diff --git a/.github/labeler.yml b/.github/labeler.yml index 03d218711774..7f1ac6d2ea32 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -39,7 +39,7 @@ - changed-files: - any-glob-to-any-file: - .github/**/* - - ci/**/* + - ci/**/*.* "6.topic: coq": - any: diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index 6621fd8ec8c8..0c8548d05deb 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -15,7 +15,7 @@ jobs: backport: name: Backport Pull Request if: github.repository_owner == 'NixOS' && github.event.pull_request.merged == true && (github.event.action != 'labeled' || startsWith(github.event.label.name, 'backport')) - runs-on: ubuntu-24.04 + runs-on: ubuntu-24.04-arm steps: # Use a GitHub App to create the PR so that CI gets triggered # The App is scoped to Repository > Contents and Pull Requests: write for Nixpkgs diff --git a/.github/workflows/check-cherry-picks.yml b/.github/workflows/check-cherry-picks.yml index 1759aa5833b2..f74c83cb6ddf 100644 --- a/.github/workflows/check-cherry-picks.yml +++ b/.github/workflows/check-cherry-picks.yml @@ -12,7 +12,7 @@ permissions: {} jobs: check: name: cherry-pick-check - runs-on: ubuntu-24.04 + runs-on: ubuntu-24.04-arm if: github.repository_owner == 'NixOS' steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 diff --git a/.github/workflows/check-format.yml b/.github/workflows/check-format.yml index ca3da602575b..caa6db054e15 100644 --- a/.github/workflows/check-format.yml +++ b/.github/workflows/check-format.yml @@ -12,7 +12,7 @@ jobs: nixos: name: fmt-check - runs-on: ubuntu-24.04 + runs-on: ubuntu-24.04-arm needs: get-merge-commit if: needs.get-merge-commit.outputs.mergedSha steps: diff --git a/.github/workflows/check-shell.yml b/.github/workflows/check-shell.yml index d148563c4311..c8ecf553f107 100644 --- a/.github/workflows/check-shell.yml +++ b/.github/workflows/check-shell.yml @@ -16,6 +16,10 @@ jobs: include: - runner: ubuntu-24.04 system: x86_64-linux + - runner: ubuntu-24.04-arm + system: aarch64-linux + - runner: macos-13 + system: x86_64-darwin - runner: macos-14 system: aarch64-darwin @@ -30,4 +34,4 @@ jobs: - uses: cachix/install-nix-action@526118121621777ccd86f79b04685a9319637641 # v31 - name: Build shell - run: nix-build shell.nix + run: nix-build ci -A shell diff --git a/.github/workflows/codeowners-v2.yml b/.github/workflows/codeowners-v2.yml index 98c769236b22..3c0e49afb5c7 100644 --- a/.github/workflows/codeowners-v2.yml +++ b/.github/workflows/codeowners-v2.yml @@ -41,7 +41,7 @@ jobs: # Check that code owners is valid check: name: Check - runs-on: ubuntu-24.04 + runs-on: ubuntu-24.04-arm needs: get-merge-commit if: github.repository_owner == 'NixOS' && needs.get-merge-commit.outputs.mergedSha steps: @@ -89,7 +89,7 @@ jobs: # Request reviews from code owners request: name: Request - runs-on: ubuntu-24.04 + runs-on: ubuntu-24.04-arm if: github.repository_owner == 'NixOS' steps: - uses: cachix/install-nix-action@526118121621777ccd86f79b04685a9319637641 # v31 diff --git a/.github/workflows/eval-aliases.yml b/.github/workflows/eval-aliases.yml new file mode 100644 index 000000000000..8dfb298c6da8 --- /dev/null +++ b/.github/workflows/eval-aliases.yml @@ -0,0 +1,33 @@ +name: Eval aliases + +on: + pull_request_target: + +permissions: {} + +jobs: + get-merge-commit: + uses: ./.github/workflows/get-merge-commit.yml + + eval-aliases: + name: Eval nixpkgs with aliases enabled + runs-on: ubuntu-24.04-arm + needs: [ get-merge-commit ] + steps: + - name: Check out the PR at the test merge commit + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + ref: ${{ needs.get-merge-commit.outputs.mergedSha }} + path: nixpkgs + + - name: Install Nix + uses: cachix/install-nix-action@526118121621777ccd86f79b04685a9319637641 # v31 + with: + extra_nix_config: sandbox = true + + - name: Ensure flake outputs on all systems still evaluate + run: nix --experimental-features 'nix-command flakes' flake check --all-systems --no-build ./nixpkgs + + - name: Query nixpkgs with aliases enabled to check for basic syntax errors + run: | + time nix-env -I ./nixpkgs -f ./nixpkgs -qa '*' --option restrict-eval true --option allow-import-from-derivation false >/dev/null diff --git a/.github/workflows/eval.yml b/.github/workflows/eval.yml index e5fa2732a757..8cc523d1bef3 100644 --- a/.github/workflows/eval.yml +++ b/.github/workflows/eval.yml @@ -21,7 +21,7 @@ jobs: attrs: name: Attributes - runs-on: ubuntu-24.04 + runs-on: ubuntu-24.04-arm needs: get-merge-commit if: needs.get-merge-commit.outputs.mergedSha outputs: @@ -59,32 +59,9 @@ jobs: name: paths path: result/* - eval-aliases: - name: Eval nixpkgs with aliases enabled - runs-on: ubuntu-24.04 - needs: [ get-merge-commit ] - steps: - - name: Check out the PR at the test merge commit - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - ref: ${{ needs.get-merge-commit.outputs.mergedSha }} - path: nixpkgs - - - name: Install Nix - uses: cachix/install-nix-action@526118121621777ccd86f79b04685a9319637641 # v31 - with: - extra_nix_config: sandbox = true - - - name: Ensure flake outputs on all systems still evaluate - run: nix --experimental-features 'nix-command flakes' flake check --all-systems --no-build ./nixpkgs - - - name: Query nixpkgs with aliases enabled to check for basic syntax errors - run: | - time nix-env -I ./nixpkgs -f ./nixpkgs -qa '*' --option restrict-eval true --option allow-import-from-derivation false >/dev/null - outpaths: name: Outpaths - runs-on: ubuntu-24.04 + runs-on: ubuntu-24.04-arm needs: [ attrs, get-merge-commit ] strategy: fail-fast: false @@ -93,10 +70,10 @@ jobs: steps: - name: Enable swap run: | - sudo fallocate -l 10G /swapfile - sudo chmod 600 /swapfile - sudo mkswap /swapfile - sudo swapon /swapfile + sudo fallocate -l 10G /swap + sudo chmod 600 /swap + sudo mkswap /swap + sudo swapon /swap - name: Download the list of all attributes uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 @@ -133,7 +110,7 @@ jobs: process: name: Process - runs-on: ubuntu-24.04 + runs-on: ubuntu-24.04-arm needs: [ outpaths, attrs, get-merge-commit ] outputs: targetRunId: ${{ steps.targetRunId.outputs.targetRunId }} @@ -219,7 +196,7 @@ jobs: # Use the target branch to get accurate maintainer info nix-build target/ci -A eval.compare \ --arg beforeResultDir ./targetResult \ - --arg afterResultDir $(realpath prResult) \ + --arg afterResultDir "$(realpath prResult)" \ --arg touchedFilesJson ./touched-files.json \ -o comparison @@ -235,7 +212,7 @@ jobs: # Separate job to have a very tightly scoped PR write token tag: name: Tag - runs-on: ubuntu-24.04 + runs-on: ubuntu-24.04-arm needs: [ attrs, process ] if: needs.process.outputs.targetRunId permissions: diff --git a/.github/workflows/get-merge-commit.yml b/.github/workflows/get-merge-commit.yml index a32595ae1ad4..cb38438cae3b 100644 --- a/.github/workflows/get-merge-commit.yml +++ b/.github/workflows/get-merge-commit.yml @@ -11,7 +11,7 @@ permissions: {} jobs: resolve-merge-commit: - runs-on: ubuntu-24.04 + runs-on: ubuntu-24.04-arm outputs: mergedSha: ${{ steps.merged.outputs.mergedSha }} steps: diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml index e3423ce169f4..d183985f0708 100644 --- a/.github/workflows/labels.yml +++ b/.github/workflows/labels.yml @@ -16,7 +16,7 @@ permissions: jobs: labels: name: label-pr - runs-on: ubuntu-24.04 + runs-on: ubuntu-24.04-arm if: "github.repository_owner == 'NixOS' && !contains(github.event.pull_request.title, '[skip treewide]')" steps: - uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0 diff --git a/.github/workflows/eval-lib-tests.yml b/.github/workflows/lib-tests.yml similarity index 90% rename from .github/workflows/eval-lib-tests.yml rename to .github/workflows/lib-tests.yml index 722371ac19a2..0643f980381b 100644 --- a/.github/workflows/eval-lib-tests.yml +++ b/.github/workflows/lib-tests.yml @@ -28,4 +28,4 @@ jobs: - name: Building Nixpkgs lib-tests run: | - nix-build --arg pkgs "(import ./ci/. {}).pkgs" ./lib/tests/release.nix + nix-build ci -A lib-tests diff --git a/.github/workflows/lint-actions.sh b/.github/workflows/lint-actions.sh deleted file mode 100755 index 43d6e801caf6..000000000000 --- a/.github/workflows/lint-actions.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/usr/bin/env nix-shell -#!nix-shell -i bash -p bash actionlint shellcheck -I nixpkgs=../.. -set -euo pipefail - -SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )" -cd "$SCRIPT_DIR/../.." -actionlint diff --git a/.github/workflows/manual-nixos-v2.yml b/.github/workflows/manual-nixos-v2.yml index 26fa03aba9b4..fd0f91e2e0c7 100644 --- a/.github/workflows/manual-nixos-v2.yml +++ b/.github/workflows/manual-nixos-v2.yml @@ -22,12 +22,12 @@ jobs: strategy: fail-fast: false matrix: - system: - - x86_64-linux - - aarch64-linux - runs-on: >- - ${{ (matrix.system == 'x86_64-linux' && 'ubuntu-24.04') - || (matrix.system == 'aarch64-linux' && 'ubuntu-24.04-arm') }} + include: + - runner: ubuntu-24.04 + system: x86_64-linux + - runner: ubuntu-24.04-arm + system: aarch64-linux + runs-on: ${{ matrix.runner }} steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: @@ -46,7 +46,7 @@ jobs: - name: Build NixOS manual id: build-manual - run: NIX_PATH=nixpkgs=$(pwd) nix-build --option restrict-eval true nixos/release.nix -A manual.${{ matrix.system }} + run: NIX_PATH=nixpkgs=$(pwd) nix-build --option restrict-eval true ci -A manual-nixos --argstr system ${{ matrix.system }} - name: Upload NixOS manual uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 diff --git a/.github/workflows/manual-nixpkgs-v2.yml b/.github/workflows/manual-nixpkgs-v2.yml index a97bd0aac719..f899ad409d50 100644 --- a/.github/workflows/manual-nixpkgs-v2.yml +++ b/.github/workflows/manual-nixpkgs-v2.yml @@ -7,14 +7,14 @@ on: paths: - 'doc/**' - 'lib/**' - - 'pkgs/tools/nix/nixdoc/**' + - 'pkgs/by-name/ni/nixdoc/**' permissions: {} jobs: nixpkgs: name: nixpkgs-manual-build - runs-on: ubuntu-24.04 + runs-on: ubuntu-24.04-arm steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: @@ -32,4 +32,4 @@ jobs: authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' - name: Building Nixpkgs manual - run: NIX_PATH=nixpkgs=$(pwd) nix-build --option restrict-eval true pkgs/top-level/release.nix -A manual -A manual.tests + run: NIX_PATH=nixpkgs=$(pwd) nix-build --option restrict-eval true ci -A manual-nixpkgs -A manual-nixpkgs-tests diff --git a/.github/workflows/nix-parse-v2.yml b/.github/workflows/nix-parse-v2.yml index cc988e20bd6e..aec48b0ac768 100644 --- a/.github/workflows/nix-parse-v2.yml +++ b/.github/workflows/nix-parse-v2.yml @@ -11,37 +11,20 @@ jobs: tests: name: nix-files-parseable-check - runs-on: ubuntu-24.04 + runs-on: ubuntu-24.04-arm needs: get-merge-commit if: "needs.get-merge-commit.outputs.mergedSha && !contains(github.event.pull_request.title, '[skip treewide]')" steps: - - name: Get list of changed files from PR - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - gh api \ - repos/${{ github.repository }}/pulls/${{github.event.number}}/files --paginate \ - | jq --raw-output '.[] | select(.status != "removed" and (.filename | endswith(".nix"))) | .filename' \ - > "$HOME/changed_files" - if [[ -s "$HOME/changed_files" ]]; then - echo "CHANGED_FILES=$HOME/changed_files" > "$GITHUB_ENV" - fi - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ needs.get-merge-commit.outputs.mergedSha }} - if: ${{ env.CHANGED_FILES && env.CHANGED_FILES != '' }} - uses: cachix/install-nix-action@526118121621777ccd86f79b04685a9319637641 # v31 with: extra_nix_config: sandbox = true nix_path: nixpkgs=channel:nixpkgs-unstable - - name: Parse all changed or added nix files + - name: Parse all nix files run: | - ret=0 - while IFS= read -r file; do - out="$(nix-instantiate --parse "$file")" || { echo "$out" && ret=1; } - done < "$HOME/changed_files" - exit "$ret" - if: ${{ env.CHANGED_FILES && env.CHANGED_FILES != '' }} + # Tests multiple versions at once, let's make sure all of them run, so keep-going. + nix-build ci -A parse --keep-going diff --git a/.github/workflows/no-channel.yml b/.github/workflows/no-channel.yml index ce0d50fed15d..c5eae3c94e7d 100644 --- a/.github/workflows/no-channel.yml +++ b/.github/workflows/no-channel.yml @@ -13,7 +13,7 @@ jobs: startsWith(github.event.pull_request.base.ref, 'nixos-') || startsWith(github.event.pull_request.base.ref, 'nixpkgs-') name: "This PR is targeting a channel branch" - runs-on: ubuntu-24.04 + runs-on: ubuntu-24.04-arm steps: - run: | cat </dev/null 2>/dev/null + } + + # Passes each file separately to nix-instantiate with -n1. + # Much slower, but will show all errors. + parse-each() { + find . -type f -iname '*.nix' | xargs -n1 -P $(nproc) nix-instantiate --parse >/dev/null + } + + if ! parse-all; then + parse-each + fi + + touch $out + '' diff --git a/doc/release-notes/rl-2505.section.md b/doc/release-notes/rl-2505.section.md index 63153c27fb6a..afa4d0e3474e 100644 --- a/doc/release-notes/rl-2505.section.md +++ b/doc/release-notes/rl-2505.section.md @@ -424,6 +424,8 @@ - [`lib.packagesFromDirectoryRecursive`] now rejects unknown arguments. [`lib.packagesFromDirectoryRecursive`]: https://nixos.org/manual/nixpkgs/stable/#function-library-lib.filesystem.packagesFromDirectoryRecursive +- The `godot-export-templates` package now has its content at `share/godot/export_templates/$version` instead of the output root. This makes it more convenient for for symlinking into `~/.local`, but scripts expecting the old layout will need to be changed. + ### Deprecations {#sec-nixpkgs-release-25.05-lib-deprecations} - `functor` is an implementation detail and should not be relied upon, but since its status wasn't clear and it has had some use cases without alternatives, changes are being handled as gracefully as possible. Deprecations within functor: diff --git a/nixos/doc/manual/development/running-nixos-tests-interactively.section.md b/nixos/doc/manual/development/running-nixos-tests-interactively.section.md index 2b0f44a04e44..b29f6df5bdaa 100644 --- a/nixos/doc/manual/development/running-nixos-tests-interactively.section.md +++ b/nixos/doc/manual/development/running-nixos-tests-interactively.section.md @@ -87,11 +87,33 @@ $ ssh vsock/3 -o User=root The socket numbers correspond to the node number of the test VM, but start at three instead of one because that's the lowest possible -vsock number. +vsock number. The exact SSH commands are also printed out when starting +`nixos-test-driver`. On non-NixOS systems you'll probably need to enable the SSH config from {manpage}`systemd-ssh-proxy(1)` yourself. +If starting VM fails with an error like + +``` +qemu-system-x86_64: -device vhost-vsock-pci,guest-cid=3: vhost-vsock: unable to set guest cid: Address already in use +``` + +it means that the vsock numbers for the VMs are already in use. This can happen +if another interactive test with SSH backdoor enabled is running on the machine. + +In that case, you need to assign another range of vsock numbers. You can pick another +offset with + +```nix +{ + sshBackdoor = { + enable = true; + vsockOffset = 23542; + }; +} +``` + ## Port forwarding to NixOS test VMs {#sec-nixos-test-port-forwarding} If your test has only a single VM, you may use e.g. diff --git a/nixos/doc/manual/redirects.json b/nixos/doc/manual/redirects.json index 2c9b0242e9e8..0abbf8970eba 100644 --- a/nixos/doc/manual/redirects.json +++ b/nixos/doc/manual/redirects.json @@ -1286,6 +1286,12 @@ "module-services-postgres-initializing-extra-permissions-service-user-oneshot": [ "index.html#module-services-postgres-initializing-extra-permissions-service-user-oneshot" ], + "module-services-postgres-authentication": [ + "index.html#module-services-postgres-authentication" + ], + "module-services-postgres-authentication-user-mapping": [ + "index.html#module-services-postgres-authentication-user-mapping" + ], "module-services-postgres-upgrading": [ "index.html#module-services-postgres-upgrading" ], @@ -1826,6 +1832,9 @@ "test-opt-sshBackdoor.enable": [ "index.html#test-opt-sshBackdoor.enable" ], + "test-opt-sshBackdoor.vsockOffset": [ + "index.html#test-opt-sshBackdoor.vsockOffset" + ], "test-opt-defaults": [ "index.html#test-opt-defaults" ], diff --git a/nixos/lib/test-driver/src/test_driver/__init__.py b/nixos/lib/test-driver/src/test_driver/__init__.py index ff6922e5b90e..86e663da9b7d 100755 --- a/nixos/lib/test-driver/src/test_driver/__init__.py +++ b/nixos/lib/test-driver/src/test_driver/__init__.py @@ -112,7 +112,7 @@ def main() -> None: arg_parser.add_argument( "--dump-vsocks", help="indicates that the interactive SSH backdoor is active and dumps information about it on start", - action="store_true", + type=int, ) args = arg_parser.parse_args() @@ -141,8 +141,8 @@ def main() -> None: if args.interactive: history_dir = os.getcwd() history_path = os.path.join(history_dir, ".nixos-test-history") - if args.dump_vsocks: - driver.dump_machine_ssh() + if offset := args.dump_vsocks: + driver.dump_machine_ssh(offset) ptpython.ipython.embed( user_ns=driver.test_symbols(), history_filename=history_path, diff --git a/nixos/lib/test-driver/src/test_driver/driver.py b/nixos/lib/test-driver/src/test_driver/driver.py index e65c6c5ba511..bf3dda06a617 100644 --- a/nixos/lib/test-driver/src/test_driver/driver.py +++ b/nixos/lib/test-driver/src/test_driver/driver.py @@ -178,14 +178,14 @@ class Driver: ) return {**general_symbols, **machine_symbols, **vlan_symbols} - def dump_machine_ssh(self) -> None: + def dump_machine_ssh(self, offset: int) -> None: print("SSH backdoor enabled, the machines can be accessed like this:") print( f"{Style.BRIGHT}Note:{Style.RESET_ALL} this requires {Style.BRIGHT}systemd-ssh-proxy(1){Style.RESET_ALL} to be enabled (default on NixOS 25.05 and newer)." ) names = [machine.name for machine in self.machines] longest_name = len(max(names, key=len)) - for num, name in enumerate(names, start=3): + for num, name in enumerate(names, start=offset + 1): spaces = " " * (longest_name - len(name) + 2) print( f" {name}:{spaces}{Style.BRIGHT}ssh -o User=root vsock/{num}{Style.RESET_ALL}" diff --git a/nixos/lib/testing/nodes.nix b/nixos/lib/testing/nodes.nix index 38b32dbb6701..b2352c478110 100644 --- a/nixos/lib/testing/nodes.nix +++ b/nixos/lib/testing/nodes.nix @@ -84,6 +84,22 @@ in type = types.bool; description = "Whether to turn on the VSOCK-based access to all VMs. This provides an unauthenticated access intended for debugging."; }; + vsockOffset = mkOption { + default = 2; + type = types.ints.between 2 4294967296; + description = '' + This field is only relevant when multiple users run the (interactive) + driver outside the sandbox and with the SSH backdoor activated. + The typical symptom for this being a problem are error messages like this: + `vhost-vsock: unable to set guest cid: Address already in use` + + This option allows to assign an offset to each vsock number to + resolve this. + + This is a 32bit number. The lowest possible vsock number is `3` + (i.e. with the lowest node number being `1`, this is 2+1). + ''; + }; }; node.type = mkOption { @@ -182,7 +198,7 @@ in passthru.nodes = config.nodesCompat; extraDriverArgs = mkIf config.sshBackdoor.enable [ - "--dump-vsocks" + "--dump-vsocks=${toString config.sshBackdoor.vsockOffset}" ]; defaults = mkMerge [ @@ -190,9 +206,31 @@ in nixpkgs.pkgs = config.node.pkgs; imports = [ ../../modules/misc/nixpkgs/read-only.nix ]; }) - (mkIf config.sshBackdoor.enable { - testing.sshBackdoor.enable = true; - }) + (mkIf config.sshBackdoor.enable ( + let + inherit (config.sshBackdoor) vsockOffset; + in + { config, ... }: + { + services.openssh = { + enable = true; + settings = { + PermitRootLogin = "yes"; + PermitEmptyPasswords = "yes"; + }; + }; + + security.pam.services.sshd = { + allowNullPassword = true; + }; + + virtualisation.qemu.options = [ + "-device vhost-vsock-pci,guest-cid=${ + toString (config.virtualisation.test.nodeNumber + vsockOffset) + }" + ]; + } + )) ]; }; diff --git a/nixos/modules/services/continuous-integration/hydra/default.nix b/nixos/modules/services/continuous-integration/hydra/default.nix index d83db34b9aa3..df586356306a 100644 --- a/nixos/modules/services/continuous-integration/hydra/default.nix +++ b/nixos/modules/services/continuous-integration/hydra/default.nix @@ -564,16 +564,14 @@ in services.postgresql.enable = lib.mkIf haveLocalDB true; services.postgresql.identMap = lib.optionalString haveLocalDB '' - hydra-users hydra hydra - hydra-users hydra-queue-runner hydra - hydra-users hydra-www hydra - hydra-users root hydra - # The postgres user is used to create the pg_trgm extension for the hydra database - hydra-users postgres postgres + hydra hydra hydra + hydra hydra-queue-runner hydra + hydra hydra-www hydra + hydra root hydra ''; services.postgresql.authentication = lib.optionalString haveLocalDB '' - local hydra all ident map=hydra-users + local all hydra peer map=hydra ''; }; diff --git a/nixos/modules/services/databases/postgresql.md b/nixos/modules/services/databases/postgresql.md index daff317e9e2b..e1256c9672f2 100644 --- a/nixos/modules/services/databases/postgresql.md +++ b/nixos/modules/services/databases/postgresql.md @@ -170,6 +170,38 @@ are already created. } ``` +## Authentication {#module-services-postgres-authentication} + +Local connections are made through unix sockets by default and support [peer authentication](https://www.postgresql.org/docs/current/auth-peer.html). +This allows system users to login with database roles of the same name. +For example, the `postgres` system user is allowed to login with the database role `postgres`. + +System users and database roles might not always match. +In this case, to allow access for a service, you can create a [user name map](https://www.postgresql.org/docs/current/auth-username-maps.html) between system roles and an existing database role. + +### User Mapping {#module-services-postgres-authentication-user-mapping} + +Assume that your app creates a role `admin` and you want the `root` user to be able to login with it. +You can then use [](#opt-services.postgresql.identMap) to define the map and [](#opt-services.postgresql.authentication) to enable it: + +```nix +services.postgresql = { + identMap = '' + admin root admin + ''; + authentication = '' + local all admin peer map=admin + ''; +} +``` + +::: {.warning} +To avoid conflicts with other modules, you should never apply a map to `all` roles. +Because PostgreSQL will stop on the first matching line in `pg_hba.conf`, a line matching all roles would lock out other services. +Each module should only manage user maps for the database roles that belong to this module. +Best practice is to name the map after the database role it manages to avoid name conflicts. +::: + ## Upgrading {#module-services-postgres-upgrading} ::: {.note} diff --git a/nixos/modules/services/databases/postgresql.nix b/nixos/modules/services/databases/postgresql.nix index abcb704b887a..48ff4c2a48ef 100644 --- a/nixos/modules/services/databases/postgresql.nix +++ b/nixos/modules/services/databases/postgresql.nix @@ -274,6 +274,14 @@ in Defines the mapping from system users to database users. See the [auth doc](https://postgresql.org/docs/current/auth-username-maps.html). + + There is a default map "postgres" which is used for local peer authentication + as the postgres superuser role. + For example, to allow the root user to login as the postgres superuser, add: + + ``` + postgres root postgres + ``` ''; }; @@ -674,12 +682,20 @@ in (mkBefore "# Generated file; do not edit!") (mkAfter '' # default value of services.postgresql.authentication + local all postgres peer map=postgres local all all peer host all all 127.0.0.1/32 md5 host all all ::1/128 md5 '') ]; + # The default allows to login with the same database username as the current system user. + # This is the default for peer authentication without a map, but needs to be made explicit + # once a map is used. + services.postgresql.identMap = mkAfter '' + postgres postgres postgres + ''; + services.postgresql.systemCallFilter = mkMerge [ (mapAttrs (const mkDefault) { "@system-service" = true; diff --git a/nixos/modules/services/networking/anubis.nix b/nixos/modules/services/networking/anubis.nix index e2d9fdc0f290..2d63fa4ecc59 100644 --- a/nixos/modules/services/networking/anubis.nix +++ b/nixos/modules/services/networking/anubis.nix @@ -122,12 +122,6 @@ let example = "tcp"; type = types.str; }; - SOCKET_MODE = mkDefaultOption "settings.SOCKET_MODE" { - default = "0770"; - description = "The permissions on the Unix domain sockets created."; - example = "0700"; - type = types.str; - }; DIFFICULTY = mkDefaultOption "settings.DIFFICULTY" { default = 4; description = '' @@ -146,6 +140,26 @@ let ''; type = types.bool; }; + OG_PASSTHROUGH = mkDefaultOption "settings.OG_PASSTHROUGH" { + default = false; + description = '' + Whether to enable Open Graph tag passthrough. + + This enables social previews of resources protected by + Anubis without having to exempt each scraper individually. + ''; + type = types.bool; + }; + WEBMASTER_EMAIL = mkDefaultOption "settings.WEBMASTER_EMAIL" { + default = null; + description = '' + If set, shows a contact email address when rendering error pages. + + This email address will be how users can get in contact with administrators. + ''; + example = "alice@example.com"; + type = types.nullOr types.str; + }; # generated by default POLICY_FNAME = mkDefaultOption "settings.POLICY_FNAME" { @@ -224,6 +238,9 @@ in and socket paths. ''; type = types.attrsOf (types.submodule (commonSubmodule false)); + + # Merge defaultOptions into each instance + apply = lib.mapAttrs (_: lib.recursiveUpdate cfg.defaultOptions); }; }; @@ -309,6 +326,9 @@ in ) enabledInstances; }; - meta.maintainers = with lib.maintainers; [ soopyc ]; + meta.maintainers = with lib.maintainers; [ + soopyc + nullcube + ]; meta.doc = ./anubis.md; } diff --git a/nixos/modules/testing/test-instrumentation.nix b/nixos/modules/testing/test-instrumentation.nix index 8ace4ab30abf..80852be51f1d 100644 --- a/nixos/modules/testing/test-instrumentation.nix +++ b/nixos/modules/testing/test-instrumentation.nix @@ -86,11 +86,6 @@ in enables commands to be sent to test and debug stage 1. Use machine.switch_root() to leave stage 1 and proceed to stage 2 ''; - - sshBackdoor = { - enable = mkEnableOption "vsock-based ssh backdoor for the VM"; - }; - }; config = { @@ -104,18 +99,6 @@ in } ]; - services.openssh = mkIf config.testing.sshBackdoor.enable { - enable = true; - settings = { - PermitRootLogin = "yes"; - PermitEmptyPasswords = "yes"; - }; - }; - - security.pam.services.sshd = mkIf config.testing.sshBackdoor.enable { - allowNullPassword = true; - }; - systemd.services.backdoor = lib.mkMerge [ backdoorService { @@ -191,10 +174,6 @@ in # we avoid defining attributes if not possible. # TODO: refactor such that test-instrumentation can import qemu-vm package = lib.mkDefault pkgs.qemu_test; - - options = mkIf config.testing.sshBackdoor.enable [ - "-device vhost-vsock-pci,guest-cid=${toString (config.virtualisation.test.nodeNumber + 2)}" - ]; }; }; diff --git a/nixos/tests/anubis.nix b/nixos/tests/anubis.nix index f00a2a827326..e5f643ed1cca 100644 --- a/nixos/tests/anubis.nix +++ b/nixos/tests/anubis.nix @@ -1,7 +1,10 @@ { lib, ... }: { name = "anubis"; - meta.maintainers = [ lib.maintainers.soopyc ]; + meta.maintainers = with lib.maintainers; [ + soopyc + nullcube + ]; nodes.machine = { @@ -10,24 +13,34 @@ ... }: { - services.anubis.instances = { - "".settings.TARGET = "http://localhost:8080"; - - "tcp" = { - user = "anubis-tcp"; - group = "anubis-tcp"; - settings = { - TARGET = "http://localhost:8080"; - BIND = ":9000"; - BIND_NETWORK = "tcp"; - METRICS_BIND = ":9001"; - METRICS_BIND_NETWORK = "tcp"; - }; + services.anubis = { + defaultOptions.settings = { + DIFFICULTY = 3; + USER_DEFINED_DEFAULT = true; }; + instances = { + "".settings = { + TARGET = "http://localhost:8080"; + DIFFICULTY = 5; + USER_DEFINED_INSTANCE = true; + }; - "unix-upstream" = { - group = "nginx"; - settings.TARGET = "unix:///run/nginx/nginx.sock"; + "tcp" = { + user = "anubis-tcp"; + group = "anubis-tcp"; + settings = { + TARGET = "http://localhost:8080"; + BIND = ":9000"; + BIND_NETWORK = "tcp"; + METRICS_BIND = ":9001"; + METRICS_BIND_NETWORK = "tcp"; + }; + }; + + "unix-upstream" = { + group = "nginx"; + settings.TARGET = "unix:///run/nginx/nginx.sock"; + }; }; }; @@ -94,5 +107,17 @@ # Upstream is a unix socket mode machine.succeed('curl -f http://unix.localhost/index.html | grep "it works"') + + # Default user-defined environment variables + machine.succeed('cat /run/current-system/etc/systemd/system/anubis.service | grep "USER_DEFINED_DEFAULT"') + machine.succeed('cat /run/current-system/etc/systemd/system/anubis-tcp.service | grep "USER_DEFINED_DEFAULT"') + + # Instance-specific user-specified environment variables + machine.succeed('cat /run/current-system/etc/systemd/system/anubis.service | grep "USER_DEFINED_INSTANCE"') + machine.fail('cat /run/current-system/etc/systemd/system/anubis-tcp.service | grep "USER_DEFINED_INSTANCE"') + + # Make sure defaults don't overwrite themselves + machine.succeed('cat /run/current-system/etc/systemd/system/anubis.service | grep "DIFFICULTY=5"') + machine.succeed('cat /run/current-system/etc/systemd/system/anubis-tcp.service | grep "DIFFICULTY=3"') ''; } diff --git a/nixos/tests/postgresql/postgresql.nix b/nixos/tests/postgresql/postgresql.nix index a88143c6421a..ecf1b5552804 100644 --- a/nixos/tests/postgresql/postgresql.nix +++ b/nixos/tests/postgresql/postgresql.nix @@ -54,6 +54,9 @@ let services.postgresql = { inherit package; enable = true; + identMap = '' + postgres root postgres + ''; # TODO(@Ma27) split this off into its own VM test and move a few other # extension tests to use postgresqlTestExtension. extensions = ps: with ps; [ plv8 ]; @@ -73,7 +76,7 @@ let in '' def check_count(statement, lines): - return 'test $(sudo -u postgres psql postgres -tAc "{}"|wc -l) -eq {}'.format( + return 'test $(psql -U postgres postgres -tAc "{}"|wc -l) -eq {}'.format( statement, lines ) diff --git a/nixos/tests/scion/freestanding-deployment/default.nix b/nixos/tests/scion/freestanding-deployment/default.nix index ca6c7cffc30e..7dbd10c225a5 100644 --- a/nixos/tests/scion/freestanding-deployment/default.nix +++ b/nixos/tests/scion/freestanding-deployment/default.nix @@ -23,7 +23,7 @@ import ../../make-test-python.nix ( networkConfig.Address = "192.168.1.${toString hostId}/24"; }; environment.etc = { - "scion/topology.json".source = ./topology${toString hostId}.json; + "scion/topology.json".source = ./topology + "${toString hostId}.json"; "scion/crypto/as".source = trust-root-configuration-keys + "/AS${toString hostId}"; "scion/certs/ISD42-B1-S1.trc".source = trust-root-configuration-keys + "/ISD42-B1-S1.trc"; "scion/keys/master0.key".text = "U${toString hostId}v4k23ZXjGDwDofg/Eevw=="; diff --git a/pkgs/applications/editors/vscode/extensions/ms-toolsai.jupyter/default.nix b/pkgs/applications/editors/vscode/extensions/ms-toolsai.jupyter/default.nix index 1c88d3a0f416..5490e9ba97f5 100644 --- a/pkgs/applications/editors/vscode/extensions/ms-toolsai.jupyter/default.nix +++ b/pkgs/applications/editors/vscode/extensions/ms-toolsai.jupyter/default.nix @@ -9,8 +9,8 @@ vscode-utils.buildVscodeMarketplaceExtension { mktplcRef = { name = "jupyter"; publisher = "ms-toolsai"; - version = "2025.3.0"; - hash = "sha256-dH74EX5PDq4t/CukjsswtKLVwbE+q0J+fpZ1MA8CDZI="; + version = "2025.4.0"; + hash = "sha256-UU2Ar6JNuEaODSqgssuR6E+XHEtjBojxfxEM8WiejMs="; }; nativeBuildInputs = [ diff --git a/pkgs/applications/editors/vscode/extensions/sourcery.sourcery/default.nix b/pkgs/applications/editors/vscode/extensions/sourcery.sourcery/default.nix index cadb4311e265..0a1efe2ea845 100644 --- a/pkgs/applications/editors/vscode/extensions/sourcery.sourcery/default.nix +++ b/pkgs/applications/editors/vscode/extensions/sourcery.sourcery/default.nix @@ -10,8 +10,8 @@ vscode-utils.buildVscodeMarketplaceExtension { mktplcRef = { name = "sourcery"; publisher = "sourcery"; - version = "1.35.0"; - hash = "sha256-3+8kzQ+DZVysv0wYc3uM+8Z6jACgxCKNcZVJ2LOlodo="; + version = "1.36.0"; + hash = "sha256-HbOPoDu0R47US+UtK7i2BLiYgUhnNMD1i6Ibo8h3Auk="; }; nativeBuildInputs = lib.optionals stdenv.hostPlatform.isLinux [ autoPatchelfHook ]; diff --git a/pkgs/applications/virtualization/docker/default.nix b/pkgs/applications/virtualization/docker/default.nix index c622bf18d993..5be14107857d 100644 --- a/pkgs/applications/virtualization/docker/default.nix +++ b/pkgs/applications/virtualization/docker/default.nix @@ -86,7 +86,7 @@ rec { }; preBuild = '' - substituteInPlace Makefile --replace-warn "/bin/bash" "${lib.getExe bash}" + substituteInPlace Makefile --replace-warn "/bin/bash" "${stdenv.shell}" ''; # docker/runc already include these patches / are not applicable diff --git a/pkgs/by-name/af/affine/package.nix b/pkgs/by-name/af/affine/package.nix index 2bf2698ea3b7..c069ac1a5437 100644 --- a/pkgs/by-name/af/affine/package.nix +++ b/pkgs/by-name/af/affine/package.nix @@ -4,9 +4,9 @@ stdenvNoCC, fetchFromGitHub, rustPlatform, - electron_34, + electron_35, nodejs_22, - yarn-berry, + yarn-berry_4, cacert, writableTmpDirAsHomeHook, cargo, @@ -17,12 +17,12 @@ jq, copyDesktopItems, makeWrapper, + llvmPackages, + apple-sdk_15, makeDesktopItem, nix-update-script, buildType ? "stable", commandLineArgs ? "", - llvmPackages, - apple-sdk_15, }: let hostPlatform = stdenvNoCC.hostPlatform; @@ -34,21 +34,21 @@ let } .