 11 + services.hedgedoc.enable = true; 12 + }; 13 + 14 + hedgedocPostgresWithTCPSocket = { ... }: { 15 + systemd.services.hedgedoc.after = [ "postgresql.service" ]; 11 16 services = { 12 17 hedgedoc = { 13 18 enable = true; 14 - settings.dbURL = "sqlite:///var/lib/hedgedoc/hedgedoc.db"; 19 + settings.db = { 20 + dialect = "postgres"; 21 + user = "hedgedoc"; 22 + password = "$DB_PASSWORD"; 23 + host = "localhost"; 24 + port = 5432; 25 + database = "hedgedocdb"; 26 + }; 27 + 28 + /* 29 + * Do not use pkgs.writeText for secrets as 30 + * they will end up in the world-readable Nix store. 31 + */ 32 + environmentFile = pkgs.writeText "hedgedoc-env" '' 33 + DB_PASSWORD=snakeoilpassword 34 + ''; 35 + }; 36 + postgresql = { 37 + enable = true; 38 + initialScript = pkgs.writeText "pg-init-script.sql" '' 39 + CREATE ROLE hedgedoc LOGIN PASSWORD 'snakeoilpassword'; 40 + CREATE DATABASE hedgedocdb OWNER hedgedoc; 41 + ''; 15 42 }; 16 43 }; 17 44 }; 18 45 19 - hedgedocPostgres = { ... }: { 46 + hedgedocPostgresWithUNIXSocket = { ... }: { 20 47 systemd.services.hedgedoc.after = [ "postgresql.service" ]; 21 48 services = { 22 49 hedgedoc = { 23 50 enable = true; 24 - settings.dbURL = "postgres://hedgedoc:\${DB_PASSWORD}@localhost:5432/hedgedocdb"; 51 + settings.db = { 52 + dialect = "postgres"; 53 + user = "hedgedoc"; 54 + password = "$DB_PASSWORD"; 55 + host = "/run/postgresql"; 56 + database = "hedgedocdb"; 57 + }; 25 58 26 - /* 27 - * Do not use pkgs.writeText for secrets as 28 - * they will end up in the world-readable Nix store. 29 - */ 30 59 environmentFile = pkgs.writeText "hedgedoc-env" '' 31 60 DB_PASSWORD=snakeoilpassword 32 61 ''; ··· 50 79 hedgedocSqlite.wait_for_open_port(3000) 51 80 hedgedocSqlite.wait_until_succeeds("curl -sSf http://localhost:3000/new") 52 81 53 - with subtest("HedgeDoc postgres"): 54 - hedgedocPostgres.wait_for_unit("postgresql.service") 55 - hedgedocPostgres.wait_for_unit("hedgedoc.service") 56 - hedgedocPostgres.wait_for_open_port(5432) 57 - hedgedocPostgres.wait_for_open_port(3000) 58 - hedgedocPostgres.wait_until_succeeds("curl -sSf http://localhost:3000/new") 82 + with subtest("HedgeDoc postgres with TCP socket"): 83 + hedgedocPostgresWithTCPSocket.wait_for_unit("postgresql.service") 84 + hedgedocPostgresWithTCPSocket.wait_for_unit("hedgedoc.service") 85 + hedgedocPostgresWithTCPSocket.wait_for_open_port(5432) 86 + hedgedocPostgresWithTCPSocket.wait_for_open_port(3000) 87 + hedgedocPostgresWithTCPSocket.wait_until_succeeds("curl -sSf http://localhost:3000/new") 88 + 89 + with subtest("HedgeDoc postgres with UNIX socket"): 90 + hedgedocPostgresWithUNIXSocket.wait_for_unit("postgresql.service") 91 + hedgedocPostgresWithUNIXSocket.wait_for_unit("hedgedoc.service") 92 + hedgedocPostgresWithUNIXSocket.wait_for_open_port(5432) 93 + hedgedocPostgresWithUNIXSocket.wait_for_open_port(3000) 94 + hedgedocPostgresWithUNIXSocket.wait_until_succeeds("curl -sSf http://localhost:3000/new") 59 95 ''; 60 96 })

+2 -2

pkgs/applications/blockchains/bitcoin/default.nix

··· 33 33 in 34 34 stdenv.mkDerivation rec { 35 35 pname = if withGui then "bitcoin" else "bitcoind"; 36 - version = "25.0"; 36 + version = "25.1"; 37 37 38 38 src = fetchurl { 39 39 urls = [ 40 40 "https://bitcoincore.org/bin/bitcoin-core-${version}/bitcoin-${version}.tar.gz" 41 41 ]; 42 42 # hash retrieved from signed SHA256SUMS 43 - sha256 = "5df67cf42ca3b9a0c38cdafec5bbb517da5b58d251f32c8d2a47511f9be1ebc2"; 43 + sha256 = "bec2a598d8dfa8c2365b77f13012a733ec84b8c30386343b7ac1996e901198c9"; 44 44 }; 45 45 46 46 nativeBuildInputs =

+2

pkgs/applications/blockchains/lighthouse/default.nix

··· 14 14 , rustPlatform 15 15 , Security 16 16 , sqlite 17 + , rust-jemalloc-sys 17 18 , stdenv 18 19 , SystemConfiguration 19 20 , testers ··· 70 71 71 72 buildInputs = [ 72 73 sqlite 74 + rust-jemalloc-sys 73 75 ] ++ lib.optionals stdenv.isDarwin [ 74 76 CoreFoundation 75 77 Security

+4 -1

pkgs/applications/blockchains/polkadot/default.nix

··· 2 2 , lib 3 3 , protobuf 4 4 , rocksdb 5 + , rust-jemalloc-sys-unprefixed 5 6 , rustPlatform 6 7 , rustc-wasm32 7 8 , stdenv ··· 60 61 rustc-wasm32.llvmPackages.lld 61 62 ]; 62 63 63 - buildInputs = lib.optionals stdenv.isDarwin [ Security SystemConfiguration ]; 64 + buildInputs = [ 65 + rust-jemalloc-sys-unprefixed 66 + ] ++ lib.optionals stdenv.isDarwin [ Security SystemConfiguration ]; 64 67 65 68 # NOTE: we need to force lld otherwise rust-lld is not found for wasm32 target 66 69 CARGO_TARGET_WASM32_UNKNOWN_UNKNOWN_LINKER = "lld";

+3 -3

pkgs/applications/editors/hexdino/default.nix

··· 2 2 3 3 rustPlatform.buildRustPackage rec { 4 4 pname = "hexdino"; 5 - version = "0.1.2"; 5 + version = "0.1.3"; 6 6 7 7 src = fetchFromGitHub { 8 8 owner = "Luz"; 9 9 repo = pname; 10 10 rev = version; 11 - sha256 = "sha256-OFtOa6StpOuLgkULnY5MlqDcSTEiMxogowHIBEiGr4E="; 11 + hash = "sha256-glbyftCJiP0/5trW7DOcVCU2q4ZH3zFK96eyGuYR8eY="; 12 12 }; 13 13 14 - cargoSha256 = "sha256-lvLiRQNH3rpu+JTXWhQtXczmGRWGtnnLDknZaMp3d0s="; 14 + cargoHash = "sha256-nldA8gDMj0iO+HgatiuMqzR6ZCjbxFsTp5pDGbFKA1k="; 15 15 16 16 meta = with lib; { 17 17 description = "A hex editor with vim like keybindings written in Rust";

+3 -3

pkgs/applications/editors/tecoc/default.nix

··· 7 7 8 8 stdenv.mkDerivation (finalAttrs: { 9 9 pname = "tecoc"; 10 - version = "unstable-2023-04-21"; 10 + version = "unstable-2023-06-21"; 11 11 12 12 src = fetchFromGitHub { 13 13 owner = "blakemcbride"; 14 14 repo = "TECOC"; 15 - rev = "021d1d15242b9d6c84d70c9ffcf1871793898f0a"; 16 - hash = "sha256-VGIO+uiAZkdzLYmJztmnKTS4HDIVow4AimaneHj7E1M="; 15 + rev = "b4a96395a18c7e64ccaef0e25fdde3b7ef33ac4b"; 16 + hash = "sha256-KTOGsTtxJh2sneU2VoDNUHcL3m8zt+3rBZTDvK1n02A="; 17 17 }; 18 18 19 19 buildInputs = [ ncurses ];

+3 -2

pkgs/applications/misc/octoprint/default.nix

··· 86 86 owner = "OctoPrint"; 87 87 repo = "OctoPrint"; 88 88 rev = version; 89 - hash = "sha256-SYN/BrcukHMDwk70XGu/pO45fSPr/KOEyd4wxtz2Fo0="; 89 + hash = "sha256-71uE8JvcS++xH8WSVWj5x0+9s3XIwf3A64c6YtxpSRc="; 90 90 }; 91 91 92 92 propagatedBuildInputs = with self; [ ··· 114 114 netifaces 115 115 octoprint-filecheck 116 116 octoprint-firmwarecheck 117 - octoprint-pisupport 118 117 passlib 119 118 pathvalidate 120 119 pkginfo ··· 142 141 pydantic 143 142 ] ++ lib.optionals stdenv.isDarwin [ 144 143 py.pkgs.appdirs 144 + ] ++ lib.optionals (!stdenv.isDarwin) [ 145 + octoprint-pisupport 145 146 ]; 146 147 147 148 nativeCheckInputs = with self; [

+29 -25

pkgs/applications/networking/browsers/chromium/common.nix

··· 148 148 else throw "no chromium Rosetta Stone entry for os: ${platform.config}"; 149 149 }; 150 150 151 + recompressTarball = { version, sha256 ? "" }: fetchzip { 152 + name = "chromium-${version}.tar.zstd"; 153 + url = "https://commondatastorage.googleapis.com/chromium-browser-official/chromium-${version}.tar.xz"; 154 + inherit sha256; 155 + 156 + nativeBuildInputs = [ zstd ]; 157 + 158 + postFetch = '' 159 + echo removing unused code from tarball to stay under hydra limit 160 + rm -r $out/third_party/{rust-src,llvm} 161 + 162 + echo moving remains out of \$out 163 + mv $out source 164 + 165 + echo recompressing final contents into new tarball 166 + # try to make a deterministic tarball 167 + tar \ 168 + --use-compress-program "zstd -T$NIX_BUILD_CORES" \ 169 + --sort name \ 170 + --mtime 1970-01-01 \ 171 + --owner=root --group=root \ 172 + --numeric-owner --mode=go=rX,u+rw,a-s \ 173 + -cf $out source 174 + ''; 175 + }; 176 + 177 + 151 178 base = rec { 152 179 pname = "${packageName}-unwrapped"; 153 180 inherit (upstream-info) version; 154 181 inherit packageName buildType buildPath; 155 182 156 - src = fetchzip { 157 - name = "chromium-${version}.tar.zstd"; 158 - url = "https://commondatastorage.googleapis.com/chromium-browser-official/chromium-${version}.tar.xz"; 159 - inherit (upstream-info) sha256; 160 - 161 - nativeBuildInputs = [ zstd ]; 162 - 163 - postFetch = '' 164 - echo removing unused code from tarball to stay under hydra limit 165 - rm -r $out/third_party/{rust-src,llvm} 166 - 167 - echo moving remains out of \$out 168 - mv $out source 169 - 170 - echo recompressing final contents into new tarball 171 - # try to make a deterministic tarball 172 - tar \ 173 - --use-compress-program "zstd -T$NIX_BUILD_CORES" \ 174 - --sort name \ 175 - --mtime 1970-01-01 \ 176 - --owner=root --group=root \ 177 - --numeric-owner --mode=go=rX,u+rw,a-s \ 178 - -cf $out source 179 - ''; 180 - }; 183 + src = recompressTarball { inherit version; inherit (upstream-info) sha256; }; 181 184 182 185 nativeBuildInputs = [ 183 186 ninja pkg-config ··· 486 489 chromiumDeps = { 487 490 gn = gnChromium; 488 491 }; 492 + inherit recompressTarball; 489 493 }; 490 494 } 491 495 # overwrite `version` with the exact same `version` from the same source,

+22 -3

pkgs/applications/networking/browsers/chromium/update.py

··· 21 21 22 22 RELEASES_URL = 'https://versionhistory.googleapis.com/v1/chrome/platforms/linux/channels/all/versions/all/releases' 23 23 DEB_URL = 'https://dl.google.com/linux/chrome/deb/pool/main/g' 24 - BUCKET_URL = 'https://commondatastorage.googleapis.com/chromium-browser-official' 25 24 26 25 PIN_PATH = dirname(abspath(__file__)) + '/upstream-info.nix' 27 26 UNGOOGLED_FLAGS_PATH = dirname(abspath(__file__)) + '/ungoogled-flags.toml' 28 27 COMMIT_MESSAGE_SCRIPT = dirname(abspath(__file__)) + '/get-commit-message.py' 29 - 28 + NIXPKGS_PATH = subprocess.check_output(["git", "rev-parse", "--show-toplevel"], cwd=dirname(PIN_PATH)).strip() 30 29 31 30 def load_as_json(path): 32 31 """Loads the given nix file as JSON.""" ··· 40 39 formatted = subprocess.check_output(['nixfmt'], input=nix) 41 40 with open(path, 'w') as out: 42 41 out.write(formatted.decode()) 42 + 43 + def prefetch_src_sri_hash(attr_path, version): 44 + """Prefetches the fixed-output-derivation source tarball and returns its SRI-Hash.""" 45 + print(f'nix-build (FOD prefetch) {attr_path} {version}') 46 + out = subprocess.run( 47 + ["nix-build", "--expr", f'(import ./. {{}}).{attr_path}.browser.passthru.recompressTarball {{ version = "{version}"; }}'], 48 + cwd=NIXPKGS_PATH, 49 + stderr=subprocess.PIPE 50 + ).stderr.decode() 51 + 52 + for line in iter(out.split("\n")): 53 + match = re.match(r"\s+got:\s+(.+)$", line) 54 + if match: 55 + print(f'Hash: {match.group(1)}') 56 + return match.group(1) 57 + print(f'{out}\n\nError: Expected hash in nix-build stderr output.', file=sys.stderr) 58 + sys.exit(1) 43 59 44 60 def nix_prefetch_url(url, algo='sha256'): 45 61 """Prefetches the content of the given URL.""" ··· 206 222 google_chrome_suffix = channel_name 207 223 208 224 try: 209 - channel['sha256'] = nix_prefetch_url(f'{BUCKET_URL}/chromium-{release["version"]}.tar.xz') 225 + channel['sha256'] = prefetch_src_sri_hash( 226 + channel_name_to_attr_name(channel_name), 227 + release["version"] 228 + ) 210 229 channel['sha256bin64'] = nix_prefetch_url( 211 230 f'{DEB_URL}/google-chrome-{google_chrome_suffix}/' + 212 231 f'google-chrome-{google_chrome_suffix}_{release["version"]}-1_amd64.deb')

