movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-13 13:40:28 +03:00
Code Activity

Merge master into staging-next

Browse source
This commit is contained in:
nixpkgs-ci[bot] 2025-04-09 16:04:15 +00:00 committed by GitHub
commit b66e31c26a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
39 changed files with 915 additions and 89 deletions
Download patch file Download diff file Expand all files Collapse all files

9
nixos/doc/manual/redirects.json
View file

@ -2,6 +2,15 @@
"book-nixos-manual": [
"index.html#book-nixos-manual"
],
"module-services-anubis": [
"index.html#module-services-anubis"
],
"module-services-anubis-configuration": [
"index.html#module-services-anubis-configuration"
],
"module-services-anubis-quickstart": [
"index.html#module-services-anubis-quickstart"
],
"module-services-crab-hole": [
"index.html#module-services-crab-hole"
],

2
nixos/doc/manual/release-notes/rl-2505.section.md
View file

@ -165,6 +165,8 @@
- [PDS](https://github.com/bluesky-social/pds), Personal Data Server for [bsky](https://bsky.social/). Available as [services.pds](option.html#opt-services.pds).
- [Anubis](https://github.com/TecharoHQ/anubis), a scraper defense software. Available as [services.anubis](options.html#opt-services.anubis).
- [synapse-auto-compressor](https://github.com/matrix-org/rust-synapse-compress-state?tab=readme-ov-file#automated-tool-synapse_auto_compressor), a rust-based matrix-synapse state compressor for postgresql. Available as [services.synapse-auto-compressor](#opt-services.synapse-auto-compressor.enable).
- [mqtt-exporter](https://github.com/kpetremann/mqtt-exporter/), a Prometheus exporter for exposing messages from MQTT. Available as [services.prometheus.exporters.mqtt](#opt-services.prometheus.exporters.mqtt.enable).

1
nixos/modules/module-list.nix
View file

@ -1048,6 +1048,7 @@
./services/networking/adguardhome.nix
./services/networking/alice-lg.nix
./services/networking/amuled.nix
./services/networking/anubis.nix
./services/networking/aria2.nix
./services/networking/asterisk.nix
./services/networking/atftpd.nix

61
nixos/modules/services/networking/anubis.md Normal file
View file

@ -0,0 +1,61 @@
# Anubis {#module-services-anubis}
[Anubis](https://anubis.techaro.lol) is a scraper defense software that blocks AI scrapers. It is designed to sit
between a reverse proxy and the service to be protected.
## Quickstart {#module-services-anubis-quickstart}
This module is designed to use Unix domain sockets as the socket paths can be automatically configured for multiple
instances, but TCP sockets are also supported.
A minimal configuration with [nginx](#opt-services.nginx.enable) may look like the following:
```nix
{ config, ... }: {
services.anubis.instances.default.settings.TARGET = "http://localhost:8000";
# required due to unix socket permissions
users.users.nginx.extraGroups = [ config.users.groups.anubis.name ];
services.nginx.virtualHosts."example.com" = {
locations = {
"/".proxyPass = "http://unix:${config.services.anubis.instances.default.settings.BIND}";
};
};
}
```
If Unix domain sockets are not needed or desired, this module supports operating with only TCP sockets.
```nix
{
services.anubis = {
instances.default = {
settings = {
TARGET = "http://localhost:8080";
BIND = ":9000";
BIND_NETWORK = "tcp";
METRICS_BIND = "127.0.0.1:9001";
METRICS_BIND_NETWORK = "tcp";
};
};
};
}
```
## Configuration {#module-services-anubis-configuration}
It is possible to configure default settings for all instances of Anubis, via {option}`services.anubis.defaultOptions`.
```nix
{
services.anubis.defaultOptions = {
botPolicy = { dnsbl = false; };
settings.DIFFICULTY = 3;
};
}
```
Note that at the moment, a custom bot policy is not merged with the baked-in one. That means to only override a setting
like `dnsbl`, copying the entire bot policy is required. Check
[the upstream repository](https://github.com/TecharoHQ/anubis/blob/1509b06cb921aff842e71fbb6636646be6ed5b46/cmd/anubis/botPolicies.json)
for the policy.

