commit 4a5ae7672b37191ce319a2df8cda0873ef02b9d9 · pyrox.dev/nixpkgs

+2 -2

lib/fetchers.nix

···

       193
       193
        
           }:

     

       194
       194
        
           fetcher:

     

       195
       195
        
           let

     

       196
       196
       -
             inherit (lib.attrsets) genAttrs intersectAttrs removeAttrs;

     

       197
       197
       -
             inherit (lib.trivial) const functionArgs setFunctionArgs;

     

       196
       196
       +
             inherit (lib.attrsets) intersectAttrs removeAttrs;

     

       197
       197
       +
             inherit (lib.trivial) functionArgs setFunctionArgs;

     

       198
       198
        
       

     

       199
       199
        
             inherit (commonH hashTypes) hashSet;

     

       200
       200
        
             fArgs = functionArgs fetcher;

maintainers/maintainer-list.nix

···

       11604
       11604
        
           githubId = 17029738;

     

       11605
       11605
        
           name = "Jean-Charles Quillet";

     

       11606
       11606
        
         };

     

       11607
       11607
       +
         jed-richards = {

     

       11608
       11608
       +
           name = "Jed Richards";

     

       11609
       11609
       +
           email = "jed22richards+nixpkgs@gmail.com";

     

       11610
       11610
       +
           github = "jed-richards";

     

       11611
       11611
       +
           githubId = 123339450;

     

       11612
       11612
       +
         };

     

       11607
       11613
        
         jedsek = {

     

       11608
       11614
        
           email = "jedsek@qq.com";

     

       11609
       11615
        
           github = "Jedsek";

+1 -6

nixos/tests/anubis.nix

···

       8
       8
        
         ];

     

       9
       9
        
       

     

       10
       10
        
         nodes.machine =

     

       11
       11
       -
           {

     

       12
       12
       -
             config,

     

       13
       13
       -
             pkgs,

     

       14
       14
       -
             ...

     

       15
       15
       -
           }:

     

       11
       11
       +
           { config, pkgs, ... }:

     

       16
       12
        
           {

     

       17
       13
        
             services.anubis = {

     

       18
       14
        
               defaultOptions.settings = {

     
···

       100
       96
        
           machine.succeed('curl -f http://basic.localhost | grep "it works"')

     

       101
       97
        
           machine.succeed('curl -f http://basic.localhost -H "User-Agent: Mozilla" | grep anubis')

     

       102
       98
        
           machine.succeed('curl -f http://basic.localhost/metrics | grep anubis_challenges_issued')

     

       103
       103
       -
           machine.succeed('curl -f -X POST http://basic.localhost/.within.website/x/cmd/anubis/api/make-challenge -d "redir=/" | grep challenge')

     

       104
       99
        
       

     

       105
       100
        
           # TCP mode

     

       106
       101
        
           machine.succeed('curl -f http://tcp.localhost -H "User-Agent: Mozilla" | grep anubis')

+3 -3

pkgs/by-name/aa/aarch64-esr-decoder/package.nix

···

       6
       6
        
       

     

       7
       7
        
       rustPlatform.buildRustPackage rec {

     

       8
       8
        
         pname = "aarch64-esr-decoder";

     

       9
       9
       -
         version = "0.2.3";

     

       9
       9
       +
         version = "0.2.4";

     

       10
       10
        
       

     

       11
       11
        
         src = fetchFromGitHub {

     

       12
       12
        
           owner = "google";

     

       13
       13
        
           repo = "aarch64-esr-decoder";

     

       14
       14
        
           rev = version;

     

       15
       15
       -
           hash = "sha256-U9i5L3s4oQOIqlECSaKkHxS2Vzr6SY4tIUpvl3+oSl0=";

     

       15
       15
       +
           hash = "sha256-ZpSrz7iwwzNrK+bFTMn5MPx4Zjceao9NKhjAyjuPLWY=";

     

       16
       16
        
         };

     

       17
       17
        
       

     

       18
       18
        
         useFetchCargoVendor = true;

     

       19
       19
       -
         cargoHash = "sha256-LiNnTNpluQkomQhIOsAnUbbBftTgqgNdpT8heCrBayg=";

     

       19
       19
       +
         cargoHash = "sha256-xOBJ8QYiWu5vmkRpttN2CXCXi4bNj+qph31hSkDadjI=";

     

       20
       20
        
       

     

       21
       21
        
         meta = {

     

       22
       22
        
           description = "Utility for decoding aarch64 ESR register values";

+4 -4

pkgs/by-name/an/anubis/package.nix

···

       13
       13
        
       

     

       14
       14
        
       buildGoModule (finalAttrs: {

     

       15
       15
        
         pname = "anubis";

     

       16
       16
       -
         version = "1.19.1";

     

       16
       16
       +
         version = "1.20.0";

     

       17
       17
        
       

     

       18
       18
        
         src = fetchFromGitHub {

     

       19
       19
        
           owner = "TecharoHQ";

     

       20
       20
        
           repo = "anubis";

     

       21
       21
        
           tag = "v${finalAttrs.version}";

     

       22
       22
       -
           hash = "sha256-aWdkPNwTD+ooaE0PazcOaama7k1a8n5pRxr8X6wm4zs=";

     

       22
       22
       +
           hash = "sha256-pdfe2D9KAg/vesTgOi+b5ZVkUkuWhmZC/xYXiiYzlPs=";

     

       23
       23
        
         };

     

       24
       24
        
       

     

       25
       25
       -
         vendorHash = "sha256-wJOGYOWFKep2IFzX+Hia9m1jPG+Rskg8Np9WfEc+TUY=";

     

       25
       25
       +
         vendorHash = "sha256-cOl+eVnj6aMKIJCjCM0aacp4/Jg5BhZqFwum+u9tOKE=";

     

       26
       26
        
       

     

       27
       27
        
         nativeBuildInputs = [

     

       28
       28
        
           esbuild

     
···

       34
       34
        
           pname = "anubis-xess";

     

       35
       35
        
           inherit (finalAttrs) version src;

     

       36
       36
        
       

     

       37
       37
       -
           npmDepsHash = "sha256-wI8XCUGq3aI20B++RAT3lc/nBrDMEmE9+810lewzXa0=";

     

       37
       37
       +
           npmDepsHash = "sha256-kBnexaBAMgA7QdKevW3mmlSn+QEbkTW//hYVTRFLQeQ=";

     

       38
       38
        
       

     

       39
       39
        
           buildPhase = ''

     

       40
       40
        
             runHook preBuild

+3 -3

pkgs/by-name/at/atmos/package.nix

···

       7
       7
        
       

     

       8
       8
        
       buildGoModule (finalAttrs: {

     

       9
       9
        
         pname = "atmos";

     

       10
       10
       -
         version = "1.178.0";

     

       10
       10
       +
         version = "1.180.0";

     

       11
       11
        
       

     

       12
       12
        
         src = fetchFromGitHub {

     

       13
       13
        
           owner = "cloudposse";

     

       14
       14
        
           repo = "atmos";

     

       15
       15
        
           tag = "v${finalAttrs.version}";

     

       16
       16
       -
           hash = "sha256-5rChYMwRtJt6jvgzJoU7OkgheJML2vgY/NhJsSE/KCI=";

     

       16
       16
       +
           hash = "sha256-/yCgC73J4PVTqmJBW0eLCMVWtsyMGLeF0Rmvx+N/oP8=";

     

       17
       17
        
         };

     

       18
       18
        
       

     

       19
       19
       -
         vendorHash = "sha256-0vHX4P33o6HMQ9k4Awd9+sDoLhbq/8YzrW7dkUeoR7Y=";

     

       19
       19
       +
         vendorHash = "sha256-k1zC3tUF2uDAo86J6dZmYOGZcYFBNdSH15cyX2tiZEg=";

     

       20
       20
        
       

     

       21
       21
        
         ldflags = [

     

       22
       22
        
           "-s"

+19 -19

pkgs/by-name/bl/blackfire/php-probe.nix

···

       16
       16
        
         phpMajor = lib.versions.majorMinor php.version;

     

       17
       17
        
         inherit (stdenv.hostPlatform) system;

     

       18
       18
        
       

     

       19
       19
       -
         version = "1.92.38";

     

       19
       19
       +
         version = "1.92.39";

     

       20
       20
        
       

     

       21
       21
        
         hashes = {

     

       22
       22
        
           "x86_64-linux" = {

     

       23
       23
        
             system = "amd64";

     

       24
       24
        
             hash = {

     

       25
       25
       -
               "8.1" = "sha256-W8VlvHa6vmNbDX5r5FG8pB0vpXRn5hPu61td9aARecA=";

     

       26
       26
       -
               "8.2" = "sha256-f3AKwh9mUCoFDaXM+EwTORk0/TFyArtEa+sv7cMZmDs=";

     

       27
       27
       -
               "8.3" = "sha256-6zigke1VY439IIxrQg5Dxcggn+7Q0BE/spPycvxdyik=";

