From a1975fdf659c395ca5a759b3a894edd6945df9d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Na=C3=AFm=20Favier?= Date: Mon, 4 Dec 2023 17:27:54 +0100 Subject: [PATCH 01/35] twitter-color-emoji: 14.1.2 -> 15.0.2 https://github.com/jdecked/twemoji/releases/tag/v15.0.2 --- pkgs/data/fonts/twitter-color-emoji/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/data/fonts/twitter-color-emoji/default.nix b/pkgs/data/fonts/twitter-color-emoji/default.nix index c3e41cca36dd..69aae92d966a 100644 --- a/pkgs/data/fonts/twitter-color-emoji/default.nix +++ b/pkgs/data/fonts/twitter-color-emoji/default.nix @@ -14,14 +14,14 @@ }: let - version = "14.1.2"; + version = "15.0.2"; twemojiSrc = fetchFromGitHub { name = "twemoji"; owner = "jdecked"; repo = "twemoji"; rev = "v${version}"; - sha256 = "sha256-UQ4PwO4D1kw7JOMf6xSaRBfT822KwrvWBPDmaQjkRVQ="; + hash = "sha256-FLOqXDpSFyClBlG5u3IRL0EKeu1mckCfRizJh++IWxo="; }; pythonEnv = From 48a47a63596200a62eb633e08d534a3420f426ce Mon Sep 17 00:00:00 2001 From: Alexander Shpilkin Date: Tue, 12 Dec 2023 18:41:08 +0200 Subject: [PATCH 02/35] parlatype: 3.1 -> 4.0 --- pkgs/applications/audio/parlatype/default.nix | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/pkgs/applications/audio/parlatype/default.nix b/pkgs/applications/audio/parlatype/default.nix index 6aa92a3a99fa..23fb4380a2e5 100644 --- a/pkgs/applications/audio/parlatype/default.nix +++ b/pkgs/applications/audio/parlatype/default.nix @@ -2,14 +2,11 @@ , stdenv , fetchFromGitHub , appstream-glib -, dbus , desktop-file-utils , gettext , glib -, gobject-introspection -, gsettings-desktop-schemas , gst_all_1 -, gtk3 +, gtk4 , hicolor-icon-theme , isocodes , itstool @@ -23,20 +20,19 @@ stdenv.mkDerivation rec { pname = "parlatype"; - version = "3.1"; + version = "4.0"; src = fetchFromGitHub { owner = "gkarsay"; repo = pname; rev = "v${version}"; - sha256 = "1a4xlsbszb50vnz1g7kf7hl7aywp7s7xaravkcx13csn0a7l3x45"; + sha256 = "1iyjxss6sgc9gx6ij30zz97bl31qix8pxklzn4kknh1b0j7hhbwq"; }; nativeBuildInputs = [ appstream-glib desktop-file-utils gettext - gobject-introspection itstool libxml2 meson @@ -47,16 +43,14 @@ stdenv.mkDerivation rec { ]; buildInputs = [ - dbus glib - gsettings-desktop-schemas gst_all_1.gst-libav gst_all_1.gst-plugins-bad gst_all_1.gst-plugins-base gst_all_1.gst-plugins-good gst_all_1.gst-plugins-ugly gst_all_1.gstreamer - gtk3 + gtk4 hicolor-icon-theme isocodes ]; From 2c34e78fdc6ab8e54720c7779d9b910ef7681885 Mon Sep 17 00:00:00 2001 From: Thomas Gerbet Date: Fri, 15 Dec 2023 00:55:59 +0100 Subject: [PATCH 03/35] revanced-cli: 2.2.0 -> 4.3.0 Changes: https://github.com/ReVanced/revanced-cli/blob/v4.3.0/CHANGELOG.md --- pkgs/applications/misc/revanced-cli/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/misc/revanced-cli/default.nix b/pkgs/applications/misc/revanced-cli/default.nix index fbd1554ab924..c63e5e2ec600 100644 --- a/pkgs/applications/misc/revanced-cli/default.nix +++ b/pkgs/applications/misc/revanced-cli/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "revanced-cli"; - version = "2.22.0"; + version = "4.3.0"; src = fetchurl { url = "https://github.com/revanced/revanced-cli/releases/download/v${version}/revanced-cli-${version}-all.jar"; - hash = "sha256-jyaqkZL7aOc5WXjlomZThyaCUwKU7AyKKrgtKadUo5s="; + hash = "sha256-D/4zR5PvcZqv8yyNIzbnYnGoHDrPQAeHyrN/G4QsTB0="; }; nativeBuildInputs = [ makeWrapper ]; From 17411073a84160104bb516fc5aebb8bcb5bf0f94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Sat, 16 Dec 2023 22:27:16 +0100 Subject: [PATCH 04/35] vaultwarden.webvault: 2023.10.0 -> 2023.12.0 --- pkgs/tools/security/vaultwarden/webvault.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/tools/security/vaultwarden/webvault.nix b/pkgs/tools/security/vaultwarden/webvault.nix index 52f153b6a30d..3981366448be 100644 --- a/pkgs/tools/security/vaultwarden/webvault.nix +++ b/pkgs/tools/security/vaultwarden/webvault.nix @@ -7,13 +7,13 @@ }: let - version = "2023.10.0"; + version = "2023.12.0"; bw_web_builds = fetchFromGitHub { owner = "dani-garcia"; repo = "bw_web_builds"; rev = "v${version}"; - hash = "sha256-5vfmMJIGKyZlTQDi/t1YKAALbW/6BFAcWODfkypk/eA="; + hash = "sha256-S98Yqi0PEpMF+enP/J3x/kPEe0VhErY8BNphOXmsijg="; }; in buildNpmPackage rec { pname = "vaultwarden-webvault"; @@ -23,10 +23,10 @@ in buildNpmPackage rec { owner = "bitwarden"; repo = "clients"; rev = "web-v${lib.removeSuffix "b" version}"; - hash = "sha256-egXToXWfb9XV7JuCRBYJO4p/e+WOwMncPKz0oBgeALQ="; + hash = "sha256-eAwj7cWR/ojAMAvYg2/vtNWYTwVBCOnBJPy9mC5Td40="; }; - npmDepsHash = "sha256-iO8ZozVl1vOOqowQARnRJWSFUFnau46+dKfcMSkyU3o="; + npmDepsHash = "sha256-VW1pGG/pc2tdSs5+HfypZv9fnQu04qkoFBTJxaYvBZo="; postPatch = '' ln -s ${bw_web_builds}/{patches,resources} .. From 21b6bf5150062413c5965f2048a094e1899014fa Mon Sep 17 00:00:00 2001 From: Atemu Date: Mon, 18 Dec 2023 06:27:44 +0100 Subject: [PATCH 05/35] Revert "packages-config.nix: ignore haskellPackages.hs-mesos" This reverts commit d24b8431aaed3f7e959bef5cf155cc58a9e6be07. --- pkgs/top-level/packages-config.nix | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/pkgs/top-level/packages-config.nix b/pkgs/top-level/packages-config.nix index b1c436d1ccf2..c18360e94a4b 100644 --- a/pkgs/top-level/packages-config.nix +++ b/pkgs/top-level/packages-config.nix @@ -12,6 +12,7 @@ fdbPackages fusePackages gns3Packages + haskellPackages idrisPackages nodePackages nodePackages_latest @@ -29,15 +30,6 @@ zeroadPackages ; - haskellPackages = super.haskellPackages // { - # mesos, which this depends on, has been removed from nixpkgs. We are keeping - # the error message for now, so users will get an error message they can make - # sense of, but need to work around it here. - # TODO(@sternenseemann): remove this after branch-off of 22.05, along with the - # override in configuration-nix.nix - hs-mesos = null; - }; - # Make sure haskell.compiler is included, so alternative GHC versions show up, # but don't add haskell.packages.* since they contain the same packages (at # least by name) as haskellPackages. From 18d2012ea9a18b995d422a5913f4342ae70e53fb Mon Sep 17 00:00:00 2001 From: Heinz Deinhart Date: Tue, 19 Dec 2023 11:55:06 +0100 Subject: [PATCH 06/35] ddnet: 17.4 -> 17.4.2 https://github.com/ddnet/ddnet/compare/17.4...17.4.2 https://ddnet.org/downloads/#17.4 --- pkgs/games/ddnet/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/games/ddnet/default.nix b/pkgs/games/ddnet/default.nix index 6a6fc63e8c40..ddd3538ece50 100644 --- a/pkgs/games/ddnet/default.nix +++ b/pkgs/games/ddnet/default.nix @@ -35,19 +35,19 @@ stdenv.mkDerivation rec { pname = "ddnet"; - version = "17.4"; + version = "17.4.2"; src = fetchFromGitHub { owner = "ddnet"; repo = pname; rev = version; - hash = "sha256-VWn6fbK6f9/MwjZuFMD2LDv9erRhFnU4JEnbpYDBl70="; + hash = "sha256-cu6EmCaT8nMCcXUwvZdWog/4bvHQo9+DZHDHRvun2E4="; }; cargoDeps = rustPlatform.fetchCargoTarball { name = "${pname}-${version}"; inherit src; - hash = "sha256-ntAH78BTfPU9nMorsXzZnrZIyNWVCxmQWwwEFIFQB1c="; + hash = "sha256-O4ORWuTlmEMsTpMEhnauNfXOKWfg8hB32rZKRe8Nmp4="; }; nativeBuildInputs = [ From 1a57f50d95f509cf86c2f0b58831e590dd959eaf Mon Sep 17 00:00:00 2001 From: Pol Dellaiera Date: Tue, 19 Dec 2023 15:40:57 +0100 Subject: [PATCH 07/35] Revert "code-server: drop" This reverts commit 72911a99d34a4d290671728d40016ba5254f72fe. --- nixos/modules/module-list.nix | 1 + .../modules/services/web-apps/code-server.nix | 259 ++++++++++++++ nixos/tests/all-tests.nix | 1 + nixos/tests/code-server.nix | 22 ++ .../code-server/build-vscode-nogit.patch | 20 ++ pkgs/servers/code-server/default.nix | 327 ++++++++++++++++++ pkgs/servers/code-server/playwright.patch | 10 + .../code-server/remove-node-download.patch | 28 ++ pkgs/top-level/aliases.nix | 1 - pkgs/top-level/all-packages.nix | 7 + 10 files changed, 675 insertions(+), 1 deletion(-) create mode 100644 nixos/modules/services/web-apps/code-server.nix create mode 100644 nixos/tests/code-server.nix create mode 100644 pkgs/servers/code-server/build-vscode-nogit.patch create mode 100644 pkgs/servers/code-server/default.nix create mode 100644 pkgs/servers/code-server/playwright.patch create mode 100644 pkgs/servers/code-server/remove-node-download.patch diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 52c6fe5028f1..0560caee6704 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -1259,6 +1259,7 @@ ./services/web-apps/changedetection-io.nix ./services/web-apps/chatgpt-retrieval-plugin.nix ./services/web-apps/cloudlog.nix + ./services/web-apps/code-server.nix ./services/web-apps/convos.nix ./services/web-apps/dex.nix ./services/web-apps/discourse.nix diff --git a/nixos/modules/services/web-apps/code-server.nix b/nixos/modules/services/web-apps/code-server.nix new file mode 100644 index 000000000000..11601f6c3044 --- /dev/null +++ b/nixos/modules/services/web-apps/code-server.nix @@ -0,0 +1,259 @@ +{ config, lib, pkgs, ... }: + +let + cfg = config.services.code-server; + defaultUser = "code-server"; + defaultGroup = defaultUser; +in { + options = { + services.code-server = { + enable = lib.mkEnableOption (lib.mdDoc "code-server"); + + package = lib.mkPackageOptionMD pkgs "code-server" { + example = '' + pkgs.vscode-with-extensions.override { + vscode = pkgs.code-server; + vscodeExtensions = with pkgs.vscode-extensions; [ + bbenoist.nix + dracula-theme.theme-dracula + ]; + } + ''; + }; + + extraPackages = lib.mkOption { + default = [ ]; + description = lib.mdDoc '' + Additional packages to add to the code-server {env}`PATH`. + ''; + example = lib.literalExpression "[ pkgs.go ]"; + type = lib.types.listOf lib.types.package; + }; + + extraEnvironment = lib.mkOption { + type = lib.types.attrsOf lib.types.str; + description = lib.mdDoc '' + Additional environment variables to pass to code-server. + ''; + default = { }; + example = { PKG_CONFIG_PATH = "/run/current-system/sw/lib/pkgconfig"; }; + }; + + extraArguments = lib.mkOption { + default = [ ]; + description = lib.mdDoc '' + Additional arguments to pass to code-server. + ''; + example = lib.literalExpression ''[ "--log=info" ]''; + type = lib.types.listOf lib.types.str; + }; + + host = lib.mkOption { + default = "localhost"; + description = lib.mdDoc '' + The host name or IP address the server should listen to. + ''; + type = lib.types.str; + }; + + port = lib.mkOption { + default = 4444; + description = lib.mdDoc '' + The port the server should listen to. + ''; + type = lib.types.port; + }; + + auth = lib.mkOption { + default = "password"; + description = lib.mdDoc '' + The type of authentication to