314
nixos/modules/services/networking/anubis.nix Normal file
View file

@ -0,0 +1,314 @@
{
config,
lib,
pkgs,
...
}:
let
inherit (lib) types;
jsonFormat = pkgs.formats.json { };
cfg = config.services.anubis;
enabledInstances = lib.filterAttrs (_: conf: conf.enable) cfg.instances;
instanceName = name: if name == "" then "anubis" else "anubis-${name}";
commonSubmodule =
isDefault:
let
mkDefaultOption =
path: opts:
lib.mkOption (
opts
// lib.optionalAttrs (!isDefault && opts ? default) {
default =
lib.attrByPath (lib.splitString "." path)
(throw "This is a bug in the Anubis module. Please report this as an issue.")
cfg.defaultOptions;
defaultText = lib.literalExpression "config.services.anubis.defaultOptions.${path}";
}
);
in
{ name, ... }:
{
options = {
enable = lib.mkEnableOption "this instance of Anubis" // {
default = true;
};
user = mkDefaultOption "user" {
default = "anubis";
description = ''
The user under which Anubis is run.
This module utilizes systemd's DynamicUser feature. See the corresponding section in
{manpage}`systemd.exec(5)` for more details.
'';
type = types.str;
};
group = mkDefaultOption "group" {
default = "anubis";
description = ''
The group under which Anubis is run.
This module utilizes systemd's DynamicUser feature. See the corresponding section in
{manpage}`systemd.exec(5)` for more details.
'';
type = types.str;
};
botPolicy = lib.mkOption {
default = null;
description = ''
Anubis policy configuration in Nix syntax. Set to `null` to use the baked-in policy which should be
sufficient for most use-cases.
This option has no effect if `settings.POLICY_FNAME` is set to a different value, which is useful for
importing an existing configuration.
See [the documentation](https://anubis.techaro.lol/docs/admin/policies) for details.
'';
type = types.nullOr jsonFormat.type;
};
extraFlags = mkDefaultOption "extraFlags" {
default = [ ];
description = "A list of extra flags to be passed to Anubis.";
example = [ "-metrics-bind \"\"" ];
type = types.listOf types.str;
};
settings = lib.mkOption {
default = { };
description = ''
Freeform configuration via environment variables for Anubis.
See [the documentation](https://anubis.techaro.lol/docs/admin/installation) for a complete list of
available environment variables.
'';
type = types.submodule [
{
freeformType =
with types;
attrsOf (
nullOr (oneOf [
str
int
bool
])
);
options = {
# BIND and METRICS_BIND are defined in instance specific options, since global defaults don't make sense
BIND_NETWORK = mkDefaultOption "settings.BIND_NETWORK" {
default = "unix";
description = ''
The network family that Anubis should bind to.
Accepts anything supported by Go's [`net.Listen`](https://pkg.go.dev/net#Listen).
Common values are `tcp` and `unix`.
'';
example = "tcp";
type = types.str;
};
METRICS_BIND_NETWORK = mkDefaultOption "settings.METRICS_BIND_NETWORK" {
default = "unix";
description = ''
The network family that the metrics server should bind to.
Accepts anything supported by Go's [`net.Listen`](https://pkg.go.dev/net#Listen).
Common values are `tcp` and `unix`.
'';
example = "tcp";
type = types.str;
};
SOCKET_MODE = mkDefaultOption "settings.SOCKET_MODE" {
default = "0770";
description = "The permissions on the Unix domain sockets created.";
example = "0700";
type = types.str;
};
DIFFICULTY = mkDefaultOption "settings.DIFFICULTY" {
default = 4;
description = ''
The difficulty required for clients to solve the challenge.
Currently, this means the amount of leading zeros in a successful response.
'';
type = types.int;
example = 5;
};
SERVE_ROBOTS_TXT = mkDefaultOption "settings.SERVE_ROBOTS_TXT" {
default = false;
description = ''
Whether to serve a default robots.txt that denies access to common AI bots by name and all other
bots by wildcard.
'';
type = types.bool;
};
# generated by default
POLICY_FNAME = mkDefaultOption "settings.POLICY_FNAME" {
default = null;
description = ''
The bot policy file to use. Leave this as `null` to respect the value set in
{option}`services.anubis.instances.<name>.botPolicy`.
'';
type = types.nullOr types.path;
};
};
}
(lib.optionalAttrs (!isDefault) (instanceSpecificOptions name))
];
};
};
};
instanceSpecificOptions = name: {
options = {
# see other options above
BIND = lib.mkOption {
default = "/run/anubis/${instanceName name}.sock";
description = ''
The address that Anubis listens to. See Go's [`net.Listen`](https://pkg.go.dev/net#Listen) for syntax.
Defaults to Unix domain sockets. To use TCP sockets, set this to a TCP address and `BIND_NETWORK` to `"tcp"`.
'';
example = ":8080";
type = types.str;
};
METRICS_BIND = lib.mkOption {
default = "/run/anubis/${instanceName name}-metrics.sock";
description = ''
The address Anubis' metrics server listens to. See Go's [`net.Listen`](https://pkg.go.dev/net#Listen) for
syntax.
The metrics server is enabled by default and may be disabled. However, due to implementation details, this is
only possible by setting a command line flag. See {option}`services.anubis.defaultOptions.extraFlags` for an
example.
Defaults to Unix domain sockets. To use TCP sockets, set this to a TCP address and `METRICS_BIND_NETWORK` to
`"tcp"`.
'';
example = "127.0.0.1:8081";
type = types.str;
};
TARGET = lib.mkOption {
description = ''
The reverse proxy target that Anubis is protecting. This is a required option.
The usage of Unix domain sockets is supported by the following syntax: `unix:///path/to/socket.sock`.
'';
example = "http://127.0.0.1:8000";
type = types.str;
};
};
};
in
{
options.services.anubis = {
package = lib.mkPackageOption pkgs "anubis" { };
defaultOptions = lib.mkOption {
default = { };
description = "Default options for all instances of Anubis.";
type = types.submodule (commonSubmodule true);
};
instances = lib.mkOption {
default = { };
description = ''
An attribute set of Anubis instances.
The attribute name may be an empty string, in which case the `-<name>` suffix is not added to the service name
and socket paths.
'';
type = types.attrsOf (types.submodule (commonSubmodule false));
};
};
config = lib.mkIf (enabledInstances != { }) {
users.users = lib.mkIf (cfg.defaultOptions.user == "anubis") {
anubis = {
isSystemUser = true;
group = cfg.defaultOptions.group;
};
};
users.groups = lib.mkIf (cfg.defaultOptions.group == "anubis") {
anubis = { };
};
systemd.services = lib.mapAttrs' (
name: instance:
lib.nameValuePair "${instanceName name}" {
description = "Anubis (${if name == "" then "default" else name} instance)";
wantedBy = [ "multi-user.target" ];
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
environment = lib.mapAttrs (lib.const (lib.generators.mkValueStringDefault { })) (
lib.filterAttrs (_: v: v != null) instance.settings
);
serviceConfig = {
User = instance.user;
Group = instance.group;
DynamicUser = true;
ExecStart = lib.concatStringsSep " " (
(lib.singleton (lib.getExe cfg.package)) ++ instance.extraFlags
);
RuntimeDirectory =
if
lib.any (lib.hasPrefix "/run/anubis") (
with instance.settings;
[
BIND
METRICS_BIND
]
)
then
"anubis"
else
null;
# hardening
NoNewPrivileges = true;
CapabilityBoundingSet = null;
SystemCallFilter = [
"@system-service"
"~@privileged"
];
SystemCallArchitectures = "native";
MemoryDenyWriteExecute = true;
PrivateUsers = true;
PrivateTmp = true;
PrivateDevices = true;
ProtectHome = true;
ProtectClock = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectProc = "invisible";
ProtectSystem = "strict";
ProtectControlGroups = "strict";
LockPersonality = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
RestrictNamespaces = true;
RestrictAddressFamilies = [
"AF_UNIX"
"AF_INET"
"AF_INET6"
];
};
}
) enabledInstances;
};
meta.maintainers = with lib.maintainers; [ soopyc ];
meta.doc = ./anubis.md;
}

1
nixos/tests/all-tests.nix
View file

@ -198,6 +198,7 @@ in
amd-sev = runTest ./amd-sev.nix;
angie-api = runTest ./angie-api.nix;
anki-sync-server = runTest ./anki-sync-server.nix;
anubis = runTest ./anubis.nix;
anuko-time-tracker = runTest ./anuko-time-tracker.nix;
apcupsd = runTest ./apcupsd.nix;
apfs = runTest ./apfs.nix;