     

       28
       28
       -
               "8.4" = "sha256-n89OCTUGsWhpc61P9WvKyjdJ52wJHoj6NEb2mcs0whA=";

     

       25
       25
       +
               "8.1" = "sha256-SsemBK7XYPmYakcUs3vLY9yh5jg3uQEksrokMztzilU=";

     

       26
       26
       +
               "8.2" = "sha256-lZYsPDkWWUbmG+k5nNcp2GxhzaMj9UCQswRiU7K5N40=";

     

       27
       27
       +
               "8.3" = "sha256-5dHAU3EtwzWrKUE9FjevDFRtdfO+dXX8y4wAD0VdTcM=";

     

       28
       28
       +
               "8.4" = "sha256-MsUh0OOztJ++vwXuDbQ8Krf1wANQHYhWXSiHAU5pm4M=";

     

       29
       29
        
             };

     

       30
       30
        
           };

     

       31
       31
        
           "i686-linux" = {

     

       32
       32
        
             system = "i386";

     

       33
       33
        
             hash = {

     

       34
       34
       -
               "8.1" = "sha256-31lJOGL9i8kL22zH8zzYZtxB94ssJiw+qXQRmQilR+c=";

     

       35
       35
       -
               "8.2" = "sha256-f+D7DZvLQk6ebLfJ43qFSqWzU6YQoP/7nVGajLRll5g=";

     

       36
       36
       -
               "8.3" = "sha256-56/+604Vymb+otL7oria3d/w4b1o8Pt199aXK4nfJC4=";

     

       37
       37
       -
               "8.4" = "sha256-K26Dy0S9w0uWTX7GkIjh0jUtaa768B+ls9gq8LXNZUA=";

     

       34
       34
       +
               "8.1" = "sha256-lxmH2lg11dP6ivqFq+lB2S87qlKKM7e0W95mfesNrf4=";

     

       35
       35
       +
               "8.2" = "sha256-7jTEuXYspgo6zTG0R4pA38cGQVIts0rMHHegJ+FZtUc=";

     

       36
       36
       +
               "8.3" = "sha256-aRrM6GnXBaiggwoPLq6U8T1YaXmYm6Zhd3Ex8JKMCuA=";

     

       37
       37
       +
               "8.4" = "sha256-tagBg+7FkuK/zsTMG3GmnqPsApdCP8RnqQozY5Nufzk=";

     

       38
       38
        
             };

     

       39
       39
        
           };

     

       40
       40
        
           "aarch64-linux" = {

     

       41
       41
        
             system = "arm64";

     

       42
       42
        
             hash = {

     

       43
       43
       -
               "8.1" = "sha256-aSjOxMZdP+Lrd4FaXgkbHykmKBn9WuzGumrYpJEKpS8=";

     

       44
       44
       -
               "8.2" = "sha256-ckhHA/EYeRlhSrc5nMUl6jS0iAaW1q1sZAYYxjcGOwQ=";

     

       45
       45
       -
               "8.3" = "sha256-p3P94uPTbekbxgICuC72NEA5XFpYng2MZI+9L+0R/Ew=";

     

       46
       46
       -
               "8.4" = "sha256-KCMRNpS2A5Tb5Td8fpBusu70FNIOfJ+6pYRUgw/5kDg=";

     

       43
       43
       +
               "8.1" = "sha256-P6sBM2B/w65P+lInWgn3FxZHX4tS0oo6YELsu8aXmIw=";

     

       44
       44
       +
               "8.2" = "sha256-qYglYx4icFch5KJuWCTgC19EowZNzHFIsh5qK7t/gDk=";

     

       45
       45
       +
               "8.3" = "sha256-Ob0rg6A7fJBKApGnugV+BAC5HjFc2UpZmxJ0oYnQVRg=";

     

       46
       46
       +
               "8.4" = "sha256-+cH7t3ElpNPZUbDEkjkeV8d+74hF3kFzI7xY9ruwy1Y=";

     

       47
       47
        
             };

     

       48
       48
        
           };

     

       49
       49
        
           "aarch64-darwin" = {

     

       50
       50
        
             system = "arm64";

     

       51
       51
        
             hash = {

     

       52
       52
       -
               "8.1" = "sha256-5JPn9lNsh6NJemCRmrBrTIvhEUQfjmIGbASaoiKoZDo=";

     

       53
       53
       -
               "8.2" = "sha256-e9tsXi3SML9HZ81XD5LhGcm7L8Ag9fOvyTo0Gy42YRw=";

     

       54
       54
       -
               "8.3" = "sha256-RCmYyrcSi7hfkbGOSp8ywFkm1IFGy0bgu8tmdrTID6c=";

     

       52
       52
       +
               "8.1" = "sha256-5EW9BkG154HQ6TrMyan5EhXiGlSRFPXMMTUasIwuC/U=";

     

       53
       53
       +
               "8.2" = "sha256-hRjh9Bf04LVBtS08fWMxrE1iyn6SGBQfNNLuSyQPjes=";

     

       54
       54
       +
               "8.3" = "sha256-WWsDPQhu1GXMDe6NhlMuVcwi7wGzRLJcJwxItxFCOiI=";

     

       55
       55
        
             };

     

       56
       56
        
           };

     

       57
       57
        
           "x86_64-darwin" = {

     

       58
       58
        
             system = "amd64";

     

       59
       59
        
             hash = {

     

       60
       60
       -
               "8.1" = "sha256-SuD9iDjxMBt2GZtDXPIjCCl1mEt9K2GciuC7S9ppNZQ=";

     

       61
       61
       -
               "8.2" = "sha256-om1L/VQiwdV4D2awuz98ko7Oz9h1GYRtqYZrQRZpy7E=";

     

       62
       62
       -
               "8.3" = "sha256-H1xkneOLk7DCPqtbknLlQX2iKe/U6/ilmToOOtiRabs=";

     

       60
       60
       +
               "8.1" = "sha256-w56HItrNtHA8jj9K5LhGTKFRX5i9UYJpxVwR0eFQe4E=";

     

       61
       61
       +
               "8.2" = "sha256-vkEAVyZ6Vs3VjWb3oNrlRz5zAzPbgIngeoDAHZLme3Q=";

     

       62
       62
       +
               "8.3" = "sha256-uzobd13RzYGFrXHyFH0Ud9Qg7AWMPAA5dvHCp7R3HrU=";

     

       63
       63
        
             };

     

       64
       64
        
           };

     

       65
       65
        
         };

+5 -5

pkgs/by-name/cl/clouddrive2/package.nix

···

       11
       11
        
       in

     

       12
       12
        
       stdenv.mkDerivation (finalAttrs: {

     

       13
       13
        
         pname = "clouddrive2";

     

       14
       14
       -
         version = "0.9.0";

     

       14
       14
       +
         version = "0.9.1";

     

       15
       15
        
       

     

       16
       16
        
         src = fetchurl {

     

       17
       17
        
           url = "https://github.com/cloud-fs/cloud-fs.github.io/releases/download/v${finalAttrs.version}/clouddrive-2-${os}-${arch}-${finalAttrs.version}.tgz";

     

       18
       18
        
           hash =

     

       19
       19
        
             {

     

       20
       20
       -
               x86_64-linux = "sha256-snmMDzZ11pAV0UkPWpl74B/ifsTUv91PXBJzQU7a1oI=";

     

       21
       21
       -
               aarch64-linux = "sha256-sAD5jnxmMzfb37qleOCeNr1zveqU06slTFtd/E6BZf0=";

     

       22
       22
       -
               x86_64-darwin = "sha256-90afw69lf7SjANRadum4GxW3ZAr6eDDnFVhyV3qtWt4=";

     

       23
       23
       -
               aarch64-darwin = "sha256-LoCRM6t9ditZfwgmWJGkijpFvC/s2lBItH7j3Qqlfp0=";

     

       20
       20
       +
               x86_64-linux = "sha256-xm2kjCtfNvbZmVfd42UX+i4G44fqQsLP4V1iTCdm3PA=";

     

       21
       21
       +
               aarch64-linux = "sha256-HMzuRCSVBxwyuRxD23+Yk7bTrayDHi6X0JSvaGZJfvU=";

     

       22
       22
       +
               x86_64-darwin = "sha256-hIFCNtSFqjRCtx0/XHl7w5xeHSGrdXiKWLfq68J9GGU=";

     

       23
       23
       +
               aarch64-darwin = "sha256-CfATmkbXOlz7fGDGIMPQDAdcY6bxmOq1tcIsQbFGrwQ=";

     

       24
       24
        
             }

     

       25
       25
        
             .${stdenv.hostPlatform.system} or (throw "unsupported system ${stdenv.hostPlatform.system}");

     

       26
       26
        
         };

+2 -2

pkgs/by-name/cp/cppzmq/package.nix

···

       8
       8
        
       

     

       9
       9
        
       stdenv.mkDerivation rec {

     

       10
       10
        
         pname = "cppzmq";

