pyrox.dev / nixpkgs
lol
fork atom

Merge staging-next into staging

authored by

github-actions[bot] and committed by
GitHub e076f677 e2839320

+1434 -292
unified split
+1
.github/CODEOWNERS
··· 28 /lib/cli.nix @edolstra @nbp @Profpatsch 29 /lib/debug.nix @edolstra @nbp @Profpatsch 30 /lib/asserts.nix @edolstra @nbp @Profpatsch 31 32 # Nixpkgs Internals 33 /default.nix @nbp
··· 28 /lib/cli.nix @edolstra @nbp @Profpatsch 29 /lib/debug.nix @edolstra @nbp @Profpatsch 30 /lib/asserts.nix @edolstra @nbp @Profpatsch 31 + /lib/path.* @infinisil @fricklerhandwerk 32 33 # Nixpkgs Internals 34 /default.nix @nbp
+1
doc/doc-support/default.nix
··· 12 { name = "lists"; description = "list manipulation functions"; } 13 { name = "debug"; description = "debugging functions"; } 14 { name = "options"; description = "NixOS / nixpkgs option handling"; } 15 { name = "filesystem"; description = "filesystem functions"; } 16 { name = "sources"; description = "source filtering functions"; } 17 { name = "cli"; description = "command-line serialization functions"; }
··· 12 { name = "lists"; description = "list manipulation functions"; } 13 { name = "debug"; description = "debugging functions"; } 14 { name = "options"; description = "NixOS / nixpkgs option handling"; } 15 + { name = "path"; description = "path functions"; } 16 { name = "filesystem"; description = "filesystem functions"; } 17 { name = "sources"; description = "source filtering functions"; } 18 { name = "cli"; description = "command-line serialization functions"; }
+5 -1
doc/doc-support/lib-function-docs.nix
··· 10 installPhase = '' 11 function docgen { 12 # TODO: wrap lib.$1 in <literal>, make nixdoc not escape it 13 - nixdoc -c "$1" -d "lib.$1: $2" -f "$1.nix" > "$out/$1.xml" 14 echo "<xi:include href='$1.xml' />" >> "$out/index.xml" 15 } 16
··· 10 installPhase = '' 11 function docgen { 12 # TODO: wrap lib.$1 in <literal>, make nixdoc not escape it 13 + if [[ -e "../lib/$1.nix" ]]; then 14 + nixdoc -c "$1" -d "lib.$1: $2" -f "$1.nix" > "$out/$1.xml" 15 + else 16 + nixdoc -c "$1" -d "lib.$1: $2" -f "$1/default.nix" > "$out/$1.xml" 17 + fi 18 echo "<xi:include href='$1.xml' />" >> "$out/index.xml" 19 } 20
+9 -7
doc/doc-support/lib-function-locations.nix
··· 2 let 3 revision = pkgs.lib.trivial.revisionWithDefault (nixpkgs.revision or "master"); 4 5 - libDefPos = set: 6 - builtins.map 7 - (name: { 8 - name = name; 9 location = builtins.unsafeGetAttrPos name set; 10 - }) 11 - (builtins.attrNames set); 12 13 libset = toplib: 14 builtins.map 15 (subsetname: { 16 subsetname = subsetname; 17 - functions = libDefPos toplib.${subsetname}; 18 }) 19 (builtins.map (x: x.name) libsets); 20
··· 2 let 3 revision = pkgs.lib.trivial.revisionWithDefault (nixpkgs.revision or "master"); 4 5 + libDefPos = prefix: set: 6 + builtins.concatMap 7 + (name: [{ 8 + name = builtins.concatStringsSep "." (prefix ++ [name]); 9 location = builtins.unsafeGetAttrPos name set; 10 + }] ++ nixpkgsLib.optionals 11 + (builtins.length prefix == 0 && builtins.isAttrs set.${name}) 12 + (libDefPos (prefix ++ [name]) set.${name}) 13 + ) (builtins.attrNames set); 14 15 libset = toplib: 16 builtins.map 17 (subsetname: { 18 subsetname = subsetname; 19 + functions = libDefPos [] toplib.${subsetname}; 20 }) 21 (builtins.map (x: x.name) libsets); 22
+15 -1
doc/languages-frameworks/python.section.md
··· 570 571 ``` 572 checkInputs = [ pytest ]; 573 - checkPhase = "pytest"; 574 ``` 575 576 However, many repositories' test suites do not translate well to nix's build ··· 582 checkInputs = [ pytest ]; 583 # avoid tests which need additional data or touch network 584 checkPhase = '' 585 pytest tests/ --ignore=tests/integration -k 'not download and not update' 586 ''; 587 ``` 588 ··· 1408 # assumes the tests are located in tests 1409 checkInputs = [ pytest ]; 1410 checkPhase = '' 1411 py.test -k 'not function_name and not other_function' tests 1412 ''; 1413 } 1414 ```
··· 570 571 ``` 572 checkInputs = [ pytest ]; 573 + checkPhase = '' 574 + runHook preCheck 575 + 576 + pytest 577 + 578 + runHook postCheck 579 + ''; 580 ``` 581 582 However, many repositories' test suites do not translate well to nix's build ··· 588 checkInputs = [ pytest ]; 589 # avoid tests which need additional data or touch network 590 checkPhase = '' 591 + runHook preCheck 592 + 593 pytest tests/ --ignore=tests/integration -k 'not download and not update' 594 + 595 + runHook postCheck 596 ''; 597 ``` 598 ··· 1418 # assumes the tests are located in tests 1419 checkInputs = [ pytest ]; 1420 checkPhase = '' 1421 + runHook preCheck 1422 + 1423 py.test -k 'not function_name and not other_function' tests 1424 + 1425 + runHook postCheck 1426 ''; 1427 } 1428 ```
+2 -1
lib/default.nix
··· 27 maintainers = import ../maintainers/maintainer-list.nix; 28 teams = callLibs ../maintainers/team-list.nix; 29 meta = callLibs ./meta.nix; 30 - sources = callLibs ./sources.nix; 31 versions = callLibs ./versions.nix; 32 33 # module system ··· 53 fetchers = callLibs ./fetchers.nix; 54 55 # Eval-time filesystem handling 56 filesystem = callLibs ./filesystem.nix; 57 58 # back-compat aliases 59 platforms = self.systems.doubles;
··· 27 maintainers = import ../maintainers/maintainer-list.nix; 28 teams = callLibs ../maintainers/team-list.nix; 29 meta = callLibs ./meta.nix; 30 versions = callLibs ./versions.nix; 31 32 # module system ··· 52 fetchers = callLibs ./fetchers.nix; 53 54 # Eval-time filesystem handling 55 + path = callLibs ./path; 56 filesystem = callLibs ./filesystem.nix; 57 + sources = callLibs ./sources.nix; 58 59 # back-compat aliases 60 platforms = self.systems.doubles;
+196
lib/path/README.md
···
··· 1 + # Path library 2 + 3 + This document explains why the `lib.path` library is designed the way it is. 4 + 5 + The purpose of this library is to process [filesystem paths]. It does not read files from the filesystem. 6 + It exists to support the native Nix [path value type] with extra functionality. 7 + 8 + [filesystem paths]: https://en.m.wikipedia.org/wiki/Path_(computing) 9 + [path value type]: https://nixos.org/manual/nix/stable/language/values.html#type-path 10 + 11 + As an extension of the path value type, it inherits the same intended use cases and limitations: 12 + - Only use paths to access files at evaluation time, such as the local project source. 13 + - Paths cannot point to derivations, so they are unfit to represent dependencies. 14 + - A path implicitly imports the referenced files into the Nix store when interpolated to a string. Therefore paths are not suitable to access files at build- or run-time, as you risk importing the path from the evaluation system instead. 15 + 16 + Overall, this library works with two types of paths: 17 + - Absolute paths are represented with the Nix [path value type]. Nix automatically normalises these paths. 18 + - Subpaths are represented with the [string value type] since path value types don't support relative paths. This library normalises these paths as safely as possible. Absolute paths in strings are not supported. 19 + 20 + A subpath refers to a specific file or directory within an absolute base directory. 21 + It is a stricter form of a relative path, notably [without support for `..` components][parents] since those could escape the base directory. 22 + 23 + [string value type]: https://nixos.org/manual/nix/stable/language/values.html#type-string 24 + 25 + This library is designed to be as safe and intuitive as possible, throwing errors when operations are attempted that would produce surprising results, and giving the expected result otherwise. 26 + 27 + This library is designed to work well as a dependency for the `lib.filesystem` and `lib.sources` library components. Contrary to these library components, `lib.path` does not read any paths from the filesystem. 28 + 29 + This library makes only these assumptions about paths and no others: 30 + - `dirOf path` returns the path to the parent directory of `path`, unless `path` is the filesystem root, in which case `path` is returned. 31 + - There can be multiple filesystem roots: `p == dirOf p` and `q == dirOf q` does not imply `p == q`. 32 + - While there's only a single filesystem root in stable Nix, the [lazy trees feature](https://github.com/NixOS/nix/pull/6530) introduces [additional filesystem roots](https://github.com/NixOS/nix/pull/6530#discussion_r1041442173). 33 + - `path + ("/" + string)` returns the path to the `string` subdirectory in `path`. 34 + - If `string` contains no `/` characters, then `dirOf (path + ("/" + string)) == path`. 35 + - If `string` contains no `/` characters, then `baseNameOf (path + ("/" + string)) == string`. 36 + - `path1 == path2` returns `true` only if `path1` points to the same filesystem path as `path2`. 37 + 38 + Notably we do not make the assumption that we can turn paths into strings using `toString path`. 39 + 40 + ## Design decisions 41 + 42 + Each subsection here contains a decision along with arguments and counter-arguments for (+) and against (-) that decision. 43 + 44 + ### Leading dots for relative paths 45 + [leading-dots]: #leading-dots-for-relative-paths 46 + 47 + Observing: Since subpaths are a form of relative paths, they can have a leading `./` to indicate it being a relative path, this is generally not necessary for tools though. 48 + 49 + Considering: Paths should be as explicit, consistent and unambiguous as possible. 50 + 51 + Decision: Returned subpaths should always have a leading `./`. 52 + 53 + <details> 54 + <summary>Arguments</summary> 55 + 56 + - (+) In shells, just running `foo` as a command wouldn't execute the file `foo`, whereas `./foo` would execute the file. In contrast, `foo/bar` does execute that file without the need for `./`. This can lead to confusion about when a `./` needs to be prefixed. If a `./` is always included, this becomes a non-issue. This effectively then means that paths don't overlap with command names. 57 + - (+) Prepending with `./` makes the subpaths always valid as relative Nix path expressions. 58 + - (+) Using paths in command line arguments could give problems if not escaped properly, e.g. if a path was `--version`. This is not a problem with `./--version`. This effectively then means that paths don't overlap with GNU-style command line options. 59 + - (-) `./` is not required to resolve relative paths, resolution always has an implicit `./` as prefix. 60 + - (-) It's less noisy without the `./`, e.g. in error messages. 61 + - (+) But similarly, it could be confusing whether something was even a path. 62 + e.g. `foo` could be anything, but `./foo` is more clearly a path. 63 + - (+) Makes it more uniform with absolute paths (those always start with `/`). 64 + - (-) That is not relevant for practical purposes. 65 + - (+) `find` also outputs results with `./`. 66 + - (-) But only if you give it an argument of `.`. If you give it the argument `some-directory`, it won't prefix that. 67 + - (-) `realpath --relative-to` doesn't prefix relative paths with `./`. 68 + - (+) There is no need to return the same result as `realpath`. 69 + 70 + </details> 71 + 72 + ### Representation of the current directory 73 + [curdir]: #representation-of-the-current-directory 74 + 75 + Observing: The subpath that produces the base directory can be represented with `.` or `./` or `./.`. 76 + 77 + Considering: Paths should be as consistent and unambiguous as possible. 78 + 79 + Decision: It should be `./.`. 80 + 81 + <details> 82 + <summary>Arguments</summary> 83 + 84 + - (+) `./` would be inconsistent with [the decision to not persist trailing slashes][trailing-slashes]. 85 + - (-) `.` is how `realpath` normalises paths. 86 + - (+) `.` can be interpreted as a shell command (it's a builtin for sourcing files in `bash` and `zsh`). 87 + - (+) `.` would be the only path without a `/`. It could not be used as a Nix path expression, since those require at least one `/` to be parsed as such. 88 + - (-) `./.` is rather long. 89 + - (-) We don't require users to type this though, as it's only output by the library. 90 + As inputs all three variants are supported for subpaths (and we can't do anything about absolute paths) 91 + - (-) `builtins.dirOf "foo" == "."`, so `.` would be consistent with that. 92 + - (+) `./.` is consistent with the [decision to have leading `./`][leading-dots]. 93 + - (+) `./.` is a valid Nix path expression, although this property does not hold for every relative path or subpath. 94 + 95 + </details> 96 + 97 + ### Subpath representation 98 + [relrepr]: #subpath-representation 99 + 100 + Observing: Subpaths such as `foo/bar` can be represented in various ways: 101 + - string: `"foo/bar"` 102 + - list with all the components: `[ "foo" "bar" ]` 103 + - attribute set: `{ type = "relative-path"; components = [ "foo" "bar" ]; }` 104 + 105 + Considering: Paths should be as safe to use as possible. We should generate string outputs in the library and not encourage users to do that themselves. 