98
nixos/tests/anubis.nix Normal file
View file

@ -0,0 +1,98 @@
{ lib, ... }:
{
name = "anubis";
meta.maintainers = [ lib.maintainers.soopyc ];
nodes.machine =
{
config,
pkgs,
...
}:
{
services.anubis.instances = {
"".settings.TARGET = "http://localhost:8080";
"tcp" = {
user = "anubis-tcp";
group = "anubis-tcp";
settings = {
TARGET = "http://localhost:8080";
BIND = ":9000";
BIND_NETWORK = "tcp";
METRICS_BIND = ":9001";
METRICS_BIND_NETWORK = "tcp";
};
};
"unix-upstream" = {
group = "nginx";
settings.TARGET = "unix:///run/nginx/nginx.sock";
};
};
# support
users.users.nginx.extraGroups = [ config.users.groups.anubis.name ];
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts."basic.localhost".locations = {
"/".proxyPass = "http://unix:${config.services.anubis.instances."".settings.BIND}";
"/metrics".proxyPass = "http://unix:${config.services.anubis.instances."".settings.METRICS_BIND}";
};
virtualHosts."tcp.localhost".locations = {
"/".proxyPass = "http://localhost:9000";
"/metrics".proxyPass = "http://localhost:9001";
};
virtualHosts."unix.localhost".locations = {
"/".proxyPass = "http://unix:${config.services.anubis.instances.unix-upstream.settings.BIND}";
};
# emulate an upstream with nginx, listening on tcp and unix sockets.
virtualHosts."upstream.localhost" = {
default = true; # make nginx match this vhost for `localhost`
listen = [
{ addr = "unix:/run/nginx/nginx.sock"; }
{
addr = "localhost";
port = 8080;
}
];
locations."/" = {
tryFiles = "$uri $uri/index.html =404";
root = pkgs.runCommand "anubis-test-upstream" { } ''
mkdir $out
echo "it works" >> $out/index.html
'';
};
};
};
};
testScript = ''
for unit in ["nginx", "anubis", "anubis-tcp", "anubis-unix-upstream"]:
machine.wait_for_unit(unit + ".service")
for port in [9000, 9001]:
machine.wait_for_open_port(port)
for instance in ["anubis", "anubis-unix-upstream"]:
machine.wait_for_open_unix_socket(f"/run/anubis/{instance}.sock")
machine.wait_for_open_unix_socket(f"/run/anubis/{instance}-metrics.sock")
# Default unix socket mode
machine.succeed('curl -f http://basic.localhost | grep "it works"')
machine.succeed('curl -f http://basic.localhost -H "User-Agent: Mozilla" | grep anubis')
machine.succeed('curl -f http://basic.localhost/metrics | grep anubis_challenges_issued')
machine.succeed('curl -f -X POST http://basic.localhost/.within.website/x/cmd/anubis/api/make-challenge | grep challenge')
# TCP mode
machine.succeed('curl -f http://tcp.localhost -H "User-Agent: Mozilla" | grep anubis')
machine.succeed('curl -f http://tcp.localhost/metrics | grep anubis_challenges_issued')
# Upstream is a unix socket mode
machine.succeed('curl -f http://unix.localhost/index.html | grep "it works"')
'';
}

4
pkgs/applications/networking/browsers/firefox/packages/firefox-beta.nix
View file

@ -10,11 +10,11 @@
buildMozillaMach rec {
pname = "firefox-beta";
binaryName = pname;
version = "137.0b6";
version = "138.0b4";
applicationName = "Firefox Beta";
src = fetchurl {
url = "mirror://mozilla/firefox/releases/${version}/source/firefox-${version}.source.tar.xz";
sha512 = "84c010f6e21957768a6fcebe6ec2f0e6a50b45b6a416cad3701f36d69dff9a448423e5b4f2ce0dc7abe46cb40ec02872027ad855b9afef355006ba32e13f4e27";
sha512 = "a8f9e645c80d9c40b0435ee00261aa9fcac801efcfcbf42b10e6af9390290b9f643358aca6a01d9465eab3b64f46b2b71b4a3ea4c7e0a8f96bdfce15bf817f92";
};
meta = {

4
pkgs/by-name/ar/archipelago/package.nix
View file

@ -7,10 +7,10 @@
}:
let
pname = "archipelago";
version = "0.6.0";
version = "0.6.1";
src = fetchurl {
url = "https://github.com/ArchipelagoMW/Archipelago/releases/download/${version}/Archipelago_${version}_linux-x86_64.AppImage";
hash = "sha256-hpyMi/Zd4yDKd/53xuChRTQDD9QkcyqwqrmwoWSQMkY=";
hash = "sha256-8mPlR5xVnHL9I0rV4bMFaffSJv7dMlCcPHrLkM/pyVU=";
};
appimageContents = appimageTools.extractType2 { inherit pname version src; };

6
pkgs/by-name/bu/buf/package.nix
View file

@ -11,16 +11,16 @@
buildGoModule rec {
pname = "buf";
version = "1.51.0";
version = "1.52.0";
src = fetchFromGitHub {
owner = "bufbuild";
repo = "buf";
rev = "v${version}";
hash = "sha256-/6SDsIVyorDWjOkdUB1t0vAA2VLy6MiGyiFo+2rUfEU=";
hash = "sha256-Jg3UcSPkJgYxdxRJJCCzxp+pGarToEQut9k/drIdka4=";
};
vendorHash = "sha256-4GD2yNfYTQobPeJ+zPQ+ECDTeNUi4PK8oXSxpBF/4Wk=";
vendorHash = "sha256-+zJ2pCLyXnqFOIWWfnhAzSnUOjQSDo4AqCxBNNZED7E=";
patches = [
# Skip a test that requires networking to be available to work.

4
pkgs/by-name/co/codesnap/package.nix
View file

@ -7,13 +7,13 @@
}:
rustPlatform.buildRustPackage rec {
pname = "codesnap";
version = "0.10.5";
version = "0.10.7";
src = fetchFromGitHub {
owner = "mistricky";
repo = "CodeSnap";
tag = "v${version}";
hash = "sha256-g2Xu/PKRSYrHKDJ5/MZRUkDQeYuxvNWPTuymhI8Iu5Q=";
hash = "sha256-gDV66eLHcg7OuVR0Wo5x3anqKjnS/BsCCVaR6VOnM+s=";
};
useFetchCargoVendor = true;

6
pkgs/by-name/dr/dracula-theme/package.nix
View file

@ -8,7 +8,7 @@
let
themeName = "Dracula";
version = "4.0.0-unstable-2025-03-22";
version = "4.0.0-unstable-2025-04-01";
in
stdenvNoCC.mkDerivation {
pname = "dracula-theme";
@ -17,8 +17,8 @@ stdenvNoCC.mkDerivation {
src = fetchFromGitHub {
owner = "dracula";
repo = "gtk";
rev = "e7f118ac0434988800453bc30671b55ccfe02bd9";
hash = "sha256-f7bYYkAm4f0kSaDY1X2ZLLxlXwzUdFtjHkIeX0QmX9w=";
rev = "ceeb13795df115d150fca7c8ae1721b9a618cb3b";
hash = "sha256-vdA3pkMha+vFQwAspZVLIkNi1VviArN+VUoievdrHZM=";
};
propagatedUserEnvPkgs = [

8
pkgs/by-name/go/godns/package.nix
View file

@ -10,19 +10,19 @@
buildGoModule rec {
pname = "godns";
version = "3.2.2";
version = "3.2.3";
src = fetchFromGitHub {
owner = "TimothyYe";
repo = "godns";
tag = "v${version}";
hash = "sha256-2VBgc+cp1IF3GprSt0oc5WOAepmV8dGhKjwodZ2JS6k=";
hash = "sha256-gKfuyw3cayDNHW2RrPaq1+vETDWyu5yxoiQvmRquwDU=";
};
vendorHash = "sha256-cR+hlIGRPffP21lqDZmqBF4unS6ZyEvEvRlTrswg+js=";
vendorHash = "sha256-3HN67FUtLfIF/V/Ax/UsFD/hmm1g+MsAZkQsZ/DvEcI=";
npmDeps = fetchNpmDeps {
src = "${src}/web";
hash = "sha256-lchAfi97a97TPs22ML3sMrlSZdvWMMC+wBrGbvke5rg=";
hash = "sha256-wumu3uTzZh4uXlxaDfS8rxWapjkKnzCQGk3izH242qc=";
};
npmRoot = "web";