     

       11
       11
       -
         version = "4.10.0";

     

       11
       11
       +
         version = "4.11.0";

     

       12
       12
        
       

     

       13
       13
        
         src = fetchFromGitHub {

     

       14
       14
        
           owner = "zeromq";

     

       15
       15
        
           repo = "cppzmq";

     

       16
       16
        
           rev = "v${version}";

     

       17
       17
       -
           sha256 = "sha256-HTdaV1cLbwGYuikS9EAVvAOdLmCoWlvVXlpYsUwY5IA=";

     

       17
       17
       +
           sha256 = "sha256-c6IZ5PnuB96NLYHDHdNclYSF4LpqAfFWxVzeP8BzhCE=";

     

       18
       18
        
         };

     

       19
       19
        
       

     

       20
       20
        
         nativeBuildInputs = [ cmake ];

+2 -2

pkgs/by-name/du/duplicity/package.nix

···

       22
       22
        
       let

     

       23
       23
        
         self = python3.pkgs.buildPythonApplication rec {

     

       24
       24
        
           pname = "duplicity";

     

       25
       25
       -
           version = "3.0.4.1";

     

       25
       25
       +
           version = "3.0.5.1";

     

       26
       26
        
       

     

       27
       27
        
           src = fetchFromGitLab {

     

       28
       28
        
             owner = "duplicity";

     

       29
       29
        
             repo = "duplicity";

     

       30
       30
        
             rev = "rel.${version}";

     

       31
       31
       -
             hash = "sha256-cVzGdn3a9/Kvu/QYWaTXJ1llkPRvj0g8qb7TUjennws=";

     

       31
       31
       +
             hash = "sha256-fL4rvXcLKfEXuy5LKpFjFu+P3be7/T342+BgeO/dfp8=";

     

       32
       32
        
           };

     

       33
       33
        
       

     

       34
       34
        
           patches = [

+10 -2

pkgs/by-name/ht/htslib/package.nix

···

       2
       2
        
         lib,

     

       3
       3
        
         stdenv,

     

       4
       4
        
         fetchurl,

     

       5
       5
       +
         fetchpatch,

     

       5
       6
        
         zlib,

     

       6
       7
        
         bzip2,

     

       7
       8
        
         xz,

     
···

       11
       12
        
       

     

       12
       13
        
       stdenv.mkDerivation rec {

     

       13
       14
        
         pname = "htslib";

     

       14
       14
       -
         version = "1.21";

     

       15
       15
       +
         version = "1.22";

     

       15
       16
        
       

     

       16
       17
        
         src = fetchurl {

     

       17
       18
        
           url = "https://github.com/samtools/htslib/releases/download/${version}/${pname}-${version}.tar.bz2";

     

       18
       18
       -
           sha256 = "sha256-hLUQ5zX0ljZB8m/YjIq97oH/TLYhaDEK5xZjaqwPGCM=";

     

       19
       19
       +
           hash = "sha256-YlDB3yl9tHdRbmCsjfRe11plLR8lsPN/EvWxcmnq/ek=";

     

       19
       20
        
         };

     

       21
       21
       +
       

     

       22
       22
       +
         patches = [

     

       23
       23
       +
           (fetchpatch {

     

       24
       24
       +
             url = "https://github.com/samtools/htslib/commit/31006e1c8edd02eb6321ed9be76b84fca5d20cb6.patch";

     

       25
       25
       +
             hash = "sha256-sbnkVmXIbs/Cn/msUUrJpJZCI2DHX5kpGSka2cccZIQ=";

     

       26
       26
       +
           })

     

       27
       27
       +
         ];

     

       20
       28
        
       

     

       21
       29
        
         # perl is only used during the check phase.

     

       22
       30
        
         nativeBuildInputs = [ perl ];

+2 -2

pkgs/by-name/ka/kanboard/package.nix

···

       9
       9
        
       

     

       10
       10
        
       stdenvNoCC.mkDerivation (finalAttrs: {

     

       11
       11
        
         pname = "kanboard";

     

       12
       12
       -
         version = "1.2.45";

     

       12
       12
       +
         version = "1.2.46";

     

       13
       13
        
       

     

       14
       14
        
         src = fetchFromGitHub {

     

       15
       15
        
           owner = "kanboard";

     

       16
       16
        
           repo = "kanboard";

     

       17
       17
        
           tag = "v${finalAttrs.version}";

     

       18
       18
       -
           hash = "sha256-MGQ+FJcdRx4VZppLnoB9lCC1eIoetbToyvBsWRBRSu4=";

     

       18
       18
       +
           hash = "sha256-IYnlBNa4f+ZpOttQHlIZi8wsZYJuB/kWWLwhQK8vdQY=";

     

       19
       19
        
         };

     

       20
       20
        
       

     

       21
       21
        
         dontBuild = true;

+2 -2

pkgs/by-name/ll/llama-cpp/package.nix

···

       72
       72
        
       in

     

       73
       73
        
       effectiveStdenv.mkDerivation (finalAttrs: {

     

       74
       74
        
         pname = "llama-cpp";

     

       75
       75
       -
         version = "5702";

     

       75
       75
       +
         version = "5760";

     

       76
       76
        
       

     

       77
       77
        
         src = fetchFromGitHub {

     

       78
       78
        
           owner = "ggml-org";

     

       79
       79
        
           repo = "llama.cpp";

     

       80
       80
        
           tag = "b${finalAttrs.version}";

     

       81
       81
       -
           hash = "sha256-EyDuM7eZzmNUvqwVUKYuUNlXbFF+G8x/+4mL/3YsHCc=";

     

       81
       81
       +
           hash = "sha256-sl1lhj40c546YRuCTn6BlmS60Rd2TBKNx4TaQ0I6110=";

     

       82
       82
        
           leaveDotGit = true;

     

       83
       83
        
           postFetch = ''

     

       84
       84
        
             git -C "$out" rev-parse --short HEAD > $out/COMMIT

+27 -4

pkgs/by-name/ma/maven/build-maven-package.nix

···

       3
       3
        
         stdenv,

     

       4
       4
        
         jdk,

     

       5
       5
        
         maven,

     

       6
       6
       +
         writers,

     

       6
       7
        
       }:

     

       7
       8
        
       

     

       8
       9
        
       {

     
···

       28
       29
        
       

     

       29
       30
        
       let

     

       30
       31
        
         mvnSkipTests = lib.optionalString (!doCheck) "-DskipTests";

     

       32
       32
       +
       

     

       33
       33
       +
         writeProxySettings = writers.writePython3 "write-proxy-settings" { } ./maven-proxy.py;

     

       34
       34
       +
       

     

       31
       35
        
         fetchedMavenDeps = stdenv.mkDerivation (

     

       32
       36
        
           {

     

       33
       37
        
             name = "${pname}-${version}-maven-deps";

     
···

       39
       43
        
       

     

       40
       44
        
             JAVA_HOME = mvnJdk;

     

       41
       45
        
       

     

       46
       46
       +
             impureEnvVars = lib.fetchers.proxyImpureEnvVars;

     

       47
       47
       +
       

     

       42
       48
        
             buildPhase =

     

       43
       49
        
               ''

     

       44
       50
        
                 runHook preBuild

     

       51
       51
       +
       

     

       52
       52
       +
                 MAVEN_EXTRA_ARGS=""

     

       53
       53
       +
       

     

       54
       54
       +
                 # handle proxy

     

       55
       55
       +
                 if [[ -n "''${HTTP_PROXY-}" ]] || [[ -n "''${HTTPS_PROXY-}" ]] || [[ -n "''${NO_PROXY-}" ]];then

     

       56
       56
       +
                   mvnSettingsFile="$(mktemp -d)/settings.xml"

     

       57
       57
       +
                   ${writeProxySettings} $mvnSettingsFile

     

       58
       58
       +
                   MAVEN_EXTRA_ARGS="-s=$mvnSettingsFile"

     

       59
       59
       +
                 fi

     

       60
       60
       +
       

     

       61
       61
       +
                 # handle cacert by populating a trust store on the fly

     

       62
       62
       +
                 if [[ -n "''${NIX_SSL_CERT_FILE-}" ]] && [[ "''${NIX_SSL_CERT_FILE-}" != "/no-cert-file.crt" ]];then

     

       63
       63
       +
                   keyStoreFile="$(mktemp -d)/keystore"

     

       64
       64
       +
                   keyStorePwd="$(head -c10 /dev/random | base32)"

     

       65
       65
       +
                   echo y | ${jdk}/bin/keytool -importcert -file "$NIX_SSL_CERT_FILE" -alias alias -keystore "$keyStoreFile" -storepass "$keyStorePwd"

     

       66
       66
       +
                   MAVEN_EXTRA_ARGS="$MAVEN_EXTRA_ARGS -Djavax.net.ssl.trustStore=$keyStoreFile -Djavax.net.ssl.trustStorePassword=$keyStorePwd"

     

       67
       67
       +
                 fi

     

