commit c2c63f769b087f3240362f7479f4051a7c0e456a · pyrox.dev/nixpkgs

+1 -4

maintainers/team-list.nix

···

       593
       593
        
         };

     

       594
       594
        
       

     

       595
       595
        
         infisical = {

     

       596
       596
       -
           members = [

     

       597
       597
       -
             akhilmhdh

     

       598
       598
       -
             mahyarmirrashed

     

       599
       599
       -
           ];

     

       596
       596
       +
           members = [ akhilmhdh ];

     

       600
       597
        
           scope = "Maintain Infisical";

     

       601
       598
        
           shortName = "Infisical";

     

       602
       599
        
         };

nixos/doc/manual/release-notes/rl-2511.section.md

···

       27
       27
        
       

     

       28
       28
        
       - Options under [networking.getaddrinfo](#opt-networking.getaddrinfo.enable) are now allowed to declaratively configure address selection and sorting behavior of `getaddrinfo` in dual-stack networks.

     

       29
       29
        
       

     

       30
       30
       +
       - [Homebridge](https://github.com/homebridge/homebridge), a lightweight Node.js server you can run on your home network that emulates the iOS HomeKit API. Available as [services.homebridge](#opt-services.homebridge.enable).

     

       31
       31
       +
       

     

       30
       32
        
       - [LACT](https://github.com/ilya-zlobintsev/LACT), a GPU monitoring and configuration tool, can now be enabled through [services.lact.enable](#opt-services.lact.enable).

     

       31
       33
        
         Note that for LACT to work properly on AMD GPU systems, you need to enable [hardware.amdgpu.overdrive.enable](#opt-hardware.amdgpu.overdrive.enable).

     

       32
       34
        
       

     
···

       49
       51
        
       - [postfix-tlspol](https://github.com/Zuplu/postfix-tlspol), MTA-STS and DANE resolver and TLS policy server for Postfix. Available as [services.postfix-tlspol](#opt-services.postfix-tlspol.enable).

     

       50
       52
        
       

     

       51
       53
        
       - [Newt](https://github.com/fosrl/newt), a fully user space WireGuard tunnel client and TCP/UDP proxy, designed to securely expose private resources controlled by Pangolin. Available as [services.newt](options.html#opt-services.newt.enable).

     

       54
       54
       +
       

     

       55
       55
       +
       - [qBittorrent](https://www.qbittorrent.org/), is a bittorrent client programmed in C++ / Qt that uses libtorrent by Arvid Norberg. Available as [services.qbittorrent](#opt-services.qbittorrent.enable).

     

       52
       56
        
       

     

       53
       57
        
       - [Szurubooru](https://github.com/rr-/szurubooru), an image board engine inspired by services such as Danbooru, dedicated for small and medium communities. Available as [services.szurubooru](#opt-services.szurubooru.enable).

     

       54
       58

nixos/modules/module-list.nix

···

       696
       696
        
         ./services/home-automation/evcc.nix

     

       697
       697
        
         ./services/home-automation/govee2mqtt.nix

     

       698
       698
        
         ./services/home-automation/home-assistant.nix

     

       699
       699
       +
         ./services/home-automation/homebridge.nix

     

       699
       700
        
         ./services/home-automation/matter-server.nix

     

       700
       701
        
         ./services/home-automation/wyoming/faster-whisper.nix

     

       701
       702
        
         ./services/home-automation/wyoming/openwakeword.nix

     
···

       1501
       1502
        
         ./services/torrent/magnetico.nix

     

       1502
       1503
        
         ./services/torrent/opentracker.nix

     

       1503
       1504
        
         ./services/torrent/peerflix.nix

     

       1505
       1505
       +
         ./services/torrent/qbittorrent.nix

     

       1504
       1506
        
         ./services/torrent/rtorrent.nix

     

       1505
       1507
        
         ./services/torrent/torrentstream.nix

     

       1506
       1508
        
         ./services/torrent/transmission.nix

+433

nixos/modules/services/home-automation/homebridge.nix

···

       1
       1
       +
       {

     

       2
       2
       +
         config,

     

       3
       3
       +
         lib,

     

       4
       4
       +
         pkgs,

     

       5
       5
       +
         ...

     

       6
       6
       +
       }:

     

       7
       7
       +
       

     

       8
       8
       +
       let

     

       9
       9
       +
         cfg = config.services.homebridge;

     

       10
       10
       +
       

     

       11
       11
       +
         restartCommand = "sudo -n systemctl restart homebridge";

     

       12
       12
       +
       

     

       13
       13
       +
         defaultConfigUIPlatform = {

     

       14
       14
       +
           inherit (cfg.uiSettings)

     

       15
       15
       +
             platform

     

       16
       16
       +
             name

     

       17
       17
       +
             port

     

       18
       18
       +
             restart

     

       19
       19
       +
             log

     

       20
       20
       +
             ;

     

       21
       21
       +
         };

     

       22
       22
       +
       

     

       23
       23
       +
         defaultConfig = {

     

       24
       24
       +
           description = "Homebridge";

     

       25
       25
       +
           bridge = {

     

       26
       26
       +
             inherit (cfg.settings.bridge) name port;

     

       27
       27
       +
             # These have to be set at least once, otherwise the homebridge will not work

     

       28
       28
       +
             username = "CC:22:3D:E3:CE:30";

     

       29
       29
       +
             pin = "031-45-154";

     

       30
       30
       +
           };

     

       31
       31
       +
           platforms = [

     

       32
       32
       +
             defaultConfigUIPlatform

     

       33
       33
       +
           ];

     

       34
       34
       +
         };

     

       35
       35
       +
       

     

       36
       36
       +
         defaultConfigFile = settingsFormat.generate "config.json" defaultConfig;

     

       37
       37
       +
       

     

       38
       38
       +
         nixOverrideConfig = cfg.settings // {

     

       39
       39
       +
           platforms = [ cfg.uiSettings ] ++ cfg.settings.platforms;

     

       40
       40
       +
         };

     

       41
       41
       +
       

     

       42
       42
       +
         nixOverrideConfigFile = settingsFormat.generate "nixOverrideConfig.json" nixOverrideConfig;

     

       43
       43
       +
       

     

       44
       44
       +
         # Create a single jq filter that updates all fields at once

     

       45
       45
       +
         # Platforms need to be unique by "platform"

     

       46
       46
       +
         # Accessories need to be unique by "name"

     

       47
       47
       +
         jqMergeFilter = ''

     

       48
       48
       +
           reduce .[] as $item (

     

       49
       49
       +
             {};

     

       50
       50
       +
             . * $item + {

     

       51
       51
       +
               "platforms": (

     

       52
       52
       +
                 ((.platforms // []) + ($item.platforms // [])) |

     

       53
       53
       +
                 group_by(.platform) |

     

       54
       54
       +
                 map(reduce .[] as $platform ({}; . * $platform))

     

       55
       55
       +
               ),

     

       56
       56
       +
               "accessories": (

     

       57
       57
       +
                 ((.accessories // []) + ($item.accessories // [])) |

     

       58
       58
       +
                 group_by(.name) |

     

       59
       59
       +
                 map(reduce .[] as $accessory ({}; . * $accessory))

     

       60
       60
       +
               )

     

       61
       61
       +
             }

     

       62
       62
       +
           )

     

       63
       63
       +
         '';

     

       64
       64
       +
       

     

       65
       65
       +
         jqMergeFilterFile = pkgs.writeTextFile {

     

       66
       66
       +
           name = "jqMergeFilter.jq";

     

       67
       67
       +
           text = jqMergeFilter;

     

       68
       68
       +
         };

     

       69
       69
       +
       

     

       70
       70
       +
         # Validation function to ensure no platform has the platform "config".

     

       71
       71
       +
         # We want to make sure settings for the "config" platform are set in uiSettings.

     

       72
       72
       +
         validatePlatforms =

     

       73
       73
       +
           platforms:

     

       74
       74
       +
           let

     

       75
       75
       +
             conflictingPlatforms = builtins.filter (p: p.platform == "config") platforms;

     

       76
       76
       +
           in

     

       77
       77
       +
           if builtins.length conflictingPlatforms > 0 then

     

       78
       78
       +
             throw "The platforms list must not contain any platform with platform type 'config'.  Use the uiSettings attribute instead."

     

       79
       79
       +
           else

     

       80
       80
       +
             platforms;

     

       81
       81
       +
       

     

       82
       82
       +
         settingsFormat = pkgs.formats.json { };

     

       83
       83
       +
       in

     

       84
       84
       +
       {

     

       85
       85
       +
         options.services.homebridge = with lib.types; {

     

       86
       86
       +
       

     

       87
       87
       +
           # Basic Example

     

       88
       88
       +
           # {

     

       89
       89
       +
           #   services.homebridge = {

     

       90
       90
       +
           #     enable = true;

     

       91
       91
       +
           #     # Necessary for service to be reachable

     

       92
       92
       +
           #     openFirewall = true;

     

       93
       93
       +
           #   };

     

       94
       94
       +
           # }

     

       95
       95
       +
       

     

       96
       96
       +
           enable = lib.mkEnableOption "Homebridge: Homekit home automation";

     

       97
       97
       +
       

     

       98
       98
       +
           user = lib.mkOption {

     

       99
       99
       +
             type = str;

     

       100
       100
       +
             default = "homebridge";

     

       101
       101
       +
             description = "User to run homebridge as.";

     

       102
       102
       +
           };

     

       103
       103
       +
       

     

       104
       104
       +
           group = lib.mkOption {

     

       105
       105
       +
             type = str;

     

       106
       106
       +
             default = "homebridge";

     

       107
       107
       +
             description = "Group to run homebridge as.";

     

       108
       108
       +
           };

     

       109
       109
       +
       

     

       110
       110
       +
           openFirewall = lib.mkEnableOption "" // {

     

       111
       111
       +
             description = ''

     

       112
       112
       +
               Open ports in the firewall for the Homebridge web interface and service.

     

       113
       113
       +
             '';

     

       114
       114
       +
           };

     

       115
       115
       +
       

     

       116
       116
       +
           userStoragePath = lib.mkOption {

     

       117
       117
       +
             type = str;

     

       118
       118
       +
             default = "/var/lib/homebridge";

     

       119
       119
       +
             description = ''

     

       120
       120
       +
               Path to store homebridge user files (needs to be writeable).

     

       121
       121
       +
             '';

     

       122
       122
       +
           };

     

       123
       123
       +
       

     

       124
       124
       +
           pluginPath = lib.mkOption {

     

       125
       125
       +
             type = str;

     

       126
       126
       +
             default = "/var/lib/homebridge/node_modules";

     

       127
       127
       +
             description = ''

     

       128
       128
       +
               Path to the plugin download directory (needs to be writeable).

     

       129
       129
       +
               Seems this needs to end with node_modules, as Homebridge will run npm

     

       130
       130
       +
               on the parent directory.

     

       131
       131
       +
             '';

     

       132
       132
       +
           };

     

       133
       133
       +
       

     

       134
       134
       +
           environmentFile = lib.mkOption {

     

       135
       135
       +
             type = types.nullOr types.str;

     

       136
       136
       +
             default = null;

     

       137
       137
       +
             description = ''

     

       138
       138
       +
               Path to an environment-file which may contain secrets.

     

       139
       139
       +
             '';

     

       140
       140
       +
           };

     

       141
       141
       +
       

     

       142
       142
       +
           settings = lib.mkOption {

     

       143
       143
       +
             default = { };

     

       144
       144
       +
             description = ''

     

       145
       145
       +
               Configuration options for homebridge.

     

       146
       146
       +
       

     

       147
       147
       +
               For more details, see [the homebridge documentation](https://github.com/homebridge/homebridge/wiki/Homebridge-Config-JSON-Explained).

     

       148
       148
       +
             '';

     

       149
       149
       +
             type = submodule {

     

       150
       150
       +
               freeformType = settingsFormat.type;

     

       151
       151
       +
               options = {

     

       152
       152
       +
                 description = lib.mkOption {

     

       153
       153
       +
                   type = str;

     

       154
       154
       +
                   default = "Homebridge";

     

       155
       155
       +
                   description = "Description of the homebridge instance.";

     

       156
       156
       +
                   readOnly = true;

     

       157
       157
       +
                 };

     

       158
       158
       +
       

     

       159
       159
       +
                 bridge.name = lib.mkOption {

     

       160
       160
       +
                   type = str;

     

       161
       161
       +
                   default = "Homebridge";

     

       162
       162
       +
                   description = "Name of the homebridge";

     

       163
       163
       +
                 };

     

       164
       164
       +
       

     

       165
       165
       +
                 bridge.port = lib.mkOption {

     

       166
       166
       +
                   type = port;

     

       167
       167
       +
                   default = 51826;

     

       168
       168
       +
                   description = "The port homebridge listens on";

     

       169
       169
       +
                 };

     

       170
       170
       +
       

     

       171
       171
       +
                 platforms = lib.mkOption {

     

       172
       172
       +
                   description = "Homebridge Platforms";

     

       173
       173
       +
                   default = [ ];

     

       174
       174
       +
                   apply = validatePlatforms;

     

       175
       175
       +
                   type = listOf (submodule {

     

       176
       176
       +
                     freeformType = settingsFormat.type;

     

       177
       177
       +
                     options = {

     

       178
       178
       +
                       name = lib.mkOption {

     

       179
       179
       +
                         type = str;

     

       180
       180
       +
                         description = "Name of the platform";

     

       181
       181
       +
                       };

     

       182
       182
       +
                       platform = lib.mkOption {

     

       183
       183
       +
                         type = str;

     

       184
       184
       +
                         description = "Platform type";

     

       185
       185
       +
                       };

     

       186
       186
       +
                     };

     

       187
       187
       +
                   });

     

       188
       188
       +
                 };

     

       189
       189
       +
       

     

       190
       190
       +
                 accessories = lib.mkOption {

     

       191
       191
       +
                   description = "Homebridge Accessories";

     

       192
       192
       +
                   default = [ ];

     

       193
       193
       +
                   type = listOf (submodule {

     

       194
       194
       +
                     freeformType = settingsFormat.type;

     

       195
       195
       +
                     options = {

     

       196
       196
       +
                       name = lib.mkOption {

     

       197
       197
       +
                         type = str;

     

       198
       198
       +
                         description = "Name of the accessory";

     

       199
       199
       +
                       };

     

       200
       200
       +
                       accessory = lib.mkOption {

     

       201
       201
       +
                         type = str;

     

       202
       202
       +
                         description = "Accessory type";

     

       203
       203
       +
                       };

     

       204
       204
       +
                     };

     

       205
       205
       +
                   });

     

       206
       206
       +
                 };

     

       207
       207
       +
               };

     

       208
       208
       +
             };

     

       209
       209
       +
           };

     

       210
       210
       +
       

     

       211
       211
       +
           # Defines the parameters for the Homebridge UI Plugin.

     

       212
       212
       +
           # This submodule will get merged into the "platforms" array

     

       213
       213
       +
           # inside settings.

     

       214
       214
       +
           uiSettings = lib.mkOption {

     

       215
       215
       +
             # Full list of UI settings can be found here: https://github.com/homebridge/homebridge-config-ui-x/wiki/Config-Options

     

       216
       216
       +
             default = { };

     

       217
       217
       +
             description = ''

     

       218
       218
       +
               Configuration options for homebridge config UI plugin.

     

       219
       219
       +
       

     

       220
       220
       +
               For more details, see [the homebridge-config-ui-x documentation](https://github.com/homebridge/homebridge-config-ui-x/wiki/Config-Options).

     

       221
       221
       +
             '';

     

       222
       222
       +
             type = submodule {

     

       223
       223
       +
               freeformType = settingsFormat.type;

     

       224
       224
       +
               options = {

     

       225
       225
       +
                 ## Following parameters must be set, and can't be changed.

     

       226
       226
       +
       

     

       227
       227
       +
                 # Must be "config" for UI service to see its config

     

       228
       228
       +
                 platform = lib.mkOption {

     

       229
       229
       +
                   type = str;

     

       230
       230
       +
                   default = "config";

     

       231
       231
       +
                   description = "Type of the homebridge UI platform";

     

       232
       232
       +
                   readOnly = true;

     

       233
       233
       +
                 };

     

       234
       234
       +
       

     

       235
       235
       +
                 name = lib.mkOption {

     

       236
       236
       +
                   type = str;

     

       237
       237
       +
                   default = "Config";

     

       238
       238
       +
                   description = "Name of the homebridge UI platform";

     

       239
       239
       +
                   readOnly = true;

     

       240
       240
       +
                 };

     

       241
       241
       +
       

     

       242
       242
       +
                 # Homebridge can be installed many ways, but we're forcing a double service systemd setup

     

       243
       243
       +
                 # This command will restart both services

     

       244
       244
       +
                 restart = lib.mkOption {

     

       245
       245
       +
                   type = str;

     

       246
       246
       +
                   default = restartCommand;

     

       247
       247
       +
                   description = "Command to restart the homebridge UI service";

     

       248
       248
       +
                   readOnly = true;

     

       249
       249
       +
                 };

     

       250
       250
       +
       

     

       251
       251
       +
                 # We're using systemd, so make sure logs is setup to pull from systemd

     

       252
       252
       +
                 log.method = lib.mkOption {

     

       253
       253
       +
                   type = str;

     

       254
       254
       +
                   default = "systemd";

     

       255
       255
       +
                   description = "Method to use for logging";

     

       256
       256
       +
                   readOnly = true;

     

       257
       257
       +
                 };

     

       258
       258
       +
       

     

       259
       259
       +
                 log.service = lib.mkOption {

     

       260
       260
       +
                   type = str;

     

       261
       261
       +
                   default = "homebridge";

     

       262
       262
       +
                   description = "Name of the systemd service to log to";

     

       263
       263
       +
                   readOnly = true;

     

       264
       264
       +
                 };

     

       265
       265
       +
       

     

       266
       266
       +
                 # The following options are allowed to be changed.

     

       267
       267
       +
                 port = lib.mkOption {

     

       268
       268
       +
                   type = port;

     

       269
       269
       +
                   default = 8581;

     

       270
       270
       +
                   description = "The port the UI web service should listen on";

     

       271
       271
       +
                 };

     

       272
       272
       +
               };

     

       273
       273
       +
             };

     

       274
       274
       +
           };

     

       275
       275
       +
         };

     

       276
       276
       +
       

     

       277
       277
       +
         config = lib.mkIf cfg.enable {

     

       278
       278
       +
           systemd.services.homebridge = {

     

       279
       279
       +
             description = "Homebridge";

     

       280
       280
       +
             wants = [ "network-online.target" ];

     

       281
       281
       +
             after = [

     

       282
       282
       +
               "syslog.target"

     

       283
       283
       +
               "network-online.target"

     

       284
       284
       +
             ];

     

       285
       285
       +
             wantedBy = [ "multi-user.target" ];

     

       286
       286
       +
       

     

       287
       287
       +
             # On start, if the config file is missing, create a default one

     

       288
       288
       +
             # Otherwise, ensure that the config file is using the

     

       289
       289
       +
             # properties as specified by nix.

     

       290
       290
       +
             # Not sure if there is a better way to do this than to use jq

     

       291
       291
       +
             # to replace sections of json.

     

       292
       292
       +
             preStart = ''

     

       293
       293
       +
               # If the user storage path does not exist, create it

     

       294
       294
       +
               if [ ! -d "${cfg.userStoragePath}" ]; then

     

       295
       295
       +
                 install -d -m 700 -o ${cfg.user} -g ${cfg.group} "${cfg.userStoragePath}"

     

       296
       296
       +
               fi

     

       297
       297
       +
               # If there is no config file, create a placeholder default

     

       298
       298
       +
               if [ ! -e "${cfg.userStoragePath}/config.json" ]; then

     

       299
       299
       +
                 install -D -m 600 -o ${cfg.user} -g ${cfg.group} "${defaultConfigFile}" "${cfg.userStoragePath}/config.json"

     

       300
       300
       +
               fi

     

       301
       301
       +
       

     

       302
       302
       +
               # Apply all nix override settings to config.json in a single jq operation

     

       303
       303
       +
               ${pkgs.jq}/bin/jq -s -f "${jqMergeFilterFile}" "${cfg.userStoragePath}/config.json" "${nixOverrideConfigFile}" | ${pkgs.jq}/bin/jq . > "${cfg.userStoragePath}/config.json.tmp"

     

       304
       304
       +
               install -D -m 600 -o ${cfg.user} -g ${cfg.group} "${cfg.userStoragePath}/config.json.tmp" "${cfg.userStoragePath}/config.json"

     

       305
       305
       +
       

     

       306
       306
       +
               # Remove temporary files

     

       307
       307
       +
               rm "${cfg.userStoragePath}/config.json.tmp"

     

       308
       308
       +
       

     

       309
       309
       +
               # Make sure plugin directory exists

     

       310
       310
       +
               install -d -m 755 -o ${cfg.user} -g ${cfg.group} "${cfg.pluginPath}"

     

       311
       311
       +
       

     

       312
       312
       +
               # In order for hb-service to detect the homebridge installation, we need to create a folder structure

     

       313
       313
       +
               # where homebridge and homebrdige-config-ui-x node modules are side by side, and then point

     

       314
       314
       +
               # UIX_BASE_PATH_OVERRIDE at the homebridge-config-ui-x node module in the service environment.

     

       315
       315
       +
               # So, first create a directory to symlink these packages to

     

       316
       316
       +
               install -d -m 755 -o ${cfg.user} -g ${cfg.group} "${cfg.userStoragePath}/homebridge-packages"

     

       317
       317
       +
       

     

       318
       318
       +
               # Then, symlink in the homebridge and homebridge-config-ui-x packages

     

       319
       319
       +
               rm -rf "${cfg.userStoragePath}/homebridge-packages/homebridge"

     

       320
       320
       +
               ln -s "${pkgs.homebridge}/lib/node_modules/homebridge" "${cfg.userStoragePath}/homebridge-packages/homebridge"

     

       321
       321
       +
               rm -rf "${cfg.userStoragePath}/homebridge-packages/homebridge-config-ui-x"

     

       322
       322
       +
               ln -s "${pkgs.homebridge-config-ui-x}/lib/node_modules/homebridge-config-ui-x" "${cfg.userStoragePath}/homebridge-packages/homebridge-config-ui-x"

     

       323
       323
       +
             '';

     

       324
       324
       +
       

     

       325
       325
       +
             # hb-service environment variables based on source code analysis

     

       326
       326
       +
             environment = {

     

       327
       327
       +
               HOMEBRIDGE_CONFIG_UI_TERMINAL = "1";

     

       328
       328
       +
               DISABLE_OPENCOLLECTIVE = "true";

     

       329
       329
       +
               # Required or homebridge will search the global npm namespace

     

       330
       330
       +
               UIX_STRICT_PLUGIN_RESOLUTION = "1";

     

       331
       331
       +
               # Workaround to ensure homebridge does not run in sudo mode

     

       332
       332
       +
               HOMEBRIDGE_APT_PACKAGE = "1";

     

       333
       333
       +
               # Required to get the service to detect the homebridge install correctly

     

       334
       334
       +
               UIX_BASE_PATH_OVERRIDE = "${cfg.userStoragePath}/homebridge-packages/homebridge-config-ui-x";

     

       335
       335
       +
             };

     

       336
       336
       +
       

     

       337
       337
       +
             path = with pkgs; [

     

       338
       338
       +
               # Tools listed in homebridge's installation documentations:

     

       339
       339
       +
               # https://github.com/homebridge/homebridge/wiki/Install-Homebridge-on-Arch-Linux

     

       340
       340
       +
               nodejs

     

       341
       341
       +
               nettools

     

       342
       342
       +
               gcc

     

       343
       343
       +
               gnumake

     

       344
       344
       +
               # Required for access to systemctl and journalctl

     

       345
       345
       +
               systemd

     

       346
       346
       +
               # Required for access to sudo

     

       347
       347
       +
               "/run/wrappers"

     

       348
       348
       +
               # Some plugins need bash to download tools

     

       349
       349
       +
               bash

     

       350
       350
       +
             ];

     

       351
       351
       +
       

     

       352
       352
       +
             # Settings from https://github.com/homebridge/homebridge-config-ui-x/blob/latest/src/bin/platforms/linux.ts

     

       353
       353
       +
             serviceConfig = {

     

       354
       354
       +
               Type = "simple";

     

       355
       355
       +
               User = cfg.user;

     

       356
       356
       +
               PermissionsStartOnly = true;

     

       357
       357
       +
               StateDirectory = "homebridge";

     

       358
       358
       +
               EnvironmentFile = lib.mkIf (cfg.environmentFile != null) [ cfg.environmentFile ];

     

       359
       359
       +
               ExecStart = "${pkgs.homebridge-config-ui-x}/bin/hb-service run -U ${cfg.userStoragePath} -P ${cfg.pluginPath}";

     

       360
       360
       +
               Restart = "always";

     

       361
       361
       +
               RestartSec = 3;

     

       362
       362
       +
               KillMode = "process";

     

       363
       363
       +
               CapabilityBoundingSet = [

     

       364
       364
       +
                 "CAP_IPC_LOCK"

     

       365
       365
       +
                 "CAP_NET_ADMIN"

     

       366
       366
       +
                 "CAP_NET_BIND_SERVICE"

     

       367
       367
       +
                 "CAP_NET_RAW"

     

       368
       368
       +
                 "CAP_SETGID"

     

       369
       369
       +
                 "CAP_SETUID"

     

       370
       370
       +
                 "CAP_SYS_CHROOT"

     

       371
       371
       +
                 "CAP_CHOWN"

     

       372
       372
       +
                 "CAP_FOWNER"

     

       373
       373
       +
                 "CAP_DAC_OVERRIDE"

     

       374
       374
       +
                 "CAP_AUDIT_WRITE"

     

       375
       375
       +
                 "CAP_SYS_ADMIN"

     

       376
       376
       +
               ];

     

       377
       377
       +
               AmbientCapabilities = [

     

       378
       378
       +
                 "CAP_NET_RAW"

     

       379
       379
       +
                 "CAP_NET_BIND_SERVICE"

     

       380
       380
       +
               ];

     

       381
       381
       +
             };

     

       382
       382
       +
           };

     

       383
       383
       +
       

     

       384
       384
       +
           # Create a user whose home folder is the user storage path

     

       385
       385
       +
           users.users = lib.mkIf (cfg.user == "homebridge") {

     

       386
       386
       +
             homebridge = {

     

       387
       387
       +
               inherit (cfg) group;

     

       388
       388
       +
               # Necessary so that this user can run journalctl

     

       389
       389
       +
               extraGroups = [ "systemd-journal" ];

     

       390
       390
       +
               description = "homebridge user";

     

       391
       391
       +
               isSystemUser = true;

     

       392
       392
       +
               home = cfg.userStoragePath;

     

       393
       393
       +
             };

     

       394
       394
       +
           };

     

       395
       395
       +
       

     

       396
       396
       +
           users.groups = lib.mkIf (cfg.group == "homebridge") {

     

       397
       397
       +
             homebridge = { };

     

       398
       398
       +
           };

     

       399
       399
       +
       

     

       400
       400
       +
           # Need passwordless sudo for a few commands

     

       401
       401
       +
           # homebridge-config-ui-x needs for some features

     

       402
       402
       +
           security.sudo.extraRules = [

     

       403
       403
       +
             {

     

       404
       404
       +
               users = [ cfg.user ];

     

       405
       405
       +
               commands = [

     

       406
       406
       +
                 {

     

       407
       407
       +
                   # Ability to restart homebridge service

     

       408
       408
       +
                   command = "${pkgs.systemd}/bin/systemctl restart homebridge";

     

       409
       409
       +
                   options = [ "NOPASSWD" ];

     

       410
       410
       +
                 }

     

       411
       411
       +
                 {

     

       412
       412
       +
                   # Ability to shutdown server

     

       413
       413
       +
                   command = "${pkgs.systemd}/bin/shutdown -h now";

     

       414
       414
       +
                   options = [ "NOPASSWD" ];

     

       415
       415
       +
                 }

     

       416
       416
       +
                 {

     

       417
       417
       +
                   # Ability to restart server

     

       418
       418
       +
                   command = "${pkgs.systemd}/bin/shutdown -r now";

     

       419
       419
       +
                   options = [ "NOPASSWD" ];

     

       420
       420
       +
                 }

     

       421
       421
       +
               ];

     

       422
       422
       +
             }

     

       423
       423
       +
           ];

     

       424
       424
       +
       

     

       425
       425
       +
           networking.firewall = {

     

       426
       426
       +
             allowedTCPPorts = lib.mkIf cfg.openFirewall [

     

       427
       427
       +
               cfg.settings.bridge.port

     

       428
       428
       +
               cfg.uiSettings.port

     

       429
       429
       +
             ];

     

       430
       430
       +
             allowedUDPPorts = lib.mkIf cfg.openFirewall [ 5353 ];

     

       431
       431
       +
           };

     

       432
       432
       +
         };

     

       433
       433
       +
       }

+1 -1

nixos/modules/services/networking/kresd.nix

···

       161
       161
        
             group = "knot-resolver";

     

       162
       162
        
             description = "Knot-resolver daemon user";

     

       163
       163
        
           };

     

       164
       164
       -
           users.groups.knot-resolver.gid = null;

     

       164
       164
       +
           users.groups.knot-resolver = { };

     

       165
       165
        
       

     

       166
       166
        
           systemd.packages = [ cfg.package ]; # the units are patched inside the package a bit

     

       167
       167

+238

nixos/modules/services/torrent/qbittorrent.nix

···

       1
       1
       +
       {

     

       2
       2
       +
         config,

     

       3
       3
       +
         pkgs,

     

       4
       4
       +
         lib,

     

       5
       5
       +
         utils,

     

       6
       6
       +
         ...