4
pkgs/by-name/in/incus-ui-canonical/package.nix
View file

@ -20,14 +20,14 @@ let
in
stdenv.mkDerivation rec {
pname = "incus-ui-canonical";
version = "0.15.1";
version = "0.15.2";
src = fetchFromGitHub {
owner = "zabbly";
repo = "incus-ui-canonical";
# only use tags prefixed by incus- they are the tested fork versions
tag = "incus-${version}";
hash = "sha256-oXdkMalzAAcHEwca6h83cHH4buC/gGu5F3S82RM+IX4=";
hash = "sha256-jcdjbrQsBshpSogPkDO2DHYIyWmxEOJbFFG25X2mni0=";
};
offlineCache = fetchYarnDeps {

6
pkgs/by-name/in/incus/lts.nix
View file

@ -1,7 +1,7 @@
import ./generic.nix {
hash = "sha256-+W4imWem5iQ6nPVcoObc4COFxQVED0ppVd/YC+Nqtgw=";
version = "6.0.3";
vendorHash = "sha256-ZUtWzbAjHij95khYx8lWYEpA8ITlMtKpObG5Vl7aE90=";
hash = "sha256-zwefzCmj4K1GJRbherOS28swLoGbHnUxbF9bmLOh738=";
version = "6.0.4";
vendorHash = "sha256-4of741V2ztxkyI2r5UVEL5ON/9kaDTygosLxyTw6ShQ=";
patches = [
# qemu 9.1 compat, remove when added to LTS
./572afb06f66f83ca95efa1b9386fceeaa1c9e11b.patch

4
pkgs/by-name/lx/lxc/package.nix
View file

@ -22,13 +22,13 @@
stdenv.mkDerivation (finalAttrs: {
pname = "lxc";
version = "6.0.3";
version = "6.0.4";
src = fetchFromGitHub {
owner = "lxc";
repo = "lxc";
tag = "v${finalAttrs.version}";
hash = "sha256-h41lcHGjJmIH28XRpM0gdFsOQOCLSWevSLfvQ7gIf7Q=";
hash = "sha256-zmL568PprrpIWTVCkScXHEzTZ+NduSH4r8ETnz4NY64=";
};
nativeBuildInputs = [

13
pkgs/by-name/lx/lxcfs/package.nix
View file

@ -17,13 +17,13 @@
stdenv.mkDerivation rec {
pname = "lxcfs";
version = "6.0.3";
version = "6.0.4";
src = fetchFromGitHub {
owner = "lxc";
repo = "lxcfs";
rev = "v${version}";
hash = "sha256-+Xlx1E6ggB/Vx3yOJGgh4UfEvaVyT7uOttaxelDA7Iw=";
tag = "v${version}";
hash = "sha256-jmadClC/3nHfNL+F/gC5NM6u03OE9flEVtPU28nylw4=";
};
patches = [
@ -59,6 +59,13 @@ stdenv.mkDerivation rec {
util-linux
]
}
# requires access to sleep
wrapProgram "$out/share/lxcfs/lxc.reboot.hook" --prefix PATH : ${
lib.makeBinPath [
coreutils
]
}
'';
postFixup = ''

6
pkgs/by-name/ne/netbird/package.nix
View file

@ -31,16 +31,16 @@ let
in
buildGoModule (finalAttrs: {
pname = "netbird";
version = "0.39.2";
version = "0.40.0";
src = fetchFromGitHub {
owner = "netbirdio";
repo = "netbird";
tag = "v${finalAttrs.version}";
hash = "sha256-K1qnQfkptMFviWWqzDA+yju/L/aMNTyO3qDHzMJnXzU=";
hash = "sha256-GbKA6tJLCQNCiG9rj3iW4l51nQEbt42u7B6tFCbDSTQ=";
};
vendorHash = "sha256-yNFyW1D2gFkt2VDTyiaDXPw0zrT4KBQTe72x0Jh0jOs=";
vendorHash = "sha256-vy725OvkYLyCDYEmnPpXJWqyofb29GiP4GkLn1GInm0=";
nativeBuildInputs = [ installShellFiles ] ++ lib.optional ui pkg-config;

2
pkgs/by-name/ni/nixos-rebuild-ng/README.md
View file

@ -148,8 +148,6 @@ not possible to fix, please open an issue and we can discuss a solution.
## TODON'T
- Reimplement `systemd-run` logic: will be moved to the new
[`apply`](https://github.com/NixOS/nixpkgs/pull/344407) script
- Nix bootstrap: it is only used for non-Flake paths and it is basically
useless nowadays. It was created at a time when Nix was changing frequently
and there was a need to bootstrap a new version of Nix before evaluating the

31
pkgs/by-name/ni/nixos-rebuild-ng/src/nixos_rebuild/nix.py
View file

@ -29,6 +29,22 @@ from .utils import Args, dict_to_flags
FLAKE_FLAGS: Final = ["--extra-experimental-features", "nix-command flakes"]
FLAKE_REPL_TEMPLATE: Final = "repl.nix.template"
SWITCH_TO_CONFIGURATION_CMD_PREFIX: Final = [
"systemd-run",
"-E",
# Will be set to new value early in switch-to-configuration script,
# but interpreter starts out with old value
"LOCALE_ARCHIVE",
"-E",
"NIXOS_INSTALL_BOOTLOADER",
"--collect",
"--no-ask-password",
"--pipe",
"--quiet",
"--same-dir",
"--service-type=exec",
"--unit=nixos-rebuild-switch-to-configuration",
]
logger = logging.getLogger(__name__)
@ -628,8 +644,21 @@ def switch_to_configuration(
if not path_to_config.exists():
raise NRError(f"specialisation not found: {specialisation}")
r = run_wrapper(
["test", "-d", "/run/systemd/system"],
remote=target_host,
check=False,
)
cmd = SWITCH_TO_CONFIGURATION_CMD_PREFIX
if r.returncode:
logger.debug(
"skipping systemd-run to switch configuration since systemd is "
+ "not working in target host"
)
cmd = []
run_wrapper(
[path_to_config / "bin/switch-to-configuration", str(action)],
[*cmd, path_to_config / "bin/switch-to-configuration", str(action)],
extra_env={"NIXOS_INSTALL_BOOTLOADER": "1" if install_bootloader else "0"},
remote=target_host,
sudo=sudo,