+8 -8

pkgs/applications/networking/browsers/chromium/upstream-info.nix

··· 41 41 version = "2023-08-10"; 42 42 }; 43 43 }; 44 - sha256 = "1g8rllmnmhmmpjzrmi3cww0nszxicq0kim2wd0l0ip2mzk2p8qlp"; 45 - sha256bin64 = "1bq170l0g9yq17x6xlg6fjar6gv3hdi0zijwmx4s02pmw6727484"; 46 - version = "118.0.5993.70"; 44 + sha256 = "sha256-CTkw92TiRD2tkYu5a5dy8fjpR2MMOMCvcbxXhJ36Bp8="; 45 + sha256bin64 = "06rbsjh4khhl408181ns5nsdwasklb277fdjfajdv5h1j9a190k3"; 46 + version = "118.0.5993.88"; 47 47 }; 48 48 ungoogled-chromium = { 49 49 deps = { ··· 54 54 version = "2023-08-10"; 55 55 }; 56 56 ungoogled-patches = { 57 - rev = "118.0.5993.70-1"; 58 - sha256 = "0k6684cy1ks6yba2bdz17g244f05qy9769cvis4h2jzhgbf5rysh"; 57 + rev = "118.0.5993.88-1"; 58 + sha256 = "17j47d64l97ascp85h8cnfnr5wr4va3bdk95wmagqss7ym5c7zsf"; 59 59 }; 60 60 }; 61 - sha256 = "1g8rllmnmhmmpjzrmi3cww0nszxicq0kim2wd0l0ip2mzk2p8qlp"; 62 - sha256bin64 = "1bq170l0g9yq17x6xlg6fjar6gv3hdi0zijwmx4s02pmw6727484"; 63 - version = "118.0.5993.70"; 61 + sha256 = "sha256-CTkw92TiRD2tkYu5a5dy8fjpR2MMOMCvcbxXhJ36Bp8="; 62 + sha256bin64 = "06rbsjh4khhl408181ns5nsdwasklb277fdjfajdv5h1j9a190k3"; 63 + version = "118.0.5993.88"; 64 64 }; 65 65 }

+2 -2

pkgs/applications/networking/cluster/starboard/default.nix

··· 2 2 3 3 buildGoModule rec { 4 4 pname = "starboard"; 5 - version = "0.15.15"; 5 + version = "0.15.16"; 6 6 7 7 src = fetchFromGitHub { 8 8 owner = "aquasecurity"; 9 9 repo = pname; 10 10 rev = "v${version}"; 11 - sha256 = "sha256-aKxRjPXvj9rGUheUjpjGWlzg9I6LaCxfc6FJV8Kzj3I="; 11 + sha256 = "sha256-n4gChQQMVdtEKW2WqQAEVtlU2fFxLxBem2yAJzDjx2Q="; 12 12 # populate values that require us to use git. By doing this in postFetch we 13 13 # can delete .git afterwards and maintain better reproducibility of the src. 14 14 leaveDotGit = true;

+2 -2

pkgs/applications/networking/cluster/tektoncd-cli/default.nix

··· 2 2 3 3 buildGoModule rec { 4 4 pname = "tektoncd-cli"; 5 - version = "0.32.0"; 5 + version = "0.32.1"; 6 6 7 7 src = fetchFromGitHub { 8 8 owner = "tektoncd"; 9 9 repo = "cli"; 10 10 rev = "v${version}"; 11 - sha256 = "sha256-Ilue0stXko8bkMMzXEHrdgJYIV5ZcI39hwFUya8X4ac="; 11 + sha256 = "sha256-qxKWyNQRWc0krdIfG6Mkn8ZZSkCkb0V41nIUsN5azGo="; 12 12 }; 13 13 14 14 vendorHash = null;

+2 -2

pkgs/applications/networking/cluster/terraform-backend-git/default.nix

··· 6 6 7 7 buildGoModule rec { 8 8 pname = "terraform-backend-git"; 9 - version = "0.1.5"; 9 + version = "0.1.6"; 10 10 11 11 src = fetchFromGitHub { 12 12 owner = "plumber-cd"; 13 13 repo = "terraform-backend-git"; 14 14 rev = "v${version}"; 15 - hash = "sha256-ryHFuHIEJ4i1R3oBW3w3aAvtv+vIrO745qwx0+SqBF4="; 15 + hash = "sha256-ZbQfL7uKCFD98HcoeqscZaIsWFvWH0Ytzlqr6fMmXUs="; 16 16 }; 17 17 18 18 vendorHash = "sha256-Y/4UgG/2Vp+gxBnGrNpAgRNfPZWJXhVo8TVa/VfOYt0=";

+16 -16

pkgs/applications/networking/instant-messengers/discord/default.nix

··· 1 1 { branch ? "stable", callPackage, fetchurl, lib, stdenv }: 2 2 let 3 3 versions = if stdenv.isLinux then { 4 - stable = "0.0.31"; 5 - ptb = "0.0.49"; 6 - canary = "0.0.170"; 7 - development = "0.0.234"; 4 + stable = "0.0.32"; 5 + ptb = "0.0.51"; 6 + canary = "0.0.171"; 7 + development = "0.0.1"; 8 8 } else { 9 - stable = "0.0.280"; 10 - ptb = "0.0.80"; 11 - canary = "0.0.315"; 12 - development = "0.0.8797"; 9 + stable = "0.0.281"; 10 + ptb = "0.0.82"; 11 + canary = "0.0.320"; 12 + development = "0.0.2"; 13 13 }; 14 14 version = versions.${branch}; 15 15 srcs = rec { 16 16 x86_64-linux = { 17 17 stable = fetchurl { 18 18 url = "https://dl.discordapp.net/apps/linux/${version}/discord-${version}.tar.gz"; 19 - hash = "sha256-toWwiMsEFsGaOYaPZziSmZtpzxGd9m+2MtxTrJwqFbw="; 19 + hash = "sha256-XeGDKRKnvDyl0AWm9Vs/PDeIfAq/FL9AsjLt+dNg1HQ="; 20 20 }; 21 21 ptb = fetchurl { 22 22 url = "https://dl-ptb.discordapp.net/apps/linux/${version}/discord-ptb-${version}.tar.gz"; 23 - hash = "sha256-o8cDoBe6A0wBjVLjp4JXrv3QsG7TZ/Kj4+T5lj6WHdY="; 23 + hash = "sha256-VlvGZ5qy61zse0mhvrROYwr0C94Zy1Kh4D4dp+sJTN0="; 24 24 }; 25 25 canary = fetchurl { 26 26 url = "https://dl-canary.discordapp.net/apps/linux/${version}/discord-canary-${version}.tar.gz"; 27 - hash = "sha256-Lw+qLAAwyoDBKDPOBA9HR79gcnqwTshFq6GMpFS0tXA="; 27 + hash = "sha256-NcmV+DPI5hfNdBUgoaOLsjG32QfjF+x7f01B6PR10Vc="; 28 28 }; 29 29 development = fetchurl { 30 30 url = "https://dl-development.discordapp.net/apps/linux/${version}/discord-development-${version}.tar.gz"; 31 - hash = "sha256-R5UwgpXgb32mEohTzyRVXmumcgPl8UPan3UjmLFLxLo="; 31 + hash = "sha256-ogLOZZ9pTXB01TqdnmdORIzZ8GbGzskUzbG4E68gZwY="; 32 32 }; 33 33 }; 34 34 x86_64-darwin = { 35 35 stable = fetchurl { 36 36 url = "https://dl.discordapp.net/apps/osx/${version}/Discord.dmg"; 37 - hash = "sha256-SUbpzd8RIf+e+so/dXZh5OkjCvWRC+EyqgeIg4u32Hg="; 37 + hash = "sha256-Qxh9K0u99xfsVPJyAD3bFeZPxBXg2EeDyM+rbF80EC8="; 38 38 }; 39 39 ptb = fetchurl { 40 40 url = "https://dl-ptb.discordapp.net/apps/osx/${version}/DiscordPTB.dmg"; 41 - hash = "sha256-IvrCjiZ5Oa616+U8C2ihg8THj7ePV2A8+82wUWqWoPY="; 41 + hash = "sha256-U99FiR3IUL8saGtVrWblWqsCIJc0rK5ZMII9/BL5H7w="; 42 42 }; 43 43 canary = fetchurl { 44 44 url = "https://dl-canary.discordapp.net/apps/osx/${version}/DiscordCanary.dmg"; 45 - hash = "sha256-m43SijSBxcAvYAlSFpQKIFILUm4AgSQ5F4XyQJyftts="; 45 + hash = "sha256-7fPlb4x116HIXEJr1G7wVHriOQu6/2u69SpbU9qxHNw="; 46 46 }; 47 47 development = fetchurl { 48 48 url = "https://dl-development.discordapp.net/apps/osx/${version}/DiscordDevelopment.dmg"; 49 - hash = "sha256-ra0El4Y7SqanY6ZBbHE1Y+pqel4OD7nXKKfg/vndULo="; 49 + hash = "sha256-iMw61dXtThXvz2GnZiM4+tURMRfXhrN/ze1RTBL6zy8="; 50 50 }; 51 51 }; 52 52 aarch64-darwin = x86_64-darwin;

+2

pkgs/applications/office/activitywatch/default.nix

··· 5 5 , pkg-config 6 6 , perl 7 7 , openssl 8 + , rust-jemalloc-sys 8 9 , python3 9 10 , wrapQtAppsHook 10 11 , qtbase ··· 173 174 174 175 buildInputs = [ 175 176 openssl 177 + rust-jemalloc-sys 176 178 ]; 177 179 178 180 postFixup = ''

+2 -2

pkgs/applications/science/molecular-dynamics/gromacs/default.nix

··· 20 20 21 21 in stdenv.mkDerivation rec { 22 22 pname = "gromacs"; 23 - version = "2023.2"; 23 + version = "2023.3"; 24 24 25 25 src = fetchurl { 26 26 url = "ftp://ftp.gromacs.org/pub/gromacs/gromacs-${version}.tar.gz"; 27 - sha256 = "sha256-vOFIByfksruQBBO3XZmjJm81B4d9pPWy1JHfeY+fza4="; 27 + sha256 = "sha256-Tsj40MevdrE/j9FtuOLBIOdJ3kOa6VVNn2U/gS140cs="; 28 28 }; 29 29 30 30 patches = [ ./pkgconfig.patch ];

+3 -3

pkgs/applications/version-management/git-mit/default.nix

··· 10 10 }: 11 11 12 12 let 13 - version = "5.12.161"; 13 + version = "5.12.162"; 14 14 in 15 15 rustPlatform.buildRustPackage { 16 16 pname = "git-mit"; ··· 20 20 owner = "PurpleBooth"; 21 21 repo = "git-mit"; 22 22 rev = "v${version}"; 23 - hash = "sha256-r0gRBOf/CC4HDh/N4Qi1/3DkPuuNlqfbvl4o5JqobKE="; 23 + hash = "sha256-qwnzq1CKo7kJXITpPjKAhk1dbGSj6TXat7ioP7o3ifg="; 24 24 }; 25 25 26 - cargoHash = "sha256-LgiO/wPoPjmxymcXl9zQ8n/xOnFfpravwpqEsUctxxw="; 26 + cargoHash = "sha256-AGE+zA5DHabqgzCC/T1DDG9bGPciSdl1euZbbCeKPzQ="; 27 27 28 28 nativeBuildInputs = [ pkg-config ]; 29 29

+3 -3

pkgs/applications/version-management/stgit/default.nix

··· 18 18 19 19 rustPlatform.buildRustPackage rec { 20 20 pname = "stgit"; 21 - version = "2.3.2"; 21 + version = "2.4.0"; 22 22 23 23 src = fetchFromGitHub { 24 24 owner = "stacked-git"; 25 25 repo = "stgit"; 26 26 rev = "v${version}"; 27 - hash = "sha256-rQNX54zmVHZKplEUNaKyVtCrC8Q4DdxLzNSStiYvDGA="; 27 + hash = "sha256-+ipNSdEaz3nVBTYS+A4Fauan0DaKZR69No95FTS2/4o="; 28 28 }; 29 - cargoHash = "sha256-ju8JQnohidBsydwwm6gNx1L24brmDWYXwNgfCl7G/aA="; 29 + cargoHash = "sha256-G0g+53HWxhJfozMGByhmgnxws6P10FY9fAOleqhn+Mk="; 30 30 31 31 nativeBuildInputs = [ 32 32 pkg-config installShellFiles makeWrapper asciidoc xmlto docbook_xsl

+43

pkgs/by-name/km/kmsvnc/package.nix

··· 1 + { lib 2 + , stdenv 3 + , fetchFromGitHub 4 + , cmake 5 + , pkg-config 6 + , libdrm 7 + , libvncserver 8 + , libxkbcommon 9 + , libva 10 + }: 11 + 12 + stdenv.mkDerivation rec { 13 + pname = "kmsvnc"; 14 + version = "0.0.5"; 15 + 16 + src = fetchFromGitHub { 17 + owner = "isjerryxiao"; 18 + repo = "kmsvnc"; 19 + rev = "v${version}"; 20 + hash = "sha256-Dz1y4t8u9/rnmOiYMWMq6aEq3kV47uiIK7K4DSvjZNc="; 21 + }; 22 + 23 + nativeBuildInputs = [ 24 + cmake 25 + pkg-config 26 + ]; 27 + 28 + buildInputs = [ 29 + libdrm 30 + libvncserver 31 + libxkbcommon 32 + libva 33 + ]; 34 + 35 + meta = with lib; { 36 + description = "A VNC server for DRM/KMS capable GNU/Linux devices"; 37 + homepage = "https://github.com/isjerryxiao/kmsvnc"; 38 + license = licenses.gpl3Only; 39 + maintainers = with maintainers; [ nickcao ]; 40 + mainProgram = "kmsvnc"; 41 + platforms = platforms.linux; 42 + }; 43 + }

+61

pkgs/by-name/pg/pgmoneta/package.nix

··· 1 + { lib 2 + , stdenv 3 + , bzip2 4 + , cjson 5 + , cmake 6 + , curl 7 + , docutils 8 + , fetchFromGitHub 9 + , libarchive 10 + , libev 11 + , libgccjit 12 + , libssh 13 + , lz4 14 + , openssl 15 + , systemd 16 + , zlib 17 + , zstd 18 + }: 19 + 20 + stdenv.mkDerivation rec { 21 + pname = "pgmoneta"; 22 + version = "0.7.0"; 23 + 24 + src = fetchFromGitHub { 25 + owner = "pgmoneta"; 26 + repo = "pgmoneta"; 27 + rev = version; 28 + hash = "sha256-Acg60QFMmRTubYWkPxbHTciVOYoIWc3GZGQVauewZik="; 29 + }; 30 + 31 + nativeBuildInputs = [ 32 + cmake 33 + docutils # for rst2man 34 + ]; 35 + 36 + buildInputs = [ 37 + bzip2 38 + cjson 39 + curl 40 + libarchive 41 + libev 42 + libgccjit 43 + libssh 44 + lz4 45 + openssl 46 + systemd 47 + zlib 48 + zstd 49 + ]; 50 + 51 + env.NIX_CFLAGS_COMPILE = "-Wno-error"; 52 + 53 + meta = with lib; { 54 + description = "Backup / restore solution for PostgreSQL"; 55 + homepage = "https://pgmoneta.github.io/"; 56 + changelog = "https://github.com/pgmoneta/pgmoneta/releases/tag/${version}"; 57 + license = licenses.bsd3; 58 + maintainers = [ maintainers.marsam ]; 59 + platforms = platforms.linux; 60 + }; 61 + }