${hostPlatform.parsed.cpu.name} or (throw "affine(${buildType}): unsupported CPU family ${hostPlatform.parsed.cpu.name}"); - electron = electron_34; + electron = electron_35; nodejs = nodejs_22; - yarn = yarn-berry.override { inherit nodejs; }; + yarn-berry = yarn-berry_4.override { inherit nodejs; }; productName = if buildType != "stable" then "AFFiNE-${buildType}" else "AFFiNE"; binName = lib.toLower productName; in stdenv.mkDerivation (finalAttrs: { pname = binName; - version = "0.21.4"; + version = "0.21.6"; src = fetchFromGitHub { owner = "toeverything"; repo = "AFFiNE"; tag = "v${finalAttrs.version}"; - hash = "sha256-Xd8b+JXL46r9Jv5Uv5wdtvSKwnHafEo52v1aERmyxrI="; + hash = "sha256-xiOfy3uskqYv5b0U2s1Zpc4/ydsRhhUd8M33IH0BJ10="; }; cargoDeps = rustPlatform.fetchCargoVendor { @@ -59,7 +59,7 @@ stdenv.mkDerivation (finalAttrs: { name = "yarn-offline-cache"; inherit (finalAttrs) src; nativeBuildInputs = [ - yarn + yarn-berry cacert writableTmpDirAsHomeHook ]; @@ -98,7 +98,7 @@ stdenv.mkDerivation (finalAttrs: { ''; dontInstall = true; outputHashMode = "recursive"; - outputHash = "sha256-w9Lz8wFq34VXInoE5pUeg1B7N92D+TnBWbL2qJ/q8ik="; + outputHash = "sha256-XpVygLwK/vjQJ5cDckIRM3Uo5hcahTz/XV1WjBQmOac="; }; buildInputs = lib.optionals hostPlatform.isDarwin [ @@ -108,7 +108,7 @@ stdenv.mkDerivation (finalAttrs: { nativeBuildInputs = [ nodejs - yarn + yarn-berry cargo rustc findutils diff --git a/pkgs/by-name/ch/charge-lnd/package.nix b/pkgs/by-name/ch/charge-lnd/package.nix index 2defe92c7aa0..ba1b058ad1ba 100644 --- a/pkgs/by-name/ch/charge-lnd/package.nix +++ b/pkgs/by-name/ch/charge-lnd/package.nix @@ -7,13 +7,13 @@ python3Packages.buildPythonApplication rec { pname = "charge-lnd"; - version = "0.2.13"; + version = "0.3.0"; src = fetchFromGitHub { owner = "accumulator"; repo = "charge-lnd"; tag = "v${version}"; - hash = "sha256-mNU8bhiZqvYbNUU8vJNk9WbpAVrCTi9Fy3hlIpb06ac="; + hash = "sha256-a/zIEA2oF1+BoZXk4YDWx69eVFSnANUE/F+ARI/VsXU="; }; propagatedBuildInputs = with python3Packages; [ diff --git a/pkgs/by-name/cm/cmctl/package.nix b/pkgs/by-name/cm/cmctl/package.nix index 7f72b847e4d8..c1c7bdc16b41 100644 --- a/pkgs/by-name/cm/cmctl/package.nix +++ b/pkgs/by-name/cm/cmctl/package.nix @@ -9,24 +9,20 @@ buildGoModule rec { pname = "cmctl"; - version = "1.14.7"; + version = "2.2.0"; src = fetchFromGitHub { owner = "cert-manager"; - repo = "cert-manager"; + repo = "cmctl"; rev = "v${version}"; - hash = "sha256-ZvrR8k1jiyAMUKM9VA6vKH2uhMKnd22OQe08CIlxXjs="; + hash = "sha256-Kr7vwVW6v08QRbJDs2u0vK241ljNfhLVYIQCBl31QSs="; }; - sourceRoot = "${src.name}/cmd/ctl"; - - vendorHash = "sha256-qaSzAPNVe25Fbbfqy0OFFnMJ21IlWuoJKwnT7y2wmOs="; + vendorHash = "sha256-D83Ufpa7PLQWBCHX5d51me3aYprGzc9RoKVma2Ax1Is="; ldflags = [ "-s" "-w" - "-X github.com/cert-manager/cert-manager/cmd/ctl/pkg/build.name=cmctl" - "-X github.com/cert-manager/cert-manager/cmd/ctl/pkg/build/commands.registerCompletion=true" "-X github.com/cert-manager/cert-manager/pkg/util.AppVersion=v${version}" "-X github.com/cert-manager/cert-manager/pkg/util.AppGitCommit=${src.rev}" ]; @@ -35,24 +31,23 @@ buildGoModule rec { installShellFiles ]; - # Trusted by this computer: no: x509: “cert-manager” certificate is not trusted + checkPhase = '' + go test --race $(go list ./... | grep -v /test/) + ''; + + # Trusted by this computer: no: x509: “cert-manager” certificate is not + # trusted doCheck = !stdenv.hostPlatform.isDarwin; - postInstall = - '' - mv $out/bin/ctl $out/bin/cmctl - '' - + lib.optionalString (stdenv.buildPlatform.canExecute stdenv.hostPlatform) '' - installShellCompletion --cmd cmctl \ + postInstall = lib.optionalString (stdenv.buildPlatform.canExecute stdenv.hostPlatform) '' + installShellCompletion --cmd cmctl \ --bash <($out/bin/cmctl completion bash) \ --fish <($out/bin/cmctl completion fish) \ --zsh <($out/bin/cmctl completion zsh) - ''; - - passthru.updateScript = nix-update-script { }; + ''; meta = with lib; { - description = "CLI tool for managing cert-manager service on Kubernetes clusters"; + description = "Command line utility to interact with a cert-manager instalation on Kubernetes"; mainProgram = "cmctl"; longDescription = '' cert-manager adds certificates and certificate issuers as resource types @@ -63,8 +58,11 @@ buildGoModule rec { Let's Encrypt, HashiCorp Vault, and Venafi as well as private PKI, and it ensures certificates remain valid and up to date, attempting to renew certificates at an appropriate time before expiry. + + cmctl is a command line tool to help you manage cert-manager and its + resources inside your Kubernetes cluster. ''; - downloadPage = "https://github.com/cert-manager/cert-manager"; + downloadPage = "https://github.com/cert-manager/cmctl"; license = licenses.asl20; homepage = "https://cert-manager.io/"; maintainers = with maintainers; [ joshvanl ]; diff --git a/pkgs/by-name/cr/crosvm/package.nix b/pkgs/by-name/cr/crosvm/package.nix index 81eb4c519a75..2a9b2c75b167 100644 --- a/pkgs/by-name/cr/crosvm/package.nix +++ b/pkgs/by-name/cr/crosvm/package.nix @@ -21,19 +21,19 @@ rustPlatform.buildRustPackage { pname = "crosvm"; - version = "0-unstable-2025-04-25"; + version = "0-unstable-2025-05-06"; src = fetchgit { url = "https://chromium.googlesource.com/chromiumos/platform/crosvm"; - rev = "6b75e831de4d5f44a362142d25b77d9c4d7988aa"; - hash = "sha256-hqnzKFdjM32omoECKYTGkSukkpy837e44vMMnN5B05I="; + rev = "55ea45ba0b2b95b49287e5498fb46b74f7a83ac6"; + hash = "sha256-i9p3UFtGSbSAlup2h/UpXBGy4huFbpeKegTMMB+I5us="; fetchSubmodules = true; }; separateDebugInfo = true; useFetchCargoVendor = true; - cargoHash = "sha256-A5yHGG5KEsSUlDb+m+R6NnKEvReClPaGRxWjNjXlgys="; + cargoHash = "sha256-23F0WU//4xvP9xffxr+cQa0m0sSJjcWyz+usKBpDg20="; nativeBuildInputs = [ pkg-config diff --git a/pkgs/by-name/di/diffoscope/package.nix b/pkgs/by-name/di/diffoscope/package.nix index 39f83389db5d..f6227f3edea0 100644 --- a/pkgs/by-name/di/diffoscope/package.nix +++ b/pkgs/by-name/di/diffoscope/package.nix @@ -106,11 +106,11 @@ in # Note: when upgrading this package, please run the list-missing-tools.sh script as described below! python.pkgs.buildPythonApplication rec { pname = "diffoscope"; - version = "294"; + version = "295"; src = fetchurl { url = "https://diffoscope.org/archive/diffoscope-${version}.tar.bz2"; - hash = "sha256-9LwP/IL58OdKlB9X4zo0HDEG3nuR6HOBZmSp5166N6E="; + hash = "sha256-BxyE14vXS7lGFwWsruDAcdXMRsoETFwXPQxfMpSh1+E="; }; outputs = [ diff --git a/pkgs/by-name/di/disko/package.nix b/pkgs/by-name/di/disko/package.nix index 1a6c9b2305ff..43fefc03b2a6 100644 --- a/pkgs/by-name/di/disko/package.nix +++ b/pkgs/by-name/di/disko/package.nix @@ -12,12 +12,12 @@ stdenvNoCC.mkDerivation (finalAttrs: { pname = "disko"; - version = "1.11.0"; + version = "1.12.0"; src = fetchFromGitHub { owner = "nix-community"; repo = "disko"; rev = "v${finalAttrs.version}"; - hash = "sha256-ItkIZyebGvNH2dK9jVGzJHGPtb6BSWLN8Gmef16NeY0="; + hash = "sha256-eDoSOhxGEm2PykZFa/x9QG5eTH0MJdiJ9aR00VAofXE="; }; nativeBuildInputs = [ makeWrapper ]; buildInputs = [ bash ]; diff --git a/pkgs/by-name/dr/dropbear/package.nix b/pkgs/by-name/dr/dropbear/package.nix index 7b031d051e80..06c2117bf19f 100644 --- a/pkgs/by-name/dr/dropbear/package.nix +++ b/pkgs/by-name/dr/dropbear/package.nix @@ -20,11 +20,11 @@ in stdenv.mkDerivation rec { pname = "dropbear"; - version = "2025.87"; + version = "2025.88"; src = fetchurl { url = "https://matt.ucc.asn.au/dropbear/releases/dropbear-${version}.tar.bz2"; - sha256 = "sha256-c4t/NYVH8MZMPhpWu8XvmNNNnsat+czfAdwL8sqivI0="; + sha256 = "sha256-eD9Q6iexfBbaiVePr9tt7PpEu49lkOVpik5NNnLcU9Q="; }; CFLAGS = lib.pipe (lib.attrNames dflags) [ diff --git a/pkgs/by-name/ec/ecspresso/package.nix b/pkgs/by-name/ec/ecspresso/package.nix index ef5db5c4455e..e4701eaa5d26 100644 --- a/pkgs/by-name/ec/ecspresso/package.nix +++ b/pkgs/by-name/ec/ecspresso/package.nix @@ -7,20 +7,20 @@ buildGoModule rec { pname = "ecspresso"; - version = "2.4.6"; + version = "2.5.0"; src = fetchFromGitHub { owner = "kayac"; repo = "ecspresso"; tag = "v${version}"; - hash = "sha256-tpTtGU0tqBuRu61jtEdK+/JbJsWdVEks1iKCsne9sQQ="; + hash = "sha256-j0vSDOWAnYhHV0+LXULX+5pHxGl4QCRREqir2ak00rY="; }; subPackages = [ "cmd/ecspresso" ]; - vendorHash = "sha256-P5qx6rNFzyKA4L/bAIsdzL1McGkeRF/5ah0gRx1lBZk="; + vendorHash = "sha256-Y3Oxmk2nmZUGHzvSn0Wxp9ApPNy0x2fbYB3agZmCL8U="; ldflags = [ "-s" diff --git a/pkgs/by-name/fo/forgejo-cli/package.nix b/pkgs/by-name/fo/forgejo-cli/package.nix index 9d6b7cc7b90e..e53172ef4e48 100644 --- a/pkgs/by-name/fo/forgejo-cli/package.nix +++ b/pkgs/by-name/fo/forgejo-cli/package.nix @@ -9,7 +9,7 @@ zlib, }: let - version = "0.2.0"; + version = "0.3.0"; in rustPlatform.buildRustPackage { pname = "forgejo-cli"; @@ -20,11 +20,11 @@ rustPlatform.buildRustPackage { owner = "Cyborus"; repo = "forgejo-cli"; rev = "v${version}"; - hash = "sha256-rHyPncAARIPakkv2/CD1/aF2G5AS9bb3T2x8QCQWl5o="; + hash = "sha256-8KPR7Fx26hj5glKDjczCLP6GgQBUsA5TpjhO5UZOpik="; }; useFetchCargoVendor = true; - cargoHash = "sha256-PkKinAZrZ+v1/eygiPis4F7EJnmjYfeQFPKfGpza0yA="; + cargoHash = "sha256-kW7Pexydkosaufk1e8P5FaY+dgkeeTG5qgJxestWkVs="; nativeBuildInputs = [ pkg-config ]; diff --git a/pkgs/by-name/fr/freediameter/package.nix b/pkgs/by-name/fr/freediameter/package.nix new file mode 100644 index 000000000000..594de4833189 --- /dev/null +++ b/pkgs/by-name/fr/freediameter/package.nix @@ -0,0 +1,52 @@ +{ + lib, + stdenv, + fetchFromGitHub, + bison, + cmake, + flex, + pkg-config, + gnutls, + libgcrypt, + libidn2, + lksctp-tools, + unstableGitUpdater, +}: +stdenv.mkDerivation (finalAttrs: { + pname = "freediameter"; + version = "1.5.0-unstable-2025-03-16"; + + src = fetchFromGitHub { + owner = "freeDiameter"; + repo = "freeDiameter"; + rev = "8e525acdfd439995f3e8e26d5a802fc4ad95d24c"; + hash = "sha256-ai2R8scP++tdPh303RAl0qdIpehzFoyykAuAyl2w3MA="; + }; + + strictDeps = true; + + nativeBuildInputs = [ + bison + cmake + flex + pkg-config + ]; + + buildInputs = [ + gnutls + libgcrypt + libidn2 + lksctp-tools + ]; + + passthru.updateScript = unstableGitUpdater { }; + + meta = { + description = "Implementation of the Diameter Protocol"; + homepage = "https://github.com/freeDiameter/freeDiameter"; + license = lib.licenses.bsd3; + platforms = lib.platforms.unix; + teams = with lib.teams; [ ngi ]; + maintainers = with lib.maintainers; [ ]; + }; +}) diff --git a/pkgs/by-name/gh/gh-dash/package.nix b/pkgs/by-name/gh/gh-dash/package.nix index b739d8d357ce..e34be51f4599 100644 --- a/pkgs/by-name/gh/gh-dash/package.nix +++ b/pkgs/by-name/gh/gh-dash/package.nix @@ -8,16 +8,16 @@ buildGoModule rec { pname = "gh-dash"; - version = "4.12.0"; + version = "4.15.0"; src = fetchFromGitHub { owner = "dlvhdr"; repo = "gh-dash"; rev = "v${version}"; - hash = "sha256-qtSJbp9BGX4669fl/B1Z6rGG3432Nj1IQ+aYfIE9W50="; + hash = "sha256-NTKU3/omeeeKy5XhGjeylwHrLrU6xWiOpXC1j6q6ZaA="; }; - vendorHash = "sha256-7s+Lp8CHo1+h2TmbTOcAGZORK+/1wytk4nv9fgD2Mhw="; + vendorHash = "sha256-9EuPq8leSf4K+HZUoUh4gNe8/ZV3g1WXSTXYWawHd14="; ldflags = [ "-s" diff --git a/pkgs/by-name/go/go-away/package.nix b/pkgs/by-name/go/go-away/package.nix new file mode 100644 index 000000000000..1635ce9ef6f0 --- /dev/null +++ b/pkgs/by-name/go/go-away/package.nix @@ -0,0 +1,71 @@ +{ + lib, + buildGoModule, + fetchFromGitea, + + # asset compression + brotli, + zopfli, + + # wasm compilation + clang, + tinygo, +}: + +buildGoModule (finalAttrs: { + pname = "go-away"; + version = "0.6.0"; + + src = fetchFromGitea { + domain = "git.gammaspectra.live"; + owner = "git"; + repo = "go-away"; + tag = "v${finalAttrs.version}"; + hash = "sha256-txHS7KljO7t/VoRonsELPo8cELxpaDmQmD24Ta+kPMw="; + }; + + vendorHash = "sha256-bSIG7m7f/dexJeGbvCLSGCWZNEXXqrUdI1ArZuOBoeA="; + + nativeBuildInputs = [ + # build-compress.sh + brotli + zopfli + + # build-wasm.sh + clang + tinygo + ]; + + postPatch = '' + patchShebangs *.sh + ''; + + preBuild = '' + ./build-compress.sh + + # build-wasm.sh + export HOME=$(mktemp -d) + go generate -v ./... + ''; + + subPackages = [ + "cmd/go-away" + ]; + + meta = { + changelog = "https://git.gammaspectra.live/git/go-away/releases/tag/${finalAttrs.src.tag}"; + description = "Self-hosted abuse detection and rule enforcement against low-effort mass AI scraping and bots"; + longDescription = '' + go-away sits in between your site and the Internet / upstream proxy. + + Incoming requests can be selected by rules to be actioned or challenged to filter suspicious requests. + + The tool is designed highly flexible so the operator can minimize impact to legit users, while surgically targeting heavy endpoints or scrapers. + + Challenges can be transparent (not shown to user, depends on backend or other logic), non-JavaScript (challenges common browser properties), or custom JavaScript (from Proof of Work to fingerprinting or Captcha is supported) + ''; + homepage = "https://git.gammaspectra.live/git/go-away"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ hexa ]; + }; +}) diff --git a/pkgs/by-name/go/godns/package.nix b/pkgs/by-name/go/godns/package.nix index 58ce85ef38d3..2be81152c9a5 100644 --- a/pkgs/by-name/go/godns/package.nix +++ b/pkgs/by-name/go/godns/package.nix @@ -10,19 +10,19 @@ buildGoModule rec { pname = "godns"; - version = "3.2.3"; + version = "3.2.4"; src = fetchFromGitHub { owner = "TimothyYe"; repo = "godns"; tag = "v${version}"; - hash = "sha256-gKfuyw3cayDNHW2RrPaq1+vETDWyu5yxoiQvmRquwDU="; + hash = "sha256-Uf+V6A5Q1gQQn+hJUUwmeaGve8364Lui2dMeCzkkeTQ="; }; - vendorHash = "sha256-3HN67FUtLfIF/V/Ax/UsFD/hmm1g+MsAZkQsZ/DvEcI="; + vendorHash = "sha256-PrXi460v7ooBhFooLw14tMDvLvEzIYt+4Y+36BYdWzA="; npmDeps = fetchNpmDeps { src = "${src}/web"; - hash = "sha256-wumu3uTzZh4uXlxaDfS8rxWapjkKnzCQGk3izH242qc="; + hash = "sha256-+a5IrJLamuNmwGhPIA7JKvgm6COnYre6bPuAv1PgGns="; }; npmRoot = "web"; diff --git a/pkgs/applications/file-managers/krusader/default.nix b/pkgs/by-name/kr/krusader/package.nix similarity index 78% rename from pkgs/applications/file-managers/krusader/default.nix rename to pkgs/by-name/kr/krusader/package.nix index cd3dc3be2b47..a7fe7112ad47 100644 --- a/pkgs/applications/file-managers/krusader/default.nix +++ b/pkgs/by-name/kr/krusader/package.nix @@ -3,17 +3,8 @@ stdenv, fetchurl, extra-cmake-modules, - kdoctools, - karchive, - kconfig, - kcrash, - kguiaddons, - kparts, - kwindowsystem, cmake, - wrapQtAppsHook, - qt5compat, - kstatusnotifieritem, + kdePackages, }: stdenv.mkDerivation rec { @@ -28,11 +19,11 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ cmake extra-cmake-modules - kdoctools - wrapQtAppsHook + kdePackages.kdoctools + kdePackages.wrapQtAppsHook ]; - propagatedBuildInputs = [ + propagatedBuildInputs = with kdePackages; [ karchive kconfig kcrash diff --git a/pkgs/by-name/li/libnop/001-system-install.patch b/pkgs/by-name/li/libnop/001-system-install.patch new file mode 100644 index 000000000000..c97e47e207e4 --- /dev/null +++ b/pkgs/by-name/li/libnop/001-system-install.patch @@ -0,0 +1,89 @@ +From ae29a8772f38fdb1efc24af9ec2e3f6814eb2158 Mon Sep 17 00:00:00 2001 +From: Petr Hodina +Date: Sun, 4 May 2025 09:30:55 +0200 +Subject: [PATCH] Makefile: Add install into the system + +--- + Makefile | 44 ++++++++++++++++++++++++++++++++++++++++++++ + libnop.pc.in | 7 +++++++ + 2 files changed, 51 insertions(+) + create mode 100644 libnop.pc.in + +diff --git a/Makefile b/Makefile +index 84cb459..e5b8a67 100644 +--- a/Makefile ++++ b/Makefile +@@ -1,5 +1,7 @@ + what_to_build:: all + ++VERSION ?