     

       7
       7
       +
       }:

     

       8
       8
       +
       let

     

       9
       9
       +
         cfg = config.services.qbittorrent;

     

       10
       10
       +
         inherit (builtins) concatStringsSep isAttrs isString;

     

       11
       11
       +
         inherit (lib)

     

       12
       12
       +
           literalExpression

     

       13
       13
       +
           getExe

     

       14
       14
       +
           mkEnableOption

     

       15
       15
       +
           mkOption

     

       16
       16
       +
           mkPackageOption

     

       17
       17
       +
           mkIf

     

       18
       18
       +
           maintainers

     

       19
       19
       +
           escape

     

       20
       20
       +
           collect

     

       21
       21
       +
           mapAttrsRecursive

     

       22
       22
       +
           optionals

     

       23
       23
       +
           ;

     

       24
       24
       +
         inherit (lib.types)

     

       25
       25
       +
           str

     

       26
       26
       +
           port

     

       27
       27
       +
           path

     

       28
       28
       +
           nullOr

     

       29
       29
       +
           listOf

     

       30
       30
       +
           attrsOf

     

       31
       31
       +
           anything

     

       32
       32
       +
           submodule

     

       33
       33
       +
           ;

     

       34
       34
       +
         inherit (lib.generators) toINI mkKeyValueDefault mkValueStringDefault;

     

       35
       35
       +
         gendeepINI = toINI {

     

       36
       36
       +
           mkKeyValue =

     

       37
       37
       +
             let

     

       38
       38
       +
               sep = "=";

     

       39
       39
       +
             in

     

       40
       40
       +
             k: v:

     

       41
       41
       +
             if isAttrs v then

     

       42
       42
       +
               concatStringsSep "\n" (

     

       43
       43
       +
                 collect isString (

     

       44
       44
       +
                   mapAttrsRecursive (

     

       45
       45
       +
                     path: value:

     

       46
       46
       +
                     "${escape [ sep ] (concatStringsSep "\\" ([ k ] ++ path))}${sep}${mkValueStringDefault { } value}"

     

       47
       47
       +
                   ) v

     

       48
       48
       +
                 )

     

       49
       49
       +
               )

     

       50
       50
       +
             else

     

       51
       51
       +
               mkKeyValueDefault { } sep k v;

     

       52
       52
       +
         };

     

       53
       53
       +
         configFile = pkgs.writeText "qBittorrent.conf" (gendeepINI cfg.serverConfig);

     

       54
       54
       +
       in

     

       55
       55
       +
       {

     

       56
       56
       +
         options.services.qbittorrent = {

     

       57
       57
       +
           enable = mkEnableOption "qbittorrent, BitTorrent client";

     

       58
       58
       +
       

     

       59
       59
       +
           package = mkPackageOption pkgs "qbittorrent-nox" { };

     

       60
       60
       +
       

     

       61
       61
       +
           user = mkOption {

     

       62
       62
       +
             type = str;

     

       63
       63
       +
             default = "qbittorrent";

     

       64
       64
       +
             description = "User account under which qbittorrent runs.";

     

       65
       65
       +
           };

     

       66
       66
       +
       

     

       67
       67
       +
           group = mkOption {

     

       68
       68
       +
             type = str;

     

       69
       69
       +
             default = "qbittorrent";

     

       70
       70
       +
             description = "Group under which qbittorrent runs.";

     

       71
       71
       +
           };

     

       72
       72
       +
       

     

       73
       73
       +
           profileDir = mkOption {

     

       74
       74
       +
             type = path;

     

       75
       75
       +
             default = "/var/lib/qBittorrent/";

     

       76
       76
       +
             description = "the path passed to qbittorrent via --profile.";

     

       77
       77
       +
           };

     

       78
       78
       +
       

     

       79
       79
       +
           openFirewall = mkEnableOption "opening both the webuiPort and torrentPort over TCP in the firewall";

     

       80
       80
       +
       

     

       81
       81
       +
           webuiPort = mkOption {

     

       82
       82
       +
             default = 8080;

     

       83
       83
       +
             type = nullOr port;

     

       84
       84
       +
             description = "the port passed to qbittorrent via `--webui-port`";

     

       85
       85
       +
           };

     

       86
       86
       +
       

     

       87
       87
       +
           torrentingPort = mkOption {

     

       88
       88
       +
             default = null;

     

       89
       89
       +
             type = nullOr port;

     

       90
       90
       +
             description = "the port passed to qbittorrent via `--torrenting-port`";

     

       91
       91
       +
           };

     

       92
       92
       +
       

     

       93
       93
       +
           serverConfig = mkOption {

     

       94
       94
       +
             default = { };

     

       95
       95
       +
             type = submodule {

     

       96
       96
       +
               freeformType = attrsOf (attrsOf anything);

     

       97
       97
       +
             };

     

       98
       98
       +
             description = ''

     

       99
       99
       +
               Free-form settings mapped to the `qBittorrent.conf` file in the profile.

     

       100
       100
       +
               Refer to [Explanation-of-Options-in-qBittorrent](https://github.com/qbittorrent/qBittorrent/wiki/Explanation-of-Options-in-qBittorrent).

     

       101
       101
       +
               The Password_PBKDF2 format is oddly unique, you will likely want to use [this tool](https://codeberg.org/feathecutie/qbittorrent_password) to generate the format.

     

       102
       102
       +
               Alternatively you can run qBittorrent independently first and use its webUI to generate the format.

     

       103
       103
       +
       

     

       104
       104
       +
               Optionally an alternative webUI can be easily set. VueTorrent for example:

     

       105
       105
       +
               ```nix

     

       106
       106
       +
               {

     

       107
       107
       +
                 Preferences = {

     

       108
       108
       +
                   WebUI = {

     

       109
       109
       +
                     AlternativeUIEnabled = true;

     

       110
       110
       +
                     RootFolder = "''${pkgs.vuetorrent}/share/vuetorrent";

     

       111
       111
       +
                   };

     

       112
       112
       +
                 };

     

       113
       113
       +
               }

     

       114
       114
       +
               ];

     

       115
       115
       +
               ```

     

       116
       116
       +
             '';

     

       117
       117
       +
             example = literalExpression ''

     

       118
       118
       +
               {

     

       119
       119
       +
                 LegalNotice.Accepted = true;

     

       120
       120
       +
                 Preferences = {

     

       121
       121
       +
                   WebUI = {

     

       122
       122
       +
                     Username = "user";

     

       123
       123
       +
                     Password_PBKDF2 = "generated ByteArray.";

     

       124
       124
       +
                   };

     

       125
       125
       +
                   General.Locale = "en";

     

       126
       126
       +
                 };

     

       127
       127
       +
               }

     

       128
       128
       +
             '';

     

       129
       129
       +
           };

     

       130
       130
       +
       

     

       131
       131
       +
           extraArgs = mkOption {

     

       132
       132
       +
             type = listOf str;

     

       133
       133
       +
             default = [ ];

     

       134
       134
       +
             description = ''

     

       135
       135
       +
               Extra arguments passed to qbittorrent. See `qbittorrent -h`, or the [source code](https://github.com/qbittorrent/qBittorrent/blob/master/src/app/cmdoptions.cpp), for the available arguments.

     

       136
       136
       +
             '';

     

       137
       137
       +
             example = [

     

       138
       138
       +
               "--confirm-legal-notice"

     

       139
       139
       +
             ];

     

       140
       140
       +
           };

     

       141
       141
       +
         };

     

       142
       142
       +
         config = mkIf cfg.enable {

     

       143
       143
       +
           systemd = {

     

       144
       144
       +
             tmpfiles.settings = {

     

       145
       145
       +
               qbittorrent = {

     

       146
       146
       +
                 "${cfg.profileDir}/qBittorrent/"."d" = {

     

       147
       147
       +
                   mode = "755";

     

       148
       148
       +
                   inherit (cfg) user group;

     

       149
       149
       +
                 };

     

       150
       150
       +
                 "${cfg.profileDir}/qBittorrent/config/"."d" = {

     

       151
       151
       +
                   mode = "755";

     

       152
       152
       +
                   inherit (cfg) user group;

     

       153
       153
       +
                 };

     

       154
       154
       +
                 "${cfg.profileDir}/qBittorrent/config/qBittorrent.conf"."L+" = mkIf (cfg.serverConfig != { }) {

     

       155
       155
       +
                   mode = "1400";

     

       156
       156
       +
                   inherit (cfg) user group;

     

       157
       157
       +
                   argument = "${configFile}";

     

       158
       158
       +
                 };

     

       159
       159
       +
               };

     

       160
       160
       +
             };

     

       161
       161
       +
             services.qbittorrent = {

     

       162
       162
       +
               description = "qbittorrent BitTorrent client";

     

       163
       163
       +
               wants = [ "network-online.target" ];

     

       164
       164
       +
               after = [

     

       165
       165
       +
                 "local-fs.target"

     

       166
       166
       +
                 "network-online.target"

     

       167
       167
       +
                 "nss-lookup.target"

     

       168
       168
       +
               ];

     

       169
       169
       +
               wantedBy = [ "multi-user.target" ];

     

       170
       170
       +
               restartTriggers = optionals (cfg.serverConfig != { }) [ configFile ];

     

       171
       171
       +
       

     

       172
       172
       +
               serviceConfig = {

     

       173
       173
       +
                 Type = "simple";

     

       174
       174
       +
                 User = cfg.user;

     

       175
       175
       +
                 Group = cfg.group;

     

       176
       176
       +
                 ExecStart = utils.escapeSystemdExecArgs (

     

       177
       177
       +
                   [

     

       178
       178
       +
                     (getExe cfg.package)

     

       179
       179
       +
                     "--profile=${cfg.profileDir}"

     

       180
       180
       +
                   ]

     

       181
       181
       +
                   ++ optionals (cfg.webuiPort != null) [ "--webui-port=${toString cfg.webuiPort}" ]

     

       182
       182
       +
                   ++ optionals (cfg.torrentingPort != null) [ "--torrenting-port=${toString cfg.torrentingPort}" ]

     

       183
       183
       +
                   ++ cfg.extraArgs

     

       184
       184
       +
                 );

     

       185
       185
       +
                 TimeoutStopSec = 1800;

     

       186
       186
       +
       

     

       187
       187
       +
                 # https://github.com/qbittorrent/qBittorrent/pull/6806#discussion_r121478661

     

       188
       188
       +
                 PrivateTmp = false;

     

       189
       189
       +
       

     

       190
       190
       +
                 PrivateNetwork = false;

     

       191
       191
       +
                 RemoveIPC = true;

     

       192
       192
       +
                 NoNewPrivileges = true;

     

       193
       193
       +
                 PrivateDevices = true;

     

       194
       194
       +
                 PrivateUsers = true;

     

       195
       195
       +
                 ProtectHome = "yes";

     

       196
       196
       +
                 ProtectProc = "invisible";

     

       197
       197
       +
                 ProcSubset = "pid";

     

       198
       198
       +
                 ProtectSystem = "full";

     

       199
       199
       +
                 ProtectClock = true;

     

       200
       200
       +
                 ProtectHostname = true;

     

       201
       201
       +
                 ProtectKernelLogs = true;

     

       202
       202
       +
                 ProtectKernelModules = true;

     

       203
       203
       +
                 ProtectKernelTunables = true;

     

       204
       204
       +
                 ProtectControlGroups = true;

     

       205
       205
       +
                 RestrictAddressFamilies = [

     

       206
       206
       +
                   "AF_INET"

     

       207
       207
       +
                   "AF_INET6"

     

       208
       208
       +
                   "AF_NETLINK"

     

       209
       209
       +
                 ];

     

       210
       210
       +
                 RestrictNamespaces = true;

     

       211
       211
       +
                 RestrictRealtime = true;

     

       212
       212
       +
                 RestrictSUIDSGID = true;

     

       213
       213
       +
                 LockPersonality = true;

     

       214
       214
       +
                 MemoryDenyWriteExecute = true;

     

       215
       215
       +
                 SystemCallArchitectures = "native";

     

       216
       216
       +
                 CapabilityBoundingSet = "";

     

       217
       217
       +
                 SystemCallFilter = [ "@system-service" ];

     

       218
       218
       +
               };

     

       219
       219
       +
             };

     

       220
       220
       +
           };

     

       221
       221
       +
       

     

       222
       222
       +
           users = {

     

       223
       223
       +
             users = mkIf (cfg.user == "qbittorrent") {

     

       224
       224
       +
               qbittorrent = {

     

       225
       225
       +
                 inherit (cfg) group;

     

       226
       226
       +
                 isSystemUser = true;

     

       227
       227
       +
               };

     

       228
       228
       +
             };

     

       229
       229
       +
             groups = mkIf (cfg.group == "qbittorrent") { qbittorrent = { }; };

     

       230
       230
       +
           };

     

       231
       231
       +
       

     

       232
       232
       +
           networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall (

     

       233
       233
       +
             optionals (cfg.webuiPort != null) [ cfg.webuiPort ]

     

       234
       234
       +
             ++ optionals (cfg.torrentingPort != null) [ cfg.torrentingPort ]

     

       235
       235
       +
           );

     

       236
       236
       +
         };

     

       237
       237
       +
         meta.maintainers = with maintainers; [ fsnkty ];

     

       238
       238
       +
       }

nixos/tests/all-tests.nix

···

       700
       700
        
         hledger-web = runTest ./hledger-web.nix;

     

       701
       701
        
         hockeypuck = runTest ./hockeypuck.nix;

     

       702
       702
        
         home-assistant = runTest ./home-assistant.nix;

     

       703
       703
       +
         homebridge = runTest ./homebridge.nix;

     

       703
       704
        
         hostname = handleTest ./hostname.nix { };

     

       704
       705
        
         hound = runTest ./hound.nix;

     

       705
       706
        
         hub = runTest ./git/hub.nix;

     
···

       1221
       1222
        
         public-inbox = runTest ./public-inbox.nix;

     

       1222
       1223
        
         pufferpanel = runTest ./pufferpanel.nix;

     

       1223
       1224
        
         pulseaudio = discoverTests (import ./pulseaudio.nix);

     

       1225
       1225
       +
         qbittorrent = runTest ./qbittorrent.nix;

     

       1224
       1226
        
         qboot = handleTestOn [ "x86_64-linux" "i686-linux" ] ./qboot.nix { };

     

       1225
       1227
        
         qemu-vm-restrictnetwork = handleTest ./qemu-vm-restrictnetwork.nix { };

     

       1226
       1228
        
         qemu-vm-volatile-root = runTest ./qemu-vm-volatile-root.nix;

+88

nixos/tests/homebridge.nix

···

       1
       1
       +
       {

     

       2
       2
       +
         lib,

     

       3
       3
       +
         ...

     

       4
       4
       +
       }:

     

       5
       5
       +
       

     

       6
       6
       +
       let

     

       7
       7
       +
         userStoragePath = "/var/lib/foobar";

     

       8
       8
       +
         pluginPath = "${userStoragePath}/node_modules";

     

       9
       9
       +
       in

     

       10
       10
       +
       {

     

       11
       11
       +
         name = "homebridge";

     

       12
       12
       +
         meta.maintainers = with lib.maintainers; [ fmoda3 ];

     

       13
       13
       +
       

     

       14
       14
       +
         nodes.homebridge =

     

       15
       15
       +
           { pkgs, ... }:

     

       16
       16
       +
           {

     

       17
       17
       +
             services.homebridge = {

     

       18
       18
       +
               enable = true;

     

       19
       19
       +
               inherit userStoragePath pluginPath;

     

       20
       20
       +
       

     

       21
       21
       +
               settings = {

     

       22
       22
       +
                 bridge = {

     

       23
       23
       +
                   name = "Homebridge";

     

       24
       24
       +
                   port = 51826;

     

       25
       25
       +
                 };

     

       26
       26
       +
               };

     

       27
       27
       +
       

     

       28
       28
       +
               uiSettings = {

     

       29
       29
       +
                 port = 8581;

     

       30
       30
       +
               };

     

       31
       31
       +
             };

     

       32
       32
       +
       

     

       33
       33
       +
             # Cause a configuration change inside `config.json` and verify that the process is being reloaded.

     

       34
       34
       +
             specialisation.differentName = {

     

       35
       35
       +
               inheritParentConfig = true;

     

       36
       36
       +
               configuration.services.homebridge.settings.bridge.name = lib.mkForce "Test Home";

     

       37
       37
       +
             };

     

       38
       38
       +
           };

     

       39
       39
       +
       

     

       40
       40
       +
         testScript =

     

       41
       41
       +
           { nodes, ... }:

     

       42
       42
       +
           let

     

       43
       43
       +
             system = nodes.homebridge.system.build.toplevel;

     

       44
       44
       +
           in

     

       45
       45
       +
           ''

     

       46
       46
       +
             import json

     

       47
       47
       +
       

     

       48
       48
       +
             start_all()

     

       49
       49
       +
       

     

       50
       50
       +
       

     

       51
       51
       +
             def get_homebridge_journal_cursor() -> str:

     

       52
       52
       +
                 exit, out = homebridge.execute("journalctl -u homebridge.service -n1 -o json-pretty --output-fields=__CURSOR")

     

       53
       53
       +
                 assert exit == 0

     

       54
       54
       +
                 return json.loads(out)["__CURSOR"]

     

       55
       55
       +
       

     

       56
       56
       +
       

     

       57
       57
       +
             def wait_for_homebridge(cursor):

     

       58
       58
       +
                 homebridge.wait_until_succeeds(f"journalctl --after-cursor='{cursor}' -u homebridge.service | grep -q 'Logging to'")

     

       59
       59
       +
       

     

       60
       60
       +
       

     

       61
       61
       +
             homebridge.wait_for_unit("homebridge.service")

     

       62
       62
       +
             homebridge_cursor = get_homebridge_journal_cursor()

     

       63
       63
       +
       

     

       64
       64
       +
             with subtest("Check that JSON configuration file is in place"):

     

       65
       65
       +
                 homebridge.succeed("test -f ${userStoragePath}/config.json")

     

       66
       66
       +
       

     

       67
       67
       +
             with subtest("Check that Homebridge's web interface and API can be reached"):

     

       68
       68
       +
                 wait_for_homebridge(homebridge_cursor)

     

       69
       69
       +
                 homebridge.wait_for_open_port(51826)

     

       70
       70
       +
                 homebridge.wait_for_open_port(8581)

     

       71
       71
       +
                 homebridge.succeed("curl --fail http://localhost:8581/")

     

       72
       72
       +
       

     

       73
       73
       +
             with subtest("Check service restart from SIGHUP"):

     

       74
       74
       +
                 homebridge_pid = homebridge.succeed("systemctl show --property=MainPID homebridge.service")

     

       75
       75
       +
                 homebridge_cursor = get_homebridge_journal_cursor()

     

       76
       76
       +
                 homebridge.succeed("${system}/specialisation/differentName/bin/switch-to-configuration test")

     

       77
       77
       +
                 wait_for_homebridge(homebridge_cursor)

     

       78
       78
       +
                 new_homebridge_pid = homebridge.succeed("systemctl show --property=MainPID homebridge.service")

     

       79
       79
       +
                 assert homebridge_pid != new_homebridge_pid, "The PID of the homebridge process must change after sending SIGHUP"

     

       80
       80
       +
       

     

       81
       81
       +
             with subtest("Check that no errors were logged"):

     

       82
       82
       +
                 homebridge.fail("journalctl -u homebridge -o cat | grep -q ERROR")

     

       83
       83
       +
       

     

       84
       84
       +
             with subtest("Check systemd unit hardening"):

     

       85
       85
       +
                 homebridge.log(homebridge.succeed("systemctl cat homebridge.service"))

     

       86
       86
       +
                 homebridge.log(homebridge.succeed("systemd-analyze security homebridge.service"))

     

       87
       87
       +
           '';

     

       88
       88
       +
       }

+190

nixos/tests/qbittorrent.nix

···

       1
       1
       +
       { pkgs, lib, ... }:

     

       2
       2
       +
       {

     

       3
       3
       +
         name = "qbittorrent";

     

       4
       4
       +
       

     

       5
       5
       +
         meta = with pkgs.lib.maintainers; {

     

       6
       6
       +
           maintainers = [ fsnkty ];

     

       7
       7
       +
         };

     

       8
       8
       +
       

     

       9
       9
       +
         nodes = {

     

       10
       10
       +
           simple = {

     

       11
       11
       +
             services.qbittorrent.enable = true;

     

       12
       12
       +
       

     

       13
       13
       +
             specialisation.portChange.configuration = {

     

       14
       14
       +
               services.qbittorrent = {

     

       15
       15
       +
                 enable = true;

     

       16
       16
       +
                 webuiPort = 5555;

     

       17
       17
       +
                 torrentingPort = 44444;

     

       18
       18
       +
               };

     

       19
       19
       +
             };

     

       20
       20
       +
       

     

       21
       21
       +
             specialisation.openPorts.configuration = {

     

       22
       22
       +
               services.qbittorrent = {

     

       23
       23
       +
                 enable = true;

     

       24
       24
       +
                 openFirewall = true;

     

       25
       25
       +
                 webuiPort = 8080;

     

       26
       26
       +
                 torrentingPort = 55555;

     

       27
       27
       +
               };

     

       28
       28
       +
             };

     

       29
       29
       +
       

     

       30
       30
       +
             specialisation.serverConfig.configuration = {

     

       31
       31
       +
               services.qbittorrent = {

     

       32
       32
       +
                 enable = true;

     

       33
       33
       +
                 webuiPort = null;

     

       34
       34
       +
                 serverConfig.Preferences.WebUI.Port = "8181";

     

       35
       35
       +
               };

     

       36
       36
       +
             };

     

       37
       37
       +
           };

     

       38
       38
       +
           # Seperate vm because it's not possible to reboot into a specialisation with

     

       39
       39
       +
           # switch-to-configuration: https://github.com/NixOS/nixpkgs/issues/82851

     

       40
       40
       +
           # For one of the test we check if manual changes are overridden during

     

       41
       41
       +
           # reboot, therefore it's necessary to reboot into a declarative setup.