106 + 107 + Decision: Paths are represented as strings. 108 + 109 + <details> 110 + <summary>Arguments</summary> 111 + 112 + - (+) It's simpler for the users of the library. One doesn't have to convert a path a string before it can be used. 113 + - (+) Naively converting the list representation to a string with `concatStringsSep "/"` would break for `[]`, requiring library users to be more careful. 114 + - (+) It doesn't encourage people to do their own path processing and instead use the library. 115 + With a list representation it would seem easy to just use `lib.lists.init` to get the parent directory, but then it breaks for `.`, which would be represented as `[ ]`. 116 + - (+) `+` is convenient and doesn't work on lists and attribute sets. 117 + - (-) Shouldn't use `+` anyways, we export safer functions for path manipulation. 118 + 119 + </details> 120 + 121 + ### Parent directory 122 + [parents]: #parent-directory 123 + 124 + Observing: Relative paths can have `..` components, which refer to the parent directory. 125 + 126 + Considering: Paths should be as safe and unambiguous as possible. 127 + 128 + Decision: `..` path components in string paths are not supported, neither as inputs nor as outputs. Hence, string paths are called subpaths, rather than relative paths. 129 + 130 + <details> 131 + <summary>Arguments</summary> 132 + 133 + - (+) If we wanted relative paths to behave according to the "physical" interpretation (as a directory tree with relations between nodes), it would require resolving symlinks, since e.g. `foo/..` would not be the same as `.` if `foo` is a symlink. 134 + - (-) The "logical" interpretation is also valid (treating paths as a sequence of names), and is used by some software. It is simpler, and not using symlinks at all is safer. 135 + - (+) Mixing both models can lead to surprises. 136 + - (+) We can't resolve symlinks without filesystem access. 137 + - (+) Nix also doesn't support reading symlinks at evaluation time. 138 + - (-) We could just not handle such cases, e.g. `equals "foo" "foo/bar/.. == false`. The paths are different, we don't need to check whether the paths point to the same thing. 139 + - (+) Assume we said `relativeTo /foo /bar == "../bar"`. If this is used like `/bar/../foo` in the end, and `bar` turns out to be a symlink to somewhere else, this won't be accurate. 140 + - (-) We could decide to not support such ambiguous operations, or mark them as such, e.g. the normal `relativeTo` will error on such a case, but there could be `extendedRelativeTo` supporting that. 141 + - (-) `..` are a part of paths, a path library should therefore support it. 142 + - (+) If we can convincingly argue that all such use cases are better done e.g. with runtime tools, the library not supporting it can nudge people towards using those. 143 + - (-) We could allow "..", but only in the prefix. 144 + - (+) Then we'd have to throw an error for doing `append /some/path "../foo"`, making it non-composable. 145 + - (+) The same is for returning paths with `..`: `relativeTo /foo /bar => "../bar"` would produce a non-composable path. 146 + - (+) We argue that `..` is not needed at the Nix evaluation level, since we'd always start evaluation from the project root and don't go up from there. 147 + - (+) `..` is supported in Nix paths, turning them into absolute paths. 148 + - (-) This is ambiguous in the presence of symlinks. 149 + - (+) If you need `..` for building or runtime, you can use build-/run-time tooling to create those (e.g. `realpath` with `--relative-to`), or use absolute paths instead. 150 + This also gives you the ability to correctly handle symlinks. 151 + 152 + </details> 153 + 154 + ### Trailing slashes 155 + [trailing-slashes]: #trailing-slashes 156 + 157 + Observing: Subpaths can contain trailing slashes, like `foo/`, indicating that the path points to a directory and not a file. 158 + 159 + Considering: Paths should be as consistent as possible, there should only be a single normalisation for the same path. 160 + 161 + Decision: All functions remove trailing slashes in their results. 162 + 163 + <details> 164 + <summary>Arguments</summary> 165 + 166 + - (+) It allows normalisations to be unique, in that there's only a single normalisation for the same path. If trailing slashes were preserved, both `foo/bar` and `foo/bar/` would be valid but different normalisations for the same path. 167 + - Comparison to other frameworks to figure out the least surprising behavior: 168 + - (+) Nix itself doesn't support trailing slashes when parsing and doesn't preserve them when appending paths. 169 + - (-) [Rust's std::path](https://doc.rust-lang.org/std/path/index.html) does preserve them during [construction](https://doc.rust-lang.org/std/path/struct.Path.html#method.new). 170 + - (+) Doesn't preserve them when returning individual [components](https://doc.rust-lang.org/std/path/struct.Path.html#method.components). 171 + - (+) Doesn't preserve them when [canonicalizing](https://doc.rust-lang.org/std/path/struct.Path.html#method.canonicalize). 172 + - (+) [Python 3's pathlib](https://docs.python.org/3/library/pathlib.html#module-pathlib) doesn't preserve them during [construction](https://docs.python.org/3/library/pathlib.html#pathlib.PurePath). 173 + - Notably it represents the individual components as a list internally. 174 + - (-) [Haskell's filepath](https://hackage.haskell.org/package/filepath-1.4.100.0) has [explicit support](https://hackage.haskell.org/package/filepath-1.4.100.0/docs/System-FilePath.html#g:6) for handling trailing slashes. 175 + - (-) Does preserve them for [normalisation](https://hackage.haskell.org/package/filepath-1.4.100.0/docs/System-FilePath.html#v:normalise). 176 + - (-) [NodeJS's Path library](https://nodejs.org/api/path.html) preserves trailing slashes for [normalisation](https://nodejs.org/api/path.html#pathnormalizepath). 177 + - (+) For [parsing a path](https://nodejs.org/api/path.html#pathparsepath) into its significant elements, trailing slashes are not preserved. 178 + - (+) Nix's builtin function `dirOf` gives an unexpected result for paths with trailing slashes: `dirOf "foo/bar/" == "foo/bar"`. 179 + Inconsistently, `baseNameOf` works correctly though: `baseNameOf "foo/bar/" == "bar"`. 180 + - (-) We are writing a path library to improve handling of paths though, so we shouldn't use these functions and discourage their use. 181 + - (-) Unexpected result when normalising intermediate paths, like `relative.normalise ("foo" + "/") + "bar" == "foobar"`. 182 + - (+) This is not a practical use case though. 183 + - (+) Don't use `+` to append paths, this library has a `join` function for that. 184 + - (-) Users might use `+` out of habit though. 185 + - (+) The `realpath` command also removes trailing slashes. 186 + - (+) Even with a trailing slash, the path is the same, it's only an indication that it's a directory. 187 + 188 + </details> 189 + 190 + ## Other implementations and references 191 + 192 + - [Rust](https://doc.rust-lang.org/std/path/struct.Path.html) 193 + - [Python](https://docs.python.org/3/library/pathlib.html) 194 + - [Haskell](https://hackage.haskell.org/package/filepath-1.4.100.0/docs/System-FilePath.html) 195 + - [Nodejs](https://nodejs.org/api/path.html) 196 + - [POSIX.1-2017](https://pubs.opengroup.org/onlinepubs/9699919799/nframe.html)
+218
lib/path/default.nix
···
··· 1 + # Functions for working with paths, see ./path.md 2 + { lib }: 3 + let 4 + 5 + inherit (builtins) 6 + isString 7 + split 8 + match 9 + ; 10 + 11 + inherit (lib.lists) 12 + length 13 + head 14 + last 15 + genList 16 + elemAt 17 + ; 18 + 19 + inherit (lib.strings) 20 + concatStringsSep 21 + substring 22 + ; 23 + 24 + inherit (lib.asserts) 25 + assertMsg 26 + ; 27 + 28 + # Return the reason why a subpath is invalid, or `null` if it's valid 29 + subpathInvalidReason = value: 30 + if ! isString value then 31 + "The given value is of type ${builtins.typeOf value}, but a string was expected" 32 + else if value == "" then 33 + "The given string is empty" 34 + else if substring 0 1 value == "/" then 35 + "The given string \"${value}\" starts with a `/`, representing an absolute path" 36 + # We don't support ".." components, see ./path.md#parent-directory 37 + else if match "(.*/)?\\.\\.(/.*)?" value != null then 38 + "The given string \"${value}\" contains a `..` component, which is not allowed in subpaths" 39 + else null; 40 + 41 + # Split and normalise a relative path string into its components. 42 + # Error for ".." components and doesn't include "." components 43 + splitRelPath = path: 44 + let 45 + # Split the string into its parts using regex for efficiency. This regex 46 + # matches patterns like "/", "/./", "/././", with arbitrarily many "/"s 47 + # together. These are the main special cases: 48 + # - Leading "./" gets split into a leading "." part 49 + # - Trailing "/." or "/" get split into a trailing "." or "" 50 + # part respectively 51 + # 52 + # These are the only cases where "." and "" parts can occur 53 + parts = split "/+(\\./+)*" path; 54 + 55 + # `split` creates a list of 2 * k + 1 elements, containing the k + 56 + # 1 parts, interleaved with k matches where k is the number of 57 + # (non-overlapping) matches. This calculation here gets the number of parts 58 + # back from the list length 59 + # floor( (2 * k + 1) / 2 ) + 1 == floor( k + 1/2 ) + 1 == k + 1 60 + partCount = length parts / 2 + 1; 61 + 62 + # To assemble the final list of components we want to: 63 + # - Skip a potential leading ".", normalising "./foo" to "foo" 64 + # - Skip a potential trailing "." or "", normalising "foo/" and "foo/." to 65 + # "foo". See ./path.md#trailing-slashes 66 + skipStart = if head parts == "." then 1 else 0; 67 + skipEnd = if last parts == "." || last parts == "" then 1 else 0; 68 + 69 + # We can now know the length of the result by removing the number of 70 + # skipped parts from the total number 71 + componentCount = partCount - skipEnd - skipStart; 72 + 73 + in 74 + # Special case of a single "." path component. Such a case leaves a 75 + # componentCount of -1 due to the skipStart/skipEnd not verifying that 76 + # they don't refer to the same character 77 + if path == "." then [] 78 + 79 + # Generate the result list directly. This is more efficient than a 80 + # combination of `filter`, `init` and `tail`, because here we don't 81 + # allocate any intermediate lists 82 + else genList (index: 83 + # To get to the element we need to add the number of parts we skip and 84 + # multiply by two due to the interleaved layout of `parts` 85 + elemAt parts ((skipStart + index) * 2) 86 + ) componentCount; 87 + 88 + # Join relative path components together 89 + joinRelPath = components: 90 + # Always return relative paths with `./` as a prefix (./path.md#leading-dots-for-relative-paths) 91 + "./" + 92 + # An empty string is not a valid relative path, so we need to return a `.` when we have no components 93 + (if components == [] then "." else concatStringsSep "/" components); 94 + 95 + in /* No rec! Add dependencies on this file at the top. */ { 96 + 97 + 98 + /* Whether a value is a valid subpath string. 99 + 100 + - The value is a string 101 + 102 + - The string is not empty 103 + 104 + - The string doesn't start with a `/` 105 + 106 + - The string doesn't contain any `..` path components 107 + 108 + Type: 109 + subpath.isValid :: String -> Bool 110 + 111 + Example: 112 + # Not a string 113 + subpath.isValid null 114 + => false 115 + 116 + # Empty string 117 + subpath.isValid "" 118 + => false 119 + 120 + # Absolute path 121 + subpath.isValid "/foo" 122 + => false 123 + 124 + # Contains a `..` path component 125 + subpath.isValid "../foo" 126 + => false 127 + 128 + # Valid subpath 129 + subpath.isValid "foo/bar" 130 + => true 131 + 132 + # Doesn't need to be normalised 133 + subpath.isValid "./foo//bar/" 134 + => true 135 + */ 136 + subpath.isValid = value: 137 + subpathInvalidReason value == null; 138 + 139 + 140 + /* Normalise a subpath. Throw an error if the subpath isn't valid, see 141 + `lib.path.subpath.isValid` 142 + 143 + - Limit repeating `/` to a single one 144 + 145 + - Remove redundant `.` components 146 + 147 + - Remove trailing `/` and `/.` 148 + 149 + - Add leading `./` 150 + 151 + Laws: 152 + 153 + - (Idempotency) Normalising multiple times gives the same result: 154 + 155 + subpath.normalise (subpath.normalise p) == subpath.normalise p 156 + 157 + - (Uniqueness) There's only a single normalisation for the paths that lead to the same file system node: 158 + 159 + subpath.normalise p != subpath.normalise q -> $(realpath ${p}) != $(realpath ${q}) 160 + 161 + - Don't change the result when appended to a Nix path value: 162 + 163 + base + ("/" + p) == base + ("/" + subpath.normalise p) 164 + 165 + - Don't change the path according to `realpath`: 166 + 167 + $(realpath ${p}) == $(realpath ${subpath.normalise p}) 168 + 169 + - Only error on invalid subpaths: 170 + 171 + builtins.tryEval (subpath.normalise p)).success == subpath.isValid p 172 + 173 + Type: 174 + subpath.normalise :: String -> String 175 + 176 + Example: 177 + # limit repeating `/` to a single one 178 + subpath.normalise "foo//bar" 179 + => "./foo/bar" 180 + 181 + # remove redundant `.` components 182 + subpath.normalise "foo/./bar" 183 + => "./foo/bar" 184 + 185 + # add leading `./` 186 + subpath.normalise "foo/bar" 187 + => "./foo/bar" 188 + 189 + # remove trailing `/` 190 + subpath.normalise "foo/bar/" 191 + => "./foo/bar" 192 + 193 + # remove trailing `/.` 194 + subpath.normalise "foo/bar/." 195 + => "./foo/bar" 196 + 197 + # Return the current directory as `./.` 198 + subpath.normalise "." 199 + => "./." 200 + 201 + # error on `..` path components 202 + subpath.normalise "foo/../bar" 203 + => <error> 204 + 205 + # error on empty string 206 + subpath.normalise "" 207 + => <error> 208 + 209 + # error on absolute path 210 + subpath.normalise "/foo" 211 + => <error> 212 + */ 213 + subpath.normalise = path: 214 + assert assertMsg (subpathInvalidReason path == null) 215 + "lib.path.subpath.normalise: Argument is not a valid subpath string: ${subpathInvalidReason path}"; 216 + joinRelPath (splitRelPath path); 217 + 218 + }