       45
       68
        
               ''

     

       46
       69
        
               + lib.optionalString buildOffline ''

     

       47
       47
       -
                 mvn de.qaware.maven:go-offline-maven-plugin:1.2.8:resolve-dependencies -Dmaven.repo.local=$out/.m2 ${mvnDepsParameters}

     

       70
       70
       +
                 mvn $MAVEN_EXTRA_ARGS de.qaware.maven:go-offline-maven-plugin:1.2.8:resolve-dependencies -Dmaven.repo.local=$out/.m2 ${mvnDepsParameters}

     

       48
       71
        
       

     

       49
       72
        
                 for artifactId in ${builtins.toString manualMvnArtifacts}

     

       50
       73
        
                 do

     

       51
       74
        
                   echo "downloading manual $artifactId"

     

       52
       52
       -
                   mvn dependency:get -Dartifact="$artifactId" -Dmaven.repo.local=$out/.m2

     

       75
       75
       +
                   mvn $MAVEN_EXTRA_ARGS dependency:get -Dartifact="$artifactId" -Dmaven.repo.local=$out/.m2

     

       53
       76
        
                 done

     

       54
       77
        
       

     

       55
       78
        
                 for artifactId in ${builtins.toString manualMvnSources}

     
···

       57
       80
        
                   group=$(echo $artifactId | cut -d':' -f1)

     

       58
       81
        
                   artifact=$(echo $artifactId | cut -d':' -f2)

     

       59
       82
        
                   echo "downloading manual sources $artifactId"

     

       60
       60
       -
                   mvn dependency:sources -DincludeGroupIds="$group" -DincludeArtifactIds="$artifact" -Dmaven.repo.local=$out/.m2

     

       83
       83
       +
                   mvn $MAVEN_EXTRA_ARGS dependency:sources -DincludeGroupIds="$group" -DincludeArtifactIds="$artifact" -Dmaven.repo.local=$out/.m2

     

       61
       84
        
                 done

     

       62
       85
        
               ''

     

       63
       86
        
               + lib.optionalString (!buildOffline) ''

     

       64
       64
       -
                 mvn package -Dmaven.repo.local=$out/.m2 ${mvnSkipTests} ${mvnParameters}

     

       87
       87
       +
                 mvn $MAVEN_EXTRA_ARGS package -Dmaven.repo.local=$out/.m2 ${mvnSkipTests} ${mvnParameters}

     

       65
       88
        
               ''

     

       66
       89
        
               + ''

     

       67
       90
        
                 runHook postBuild

+86

pkgs/by-name/ma/maven/maven-proxy.py

···

       1
       1
       +
       """

     

       2
       2
       +
       Maven doesn't honor HTTP[S]_PROXY and NO_PROXY env vars out of the box.

     

       3
       3
       +
       Instead, it expects the user to configure a settings.xml file.

     

       4
       4
       +
       We however impurely pass only these env vars in FODs.

     

       5
       5
       +
       This creates the XML file on demand, if one or more env vars is set.

     

       6
       6
       +
       """

     

       7
       7
       +
       

     

       8
       8
       +
       import os

     

       9
       9
       +
       import sys

     

       10
       10
       +
       from urllib.parse import urlparse

     

       11
       11
       +
       

     

       12
       12
       +
       

     

       13
       13
       +
       def parse_proxy_url(url):

     

       14
       14
       +
           if url is None:

     

       15
       15
       +
               return None

     

       16
       16
       +
           parsed = urlparse(url)

     

       17
       17
       +
       

     

       18
       18
       +
           if parsed.hostname is None:

     

       19
       19
       +
               print(f"Failed to parse proxy URL {url}, ignoring", file=sys.stderr)

     

       20
       20
       +
               return None

     

       21
       21
       +
       

     

       22
       22
       +
           return {

     

       23
       23
       +
               'protocol': parsed.scheme or 'http',

     

       24
       24
       +
               'host': parsed.hostname,

     

       25
       25
       +
               'port': parsed.port or (443 if parsed.scheme == 'https' else 80),

     

       26
       26
       +
               'username': parsed.username,

     

       27
       27
       +
               'password': parsed.password

     

       28
       28
       +
           }

     

       29
       29
       +
       

     

       30
       30
       +
       

     

       31
       31
       +
       def format_proxy_block(proxy, id_suffix, non_proxy_hosts):

     

       32
       32
       +
           auth = ""

     

       33
       33
       +
           if proxy.get("username"):

     

       34
       34
       +
               auth += f"    <username>{proxy['username']}</username>\n"

     

       35
       35
       +
           if proxy.get("password"):

     

       36
       36
       +
               auth += f"    <password>{proxy['password']}</password>\n"

     

       37
       37
       +
       

     

       38
       38
       +
           np_hosts = ""

     

       39
       39
       +
           if non_proxy_hosts:

     

       40
       40
       +
               np_hosts = f"    <nonProxyHosts>{non_proxy_hosts}</nonProxyHosts>\n"

     

       41
       41
       +
       

     

       42
       42
       +
           return f"""  <proxy>

     

       43
       43
       +
           <id>{id_suffix}-proxy</id>

     

       44
       44
       +
           <active>true</active>

     

       45
       45
       +
           <protocol>{proxy['protocol']}</protocol>

     

       46
       46
       +
           <host>{proxy['host']}</host>

     

       47
       47
       +
           <port>{proxy['port']}</port>

     

       48
       48
       +
       {auth}{np_hosts}  </proxy>"""

     

       49
       49
       +
       

     

       50
       50
       +
       

     

       51
       51
       +
       def main(output_path):

     

       52
       52
       +
           http_proxy = parse_proxy_url(os.environ.get("HTTP_PROXY"))

     

       53
       53
       +
           https_proxy = parse_proxy_url(os.environ.get("HTTPS_PROXY"))

     

       54
       54
       +
           non_proxy_hosts = os.environ.get("NO_PROXY", "").replace(",", "|")

     

       55
       55
       +
       

     

       56
       56
       +
           proxy_blocks = []

     

       57
       57
       +
       

     

       58
       58
       +
           if http_proxy:

     

       59
       59
       +
               proxy_blocks.append(

     

       60
       60
       +
                 format_proxy_block(http_proxy, "http", non_proxy_hosts)

     

       61
       61
       +
               )

     

       62
       62
       +
           if https_proxy and https_proxy != http_proxy:

     

       63
       63
       +
               proxy_blocks.append(

     

       64
       64
       +
                 format_proxy_block(https_proxy, "https", non_proxy_hosts)

     

       65
       65
       +
               )

     

       66
       66
       +
       

     

       67
       67
       +
           settings_xml = f"""<?xml version="1.0" encoding="UTF-8"?>

     

       68
       68
       +
       <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"

     

       69
       69
       +
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

     

       70
       70
       +
         xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0

     

       71
       71
       +
                         http://maven.apache.org/xsd/settings-1.0.0.xsd">

     

       72
       72
       +
         <proxies>

     

       73
       73
       +
       {'\n'.join(proxy_blocks)}

     

       74
       74
       +
         </proxies>

     

       75
       75
       +
       </settings>

     

       76
       76
       +
       """

     

       77
       77
       +
       

     

       78
       78
       +
           with open(output_path, "w") as f:

     

       79
       79
       +
               f.write(settings_xml)

     

       80
       80
       +
       

     

       81
       81
       +
           print(f"Generated Maven settings.xml at {output_path}")

     

       82
       82
       +
       

     

       83
       83
       +
       

     

       84
       84
       +
       if __name__ == "__main__":

     

       85
       85
       +
           output_file = sys.argv[1] if len(sys.argv) > 1 else "settings.xml"

     

       86
       86
       +
           main(output_file)

+34 -3

pkgs/by-name/ne/nexusmods-app/package.nix

···

       2
       2
        
         _7zz,

     

       3
       3
        
         avalonia,

     

       4
       4
        
         buildDotnetModule,

     

       5
       5
       -
         copyDesktopItems,

     

       6
       5
        
         desktop-file-utils,

     

       7
       6
        
         dotnetCorePackages,

     

       8
       7
        
         fetchgit,

     
···

       51
       50
        
         nativeCheckInputs = [ _7zz ];

     

       52
       51
        
       

     

       53
       52
        
         nativeBuildInputs = [

     

       54
       54
       -
           copyDesktopItems

     

       55
       53
        
           imagemagick # For resizing SVG icon in postInstall

     

       56
       54
        
         ];

     

       57
       55
        
       

     
···

       75
       73
        
         ];

     

       76
       74
        
       

     

       77
       75
        
         postInstall = ''

     

       76
       76
       +
           ${lib.strings.toShellVars {

     

       77
       77
       +
             inherit (finalAttrs.meta) mainProgram;

     

       78
       78
       +
             INSTALL_EXEC = "\${INSTALL_EXEC}";

     

       79
       79
       +
             INSTALL_TRYEXEC = "\${INSTALL_TRYEXEC}";

     