use. + ''; + type = lib.types.enum [ "none" "password" ]; + }; + + hashedPassword = lib.mkOption { + default = ""; + description = lib.mdDoc '' + Create the password with: `echo -n 'thisismypassword' | npx argon2-cli -e`. + ''; + type = lib.types.str; + }; + + user = lib.mkOption { + default = defaultUser; + example = "yourUser"; + description = lib.mdDoc '' + The user to run code-server as. + By default, a user named `${defaultUser}` will be created. + ''; + type = lib.types.str; + }; + + group = lib.mkOption { + default = defaultGroup; + example = "yourGroup"; + description = lib.mdDoc '' + The group to run code-server under. + By default, a group named `${defaultGroup}` will be created. + ''; + type = lib.types.str; + }; + + extraGroups = lib.mkOption { + default = [ ]; + description = lib.mdDoc '' + An array of additional groups for the `${defaultUser}` user. + ''; + example = [ "docker" ]; + type = lib.types.listOf lib.types.str; + }; + + socket = lib.mkOption { + default = null; + example = "/run/code-server/socket"; + description = lib.mdDoc '' + Path to a socket (bind-addr will be ignored). + ''; + type = lib.types.nullOr lib.types.str; + }; + + socketMode = lib.mkOption { + default = null; + description = lib.mdDoc '' + File mode of the socket. + ''; + type = lib.types.nullOr lib.types.str; + }; + + userDataDir = lib.mkOption { + default = null; + description = lib.mdDoc '' + Path to the user data directory. + ''; + type = lib.types.nullOr lib.types.str; + }; + + extensionsDir = lib.mkOption { + default = null; + description = lib.mdDoc '' + Path to the extensions directory. + ''; + type = lib.types.nullOr lib.types.str; + }; + + proxyDomain = lib.mkOption { + default = null; + example = "code-server.lan"; + description = lib.mdDoc '' + Domain used for proxying ports. + ''; + type = lib.types.nullOr lib.types.str; + }; + + disableTelemetry = lib.mkOption { + default = false; + example = true; + description = lib.mdDoc '' + Disable telemetry. + ''; + type = lib.types.bool; + }; + + disableUpdateCheck = lib.mkOption { + default = false; + example = true; + description = lib.mdDoc '' + Disable update check. + Without this flag, code-server checks every 6 hours against the latest github release and + then notifies you once every week that a new release is available. + ''; + type = lib.types.bool; + }; + + disableFileDownloads = lib.mkOption { + default = false; + example = true; + description = lib.mdDoc '' + Disable file downloads from Code. + ''; + type = lib.types.bool; + }; + + disableWorkspaceTrust = lib.mkOption { + default = false; + example = true; + description = lib.mdDoc '' + Disable Workspace Trust feature. + ''; + type = lib.types.bool; + }; + + disableGettingStartedOverride = lib.mkOption { + default = false; + example = true; + description = lib.mdDoc '' + Disable the coder/coder override in the Help: Getting Started page. + ''; + type = lib.types.bool; + }; + + }; + }; + + config = lib.mkIf cfg.enable { + systemd.services.code-server = { + description = "Code server"; + wantedBy = [ "multi-user.target" ]; + after = [ "network-online.target" ]; + path = cfg.extraPackages; + environment = { + HASHED_PASSWORD = cfg.hashedPassword; + } // cfg.extraEnvironment; + serviceConfig = { + ExecStart = '' + ${lib.getExe cfg.package} \ + --auth=${cfg.auth} \ + --bind-addr=${cfg.host}:${toString cfg.port} \ + '' + lib.optionalString (cfg.socket != null) '' + --socket=${cfg.socket} \ + '' + lib.optionalString (cfg.userDataDir != null) '' + --user-data-dir=${cfg.userDataDir} \ + '' + lib.optionalString (cfg.extensionsDir != null) '' + --extensions-dir=${cfg.extensionsDir} \ + '' + lib.optionalString (cfg.disableTelemetry == true) '' + --disable-telemetry \ + '' + lib.optionalString (cfg.disableUpdateCheck == true) '' + --disable-update-check \ + '' + lib.optionalString (cfg.disableFileDownloads == true) '' + --disable-file-downloads \ + '' + lib.optionalString (cfg.disableWorkspaceTrust == true) '' + --disable-workspace-trust \ + '' + lib.optionalString (cfg.disableGettingStartedOverride == true) '' + --disable-getting-started-override \ + '' + lib.escapeShellArgs cfg.extraArguments; + ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; + RuntimeDirectory = cfg.user; + User = cfg.user; + Group = cfg.group; + Restart = "on-failure"; + }; + }; + + users.users."${cfg.user}" = lib.mkMerge [ + (lib.mkIf (cfg.user == defaultUser) { + isNormalUser = true; + description = "code-server user"; + inherit (cfg) group; + }) + { + packages = cfg.extraPackages; + inherit (cfg) extraGroups; + } + ]; + + users.groups."${defaultGroup}" = lib.mkIf (cfg.group == defaultGroup) { }; + }; + + meta.maintainers = [ lib.maintainers.stackshadow ]; +} diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 40b7dd83ddb4..1c0c7c538086 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -198,6 +198,7 @@ in { cntr = handleTestOn ["aarch64-linux" "x86_64-linux"] ./cntr.nix {}; cockpit = handleTest ./cockpit.nix {}; cockroachdb = handleTestOn ["x86_64-linux"] ./cockroachdb.nix {}; + code-server = handleTest ./code-server.nix {}; coder = handleTest ./coder.nix {}; collectd = handleTest ./collectd.nix {}; connman = handleTest ./connman.nix {}; diff --git a/nixos/tests/code-server.nix b/nixos/tests/code-server.nix new file mode 100644 index 000000000000..7d523dfc617e --- /dev/null +++ b/nixos/tests/code-server.nix @@ -0,0 +1,22 @@ +import ./make-test-python.nix ({pkgs, lib, ...}: +{ + name = "code-server"; + + nodes = { + machine = {pkgs, ...}: { + services.code-server = { + enable = true; + auth = "none"; + }; + }; + }; + + testScript = '' + start_all() + machine.wait_for_unit("code-server.service") + machine.wait_for_open_port(4444) + machine.succeed("curl -k --fail http://localhost:4444", timeout=10) + ''; + + meta.maintainers = [ lib.maintainers.drupol ]; +}) diff --git a/pkgs/servers/code-server/build-vscode-nogit.patch b/pkgs/servers/code-server/build-vscode-nogit.patch new file mode 100644 index 000000000000..ec726c68d438 --- /dev/null +++ b/pkgs/servers/code-server/build-vscode-nogit.patch @@ -0,0 +1,20 @@ +diff --git a/ci/build/build-vscode.sh b/ci/build/build-vscode.sh +index a72549fb..3aed1ad5 100755 +--- a/ci/build/build-vscode.sh ++++ b/ci/build/build-vscode.sh +@@ -58,7 +58,6 @@ main() { + # telemetry available; telemetry can still be disabled by flag or setting). + # This needs to be done before building as Code will read this file and embed + # it into the client-side code. +- git checkout product.json # Reset in case the script exited early. + cp product.json product.original.json # Since jq has no inline edit. + jq --slurp '.[0] * .[1]' product.original.json <( + cat << EOF +@@ -105,7 +104,6 @@ EOF + # Reset so if you develop after building you will not be stuck with the wrong + # commit (the dev client will use `oss-dev` but the dev server will still use + # product.json which will have `stable-$commit`). +- git checkout product.json + + popd + diff --git a/pkgs/servers/code-server/default.nix b/pkgs/servers/code-server/default.nix new file mode 100644 index 000000000000..0c5cb2310852 --- /dev/null +++ b/pkgs/servers/code-server/default.nix @@ -0,0 +1,327 @@ +{ lib +, stdenv +, fetchFromGitHub +, buildGoModule +, makeWrapper +, cacert +, moreutils +, jq +, git +, rsync +, pkg-config +, yarn +, python3 +, esbuild +, nodejs +, node-gyp +, libsecret +, xorg +, ripgrep +, AppKit +, Cocoa +, CoreServices +, Security +, cctools +, xcbuild +, quilt +, nixosTests +}: + +let + system = stdenv.hostPlatform.system; + + python = python3; + yarn' = yarn.override { inherit nodejs; }; + defaultYarnOpts = [ ]; + + esbuild' = esbuild.override { + buildGoModule = args: buildGoModule (args // rec { + version = "0.16.17"; + src = fetchFromGitHub { + owner = "evanw"; + repo = "esbuild"; + rev = "v${version}"; + hash = "sha256-8L8h0FaexNsb3Mj6/ohA37nYLFogo5wXkAhGztGUUsQ="; + }; + vendorHash = "sha256-+BfxCyg0KkDQpHt/wycy/8CTG6YBA/VJvJFhhzUnSiQ="; + }); + }; + + # replaces esbuild's download script with a binary from nixpkgs + patchEsbuild = path: version: '' + mkdir -p ${path}/node_modules/esbuild/bin + jq "del(.scripts.postinstall)" ${path}/node_modules/esbuild/package.json | sponge ${path}/node_modules/esbuild/package.json + sed -i 's/${version}/${esbuild'.version}/g' ${path}/node_modules/esbuild/lib/main.js + ln -s -f ${esbuild'}/bin/esbuild ${path}/node_modules/esbuild/bin/esbuild + ''; + + # Comment from @code-asher, the code-server maintainer + # See https://github.com/NixOS/nixpkgs/pull/240001#discussion_r1244303617 + # + # If the commit is missing it will break display languages (Japanese, Spanish, + # etc). For some reason VS Code has a hard dependency on the commit being set + # for that functionality. + # The commit is also used in cache busting. Without the commit you could run + # into issues where the browser is loading old versions of assets from the + # cache. + # Lastly, it can be helpful for the commit to be accurate in bug reports + # especially when they are built outside of our CI as sometimes the version + # numbers can be unreliable (since they are arbitrarily provided). + # + # To compute the commit when upgrading this derivation, do: + # `$ git rev-parse ` where is the git revision of the `src` + # Example: `$ git rev-parse v4.16.1` + commit = "94ef3776ad7bebfb5780dfc9632e04d20d5c9a6c"; +in +stdenv.mkDerivation (finalAttrs: { + pname = "code-server"; + version = "4.16.1"; + + src = fetchFromGitHub { + owner = "coder"; + repo = "code-server"; + rev = "v${finalAttrs.version}"; + fetchSubmodules = true; + hash = "sha256-h4AooHHKV/EfN2S1z7CQKqnYW3uA3sKhSW4senlzjxI="; + }; + + yarnCache = stdenv.mkDerivation { + name = "${finalAttrs.pname}-${finalAttrs.version}-${system}-yarn-cache"; + inherit (finalAttrs) src; + + nativeBuildInputs = [ yarn' git cacert ]; + + buildPhase = '' + runHook preBuild + + export HOME=$PWD + export GIT_SSL_CAINFO="${cacert}/etc/ssl/certs/ca-bundle.crt" + + yarn --cwd "./vendor" install --modules-folder modules --ignore-scripts --frozen-lockfile + + yarn config set yarn-offline-mirror $out + find "$PWD" -name "yarn.lock" -printf "%h\n" | \ + xargs -I {} yarn --cwd {} \ + --frozen-lockfile --ignore-scripts --ignore-platform \ + --ignore-engines --no-progress --non-interactive + + find ./lib/vscode -name "yarn.lock" -printf "%h\n" | \ + xargs -I {} yarn --cwd {} \ + --ignore-scripts --ignore-engines + + runHook postBuild + ''; + + outputHashMode = "recursive"; + outputHashAlgo = "sha256"; + outputHash = "sha256-vkju+oxEYrEXFAnjz/Mf1g0ZhxBALLAaRuWE0swSWwM="; + }; + + nativeBuildInputs = [ + nodejs + yarn' + python + pkg-config + makeWrapper + git + rsync + jq + moreutils + quilt + ]; + + buildInputs = lib.optionals (!stdenv.isDarwin) [ libsecret ] + ++ (with xorg; [ libX11 libxkbfile ]) + ++ lib.optionals stdenv.isDarwin [ + AppKit + Cocoa + CoreServices + Security + cctools + xcbuild + ]; + + patches = [ + # Remove all git calls from the VS Code build script except `git rev-parse + # HEAD` which is replaced in postPatch with the commit. + ./build-vscode-nogit.patch + ]; + + postPatch = '' + export HOME=$PWD + + patchShebangs ./ci + + # inject git commit + substituteInPlace ./ci/build/build-vscode.sh \ + --replace '$(git rev-parse HEAD)' "${commit}" + substituteInPlace ./ci/build/build-release.sh \ + --replace '$(git rev-parse HEAD)' "${commit}" + ''; + + configurePhase = '' + runHook preConfigure + + # run yarn offline by default + echo '--install.offline true' >> .yarnrc + + # set default yarn opts + ${lib.concatMapStrings (option: '' + yarn --offline config set ${option} + '') defaultYarnOpts} + + # set offline mirror to yarn cache we created in previous steps + yarn --offline config set yarn-offline-mirror "${finalAttrs.yarnCache}" + + # skip unnecessary electron download + export ELECTRON_SKIP_BINARY_DOWNLOAD=1 + + # set nodedir to prevent node-gyp from downloading headers + # taken from https://nixos.org/manual/nixpkgs/stable/#javascript-tool-specific + mkdir -p $HOME/.node-gyp/${nodejs.version} + echo 9 > $HOME/.node-gyp/${nodejs.version}/installVersion + ln -sfv ${nodejs}/include $HOME/.node-gyp/${nodejs.version} + export npm_config_nodedir=${nodejs} + + # use updated node-gyp. fixes the following error on Darwin: + # PermissionError: [Errno 1] Operation not permitted: '/usr/sbin/pkgutil' + export npm_config_node_gyp=${node-gyp}/lib/node_modules/node-gyp/bin/node-gyp.js + + runHook postConfigure + ''; + + buildPhase = '' + runHook preBuild + + # install code-server dependencies + yarn --offline --ignore-scripts + + # apply patches + quilt push -a + + # patch shebangs of everything to allow binary packages to build + patchShebangs . + + export PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1 + export SKIP_SUBMODULE_DEPS=1 + export NODE_OPTIONS=--openssl-legacy-provider + + # rebuild binary packages now that scripts have been patched + echo "----- NPM rebuild" + npm rebuild --prefer-offline + + # Replicate ci/dev/postinstall.sh + echo "----- Replicate ci/dev/postinstall.sh" + yarn --cwd "./vendor" install --modules-folder modules --offline --ignore-scripts --frozen-lockfile + + # remove all built-in extensions, as these are 3rd party extensions that + # get downloaded from vscode marketplace + jq --slurp '.[0] * .[1]' "./lib/vscode/product.json" <( + cat << EOF + { + "builtInExtensions": [] + } + EOF + ) | sponge ./lib/vscode/product.json + + # disable automatic updates + sed -i '/update.mode/,/\}/{s/default:.*/default: "none",/g}' \ + lib/vscode/src/vs/platform/update/common/update.config.contribution.ts + + # Patch out remote download of nodejs from build script + patch -p1 -i ${./remove-node-download.patch} + + # Fetch packages for vscode + find ./lib/vscode -name "yarn.lock" -printf "%h\n" | \ + xargs -I {} yarn --cwd {} \ + --frozen-lockfile --ignore-scripts --ignore-engines + + # patch shebangs of everything to allow binary packages to build + patchShebangs . + + ${patchEsbuild "./lib/vscode/build" "0.12.6"} + ${patchEsbuild "./lib/vscode/extensions" "0.11.23"} + '' + lib.optionalString stdenv.isDarwin '' + # use prebuilt binary for @parcel/watcher, which requires macOS SDK 10.13+ + # (see issue #101229) + pushd ./lib/vscode/remote/node_modules/@parcel/watcher + mkdir -p ./build/Release + mv ./prebuilds/darwin-x64/node.napi.glibc.node ./build/Release/watcher.node + jq "del(.scripts) | .gypfile = false" ./package.json | sponge ./package.json + popd + '' + '' + + # put ripgrep binary into bin, so postinstall does not try to download it + find -name ripgrep -type d \ + -execdir mkdir -p {}/bin \; \ + -execdir ln -s ${ripgrep}/bin/rg {}/bin/rg \; + + # run postinstall scripts after patching + find ./lib/vscode \( -path "*/node_modules/*" -or -path "*/extensions/*" \) \ + -and -type f -name "yarn.lock" -printf "%h\n" | \ + xargs -I {} sh -c 'jq -e ".scripts.postinstall" {}/package.json >/dev/null && yarn --cwd {} postinstall --frozen-lockfile --offline || true' + + # build code-server + yarn build + + # build vscode + VERSION=${finalAttrs.version} yarn build:vscode + + # inject version into package.json + jq --slurp '.[0] * .[1]' ./package.json <( + cat << EOF + { + "version": "${finalAttrs.version}" + } + EOF + ) | sponge ./package.json + + # create release + yarn release + + runHook postBuild + ''; + + installPhase = '' + runHook preInstall + + mkdir -p $out/libexec/code-server $out/bin + + # copy release to libexec path + cp -R -T release "$out/libexec/code-server" + + # install only production dependencies + yarn --offline --cwd "$out/libexec/code-server" --production + + # create wrapper + makeWrapper "${nodejs}/bin/node" "$out/bin/code-server" \ + --add-flags "$out/libexec/code-server/out/node/entry.js" + + runHook postInstall + ''; + + passthru = { + prefetchYarnCache = lib.overrideDerivation finalAttrs.yarnCache (d: { + outputHash = lib.fakeSha256; + }); + tests = { + inherit (nixosTests) code-server; + }; + # vscode-with-extensions compatibility + executableName = "code-server"; + longName = "Visual Studio Code Server"; + }; + + meta = { + description = "Run VS Code on a remote server"; + longDescription = '' + code-server is VS Code running on a remote server, accessible through the + browser. + ''; + homepage = "https://github.com/coder/code-server"; + license = lib.licenses.mit; + maintainers = with lib.maintainers; [ offline henkery code-asher ]; + platforms = [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" ]; + mainProgram = "code-server"; + }; +}) diff --git a/pkgs/servers/code-server/playwright.patch b/pkgs/servers/code-server/playwright.patch new file mode 100644 index 000000000000..95a74748189d --- /dev/null +++ b/pkgs/servers/code-server/playwright.patch @@ -0,0 +1,10 @@ +--- ./vendor/modules/code-oss-dev/node_modules/playwright/install.js ++++ ./vendor/modules/code-oss-dev/node_modules/playwright/install.js +@@ -14,6 +14,4 @@ + * limitations under the License. + */ + +-const { installDefaultBrowsersForNpmInstall } = require('playwright-core/lib/utils/registry'); +- +-installDefaultBrowsersForNpmInstall(); ++process.stdout.write('Browser install disabled by Nix build script\n'); diff --git a/pkgs/servers/code-server/remove-node-download.patch b/pkgs/servers/code-server/remove-node-download.patch new file mode 100644 index 000000000000..d19d4a2b5bf7 --- /dev/null +++ b/pkgs/servers/code-server/remove-node-download.patch @@ -0,0 +1,28 @@ +--- ./lib/vscode/build/gulpfile.reh.js ++++ ./lib/vscode/build/gulpfile.reh.js +@@ -268,9 +268,6 @@ + .pipe(util.stripSourceMappingURL()) + .pipe(jsFilter.restore); + +- const nodePath = `.build/node/v${nodeVersion}/${platform}-${arch}`; +- const node = gulp.src(`${nodePath}/**`, { base: nodePath, dot: true }); +- + let web = []; + if (type === 'reh-web') { + web = [ +@@ -287,7 +284,6 @@ + license, + sources, + deps, +- node, + ...web + ); + +@@ -385,7 +381,6 @@ + const destinationFolderName = `vscode-${type}${dashed(platform)}${dashed(arch)}`; + + const serverTaskCI = task.define(`vscode-${type}${dashed(platform)}${dashed(arch)}${dashed(minified)}-ci`, task.series( +- gulp.task(`node-${platform}-${arch}`), + util.rimraf(path.join(BUILD_ROOT, destinationFolderName)), + packageTask(type, platform, arch, sourceFolderName, destinationFolderName) + )); diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index 8fa94e82377a..f033921cde5d 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -156,7 +156,6 @@ mapAliases ({ claws-mail-gtk3 = claws-mail; # Added 2021-07-10 clucene_core_1 = throw "'clucene_core_1' has been renamed to/replaced by 'clucene_core'"; # Added 2023-12-09 cntk = throw "'cntk' has been removed from nixpkgs, as it was broken and unmaintained"; # Added 2023-10-09 - code-server = throw "'code-server' has been removed from nixpkgs, as it was depending on EOL Node.js and is unmaintained."; # Added 2023-10-30 codimd = hedgedoc; # Added 2020-11-29 inherit (libsForQt5.mauiPackages) communicator; # added 2022-05-17 compton = throw "'compton' has been renamed to/replaced by 'picom'"; # Converted to throw 2023-09-10 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 60b5802a02a5..cf6ad1c0c527 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -36357,6 +36357,13 @@ with pkgs; inherit (nodePackages) node-gyp; }; + code-server = callPackage ../servers/code-server { + nodejs = nodejs_16; + inherit (darwin.apple_sdk.frameworks) AppKit Cocoa CoreServices Security; + inherit (darwin) cctools; + inherit (nodePackages) node-gyp; + }; + vue = callPackage ../applications/misc/vue { }; vuze = callPackage ../applications/networking/p2p/vuze { From bc32f4eb33f976b8473819b0e5bee6bf6af8fd6a Mon Sep 17 00:00:00 2001 From: Bryan Lai Date: Tue, 12 Dec 2023 01:18:39 +0800 Subject: [PATCH 08/35] maintainers: add @bryango Checked with: - nix eval --file maintainers/scripts/check-maintainers-sorted.nix - nix build --file lib/tests/maintainers.nix --print-out-paths --no-link --- maintainers/maintainer-list.