+34
lib/path/tests/default.nix
···
··· 1 + { 2 + nixpkgs ? ../../.., 3 + system ? builtins.currentSystem, 4 + pkgs ? import nixpkgs { 5 + config = {}; 6 + overlays = []; 7 + inherit system; 8 + }, 9 + libpath ? ../.., 10 + # Random seed 11 + seed ? null, 12 + }: 13 + pkgs.runCommand "lib-path-tests" { 14 + nativeBuildInputs = with pkgs; [ 15 + nix 16 + jq 17 + bc 18 + ]; 19 + } '' 20 + # Needed to make Nix evaluation work 21 + export NIX_STATE_DIR=$(mktemp -d) 22 + 23 + cp -r ${libpath} lib 24 + export TEST_LIB=$PWD/lib 25 + 26 + echo "Running unit tests lib/path/tests/unit.nix" 27 + nix-instantiate --eval lib/path/tests/unit.nix \ 28 + --argstr libpath "$TEST_LIB" 29 + 30 + echo "Running property tests lib/path/tests/prop.sh" 31 + bash lib/path/tests/prop.sh ${toString seed} 32 + 33 + touch $out 34 + ''
+64
lib/path/tests/generate.awk
···
··· 1 + # Generate random path-like strings, separated by null characters. 2 + # 3 + # Invocation: 4 + # 5 + # awk -f ./generate.awk -v <variable>=<value> | tr '\0' '\n' 6 + # 7 + # Customizable variables (all default to 0): 8 + # - seed: Deterministic random seed to use for generation 9 + # - count: Number of paths to generate 10 + # - extradotweight: Give extra weight to dots being generated 11 + # - extraslashweight: Give extra weight to slashes being generated 12 + # - extranullweight: Give extra weight to null being generated, making paths shorter 13 + BEGIN { 14 + # Random seed, passed explicitly for reproducibility 15 + srand(seed) 16 + 17 + # Don't include special characters below 32 18 + minascii = 32 19 + # Don't include DEL at 128 20 + maxascii = 127 21 + upperascii = maxascii - minascii 22 + 23 + # add extra weight for ., in addition to the one weight from the ascii range 24 + upperdot = upperascii + extradotweight 25 + 26 + # add extra weight for /, in addition to the one weight from the ascii range 27 + upperslash = upperdot + extraslashweight 28 + 29 + # add extra weight for null, indicating the end of the string 30 + # Must be at least 1 to have strings end at all 31 + total = upperslash + 1 + extranullweight 32 + 33 + # new=1 indicates that it's a new string 34 + new=1 35 + while (count > 0) { 36 + 37 + # Random integer between [0, total) 38 + value = int(rand() * total) 39 + 40 + if (value < upperascii) { 41 + # Ascii range 42 + printf("%c", value + minascii) 43 + new=0 44 + 45 + } else if (value < upperdot) { 46 + # Dot range 47 + printf "." 48 + new=0 49 + 50 + } else if (value < upperslash) { 51 + # If it's the start of a new path, only generate a / in 10% of cases 52 + # This is always an invalid subpath, which is not a very interesting case 53 + if (new && rand() > 0.1) continue 54 + printf "/" 55 + 56 + } else { 57 + # Do not generate empty strings 58 + if (new) continue 59 + printf "\x00" 60 + count-- 61 + new=1 62 + } 63 + } 64 + }
+60
lib/path/tests/prop.nix
···
··· 1 + # Given a list of path-like strings, check some properties of the path library 2 + # using those paths and return a list of attribute sets of the following form: 3 + # 4 + # { <string> = <lib.path.subpath.normalise string>; } 5 + # 6 + # If `normalise` fails to evaluate, the attribute value is set to `""`. 7 + # If not, the resulting value is normalised again and an appropriate attribute set added to the output list. 8 + { 9 + # The path to the nixpkgs lib to use 10 + libpath, 11 + # A flat directory containing files with randomly-generated 12 + # path-like values 13 + dir, 14 + }: 15 + let 16 + lib = import libpath; 17 + 18 + # read each file into a string 19 + strings = map (name: 20 + builtins.readFile (dir + "/${name}") 21 + ) (builtins.attrNames (builtins.readDir dir)); 22 + 23 + inherit (lib.path.subpath) normalise isValid; 24 + inherit (lib.asserts) assertMsg; 25 + 26 + normaliseAndCheck = str: 27 + let 28 + originalValid = isValid str; 29 + 30 + tryOnce = builtins.tryEval (normalise str); 31 + tryTwice = builtins.tryEval (normalise tryOnce.value); 32 + 33 + absConcatOrig = /. + ("/" + str); 34 + absConcatNormalised = /. + ("/" + tryOnce.value); 35 + in 36 + # Check the lib.path.subpath.normalise property to only error on invalid subpaths 37 + assert assertMsg 38 + (originalValid -> tryOnce.success) 39 + "Even though string \"${str}\" is valid as a subpath, the normalisation for it failed"; 40 + assert assertMsg 41 + (! originalValid -> ! tryOnce.success) 42 + "Even though string \"${str}\" is invalid as a subpath, the normalisation for it succeeded"; 43 + 44 + # Check normalisation idempotency 45 + assert assertMsg 46 + (originalValid -> tryTwice.success) 47 + "For valid subpath \"${str}\", the normalisation \"${tryOnce.value}\" was not a valid subpath"; 48 + assert assertMsg 49 + (originalValid -> tryOnce.value == tryTwice.value) 50 + "For valid subpath \"${str}\", normalising it once gives \"${tryOnce.value}\" but normalising it twice gives a different result: \"${tryTwice.value}\""; 51 + 52 + # Check that normalisation doesn't change a string when appended to an absolute Nix path value 53 + assert assertMsg 54 + (originalValid -> absConcatOrig == absConcatNormalised) 55 + "For valid subpath \"${str}\", appending to an absolute Nix path value gives \"${absConcatOrig}\", but appending the normalised result \"${tryOnce.value}\" gives a different value \"${absConcatNormalised}\""; 56 + 57 + # Return an empty string when failed 58 + if tryOnce.success then tryOnce.value else ""; 59 + 60 + in lib.genAttrs strings normaliseAndCheck
+179
lib/path/tests/prop.sh
···
··· 1 + #!/usr/bin/env bash 2 + 3 + # Property tests for the `lib.path` library 4 + # 5 + # It generates random path-like strings and runs the functions on 6 + # them, checking that the expected laws of the functions hold 7 + 8 + set -euo pipefail 9 + shopt -s inherit_errexit 10 + 11 + # https://stackoverflow.com/a/246128 12 + SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) 13 + 14 + if test -z "${TEST_LIB:-}"; then 15 + TEST_LIB=$SCRIPT_DIR/../.. 16 + fi 17 + 18 + tmp="$(mktemp -d)" 19 + clean_up() { 20 + rm -rf "$tmp" 21 + } 22 + trap clean_up EXIT 23 + mkdir -p "$tmp/work" 24 + cd "$tmp/work" 25 + 26 + # Defaulting to a random seed but the first argument can override this 27 + seed=${1:-$RANDOM} 28 + echo >&2 "Using seed $seed, use \`lib/path/tests/prop.sh $seed\` to reproduce this result" 29 + 30 + # The number of random paths to generate. This specific number was chosen to 31 + # be fast enough while still generating enough variety to detect bugs. 32 + count=500 33 + 34 + debug=0 35 + # debug=1 # print some extra info 36 + # debug=2 # print generated values 37 + 38 + # Fine tuning parameters to balance the number of generated invalid paths 39 + # to the variance in generated paths. 40 + extradotweight=64 # Larger value: more dots 41 + extraslashweight=64 # Larger value: more slashes 42 + extranullweight=16 # Larger value: shorter strings 43 + 44 + die() { 45 + echo >&2 "test case failed: " "$@" 46 + exit 1 47 + } 48 + 49 + if [[ "$debug" -ge 1 ]]; then 50 + echo >&2 "Generating $count random path-like strings" 51 + fi 52 + 53 + # Read stream of null-terminated strings entry-by-entry into bash, 54 + # write it to a file and the `strings` array. 55 + declare -a strings=() 56 + mkdir -p "$tmp/strings" 57 + while IFS= read -r -d $'\0' str; do 58 + echo -n "$str" > "$tmp/strings/${#strings[@]}" 59 + strings+=("$str") 60 + done < <(awk \ 61 + -f "$SCRIPT_DIR"/generate.awk \ 62 + -v seed="$seed" \ 63 + -v count="$count" \ 64 + -v extradotweight="$extradotweight" \ 65 + -v extraslashweight="$extraslashweight" \ 66 + -v extranullweight="$extranullweight") 67 + 68 + if [[ "$debug" -ge 1 ]]; then 69 + echo >&2 "Trying to normalise the generated path-like strings with Nix" 70 + fi 71 + 72 + # Precalculate all normalisations with a single Nix call. Calling Nix for each 73 + # string individually would take way too long 74 + nix-instantiate --eval --strict --json \ 75 + --argstr libpath "$TEST_LIB" \ 76 + --argstr dir "$tmp/strings" \ 77 + "$SCRIPT_DIR"/prop.nix \ 78 + >"$tmp/result.json" 79 + 80 + # Uses some jq magic to turn the resulting attribute set into an associative 81 + # bash array assignment 82 + declare -A normalised_result="($(jq ' 83 + to_entries 84 + | map("[\(.key | @sh)]=\(.value | @sh)") 85 + | join(" \n")' -r < "$tmp/result.json"))" 86 + 87 + # Looks up a normalisation result for a string 88 + # Checks that the normalisation is only failing iff it's an invalid subpath 89 + # For valid subpaths, returns 0 and prints the normalisation result 90 + # For invalid subpaths, returns 1 91 + normalise() { 92 + local str=$1 93 + # Uses the same check for validity as in the library implementation 94 + if [[ "$str" == "" || "$str" == /* || "$str" =~ ^(.*/)?\.\.(/.*)?$ ]]; then 95 + valid= 96 + else 97 + valid=1 98 + fi 99 + 100 + normalised=${normalised_result[$str]} 101 + # An empty string indicates failure, this is encoded in ./prop.nix 102 + if [[ -n "$normalised" ]]; then 103 + if [[ -n "$valid" ]]; then 104 + echo "$normalised" 105 + else 106 + die "For invalid subpath \"$str\", lib.path.subpath.normalise returned this result: \"$normalised\"" 107 + fi 108 + else 109 + if [[ -n "$valid" ]]; then 110 + die "For valid subpath \"$str\", lib.path.subpath.normalise failed" 111 + else 112 + if [[ "$debug" -ge 2 ]]; then 113 + echo >&2 "String \"$str\" is not a valid subpath" 114 + fi 115 + # Invalid and it correctly failed, we let the caller continue if they catch the exit code 116 + return 1 117 + fi 118 + fi 119 + } 120 + 121 + # Intermediate result populated by test_idempotency_realpath 122 + # and used in test_normalise_uniqueness 123 + # 124 + # Contains a mapping from a normalised subpath to the realpath result it represents 125 + declare -A norm_to_real 126 + 127 + test_idempotency_realpath() { 128 + if [[ "$debug" -ge 1 ]]; then 129 + echo >&2 "Checking idempotency of each result and making sure the realpath result isn't changed" 130 + fi 131 + 132 + # Count invalid subpaths to display stats 133 + invalid=0 134 + for str in "${strings[@]}"; do 135 + if ! result=$(normalise "$str"); then 136 + ((invalid++)) || true 137 + continue 138 + fi 139 + 140 + # Check the law that it doesn't change the result of a realpath 141 + mkdir -p -- "$str" "$result" 142 + real_orig=$(realpath -- "$str") 143 + real_norm=$(realpath -- "$result") 144 + 145 + if [[ "$real_orig" != "$real_norm" ]]; then 146 + die "realpath of the original string \"$str\" (\"$real_orig\") is not the same as realpath of the normalisation \"$result\" (\"$real_norm\")" 147 + fi 148 + 149 + if [[ "$debug" -ge 2 ]]; then 150 + echo >&2 "String \"$str\" gets normalised to \"$result\" and file path \"$real_orig\"" 151 + fi 152 + norm_to_real["$result"]="$real_orig" 153 + done 154 + if [[ "$debug" -ge 1 ]]; then 155 + echo >&2 "$(bc <<< "scale=1; 100 / $count * $invalid")% of the total $count generated strings were invalid subpath strings, and were therefore ignored" 156 + fi 157 + } 158 + 159 + test_normalise_uniqueness() { 160 + if [[ "$debug" -ge 1 ]]; then 161 + echo >&2 "Checking for the uniqueness law" 162 + fi 163 + 164 + for norm_p in "${!norm_to_real[@]}"; do 165 + real_p=${norm_to_real["$norm_p"]} 166 + for norm_q in "${!norm_to_real[@]}"; do 167 + real_q=${norm_to_real["$norm_q"]} 168 + # Checks normalisation uniqueness law for each pair of values 169 + if [[ "$norm_p" != "$norm_q" && "$real_p" == "$real_q" ]]; then 170 + die "Normalisations \"$norm_p\" and \"$norm_q\" are different, but the realpath of them is the same: \"$real_p\"" 171 + fi 172 + done 173 + done 174 + } 175 + 176 + test_idempotency_realpath 177 + test_normalise_uniqueness 178 + 179 + echo >&2 tests ok