99
pkgs/by-name/ni/nixos-rebuild-ng/src/tests/test_main.py
View file

@ -234,7 +234,7 @@ def test_execute_nix_boot(mock_run: Mock, tmp_path: Path) -> None:
nr.execute(["nixos-rebuild", "boot", "--no-flake", "-vvv", "--no-reexec"])
assert mock_run.call_count == 6
assert mock_run.call_count == 7
mock_run.assert_has_calls(
[
call(
@ -279,7 +279,16 @@ def test_execute_nix_boot(mock_run: Mock, tmp_path: Path) -> None:
**DEFAULT_RUN_KWARGS,
),
call(
[config_path / "bin/switch-to-configuration", "boot"],
["test", "-d", "/run/systemd/system"],
check=False,
**DEFAULT_RUN_KWARGS,
),
call(
[
*nr.nix.SWITCH_TO_CONFIGURATION_CMD_PREFIX,
config_path / "bin/switch-to-configuration",
"boot",
],
check=True,
**(DEFAULT_RUN_KWARGS | {"env": {"NIXOS_INSTALL_BOOTLOADER": "0"}}),
),
@ -442,7 +451,7 @@ def test_execute_nix_switch_flake(mock_run: Mock, tmp_path: Path) -> None:
]
)
assert mock_run.call_count == 3
assert mock_run.call_count == 4
mock_run.assert_has_calls(
[
call(
@ -476,7 +485,17 @@ def test_execute_nix_switch_flake(mock_run: Mock, tmp_path: Path) -> None:
**DEFAULT_RUN_KWARGS,
),
call(
["sudo", config_path / "bin/switch-to-configuration", "switch"],
["test", "-d", "/run/systemd/system"],
check=False,
**DEFAULT_RUN_KWARGS,
),
call(
[
"sudo",
*nr.nix.SWITCH_TO_CONFIGURATION_CMD_PREFIX,
config_path / "bin/switch-to-configuration",
"switch",
],
check=True,
**(DEFAULT_RUN_KWARGS | {"env": {"NIXOS_INSTALL_BOOTLOADER": "1"}}),
),
@ -535,7 +554,7 @@ def test_execute_nix_switch_build_target_host(
]
)
assert mock_run.call_count == 10
assert mock_run.call_count == 11
mock_run.assert_has_calls(
[
call(
@ -661,6 +680,19 @@ def test_execute_nix_switch_build_target_host(
check=True,
**DEFAULT_RUN_KWARGS,
),
call(
[
"ssh",
*nr.process.SSH_DEFAULT_OPTS,
"user@target-host",
"--",
"test",
"-d",
"/run/systemd/system",
],
check=False,
**DEFAULT_RUN_KWARGS,
),
call(
[
"ssh",
@ -670,6 +702,7 @@ def test_execute_nix_switch_build_target_host(
"sudo",
"env",
"NIXOS_INSTALL_BOOTLOADER=0",
*nr.nix.SWITCH_TO_CONFIGURATION_CMD_PREFIX,
str(config_path / "bin/switch-to-configuration"),
"switch",
],
@ -712,7 +745,7 @@ def test_execute_nix_switch_flake_target_host(
]
)
assert mock_run.call_count == 4
assert mock_run.call_count == 5
mock_run.assert_has_calls(
[
call(
@ -750,6 +783,19 @@ def test_execute_nix_switch_flake_target_host(
check=True,
**DEFAULT_RUN_KWARGS,
),
call(
[
"ssh",
*nr.process.SSH_DEFAULT_OPTS,
"user@localhost",
"--",
"test",
"-d",
"/run/systemd/system",
],
check=False,
**DEFAULT_RUN_KWARGS,
),
call(
[
"ssh",
@ -759,6 +805,7 @@ def test_execute_nix_switch_flake_target_host(
"sudo",
"env",
"NIXOS_INSTALL_BOOTLOADER=0",
*nr.nix.SWITCH_TO_CONFIGURATION_CMD_PREFIX,
str(config_path / "bin/switch-to-configuration"),
"switch",
],
@ -802,7 +849,7 @@ def test_execute_nix_switch_flake_build_host(
]
)
assert mock_run.call_count == 6
assert mock_run.call_count == 7
mock_run.assert_has_calls(
[
call(
@ -863,7 +910,16 @@ def test_execute_nix_switch_flake_build_host(
**DEFAULT_RUN_KWARGS,
),
call(
[config_path / "bin/switch-to-configuration", "switch"],
["test", "-d", "/run/systemd/system"],
check=False,
**DEFAULT_RUN_KWARGS,
),
call(
[
*nr.nix.SWITCH_TO_CONFIGURATION_CMD_PREFIX,
config_path / "bin/switch-to-configuration",
"switch",
],
check=True,
**DEFAULT_RUN_KWARGS,
),
@ -881,6 +937,8 @@ def test_execute_switch_rollback(mock_run: Mock, tmp_path: Path) -> None:
return CompletedProcess([], 0, str(nixpkgs_path))
elif args[0] == "git":
return CompletedProcess([], 0, "")
elif args[0] == "test":
return CompletedProcess([], 1)
else:
return CompletedProcess([], 0)
@ -897,7 +955,7 @@ def test_execute_switch_rollback(mock_run: Mock, tmp_path: Path) -> None:
]
)
assert mock_run.call_count == 4
assert mock_run.call_count == 5
mock_run.assert_has_calls(
[
call(
@ -929,6 +987,11 @@ def test_execute_switch_rollback(mock_run: Mock, tmp_path: Path) -> None:
check=True,
**DEFAULT_RUN_KWARGS,
),
call(
["test", "-d", "/run/systemd/system"],
check=False,
**DEFAULT_RUN_KWARGS,
),
call(
[
Path("/nix/var/nix/profiles/system/bin/switch-to-configuration"),
@ -978,6 +1041,8 @@ def test_execute_test_flake(mock_run: Mock, tmp_path: Path) -> None:
def run_side_effect(args: list[str], **kwargs: Any) -> CompletedProcess[str]:
if args[0] == "nix":
return CompletedProcess([], 0, str(config_path))
elif args[0] == "test":
return CompletedProcess([], 1)
else:
return CompletedProcess([], 0)
@ -987,7 +1052,7 @@ def test_execute_test_flake(mock_run: Mock, tmp_path: Path) -> None:
["nixos-rebuild", "test", "--flake", "github:user/repo#hostname", "--no-reexec"]
)
assert mock_run.call_count == 2
assert mock_run.call_count == 3
mock_run.assert_has_calls(
[
call(
@ -1003,6 +1068,11 @@ def test_execute_test_flake(mock_run: Mock, tmp_path: Path) -> None:
stdout=PIPE,
**DEFAULT_RUN_KWARGS,
),
call(
["test", "-d", "/run/systemd/system"],
check=False,
**DEFAULT_RUN_KWARGS,
),
call(
[config_path / "bin/switch-to-configuration", "test"],
check=True,
@ -1031,6 +1101,8 @@ def test_execute_test_rollback(
2084 2024-11-07 23:54:17 (current)
"""),
)
elif args[0] == "test":
return CompletedProcess([], 1)
else:
return CompletedProcess([], 0)
@ -1040,7 +1112,7 @@ def test_execute_test_rollback(
["nixos-rebuild", "test", "--rollback", "--profile-name", "foo", "--no-reexec"]
)
assert mock_run.call_count == 2
assert mock_run.call_count == 3
mock_run.assert_has_calls(
[
call(
@ -1054,6 +1126,11 @@ def test_execute_test_rollback(
stdout=PIPE,
**DEFAULT_RUN_KWARGS,
),
call(
["test", "-d", "/run/systemd/system"],
check=False,
**DEFAULT_RUN_KWARGS,
),
call(
[
Path(