     

       42
       42
       +
           declarative = {

     

       43
       43
       +
             services.qbittorrent = {

     

       44
       44
       +
               enable = true;

     

       45
       45
       +
               webuiPort = null;

     

       46
       46
       +
               serverConfig = {

     

       47
       47
       +
                 Preferences = {

     

       48
       48
       +
                   WebUI = {

     

       49
       49
       +
                     Username = "user";

     

       50
       50
       +
                     # Default password: adminadmin

     

       51
       51
       +
                     Password_PBKDF2 = "@ByteArray(6DIf26VOpTCYbgNiO6DAFQ==:e6241eaAWGzRotQZvVA5/up9fj5wwSAThLgXI2lVMsYTu1StUgX9MgmElU3Sa/M8fs+zqwZv9URiUOObjqJGNw==)";

     

       52
       52
       +
                     Port = lib.mkDefault "8181";

     

       53
       53
       +
                   };

     

       54
       54
       +
                 };

     

       55
       55
       +
               };

     

       56
       56
       +
             };

     

       57
       57
       +
       

     

       58
       58
       +
             specialisation.serverConfigChange.configuration = {

     

       59
       59
       +
               services.qbittorrent = {

     

       60
       60
       +
                 enable = true;

     

       61
       61
       +
                 webuiPort = null;

     

       62
       62
       +
                 serverConfig.Preferences.WebUI.Port = "7171";

     

       63
       63
       +
               };

     

       64
       64
       +
             };

     

       65
       65
       +
           };

     

       66
       66
       +
         };

     

       67
       67
       +
       

     

       68
       68
       +
         testScript =

     

       69
       69
       +
           { nodes, ... }:

     

       70
       70
       +
           let

     

       71
       71
       +
             simpleSpecPath = "${nodes.simple.system.build.toplevel}/specialisation";

     

       72
       72
       +
             declarativeSpecPath = "${nodes.declarative.system.build.toplevel}/specialisation";

     

       73
       73
       +
             portChange = "${simpleSpecPath}/portChange";

     

       74
       74
       +
             openPorts = "${simpleSpecPath}/openPorts";

     

       75
       75
       +
             serverConfig = "${simpleSpecPath}/serverConfig";

     

       76
       76
       +
             serverConfigChange = "${declarativeSpecPath}/serverConfigChange";

     

       77
       77
       +
           in

     

       78
       78
       +
           ''

     

       79
       79
       +
             simple.start(allow_reboot=True)

     

       80
       80
       +
             declarative.start(allow_reboot=True)

     

       81
       81
       +
       

     

       82
       82
       +
       

     

       83
       83
       +
             def test_webui(machine, port):

     

       84
       84
       +
                 machine.wait_for_unit("qbittorrent.service")

     

       85
       85
       +
                 machine.wait_for_open_port(port)

     

       86
       86
       +
                 machine.wait_until_succeeds(f"curl --fail http://localhost:{port}")

     

       87
       87
       +
       

     

       88
       88
       +
       

     

       89
       89
       +
             # To simulate an interactive change in the settings

     

       90
       90
       +
             def setPreferences_api(machine, port, post_creds, post_data):

     

       91
       91
       +
                 qb_url = f"http://localhost:{port}"

     

       92
       92
       +
                 api_url = f"{qb_url}/api/v2"

     

       93
       93
       +
                 cookie_path = "/tmp/qbittorrent.cookie"

     

       94
       94
       +
       

     

       95
       95
       +
                 machine.succeed(

     

       96
       96
       +
                     f'curl --header "Referer: {qb_url}" \

     

       97
       97
       +
                     --data "{post_creds}" {api_url}/auth/login \

     

       98
       98
       +
                     -c {cookie_path}'

     

       99
       99
       +
                 )

     

       100
       100
       +
                 machine.succeed(

     

       101
       101
       +
                     f'curl --header "Referer: {qb_url}" \

     

       102
       102
       +
                     --data "{post_data}" {api_url}/app/setPreferences \

     

       103
       103
       +
                     -b {cookie_path}'

     

       104
       104
       +
                 )

     

       105
       105
       +
       

     

       106
       106
       +
       

     

       107
       107
       +
             # A randomly generated password is printed in the service log when no

     

       108
       108
       +
             # password it set

     

       109
       109
       +
             def get_temp_pass(machine):

     

       110
       110
       +
                 _, password = machine.execute(

     

       111
       111
       +
                     "journalctl -u qbittorrent.service |\

     

       112
       112
       +
                     grep 'The WebUI administrator password was not set.' |\

     

       113
       113
       +
                     awk '{ print $NF }' | tr -d '\n'"

     

       114
       114
       +
                 )

     

       115
       115
       +
                 return password

     

       116
       116
       +
       

     

       117
       117
       +
       

     

       118
       118
       +
             # Non declarative tests

     

       119
       119
       +
       

     

       120
       120
       +
             with subtest("webui works with all default settings"):

     

       121
       121
       +
                 test_webui(simple, 8080)

     

       122
       122
       +
       

     

       123
       123
       +
             with subtest("check if manual changes in settings are saved correctly"):

     

       124
       124
       +
                 temp_pass = get_temp_pass(simple)

     

       125
       125
       +
       

     

       126
       126
       +
                 ## Change some settings

     

       127
       127
       +
                 api_post = [r"json={\"listen_port\": 33333}", r"json={\"web_ui_port\": 9090}"]

     

       128
       128
       +
                 for x in api_post:

     

       129
       129
       +
                     setPreferences_api(

     

       130
       130
       +
                         machine=simple,

     

       131
       131
       +
                         port=8080,

     

       132
       132
       +
                         post_creds=f"username=admin&password={temp_pass}",

     

       133
       133
       +
                         post_data=x,

     

       134
       134
       +
                     )

     

       135
       135
       +
       

     

       136
       136
       +
                 simple.wait_for_open_port(33333)

     

       137
       137
       +
                 test_webui(simple, 9090)

     

       138
       138
       +
       

     

       139
       139
       +
                 ## Test which settings are reset

     

       140
       140
       +
                 ## As webuiPort is passed as an cli it should reset after reboot

     

       141
       141
       +
                 ## As torrentingPort is not passed as an cli it should not reset after

     

       142
       142
       +
                 ## reboot

     

       143
       143
       +
                 simple.reboot()

     

       144
       144
       +
                 test_webui(simple, 8080)

     

       145
       145
       +
                 simple.wait_for_open_port(33333)

     

       146
       146
       +
       

     

       147
       147
       +
             with subtest("ports are changed on config change"):

     

       148
       148
       +
                 simple.succeed("${portChange}/bin/switch-to-configuration test")

     

       149
       149
       +
                 test_webui(simple, 5555)

     

       150
       150
       +
                 simple.wait_for_open_port(44444)

     

       151
       151
       +
       

     

       152
       152
       +
             with subtest("firewall is opened correctly"):

     

       153
       153
       +
                 simple.succeed("${openPorts}/bin/switch-to-configuration test")

     

       154
       154
       +
                 test_webui(simple, 8080)

     

       155
       155
       +
                 declarative.wait_until_succeeds("curl --fail http://simple:8080")

     

       156
       156
       +
                 declarative.wait_for_open_port(55555, "simple")

     

       157
       157
       +
       

     

       158
       158
       +
             with subtest("switching from simple to declarative works"):

     

       159
       159
       +
                 simple.succeed("${serverConfig}/bin/switch-to-configuration test")

     

       160
       160
       +
                 test_webui(simple, 8181)

     

       161
       161
       +
       

     

       162
       162
       +
       

     

       163
       163
       +
             # Declarative tests

     

       164
       164
       +
       

     

       165
       165
       +
             with subtest("serverConfig is applied correctly"):

     

       166
       166
       +
                 test_webui(declarative, 8181)

     

       167
       167
       +
       

     

       168
       168
       +
             with subtest("manual changes are overridden during reboot"):

     

       169
       169
       +
                 ## Change some settings

     

       170
       170
       +
                 setPreferences_api(

     

       171
       171
       +
                     machine=declarative,

     

       172
       172
       +
                     port=8181, # as set through serverConfig

     

       173
       173
       +
                     post_creds="username=user&password=adminadmin",

     

       174
       174
       +
                     post_data=r"json={\"web_ui_port\": 9191}",

     

       175
       175
       +
                 )

     

       176
       176
       +
       

     

       177
       177
       +
                 test_webui(declarative, 9191)

     

       178
       178
       +
       

     

       179
       179
       +
                 ## Test which settings are reset

     

       180
       180
       +
                 ## The generated qBittorrent.conf is, apparently, reapplied after reboot.

     

       181
       181
       +
                 ## Because the port is set in `serverConfig` this overrides the manually

     

       182
       182
       +
                 ## set port.

     

       183
       183
       +
                 declarative.reboot()

     

       184
       184
       +
                 test_webui(declarative, 8181)

     

       185
       185
       +
       

     

       186
       186
       +
             with subtest("changes in serverConfig are applied correctly"):

     

       187
       187
       +
                 declarative.succeed("${serverConfigChange}/bin/switch-to-configuration test")

     

       188
       188
       +
                 test_webui(declarative, 7171)

     

       189
       189
       +
           '';

     

       190
       190
       +
       }

+13

pkgs/applications/editors/vim/plugins/generated.nix

···

       5243
       5243
        
           meta.hydraPlatforms = [ ];

     

       5244
       5244
        
         };

     

       5245
       5245
        
       

     

       5246
       5246
       +
         fyler-nvim = buildVimPlugin {

     

       5247
       5247
       +
           pname = "fyler.nvim";

     

       5248
       5248
       +
           version = "2025-07-21";

     

       5249
       5249
       +
           src = fetchFromGitHub {

     

       5250
       5250
       +
             owner = "A7Lavinraj";

     

       5251
       5251
       +
             repo = "fyler.nvim";

     

       5252
       5252
       +
             rev = "6595c9ef272797aeb92aacdc392cf670c994e467";

     

       5253
       5253
       +
             sha256 = "14fbmhxw7xyg618g3pv7hq64ppcas997qvkbdnl2z0lqrk2nn3zy";

     

       5254
       5254
       +
           };

     

       5255
       5255
       +
           meta.homepage = "https://github.com/A7Lavinraj/fyler.nvim/";

     

       5256
       5256
       +
           meta.hydraPlatforms = [ ];

     

       5257
       5257
       +
         };

     

       5258
       5258
       +
       

     

       5246
       5259
        
         fzf-checkout-vim = buildVimPlugin {

     

       5247
       5260
        
           pname = "fzf-checkout.vim";

     

       5248
       5261
        
           version = "2023-10-05";

pkgs/applications/editors/vim/plugins/overrides.nix

···

       1245
       1245
        
           ];

     

       1246
       1246
        
         };

     

       1247
       1247
        
       

     

       1248
       1248
       +
         fyler-nvim = super.fyler-nvim.overrideAttrs {

     

       1249
       1249
       +
           nvimSkipModules = [

     

       1250
       1250
       +
             # Requires setup call

     

       1251
       1251
       +
             "fyler.views.explorer.init"

     

       1252
       1252
       +
             "fyler.views.explorer.actions"

     

       1253
       1253
       +
             "fyler.views.explorer.ui"

     

       1254
       1254
       +
           ];

     

       1255
       1255
       +
         };

     

       1256
       1256
       +
       

     

       1248
       1257
        
         fzf-checkout-vim = super.fzf-checkout-vim.overrideAttrs {

     

       1249
       1258
        
           # The plugin has a makefile which tries to run tests in a docker container.

     

       1250
       1259
        
           # This prevents it.

pkgs/applications/editors/vim/plugins/vim-plugin-names

···

       401
       401
        
       https://github.com/BeneCollyridam/futhark-vim/,,

     

       402
       402
        
       https://github.com/tzachar/fuzzy.nvim/,HEAD,

     

       403
       403
        
       https://github.com/rktjmp/fwatch.nvim/,,

     

       404
       404
       +
       https://github.com/A7Lavinraj/fyler.nvim/,stable,

     

       404
       405
        
       https://github.com/stsewd/fzf-checkout.vim/,,

     

       405
       406
        
       https://github.com/monkoose/fzf-hoogle.vim/,HEAD,

     

       406
       407
        
       https://github.com/gfanto/fzf-lsp.nvim/,,

-90

pkgs/applications/editors/vscode/extensions/default.nix

···

       1343
       1343
        
       

     

       1344
       1344
        
             detachhead.basedpyright = callPackage ./detachhead.basedpyright { };

     

       1345
       1345
        
       

     

       1346
       1346
       -
             devsense.composer-php-vscode = buildVscodeMarketplaceExtension {

     

       1347
       1347
       -
               mktplcRef = {

     

       1348
       1348
       -
                 name = "composer-php-vscode";

     

       1349
       1349
       -
                 publisher = "devsense";

     

       1350
       1350
       -
                 version = "1.59.17515";

     

       1351
       1351
       -
                 hash = "sha256-unqWaEtShJHqol0tV4ocb0nI81rWFQuv/W1i+2zMeZM=";

     

       1352
       1352
       -
               };

     

       1353
       1353
       -
               meta = {

     

       1354
       1354
       -
                 changelog = "https://marketplace.visualstudio.com/items/DEVSENSE.composer-php-vscode/changelog";

     

       1355
       1355
       -
                 description = "Visual studio code extension for full development integration for Composer, the PHP package manager";

     

       1356
       1356
       -
                 downloadPage = "https://marketplace.visualstudio.com/items?itemName=DEVSENSE.composer-php-vscode";

     

       1357
       1357
       -
                 homepage = "https://github.com/DEVSENSE/phptools-docs";

     

       1358
       1358
       -
                 license = lib.licenses.unfree;

     

       1359
       1359
       -
                 maintainers = [ ];

     

       1360
       1360
       -
               };

     

       1361
       1361
       -
             };

     

       1362
       1362
       -
       

     

       1363
       1363
       -
             devsense.phptools-vscode = buildVscodeMarketplaceExtension {

     

       1364
       1364
       -
               mktplcRef =

     

       1365
       1365
       -
                 let

     

       1366
       1366
       -
                   sources = {

     

       1367
       1367
       -
                     "x86_64-linux" = {

     

       1368
       1368
       -
                       arch = "linux-x64";

     

       1369
       1369
       -
                       hash = "sha256-8i5nRlzd+LnpEh9trWECxfiC1W4S0ekBab5vo18OlsA=";

     

       1370
       1370
       -
                     };

     

       1371
       1371
       -
                     "x86_64-darwin" = {

     

       1372
       1372
       -
                       arch = "darwin-x64";

     

       1373
       1373
       -
                       sha256 = "14crw56277rdwhigabb3nsndkfcs3yzzf7gw85jvryxviq32chgy";

     

       1374
       1374
       -
                     };

     

       1375
       1375
       -
                     "aarch64-linux" = {

     

       1376
       1376
       -
                       arch = "linux-arm64";

     

       1377
       1377
       -
                       sha256 = "1j1xlvbg3nrfmdd9zm6kywwicdwdkrq0si86lcndaii8m7sj5pfp";

     

       1378
       1378
       -
                     };

     

       1379
       1379
       -
                     "aarch64-darwin" = {

     

       1380
       1380
       -
                       arch = "darwin-arm64";

     

       1381
       1381
       -
                       sha256 = "0nlks6iqxkx1xlicsa8lrb1319rgznlxkv2gg7wkwgzph97ik8bi";

     

       1382
       1382
       -
                     };

     

       1383
       1383
       -
                   };

     

       1384
       1384
       -
                 in

     

       1385
       1385
       -
                 {

     

       1386
       1386
       -
                   name = "phptools-vscode";

     

       1387
       1387
       -
                   publisher = "devsense";

     

       1388
       1388
       -
                   version = "1.41.14332";

     

       1389
       1389
       -
                 }

     

       1390
       1390
       -
                 // sources.${stdenv.system} or (throw "Unsupported system: ${stdenv.system}");

     

       1391
       1391
       -
       

     

       1392
       1392
       -
               nativeBuildInputs = [ autoPatchelfHook ];

     

       1393
       1393
       -
       

     

       1394
       1394
       -
               buildInputs = [

     

       1395
       1395
       -
                 zlib

     

       1396
       1396
       -
                 (lib.getLib stdenv.cc.cc)

     

       1397
       1397
       -
               ];

     

       1398
       1398
       -
       

     

       1399
       1399
       -
               postInstall = ''

     

       1400
       1400
       -
                 chmod +x $out/share/vscode/extensions/devsense.phptools-vscode/out/server/devsense.php.ls

     

       1401
       1401
       -
               '';

     

       1402
       1402
       -
       

     

       1403
       1403
       -
               meta = {

     

       1404
       1404
       -
                 changelog = "https://marketplace.visualstudio.com/items/DEVSENSE.phptools-vscode/changelog";

     

       1405
       1405
       -
                 description = "Visual studio code extension for full development integration for the PHP language";

     

       1406
       1406
       -
                 downloadPage = "https://marketplace.visualstudio.com/items?itemName=DEVSENSE.phptools-vscode";

     

       1407
       1407
       -
                 homepage = "https://github.com/DEVSENSE/phptools-docs";

     

       1408
       1408
       -
                 license = lib.licenses.unfree;

     

       1409
       1409
       -
                 maintainers = [ ];

     

       1410
       1410
       -
                 platforms = [

     

       1411
       1411
       -
                   "x86_64-linux"

     

       1412
       1412
       -
                   "x86_64-darwin"

     

       1413
       1413
       -
                   "aarch64-darwin"

     

       1414
       1414
       -
                   "aarch64-linux"

     

       1415
       1415
       -
                 ];

     

       1416
       1416
       -
               };

     

       1417
       1417
       -
             };

     

       1418
       1418
       -
       

     

       1419
       1419
       -
             devsense.profiler-php-vscode = buildVscodeMarketplaceExtension {

     

       1420
       1420
       -
               mktplcRef = {

     

       1421
       1421
       -
                 name = "profiler-php-vscode";

     

       1422
       1422
       -
                 publisher = "devsense";

     

       1423
       1423
       -
                 version = "1.59.17515";

     

       1424
       1424
       -
                 hash = "sha256-Y2y1vpqKEOjg4eniG0myhaAkJLdEIAT1UdEdbr04MrA=";

     

       1425
       1425
       -
               };

     

       1426
       1426
       -
               meta = {

     

       1427
       1427
       -
                 changelog = "https://marketplace.visualstudio.com/items/DEVSENSE.profiler-php-vscode/changelog";

     

       1428
       1428
       -
                 description = "Visual studio code extension for PHP and XDebug profiling and inspecting";

     

       1429
       1429
       -
                 downloadPage = "https://marketplace.visualstudio.com/items?itemName=DEVSENSE.profiler-php-vscode";

     

       1430
       1430
       -
                 homepage = "https://github.com/DEVSENSE/phptools-docs";

     

       1431
       1431
       -
                 license = lib.licenses.unfree;

     

       1432
       1432
       -
                 maintainers = [ ];

     

       1433
       1433
       -
               };

     

       1434
       1434
       -
             };

     

       1435
       1435
       -
       

     

       1436
       1346
        
             dhall.dhall-lang = buildVscodeMarketplaceExtension {

     

       1437
       1347
        
               mktplcRef = {

     

       1438
       1348
        
                 name = "dhall-lang";

+2 -2

pkgs/applications/editors/vscode/extensions/ms-python.python/default.nix

···

       15
       15
        
         mktplcRef = {

     

       16
       16
        
           name = "python";

     

       17
       17
        
           publisher = "ms-python";

     

       18
       18
       -
           version = "2025.10.0";

     

       19
       19
       -
           hash = "sha256-uD6NWGD5GyYwd7SeoGsgYEH26NI+hDxCx3f2EhqoOXk=";

     

       18
       18
       +
           version = "2025.10.1";

     

       19
       19
       +
           hash = "sha256-3hd940mfxnvqoblIrx/S0A8KwHtYLFuonu52/HGGfak=";

     

       20
       20
        
         };

     

       21
       21
        
       

     

       22
       22
        
         buildInputs = [ icu ];

+3 -3

pkgs/by-name/bu/burpsuite/package.nix

···

       9
       9
        
       }:

     

       10
       10
        
       

     

       11
       11
        
       let

     

       12
       12
       -
         version = "2025.7";

     

       12
       12
       +
         version = "2025.7.1";

     

       13
       13
        
       

     

       14
       14
        
         product =

     

       15
       15
        
           if proEdition then

     

       16
       16
        
             {

     

       17
       17
        
               productName = "pro";

     

       18
       18
        
               productDesktop = "Burp Suite Professional Edition";

     

       19
       19
       -
               hash = "sha256-JnsaMo6QixmC1SzW6I/iX7YOZLxWaU7AlvqsZ66cPeg=";

     

       19
       19
       +
               hash = "sha256-qyTvvEEiZFtiRvPM8IcuRlzBKOO40Fe9g8l9wrsIY84=";

     

       20
       20
        
             }

     

       21
       21
        
           else

     

       22
       22
        
             {

     

       23
       23
        
               productName = "community";

     

       24
       24
        
               productDesktop = "Burp Suite Community Edition";

     

       25
       25
       -
               hash = "sha256-M8/Fy8yZH+WuF34IautU2fnFKOWI4/tPCzRKRIkxagY=";

     

       25
       25
       +
               hash = "sha256-y34WlQtGZNBn1StoWhQh02EHbCVxYMoOQMH4cGbviXg=";

     

       26
       26
        
             };

     

       27
       27
        
       

     

       28
       28
        
         src = fetchurl {

+2 -1

pkgs/by-name/ch/cherry-studio/package.nix

···

       5
       5
        
         yarn-berry_4,

     

       6
       6
        
         nodejs,

     

       7
       7
        
         python3,

     

       8
       8
       -
         electron,

     

       8
       8
       +
         electron_35,

     

       9
       9
        
         makeWrapper,

     

       10
       10
        
         writableTmpDirAsHomeHook,

     

       11
       11
        
         makeDesktopItem,

     
···

       14
       14
        
       }:

     

       15
       15
        
       

     

       16
       16
        
       let

     

       17
       17
       +
         electron = electron_35;

     

       17
       18
        
         yarn-berry = yarn-berry_4;

     

       18
       19
        
       in

     

       19
       20
        
       stdenv.mkDerivation (finalAttrs: {

+2 -1

pkgs/by-name/gf/gfn-electron/package.nix

···

       2
       2
        
         lib,

     

       3
       3
        
         buildNpmPackage,

     

       4
       4
        
         fetchFromGitHub,

     

       5
       5
       -
         electron,

     

       5
       5
       +
         electron_35,

     

       6
       6
        
         nix-update-script,

     

       7
       7
        
         makeBinaryWrapper,

     

       8
       8
        
         python3,

     

       9
       9
        
       }:

     

       10
       10
        
       let

     

       11
       11
       +
         electron = electron_35;

     

       11
       12
        
         version = "2.2.0";

     

       12
       13
        
       in

     

       13
       14
        
       buildNpmPackage {

+44 -20

pkgs/by-name/gi/gibo/package.nix

···

       1
       1
        
       {

     

       2
       2
        
         lib,

     

       3
       3
        
         stdenv,

     

       4
       4
       +
         buildPackages,

     

       5
       5
       +
         buildGoModule,

     

       4
       6
        
         fetchFromGitHub,

     

       5
       5
       -
         coreutils,

     

       6
       6
       -
         findutils,

     

       7
       7
       -
         git,

     

       7
       7
       +
         nix-update-script,

     

       8
       8
       +
         versionCheckHook,

     

       9
       9
       +
         installShellFiles,

     

       10
       10
       +
         writableTmpDirAsHomeHook,

     

       8
       11
        
       }:

     

       9
       9
       -
       

     

       10
       10
       -
       stdenv.mkDerivation rec {

     

       12
       12
       +
       buildGoModule (finalAttrs: {

     

       11
       13
        
         pname = "gibo";

     

       12
       12
       -
         version = "1.0.6";

     

       14
       14
       +
         version = "3.0.14";

     

       13
       15
        
       

     

       14
       16
        
         src = fetchFromGitHub {

     

       15
       17
        
           owner = "simonwhitaker";

     

       16
       18
        
           repo = "gibo";

     

       17
       17
       -
           rev = version;

     

       18
       18
       -
           sha256 = "07j3sv9ar9l074krajw8nfmsfmdp836irsbd053dbqk2v880gfm6";

     

       19
       19
       +
           tag = "v${finalAttrs.version}";

     

       20
       20
       +
           sha256 = "sha256-6w+qhwOHkfKt0hgKO98L6Si0RNJN+CXOOFzGlvxFjcA=";

     

       19
       21
        
         };

     

       20
       22
        
       

     

       21
       21
       -
         installPhase = ''

     

       22
       22
       -
           mkdir -p $out/bin $out/share/bash-completion/completions

     

       23
       23
       -
           cp gibo $out/bin

     

       24
       24
       -
           cp gibo-completion.bash $out/share/bash-completion/completions

     

       23
       23
       +
         vendorHash = "sha256-pD+7yvBydg1+BQFP0G8rRYTCO//Wg/6pzY19DLs42Gk=";

     

       25
       24
        
       

     

       26
       26
       -
           sed -e 's|\<git |${git}/bin/git |g' \

     

       27
       27
       -
               -e 's|\<basename |${coreutils}/bin/basename |g' \

     

       28
       28
       -
               -i "$out/bin/gibo"

     

       29
       29
       -
           sed -e 's|\<find |${findutils}/bin/find |g' \

     

       30
       30
       -
               -i "$out/share/bash-completion/completions/gibo-completion.bash"

     

       31
       31
       -
         '';

     

       25
       25
       +
         ldflags = [

     

       26
       26
       +
           "-s"

     

       27
       27
       +
           "-w"

     

       28
       28
       +
           "-X github.com/simonwhitaker/gibo/cmd.version=${finalAttrs.version}"

     

       29
       29
       +
         ];

     

       30
       30
       +
       

     

       31
       31
       +
         nativeBuildInputs = [

     

       32
       32
       +
           installShellFiles

     

       33
       33
       +
         ];

     

       34
       34
       +
       

     

       35
       35
       +
         postInstall = lib.optionalString (stdenv.hostPlatform.emulatorAvailable buildPackages) (

     

       36
       36
       +
           let

     

       37
       37
       +
             emulator = stdenv.hostPlatform.emulator buildPackages;

     

       38
       38
       +
           in

     

       39
       39
       +
           ''

     

       40
       40
       +
             installShellCompletion --cmd gibo \

     

       41
       41
       +
               --bash <(${emulator} $out/bin/gibo completion bash) \

     

       42
       42
       +
               --fish <(${emulator} $out/bin/gibo completion fish) \

     

       43
       43
       +
               --zsh <(${emulator} $out/bin/gibo completion zsh)

     

       44
       44
       +
           ''

     

       45
       45
       +
         );

     

       46
       46
       +
       

     

       47
       47
       +
         doInstallCheck = true;

     

       48
       48
       +
         nativeInstallCheckInputs = [

     

       49
       49
       +
           versionCheckHook

     