+71

pkgs/by-name/tk/tkdiff/189.patch

··· 1 + Index: tkdiff 2 + =================================================================== 3 + diff --git a/tkdiff b/tkdiff 4 + --- a/tkdiff (revision 188) 5 + +++ b/tkdiff (revision 189) 6 + @@ -111,7 +111,7 @@ 7 + } 8 + 9 + # Determine the name of the temporary directory, the rc file name, 10 + -# and possible VPATH EnvVar, all of which are platform dependent. 11 + +# NULLdev, and possible VPATH EnvVar, all of which are platform dependent. 12 + # 13 + # Much MAY likely be overridden by a preference in .tkdiffrc, 14 + # EXCEPT (obviously) when no such file actually exists yet 15 + @@ -126,6 +126,9 @@ 16 + set opts(tmpdir) C:/temp 17 + } 18 + 19 + + # Reserved filename which is actually a NULL device 20 + + set opts(NULLdev) "nul" 21 + + 22 + # Split up and store a VPATH if it exists 23 + if {[info exists ::env(VPATH)]} { 24 + set finfo(Vpath) [split $::env(VPATH) ";"] 25 + @@ -145,6 +148,9 @@ 26 + set opts(tmpdir) $::env(TMPDIR) 27 + } {set opts(tmpdir) /tmp } 28 + 29 + + # Reserved filename which is actually a NULL device (Unix-like platforms) 30 + + set opts(NULLdev) "/dev/null" 31 + + 32 + # Split up and store a VPATH if it exists 33 + if {[info exists ::env(VPATH)]} { 34 + set finfo(Vpath) [split $::env(VPATH) ":"] 35 + @@ -2106,7 +2112,7 @@ 36 + # 1 Failed (PLUS a 'pushed' HARD-error message to the caller) 37 + ############################################################################### 38 + proc get-file {fn ndx {probe 0}} { 39 + - global g finfo 40 + + global g opts finfo 41 + 42 + # Ancestor files are stored into a slightly adjusted array element name 43 + # N.B> 'ndx' AS PASSED *can* be an EXPRESSION (not just a number): resolve! 44 + @@ -2121,7 +2127,7 @@ 45 + } elseif {!$tildechk} { 46 + # DO NOT REPORT non-existence if this attempt was ONLY a probe 47 + if {$probe} { return 1 } { set MSG "File '$fn' does not exist" } 48 + - } elseif {[file isfile $fn]} { 49 + + } elseif {[file isfile $fn] || $fn == $opts(NULLdev)} { 50 + set finfo(${A}lbl,$ndx) [shortNm [set finfo(${A}pth,$ndx) "$fn"]] 51 + } else { set MSG "'$fn' exists, but is not a file" } 52 + 53 + @@ -2857,7 +2863,7 @@ 54 + # Align various label decorations to the CURRENT input file pairing 55 + ############################################################################### 56 + proc alignDecor {pairnum} { 57 + - global g w finfo 58 + + global g w opts finfo 59 + 60 + # Establish if 3way mode is NOW active and what file indices are in use 61 + set g(is3way) [info exists finfo(albl,$pairnum)] 62 + @@ -2874,7 +2880,8 @@ 63 + set finfo(lbl,$LR) $finfo(ulbl,$ndx($n)) ;# Override lbl display 64 + } else {set finfo(lbl,$LR) $finfo(lbl,$ndx($n))} 65 + 66 + - if {![info exists finfo(tmp,$ndx($n))]} { 67 + + if {![info exists finfo(tmp,$ndx($n))] \ 68 + + && $finfo(pth,$ndx($n)) != $opts(NULLdev)} { 69 + # (N.B> Tip data will ALSO be used by report generation heading) 70 + set g(tooltip,${LR}Label) "{$finfo(pth,$ndx($n))\n" 71 + append g(tooltip,${LR}Label) \

+43

pkgs/by-name/tk/tkdiff/package.nix

··· 1 + { diffutils, fetchzip, lib, makeBinaryWrapper, stdenv, tk }: 2 + 3 + stdenv.mkDerivation (finalAttrs: { 4 + pname = "tkdiff"; 5 + version = "5.6"; 6 + 7 + src = fetchzip { 8 + url = "mirror://sourceforge/tkdiff/tkdiff-${builtins.replaceStrings ["."] ["-"] finalAttrs.version}.zip"; 9 + hash = "sha256-EpbIdjsejkkTaSpoZRM5AHz0r1Cio+YzRryK0BoghBk="; 10 + }; 11 + 12 + # fix regression: allow /dev/null again. eg: "tkdiff /dev/null file" 13 + # svn diff --git -r188:189 https://svn.code.sf.net/p/tkdiff/code/trunk 14 + patches = [ ./189.patch ]; 15 + 16 + nativeBuildInputs = [ makeBinaryWrapper ]; 17 + 18 + installPhase = '' 19 + runHook preInstall 20 + 21 + install -Dm755 -t $out/bin tkdiff 22 + wrapProgram $out/bin/tkdiff \ 23 + --prefix PATH : ${lib.makeBinPath [ diffutils tk ]} 24 + 25 + runHook postInstall 26 + ''; 27 + 28 + meta = { 29 + description = "A graphical front end to the diff program"; 30 + homepage = "https://tkdiff.sourceforge.io/"; 31 + license = lib.licenses.gpl2Plus; 32 + longDescription = '' 33 + TkDiff is a graphical front end to the diff program. It provides a 34 + side-by-side view of the differences between two text files, along 35 + with several innovative features such as diff bookmarks, a graphical 36 + map of differences for quick navigation, and a facility for slicing 37 + diff regions to achieve exactly the merge output desired. 38 + ''; 39 + mainProgram = "tkdiff"; 40 + maintainers = with lib.maintainers; [ robert-manchester ]; 41 + platforms = tk.meta.platforms; 42 + }; 43 + })

+2 -2

pkgs/data/icons/tela-circle-icon-theme/default.nix

··· 19 19 20 20 stdenvNoCC.mkDerivation rec { 21 21 inherit pname; 22 - version = "2023-06-25"; 22 + version = "2023-10-07"; 23 23 24 24 src = fetchFromGitHub { 25 25 owner = "vinceliuice"; 26 26 repo = pname; 27 27 rev = version; 28 - sha256 = "nob0Isx785YRP4QIj2CK+v99CUiRwtkge1dNXCCwaDs="; 28 + sha256 = "il+bYIcwm0BQF6U0J6h6rlzHSGSHYN/O8BezehYIpQ4="; 29 29 }; 30 30 31 31 nativeBuildInputs = [

+9 -2

pkgs/desktops/xfce/applications/xfce4-notifyd/default.nix

··· 1 1 { lib 2 2 , mkXfceDerivation 3 + , dbus 3 4 , glib 4 5 , gtk3 6 + , gtk-layer-shell 5 7 , libcanberra-gtk3 6 8 , libnotify 9 + , libX11 7 10 , libxfce4ui 8 11 , libxfce4util 9 12 , sqlite ··· 14 17 mkXfceDerivation { 15 18 category = "apps"; 16 19 pname = "xfce4-notifyd"; 17 - version = "0.8.2"; 20 + version = "0.9.2"; 21 + odd-unstable = false; 18 22 19 - sha256 = "sha256-M8L2HWTuQDl/prD7s6uptkW4XDscpk6fc+epoxjFNS8="; 23 + sha256 = "sha256-BHhz5LURXLeILxQ+iNQ+50yHd/oIF7twHAqxiBQ2hFE="; 20 24 21 25 buildInputs = [ 26 + dbus 22 27 gtk3 28 + gtk-layer-shell 23 29 glib 24 30 libcanberra-gtk3 25 31 libnotify 32 + libX11 26 33 libxfce4ui 27 34 libxfce4util 28 35 sqlite

+24

pkgs/development/libraries/jemalloc/rust.nix

··· 1 + { lib 2 + , stdenv 3 + , jemalloc 4 + , writeText 5 + 6 + , unprefixed ? false 7 + }: 8 + 9 + let 10 + # On some platforms the unprefixed feature will be ignored: 11 + # https://github.com/tikv/jemallocator/blob/ab0676d77e81268cd09b059260c75b38dbef2d51/jemalloc-sys/src/env.rs 12 + unprefixed' = unprefixed && !stdenv.hostPlatform.isMusl && !stdenv.hostPlatform.isDarwin && !stdenv.hostPlatform.isAndroid; 13 + 14 + in jemalloc.overrideAttrs (oldAttrs: { 15 + configureFlags = oldAttrs.configureFlags ++ [ 16 + "--with-private-namespace=_rjem_" 17 + ] ++ lib.optionals (!unprefixed') [ 18 + "--with-jemalloc-prefix=_rjem_" 19 + ]; 20 + 21 + setupHook = writeText "setup-hook.sh" '' 22 + export JEMALLOC_OVERRIDE="@out@/lib/libjemalloc${stdenv.hostPlatform.extensions.library}" 23 + ''; 24 + })

+2 -2

pkgs/development/php-packages/xdebug/default.nix

··· 1 1 { buildPecl, lib, fetchFromGitHub }: 2 2 3 3 let 4 - version = "3.2.2"; 4 + version = "3.3.0alpha3"; 5 5 in buildPecl { 6 6 inherit version; 7 7 ··· 11 11 owner = "xdebug"; 12 12 repo = "xdebug"; 13 13 rev = version; 14 - hash = "sha256-zbgJw2oPzyUTK0UwLAqpShBi+toVsEQcjoG4tIBder0="; 14 + hash = "sha256-LBrKQCR4qpV3yJpTknUNKX6mq+qSdBSveIoYmk5Vmoc="; 15 15 }; 16 16 17 17 doCheck = true;

+2 -2

pkgs/development/python-modules/argilla/default.nix

··· 65 65 }: 66 66 let 67 67 pname = "argilla"; 68 - version = "1.16.0"; 68 + version = "1.17.0"; 69 69 optional-dependencies = { 70 70 server = [ 71 71 fastapi ··· 126 126 owner = "argilla-io"; 127 127 repo = pname; 128 128 rev = "refs/tags/v${version}"; 129 - hash = "sha256-SKxIc7T9wmMMGQeebcRVOrB4Y5ETz9LSeKzzqI+wf80="; 129 + hash = "sha256-ggw6ABPn3d+aOj+0ETKYWWTha/2Recdnp/LGBXG1HY4="; 130 130 }; 131 131 132 132 pythonRelaxDeps = [

+6 -4

pkgs/development/python-modules/bespon/default.nix

··· 1 1 { lib 2 2 , buildPythonPackage 3 3 , fetchPypi 4 + , setuptools 4 5 }: 5 6 6 7 buildPythonPackage rec { 7 - version = "0.6.0"; 8 - pname = "BespON"; 8 + version = "0.7.0"; 9 + pname = "bespon"; 10 + format = "pyproject"; 9 11 10 12 src = fetchPypi { 11 13 inherit pname version; 12 - sha256 = "2f2bda67fea8ee95c8aa7e885835ab88bdbfa392a94077ce1c9d29017420ce7a"; 14 + hash = "sha256-dGtXw4uq6pdyXBVfSi9s7kCFUqA1PO7qWEGY0JNAz8Q="; 13 15 }; 14 16 15 - propagatedBuildInputs = [ ]; 17 + nativeBuildInputs = [ setuptools ]; 16 18 # upstream doesn't contain tests 17 19 doCheck = false; 18 20

+3 -3

pkgs/development/python-modules/chex/default.nix

··· 15 15 16 16 buildPythonPackage rec { 17 17 pname = "chex"; 18 - version = "0.1.83"; 18 + version = "0.1.84"; 19 19 format = "setuptools"; 20 20 21 21 disabled = pythonOlder "3.9"; 22 22 23 23 src = fetchFromGitHub { 24 24 owner = "deepmind"; 25 - repo = pname; 25 + repo = "chex"; 26 26 rev = "refs/tags/v${version}"; 27 - hash = "sha256-iEachJf5NjOnkMWdP0aVQHWNPgUUBkMnzHKq3GP7t4w="; 27 + hash = "sha256-LsUMvSMVGjqZuFDcb+/61RtFxweeG6bSFzmJUUMv6rA="; 28 28 }; 29 29 30 30 propagatedBuildInputs = [

+3 -3

pkgs/development/python-modules/jax/default.nix

··· 27 27 in 28 28 buildPythonPackage rec { 29 29 pname = "jax"; 30 - version = "0.4.18"; 30 + version = "0.4.19"; 31 31 pyproject = true; 32 32 33 33 disabled = pythonOlder "3.9"; 34 34 35 35 src = fetchFromGitHub { 36 36 owner = "google"; 37 - repo = pname; 37 + repo = "jax"; 38 38 # google/jax contains tags for jax and jaxlib. Only use jax tags! 39 39 rev = "refs/tags/${pname}-v${version}"; 40 - hash = "sha256-rDvWHa8jYCAA9iKbWaFUXdE/9L7AepFiNzmqOcc/090="; 40 + hash = "sha256-l5uLPqhg/hqtO9oJSaioow5cH/0jKHDVziGezkfnVcc="; 41 41 }; 42 42 43 43 nativeBuildInputs = [

+5 -5

pkgs/development/python-modules/jaxlib/bin.nix

··· 39 39 assert cudaSupport -> lib.versionAtLeast cudatoolkit.version "11.1" && lib.versionAtLeast cudnn.version "8.2" && stdenv.isLinux; 40 40 41 41 let 42 - version = "0.4.18"; 42 + version = "0.4.19"; 43 43 44 44 inherit (python) pythonVersion; 45 45 ··· 60 60 { 61 61 "x86_64-linux" = getSrcFromPypi { 62 62 platform = "manylinux2014_x86_64"; 63 - hash = "sha256-MpNomovvSVx4N6gsowOLksTyEgTK261vSXMGxYqlVOE="; 63 + hash = "sha256-ksnY+CPEstact5lKjbSg+ZSPJtSt0Y0NFWEFufBCByk="; 64 64 }; 65 65 "aarch64-darwin" = getSrcFromPypi { 66 66 platform = "macosx_11_0_arm64"; 67 - hash = "sha256-if/5O5DQVHFdsLw9O1creZBx5j8ftE7fsWMMX1NjHP0="; 67 + hash = "sha256-O7dHvdKLKfNELGfF4TKy7N5EX6Ca7Zu8OtLXWvFykR8="; 68 68 }; 69 69 "x86_64-darwin" = getSrcFromPypi { 70 70 platform = "macosx_10_14_x86_64"; 71 - hash = "sha256-4NeHA/0SGdmHXyDGxpK7oJc7dE1meR4LPjzbIwxloqU="; 71 + hash = "sha256-gqKMUZSXrt8sQtTAoQbzAfCzO8gM9Y1/tZpuJVWyN0Y="; 72 72 }; 73 73 }; 74 74 ··· 78 78 # https://github.com/google/jax/issues/12879 as to why this specific URL is the correct index. 79 79 gpuSrc = fetchurl { 80 80 url = "https://storage.googleapis.com/jax-releases/cuda12/jaxlib-${version}+cuda12.cudnn89-cp310-cp310-manylinux2014_x86_64.whl"; 81 - hash = "sha256-p6BNvhhRzVDQdpEoIRau5JovC+eDjlW3bXrahtsGvmI="; 81 + hash = "sha256-zfN0n31+5GohwBkeQrqHus4qOyhM/GEdqG6KUupCZ4o="; 82 82 }; 83 83 84 84 in