       80
       80
       +
           }}

     

       81
       81
       +
       

     

       78
       82
        
           # Desktop entry

     

       79
       83
        
           # As per #308324, use mainProgram from PATH, instead of $out/bin/NexusMods.App

     

       80
       84
        
           install -D -m 444 -t $out/share/applications src/NexusMods.App/com.nexusmods.app.desktop

     

       81
       85
        
           substituteInPlace $out/share/applications/com.nexusmods.app.desktop \

     

       82
       82
       -
             --replace-fail '${"$"}{INSTALL_EXEC}' "${finalAttrs.meta.mainProgram}"

     

       86
       86
       +
             --replace-fail "$INSTALL_EXEC" "$mainProgram" \

     

       87
       87
       +
             --replace-fail "$INSTALL_TRYEXEC" "$mainProgram"

     

       83
       88
        
       

     

       84
       89
        
           # AppStream metadata

     

       85
       90
        
           install -D -m 444 -t $out/share/metainfo src/NexusMods.App/com.nexusmods.app.metainfo.xml

     
···

       142
       147
        
           ++ lib.optionals (!_7zz.meta.unfree) [

     

       143
       148
        
             "NexusMods.Games.FOMOD.Tests.FomodXmlInstallerTests.InstallsFilesSimple_UsingRar"

     

       144
       149
        
           ];

     

       150
       150
       +
       

     

       151
       151
       +
         doInstallCheck = true;

     

       152
       152
       +
       

     

       153
       153
       +
         nativeInstallCheckInputs = [

     

       154
       154
       +
           desktop-file-utils

     

       155
       155
       +
         ];

     

       156
       156
       +
       

     

       157
       157
       +
         # Upstream use ${...} templates in the desktop entry, so assert that we haven't missed any

     

       158
       158
       +
         # See https://github.com/NixOS/nixpkgs/issues/421241

     

       159
       159
       +
         installCheckPhase = ''

     

       160
       160
       +
           runHook preInstallCheck

     

       161
       161
       +
       

     

       162
       162
       +
           echo 'Checking for issues in $out/share/applications/com.nexusmods.app.desktop'

     

       163
       163
       +
           (

     

       164
       164
       +
             cd $out/share/applications

     

       165
       165
       +
             desktop-file-validate com.nexusmods.app.desktop

     

       166
       166
       +
             if grep '\$' com.nexusmods.app.desktop \

     

       167
       167
       +
               --with-filename --line-number

     

       168
       168
       +
             then

     

       169
       169
       +
               echo 'error: unexpected "$"'

     

       170
       170
       +
               exit 1

     

       171
       171
       +
             fi

     

       172
       172
       +
           ) &>/dev/stderr

     

       173
       173
       +
       

     

       174
       174
       +
           runHook postInstallCheck

     

       175
       175
       +
         '';

     

       145
       176
        
       

     

       146
       177
        
         passthru.updateScript = nix-update-script { };

     

       147
       178

+12 -1

pkgs/by-name/pr/pritunl-client/package.nix

···

       17
       17
        
         iproute2,

     

       18
       18
        
         openvpn,

     

       19
       19
        
         electron,

     

       20
       20
       +
         wireguard-tools,

     

       21
       21
       +
         withWireguard ? stdenv.hostPlatform.isLinux,

     

       20
       22
        
       }:

     

       21
       23
        
       let

     

       22
       24
        
         version = "1.3.4275.94";

     
···

       97
       99
        
                       --prefix PATH : ${lib.makeBinPath hookScriptsDeps} \

     

       98
       100
        
                       --add-flags "--setenv PATH \$PATH"

     

       99
       101
        
                   '';

     

       102
       102
       +
               pritunlDeps =

     

       103
       103
       +
                 [

     

       104
       104
       +
                   openvpn-wrapped

     

       105
       105
       +
                 ]

     

       106
       106
       +
                 ++ lib.optionals withWireguard [

     

       107
       107
       +
                   openresolv

     

       108
       108
       +
                   coreutils

     

       109
       109
       +
                   wireguard-tools

     

       110
       110
       +
                 ];

     

       100
       111
        
             in

     

       101
       112
        
             lib.optionalString stdenv.hostPlatform.isLinux ''

     

       102
       113
        
               wrapProgram $out/bin/pritunl-client-service \

     

       103
       103
       -
                 --prefix PATH : "${lib.makeBinPath ([ openvpn-wrapped ])}"

     

       114
       114
       +
                 --prefix PATH : "${lib.makeBinPath pritunlDeps}"

     

       104
       115
        
             '';

     

       105
       116
        
           passthru.updateScript = nix-update-script { };

     

       106
       117
        
         };

+49

pkgs/development/compilers/dotnet/vmr-compiler-opt-v8.patch

···

       1
       1
       +
       diff --git a/src/runtime/src/native/corehost/corehost.cpp b/src/runtime/src/native/corehost/corehost.cpp

     

       2
       2
       +
       index 5edc2fbf5d5..1b3f5b1a23a 100644

     

       3
       3
       +
       --- a/src/runtime/src/native/corehost/corehost.cpp

     

       4
       4
       +
       +++ b/src/runtime/src/native/corehost/corehost.cpp

     

       5
       5
       +
       @@ -40,14 +40,27 @@

     

       6
       6
       +
        #define EMBED_HASH_LO_PART_UTF8 "74e592c2fa383d4a3960714caef0c4f2"

     

       7
       7
       +
        #define EMBED_HASH_FULL_UTF8    (EMBED_HASH_HI_PART_UTF8 EMBED_HASH_LO_PART_UTF8) // NUL terminated

     

       8
       8
       +
        

     

       9
       9
       +
       +// This avoids compiler optimization which cause EMBED_HASH_HI_PART_UTF8 EMBED_HASH_LO_PART_UTF8

     

       10
       10
       +
       +// to be placed adjacent causing them to match EMBED_HASH_FULL_UTF8 when searched for replacing.

     

       11
       11
       +
       +// See https://github.com/dotnet/runtime/issues/109611 for more details.

     

       12
       12
       +
       +static bool compare_memory_nooptimization(volatile const char* a, volatile const char* b, size_t length)

     

       13
       13
       +
       +{

     

       14
       14
       +
       +    for (size_t i = 0; i < length; i++)

     

       15
       15
       +
       +    {

     

       16
       16
       +
       +        if (*a++ != *b++)

     

       17
       17
       +
       +            return false;

     

       18
       18
       +
       +    }

     

       19
       19
       +
       +    return true;

     

       20
       20
       +
       +}

     

       21
       21
       +
       +

     

       22
       22
       +
        bool is_exe_enabled_for_execution(pal::string_t* app_dll)

     

       23
       23
       +
        {

     

       24
       24
       +
            constexpr int EMBED_SZ = sizeof(EMBED_HASH_FULL_UTF8) / sizeof(EMBED_HASH_FULL_UTF8[0]);

     

       25
       25
       +
            constexpr int EMBED_MAX = (EMBED_SZ > 1025 ? EMBED_SZ : 1025); // 1024 DLL name length, 1 NUL

     

       26
       26
       +
        

     

       27
       27
       +
            // Contains the EMBED_HASH_FULL_UTF8 value at compile time or the managed DLL name replaced by "dotnet build".

     

       28
       28
       +
       -    // Must not be 'const' because std::string(&embed[0]) below would bind to a const string ctor plus length

     

       29
       29
       +
       -    // where length is determined at compile time (=64) instead of the actual length of the string at runtime.

     

       30
       30
       +
       +    // Must not be 'const' because strlen below could be determined at compile time (=64) instead of the actual

     

       31
       31
       +
       +    // length of the string at runtime.