       50
       50
       +
           writableTmpDirAsHomeHook

     

       51
       51
       +
         ];

     

       52
       52
       +
         versionCheckProgramArg = "version";

     

       53
       53
       +
         versionCheckKeepEnvironment = [ "HOME" ];

     

       54
       54
       +
       

     

       55
       55
       +
         passthru.updateScript = nix-update-script { };

     

       32
       56
        
       

     

       33
       57
        
         meta = {

     

       34
       58
        
           homepage = "https://github.com/simonwhitaker/gibo";

     

       35
       35
       -
           license = lib.licenses.publicDomain;

     

       59
       59
       +
           license = lib.licenses.unlicense;

     

       36
       60
        
           description = "Shell script for easily accessing gitignore boilerplates";

     

       37
       61
        
           platforms = lib.platforms.unix;

     

       38
       62
        
           mainProgram = "gibo";

     

       39
       63
        
         };

     

       40
       40
       -
       }

     

       64
       64
       +
       })

+3 -3

pkgs/by-name/gi/gitaly/package.nix

···

       7
       7
        
       }:

     

       8
       8
        
       

     

       9
       9
        
       let

     

       10
       10
       -
         version = "18.1.2";

     

       10
       10
       +
         version = "18.2.0";

     

       11
       11
        
         package_version = "v${lib.versions.major version}";

     

       12
       12
        
         gitaly_package = "gitlab.com/gitlab-org/gitaly/${package_version}";

     

       13
       13
        
       

     
···

       21
       21
        
             owner = "gitlab-org";

     

       22
       22
        
             repo = "gitaly";

     

       23
       23
        
             rev = "v${version}";

     

       24
       24
       -
             hash = "sha256-ErA04W6rWsjSay02bst0ur1mztrdo8SW/mpGtln4unI=";

     

       24
       24
       +
             hash = "sha256-e78kokFzVqFGgurlqThxHhfrGiRuZ+XG2g5hRrCuF3Y=";

     

       25
       25
        
           };

     

       26
       26
        
       

     

       27
       27
       -
           vendorHash = "sha256-BTpcnaHNyLgdAA9KqqA+mBo18fmQ0+OwLGNOPHRJ/IE=";

     

       27
       27
       +
           vendorHash = "sha256-RjDV4NGmmdT9STQBHiYf3UUYwPmuSg6970/W/ekxin0=";

     

       28
       28
        
       

     

       29
       29
        
           ldflags = [

     

       30
       30
        
             "-X ${gitaly_package}/internal/version.version=${version}"

+3 -3

pkgs/by-name/gi/gitlab-container-registry/package.nix

···

       6
       6
        
       

     

       7
       7
        
       buildGoModule rec {

     

       8
       8
        
         pname = "gitlab-container-registry";

     

       9
       9
       -
         version = "4.24.0";

     

       9
       9
       +
         version = "4.25.0";

     

       10
       10
        
         rev = "v${version}-gitlab";

     

       11
       11
        
       

     

       12
       12
        
         # nixpkgs-update: no auto update

     
···

       14
       14
        
           owner = "gitlab-org";

     

       15
       15
        
           repo = "container-registry";

     

       16
       16
        
           inherit rev;

     

       17
       17
       -
           hash = "sha256-GNL7L6DKIKEgDEZQkeHNOn4R5SnWnHvNoUIs2YLjoR8=";

     

       17
       17
       +
           hash = "sha256-7jzKFC29NAHi5iag6aA/5LzH6IyqMa3yAxtzV9OsBnQ=";

     

       18
       18
        
         };

     

       19
       19
        
       

     

       20
       20
       -
         vendorHash = "sha256-zisadCxyfItD/n7VGbtbvhl8MRHiqdw0Kkrg6ebgS/8=";

     

       20
       20
       +
         vendorHash = "sha256-z9IlfyJ48FQzhbY38GbZaeQjg3cMDU8tLCXKhazP64A=";

     

       21
       21
        
       

     

       22
       22
        
         checkFlags =

     

       23
       23
        
           let

+3 -3

pkgs/by-name/gi/gitlab-elasticsearch-indexer/package.nix

···

       8
       8
        
       

     

       9
       9
        
       buildGoModule rec {

     

       10
       10
        
         pname = "gitlab-elasticsearch-indexer";

     

       11
       11
       -
         version = "5.6.0";

     

       11
       11
       +
         version = "5.7.0";

     

       12
       12
        
       

     

       13
       13
        
         # nixpkgs-update: no auto update

     

       14
       14
        
         src = fetchFromGitLab {

     

       15
       15
        
           owner = "gitlab-org";

     

       16
       16
        
           repo = "gitlab-elasticsearch-indexer";

     

       17
       17
        
           rev = "v${version}";

     

       18
       18
       -
           hash = "sha256-XerIPK+s0OWYAqKVqE3HSSI+D4cXixYqRHmf9/4C2eg=";

     

       18
       18
       +
           hash = "sha256-Qlz8YT6lGUtnMXCrfZZjzmSz0AivzcCVEd/tEKzfoYg=";

     

       19
       19
        
         };

     

       20
       20
        
       

     

       21
       21
       -
         vendorHash = "sha256-qNGACM5DKufyNVKhJyakmMRbaMXi+JJUfojhWdk0ptU=";

     

       21
       21
       +
         vendorHash = "sha256-C0B9fe/S5TODgVTMGBBD5oGH/DsxAvCB6tBLaRdswCA=";

     

       22
       22
        
       

     

       23
       23
        
         buildInputs = [ icu ];

     

       24
       24
        
         nativeBuildInputs = [ pkg-config ];

+3 -3

pkgs/by-name/gi/gitlab-pages/package.nix

···

       6
       6
        
       

     

       7
       7
        
       buildGoModule rec {

     

       8
       8
        
         pname = "gitlab-pages";

     

       9
       9
       -
         version = "18.1.2";

     

       9
       9
       +
         version = "18.2.0";

     

       10
       10
        
       

     

       11
       11
        
         # nixpkgs-update: no auto update

     

       12
       12
        
         src = fetchFromGitLab {

     

       13
       13
        
           owner = "gitlab-org";

     

       14
       14
        
           repo = "gitlab-pages";

     

       15
       15
        
           rev = "v${version}";

     

       16
       16
       -
           hash = "sha256-XY/WK19nujQPdsicGDHS5gEZf3uJZdW41R4xK9hDML0=";

     

       16
       16
       +
           hash = "sha256-TcDk816n4483SzTuz5bc8e2efrd2eJdM8jWXpM3DMvY=";

     

       17
       17
        
         };

     

       18
       18
        
       

     

       19
       19
       -
         vendorHash = "sha256-6ZHKwPhC3N813kiw1NnPOMVc2CBSIClwc4MunDi0gCk=";

     

       19
       19
       +
         vendorHash = "sha256-OubXCpvGtGqegQmdb6R1zw/0DfQ4FdbJGt7qYYRnWnA=";

     

       20
       20
        
         subPackages = [ "." ];

     

       21
       21
        
       

     

       22
       22
        
         meta = {

+3 -3

pkgs/by-name/gi/gitlab-shell/package.nix

···

       8
       8
        
       

     

       9
       9
        
       buildGoModule rec {

     

       10
       10
        
         pname = "gitlab-shell";

     

       11
       11
       -
         version = "14.42.0";

     

       11
       11
       +
         version = "14.43.0";

     

       12
       12
        
       

     

       13
       13
        
         # nixpkgs-update: no auto update

     

       14
       14
        
         src = fetchFromGitLab {

     

       15
       15
        
           owner = "gitlab-org";

     

       16
       16
        
           repo = "gitlab-shell";

     

       17
       17
        
           rev = "v${version}";

     

       18
       18
       -
           hash = "sha256-U42xSb9kZpxBIE+tua5m3iNMBfcLRlujSI3K5eWiuME=";

     

       18
       18
       +
           hash = "sha256-JBcfsOLutxHUk5z+vXP8CnVSmJazhqJk4fZ0vONIswo=";

     

       19
       19
        
         };

     

       20
       20
        
       

     

       21
       21
        
         buildInputs = [

     
···

       27
       27
        
           ./remove-hardcoded-locations.patch

     

       28
       28
        
         ];

     

       29
       29
        
       

     

       30
       30
       -
         vendorHash = "sha256-aBANgvo9kWiHoytaB10J3hf9vOWVsz/vJApVHet93xg=";

     

       30
       30
       +
         vendorHash = "sha256-zuxgWBrrftkNjMhAXs8cAcQmb8RLQqvnFhU0HnUUcTA=";

     

       31
       31
        
       

     

       32
       32
        
         subPackages = [

     

       33
       33
        
           "cmd/gitlab-shell"

+9 -9

pkgs/by-name/gi/gitlab/data.json

···

       1
       1
        
       {

     

       2
       2
       -
         "version": "18.1.2",

     

       3
       3
       -
         "repo_hash": "072ib6rc7mw9pdzql8514k4z76i1ahssyj5kypgyvf9qj4naym0b",

     

       4
       4
       -
         "yarn_hash": "0c5pp3dpvw0q0nfl6w1lpdmk7dvkfinwb7z7a3vq22wgzca23x2m",

     

       2
       2
       +
         "version": "18.2.0",

     

       3
       3
       +
         "repo_hash": "0wkxnhrxq3x2ahbb1hffd2c321mz3y1wi7qh89drg8rn4qgz09cd",

     

       4
       4
       +
         "yarn_hash": "04mqinnbhr6zgab2p1bq6y6b20bf4c4cynkgfc67mzm9xhybr3fk",

     

       5
       5
        
         "owner": "gitlab-org",

     

       6
       6
        
         "repo": "gitlab",

     

       7
       7
       -
         "rev": "v18.1.2-ee",

     

       7
       7
       +
         "rev": "v18.2.0-ee",

     

       8
       8
        
         "passthru": {

     

       9
       9
       -
           "GITALY_SERVER_VERSION": "18.1.2",

     

       10
       10
       -
           "GITLAB_PAGES_VERSION": "18.1.2",

     

       11
       11
       -
           "GITLAB_SHELL_VERSION": "14.42.0",

     

       12
       12
       -
           "GITLAB_ELASTICSEARCH_INDEXER_VERSION": "5.6.0",

     

       13
       13
       -
           "GITLAB_WORKHORSE_VERSION": "18.1.2"

     

       9
       9
       +
           "GITALY_SERVER_VERSION": "18.2.0",

     

       10
       10
       +
           "GITLAB_PAGES_VERSION": "18.2.0",

     

       11
       11
       +
           "GITLAB_SHELL_VERSION": "14.43.0",

     

       12
       12
       +
           "GITLAB_ELASTICSEARCH_INDEXER_VERSION": "5.7.0",

     

       13
       13
       +
           "GITLAB_WORKHORSE_VERSION": "18.2.0"

     

       14
       14
        
         }

     

       15
       15
        
       }

+2 -2

pkgs/by-name/gi/gitlab/gitlab-workhorse/default.nix

···

       10
       10
        
       buildGoModule rec {

     

       11
       11
        
         pname = "gitlab-workhorse";

     

       12
       12
        
       

     

       13
       13
       -
         version = "18.1.2";

     

       13
       13
       +
         version = "18.2.0";

     

       14
       14
        
       

     

       15
       15
        
         # nixpkgs-update: no auto update

     

       16
       16
        
         src = fetchFromGitLab {

     
···

       22
       22
        
       

     

       23
       23
        
         sourceRoot = "${src.name}/workhorse";

     

       24
       24
        
       

     

       25
       25
       -
         vendorHash = "sha256-jsp68duGIW1p8ltfSlK0jPd22iscjiIOyrxfsr+2QY0=";

     

       25
       25
       +
         vendorHash = "sha256-fJ1QqVn2t591ZQv9ilwgk+sPwNZNy6bHvpdCPs7S0+s=";

     

       26
       26
        
         buildInputs = [ git ];

     

       27
       27
        
         ldflags = [ "-X main.Version=${version}" ];

     

       28
       28
        
         doCheck = false;

+10 -16

pkgs/by-name/gi/gitlab/rubyEnv/Gemfile

···

       7
       7
        
       source 'https://rubygems.org'

     

       8
       8
        
       

     

       9
       9
        
       if ENV.fetch('BUNDLER_CHECKSUM_VERIFICATION_OPT_IN', 'false') != 'false' # this verification is still experimental

     

       10
       10
       -
         $LOAD_PATH.unshift(File.expand_path("vendor/gems/bundler-checksum/lib", __dir__))

     

       10
       10
       +
         $LOAD_PATH.unshift(File.expand_path("gems/bundler-checksum/lib", __dir__))

     

       11
       11
        
         require 'bundler-checksum'

     

       12
       12
        
         BundlerChecksum.patch!

     

       13
       13
        
       end

     
···

       21
       21
        
       

     

       22
       22
        
       extend ignore_feature_category

     

       23
       23
        
       

     

       24
       24
       -
       gem 'bundler-checksum', '~> 0.1.0', path: 'vendor/gems/bundler-checksum', require: false, feature_category: :shared

     

       24
       24
       +
       gem 'bundler-checksum', '~> 0.1.0', path: 'gems/bundler-checksum', require: false, feature_category: :shared

     

       25
       25
        
       

     

       26
       26
        
       # See https://docs.gitlab.com/ee/development/gemfile.html#upgrade-rails for guidelines when upgrading Rails

     

       27
       27
        
       

     
···

       37
       37
        
       # Need by Rails

     

       38
       38
        
       gem 'drb', '~> 2.2', feature_category: :shared

     

       39
       39
        
       

     

       40
       40
       -
       gem 'bootsnap', '~> 1.18.3', require: false, feature_category: :shared

     

       40
       40
       +
       gem 'bootsnap', '~> 1.18.6', require: false, feature_category: :shared

     

       41
       41
        
       

     

       42
       42
        
       # Avoid the precompiled native gems because Omnibus needs to build this to ensure

     

       43
       43
        
       # LD_LIBRARY_PATH is correct: https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/7730

     
···

       344
       344
        
       # Slack integration

     

       345
       345
        
       gem 'slack-messenger', '~> 2.3.5', feature_category: :integrations

     

       346
       346
        
       

     

       347
       347
       -
       # FogBugz integration

     

       348
       348
       -
       gem 'ruby-fogbugz', '~> 0.3.0', feature_category: :importers

     

       349
       349
       -
       

     

       350
       347
        
       # Kubernetes integration

     

       351
       348
        
       gem 'kubeclient', '~> 4.11.0', feature_category: :shared

     

       352
       349
        
       

     
···

       404
       401
        
       gem 'gitlab-http', path: 'gems/gitlab-http', feature_category: :shared

     

       405
       402
        
       

     

       406
       403
        
       gem 'premailer-rails', '~> 1.12.0', feature_category: :notifications

     

       407
       407
       -
       gem 'gitlab-labkit', '~> 0.37.0', feature_category: :shared

     

       404
       404
       +
       gem 'gitlab-labkit', '~> 0.39.0', feature_category: :shared

     

       408
       405
        
       gem 'thrift', '>= 0.16.0', feature_category: :shared

     

       409
       406
        
       

     

       410
       407
        
       # I18n

     
···

       422
       419
        
       # Perf bar

     

       423
       420
        
       gem 'peek', '~> 1.1', feature_category: :shared

     

       424
       421
        
       

     

       425
       425
       -
       # Google Cloud Profiler support

     

       426
       426
       -
       gem 'cloud_profiler_agent', '~> 0.0.0', path: 'vendor/gems/cloud_profiler_agent', require: false,

     

       427
       427
       -
         feature_category: :shared

     

       428
       428
       -
       

     

       429
       422
        
       # Snowplow events trackin

     

       430
       423
        
       gem 'snowplow-tracker', '~> 0.8.0', feature_category: :product_analytics

     

       431
       424
        
       

     
···

       438
       431
        
       gem 'async', '~> 2.24.0', require: false, feature_category: :shared

     

       439
       432
        
       

     

       440
       433
        
       # Security report schemas used to validate CI job artifacts of security jobs

     

       441
       441
       -
       gem 'gitlab-security_report_schemas', '0.1.2.min15.0.0.max15.2.1', feature_category: :vulnerability_management

     

       434
       434
       +
       gem 'gitlab-security_report_schemas', '0.1.3.min15.0.0.max15.2.2', feature_category: :vulnerability_management

     

       442
       435
        
       

     

       443
       436
        
       # OpenTelemetry

     

       444
       437
        
       group :opentelemetry do

     
···

       515
       508
        
       

     

       516
       509
        
         gem 'database_cleaner-active_record', '~> 2.2.0', feature_category: :database

     

       517
       510
        
         gem 'rspec-rails', '~> 7.1.0', feature_category: :shared

     

       518
       518
       -
         gem 'factory_bot_rails', '~> 6.4.3', feature_category: :tooling

     

       511
       511
       +
         gem 'factory_bot_rails', '~> 6.5.0', feature_category: :tooling

     

       519
       512
        
       

     

       520
       513
        
         # Prevent occasions where minitest is not bundled in packaged versions of ruby (see #3826)

     

       521
       514
        
         gem 'minitest', '~> 5.11.0', feature_category: :shared

     
···

       565
       558
        
         gem 'simplecov', '~> 0.22', require: false, feature_category: :tooling

     

       566
       559
        
         gem 'simplecov-lcov', '~> 0.8.0', require: false, feature_category: :tooling

     

       567
       560
        
         gem 'simplecov-cobertura', '~> 2.1.0', require: false, feature_category: :tooling

     

       568
       568
       -
         gem 'undercover', '~> 0.6.0', require: false, feature_category: :tooling

     

       561
       561
       +
         gem 'undercover', '~> 0.7.0', require: false, feature_category: :tooling

     

       569
       562
        
       end

     

       570
       563
        
       

     

       571
       564
        
       # Gems required in omnibus-gitlab pipeline

     
···

       646
       639
        
       gem 'gitaly', '~> 18.1.0.pre.rc1', feature_category: :gitaly

     

       647
       640
        
       

     

       648
       641
        
       # KAS GRPC protocol definitions

     

       649
       649
       -
       gem 'gitlab-kas-grpc', '~> 17.11.0', feature_category: :deployment_management

     

       642
       642
       +
       gem 'gitlab-kas-grpc', '~> 18.1.0', feature_category: :deployment_management

     

       650
       643
        
       

     

       651
       644
        
       # Lock until 1.74.0 is available

     

       652
       645
        
       # https://gitlab.com/gitlab-com/gl-infra/production/-/issues/20067

     
···

       728
       721
        
       

     

       729
       722
        
       # Remote Development

     

       730
       723
        
       gem 'devfile', '~> 0.4.4', feature_category: :workspaces

     

       724
       724
       +
       gem 'hashdiff', '~> 1.2.0', feature_category: :workspaces

     

       731
       725
        
       

     

       732
       726
        
       # Apple plist parsing

     

       733
       727
        
       gem 'CFPropertyList', '~> 3.0.0', feature_category: :mobile_devops

     
···

       758
       752
        
       

     

       759
       753
        
       gem "i18n_data", "~> 0.13.1", feature_category: :system_access

     

       760
       754
        
       

     

       761
       761
       -
       gem "gitlab-cloud-connector", "~> 1.14", require: 'gitlab/cloud_connector', feature_category: :cloud_connector

     

       755
       755
       +
       gem "gitlab-cloud-connector", "~> 1.21", require: 'gitlab/cloud_connector', feature_category: :plan_provisioning

+47 -57

pkgs/by-name/gi/gitlab/rubyEnv/Gemfile.lock

···

       5
       5
        
             activerecord (>= 7)

     

       6
       6
        
       

     

       7
       7
        
       PATH

     

       8
       8
       +
         remote: gems/bundler-checksum

     

       9
       9
       +
         specs:

     

       10
       10
       +
           bundler-checksum (0.1.0)

     

       11
       11
       +
             bundler

     

       12
       12
       +
       

     

       13
       13
       +
       PATH

     

       8
       14
        
         remote: gems/click_house-client

     

       9
       15
        
         specs:

     

       10
       16
        
           click_house-client (0.1.0)

     
···

       127
       133
        
             oj (~> 3.16, >= 3.16.10)

     

       128
       134
        
       

     

       129
       135
        
       PATH

     

       130
       130
       -
         remote: vendor/gems/bundler-checksum

     

       131
       131
       -
         specs:

     

       132
       132
       -
           bundler-checksum (0.1.0)

     

       133
       133
       -
             bundler

     

       134
       134
       -
       

     

       135
       135
       -
       PATH

     

       136
       136
       -
         remote: vendor/gems/cloud_profiler_agent

     

       137
       137
       -
         specs:

     

       138
       138
       -
           cloud_profiler_agent (0.0.1.pre)

     

       139
       139
       -
             google-cloud-profiler-v2 (~> 0.3)

     

       140
       140
       -
             google-protobuf (~> 3.25)

     

       141
       141
       -
             googleauth (>= 0.14)

     

       142
       142
       -
             stackprof (~> 0.2)

     

       143
       143
       -
       

     

       144
       144
       -
       PATH

     

       145
       136
        
         remote: vendor/gems/devise-pbkdf2-encryptable

     

       146
       137
        
         specs:

     

       147
       138
        
           devise-pbkdf2-encryptable (0.0.0)

     
···

       217
       208
        
             nkf

     

       218
       209
        
             rexml

     

       219
       210
        
           RedCloth (4.3.4)

     

       220
       220
       -
           acme-client (2.0.21)

     

       221
       221
       -
             base64 (~> 0.2.0)

     

       211
       211
       +
           acme-client (2.0.22)

     

       212
       212
       +
             base64 (~> 0.2)

     

       222
       213
        
             faraday (>= 1.0, < 3.0.0)

     

       223
       214
        
             faraday-retry (>= 1.0, < 3.0.0)

     

       224
       215
        
           actioncable (7.1.5.1)

     
···

       343
       334
        
           awrence (1.2.1)

     

       344
       335
        
           aws-eventstream (1.3.0)

     

       345
       336
        
           aws-partitions (1.1001.0)

     

       346
       346
       -
           aws-sdk-cloudformation (1.131.0)

     

       347
       347
       -
             aws-sdk-core (~> 3, >= 3.216.0)

     

       337
       337
       +
           aws-sdk-cloudformation (1.133.0)

     

       338
       338
       +
             aws-sdk-core (~> 3, >= 3.225.0)

     

       348
       339
        
             aws-sigv4 (~> 1.5)

     

       349
       340
        
           aws-sdk-core (3.225.0)

     

       350
       341
        
             aws-eventstream (~> 1, >= 1.3.0)

     
···

       446
       437
        
             descendants_tracker (~> 0.0.1)

     

       447
       438
        
           colored2 (3.1.2)

     

       448
       439
        
           commonmarker (0.23.11)

     

       449
       449
       -
           concurrent-ruby (1.2.3)

     

       440
       440
       +
           concurrent-ruby (1.3.5)

     

       450
       441
        
           connection_pool (2.5.3)

     

       451
       442
        
           console (1.29.2)

     

       452
       443
        
             fiber-annotation

     
···

       489
       480
        
           danger-gitlab (8.0.0)

     

       490
       481
        
             danger

     

       491
       482
        
             gitlab (~> 4.2, >= 4.2.0)

     

       492
       492
       -
           database_cleaner-active_record (2.2.0)

     

       483
       483
       +
           database_cleaner-active_record (2.2.1)

     

       493
       484
        
             activerecord (>= 5.a)

     

       494
       485
        
             database_cleaner-core (~> 2.0.0)

     

       495
       486
        
           database_cleaner-core (2.0.1)

     
···

       552
       543
        
             jwt (>= 2.5)

     

       553
       544
        
             ostruct (>= 0.5)

     

       554
       545
        
           dotenv (2.7.6)

     

       555
       555
       -
           drb (2.2.1)

     

       546
       546
       +
           drb (2.2.3)

     

       556
       547
        
           dry-cli (1.0.0)

     

       557
       548
        
           dry-core (1.0.1)

     

       558
       549
        
             concurrent-ruby (~> 1.0)

     
···

       608
       599
        
             html-pipeline (~> 2.9)

     

       609
       600
        
           factory_bot (6.5.0)

     

       610
       601
        
             activesupport (>= 5.0.0)

     

       611
       611
       -
           factory_bot_rails (6.4.4)

     

       602
       602
       +
           factory_bot_rails (6.5.0)

     

       612
       603
        
             factory_bot (~> 6.5)

     

       613
       613
       -
             railties (>= 5.0.0)

     

       604
       604
       +
             railties (>= 6.1.0)

     

       614
       605
        
           faraday (2.13.1)

     

       615
       606
        
             faraday-net_http (>= 2.0, < 3.5)

     

       616
       607
        
             json

     
···

       619
       610
        
             faraday (>= 1, < 3)

     

       620
       611
        
           faraday-http-cache (2.5.0)

     

       621
       612
        
             faraday (>= 0.8)

     

       622
       622
       -
           faraday-multipart (1.1.0)

     

       613
       613
       +
           faraday-multipart (1.1.1)

     

       623
       614
        
             multipart-post (~> 2.0)

     

       624
       615
        
           faraday-net_http (3.1.0)

     

       625
       616
        
             net-http

     
···

       734
       725
        
             terminal-table (>= 1.5.1)

     

       735
       726
        
           gitlab-chronic (0.10.6)

     

       736
       727
        
             numerizer (~> 0.2)

     

       737
       737
       -
           gitlab-cloud-connector (1.17.0)

     

       728
       728
       +
           gitlab-cloud-connector (1.21.0)

     

       738
       729
        
             activesupport (~> 7.0)

     

       739
       730
        
             jwt (~> 2.9.3)

     

       740
       740
       -
           gitlab-crystalball (1.1.0)

     

       731
       731
       +
           gitlab-crystalball (1.1.1)

     

       741
       732
        
             git (< 4)

     

       742
       733
        
             ostruct (< 1)

     

       743
       734
        
           gitlab-dangerfiles (4.9.2)

     
···

       758
       749
        
             nokogiri (~> 1, >= 1.10.8)

     

       759
       750
        
           gitlab-glfm-markdown (0.0.31)

     

       760
       751
        
             rb_sys (~> 0.9.109)

     

       761
       761
       -
           gitlab-kas-grpc (17.11.3)

     

       752
       752
       +
           gitlab-kas-grpc (18.1.0)