+5 -5

pkgs/development/python-modules/jaxlib/default.nix

··· 54 54 inherit (cudaPackages) backendStdenv cudatoolkit cudaFlags cudnn nccl; 55 55 56 56 pname = "jaxlib"; 57 - version = "0.4.18"; 57 + version = "0.4.19"; 58 58 59 59 meta = with lib; { 60 60 description = "JAX is Autograd and XLA, brought together for high-performance machine learning research."; ··· 151 151 repo = "jax"; 152 152 # google/jax contains tags for jax and jaxlib. Only use jaxlib tags! 153 153 rev = "refs/tags/${pname}-v${version}"; 154 - hash = "sha256-rDvWHa8jYCAA9iKbWaFUXdE/9L7AepFiNzmqOcc/090="; 154 + hash = "sha256-l5uLPqhg/hqtO9oJSaioow5cH/0jKHDVziGezkfnVcc="; 155 155 }; 156 156 157 157 nativeBuildInputs = [ ··· 264 264 ]; 265 265 266 266 sha256 = (if cudaSupport then { 267 - x86_64-linux = "sha256-0CfGWlwKsUFP1DHUN6+6wX3cHr5x3TE6NbqYlV5me1E="; 267 + x86_64-linux = "sha256-Z5cSgdRxdKxidaz4b1RlUF4rVcQiUTmQ1OorlBWlpt0="; 268 268 } else { 269 - x86_64-linux = "sha256-sljmyIligXC7d9fdlpqR32xyMR0UslWs04gXJBD8FTA="; 270 - aarch64-linux = "sha256-eJ4KIkHdcA2EVvyBoNum2cOPcHPFoBOtUTAGufO8FJA="; 269 + x86_64-linux = "sha256-sn7p8FFHWIVdBWnsLsVj5jLiSaTlRm7s/qj2RqvQ3jU="; 270 + aarch64-linux = "sha256-oAYF5AeuPHTlwtpDMs2+tAhRAJH0yeSVnB7Ni7wmzS8="; 271 271 }).${stdenv.system} or (throw "jaxlib: unsupported system: ${stdenv.system}"); 272 272 }; 273 273

+4 -2

pkgs/development/python-modules/lsprotocol/default.nix

··· 4 4 , cattrs 5 5 , fetchFromGitHub 6 6 , flit-core 7 + , importlib-resources 7 8 , jsonschema 8 9 , nox 9 10 , pyhamcrest ··· 13 14 14 15 buildPythonPackage rec { 15 16 pname = "lsprotocol"; 16 - version = "2023.0.0a2"; 17 + version = "2023.0.0b1"; 17 18 format = "pyproject"; 18 19 19 20 disabled = pythonOlder "3.7"; ··· 22 23 owner = "microsoft"; 23 24 repo = pname; 24 25 rev = "refs/tags/${version}"; 25 - hash = "sha256-AEvs2fb8nhWEFMyLvwNv9HoxxxE50/KW3TGZ5pDf4dc="; 26 + hash = "sha256-Y/Mp/8MskRB6irNU3CBOKmo2Zt5S69h+GyMg71sQ9Uw="; 26 27 }; 27 28 28 29 nativeBuildInputs = [ ··· 40 41 ]; 41 42 42 43 checkInputs = [ 44 + importlib-resources 43 45 jsonschema 44 46 pyhamcrest 45 47 ];

+4 -1

pkgs/development/python-modules/polars/default.nix

··· 6 6 , libiconv 7 7 , fetchFromGitHub 8 8 , typing-extensions 9 + , rust-jemalloc-sys 9 10 , darwin 10 11 }: 11 12 let ··· 49 50 50 51 nativeBuildInputs = with rustPlatform; [ cargoSetupHook maturinBuildHook ]; 51 52 52 - buildInputs = lib.optionals stdenv.isDarwin [ 53 + buildInputs = [ 54 + rust-jemalloc-sys 55 + ] ++ lib.optionals stdenv.isDarwin [ 53 56 libiconv 54 57 darwin.apple_sdk.frameworks.Security 55 58 ];

+2 -2

pkgs/development/python-modules/pytensor/default.nix

··· 26 26 27 27 buildPythonPackage rec { 28 28 pname = "pytensor"; 29 - version = "2.17.2"; 29 + version = "2.17.3"; 30 30 pyproject = true; 31 31 32 32 disabled = pythonOlder "3.9"; ··· 35 35 owner = "pymc-devs"; 36 36 repo = "pytensor"; 37 37 rev = "refs/tags/rel-${version}"; 38 - hash = "sha256-u1CbOjU3rQ6G3SSwYR3UlebymkupGMJWID4RH4v9PIk="; 38 + hash = "sha256-FufPCFzSjG8BrHes7t3XsdovX9gqUBG0gMDGKvkRkSA="; 39 39 }; 40 40 41 41 postPatch = ''

+2 -2

pkgs/development/python-modules/pyyardian/default.nix

··· 9 9 10 10 buildPythonPackage rec { 11 11 pname = "pyyardian"; 12 - version = "1.1.1"; 12 + version = "1.2.0"; 13 13 pyproject = true; 14 14 15 15 disabled = pythonOlder "3.7"; ··· 18 18 owner = "h3l1o5"; 19 19 repo = "pyyardian"; 20 20 rev = "refs/tags/${version}"; 21 - hash = "sha256-dnHHRGt3TsWJb6tzx+i1gb9hkLJYPVdCt92UGKuO6Mg="; 21 + hash = "sha256-JBb62pFDuVcXIGRc6UOp5/ciUtbGm4XnKZjt1icF/jQ="; 22 22 }; 23 23 24 24 nativeBuildInputs = [

-23

pkgs/development/python-modules/recaptcha_client/default.nix

··· 1 - { lib 2 - , buildPythonPackage 3 - , fetchPypi 4 - , pythonAtLeast 5 - }: 6 - 7 - buildPythonPackage rec { 8 - pname = "recaptcha-client"; 9 - version = "1.0.6"; 10 - disabled = pythonAtLeast "3.5"; 11 - 12 - src = fetchPypi { 13 - inherit pname version; 14 - sha256 = "28c6853c1d13d365b7dc71a6b05e5ffb56471f70a850de318af50d3d7c0dea2f"; 15 - }; 16 - 17 - meta = with lib; { 18 - description = "A CAPTCHA for Python using the reCAPTCHA service"; 19 - homepage = "http://recaptcha.net/"; 20 - license = licenses.mit; 21 - }; 22 - 23 - }

+2 -2

pkgs/development/python-modules/twilio/default.nix

··· 18 18 19 19 buildPythonPackage rec { 20 20 pname = "twilio"; 21 - version = "8.9.1"; 21 + version = "8.10.0"; 22 22 format = "setuptools"; 23 23 24 24 disabled = pythonOlder "3.7"; ··· 27 27 owner = "twilio"; 28 28 repo = "twilio-python"; 29 29 rev = "refs/tags/${version}"; 30 - hash = "sha256-F+0nYZIvZVH0QuEkuiV2lwA62r6T/amWFWg7rfBqddU="; 30 + hash = "sha256-1y9kETu2E7dN7fmE0qP6yAVwMcVGCYnyPQYzIIApKjU="; 31 31 }; 32 32 33 33 propagatedBuildInputs = [

+2

pkgs/development/tools/electron/binary/generic.nix

··· 24 24 , xorg 25 25 , pango 26 26 , systemd 27 + , pciutils 27 28 }: 28 29 29 30 version: hashes: ··· 92 93 xorg.libXrandr 93 94 xorg.libxkbfile 94 95 pango 96 + pciutils 95 97 stdenv.cc.cc.lib 96 98 systemd 97 99 ]

+2 -2

pkgs/development/tools/mold/default.nix

··· 23 23 24 24 stdenv.mkDerivation rec { 25 25 pname = "mold"; 26 - version = "2.3.0"; 26 + version = "2.3.1"; 27 27 28 28 src = fetchFromGitHub { 29 29 owner = "rui314"; 30 30 repo = "mold"; 31 31 rev = "v${version}"; 32 - hash = "sha256-TgDGAYdJjqGQradB7UJlV2emvG7q4F9ctzPaGRUgvxU="; 32 + hash = "sha256-SahpgmkeGVXqQebtw36IjFwHcbvi0JeiEWkNV3hk3lM="; 33 33 }; 34 34 35 35 nativeBuildInputs = [

+4 -7

pkgs/development/tools/ruff/default.nix

··· 4 4 , installShellFiles 5 5 , stdenv 6 6 , darwin 7 + , rust-jemalloc-sys 7 8 # tests 8 9 , ruff-lsp 9 10 }: ··· 31 32 installShellFiles 32 33 ]; 33 34 34 - buildInputs = lib.optionals stdenv.isDarwin [ 35 + buildInputs = [ 36 + rust-jemalloc-sys 37 + ] ++ lib.optionals stdenv.isDarwin [ 35 38 darwin.apple_sdk.frameworks.CoreServices 36 39 ]; 37 40 38 41 cargoBuildFlags = [ "--package=ruff_cli" ]; 39 42 cargoTestFlags = cargoBuildFlags; 40 - 41 - preBuild = lib.optionalString (stdenv.isDarwin && stdenv.isx86_64) '' 42 - # See https://github.com/jemalloc/jemalloc/issues/1997 43 - # Using a value of 48 should work on both emulated and native x86_64-darwin. 44 - export JEMALLOC_SYS_WITH_LG_VADDR=48 45 - ''; 46 43 47 44 # tests expect no colors 48 45 preCheck = ''

+1 -1

pkgs/os-specific/linux/ryzenadj/default.nix

··· 21 21 description = "Adjust power management settings for Ryzen Mobile Processors."; 22 22 homepage = "https://github.com/FlyGoat/RyzenAdj"; 23 23 license = licenses.lgpl3Only; 24 - maintainers = with maintainers; [ ]; 24 + maintainers = with maintainers; [ rhendric ]; 25 25 platforms = [ "x86_64-linux" ]; 26 26 }; 27 27 }

+2 -2

pkgs/servers/computing/slurm/default.nix

··· 14 14 15 15 stdenv.mkDerivation rec { 16 16 pname = "slurm"; 17 - version = "23.02.5.1"; 17 + version = "23.02.6.1"; 18 18 19 19 # N.B. We use github release tags instead of https://www.schedmd.com/downloads.php 20 20 # because the latter does not keep older releases. ··· 23 23 repo = "slurm"; 24 24 # The release tags use - instead of . 25 25 rev = "${pname}-${builtins.replaceStrings ["."] ["-"] version}"; 26 - sha256 = "sha256-9VvZ8xySYFyBa5tZzf5WCShbEDpqE1/5t76jXX6t+bc="; 26 + sha256 = "sha256-azgGM4qfS0xtUaiGfXtu8MNYdgpZRUfx+zBgAAlmt6g="; 27 27 }; 28 28 29 29 outputs = [ "out" "dev" ];

+2

pkgs/servers/kanidm/default.nix

··· 11 11 , sqlite 12 12 , pam 13 13 , bashInteractive 14 + , rust-jemalloc-sys 14 15 }: 15 16 16 17 let ··· 59 60 openssl 60 61 sqlite 61 62 pam 63 + rust-jemalloc-sys 62 64 ]; 63 65 64 66 # The UI needs to be in place before the tests are run.

+5 -1

pkgs/servers/matrix-conduit/default.nix

··· 7 7 , darwin 8 8 , nixosTests 9 9 , rocksdb 10 + , rust-jemalloc-sys 10 11 }: 11 12 12 13 rustPlatform.buildRustPackage rec { ··· 42 43 pkg-config 43 44 ]; 44 45 45 - buildInputs = [ sqlite ] ++ lib.optionals stdenv.isDarwin [ 46 + buildInputs = [ 47 + sqlite 48 + rust-jemalloc-sys 49 + ] ++ lib.optionals stdenv.isDarwin [ 46 50 darwin.apple_sdk.frameworks.Security 47 51 ]; 48 52

+3 -3

pkgs/servers/monitoring/telegraf/default.nix

··· 8 8 9 9 buildGoModule rec { 10 10 pname = "telegraf"; 11 - version = "1.28.1"; 11 + version = "1.28.2"; 12 12 13 13 subPackages = [ "cmd/telegraf" ]; 14 14 ··· 16 16 owner = "influxdata"; 17 17 repo = "telegraf"; 18 18 rev = "v${version}"; 19 - hash = "sha256-ag5Hk/LAHS2XDZ0MUAycLfDLr9awMl3T+5NoQGUIl/w="; 19 + hash = "sha256-gD4xdKjIx0zLKJySx8UdSKvMIZJaIXtubWQX/mLu+TI="; 20 20 }; 21 21 22 - vendorHash = "sha256-3hmYyUDlBPEcoM/1MhH6yoH/Kb21rITrAzy7APQpLqI="; 22 + vendorHash = "sha256-OzAAchUHNno58Em2oDnMt9P1B03HtQylFBFEkv4bAkU="; 23 23 proxyVendor = true; 24 24 25 25 ldflags = [

+5 -1

pkgs/servers/search/qdrant/default.nix

··· 5 5 , stdenv 6 6 , pkg-config 7 7 , openssl 8 + , rust-jemalloc-sys 8 9 , nix-update-script 9 10 , Security 10 11 }: ··· 32 33 # Needed to get openssl-sys to use pkg-config. 33 34 OPENSSL_NO_VENDOR = 1; 34 35 35 - buildInputs = [ openssl ] ++ lib.optionals stdenv.isDarwin [ Security ]; 36 + buildInputs = [ 37 + openssl 38 + rust-jemalloc-sys 39 + ] ++ lib.optionals stdenv.isDarwin [ Security ]; 36 40 37 41 nativeBuildInputs = [ protobuf rustPlatform.bindgenHook pkg-config ]; 38 42