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index 31948d66d50b..51adf62424f1 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -2722,6 +2722,12 @@ githubId = 53131727; name = "Bryan Albuquerque"; }; + bryango = { + name = "Bryan Lai"; + email = "bryanlais@gmail.com"; + github = "bryango"; + githubId = 26322692; + }; bryanhonof = { name = "Bryan Honof"; email = "bryanhonof@gmail.com"; From 22a04165228be086312c00497eacb62a01bb7776 Mon Sep 17 00:00:00 2001 From: Pol Dellaiera Date: Tue, 19 Dec 2023 16:02:36 +0100 Subject: [PATCH 09/35] code-server: 4.16.1 -> 4.19.1 --- pkgs/servers/code-server/default.nix | 8 ++++---- pkgs/top-level/all-packages.nix | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/servers/code-server/default.nix b/pkgs/servers/code-server/default.nix index 0c5cb2310852..7c038451b7c7 100644 --- a/pkgs/servers/code-server/default.nix +++ b/pkgs/servers/code-server/default.nix @@ -71,18 +71,18 @@ let # To compute the commit when upgrading this derivation, do: # `$ git rev-parse ` where is the git revision of the `src` # Example: `$ git rev-parse v4.16.1` - commit = "94ef3776ad7bebfb5780dfc9632e04d20d5c9a6c"; + commit = "0c98611e6b43803a9d5dba222d7023b569abfb49"; in stdenv.mkDerivation (finalAttrs: { pname = "code-server"; - version = "4.16.1"; + version = "4.19.1"; src = fetchFromGitHub { owner = "coder"; repo = "code-server"; rev = "v${finalAttrs.version}"; fetchSubmodules = true; - hash = "sha256-h4AooHHKV/EfN2S1z7CQKqnYW3uA3sKhSW4senlzjxI="; + hash = "sha256-J+6zuqVf1YKQjiRiqO4867DEwYzZsgQYgbsRXPo2hwY="; }; yarnCache = stdenv.mkDerivation { @@ -114,7 +114,7 @@ stdenv.mkDerivation (finalAttrs: { outputHashMode = "recursive"; outputHashAlgo = "sha256"; - outputHash = "sha256-vkju+oxEYrEXFAnjz/Mf1g0ZhxBALLAaRuWE0swSWwM="; + outputHash = "sha256-g2rwB+PuWuYgrzIuW0ngia7cdPMC8s7ffBEkbmPPzB4="; }; nativeBuildInputs = [ diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index cf6ad1c0c527..255973e38068 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -36358,7 +36358,7 @@ with pkgs; }; code-server = callPackage ../servers/code-server { - nodejs = nodejs_16; + nodejs = nodejs_18; inherit (darwin.apple_sdk.frameworks) AppKit Cocoa CoreServices Security; inherit (darwin) cctools; inherit (nodePackages) node-gyp; From 4e4af56408f570830340af92236e58ae329d1bc4 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 19 Dec 2023 17:52:08 +0000 Subject: [PATCH 10/35] python310Packages.google-cloud-bigquery-logging: 1.3.0 -> 1.4.0 --- .../python-modules/google-cloud-bigquery-logging/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/google-cloud-bigquery-logging/default.nix b/pkgs/development/python-modules/google-cloud-bigquery-logging/default.nix index 578990f30905..4bfd7e30ddc1 100644 --- a/pkgs/development/python-modules/google-cloud-bigquery-logging/default.nix +++ b/pkgs/development/python-modules/google-cloud-bigquery-logging/default.nix @@ -13,14 +13,14 @@ buildPythonPackage rec { pname = "google-cloud-bigquery-logging"; - version = "1.3.0"; + version = "1.4.0"; format = "setuptools"; disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - hash = "sha256-7hj42cr9BKwSBEX09kZPngAUPFPrQ/VS5hBzbAaQhH4="; + hash = "sha256-4pl7cT8bLy0y3ntYt1qO027KF7yokHun5lGZHWnBkUw="; }; propagatedBuildInputs = [ From 3869ba41274265150be6f9e233ae5f8f35f867ee Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Sat, 16 Dec 2023 03:01:03 +0100 Subject: [PATCH 11/35] workflows/check-by-name: Move tool fetching into script This part of the CI can also be reproduced locally --- .github/workflows/check-by-name.yml | 36 +-------------- .../scripts/fetch-tool.sh | 45 +++++++++++++++++++ 2 files changed, 47 insertions(+), 34 deletions(-) create mode 100755 pkgs/test/nixpkgs-check-by-name/scripts/fetch-tool.sh diff --git a/.github/workflows/check-by-name.yml b/.github/workflows/check-by-name.yml index 294775fa1c8e..43237d36bee1 100644 --- a/.github/workflows/check-by-name.yml +++ b/.github/workflows/check-by-name.yml @@ -79,40 +79,8 @@ jobs: echo "headSha=$(git rev-parse HEAD^2)" >> "$GITHUB_ENV" - uses: cachix/install-nix-action@7ac1ec25491415c381d9b62f0657c7a028df52a7 # v24 - - name: Determining channel to use for dependencies - run: | - echo "Determining the preferred channel to use for PR base branch $GITHUB_BASE_REF" - if [[ "$GITHUB_BASE_REF" =~ ^(release|staging|staging-next)-([0-9][0-9]\.[0-9][0-9])$ ]]; then - # Use the release channel for all PRs to release-XX.YY, staging-XX.YY and staging-next-XX.YY - channel=nixos-${BASH_REMATCH[2]} - echo "PR is for a release branch, preferred channel is $channel" - else - # Use the nixos-unstable channel for all other PRs - channel=nixos-unstable - echo "PR is for a non-release branch, preferred channel is $channel" - fi - # Check that the channel exists. It doesn't exist for fresh release branches - if ! curl -fSs "https://channels.nixos.org/$channel"; then - # Fall back to nixos-unstable, makes sense for fresh release branches - echo "Preferred channel $channel could not be fetched, falling back to nixos-unstable" - channel=nixos-unstable - fi - echo "channel=$channel" >> "$GITHUB_ENV" - - name: Fetching latest version of channel - run: | - echo "Fetching latest version of channel $channel" - # This is probably the easiest way to get Nix to output the path to a downloaded channel! - nixpkgs=$(nix-instantiate --find-file nixpkgs -I nixpkgs=channel:"$channel") - # This file only exists in channels - rev=$(<"$nixpkgs"/.git-revision) - echo "Channel $channel is at revision $rev" - echo "nixpkgs=$nixpkgs" >> "$GITHUB_ENV" - echo "rev=$rev" >> "$GITHUB_ENV" - - name: Fetching pre-built nixpkgs-check-by-name from the channel - run: | - echo "Fetching pre-built nixpkgs-check-by-name from channel $channel at revision $rev" - # Passing --max-jobs 0 makes sure that we won't build anything - nix-build "$nixpkgs" -A tests.nixpkgs-check-by-name --max-jobs 0 + - name: Fetching the tool + run: pkgs/test/nixpkgs-check-by-name/scripts/fetch-tool.sh "$GITHUB_BASE_REF" result - name: Running nixpkgs-check-by-name run: | echo "Checking whether the check succeeds on the base branch $GITHUB_BASE_REF" diff --git a/pkgs/test/nixpkgs-check-by-name/scripts/fetch-tool.sh b/pkgs/test/nixpkgs-check-by-name/scripts/fetch-tool.sh new file mode 100755 index 000000000000..fc4df11e747e --- /dev/null +++ b/pkgs/test/nixpkgs-check-by-name/scripts/fetch-tool.sh @@ -0,0 +1,45 @@ +#!/usr/bin/env bash +# Fetches the prebuilt nixpkgs-check-by-name to use from +# the NixOS channel corresponding to the given base branch + +set -euo pipefail + +if (( $# < 2 )); then + echo >&2 "Usage: $0 BASE_BRANCH OUTPUT_PATH" + echo >&2 "BASE_BRANCH: The base branch to use, e.g. master or release-23.11" + echo >&2 "OUTPUT_PATH: The output symlink path for the tool" + exit 1 +fi +baseBranch=$1 +output=$2 + +echo >&2 -n "Determining the channel to use for PR base branch $baseBranch.. " +if [[ "$baseBranch" =~ ^(release|staging|staging-next)-([0-9][0-9]\.[0-9][0-9])$ ]]; then + # Use the release channel for all PRs to release-XX.YY, staging-XX.YY and staging-next-XX.YY + preferredChannel=nixos-${BASH_REMATCH[2]} +else + # Use the nixos-unstable channel for all other PRs + preferredChannel=nixos-unstable +fi + +# Check that the channel exists. It doesn't exist for fresh release branches +if curl -fSs "https://channels.nixos.org/$preferredChannel"; then + channel=$preferredChannel + echo >&2 "$channel" +else + # Fall back to nixos-unstable, makes sense for fresh release branches + channel=nixos-unstable + echo >&2 -e "\e[33mWarning: Preferred channel $preferredChannel could not be fetched, using fallback: $channel\e[0m" +fi + +echo >&2 -n "Fetching latest version of channel $channel.. " +# This is probably the easiest way to get Nix to output the path to a downloaded channel! +nixpkgs=$(nix-instantiate --find-file nixpkgs -I nixpkgs=channel:"$channel") +echo >&2 "$nixpkgs" + +# This file only exists in channels +echo >&2 -e "Git revision of channel $channel is \e[34m$(<"$nixpkgs/.git-revision")\e[0m" + +echo >&2 -n "Fetching the prebuilt version of nixpkgs-check-by-name.. " +nix-build -o "$output" "$nixpkgs" -A tests.nixpkgs-check-by-name -j 0 >/dev/null +realpath >&2 "$output" From c6267887db1379c3854c4f604b121b6ff7560a7a Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Sat, 16 Dec 2023 03:02:33 +0100 Subject: [PATCH 12/35] workflows/check-by-name: Why the mergeability check needs to be inline --- .github/workflows/check-by-name.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/check-by-name.yml b/.github/workflows/check-by-name.yml index 43237d36bee1..0fce2c37746c 100644 --- a/.github/workflows/check-by-name.yml +++ b/.github/workflows/check-by-name.yml @@ -20,6 +20,9 @@ jobs: # The default of 6 hours is definitely too long timeout-minutes: 10 steps: + # This step has to be in this file, + # because it's needed to determine which revision of the repository to fetch, + # and we can only use other files from the repository once it's fetched. - name: Resolving the merge commit env: GH_TOKEN: ${{ github.token }} From d9c62652be7e305cd61b7cefaa70b8f72dda8cfb Mon Sep 17 00:00:00 2001 From: Bryan Lai Date: Sat, 9 Dec 2023 16:20:18 +0800 Subject: [PATCH 13/35] biber-for-tectonic: init at 2.17 The `tectonic` package depends on a version of `biber` that is generally different from the one in the nixpkgs `texlive` bundle. This package provides an override of biber suitable for use with tectonic. For biber<=2.17 on perl>=5.36.0 a patch is needed. This is recovered from a previous nixpkgs commit: https://github.com/NixOS/nixpkgs/commit/c784cdbf6b98e3e3aefb678b6ee8309cbb8bee15 Co-authored-by: Mauricio Collares Co-authored-by: Doron Behar --- pkgs/tools/typesetting/tectonic/biber.nix | 54 +++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 + 2 files changed, 56 insertions(+) create mode 100644 pkgs/tools/typesetting/tectonic/biber.nix diff --git a/pkgs/tools/typesetting/tectonic/biber.nix b/pkgs/tools/typesetting/tectonic/biber.nix new file mode 100644 index 000000000000..9798c1471667 --- /dev/null +++ b/pkgs/tools/typesetting/tectonic/biber.nix @@ -0,0 +1,54 @@ +/* + This package, `biber-for-tectonic`, provides a compatible version of `biber` + as an optional runtime dependency of `tectonic`. + + The development of tectonic is slowing down recently, such that its `biber` + dependency has been lagging behind the one in the nixpkgs `texlive` bundle. + See: + + https://github.com/tectonic-typesetting/tectonic/discussions/1122 + + It is now feasible to track the biber dependency in nixpkgs, as the + version bump is not very frequent, and it would provide a more complete + user experience of tectonic in nixpkgs. +*/ + +{ lib +, fetchFromGitHub +, fetchpatch +, biber +}: + +let version = "2.17"; in ( + biber.override { + /* + It is necessary to first override the `version` data here, which is + passed to `buildPerlModule`, and then to `mkDerivation`. + + If we simply do `biber.overrideAttrs` the resulting package `name` + would be incorrect, since it has already been preprocessed by + `buildPerlModule`. + */ + texlive.pkgs.biber.texsource = { + inherit version; + inherit (biber) pname meta; + }; + } +).overrideAttrs (prevAttrs: { + src = fetchFromGitHub { + owner = "plk"; + repo = "biber"; + rev = "v${version}"; + hash = "sha256-Tt2sN2b2NGxcWyZDj5uXNGC8phJwFRiyH72n3yhFCi0="; + }; + patches = [ + # Perl>=5.36.0 compatibility + (fetchpatch { + url = "https://patch-diff.githubusercontent.com/raw/plk/biber/pull/411.patch"; + hash = "sha256-osgldRVfe3jnMSOMnAMQSB0Ymc1s7J6KtM2ig3c93SE="; + }) + ]; + meta = prevAttrs.meta // { + maintainers = with lib.maintainers; [ doronbehar bryango ]; + }; +}) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 