     

       762
       753
        
             grpc (~> 1.0)

     

       763
       763
       -
           gitlab-labkit (0.37.0)

     

       754
       754
       +
           gitlab-labkit (0.39.0)

     

       764
       755
        
             actionpack (>= 5.0.0, < 8.1.0)

     

       765
       756
        
             activesupport (>= 5.0.0, < 8.1.0)

     

       757
       757
       +
             google-protobuf (~> 3)

     

       766
       758
        
             grpc (>= 1.62)

     

       767
       759
        
             jaeger-client (~> 1.1.0)

     

       768
       760
        
             opentracing (~> 0.4)

     

       769
       769
       -
             pg_query (>= 5.1.0, < 7.0)

     

       761
       761
       +
             pg_query (>= 6.1.0, < 7.0)

     

       762
       762
       +
             prometheus-client-mmap (~> 1.2.9)

     

       770
       763
        
             redis (> 3.0.0, < 6.0.0)

     

       771
       764
        
           gitlab-license (2.6.0)

     

       772
       765
        
           gitlab-mail_room (0.0.27)

     
···

       782
       775
        
             activesupport (>= 5.2.0)

     

       783
       776
        
             rake (~> 13.0)

     

       784
       777
        
             snowplow-tracker (~> 0.8.0)

     

       785
       785
       -
           gitlab-secret_detection (0.29.1)

     

       778
       778
       +
           gitlab-secret_detection (0.33.0)

     

       786
       779
        
             grpc (>= 1.63.0, < 2)

     

       787
       780
        
             grpc_reflection (~> 0.1)

     

       788
       781
        
             parallel (~> 1)

     
···

       790
       783
        
             sentry-ruby (~> 5.22)

     

       791
       784
        
             stackprof (~> 0.2.27)

     

       792
       785
        
             toml-rb (~> 2.2)

     

       793
       793
       -
           gitlab-security_report_schemas (0.1.2.min15.0.0.max15.2.1)

     

       786
       786
       +
           gitlab-security_report_schemas (0.1.3.min15.0.0.max15.2.2)

     

       794
       787
        
             activesupport (>= 6, < 8)

     

       795
       788
        
             json_schemer (~> 2.3.0)

     

       789
       789
       +
             mutex_m (~> 0.3.0)

     

       796
       790
        
           gitlab-styles (13.1.0)

     

       797
       791
        
             rubocop (= 1.71.1)

     

       798
       792
        
             rubocop-capybara (~> 2.21.0)

     
···

       887
       881
        
           google-cloud-location (0.6.0)

     

       888
       882
        
             gapic-common (>= 0.20.0, < 2.a)

     

       889
       883
        
             google-cloud-errors (~> 1.0)

     

       890
       890
       -
           google-cloud-profiler-v2 (0.4.0)

     

       891
       891
       -
             gapic-common (>= 0.18.0, < 2.a)

     

       892
       892
       -
             google-cloud-errors (~> 1.0)

     

       893
       884
        
           google-cloud-storage (1.45.0)

     

       894
       885
        
             addressable (~> 2.8)

     

       895
       886
        
             digest-crc (~> 0.4)

     
···

       995
       986
        
             thor

     

       996
       987
        
             tilt

     

       997
       988
        
           hana (1.3.7)

     

       998
       998
       -
           hashdiff (1.1.0)

     

       989
       989
       +
           hashdiff (1.2.0)

     

       999
       990
        
           hashie (5.0.0)

     

       1000
       991
        
           health_check (3.1.0)

     

       1001
       992
        
             railties (>= 5.0)

     
···

       1104
       1095
        
           language_server-protocol (3.17.0.3)

     

       1105
       1096
        
           launchy (2.5.2)

     

       1106
       1097
        
             addressable (~> 2.8)

     

       1107
       1107
       -
           lefthook (1.11.13)

     

       1098
       1098
       +
           lefthook (1.11.16)

     

       1108
       1099
        
           letter_opener (1.10.0)

     

       1109
       1100
        
             launchy (>= 2.2, < 4)

     

       1110
       1101
        
           letter_opener_web (3.0.0)

     
···

       1259
       1250
        
             ostruct (>= 0.2)

     

       1260
       1251
        
           oj-introspect (0.8.0)

     

       1261
       1252
        
             oj (>= 3.16.10)

     

       1262
       1262
       -
           omniauth (2.1.2)

     

       1253
       1253
       +
           omniauth (2.1.3)

     

       1263
       1254
        
             hashie (>= 3.4.6)

     

       1264
       1255
        
             rack (>= 2.2.3)

     

       1265
       1256
        
             rack-protection

     
···

       1312
       1303
        
           opensearch-ruby (3.4.0)

     

       1313
       1304
        
             faraday (>= 1.0, < 3)

     

       1314
       1305
        
             multi_json (>= 1.0)

     

       1315
       1315
       -
           openssl (3.2.0)

     

       1306
       1306
       +
           openssl (3.3.0)

     

       1316
       1307
        
           openssl-signature_algorithm (1.3.0)

     

       1317
       1308
        
             openssl (> 2.0)

     

       1318
       1309
        
           opentelemetry-api (1.2.5)

     
···

       1516
       1507
        
           pyu-ruby-sasl (0.0.3.3)

     

       1517
       1508
        
           raabro (1.4.0)

     

       1518
       1509
        
           racc (1.8.1)

     

       1519
       1519
       -
           rack (2.2.13)

     

       1510
       1510
       +
           rack (2.2.17)

     

       1520
       1511
        
           rack-accept (0.4.5)

     

       1521
       1512
        
             rack (>= 0.4)

     

       1522
       1513
        
           rack-attack (6.7.0)

     
···

       1588
       1579
        
             rake-compiler-dock (= 1.9.1)

     

       1589
       1580
        
           rbs (3.6.1)

     

       1590
       1581
        
             logger

     

       1591
       1591
       -
           rbtrace (0.5.1)

     

       1582
       1582
       +
           rbtrace (0.5.2)

     

       1592
       1583
        
             ffi (>= 1.0.6)

     

       1593
       1584
        
             msgpack (>= 0.4.3)

     

       1594
       1585
        
             optimist (>= 3.0.0)

     
···

       1726
       1717
        
           rubocop-rspec_rails (2.30.0)

     

       1727
       1718
        
             rubocop (~> 1.61)

     

       1728
       1719
        
             rubocop-rspec (~> 3, >= 3.0.1)

     

       1729
       1729
       -
           ruby-fogbugz (0.3.0)

     

       1730
       1730
       -
             crack (~> 0.4)

     

       1731
       1731
       -
             multipart-post (~> 2.0)

     

       1732
       1720
        
           ruby-lsp (0.23.20)

     

       1733
       1721
        
             language_server-protocol (~> 3.17.0)

     

       1734
       1722
        
             prism (>= 1.2, < 2.0)

     
···

       1736
       1724
        
             sorbet-runtime (>= 0.5.10782)

     

       1737
       1725
        
           ruby-lsp-rails (0.3.31)

     

       1738
       1726
        
             ruby-lsp (>= 0.23.0, < 0.24.0)

     

       1739
       1739
       -
           ruby-lsp-rspec (0.1.23)

     

       1727
       1727
       +
           ruby-lsp-rspec (0.1.24)

     

       1740
       1728
        
             ruby-lsp (~> 0.23.19)

     

       1741
       1729
        
           ruby-magic (0.6.0)

     

       1742
       1730
        
             mini_portile2 (~> 2.8)

     
···

       1845
       1833
        
             tilt (~> 2.0)

     

       1846
       1834
        
             yard (~> 0.9, >= 0.9.24)

     

       1847
       1835
        
             yard-solargraph (~> 0.1)

     

       1848
       1848
       -
           solargraph-rspec (0.5.1)

     

       1836
       1836
       +
           solargraph-rspec (0.5.2)

     

       1849
       1837
        
             solargraph (~> 0.52, >= 0.52.0)

     

       1850
       1838
        
           sorbet-runtime (0.5.11647)

     

       1851
       1839
        
           spamcheck (1.3.3)

     
···

       1854
       1842
        
           spring-commands-rspec (1.0.4)

     

       1855
       1843
        
             spring (>= 0.9.1)

     

       1856
       1844
        
           sprite-factory (1.7.1)

     

       1857
       1857
       -
           sprockets (3.7.2)

     

       1845
       1845
       +
           sprockets (3.7.5)

     

       1846
       1846
       +
             base64

     

       1858
       1847
        
             concurrent-ruby (~> 1.0)

     

       1859
       1848
        
             rack (> 1, < 3)

     

       1860
       1849
        
           sprockets-rails (3.5.2)

     
···

       1961
       1950
        
           tzinfo (2.0.6)

     

       1962
       1951
        
             concurrent-ruby (~> 1.0)

     

       1963
       1952
        
           uber (0.1.0)

     

       1964
       1964
       -
           undercover (0.6.4)

     

       1953
       1953
       +
           undercover (0.7.0)

     

       1965
       1954
        
             base64

     

       1966
       1955
        
             bigdecimal

     

       1967
       1956
        
             imagen (>= 0.2.0)

     

       1968
       1957
        
             rainbow (>= 2.1, < 4.0)

     

       1969
       1958
        
             rugged (>= 0.27, < 1.10)

     

       1959
       1959
       +
             simplecov

     

       1960
       1960
       +
             simplecov_json_formatter

     

       1970
       1961
        
           unf (0.1.4)

     

       1971
       1962
        
             unf_ext

     

       1972
       1963
        
           unf_ext (0.0.8.2)

     
···

       2084
       2075
        
         benchmark-ips (~> 2.14.0)

     

       2085
       2076
        
         benchmark-memory (~> 0.1)

     

       2086
       2077
        
         better_errors (~> 2.10.1)

     

       2087
       2087
       -
         bootsnap (~> 1.18.3)

     

       2078
       2078
       +
         bootsnap (~> 1.18.6)

     

       2088
       2079
        
         browser (~> 5.3.1)

     

       2089
       2080
        
         bullet (~> 8.0.0)

     

       2090
       2081
        
         bundler-checksum (~> 0.1.0)!

     
···

       2094
       2085
        
         charlock_holmes (~> 0.7.9)

     

       2095
       2086
        
         circuitbox (= 2.0.0)

     

       2096
       2087
        
         click_house-client!

     

       2097
       2097
       -
         cloud_profiler_agent (~> 0.0.0)!

     

       2098
       2088
        
         commonmarker (~> 0.23.10)

     

       2099
       2089
        
         concurrent-ruby (~> 1.1)

     

       2100
       2090
        
         connection_pool (~> 2.5.3)

     
···

       2128
       2118
        
         email_reply_trimmer (~> 0.1)

     

       2129
       2119
        
         email_spec (~> 2.3.0)

     

       2130
       2120
        
         error_tracking_open_api!

     

       2131
       2131
       -
         factory_bot_rails (~> 6.4.3)

     

       2121
       2121
       +
         factory_bot_rails (~> 6.5.0)

     

       2132
       2122
        
         faraday (~> 2)

     

       2133
       2123
        
         faraday-multipart (~> 1.0)

     

       2134
       2124
        
         faraday-retry (~> 2)

     
···

       2154
       2144
        
         gitlab-active-context!

     

       2155
       2145
        
         gitlab-backup-cli!

     

       2156
       2146
        
         gitlab-chronic (~> 0.10.5)

     

       2157
       2157
       -
         gitlab-cloud-connector (~> 1.14)

     

       2147
       2147
       +
         gitlab-cloud-connector (~> 1.21)

     

       2158
       2148
        
         gitlab-crystalball (~> 1.1.0)

     

       2159
       2149
        
         gitlab-dangerfiles (~> 4.9.0)

     

       2160
       2150
        
         gitlab-duo-workflow-service-client (~> 0.2)!

     
···

       2163
       2153
        
         gitlab-glfm-markdown (~> 0.0.31)

     

       2164
       2154
        
         gitlab-housekeeper!

     

       2165
       2155
        
         gitlab-http!

     

       2166
       2166
       -
         gitlab-kas-grpc (~> 17.11.0)

     

       2167
       2167
       -
         gitlab-labkit (~> 0.37.0)

     

       2156
       2156
       +
         gitlab-kas-grpc (~> 18.1.0)

     

       2157
       2157
       +
         gitlab-labkit (~> 0.39.0)

     

       2168
       2158
        
         gitlab-license (~> 2.6)

     

       2169
       2159
        
         gitlab-mail_room (~> 0.0.24)

     

       2170
       2160
        
         gitlab-markup (~> 2.0.0)

     
···

       2175
       2165
        
         gitlab-schema-validation!

     

       2176
       2166
        
         gitlab-sdk (~> 0.3.0)

     

       2177
       2167
        
         gitlab-secret_detection (< 1.0)

     

       2178
       2178
       -
         gitlab-security_report_schemas (= 0.1.2.min15.0.0.max15.2.1)

     

       2168
       2168
       +
         gitlab-security_report_schemas (= 0.1.3.min15.0.0.max15.2.2)

     

       2179
       2169
        
         gitlab-sidekiq-fetcher!

     

       2180
       2170
        
         gitlab-styles (~> 13.1.0)

     

       2181
       2171
        
         gitlab-topology-service-client (~> 0.1)!

     
···

       2215
       2205
        
         guard-rspec

     

       2216
       2206
        
         haml_lint (~> 0.58)

     

       2217
       2207
        
         hamlit (~> 2.15.0)

     

       2208
       2208
       +
         hashdiff (~> 1.2.0)

     

       2218
       2209
        
         hashie (~> 5.0.0)

     

       2219
       2210
        
         health_check (~> 3.0)

     

       2220
       2211
        
         html-pipeline (~> 2.14.3)

     
···

       2354
       2345
        
         rspec_junit_formatter

     

       2355
       2346
        
         rspec_profiling (~> 0.0.9)

     

       2356
       2347
        
         rubocop

     

       2357
       2357
       -
         ruby-fogbugz (~> 0.3.0)

     

       2358
       2348
        
         ruby-lsp (~> 0.23.0)

     

       2359
       2349
        
         ruby-lsp-rails (~> 0.3.6)

     

       2360
       2350
        
         ruby-lsp-rspec (~> 0.1.10)

     
···

       2405
       2395
        
         truncato (~> 0.7.13)

     

       2406
       2396
        
         tty-prompt (~> 0.23)

     

       2407
       2397
        
         typhoeus (~> 1.4.0)

     

       2408
       2408
       -
         undercover (~> 0.6.0)

     

       2398
       2398
       +
         undercover (~> 0.7.0)

     

       2409
       2399
        
         unicode-emoji (~> 4.0)

     

       2410
       2400
        
         unleash (~> 3.2.2)

     

       2411
       2401
        
         uri (= 0.13.2)

+56 -95

pkgs/by-name/gi/gitlab/rubyEnv/gemset.nix

···

       9
       9
        
           platforms = [ ];

     

       10
       10
        
           source = {

     

       11
       11
        
             remotes = [ "https://rubygems.org" ];

     

       12
       12
       -
             sha256 = "0hbn563v0rc85md0fcx3z968dvq7n2ra64wbgyxg09ndjgwl9870";

     

       12
       12
       +
             sha256 = "1xvnj58nln2xa8vlxc1v4zgyda4n387npbcd94z3pjg28fvk8xc1";

     

       13
       13
        
             type = "gem";

     

       14
       14
        
           };

     

       15
       15
       -
           version = "2.0.21";

     

       15
       15
       +
           version = "2.0.22";

     

       16
       16
        
         };

     

       17
       17
        
         actioncable = {

     

       18
       18
        
           dependencies = [

     
···

       557
       557
        
           platforms = [ ];

     

       558
       558
        
           source = {

     

       559
       559
        
             remotes = [ "https://rubygems.org" ];

     

       560
       560
       -
             sha256 = "1bkkx0sz1lkqhzkrpklnalpv2dshvrdi12yq47xmv0nflhgzysmp";

     

       560
       560
       +
             sha256 = "08d3khg5bpi73vmghphr5w4acds2vr8gcdpm93fsaj38wvb960s9";

     

       561
       561
        
             type = "gem";

     

       562
       562
        
           };

     

       563
       563
       -
           version = "1.131.0";

     

       563
       563
       +
           version = "1.133.0";

     

       564
       564
        
         };

     

       565
       565
        
         aws-sdk-core = {

     

       566
       566
        
           dependencies = [

     
···

       925
       925
        
           groups = [ "default" ];

     

       926
       926
        
           platforms = [ ];

     

       927
       927
        
           source = {

     

       928
       928
       -
             path = "${src}/vendor/gems/bundler-checksum";

     

       928
       928
       +
             path = "${src}/gems/bundler-checksum";

     

       929
       929
        
             type = "path";

     

       930
       930
        
           };

     

       931
       931
        
           version = "0.1.0";

     
···

       1145
       1145
        
           };

     

       1146
       1146
        
           version = "0.1.0";

     

       1147
       1147
        
         };

     

       1148
       1148
       -
         cloud_profiler_agent = {

     

       1149
       1149
       -
           dependencies = [

     

       1150
       1150
       -
             "google-cloud-profiler-v2"

     

       1151
       1151
       -
             "google-protobuf"

     

       1152
       1152
       -
             "googleauth"

     

       1153
       1153
       -
             "stackprof"

     

       1154
       1154
       -
           ];

     

       1155
       1155
       -
           groups = [ "default" ];

     

       1156
       1156
       -
           platforms = [ ];

     

       1157
       1157
       -
           source = {

     

       1158
       1158
       -
             path = "${src}/vendor/gems/cloud_profiler_agent";

     

       1159
       1159
       -
             type = "path";

     

       1160
       1160
       -
           };

     

       1161
       1161
       -
           version = "0.0.1.pre";

     

       1162
       1162
       -
         };

     

       1163
       1148
        
         coderay = {

     

       1164
       1149
        
           groups = [

     

       1165
       1150
        
             "default"

     
···

       1232
       1217
        
           platforms = [ ];

     

       1233
       1218
        
           source = {

     

       1234
       1219
        
             remotes = [ "https://rubygems.org" ];

     

       1235
       1235
       -
             sha256 = "1qh1b14jwbbj242klkyz5fc7npd4j0mvndz62gajhvl1l3wd7zc2";

     

       1220
       1220
       +
             sha256 = "1ipbrgvf0pp6zxdk5ascp6i29aybz2bx9wdrlchjmpx6mhvkwfw1";

     

       1236
       1221
        
             type = "gem";

     

       1237
       1222
        
           };

     

       1238
       1238
       -
           version = "1.2.3";

     

       1223
       1223
       +
           version = "1.3.5";

     

       1239
       1224
        
         };

     

       1240
       1225
        
         connection_pool = {

     

       1241
       1226
        
           groups = [

     
···

       1478
       1463
        
           platforms = [ ];

     

       1479
       1464
        
           source = {

     

       1480
       1465
        
             remotes = [ "https://rubygems.org" ];

     

       1481
       1481
       -
             sha256 = "1iz1hv2b1z7509dxvxdwzay1hhs24glxls5ldbyh688zxkcdca1j";

     

       1466
       1466
       +
             sha256 = "1jxzgg3yccp3gjncl5ih0y13dcappmy0y8pq85wgjj0yx5fh0ixy";

     

       1482
       1467
        
             type = "gem";

     

       1483
       1468
        
           };

     

       1484
       1484
       -
           version = "2.2.0";

     

       1469
       1469
       +
           version = "2.2.1";

     

       1485
       1470
        
         };

     

       1486
       1471
        
         database_cleaner-core = {

     

       1487
       1472
        
           groups = [

     
···

       1809
       1794
        
         drb = {

     

       1810
       1795
        
           groups = [

     

       1811
       1796
        
             "default"

     

       1797
       1797
       +
             "development"

     

       1798
       1798
       +
             "monorepo"

     

       1812
       1799
        
             "test"

     

       1813
       1800
        
           ];

     

       1814
       1801
        
           platforms = [ ];

     

       1815
       1802
        
           source = {

     

       1816
       1803
        
             remotes = [ "https://rubygems.org" ];

     

       1817
       1817
       -
             sha256 = "0h5kbj9hvg5hb3c7l425zpds0vb42phvln2knab8nmazg2zp5m79";

     

       1804
       1804
       +
             sha256 = "0wrkl7yiix268s2md1h6wh91311w95ikd8fy8m5gx589npyxc00b";

     

       1818
       1805
        
             type = "gem";

     

       1819
       1806
        
           };

     

       1820
       1820
       -
           version = "2.2.1";

     

       1807
       1807
       +
           version = "2.2.3";

     

       1821
       1808
        
         };

     

       1822
       1809
        
         dry-cli = {

     

       1823
       1810
        
           groups = [ "default" ];

     
···

       2192
       2179
        
           platforms = [ ];

     

       2193
       2180
        
           source = {

     

       2194
       2181
        
             remotes = [ "https://rubygems.org" ];

     

       2195
       2195
       -
             sha256 = "122wkrc3d2q1dlca27794hh3arw0kvrf3rgmvn7hj3y5lb51g7hk";

     

       2182
       2182
       +
             sha256 = "18n06y5ww7d08w296b6fpzx05yywp5r8p88j0k37r994aiin2ysa";

     

       2196
       2183
        
             type = "gem";

     

       2197
       2184
        
           };

     

       2198
       2198
       -
           version = "6.4.4";

     

       2185
       2185
       +
           version = "6.5.0";

     

       2199
       2186
        
         };

     

       2200
       2187
        
         faraday = {

     

       2201
       2188
        
           dependencies = [

     
···

       2250
       2237
        
           platforms = [ ];

     

       2251
       2238
        
           source = {

     

       2252
       2239
        
             remotes = [ "https://rubygems.org" ];

     

       2253
       2253
       -
             sha256 = "0l87r9jg06nsh24gwwd1jdnxb1zq89ffybnxab0dd90nfcf0ysw5";

     

       2240
       2240
       +
             sha256 = "00w9imp55hi81q0wsgwak90ldkk7gbyb8nzmmv8hy0s907s8z8bp";

     

       2254
       2241
        
             type = "gem";

     

       2255
       2242
        
           };

     

       2256
       2256
       -
           version = "1.1.0";

     

       2243
       2243
       +
           version = "1.1.1";

     

       2257
       2244
        
         };

     

       2258
       2245
        
         faraday-net_http = {

     

       2259
       2246
        
           dependencies = [ "net-http" ];

     
···

       2857
       2844
        
           platforms = [ ];

     

       2858
       2845
        
           source = {

     

       2859
       2846
        
             remotes = [ "https://rubygems.org" ];

     

       2860
       2860
       -
             sha256 = "0d5zrz5vgb8zrnri42awqfvcq9kfzlrc032nprknddpb9iagbsmr";

     

       2847
       2847
       +
             sha256 = "02bpl0jz8m7kfa5alkc90cbajkxy5fggva10zh7cgii3y912msqn";

     

       2861
       2848
        
             type = "gem";

     

       2862
       2849
        
           };

     

       2863
       2863
       -
           version = "1.17.0";

     

       2850
       2850
       +
           version = "1.21.0";

     

       2864
       2851
        
         };

     

       2865
       2852
        
         gitlab-crystalball = {

     

       2866
       2853
        
           dependencies = [

     
···

       2874
       2861
        
           platforms = [ ];

     

       2875
       2862
        
           source = {

     

       2876
       2863
        
             remotes = [ "https://rubygems.org" ];

     

       2877
       2877
       -
             sha256 = "1a42qg2m7w0qn7as3zrc4v7lrxig532izi7yb2w8rbcwm114fcdx";

     

       2864
       2864
       +
             sha256 = "1vdqa11dchcmlkph9almmxjq9qsgcfv0n460lyghx7l0n09s2r04";

     

       2878
       2865
        
             type = "gem";

     

       2879
       2866
        
           };

     

       2880
       2880
       -
           version = "1.1.0";

     

       2867
       2867
       +
           version = "1.1.1";

     

       2881
       2868
        
         };

     

       2882
       2869
        
         gitlab-dangerfiles = {

     

       2883
       2870
        
           dependencies = [

     
···

       2994
       2981
        
           platforms = [ ];

     

       2995
       2982
        
           source = {

     

       2996
       2983
        
             remotes = [ "https://rubygems.org" ];

     

       2997
       2997
       -
             sha256 = "0lsz61cr7i3d72i6rxvbfqbq6f5anzbbmhmrmr7mprna4dy93d7q";

     

       2984
       2984
       +
             sha256 = "07d5jav33nvl83s83yd9fg6vv636n65ybni6m6k3yvlfxygpb3wn";

     

       2998
       2985
        
             type = "gem";

     

       2999
       2986
        
           };

     

       3000
       3000
       -
           version = "17.11.3";

     

       2987
       2987
       +
           version = "18.1.0";

     

       3001
       2988
        
         };

     

       3002
       2989
        
         gitlab-labkit = {

     

       3003
       2990
        
           dependencies = [

     

       3004
       2991
        
             "actionpack"

     

       3005
       2992
        
             "activesupport"

     

       2993
       2993
       +
             "google-protobuf"

     

       3006
       2994
        
             "grpc"

     

       3007
       2995
        
             "jaeger-client"

     

       3008
       2996
        
             "opentracing"

     

       3009
       2997
        
             "pg_query"

     

       2998
       2998
       +
             "prometheus-client-mmap"

     

       3010
       2999
        
             "redis"

     

       3011
       3000
        
           ];

     

       3012
       3001
        
           groups = [ "default" ];

     

       3013
       3002
        
           platforms = [ ];

     

       3014
       3003
        
           source = {

     

       3015
       3004
        
             remotes = [ "https://rubygems.org" ];

     

       3016
       3016
       -
             sha256 = "0w7szxnvh9hvxcragnqvn37c6jpm4gf7aadzxslajj91vdh0mpfj";

     

       3005
       3005
       +
             sha256 = "07jpj78nnjmgz9brxxzqbx7l9fajyfq74l4vjavqmnff18vgr0gf";

     

       3017
       3006
        
             type = "gem";

     

       3018
       3007
        
           };

     

       3019
       3019
       -
           version = "0.37.0";

     

       3008
       3008
       +
           version = "0.39.0";

     

       3020
       3009
        
         };

     

       3021
       3010
        
         gitlab-license = {

     

       3022
       3011
        
           groups = [ "default" ];