61
pkgs/by-name/ni/nixos-rebuild-ng/src/tests/test_nix.py
View file

@ -689,9 +689,12 @@ def test_set_profile(mock_run: Mock) -> None:
@patch(get_qualified_name(n.run_wrapper, n), autospec=True)
def test_switch_to_configuration(mock_run: Mock, monkeypatch: MonkeyPatch) -> None:
def test_switch_to_configuration_without_systemd_run(
mock_run: Any, monkeypatch: MonkeyPatch
) -> None:
profile_path = Path("/path/to/profile")
config_path = Path("/path/to/config")
mock_run.return_value = CompletedProcess([], 1)
with monkeypatch.context() as mp:
mp.setenv("LOCALE_ARCHIVE", "")
@ -749,6 +752,62 @@ def test_switch_to_configuration(mock_run: Mock, monkeypatch: MonkeyPatch) -> No
)
@patch(get_qualified_name(n.run_wrapper, n), autospec=True)
def test_switch_to_configuration_with_systemd_run(
mock_run: Mock, monkeypatch: MonkeyPatch
) -> None:
profile_path = Path("/path/to/profile")
config_path = Path("/path/to/config")
mock_run.return_value = CompletedProcess([], 0)
with monkeypatch.context() as mp:
mp.setenv("LOCALE_ARCHIVE", "")
n.switch_to_configuration(
profile_path,
m.Action.SWITCH,
sudo=False,
target_host=None,
specialisation=None,
install_bootloader=False,
)
mock_run.assert_called_with(
[
*n.SWITCH_TO_CONFIGURATION_CMD_PREFIX,
profile_path / "bin/switch-to-configuration",
"switch",
],
extra_env={"NIXOS_INSTALL_BOOTLOADER": "0"},
sudo=False,
remote=None,
)
target_host = m.Remote("user@localhost", [], None)
with monkeypatch.context() as mp:
mp.setenv("LOCALE_ARCHIVE", "/path/to/locale")
mp.setenv("PATH", "/path/to/bin")
mp.setattr(Path, Path.exists.__name__, lambda self: True)
n.switch_to_configuration(
Path("/path/to/config"),
m.Action.TEST,
sudo=True,
target_host=target_host,
install_bootloader=True,
specialisation="special",
)
mock_run.assert_called_with(
[
*n.SWITCH_TO_CONFIGURATION_CMD_PREFIX,
config_path / "specialisation/special/bin/switch-to-configuration",
"test",
],
extra_env={"NIXOS_INSTALL_BOOTLOADER": "1"},
sudo=True,
remote=target_host,
)
@patch(
get_qualified_name(n.Path.glob, n),
autospec=True,

4
pkgs/by-name/op/open-web-calendar/package.nix
View file

@ -12,7 +12,7 @@ let
in
python.pkgs.buildPythonApplication rec {
pname = "open-web-calendar";
version = "1.48";
version = "1.49";
pyproject = true;
disabled = python.pythonOlder "3.9";
@ -20,7 +20,7 @@ python.pkgs.buildPythonApplication rec {
src = fetchPypi {
inherit version;
pname = "open_web_calendar";
hash = "sha256-SSe5vkrfTpUFdSLglBxo5//VZfuXYnWs5sUKJL2zWOw=";
hash = "sha256-vtmIqiF85zn8CiMUWsCKJUzfiiK/j+xlZIyuIMGxR4I=";
};
# The Pypi tarball doesn't contain open_web_calendars/features

5
pkgs/by-name/pa/parca/package.nix
View file

@ -68,6 +68,11 @@ buildGoModule rec {
cp -r ${ui}/share/parca/ui/* ui/packages/app/web/build
'';
passthru = {
inherit ui;
updateScript = ./update.sh;
};
meta = {
mainProgram = "parca";
description = "Continuous profiling for analysis of CPU and memory usage";

53
pkgs/by-name/pa/parca/update.sh Executable file
View file

@ -0,0 +1,53 @@
#!/usr/bin/env nix-shell
#!nix-shell -I nixpkgs=./. -i bash -p curl jq git pnpm_9
# shellcheck shell=bash
set -euo pipefail
nixpkgs="$(pwd)"
cd $(readlink -e $(dirname "${BASH_SOURCE[0]}"))
# Update the hash of the parca source code in the Nix expression.
update_parca_source() {
local version; version="$1"
echo "Updating parca source"
old_version="$(nix eval --json --impure --expr "(import $nixpkgs/default.nix {}).parca.version" | jq -r)"
sed -i "s|${old_version}|${version}|g" package.nix
old_hash="$(nix eval --json --impure --expr "(import $nixpkgs/default.nix {}).parca.src.outputHash" | jq -r)"
new_hash="$(nix-build --impure --expr "let src = (import $nixpkgs/default.nix {}).parca.src; in (src.overrideAttrs or (f: src // f src)) (_: { outputHash = \"\"; outputHashAlgo = \"sha256\"; })" 2>&1 | tr -s ' ' | grep -Po "got: \K.+$")" || true
sed -i "s|${old_hash}|${new_hash}|g" package.nix
}
# Update the hash of the parca ui pnpm dependencies in the Nix expression.
update_pnpm_deps_hash() {
echo "Updating parca ui pnpm deps hash"
old_hash="$(nix eval --json --impure --expr "(import $nixpkgs/default.nix {}).parca.ui.pnpmDeps.outputHash" | jq -r)"
new_hash="$(nix-build --impure --expr "let src = (import $nixpkgs/default.nix {}).parca.ui.pnpmDeps; in (src.overrideAttrs or (f: src // f src)) (_: { outputHash = \"\"; outputHashAlgo = \"sha256\"; })" 2>&1 | tr -s ' ' | grep -Po "got: \K.+$")" || true
sed -i "s|${old_hash}|${new_hash}|g" package.nix
}
# Update the hash of the parca go dependencies in the Nix expression.
update_go_deps_hash() {
echo "Updating parca go deps hash"
old_hash="$(nix eval --json --impure --expr "(import $nixpkgs/default.nix {}).parca.vendorHash" | jq -r)"
new_hash="$(nix-build --impure --expr "let src = (import $nixpkgs/default.nix {}).parca; in (src.overrideAttrs { vendorHash = \"\"; })" 2>&1 | tr -s ' ' | grep -Po "got: \K.+$")" || true
sed -i "s|${old_hash}|${new_hash}|g" package.nix
}
LATEST_TAG="$(curl -s ${GITHUB_TOKEN:+-u ":$GITHUB_TOKEN"} https://api.github.com/repos/parca-dev/parca/releases/latest | jq -r '.tag_name')"
LATEST_VERSION="$(expr "$LATEST_TAG" : 'v\(.*\)')"
CURRENT_VERSION="$(nix eval --json --impure --expr "(import $nixpkgs/default.nix {}).parca.version" | jq -r)"
if [[ "$CURRENT_VERSION" == "$LATEST_VERSION" ]]; then
echo "parca is up to date: ${CURRENT_VERSION}"
exit 0
fi
update_parca_source "$LATEST_VERSION"
update_pnpm_deps_hash
update_go_deps_hash