+125
lib/path/tests/unit.nix
···
··· 1 + # Unit tests for lib.path functions. Use `nix-build` in this directory to 2 + # run these 3 + { libpath }: 4 + let 5 + lib = import libpath; 6 + inherit (lib.path) subpath; 7 + 8 + cases = lib.runTests { 9 + testSubpathIsValidExample1 = { 10 + expr = subpath.isValid null; 11 + expected = false; 12 + }; 13 + testSubpathIsValidExample2 = { 14 + expr = subpath.isValid ""; 15 + expected = false; 16 + }; 17 + testSubpathIsValidExample3 = { 18 + expr = subpath.isValid "/foo"; 19 + expected = false; 20 + }; 21 + testSubpathIsValidExample4 = { 22 + expr = subpath.isValid "../foo"; 23 + expected = false; 24 + }; 25 + testSubpathIsValidExample5 = { 26 + expr = subpath.isValid "foo/bar"; 27 + expected = true; 28 + }; 29 + testSubpathIsValidExample6 = { 30 + expr = subpath.isValid "./foo//bar/"; 31 + expected = true; 32 + }; 33 + testSubpathIsValidTwoDotsEnd = { 34 + expr = subpath.isValid "foo/.."; 35 + expected = false; 36 + }; 37 + testSubpathIsValidTwoDotsMiddle = { 38 + expr = subpath.isValid "foo/../bar"; 39 + expected = false; 40 + }; 41 + testSubpathIsValidTwoDotsPrefix = { 42 + expr = subpath.isValid "..foo"; 43 + expected = true; 44 + }; 45 + testSubpathIsValidTwoDotsSuffix = { 46 + expr = subpath.isValid "foo.."; 47 + expected = true; 48 + }; 49 + testSubpathIsValidTwoDotsPrefixComponent = { 50 + expr = subpath.isValid "foo/..bar/baz"; 51 + expected = true; 52 + }; 53 + testSubpathIsValidTwoDotsSuffixComponent = { 54 + expr = subpath.isValid "foo/bar../baz"; 55 + expected = true; 56 + }; 57 + testSubpathIsValidThreeDots = { 58 + expr = subpath.isValid "..."; 59 + expected = true; 60 + }; 61 + testSubpathIsValidFourDots = { 62 + expr = subpath.isValid "...."; 63 + expected = true; 64 + }; 65 + testSubpathIsValidThreeDotsComponent = { 66 + expr = subpath.isValid "foo/.../bar"; 67 + expected = true; 68 + }; 69 + testSubpathIsValidFourDotsComponent = { 70 + expr = subpath.isValid "foo/..../bar"; 71 + expected = true; 72 + }; 73 + 74 + testSubpathNormaliseExample1 = { 75 + expr = subpath.normalise "foo//bar"; 76 + expected = "./foo/bar"; 77 + }; 78 + testSubpathNormaliseExample2 = { 79 + expr = subpath.normalise "foo/./bar"; 80 + expected = "./foo/bar"; 81 + }; 82 + testSubpathNormaliseExample3 = { 83 + expr = subpath.normalise "foo/bar"; 84 + expected = "./foo/bar"; 85 + }; 86 + testSubpathNormaliseExample4 = { 87 + expr = subpath.normalise "foo/bar/"; 88 + expected = "./foo/bar"; 89 + }; 90 + testSubpathNormaliseExample5 = { 91 + expr = subpath.normalise "foo/bar/."; 92 + expected = "./foo/bar"; 93 + }; 94 + testSubpathNormaliseExample6 = { 95 + expr = subpath.normalise "."; 96 + expected = "./."; 97 + }; 98 + testSubpathNormaliseExample7 = { 99 + expr = (builtins.tryEval (subpath.normalise "foo/../bar")).success; 100 + expected = false; 101 + }; 102 + testSubpathNormaliseExample8 = { 103 + expr = (builtins.tryEval (subpath.normalise "")).success; 104 + expected = false; 105 + }; 106 + testSubpathNormaliseExample9 = { 107 + expr = (builtins.tryEval (subpath.normalise "/foo")).success; 108 + expected = false; 109 + }; 110 + testSubpathNormaliseIsValidDots = { 111 + expr = subpath.normalise "./foo/.bar/.../baz...qux"; 112 + expected = "./foo/.bar/.../baz...qux"; 113 + }; 114 + testSubpathNormaliseWrongType = { 115 + expr = (builtins.tryEval (subpath.normalise null)).success; 116 + expected = false; 117 + }; 118 + testSubpathNormaliseTwoDots = { 119 + expr = (builtins.tryEval (subpath.normalise "..")).success; 120 + expected = false; 121 + }; 122 + }; 123 + in 124 + if cases == [] then "Unit tests successful" 125 + else throw "Path unit tests failed: ${lib.generators.toPretty {} cases}"
+3
lib/tests/release.nix
··· 15 inherit pkgs; 16 lib = import ../.; 17 }) 18 ]; 19 } '' 20 datadir="${pkgs.nix}/share"
··· 15 inherit pkgs; 16 lib = import ../.; 17 }) 18 + (import ../path/tests { 19 + inherit pkgs; 20 + }) 21 ]; 22 } '' 23 datadir="${pkgs.nix}/share"
+7
nixos/doc/manual/from_md/release-notes/rl-2305.section.xml
··· 360 </listitem> 361 <listitem> 362 <para> 363 The module <literal>services.headscale</literal> was 364 refactored to be compliant with 365 <link xlink:href="https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md">RFC
··· 360 </listitem> 361 <listitem> 362 <para> 363 + <literal>services.chronyd</literal> is now started with 364 + additional systemd sandbox/hardening options for better 365 + security. 366 + </para> 367 + </listitem> 368 + <listitem> 369 + <para> 370 The module <literal>services.headscale</literal> was 371 refactored to be compliant with 372 <link xlink:href="https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md">RFC
+2
nixos/doc/manual/release-notes/rl-2305.section.md
··· 98 99 And backup your data. 100 101 - The module `services.headscale` was refactored to be compliant with [RFC 0042](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md). To be precise, this means that the following things have changed: 102 103 - Most settings has been migrated under [services.headscale.settings](#opt-services.headscale.settings) which is an attribute-set that
··· 98 99 And backup your data. 100 101 + - `services.chronyd` is now started with additional systemd sandbox/hardening options for better security. 102 + 103 - The module `services.headscale` was refactored to be compliant with [RFC 0042](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md). To be precise, this means that the following things have changed: 104 105 - Most settings has been migrated under [services.headscale.settings](#opt-services.headscale.settings) which is an attribute-set that
+1 -1
nixos/modules/programs/gnupg.nix
··· 135 # The SSH agent protocol doesn't have support for changing TTYs; however we 136 # can simulate this with the `exec` feature of openssh (see ssh_config(5)) 137 # that hooks a command to the shell currently running the ssh program. 138 - Match host * exec "${cfg.package}/bin/gpg-connect-agent --quiet updatestartuptty /bye >/dev/null 2>&1" 139 ''; 140 141 environment.extraInit = mkIf cfg.agent.enableSSHSupport ''
··· 135 # The SSH agent protocol doesn't have support for changing TTYs; however we 136 # can simulate this with the `exec` feature of openssh (see ssh_config(5)) 137 # that hooks a command to the shell currently running the ssh program. 138 + Match host * exec "${pkgs.runtimeShell} -c '${cfg.package}/bin/gpg-connect-agent --quiet updatestartuptty /bye >/dev/null 2>&1'" 139 ''; 140 141 environment.extraInit = mkIf cfg.agent.enableSSHSupport ''
+25
nixos/modules/services/desktops/pipewire/daemon/jack.conf.json
··· 33 "actions": { 34 "update-props": {} 35 } 36 } 37 ] 38 }
··· 33 "actions": { 34 "update-props": {} 35 } 36 + }, 37 + { 38 + "matches": [ 39 + { 40 + "application.process.binary": "jack_bufsize" 41 + } 42 + ], 43 + "actions": { 44 + "update-props": { 45 + "jack.global-buffer-size": true 46 + } 47 + } 48 + }, 49 + { 50 + "matches": [ 51 + { 52 + "application.process.binary": "qsynth" 53 + } 54 + ], 55 + "actions": { 56 + "update-props": { 57 + "node.pause-on-idle": false, 58 + "node.passive": true 59 + } 60 + } 61 } 62 ] 63 }
+9 -6
nixos/modules/services/desktops/pipewire/daemon/pipewire-pulse.conf.json
··· 32 "args": {} 33 } 34 ], 35 - "context.exec": [ 36 { 37 - "path": "pactl", 38 - "args": "load-module module-always-sink" 39 } 40 ], 41 "stream.properties": {}, ··· 89 { 90 "matches": [ 91 { 92 - "application.name": "~speech-dispatcher*" 93 } 94 ], 95 "actions": { 96 "update-props": { 97 - "pulse.min.req": "1024/48000", 98 - "pulse.min.quantum": "1024/48000" 99 } 100 } 101 }
··· 32 "args": {} 33 } 34 ], 35 + "context.exec": [], 36 + "pulse.cmd": [ 37 { 38 + "cmd": "load-module", 39 + "args": "module-always-sink", 40 + "flags": [] 41 } 42 ], 43 "stream.properties": {}, ··· 91 { 92 "matches": [ 93 { 94 + "application.name": "~speech-dispatcher.*" 95 } 96 ], 97 "actions": { 98 "update-props": { 99 + "pulse.min.req": "512/48000", 100 + "pulse.min.quantum": "512/48000", 101 + "pulse.idle.timeout": 5 102 } 103 } 104 }
+8
nixos/modules/services/desktops/pipewire/daemon/pipewire.conf.json
··· 70 }, 71 { 72 "name": "libpipewire-module-session-manager" 73 } 74 ], 75 "context.objects": [
··· 70 }, 71 { 72 "name": "libpipewire-module-session-manager" 73 + }, 74 + { 75 + "name": "libpipewire-module-x11-bell", 76 + "args": {}, 77 + "flags": [ 78 + "ifexists", 79 + "nofail" 80 + ] 81 } 82 ], 83 "context.objects": [
+43 -11
nixos/modules/services/networking/ntp/chrony.nix
··· 147 systemd.services.systemd-timedated.environment = { SYSTEMD_TIMEDATED_NTP_SERVICES = "chronyd.service"; }; 148 149 systemd.tmpfiles.rules = [ 150 - "d ${stateDir} 0755 chrony chrony - -" 151 - "f ${driftFile} 0640 chrony chrony -" 152 - "f ${keyFile} 0640 chrony chrony -" 153 ]; 154 155 systemd.services.chronyd = ··· 164 path = [ chronyPkg ]; 165 166 unitConfig.ConditionCapability = "CAP_SYS_TIME"; 167 - serviceConfig = 168 - { Type = "simple"; 169 - ExecStart = "${chronyPkg}/bin/chronyd ${builtins.toString chronyFlags}"; 170 171 - ProtectHome = "yes"; 172 - ProtectSystem = "full"; 173 - PrivateTmp = "yes"; 174 - }; 175 - 176 }; 177 }; 178 }
··· 147 systemd.services.systemd-timedated.environment = { SYSTEMD_TIMEDATED_NTP_SERVICES = "chronyd.service"; }; 148 149 systemd.tmpfiles.rules = [ 150 + "d ${stateDir} 0750 chrony chrony - -" 151 + "f ${driftFile} 0640 chrony chrony - -" 152 + "f ${keyFile} 0640 chrony chrony - -" 153 ]; 154 155 systemd.services.chronyd = ··· 164 path = [ chronyPkg ]; 165 166 unitConfig.ConditionCapability = "CAP_SYS_TIME"; 167 + serviceConfig = { 168 + Type = "simple"; 169 + ExecStart = "${chronyPkg}/bin/chronyd ${builtins.toString chronyFlags}"; 170 171 + # Proc filesystem 172 + ProcSubset = "pid"; 173 + ProtectProc = "invisible"; 174 + # Access write directories 175 + ReadWritePaths = [ "${stateDir}" ]; 176 + UMask = "0027"; 177 + # Capabilities 178 + CapabilityBoundingSet = [ "CAP_CHOWN" "CAP_DAC_OVERRIDE" "CAP_NET_BIND_SERVICE" "CAP_SETGID" "CAP_SETUID" "CAP_SYS_RESOURCE" "CAP_SYS_TIME" ]; 179 + # Device Access 180 + DeviceAllow = [ "char-pps rw" "char-ptp rw" "char-rtc rw" ]; 181 + DevicePolicy = "closed"; 182 + # Security 183 + NoNewPrivileges = true; 184 + # Sandboxing 185 + ProtectSystem = "full"; 186 + ProtectHome = true; 187 + PrivateTmp = true; 188 + PrivateDevices = true; 189 + PrivateUsers = false; 190 + ProtectHostname = true; 191 + ProtectClock = false; 192 + ProtectKernelTunables = true; 193 + ProtectKernelModules = true; 194 + ProtectKernelLogs = true; 195 + ProtectControlGroups = true; 196 + RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" ]; 197 + RestrictNamespaces = true; 198 + LockPersonality = true; 199 + MemoryDenyWriteExecute = true; 200 + RestrictRealtime = true; 201 + RestrictSUIDSGID = true; 202 + RemoveIPC = true; 203 + PrivateMounts = true; 204 + # System Call Filtering 205 + SystemCallArchitectures = "native"; 206 + SystemCallFilter = [ "~@cpu-emulation @debug @keyring @mount @obsolete @privileged @resources" "@clock" "@setuid" "capset" "chown" ]; 207 + }; 208 }; 209 }; 210 }
+3 -2
nixos/modules/services/web-apps/snipe-it.nix
··· 454 455 # A placeholder file for invalid barcodes 456 invalid_barcode_location="${cfg.dataDir}/public/uploads/barcodes/invalid_barcode.gif" 457 - [ ! -e "$invalid_barcode_location" ] \ 458 - && cp ${snipe-it}/share/snipe-it/invalid_barcode.gif "$invalid_barcode_location" 459 ''; 460 }; 461
··· 454 455 # A placeholder file for invalid barcodes 456 invalid_barcode_location="${cfg.dataDir}/public/uploads/barcodes/invalid_barcode.gif" 457 + if [ ! -e "$invalid_barcode_location" ]; then 458 + cp ${snipe-it}/share/snipe-it/invalid_barcode.gif "$invalid_barcode_location" 459 + fi 460 ''; 461 }; 462
+8 -3
nixos/modules/services/x11/desktop-managers/plasma5.nix
··· 32 inherit (lib) 33 getBin optionalString literalExpression 34 mkRemovedOptionModule mkRenamedOptionModule 35 - mkDefault mkIf mkMerge mkOption types; 36 37 ini = pkgs.formats.ini { }; 38 ··· 198 example = literalExpression "[ pkgs.plasma5Packages.oxygen ]"; 199 }; 200 201 # Internally allows configuring kdeglobals globally 202 kdeglobals = mkOption { 203 internal = true; ··· 401 # Enable GTK applications to load SVG icons 402 services.xserver.gdk-pixbuf.modulePackages = [ pkgs.librsvg ]; 403 404 - fonts.fonts = with pkgs; [ noto-fonts hack-font ]; 405 fonts.fontconfig.defaultFonts = { 406 monospace = [ "Hack" "Noto Sans Mono" ]; 407 sansSerif = [ "Noto Sans" ]; ··· 545 } 546 { 547 # The user interface breaks without pulse 548 - assertion = config.hardware.pulseaudio.enable; 549 message = "Plasma Mobile requires pulseaudio."; 550 } 551 ];