= 0-unstable-2022-09-04 ++ + -include local.mk + + TOOLCHAIN ?= +@@ -17,6 +19,12 @@ HOST_CFLAGS := -g -O2 -Wall -Werror -Wextra -Iinclude + HOST_CXXFLAGS := -std=c++14 + HOST_LDFLAGS := + ++# Define install locations in the system ++INSTALL_PREFIX ?= /usr/local ++INCLUDE_INSTALL_DIR ?= $(INSTALL_PREFIX)/include/ ++PKGCONFIG_INSTALL_DIR ?= $(INSTALL_PREFIX)/lib/pkgconfig ++CMAKE_CONFIG_INSTALL_DIR ?= $(INSTALL_PREFIX)/lib/cmake/libnop ++ + ifeq ($(HOST_OS),Linux) + HOST_LDFLAGS := -lpthread + endif +@@ -138,3 +146,39 @@ all:: $(ALL) + # we generate .d as a side-effect of compiling. override generic rule: + %.d: + -include $(DEPS) ++ ++# Handle install into the system ++.PHONY: install install-pkgconfig install-cmake ++ ++install: install-headers install-pkgconfig install-cmake ++ ++install-headers: ++ @echo "Installing headers to $(INCLUDE_INSTALL_DIR)" ++ mkdir -p $(INCLUDE_INSTALL_DIR) ++ cp -r include/* $(INCLUDE_INSTALL_DIR) ++ ++install-pkgconfig: $(OUT)/libnop.pc ++ @echo "Installing pkg-config file to $(PKGCONFIG_INSTALL_DIR)" ++ mkdir -p $(PKGCONFIG_INSTALL_DIR) ++ cp $< $(PKGCONFIG_INSTALL_DIR) ++ ++PC_TEMPLATE := libnop.pc.in ++ ++$(OUT)/libnop.pc: $(PC_TEMPLATE) ++ mkdir -p $(dir $@) ++ sed \ ++ -e 's|@prefix@|$(INSTALL_PREFIX)|g' \ ++ -e 's|@includedir@|$(INSTALL_PREFIX)/include|g' \ ++ -e 's|@version@|$(VERSION)|g' \ ++ $< > $@ ++ ++install-cmake: $(OUT)/libnopConfig.cmake ++ @echo "Installing CMake config to $(CMAKE_CONFIG_INSTALL_DIR)" ++ mkdir -p $(CMAKE_CONFIG_INSTALL_DIR) ++ cp $< $(CMAKE_CONFIG_INSTALL_DIR) ++ ++$(OUT)/libnopConfig.cmake: ++ mkdir -p $(dir $@) ++ echo "set(LIBNOP_INCLUDE_DIR \"$(INCLUDE_INSTALL_DIR)\")" > $@ ++ echo "set(LIBNOP_FOUND TRUE)" >> $@ ++ echo "mark_as_advanced(LIBNOP_INCLUDE_DIR)" >> $@ +diff --git a/libnop.pc.in b/libnop.pc.in +new file mode 100644 +index 0000000..8c5475b +--- /dev/null ++++ b/libnop.pc.in +@@ -0,0 +1,7 @@ ++prefix=@prefix@ ++includedir=@includedir@ ++ ++Name: libnop ++Description: Header-only C++ Native Object Protocols library ++Version: @version@ ++Cflags: -I${includedir} diff --git a/pkgs/by-name/li/libnop/002-fix-template-warning.patch b/pkgs/by-name/li/libnop/002-fix-template-warning.patch new file mode 100644 index 000000000000..9c9001586d1f --- /dev/null +++ b/pkgs/by-name/li/libnop/002-fix-template-warning.patch @@ -0,0 +1,54 @@ +From 199978a0fb0dc31de43b80f7504b53958fd202ee Mon Sep 17 00:00:00 2001 +From: Petr Hodina +Date: Sun, 4 May 2025 09:58:20 +0200 +Subject: [PATCH] C++: Fix compilation issue + -Wno-missing-template-arg-list-after-template-kw + +--- + include/nop/rpc/interface.h | 2 +- + include/nop/types/variant.h | 6 +++--- + 2 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/include/nop/rpc/interface.h b/include/nop/rpc/interface.h +index 167d203..9772d06 100644 +--- a/include/nop/rpc/interface.h ++++ b/include/nop/rpc/interface.h +@@ -245,7 +245,7 @@ struct InterfaceMethod { + template + static void Invoke(Sender* sender, Status* return_value, + Args... args) { +- sender->NOP_TEMPLATE SendMethod(InterfaceMethod::Selector, return_value, ++ sender->NOP_TEMPLATE SendMethod<>(InterfaceMethod::Selector, return_value, + std::forward_as_tuple(args...)); + } + +diff --git a/include/nop/types/variant.h b/include/nop/types/variant.h +index fdf8e03..af8c81e 100644 +--- a/include/nop/types/variant.h ++++ b/include/nop/types/variant.h +@@ -239,7 +239,7 @@ class Variant { + // resulting type. + template + void Construct(Args&&... args) { +- index_ = value_.NOP_TEMPLATE Construct(std::forward(args)...); ++ index_ = value_.NOP_TEMPLATE Construct<>(std::forward(args)...); + } + void Construct(EmptyVariant) {} + +@@ -256,14 +256,14 @@ class Variant { + // multiple element types. + template + void Assign(TypeTag, U&& value) { +- if (!value_.NOP_TEMPLATE Assign(TypeTag{}, index_, std::forward(value))) { ++ if (!value_.NOP_TEMPLATE Assign<>(TypeTag{}, index_, std::forward(value))) { + Destruct(); + Construct(TypeTag{}, std::forward(value)); + } + } + template + void Assign(T&& value) { +- if (!value_.NOP_TEMPLATE Assign(index_, std::forward(value))) { ++ if (!value_.NOP_TEMPLATE Assign<>(index_, std::forward(value))) { + Destruct(); + Construct(std::forward(value)); + } diff --git a/pkgs/by-name/li/libnop/package.nix b/pkgs/by-name/li/libnop/package.nix new file mode 100644 index 000000000000..09cba2b2404c --- /dev/null +++ b/pkgs/by-name/li/libnop/package.nix @@ -0,0 +1,47 @@ +{ + lib, + stdenv, + fetchpatch, + fetchFromGitHub, + gtest, +}: + +stdenv.mkDerivation (finalAttrs: { + pname = "libnop"; + version = "0-unstable-2022-09-04"; + + src = fetchFromGitHub { + owner = "luxonis"; + repo = "libnop"; + rev = "ab842f51dc2eb13916dc98417c2186b78320ed10"; + sha256 = "sha256-d2z/lDI9pe5TR82MxGkR9bBMNXPvzqb9Gsd5jOv6x1A="; + }; + + patches = [ + # System install + # https://github.com/luxonis/libnop/pull/6/commits/ae29a8772f38fdb1efc24af9ec2e3f6814eb2158.patch + ./001-system-install.patch + # Fix template warning + # https://github.com/luxonis/libnop/pull/6/commits/199978a0fb0dc31de43b80f7504b53958fd202ee.patch + ./002-fix-template-warning.patch + ]; + + nativeBuildInputs = [ gtest ]; + + # Add optimization flags to address _FORTIFY_SOURCE warning + NIX_CFLAGS_COMPILE = [ "-O1" ]; + + installPhase = '' + runHook preInstall + make INSTALL_PREFIX=$out install + runHook postInstall + ''; + + meta = { + description = "A fast, header-only C++ serialization library"; + homepage = "https://github.com/google/libnop"; + license = lib.licenses.asl20; + platforms = lib.platforms.all; + maintainers = with lib.maintainers; [ phodina ]; + }; +}) diff --git a/pkgs/by-name/ma/mapproxy/package.nix b/pkgs/by-name/ma/mapproxy/package.nix index 0bfd23f1595d..1afe2d500365 100644 --- a/pkgs/by-name/ma/mapproxy/package.nix +++ b/pkgs/by-name/ma/mapproxy/package.nix @@ -7,14 +7,14 @@ python3Packages.buildPythonApplication rec { pname = "mapproxy"; - version = "4.0.2"; + version = "4.1.1"; disabled = python3Packages.pythonOlder "3.8"; src = fetchFromGitHub { owner = "mapproxy"; repo = "mapproxy"; tag = version; - hash = "sha256-2c9tYra6EM1eL+bk1Kg+HVy6oXRKWTJz4ZnZA7hX2HA="; + hash = "sha256-rsravNSmvx1/291VvfRm0Yx1eg32UJd+egeG4S2SNnk="; }; prePatch = '' diff --git a/pkgs/applications/file-managers/mc/default.nix b/pkgs/by-name/mc/mc/package.nix similarity index 95% rename from pkgs/applications/file-managers/mc/default.nix rename to pkgs/by-name/mc/mc/package.nix index 4174e5bc82e7..76e563bbbb21 100644 --- a/pkgs/applications/file-managers/mc/default.nix +++ b/pkgs/by-name/mc/mc/package.nix @@ -17,7 +17,7 @@ libssh2, openssl, coreutils, - autoSignDarwinBinariesHook, + darwin, x11Support ? true, libX11, @@ -42,7 +42,7 @@ stdenv.mkDerivation rec { # The preFixup hook rewrites the binary, which invaliates the code # signature. Add the fixup hook to sign the output. ++ lib.optionals (stdenv.hostPlatform.isDarwin && stdenv.hostPlatform.isAarch64) [ - autoSignDarwinBinariesHook + darwin.autoSignDarwinBinariesHook ]; buildInputs = @@ -104,7 +104,7 @@ stdenv.mkDerivation rec { homepage = "https://midnight-commander.org"; license = licenses.gpl3Plus; maintainers = with maintainers; [ sander ]; - platforms = with platforms; linux ++ darwin; + platforms = platforms.linux ++ platforms.darwin; mainProgram = "mc"; }; } diff --git a/pkgs/by-name/mk/mkclean/package.nix b/pkgs/by-name/mk/mkclean/package.nix index 14eee4aa21e6..ef63e7af3f91 100644 --- a/pkgs/by-name/mk/mkclean/package.nix +++ b/pkgs/by-name/mk/mkclean/package.nix @@ -1,45 +1,35 @@ { - dos2unix, - fetchurl, lib, stdenv, + fetchurl, + cmake, }: -stdenv.mkDerivation rec { +stdenv.mkDerivation (finalAttrs: { pname = "mkclean"; - version = "0.8.10"; - - hardeningDisable = [ "format" ]; - nativeBuildInputs = [ dos2unix ]; + version = "0.9.0"; src = fetchurl { - url = "mirror://sourceforge/matroska/${pname}-${version}.tar.bz2"; - sha256 = "0zbpi4sm68zb20d53kbss93fv4aafhcmz7dsd0zdf01vj1r3wxwn"; + url = "mirror://sourceforge/matroska/mkclean-${finalAttrs.version}.tar.bz2"; + hash = "sha256-L1zcqw4Jtl+f74lJpV7wDuPdcA5LQFDiRdRCNH18w9s="; }; - configurePhase = '' - dos2unix ./mkclean/configure.compiled - ./mkclean/configure.compiled + nativeBuildInputs = [ cmake ]; + + hardeningDisable = [ "format" ]; + + postInstall = '' + install -Dm0755 mkclean/mkclean $out/bin/mkclean ''; - buildPhase = '' - make -C mkclean - ''; - - installPhase = '' - mkdir -p $out/{bin,lib} - mv release/gcc_linux_*/*.* $out/lib - mv release/gcc_linux_*/* $out/bin - ''; - - meta = with lib; { + meta = { description = "Command line tool to clean and optimize Matroska (.mkv / .mka / .mks / .mk3d) and WebM (.webm / .weba) files that have already been muxed"; homepage = "https://www.matroska.org"; - license = licenses.bsdOriginal; - maintainers = with maintainers; [ cawilliamson ]; + license = lib.licenses.bsdOriginal; + maintainers = with lib.maintainers; [ cawilliamson ]; platforms = [ "i686-linux" "x86_64-linux" ]; }; -} +}) diff --git a/pkgs/by-name/nu/nuclei/package.nix b/pkgs/by-name/nu/nuclei/package.nix index 535e7be2055e..9a88f9316f7a 100644 --- a/pkgs/by-name/nu/nuclei/package.nix +++ b/pkgs/by-name/nu/nuclei/package.nix @@ -7,16 +7,16 @@ buildGoModule rec { pname = "nuclei"; - version = "3.4.2"; + version = "3.4.3"; src = fetchFromGitHub { owner = "projectdiscovery"; repo = "nuclei"; tag = "v${version}"; - hash = "sha256-p3coR11+1xFQF3flIxfEP6HqQOD7+gHuT0ysOSKQyzc="; + hash = "sha256-mrmuPSieC3Mf/TkxE6pZv/1adeN4Kj66W3CNQe9VfOg="; }; - vendorHash = "sha256-cT8ZDp1GSdlgMr0i23i2WAVRmSbhwZZa/RKNPezr9l0="; + vendorHash = "sha256-4owpHvF95qMaasx87G63eLS/2ah3ZiogqyYtug3rvig="; proxyVendor = true; # hash mismatch between Linux and Darwin diff --git a/pkgs/by-name/op/open-webui/package.nix b/pkgs/by-name/op/open-webui/package.nix index 6b980a19db67..cec370f058bd 100644 --- a/pkgs/by-name/op/open-webui/package.nix +++ b/pkgs/by-name/op/open-webui/package.nix @@ -8,13 +8,13 @@ }: let pname = "open-webui"; - version = "0.6.7"; + version = "0.6.9"; src = fetchFromGitHub { owner = "open-webui"; repo = "open-webui"; tag = "v${version}"; - hash = "sha256-4V0WhiVhjxYtbwDt+83AfkjJtQFew2P6i1sLtRL13lg="; + hash = "sha256-Eib5UpPPQHXHOBVWrsNH1eEJrF8Vx9XshGYUnnAehpM="; }; frontend = buildNpmPackage rec { @@ -30,7 +30,7 @@ let url = "https://github.com/pyodide/pyodide/releases/download/${pyodideVersion}/pyodide-${pyodideVersion}.tar.bz2"; }; - npmDepsHash = "sha256-kOqfYAMkpiT2d79fpH1ON5FQAuV1i3/PL9waQq/YR58="; + npmDepsHash = "sha256-Vcc8ExET53EVtNUhb4JoxYIUWoQ++rVTpxUPgcZ+GNI="; # Disabling `pyodide:fetch` as it downloads packages during `buildPhase` # Until this is solved, running python packages from the browser will not work. diff --git a/pkgs/by-name/op/opengamepadui/package.nix b/pkgs/by-name/op/opengamepadui/package.nix index 00ed2c02d1a6..497f1e03eda1 100644 --- a/pkgs/by-name/op/opengamepadui/package.nix +++ b/pkgs/by-name/op/opengamepadui/package.nix @@ -1,6 +1,5 @@ { alsa-lib, - autoPatchelfHook, cargo, dbus, fetchFromGitHub, @@ -43,34 +42,12 @@ stdenv.mkDerivation (finalAttrs: { cargoRoot = "extensions"; nativeBuildInputs = [ - autoPatchelfHook cargo godot_4_4 - godot_4_4.export-templates-bin pkg-config rustPlatform.cargoSetupHook ]; - runtimeDependencies = [ - alsa-lib - dbus - gamescope - hwdata - libGL - libpulseaudio - mesa-demos - udev - upower - vulkan-loader - xorg.libX11 - xorg.libXcursor - xorg.libXext - xorg.libXi - xorg.libXrandr - xorg.libXres - xorg.libXtst - ]; - dontStrip = withDebug; env = @@ -81,7 +58,7 @@ stdenv.mkDerivation (finalAttrs: { GODOT = lib.getExe godot_4_4; GODOT_VERSION = lib.elemAt versionAndRelease 0; GODOT_RELEASE = lib.elemAt versionAndRelease 1; - EXPORT_TEMPLATE = "${godot_4_4.export-templates-bin}"; + EXPORT_TEMPLATE = "${godot_4_4.export-template}/share/godot/export_templates"; BUILD_TYPE = "${finalAttrs.buildType}"; }; @@ -92,15 +69,26 @@ stdenv.mkDerivation (finalAttrs: { preBuild = '' # Godot looks for export templates in HOME export HOME=$(mktemp -d) - mkdir -p $HOME/.local/share/godot/export_templates - ln -s "${godot_4_4.export-templates-bin}" "$HOME/.local/share/godot/export_templates/$GODOT_VERSION.$GODOT_RELEASE" + mkdir -p $HOME/.local/share/godot/ + ln -s "$EXPORT_TEMPLATE" "$HOME"/.local/share/godot/ ''; - postInstall = '' - # The Godot binary looks in "../lib" for gdextensions - mkdir -p $out/share/lib - mv $out/share/opengamepadui/*.so $out/share/lib - ''; + postInstall = + let + runtimeDependencies = [ + gamescope + hwdata + mesa-demos + udev + upower + ]; + in + '' + # The Godot binary looks in "../lib" for gdextensions + mkdir -p $out/share/lib + mv $out/share/opengamepadui/*.so $out/share/lib + patchelf --add-rpath ${lib.makeLibraryPath runtimeDependencies} $out/share/lib/*.so + ''; passthru.updateScript = nix-update-script { }; diff --git a/pkgs/by-name/pi/pixelorama/package.nix b/pkgs/by-name/pi/pixelorama/package.nix index 5443e94a527d..2d4553403e37 100644 --- a/pkgs/by-name/pi/pixelorama/package.nix +++ b/pkgs/by-name/pi/pixelorama/package.nix @@ -1,20 +1,9 @@ { lib, stdenv, - alsa-lib, - autoPatchelfHook, fetchFromGitHub, godot_4_3, - libGL, - libpulseaudio, - libX11, - libXcursor, - libXext, - libXi, - libXrandr, nix-update-script, - udev, - vulkan-loader, }: let @@ -28,7 +17,6 @@ let or (throw "Unsupported system: ${stdenv.hostPlatform.system}"); godot = godot_4_3; - godot_version_folder = lib.replaceStrings [ "-" ] [ "." ] godot.version; in stdenv.mkDerivation (finalAttrs: { pname = "pixelorama"; @@ -44,29 +32,15 @@ stdenv.mkDerivation (finalAttrs: { strictDeps = true; nativeBuildInputs = [ - autoPatchelfHook godot ]; - runtimeDependencies = map lib.getLib [ - alsa-lib - libGL - libpulseaudio - libX11 - libXcursor - libXext - libXi - libXrandr - udev - vulkan-loader - ]; - buildPhase = '' runHook preBuild export HOME=$(mktemp -d) - mkdir -p $HOME/.local/share/godot/export_templates - ln -s "${godot.export-templates-bin}" "$HOME/.local/share/godot/export_templates/${godot_version_folder}" + mkdir -p $HOME/.local/share/godot/ + ln -s "${godot.export-template}"/share/godot/export_templates "$HOME"/.local/share/godot/ mkdir -p build godot4 --headless --export-release "${preset}" ./build/pixelorama diff --git a/pkgs/by-name/po/postgresqlTestHook/postgresql-test-hook.sh b/pkgs/by-name/po/postgresqlTestHook/postgresql-test-hook.sh index d09153b2d644..41762121882b 100644 --- a/pkgs/by-name/po/postgresqlTestHook/postgresql-test-hook.sh +++ b/pkgs/by-name/po/postgresqlTestHook/postgresql-test-hook.sh @@ -1,5 +1,5 @@ -preCheckHooks+=('postgresqlStart') -postCheckHooks+=('postgresqlStop') +preCheckHooks+=(postgresqlStart) +postCheckHooks+=(postgresqlStop) postgresqlStart() { @@ -69,6 +69,7 @@ EOF echo 'starting postgresql' eval "${postgresqlStartCommands:-pg_ctl start}" + failureHooks+=(postgresqlStop) echo 'setting up postgresql' eval "$postgresqlTestSetupCommands" @@ -80,4 +81,5 @@ EOF postgresqlStop() { echo 'stopping postgresql' pg_ctl stop + failureHooks=("${failureHooks[@]/postgresqlStop}") } diff --git a/pkgs/by-name/pr/prowler/package.nix b/pkgs/by-name/pr/prowler/package.nix index 9677e9f0ce03..fd3e9f85a90b 100644 --- a/pkgs/by-name/pr/prowler/package.nix +++ b/pkgs/by-name/pr/prowler/package.nix @@ -21,14 +21,14 @@ let in py.pkgs.buildPythonApplication rec { pname = "prowler"; - version = "5.5.1"; + version = "5.6.0"; pyproject = true; src = fetchFromGitHub { owner = "prowler-cloud"; repo = "prowler"; tag = version; - hash = "sha256-SljpmFZNfenLB+meJHjnGsnDCRBi+60/IMlJLWtBw7Q="; + hash = "sha256-+AZEeWvkG8abC44WmVjDzZ9BT+MrLp5+iLDOMmN0aN4="; }; pythonRelaxDeps = true; diff --git a/pkgs/by-name/q2/q2pro/package.nix b/pkgs/by-name/q2/q2pro/package.nix index 876f86337c99..d56ffd92ae7a 100644 --- a/pkgs/by-name/q2/q2pro/package.nix +++ b/pkgs/by-name/q2/q2pro/package.nix @@ -32,18 +32,18 @@ stdenv.mkDerivation (finalAttrs: rec { pname = "q2pro"; - version = "0-unstable-2025-04-27"; + version = "0-unstable-2025-05-03"; src = fetchFromGitHub { owner = "skullernet"; repo = "q2pro"; - rev = "9d3b9d1628a0fcd17eb1cf8bb65cff6d917c9a25"; - hash = "sha256-MyEAoBEASfB4MQdVTu6O8YcZCUWtuIijN34dpwsELPs="; + rev = "aba81ef8bc277e9a4e11733a449a29d07ea28c7a"; + hash = "sha256-5iUvHmqhB8X9ylTMS1va4qTnPCRPI4yOg2L0Qp2d9hE="; }; # build date and rev number is displayed in the game's console - revCount = "3812"; # git rev-list --count ${src.rev} - SOURCE_DATE_EPOCH = "1745703870"; # git show -s --format=%ct ${src.rev} + revCount = "3817"; # git rev-list --count ${src.rev} + SOURCE_DATE_EPOCH = "1746223027"; # git show -s --format=%ct ${src.rev} nativeBuildInputs = [ diff --git a/pkgs/by-name/ri/rio/package.nix b/pkgs/by-name/ri/rio/package.nix index 2a8edcb85d0a..4352cddce66e 100644 --- a/pkgs/by-name/ri/rio/package.nix +++ b/pkgs/by-name/ri/rio/package.nix @@ -53,17 +53,17 @@ let in rustPlatform.buildRustPackage rec { pname = "rio"; - version = "0.2.12"; + version = "0.2.14"; src = fetchFromGitHub { owner = "raphamorim"; repo = "rio"; rev = "v${version}"; - hash = "sha256-NAg8Hm90CxRt3rthFas8IyAjc1oj/PSRjjG/5R68CD8="; + hash = "sha256-ymu2t6J8s9SSGCc17ogNclVPgbQUeEJEqiR70LVsM9Q="; }; useFetchCargoVendor = true; - cargoHash = "sha256-myOZNiLdc9430jn5bSKtGmW4dY4yo7wt2Mf3dEQZaSs="; + cargoHash = "sha256-MXQDlA8FHZdgLmQtO6iFkxwftnq8EpIvprrO6zPK9BM="; nativeBuildInputs = [ diff --git a/pkgs/by-name/sp/spicy-parser-generator/package.nix b/pkgs/by-name/sp/spicy-parser-generator/package.nix index 41a2d44929e1..93bba9331cf3 100644 --- a/pkgs/by-name/sp/spicy-parser-generator/package.nix +++ b/pkgs/by-name/sp/spicy-parser-generator/package.nix @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { pname = "spicy"; - version = "1.12.0"; + version = "1.13.0"; strictDeps = true; @@ -20,7 +20,7 @@ stdenv.mkDerivation rec { owner = "zeek"; repo = "spicy"; rev = "v${version}"; - hash = "sha256-MLwBklSNLqx3LgNSFvo5p/MPyt/IlYGwvTbN1PJlims="; + hash = "sha256-BMypkuBmepuLmOXUjeG5hZhOXojjFodaZzZz5S+iBoE="; fetchSubmodules = true; }; diff --git a/pkgs/by-name/ti/tideways-cli/package.nix b/pkgs/by-name/ti/tideways-cli/package.nix index a262e0db8343..e937f5a2fe02 100644 --- a/pkgs/by-name/ti/tideways-cli/package.nix +++ b/pkgs/by-name/ti/tideways-cli/package.nix @@ -11,7 +11,7 @@ stdenvNoCC.mkDerivation (finalAttrs: { pname = "tideways-cli"; - version = "1.2.8"; + version = "1.2.10"; nativeBuildInputs = [ installShellFiles ]; @@ -38,19 +38,19 @@ stdenvNoCC.mkDerivation (finalAttrs: { sources = { "x86_64-linux" = fetchurl { url = "https://s3-eu-west-1.amazonaws.com/tideways/cli/${finalAttrs.version}/tideways-cli_linux_amd64-${finalAttrs.version}.tar.gz"; - hash = "sha256-eIgCUgyjGDJ1cPVJb3tuN45VrQGXegbcxUGYj4BRQ/k="; + hash = "sha256-dUWwX+0rDQce/AklrBU4ALRSmHbBnbQQGlUtfK+Foeg="; }; "aarch64-linux" = fetchurl { url = "https://s3-eu-west-1.amazonaws.com/tideways/cli/${finalAttrs.version}/tideways-cli_linux_arm64-${finalAttrs.version}.tar.gz"; - hash = "sha256-4g7zXmz5e9PjmWV5WHc3zmDkJQyn6lYvDHqqhGsTZeg="; + hash = "sha256-a/0H64NSJZG2ixJCeCAp1SD/2l6HGCT1oECTSsgfu2E="; }; "x86_64-darwin" = fetchurl { url = "https://s3-eu-west-1.amazonaws.com/tideways/cli/${finalAttrs.version}/tideways-cli_macos_amd64-${finalAttrs.version}.tar.gz"; - hash = "sha256-++B5ut7a4kIEJS5cRlG2q7QQzNH9VQh6K1JdFWAJ6Ns="; + hash = "sha256-B5K7CvBVdSpgRfPXxYraPIZwkwW/kxlkPmaDEy1cOuE="; }; "aarch64-darwin" = fetchurl { url = "https://s3-eu-west-1.amazonaws.com/tideways/cli/${finalAttrs.version}/tideways-cli_macos_arm64-${finalAttrs.version}.tar.gz"; - hash = "sha256-ot3MQhOYHow7gh92CmEw5nw7OLuBTHMnXP/4GPAo0k4="; + hash = "sha256-xstTc8y03uWmN33Oi8h7zmoMm4XtY8kl3taLlaJCYmk="; }; }; diff --git a/pkgs/by-name/ty/typos-lsp/package.nix b/pkgs/by-name/ty/typos-lsp/package.nix index 0268881d1da7..3aaf61196e42 100644 --- a/pkgs/by-name/ty/typos-lsp/package.nix +++ b/pkgs/by-name/ty/typos-lsp/package.nix @@ -7,17 +7,17 @@ rustPlatform.buildRustPackage rec { pname = "typos-lsp"; # Please update the corresponding VSCode extension too. # See pkgs/applications/editors/vscode/extensions/tekumara.typos-vscode/default.nix - version = "0.1.36"; + version = "0.1.37"; src = fetchFromGitHub { owner = "tekumara"; repo = "typos-lsp"; tag = "v${version}"; - hash = "sha256-TA0mWhHhTFBleybdpv3ypQmwYhqt1EKmWoDeKUiF9VI="; + hash = "sha256-+G4jOoC8AdCE5tEb7qN8cord/pe8Qsa/U1YpL0fWSeo="; }; useFetchCargoVendor = true; - cargoHash = "sha256-5G2hV1c063WKfc2Y8oW3OQdO2v0b8M6kfxf2NV+jMlA="; + cargoHash = "sha256-D3XmCPQYBbr5OwY62xigtYnHATSePZQnkGoUZWqGMR8="; # fix for compilation on aarch64 # see https://github.com/NixOS/nixpkgs/issues/145726 diff --git a/pkgs/by-name/ve/velocity/package.nix b/pkgs/by-name/ve/velocity/package.nix index c5ad981940d3..0440719e89f0 100644 --- a/pkgs/by-name/ve/velocity/package.nix +++ b/pkgs/by-name/ve/velocity/package.nix @@ -35,13 +35,13 @@ let in stdenv.mkDerivation (finalAttrs: { pname = "velocity"; - version = "3.4.0-unstable-2025-04-30"; + version = "3.4.0-unstable-2025-05-09"; src = fetchFromGitHub { owner = "PaperMC"; repo = "Velocity"; - rev = "b411a0fa09f76aec062921b77642828408f0099f"; - hash = "sha256-R61N4OxS5r4vtZC9IRGX1aizj6J5JB6nVP09+q1pyUo="; + rev = "e13c8c340f242d270b16ec6931d1ba94a9e8f1f3"; + hash = "sha256-CJVUEwYnpXDaYgXoi1Qk0uyB/CHM3UDQzQfhtDxDKdE="; }; nativeBuildInputs = diff --git a/pkgs/applications/file-managers/xfe/default.nix b/pkgs/by-name/xf/xfe/package.nix similarity index 100% rename from pkgs/applications/file-managers/xfe/default.nix rename to pkgs/by-name/xf/xfe/package.nix diff --git a/pkgs/by-name/ya/yanic/package.nix b/pkgs/by-name/ya/yanic/package.nix index 5ac0ff685481..ba627d664adc 100644 --- a/pkgs/by-name/ya/yanic/package.nix +++ b/pkgs/by-name/ya/yanic/package.nix @@ -7,16 +7,16 @@ buildGoModule rec { pname = "yanic"; - version = "1.6.2"; + version = "1.7.1"; src = fetchFromGitHub { owner = "FreifunkBremen"; repo = "yanic"; rev = "v${version}"; - hash = "sha256-z2vr1QmRCo8y4hopWP14xSV7lsWKkCzK9OehlVLFdIg="; + hash = "sha256-uqmojpwGFs6inhmKIztYlGFvUS8AjQIYTHSkZcGyEUo="; }; - vendorHash = "sha256-6UiiajKLzW5e7y0F6GMYDZP6xTyOiccLIKlwvOY7LRo="; + vendorHash = "sha256-UYrQwOyWlKxDH5hHKAZCxQbO+eA6JsPuG0SbkWMF/HQ="; ldflags = [ "-X github.com/FreifunkBremen/yanic/cmd.VERSION=${version}" diff --git a/pkgs/development/python-modules/aider-chat/default.nix b/pkgs/development/python-modules/aider-chat/default.nix index 6e898e581d96..72fe6f9f4a50 100644 --- a/pkgs/development/python-modules/aider-chat/default.nix +++ b/pkgs/development/python-modules/aider-chat/default.nix @@ -130,7 +130,7 @@ let ]; }; - version = "0.83.0"; + version = "0.83.1"; aider-chat = buildPythonPackage { pname = "aider-chat"; inherit version; @@ -143,7 +143,7 @@ let owner = "Aider-AI"; repo = "aider"; tag = "v${version}"; - hash = "sha256-hXKrjo/9Y3WLgluwEK2q123QcfBVA0ByEKaq8Rtd70E="; + hash = "sha256-2OHPqsS1znl7G4Z8mu8oKHNPdDr4YmSfGzXLylTgooE="; }; pythonRelaxDeps = true; diff --git a/pkgs/development/python-modules/pynina/default.nix b/pkgs/development/python-modules/pynina/default.nix index 2e36657010cd..d283ae30a624 100644 --- a/pkgs/development/python-modules/pynina/default.nix +++ b/pkgs/development/python-modules/pynina/default.nix @@ -3,20 +3,17 @@ aiohttp, buildPythonPackage, fetchPypi, - pythonOlder, setuptools, }: buildPythonPackage rec { pname = "pynina"; - version = "0.3.5"; + version = "0.3.6"; pyproject = true; - disabled = pythonOlder "3.7"; - src = fetchPypi { inherit pname version; - hash = "sha256-M+0gujriblTDj/qDmBnC4DlKjlZbbStsr7tep5HeNlg="; + hash = "sha256-w5iJXmOd0fqWIZnVG6zDop1t2h4B+4v0/EuwgS00LkA="; }; pythonRelaxDeps = [ "aiohttp" ]; @@ -33,7 +30,7 @@ buildPythonPackage rec { meta = with lib; { description = "Python API wrapper to retrieve warnings from the german NINA app"; homepage = "https://gitlab.com/DeerMaximum/pynina"; - changelog = "https://gitlab.com/DeerMaximum/pynina/-/releases/${version}"; + changelog = "https://gitlab.com/DeerMaximum/pynina/-/releases/v${version}"; license = licenses.mit; maintainers = with maintainers; [ fab ]; }; diff --git a/pkgs/development/tools/esbuild/default.nix b/pkgs/development/tools/esbuild/default.nix index 5b28fd230d7d..a8cddae3a432 100644 --- a/pkgs/development/tools/esbuild/default.nix +++ b/pkgs/development/tools/esbuild/default.nix @@ -6,13 +6,13 @@ buildGoModule rec { pname = "esbuild"; - version = "0.25.3"; + version = "0.25.4"; src = fetchFromGitHub { owner = "evanw"; repo = "esbuild"; rev = "v${version}"; - hash = "sha256-YYwvz6TCLAtVHsmXLGC+L/CQVAy5qSFU6JS1o5O5Zkg="; + hash = "sha256-fh+w8ZIWfNavZo6kBU8gKS6IwPXP3z+eXLDz3v6gVt4="; }; vendorHash = "sha256-+BfxCyg0KkDQpHt/wycy/8CTG6YBA/VJvJFhhzUnSiQ="; diff --git a/pkgs/development/tools/godot/4.3/default.nix b/pkgs/development/tools/godot/4.3/default.nix index 47f3bafbb2e6..314acfcdb99d 100644 --- a/pkgs/development/tools/godot/4.3/default.nix +++ b/pkgs/development/tools/godot/4.3/default.nix @@ -1,6 +1,11 @@ { version = "4.3-stable"; hash = "sha256-MzElflwXHWLgPtoOIhPLA00xX8eEdQsexZaGIEOzbj0="; - exportTemplatesHash = "sha256-XRnKii+eexIkbGf7bqc42SR0NBULFvgMdOpSRNNk6kg="; - nugetDeps = ./deps.json; + default = { + exportTemplatesHash = "sha256-9fENuvVqeQg0nmS5TqjCyTwswR+xAUyVZbaKK7Q3uSI="; + }; + mono = { + exportTemplatesHash = "sha256-pkDZfkJHiDtY05TGERwTNDES88SbuFfZVYb5hln6O+U="; + nugetDeps = ./deps.json; + }; } diff --git a/pkgs/development/tools/godot/4.4/default.nix b/pkgs/development/tools/godot/4.4/default.nix index 469d543f8494..90d403352170 100644 --- a/pkgs/development/tools/godot/4.4/default.nix +++ b/pkgs/development/tools/godot/4.4/default.nix @@ -1,6 +1,11 @@ { version = "4.4.1-stable"; hash = "sha256-O4TdPYu1K2zWKMBP/7xd0UPLDb7/4dBnkGM7QydD3Yo="; - exportTemplatesHash = "sha256-KV4sDBZPiMf7IORaNFR2uEK1midnyyjCUfG9hl6AwHY="; - nugetDeps = ./deps.json; + default = { + exportTemplatesHash = "sha256-eo0UreSJ/U0i8XgZMCH+iodqnlEGjtTd4m2sOuTFmog="; + }; + mono = { + exportTemplatesHash = "sha256-tk0WS5axndcXWhuj86blg+nU3FB7PRMzVj8ka1gRgj4="; + nugetDeps = ./deps.json; + }; } diff --git a/pkgs/development/tools/godot/CSharpLanguage-fix-crash-in-reload_assemblies-after-.patch b/pkgs/development/tools/godot/CSharpLanguage-fix-crash-in-reload_assemblies-after-.patch new file mode 100644 index 000000000000..b42f99dff966 --- /dev/null +++ b/pkgs/development/tools/godot/CSharpLanguage-fix-crash-in-reload_assemblies-after-.patch @@ -0,0 +1,30 @@ +From 42f89dd50dde0896d6c55282c82db9af41cd12d8 Mon Sep 17 00:00:00 2001 +From: David McFarland +Date: Wed, 26 Mar 2025 09:52:17 -0300 +Subject: [PATCH] CSharpLanguage: fix crash in reload_assemblies after editor + shutdown + +--- + modules/mono/csharp_script.cpp | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/modules/mono/csharp_script.cpp b/modules/mono/csharp_script.cpp +index 36c8a40ed9..2b161fb69b 100644 +--- a/modules/mono/csharp_script.cpp ++++ b/modules/mono/csharp_script.cpp +@@ -1001,8 +1001,10 @@ void CSharpLanguage::reload_assemblies(bool p_soft_reload) { + #ifdef TOOLS_ENABLED + // FIXME: Hack to refresh editor in order to display new properties and signals. See if there is a better alternative. + if (Engine::get_singleton()->is_editor_hint()) { +- InspectorDock::get_inspector_singleton()->update_tree(); +- NodeDock::get_singleton()->update_lists(); ++ if (InspectorDock::get_singleton()) ++ InspectorDock::get_inspector_singleton()->update_tree(); ++ if (NodeDock::get_singleton()) ++ NodeDock::get_singleton()->update_lists(); + } + #endif + } +-- +2.48.1 + diff --git a/pkgs/development/tools/godot/common.nix b/pkgs/development/tools/godot/common.nix index bab845d6af5d..40a4682bfd00 100644 --- a/pkgs/development/tools/godot/common.nix +++ b/pkgs/development/tools/godot/common.nix @@ -2,10 +2,14 @@ alsa-lib, autoPatchelfHook, buildPackages, + callPackage, dbus, dotnetCorePackages, + exportTemplatesHash, fetchFromGitHub, + fetchpatch, fontconfig, + glib, hash, installShellFiles, lib, @@ -22,6 +26,7 @@ libXrandr, libXrender, makeWrapper, + perl, pkg-config, runCommand, scons, @@ -30,10 +35,12 @@ stdenvNoCC, testers, udev, + updateScript, version, vulkan-loader, wayland, wayland-scanner, + withAlsa ? true, withDbus ? true, withFontconfig ? true, withMono ? false, @@ -42,7 +49,6 @@ withPrecision ? "single", withPulseaudio ? true, withSpeechd ? true, - withTarget ? "editor", withTouch ? true, withUdev ? true, # Wayland in Godot requires X11 until upstream fix is merged @@ -59,348 +65,525 @@ let k: v: if builtins.isString v then "${k}=${v}" else "${k}=${builtins.toJSON v}" ); - suffix = if withMono then "-mono" else ""; - arch = stdenv.hostPlatform.linuxArch; dotnet-sdk = dotnetCorePackages.sdk_8_0-source; - attrs = finalAttrs: rec { - pname = "godot4${suffix}"; - inherit version; + dottedVersion = lib.replaceStrings [ "-" ] [ "." ] version + lib.optionalString withMono ".mono"; - src = fetchFromGitHub { - owner = "godotengine"; - repo = "godot"; - tag = version; - inherit hash; - # Required for the commit hash to be included in the version number. - # - # `methods.py` reads the commit hash from `.git/HEAD` and manually follows - # refs. - # - # See also 'hash' in - # https://docs.godotengine.org/en/stable/classes/class_engine.html#class-engine-method-get-version-info - leaveDotGit = true; - # Only keep HEAD, because leaveDotGit is non-deterministic: - # https://github.com/NixOS/nixpkgs/issues/8567 - postFetch = '' - hash=$(git -C "$out" rev-parse HEAD) - rm -r "$out"/.git - mkdir "$out"/.git - echo "$hash" > "$out"/.git/HEAD - ''; - }; + attrsForTarget = + target: finalAttrs: + let + editor = target == "editor"; + suffix = lib.optionalString withMono "-mono" + lib.optionalString (!editor) "-template"; + binary = lib.concatStringsSep "." ( + [ + "godot" + withPlatform + target + ] + ++ lib.optional (withPrecision != "single") withPrecision + ++ [ arch ] + ++ lib.optional withMono "mono" + ); + in + rec { + pname = "godot${suffix}"; + inherit version; - outputs = [ - "out" - "man" - ]; - separateDebugInfo = true; - - # Set the build name which is part of the version. In official downloads, this - # is set to 'official'. When not specified explicitly, it is set to - # 'custom_build'. Other platforms packaging Godot (Gentoo, Arch, Flatpack - # etc.) usually set this to their name as well. - # - # See also 'methods.py' in the Godot repo and 'build' in - # https://docs.godotengine.org/en/stable/classes/class_engine.html#class-engine-method-get-version-info - BUILD_NAME = "nixpkgs"; - - preConfigure = lib.optionalString withMono '' - # TODO: avoid pulling in dependencies of windows-only project - dotnet sln modules/mono/editor/GodotTools/GodotTools.sln \ - remove modules/mono/editor/GodotTools/GodotTools.OpenVisualStudio/GodotTools.OpenVisualStudio.csproj - - dotnet restore modules/mono/glue/GodotSharp/GodotSharp.sln - dotnet restore modules/mono/editor/GodotTools/GodotTools.sln - dotnet restore modules/mono/editor/Godot.NET.Sdk/Godot.NET.Sdk.sln - ''; - - # From: https://github.com/godotengine/godot/blob/4.2.2-stable/SConstruct - sconsFlags = mkSconsFlagsFromAttrSet { - # Options from 'SConstruct' - precision = withPrecision; # Floating-point precision level - production = true; # Set defaults to build Godot for use in production - platform = withPlatform; - target = withTarget; - debug_symbols = true; - - # Options from 'platform/linuxbsd/detect.py' - dbus = withDbus; # Use D-Bus to handle screensaver and portal desktop settings - fontconfig = withFontconfig; # Use fontconfig for system fonts support - pulseaudio = withPulseaudio; # Use PulseAudio - speechd = withSpeechd; # Use Speech Dispatcher for Text-to-Speech support - touch = withTouch; # Enable touch events - udev = withUdev; # Use udev for gamepad connection callbacks - wayland = withWayland; # Compile with Wayland support - x11 = withX11; # Compile with X11 support - - module_mono_enabled = withMono; - - linkflags = "-Wl,--build-id"; - }; - - enableParallelBuilding = true; - - strictDeps = true; - - depsBuildBuild = lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ - buildPackages.stdenv.cc - pkg-config - ]; - - buildInputs = lib.optionals withMono dotnet-sdk.packages; - - nativeBuildInputs = - [ - autoPatchelfHook - installShellFiles - pkg-config - scons - ] - ++ lib.optionals withWayland [ wayland-scanner ] - ++ lib.optionals withMono [ - dotnet-sdk - makeWrapper - ]; - - postBuild = lib.optionalString withMono '' - echo "Generating Glue" - if [[ ${withPrecision} == *double* ]]; then - bin/godot.