6dc814930760..8a0c052fda09 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -6689,6 +6689,8 @@ with pkgs; biber = callPackage ../tools/typesetting/biber { }; + biber-for-tectonic = callPackage ../tools/typesetting/tectonic/biber.nix { }; + biber-ms = callPackage ../tools/typesetting/biber-ms { }; biblatex-check = callPackage ../tools/typesetting/biblatex-check { }; From 92238ac52d13f6af1158eb8ae0b1132c79cdef33 Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Sat, 16 Dec 2023 03:13:12 +0100 Subject: [PATCH 14/35] tests.nixpkgs-check-by-name: Create script to run locally Due to the check soon depending on the base branch (see `--base`), the CI check can't reasonably share all code with a local check. We can still make a script to run it locally, just not sharing all code. --- pkgs/by-name/README.md | 11 ++-- .../scripts/run-local.sh | 66 +++++++++++++++++++ 2 files changed, 71 insertions(+), 6 deletions(-) create mode 100755 pkgs/test/nixpkgs-check-by-name/scripts/run-local.sh diff --git a/pkgs/by-name/README.md b/pkgs/by-name/README.md index a7cdc57201df..948003bb5573 100644 --- a/pkgs/by-name/README.md +++ b/pkgs/by-name/README.md @@ -112,12 +112,11 @@ There's some limitations as to which packages can be defined using this structur CI performs [certain checks](../test/nixpkgs-check-by-name/README.md#validity-checks) on the `pkgs/by-name` structure. This is done using the [`nixpkgs-check-by-name` tool](../test/nixpkgs-check-by-name). -The version of this tool used is the one that corresponds to the NixOS channel of the PR base branch. -See [here](../../.github/workflows/check-by-name.yml) for details. -The tool can be run locally using +You can locally emulate the CI check using -```bash -nix-build -A tests.nixpkgs-check-by-name -result/bin/nixpkgs-check-by-name . ``` +$ ./pkgs/test/nixpkgs-check-by-name/scripts/run-local.sh master +``` + +See [here](../../.github/workflows/check-by-name.yml) for more info. diff --git a/pkgs/test/nixpkgs-check-by-name/scripts/run-local.sh b/pkgs/test/nixpkgs-check-by-name/scripts/run-local.sh new file mode 100755 index 000000000000..a1debe73f8ad --- /dev/null +++ b/pkgs/test/nixpkgs-check-by-name/scripts/run-local.sh @@ -0,0 +1,66 @@ +#!/usr/bin/env bash +# shellcheck disable=SC2016 + +set -euo pipefail + +cleanup_commands=() +cleanup() { + echo -n >&2 "Cleaning up.. " + # Run all cleanup commands in inverse order + for (( i=${#cleanup_commands[@]}-1; i>=0; i-- )); do + eval "${cleanup_commands[i]}" + done + echo >&2 "Done" +} +trap cleanup exit + +tmp=$(mktemp -d) +cleanup_commands+=('rmdir "$tmp"') + +repo=https://github.com/NixOS/nixpkgs.git + +if (( $# != 0 )); then + baseBranch=$1 + shift +else + echo >&2 "Usage: $0 BASE_BRANCH [REPOSITORY]" + echo >&2 "BASE_BRANCH: The base branch to use, e.g. master or release-23.11" + echo >&2 "REPOSITORY: The repository to fetch the base branch from, defaults to $repo" + exit 1 +fi + +if (( $# != 0 )); then + repo=$1 + shift +fi + +if [[ -n "$(git status --porcelain)" ]]; then + echo >&2 -e "\e[33mWarning: Dirty tree, uncommitted changes won't be taken into account\e[0m" +fi +headSha=$(git rev-parse HEAD) +echo >&2 -e "Using HEAD commit \e[34m$headSha\e[0m" + +echo >&2 -n "Creating Git worktree for the HEAD commit in $tmp/merged.. " +git worktree add --detach -q "$tmp/merged" HEAD +cleanup_commands+=('git worktree remove --force "$tmp/merged"') +echo >&2 "Done" + +echo >&2 -n "Fetching base branch $baseBranch to compare against.. " +git fetch -q "$repo" refs/heads/"$baseBranch" +baseSha=$(git rev-parse FETCH_HEAD) +echo >&2 -e "\e[34m$baseSha\e[0m" + +echo >&2 -n "Creating Git worktree for the base branch in $tmp/base.. " +git worktree add -q "$tmp/base" "$baseSha" +cleanup_commands+=('git worktree remove --force "$tmp/base"') +echo >&2 "Done" + +echo >&2 -n "Merging base branch into the HEAD commit in $tmp/merged.. " +git -C "$tmp/merged" merge -q --no-edit "$baseSha" +echo >&2 -e "\e[34m$(git -C "$tmp/merged" rev-parse HEAD)\e[0m" + +"$tmp/merged/pkgs/test/nixpkgs-check-by-name/scripts/fetch-tool.sh" "$baseBranch" "$tmp/tool" +cleanup_commands+=('rm "$tmp/tool"') + +echo >&2 "Running nixpkgs-check-by-name.." +"$tmp/tool/bin/nixpkgs-check-by-name" "$tmp/merged" From 9e03178865ea627413005b3fe82d3b287209d12f Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Tue, 19 Dec 2023 23:13:11 +0100 Subject: [PATCH 15/35] tests.nixpkgs-check-by-name: Add documentation for scripts --- .../nixpkgs-check-by-name/scripts/README.md | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 pkgs/test/nixpkgs-check-by-name/scripts/README.md diff --git a/pkgs/test/nixpkgs-check-by-name/scripts/README.md b/pkgs/test/nixpkgs-check-by-name/scripts/README.md new file mode 100644 index 000000000000..41b3012b7d95 --- /dev/null +++ b/pkgs/test/nixpkgs-check-by-name/scripts/README.md @@ -0,0 +1,26 @@ +# CI-related Scripts + +This directory contains scripts used and related to the CI running the `pkgs/by-name` checks in Nixpkgs. See also the [CI GitHub Action](../../../../.github/workflows/check-by-name.yml). + +## `./run-local.sh BASE_BRANCH [REPOSITORY]` + +Runs the `pkgs/by-name` check on the HEAD commit, closely matching what CI does. + +Note that this can't do exactly the same as CI, +because CI needs to rely on GitHub's server-side Git history to compute the mergeability of PRs before the check can be started. +In turn when running locally, we don't want to have to push commits to test them, +and we can also rely on the local Git history to do the mergeability check. + +Arguments: +- `BASE_BRANCH`: The base branch to use, e.g. master or release-23.11 +- `REPOSITORY`: The repository to fetch the base branch from, defaults to https://github.com/NixOS/nixpkgs.git + +## `./fetch-tool.sh BASE_BRANCH OUTPUT_PATH` + +Fetches the Hydra-prebuilt nixpkgs-check-by-name to use from the NixOS channel corresponding to the given base branch. + +This script is used both by [`./run-local.sh`](#run-local-sh-base-branch-repository) and CI. + +Arguments: +- `BASE_BRANCH`: The base branch to use, e.g. master or release-23.11 +- `OUTPUT_PATH`: The output symlink path for the tool From 1ad45e503f3acdcb3df214b58d289511ddf2eff8 Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Sat, 16 Dec 2023 03:13:35 +0100 Subject: [PATCH 16/35] workflows/check-by-name: Slim down and prepare for --base Now that we have a script to run the check locally, there's no real need to output the information to reproduce anymore, which allows cleaning up the CI workflow. Furthermore, this prepares the CI workflow to be passed `--base`, as introduced recently. --- .github/workflows/check-by-name.yml | 92 ++++------------------------- 1 file changed, 11 insertions(+), 81 deletions(-) diff --git a/.github/workflows/check-by-name.yml b/.github/workflows/check-by-name.yml index 0fce2c37746c..c006ffc78f56 100644 --- a/.github/workflows/check-by-name.yml +++ b/.github/workflows/check-by-name.yml @@ -1,5 +1,7 @@ # Checks pkgs/by-name (see pkgs/by-name/README.md) # using the nixpkgs-check-by-name tool (see pkgs/test/nixpkgs-check-by-name) +# +# When you make changes to this workflow, also update pkgs/test/nixpkgs-check-by-name/scripts/run-local.sh adequately name: Check pkgs/by-name # The pre-built tool is fetched from a channel, @@ -75,92 +77,20 @@ jobs: ref: ${{ env.mergedSha }} # Fetches the merge commit and its parents fetch-depth: 2 - - name: Determining PR git hashes + - name: Checking out base branch run: | - # For pull_request_target this is the same as $GITHUB_SHA - echo "baseSha=$(git rev-parse HEAD^1)" >> "$GITHUB_ENV" - - echo "headSha=$(git rev-parse HEAD^2)" >> "$GITHUB_ENV" + base=$(mktemp -d) + git worktree add "$base" "$(git rev-parse HEAD^1)" + echo "base=$base" >> "$GITHUB_ENV" - uses: cachix/install-nix-action@7ac1ec25491415c381d9b62f0657c7a028df52a7 # v24 - name: Fetching the tool run: pkgs/test/nixpkgs-check-by-name/scripts/fetch-tool.sh "$GITHUB_BASE_REF" result - name: Running nixpkgs-check-by-name run: | - echo "Checking whether the check succeeds on the base branch $GITHUB_BASE_REF" - git checkout -q "$baseSha" - if baseOutput=$(result/bin/nixpkgs-check-by-name . 2>&1); then - baseSuccess=1 + if result/bin/nixpkgs-check-by-name .; then + exit 0 else - baseSuccess= + exitCode=$? + echo "To run locally: ./pkgs/test/nixpkgs-check-by-name/scripts/run-local.sh $GITHUB_BASE_REF https://github.com/$GITHUB_REPOSITORY.git" + exit "$exitCode" fi - printf "%s\n" "$baseOutput" - - echo "Checking whether the check would succeed after merging this pull request" - git checkout -q "$mergedSha" - if mergedOutput=$(result/bin/nixpkgs-check-by-name . 2>&1); then - mergedSuccess=1 - exitCode=0 - else - mergedSuccess= - exitCode=1 - fi - printf "%s\n" "$mergedOutput" - - resultToEmoji() { - if [[ -n "$1" ]]; then - echo ":heavy_check_mark:" - else - echo ":x:" - fi - } - - # Print a markdown summary in GitHub actions - { - echo "| Nixpkgs version | Check result |" - echo "| --- | --- |" - echo "| Latest base commit | $(resultToEmoji "$baseSuccess") |" - echo "| After merging this PR | $(resultToEmoji "$mergedSuccess") |" - echo "" - - if [[ -n "$baseSuccess" ]]; then - if [[ -n "$mergedSuccess" ]]; then - echo "The check succeeds on both the base branch and after merging this PR" - else - echo "The check succeeds on the base branch, but would fail after merging this PR:" - echo "\`\`\`" - echo "$mergedOutput" - echo "\`\`\`" - echo "" - fi - else - if [[ -n "$mergedSuccess" ]]; then - echo "The check fails on the base branch, but this PR fixes it, nicely done!" - else - echo "The check fails on both the base branch and after merging this PR, unknown if only this PRs changes would satisfy the check, the base branch needs to be fixed first." - echo "" - echo "Failure on the base branch:" - echo "\`\`\`" - echo "$baseOutput" - echo "\`\`\`" - echo "" - echo "Failure after merging this PR:" - echo "\`\`\`" - echo "$mergedOutput" - echo "\`\`\`" - echo "" - fi - fi - - echo "### Details" - echo "- nixpkgs-check-by-name tool:" - echo " - Channel: $channel" - echo " - Nixpkgs commit: [$rev](https://github.com/${GITHUB_REPOSITORY}/commit/$rev)" - echo " - Store path: \`$(realpath result)\`" - echo "- Tested Nixpkgs:" - echo " - Base branch: $GITHUB_BASE_REF" - echo " - Latest base branch commit: [$baseSha](https://github.com/${GITHUB_REPOSITORY}/commit/$baseSha)" - echo " - Latest PR commit: [$headSha](https://github.com/${GITHUB_REPOSITORY}/commit/$headSha)" - echo " - Merge commit: [$mergedSha](https://github.com/${GITHUB_REPOSITORY}/commit/$mergedSha)" - } >> "$GITHUB_STEP_SUMMARY" - - exit "$exitCode" From 1968beeabd763cec23ab7164342a4193214791c7 Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Tue, 19 Dec 2023 23:12:41 +0100 Subject: [PATCH 17/35] check-by-name: Pass --base in CI and local running script This enables the ratchet checks for pkgs/by-name, allowing gradual migrations! --- .github/workflows/check-by-name.yml | 2 +- pkgs/test/nixpkgs-check-by-name/scripts/run-local.