··· 32 inherit (lib) 33 getBin optionalString literalExpression 34 mkRemovedOptionModule mkRenamedOptionModule 35 + mkDefault mkIf mkMerge mkOption mkPackageOption types; 36 37 ini = pkgs.formats.ini { }; 38 ··· 198 example = literalExpression "[ pkgs.plasma5Packages.oxygen ]"; 199 }; 200 201 + notoPackage = mkPackageOption pkgs "Noto fonts" { 202 + default = [ "noto-fonts" ]; 203 + example = "noto-fonts-lgc-plus"; 204 + }; 205 + 206 # Internally allows configuring kdeglobals globally 207 kdeglobals = mkOption { 208 internal = true; ··· 406 # Enable GTK applications to load SVG icons 407 services.xserver.gdk-pixbuf.modulePackages = [ pkgs.librsvg ]; 408 409 + fonts.fonts = with pkgs; [ cfg.notoPackage hack-font ]; 410 fonts.fontconfig.defaultFonts = { 411 monospace = [ "Hack" "Noto Sans Mono" ]; 412 sansSerif = [ "Noto Sans" ]; ··· 550 } 551 { 552 # The user interface breaks without pulse 553 + assertion = config.hardware.pulseaudio.enable || (config.services.pipewire.enable && config.services.pipewire.pulse.enable); 554 message = "Plasma Mobile requires pulseaudio."; 555 } 556 ];
+1 -2
nixos/modules/services/x11/window-managers/i3.nix
··· 31 type = types.package; 32 default = pkgs.i3; 33 defaultText = literalExpression "pkgs.i3"; 34 - example = literalExpression "pkgs.i3-gaps"; 35 description = lib.mdDoc '' 36 i3 package to use. 37 ''; ··· 73 74 imports = [ 75 (mkRemovedOptionModule [ "services" "xserver" "windowManager" "i3-gaps" "enable" ] 76 - "Use services.xserver.windowManager.i3.enable and set services.xserver.windowManager.i3.package to pkgs.i3-gaps to use i3-gaps.") 77 ]; 78 }
··· 31 type = types.package; 32 default = pkgs.i3; 33 defaultText = literalExpression "pkgs.i3"; 34 description = lib.mdDoc '' 35 i3 package to use. 36 ''; ··· 72 73 imports = [ 74 (mkRemovedOptionModule [ "services" "xserver" "windowManager" "i3-gaps" "enable" ] 75 + "i3-gaps was merged into i3. Use services.xserver.windowManager.i3.enable instead.") 76 ]; 77 }
+1 -5
nixos/modules/virtualisation/waydroid.nix
··· 56 57 wantedBy = [ "multi-user.target" ]; 58 59 - unitConfig = { 60 - ConditionPathExists = "/var/lib/waydroid/lxc/waydroid"; 61 - }; 62 - 63 serviceConfig = { 64 - ExecStart = "${pkgs.waydroid}/bin/waydroid container start"; 65 ExecStop = "${pkgs.waydroid}/bin/waydroid container stop"; 66 ExecStopPost = "${pkgs.waydroid}/bin/waydroid session stop"; 67 };
··· 56 57 wantedBy = [ "multi-user.target" ]; 58 59 serviceConfig = { 60 + ExecStart = "${pkgs.waydroid}/bin/waydroid -w container start"; 61 ExecStop = "${pkgs.waydroid}/bin/waydroid container stop"; 62 ExecStopPost = "${pkgs.waydroid}/bin/waydroid session stop"; 63 };
+3 -3
pkgs/applications/audio/spotifyd/default.nix
··· 9 10 rustPackages.rustPlatform.buildRustPackage rec { 11 pname = "spotifyd"; 12 - version = "0.3.3"; 13 14 src = fetchFromGitHub { 15 owner = "Spotifyd"; 16 repo = "spotifyd"; 17 rev = "v${version}"; 18 - sha256 = "1liql2wp7cx0x4ha1578wx3m4byd295m4ph268s05yw2wrnr3v6c"; 19 }; 20 21 - cargoSha256 = "1plvqd55d1gj0ydimv3154pwgj2sh1fqx2182nw8akzdfmzg1150"; 22 23 nativeBuildInputs = [ pkg-config ]; 24
··· 9 10 rustPackages.rustPlatform.buildRustPackage rec { 11 pname = "spotifyd"; 12 + version = "0.3.4"; 13 14 src = fetchFromGitHub { 15 owner = "Spotifyd"; 16 repo = "spotifyd"; 17 rev = "v${version}"; 18 + sha256 = "sha256-9zwHBDrdvE2R/cdrWgjsfHlm3wEZ9SB2VNcqezB/Op0="; 19 }; 20 21 + cargoSha256 = "sha256-fQm7imXpm5AcKdg0cU/Rf2mAeg2ebZKRisJZSnG0REI="; 22 23 nativeBuildInputs = [ pkg-config ]; 24
+2 -2
pkgs/applications/gis/saga/default.nix
··· 31 32 mkDerivation rec { 33 pname = "saga"; 34 - version = "8.4.0"; 35 36 src = fetchurl { 37 url = "mirror://sourceforge/saga-gis/SAGA%20-%20${lib.versions.major version}/SAGA%20-%20${version}/saga-${version}.tar.gz"; 38 - sha256 = "sha256-v6DPwV20fcsznrEaFJk0/ewU4z3cTjzYYuLkyMwSLV0="; 39 }; 40 41 sourceRoot = "saga-${version}/saga-gis";
··· 31 32 mkDerivation rec { 33 pname = "saga"; 34 + version = "8.5.0"; 35 36 src = fetchurl { 37 url = "mirror://sourceforge/saga-gis/SAGA%20-%20${lib.versions.major version}/SAGA%20-%20${version}/saga-${version}.tar.gz"; 38 + sha256 = "sha256-JzSuu1wGfCkxIDcTbP5jpHtJNvl8eAP3jznXvwSPeY0="; 39 }; 40 41 sourceRoot = "saga-${version}/saga-gis";
+4 -4
pkgs/applications/graphics/eyedropper/default.nix
··· 15 16 stdenv.mkDerivation rec { 17 pname = "eyedropper"; 18 - version = "0.4.0"; 19 20 src = fetchFromGitHub { 21 owner = "FineFindus"; 22 repo = pname; 23 - rev = version; 24 - hash = "sha256-bOpwHaFOoUlh+yyC1go6BeFxfJhUmwZPi6kYAqCagEI="; 25 }; 26 27 cargoDeps = rustPlatform.fetchCargoTarball { 28 inherit src; 29 name = "${pname}-${version}"; 30 - hash = "sha256-TkdOq+icU2zNbXzN6nbkXjL1o/Lfumqr/5S0pQaxY5Q="; 31 }; 32 33 nativeBuildInputs = [
··· 15 16 stdenv.mkDerivation rec { 17 pname = "eyedropper"; 18 + version = "0.5.0"; 19 20 src = fetchFromGitHub { 21 owner = "FineFindus"; 22 repo = pname; 23 + rev = "v${version}"; 24 + hash = "sha256-sDrMIryVFkjMGHbYvNDmKb1HyJNGb3Hd+muxUJKhogE="; 25 }; 26 27 cargoDeps = rustPlatform.fetchCargoTarball { 28 inherit src; 29 name = "${pname}-${version}"; 30 + hash = "sha256-mztc44hHdqzR3WbG6tkCL38EfgBajRLlpMC8ElpXnlo="; 31 }; 32 33 nativeBuildInputs = [
+2 -2
pkgs/applications/networking/flexget/default.nix
··· 5 6 python3Packages.buildPythonApplication rec { 7 pname = "flexget"; 8 - version = "3.5.13"; 9 format = "pyproject"; 10 11 # Fetch from GitHub in order to use `requirements.in` ··· 13 owner = "flexget"; 14 repo = "flexget"; 15 rev = "refs/tags/v${version}"; 16 - hash = "sha256-0yO4prnYJkD7eiyrEOPHlDTsgGgRhQujsp8k2FsLYKI="; 17 }; 18 19 postPatch = ''
··· 5 6 python3Packages.buildPythonApplication rec { 7 pname = "flexget"; 8 + version = "3.5.16"; 9 format = "pyproject"; 10 11 # Fetch from GitHub in order to use `requirements.in` ··· 13 owner = "flexget"; 14 repo = "flexget"; 15 rev = "refs/tags/v${version}"; 16 + hash = "sha256-9hcl7OZLi86hZHLotsN1QlPzQ1Ep5vJumAyZxSxxIE8="; 17 }; 18 19 postPatch = ''
+3 -3
pkgs/applications/networking/syncthing/default.nix
··· 4 common = { stname, target, postInstall ? "" }: 5 buildGoModule rec { 6 pname = stname; 7 - version = "1.22.2"; 8 9 src = fetchFromGitHub { 10 owner = "syncthing"; 11 repo = "syncthing"; 12 rev = "v${version}"; 13 - hash = "sha256-t1JIkUjSEshSm3Zi5Ck8IOmTv2tC0dUYyJvlKua/BcI="; 14 }; 15 16 - vendorSha256 = "sha256-UdzWD8I8ulPBXdF5wZQ7hQoVO9Bnj18Gw5t4wqolSPA="; 17 18 doCheck = false; 19
··· 4 common = { stname, target, postInstall ? "" }: 5 buildGoModule rec { 6 pname = stname; 7 + version = "1.23.0"; 8 9 src = fetchFromGitHub { 10 owner = "syncthing"; 11 repo = "syncthing"; 12 rev = "v${version}"; 13 + hash = "sha256-Z4YVU45na4BgIbN/IlORpTCuf2EuSuOyppDRzswn3EI="; 14 }; 15 16 + vendorHash = "sha256-q63iaRxJRvPY0Np20O6JmdMEjSg/kxRneBfs8fRTwXk="; 17 18 doCheck = false; 19
+7
pkgs/applications/office/ledger/default.nix
··· 41 sha256 = "sha256-vwVQnY9EUCXPzhDJ4PSOmQStb9eF6H0yAOiEmL6sAlk="; 42 excludes = [ "doc/NEWS.md" ]; 43 }) 44 ]; 45 46 installTargets = [ "doc" "install" ];
··· 41 sha256 = "sha256-vwVQnY9EUCXPzhDJ4PSOmQStb9eF6H0yAOiEmL6sAlk="; 42 excludes = [ "doc/NEWS.md" ]; 43 }) 44 + 45 + # Fix included bug with boost >= 1.76. Remove with the next release 46 + (fetchpatch { 47 + url = "https://github.com/ledger/ledger/commit/1cb9b84fdecc5604bd1172cdd781859ff3871a52.patch"; 48 + sha256 = "sha256-ipVkRcTmnEvpfyPgMzLVJ9Sz8QxHeCURQI5dX8xh758="; 49 + excludes = [ "test/regress/*" ]; 50 + }) 51 ]; 52 53 installTargets = [ "doc" "install" ];
+2 -2
pkgs/applications/science/electronics/dataexplorer/default.nix
··· 8 9 stdenv.mkDerivation rec { 10 pname = "dataexplorer"; 11 - version = "3.7.3"; 12 13 src = fetchurl { 14 url = "mirror://savannah/dataexplorer/dataexplorer-${version}-src.tar.gz"; 15 - sha256 = "sha256-cqvlPV4i9m0x3hbruC5y2APsyjfI5y9RT8XVzsDaT/Q="; 16 }; 17 18 nativeBuildInputs = [ ant makeWrapper ];
··· 8 9 stdenv.mkDerivation rec { 10 pname = "dataexplorer"; 11 + version = "3.7.4"; 12 13 src = fetchurl { 14 url = "mirror://savannah/dataexplorer/dataexplorer-${version}-src.tar.gz"; 15 + sha256 = "sha256-bghI7Hun7ZKUVEj7T58K0oaclnhUGd4z+eIqZF3eXHQ="; 16 }; 17 18 nativeBuildInputs = [ ant makeWrapper ];
+86
pkgs/applications/version-management/deepgit/default.nix
···
··· 1 + { copyDesktopItems 2 + , fetchurl 3 + , glib 4 + , gnome 5 + , gtk3 6 + , jre 7 + , lib 8 + , makeDesktopItem 9 + , stdenv 10 + , wrapGAppsHook 11 + }: 12 + 13 + stdenv.mkDerivation rec { 14 + pname = "deepgit"; 15 + version = "4.3"; 16 + 17 + src = fetchurl { 18 + url = "https://www.syntevo.com/downloads/deepgit/deepgit-linux-${lib.replaceStrings [ "." ] [ "_" ] version}.tar.gz"; 19 + hash = "sha256-bA/EySZjuSDYaZplwHcpeP1VakcnG5K1hYTk7cSVbz0="; 20 + }; 21 + 22 + nativeBuildInputs = [ 23 + copyDesktopItems 24 + wrapGAppsHook 25 + ]; 26 + 27 + buildInputs = [ 28 + gnome.adwaita-icon-theme 29 + gtk3 30 + jre 31 + ]; 32 + 33 + preFixup = '' 34 + gappsWrapperArgs+=( 35 + --prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath [ glib gtk3 ]} 36 + --set DEEPGIT_JAVA_HOME ${jre} 37 + ) 38 + patchShebangs bin/deepgit.sh 39 + ''; 40 + 41 + desktopItems = [(makeDesktopItem rec { 42 + name = pname; 43 + desktopName = "DeepGit"; 44 + keywords = [ "git" ]; 45 + comment = "Git-Client"; 46 + categories = [ 47 + "Development" 48 + "RevisionControl" 49 + ]; 50 + terminal = false; 51 + startupNotify = true; 52 + startupWMClass = desktopName; 53 + exec = pname; 54 + mimeTypes = [ 55 + "x-scheme-handler/${pname}" 56 + "x-scheme-handler/sourcetree" 57 + ]; 58 + icon = pname; 59 + })]; 60 + 61 + installPhase = '' 62 + runHook preInstall 63 + 64 + mkdir -pv $out/{bin,share/icons/hicolor/scalable/apps/} 65 + cp -a lib license.html $out 66 + mv bin/deepgit.sh $out/bin/deepgit 67 + 68 + for icon_size in 32 48 64 128 256; do 69 + path=$icon_size'x'$icon_size 70 + icon=bin/deepgit-$icon_size.png 71 + mkdir -p $out/share/icons/hicolor/$path/apps 72 + cp $icon $out/share/icons/hicolor/$path/apps/deepgit.png 73 + done 74 + 75 + runHook postInstall 76 + ''; 77 + 78 + meta = with lib; { 79 + description = "A tool to investigate the history of source code"; 80 + homepage = "https://www.syntevo.com/deepgit"; 81 + changelog = "https://www.syntevo.com/deepgit/changelog.txt"; 82 + license = licenses.unfree; 83 + maintainers = with maintainers; [ urandom ]; 84 + platforms = platforms.linux; 85 + }; 86 + }
+2 -2
pkgs/applications/window-managers/i3/default.nix
··· 7 8 stdenv.mkDerivation rec { 9 pname = "i3"; 10 - version = "4.21.1"; 11 12 src = fetchurl { 13 url = "https://i3wm.org/downloads/${pname}-${version}.tar.xz"; 14 - sha256 = "sha256-7f14EoXGVKBdxtsnLOAwDEQo5vvYddmZZOV94ltBvB4="; 15 }; 16 17 nativeBuildInputs = [
··· 7 8 stdenv.mkDerivation rec { 9 pname = "i3"; 10 + version = "4.22"; 11 12 src = fetchurl { 13 url = "https://i3wm.org/downloads/${pname}-${version}.tar.xz"; 14 + sha256 = "sha256-KGOZEeWdlWOfCSZCqYL14d6lkiUMK1zpjtoQCDNRPks="; 15 }; 16 17 nativeBuildInputs = [
-29
pkgs/applications/window-managers/i3/gaps.nix
··· 1 - { fetchFromGitHub, lib, i3 }: 2 - 3 - i3.overrideAttrs (oldAttrs : rec { 4 - pname = "i3-gaps"; 5 - version = "4.21.1"; 6 - 7 - src = fetchFromGitHub { 8 - owner = "Airblader"; 9 - repo = "i3"; 10 - rev = version; 11 - sha256 = "sha256-+JxJjvzEuAA4CH+gufzAzIqd5BSvHtPvLm2zTfXc/xk="; 12 - }; 13 - 14 - meta = with lib; { 15 - description = "A fork of the i3 tiling window manager with some additional features"; 16 - homepage = "https://github.com/Airblader/i3"; 17 - maintainers = with maintainers; [ fmthoma ]; 18 - license = licenses.bsd3; 19 - platforms = platforms.linux ++ platforms.netbsd ++ platforms.openbsd; 20 - 21 - longDescription = '' 22 - Fork of i3wm, a tiling window manager primarily targeted at advanced users 23 - and developers. Based on a tree as data structure, supports tiling, 24 - stacking, and tabbing layouts, handled dynamically, as well as floating 25 - windows. This fork adds a few features such as gaps between windows. 26 - Configured via plain text file. Multi-monitor. UTF-8 clean. 27 - ''; 28 - }; 29 - })
···
+115 -76
pkgs/data/fonts/noto-fonts/default.nix