${withPlatform}.${withTarget}.${withPrecision}.${arch}.mono --headless --generate-mono-glue modules/mono/glue - else - bin/godot.${withPlatform}.${withTarget}.${arch}.mono --headless --generate-mono-glue modules/mono/glue - fi - echo "Building C#/.NET Assemblies" - python modules/mono/build_scripts/build_assemblies.py --godot-output-dir bin --precision=${withPrecision} - ''; - - runtimeDependencies = - [ - alsa-lib - libGL - vulkan-loader - ] - ++ lib.optionals withX11 [ - libX11 - libXcursor - libXext - libXfixes - libXi - libXinerama - libxkbcommon - libXrandr - libXrender - ] - ++ lib.optionals withWayland [ - libdecor - wayland - ] - ++ lib.optionals withDbus [ - dbus - dbus.lib - ] - ++ lib.optionals withFontconfig [ - fontconfig - fontconfig.lib - ] - ++ lib.optionals withPulseaudio [ libpulseaudio ] - ++ lib.optionals withSpeechd [ speechd-minimal ] - ++ lib.optionals withUdev [ udev ]; - - installPhase = - '' - runHook preInstall - - mkdir -p "$out/bin" - cp bin/godot.* $out/bin/godot4${suffix} - - installManPage misc/dist/linux/godot.6 - - mkdir -p "$out"/share/{applications,icons/hicolor/scalable/apps} - cp misc/dist/linux/org.godotengine.Godot.desktop "$out/share/applications/org.godotengine.Godot4${suffix}.desktop" - substituteInPlace "$out/share/applications/org.godotengine.Godot4${suffix}.desktop" \ - --replace "Exec=godot" "Exec=$out/bin/godot4${suffix}" \ - --replace "Godot Engine" "Godot Engine 4" - cp icon.svg "$out/share/icons/hicolor/scalable/apps/godot.svg" - cp icon.png "$out/share/icons/godot.png" - '' - + lib.optionalString withMono '' - cp -r bin/GodotSharp/ $out/bin/ - wrapProgram $out/bin/godot4${suffix} \ - --set DOTNET_ROOT ${dotnet-sdk} \ - --prefix PATH : "${ - lib.makeBinPath [ - dotnet-sdk - ] - }" - '' - + '' - ln -s godot4${suffix} "$out"/bin/godot - runHook post Install - ''; - - # patching $debug can crash patchelf - # (https://github.com/NixOS/patchelf/issues/373), so explicitly patch $out - dontAutoPatchelf = true; - - postFixup = '' - autoPatchelf "$out" - ''; - - passthru = { - tests = - let - pkg = finalAttrs.finalPackage; - dottedVersion = lib.replaceStrings [ "-" ] [ "." ] version; - exportedProject = stdenvNoCC.mkDerivation { - name = "${pkg.name}-project-export"; - - nativeBuildInputs = [ - pkg - autoPatchelfHook - ]; - - runtimeDependencies = map lib.getLib [ - alsa-lib - libGL - libpulseaudio - libX11 - libXcursor - libXext - libXi - libXrandr - udev - vulkan-loader - ]; - - unpackPhase = '' - runHook preUnpack - - mkdir test - cd test - touch project.godot - - cat >create-scene.gd <<'EOF' - extends SceneTree - - func _initialize(): - var node = Node.new() - var script = ResourceLoader.load("res://test.gd") - print(script) - node.set_script(script) - var scene = PackedScene.new() - var scenePath = "res://test.tscn" - scene.pack(node) - var x = ResourceSaver.save(scene, scenePath) - ProjectSettings["application/run/main_scene"] = scenePath - ProjectSettings.save() - node.free() - quit() - EOF - - cat >test.gd <<'EOF' - extends Node - func _ready(): - print("Hello, World!") - get_tree().quit() - EOF - - cat >export_presets.cfg <<'EOF' - [preset.0] - name="build" - platform="Linux" - runnable=true - export_filter="all_resources" - include_filter="" - exclude_filter="" - [preset.0.options] - __empty="" - EOF - - runHook postUnpack - ''; - - buildPhase = '' - runHook preBuild - - export HOME=$(mktemp -d) - mkdir -p $HOME/.local/share/godot/export_templates - ln -s "${pkg.export-templates-bin}" "$HOME/.local/share/godot/export_templates/${dottedVersion}" - - godot --headless -s create-scene.gd - - runHook postBuild - ''; - - installPhase = '' - runHook preInstall - - mkdir -p "$out"/bin - godot --headless --export-release build "$out"/bin/test - - runHook postInstall - ''; - }; - in - { - version = testers.testVersion { - package = pkg; - version = dottedVersion; - }; - - project-runs = runCommand "${pkg.name}-project-runs" { } '' - ( - set -eo pipefail - HOME=$(mktemp -d) - "${exportedProject}"/bin/test --headless | tail -n1 | ( - read output - if [[ "$output" != "Hello, World!" ]]; then - echo "unexpected output: $output" >&2 - exit 1 - fi - ) - touch "$out" - ) - ''; - }; - }; - - requiredSystemFeatures = [ - # fixes: No space left on device - "big-parallel" - ]; - - meta = { - changelog = "https://github.com/godotengine/godot/releases/tag/${version}"; - description = "Free and Open Source 2D and 3D game engine"; - homepage = "https://godotengine.org"; - license = lib.licenses.mit; - platforms = [ - "x86_64-linux" - "aarch64-linux" - ] ++ lib.optional (!withMono) "i686-linux"; - maintainers = with lib.maintainers; [ - shiryel - corngood - ]; - mainProgram = "godot4${suffix}"; - }; - }; - -in -stdenv.mkDerivation ( - if withMono then - dotnetCorePackages.addNuGetDeps { - inherit nugetDeps; - overrideFetchAttrs = old: rec { - runtimeIds = map (system: dotnetCorePackages.systemToDotnetRid system) old.meta.platforms; - buildInputs = - old.buildInputs - ++ lib.concatLists (lib.attrValues (lib.getAttrs runtimeIds dotnet-sdk.targetPackages)); + src = fetchFromGitHub { + owner = "godotengine"; + repo = "godot"; + tag = version; + inherit hash; + # Required for the commit hash to be included in the version number. + # + # `methods.py` reads the commit hash from `.git/HEAD` and manually follows + # refs. + # + # See also 'hash' in + # https://docs.godotengine.org/en/stable/classes/class_engine.html#class-engine-method-get-version-info + leaveDotGit = true; + # Only keep HEAD, because leaveDotGit is non-deterministic: + # https://github.com/NixOS/nixpkgs/issues/8567 + postFetch = '' + hash=$(git -C "$out" rev-parse HEAD) + rm -r "$out"/.git + mkdir "$out"/.git + echo "$hash" > "$out"/.git/HEAD + ''; }; - } attrs - else - attrs -) + + outputs = [ + "out" + ] ++ lib.optional (editor) "man"; + separateDebugInfo = true; + + # Set the build name which is part of the version. In official downloads, this + # is set to 'official'. When not specified explicitly, it is set to + # 'custom_build'. Other platforms packaging Godot (Gentoo, Arch, Flatpack + # etc.) usually set this to their name as well. + # + # See also 'methods.py' in the Godot repo and 'build' in + # https://docs.godotengine.org/en/stable/classes/class_engine.html#class-engine-method-get-version-info + BUILD_NAME = "nixpkgs"; + + preConfigure = lib.optionalString withMono '' + # TODO: avoid pulling in dependencies of windows-only project + dotnet sln modules/mono/editor/GodotTools/GodotTools.sln \ + remove modules/mono/editor/GodotTools/GodotTools.OpenVisualStudio/GodotTools.OpenVisualStudio.csproj + + dotnet restore modules/mono/glue/GodotSharp/GodotSharp.sln + dotnet restore modules/mono/editor/GodotTools/GodotTools.sln + dotnet restore modules/mono/editor/Godot.NET.Sdk/Godot.NET.Sdk.sln + ''; + + # From: https://github.com/godotengine/godot/blob/4.2.2-stable/SConstruct + sconsFlags = mkSconsFlagsFromAttrSet { + # Options from 'SConstruct' + precision = withPrecision; # Floating-point precision level + production = true; # Set defaults to build Godot for use in production + platform = withPlatform; + inherit target; + debug_symbols = true; + + # Options from 'platform/linuxbsd/detect.py' + alsa = withAlsa; + dbus = withDbus; # Use D-Bus to handle screensaver and portal desktop settings + fontconfig = withFontconfig; # Use fontconfig for system fonts support + pulseaudio = withPulseaudio; # Use PulseAudio + speechd = withSpeechd; # Use Speech Dispatcher for Text-to-Speech support + touch = withTouch; # Enable touch events + udev = withUdev; # Use udev for gamepad connection callbacks + wayland = withWayland; # Compile with Wayland support + x11 = withX11; # Compile with X11 support + + module_mono_enabled = withMono; + + # aliasing bugs exist with hardening+LTO + # https://github.com/godotengine/godot/pull/104501 + ccflags = "-fno-strict-aliasing"; + linkflags = "-Wl,--build-id"; + + use_sowrap = false; + }; + + enableParallelBuilding = true; + + strictDeps = true; + + patches = lib.optionals (lib.versionOlder version "4.4") [ + (fetchpatch { + name = "wayland-header-fix.patch"; + url = "https://github.com/godotengine/godot/commit/6ce71f0fb0a091cffb6adb4af8ab3f716ad8930b.patch"; + hash = "sha256-hgAtAtCghF5InyGLdE9M+9PjPS1BWXWGKgIAyeuqkoU="; + }) + # Fix a crash in the mono test project build. It no longer seems to + # happen in 4.4, but an existing fix couldn't be identified. + ./CSharpLanguage-fix-crash-in-reload_assemblies-after-.patch + ]; + + postPatch = '' + # this stops scons from hiding e.g. NIX_CFLAGS_COMPILE + perl -pi -e '{ $r += s:(env = Environment\(.*):\1\nenv["ENV"] = os.environ: } END { exit ($r != 1) }' SConstruct + + substituteInPlace thirdparty/glad/egl.c \ + --replace-fail \ + 'static const char *NAMES[] = {"libEGL.so.1", "libEGL.so"}' \ + 'static const char *NAMES[] = {"${lib.getLib libGL}/lib/libEGL.so"}' + + substituteInPlace thirdparty/glad/gl.c \ + --replace-fail \ + 'static const char *NAMES[] = {"libGLESv2.so.2", "libGLESv2.so"}' \ + 'static const char *NAMES[] = {"${lib.getLib libGL}/lib/libGLESv2.so"}' \ + + substituteInPlace thirdparty/glad/gl{,x}.c \ + --replace-fail \ + '"libGL.so.1"' \ + '"${lib.getLib libGL}/lib/libGL.so"' + + substituteInPlace thirdparty/volk/volk.c \ + --replace-fail \ + 'dlopen("libvulkan.so.1"' \ + 'dlopen("${lib.getLib vulkan-loader}/lib/libvulkan.so"' + ''; + + depsBuildBuild = lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ + buildPackages.stdenv.cc + pkg-config + ]; + + buildInputs = + lib.optionals withMono dotnet-sdk.packages + ++ lib.optional withAlsa alsa-lib + ++ lib.optional (withX11 || withWayland) libxkbcommon + ++ lib.optionals withX11 [ + libX11 + libXcursor + libXext + libXfixes + libXi + libXinerama + libXrandr + libXrender + ] + ++ lib.optionals withWayland [ + # libdecor + wayland + ] + ++ lib.optionals withDbus [ + dbus + ] + ++ lib.optionals withFontconfig [ + fontconfig + ] + ++ lib.optional withPulseaudio libpulseaudio + ++ lib.optionals withSpeechd [ + speechd-minimal + glib + ] + ++ lib.optional withUdev udev; + + nativeBuildInputs = + [ + installShellFiles + perl + pkg-config + scons + ] + ++ lib.optionals withWayland [ wayland-scanner ] + ++ lib.optionals withMono [ + dotnet-sdk + makeWrapper + ]; + + postBuild = lib.optionalString (editor && withMono) '' + echo "Generating Glue" + bin/${binary} --headless --generate-mono-glue modules/mono/glue + echo "Building C#/.NET Assemblies" + python modules/mono/build_scripts/build_assemblies.py --godot-output-dir bin --precision=${withPrecision} + ''; + + installPhase = + '' + runHook preInstall + + mkdir -p "$out"/{bin,libexec} + cp -r bin/* "$out"/libexec + + cd "$out"/bin + ln -s ../libexec/${binary} godot${lib.versions.majorMinor version}${suffix} + ln -s godot${lib.versions.majorMinor version}${suffix} godot${lib.versions.major version}${suffix} + ln -s godot${lib.versions.major version}${suffix} godot${suffix} + cd - + '' + + ( + if editor then + '' + installManPage misc/dist/linux/godot.6 + + mkdir -p "$out"/share/{applications,icons/hicolor/scalable/apps} + cp misc/dist/linux/org.godotengine.Godot.desktop "$out/share/applications/org.godotengine.Godot${lib.versions.majorMinor version}${suffix}.desktop" + substituteInPlace "$out/share/applications/org.godotengine.Godot${lib.versions.majorMinor version}${suffix}.desktop" \ + --replace "Exec=godot" "Exec=$out/bin/godot${suffix}" \ + --replace "Godot Engine" "Godot Engine ${ + lib.versions.majorMinor version + lib.optionalString withMono " (Mono)" + }" + cp icon.svg "$out/share/icons/hicolor/scalable/apps/godot.svg" + cp icon.png "$out/share/icons/godot.png" + '' + + lib.optionalString withMono '' + mkdir -p "$out"/share/nuget + mv "$out"/libexec/GodotSharp/Tools/nupkgs "$out"/share/nuget/source + + wrapProgram $out/libexec/${binary} \ + --set DOTNET_ROOT ${dotnet-sdk}/share/dotnet \ + --prefix PATH : "${ + lib.makeBinPath [ + dotnet-sdk + ] + }" + '' + else + let + template = + (lib.replaceStrings + [ "template" ] + [ + { + linuxbsd = "linux"; + } + .${withPlatform} + ] + target + ) + + "." + + arch; + in + '' + templates="$out"/share/godot/export_templates/${dottedVersion} + mkdir -p "$templates" + ln -s "$out"/libexec/${binary} "$templates"/${template} + '' + ) + + '' + runHook postInstall + ''; + + passthru = + { + inherit updateScript; + + tests = + { + version = testers.testVersion { + package = finalAttrs.finalPackage; + version = dottedVersion; + }; + } + // lib.optionalAttrs (editor) ( + let + pkg = finalAttrs.finalPackage; + + project-src = runCommand "${pkg.name}-project-src" { } ( + '' + mkdir "$out" + cd "$out" + touch project.godot + + cat >create-scene.gd <<'EOF' + extends SceneTree + + func _initialize(): + var node = Node.new() + var script = ResourceLoader.load("res://test.gd") + node.set_script(script) + '' + + lib.optionalString withMono '' + ${""} + var monoNode = Node.new() + var monoScript = ResourceLoader.load("res://Test.cs") + monoNode.set_script(monoScript) + node.add_child(monoNode) + monoNode.owner = node + '' + + '' + var scene = PackedScene.new() + var scenePath = "res://test.tscn" + scene.pack(node) + node.free() + var x = ResourceSaver.save(scene, scenePath) + ProjectSettings["application/run/main_scene"] = scenePath + ProjectSettings.save() + quit() + EOF + + cat >test.gd <<'EOF' + extends Node + func _ready(): + print("Hello, World!") + get_tree().quit() + EOF + + cat >export_presets.cfg <<'EOF' + [preset.0] + name="build" + platform="Linux" + runnable=true + export_filter="all_resources" + include_filter="" + exclude_filter="" + [preset.0.options] + binary_format/architecture="${arch}" + EOF + '' + + lib.optionalString withMono '' + cat >Test.cs <<'EOF' + using Godot; + using System; + + public partial class Test : Node + { + public override void _Ready() + { + GD.Print("Hello, Mono!"); + GetTree().Quit(); + } + } + EOF + + sdk_version=$(basename ${pkg}/share/nuget/packages/godot.net.sdk/*) + cat >UnnamedProject.csproj < + + net8.0 + true + + + EOF + '' + ); + + export-tests = lib.makeExtensible (final: { + inherit (pkg) export-template; + + export = stdenvNoCC.mkDerivation { + name = "${final.export-template.name}-export"; + + nativeBuildInputs = [ + pkg + ] ++ lib.optional withMono dotnet-sdk; + + src = project-src; + + postConfigure = lib.optionalString withMono '' + dotnet new sln -n UnnamedProject + message=$(dotnet sln add UnnamedProject.csproj) + echo "$message" + # dotnet sln doesn't return an error when it fails to add the project + [[ $message == "Project \`UnnamedProject.csproj\` added to the solution." ]] + ''; + + exportTemplate = pkg.export-template; + + buildPhase = '' + runHook preBuild + + export HOME=$(mktemp -d) + mkdir -p $HOME/.local/share/godot/ + ln -s "${final.export-template}"/share/godot/export_templates "$HOME"/.local/share/godot/ + + godot${suffix} --headless --build-solutions -s create-scene.gd + + runHook postBuild + ''; + + installPhase = '' + runHook preInstall + + mkdir -p "$out"/bin + godot${suffix} --headless --export-release build "$out"/bin/test + + runHook postInstall + ''; + }; + + run = runCommand "${final.export.name}-runs" { passthru = { inherit (final) export; }; } ( + '' + ( + set -eo pipefail + HOME=$(mktemp -d) + "${final.export}"/bin/test --headless | tail -n+3 | ( + '' + + lib.optionalString withMono '' + # indent + read output + if [[ "$output" != "Hello, Mono!" ]]; then + echo "unexpected output: $output" >&2 + exit 1 + fi + '' + + '' + read output + if [[ "$output" != "Hello, World!" ]]; then + echo "unexpected output: $output" >&2 + exit 1 + fi + ) + touch "$out" + ) + '' + ); + }); + + in + { + export-runs = export-tests.run; + + export-bin-runs = + (export-tests.extend ( + final: prev: { + export-template = pkg.export-templates-bin; + + export = prev.export.overrideAttrs (prev: { + nativeBuildInputs = prev.nativeBuildInputs or [ ] ++ [ + autoPatchelfHook + ]; + + # stripping dlls results in: + # Failed to load System.Private.CoreLib.dll (error code 0x8007000B) + stripExclude = lib.optional withMono [ "*.dll" ]; + + runtimeDependencies = + prev.runtimeDependencies or [ ] + ++ map lib.getLib [ + alsa-lib + libpulseaudio + libX11 + libXcursor + libXext + libXi + libXrandr + udev + vulkan-loader + ]; + }); + } + )).run; + } + ); + } + // lib.optionalAttrs editor { + export-template = mkTarget "template_release"; + export-templates-bin = ( + callPackage ./export-templates-bin.nix { + inherit version withMono; + godot = finalAttrs.finalPackage; + hash = exportTemplatesHash; + } + ); + }; + + requiredSystemFeatures = [ + # fixes: No space left on device + "big-parallel" + ]; + + meta = { + changelog = "https://github.com/godotengine/godot/releases/tag/${version}"; + description = "Free and Open Source 2D and 3D game engine"; + homepage = "https://godotengine.org"; + license = lib.licenses.mit; + platforms = [ + "x86_64-linux" + "aarch64-linux" + ] ++ lib.optional (!withMono) "i686-linux"; + maintainers = with lib.maintainers; [ + shiryel + corngood + ]; + mainProgram = "godot${suffix}"; + }; + }; + + mkTarget = + target: + let + attrs = attrsForTarget target; + in + stdenv.mkDerivation ( + if withMono then + dotnetCorePackages.addNuGetDeps { + inherit nugetDeps; + overrideFetchAttrs = old: rec { + runtimeIds = map (system: dotnetCorePackages.systemToDotnetRid system) old.meta.platforms; + buildInputs = + old.buildInputs + ++ lib.concatLists (lib.attrValues (lib.getAttrs runtimeIds dotnet-sdk.targetPackages)); + }; + } attrs + else + attrs + ); +in +mkTarget "editor" diff --git a/pkgs/development/tools/godot/default.nix b/pkgs/development/tools/godot/default.nix index d434e29bc4ab..3a935efab866 100644 --- a/pkgs/development/tools/godot/default.nix +++ b/pkgs/development/tools/godot/default.nix @@ -1,5 +1,9 @@ +# TODO: +# - combine binary and source tests +# - filter builtInputs by builtin_ flags { callPackage, + lib, nix-update-script, fetchzip, }: @@ -8,43 +12,40 @@ let versionPrefix: let attrs = import (./. + "/${versionPrefix}/default.nix"); - inherit (attrs) - version - hash - exportTemplatesHash - nugetDeps - ; + updateScript = [ + ./update.sh + versionPrefix + (builtins.unsafeGetAttrPos "version" attrs).file + ]; in - rec { - godot = (callPackage ./common.nix { inherit version hash nugetDeps; }).overrideAttrs (old: { - passthru = old.passthru or { } // { - inherit export-templates-bin; - updateScript = [ - ./update.sh - versionPrefix - (builtins.unsafeGetAttrPos "version" attrs).file - ]; - }; - }); + lib.recurseIntoAttrs rec { + godot = callPackage ./common.nix { + inherit updateScript; + inherit (attrs) + version + hash + ; + inherit (attrs.default) + exportTemplatesHash + ; + }; godot-mono = godot.override { withMono = true; + inherit (attrs.mono) + exportTemplatesHash + nugetDeps + ; }; - export-templates-bin = ( - callPackage ./export-templates-bin.nix { - inherit version godot; - hash = exportTemplatesHash; - } - ); - }; + export-template = godot.export-template; + export-template-mono = godot-mono.export-template; - godotPackages_4_3 = mkGodotPackages "4.3"; - godotPackages_4_4 = mkGodotPackages "4.4"; - godotPackages_4 = godotPackages_4_4; - godotPackages = godotPackages_4; + export-templates-bin = godot.export-templates-bin; + export-templates-mono-bin = godot-mono.export-templates-bin; + }; in -{ +rec { godot3 = callPackage ./3 { }; godot3-export-templates = callPackage ./3/export-templates.nix { }; godot3-headless = callPackage ./3/headless.nix { }; @@ -56,16 +57,21 @@ in godot3-mono-debug-server = callPackage ./3/mono/debug-server.nix { }; godot3-mono-server = callPackage ./3/mono/server.nix { }; + godotPackages_4_3 = mkGodotPackages "4.3"; + godotPackages_4_4 = mkGodotPackages "4.4"; + godotPackages_4 = godotPackages_4_4; + godotPackages = godotPackages_4; + godot_4_3 = godotPackages_4_3.godot; godot_4_3-mono = godotPackages_4_3.godot-mono; - godot_4_3-export-templates = godotPackages_4_3.export-templates-bin; + godot_4_3-export-templates-bin = godotPackages_4_3.export-templates-bin; godot_4_4 = godotPackages_4_4.godot; godot_4_4-mono = godotPackages_4_4.godot-mono; - godot_4_4-export-templates = godotPackages_4_4.export-templates-bin; + godot_4_4-export-templates-bin = godotPackages_4_4.export-templates-bin; godot_4 = godotPackages_4.godot; godot_4-mono = godotPackages_4.godot-mono; - godot_4-export-templates = godotPackages_4.export-templates-bin; + godot_4-export-templates-bin = godotPackages_4.export-templates-bin; godot = godotPackages.godot; godot-mono = godotPackages.godot-mono; - godot-export-templates = godotPackages.export-templates-bin; + godot-export-templates-bin = godotPackages.export-templates-bin; } diff --git a/pkgs/development/tools/godot/export-templates-bin.nix b/pkgs/development/tools/godot/export-templates-bin.nix index 5bec3547041a..829b898b80be 100644 --- a/pkgs/development/tools/godot/export-templates-bin.nix +++ b/pkgs/development/tools/godot/export-templates-bin.nix @@ -1,29 +1,57 @@ { - fetchzip, + fetchurl, godot, hash, lib, + stdenvNoCC, + unzip, version, + withMono ? false, }: # Export templates is necessary for setting up Godot engine, it's used when exporting projects. # Godot applications/games packages needs to reference export templates. # Export templates version should be kept in sync with Godot version. # https://docs.godotengine.org/en/stable/tutorials/export/exporting_projects.html#export-templates -fetchzip { - pname = "godot-export-templates"; - version = version; - extension = "zip"; - url = "https://github.com/godotengine/godot/releases/download/${version}/Godot_v${version}_export_templates.tpz"; - inherit hash; +let + self = stdenvNoCC.mkDerivation { + pname = "godot-export-templates${lib.optionalString withMono "-mono"}-bin"; + version = version; - meta = { - inherit (godot.meta) - changelog - description - homepage - license - maintainers - ; - sourceProvenance = [ lib.sourceTypes.binaryNativeCode ]; + src = fetchurl { + url = "https://github.com/godotengine/godot/releases/download/${version}/Godot_v${version}${lib.optionalString withMono "_mono"}_export_templates.tpz"; + inherit hash; + }; + + nativeBuildInputs = [ + unzip + ]; + + unpackPhase = '' + runHook preUnpack + unzip -q "$src" + runHook postUnpack + ''; + + installPhase = '' + templates="$out"/share/godot/export_templates + mkdir -p "$templates" + read version < templates/version.txt + mv templates "$templates/$version" + ''; + + # this allows update-source-version to work + passthru.src = self; + + meta = { + inherit (godot.meta) + changelog + description + homepage + license + maintainers + ; + sourceProvenance = [ lib.sourceTypes.binaryNativeCode ]; + }; }; -} +in +self diff --git a/pkgs/development/tools/godot/update.sh b/pkgs/development/tools/godot/update.sh index 25d396e78119..1cf654b70d87 100755 --- a/pkgs/development/tools/godot/update.sh +++ b/pkgs/development/tools/godot/update.sh @@ -1,18 +1,20 @@ #!/usr/bin/env nix-shell -#!nix-shell -I nixpkgs=./. --pure -i bash -p bash nix nix-update git cacert common-updater-scripts --keep UPDATE_NIX_ATTR_PATH --keep UPDATE_NIX_OLD_VERSION +#!nix-shell -I nixpkgs=./. --pure -i bash -p bash nix nix-update git cacert common-updater-scripts set -euo pipefail versionPrefix=$1 file=$2 -attr=$UPDATE_NIX_ATTR_PATH +attr=godotPackages_${versionPrefix/./_} -prev_version=$UPDATE_NIX_OLD_VERSION -nix-update "$attr" \ +prev_version=$(nix eval --raw -f. "$attr".godot) +nix-update "$attr".godot \ --version-regex "($versionPrefix\\b.*-stable)" \ --override-filename "$2" \ --src-only -[[ $(nix eval --raw -f. "$attr".version) != "$prev_version" ]] || exit 0 +[[ $(nix eval --raw -f. "$attr".godot) != "$prev_version" ]] || exit 0 -"$(nix build --impure --expr "((import ./. {}).$attr.override { withMono = true; }).fetch-deps" --print-out-paths --no-link)" +fetch_deps=$(nix build -f. "$attr".godot-mono.fetch-deps --print-out-paths --no-link) +"$fetch_deps" -update-source-version "$attr" --ignore-same-version --source-key=export-templates-bin --file="$file" +update-source-version "$attr".godot.export-templates-bin --ignore-same-version --file="$file" +update-source-version "$attr".godot-mono.export-templates-bin --ignore-same-version --file="$file" diff --git a/pkgs/os-specific/linux/scx/default.nix b/pkgs/os-specific/linux/scx/default.nix index ae7434370d83..6e645f2f210e 100644 --- a/pkgs/os-specific/linux/scx/default.nix +++ b/pkgs/os-specific/linux/scx/default.nix @@ -2,7 +2,6 @@ lib, callPackage, fetchFromGitHub, - fetchpatch2, }: let scx-common = rec { diff --git a/pkgs/os-specific/linux/scx/scx_cscheds.nix b/pkgs/os-specific/linux/scx/scx_cscheds.nix index 84b07682015d..e22d897d372b 100644 --- a/pkgs/os-specific/linux/scx/scx_cscheds.nix +++ b/pkgs/os-specific/linux/scx/scx_cscheds.nix @@ -13,6 +13,8 @@ zlib, zstd, scx-common, + protobuf, + libseccomp, }: let @@ -74,6 +76,7 @@ llvmPackages.stdenv.mkDerivation (finalAttrs: { jq pkg-config zstd + protobuf ] ++ bpftools.buildInputs ++ bpftools.nativeBuildInputs; @@ -81,6 +84,7 @@ llvmPackages.stdenv.mkDerivation (finalAttrs: { buildInputs = [ elfutils zlib + libseccomp ]; mesonFlags = [ diff --git a/pkgs/os-specific/linux/scx/scx_rustscheds.nix b/pkgs/os-specific/linux/scx/scx_rustscheds.nix index 2e4cabfb95ea..6ee3b52368b4 100644 --- a/pkgs/os-specific/linux/scx/scx_rustscheds.nix +++ b/pkgs/os-specific/linux/scx/scx_rustscheds.nix @@ -8,6 +8,8 @@ zstd, scx-common, scx, + protobuf, + libseccomp, }: rustPlatform.buildRustPackage { pname = "scx_rustscheds"; @@ -26,11 +28,13 @@ rustPlatform.buildRustPackage { nativeBuildInputs = [ pkg-config rustPlatform.bindgenHook + protobuf ]; buildInputs = [ elfutils zlib zstd + libseccomp ]; env = { diff --git a/pkgs/os-specific/linux/scx/version.json b/pkgs/os-specific/linux/scx/version.json index c23828ced321..e2bfb68d424e 100644 --- a/pkgs/os-specific/linux/scx/version.json +++ b/pkgs/os-specific/linux/scx/version.json @@ -1,8 +1,8 @@ { "scx": { - "version": "1.0.11", - "hash": "sha256-Lj+YH+pWcdbGvpk6PAgat279cXOGkm0SZ5+wdK+2u9Q=", - "cargoHash": "sha256-sDrkUiZpX04A6a4ltFFZo6qtUgUgZ0ydml4mfKYYu3g=" + "version": "1.0.12", + "hash": "sha256-ti4SPx66Ykwqsel7l8Rb0WEBypFbQKoDd0foMAtEmlE=", + "cargoHash": "sha256-nD+RalFCJLqQGMVtaJm/NLCrY8Iq5/eAsW+ydABvw2o=" }, "bpftool": { "rev": "183e7010387d1fc9f08051426e9a9fbd5f8d409e", diff --git a/pkgs/servers/sql/postgresql/ext/anonymizer.nix b/pkgs/servers/sql/postgresql/ext/anonymizer.nix index e3f19881199e..dca8f51c020f 100644 --- a/pkgs/servers/sql/postgresql/ext/anonymizer.nix +++ b/pkgs/servers/sql/postgresql/ext/anonymizer.nix @@ -7,10 +7,9 @@ postgresql, postgresqlBuildExtension, runtimeShell, - stdenv, }: -postgresqlBuildExtension (finalAttrs: { +postgresqlBuildExtension { pname = "postgresql_anonymizer"; inherit (pg-dump-anon) version src; @@ -32,4 +31,4 @@ postgresqlBuildExtension (finalAttrs: { meta = lib.getAttrs [ "homepage" "teams" "license" ] pg-dump-anon.meta // { description = "Extension to mask or replace personally identifiable information (PII) or commercially sensitive data from a PostgreSQL database"; }; -}) +} diff --git a/pkgs/servers/sql/postgresql/ext/apache_datasketches.nix b/pkgs/servers/sql/postgresql/ext/apache_datasketches.nix index fa7200198277..43884c22a13a 100644 --- a/pkgs/servers/sql/postgresql/ext/apache_datasketches.nix +++ b/pkgs/servers/sql/postgresql/ext/apache_datasketches.nix @@ -5,7 +5,6 @@ postgresql, postgresqlBuildExtension, postgresqlTestExtension, - stdenv, }: let diff --git a/pkgs/servers/sql/postgresql/ext/citus.nix b/pkgs/servers/sql/postgresql/ext/citus.nix index a0861ae0aebc..2b197e70719f 100644 --- a/pkgs/servers/sql/postgresql/ext/citus.nix +++ b/pkgs/servers/sql/postgresql/ext/citus.nix @@ -7,7 +7,6 @@ postgresql, postgresqlBuildExtension, postgresqlTestExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/cstore_fdw.nix b/pkgs/servers/sql/postgresql/ext/cstore_fdw.nix index d6abe6b3e8dd..918f446081de 100644 --- a/pkgs/servers/sql/postgresql/ext/cstore_fdw.nix +++ b/pkgs/servers/sql/postgresql/ext/cstore_fdw.nix @@ -4,7 +4,6 @@ postgresql, postgresqlBuildExtension, protobufc, - stdenv, }: postgresqlBuildExtension { diff --git a/pkgs/servers/sql/postgresql/ext/hypopg.nix b/pkgs/servers/sql/postgresql/ext/hypopg.nix index 8b4deada9b7a..4389862a5403 100644 --- a/pkgs/servers/sql/postgresql/ext/hypopg.nix +++ b/pkgs/servers/sql/postgresql/ext/hypopg.nix @@ -4,7 +4,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/jsonb_deep_sum.nix b/pkgs/servers/sql/postgresql/ext/jsonb_deep_sum.nix index fb6acd607466..f656a4792e38 100644 --- a/pkgs/servers/sql/postgresql/ext/jsonb_deep_sum.nix +++ b/pkgs/servers/sql/postgresql/ext/jsonb_deep_sum.nix @@ -3,7 +3,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension { diff --git a/pkgs/servers/sql/postgresql/ext/lantern.nix b/pkgs/servers/sql/postgresql/ext/lantern.nix index 3a6275c66686..8cd89a145bde 100644 --- a/pkgs/servers/sql/postgresql/ext/lantern.nix +++ b/pkgs/servers/sql/postgresql/ext/lantern.nix @@ -6,7 +6,6 @@ postgresql, postgresqlBuildExtension, postgresqlTestExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/periods.nix b/pkgs/servers/sql/postgresql/ext/periods.nix index 21d2f8cd92a1..8340d95ff4e6 100644 --- a/pkgs/servers/sql/postgresql/ext/periods.nix +++ b/pkgs/servers/sql/postgresql/ext/periods.nix @@ -3,7 +3,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/pg-semver.nix b/pkgs/servers/sql/postgresql/ext/pg-semver.nix index 005e7f46bdbc..896f293ee830 100644 --- a/pkgs/servers/sql/postgresql/ext/pg-semver.nix +++ b/pkgs/servers/sql/postgresql/ext/pg-semver.nix @@ -4,7 +4,6 @@ postgresql, postgresqlBuildExtension, postgresqlTestExtension, - testers, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/pg_auto_failover.nix b/pkgs/servers/sql/postgresql/ext/pg_auto_failover.nix index efcfa3932de2..3bf237c88b45 100644 --- a/pkgs/servers/sql/postgresql/ext/pg_auto_failover.nix +++ b/pkgs/servers/sql/postgresql/ext/pg_auto_failover.nix @@ -3,7 +3,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/pg_cron.nix b/pkgs/servers/sql/postgresql/ext/pg_cron.nix index d05131da5309..1345dc4b1051 100644 --- a/pkgs/servers/sql/postgresql/ext/pg_cron.nix +++ b/pkgs/servers/sql/postgresql/ext/pg_cron.nix @@ -3,7 +3,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/pg_ed25519.nix b/pkgs/servers/sql/postgresql/ext/pg_ed25519.nix index 1e361343c739..a8def66a5c98 100644 --- a/pkgs/servers/sql/postgresql/ext/pg_ed25519.nix +++ b/pkgs/servers/sql/postgresql/ext/pg_ed25519.nix @@ -3,7 +3,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/pg_hint_plan.nix b/pkgs/servers/sql/postgresql/ext/pg_hint_plan.nix index 4081d5b35f89..c19c50de8a02 100644 --- a/pkgs/servers/sql/postgresql/ext/pg_hint_plan.nix +++ b/pkgs/servers/sql/postgresql/ext/pg_hint_plan.nix @@ -3,7 +3,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: let diff --git a/pkgs/servers/sql/postgresql/ext/pg_hll.nix b/pkgs/servers/sql/postgresql/ext/pg_hll.nix index daa0e4a43942..e63191a4a85f 100644 --- a/pkgs/servers/sql/postgresql/ext/pg_hll.nix +++ b/pkgs/servers/sql/postgresql/ext/pg_hll.nix @@ -3,7 +3,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/pg_ivm.nix b/pkgs/servers/sql/postgresql/ext/pg_ivm.nix index 0b3d3ad0e313..05f71a2ec1d4 100644 --- a/pkgs/servers/sql/postgresql/ext/pg_ivm.nix +++ b/pkgs/servers/sql/postgresql/ext/pg_ivm.nix @@ -3,7 +3,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/pg_libversion.nix b/pkgs/servers/sql/postgresql/ext/pg_libversion.nix