+4 -1

pkgs/servers/search/quickwit/default.nix

··· 4 4 , rustPlatform 5 5 , nix-update-script 6 6 , protobuf 7 + , rust-jemalloc-sys 7 8 , Security 8 9 }: 9 10 ··· 32 33 33 34 sourceRoot = "${src.name}/quickwit"; 34 35 35 - buildInputs = lib.optionals stdenv.isDarwin [ Security ]; 36 + buildInputs = [ 37 + rust-jemalloc-sys 38 + ] ++ lib.optionals stdenv.isDarwin [ Security ]; 36 39 37 40 cargoLock = { 38 41 lockFile = ./Cargo.lock;

+2 -2

pkgs/servers/sickbeard/sickgear.nix

··· 4 4 pythonEnv = python3.withPackages(ps: with ps; [ cheetah3 lxml ]); 5 5 in stdenv.mkDerivation rec { 6 6 pname = "sickgear"; 7 - version = "3.30.0"; 7 + version = "3.30.4"; 8 8 9 9 src = fetchFromGitHub { 10 10 owner = "SickGear"; 11 11 repo = "SickGear"; 12 12 rev = "release_${version}"; 13 - hash = "sha256-Y9FXaDODeuMaXeqmfBCd96JgwrqDe5k6RCtGKvTOMKw="; 13 + hash = "sha256-me52Ji+IWPN6IEDWsAlIoGPS45uA22+dxHJjqnYPniE="; 14 14 }; 15 15 16 16 patches = [

+3 -3

pkgs/servers/soft-serve/default.nix

··· 2 2 3 3 buildGoModule rec { 4 4 pname = "soft-serve"; 5 - version = "0.6.1"; 5 + version = "0.6.2"; 6 6 7 7 src = fetchFromGitHub { 8 8 owner = "charmbracelet"; 9 9 repo = "soft-serve"; 10 10 rev = "v${version}"; 11 - hash = "sha256-Xst/eNam3HuHixEmPUl2J7B7cLYaeGVaUnzXIVugBbw="; 11 + hash = "sha256-gmgIuQk+8MRkuFZaJq82hHNdUMSqrylwgk6vi/Q0OQ0="; 12 12 }; 13 13 14 - vendorHash = "sha256-tzJu2DmbvPU1tPIWP88q66PBtC1XEduQac8cIxwb/sM="; 14 + vendorHash = "sha256-7lzdngj6xBpEe2nZdPW1GLbarPBdCHMnf+Dyxuq2Ikw="; 15 15 16 16 doCheck = false; 17 17

+1 -1

pkgs/servers/web-apps/lemmy/package.json

··· 1 1 { 2 2 "name": "lemmy-ui", 3 - "version": "0.18.4", 3 + "version": "0.18.5", 4 4 "description": "An isomorphic UI for lemmy", 5 5 "repository": "https://github.com/LemmyNet/lemmy-ui", 6 6 "license": "AGPL-3.0",

+5 -5

pkgs/servers/web-apps/lemmy/pin.json

··· 1 1 { 2 - "serverVersion": "0.18.4", 3 - "uiVersion": "0.18.4", 4 - "serverHash": "sha256-J+kjsirEcLz0th3IGVheSShVLbQma1Eip329/q5/3S8=", 5 - "serverCargoHash": "sha256-0UDhHa2QvHoNYJIArpc/o+lkq87tBX/XVgXsr7y/+Rk=", 6 - "uiHash": "sha256-E/rSNWVjiZE5Hl0iIocQfkIdOFSeB0zYXQDq9A3h3lI=", 2 + "serverVersion": "0.18.5", 3 + "uiVersion": "0.18.5", 4 + "serverHash": "sha256-tj8zryCzW3r6VGiNGlI5eo0I+rJfhTUOGtb3YieodpQ=", 5 + "serverCargoHash": "sha256-80jk1GhnXos+lil3joEtPwJjsE8qSEm/WinCfZ3CF/c=", 6 + "uiHash": "sha256-fyXKhVTFc1+gG2TXb9l/YkcwRt/p7DWtB1FO5mpQ3i4=", 7 7 "uiYarnDepsHash": "sha256-rLP1CQd75nVfI6C0sC21TUskzVfbGHm2fblcYr6JcGc=" 8 8 }

+4 -4

pkgs/tools/admin/pgadmin/default.nix

··· 14 14 15 15 let 16 16 pname = "pgadmin"; 17 - version = "7.5"; 18 - yarnSha256 = "sha256-rEKMUZksmR2jPwtXy6drNwAJktK/3Dee6EZVFHPngWs="; 17 + version = "7.7"; 18 + yarnHash = "sha256-8EbbyZHodrYz4a2IYuIWYGutqvrjauSv34o9KFvR/6c="; 19 19 20 20 src = fetchFromGitHub { 21 21 owner = "pgadmin-org"; 22 22 repo = "pgadmin4"; 23 23 rev = "REL-${lib.versions.major version}_${lib.versions.minor version}"; 24 - hash = "sha256-o8jPqp4jLF/lZ0frCzPDCSxCy51Nt0mbdeNB44ZwNHI="; 24 + hash = "sha256-+KD05hzghNFpuw2xW3NUVyKwspCUO9fyJgMPzYk1Xt8="; 25 25 }; 26 26 27 27 # keep the scope, as it is used throughout the derivation and tests ··· 30 30 31 31 offlineCache = fetchYarnDeps { 32 32 yarnLock = ./yarn.lock; 33 - hash = yarnSha256; 33 + hash = yarnHash; 34 34 }; 35 35 36 36 in

+28

pkgs/tools/admin/pgadmin/expose-setup.py.patch

··· 58 58 + 59 59 +if __name__ == '__main__': 60 60 + main() 61 + 62 + diff --git a/web/pgadmin/model/__init__.py b/web/pgadmin/model/__init__.py 63 + index 4c36dd1..a492365 100644 64 + --- a/web/pgadmin/model/__init__.py 65 + +++ b/web/pgadmin/model/__init__.py 66 + @@ -23,7 +23,6 @@ from flask_sqlalchemy import SQLAlchemy 67 + from sqlalchemy.ext.mutable import MutableDict 68 + import sqlalchemy.types as types 69 + import uuid 70 + -import config 71 + 72 + ########################################################################## 73 + # 74 + @@ -41,10 +40,12 @@ SCHEMA_VERSION = 35 75 + # 76 + ########################################################################## 77 + 78 + +# hardcode poolsize and max_overflow due to a circular import (config imports model, 79 + +# model now tries to import config) 80 + db = SQLAlchemy( 81 + engine_options={ 82 + - 'pool_size': config.CONFIG_DATABASE_CONNECTION_POOL_SIZE, 83 + - 'max_overflow': config.CONFIG_DATABASE_CONNECTION_MAX_OVERFLOW}) 84 + + 'pool_size': 5, 85 + + 'max_overflow': 100}) 86 + 87 + 88 + USER_ID = 'user.id'

+1 -1

pkgs/tools/admin/pgadmin/update.sh

··· 104 104 printf "Done\n" 105 105 popd 106 106 107 - sed -i -E -e "s#yarnSha256 = \".*\"#yarnSha256 = \"$YARN_HASH\"#" ${scriptDir}/default.nix 107 + sed -i -E -e "s#yarnHash = \".*\"#yarnHash = \"$YARN_HASH\"#" ${scriptDir}/default.nix 108 108 109 109 update-source-version pgadmin4 "$newest_version" --print-changes 110 110 touch $TMPDIR/.done