··· 11 , imagemagick 12 , zopfli 13 , buildPackages 14 }: 15 - 16 let 17 - mkNoto = { pname, weights }: 18 - stdenvNoCC.mkDerivation { 19 inherit pname; 20 - version = "2020-01-23"; 21 22 src = fetchFromGitHub { 23 owner = "googlefonts"; 24 repo = "noto-fonts"; 25 - rev = "f4726a2ec36169abd02a6d8abe67c8ff0236f6d8"; 26 - sha256 = "0zc1r7zph62qmvzxqfflsprazjf6x1qnwc2ma27kyzh6v36gaykw"; 27 }; 28 29 installPhase = '' 30 # We copy in reverse preference order -- unhinted first, then ··· 33 # 34 # TODO: install OpenType, variable versions? 35 local out_ttf=$out/share/fonts/truetype/noto 36 - install -m444 -Dt $out_ttf phaseIII_only/unhinted/ttf/*/*-${weights}.ttf 37 - install -m444 -Dt $out_ttf phaseIII_only/hinted/ttf/*/*-${weights}.ttf 38 - install -m444 -Dt $out_ttf unhinted/*/*-${weights}.ttf 39 - install -m444 -Dt $out_ttf hinted/*/*-${weights}.ttf 40 - ''; 41 42 meta = with lib; { 43 description = "Beautiful and free fonts for many languages"; 44 homepage = "https://www.google.com/get/noto/"; 45 - longDescription = 46 - '' 47 - When text is rendered by a computer, sometimes characters are 48 - displayed as “tofu”. They are little boxes to indicate your device 49 - doesn’t have a font to display the text. 50 - 51 - Google has been developing a font family called Noto, which aims to 52 - support all languages with a harmonious look and feel. Noto is 53 - Google’s answer to tofu. The name noto is to convey the idea that 54 - Google’s goal is to see “no more tofu”. Noto has multiple styles and 55 - weights, and freely available to all. 56 - 57 - This package also includes the Arimo, Cousine, and Tinos fonts. 58 - ''; 59 license = licenses.ofl; 60 platforms = platforms.all; 61 maintainers = with maintainers; [ mathnerd314 emily ]; ··· 100 maintainers = with maintainers; [ mathnerd314 emily ]; 101 }; 102 }; 103 - in 104 105 - { 106 noto-fonts = mkNoto { 107 pname = "noto-fonts"; 108 weights = "{Regular,Bold,Light,Italic,BoldItalic,LightItalic}"; 109 }; 110 111 noto-fonts-extra = mkNoto { 112 pname = "noto-fonts-extra"; 113 weights = "{Black,Condensed,Extra,Medium,Semi,Thin}*"; ··· 127 sha256 = "sha256-1w66Ge7DZjbONGhxSz69uFhfsjMsDiDkrGl6NsoB7dY="; 128 }; 129 130 - noto-fonts-emoji = let 131 - version = "2.038"; 132 - emojiPythonEnv = 133 - buildPackages.python3.withPackages (p: with p; [ fonttools nototools ]); 134 - in stdenvNoCC.mkDerivation { 135 - pname = "noto-fonts-emoji"; 136 - inherit version; 137 138 - src = fetchFromGitHub { 139 - owner = "googlefonts"; 140 - repo = "noto-emoji"; 141 - rev = "v${version}"; 142 - sha256 = "1rgmcc6nqq805iqr8kvxxlk5cf50q714xaxk3ld6rjrd69kb8ix9"; 143 - }; 144 145 - depsBuildBuild = [ 146 - buildPackages.stdenv.cc 147 - pkg-config 148 - cairo 149 - ]; 150 151 - nativeBuildInputs = [ 152 - imagemagick 153 - zopfli 154 - pngquant 155 - which 156 - emojiPythonEnv 157 - ]; 158 159 - postPatch = '' 160 - patchShebangs *.py 161 - patchShebangs third_party/color_emoji/*.py 162 - # remove check for virtualenv, since we handle 163 - # python requirements using python.withPackages 164 - sed -i '/ifndef VIRTUAL_ENV/,+2d' Makefile 165 166 - # Make the build verbose so it won't get culled by Hydra thinking that 167 - # it somehow got stuck doing nothing. 168 - sed -i 's;\t@;\t;' Makefile 169 - ''; 170 171 - enableParallelBuilding = true; 172 173 - installPhase = '' 174 - runHook preInstall 175 - mkdir -p $out/share/fonts/noto 176 - cp NotoColorEmoji.ttf $out/share/fonts/noto 177 - runHook postInstall 178 - ''; 179 180 - meta = with lib; { 181 - description = "Color and Black-and-White emoji fonts"; 182 - homepage = "https://github.com/googlefonts/noto-emoji"; 183 - license = with licenses; [ ofl asl20 ]; 184 - platforms = platforms.all; 185 - maintainers = with maintainers; [ mathnerd314 sternenseemann ]; 186 }; 187 - }; 188 189 noto-fonts-emoji-blob-bin = 190 let
··· 11 , imagemagick 12 , zopfli 13 , buildPackages 14 + , variants ? [ ] 15 }: 16 let 17 + notoLongDescription = '' 18 + When text is rendered by a computer, sometimes characters are 19 + displayed as “tofu”. They are little boxes to indicate your device 20 + doesn’t have a font to display the text. 21 + 22 + Google has been developing a font family called Noto, which aims to 23 + support all languages with a harmonious look and feel. Noto is 24 + Google’s answer to tofu. The name noto is to convey the idea that 25 + Google’s goal is to see “no more tofu”. Noto has multiple styles and 26 + weights, and freely available to all. 27 + 28 + This package also includes the Arimo, Cousine, and Tinos fonts. 29 + ''; 30 + in 31 + rec { 32 + mkNoto = 33 + { pname 34 + , weights 35 + , variants ? [ ] 36 + , longDescription ? notoLongDescription 37 + }: 38 + stdenvNoCC.mkDerivation rec { 39 inherit pname; 40 + version = "20201206-phase3"; 41 42 src = fetchFromGitHub { 43 owner = "googlefonts"; 44 repo = "noto-fonts"; 45 + rev = "v${version}"; 46 + hash = "sha256-x60RvCRFLoGe0CNvswROnDkIsUFbWH+/laN8q2qkUPk="; 47 }; 48 + 49 + _variants = map (variant: builtins.replaceStrings [ " " ] [ "" ] variant) variants; 50 51 installPhase = '' 52 # We copy in reverse preference order -- unhinted first, then ··· 55 # 56 # TODO: install OpenType, variable versions? 57 local out_ttf=$out/share/fonts/truetype/noto 58 + '' + (if _variants == [ ] then '' 59 + install -m444 -Dt $out_ttf archive/unhinted/*/*-${weights}.ttf 60 + install -m444 -Dt $out_ttf archive/hinted/*/*-${weights}.ttf 61 + install -m444 -Dt $out_ttf unhinted/*/*/*-${weights}.ttf 62 + install -m444 -Dt $out_ttf hinted/*/*/*-${weights}.ttf 63 + '' else '' 64 + for variant in $_variants; do 65 + install -m444 -Dt $out_ttf archive/unhinted/$variant/*-${weights}.ttf 66 + install -m444 -Dt $out_ttf archive/hinted/$variant/*-${weights}.ttf 67 + install -m444 -Dt $out_ttf unhinted/*/$variant/*-${weights}.ttf 68 + install -m444 -Dt $out_ttf hinted/*/$variant/*-${weights}.ttf 69 + done 70 + ''); 71 72 meta = with lib; { 73 description = "Beautiful and free fonts for many languages"; 74 homepage = "https://www.google.com/get/noto/"; 75 + inherit longDescription; 76 license = licenses.ofl; 77 platforms = platforms.all; 78 maintainers = with maintainers; [ mathnerd314 emily ]; ··· 117 maintainers = with maintainers; [ mathnerd314 emily ]; 118 }; 119 }; 120 121 noto-fonts = mkNoto { 122 pname = "noto-fonts"; 123 weights = "{Regular,Bold,Light,Italic,BoldItalic,LightItalic}"; 124 }; 125 126 + noto-fonts-lgc-plus = mkNoto { 127 + pname = "noto-fonts-lgc-plus"; 128 + weights = "{Regular,Bold,Light,Italic,BoldItalic,LightItalic}"; 129 + variants = [ 130 + "Noto Sans" 131 + "Noto Serif" 132 + "Noto Sans Display" 133 + "Noto Serif Display" 134 + "Noto Sans Mono" 135 + "Noto Music" 136 + "Noto Sans Symbols" 137 + "Noto Sans Symbols 2" 138 + "Noto Sans Math" 139 + ]; 140 + longDescription = '' 141 + This package provides the Noto Fonts, but only for latin, greek 142 + and cyrillic scripts, as well as some extra fonts. To create a 143 + custom Noto package with custom variants, see the `mkNoto` 144 + helper function. 145 + ''; 146 + }; 147 + 148 noto-fonts-extra = mkNoto { 149 pname = "noto-fonts-extra"; 150 weights = "{Black,Condensed,Extra,Medium,Semi,Thin}*"; ··· 164 sha256 = "sha256-1w66Ge7DZjbONGhxSz69uFhfsjMsDiDkrGl6NsoB7dY="; 165 }; 166 167 + noto-fonts-emoji = 168 + let 169 + version = "2.038"; 170 + emojiPythonEnv = 171 + buildPackages.python3.withPackages (p: with p; [ fonttools nototools ]); 172 + in 173 + stdenvNoCC.mkDerivation { 174 + pname = "noto-fonts-emoji"; 175 + inherit version; 176 177 + src = fetchFromGitHub { 178 + owner = "googlefonts"; 179 + repo = "noto-emoji"; 180 + rev = "v${version}"; 181 + sha256 = "1rgmcc6nqq805iqr8kvxxlk5cf50q714xaxk3ld6rjrd69kb8ix9"; 182 + }; 183 184 + depsBuildBuild = [ 185 + buildPackages.stdenv.cc 186 + pkg-config 187 + cairo 188 + ]; 189 190 + nativeBuildInputs = [ 191 + imagemagick 192 + zopfli 193 + pngquant 194 + which 195 + emojiPythonEnv 196 + ]; 197 198 + postPatch = '' 199 + patchShebangs *.py 200 + patchShebangs third_party/color_emoji/*.py 201 + # remove check for virtualenv, since we handle 202 + # python requirements using python.withPackages 203 + sed -i '/ifndef VIRTUAL_ENV/,+2d' Makefile 204 205 + # Make the build verbose so it won't get culled by Hydra thinking that 206 + # it somehow got stuck doing nothing. 207 + sed -i 's;\t@;\t;' Makefile 208 + ''; 209 210 + enableParallelBuilding = true; 211 212 + installPhase = '' 213 + runHook preInstall 214 + mkdir -p $out/share/fonts/noto 215 + cp NotoColorEmoji.ttf $out/share/fonts/noto 216 + runHook postInstall 217 + ''; 218 219 + meta = with lib; { 220 + description = "Color and Black-and-White emoji fonts"; 221 + homepage = "https://github.com/googlefonts/noto-emoji"; 222 + license = with licenses; [ ofl asl20 ]; 223 + platforms = platforms.all; 224 + maintainers = with maintainers; [ mathnerd314 sternenseemann ]; 225 + }; 226 }; 227 228 noto-fonts-emoji-blob-bin = 229 let
+52
pkgs/development/compilers/gcc-arm-embedded/12/default.nix
···
··· 1 + { lib 2 + , stdenv 3 + , fetchurl 4 + , ncurses5 5 + , python38 6 + }: 7 + 8 + stdenv.mkDerivation rec { 9 + pname = "gcc-arm-embedded"; 10 + version = "12.2.rel1"; 11 + 12 + platform = { 13 + aarch64-linux = "aarch64"; 14 + x86_64-darwin = "darwin-x86_64"; 15 + x86_64-linux = "x86_64"; 16 + }.${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}"); 17 + 18 + src = fetchurl { 19 + url = "https://developer.arm.com/-/media/Files/downloads/gnu/${version}/binrel/arm-gnu-toolchain-${version}-${platform}-arm-none-eabi.tar.xz"; 20 + sha256 = { 21 + aarch64-linux = "131ydgndff7dyhkivfchbk43lv3cv2p172knkqilx64aapvk5qvy"; 22 + x86_64-darwin = "00i9gd1ny00681pwinh6ng9x45xsyrnwc6hm2vr348z9gasyxh00"; 23 + x86_64-linux = "0rv8r5zh0a5621v0xygxi8f6932qgwinw2s9vnniasp9z7897gl4"; 24 + }.${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}"); 25 + }; 26 + 27 + dontConfigure = true; 28 + dontBuild = true; 29 + dontPatchELF = true; 30 + dontStrip = true; 31 + 32 + installPhase = '' 33 + mkdir -p $out 34 + cp -r * $out 35 + ''; 36 + 37 + preFixup = '' 38 + find $out -type f | while read f; do 39 + patchelf "$f" > /dev/null 2>&1 || continue 40 + patchelf --set-interpreter $(cat ${stdenv.cc}/nix-support/dynamic-linker) "$f" || true 41 + patchelf --set-rpath ${lib.makeLibraryPath [ "$out" stdenv.cc.cc ncurses5 python38 ]} "$f" || true 42 + done 43 + ''; 44 + 45 + meta = with lib; { 46 + description = "Pre-built GNU toolchain from ARM Cortex-M & Cortex-R processors"; 47 + homepage = "https://developer.arm.com/open-source/gnu-toolchain/gnu-rm"; 48 + license = with licenses; [ bsd2 gpl2 gpl3 lgpl21 lgpl3 mit ]; 49 + maintainers = with maintainers; [ prusnak ]; 50 + platforms = [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" ]; 51 + }; 52 + }
+4 -3
pkgs/development/compilers/ispc/default.nix
··· 2 , cmake, which, m4, python3, bison, flex, llvmPackages, ncurses 3 4 # the default test target is sse4, but that is not supported by all Hydra agents 5 - , testedTargets ? [ "sse2-i32x4" ] 6 }: 7 8 stdenv.mkDerivation rec { ··· 58 "-DCLANGPP_EXECUTABLE=${llvmPackages.clang}/bin/clang++" 59 "-DISPC_INCLUDE_EXAMPLES=OFF" 60 "-DISPC_INCLUDE_UTILS=OFF" 61 - "-DARM_ENABLED=FALSE" 62 ]; 63 64 meta = with lib; { 65 homepage = "https://ispc.github.io/"; 66 description = "Intel 'Single Program, Multiple Data' Compiler, a vectorised language"; 67 license = licenses.bsd3; 68 - platforms = [ "x86_64-linux" "x86_64-darwin" ]; # TODO: buildable on more platforms? 69 maintainers = with maintainers; [ aristid thoughtpolice athas ]; 70 }; 71 }
··· 2 , cmake, which, m4, python3, bison, flex, llvmPackages, ncurses 3 4 # the default test target is sse4, but that is not supported by all Hydra agents 5 + , testedTargets ? if stdenv.isAarch64 || stdenv.isAarch32 then [ "neon-i32x4" ] else [ "sse2-i32x4" ] 6 }: 7 8 stdenv.mkDerivation rec { ··· 58 "-DCLANGPP_EXECUTABLE=${llvmPackages.clang}/bin/clang++" 59 "-DISPC_INCLUDE_EXAMPLES=OFF" 60 "-DISPC_INCLUDE_UTILS=OFF" 61 + ("-DARM_ENABLED=" + (if stdenv.isAarch64 || stdenv.isAarch32 then "TRUE" else "FALSE")) 62 + ("-DX86_ENABLED=" + (if stdenv.isx86_64 || stdenv.isx86_32 then "TRUE" else "FALSE")) 63 ]; 64 65 meta = with lib; { 66 homepage = "https://ispc.github.io/"; 67 description = "Intel 'Single Program, Multiple Data' Compiler, a vectorised language"; 68 license = licenses.bsd3; 69 + platforms = [ "x86_64-linux" "x86_64-darwin" "aarch64-linux" "aarch64-darwin" ]; # TODO: buildable on more platforms? 70 maintainers = with maintainers; [ aristid thoughtpolice athas ]; 71 }; 72 }
+1 -1
pkgs/development/compilers/julia/1.8.nix
··· 54 # https://github.com/JuliaCI/julia-buildbot/blob/master/master/inventory.py 55 "JULIA_CPU_TARGET=generic;sandybridge,-xsaveopt,clone_all;haswell,-rdrnd,base(1)" 56 ] ++ lib.optionals stdenv.isAarch64 [ 57 - "JULIA_CPU_TERGET=generic;cortex-a57;thunderx2t99;armv8.2-a,crypto,fullfp16,lse,rdm" 58 ]; 59 60 # remove forbidden reference to $TMPDIR