     
···

       3156
       3145
        
           platforms = [ ];

     

       3157
       3146
        
           source = {

     

       3158
       3147
        
             remotes = [ "https://rubygems.org" ];

     

       3159
       3159
       -
             sha256 = "0b4908vic675qq1mh1i45vh5z9vdg1ynanxdbdzaazxvjkakdwzd";

     

       3148
       3148
       +
             sha256 = "14ds4l7802ypxx56pid7xlhnlbk5ir9zc8adfm96yy9k2sgfmdnf";

     

       3160
       3149
        
             type = "gem";

     

       3161
       3150
        
           };

     

       3162
       3162
       -
           version = "0.29.1";

     

       3151
       3151
       +
           version = "0.33.0";

     

       3163
       3152
        
         };

     

       3164
       3153
        
         gitlab-security_report_schemas = {

     

       3165
       3154
        
           dependencies = [

     

       3166
       3155
        
             "activesupport"

     

       3167
       3156
        
             "json_schemer"

     

       3157
       3157
       +
             "mutex_m"

     

       3168
       3158
        
           ];

     

       3169
       3159
        
           groups = [ "default" ];

     

       3170
       3160
        
           platforms = [ ];

     

       3171
       3161
        
           source = {

     

       3172
       3162
        
             remotes = [ "https://rubygems.org" ];

     

       3173
       3173
       -
             sha256 = "1bl0qrmb6xci719zxnaizja2pf0wabzi91b49y0immf9gr43f01h";

     

       3163
       3163
       +
             sha256 = "0v4sfh2497g5w5hhf89wjgvjbasa13hfgm0r05myzd5hbv7v2h3f";

     

       3174
       3164
        
             type = "gem";

     

       3175
       3165
        
           };

     

       3176
       3176
       -
           version = "0.1.2.min15.0.0.max15.2.1";

     

       3166
       3166
       +
           version = "0.1.3.min15.0.0.max15.2.2";

     

       3177
       3167
        
         };

     

       3178
       3168
        
         gitlab-sidekiq-fetcher = {

     

       3179
       3169
        
           dependencies = [

     
···

       3589
       3579
        
           };

     

       3590
       3580
        
           version = "0.6.0";

     

       3591
       3581
        
         };

     

       3592
       3592
       -
         google-cloud-profiler-v2 = {

     

       3593
       3593
       -
           dependencies = [

     

       3594
       3594
       -
             "gapic-common"

     

       3595
       3595
       -
             "google-cloud-errors"

     

       3596
       3596
       -
           ];

     

       3597
       3597
       -
           groups = [ "default" ];

     

       3598
       3598
       -
           platforms = [ ];

     

       3599
       3599
       -
           source = {

     

       3600
       3600
       -
             remotes = [ "https://rubygems.org" ];

     

       3601
       3601
       -
             sha256 = "1qyknlvwji7vqhani490cacsrzlqfza10hv47him93yhfnqjmz2k";

     

       3602
       3602
       -
             type = "gem";

     

       3603
       3603
       -
           };

     

       3604
       3604
       -
           version = "0.4.0";

     

       3605
       3605
       -
         };

     

       3606
       3582
        
         google-cloud-storage = {

     

       3607
       3583
        
           dependencies = [

     

       3608
       3584
        
             "addressable"

     
···

       4050
       4026
        
           platforms = [ ];

     

       4051
       4027
        
           source = {

     

       4052
       4028
        
             remotes = [ "https://rubygems.org" ];

     

       4053
       4053
       -
             sha256 = "1jf9dxgjz6z7fvymyz2acyvn9iyvwkn6d9sk7y4fxwbmfc75yimm";

     

       4029
       4029
       +
             sha256 = "1da0w5v7ppxrgvh58bafjklzv73nknyq73if6d9rkz2v24zg3169";

     

       4054
       4030
        
             type = "gem";

     

       4055
       4031
        
           };

     

       4056
       4056
       -
           version = "1.1.0";

     

       4032
       4032
       +
           version = "1.2.0";

     

       4057
       4033
        
         };

     

       4058
       4034
        
         hashie = {

     

       4059
       4035
        
           groups = [ "default" ];

     
···

       4697
       4673
        
           platforms = [ ];

     

       4698
       4674
        
           source = {

     

       4699
       4675
        
             remotes = [ "https://rubygems.org" ];

     

       4700
       4700
       -
             sha256 = "18msiw0b3krm9krxrahiladblh6pjpj395wcjjw2fvsimwyy7vk4";

     

       4676
       4676
       +
             sha256 = "11g6iqlsck4ypjfg1b7pkcisy5qbm774rwbwdz2rka5lcccky9qs";

     

       4701
       4677
        
             type = "gem";

     

       4702
       4678
        
           };

     

       4703
       4703
       -
           version = "1.11.13";

     

       4679
       4679
       +
           version = "1.11.16";

     

       4704
       4680
        
         };

     

       4705
       4681
        
         letter_opener = {

     

       4706
       4682
        
           dependencies = [ "launchy" ];

     
···

       5672
       5648
        
           platforms = [ ];

     

       5673
       5649
        
           source = {

     

       5674
       5650
        
             remotes = [ "https://rubygems.org" ];

     

       5675
       5675
       -
             sha256 = "1km0wqx9pj609jidvrqfsvzbzfgdnlpdnv7i7xfqm3wb55vk5w6y";

     

       5651
       5651
       +
             sha256 = "1hjnb5b5m549irs0h1455ipzsv82pikdagx9wjb6r4j1bkjy494d";

     

       5676
       5652
        
             type = "gem";

     

       5677
       5653
        
           };

     

       5678
       5678
       -
           version = "2.1.2";

     

       5654
       5654
       +
           version = "2.1.3";

     

       5679
       5655
        
         };

     

       5680
       5656
        
         omniauth-alicloud = {

     

       5681
       5657
        
           dependencies = [ "omniauth-oauth2" ];

     
···

       5920
       5896
        
           platforms = [ ];

     

       5921
       5897
        
           source = {

     

       5922
       5898
        
             remotes = [ "https://rubygems.org" ];

     

       5923
       5923
       -
             sha256 = "054d6ybgjdzxw567m7rbnd46yp6gkdbc5ihr536vxd3p15vbhjrw";

     

       5899
       5899
       +
             sha256 = "0ygfbbs3c61d32ymja2k6sznj5pr540cip9z91lhzcvsr4zmffpz";

     

       5924
       5900
        
             type = "gem";

     

       5925
       5901
        
           };

     

       5926
       5926
       -
           version = "3.2.0";

     

       5902
       5902
       +
           version = "3.3.0";

     

       5927
       5903
        
         };

     

       5928
       5904
        
         openssl-signature_algorithm = {

     

       5929
       5905
        
           dependencies = [ "openssl" ];

     
···

       6960
       6936
        
           platforms = [ ];

     

       6961
       6937
        
           source = {

     

       6962
       6938
        
             remotes = [ "https://rubygems.org" ];

     

       6963
       6963
       -
             sha256 = "1yzhcwvfkrlb8l79w24yjclv636jn6rnznp95shmssk934bi1vnc";

     

       6939
       6939
       +
             sha256 = "1pcr8sn02lwzv3z6vx5n41b6ybcnw9g9h05s3lkv4vqdm0f2mq2z";

     

       6964
       6940
        
             type = "gem";

     

       6965
       6941
        
           };

     

       6966
       6966
       -
           version = "2.2.13";

     

       6942
       6942
       +
           version = "2.2.17";

     

       6967
       6943
        
         };

     

       6968
       6944
        
         rack-accept = {

     

       6969
       6945
        
           dependencies = [ "rack" ];

     
···

       7314
       7290
        
           platforms = [ ];

     

       7315
       7291
        
           source = {

     

       7316
       7292
        
             remotes = [ "https://rubygems.org" ];

     

       7317
       7317
       -
             sha256 = "1p65p6f917al0f07sn5ca9yj92f7mk52xgnp0ahqpyrb8r6sdjz8";

     

       7293
       7293
       +
             sha256 = "158qydqnrn1r0gm806j0bn439y0dyzdpscwi1sm3ldl1mcid5mx2";

     

       7318
       7294
        
             type = "gem";

     

       7319
       7295
        
           };

     

       7320
       7320
       -
           version = "0.5.1";

     

       7296
       7296
       +
           version = "0.5.2";

     

       7321
       7297
        
         };

     

       7322
       7298
        
         rchardet = {

     

       7323
       7299
        
           groups = [

     
···

       8063
       8039
        
           };

     

       8064
       8040
        
           version = "2.30.0";

     

       8065
       8041
        
         };

     

       8066
       8066
       -
         ruby-fogbugz = {

     

       8067
       8067
       -
           dependencies = [

     

       8068
       8068
       -
             "crack"

     

       8069
       8069
       -
             "multipart-post"

     

       8070
       8070
       -
           ];

     

       8071
       8071
       -
           groups = [ "default" ];

     

       8072
       8072
       -
           platforms = [ ];

     

       8073
       8073
       -
           source = {

     

       8074
       8074
       -
             remotes = [ "https://rubygems.org" ];

     

       8075
       8075
       -
             sha256 = "0mznsnhsgh1yg57j5gighr9vjricnix1l7ngf654k3v4fkjcs12y";

     

       8076
       8076
       -
             type = "gem";

     

       8077
       8077
       -
           };

     

       8078
       8078
       -
           version = "0.3.0";

     

       8079
       8079
       -
         };

     

       8080
       8042
        
         ruby-lsp = {

     

       8081
       8043
        
           dependencies = [

     

       8082
       8044
        
             "language_server-protocol"

     
···

       8110
       8072
        
           platforms = [ ];

     

       8111
       8073
        
           source = {

     

       8112
       8074
        
             remotes = [ "https://rubygems.org" ];

     

       8113
       8113
       -
             sha256 = "1lv886262vzmjpgcd0759zn86yaidjn1wznnscn75saj4d81bafj";

     

       8075
       8075
       +
             sha256 = "08m2fw4f784lkbyz5rbzdhj57p0x2pfygk66ls0qsn5avnv7izs1";

     

       8114
       8076
        
             type = "gem";

     

       8115
       8077
        
           };

     

       8116
       8116
       -
           version = "0.1.23";

     

       8078
       8078
       +
           version = "0.1.24";

     

       8117
       8079
        
         };

     

       8118
       8080
        
         ruby-magic = {

     

       8119
       8081
        
           dependencies = [ "mini_portile2" ];

     
···

       8704
       8666
        
           platforms = [ ];

     

       8705
       8667
        
           source = {

     

       8706
       8668
        
             remotes = [ "https://rubygems.org" ];

     

       8707
       8707
       -
             sha256 = "1kpsdfkj6yvd5ndhj5vbll4591lwg4gjrf5c61ffj8vvy4j93z0d";

     

       8669
       8669
       +
             sha256 = "1wxzz7580h6k2sghj9p1ss33i6nlmpmwqawi6ilr87si233rwgxc";

     

       8708
       8670
        
             type = "gem";

     

       8709
       8671
        
           };

     

       8710
       8710
       -
           version = "0.5.1";

     

       8672
       8672
       +
           version = "0.5.2";

     

       8711
       8673
        
         };

     

       8712
       8674
        
         sorbet-runtime = {

     

       8713
       8675
        
           groups = [

     
···

       8772
       8734
        
         };

     

       8773
       8735
        
         sprockets = {

     

       8774
       8736
        
           dependencies = [

     

       8737
       8737
       +
             "base64"

     

       8775
       8738
        
             "concurrent-ruby"

     

       8776
       8739
        
             "rack"

     

       8777
       8740
        
           ];

     

       8778
       8778
       -
           groups = [

     

       8779
       8779
       -
             "default"

     

       8780
       8780
       -
             "development"

     

       8781
       8781
       -
             "test"

     

       8782
       8782
       -
           ];

     

       8741
       8741
       +
           groups = [ "default" ];

     

       8783
       8742
        
           platforms = [ ];

     

       8784
       8743
        
           source = {

     

       8785
       8744
        
             remotes = [ "https://rubygems.org" ];

     

       8786
       8786
       -
             sha256 = "182jw5a0fbqah5w9jancvfmjbk88h8bxdbwnl4d3q809rpxdg8ay";

     

       8745
       8745
       +
             sha256 = "10ykzsa76cf8kvbfkszlvbyn4ckcx1mxjhfvwxzs7y28cljhzhkj";

     

       8787
       8746
        
             type = "gem";

     

       8788
       8747
        
           };

     

       8789
       8789
       -
           version = "3.7.2";

     

       8748
       8748
       +
           version = "3.7.5";

     

       8790
       8749
        
         };

     

       8791
       8750
        
         sprockets-rails = {

     

       8792
       8751
        
           dependencies = [

     
···

       9475
       9434
        
             "imagen"

     

       9476
       9435
        
             "rainbow"

     

       9477
       9436
        
             "rugged"

     

       9437
       9437
       +
             "simplecov"

     

       9438
       9438
       +
             "simplecov_json_formatter"

     

       9478
       9439
        
           ];

     

       9479
       9440
        
           groups = [

     

       9480
       9441
        
             "coverage"

     
···

       9484
       9445
        
           platforms = [ ];

     

       9485
       9446
        
           source = {

     

       9486
       9447
        
             remotes = [ "https://rubygems.org" ];

     

       9487
       9487
       -
             sha256 = "06pc56qly4c8ygwg9hyay1vmxq75clm62ljw0s9ljamm57qzqd1w";

     

       9448
       9448
       +
             sha256 = "0kd7rk9qf9gx53i8jrkc1fjl2bjjxyw9cd1i784ipnfl3dc0da8s";

     

       9488
       9449
        
             type = "gem";

     

       9489
       9450
        
           };

     

       9490
       9490
       -
           version = "0.6.4";

     

       9451
       9451
       +
           version = "0.7.0";

     

       9491
       9452
        
         };

     

       9492
       9453
        
         unf = {

     

       9493
       9454
        
           dependencies = [ "unf_ext" ];

+5 -5

pkgs/by-name/go/google-chrome/package.nix

···

       171
       171
        
       

     

       172
       172
        
         linux = stdenvNoCC.mkDerivation (finalAttrs: {

     

       173
       173
        
           inherit pname meta passthru;

     

       174
       174
       -
           version = "138.0.7204.100";

     

       174
       174
       +
           version = "138.0.7204.157";

     

       175
       175
        
       

     

       176
       176
        
           src = fetchurl {

     

       177
       177
        
             url = "https://dl.google.com/linux/chrome/deb/pool/main/g/google-chrome-stable/google-chrome-stable_${finalAttrs.version}-1_amd64.deb";

     

       178
       178
       -
             hash = "sha256-H22aDTMvbUsbBWasGjCP1dUKmYzD9/6TIzfBpahAnA8=";

     

       178
       178
       +
             hash = "sha256-QmWevU4cYmUc6lUbFG4bQ1aKFuUyIUorJjMMF14bzZ4=";

     

       179
       179
        
           };

     

       180
       180
        
       

     

       181
       181
        
           # With strictDeps on, some shebangs were not being patched correctly

     
···

       276
       276
        
       

     

       277
       277
        
         darwin = stdenvNoCC.mkDerivation (finalAttrs: {

     

       278
       278
        
           inherit pname meta passthru;

     

       279
       279
       -
           version = "138.0.7204.101";

     

       279
       279
       +
           version = "138.0.7204.158";

     

       280
       280
        
       

     

       281
       281
        
           src = fetchurl {

     

       282
       282
       -
             url = "http://dl.google.com/release2/chrome/h7v73czgelyzwk2xfcs2gkpkwm_138.0.7204.101/GoogleChrome-138.0.7204.101.dmg";

     

       283
       283
       -
             hash = "sha256-gG20H5QsVmnfRi+Zo+OiLTLlPP2cLp6W+JaJoRE0QtI=";

     

       282
       282
       +
             url = "http://dl.google.com/release2/chrome/adskeulizkrq3h2yvus65pybna6a_138.0.7204.158/GoogleChrome-138.0.7204.158.dmg";

     

       283
       283
       +
             hash = "sha256-D7Iik+R9PIfvL1QEASfip5M2pE+nco90dKet4Fehq/8=";

     

       284
       284
        
           };

     

       285
       285
        
       

     

       286
       286
        
           dontPatch = true;

+7 -35

pkgs/by-name/ha/haxor-news/package.nix

···

       2
       2
        
         lib,

     

       3
       3
        
         fetchFromGitHub,

     

       4
       4
        
         fetchPypi,

     

       5
       5
       -
         python3,

     

       5
       5
       +
         python3Packages,

     

       6
       6
        
       }:

     

       7
       7
        
       

     

       8
       8
       -
       let

     

       9
       9
       -
         py = python3.override {

     

       10
       10
       -
           self = py;

     

       11
       11
       -
           packageOverrides = self: super: {

     

       12
       12
       -
             # not compatible with prompt_toolkit >=2.0

     

       13
       13
       -
             prompt-toolkit = super.prompt-toolkit.overridePythonAttrs (oldAttrs: rec {

     

       14
       14
       -
               name = "${oldAttrs.pname}-${version}";

     

       15
       15
       -
               version = "1.0.18";

     

       16
       16
       -
               src = oldAttrs.src.override {

     

       17
       17
       -
                 inherit version;

     

       18
       18
       -
                 hash = "sha256-3U/KAsgGlJetkxotCZFMaw0bUBUc6Ha8Fb3kx0cJASY=";

     

       19
       19
       -
               };

     

       20
       20
       -
             });

     

       21
       21
       -
             # Use click 7

     

       22
       22
       -
             click = super.click.overridePythonAttrs (old: rec {

     

       23
       23
       -
               version = "7.1.2";

     

       24
       24
       -
               src = fetchPypi {

     

       25
       25
       -
                 pname = "click";

     

       26
       26
       -
                 inherit version;

     

       27
       27
       -
                 hash = "sha256-0rUlXHxjSbwb0eWeCM0SrLvWPOZJ8liHVXg6qU37axo=";

     

       28
       28
       -
               };

     

       29
       29
       -
               disabledTests = [ "test_bytes_args" ];

     

       30
       30
       -
             });

     

       31
       31
       -
           };

     

       32
       32
       -
         };

     

       33
       33
       -
       in

     

       34
       34
       -
       with py.pkgs;

     

       35
       35
       -
       

     

       36
       36
       -
       buildPythonApplication rec {

     

       8
       8
       +
       python3Packages.buildPythonApplication rec {

     

       37
       9
        
         pname = "haxor-news";

     

       38
       38
       -
         version = "unstable-2020-10-20";

     

       10
       10
       +
         version = "unstable-2022-04-22";

     

       39
       11
        
         format = "setuptools";

     

       40
       12
        
       

     

       41
       13
        
         # haven't done a stable release in 3+ years, but actively developed

     

       42
       14
        
         src = fetchFromGitHub {

     

       43
       15
        
           owner = "donnemartin";

     

       44
       16
        
           repo = "haxor-news";

     

       45
       45
       -
           rev = "811a5804c09406465b2b02eab638c08bf5c4fa7f";

     

       46
       46
       -
           hash = "sha256-5v61b49ttwqPOvtoykJBBzwVSi7S8ARlakccMr12bbw=";

     

       17
       17
       +
           rev = "8294e4498858f036a344b06e82f08b834c2a8270";

     

       18
       18
       +
           hash = "sha256-0eVk5zj7F3QDFvV0Kv9aeV1oeKxr/Kza6M3pK6hyYuY=";

     

       47
       19
        
         };

     

       48
       20
        
       

     

       49
       49
       -
         propagatedBuildInputs = [

     

       21
       21
       +
         propagatedBuildInputs = with python3Packages; [

     

       50
       22
        
           click

     

       51
       23
        
           colorama

     

       52
       24
        
           requests

     
···

       58
       30
        
         # will fail without pre-seeded config files

     

       59
       31
        
         doCheck = false;

     

       60
       32
        
       

     

       61
       61
       -
         nativeCheckInputs = [

     

       33
       33
       +
         nativeCheckInputs = with python3Packages; [

     

       62
       34
        
           unittestCheckHook

     

       63
       35
        
           mock

     

       64
       36
        
         ];

+69

pkgs/by-name/ho/homebridge-config-ui-x/package.nix

···

       1
       1
       +
       {

     

       2
       2
       +
         lib,

     

       3
       3
       +
         stdenv,

     

       4
       4
       +
         buildNpmPackage,

     

       5
       5
       +
         fetchFromGitHub,

     

       6
       6
       +
         fetchNpmDeps,

     

       7
       7
       +
         npmHooks,

     

       8
       8
       +
         python3,

     

       9
       9
       +
         cacert,

     

       10
       10
       +
       }:

     

       11
       11
       +
       

     

       12
       12
       +
       buildNpmPackage (finalAttrs: {

     

       13
       13
       +
         pname = "homebridge-config-ui-x";

     

       14
       14
       +
         version = "5.1.0";

     

       15
       15
       +
       

     

       16
       16
       +
         src = fetchFromGitHub {

     

       17
       17
       +
           owner = "homebridge";

     

       18
       18
       +
           repo = "homebridge-config-ui-x";

     

       19
       19
       +
           tag = "v${finalAttrs.version}";

     

       20
       20
       +
           hash = "sha256-asyNIiNv0bGD6fT4VTSp1W6f3dudkdZsVOc3KKOi4OY=";

     

       21
       21
       +
         };

     

       22
       22
       +
       

     

       23
       23
       +
         # Deps hash for the root package

     

       24
       24
       +
         npmDepsHash = "sha256-XkdpR8yDNuP+681JIsKwHnY/Us83JGaAXJNBnGIU2UI=";

     

       25
       25
       +
       

     

       26
       26
       +
         # Deps src and hash for ui subdirectory

     

       27
       27
       +
         npmDeps_ui = fetchNpmDeps {

     

       28
       28
       +
           name = "npm-deps-ui";

     

       29
       29
       +
           src = "${finalAttrs.src}/ui";

     

       30
       30
       +
           hash = "sha256-vwJcls72nzbbtC4YXasgGWtgIVV4AMuNwIkEJuubP2Q=";

     

       31
       31
       +
         };

     

       32
       32
       +
       

     

       33
       33
       +
         # Need to also run npm ci in the ui subdirectory

     

       34
       34
       +
         preBuild = ''

     

       35
       35
       +
           # Tricky way to run npmConfigHook multiple times

     

       36
       36
       +
           (

     

       37
       37
       +
             source ${npmHooks.npmConfigHook}/nix-support/setup-hook

     

       38
       38
       +
             npmRoot=ui npmDeps=${finalAttrs.npmDeps_ui} makeCacheWritable= npmConfigHook

     

       39
       39
       +
           )

     

       40
       40
       +
           # Required to prevent "ng build" from failing due to

     

       41
       41
       +
           # prompting user for autocompletion

     

       42
       42
       +
           export CI=true

     

       43
       43
       +
         '';

     

       44
       44
       +
       

     

       45
       45
       +
         # On darwin, the build failed because openpty() is not declared

     

       46
       46
       +
         # Uses the prebuild version of @homebridge/node-pty-prebuilt-multiarch instead

     

       47
       47
       +
         # Remove this (and the makeCacheWritable in preBuild), once we fix

     

       48
       48
       +
         # compiling node-pty on darwin

     

       49
       49
       +
         makeCacheWritable = stdenv.hostPlatform.isDarwin;

     

       50
       50
       +
       

     

       51
       51
       +
         nativeBuildInputs = [

     

       52
       52
       +
           python3

     

       53
       53
       +
         ] ++ lib.optionals stdenv.hostPlatform.isDarwin [ cacert ];

     

       54
       54
       +
       

     

       55
       55
       +
         meta = {

     

       56
       56
       +
           description = "Configure Homebridge, monitor and backup from a browser";

     

       57
       57
       +
           homepage = "https://github.com/homebridge/homebridge-config-ui-x";

     

       58
       58
       +
           license = lib.licenses.mit;

     

       59
       59
       +
           mainProgram = "homebridge-config-ui-x";

     

       60
       60
       +
           platforms = lib.platforms.linux ++ lib.platforms.darwin;

     

       61
       61
       +
           maintainers = with lib.maintainers; [ fmoda3 ];

     

       62
       62
       +
           # Works on darwin when not in sandbox because it downloads a prebuilt binary

     

       63
       63
       +
           # for node-pty at build time, which does not work in sandbox.

     

       64
       64
       +
           # Need to figure out why this error occurs:

     

       65
       65
       +
           # ../src/unix/pty.cc:478:13: error: use of undeclared identifier 'openpty'

     

       66
       66
       +
           # int ret = openpty(&master, &slave, nullptr, NULL, static_cast<winsize*>(&winp));

     

       67
       67
       +
           broken = stdenv.hostPlatform.isDarwin;

     

       68
       68
       +
         };

     

       69
       69
       +
       })

+37

pkgs/by-name/ho/homebridge/package.nix

···

       1
       1
       +
       {

     

       2
       2
       +
         lib,

     

       3
       3
       +
         buildNpmPackage,

     

       4
       4
       +
         fetchFromGitHub,

     

       5
       5
       +
         jq,

     

       6
       6
       +
       }:

     

       7
       7
       +
       

     

       8
       8
       +
       buildNpmPackage (finalAttrs: {

     

       9
       9
       +
         pname = "homebridge";

     

       10
       10
       +
         version = "1.11.0";

     

       11
       11
       +
       

     

       12
       12
       +
         src = fetchFromGitHub {

     

       13
       13
       +
           owner = "homebridge";

     

       14
       14
       +
           repo = "homebridge";

     

       15
       15
       +
           tag = "v${finalAttrs.version}";

     

       16
       16
       +
           hash = "sha256-95wd3pVumz/KGZNjOHrSOUtI4vipeHRWK7D8e9Nzpyo=";

     

       17
       17
       +
         };

     

       18
       18
       +
       

     

       19
       19
       +
         npmDepsHash = "sha256-fcahrKJXvEMosLbcZY6x/hklmAy4Dyf65xNfFPa4OpU=";

     

       20
       20
       +
       

     

       21
       21
       +
         # Homebridge's clean phase attempts to install rimraf directly, which fails in nix builds

     

       22
       22
       +
         # rimraf is already in the declared dependencies, so we just don't need to do it.

     

       23
       23
       +
         # This will replace "npm install rimraf && rimraf lib/" with "rimraf lib/".