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/check-by-name.yml b/.github/workflows/check-by-name.yml index c006ffc78f56..a761f6cae09b 100644 --- a/.github/workflows/check-by-name.yml +++ b/.github/workflows/check-by-name.yml @@ -87,7 +87,7 @@ jobs: run: pkgs/test/nixpkgs-check-by-name/scripts/fetch-tool.sh "$GITHUB_BASE_REF" result - name: Running nixpkgs-check-by-name run: | - if result/bin/nixpkgs-check-by-name .; then + if result/bin/nixpkgs-check-by-name --base "$base" .; then exit 0 else exitCode=$? diff --git a/pkgs/test/nixpkgs-check-by-name/scripts/run-local.sh b/pkgs/test/nixpkgs-check-by-name/scripts/run-local.sh index a1debe73f8ad..060f83469f4d 100755 --- a/pkgs/test/nixpkgs-check-by-name/scripts/run-local.sh +++ b/pkgs/test/nixpkgs-check-by-name/scripts/run-local.sh @@ -63,4 +63,4 @@ echo >&2 -e "\e[34m$(git -C "$tmp/merged" rev-parse HEAD)\e[0m" cleanup_commands+=('rm "$tmp/tool"') echo >&2 "Running nixpkgs-check-by-name.." -"$tmp/tool/bin/nixpkgs-check-by-name" "$tmp/merged" +"$tmp/tool/bin/nixpkgs-check-by-name" --base "$tmp/base" "$tmp/merged" From 630b4d746bee70a36a1242edb150db03a3fd8a55 Mon Sep 17 00:00:00 2001 From: Pol Dellaiera Date: Wed, 20 Dec 2023 21:36:16 +0100 Subject: [PATCH 18/35] vscode-extensions.github.copilot: 1.135.544 -> 1.143.601 --- pkgs/applications/editors/vscode/extensions/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/editors/vscode/extensions/default.nix b/pkgs/applications/editors/vscode/extensions/default.nix index e3597c8fe14d..2c2bcecff804 100644 --- a/pkgs/applications/editors/vscode/extensions/default.nix +++ b/pkgs/applications/editors/vscode/extensions/default.nix @@ -1580,8 +1580,8 @@ let mktplcRef = { publisher = "github"; name = "copilot"; - version = "1.135.544"; - sha256 = "sha256-OeG1nkQbQAfu8NuDEA+iaWy0ioFyXPe7Qm/CZIKPiX8="; + version = "1.143.601"; + sha256 = "sha256-Ge/q1fAfhI5EuJFLHZqZyuPahHSgES7G0ns9FbS9vzA="; }; meta = { From 98d33dc1ed09f63aa2d88023564f1e6b5bd52647 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafael=20Fern=C3=A1ndez=20L=C3=B3pez?= Date: Wed, 20 Dec 2023 22:18:43 +0100 Subject: [PATCH 19/35] wasmtime: 15.0.1 -> 16.0.0 --- pkgs/development/interpreters/wasmtime/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/interpreters/wasmtime/default.nix b/pkgs/development/interpreters/wasmtime/default.nix index 8613beaef905..47790df5ec3f 100644 --- a/pkgs/development/interpreters/wasmtime/default.nix +++ b/pkgs/development/interpreters/wasmtime/default.nix @@ -2,19 +2,19 @@ rustPlatform.buildRustPackage rec { pname = "wasmtime"; - version = "15.0.1"; + version = "16.0.0"; src = fetchFromGitHub { owner = "bytecodealliance"; repo = pname; rev = "v${version}"; - hash = "sha256-9vArmudz1Avxz46IS9FZIKbs8wZXoeWMd/FGLmpPitw="; + hash = "sha256-kySJme79RQMI8PP2Jhx1mjqJpUIf5jPn2TvbPEzw5hY="; fetchSubmodules = true; }; # Disable cargo-auditable until https://github.com/rust-secure-code/cargo-auditable/issues/124 is solved. auditable = false; - cargoHash = "sha256-/mX9zUN+dZoOCOPMeWCJ9U7KfI6JnFl8B2leYosy2jQ="; + cargoHash = "sha256-2XlnR4OBvdQyMUUOL6VvqDxf8jGYlhz2PDuPd24Ocxw="; cargoBuildFlags = [ "--package" "wasmtime-cli" "--package" "wasmtime-c-api" ]; outputs = [ "out" "dev" ]; From cd9fab1e4cc5136a06a4e185df44d1884110d160 Mon Sep 17 00:00:00 2001 From: zzzsyyy Date: Thu, 21 Dec 2023 14:53:17 +0800 Subject: [PATCH 20/35] linux_xanmod: 6.1.68 -> 6.1.69 --- pkgs/os-specific/linux/kernel/xanmod-kernels.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/xanmod-kernels.nix b/pkgs/os-specific/linux/kernel/xanmod-kernels.nix index abc4feb79f6d..eba153c481fb 100644 --- a/pkgs/os-specific/linux/kernel/xanmod-kernels.nix +++ b/pkgs/os-specific/linux/kernel/xanmod-kernels.nix @@ -6,8 +6,8 @@ let # NOTE: When updating these, please also take a look at the changes done to # kernel config in the xanmod version commit ltsVariant = { - version = "6.1.68"; - hash = "sha256-mpnoaeeBrCELXJujgHKqZxSIzRMbk8dpPv1G9EKAf3E="; + version = "6.1.69"; + hash = "sha256-/uk2sS7g4REPtR/LSc7djjoc//m6QvrXfHO4OemQcy8="; variant = "lts"; }; From 75643e19e94c77e07b04cd55e82264ca1be2847b Mon Sep 17 00:00:00 2001 From: zzzsyyy Date: Thu, 21 Dec 2023 14:59:35 +0800 Subject: [PATCH 21/35] linux_xanmod_latest: 6.6.7 -> 6.6.8 --- pkgs/os-specific/linux/kernel/xanmod-kernels.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/xanmod-kernels.nix b/pkgs/os-specific/linux/kernel/xanmod-kernels.nix index eba153c481fb..9a3a2a60c341 100644 --- a/pkgs/os-specific/linux/kernel/xanmod-kernels.nix +++ b/pkgs/os-specific/linux/kernel/xanmod-kernels.nix @@ -12,8 +12,8 @@ let }; mainVariant = { - version = "6.6.7"; - hash = "sha256-0I+CS4Ithb0euFAO5G7ao3dxA1gq5wqFVsNyYWvRfYc="; + version = "6.6.8"; + hash = "sha256-TtWTYuT3GMnQy1shkF+HTgv4Z1OSOLh4RXfG+Xj0n3M="; variant = "main"; }; From 2ce1ca3212e02f75d99b21ac48098ff780ef8ca9 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 21 Dec 2023 08:38:08 +0000 Subject: [PATCH 22/35] python310Packages.oci: 2.117.0 -> 2.118.0 --- pkgs/development/python-modules/oci/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/oci/default.nix b/pkgs/development/python-modules/oci/default.nix index 3f3f0fd186ef..f75cd25f21ec 100644 --- a/pkgs/development/python-modules/oci/default.nix +++ b/pkgs/development/python-modules/oci/default.nix @@ -13,7 +13,7 @@ buildPythonPackage rec { pname = "oci"; - version = "2.117.0"; + version = "2.118.0"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -22,7 +22,7 @@ buildPythonPackage rec { owner = "oracle"; repo = "oci-python-sdk"; rev = "refs/tags/v${version}"; - hash = "sha256-D9LstmP4/ysRTe2tvyl84z23cskHfy1O7FT/a/qg2As="; + hash = "sha256-bmV2IFMh/lp7+7MMqlg9zm8VkdZE48zqf8N3+/sSkTc="; }; pythonRelaxDeps = [ From 0ecaa59c7bb7ae53a4b129545e175554eebb7dc1 Mon Sep 17 00:00:00 2001 From: Pol Dellaiera Date: Thu, 21 Dec 2023 13:06:32 +0100 Subject: [PATCH 23/35] honk: 1.1.1 -> 1.2.0 --- pkgs/servers/honk/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/honk/default.nix b/pkgs/servers/honk/default.nix index 63b2fb5b0984..cbe1d6d240e1 100644 --- a/pkgs/servers/honk/default.nix +++ b/pkgs/servers/honk/default.nix @@ -8,11 +8,11 @@ buildGoModule rec { pname = "honk"; - version = "1.1.1"; + version = "1.2.0"; src = fetchurl { url = "https://humungus.tedunangst.com/r/honk/d/honk-${version}.tgz"; - hash = "sha256-kfoSVGm1QKVjDiWvjK4QzAoA/iiU9j6DS3SYFSM+AaA="; + hash = "sha256-kcrEg0KBdCaA4g8ivIgOWIGJVDCtY5rI4P7cp/ZyXe4="; }; vendorHash = null; From da79a3c547e946e8b9d3973f8361cc2bef6b3158 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 21 Dec 2023 13:56:35 +0000 Subject: [PATCH 24/35] python310Packages.oracledb: 1.4.2 -> 2.0.0 --- pkgs/development/python-modules/oracledb/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/oracledb/default.nix b/pkgs/development/python-modules/oracledb/default.nix index cdaa5ee907a6..b1b567ea6e11 100644 --- a/pkgs/development/python-modules/oracledb/default.nix +++ b/pkgs/development/python-modules/oracledb/default.nix @@ -8,14 +8,14 @@ buildPythonPackage rec { pname = "oracledb"; - version = "1.4.2"; + version = "2.0.0"; format = "setuptools"; disabled = pythonOlder "3.6"; src = fetchPypi { inherit pname version; - hash = "sha256-4o7ZBG8nNdwt1bvN82Z/KE44Tg7H7tPus3mPqKfUfjY="; + hash = "sha256-+0SB560anoEhSCiiGaRbZTMB2AxaHMR+A4VxBbYa4sk="; }; nativeBuildInputs = [ From e36f5af1c2bc808a8cae71fa743a87acce66d08a Mon Sep 17 00:00:00 2001 From: Aaron Jheng Date: Thu, 21 Dec 2023 15:09:51 +0000 Subject: [PATCH 25/35] talosctl: 1.5.5 -> 1.6.0 --- pkgs/applications/networking/cluster/talosctl/default.nix | 8 ++++---- pkgs/top-level/all-packages.nix | 4 +--- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/pkgs/applications/networking/cluster/talosctl/default.nix b/pkgs/applications/networking/cluster/talosctl/default.nix index f0414dba54d3..f93cea7f2510 100644 --- a/pkgs/applications/networking/cluster/talosctl/default.nix +++ b/pkgs/applications/networking/cluster/talosctl/default.nix @@ -1,17 +1,17 @@ -{ lib, stdenv, buildGoModule, fetchFromGitHub, installShellFiles }: +{ lib, buildGoModule, fetchFromGitHub, installShellFiles }: buildGoModule rec { pname = "talosctl"; - version = "1.5.5"; + version = "1.6.0"; src = fetchFromGitHub { owner = "siderolabs"; repo = "talos"; rev = "v${version}"; - hash = "sha256-15sNXiJ/s3MlrXFXPxA7mQ+/36HRSZF6XKos6XEHi1Y="; + hash = "sha256-Mcc9lfnhSbVA5tNHUtBgfQEGVyen4KZ/V9OeV8PxAYQ="; }; - vendorHash = "sha256-fGl16Wsb1tW9+wZBg5yY73t7n+EJ1dVx5IlzY2B8PJA="; + vendorHash = "sha256-VeUDyiJ0R27Xrf+79f0soELKvR2xaK5ocbvhCzP9eFk="; ldflags = [ "-s" "-w" ]; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 60b5802a02a5..f8c4d9de4fe5 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -35684,9 +35684,7 @@ with pkgs; taizen = callPackage ../applications/misc/taizen { }; - talosctl = callPackage ../applications/networking/cluster/talosctl { - buildGoModule = buildGo120Module; - }; + talosctl = callPackage ../applications/networking/cluster/talosctl { }; talentedhack = callPackage ../applications/audio/talentedhack { }; From 8ac1c1519dd5e1fa9105f9eae3398c906b0e7bfe Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 21 Dec 2023 16:06:39 +0000 Subject: [PATCH 26/35] python310Packages.peaqevcore: 19.5.21 -> 19.5.23 --- pkgs/development/python-modules/peaqevcore/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/peaqevcore/default.nix b/pkgs/development/python-modules/peaqevcore/default.nix index 6fd4cd98debc..a1aa0cbfce1c 100644 --- a/pkgs/development/python-modules/peaqevcore/default.nix +++ b/pkgs/development/python-modules/peaqevcore/default.nix @@ -6,14 +6,14 @@ buildPythonPackage rec { pname = "peaqevcore"; - version = "19.5.21"; + version = "19.5.23"; format = "setuptools"; disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - hash = "sha256-MR+dPGap7IgdWV+bKLUU3E3lzoG+RaaspjqedMQMk5Y="; + hash = "sha256-lLxwc9maivUJAF2Day16B86ELVqsoVJsY9j4rS5FbPM="; }; postPatch = '' From 0a85473c1244cb285a96877febb7944c67c50559 Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Thu, 21 Dec 2023 18:21:37 +0200 Subject: [PATCH 27/35] tectonic: symlink nextonic for all platforms Probably this was conditioned on stdenv.isLinux by mistake. --- pkgs/tools/typesetting/tectonic/default.