··· 54 # https://github.com/JuliaCI/julia-buildbot/blob/master/master/inventory.py 55 "JULIA_CPU_TARGET=generic;sandybridge,-xsaveopt,clone_all;haswell,-rdrnd,base(1)" 56 ] ++ lib.optionals stdenv.isAarch64 [ 57 + "JULIA_CPU_TARGET=generic;cortex-a57;thunderx2t99;armv8.2-a,crypto,fullfp16,lse,rdm" 58 ]; 59 60 # remove forbidden reference to $TMPDIR
+1 -1
pkgs/development/interpreters/ruby/default.nix
··· 260 inherit lib stdenv makeWrapper buildRubyGem buildEnv; 261 gemConfig = defaultGemConfig; 262 ruby = self; 263 - }) withPackages gems; 264 265 } // lib.optionalAttrs useBaseRuby { 266 inherit baseRuby;
··· 260 inherit lib stdenv makeWrapper buildRubyGem buildEnv; 261 gemConfig = defaultGemConfig; 262 ruby = self; 263 + }) withPackages buildGems gems; 264 265 } // lib.optionalAttrs useBaseRuby { 266 inherit baseRuby;
+2 -5
pkgs/development/libraries/ada/spark2014/default.nix
··· 5 , gnatcoll-core 6 , gprbuild 7 , python3 8 - , why3 9 , ocaml 10 , ocamlPackages 11 , makeWrapper ··· 53 make setup 54 ''; 55 56 - postInstall = '' 57 cp -a ./install/. $out 58 - # help gnatprove to locate why3server 59 - wrapProgram "$out/bin/gnatprove" \ 60 - --prefix PATH : "${why3}/lib/why3" 61 ''; 62 63 meta = with lib; {
··· 5 , gnatcoll-core 6 , gprbuild 7 , python3 8 , ocaml 9 , ocamlPackages 10 , makeWrapper ··· 52 make setup 53 ''; 54 55 + installPhase = '' 56 + make install-all 57 cp -a ./install/. $out 58 ''; 59 60 meta = with lib; {
+12 -12
pkgs/development/libraries/libmilter/darwin.patch
··· 13 define(`confLDOPTS', `${Extra_LD_Flags}') 14 --- a/sendmail/sendmail.h 2020-05-18 14:51:17.000000000 +0200 15 +++ b/sendmail/sendmail.h 2020-05-18 14:51:00.000000000 +0200 16 - @@ -104,7 +104,11 @@ 17 - # endif /* NETX25 */ 18 19 - # if NAMED_BIND 20 - -# include <arpa/nameser.h> 21 - +# ifdef __APPLE__ 22 - +# include <arpa/nameser_compat.h> 23 - +# else 24 - +# include <arpa/nameser.h> 25 - +# endif 26 - # ifdef NOERROR 27 - # undef NOERROR /* avoid <sys/streams.h> conflict */ 28 - # endif /* NOERROR */
··· 13 define(`confLDOPTS', `${Extra_LD_Flags}') 14 --- a/sendmail/sendmail.h 2020-05-18 14:51:17.000000000 +0200 15 +++ b/sendmail/sendmail.h 2020-05-18 14:51:00.000000000 +0200 16 + @@ -122,7 +122,11 @@ 17 + # endif 18 19 + #if NAMED_BIND 20 + -# include <arpa/nameser.h> 21 + +# ifdef __APPLE__ 22 + +# include <arpa/nameser_compat.h> 23 + +# else 24 + +# include <arpa/nameser.h> 25 + +# endif 26 + # ifdef NOERROR 27 + # undef NOERROR /* avoid <sys/streams.h> conflict */ 28 + # endif
+3 -3
pkgs/development/libraries/libmilter/default.nix
··· 2 3 stdenv.mkDerivation rec { 4 pname = "libmilter"; 5 - version = "8.15.2"; 6 7 src = fetchurl { 8 url = "ftp://ftp.sendmail.org/pub/sendmail/sendmail.${version}.tar.gz"; 9 - sha256 = "0fdl9ndmspqspdlmghzxlaqk56j3yajk52d7jxcg21b7sxglpy94"; 10 }; 11 12 buildPhase = '' ··· 32 sh Build -f ./a.m4 33 ''; 34 35 - patches = [ ./install.patch ./sharedlib.patch ./glibc-2.30.patch ./darwin.patch ]; 36 37 nativeBuildInputs = [ m4 ] ++ lib.optional stdenv.isDarwin fixDarwinDylibNames; 38
··· 2 3 stdenv.mkDerivation rec { 4 pname = "libmilter"; 5 + version = "8.17.1"; 6 7 src = fetchurl { 8 url = "ftp://ftp.sendmail.org/pub/sendmail/sendmail.${version}.tar.gz"; 9 + sha256 = "sha256-BLx2tsiG5tERvn/Y2qMrjOABKKKItrUuBnvCnzhUpuY="; 10 }; 11 12 buildPhase = '' ··· 32 sh Build -f ./a.m4 33 ''; 34 35 + patches = [ ./install.patch ./sharedlib.patch ./darwin.patch ]; 36 37 nativeBuildInputs = [ m4 ] ++ lib.optional stdenv.isDarwin fixDarwinDylibNames; 38
-44
pkgs/development/libraries/libmilter/glibc-2.30.patch
··· 1 - diff --git a/libmilter/sm_gethost.c b/libmilter/sm_gethost.c 2 - index 2423c34..f00468c 100644 3 - --- a/libmilter/sm_gethost.c 4 - +++ b/libmilter/sm_gethost.c 5 - @@ -52,16 +52,8 @@ sm_getipnodebyname(name, family, flags, err) 6 - bool resv6 = true; 7 - struct hostent *h; 8 - 9 - - if (family == AF_INET6) 10 - - { 11 - - /* From RFC2133, section 6.1 */ 12 - - resv6 = bitset(RES_USE_INET6, _res.options); 13 - - _res.options |= RES_USE_INET6; 14 - - } 15 - SM_SET_H_ERRNO(0); 16 - - h = gethostbyname(name); 17 - - if (family == AF_INET6 && !resv6) 18 - - _res.options &= ~RES_USE_INET6; 19 - + h = gethostbyname2(name, family); 20 - 21 - /* the function is supposed to return only the requested family */ 22 - if (h != NULL && h->h_addrtype != family) 23 - diff --git a/sendmail/conf.c b/sendmail/conf.c 24 - index c73334e..500dafb 100644 25 - --- a/sendmail/conf.c 26 - +++ b/sendmail/conf.c 27 - @@ -4243,16 +4243,8 @@ sm_getipnodebyname(name, family, flags, err) 28 - # else /* HAS_GETHOSTBYNAME2 */ 29 - bool resv6 = true; 30 - 31 - - if (family == AF_INET6) 32 - - { 33 - - /* From RFC2133, section 6.1 */ 34 - - resv6 = bitset(RES_USE_INET6, _res.options); 35 - - _res.options |= RES_USE_INET6; 36 - - } 37 - SM_SET_H_ERRNO(0); 38 - - h = gethostbyname(name); 39 - - if (!resv6) 40 - - _res.options &= ~RES_USE_INET6; 41 - + h = gethostbyname2(name, family); 42 - 43 - /* the function is supposed to return only the requested family */ 44 - if (h != NULL && h->h_addrtype != family)
···
+2 -2
pkgs/development/libraries/libpg_query/default.nix
··· 2 3 stdenv.mkDerivation rec { 4 pname = "libpg_query"; 5 - version = "14-3.0.0"; 6 7 src = fetchFromGitHub { 8 owner = "pganalyze"; 9 repo = "libpg_query"; 10 rev = version; 11 - sha256 = "sha256-rICN8fkPcYw32N6TdpbrszGUoRzwQdfRSW6A0AC8toM="; 12 }; 13 14 nativeBuildInputs = [ which ];
··· 2 3 stdenv.mkDerivation rec { 4 pname = "libpg_query"; 5 + version = "15-4.0.0"; 6 7 src = fetchFromGitHub { 8 owner = "pganalyze"; 9 repo = "libpg_query"; 10 rev = version; 11 + sha256 = "sha256-2BZT/jGfGwia+Map5OkeTcWVFJssykhrdRT2IDAzrfs="; 12 }; 13 14 nativeBuildInputs = [ which ];
+10 -6
pkgs/development/python-modules/python-arango/default.nix
··· 22 23 buildPythonPackage rec { 24 pname = "python-arango"; 25 - version = "7.5.3"; 26 disabled = pythonOlder "3.7"; 27 - format = "setuptools"; 28 29 src = fetchFromGitHub { 30 owner = "ArangoDB-Community"; 31 repo = "python-arango"; 32 - rev = version; 33 - sha256 = "0qb2yp05z8dmgsyyxqrl3q0a60jaiih96zhxmqrn2yf7as45n07j"; 34 }; 35 36 propagatedBuildInputs = [ ··· 127 "test_replication_applier" 128 ]; 129 130 - pythonImportsCheck = [ "arango" ]; 131 132 meta = with lib; { 133 description = "Python Driver for ArangoDB"; 134 homepage = "https://github.com/ArangoDB-Community/python-arango"; 135 license = licenses.mit; 136 - maintainers = [ maintainers.jsoo1 ]; 137 }; 138 }
··· 22 23 buildPythonPackage rec { 24 pname = "python-arango"; 25 + version = "7.5.4"; 26 + format = "setuptools"; 27 + 28 disabled = pythonOlder "3.7"; 29 30 src = fetchFromGitHub { 31 owner = "ArangoDB-Community"; 32 repo = "python-arango"; 33 + rev = "refs/tags/${version}"; 34 + hash = "sha256-b3UZuH2hpulRSThReBkDwh0MLJmc95HeWInmmMAl4g0="; 35 }; 36 37 propagatedBuildInputs = [ ··· 128 "test_replication_applier" 129 ]; 130 131 + pythonImportsCheck = [ 132 + "arango" 133 + ]; 134 135 meta = with lib; { 136 description = "Python Driver for ArangoDB"; 137 homepage = "https://github.com/ArangoDB-Community/python-arango"; 138 + changelog = "https://github.com/ArangoDB-Community/python-arango/releases/tag/${version}"; 139 license = licenses.mit; 140 + maintainers = with maintainers; [ jsoo1 ]; 141 }; 142 }
+2 -2
pkgs/development/ruby-modules/bundler/default.nix
··· 4 inherit ruby; 5 name = "${gemName}-${version}"; 6 gemName = "bundler"; 7 - version = "2.3.26"; 8 - source.sha256 = "sha256-HuU832HnKK2Cxtv/Bs/NhVHVQi6I6GID8OLb6a6Zngk="; 9 dontPatchShebangs = true; 10 11 passthru.updateScript = writeScript "gem-update-script" ''
··· 4 inherit ruby; 5 name = "${gemName}-${version}"; 6 gemName = "bundler"; 7 + version = "2.4.2"; 8 + source.sha256 = "sha256-mYUOxAWH7hv7Kn521OVI8PyzoO3T6LGPJjAxA07buR8="; 9 dontPatchShebangs = true; 10 11 passthru.updateScript = writeScript "gem-update-script" ''
+3 -3
pkgs/development/tools/esbuild/default.nix
··· 2 3 buildGoModule rec { 4 pname = "esbuild"; 5 - version = "0.16.7"; 6 7 src = fetchFromGitHub { 8 owner = "evanw"; 9 repo = "esbuild"; 10 rev = "v${version}"; 11 - sha256 = "sha256-zo7YQ4Is3VWsXGvPNrg95tZ76qTSQRyntFjDeqhoyVw="; 12 }; 13 14 - vendorSha256 = "sha256-+BfxCyg0KkDQpHt/wycy/8CTG6YBA/VJvJFhhzUnSiQ="; 15 16 subPackages = [ "cmd/esbuild" ]; 17
··· 2 3 buildGoModule rec { 4 pname = "esbuild"; 5 + version = "0.16.13"; 6 7 src = fetchFromGitHub { 8 owner = "evanw"; 9 repo = "esbuild"; 10 rev = "v${version}"; 11 + hash = "sha256-X4UB2RDfupUP+u+4g2jLxbpx4n4uarhcjs5VtP9Zi20="; 12 }; 13 14 + vendorHash = "sha256-+BfxCyg0KkDQpHt/wycy/8CTG6YBA/VJvJFhhzUnSiQ="; 15 16 subPackages = [ "cmd/esbuild" ]; 17
+3 -3
pkgs/development/tools/misc/ptags/default.nix
··· 8 9 rustPlatform.buildRustPackage rec { 10 pname = "ptags"; 11 - version = "0.3.2"; 12 13 src = fetchFromGitHub { 14 owner = "dalance"; 15 repo = "ptags"; 16 rev = "v${version}"; 17 - sha256 = "1xr1szh4dfrcmi6s6dj791k1ix2zbv75rqkqbyb1lmh5548kywkg"; 18 }; 19 20 - cargoSha256 = "1pz5hvn1iq26i8c2cmqavhnri8h0sn40khrxvcdkj9q47nsj5wcx"; 21 22 nativeBuildInputs = [ makeWrapper ]; 23
··· 8 9 rustPlatform.buildRustPackage rec { 10 pname = "ptags"; 11 + version = "0.3.4"; 12 13 src = fetchFromGitHub { 14 owner = "dalance"; 15 repo = "ptags"; 16 rev = "v${version}"; 17 + sha256 = "sha256-hFHzNdTX3nw2OwRxk9lKrt/YpaBXwi5aE/Qn3W9PRf4="; 18 }; 19 20 + cargoSha256 = "sha256-cFezB7uwUznC/8NXJNrBqP0lf0sXAQBoGksXFOGrUIg="; 21 22 nativeBuildInputs = [ makeWrapper ]; 23
+2 -2
pkgs/development/tools/ocaml/dune/3.nix
··· 6 7 stdenv.mkDerivation rec { 8 pname = "dune"; 9 - version = "3.6.1"; 10 11 src = fetchurl { 12 url = "https://github.com/ocaml/dune/releases/download/${version}/dune-${version}.tbz"; 13 - sha256 = "sha256-8dWsBLegJ/PVSeJc+IXr96zBNeApHBjmtDEjp5nBQ84="; 14 }; 15 16 nativeBuildInputs = [ ocaml findlib ];
··· 6 7 stdenv.mkDerivation rec { 8 pname = "dune"; 9 + version = "3.6.2"; 10 11 src = fetchurl { 12 url = "https://github.com/ocaml/dune/releases/download/${version}/dune-${version}.tbz"; 13 + sha256 = "sha256-ttSrhI77BKoqMl0AFdMu1EFO1xMOx6oS+YFY7/RFzzw="; 14 }; 15 16 nativeBuildInputs = [ ocaml findlib ];
+3 -3
pkgs/games/rare/default.nix
··· 3 4 buildPythonApplication rec { 5 pname = "rare"; 6 - version = "1.9.3"; 7 8 src = fetchFromGitHub { 9 owner = "Dummerle"; 10 repo = "Rare"; 11 - rev = version; 12 - sha256 = "sha256-M+OMsyamh4WHIx7Pv2sLylOrnSmYrv1aEm3atqXrDaw="; 13 }; 14 15 nativeBuildInputs = [
··· 3 4 buildPythonApplication rec { 5 pname = "rare"; 6 + version = "1.9.4"; 7 8 src = fetchFromGitHub { 9 owner = "Dummerle"; 10 repo = "Rare"; 11 + rev = "refs/tags/${version}"; 12 + sha256 = "sha256-+STwVsDdvjP7HaqmaQVug+6h0n0rw/j4LGQQSNdLVQQ="; 13 }; 14 15 nativeBuildInputs = [
+3 -2
pkgs/os-specific/linux/waydroid/default.nix
··· 2 , lib 3 , fetchFromGitHub 4 , python3Packages 5 , dnsmasq 6 , gawk 7 , getent ··· 17 18 python3Packages.buildPythonApplication rec { 19 pname = "waydroid"; 20 - version = "1.3.3"; 21 format = "other"; 22 23 src = fetchFromGitHub { 24 owner = pname; 25 repo = pname; 26 rev = version; 27 - sha256 = "sha256-av1kcOSViUV2jsFiTE21N6sAJIL6K+zKkpPHjx6iYVk="; 28 }; 29 30 propagatedBuildInputs = with python3Packages; [
··· 2 , lib 3 , fetchFromGitHub 4 , python3Packages 5 + , bash 6 , dnsmasq 7 , gawk 8 , getent ··· 18 19 python3Packages.buildPythonApplication rec { 20 pname = "waydroid"; 21 + version = "1.3.4"; 22 format = "other"; 23 24 src = fetchFromGitHub { 25 owner = pname; 26 repo = pname; 27 rev = version; 28 + sha256 = "sha256-0GBob9BUwiE5cFGdK8AdwsTjTOdc+AIWqUGN/gFfOqI="; 29 }; 30 31 propagatedBuildInputs = with python3Packages; [
+2 -2
pkgs/servers/sql/postgresql/ext/pg_ivm.nix
··· 2 3 stdenv.mkDerivation rec { 4 pname = "pg_ivm"; 5 - version = "1.3"; 6 7 src = fetchFromGitHub { 8 owner = "sraoss"; 9 repo = pname; 10 rev = "v${version}"; 11 - hash = "sha256-HdIqAB/A6+EvioKhS2OKmlABjpeTAgkbU5ihbt/OzdI="; 12 }; 13 14 buildInputs = [ postgresql ];
··· 2 3 stdenv.mkDerivation rec { 4 pname = "pg_ivm"; 5 + version = "1.4"; 6 7 src = fetchFromGitHub { 8 owner = "sraoss"; 9 repo = pname; 10 rev = "v${version}"; 11 + hash = "sha256-pz9eHmd7GC30r0uUObOlrcdkAX4c+szjYAXS1U999CE="; 12 }; 13 14 buildInputs = [ postgresql ];
+2 -2
pkgs/servers/sql/postgresql/ext/pgroonga.nix
··· 2 3 stdenv.mkDerivation rec { 4 pname = "pgroonga"; 5 - version = "2.4.0"; 6 7 src = fetchurl { 8 url = "https://packages.groonga.org/source/${pname}/${pname}-${version}.tar.gz"; 9 - sha256 = "sha256-W6quDn2B+BZ+J46aNMbtVq7OizT1q5jyKMZECAk0F7M="; 10 }; 11 12 nativeBuildInputs = [ pkg-config ];
··· 2 3 stdenv.mkDerivation rec { 4 pname = "pgroonga"; 5 + version = "2.4.2"; 6 7 src = fetchurl { 8 url = "https://packages.groonga.org/source/${pname}/${pname}-${version}.tar.gz"; 9 + sha256 = "sha256-5klltU+9dz30tjE0lQfNinrVEZyT8UpK120kQ1j/yig="; 10 }; 11 12 nativeBuildInputs = [ pkg-config ];