index 4b5dbd34b12c..dcdf0284b122 100644 --- a/pkgs/servers/sql/postgresql/ext/pg_libversion.nix +++ b/pkgs/servers/sql/postgresql/ext/pg_libversion.nix @@ -6,7 +6,6 @@ pkg-config, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/pg_net.nix b/pkgs/servers/sql/postgresql/ext/pg_net.nix index aef805590a1c..ce821a3b1901 100644 --- a/pkgs/servers/sql/postgresql/ext/pg_net.nix +++ b/pkgs/servers/sql/postgresql/ext/pg_net.nix @@ -4,7 +4,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/pg_partman.nix b/pkgs/servers/sql/postgresql/ext/pg_partman.nix index 5ac097aa8547..34bc3ae934c6 100644 --- a/pkgs/servers/sql/postgresql/ext/pg_partman.nix +++ b/pkgs/servers/sql/postgresql/ext/pg_partman.nix @@ -3,7 +3,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/pg_relusage.nix b/pkgs/servers/sql/postgresql/ext/pg_relusage.nix index 3245f03fe226..d378f5318a91 100644 --- a/pkgs/servers/sql/postgresql/ext/pg_relusage.nix +++ b/pkgs/servers/sql/postgresql/ext/pg_relusage.nix @@ -3,7 +3,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/pg_repack.nix b/pkgs/servers/sql/postgresql/ext/pg_repack.nix index a785635d0e7d..8131f5d49ed8 100644 --- a/pkgs/servers/sql/postgresql/ext/pg_repack.nix +++ b/pkgs/servers/sql/postgresql/ext/pg_repack.nix @@ -5,7 +5,6 @@ postgresql, postgresqlBuildExtension, postgresqlTestExtension, - stdenv, testers, }: diff --git a/pkgs/servers/sql/postgresql/ext/pg_roaringbitmap.nix b/pkgs/servers/sql/postgresql/ext/pg_roaringbitmap.nix index 8810a6710227..39b4c422675b 100644 --- a/pkgs/servers/sql/postgresql/ext/pg_roaringbitmap.nix +++ b/pkgs/servers/sql/postgresql/ext/pg_roaringbitmap.nix @@ -3,8 +3,6 @@ lib, postgresql, postgresqlBuildExtension, - postgresqlTestHook, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/pg_safeupdate.nix b/pkgs/servers/sql/postgresql/ext/pg_safeupdate.nix index 8722a7ff7f31..089db484dba5 100644 --- a/pkgs/servers/sql/postgresql/ext/pg_safeupdate.nix +++ b/pkgs/servers/sql/postgresql/ext/pg_safeupdate.nix @@ -3,7 +3,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: with { diff --git a/pkgs/servers/sql/postgresql/ext/pg_similarity.nix b/pkgs/servers/sql/postgresql/ext/pg_similarity.nix index c0fb92f09f2f..4b2b2266e65f 100644 --- a/pkgs/servers/sql/postgresql/ext/pg_similarity.nix +++ b/pkgs/servers/sql/postgresql/ext/pg_similarity.nix @@ -4,7 +4,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension { diff --git a/pkgs/servers/sql/postgresql/ext/pg_squeeze.nix b/pkgs/servers/sql/postgresql/ext/pg_squeeze.nix index a0c88f6c66b2..6527ef920f79 100644 --- a/pkgs/servers/sql/postgresql/ext/pg_squeeze.nix +++ b/pkgs/servers/sql/postgresql/ext/pg_squeeze.nix @@ -5,7 +5,6 @@ postgresql, postgresqlBuildExtension, postgresqlTestExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/pg_topn.nix b/pkgs/servers/sql/postgresql/ext/pg_topn.nix index 1c14a028ce12..a0db77291f2f 100644 --- a/pkgs/servers/sql/postgresql/ext/pg_topn.nix +++ b/pkgs/servers/sql/postgresql/ext/pg_topn.nix @@ -3,7 +3,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension rec { diff --git a/pkgs/servers/sql/postgresql/ext/pg_uuidv7.nix b/pkgs/servers/sql/postgresql/ext/pg_uuidv7.nix index a4ec95bbe077..e648a5a65750 100644 --- a/pkgs/servers/sql/postgresql/ext/pg_uuidv7.nix +++ b/pkgs/servers/sql/postgresql/ext/pg_uuidv7.nix @@ -3,7 +3,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/pgaudit.nix b/pkgs/servers/sql/postgresql/ext/pgaudit.nix index 6036cf42447f..183285d0924a 100644 --- a/pkgs/servers/sql/postgresql/ext/pgaudit.nix +++ b/pkgs/servers/sql/postgresql/ext/pgaudit.nix @@ -5,7 +5,6 @@ openssl, postgresql, postgresqlBuildExtension, - stdenv, }: let diff --git a/pkgs/servers/sql/postgresql/ext/pgjwt.nix b/pkgs/servers/sql/postgresql/ext/pgjwt.nix index f32eaf7687ed..575bfd3bafc8 100644 --- a/pkgs/servers/sql/postgresql/ext/pgjwt.nix +++ b/pkgs/servers/sql/postgresql/ext/pgjwt.nix @@ -5,7 +5,6 @@ postgresql, postgresqlBuildExtension, postgresqlTestExtension, - stdenv, unstableGitUpdater, }: diff --git a/pkgs/servers/sql/postgresql/ext/pgmq.nix b/pkgs/servers/sql/postgresql/ext/pgmq.nix index f55fd6044020..b3bd9d4c8b74 100644 --- a/pkgs/servers/sql/postgresql/ext/pgmq.nix +++ b/pkgs/servers/sql/postgresql/ext/pgmq.nix @@ -3,7 +3,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/pgroonga.nix b/pkgs/servers/sql/postgresql/ext/pgroonga.nix index 49f5d750df97..c365aea52bae 100644 --- a/pkgs/servers/sql/postgresql/ext/pgroonga.nix +++ b/pkgs/servers/sql/postgresql/ext/pgroonga.nix @@ -6,7 +6,6 @@ pkg-config, postgresql, postgresqlBuildExtension, - stdenv, xxHash, }: diff --git a/pkgs/servers/sql/postgresql/ext/pgrouting.nix b/pkgs/servers/sql/postgresql/ext/pgrouting.nix index 93a30389929e..a9f15f87ce19 100644 --- a/pkgs/servers/sql/postgresql/ext/pgrouting.nix +++ b/pkgs/servers/sql/postgresql/ext/pgrouting.nix @@ -6,7 +6,6 @@ perl, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/pgsodium.nix b/pkgs/servers/sql/postgresql/ext/pgsodium.nix index d4abb4b32aee..7c825eaafdf7 100644 --- a/pkgs/servers/sql/postgresql/ext/pgsodium.nix +++ b/pkgs/servers/sql/postgresql/ext/pgsodium.nix @@ -6,7 +6,6 @@ postgresql, postgresqlBuildExtension, postgresqlTestExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/pgsql-http.nix b/pkgs/servers/sql/postgresql/ext/pgsql-http.nix index b351da399867..6ea4fb13b678 100644 --- a/pkgs/servers/sql/postgresql/ext/pgsql-http.nix +++ b/pkgs/servers/sql/postgresql/ext/pgsql-http.nix @@ -4,7 +4,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/pgtap.nix b/pkgs/servers/sql/postgresql/ext/pgtap.nix index 55d8613adce0..37cd20d70202 100644 --- a/pkgs/servers/sql/postgresql/ext/pgtap.nix +++ b/pkgs/servers/sql/postgresql/ext/pgtap.nix @@ -45,7 +45,6 @@ postgresqlBuildExtension (finalAttrs: { SELECT * FROM finish(); ROLLBACK; ''; - failureHook = "postgresqlStop"; checkPhase = '' runHook preCheck psql -a -v ON_ERROR_STOP=1 -f $sqlPath diff --git a/pkgs/servers/sql/postgresql/ext/pgvector.nix b/pkgs/servers/sql/postgresql/ext/pgvector.nix index e8b761be0a47..36789689bae0 100644 --- a/pkgs/servers/sql/postgresql/ext/pgvector.nix +++ b/pkgs/servers/sql/postgresql/ext/pgvector.nix @@ -3,7 +3,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/plpgsql_check.nix b/pkgs/servers/sql/postgresql/ext/plpgsql_check.nix index 8a03799cf1c6..7876d4135ad2 100644 --- a/pkgs/servers/sql/postgresql/ext/plpgsql_check.nix +++ b/pkgs/servers/sql/postgresql/ext/plpgsql_check.nix @@ -4,7 +4,6 @@ postgresql, postgresqlBuildExtension, postgresqlTestExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/plr.nix b/pkgs/servers/sql/postgresql/ext/plr.nix index 48e0ebccb433..6f2d9d9d10ea 100644 --- a/pkgs/servers/sql/postgresql/ext/plr.nix +++ b/pkgs/servers/sql/postgresql/ext/plr.nix @@ -8,7 +8,6 @@ postgresqlTestExtension, R, rPackages, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/pltcl.nix b/pkgs/servers/sql/postgresql/ext/pltcl.nix index 4609b40a39a8..ab39df762c46 100644 --- a/pkgs/servers/sql/postgresql/ext/pltcl.nix +++ b/pkgs/servers/sql/postgresql/ext/pltcl.nix @@ -3,7 +3,6 @@ lib, postgresql, postgresqlTestExtension, - tcl, tclPackages, }: diff --git a/pkgs/servers/sql/postgresql/ext/postgis.nix b/pkgs/servers/sql/postgresql/ext/postgis.nix index 2fde76e12fa1..2e9a76c43c7b 100644 --- a/pkgs/servers/sql/postgresql/ext/postgis.nix +++ b/pkgs/servers/sql/postgresql/ext/postgis.nix @@ -92,7 +92,6 @@ postgresqlBuildExtension (finalAttrs: { ]; postgresqlTestUserOptions = "LOGIN SUPERUSER"; - failureHook = "postgresqlStop"; # postgis config directory assumes /include /lib from the same root for json-c library env.NIX_LDFLAGS = "-L${lib.getLib json_c}/lib"; diff --git a/pkgs/servers/sql/postgresql/ext/repmgr.nix b/pkgs/servers/sql/postgresql/ext/repmgr.nix index 2c2eb6fc9390..c7a08c49d579 100644 --- a/pkgs/servers/sql/postgresql/ext/repmgr.nix +++ b/pkgs/servers/sql/postgresql/ext/repmgr.nix @@ -6,7 +6,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/rum.nix b/pkgs/servers/sql/postgresql/ext/rum.nix index d6a11d6cec4a..bc93ff3b76a6 100644 --- a/pkgs/servers/sql/postgresql/ext/rum.nix +++ b/pkgs/servers/sql/postgresql/ext/rum.nix @@ -4,7 +4,6 @@ postgresql, postgresqlBuildExtension, postgresqlTestExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/smlar.nix b/pkgs/servers/sql/postgresql/ext/smlar.nix index 3a2b8e0f930f..e02e7aa2334b 100644 --- a/pkgs/servers/sql/postgresql/ext/smlar.nix +++ b/pkgs/servers/sql/postgresql/ext/smlar.nix @@ -3,7 +3,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension { diff --git a/pkgs/servers/sql/postgresql/ext/system_stats.nix b/pkgs/servers/sql/postgresql/ext/system_stats.nix index c6a4a3d98686..15f272007c71 100644 --- a/pkgs/servers/sql/postgresql/ext/system_stats.nix +++ b/pkgs/servers/sql/postgresql/ext/system_stats.nix @@ -3,7 +3,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { pname = "system_stats"; diff --git a/pkgs/servers/sql/postgresql/ext/tds_fdw.nix b/pkgs/servers/sql/postgresql/ext/tds_fdw.nix index fe67b203cece..e89acc14811e 100644 --- a/pkgs/servers/sql/postgresql/ext/tds_fdw.nix +++ b/pkgs/servers/sql/postgresql/ext/tds_fdw.nix @@ -4,8 +4,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, - unstableGitUpdater, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/temporal_tables.nix b/pkgs/servers/sql/postgresql/ext/temporal_tables.nix index 412638d51fe1..07b4796225a3 100644 --- a/pkgs/servers/sql/postgresql/ext/temporal_tables.nix +++ b/pkgs/servers/sql/postgresql/ext/temporal_tables.nix @@ -3,7 +3,6 @@ lib, postgresql, postgresqlBuildExtension, - stdenv, }: postgresqlBuildExtension (finalAttrs: { diff --git a/pkgs/servers/sql/postgresql/ext/timescaledb.nix b/pkgs/servers/sql/postgresql/ext/timescaledb.nix index a440e069d687..733ad925f4b0 100644 --- a/pkgs/servers/sql/postgresql/ext/timescaledb.nix +++ b/pkgs/servers/sql/postgresql/ext/timescaledb.nix @@ -7,7 +7,6 @@ postgresql, postgresqlBuildExtension, postgresqlTestExtension, - stdenv, enableUnfree ? true, }: diff --git a/pkgs/servers/sql/postgresql/generic.nix b/pkgs/servers/sql/postgresql/generic.nix index ccb5174b22f2..6569b69d56c7 100644 --- a/pkgs/servers/sql/postgresql/generic.nix +++ b/pkgs/servers/sql/postgresql/generic.nix @@ -5,7 +5,6 @@ let { stdenv, fetchFromGitHub, - fetchpatch, fetchurl, lib, replaceVars, diff --git a/pkgs/servers/sql/postgresql/postgresqlTestExtension.nix b/pkgs/servers/sql/postgresql/postgresqlTestExtension.nix index fead59db740c..0143ce3150ef 100644 --- a/pkgs/servers/sql/postgresql/postgresqlTestExtension.nix +++ b/pkgs/servers/sql/postgresql/postgresqlTestExtension.nix @@ -21,7 +21,6 @@ stdenvNoCC.mkDerivation ( postgresqlTestHook (postgresql.withPackages (ps: [ finalPackage ] ++ (map (p: ps."${p}") withPackages))) ]; - failureHook = "postgresqlStop"; postgresqlTestUserOptions = "LOGIN SUPERUSER"; passAsFile = [ "sql" ]; sql = diff --git a/pkgs/test/make-binary-wrapper/default.nix b/pkgs/test/make-binary-wrapper/default.nix index 6f086de299a0..715b28f912e4 100644 --- a/pkgs/test/make-binary-wrapper/default.nix +++ b/pkgs/test/make-binary-wrapper/default.nix @@ -20,7 +20,7 @@ let runCommand "make-binary-wrapper-test-${testname}" env '' mkdir -p tmp/foo # for the chdir test - source=${./${testname}} + source=${./. + "/${testname}"} params=$(<"$source/${testname}.cmdline") eval "makeCWrapper /send/me/flags $params" > wrapper.c diff --git a/pkgs/tools/security/keybase/default.nix b/pkgs/tools/security/keybase/default.nix index cbc4e5a19fa3..d0be504b940b 100644 --- a/pkgs/tools/security/keybase/default.nix +++ b/pkgs/tools/security/keybase/default.nix @@ -8,7 +8,7 @@ buildGoModule rec { pname = "keybase"; - version = "6.4.0"; + version = "6.5.1"; modRoot = "go"; subPackages = [ @@ -22,9 +22,9 @@ buildGoModule rec { owner = "keybase"; repo = "client"; rev = "v${version}"; - hash = "sha256-hRqxA2gPL1UKbz9DwgfZfjE6e5pB7zenZqK+k1i8F2g="; + hash = "sha256-B3vedsxQM4FDZVpkMKR67DF7FtaTPhGIJ1e2lViKYzg="; }; - vendorHash = "sha256-KHahkGzkXr6xp0XY9MyEeeiHnmphaNYi9dPBQ476+us="; + vendorHash = "sha256-uw1tiaYoMpMXCYt5bPL5OBbK09PJmAQYQDrDwuPShxU="; patches = [ (replaceVars ./fix-paths-keybase.patch { diff --git a/pkgs/tools/security/keybase/gui.nix b/pkgs/tools/security/keybase/gui.nix index fd4e1abd7e41..366dc2ac2aac 100644 --- a/pkgs/tools/security/keybase/gui.nix +++ b/pkgs/tools/security/keybase/gui.nix @@ -30,16 +30,16 @@ }: let - versionSuffix = "20240821175720.3212f60cc5"; + versionSuffix = "20250428154451.19f9cfeddb"; in stdenv.mkDerivation rec { pname = "keybase-gui"; - version = "6.4.0"; # Find latest version and versionSuffix from https://prerelease.keybase.io/deb/dists/stable/main/binary-amd64/Packages + version = "6.5.1"; # Find latest version and versionSuffix from https://prerelease.keybase.io/deb/dists/stable/main/binary-amd64/Packages src = fetchurl { url = "https://s3.amazonaws.com/prerelease.keybase.io/linux_binaries/deb/keybase_${version + "-" + versionSuffix}_amd64.deb"; - hash = "sha256-OGuckMUXDzfHIMhQagYJZObV4W6LufqTeIiCg+c5MjM="; + hash = "sha256-PCKi1lavGwLbCoMTMG4h6PJTIzwRAu542eYqDDKzU4Y="; }; nativeBuildInputs = [ diff --git a/pkgs/tools/security/trufflehog/default.nix b/pkgs/tools/security/trufflehog/default.nix index 916f0ee2fdd3..4612e92d3583 100644 --- a/pkgs/tools/security/trufflehog/default.nix +++ b/pkgs/tools/security/trufflehog/default.nix @@ -8,16 +8,16 @@ buildGoModule rec { pname = "trufflehog"; - version = "3.88.28"; + version = "3.88.29"; src = fetchFromGitHub { owner = "trufflesecurity"; repo = "trufflehog"; tag = "v${version}"; - hash = "sha256-VrwZ0MsZ7ZkSfHlmXShiLfZp04vfczuEYh7OHtOUt0Y="; + hash = "sha256-5dPfGvp+O1SBT1VRJL6Hrsd3fyZp56UJpAmV++qKSRc="; }; - vendorHash = "sha256-hBStZjhoBK58vQV22/EZ/h3Fd961fkj3tQbp1gvMID8="; + vendorHash = "sha256-0mwItAv8w9G9CmGmmHDu5jZPYUv/wJYAAiXAYNUTisY="; nativeBuildInputs = [ makeWrapper ]; diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index dea572985f7d..6f6dbc1d17dd 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -796,6 +796,10 @@ mapAliases { grafana-agent = throw "'grafana-agent' has been removed, as it only works with an EOL compiler and will become EOL during the 25.05 release. Consider migrating to 'grafana-alloy' instead"; # Added 2025-04-02 #godot + godot_4_3-export-templates = lib.warnOnInstantiate "godot_4_3-export-templates has been renamed to godot_4_3-export-templates-bin" godot_4_3-export-templates-bin; + godot_4_4-export-templates = lib.warnOnInstantiate "godot_4_4-export-templates has been renamed to godot_4_4-export-templates-bin" godot_4_4-export-templates-bin; + godot_4-export-templates = lib.warnOnInstantiate "godot_4-export-templates has been renamed to godot_4-export-templates-bin" godot_4-export-templates-bin; + godot-export-templates = lib.warnOnInstantiate "godot-export-templates has been renamed to godot-export-templates-bin" godot-export-templates-bin; go-thumbnailer = thud; # Added 2023-09-21 go-upower-notify = upower-notify; # Added 2024-07-21 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index b0784156a826..8c5a090f5282 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1528,18 +1528,12 @@ with pkgs; inherit (libsForQt5) libqtpas wrapQtAppsHook; }; - krusader = kdePackages.callPackage ../applications/file-managers/krusader { }; - - mc = callPackage ../applications/file-managers/mc { - inherit (darwin) autoSignDarwinBinariesHook; - }; - vifm-full = vifm.override { mediaSupport = true; inherit lib udisks2 python3; }; - xfe = callPackage ../applications/file-managers/xfe { + xfe = callPackage ../by-name/xf/xfe/package.nix { fox = fox_1_6; }; @@ -3164,18 +3158,22 @@ with pkgs; godot3-mono-headless godot3-mono-debug-server godot3-mono-server + godotPackages_4_3 + godotPackages_4_4 + godotPackages_4 + godotPackages godot_4_3 godot_4_3-mono - godot_4_3-export-templates + godot_4_3-export-templates-bin godot_4_4 godot_4_4-mono - godot_4_4-export-templates + godot_4_4-export-templates-bin godot_4 godot_4-mono - godot_4-export-templates + godot_4-export-templates-bin godot godot-mono - godot-export-templates + godot-export-templates-bin ; goattracker = callPackage ../applications/audio/goattracker { };