     

       24
       24
       +
         preBuild = ''

     

       25
       25
       +
           cat package.json | ${jq}/bin/jq '.scripts.clean = "rimraf lib/"' > package.json.tmp

     

       26
       26
       +
           mv package.json.tmp package.json

     

       27
       27
       +
         '';

     

       28
       28
       +
       

     

       29
       29
       +
         meta = {

     

       30
       30
       +
           description = "Lightweight emulator of iOS HomeKit API";

     

       31
       31
       +
           homepage = "https://github.com/homebridge/homebridge";

     

       32
       32
       +
           license = lib.licenses.asl20;

     

       33
       33
       +
           mainProgram = "homebridge";

     

       34
       34
       +
           platforms = lib.platforms.linux ++ lib.platforms.darwin;

     

       35
       35
       +
           maintainers = with lib.maintainers; [ fmoda3 ];

     

       36
       36
       +
         };

     

       37
       37
       +
       })

+4 -2

pkgs/by-name/ht/httptoolkit/package.nix

···

       6
       6
        
         makeWrapper,

     

       7
       7
        
         makeDesktopItem,

     

       8
       8
        
         copyDesktopItems,

     

       9
       9
       -
         electron,

     

       9
       9
       +
         electron_35,

     

       10
       10
        
         httptoolkit-server,

     

       11
       11
        
       }:

     

       12
       12
       -
       

     

       12
       12
       +
       let

     

       13
       13
       +
         electron = electron_35;

     

       14
       14
       +
       in

     

       13
       15
        
       buildNpmPackage rec {

     

       14
       16
        
         pname = "httptoolkit";

     

       15
       17
        
         version = "1.20.1";

+2 -2

pkgs/by-name/ic/icloudpd/package.nix

···

       9
       9
        
       

     

       10
       10
        
       python3Packages.buildPythonApplication rec {

     

       11
       11
        
         pname = "icloudpd";

     

       12
       12
       -
         version = "1.28.2";

     

       12
       12
       +
         version = "1.29.2";

     

       13
       13
        
         pyproject = true;

     

       14
       14
        
       

     

       15
       15
        
         src = fetchFromGitHub {

     

       16
       16
        
           owner = "icloud-photos-downloader";

     

       17
       17
        
           repo = "icloud_photos_downloader";

     

       18
       18
        
           tag = "v${version}";

     

       19
       19
       -
           hash = "sha256-5zuV32AOorkRqt3wiUt2ndo+4j1FQ9JBSc8wY+v01OA=";

     

       19
       19
       +
           hash = "sha256-V6y/JRRfvxfQE5+ZuM8N/jciWxRr9HI6PGjnzyJ2aP8=";

     

       20
       20
        
         };

     

       21
       21
        
       

     

       22
       22
        
         pythonRelaxDeps = true;

+3 -3

pkgs/by-name/jj/jjui/package.nix

···

       7
       7
        
       }:

     

       8
       8
        
       buildGoModule (finalAttrs: {

     

       9
       9
        
         pname = "jjui";

     

       10
       10
       -
         version = "0.8.12";

     

       10
       10
       +
         version = "0.9.0";

     

       11
       11
        
       

     

       12
       12
        
         src = fetchFromGitHub {

     

       13
       13
        
           owner = "idursun";

     

       14
       14
        
           repo = "jjui";

     

       15
       15
        
           tag = "v${finalAttrs.version}";

     

       16
       16
       -
           hash = "sha256-KqW5XwQxKF11qWXpqhcREVZHSVqPNnJCceaW0uvgpFg=";

     

       16
       16
       +
           hash = "sha256-FTFryzlU7PsrU2SkOdxYLunVrRKUauAwmzIkJe3xKlk=";

     

       17
       17
        
         };

     

       18
       18
        
       

     

       19
       19
       -
         vendorHash = "sha256-2nUU5rrVWBk+9ljC+OiAVLcRnWghPPfpvq5yoNSRdVk=";

     

       19
       19
       +
         vendorHash = "sha256-oswFlMuoaTHfgpr2+o8EX80hl82H9JewPFk3khm8Il4=";

     

       20
       20
        
       

     

       21
       21
        
         ldflags = [ "-X main.Version=${finalAttrs.version}" ];

     

       22
       22

+2 -2

pkgs/by-name/ke/kew/package.nix

···

       33
       33
        
       

     

       34
       34
        
       stdenv.mkDerivation (finalAttrs: {

     

       35
       35
        
         pname = "kew";

     

       36
       36
       -
         version = "3.3.3";

     

       36
       36
       +
         version = "3.4.0";

     

       37
       37
        
       

     

       38
       38
        
         src = fetchFromGitHub {

     

       39
       39
        
           owner = "ravachol";

     

       40
       40
        
           repo = "kew";

     

       41
       41
        
           tag = "v${finalAttrs.version}";

     

       42
       42
       -
           hash = "sha256-1PUvUFlRhGrZLjLwQrNb0kE695m5poSqrAIOBAnm3xk=";

     

       42
       42
       +
           hash = "sha256-dKjAv93NgP0iB5VMWWisvISXQOmx3lyUXG2zKCz2+Bc=";

     

       43
       43
        
         };

     

       44
       44
        
       

     

       45
       45
        
         postPatch = ''

+6 -7

pkgs/by-name/ke/keycloak/package.nix

···

       1
       1
        
       {

     

       2
       2
       -
         stdenv,

     

       3
       2
        
         lib,

     

       3
       3
       +
         stdenv,

     

       4
       4
        
         fetchzip,

     

       5
       5
       -
         makeWrapper,

     

       5
       5
       +
         makeBinaryWrapper,

     

       6
       6
        
         jre_headless,

     

       7
       7
        
         nixosTests,

     

       8
       8
        
         callPackage,

     
···

       22
       22
        
           ) "--features-disabled=${lib.concatStringsSep "," disabledFeatures}"}

     

       23
       23
        
         '';

     

       24
       24
        
       in

     

       25
       25
       -
       stdenv.mkDerivation rec {

     

       25
       25
       +
       stdenv.mkDerivation (finalAttrs: {

     

       26
       26
        
         pname = "keycloak";

     

       27
       27
        
         version = "26.3.1";

     

       28
       28
        
       

     

       29
       29
        
         src = fetchzip {

     

       30
       30
       -
           url = "https://github.com/keycloak/keycloak/releases/download/${version}/keycloak-${version}.zip";

     

       30
       30
       +
           url = "https://github.com/keycloak/keycloak/releases/download/${finalAttrs.version}/keycloak-${finalAttrs.version}.zip";

     

       31
       31
        
           hash = "sha256-M3YbS/aK9y4N2kZrm1wNT1ZaWAaUwaRn9QQ8fMdOV5g=";

     

       32
       32
        
         };

     

       33
       33
        
       

     

       34
       34
        
         nativeBuildInputs = [

     

       35
       35
       -
           makeWrapper

     

       35
       35
       +
           makeBinaryWrapper

     

       36
       36
        
           jre_headless

     

       37
       37
        
         ];

     

       38
       38
        
       

     
···

       104
       104
        
             leona

     

       105
       105
        
           ];

     

       106
       106
        
         };

     

       107
       107
       -
       

     

       108
       108
       -
       }

     

       107
       107
       +
       })

+3 -3

pkgs/by-name/la/lash/package.nix

···

       12
       12
        
         readline,

     

       13
       13
        
       }:

     

       14
       14
        
       

     

       15
       15
       -
       assert libuuid != null;

     

       16
       16
       -
       

     

       17
       15
        
       stdenv.mkDerivation rec {

     

       18
       16
        
         pname = "lash";

     

       19
       17
        
         version = "0.5.4";

     
···

       40
       38
        
           libxml2

     

       41
       39
        
           readline

     

       42
       40
        
         ];

     

       43
       43
       -
         propagatedBuildInputs = [ libuuid ];

     

       41
       41
       +
         propagatedBuildInputs =

     

       42
       42
       +
           assert libuuid != null;

     

       43
       43
       +
           [ libuuid ];

     

       44
       44
        
         NIX_LDFLAGS = "-lm -lpthread -luuid";

     

       45
       45
        
       

     

       46
       46
        
         postInstall = ''

+6 -6

pkgs/by-name/li/libpff/package.nix

···

       6
       6
        
         autoreconfHook,

     

       7
       7
        
       }:

     

       8
       8
        
       

     

       9
       9
       -
       stdenv.mkDerivation rec {

     

       9
       9
       +
       stdenv.mkDerivation (finalAttrs: {

     

       10
       10
        
         pname = "libpff";

     

       11
       11
       -
         version = "20211114";

     

       11
       11
       +
         version = "20231205";

     

       12
       12
        
       

     

       13
       13
        
         src = fetchzip {

     

       14
       14
       -
           url = "https://github.com/libyal/libpff/releases/download/${version}/libpff-alpha-${version}.tar.gz";

     

       15
       15
       -
           sha256 = "sha256-UmGRBgi78nDSuuOXi/WmODojWU5AbQGKNQwLseoh714=";

     

       14
       14
       +
           url = "https://github.com/libyal/libpff/releases/download/${finalAttrs.version}/libpff-alpha-${finalAttrs.version}.tar.gz";

     

       15
       15
       +
           hash = "sha256-VrdfZRC2iwTfv3YrObQvIH9QZPTi9pUQoAyUcBVJyes=";

     

       16
       16
        
         };

     

       17
       17
        
       

     

       18
       18
        
         nativeBuildInputs = [

     
···

       29
       29
        
           description = "Library and tools to access the Personal Folder File (PFF) and the Offline Folder File (OFF) format";

     

       30
       30
        
           homepage = "https://github.com/libyal/libpff";

     

       31
       31
        
           downloadPage = "https://github.com/libyal/libpff/releases";

     

       32
       32
       -
           changelog = "https://github.com/libyal/libpff/blob/${version}/ChangeLog";

     

       32
       32
       +
           changelog = "https://github.com/libyal/libpff/blob/${finalAttrs.version}/ChangeLog";

     

       33
       33
        
           license = lib.licenses.lgpl3Only;

     

       34
       34
        
           maintainers = with lib.maintainers; [ hacker1024 ];

     

       35
       35
        
         };

     

       36
       36
       -
       }

     

       36
       36
       +
       })

+14 -5

pkgs/by-name/mi/misskey/package.nix

···

       17
       17
        
       

     

       18
       18
        
       stdenv.mkDerivation (finalAttrs: {

     

       19
       19
        
         pname = "misskey";

     

       20
       20
       -
         version = "2025.6.3";

     

       20
       20
       +
         version = "2025.7.0";

     

       21
       21
        
       

     

       22
       22
        
         src = fetchFromGitHub {

     

       23
       23
        
           owner = "misskey-dev";

     

       24
       24
        
           repo = "misskey";

     

       25
       25
        
           tag = finalAttrs.version;

     

       26
       26
       -
           hash = "sha256-6UZcIZlfcYcQgjR/jrNhsoLNQGml2tjK3LYLI0fdgMU=";

     

       26
       26
       +
           hash = "sha256-LtBggq60buNPnGPSbh+TcFODxCoqX+rFdX0P7dYMYI0=";

     

       27
       27
        
           fetchSubmodules = true;

     

       28
       28
        
         };

     

       29
       29
        
       

     

       30
       30
       +
         patches = [

     

       31
       31
       +
           ./pnpm-lock.yaml.patch

     

       32
       32
       +
         ];

     

       33
       33
       +
       

     

       30
       34
        
         nativeBuildInputs = [

     

       31
       35
        
           nodejs

     

       32
       36
        
           pnpm_9.configHook

     
···

       36
       40
        
       

     

       37
       41
        
         # https://nixos.org/manual/nixpkgs/unstable/#javascript-pnpm

     

       38
       42
        
         pnpmDeps = pnpm_9.fetchDeps {

     

       39
       39
       -
           inherit (finalAttrs) pname version src;

     

       40
       40
       -
           fetcherVersion = 1;

     

       41
       41
       -
           hash = "sha256-T8LwpEjeWNmkIo3Dn1BCFHBsTzA/Dt6/pk/NMtvT0N4=";

     

       43
       43
       +
           inherit (finalAttrs)

     

       44
       44
       +
             pname

     

       45
       45
       +
             version

     

       46
       46
       +
             src

     

       47
       47
       +
             patches

     

       48
       48
       +
             ;

     

       49
       49
       +
           fetcherVersion = 2;

     

       50
       50
       +
           hash = "sha256-5yuM56sLDSo4M5PDl3gUZOdSexW1YjfYBR3BJMqNHzU=";

     

       42
       51
        
         };

     

       43
       52
        
       

     

       44
       53
        
         buildPhase = ''

+270

pkgs/by-name/mi/misskey/pnpm-lock.yaml.patch

···

       1
       1
       +
       --- a/pnpm-lock.yaml

     

       2
       2
       +
       +++ b/pnpm-lock.yaml

     

       3
       3
       +
       @@ -11,7 +11,7 @@

     

       4
       4
       +
        

     

       5
       5
       +
        patchedDependencies:

     

       6
       6
       +
          typeorm:

     

       7
       7
       +
       -    hash: 2677b97a423e157945c154e64183d3ae2eb44dfa9cb0e5ce731a7612f507bb56

     

       8
       8
       +
       +    hash: i7ls76affxbomopkwkccq5jvsu

     

       9
       9
       +
            path: patches/typeorm.patch

     

       10
       10
       +
        

     

       11
       11
       +
        importers:

     

       12
       12
       +
       @@ -51,6 +51,10 @@

     

       13
       13
       +
              typescript:

     

       14
       14
       +
                specifier: 5.8.3

     

       15
       15
       +
                version: 5.8.3

     

       16
       16
       +
       +    optionalDependencies:

     

       17
       17
       +
       +      '@tensorflow/tfjs-core':

     

       18
       18
       +
       +        specifier: 4.22.0

     

       19
       19
       +
       +        version: 4.22.0(encoding@0.1.13)

     

       20
       20
       +
            devDependencies:

     

       21
       21
       +
              '@misskey-dev/eslint-plugin':

     

       22
       22
       +
                specifier: 2.1.0

     

       23
       23
       +
       @@ -85,10 +89,6 @@

     

       24
       24
       +
              start-server-and-test:

     

       25
       25
       +
                specifier: 2.0.12

     

       26
       26
       +
                version: 2.0.12

     

       27
       27
       +
       -    optionalDependencies:

     

       28
       28
       +
       -      '@tensorflow/tfjs-core':

     

       29
       29
       +
       -        specifier: 4.22.0

     

       30
       30
       +
       -        version: 4.22.0(encoding@0.1.13)

     

       31
       31
       +
        

     

       32
       32
       +
          packages/backend:

     

       33
       33
       +
            dependencies:

     

       34
       34
       +
       @@ -427,7 +427,7 @@

     

       35
       35
       +
                version: 4.2.0

     

       36
       36
       +
              typeorm:

     

       37
       37
       +
                specifier: 0.3.24

     

       38
       38
       +
       -        version: 0.3.24(patch_hash=2677b97a423e157945c154e64183d3ae2eb44dfa9cb0e5ce731a7612f507bb56)(ioredis@5.6.1)(pg@8.16.0)(reflect-metadata@0.2.2)

     

       39
       39
       +
       +        version: 0.3.24(patch_hash=i7ls76affxbomopkwkccq5jvsu)(ioredis@5.6.1)(pg@8.16.0)(reflect-metadata@0.2.2)

     

       40
       40
       +
              typescript:

     

       41
       41
       +
                specifier: 5.8.3

     

       42
       42
       +
                version: 5.8.3

     

       43
       43
       +
       @@ -446,6 +446,94 @@

     

       44
       44
       +
              xev:

     

       45
       45
       +
                specifier: 3.0.2

     

       46
       46
       +
                version: 3.0.2

     

       47
       47
       +
       +    optionalDependencies:

     

       48
       48
       +
       +      '@swc/core-android-arm64':

     

       49
       49
       +
       +        specifier: 1.3.11

     

       50
       50
       +
       +        version: 1.3.11

     

       51
       51
       +
       +      '@swc/core-darwin-arm64':

     

       52
       52
       +
       +        specifier: 1.12.0

     

       53
       53
       +
       +        version: 1.12.0

     

       54
       54
       +
       +      '@swc/core-darwin-x64':

     

       55
       55
       +
       +        specifier: 1.12.0

     

       56
       56
       +
       +        version: 1.12.0

     

       57
       57
       +
       +      '@swc/core-freebsd-x64':

     

       58
       58
       +
       +        specifier: 1.3.11

     

       59
       59
       +
       +        version: 1.3.11

     

       60
       60
       +
       +      '@swc/core-linux-arm-gnueabihf':

     

       61
       61
       +
       +        specifier: 1.12.0

     

       62
       62
       +
       +        version: 1.12.0

     

       63
       63
       +
       +      '@swc/core-linux-arm64-gnu':

     

       64
       64
       +
       +        specifier: 1.12.0

     

       65
       65
       +
       +        version: 1.12.0

     

       66
       66
       +
       +      '@swc/core-linux-arm64-musl':

     

       67
       67
       +
       +        specifier: 1.12.0

     

       68
       68
       +
       +        version: 1.12.0

     

       69
       69
       +
       +      '@swc/core-linux-x64-gnu':

     

       70
       70
       +
       +        specifier: 1.12.0

     

       71
       71
       +
       +        version: 1.12.0

     

       72
       72
       +
       +      '@swc/core-linux-x64-musl':

     

       73
       73
       +
       +        specifier: 1.12.0

     

       74
       74
       +
       +        version: 1.12.0

     

       75
       75
       +
       +      '@swc/core-win32-arm64-msvc':

     

       76
       76
       +
       +        specifier: 1.12.0

     

       77
       77
       +
       +        version: 1.12.0

     

       78
       78
       +
       +      '@swc/core-win32-ia32-msvc':

     

       79
       79
       +
       +        specifier: 1.12.0

     

       80
       80
       +
       +        version: 1.12.0

     

       81
       81
       +
       +      '@swc/core-win32-x64-msvc':

     

       82
       82
       +
       +        specifier: 1.12.0

     

       83
       83
       +
       +        version: 1.12.0

     

       84
       84
       +
       +      '@tensorflow/tfjs':

     

       85
       85
       +
       +        specifier: 4.22.0

     

       86
       86
       +
       +        version: 4.22.0(encoding@0.1.13)(seedrandom@3.0.5)

     

       87
       87
       +
       +      '@tensorflow/tfjs-node':

     

       88
       88
       +
       +        specifier: 4.22.0

     

       89
       89
       +
       +        version: 4.22.0(encoding@0.1.13)(seedrandom@3.0.5)

     

       90
       90
       +
       +      bufferutil:

     

       91
       91
       +
       +        specifier: 4.0.9

     

       92
       92
       +
       +        version: 4.0.9

     

       93
       93
       +
       +      slacc-android-arm-eabi:

     

       94
       94
       +
       +        specifier: 0.0.10

     

       95
       95
       +
       +        version: 0.0.10

     

       96
       96
       +
       +      slacc-android-arm64:

     

       97
       97
       +
       +        specifier: 0.0.10

     

       98
       98
       +
       +        version: 0.0.10

     

       99
       99
       +
       +      slacc-darwin-arm64:

     

       100
       100
       +
       +        specifier: 0.0.10

     

       101
       101
       +
       +        version: 0.0.10

     

       102
       102
       +
       +      slacc-darwin-universal:

     

       103
       103
       +
       +        specifier: 0.0.10

     

       104
       104
       +
       +        version: 0.0.10

     

       105
       105
       +
       +      slacc-darwin-x64:

     

       106
       106
       +
       +        specifier: 0.0.10

     

       107
       107
       +
       +        version: 0.0.10

     

       108
       108
       +
       +      slacc-freebsd-x64:

     

       109
       109
       +
       +        specifier: 0.0.10

     

       110
       110
       +
       +        version: 0.0.10

     

       111
       111
       +
       +      slacc-linux-arm-gnueabihf:

     

       112
       112
       +
       +        specifier: 0.0.10

     

       113
       113
       +
       +        version: 0.0.10

     

       114
       114
       +
       +      slacc-linux-arm64-gnu:

     

       115
       115
       +
       +        specifier: 0.0.10

     

       116
       116
       +
       +        version: 0.0.10

     

       117
       117
       +
       +      slacc-linux-arm64-musl:

     

       118
       118
       +
       +        specifier: 0.0.10

     

       119
       119
       +
       +        version: 0.0.10

     

       120
       120
       +
       +      slacc-linux-x64-gnu:

     

       121
       121
       +
       +        specifier: 0.0.10

     

       122
       122
       +
       +        version: 0.0.10

     

       123
       123
       +
       +      slacc-linux-x64-musl:

     

       124
       124
       +
       +        specifier: 0.0.10

     

       125
       125
       +
       +        version: 0.0.10

     

       126
       126
       +
       +      slacc-win32-arm64-msvc:

     

       127
       127
       +
       +        specifier: 0.0.10

     

       128
       128
       +
       +        version: 0.0.10

     

       129
       129
       +
       +      slacc-win32-x64-msvc:

     

       130
       130
       +
       +        specifier: 0.0.10

     

       131
       131
       +
       +        version: 0.0.10

     

       132
       132
       +
       +      utf-8-validate:

     

       133
       133
       +
       +        specifier: 6.0.5

     

       134
       134
       +
       +        version: 6.0.5

     

       135
       135
       +
            devDependencies:

     

       136
       136
       +
              '@jest/globals':

     

       137
       137
       +
                specifier: 29.7.0

     

       138
       138
       +
       @@ -612,94 +700,6 @@

     

       139
       139
       +
              supertest:

     

       140
       140
       +
                specifier: 7.1.1

     

       141
       141
       +
                version: 7.1.1

     

       142
       142
       +
       -    optionalDependencies:

     

       143
       143
       +
       -      '@swc/core-android-arm64':

     

       144
       144
       +
       -        specifier: 1.3.11

     

       145
       145
       +
       -        version: 1.3.11

     

       146
       146
       +
       -      '@swc/core-darwin-arm64':

     

       147
       147
       +
       -        specifier: 1.12.0

     

       148
       148
       +
       -        version: 1.12.0

     

       149
       149
       +
       -      '@swc/core-darwin-x64':

     

       150
       150
       +
       -        specifier: 1.12.0

     

       151
       151
       +
       -        version: 1.12.0

     

       152
       152
       +
       -      '@swc/core-freebsd-x64':

     

       153
       153
       +
       -        specifier: 1.3.11

     

       154
       154
       +
       -        version: 1.3.11

     

       155
       155
       +
       -      '@swc/core-linux-arm-gnueabihf':

     

       156
       156
       +
       -        specifier: 1.12.0

     

       157
       157
       +
       -        version: 1.12.0

     

       158
       158
       +
       -      '@swc/core-linux-arm64-gnu':

     

       159
       159
       +
       -        specifier: 1.12.0

     

       160
       160
       +
       -        version: 1.12.0

     

       161
       161
       +
       -      '@swc/core-linux-arm64-musl':

     

       162
       162
       +
       -        specifier: 1.12.0

     

       163
       163
       +
       -        version: 1.12.0

     

       164
       164
       +
       -      '@swc/core-linux-x64-gnu':

     

       165
       165
       +
       -        specifier: 1.12.0

     

       166
       166
       +
       -        version: 1.12.0

     

       167
       167
       +
       -      '@swc/core-linux-x64-musl':

     

       168
       168
       +
       -        specifier: 1.12.0

     

       169
       169
       +
       -        version: 1.12.0

     

       170
       170
       +
       -      '@swc/core-win32-arm64-msvc':

     

       171
       171
       +
       -        specifier: 1.12.0

     

       172
       172
       +
       -        version: 1.12.0

     

       173
       173
       +
       -      '@swc/core-win32-ia32-msvc':

     

       174
       174
       +
       -        specifier: 1.12.0

     

       175
       175
       +
       -        version: 1.12.0

     

       176
       176
       +
       -      '@swc/core-win32-x64-msvc':

     

       177
       177
       +
       -        specifier: 1.12.0

     

       178
       178
       +
       -        version: 1.12.0

     

       179
       179
       +
       -      '@tensorflow/tfjs':

     

       180
       180
       +
       -        specifier: 4.22.0

     

       181
       181
       +
       -        version: 4.22.0(encoding@0.1.13)(seedrandom@3.0.5)

     

       182
       182
       +
       -      '@tensorflow/tfjs-node':

     

       183
       183
       +
       -        specifier: 4.22.0

     

       184
       184
       +
       -        version: 4.22.0(encoding@0.1.13)(seedrandom@3.0.5)

     

       185
       185
       +
       -      bufferutil:

     

       186
       186
       +
       -        specifier: 4.0.9

     

       187
       187
       +
       -        version: 4.0.9

     

       188
       188
       +
       -      slacc-android-arm-eabi:

     

       189
       189
       +
       -        specifier: 0.0.10

     

       190
       190
       +
       -        version: 0.0.10

     

       191
       191
       +
       -      slacc-android-arm64:

     

       192
       192
       +
       -        specifier: 0.0.10

     

       193
       193
       +
       -        version: 0.0.10

     

       194
       194
       +
       -      slacc-darwin-arm64:

     

       195
       195
       +
       -        specifier: 0.0.10

     

       196
       196
       +
       -        version: 0.0.10

     

       197
       197
       +
       -      slacc-darwin-universal:

     

       198
       198
       +
       -        specifier: 0.0.10

     

       199
       199
       +
       -        version: 0.0.10

     

       200
       200
       +
       -      slacc-darwin-x64:

     

       201
       201
       +
       -        specifier: 0.0.10

     

       202
       202
       +
       -        version: 0.0.10

     

       203
       203
       +
       -      slacc-freebsd-x64:

     

       204
       204
       +
       -        specifier: 0.0.10

     

       205
       205
       +
       -        version: 0.0.10

     

       206
       206
       +
       -      slacc-linux-arm-gnueabihf:

     

       207
       207
       +
       -        specifier: 0.0.10

     

       208
       208
       +
       -        version: 0.0.10

     

       209
       209
       +
       -      slacc-linux-arm64-gnu:

     

       210
       210
       +
       -        specifier: 0.0.10

     

       211
       211
       +
       -        version: 0.0.10

     

       212
       212
       +
       -      slacc-linux-arm64-musl:

     

