pkgs/by-name/fo/fontforge/package.nix at python-updates

tjh.dev / nixpkgs
fork atom
nixpkgs mirror (for testing) github.com/NixOS/nixpkgs
nix
fork atom
nixpkgs / pkgs / by-name / fo / fontforge / package.nix
at python-updates 143 lines 4.2 kB view raw
wrap content
  1{
  2  stdenv,
  3  fetchFromGitHub,
  4  fetchpatch,
  5  lib,
  6  replaceVars,
  7  cmake,
  8  pkg-config,
  9  python3,
 10  freetype,
 11  zlib,
 12  glib,
 13  giflib,
 14  gettext,
 15  libpng,
 16  libjpeg,
 17  libtiff,
 18  libxml2,
 19  cairo,
 20  pango,
 21  readline,
 22  woff2,
 23  zeromq,
 24  withSpiro ? false,
 25  libspiro,
 26  withGTK ? false,
 27  gtk3,
 28  gtkmm3,
 29  withGUI ? withGTK,
 30  withPython ? true,
 31  withExtras ? true,
 32}:
 33
 34assert withGTK -> withGUI;
 35
 36let
 37  py = python3.withPackages (ps: with ps; [ setuptools ]);
 38in
 39stdenv.mkDerivation (finalAttrs: {
 40  pname = "fontforge";
 41  version = "20251009";
 42
 43  src = fetchFromGitHub {
 44    owner = "fontforge";
 45    repo = "fontforge";
 46    tag = finalAttrs.version;
 47    hash = "sha256-tlpdd+x1mA+HeLXpy5LotNC6sabxI6U7S+m/qOn1jwc=";
 48  };
 49
 50  patches = [
 51    # Provide a Nix-controlled location for the initial `sys.path` entry.
 52    (replaceVars ./set-python-sys-path.patch { python = "${py}/${py.sitePackages}"; })
 53    (fetchpatch {
 54      name = "CVE-2025-15279_1.patch";
 55      url = "https://github.com/fontforge/fontforge/commit/7d67700cf8888e0bb37b453ad54ed932c8587073.patch";
 56      hash = "sha256-AqixWSgMc75qkgO30nWnI9NKLRtVwCDR+uSEiwMtFKg=";
 57    })
 58    (fetchpatch {
 59      name = "CVE-2025-15279_2.patch";
 60      url = "https://github.com/fontforge/fontforge/commit/720ea95020c964202928afd2e93b0f5fac11027e.patch";
 61      hash = "sha256-DsP2fDTZlTtg8MXcnsuGQ4PFPOVp56Jm95gq877PLlE=";
 62    })
 63    (fetchpatch {
 64      name = "CVE-2025-15275.patch";
 65      url = "https://github.com/fontforge/fontforge/commit/7195402701ace7783753ef9424153eff48c9af44.patch";
 66      hash = "sha256-NHgKUvHF389z7PRqaDj3IWLSLijlSw0F3UYcMjLxKvE=";
 67    })
 68    (fetchpatch {
 69      name = "CVE-2025-15269.patch";
 70      url = "https://github.com/fontforge/fontforge/commit/6aea6db5da332d8ac94e3501bb83c1b21f52074d.patch";
 71      hash = "sha256-3KsWSXVRpPJbytVmzjExCGw6IaCgcrKwqQGRKpQAOiY=";
 72    })
 73  ];
 74
 75  # use $SOURCE_DATE_EPOCH instead of non-deterministic timestamps
 76  postPatch = ''
 77    find . -type f -name '*.c' -exec sed -r -i 's#\btime\(&(.+)\)#if (getenv("SOURCE_DATE_EPOCH")) \1=atol(getenv("SOURCE_DATE_EPOCH")); else &#g' {} \;
 78    sed -r -i 's#author\s*!=\s*NULL#& \&\& !getenv("SOURCE_DATE_EPOCH")#g'                            fontforge/cvexport.c fontforge/dumppfa.c fontforge/print.c fontforge/svg.c fontforge/splineutil2.c
 79    sed -r -i 's#\bb.st_mtime#getenv("SOURCE_DATE_EPOCH") ? atol(getenv("SOURCE_DATE_EPOCH")) : &#g'  fontforge/parsepfa.c fontforge/sfd.c fontforge/svg.c
 80    sed -r -i 's#^\s*ttf_fftm_dump#if (!getenv("SOURCE_DATE_EPOCH")) ttf_fftm_dump#g'                 fontforge/tottf.c
 81    sed -r -i 's#sprintf\(.+ author \);#if (!getenv("SOURCE_DATE_EPOCH")) &#g'                        fontforgeexe/fontinfo.c
 82  '';
 83
 84  # do not use x87's 80-bit arithmetic, rounding errors result in very different font binaries
 85  env.NIX_CFLAGS_COMPILE = lib.optionalString stdenv.hostPlatform.isi686 "-msse2 -mfpmath=sse";
 86
 87  strictDeps = true;
 88
 89  nativeBuildInputs = [
 90    pkg-config
 91    cmake
 92    gettext
 93  ];
 94
 95  buildInputs = [
 96    readline
 97    woff2
 98    zeromq
 99    py
100    freetype
101    zlib
102    glib
103    giflib
104    libpng
105    libjpeg
106    libtiff
107    libxml2
108  ]
109  ++ lib.optionals withPython [ py ]
110  ++ lib.optionals withSpiro [ libspiro ]
111  ++ lib.optionals withGUI [
112    gtk3
113    gtkmm3
114    cairo
115    pango
116  ];
117
118  cmakeFlags = [
119    "-DCMAKE_BUILD_WITH_INSTALL_RPATH=ON"
120  ]
121  ++ lib.optional (!withSpiro) "-DENABLE_LIBSPIRO=OFF"
122  ++ lib.optional (!withGUI) "-DENABLE_GUI=OFF"
123  ++ lib.optional (!withGTK) "-DENABLE_X11=ON"
124  ++ lib.optional (!withPython) "-DENABLE_PYTHON_SCRIPTING=OFF"
125  ++ lib.optional withPython "-DPython3_EXECUTABLE=${lib.getExe py}"
126  ++ lib.optional withExtras "-DENABLE_FONTFORGE_EXTRAS=ON";
127
128  preConfigure = ''
129    # The way $version propagates to $version of .pe-scripts (https://github.com/dejavu-fonts/dejavu-fonts/blob/358190f/scripts/generate.pe#L19)
130    export SOURCE_DATE_EPOCH=$(date -d ${finalAttrs.version} +%s)
131  '';
132
133  meta = {
134    description = "Font editor";
135    homepage = "https://fontforge.github.io";
136    platforms = lib.platforms.all;
137    license = lib.licenses.bsd3;
138    maintainers = with lib.maintainers; [
139      philiptaron
140      ulysseszhan
141    ];
142  };
143})