+143 -145

pkgs/tools/admin/pgadmin/yarn.lock

··· 1640 1640 rc-resize-observer "^1.3.1" 1641 1641 rc-util "^5.33.0" 1642 1642 1643 + "@react-dnd/asap@^4.0.0": 1644 + version "4.0.1" 1645 + resolved "https://registry.npmjs.org/@react-dnd/asap/-/asap-4.0.1.tgz#5291850a6b58ce6f2da25352a64f1b0674871aab" 1646 + integrity sha512-kLy0PJDDwvwwTXxqTFNAAllPHD73AycE9ypWeln/IguoGBEbvFcPDbCV03G52bEcC5E+YgupBE0VzHGdC8SIXg== 1647 + 1643 1648 "@react-dnd/asap@^5.0.1": 1644 1649 version "5.0.2" 1645 1650 resolved "https://registry.npmjs.org/@react-dnd/asap/-/asap-5.0.2.tgz#1f81f124c1cd6f39511c11a881cfb0f715343488" 1646 1651 integrity sha512-WLyfoHvxhs0V9U+GTsGilGgf2QsPl6ZZ44fnv0/b8T3nQyvzxidxsg/ZltbWssbsRDlYW8UKSQMTGotuTotZ6A== 1647 1652 1653 + "@react-dnd/invariant@^2.0.0": 1654 + version "2.0.0" 1655 + resolved "https://registry.npmjs.org/@react-dnd/invariant/-/invariant-2.0.0.tgz#09d2e81cd39e0e767d7da62df9325860f24e517e" 1656 + integrity sha512-xL4RCQBCBDJ+GRwKTFhGUW8GXa4yoDfJrPbLblc3U09ciS+9ZJXJ3Qrcs/x2IODOdIE5kQxvMmE2UKyqUictUw== 1657 + 1648 1658 "@react-dnd/invariant@^4.0.1": 1649 1659 version "4.0.2" 1650 1660 resolved "https://registry.npmjs.org/@react-dnd/invariant/-/invariant-4.0.2.tgz#b92edffca10a26466643349fac7cdfb8799769df" 1651 1661 integrity sha512-xKCTqAK/FFauOM9Ta2pswIyT3D8AQlfrYdOi/toTPEhqCuAs1v5tcJ3Y08Izh1cJ5Jchwy9SeAXmMg6zrKs2iw== 1662 + 1663 + "@react-dnd/shallowequal@^2.0.0": 1664 + version "2.0.0" 1665 + resolved "https://registry.npmjs.org/@react-dnd/shallowequal/-/shallowequal-2.0.0.tgz#a3031eb54129f2c66b2753f8404266ec7bf67f0a" 1666 + integrity sha512-Pc/AFTdwZwEKJxFJvlxrSmGe/di+aAOBn60sremrpLo6VI/6cmiUYNNwlI5KNYttg7uypzA3ILPMPgxB2GYZEg== 1652 1667 1653 1668 "@react-dnd/shallowequal@^4.0.1": 1654 1669 version "4.0.2" ··· 2635 2650 resolved "https://registry.npmjs.org/async/-/async-3.2.4.tgz#2d22e00f8cddeb5fde5dd33522b56d1cf569a81c" 2636 2651 integrity sha512-iAB+JbDEGXhyIUavoDl9WP/Jj106Kz9DEn1DPgYw5ruDn0e3Wgi3sKFm55sASdGBNOQB8F59d9qQ7deqrHA8wQ== 2637 2652 2653 + asynckit@^0.4.0: 2654 + version "0.4.0" 2655 + resolved "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" 2656 + integrity sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q== 2657 + 2638 2658 attr-accept@^2.2.2: 2639 2659 version "2.2.2" 2640 2660 resolved "https://registry.npmjs.org/attr-accept/-/attr-accept-2.2.2.tgz#646613809660110749e92f2c10833b70968d929b" ··· 2665 2685 fast-deep-equal "^3.1.3" 2666 2686 is-buffer "^2.0.5" 2667 2687 2668 - axios@^0.21.1: 2669 - version "0.21.4" 2670 - resolved "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz#c67b90dc0568e5c1cf2b0b858c43ba28e2eda575" 2671 - integrity sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg== 2688 + axios@^1.4.0: 2689 + version "1.4.0" 2690 + resolved "https://registry.npmjs.org/axios/-/axios-1.4.0.tgz#38a7bf1224cd308de271146038b551d725f0be1f" 2691 + integrity sha512-S4XCWMEmzvo64T9GfvQDOXgYRDJ/wsSZc7Jvdgx5u1sd0JwsuPLqb3SYmusag+edF6ziyMensPVqLTSc1PiSEA== 2672 2692 dependencies: 2673 - follow-redirects "^1.14.0" 2693 + follow-redirects "^1.15.0" 2694 + form-data "^4.0.0" 2695 + proxy-from-env "^1.1.0" 2674 2696 2675 2697 babel-code-frame@^6.26.0: 2676 2698 version "6.26.0" ··· 2906 2928 execa "^1.0.0" 2907 2929 find-versions "^3.0.0" 2908 2930 2909 - "bin-wrapper@^4.0.0", "bin-wrapper@^4.0.1": 2931 + bin-wrapper@^4.0.0: 2910 2932 version "4.1.0" 2911 2933 resolved "https://registry.npmjs.org/bin-wrapper/-/bin-wrapper-4.1.0.tgz#99348f2cf85031e3ef7efce7e5300aeaae960605" 2912 2934 integrity sha512-hfRmo7hWIXPkbpi0ZltboCMVrU+0ClXR/JgbCKKjlDjQf6igXa7OwdqNcFWQZPZTgiY7ZpzE3+LjjkLiTN2T7Q== ··· 3546 3568 lodash.memoize "~3.0.3" 3547 3569 source-map "~0.5.3" 3548 3570 3571 + combined-stream@^1.0.8: 3572 + version "1.0.8" 3573 + resolved "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz#c3d45a8b34fd730631a110a8a2520682b31d5a7f" 3574 + integrity sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg== 3575 + dependencies: 3576 + delayed-stream "~1.0.0" 3577 + 3549 3578 "commander@^2.19.0", "commander@^2.20.0", "commander@^2.8.1": 3550 3579 version "2.20.3" 3551 3580 resolved "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz#fd485e84c03eb4881c20722ba48035e8531aeb33" ··· 4211 4240 resolved "https://registry.npmjs.org/defined/-/defined-1.0.1.tgz#c0b9db27bfaffd95d6f61399419b893df0f91ebf" 4212 4241 integrity sha512-hsBd2qSVCRE+5PmNdHt1uzyrFu5d3RwmFDKzyNZMFq/EwDNJF7Ee5+D5oEKF0hU6LhtoUF1macFvOe4AskQC1Q== 4213 4242 4243 + delayed-stream@~1.0.0: 4244 + version "1.0.0" 4245 + resolved "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz#df3ae199acadfb7d440aaae0b29e2272b24ec619" 4246 + integrity sha512-ZySD7Nf91aLB0RxL4KGrKHBXl7Eds1DAmEdcoVawXnLD7SDhpNgtuII2aAkg7a7QS41jxPSZ17p4VdGnMHk3MQ== 4247 + 4214 4248 delegates@^1.0.0: 4215 4249 version "1.0.0" 4216 4250 resolved "https://registry.npmjs.org/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a" ··· 4294 4328 resolved "https://registry.npmjs.org/discontinuous-range/-/discontinuous-range-1.0.0.tgz#e38331f0844bba49b9a9cb71c771585aab1bc65a" 4295 4329 integrity sha512-c68LpLbO+7kP/b1Hr1qs8/BJ09F5khZGTxqxZuhzxpmwJKOgRFHJWIb9/KmqnqHhLdO55aOxFH/EGBvUQbL/RQ== 4296 4330 4331 + dnd-core@14.0.1: 4332 + version "14.0.1" 4333 + resolved "https://registry.npmjs.org/dnd-core/-/dnd-core-14.0.1.tgz#76d000e41c494983210fb20a48b835f81a203c2e" 4334 + integrity sha512-+PVS2VPTgKFPYWo3vAFEA8WPbTf7/xo43TifH9G8S1KqnrQu0o77A3unrF5yOugy4mIz7K5wAVFHUcha7wsz6A== 4335 + dependencies: 4336 + "@react-dnd/asap" "^4.0.0" 4337 + "@react-dnd/invariant" "^2.0.0" 4338 + redux "^4.1.1" 4339 + 4297 4340 dnd-core@^16.0.1: 4298 4341 version "16.0.1" 4299 4342 resolved "https://registry.npmjs.org/dnd-core/-/dnd-core-16.0.1.tgz#a1c213ed08961f6bd1959a28bb76f1a868360d19" ··· 4368 4411 resolved "https://registry.npmjs.org/domelementtype/-/domelementtype-2.3.0.tgz#5c45e8e869952626331d7aab326d01daf65d589d" 4369 4412 integrity sha512-OLETBj6w0OsagBwdXnPdN0cnMfF9opN69co+7ZrbfPGrdpPVNBUj02spi6B1N7wChLQiPn4CSH/zJvXw56gmHw== 4370 4413 4371 - "domhandler@4.3.1", "domhandler@^4.2.0", "domhandler@^4.2.2", "domhandler@^4.3.1": 4414 + "domhandler@5.0.3", "domhandler@^5.0.2", "domhandler@^5.0.3": 4415 + version "5.0.3" 4416 + resolved "https://registry.npmjs.org/domhandler/-/domhandler-5.0.3.tgz#cc385f7f751f1d1fc650c21374804254538c7d31" 4417 + integrity sha512-cgwlv/1iFQiFnU96XXgROh8xTeetsnJiDsTc7TYCLFd9+/WNkIqPTxiM/8pSd8VIrhXGTf1Ny1q1hquVqDJB5w== 4418 + dependencies: 4419 + domelementtype "^2.3.0" 4420 + 4421 + "domhandler@^4.2.0", "domhandler@^4.3.1": 4372 4422 version "4.3.1" 4373 4423 resolved "https://registry.npmjs.org/domhandler/-/domhandler-4.3.1.tgz#8d792033416f59d68bc03a5aa7b018c1ca89279c" 4374 4424 integrity sha512-GrwoxYN+uWlzO8uhUXRl0P+kHE4GtVPfYzVLcUxPL7KNdHKj66vvlhiweIHqYYXWlw+T8iLMp42Lm67ghw4WMQ== 4375 4425 dependencies: 4376 4426 domelementtype "^2.2.0" 4377 4427 4378 - "domhandler@^5.0.2", "domhandler@^5.0.3": 4379 - version "5.0.3" 4380 - resolved "https://registry.npmjs.org/domhandler/-/domhandler-5.0.3.tgz#cc385f7f751f1d1fc650c21374804254538c7d31" 4381 - integrity sha512-cgwlv/1iFQiFnU96XXgROh8xTeetsnJiDsTc7TYCLFd9+/WNkIqPTxiM/8pSd8VIrhXGTf1Ny1q1hquVqDJB5w== 4382 - dependencies: 4383 - domelementtype "^2.3.0" 4384 - 4385 4428 domutils@^2.8.0: 4386 4429 version "2.8.0" 4387 4430 resolved "https://registry.npmjs.org/domutils/-/domutils-2.8.0.tgz#4437def5db6e2d1f5d6ee859bd95ca7d02048135" ··· 4391 4434 domelementtype "^2.2.0" 4392 4435 domhandler "^4.2.0" 4393 4436 4394 - domutils@^3.0.1: 4437 + "domutils@^3.0.1", "domutils@^3.1.0": 4395 4438 version "3.1.0" 4396 4439 resolved "https://registry.npmjs.org/domutils/-/domutils-3.1.0.tgz#c47f551278d3dc4b0b1ab8cbb42d751a6f0d824e" 4397 4440 integrity sha512-H78uMmQtI2AhgDJjWeQmHwJJ2bLPD3GMmO7Zja/ZZh84wkm+4ut+IUnUdRa8uCGX88DiVx1j6FRe1XfxEgjEZA== ··· 4571 4614 resolved "https://registry.npmjs.org/entities/-/entities-2.2.0.tgz#098dc90ebb83d8dffa089d55256b351d34c4da55" 4572 4615 integrity sha512-p92if5Nz619I0w+akJrLZH0MX0Pb5DX39XOwQTtXSdQQOaYH03S1uIQp4mhOZtAXrxq4ViO67YTiLBo2638o9A== 4573 4616 4574 - entities@^3.0.1: 4575 - version "3.0.1" 4576 - resolved "https://registry.npmjs.org/entities/-/entities-3.0.1.tgz#2b887ca62585e96db3903482d336c1006c3001d4" 4577 - integrity sha512-WiyBqoomrwMdFG1e0kqvASYfnlb0lp8M5o5Fw2OFq1hNZxxcNk8Ik0Xm7LxzBhuidnZB/UtBqVCgUz3kBOP51Q== 4578 - 4579 - "entities@^4.2.0", "entities@^4.4.0": 4617 + "entities@^4.2.0", "entities@^4.4.0", "entities@^4.5.0": 4580 4618 version "4.5.0" 4581 4619 resolved "https://registry.npmjs.org/entities/-/entities-4.5.0.tgz#5d268ea5e7113ec74c4d033b79ea5a35a488fb48" 4582 4620 integrity sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw== ··· 4948 4986 signal-exit "^3.0.0" 4949 4987 strip-eof "^1.0.0" 4950 4988 4951 - execa@^4.0.0: 4952 - version "4.1.0" 4953 - resolved "https://registry.npmjs.org/execa/-/execa-4.1.0.tgz#4e5491ad1572f2f17a77d388c6c857135b22847a" 4954 - integrity sha512-j5W0//W7f8UxAn8hXVnwG8tLwdiUy4FJLcSupCg6maBYZDpyBvTApK7KyuI4bKj8KOh1r2YH+6ucuYtJv1bTZA== 4955 - dependencies: 4956 - cross-spawn "^7.0.0" 4957 - get-stream "^5.0.0" 4958 - human-signals "^1.1.1" 4959 - is-stream "^2.0.0" 4960 - merge-stream "^2.0.0" 4961 - npm-run-path "^4.0.0" 4962 - onetime "^5.1.0" 4963 - signal-exit "^3.0.2" 4964 - strip-final-newline "^2.0.0" 4965 - 4966 4989 execa@^6.0.0: 4967 4990 version "6.1.0" 4968 4991 resolved "https://registry.npmjs.org/execa/-/execa-6.1.0.tgz#cea16dee211ff011246556388effa0818394fb20" ··· 5221 5244 resolved "https://registry.npmjs.org/flatted/-/flatted-3.2.7.tgz#609f39207cb614b89d0765b477cb2d437fbf9787" 5222 5245 integrity sha512-5nqDSxl8nn5BSNxyR3n4I6eDmbolI6WT+QqR547RwxQapgjQBmtktdP+HTBb/a/zLsbzERTONyUB5pefh5TtjQ== 5223 5246 5224 - "follow-redirects@^1.0.0", "follow-redirects@^1.14.0": 5247 + "follow-redirects@^1.0.0", "follow-redirects@^1.15.0": 5225 5248 version "1.15.2" 5226 5249 resolved "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz#b460864144ba63f2681096f274c4e57026da2c13" 5227 5250 integrity sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA== ··· 5240 5263 dependencies: 5241 5264 cross-spawn "^7.0.0" 5242 5265 signal-exit "^4.0.1" 5266 + 5267 + form-data@^4.0.0: 5268 + version "4.0.0" 5269 + resolved "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz#93919daeaf361ee529584b9b31664dc12c9fa452" 5270 + integrity sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww== 5271 + dependencies: 5272 + asynckit "^0.4.0" 5273 + combined-stream "^1.0.8" 5274 + mime-types "^2.1.12" 5243 5275 5244 5276 fraction.js@^4.2.0: 5245 5277 version "4.2.0" ··· 5385 5417 dependencies: 5386 5418 pump "^3.0.0" 5387 5419 5388 - get-stream@^5.0.0: 5389 - version "5.2.0" 5390 - resolved "https://registry.npmjs.org/get-stream/-/get-stream-5.2.0.tgz#4966a1795ee5ace65e706c4b7beb71257d6e22d3" 5391 - integrity sha512-nBF+F1rAZVCu/p7rjzgA+Yb4lfYXrpl7a6VmJrU8wF9I1CKvP/QwPNZHnOlwbTkY6dvtFIzFMSyQXbLoTQPRpA== 5392 - dependencies: 5393 - pump "^3.0.0" 5394 - 5395 5420 get-stream@^6.0.1: 5396 5421 version "6.0.1" 5397 5422 resolved "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz#a262d8eef67aced57c2852ad6167526a43cbf7b7" ··· 5726 5751 dependencies: 5727 5752 lru-cache "^6.0.0" 5728 5753 5729 - html-dom-parser@1.2.0: 5730 - version "1.2.0" 5731 - resolved "https://registry.npmjs.org/html-dom-parser/-/html-dom-parser-1.2.0.tgz#8f689b835982ffbf245eda99730e92b8462c111e" 5732 - integrity sha512-2HIpFMvvffsXHFUFjso0M9LqM+1Lm22BF+Df2ba+7QHJXjk63pWChEnI6YG27eaWqUdfnh5/Vy+OXrNTtepRsg== 5754 + html-dom-parser@4.0.0: 5755 + version "4.0.0" 5756 + resolved "https://registry.npmjs.org/html-dom-parser/-/html-dom-parser-4.0.0.tgz#dc382fbbc9306f8c9b5aae4e3f2822e113a48709" 5757 + integrity sha512-TUa3wIwi80f5NF8CVWzkopBVqVAtlawUzJoLwVLHns0XSJGynss4jiY0mTWpiDOsuyw+afP+ujjMgRh9CoZcXw== 5733 5758 dependencies: 5734 - domhandler "4.3.1" 5735 - htmlparser2 "7.2.0" 5759 + domhandler "5.0.3" 5760 + htmlparser2 "9.0.0" 5736 5761 5737 5762 html-element-map@^1.2.0: 5738 5763 version "1.3.1" ··· 5747 5772 resolved "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz#dfd60027da36a36dfcbe236262c00a5822681453" 5748 5773 integrity sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg== 5749 5774 5750 - html-react-parser@^1.2.7: 5751 - version "1.4.14" 5752 - resolved "https://registry.npmjs.org/html-react-parser/-/html-react-parser-1.4.14.tgz#577b7a90be0c61eebbbc488d914ad08398c79ef5" 5753 - integrity sha512-pxhNWGie8Y+DGDpSh8cTa0k3g8PsDcwlfolA+XxYo1AGDeB6e2rdlyv4ptU9bOTiZ2i3fID+6kyqs86MN0FYZQ== 5775 + html-react-parser@^4.2.0: 5776 + version "4.2.0" 5777 + resolved "https://registry.npmjs.org/html-react-parser/-/html-react-parser-4.2.0.tgz#9168eda80dbfe0335a87fde3fb3ed6c2e91b1188" 5778 + integrity sha512-gzU55AS+FI6qD7XaKe5BLuLFM2Xw0/LodfMWZlxV9uOHe7LCD5Lukx/EgYuBI3c0kLu0XlgFXnSzO0qUUn3Vrg== 5754 5779 dependencies: 5755 - domhandler "4.3.1" 5756 - html-dom-parser "1.2.0" 5780 + domhandler "5.0.3" 5781 + html-dom-parser "4.0.0" 5757 5782 react-property "2.0.0" 5758 - style-to-js "1.1.1" 5783 + style-to-js "1.1.3" 5759 5784 5760 5785 html2canvas@^1.0.0-rc.7: 5761 5786 version "1.4.1" ··· 5770 5795 resolved "https://registry.npmjs.org/htmlescape/-/htmlescape-1.1.1.tgz#3a03edc2214bca3b66424a3e7959349509cb0351" 5771 5796 integrity sha512-eVcrzgbR4tim7c7soKQKtxa/kQM4TzjnlU83rcZ9bHU6t31ehfV7SktN6McWgwPWg+JYMA/O3qpGxBvFq1z2Jg== 5772 5797 5773 - htmlparser2@7.2.0: 5774 - version "7.2.0" 5775 - resolved "https://registry.npmjs.org/htmlparser2/-/htmlparser2-7.2.0.tgz#8817cdea38bbc324392a90b1990908e81a65f5a5" 5776 - integrity sha512-H7MImA4MS6cw7nbyURtLPO1Tms7C5H602LRETv95z1MxO/7CP7rDVROehUYeYBUYEON94NXXDEPmZuq+hX4sog== 5798 + htmlparser2@9.0.0: 5799 + version "9.0.0" 5800 + resolved "https://registry.npmjs.org/htmlparser2/-/htmlparser2-9.0.0.tgz#e431142b7eeb1d91672742dea48af8ac7140cddb" 5801 + integrity sha512-uxbSI98wmFT/G4P2zXx4OVx04qWUmyFPrD2/CNepa2Zo3GPNaCaaxElDgwUrwYWkK1nr9fft0Ya8dws8coDLLQ== 5777 5802 dependencies: 5778 - domelementtype "^2.0.1" 5779 - domhandler "^4.2.2" 5780 - domutils "^2.8.0" 5781 - entities "^3.0.1" 5803 + domelementtype "^2.3.0" 5804 + domhandler "^5.0.3" 5805 + domutils "^3.1.0" 5806 + entities "^4.5.0" 5782 5807 5783 5808 htmlparser2@^8.0.1: 5784 5809 version "8.0.2" ··· 5842 5867 agent-base 6 5843 5868 debug 4 5844 5869 5845 - human-signals@^1.1.1: 5846 - version "1.1.1" 5847 - resolved "https://registry.npmjs.org/human-signals/-/human-signals-1.1.1.tgz#c5b1cd14f50aeae09ab6c59fe63ba3395fe4dfa3" 5848 - integrity sha512-SEQu7vl8KjNL2eoGBLF3+wAjpsNfA9XMlXAYj/3EdaNfAlxKthD1xjEQfGOUhllCGGJVNY34bRr6lPINhNjyZw== 5849 - 5850 5870 human-signals@^3.0.1: 5851 5871 version "3.0.1" 5852 5872 resolved "https://registry.npmjs.org/human-signals/-/human-signals-3.0.1.tgz#c740920859dafa50e5a3222da9d3bf4bb0e5eef5" ··· 5918 5938 exec-buffer "^3.0.0" 5919 5939 is-png "^2.0.0" 5920 5940 optipng-bin "^7.0.0" 5921 - 5922 - imagemin-pngquant@^9.0.2: 5923 - version "9.0.2" 5924 - resolved "https://registry.npmjs.org/imagemin-pngquant/-/imagemin-pngquant-9.0.2.tgz#38155702b0cc4f60f671ba7c2b086ea3805d9567" 5925 - integrity sha512-cj//bKo8+Frd/DM8l6Pg9pws1pnDUjgb7ae++sUX1kUVdv2nrngPykhiUOgFeE0LGY/LmUbCf4egCHC4YUcZSg== 5926 - dependencies: 5927 - execa "^4.0.0" 5928 - is-png "^2.0.0" 5929 - is-stream "^2.0.0" 5930 - ow "^0.17.0" 5931 - pngquant-bin "^6.0.0" 5932 5941 5933 5942 imagemin@^8.0.1: 5934 5943 version "8.0.1" ··· 6302 6311 version "1.1.0" 6303 6312 resolved "https://registry.npmjs.org/is-stream/-/is-stream-1.1.0.tgz#12d4a3dd4e68e0b79ceb8dbc84173ae80d91ca44" 6304 6313 integrity sha512-uQPm8kcs47jx38atAcWTVxyltQYoPT68y9aWYdV6yWXSyW8mzSat0TL6CiWdZeCdF3KrAvpVtnHbTv4RN+rqdQ== 6305 - 6306 - is-stream@^2.0.0: 6307 - version "2.0.1" 6308 - resolved "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz#fac1e3d53b97ad5a9d0ae9cef2389f5810a5c077" 6309 - integrity sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg== 6310 6314 6311 6315 is-stream@^3.0.0: 6312 6316 version "3.0.0" ··· 7408 7412 resolved "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz#bbabcdc02859f4987301c856e3387ce5ec43bf70" 7409 7413 integrity sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg== 7410 7414 7411 - "mime-types@^2.1.27", "mime-types@~2.1.24", "mime-types@~2.1.34": 7415 + "mime-types@^2.1.12", "mime-types@^2.1.27", "mime-types@~2.1.24", "mime-types@~2.1.34": 7412 7416 version "2.1.35" 7413 7417 resolved "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz#381a871b62a734450660ae3deee44813f70d959a" 7414 7418 integrity sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw== ··· 7420 7424 resolved "https://registry.npmjs.org/mime/-/mime-2.6.0.tgz#a2a682a95cd4d0cb1d6257e28f83da7e35800367" 7421 7425 integrity sha512-USPkMeET31rOMiarsBNIHZKLGgvKc/LrjofAnBlOttf5ajRvqiRA8QsenbcooctK6d6Ts6aqZXBA+XbkKthiQg== 7422 7426 7423 - mimic-fn@^2.1.0: 7424 - version "2.1.0" 7425 - resolved "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz#7ed2c2ccccaf84d3ffcb7a69b57711fc2083401b" 7426 - integrity sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg== 7427 - 7428 7427 mimic-fn@^4.0.0: 7429 7428 version "4.0.0" 7430 7429 resolved "https://registry.npmjs.org/mimic-fn/-/mimic-fn-4.0.0.tgz#60a90550d5cb0b239cca65d893b1a53b29871ecc" ··· 7829 7828 dependencies: 7830 7829 path-key "^2.0.0" 7831 7830 7832 - npm-run-path@^4.0.0: 7833 - version "4.0.1" 7834 - resolved "https://registry.npmjs.org/npm-run-path/-/npm-run-path-4.0.1.tgz#b7ecd1e5ed53da8e37a55e1c2269e0b97ed748ea" 7835 - integrity sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw== 7836 - dependencies: 7837 - path-key "^3.0.0" 7838 - 7839 7831 npm-run-path@^5.1.0: 7840 7832 version "5.1.0" 7841 7833 resolved "https://registry.npmjs.org/npm-run-path/-/npm-run-path-5.1.0.tgz#bc62f7f3f6952d9894bd08944ba011a6ee7b7e00" ··· 7949 7941 dependencies: 7950 7942 wrappy 1 7951 7943 7952 - onetime@^5.1.0: 7953 - version "5.1.2" 7954 - resolved "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz#d0e96ebb56b07476df1dd9c4806e5237985ca45e" 7955 - integrity sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg== 7956 - dependencies: 7957 - mimic-fn "^2.1.0" 7958 - 7959 7944 onetime@^6.0.0: 7960 7945 version "6.0.0" 7961 7946 resolved "https://registry.npmjs.org/onetime/-/onetime-6.0.0.tgz#7c24c18ed1fd2e9bca4bd26806a33613c77d34b4" ··· 8005 7990 resolved "https://registry.npmjs.org/os-shim/-/os-shim-0.1.3.tgz#6b62c3791cf7909ea35ed46e17658bb417cb3917" 8006 7991 integrity sha512-jd0cvB8qQ5uVt0lvCIexBaROw1KyKm5sbulg2fWOHjETisuCzWyt+eTZKEMs8v6HwzoGs8xik26jg7eCM6pS+A== 8007 7992 8008 - ow@^0.17.0: 8009 - version "0.17.0" 8010 - resolved "https://registry.npmjs.org/ow/-/ow-0.17.0.tgz#4f938999fed6264c9048cd6254356e0f1e7f688c" 8011 - integrity sha512-i3keDzDQP5lWIe4oODyDFey1qVrq2hXKTuTH2VpqwpYtzPiKZt2ziRI4NBQmgW40AnV5Euz17OyWweCb+bNEQA== 8012 - dependencies: 8013 - type-fest "^0.11.0" 8014 - 8015 7993 p-cancelable@^0.3.0: 8016 7994 version "0.3.0" 8017 7995 resolved "https://registry.npmjs.org/p-cancelable/-/p-cancelable-0.3.0.tgz#b9e123800bcebb7ac13a479be195b507b98d30fa" ··· 8212 8190 resolved "https://registry.npmjs.org/path-key/-/path-key-2.0.1.tgz#411cadb574c5a140d3a4b1910d40d80cc9f40b40" 8213 8191 integrity sha512-fEHGKCSmUSDPv4uoj8AlD+joPlq3peND+HRYyxFz4KPw4z926S/b8rIuFs2FYJg3BwsxJf6A9/3eIdLaYC+9Dw== 8214 8192 8215 - "path-key@^3.0.0", "path-key@^3.1.0": 8193 + path-key@^3.1.0: 8216 8194 version "3.1.1" 8217 8195 resolved "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz#581f6ade658cbba65a0d3380de7753295054f375" 8218 8196 integrity sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q== ··· 8331 8309 integrity sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ== 8332 8310 dependencies: 8333 8311 find-up "^4.0.0" 8334 - 8335 - pngquant-bin@^6.0.0: 8336 - version "6.0.1" 8337 - resolved "https://registry.npmjs.org/pngquant-bin/-/pngquant-bin-6.0.1.tgz#2b5789ca219eeb4d8509ab1ae082092801b7f07e" 8338 - integrity sha512-Q3PUyolfktf+hYio6wsg3SanQzEU/v8aICg/WpzxXcuCMRb7H2Q81okfpcEztbMvw25ILjd3a87doj2N9kvbpQ== 8339 - dependencies: 8340 - bin-build "^3.0.0" 8341 - bin-wrapper "^4.0.1" 8342 - execa "^4.0.0" 8343 8312 8344 8313 popper.js@1.16.1-lts: 8345 8314 version "1.16.1-lts" ··· 8855 8824 resolved "https://registry.npmjs.org/proto-list/-/proto-list-1.2.4.tgz#212d5bfe1318306a420f6402b8e26ff39647a849" 8856 8825 integrity sha512-vtK/94akxsTMhe0/cbfpR+syPuszcuwhqVjJq26CuNDgFGj682oRBXOP5MJpv2r7JtE8MsiepGIqvvOTBwn2vA== 8857 8826 8827 + proxy-from-env@^1.1.0: 8828 + version "1.1.0" 8829 + resolved "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz#e102f16ca355424865755d2c9e8ea4f24d58c3e2" 8830 + integrity sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg== 8831 + 8858 8832 pseudomap@^1.0.2: 8859 8833 version "1.0.2" 8860 8834 resolved "https://registry.npmjs.org/pseudomap/-/pseudomap-1.0.2.tgz#f052a28da70e618917ef0a8ac34c1ae5a68286b3" ··· 9133 9107 dependencies: 9134 9108 fast-memoize "^2.5.1" 9135 9109 9110 + react-arborist@^3.2.0: 9111 + version "3.2.0" 9112 + resolved "https://registry.npmjs.org/react-arborist/-/react-arborist-3.2.0.tgz#f17d726e7d18fcb1494b83ffadfecc8c9bda5dff" 9113 + integrity sha512-sjGL1KIRogwkM5uVifpp01yrfTcIHsm62Kbs78kBbPuksrnJPZ13SAqAqZeXVuyvO0Tbd7odExF/KoHtXHIZaQ== 9114 + dependencies: 9115 + react-dnd "^14.0.3" 9116 + react-dnd-html5-backend "^14.0.1" 9117 + react-window "^1.8.6" 9118 + redux "^4.1.1" 9119 + use-sync-external-store "^1.2.0" 9120 + 9136 9121 react-aspen@^1.1.0: 9137 9122 version "1.2.0" 9138 9123 resolved "https://registry.npmjs.org/react-aspen/-/react-aspen-1.2.0.tgz#375fa82a8db627542fc8b9e6e421baa49a65ab95" ··· 9154 9139 nanoid "^3.0.0" 9155 9140 prop-types "^15.5.8" 9156 9141 9142 + react-dnd-html5-backend@^14.0.1: 9143 + version "14.1.0" 9144 + resolved "https://registry.npmjs.org/react-dnd-html5-backend/-/react-dnd-html5-backend-14.1.0.tgz#b35a3a0c16dd3a2bfb5eb7ec62cf0c2cace8b62f" 9145 + integrity sha512-6ONeqEC3XKVf4eVmMTe0oPds+c5B9Foyj8p/ZKLb7kL2qh9COYxiBHv3szd6gztqi/efkmriywLUVlPotqoJyw== 9146 + dependencies: 9147 + dnd-core "14.0.1" 9148 + 9157 9149 react-dnd-html5-backend@^16.0.1: 9158 9150 version "16.0.1" 9159 9151 resolved "https://registry.npmjs.org/react-dnd-html5-backend/-/react-dnd-html5-backend-16.0.1.tgz#87faef15845d512a23b3c08d29ecfd34871688b6" 9160 9152 integrity sha512-Wu3dw5aDJmOGw8WjH1I1/yTH+vlXEL4vmjk5p+MHxP8HuHJS1lAGeIdG/hze1AvNeXWo/JgULV87LyQOr+r5jw== 9161 9153 dependencies: 9162 9154 dnd-core "^16.0.1" 9155 + 9156 + react-dnd@^14.0.3: 9157 + version "14.0.5" 9158 + resolved "https://registry.npmjs.org/react-dnd/-/react-dnd-14.0.5.tgz#ecf264e220ae62e35634d9b941502f3fca0185ed" 9159 + integrity sha512-9i1jSgbyVw0ELlEVt/NkCUkxy1hmhJOkePoCH713u75vzHGyXhPDm28oLfc2NMSBjZRM1Y+wRjHXJT3sPrTy+A== 9160 + dependencies: 9161 + "@react-dnd/invariant" "^2.0.0" 9162 + "@react-dnd/shallowequal" "^2.0.0" 9163 + dnd-core "14.0.1" 9164 + fast-deep-equal "^3.1.3" 9165 + hoist-non-react-statics "^3.3.2" 9163 9166 9164 9167 react-dnd@^16.0.1: 9165 9168 version "16.0.1" ··· 9319 9322 resolved "https://registry.npmjs.org/react-virtualized-auto-sizer/-/react-virtualized-auto-sizer-1.0.20.tgz#d9a907253a7c221c52fa57dc775a6ef40c182645" 9320 9323 integrity sha512-OdIyHwj4S4wyhbKHOKM1wLSj/UDXm839Z3Cvfg2a9j+He6yDa6i5p0qQvEiCnyQlGO/HyfSnigQwuxvYalaAXA== 9321 9324 9322 - "react-window@^1.3.1", "react-window@^1.8.5": 9325 + "react-window@^1.3.1", "react-window@^1.8.5", "react-window@^1.8.6": 9323 9326 version "1.8.9" 9324 9327 resolved "https://registry.npmjs.org/react-window/-/react-window-1.8.9.tgz#24bc346be73d0468cdf91998aac94e32bc7fa6a8" 9325 9328 integrity sha512-+Eqx/fj1Aa5WnhRfj9dJg4VYATGwIUP2ItwItiJ6zboKWA6EX3lYDAXfGF2hyNqplEprhbtjbipiADEcwQ823Q== ··· 9422 9425 indent-string "^5.0.0" 9423 9426 strip-indent "^4.0.0" 9424 9427 9425 - redux@^4.2.0: 9428 + "redux@^4.1.1", "redux@^4.2.0": 9426 9429 version "4.2.1" 9427 9430 resolved "https://registry.npmjs.org/redux/-/redux-4.2.1.tgz#c08f4306826c49b5e9dc901dee0452ea8fce6197" 9428 9431 integrity sha512-LAUYz4lc+Do8/g7aeRa8JkyDErK6ekstQaqWQrNRW//MY1TvCEpMtpTWvlQ+FPbWCx+Xixu/6SHt5N0HR+SB4w== ··· 9851 9854 get-intrinsic "^1.0.2" 9852 9855 object-inspect "^1.9.0" 9853 9856 9854 - "signal-exit@^3.0.0", "signal-exit@^3.0.2", "signal-exit@^3.0.7": 9857 + "signal-exit@^3.0.0", "signal-exit@^3.0.7": 9855 9858 version "3.0.7" 9856 9859 resolved "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz#a9a1767f8af84155114eaabd73f99273c8f59ad9" 9857 9860 integrity sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ== ··· 10235 10238 resolved "https://registry.npmjs.org/strip-eof/-/strip-eof-1.0.0.tgz#bb43ff5598a6eb05d89b59fcd129c983313606bf" 10236 10239 integrity sha512-7FCwGGmx8mD5xQd3RPUvnSpUXHM3BWuzjtpD4TXsfcZ9EL4azvVVUscFYwD9nx8Kh+uCBC00XBtAykoMHwTh8Q== 10237 10240 10238 - strip-final-newline@^2.0.0: 10239 - version "2.0.0" 10240 - resolved "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-2.0.0.tgz#89b852fb2fcbe936f6f4b3187afb0a12c1ab58ad" 10241 - integrity sha512-BrpvfNAE3dcvq7ll3xVumzjKjZQ5tI1sEUIKr3Uoks0XUl45St3FlatVqef9prk4jRDzhW6WZg+3bk93y6pLjA== 10242 - 10243 10241 strip-final-newline@^3.0.0: 10244 10242 version "3.0.0" 10245 10243 resolved "https://registry.npmjs.org/strip-final-newline/-/strip-final-newline-3.0.0.tgz#52894c313fbff318835280aed60ff71ebf12b8fd" ··· 10277 10275 resolved "https://registry.npmjs.org/style-loader/-/style-loader-3.3.3.tgz#bba8daac19930169c0c9c96706749a597ae3acff" 10278 10276 integrity sha512-53BiGLXAcll9maCYtZi2RCQZKa8NQQai5C4horqKyRmHj9H7QmcUyucrH+4KW/gBQbXM2AsB0axoEcFZPlfPcw== 10279 10277 10280 - style-to-js@1.1.1: 10281 - version "1.1.1" 10282 - resolved "https://registry.npmjs.org/style-to-js/-/style-to-js-1.1.1.tgz#417786986cda61d4525c80aed9d1123a6a7af9b8" 10283 - integrity sha512-RJ18Z9t2B02sYhZtfWKQq5uplVctgvjTfLWT7+Eb1zjUjIrWzX5SdlkwLGQozrqarTmEzJJ/YmdNJCUNI47elg== 10278 + style-to-js@1.1.3: 10279 + version "1.1.3" 10280 + resolved "https://registry.npmjs.org/style-to-js/-/style-to-js-1.1.3.tgz#2012d75dc89bf400edc29c545ed61c8626b00184" 10281 + integrity sha512-zKI5gN/zb7LS/Vm0eUwjmjrXWw8IMtyA8aPBJZdYiQTXj4+wQ3IucOLIOnF7zCHxvW8UhIGh/uZh/t9zEHXNTQ== 10284 10282 dependencies: 10285 - style-to-object "0.3.0" 10283 + style-to-object "0.4.1" 10286 10284 10287 - style-to-object@0.3.0: 10288 - version "0.3.0" 10289 - resolved "https://registry.npmjs.org/style-to-object/-/style-to-object-0.3.0.tgz#b1b790d205991cc783801967214979ee19a76e46" 10290 - integrity sha512-CzFnRRXhzWIdItT3OmF8SQfWyahHhjq3HwcMNCNLn+N7klOOqPjMeG/4JSu77D7ypZdGvSzvkrbyeTMizz2VrA== 10285 + style-to-object@0.4.1: 10286 + version "0.4.1" 10287 + resolved "https://registry.npmjs.org/style-to-object/-/style-to-object-0.4.1.tgz#53cf856f7cf7f172d72939d9679556469ba5de37" 10288 + integrity sha512-HFpbb5gr2ypci7Qw+IOhnP2zOU7e77b+rzM+wTzXzfi1PrtBCX0E7Pk4wL4iTLnhzZ+JgEGAhX81ebTg/aYjQw== 10291 10289 dependencies: 10292 10290 inline-style-parser "0.1.1" 10293 10291 ··· 10691 10689 dependencies: 10692 10690 prelude-ls "^1.2.1" 10693 10691 10694 - type-fest@^0.11.0: 10695 - version "0.11.0" 10696 - resolved "https://registry.npmjs.org/type-fest/-/type-fest-0.11.0.tgz#97abf0872310fed88a5c466b25681576145e33f1" 10697 - integrity sha512-OdjXJxnCN1AvyLSzeKIgXTXxV+99ZuXl3Hpo9XpJAv9MBcHrrJOQ5kV7ypXOuQie+AmWG25hLbiKdwYTifzcfQ== 10698 - 10699 10692 type-fest@^0.20.2: 10700 10693 version "0.20.2" 10701 10694 resolved "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz#1bf207f4b28f91583666cb5fbd327887301cd5f4" ··· 10904 10897 version "1.1.2" 10905 10898 resolved "https://registry.npmjs.org/use-isomorphic-layout-effect/-/use-isomorphic-layout-effect-1.1.2.tgz#497cefb13d863d687b08477d9e5a164ad8c1a6fb" 10906 10899 integrity sha512-49L8yCO3iGT/ZF9QttjwLF/ZD9Iwto5LnH5LmEdk/6cFmXddqi2ulF0edxTwjj+7mqvpVVGQWvbXZdn32wRSHA== 10900 + 10901 + use-sync-external-store@^1.2.0: 10902 + version "1.2.0" 10903 + resolved "https://registry.npmjs.org/use-sync-external-store/-/use-sync-external-store-1.2.0.tgz#7dbefd6ef3fe4e767a0cf5d7287aacfb5846928a" 10904 + integrity sha512-eEgnFxGQ1Ife9bzYs6VLi8/4X6CObHMw9Qr9tPY43iKwsPw8xE8+EFsf/2cFZ5S3esXgpWgtSCtLNS41F+sKPA== 10907 10905 10908 10906 "util-deprecate@^1.0.1", "util-deprecate@^1.0.2", "util-deprecate@~1.0.1": 10909 10907 version "1.0.2"