     

       32
       32
       +
            static char embed[EMBED_MAX] = EMBED_HASH_FULL_UTF8;     // series of NULs followed by embed hash string

     

       33
       33
       +
        

     

       34
       34
       +
            static const char hi_part[] = EMBED_HASH_HI_PART_UTF8;

     

       35
       35
       +
       @@ -64,10 +77,10 @@ bool is_exe_enabled_for_execution(pal::string_t* app_dll)

     

       36
       36
       +
            size_t hi_len = (sizeof(hi_part) / sizeof(hi_part[0])) - 1;

     

       37
       37
       +
            size_t lo_len = (sizeof(lo_part) / sizeof(lo_part[0])) - 1;

     

       38
       38
       +
        

     

       39
       39
       +
       -    std::string binding(&embed[0]);

     

       40
       40
       +
       -    if ((binding.size() >= (hi_len + lo_len)) &&

     

       41
       41
       +
       -        binding.compare(0, hi_len, &hi_part[0]) == 0 &&

     

       42
       42
       +
       -        binding.compare(hi_len, lo_len, &lo_part[0]) == 0)

     

       43
       43
       +
       +    size_t binding_len = strlen(&embed[0]);

     

       44
       44
       +
       +    if ((binding_len >= (hi_len + lo_len))

     

       45
       45
       +
       +         && compare_memory_nooptimization(&embed[0], hi_part, hi_len) == 0

     

       46
       46
       +
       +         && compare_memory_nooptimization(&embed[hi_len], lo_part, lo_len))

     

       47
       47
       +
            {

     

       48
       48
       +
                trace::error(_X("This executable is not bound to a managed DLL to execute. The binding value is: '%s'"), app_dll->c_str());

     

       49
       49
       +
                return false;

+220

pkgs/development/compilers/dotnet/vmr-compiler-opt-v9.patch

···

       1
       1
       +
       From 4e333377f97ab8f0f47ba7606844c34cb61d1db0 Mon Sep 17 00:00:00 2001

     

       2
       2
       +
       From: Omair Majid <omajid@redhat.com>

     

       3
       3
       +
       Date: Mon, 9 Dec 2024 17:44:10 -0500

     

       4
       4
       +
       Subject: [PATCH 1/4] Avoid all compiler optimization on embedded apphost hash

     

       5
       5
       +
       

     

       6
       6
       +
       We assume that there is a single copy of the apphost hash in the apphost

     

       7
       7
       +
       binary. And that it hasn't been modified by the compiler. However, the

     

       8
       8
       +
       compiler can optimize the hash multiple ways, including re-ordering

     

       9
       9
       +
       elements of the hash  or duplicating the contents of the hash. This can

     

       10
       10
       +
       currently happen under certain compiler versions and optimization flags.

     

       11
       11
       +
       

     

       12
       12
       +
       Try and avoid that by marking the hash as a volatile string and

     

       13
       13
       +
       implementing comparisons/copying/initialization that respects that.

     

       14
       14
       +
       

     

       15
       15
       +
       Fixes: #109611

     

       16
       16
       +
       ---

     

       17
       17
       +
        src/runtime/src/native/corehost/corehost.cpp | 31 ++++++++++++++++++++++++++-----

     

       18
       18
       +
        1 file changed, 26 insertions(+), 5 deletions(-)

     

       19
       19
       +
       

     

       20
       20
       +
       diff --git a/src/runtime/src/native/corehost/corehost.cpp b/src/runtime/src/native/corehost/corehost.cpp

     

       21
       21
       +
       index 6de7acfbd08576..6d40a337d574a2 100644

     

       22
       22
       +
       --- a/src/runtime/src/native/corehost/corehost.cpp

     

       23
       23
       +
       +++ b/src/runtime/src/native/corehost/corehost.cpp

     

       24
       24
       +
       @@ -40,6 +40,24 @@

     

       25
       25
       +
        #define EMBED_HASH_LO_PART_UTF8 "74e592c2fa383d4a3960714caef0c4f2"

     

       26
       26
       +
        #define EMBED_HASH_FULL_UTF8    (EMBED_HASH_HI_PART_UTF8 EMBED_HASH_LO_PART_UTF8) // NUL terminated

     

       27
       27
       +
        

     

       28
       28
       +
       +void to_non_volatile(volatile const char* cstr, char* output, size_t length)

     

       29
       29
       +
       +{

     

       30
       30
       +
       +    for (size_t i = 0; i < length; i++)

     

       31
       31
       +
       +    {

     

       32
       32
       +
       +        output[i] = cstr[i];

     

       33
       33
       +
       +    }

     

       34
       34
       +
       +}

     

       35
       35
       +
       +

     

       36
       36
       +
       +bool compare_memory_nooptimization(volatile const char* a, volatile const char* b, size_t length)

     

       37
       37
       +
       +{

     

       38
       38
       +
       +    for (size_t i = 0; i < length; i++)

     

       39
       39
       +
       +    {

     

       40
       40
       +
       +        if (*a++ != *b++)

     

       41
       41
       +
       +            return false;

     

       42
       42
       +
       +    }

     

       43
       43
       +
       +    return true;

     

       44
       44
       +
       +}

     

       45
       45
       +
       +

     

       46
       46
       +
        bool is_exe_enabled_for_execution(pal::string_t* app_dll)

     

       47
       47
       +
        {

     

       48
       48
       +
            constexpr int EMBED_SZ = sizeof(EMBED_HASH_FULL_UTF8) / sizeof(EMBED_HASH_FULL_UTF8[0]);

     

       49
       49
       +
       @@ -48,18 +66,21 @@ bool is_exe_enabled_for_execution(pal::string_t* app_dll)

     

       50
       50
       +
            // Contains the EMBED_HASH_FULL_UTF8 value at compile time or the managed DLL name replaced by "dotnet build".

     

       51
       51
       +
            // Must not be 'const' because std::string(&embed[0]) below would bind to a const string ctor plus length

     

       52
       52
       +
            // where length is determined at compile time (=64) instead of the actual length of the string at runtime.

     

       53
       53
       +
       -    static char embed[EMBED_MAX] = EMBED_HASH_FULL_UTF8;     // series of NULs followed by embed hash string

     

       54
       54
       +
       +    volatile static char embed[EMBED_MAX] = EMBED_HASH_FULL_UTF8;     // series of NULs followed by embed hash string

     

       55
       55
       +
        

     

       56
       56
       +
            static const char hi_part[] = EMBED_HASH_HI_PART_UTF8;

     

       57
       57
       +
            static const char lo_part[] = EMBED_HASH_LO_PART_UTF8;

     

       58
       58
       +
        

     

       59
       59
       +
       -    if (!pal::clr_palstring(embed, app_dll))

     

       60
       60
       +
       +    char working_copy_embed[EMBED_MAX];

     

       61
       61
       +
       +    to_non_volatile(embed, working_copy_embed, EMBED_MAX);

     

       62
       62
       +
       +

     

       63
       63
       +
       +    if (!pal::clr_palstring(&working_copy_embed[0], app_dll))

     

       64
       64
       +
            {

     

       65
       65
       +
                trace::error(_X("The managed DLL bound to this executable could not be retrieved from the executable image."));

     

       66
       66
       +
                return false;

     

       67
       67
       +
            }

     

       68
       68
       +
        

     

       69
       69
       +
       -    std::string binding(&embed[0]);

     

       70
       70
       +
       +    std::string binding(&working_copy_embed[0]);

     

       71
       71
       +
        

     

       72
       72
       +
            // Check if the path exceeds the max allowed size

     

       73
       73
       +
            if (binding.size() > EMBED_MAX - 1) // -1 for null terminator

     

       74
       74
       +
       @@ -74,8 +95,8 @@ bool is_exe_enabled_for_execution(pal::string_t* app_dll)

     

       75
       75
       +
            size_t hi_len = (sizeof(hi_part) / sizeof(hi_part[0])) - 1;

     

       76
       76
       +
            size_t lo_len = (sizeof(lo_part) / sizeof(lo_part[0])) - 1;

     

       77
       77
       +
            if (binding.size() >= (hi_len + lo_len)

     

       78
       78
       +
       -        && binding.compare(0, hi_len, &hi_part[0]) == 0

     

       79
       79
       +
       -        && binding.compare(hi_len, lo_len, &lo_part[0]) == 0)

     

       80
       80
       +
       +        && compare_memory_nooptimization(binding.c_str(), hi_part, hi_len)

     

       81
       81
       +
       +        && compare_memory_nooptimization(binding.substr(hi_len).c_str(), lo_part, lo_len))

     

       82
       82
       +
            {

     

       83
       83
       +
                trace::error(_X("This executable is not bound to a managed DLL to execute. The binding value is: '%s'"), app_dll->c_str());

     

       84
       84
       +
                return false;

     

       85
       85
       +
       

     

       86
       86
       +
       From 2c67debff3f84519b7b5cba49232aaa2396a9f3e Mon Sep 17 00:00:00 2001

     

       87
       87
       +
       From: Aaron R Robinson <arobins@microsoft.com>

     

       88
       88
       +
       Date: Wed, 26 Mar 2025 20:40:51 -0700

     

       89
       89
       +
       Subject: [PATCH 2/4] Apply feedback

     

       90
       90
       +
       

     

       91
       91
       +
       ---

     

       92
       92
       +
        src/runtime/src/native/corehost/corehost.cpp | 20 ++++++--------------

     

       93
       93
       +
        1 file changed, 6 insertions(+), 14 deletions(-)

     

       94
       94
       +
       

     

       95
       95
       +
       diff --git a/src/runtime/src/native/corehost/corehost.cpp b/src/runtime/src/native/corehost/corehost.cpp

     

       96
       96
       +
       index 6d40a337d574a2..9d2648c0ba84fa 100644

     

       97
       97
       +
       --- a/src/runtime/src/native/corehost/corehost.cpp

     

       98
       98
       +
       +++ b/src/runtime/src/native/corehost/corehost.cpp

     

       99
       99
       +
       @@ -40,14 +40,9 @@

     

       100
       100
       +
        #define EMBED_HASH_LO_PART_UTF8 "74e592c2fa383d4a3960714caef0c4f2"

     

       101
       101
       +
        #define EMBED_HASH_FULL_UTF8    (EMBED_HASH_HI_PART_UTF8 EMBED_HASH_LO_PART_UTF8) // NUL terminated

     

       102
       102
       +
        

     

       103
       103
       +
       -void to_non_volatile(volatile const char* cstr, char* output, size_t length)

     

       104
       104
       +
       -{

     

       105
       105
       +
       -    for (size_t i = 0; i < length; i++)

     

       106
       106
       +
       -    {

     

       107
       107
       +
       -        output[i] = cstr[i];

     

       108
       108
       +
       -    }

     

       109
       109
       +
       -}

     

       110
       110
       +
       -

     

       111
       111
       +
       +// This is a workaround for a compiler workaround that

     

       112
       112
       +
       +// causes issues with inserting multiple static strings.