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/typesetting/tectonic/default.nix b/pkgs/tools/typesetting/tectonic/default.nix index 607e71cfbb44..21391ac72917 100644 --- a/pkgs/tools/typesetting/tectonic/default.nix +++ b/pkgs/tools/typesetting/tectonic/default.nix @@ -33,13 +33,14 @@ rustPlatform.buildRustPackage rec { # workaround for https://github.com/NixOS/nixpkgs/issues/166205 NIX_LDFLAGS = lib.optionalString (stdenv.cc.isClang && stdenv.cc.libcxx != null) " -l${stdenv.cc.libcxx.cxxabi.libName}"; - postInstall = lib.optionalString stdenv.isLinux '' + postInstall = '' + # Makes it possible to automatically use the V2 CLI API + ln -s $out/bin/tectonic $out/bin/nextonic + '' + lib.optionalString stdenv.isLinux '' substituteInPlace dist/appimage/tectonic.desktop \ --replace Exec=tectonic Exec=$out/bin/tectonic install -D dist/appimage/tectonic.desktop -t $out/share/applications/ install -D dist/appimage/tectonic.svg -t $out/share/icons/hicolor/scalable/apps/ - - ln -s $out/bin/tectonic $out/bin/nextonic ''; doCheck = true; From 04f1b554cedecb9940b86d6963a2bfebe2e1e2fd Mon Sep 17 00:00:00 2001 From: Bryan Lai Date: Tue, 19 Dec 2023 14:18:54 +0800 Subject: [PATCH 28/35] tectonic: redefine to wrap it with `biber-for-tectonic` The `tectonic` attribute is redefined to be a wrapper with a compatible version of biber, provided by `biber-for-tectonic`. The wrapper is partially recovered from a previous nixpkgs commit: https://github.com/NixOS/nixpkgs/commit/5aa8e9f0f90b0c9bbdf7b18ead18704d1622c509 Also: - Remove unneeded makeBinaryWrapper input in `tectonic-unwrapped`. - Add @bryango as a maintainer of both `tectonic-unwrapped` and `tectonic`. Co-authored-by: Doron Behar --- pkgs/tools/typesetting/tectonic/default.nix | 12 ++++- pkgs/tools/typesetting/tectonic/wrapper.nix | 56 +++++++++++++++++++++ pkgs/top-level/all-packages.nix | 4 +- 3 files changed, 69 insertions(+), 3 deletions(-) create mode 100644 pkgs/tools/typesetting/tectonic/wrapper.nix diff --git a/pkgs/tools/typesetting/tectonic/default.nix b/pkgs/tools/typesetting/tectonic/default.nix index 21391ac72917..6b98a5db6343 100644 --- a/pkgs/tools/typesetting/tectonic/default.nix +++ b/pkgs/tools/typesetting/tectonic/default.nix @@ -1,3 +1,11 @@ +/* + This file provides the `tectonic-unwrapped` package. On the other hand, + the `tectonic` package is defined in `./wrapper.nix`, by wrapping + - [`tectonic-unwrapped`](./default.nix) i.e. this package, and + - [`biber-for-tectonic`](./biber.nix), + which provides a compatible version of `biber`. +*/ + { lib , stdenv , fetchFromGitHub @@ -25,7 +33,7 @@ rustPlatform.buildRustPackage rec { cargoHash = "sha256-1WjZbmZFPB1+QYpjqq5Y+fDkMZNmWJYIxmMFWg7Tiac="; - nativeBuildInputs = [ pkg-config makeBinaryWrapper ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ icu fontconfig harfbuzz openssl ] ++ lib.optionals stdenv.isDarwin (with darwin.apple_sdk.frameworks; [ ApplicationServices Cocoa Foundation ]); @@ -51,6 +59,6 @@ rustPlatform.buildRustPackage rec { changelog = "https://github.com/tectonic-typesetting/tectonic/blob/tectonic@${version}/CHANGELOG.md"; license = with licenses; [ mit ]; mainProgram = "tectonic"; - maintainers = with maintainers; [ lluchs doronbehar ]; + maintainers = with maintainers; [ lluchs doronbehar bryango ]; }; } diff --git a/pkgs/tools/typesetting/tectonic/wrapper.nix b/pkgs/tools/typesetting/tectonic/wrapper.nix new file mode 100644 index 000000000000..5a4dc47e37a2 --- /dev/null +++ b/pkgs/tools/typesetting/tectonic/wrapper.nix @@ -0,0 +1,56 @@ +{ lib +, symlinkJoin +, tectonic-unwrapped +, biber-for-tectonic +, makeWrapper +}: + +symlinkJoin { + name = "${tectonic-unwrapped.pname}-wrapped-${tectonic-unwrapped.version}"; + paths = [ tectonic-unwrapped ]; + + nativeBuildInputs = [ makeWrapper ]; + + passthru = { + unwrapped = tectonic-unwrapped; + biber = biber-for-tectonic; + }; + + # Replace the unwrapped tectonic with the one wrapping it with biber + postBuild = '' + rm $out/bin/{tectonic,nextonic} + '' + # Ideally, we would have liked to also pin the version of the online TeX + # bundle that Tectonic's developer distribute, so that the `biber` version + # and the `biblatex` version distributed from there are compatible. + # However, that is not currently possible, due to lack of upstream support + # for specifying this in runtime, there were 2 suggestions sent upstream + # that suggested a way of improving the situation: + # + # - https://github.com/tectonic-typesetting/tectonic/pull/1132 + # - https://github.com/tectonic-typesetting/tectonic/pull/1131 + # + # The 1st suggestion seems more promising as it'd allow us to simply use + # makeWrapper's --add-flags option. However, the PR linked above is not + # complete, and as of currently, upstream hasn't even reviewed it, or + # commented on the idea. + # + # Note also that upstream has announced that they will put less time and + # energy for the project: + # + # https://github.com/tectonic-typesetting/tectonic/discussions/1122 + # + # Hence, we can be rather confident that for the near future, the online + # TeX bundle won't be updated and hence the biblatex distributed there + # won't require a higher version of biber. + + '' + makeWrapper ${lib.getBin tectonic-unwrapped}/bin/tectonic $out/bin/tectonic \ + --prefix PATH : "${lib.getBin biber-for-tectonic}/bin" + ln -s $out/bin/tectonic $out/bin/nextonic + ''; + + meta = tectonic-unwrapped.meta // { + description = "Tectonic TeX/LaTeX engine, wrapped with a compatible biber"; + maintainers = with lib.maintainers; [ doronbehar bryango ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 8a0c052fda09..861d41181f1d 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -25317,7 +25317,9 @@ with pkgs; tecla = callPackage ../development/libraries/tecla { }; - tectonic = callPackage ../tools/typesetting/tectonic { + tectonic = callPackage ../tools/typesetting/tectonic/wrapper.nix { }; + + tectonic-unwrapped = callPackage ../tools/typesetting/tectonic { harfbuzz = harfbuzzFull; }; From 33e277b41590a1ed0ec87f89a598b846bcca5fe8 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Thu, 21 Dec 2023 18:39:51 +0100 Subject: [PATCH 29/35] python311Packages.oracledb: refactor --- pkgs/development/python-modules/oracledb/default.nix | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/oracledb/default.nix b/pkgs/development/python-modules/oracledb/default.nix index b1b567ea6e11..f5cb156932d2 100644 --- a/pkgs/development/python-modules/oracledb/default.nix +++ b/pkgs/development/python-modules/oracledb/default.nix @@ -4,14 +4,16 @@ , cython_3 , fetchPypi , pythonOlder +, setuptools +, wheel }: buildPythonPackage rec { pname = "oracledb"; version = "2.0.0"; - format = "setuptools"; + pyproject = true; - disabled = pythonOlder "3.6"; + disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; @@ -20,6 +22,8 @@ buildPythonPackage rec { nativeBuildInputs = [ cython_3 + setuptools + wheel ]; propagatedBuildInputs = [ From 9943f17e0da860a291e4e5d9d86557a3235254a8 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 21 Dec 2023 18:03:53 +0000 Subject: [PATCH 30/35] python310Packages.podman: 4.8.0.post1 -> 4.8.1 --- pkgs/development/python-modules/podman/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/podman/default.nix b/pkgs/development/python-modules/podman/default.nix index 9624f322a74e..a76e6559b69e 100644 --- a/pkgs/development/python-modules/podman/default.nix +++ b/pkgs/development/python-modules/podman/default.nix @@ -15,7 +15,7 @@ buildPythonPackage rec { pname = "podman"; - version = "4.8.0.post1"; + version = "4.8.1"; pyproject = true; disabled = pythonOlder "3.7"; @@ -24,7 +24,7 @@ buildPythonPackage rec { owner = "containers"; repo = "podman-py"; rev = "refs/tags/v${version}"; - hash = "sha256-d7rNXqYeeDHilzNc1jcIWq7rNcYZCvlf9ipu1m3oFfw="; + hash = "sha256-KecYH3fUaWNXx6WQ0NFmEm8o4OkOyYfSHIAh2p+Am1k="; }; nativeBuildInputs = [ From b6755f13b7c0f56bf9a2953dbfea3cfbad8513e4 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Thu, 21 Dec 2023 19:04:37 +0100 Subject: [PATCH 31/35] python310Packages.google-cloud-bigquery-logging: refactor --- .../google-cloud-bigquery-logging/default.nix | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/pkgs/development/python-modules/google-cloud-bigquery-logging/default.nix b/pkgs/development/python-modules/google-cloud-bigquery-logging/default.nix index 4bfd7e30ddc1..ea4750d69755 100644 --- a/pkgs/development/python-modules/google-cloud-bigquery-logging/default.nix +++ b/pkgs/development/python-modules/google-cloud-bigquery-logging/default.nix @@ -9,12 +9,13 @@ , pytest-asyncio , pytestCheckHook , pythonOlder +, setuptools }: buildPythonPackage rec { pname = "google-cloud-bigquery-logging"; version = "1.4.0"; - format = "setuptools"; + pyproject = true; disabled = pythonOlder "3.7"; @@ -23,6 +24,10 @@ buildPythonPackage rec { hash = "sha256-4pl7cT8bLy0y3ntYt1qO027KF7yokHun5lGZHWnBkUw="; }; + nativeBuildInputs = [ + setuptools + ]; + propagatedBuildInputs = [ google-api-core grpc-google-iam-v1 @@ -43,8 +48,8 @@ buildPythonPackage rec { meta = with lib; { description = "Bigquery logging client library"; - homepage = "https://github.com/googleapis/python-bigquery-logging"; - changelog = "https://github.com/googleapis/python-bigquery-logging/blob/v${version}/CHANGELOG.md"; + homepage = "https://github.com/googleapis/google-cloud-python/tree/main/packages/google-cloud-bigquery-logging"; + changelog = "https://github.com/googleapis/google-cloud-python/blob/google-cloud-bigquery-logging-v${version}/packages/google-cloud-bigquery-logging/CHANGELOG.md"; license = licenses.asl20; maintainers = with maintainers; [ fab ]; }; From 6141d1bdd564db542b9c2d3ee1ec6f25c02d740f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=A1=D1=83=D1=85=D0=B0=D1=80=D0=B8=D0=BA?= <65870+suhr@users.noreply.github.com> Date: Wed, 13 Dec 2023 15:57:26 +0300 Subject: [PATCH 32/35] llama-cpp: 1573 -> 1671 --- pkgs/by-name/ll/llama-cpp/package.