+2 -2

pkgs/tools/admin/stripe-cli/default.nix

··· 2 2 3 3 buildGoModule rec { 4 4 pname = "stripe-cli"; 5 - version = "1.17.2"; 5 + version = "1.18.0"; 6 6 7 7 src = fetchFromGitHub { 8 8 owner = "stripe"; 9 9 repo = pname; 10 10 rev = "v${version}"; 11 - hash = "sha256-MzzjrGtqbtZMvfL7dPAsKHF2ZTneSdtDuwHQQcyrQDw="; 11 + hash = "sha256-1AdR0PHAhrMbeCD5zNsU9JoXInQD+qUIYfveBD60wR0="; 12 12 }; 13 13 vendorHash = "sha256-DYA6cu2KzEBZ4wsT7wjcdY1endQQOZlj2aOwu6iGLew="; 14 14

+6 -10

pkgs/tools/graphics/wdisplays/default.nix

··· 1 1 { lib, stdenv, fetchFromGitHub, meson, ninja, pkg-config, gtk3, libepoxy, wayland, wrapGAppsHook }: 2 2 3 - stdenv.mkDerivation rec { 3 + stdenv.mkDerivation (finalAttrs: { 4 4 pname = "wdisplays"; 5 - version = "unstable-2021-04-03"; 5 + version = "1.1.1"; 6 6 7 7 nativeBuildInputs = [ meson ninja pkg-config wrapGAppsHook ]; 8 8 9 9 buildInputs = [ gtk3 libepoxy wayland ]; 10 10 11 11 src = fetchFromGitHub { 12 - owner = "luispabon"; 12 + owner = "artizirk"; 13 13 repo = "wdisplays"; 14 - rev = "7f2eac0d2aa81b5f495da7950fd5a94683f7868e"; 15 - sha256 = "sha256-cOF3+T34zPro58maWUouGG+vlLm2C5NfcH7PZhSvApE="; 14 + rev = finalAttrs.version; 15 + sha256 = "sha256-dtvP930ChiDRT60xq6xBDU6k+zHnkrAkxkKz2FxlzRs="; 16 16 }; 17 - 18 - patchPhase = '' 19 - substituteInPlace ./resources/wdisplays.desktop.in --replace "@app_id@" "wdisplays" 20 - ''; 21 17 22 18 meta = with lib; { 23 19 description = "A graphical application for configuring displays in Wayland compositors"; ··· 27 23 platforms = platforms.linux; 28 24 mainProgram = "wdisplays"; 29 25 }; 30 - } 26 + })

+3 -1

pkgs/tools/misc/fd/default.nix

··· 1 - { lib, rustPlatform, fetchFromGitHub, installShellFiles, testers, fd }: 1 + { lib, rustPlatform, fetchFromGitHub, installShellFiles, rust-jemalloc-sys, testers, fd }: 2 2 3 3 rustPlatform.buildRustPackage rec { 4 4 pname = "fd"; ··· 14 14 cargoHash = "sha256-AstE8KGICgPhqRKlJecrE9iPUUWaOvca6ocWf85IzNo="; 15 15 16 16 nativeBuildInputs = [ installShellFiles ]; 17 + 18 + buildInputs = [ rust-jemalloc-sys ]; 17 19 18 20 # skip flaky test 19 21 checkFlags = [

+2 -2

pkgs/tools/misc/progress/default.nix

··· 2 2 3 3 stdenv.mkDerivation rec { 4 4 pname = "progress"; 5 - version = "0.16"; 5 + version = "0.17"; 6 6 7 7 src = fetchFromGitHub { 8 8 owner = "Xfennec"; 9 9 repo = "progress"; 10 10 rev = "v${version}"; 11 - sha256 = "sha256-kkEyflyBaQ5hUVo646NUuC1u54uzLJJsVFej9pMEwT0="; 11 + sha256 = "sha256-riewkageSZIlwDNMjYep9Pb2q1GJ+WMXazokJGbb4bE="; 12 12 }; 13 13 14 14 nativeBuildInputs = [ pkg-config which ];

+3 -3

pkgs/tools/misc/tbls/default.nix

··· 7 7 8 8 buildGoModule rec { 9 9 pname = "tbls"; 10 - version = "1.68.2"; 10 + version = "1.70.2"; 11 11 12 12 src = fetchFromGitHub { 13 13 owner = "k1LoW"; 14 14 repo = "tbls"; 15 15 rev = "v${version}"; 16 - hash = "sha256-yDWAKkzRb487iZ+5tmIH1qfuHj0TldOT+tTQwtVyX7s="; 16 + hash = "sha256-LSICkg99veFHLmdcQZmnyfTbdqx7k2XI13W7Cjuj3qA="; 17 17 }; 18 18 19 - vendorHash = "sha256-V6TF7Q+9XxBeSVXlotu8tUrNCWDr80BZsQcVSBGikl8="; 19 + vendorHash = "sha256-84h+LQzk/xy/Gapy7IxB8IPvsVGRsJP7udd9HhLskew="; 20 20 21 21 CGO_CFLAGS = [ "-Wno-format-security" ]; 22 22

+2

pkgs/tools/misc/turbo/default.nix

··· 12 12 , openssl 13 13 , extra-cmake-modules 14 14 , fontconfig 15 + , rust-jemalloc-sys 15 16 , testers 16 17 , turbo 17 18 , nix-update-script ··· 149 150 buildInputs = [ 150 151 openssl 151 152 fontconfig 153 + rust-jemalloc-sys 152 154 ] ++ lib.optionals stdenv.isDarwin [ 153 155 IOKit 154 156 CoreServices

+2 -1

pkgs/tools/misc/vector/default.nix

··· 8 8 , rdkafka 9 9 , oniguruma 10 10 , zstd 11 + , rust-jemalloc-sys 11 12 , Security 12 13 , libiconv 13 14 , coreutils ··· 59 60 }; 60 61 }; 61 62 nativeBuildInputs = [ pkg-config cmake perl git rustPlatform.bindgenHook ]; 62 - buildInputs = [ oniguruma openssl protobuf rdkafka zstd ] 63 + buildInputs = [ oniguruma openssl protobuf rdkafka zstd rust-jemalloc-sys ] 63 64 ++ lib.optionals stdenv.isDarwin [ Security libiconv coreutils CoreServices ]; 64 65 65 66 # needed for internal protobuf c wrapper library

+3 -3

pkgs/tools/networking/sish/default.nix

··· 7 7 8 8 buildGoModule rec { 9 9 pname = "sish"; 10 - version = "2.9.2"; 10 + version = "2.11.0"; 11 11 12 12 src = fetchFromGitHub { 13 13 owner = "antoniomika"; 14 14 repo = pname; 15 15 rev = "refs/tags/v${version}"; 16 - hash = "sha256-6PCZtiXsDQfPZFw3r1n3rwgxigSnWgggHXzZdBT/fxA="; 16 + hash = "sha256-dNwSMDEt142A0rP212bWBZSX2zhYgL94EJymOvegTa8="; 17 17 }; 18 18 19 - vendorHash = "sha256-RnvkEUvL/bQTTTlg0RF0xjjvVniltequNKRD3z0H3O8="; 19 + vendorHash = "sha256-XtN2RgegmKR/RDFBbHn9kpI1BxmF7jfu7LAwPVaAvEk="; 20 20 21 21 ldflags = [ 22 22 "-s"

+3

pkgs/top-level/all-packages.nix

··· 22283 22283 22284 22284 jemalloc = callPackage ../development/libraries/jemalloc { }; 22285 22285 22286 + rust-jemalloc-sys = callPackage ../development/libraries/jemalloc/rust.nix { }; 22287 + rust-jemalloc-sys-unprefixed = rust-jemalloc-sys.override { unprefixed = true; }; 22288 + 22286 22289 jose = callPackage ../development/libraries/jose { }; 22287 22290 22288 22291 jpcre2 = callPackage ../development/libraries/jpcre2 { };

+4 -4

pkgs/top-level/perl-packages.nix

··· 5024 5024 5025 5025 CryptPassphraseBcrypt = buildPerlPackage { 5026 5026 pname = "Crypt-Passphrase-Bcrypt"; 5027 - version = "0.001"; 5027 + version = "0.007"; 5028 5028 src = fetchurl { 5029 - url = "mirror://cpan/authors/id/L/LE/LEONT/Crypt-Passphrase-Bcrypt-0.001.tar.gz"; 5030 - hash = "sha256-M44nA4RH/eAjznyaC1dPR+4zeQRKDAgxrJRx8UMNxMU="; 5029 + url = "mirror://cpan/authors/id/L/LE/LEONT/Crypt-Passphrase-Bcrypt-0.007.tar.gz"; 5030 + hash = "sha256-/k1NHTm9TxODQaJZUFzhE3EnCnZ8nndH90H7dGH9sA8="; 5031 5031 }; 5032 - propagatedBuildInputs = [ CryptEksblowfish CryptPassphrase ]; 5032 + propagatedBuildInputs = [ CryptBcrypt CryptPassphrase ]; 5033 5033 meta = { 5034 5034 description = "A bcrypt encoder for Crypt::Passphrase"; 5035 5035 homepage = "https://github.com/Leont/crypt-passphrase-bcrypt";

+1

pkgs/top-level/python-aliases.nix

··· 354 354 qiskit-aqua = throw "qiskit-aqua has been removed due to deprecation, with its functionality moved to different qiskit packages"; 355 355 rabbitpy = throw "rabbitpy has been removed, since it is unmaintained and broken"; # added 2023-07-01 356 356 rdflib-jsonld = throw "rdflib-jsonld is not compatible with rdflib 6"; # added 2021-11-05 357 + recaptcha_client = throw "recaptcha_client has been removed since it is no longer maintained"; # added 2023-10-20 357 358 rednose = throw "rednose is no longer maintained (since February 2018)"; # added 2023-08-06 358 359 retworkx = rustworkx; # added 2023-05-14 359 360 repeated_test = repeated-test; # added 2022-11-15

-2

pkgs/top-level/python-packages.nix

··· 12048 12048 12049 12049 rebulk = callPackage ../development/python-modules/rebulk { }; 12050 12050 12051 - recaptcha_client = callPackage ../development/python-modules/recaptcha_client { }; 12052 - 12053 12051 recipe-scrapers = callPackage ../development/python-modules/recipe-scrapers { }; 12054 12052 12055 12053 recline = callPackage ../development/python-modules/recline { };