+2 -2
pkgs/servers/sql/postgresql/ext/pgrouting.nix
··· 2 3 stdenv.mkDerivation rec { 4 pname = "pgrouting"; 5 - version = "3.3.2"; 6 7 nativeBuildInputs = [ cmake perl ]; 8 buildInputs = [ postgresql boost ]; ··· 11 owner = "pgRouting"; 12 repo = pname; 13 rev = "v${version}"; 14 - sha256 = "sha256-H7h+eiH02qLscpiZ8yV5ofL7upeqRBXNQDGYS86f3og="; 15 }; 16 17 installPhase = ''
··· 2 3 stdenv.mkDerivation rec { 4 pname = "pgrouting"; 5 + version = "3.4.2"; 6 7 nativeBuildInputs = [ cmake perl ]; 8 buildInputs = [ postgresql boost ]; ··· 11 owner = "pgRouting"; 12 repo = pname; 13 rev = "v${version}"; 14 + sha256 = "sha256-By3XX4ow5+OdvpLlpozZe3674VSehO9T96pQtJy5y6g="; 15 }; 16 17 installPhase = ''
+2 -2
pkgs/servers/sql/postgresql/ext/plpgsql_check.nix
··· 2 3 stdenv.mkDerivation rec { 4 pname = "plpgsql_check"; 5 - version = "2.2.4"; 6 7 src = fetchFromGitHub { 8 owner = "okbob"; 9 repo = pname; 10 rev = "v${version}"; 11 - sha256 = "sha256-YUJLh1IgOOnNxPrH8NaY3jGEV+4mTjRffooIANkbbFo="; 12 }; 13 14 buildInputs = [ postgresql ];
··· 2 3 stdenv.mkDerivation rec { 4 pname = "plpgsql_check"; 5 + version = "2.2.6"; 6 7 src = fetchFromGitHub { 8 owner = "okbob"; 9 repo = pname; 10 rev = "v${version}"; 11 + hash = "sha256-8HFyIzJ1iF3K2vTlibFallvkMKjFTJ2DO64fORToD8E="; 12 }; 13 14 buildInputs = [ postgresql ];
+3 -3
pkgs/tools/audio/vgmtools/default.nix
··· 8 9 stdenv.mkDerivation rec { 10 pname = "vgmtools"; 11 - version = "unstable-2022-12-03"; 12 13 src = fetchFromGitHub { 14 owner = "vgmrips"; 15 repo = "vgmtools"; 16 - rev = "b9216623ffb9219c46a7a10669175c7a4c8cd946"; 17 - sha256 = "fPt/z4D4C8TWoz7FivxmXGDcYGc7sXWvxE0+CoyFgDQ="; 18 }; 19 20 nativeBuildInputs = [
··· 8 9 stdenv.mkDerivation rec { 10 pname = "vgmtools"; 11 + version = "unstable-2022-12-30"; 12 13 src = fetchFromGitHub { 14 owner = "vgmrips"; 15 repo = "vgmtools"; 16 + rev = "6c2c21dfc871f8cb9c33a77fe7db01419b6ad97d"; 17 + sha256 = "qe8cHGf8X7JjjoiRQ/S3q/WhyvgrMEwsCo7QoQkmg5w="; 18 }; 19 20 nativeBuildInputs = [
+23 -10
pkgs/tools/networking/chrony/default.nix
··· 1 - { lib, stdenv, fetchurl, pkg-config, libcap, readline, texinfo, nss, nspr 2 - , libseccomp, pps-tools, gnutls }: 3 4 stdenv.mkDerivation rec { 5 pname = "chrony"; ··· 7 8 src = fetchurl { 9 url = "https://download.tuxfamily.org/chrony/${pname}-${version}.tar.gz"; 10 - sha256 = "sha256-nQ2oiahl8ImlohYQ/7ZxPjyUOM4wOmO0nC+26v9biAQ="; 11 }; 12 13 postPatch = '' 14 patchShebangs test 15 ''; 16 17 - buildInputs = [ readline texinfo nss nspr gnutls ] 18 - ++ lib.optionals stdenv.isLinux [ libcap libseccomp pps-tools ]; 19 - nativeBuildInputs = [ pkg-config ]; 20 - 21 hardeningEnable = [ "pie" ]; 22 - 23 - configureFlags = [ "--chronyvardir=$(out)/var/lib/chrony" "--enable-ntp-signd" ] 24 - ++ lib.optional stdenv.isLinux "--enable-scfilter"; 25 26 meta = with lib; { 27 description = "Sets your computer's clock from time servers on the Net";
··· 1 + { lib, stdenv, fetchurl, pkg-config 2 + , gnutls, libedit, nspr, nss, readline, texinfo 3 + , libcap, libseccomp, pps-tools 4 + }: 5 6 stdenv.mkDerivation rec { 7 pname = "chrony"; ··· 9 10 src = fetchurl { 11 url = "https://download.tuxfamily.org/chrony/${pname}-${version}.tar.gz"; 12 + hash = "sha256-nQ2oiahl8ImlohYQ/7ZxPjyUOM4wOmO0nC+26v9biAQ="; 13 }; 14 15 + outputs = [ "out" "man" ]; 16 + 17 + nativeBuildInputs = [ pkg-config ]; 18 + 19 + buildInputs = [ gnutls libedit nspr nss readline texinfo ] 20 + ++ lib.optionals stdenv.isLinux [ libcap libseccomp pps-tools ]; 21 + 22 + configureFlags = [ 23 + "--enable-ntp-signd" 24 + "--sbindir=$(out)/bin" 25 + "--chronyrundir=/run/chrony" 26 + ] ++ lib.optional stdenv.isLinux "--enable-scfilter"; 27 + 28 + patches = [ 29 + # Cleanup the installation script 30 + ./makefile.patch 31 + ]; 32 + 33 postPatch = '' 34 patchShebangs test 35 ''; 36 37 hardeningEnable = [ "pie" ]; 38 39 meta = with lib; { 40 description = "Sets your computer's clock from time servers on the Net";
+23
pkgs/tools/networking/chrony/makefile.patch
···
··· 1 + diff --git a/Makefile.in b/Makefile.in 2 + index ef100a4..47f54f4 100644 3 + --- a/Makefile.in 4 + +++ b/Makefile.in 5 + @@ -23,7 +23,7 @@ 6 + 7 + SYSCONFDIR = @SYSCONFDIR@ 8 + BINDIR = @BINDIR@ 9 + -SBINDIR = @SBINDIR@ 10 + +SBINDIR = @BINDIR@ 11 + LOCALSTATEDIR = @LOCALSTATEDIR@ 12 + CHRONYVARDIR = @CHRONYVARDIR@ 13 + DESTDIR = 14 + @@ -86,9 +86,7 @@ getdate : 15 + 16 + install: chronyd chronyc 17 + [ -d $(DESTDIR)$(SYSCONFDIR) ] || mkdir -p $(DESTDIR)$(SYSCONFDIR) 18 + - [ -d $(DESTDIR)$(SBINDIR) ] || mkdir -p $(DESTDIR)$(SBINDIR) 19 + [ -d $(DESTDIR)$(BINDIR) ] || mkdir -p $(DESTDIR)$(BINDIR) 20 + - [ -d $(DESTDIR)$(CHRONYVARDIR) ] || mkdir -p $(DESTDIR)$(CHRONYVARDIR) 21 + if [ -f $(DESTDIR)$(SBINDIR)/chronyd ]; then rm -f $(DESTDIR)$(SBINDIR)/chronyd ; fi 22 + if [ -f $(DESTDIR)$(BINDIR)/chronyc ]; then rm -f $(DESTDIR)$(BINDIR)/chronyc ; fi 23 + cp chronyd $(DESTDIR)$(SBINDIR)/chronyd
+9 -10
pkgs/tools/networking/shadowsocks-rust/default.nix
··· 1 - { lib, stdenv, fetchFromGitHub, rustPlatform, pkg-config, openssl, CoreServices, libiconv }: 2 3 rustPlatform.buildRustPackage rec { 4 pname = "shadowsocks-rust"; 5 - version = "1.14.3"; 6 7 src = fetchFromGitHub { 8 rev = "v${version}"; 9 owner = "shadowsocks"; 10 repo = pname; 11 - sha256 = "sha256-tRiziyCw1Qpm22RtZHeKt4VFReJidFHsPxPSjxIA3hA="; 12 }; 13 14 - cargoSha256 = "sha256-snnzNb1yJ8L5pMvNNEIf5hZOpFV6DKOWGtGP1T3YTWg="; 15 16 - RUSTC_BOOTSTRAP = 1; 17 18 - nativeBuildInputs = [ pkg-config ]; 19 - 20 - buildInputs = [ openssl ] 21 - ++ lib.optionals stdenv.isDarwin [ CoreServices libiconv ]; 22 23 cargoBuildFlags = [ 24 "--features=aead-cipher-extra,local-dns,local-http-native-tls,local-redir,local-tun" ··· 36 ]; 37 38 meta = with lib; { 39 homepage = "https://github.com/shadowsocks/shadowsocks-rust"; 40 - description = "A Rust port of shadowsocks"; 41 license = licenses.mit; 42 maintainers = [ maintainers.marsam ]; 43 };
··· 1 + { lib, stdenv, fetchFromGitHub, rustPlatform, pkg-config, openssl, Security, CoreServices }: 2 3 rustPlatform.buildRustPackage rec { 4 pname = "shadowsocks-rust"; 5 + version = "1.15.2"; 6 7 src = fetchFromGitHub { 8 rev = "v${version}"; 9 owner = "shadowsocks"; 10 repo = pname; 11 + hash = "sha256-CvAOvtC5U2njQuUjFxjnGeqhuxrCw4XI6goo1TxIhIU="; 12 }; 13 14 + cargoHash = "sha256-ctZlYo82M7GKVvrEkw/7+aH9R0MeEsyv3IKl9k4SbiA="; 15 16 + nativeBuildInputs = lib.optionals stdenv.isLinux [ pkg-config ]; 17 18 + buildInputs = lib.optionals stdenv.isLinux [ openssl ] 19 + ++ lib.optionals stdenv.isDarwin [ Security CoreServices ]; 20 21 cargoBuildFlags = [ 22 "--features=aead-cipher-extra,local-dns,local-http-native-tls,local-redir,local-tun" ··· 34 ]; 35 36 meta = with lib; { 37 + description = "A Rust port of Shadowsocks"; 38 homepage = "https://github.com/shadowsocks/shadowsocks-rust"; 39 + changelog = "https://github.com/shadowsocks/shadowsocks-rust/raw/v${version}/debian/changelog"; 40 license = licenses.mit; 41 maintainers = [ maintainers.marsam ]; 42 };
+9 -1
pkgs/tools/nix/nixdoc/default.nix
··· 1 - { lib, stdenv, fetchFromGitHub, rustPlatform, darwin }: 2 3 rustPlatform.buildRustPackage rec { 4 pname = "nixdoc"; ··· 10 rev = "v${version}"; 11 sha256 = "14d4dq06jdqazxvv7fq5872zy0capxyb0fdkp8qg06gxl1iw201s"; 12 }; 13 14 buildInputs = lib.optionals stdenv.isDarwin [ darwin.Security ]; 15
··· 1 + { lib, stdenv, fetchFromGitHub, fetchpatch, rustPlatform, darwin }: 2 3 rustPlatform.buildRustPackage rec { 4 pname = "nixdoc"; ··· 10 rev = "v${version}"; 11 sha256 = "14d4dq06jdqazxvv7fq5872zy0capxyb0fdkp8qg06gxl1iw201s"; 12 }; 13 + 14 + patches = [ 15 + # Support nested identifiers https://github.com/nix-community/nixdoc/pull/27 16 + (fetchpatch { 17 + url = "https://github.com/nix-community/nixdoc/pull/27/commits/ea542735bf675fe2ccd37edaffb9138d1a8c1b7e.patch"; 18 + sha256 = "1fmz44jv2r9qsnjxvkkjfb0safy69l4x4vx1g5gisrp8nwdn94rj"; 19 + }) 20 + ]; 21 22 buildInputs = lib.optionals stdenv.isDarwin [ darwin.Security ]; 23
+2 -1
pkgs/tools/security/gnupg/23.nix
··· 57 "--with-ksba-prefix=${libksba.dev}" 58 "--with-npth-prefix=${npth}" 59 ] ++ lib.optional guiSupport "--with-pinentry-pgm=${pinentry}/${pinentryBinaryPath}" 60 - ++ lib.optional withTpm2Tss "--with-tss=intel"; 61 postInstall = if enableMinimal 62 then '' 63 rm -r $out/{libexec,sbin,share}
··· 57 "--with-ksba-prefix=${libksba.dev}" 58 "--with-npth-prefix=${npth}" 59 ] ++ lib.optional guiSupport "--with-pinentry-pgm=${pinentry}/${pinentryBinaryPath}" 60 + ++ lib.optional withTpm2Tss "--with-tss=intel" 61 + ++ lib.optional stdenv.isDarwin "--disable-ccid-driver"; 62 postInstall = if enableMinimal 63 then '' 64 rm -r $out/{libexec,sbin,share}
+1
pkgs/top-level/aliases.nix
··· 633 634 ### I ### 635 636 i3cat = throw "i3cat has been dropped due to the lack of maintanence from upstream since 2016"; # Added 2022-06-02 637 iana_etc = throw "'iana_etc' has been renamed to/replaced by 'iana-etc'"; # Converted to throw 2022-02-22 638 iasl = throw "iasl has been removed, use acpica-tools instead"; # Added 2021-08-08
··· 633 634 ### I ### 635 636 + i3-gaps = i3; # Added 2023-01-03 637 i3cat = throw "i3cat has been dropped due to the lack of maintanence from upstream since 2016"; # Added 2022-06-02 638 iana_etc = throw "'iana_etc' has been renamed to/replaced by 'iana-etc'"; # Converted to throw 2022-02-22 639 iasl = throw "iasl has been removed, use acpica-tools instead"; # Added 2021-08-08
+7 -4
pkgs/top-level/all-packages.nix
··· 1543 1544 ### APPLICATIONS/VERSION-MANAGEMENT 1545 1546 git = callPackage ../applications/version-management/git { 1547 inherit (darwin.apple_sdk.frameworks) CoreServices Security; 1548 perlLibs = [perlPackages.LWP perlPackages.URI perlPackages.TermReadKey]; ··· 11594 shabnam-fonts = callPackage ../data/fonts/shabnam-fonts { }; 11595 11596 shadowsocks-rust = callPackage ../tools/networking/shadowsocks-rust { 11597 - inherit (darwin.apple_sdk.frameworks) CoreServices; 11598 }; 11599 11600 shadowsocks-v2ray-plugin = callPackage ../tools/networking/shadowsocks-v2ray-plugin { }; ··· 14521 gcc-arm-embedded-9 = callPackage ../development/compilers/gcc-arm-embedded/9 {}; 14522 gcc-arm-embedded-10 = callPackage ../development/compilers/gcc-arm-embedded/10 {}; 14523 gcc-arm-embedded-11 = callPackage ../development/compilers/gcc-arm-embedded/11 {}; 14524 - gcc-arm-embedded = gcc-arm-embedded-11; 14525 14526 # Has to match the default gcc so that there are no linking errors when 14527 # using C/C++ libraries in D packages ··· 27108 nordzy-icon-theme = callPackage ../data/icons/nordzy-icon-theme { }; 27109 27110 inherit (callPackages ../data/fonts/noto-fonts {}) 27111 noto-fonts 27112 noto-fonts-cjk-sans 27113 noto-fonts-cjk-serif 27114 noto-fonts-emoji ··· 29845 }; 29846 29847 i3-auto-layout = callPackage ../applications/window-managers/i3/auto-layout.nix { }; 29848 - 29849 - i3-gaps = callPackage ../applications/window-managers/i3/gaps.nix { }; 29850 29851 i3-rounded = callPackage ../applications/window-managers/i3/rounded.nix { }; 29852
··· 1543 1544 ### APPLICATIONS/VERSION-MANAGEMENT 1545 1546 + deepgit = callPackage ../applications/version-management/deepgit {}; 1547 + 1548 git = callPackage ../applications/version-management/git { 1549 inherit (darwin.apple_sdk.frameworks) CoreServices Security; 1550 perlLibs = [perlPackages.LWP perlPackages.URI perlPackages.TermReadKey]; ··· 11596 shabnam-fonts = callPackage ../data/fonts/shabnam-fonts { }; 11597 11598 shadowsocks-rust = callPackage ../tools/networking/shadowsocks-rust { 11599 + inherit (darwin.apple_sdk.frameworks) Security CoreServices; 11600 }; 11601 11602 shadowsocks-v2ray-plugin = callPackage ../tools/networking/shadowsocks-v2ray-plugin { }; ··· 14523 gcc-arm-embedded-9 = callPackage ../development/compilers/gcc-arm-embedded/9 {}; 14524 gcc-arm-embedded-10 = callPackage ../development/compilers/gcc-arm-embedded/10 {}; 14525 gcc-arm-embedded-11 = callPackage ../development/compilers/gcc-arm-embedded/11 {}; 14526 + gcc-arm-embedded-12 = callPackage ../development/compilers/gcc-arm-embedded/12 {}; 14527 + gcc-arm-embedded = gcc-arm-embedded-12; 14528 14529 # Has to match the default gcc so that there are no linking errors when 14530 # using C/C++ libraries in D packages ··· 27111 nordzy-icon-theme = callPackage ../data/icons/nordzy-icon-theme { }; 27112 27113 inherit (callPackages ../data/fonts/noto-fonts {}) 27114 + mkNoto 27115 noto-fonts 27116 + noto-fonts-lgc-plus 27117 noto-fonts-cjk-sans 27118 noto-fonts-cjk-serif 27119 noto-fonts-emoji ··· 29850 }; 29851 29852 i3-auto-layout = callPackage ../applications/window-managers/i3/auto-layout.nix { }; 29853 29854 i3-rounded = callPackage ../applications/window-managers/i3/rounded.nix { }; 29855