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/by-name/ll/llama-cpp/package.nix b/pkgs/by-name/ll/llama-cpp/package.nix index 77a452a26cb0..6795d22e9782 100644 --- a/pkgs/by-name/ll/llama-cpp/package.nix +++ b/pkgs/by-name/ll/llama-cpp/package.nix @@ -38,13 +38,13 @@ let in stdenv.mkDerivation (finalAttrs: { pname = "llama-cpp"; - version = "1573"; + version = "1671"; src = fetchFromGitHub { owner = "ggerganov"; repo = "llama.cpp"; rev = "refs/tags/b${finalAttrs.version}"; - hash = "sha256-FEH0SI87qtezc++TAR38wfldx6/1GknuTBWGn+UyFPI="; + hash = "sha256-OFRc3gHKQboVCsDlQVHwzEBurIsOMj/bVGYuCLilydE="; }; patches = [ From 72ff6b5fcf58e093b5b53d4d7508df860c4f2528 Mon Sep 17 00:00:00 2001 From: Adam Stephens Date: Sat, 18 Nov 2023 08:53:28 -0500 Subject: [PATCH 33/35] tree-sitter-grammars.tree-sitter-nu: use official repo --- .../parsing/tree-sitter/grammars/tree-sitter-nu.json | 12 ++++++------ .../development/tools/parsing/tree-sitter/update.nix | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/pkgs/development/tools/parsing/tree-sitter/grammars/tree-sitter-nu.json b/pkgs/development/tools/parsing/tree-sitter/grammars/tree-sitter-nu.json index 32750a9f2da4..cc31e36aee6b 100644 --- a/pkgs/development/tools/parsing/tree-sitter/grammars/tree-sitter-nu.json +++ b/pkgs/development/tools/parsing/tree-sitter/grammars/tree-sitter-nu.json @@ -1,10 +1,10 @@ { - "url": "https://github.com/LhKipp/tree-sitter-nu", - "rev": "c125aaa83c14f936a20f60c0e86537b81b9f01c9", - "date": "2023-09-19T21:59:06+02:00", - "path": "/nix/store/s0fcpv3w2wkra74y675arsvi3g0xbng2-tree-sitter-nu", - "sha256": "1ckbbzq9rk6iz23xs283rw7j2w7lg8fgp552qkiqa3fc7fmyrfk0", - "hash": "sha256-YLrsqzvMDYXjxKKU+xx69HAhD88DCd2H+NHMnPBfa7I=", + "url": "https://github.com/nushell/tree-sitter-nu", + "rev": "a0b80b2e21e5e39571252dc799e19eb89f1fc912", + "date": "2023-12-21T08:27:09-06:00", + "path": "/nix/store/nlczvz84gk9jjjiijczwyn1isy1rn1k7-tree-sitter-nu", + "sha256": "1y9bsdg9v7znlc1k4xxraaj8f8fn5m3zyc0r2m9fff2if9ijpll1", + "hash": "sha256-gdIrY3JROOdSFRkw/0ct1iGHpFK5dzIDo/afnV7TK/k=", "fetchLFS": false, "fetchSubmodules": false, "deepClone": false, diff --git a/pkgs/development/tools/parsing/tree-sitter/update.nix b/pkgs/development/tools/parsing/tree-sitter/update.nix index 423536dee92a..b5068b30cf24 100644 --- a/pkgs/development/tools/parsing/tree-sitter/update.nix +++ b/pkgs/development/tools/parsing/tree-sitter/update.nix @@ -378,7 +378,7 @@ let repo = "tree-sitter-solidity"; }; "tree-sitter-nu" = { - orga = "LhKipp"; + orga = "nushell"; repo = "tree-sitter-nu"; }; "tree-sitter-cue" = { From f882df781ca7eab4ee66fa31dda445937ccaedd3 Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Thu, 21 Dec 2023 23:09:50 +0100 Subject: [PATCH 34/35] maintainers/scripts/check-by-name.sh: Introduce symlink alias --- .github/workflows/check-by-name.yml | 2 +- maintainers/scripts/README.md | 4 ++++ maintainers/scripts/check-by-name.sh | 1 + 3 files changed, 6 insertions(+), 1 deletion(-) create mode 120000 maintainers/scripts/check-by-name.sh diff --git a/.github/workflows/check-by-name.yml b/.github/workflows/check-by-name.yml index a761f6cae09b..06fefcb6759b 100644 --- a/.github/workflows/check-by-name.yml +++ b/.github/workflows/check-by-name.yml @@ -91,6 +91,6 @@ jobs: exit 0 else exitCode=$? - echo "To run locally: ./pkgs/test/nixpkgs-check-by-name/scripts/run-local.sh $GITHUB_BASE_REF https://github.com/$GITHUB_REPOSITORY.git" + echo "To run locally: ./maintainers/scripts/check-by-name.sh $GITHUB_BASE_REF https://github.com/$GITHUB_REPOSITORY.git" exit "$exitCode" fi diff --git a/maintainers/scripts/README.md b/maintainers/scripts/README.md index 2b99a4e75114..f8fc7aff955d 100644 --- a/maintainers/scripts/README.md +++ b/maintainers/scripts/README.md @@ -9,6 +9,10 @@ What follows is a (very incomplete) overview of available scripts. ## Metadata +### `check-by-name.sh` + +An alias for `pkgs/test/nixpkgs-check-by-name/scripts/run-local.sh`, see [documentation](../../pkgs/test/nixpkgs-check-by-name/scripts/README.md). + ### `get-maintainer.sh` `get-maintainer.sh [selector] value` returns a JSON object describing diff --git a/maintainers/scripts/check-by-name.sh b/maintainers/scripts/check-by-name.sh new file mode 120000 index 000000000000..545dbedf0a31 --- /dev/null +++ b/maintainers/scripts/check-by-name.sh @@ -0,0 +1 @@ +../../pkgs/test/nixpkgs-check-by-name/scripts/run-local.sh \ No newline at end of file From e130ee33a11ae90585e9f9c09b189c3ccfe70632 Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Thu, 21 Dec 2023 23:05:14 +0100 Subject: [PATCH 35/35] pkgs/test/nixpkgs-check-by-name/scripts: Various improvements - trace function, avoids littering `echo >&2` all throughout - Avoid `eval`, remove unneeded shellcheck Co-Authored-By: Victor Engmark --- .../scripts/fetch-tool.sh | 26 +++++---- .../scripts/run-local.sh | 57 ++++++++++--------- 2 files changed, 43 insertions(+), 40 deletions(-) diff --git a/pkgs/test/nixpkgs-check-by-name/scripts/fetch-tool.sh b/pkgs/test/nixpkgs-check-by-name/scripts/fetch-tool.sh index fc4df11e747e..19a48b6fb1fd 100755 --- a/pkgs/test/nixpkgs-check-by-name/scripts/fetch-tool.sh +++ b/pkgs/test/nixpkgs-check-by-name/scripts/fetch-tool.sh @@ -2,18 +2,20 @@ # Fetches the prebuilt nixpkgs-check-by-name to use from # the NixOS channel corresponding to the given base branch -set -euo pipefail +set -o pipefail -o errexit -o nounset + +trace() { echo >&2 "$@"; } if (( $# < 2 )); then - echo >&2 "Usage: $0 BASE_BRANCH OUTPUT_PATH" - echo >&2 "BASE_BRANCH: The base branch to use, e.g. master or release-23.11" - echo >&2 "OUTPUT_PATH: The output symlink path for the tool" + trace "Usage: $0 BASE_BRANCH OUTPUT_PATH" + trace "BASE_BRANCH: The base branch to use, e.g. master or release-23.11" + trace "OUTPUT_PATH: The output symlink path for the tool" exit 1 fi baseBranch=$1 output=$2 -echo >&2 -n "Determining the channel to use for PR base branch $baseBranch.. " +trace -n "Determining the channel to use for PR base branch $baseBranch.. " if [[ "$baseBranch" =~ ^(release|staging|staging-next)-([0-9][0-9]\.[0-9][0-9])$ ]]; then # Use the release channel for all PRs to release-XX.YY, staging-XX.YY and staging-next-XX.YY preferredChannel=nixos-${BASH_REMATCH[2]} @@ -25,21 +27,21 @@ fi # Check that the channel exists. It doesn't exist for fresh release branches if curl -fSs "https://channels.nixos.org/$preferredChannel"; then channel=$preferredChannel - echo >&2 "$channel" + trace "$channel" else # Fall back to nixos-unstable, makes sense for fresh release branches channel=nixos-unstable - echo >&2 -e "\e[33mWarning: Preferred channel $preferredChannel could not be fetched, using fallback: $channel\e[0m" + trace -e "\e[33mWarning: Preferred channel $preferredChannel could not be fetched, using fallback: $channel\e[0m" fi -echo >&2 -n "Fetching latest version of channel $channel.. " +trace -n "Fetching latest version of channel $channel.. " # This is probably the easiest way to get Nix to output the path to a downloaded channel! nixpkgs=$(nix-instantiate --find-file nixpkgs -I nixpkgs=channel:"$channel") -echo >&2 "$nixpkgs" +trace "$nixpkgs" # This file only exists in channels -echo >&2 -e "Git revision of channel $channel is \e[34m$(<"$nixpkgs/.git-revision")\e[0m" +trace -e "Git revision of channel $channel is \e[34m$(<"$nixpkgs/.git-revision")\e[0m" -echo >&2 -n "Fetching the prebuilt version of nixpkgs-check-by-name.. " +trace -n "Fetching the prebuilt version of nixpkgs-check-by-name.. " nix-build -o "$output" "$nixpkgs" -A tests.nixpkgs-check-by-name -j 0 >/dev/null -realpath >&2 "$output" +realpath "$output" >&2 diff --git a/pkgs/test/nixpkgs-check-by-name/scripts/run-local.sh b/pkgs/test/nixpkgs-check-by-name/scripts/run-local.sh index 060f83469f4d..72d3e8dc3de3 100755 --- a/pkgs/test/nixpkgs-check-by-name/scripts/run-local.sh +++ b/pkgs/test/nixpkgs-check-by-name/scripts/run-local.sh @@ -1,21 +1,25 @@ #!/usr/bin/env bash -# shellcheck disable=SC2016 -set -euo pipefail +set -o pipefail -o errexit -o nounset -cleanup_commands=() +trace() { echo >&2 "$@"; } + +tmp=$(mktemp -d) cleanup() { - echo -n >&2 "Cleaning up.. " - # Run all cleanup commands in inverse order - for (( i=${#cleanup_commands[@]}-1; i>=0; i-- )); do - eval "${cleanup_commands[i]}" - done - echo >&2 "Done" + # Don't exit early if anything fails to cleanup + set +o errexit + + trace -n "Cleaning up.. " + + [[ -e "$tmp/base" ]] && git worktree remove --force "$tmp/base" + [[ -e "$tmp/merged" ]] && git worktree remove --force "$tmp/merged" + + rm -rf "$tmp" + + trace "Done" } trap cleanup exit -tmp=$(mktemp -d) -cleanup_commands+=('rmdir "$tmp"') repo=https://github.com/NixOS/nixpkgs.git @@ -23,9 +27,9 @@ if (( $# != 0 )); then baseBranch=$1 shift else - echo >&2 "Usage: $0 BASE_BRANCH [REPOSITORY]" - echo >&2 "BASE_BRANCH: The base branch to use, e.g. master or release-23.11" - echo >&2 "REPOSITORY: The repository to fetch the base branch from, defaults to $repo" + trace "Usage: $0 BASE_BRANCH [REPOSITORY]" + trace "BASE_BRANCH: The base branch to use, e.g. master or release-23.11" + trace "REPOSITORY: The repository to fetch the base branch from, defaults to $repo" exit 1 fi @@ -35,32 +39,29 @@ if (( $# != 0 )); then fi if [[ -n "$(git status --porcelain)" ]]; then - echo >&2 -e "\e[33mWarning: Dirty tree, uncommitted changes won't be taken into account\e[0m" + trace -e "\e[33mWarning: Dirty tree, uncommitted changes won't be taken into account\e[0m" fi headSha=$(git rev-parse HEAD) -echo >&2 -e "Using HEAD commit \e[34m$headSha\e[0m" +trace -e "Using HEAD commit \e[34m$headSha\e[0m" -echo >&2 -n "Creating Git worktree for the HEAD commit in $tmp/merged.. " +trace -n "Creating Git worktree for the HEAD commit in $tmp/merged.. " git worktree add --detach -q "$tmp/merged" HEAD -cleanup_commands+=('git worktree remove --force "$tmp/merged"') -echo >&2 "Done" +trace "Done" -echo >&2 -n "Fetching base branch $baseBranch to compare against.. " +trace -n "Fetching base branch $baseBranch to compare against.. " git fetch -q "$repo" refs/heads/"$baseBranch" baseSha=$(git rev-parse FETCH_HEAD) -echo >&2 -e "\e[34m$baseSha\e[0m" +trace -e "\e[34m$baseSha\e[0m" -echo >&2 -n "Creating Git worktree for the base branch in $tmp/base.. " +trace -n "Creating Git worktree for the base branch in $tmp/base.. " git worktree add -q "$tmp/base" "$baseSha" -cleanup_commands+=('git worktree remove --force "$tmp/base"') -echo >&2 "Done" +trace "Done" -echo >&2 -n "Merging base branch into the HEAD commit in $tmp/merged.. " +trace -n "Merging base branch into the HEAD commit in $tmp/merged.. " git -C "$tmp/merged" merge -q --no-edit "$baseSha" -echo >&2 -e "\e[34m$(git -C "$tmp/merged" rev-parse HEAD)\e[0m" +trace -e "\e[34m$(git -C "$tmp/merged" rev-parse HEAD)\e[0m" "$tmp/merged/pkgs/test/nixpkgs-check-by-name/scripts/fetch-tool.sh" "$baseBranch" "$tmp/tool" -cleanup_commands+=('rm "$tmp/tool"') -echo >&2 "Running nixpkgs-check-by-name.." +trace "Running nixpkgs-check-by-name.." "$tmp/tool/bin/nixpkgs-check-by-name" --base "$tmp/base" "$tmp/merged"