     

       113
       113
       +
       +// See https://github.com/dotnet/runtime/issues/109611 for more details.

     

       114
       114
       +
        bool compare_memory_nooptimization(volatile const char* a, volatile const char* b, size_t length)

     

       115
       115
       +
        {

     

       116
       116
       +
            for (size_t i = 0; i < length; i++)

     

       117
       117
       +
       @@ -66,21 +61,18 @@ bool is_exe_enabled_for_execution(pal::string_t* app_dll)

     

       118
       118
       +
            // Contains the EMBED_HASH_FULL_UTF8 value at compile time or the managed DLL name replaced by "dotnet build".

     

       119
       119
       +
            // Must not be 'const' because std::string(&embed[0]) below would bind to a const string ctor plus length

     

       120
       120
       +
            // where length is determined at compile time (=64) instead of the actual length of the string at runtime.

     

       121
       121
       +
       -    volatile static char embed[EMBED_MAX] = EMBED_HASH_FULL_UTF8;     // series of NULs followed by embed hash string

     

       122
       122
       +
       +    static char embed[EMBED_MAX] = EMBED_HASH_FULL_UTF8;     // series of NULs followed by embed hash string

     

       123
       123
       +
        

     

       124
       124
       +
            static const char hi_part[] = EMBED_HASH_HI_PART_UTF8;

     

       125
       125
       +
            static const char lo_part[] = EMBED_HASH_LO_PART_UTF8;

     

       126
       126
       +
        

     

       127
       127
       +
       -    char working_copy_embed[EMBED_MAX];

     

       128
       128
       +
       -    to_non_volatile(embed, working_copy_embed, EMBED_MAX);

     

       129
       129
       +
       -

     

       130
       130
       +
       -    if (!pal::clr_palstring(&working_copy_embed[0], app_dll))

     

       131
       131
       +
       +    if (!pal::clr_palstring(embed, app_dll))

     

       132
       132
       +
            {

     

       133
       133
       +
                trace::error(_X("The managed DLL bound to this executable could not be retrieved from the executable image."));

     

       134
       134
       +
                return false;

     

       135
       135
       +
            }

     

       136
       136
       +
        

     

       137
       137
       +
       -    std::string binding(&working_copy_embed[0]);

     

       138
       138
       +
       +    std::string binding(&embed[0]);

     

       139
       139
       +
        

     

       140
       140
       +
            // Check if the path exceeds the max allowed size

     

       141
       141
       +
            if (binding.size() > EMBED_MAX - 1) // -1 for null terminator

     

       142
       142
       +
       

     

       143
       143
       +
       From 854143d39e7725d82547032f1ab47ea5da062b9f Mon Sep 17 00:00:00 2001

     

       144
       144
       +
       From: Aaron R Robinson <arobins@microsoft.com>

     

       145
       145
       +
       Date: Thu, 27 Mar 2025 19:04:09 -0700

     

       146
       146
       +
       Subject: [PATCH 3/4] Feedback

     

       147
       147
       +
       

     

       148
       148
       +
       ---

     

       149
       149
       +
        src/runtime/src/native/corehost/corehost.cpp | 16 ++++++++--------

     

       150
       150
       +
        1 file changed, 8 insertions(+), 8 deletions(-)

     

       151
       151
       +
       

     

       152
       152
       +
       diff --git a/src/runtime/src/native/corehost/corehost.cpp b/src/runtime/src/native/corehost/corehost.cpp

     

       153
       153
       +
       index 9d2648c0ba84fa..36902ccfa56c04 100644

     

       154
       154
       +
       --- a/src/runtime/src/native/corehost/corehost.cpp

     

       155
       155
       +
       +++ b/src/runtime/src/native/corehost/corehost.cpp

     

       156
       156
       +
       @@ -40,10 +40,10 @@

     

       157
       157
       +
        #define EMBED_HASH_LO_PART_UTF8 "74e592c2fa383d4a3960714caef0c4f2"

     

       158
       158
       +
        #define EMBED_HASH_FULL_UTF8    (EMBED_HASH_HI_PART_UTF8 EMBED_HASH_LO_PART_UTF8) // NUL terminated

     

       159
       159
       +
        

     

       160
       160
       +
       -// This is a workaround for a compiler workaround that

     

       161
       161
       +
       -// causes issues with inserting multiple static strings.

     

       162
       162
       +
       +// This avoids compiler optimization which cause EMBED_HASH_HI_PART_UTF8 EMBED_HASH_LO_PART_UTF8

     

       163
       163
       +
       +// to be placed adjacent causing them to match EMBED_HASH_FULL_UTF8 when searched for replacing.

     

       164
       164
       +
        // See https://github.com/dotnet/runtime/issues/109611 for more details.

     

       165
       165
       +
       -bool compare_memory_nooptimization(volatile const char* a, volatile const char* b, size_t length)

     

       166
       166
       +
       +static bool compare_memory_nooptimization(volatile const char* a, volatile const char* b, size_t length)

     

       167
       167
       +
        {

     

       168
       168
       +
            for (size_t i = 0; i < length; i++)

     

       169
       169
       +
            {

     

       170
       170
       +
       @@ -72,10 +72,10 @@ bool is_exe_enabled_for_execution(pal::string_t* app_dll)

     

       171
       171
       +
                return false;

     

       172
       172
       +
            }

     

       173
       173
       +
        

     

       174
       174
       +
       -    std::string binding(&embed[0]);

     

       175
       175
       +
       +    size_t binding_len = strlen(&embed[0]);

     

       176
       176
       +
        

     

       177
       177
       +
            // Check if the path exceeds the max allowed size

     

       178
       178
       +
       -    if (binding.size() > EMBED_MAX - 1) // -1 for null terminator

     

       179
       179
       +
       +    if (binding_len > EMBED_MAX - 1) // -1 for null terminator

     

       180
       180
       +
            {

     

       181
       181
       +
                trace::error(_X("The managed DLL bound to this executable is longer than the max allowed length (%d)"), EMBED_MAX - 1);

     

       182
       182
       +
                return false;

     

       183
       183
       +
       @@ -86,9 +86,9 @@ bool is_exe_enabled_for_execution(pal::string_t* app_dll)

     

       184
       184
       +
            // So use two parts of the string that will be unaffected by the edit.

     

       185
       185
       +
            size_t hi_len = (sizeof(hi_part) / sizeof(hi_part[0])) - 1;

     

       186
       186
       +
            size_t lo_len = (sizeof(lo_part) / sizeof(lo_part[0])) - 1;

     

       187
       187
       +
       -    if (binding.size() >= (hi_len + lo_len)

     

       188
       188
       +
       -        && compare_memory_nooptimization(binding.c_str(), hi_part, hi_len)

     

       189
       189
       +
       -        && compare_memory_nooptimization(binding.substr(hi_len).c_str(), lo_part, lo_len))

     

       190
       190
       +
       +    if (binding_len >= (hi_len + lo_len)

     

       191
       191
       +
       +        && compare_memory_nooptimization(&embed[0], hi_part, hi_len)

     

       192
       192
       +
       +        && compare_memory_nooptimization(&embed[hi_len], lo_part, lo_len))

     

       193
       193
       +
            {

     

       194
       194
       +
                trace::error(_X("This executable is not bound to a managed DLL to execute. The binding value is: '%s'"), app_dll->c_str());

     

       195
       195
       +
                return false;

     

       196
       196
       +
       

     

       197
       197
       +
       From 842d62e499ce6511abf948cf5da8023cc6be8212 Mon Sep 17 00:00:00 2001

     

       198
       198
       +
       From: Aaron R Robinson <arobins@microsoft.com>

     

       199
       199
       +
       Date: Fri, 28 Mar 2025 15:44:47 -0700

     

       200
       200
       +
       Subject: [PATCH 4/4] Feedback

     

       201
       201
       +
       

     

       202
       202
       +
       ---

     

       203
       203
       +
        src/runtime/src/native/corehost/corehost.cpp | 4 ++--

     

       204
       204
       +
        1 file changed, 2 insertions(+), 2 deletions(-)

     

       205
       205
       +
       

     

       206
       206
       +
       diff --git a/src/runtime/src/native/corehost/corehost.cpp b/src/runtime/src/native/corehost/corehost.cpp

     

       207
       207
       +
       index 36902ccfa56c04..54eb128cb486bb 100644

     

       208
       208
       +
       --- a/src/runtime/src/native/corehost/corehost.cpp

     

       209
       209
       +
       +++ b/src/runtime/src/native/corehost/corehost.cpp

     

       210
       210
       +
       @@ -59,8 +59,8 @@ bool is_exe_enabled_for_execution(pal::string_t* app_dll)

     

       211
       211
       +
            constexpr int EMBED_MAX = (EMBED_SZ > 1025 ? EMBED_SZ : 1025); // 1024 DLL name length, 1 NUL

     

       212
       212
       +
        

     

       213
       213
       +
            // Contains the EMBED_HASH_FULL_UTF8 value at compile time or the managed DLL name replaced by "dotnet build".