63
pkgs/by-name/ra/rav1d/package.nix Normal file
View file

@ -0,0 +1,63 @@
{
lib,
rustPlatform,
fetchFromGitHub,
nasm,
meson,
ninja,
pkg-config,
nix-update-script,
}:
rustPlatform.buildRustPackage (finalAttrs: {
pname = "rav1d";
version = "1.0.0";
src = fetchFromGitHub {
owner = "memorysafety";
repo = "rav1d";
tag = "v${finalAttrs.version}";
hash = "sha256-8Moj3v7cxPluzNPmOmGhYuz/Qh48BnBjN7Vt4f8aY2o=";
};
cargoHash = "sha256-M0j0zgDqElhG3Jgetjx2sL3rxLrShK0zTMmOXwNxBEI=";
nativeBuildInputs = [
nasm
];
# Tests are using meson
# https://github.com/memorysafety/rav1d/tree/v1.0.0?tab=readme-ov-file#running-tests
nativeCheckInputs = [
meson
ninja
pkg-config
];
checkPhase =
let
cargoTarget = rustPlatform.cargoInstallHook.targetSubdirectory;
in
''
runHook preCheck
patchShebangs .github/workflows/test.sh
.github/workflows/test.sh -r target/${cargoTarget}/release/dav1d
runHook postCheck
'';
passthru = {
updateScript = nix-update-script { };
};
meta = {
description = "AV1 cross-platform decoder, Rust port of dav1d";
homepage = "https://github.com/memorysafety/rav1d";
changelog = "https://github.com/memorysafety/rav1d/releases/tag/v${finalAttrs.version}";
license = lib.licenses.bsd2;
maintainers = with lib.maintainers; [ liberodark ];
mainProgram = "dav1d";
};
})

19
pkgs/by-name/ro/rockcraft/package.nix
View file

@ -7,17 +7,18 @@
testers,
rockcraft,
cacert,
writableTmpDirAsHomeHook,
}:
python3Packages.buildPythonApplication rec {
pname = "rockcraft";
version = "1.9.0";
version = "1.10.0";
src = fetchFromGitHub {
owner = "canonical";
repo = "rockcraft";
rev = version;
hash = "sha256-cgNKMxQrD9/OfmY5YEnpbNDstDdXqc/wdfCb4HvsgNM=";
hash = "sha256-LrUs6/YRQYU0o1kmNdBhafvDIyw91FnW8+9i0Jj5f+Y=";
};
pyproject = true;
@ -39,20 +40,24 @@ python3Packages.buildPythonApplication rec {
pytest-mock
pytest-subprocess
pytestCheckHook
writableTmpDirAsHomeHook
]
++ [ dpkg ];
preCheck = ''
mkdir -p check-phase
export HOME="$(pwd)/check-phase"
'';
disabledTests = [
"test_project_all_platforms_invalid"
"test_run_init_flask"
"test_run_init_django"
];
disabledTestPaths = [
# Relies upon info in the .git directory which is stripped by fetchFromGitHub,
# and the version is overridden anyway.
"tests/integration/test_version.py"
# Tests non-Nix native packaging
"tests/integration/test_setuptools.py"
];
passthru = {
updateScript = nix-update-script { };
tests.version = testers.testVersion {

8
pkgs/by-name/sn/snapcraft/lxd-socket-path.patch
View file

@ -1,7 +1,7 @@
diff --git a/snapcraft_legacy/internal/build_providers/_lxd/_lxd.py b/snapcraft_legacy/internal/build_providers/_lxd/_lxd.py
index 5fa4f898..41264ebb 100644
--- a/snapcraft_legacy/internal/build_providers/_lxd/_lxd.py
+++ b/snapcraft_legacy/internal/build_providers/_lxd/_lxd.py
diff --git i/snapcraft_legacy/internal/build_providers/_lxd/_lxd.py w/snapcraft_legacy/internal/build_providers/_lxd/_lxd.py
index 5fa4f898b..41264ebb0 100644
--- i/snapcraft_legacy/internal/build_providers/_lxd/_lxd.py
+++ w/snapcraft_legacy/internal/build_providers/_lxd/_lxd.py
@@ -142,7 +142,7 @@ class LXD(Provider):
build_provider_flags=build_provider_flags,
)

4
pkgs/by-name/sn/snapcraft/package.nix
View file

@ -13,7 +13,7 @@
python3Packages.buildPythonApplication rec {
pname = "snapcraft";
version = "8.7.3";
version = "8.8.0";
pyproject = true;
@ -21,7 +21,7 @@ python3Packages.buildPythonApplication rec {
owner = "canonical";
repo = "snapcraft";
tag = version;
hash = "sha256-T39hhosZTttX8jMlF5ul9oBcsh+FKusepj0k2NMZHNU=";
hash = "sha256-54UOXEH3DxT1P/CRi09gEoq9si+x/1GHFuWRIyEvz3E=";
};
patches = [

19
pkgs/by-name/sn/snapcraft/set-channel-for-nix.patch
View file

@ -1,20 +1,13 @@
diff --git a/snapcraft/providers.py b/snapcraft/providers.py
index a999537a..dcd290a7 100644
--- a/snapcraft/providers.py
+++ b/snapcraft/providers.py
@@ -21,6 +21,7 @@ import sys
from pathlib import Path
from textwrap import dedent
from typing import Dict, Optional
+import platform
from craft_cli import emit
from craft_providers import Provider, ProviderError, bases, executor
@@ -178,14 +179,14 @@ def get_base_configuration(
diff --git i/snapcraft/providers.py w/snapcraft/providers.py
index 41ab6e8f1..ceaf7539b 100644
--- i/snapcraft/providers.py
+++ w/snapcraft/providers.py
@@ -177,14 +177,15 @@ def get_base_configuration(
# injecting a snap on a non-linux system is not supported, so default to
# install snapcraft from the store's stable channel
snap_channel = get_managed_environment_snap_channel()
- if sys.platform != "linux" and not snap_channel:
+ import platform
+ if snap_channel is None and (sys.platform != "linux" or "NixOS" in platform.version()):
emit.progress(
- "Using snapcraft from snap store channel 'latest/stable' in instance "

6
pkgs/by-name/st/steel/package.nix
View file

@ -20,13 +20,13 @@
}:
rustPlatform.buildRustPackage {
pname = "steel";
version = "0.6.0-unstable-2025-03-28";
version = "0.6.0-unstable-2025-04-08";
src = fetchFromGitHub {
owner = "mattwparas";
repo = "steel";
rev = "2f0fba8b16a3fbab083cedcf09974514b3a29d25";
hash = "sha256-i/bmZFoC3fRocO1KeCPGB9K/0yEAcKlLh56N+r1V7CI=";
rev = "764cc318dd427f7502f0c7f2a3bb9f1ba4705cd7";
hash = "sha256-Uxqy8vzRgQ3B/aAUV04OQumWrD9l4RNx1BX20R6lfAE=";
};
useFetchCargoVendor = true;

6
pkgs/by-name/su/supermariowar/package.nix
View file

@ -16,13 +16,13 @@
stdenv.mkDerivation (finalAttrs: {
pname = "supermariowar";
version = "2024-unstable-2025-01-30";
version = "2024-unstable-2025-04-03";
src = fetchFromGitHub {
owner = "mmatyas";
repo = "supermariowar";
rev = "8192bbda2eca807cfe1e2793018bd55ecdaac50a";
hash = "sha256-i/UdKXIOUViv+FJFyss3Xa4Z8+OwW2CQjJ3hROZVaRA=";
rev = "c0ed774a2415ad45e72bd6086add2a5cbfc88898";
hash = "sha256-vh8SSMxAOG8f9nyJmKUlA8yb+G61Bfc62dhB2eLdo20=";
fetchSubmodules = true;
};

4
pkgs/by-name/ta/tana/package.nix
View file

@ -62,7 +62,7 @@ let
stdenv.cc.cc
stdenv.cc.libc
];
version = "1.0.24";
version = "1.0.25";
in
stdenv.mkDerivation {
pname = "tana";
@ -70,7 +70,7 @@ stdenv.mkDerivation {
src = fetchurl {
url = "https://github.com/tanainc/tana-desktop-releases/releases/download/v${version}/tana_${version}_amd64.deb";
hash = "sha256-K3hJD42CWD+yQwbbzysMg2QD9RCw52h1mOV5lTO9CLc=";
hash = "sha256-2At28FVZEtn2RDoHpt+CeUizlBb1JCH6jXxcYoZcvYk=";
};
nativeBuildInputs = [

6
pkgs/development/python-modules/craft-cli/default.nix
View file

@ -11,11 +11,12 @@
pytest-check,
pytest-mock,
pytestCheckHook,
writableTmpDirAsHomeHook,
}:
buildPythonPackage rec {
pname = "craft-cli";
version = "2.15.0";
version = "3.0.0";
pyproject = true;
@ -23,7 +24,7 @@ buildPythonPackage rec {
owner = "canonical";
repo = "craft-cli";
tag = version;
hash = "sha256-L8hOQJhjVAMo/WxEHHEk2QorlSdDFMGdcL/Q3Pv6mT4=";
hash = "sha256-RAnvx5519iXZnJm8jtY635e0DEL7jnIgZtTCindqMTY=";
};
postPatch = ''
@ -46,6 +47,7 @@ buildPythonPackage rec {
pytest-check
pytest-mock
pytestCheckHook
writableTmpDirAsHomeHook
];
pytestFlagsArray = [ "tests/unit" ];

4
pkgs/development/python-modules/craft-platforms/default.nix
View file

@ -14,7 +14,7 @@
buildPythonPackage rec {
pname = "craft-platforms";
version = "0.6.0";
version = "0.7.0";
pyproject = true;
disabled = pythonOlder "3.10";
@ -23,7 +23,7 @@ buildPythonPackage rec {
owner = "canonical";
repo = "craft-platforms";
tag = version;
hash = "sha256-/mnRFw79YMG34/0aQMi237KMNxWanyJixkEKq+zaSuE=";
hash = "sha256-BFs+LqcJWqKMgEr7IzyP5qME+zaV6EFc79ustOB1Cno=";
};
postPatch = ''

9
pkgs/development/python-modules/debugpy/default.nix
View file

@ -11,6 +11,7 @@
pytestCheckHook,
pytest-xdist,
pytest-timeout,
pytest-retry,
importlib-metadata,
psutil,
untangle,
@ -98,6 +99,7 @@ buildPythonPackage rec {
pytestCheckHook
pytest-xdist
pytest-timeout
pytest-retry
## Used by test helpers:
importlib-metadata
@ -128,7 +130,12 @@ buildPythonPackage rec {
'';
# Override default arguments in pytest.ini
pytestFlagsArray = [ "--timeout=0" ];
pytestFlags = [ "--timeout=0" ];
disabledTests = [
# hanging test (flaky)
"test_systemexit"
];
# Fixes hanging tests on Darwin
__darwinAllowLocalNetworking = true;

40
pkgs/development/python-modules/pytest-retry/default.nix Normal file
View file

@ -0,0 +1,40 @@
{
lib,
buildPythonPackage,
fetchFromGitHub,
pytest,
pytestCheckHook,
setuptools,
}:
buildPythonPackage rec {
pname = "pytest-retry";
version = "1.7.0";
pyproject = true;
src = fetchFromGitHub {
owner = "str0zzapreti";
repo = "pytest-retry";
tag = version;
hash = "sha256-Gf+L7zvC1FGAm0Wd6E6fV3KynassoGyHSD0CPgEJ02k=";
};
build-system = [ setuptools ];
dependencies = [ pytest ];
nativeCheckInputs = [ pytestCheckHook ];
pythonImportsCheck = [ "pytest_retry" ];
meta = {
description = "Plugin for retrying flaky tests in CI environments";
longDescription = ''
This plugin adds a decorator to mark tests as flaky: `@pytest.mark.flaky(retries=3, delay=1)`.
'';
homepage = "https://github.com/str0zzapreti/pytest-retry";
changelog = "https://github.com/str0zzapreti/pytest-retry/releases/tag/${src.tag}";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ fliegendewurst ];
};
}

8
pkgs/os-specific/linux/kernel/zen-kernels.nix
View file

@ -16,16 +16,16 @@ let
variants = {
# ./update-zen.py zen
zen = {
version = "6.14"; # zen
version = "6.14.1"; # zen
suffix = "zen1"; # zen
sha256 = "1lgzmjqybf4k7npwg2jkwmyxh0zfzhvbdpw3ajlr84i4sny2i6cy"; # zen
sha256 = "07fif9yj33lidp7dp8r66bsqyyh6fckjb3nhxynaikgb17hx9w5b"; # zen
isLqx = false;
};
# ./update-zen.py lqx
lqx = {
version = "6.14.0"; # lqx
version = "6.14.1"; # lqx
suffix = "lqx1"; # lqx
sha256 = "1py2zg8wr5azr88ixm04v3nvlfihk7iimzc7sdjgz2mb0ji5kxjc"; # lqx
sha256 = "0gga9xrdp9q5jdzl3mjbx140wnwxibavvvdgxvqz9f2g3f20d69y"; # lqx
isLqx = true;
};
};

2
pkgs/top-level/python-packages.nix
View file

@ -13671,6 +13671,8 @@ self: super: with self; {
pytest-responses = callPackage ../development/python-modules/pytest-responses { };
pytest-retry = callPackage ../development/python-modules/pytest-retry { };
pytest-reverse = callPackage ../development/python-modules/pytest-reverse { };
pytest-run-parallel = callPackage ../development/python-modules/pytest-run-parallel { };