     

       214
       214
       +
       -    // Must not be 'const' because std::string(&embed[0]) below would bind to a const string ctor plus length

     

       215
       215
       +
       -    // where length is determined at compile time (=64) instead of the actual length of the string at runtime.

     

       216
       216
       +
       +    // Must not be 'const' because strlen below could be determined at compile time (=64) instead of the actual

     

       217
       217
       +
       +    // length of the string at runtime.

     

       218
       218
       +
            static char embed[EMBED_MAX] = EMBED_HASH_FULL_UTF8;     // series of NULs followed by embed hash string

     

       219
       219
       +
        

     

       220
       220
       +
            static const char hi_part[] = EMBED_HASH_HI_PART_UTF8;

pkgs/development/compilers/dotnet/vmr.nix

···

       136
       136
        
         patches =

     

       137
       137
        
           lib.optionals (lib.versionAtLeast version "9" && lib.versionOlder version "10") [

     

       138
       138
        
             ./UpdateNuGetConfigPackageSourcesMappings-don-t-add-em.patch

     

       139
       139
       +
             ./vmr-compiler-opt-v9.patch

     

       139
       140
        
           ]

     

       140
       141
        
           ++ lib.optionals (lib.versionOlder version "9") [

     

       141
       142
        
             ./fix-aspnetcore-portable-build.patch

     

       143
       143
       +
             ./vmr-compiler-opt-v8.patch

     

       142
       144
        
           ]

     

       143
       145
        
           ++ lib.optionals (lib.versionAtLeast version "10") [

     

       144
       146
        
             # src/repos/projects/Directory.Build.targets(106,5): error MSB4018: The "AddSourceToNuGetConfig" task failed unexpectedly.

+57

pkgs/development/python-modules/llm-perplexity/default.nix

···

       1
       1
       +
       {

     

       2
       2
       +
         lib,

     

       3
       3
       +
         buildPythonPackage,

     

       4
       4
       +
         fetchFromGitHub,

     

       5
       5
       +
       

     

       6
       6
       +
         # build-system

     

       7
       7
       +
         setuptools,

     

       8
       8
       +
       

     

       9
       9
       +
         # dependencies

     

       10
       10
       +
         llm,

     

       11
       11
       +
         openai,

     

       12
       12
       +
       

     

       13
       13
       +
         # tests

     

       14
       14
       +
         pytestCheckHook,

     

       15
       15
       +
         writableTmpDirAsHomeHook,

     

       16
       16
       +
         python-dotenv,

     

       17
       17
       +
         pillow,

     

       18
       18
       +
         llm-perplexity,

     

       19
       19
       +
       }:

     

       20
       20
       +
       buildPythonPackage rec {

     

       21
       21
       +
         pname = "llm-perplexity";

     

       22
       22
       +
         version = "2025.6.0";

     

       23
       23
       +
         pyproject = true;

     

       24
       24
       +
       

     

       25
       25
       +
         src = fetchFromGitHub {

     

       26
       26
       +
           owner = "hex";

     

       27
       27
       +
           repo = "llm-perplexity";

     

       28
       28
       +
           tag = version;

     

       29
       29
       +
           hash = "sha256-LTf2TY5bjSb7ARXrhWj1ctGuMpnq2Kl/kv/hrgX/m/M=";

     

       30
       30
       +
         };

     

       31
       31
       +
       

     

       32
       32
       +
         build-system = [ setuptools ];

     

       33
       33
       +
       

     

       34
       34
       +
         dependencies = [

     

       35
       35
       +
           llm

     

       36
       36
       +
           openai

     

       37
       37
       +
         ];

     

       38
       38
       +
       

     

       39
       39
       +
         nativeCheckInputs = [

     

       40
       40
       +
           pytestCheckHook

     

       41
       41
       +
           writableTmpDirAsHomeHook

     

       42
       42
       +
           python-dotenv

     

       43
       43
       +
           pillow

     

       44
       44
       +
         ];

     

       45
       45
       +
       

     

       46
       46
       +
         pythonImportsCheck = [ "llm_perplexity" ];

     

       47
       47
       +
       

     

       48
       48
       +
         passthru.tests = llm.mkPluginTest llm-perplexity;

     

       49
       49
       +
       

     

       50
       50
       +
         meta = {

     

       51
       51
       +
           description = "LLM access to pplx-api";

     

       52
       52
       +
           homepage = "https://github.com/hex/llm-perplexity";

     

       53
       53
       +
           changelog = "https://github.com/hex/llm-perplexity/releases/tag/${version}";

     

       54
       54
       +
           license = lib.licenses.asl20;

     

       55
       55
       +
           maintainers = with lib.maintainers; [ jed-richards ];

     

       56
       56
       +
         };

     

       57
       57
       +
       }

pkgs/development/python-modules/llm/default.nix

···

       85
       85
        
             llm-openai-plugin ? false,

     

       86
       86
        
             llm-openrouter ? false,

     

       87
       87
        
             llm-pdf-to-images ? false,

     

       88
       88
       +
             llm-perplexity ? false,

     

       88
       89
        
             llm-sentence-transformers ? false,

     

       89
       90
        
             llm-templates-fabric ? false,

     

       90
       91
        
             llm-templates-github ? false,

+7 -5

pkgs/tools/security/proxmark3/default.nix

···

       30
       30
        
       assert withBlueshark -> stdenv.hostPlatform.isLinux;

     

       31
       31
        
       stdenv.mkDerivation (finalAttrs: {

     

       32
       32
        
         pname = "proxmark3";

     

       33
       33
       -
         version = "4.20142";

     

       33
       33
       +
         version = "4.20469";

     

       34
       34
        
       

     

       35
       35
        
         src = fetchFromGitHub {

     

       36
       36
        
           owner = "RfidResearchGroup";

     

       37
       37
        
           repo = "proxmark3";

     

       38
       38
        
           rev = "v${finalAttrs.version}";

     

       39
       39
       -
           hash = "sha256-kdwjwydeX8EwJazFzrrk5osv0YVzDVzn2S1sDKRQdR8=";

     

       39
       39
       +
           hash = "sha256-Z87YCuNWQ66FTAq7qXUYKI25BEWrXD+YK0GczDmWc9A=";

     

       40
       40
        
         };

     

       41
       41
        
       

     

       42
       42
        
         patches = [

     
···

       48
       48
        
         postPatch = ''

     

       49
       49
        
           # Remove hardcoded paths on Darwin

     

       50
       50
        
           substituteInPlace Makefile.defs \

     

       51
       51
       -
             --replace "/usr/bin/ar" "ar" \

     

       52
       52
       -
             --replace "/usr/bin/ranlib" "ranlib"

     

       51
       51
       +
             --replace-fail "/usr/bin/ar" "ar" \

     

       52
       52
       +
             --replace-fail "/usr/bin/ranlib" "ranlib"

     

       53
       53
        
           # Replace hardcoded path to libwhereami

     

       54
       54
       +
           # Replace darwin sed syntax with gnused

     

       54
       55
        
           substituteInPlace client/Makefile \

     

       55
       55
       -
             --replace "/usr/include/whereami.h" "${whereami}/include/whereami.h"

     

       56
       56
       +
             --replace-fail "/usr/include/whereami.h" "${whereami}/include/whereami.h" \

     

       57
       57
       +
             --replace-fail "sed -E -i '''" "sed -i"

     

       56
       58
        
         '';

     

       57
       59
        
       

     

       58
       60
        
         nativeBuildInputs = [

pkgs/top-level/python-packages.nix

···

       8455
       8455
        
       

     

       8456
       8456
        
         llm-pdf-to-images = callPackage ../development/python-modules/llm-pdf-to-images { };

     

       8457
       8457
        
       

     

       8458
       8458
       +
         llm-perplexity = callPackage ../development/python-modules/llm-perplexity { };

     

       8459
       8459
       +
       

     

       8458
       8460
        
         llm-sentence-transformers = callPackage ../development/python-modules/llm-sentence-transformers { };

     

       8459
       8461
        
       

     

       8460
       8462
        
         llm-templates-fabric = callPackage ../development/python-modules/llm-templates-fabric { };