       213
       213
       +
       -        specifier: 0.0.10

     

       214
       214
       +
       -        version: 0.0.10

     

       215
       215
       +
       -      slacc-linux-x64-gnu:

     

       216
       216
       +
       -        specifier: 0.0.10

     

       217
       217
       +
       -        version: 0.0.10

     

       218
       218
       +
       -      slacc-linux-x64-musl:

     

       219
       219
       +
       -        specifier: 0.0.10

     

       220
       220
       +
       -        version: 0.0.10

     

       221
       221
       +
       -      slacc-win32-arm64-msvc:

     

       222
       222
       +
       -        specifier: 0.0.10

     

       223
       223
       +
       -        version: 0.0.10

     

       224
       224
       +
       -      slacc-win32-x64-msvc:

     

       225
       225
       +
       -        specifier: 0.0.10

     

       226
       226
       +
       -        version: 0.0.10

     

       227
       227
       +
       -      utf-8-validate:

     

       228
       228
       +
       -        specifier: 6.0.5

     

       229
       229
       +
       -        version: 6.0.5

     

       230
       230
       +
        

     

       231
       231
       +
          packages/frontend:

     

       232
       232
       +
            dependencies:

     

       233
       233
       +
       @@ -11221,8 +11221,8 @@

     

       234
       234
       +
          vue-component-type-helpers@2.2.12:

     

       235
       235
       +
            resolution: {integrity: sha512-YbGqHZ5/eW4SnkPNR44mKVc6ZKQoRs/Rux1sxC6rdwXb4qpbOSYfDr9DsTHolOTGmIKgM9j141mZbBeg05R1pw==}

     

       236
       236
       +
        

     

       237
       237
       +
       -  vue-component-type-helpers@3.0.1:

     

       238
       238
       +
       -    resolution: {integrity: sha512-j23mCB5iEbGsyIhnVdXdWUOg+UdwmVxpKnYYf2j+4ppCt5VSFXKjwu9YFt0QYxUaf5G99PuHsVfRScjHCRSsGQ==}

     

       239
       239
       +
       +  vue-component-type-helpers@3.0.3:

     

       240
       240
       +
       +    resolution: {integrity: sha512-koiBu7lO8e6w/UlbZAAIW11qcFQocYIl7Nh/SVwGZ804ej5KrncU32bRxi2zfU2Kyf6HWuk1CeeVP2rhIL+vyQ==}

     

       241
       241
       +
        

     

       242
       242
       +
          vue-demi@0.14.7:

     

       243
       243
       +
            resolution: {integrity: sha512-EOG8KXDQNwkJILkx/gPcoL/7vH+hORoBaKgGe+6W7VFMvCYJfmF2dGbvgDroVnI8LU7/kTu8mbjRZGBU1z9NTA==}

     

       244
       244
       +
       @@ -14955,7 +14955,7 @@

     

       245
       245
       +
              ts-dedent: 2.2.0

     

       246
       246
       +
              type-fest: 2.19.0

     

       247
       247
       +
              vue: 3.5.17(typescript@5.8.3)

     

       248
       248
       +
       -      vue-component-type-helpers: 3.0.1

     

       249
       249
       +
       +      vue-component-type-helpers: 3.0.3

     

       250
       250
       +
        

     

       251
       251
       +
          '@stylistic/eslint-plugin@2.13.0(eslint@9.31.0)(typescript@5.8.3)':

     

       252
       252
       +
            dependencies:

     

       253
       253
       +
       @@ -23034,7 +23034,7 @@

     

       254
       254
       +
        

     

       255
       255
       +
          typedarray@0.0.6: {}

     

       256
       256
       +
        

     

       257
       257
       +
       -  typeorm@0.3.24(patch_hash=2677b97a423e157945c154e64183d3ae2eb44dfa9cb0e5ce731a7612f507bb56)(ioredis@5.6.1)(pg@8.16.0)(reflect-metadata@0.2.2):

     

       258
       258
       +
       +  typeorm@0.3.24(patch_hash=i7ls76affxbomopkwkccq5jvsu)(ioredis@5.6.1)(pg@8.16.0)(reflect-metadata@0.2.2):

     

       259
       259
       +
            dependencies:

     

       260
       260
       +
              '@sqltools/formatter': 1.2.5

     

       261
       261
       +
              ansis: 3.17.0

     

       262
       262
       +
       @@ -23371,7 +23371,7 @@

     

       263
       263
       +
        

     

       264
       264
       +
          vue-component-type-helpers@2.2.12: {}

     

       265
       265
       +
        

     

       266
       266
       +
       -  vue-component-type-helpers@3.0.1: {}

     

       267
       267
       +
       +  vue-component-type-helpers@3.0.3: {}

     

       268
       268
       +
        

     

       269
       269
       +
          vue-demi@0.14.7(vue@3.5.17(typescript@5.8.3)):

     

       270
       270
       +
            dependencies:

+48

pkgs/by-name/ot/otio/package.nix

···

       1
       1
       +
       {

     

       2
       2
       +
         lib,

     

       3
       3
       +
         stdenv,

     

       4
       4
       +
         cmake,

     

       5
       5
       +
         fetchFromGitHub,

     

       6
       6
       +
         imath,

     

       7
       7
       +
         python3,

     

       8
       8
       +
         rapidjson,

     

       9
       9
       +
       }:

     

       10
       10
       +
       

     

       11
       11
       +
       stdenv.mkDerivation (finalAttrs: {

     

       12
       12
       +
         pname = "otio";

     

       13
       13
       +
         version = "0.17.0";

     

       14
       14
       +
       

     

       15
       15
       +
         src = fetchFromGitHub {

     

       16
       16
       +
           owner = "AcademySoftwareFoundation";

     

       17
       17
       +
           repo = "OpenTimelineIO";

     

       18
       18
       +
           tag = "v${finalAttrs.version}";

     

       19
       19
       +
           sha256 = "sha256-53KXjbhHxuEtu6iRGWrirvFamuZ/WbOTcKCfs1iqKmM=";

     

       20
       20
       +
         };

     

       21
       21
       +
       

     

       22
       22
       +
         nativeBuildInputs = [

     

       23
       23
       +
           cmake

     

       24
       24
       +
           python3

     

       25
       25
       +
         ];

     

       26
       26
       +
       

     

       27
       27
       +
         buildInputs = [

     

       28
       28
       +
           imath

     

       29
       29
       +
           rapidjson

     

       30
       30
       +
         ];

     

       31
       31
       +
       

     

       32
       32
       +
         cmakeFlags = [

     

       33
       33
       +
           (lib.cmakeBool "OTIO_PYTHON_INSTALL" false)

     

       34
       34
       +
           (lib.cmakeBool "OTIO_DEPENDENCIES_INSTALL" false)

     

       35
       35
       +
           (lib.cmakeBool "OTIO_FIND_IMATH" true)

     

       36
       36
       +
           (lib.cmakeBool "OTIO_SHARED_LIBS" true)

     

       37
       37
       +
           (lib.cmakeBool "OTIO_AUTOMATIC_SUBMODULES" false)

     

       38
       38
       +
         ];

     

       39
       39
       +
       

     

       40
       40
       +
         meta = {

     

       41
       41
       +
           description = "Interchange format and API for editorial cut information";

     

       42
       42
       +
           homepage = "http://opentimeline.io/";

     

       43
       43
       +
           changelog = "https://github.com/AcademySoftwareFoundation/OpenTimelineIO/releases/tag/v${finalAttrs.version}";

     

       44
       44
       +
           license = lib.licenses.asl20;

     

       45
       45
       +
           maintainers = with lib.maintainers; [ liberodark ];

     

       46
       46
       +
           platforms = lib.platforms.linux;

     

       47
       47
       +
         };

     

       48
       48
       +
       })

+2 -2

pkgs/by-name/pi/pike/package.nix

···

       120
       120
        
       in

     

       121
       121
        
       stdenv.mkDerivation (finalAttrs: {

     

       122
       122
        
         pname = "pike";

     

       123
       123
       -
         version = "v8.0.2020";

     

       123
       123
       +
         version = "8.0.2020";

     

       124
       124
        
       

     

       125
       125
        
         src = fetchFromGitHub {

     

       126
       126
        
           owner = "pikelang";

     

       127
       127
        
           repo = "Pike";

     

       128
       128
       -
           rev = finalAttrs.version;

     

       128
       128
       +
           tag = "v${finalAttrs.version}";

     

       129
       129
        
           hash = "sha256-VHfMfICtvCHdFTIjiYw9tR5g9KycR7jqdg3wT+T37mA=";

     

       130
       130
        
         };

     

       131
       131

+21

pkgs/by-name/po/poco/disable-broken-tests-darwin.patch

···

       1
       1
       +
       diff --git a/Data/testsuite/src/DataTest.cpp b/Data/testsuite/src/DataTest.cpp

     

       2
       2
       +
       index a78c4e5..e8d9335 100644

     

       3
       3
       +
       --- a/Data/testsuite/src/DataTest.cpp

     

       4
       4
       +
       +++ b/Data/testsuite/src/DataTest.cpp

     

       5
       5
       +
       @@ -1652 +1652 @@ CppUnit::Test* DataTest::suite()

     

       6
       6
       +
       -	CppUnit_addTest(pSuite, DataTest, testSQLChannel);

     

       7
       7
       +
       +	// CppUnit_addTest(pSuite, DataTest, testSQLChannel);

     

       8
       8
       +
       diff --git a/Net/testsuite/src/HTTPClientSessionTest.cpp b/Net/testsuite/src/HTTPClientSessionTest.cpp

     

       9
       9
       +
       index 31de150..b5c0d13 100644

     

       10
       10
       +
       --- a/Net/testsuite/src/HTTPClientSessionTest.cpp

     

       11
       11
       +
       +++ b/Net/testsuite/src/HTTPClientSessionTest.cpp

     

       12
       12
       +
       @@ -406 +406 @@ CppUnit::Test* HTTPClientSessionTest::suite()

     

       13
       13
       +
       -	CppUnit_addTest(pSuite, HTTPClientSessionTest, testGetSmallUnix);

     

       14
       14
       +
       +	// CppUnit_addTest(pSuite, HTTPClientSessionTest, testGetSmallUnix);

     

       15
       15
       +
       diff --git a/Net/testsuite/src/SocketTest.cpp b/Net/testsuite/src/SocketTest.cpp

     

       16
       16
       +
       index 27c1800..9bd684b 100644

     

       17
       17
       +
       --- a/Net/testsuite/src/SocketTest.cpp

     

       18
       18
       +
       +++ b/Net/testsuite/src/SocketTest.cpp

     

       19
       19
       +
       @@ -900 +900 @@ CppUnit::Test* SocketTest::suite()

     

       20
       20
       +
       -	CppUnit_addTest(pSuite, SocketTest, testEchoUnixLocal);

     

       21
       21
       +
       +	// CppUnit_addTest(pSuite, SocketTest, testEchoUnixLocal);

+28

pkgs/by-name/po/poco/disable-broken-tests-linux.patch

···

       1
       1
       +
       diff --git a/Data/testsuite/src/DataTest.cpp b/Data/testsuite/src/DataTest.cpp

     

       2
       2
       +
       index a78c4e5..e8d9335 100644

     

       3
       3
       +
       --- a/Data/testsuite/src/DataTest.cpp

     

       4
       4
       +
       +++ b/Data/testsuite/src/DataTest.cpp

     

       5
       5
       +
       @@ -1652 +1652 @@ CppUnit::Test* DataTest::suite()

     

       6
       6
       +
       -	CppUnit_addTest(pSuite, DataTest, testSQLChannel);

     

       7
       7
       +
       +	// CppUnit_addTest(pSuite, DataTest, testSQLChannel);

     

       8
       8
       +
       diff --git a/Net/testsuite/src/DatagramSocketTest.cpp b/Net/testsuite/src/DatagramSocketTest.cpp

     

       9
       9
       +
       index e765de2..cec4867 100644

     

       10
       10
       +
       --- a/Net/testsuite/src/DatagramSocketTest.cpp

     

       11
       11
       +
       +++ b/Net/testsuite/src/DatagramSocketTest.cpp

     

       12
       12
       +
       @@ -830 +830 @@ CppUnit::Test* DatagramSocketTest::suite()

     

       13
       13
       +
       -	CppUnit_addTest(pSuite, DatagramSocketTest, testBroadcast);

     

       14
       14
       +
       +	// CppUnit_addTest(pSuite, DatagramSocketTest, testBroadcast);

     

       15
       15
       +
       diff --git a/Net/testsuite/src/SocketReactorTest.cpp b/Net/testsuite/src/SocketReactorTest.cpp

     

       16
       16
       +
       index a07576c..b3236c5 100644

     

       17
       17
       +
       --- a/Net/testsuite/src/SocketReactorTest.cpp

     

       18
       18
       +
       +++ b/Net/testsuite/src/SocketReactorTest.cpp

     

       19
       19
       +
       @@ -706 +706 @@ CppUnit::Test* SocketReactorTest::suite()

     

       20
       20
       +
       -	CppUnit_addTest(pSuite, SocketReactorTest, testSocketConnectorFail);

     

       21
       21
       +
       +	// CppUnit_addTest(pSuite, SocketReactorTest, testSocketConnectorFail);

     

       22
       22
       +
       diff --git a/Net/testsuite/src/SocketTest.cpp b/Net/testsuite/src/SocketTest.cpp

     

       23
       23
       +
       index 27c1800..9bd684b 100644

     

       24
       24
       +
       --- a/Net/testsuite/src/SocketTest.cpp

     

       25
       25
       +
       +++ b/Net/testsuite/src/SocketTest.cpp

     

       26
       26
       +
       @@ -900 +900 @@ CppUnit::Test* SocketTest::suite()

     

       27
       27
       +
       -	CppUnit_addTest(pSuite, SocketTest, testEchoUnixLocal);

     

       28
       28
       +
       +	// CppUnit_addTest(pSuite, SocketTest, testEchoUnixLocal);

+18

pkgs/by-name/po/poco/disable-flaky-tests.patch

···

       1
       1
       +
       diff --git a/Foundation/testsuite/src/ExpireLRUCacheTest.cpp b/Foundation/testsuite/src/ExpireLRUCacheTest.cpp

     

       2
       2
       +
       --- a/Foundation/testsuite/src/ExpireLRUCacheTest.cpp

     

       3
       3
       +
       +++ b/Foundation/testsuite/src/ExpireLRUCacheTest.cpp

     

       4
       4
       +
       @@ -336 +336 @@

     

       5
       5
       +
       -	CppUnit_addTest(pSuite, ExpireLRUCacheTest, testExpireN);

     

       6
       6
       +
       +	// CppUnit_addTest(pSuite, ExpireLRUCacheTest, testExpireN);

     

       7
       7
       +
       diff --git a/Foundation/testsuite/src/TimestampTest.cpp b/Foundation/testsuite/src/TimestampTest.cpp

     

       8
       8
       +
       --- a/Foundation/testsuite/src/TimestampTest.cpp

     

       9
       9
       +
       +++ b/Foundation/testsuite/src/TimestampTest.cpp

     

       10
       10
       +
       @@ -97 +97 @@

     

       11
       11
       +
       -	CppUnit_addTest(pSuite, TimestampTest, testTimestamp);

     

       12
       12
       +
       +	// CppUnit_addTest(pSuite, TimestampTest, testTimestamp);

     

       13
       13
       +
       diff --git a/Foundation/testsuite/src/UniqueExpireCacheTest.cpp b/Foundation/testsuite/src/UniqueExpireCacheTest.cpp

     

       14
       14
       +
       --- a/Foundation/testsuite/src/UniqueExpireCacheTest.cpp

     

       15
       15
       +
       +++ b/Foundation/testsuite/src/UniqueExpireCacheTest.cpp

     

       16
       16
       +
       @@ -248 +248 @@

     

       17
       17
       +
       -	CppUnit_addTest(pSuite, UniqueExpireCacheTest, testExpireN);

     

       18
       18
       +
       +	// CppUnit_addTest(pSuite, UniqueExpireCacheTest, testExpireN);

+45 -13

pkgs/by-name/po/poco/package.nix

···

       13
       13
        
         openssl,

     

       14
       14
        
         unixODBC,

     

       15
       15
        
         libmysqlclient,

     

       16
       16
       +
         writableTmpDirAsHomeHook,

     

       16
       17
        
       }:

     

       17
       18
        
       

     

       18
       19
        
       stdenv.mkDerivation rec {

     
···

       54
       55
        
         MYSQL_DIR = libmysqlclient;

     

       55
       56
        
         MYSQL_INCLUDE_DIR = "${MYSQL_DIR}/include/mysql";

     

       56
       57
        
       

     

       57
       57
       -
         cmakeFlags = [

     

       58
       58
       -
           # use nix provided versions of sqlite, zlib, pcre, expat, ... instead of bundled versions

     

       59
       59
       -
           (lib.cmakeBool "POCO_UNBUNDLED" true)

     

       60
       60
       -
         ];

     

       58
       58
       +
         cmakeFlags =

     

       59
       59
       +
           let

     

       60
       60
       +
             excludeTestsRegex = lib.concatStringsSep "|" [

     

       61
       61
       +
               # These tests require running services, which the checkPhase is ill equipeed to provide

     

       62
       62
       +
               # TODO get them running in a nixosTest

     

       63
       63
       +
               "Redis"

     

       64
       64
       +
               "DataODBC"

     

       65
       65
       +
               "MongoDB"

     

       66
       66
       +
               "DataMySQL"

     

       67
       67
       +
               # network not accessible from nix sandbox

     

       68
       68
       +
               "NetSSL" # around 25 test failures

     

       69
       69
       +
               "Net" # could be made to work when public network access is patched out

     

       70
       70
       +
             ];

     

       71
       71
       +
           in

     

       72
       72
       +
           [

     

       73
       73
       +
             # use nix provided versions of sqlite, zlib, pcre, expat, ... instead of bundled versions

     

       74
       74
       +
             (lib.cmakeBool "POCO_UNBUNDLED" true)

     

       75
       75
       +
             (lib.cmakeBool "ENABLE_TESTS" true)

     

       76
       76
       +
             (lib.cmakeFeature "CMAKE_CTEST_ARGUMENTS" "--exclude-regex;'${excludeTestsRegex}'")

     

       77
       77
       +
           ];

     

       61
       78
        
       

     

       62
       62
       -
         patches = [

     

       63
       63
       -
           # Remove on next release

     

       64
       64
       -
           (fetchpatch {

     

       65
       65
       -
             name = "disable-included-pcre-if-pcre-is-linked-staticly";

     

       66
       66
       -
             # this happens when building pkgsStatic.poco

     

       67
       67
       -
             url = "https://patch-diff.githubusercontent.com/raw/pocoproject/poco/pull/4879.patch";

     

       68
       68
       -
             hash = "sha256-VFWuRuf0GPYFp43WKI8utl+agP+7a5biLg7m64EMnVo=";

     

       69
       69
       -
           })

     

       79
       79
       +
         patches =

     

       80
       80
       +
           [

     

       81
       81
       +
             # Remove on next release

     

       82
       82
       +
             (fetchpatch {

     

       83
       83
       +
               name = "disable-included-pcre-if-pcre-is-linked-staticly";

     

       84
       84
       +
               # this happens when building pkgsStatic.poco

     

       85
       85
       +
               url = "https://patch-diff.githubusercontent.com/raw/pocoproject/poco/pull/4879.patch";

     

       86
       86
       +
               hash = "sha256-VFWuRuf0GPYFp43WKI8utl+agP+7a5biLg7m64EMnVo=";

     

       87
       87
       +
             })

     

       88
       88
       +
             # https://github.com/pocoproject/poco/issues/4977

     

       89
       89
       +
             ./disable-flaky-tests.patch

     

       90
       90
       +
           ]

     

       91
       91
       +
           ++ lib.optionals stdenv.hostPlatform.isDarwin [

     

       92
       92
       +
             ./disable-broken-tests-darwin.patch

     

       93
       93
       +
           ]

     

       94
       94
       +
           ++ lib.optionals stdenv.hostPlatform.isLinux [

     

       95
       95
       +
             ./disable-broken-tests-linux.patch

     

       96
       96
       +
           ];

     

       97
       97
       +
       

     

       98
       98
       +
         doCheck = true;

     

       99
       99
       +
         nativeCheckInputs = [

     

       100
       100
       +
           # workaround for some tests trying to write to /homeless-shelter

     

       101
       101
       +
           writableTmpDirAsHomeHook

     

       70
       102
        
         ];

     

       71
       103
        
       

     

       72
       104
        
         postFixup = ''

     

       73
       105
        
           grep -rlF INTERFACE_INCLUDE_DIRECTORIES "$dev/lib/cmake/Poco" | while read -r f; do

     

       74
       106
        
             substituteInPlace "$f" \

     

       75
       75
       -
               --replace "$"'{_IMPORT_PREFIX}/include' ""

     

       107
       107
       +
               --replace-quiet "$"'{_IMPORT_PREFIX}/include' ""

     

       76
       108
        
           done

     

       77
       109
        
         '';

     

       78
       110

+2 -2

pkgs/by-name/pr/protonmail-bridge/package.nix

···

       8
       8
        
       

     

       9
       9
        
       buildGoModule rec {

     

       10
       10
        
         pname = "protonmail-bridge";

     

       11
       11
       -
         version = "3.21.1";

     

       11
       11
       +
         version = "3.21.2";

     

       12
       12
        
       

     

       13
       13
        
         src = fetchFromGitHub {

     

       14
       14
        
           owner = "ProtonMail";

     

       15
       15
        
           repo = "proton-bridge";

     

       16
       16
        
           rev = "v${version}";

     

       17
       17
       -
           hash = "sha256-HGBECDidHFixFOb/ze+3elckpt1JghEtPbWHq7QU1Qg=";

     

       17
       17
       +
           hash = "sha256-IQgP+eWUCyViEBi0WFIOW2rXZLtoyVlrQrtAaqaLOv0=";

     

       18
       18
        
         };

     

       19
       19
        
       

     

       20
       20
        
         vendorHash = "sha256-aW7N6uacoP99kpvw9E5WrHaQ0fZ4P5WGsNvR/FAZ+cA=";

+5 -1

pkgs/by-name/qb/qbittorrent/package.nix

···

       16
       16
        
         webuiSupport ? true,

     

       17
       17
        
         wrapGAppsHook3,

     

       18
       18
        
         zlib,

     

       19
       19
       +
         nixosTests,

     

       19
       20
        
       }:

     

       20
       21
        
       

     

       21
       22
        
       stdenv.mkDerivation (finalAttrs: {

     
···

       74
       75
        
           qtWrapperArgs+=("''${gappsWrapperArgs[@]}")

     

       75
       76
        
         '';

     

       76
       77
        
       

     

       77
       77
       -
         passthru.updateScript = nix-update-script { extraArgs = [ "--version-regex=release-(.*)" ]; };

     

       78
       78
       +
         passthru = {

     

       79
       79
       +
           updateScript = nix-update-script { extraArgs = [ "--version-regex=release-(.*)" ]; };

     

       80
       80
       +
           tests.testService = nixosTests.qbittorrent;

     

       81
       81
       +
         };

     

       78
       82
        
       

     

       79
       83
        
         meta = {

     

       80
       84
        
           description = "Featureful free software BitTorrent client";

+8 -8

pkgs/by-name/tr/trilium-next-desktop/package.nix

···

       5
       5
        
         fetchurl,

     

       6
       6
        
         makeBinaryWrapper,

     

       7
       7
        
         # use specific electron since it has to load a compiled module

     

       8
       8
       -
         electron_36,

     

       8
       8
       +
         electron_37,

     

       9
       9
        
         autoPatchelfHook,

     

       10
       10
        
         makeDesktopItem,

     

       11
       11
        
         copyDesktopItems,

     
···

       15
       15
        
       

     

       16
       16
        
       let

     

       17
       17
        
         pname = "trilium-next-desktop";

     

       18
       18
       -
         version = "0.95.0";

     

       18
       18
       +
         version = "0.97.1";

     

       19
       19
        
       

     

       20
       20
        
         triliumSource = os: arch: sha256: {

     

       21
       21
       -
           url = "https://github.com/TriliumNext/Notes/releases/download/v${version}/TriliumNextNotes-v${version}-${os}-${arch}.zip";

     

       21
       21
       +
           url = "https://github.com/TriliumNext/Trilium/releases/download/v${version}/TriliumNotes-v${version}-${os}-${arch}.zip";

     

       22
       22
        
           inherit sha256;

     

       23
       23
        
         };

     

       24
       24
        
       

     
···

       26
       26
        
         darwinSource = triliumSource "macos";

     

       27
       27
        
       

     

       28
       28
        
         # exposed like this for update.sh

     

       29
       29
       -
         x86_64-linux.sha256 = "1lykzd1spvl6x6xm2qhw5bzcs9pbcars686gwbirscr53fb7q841";

     

       30
       30
       -
         aarch64-linux.sha256 = "0bxrsj1g8dgg9rd6s0aj9jm2w6nk9yn6b1xgiab8kn298p3iqz64";

     

       31
       31
       -
         x86_64-darwin.sha256 = "16cv52c6jn5ah5ccdfxffwrmf6vz8d4q4rj0v5ny4m0g0al78isg";

     

       32
       32
       -
         aarch64-darwin.sha256 = "0v388frd4skpilxn8i5isd9xgn0qs9zszfs3h75q3qpx4xz355ps";

     

       29
       29
       +
         x86_64-linux.sha256 = "1lb1mp031pa4wg6wrp8l84vw1glmqc27l4gf85a47bi4b63das2l";

     

       30
       30
       +
         aarch64-linux.sha256 = "1yrxk8q2aafgcvipwhkwmjidymwia0dgqnhchhngmris6zrbb3wj";

     

       31
       31
       +
         x86_64-darwin.sha256 = "0d8li5h2rn3iyzxsbs4g7a98zzdn58x4iwhzvxcjxy7b6h4hldvg";

     

       32
       32
       +
         aarch64-darwin.sha256 = "07r1rw84mlszr2bzjwz62lsy14j9xm22li2ksdc4ra93q58kmip1";

     

       33
       33
        
       

     

       34
       34
        
         sources = {

     

       35
       35
        
           x86_64-linux = linuxSource "x64" x86_64-linux.sha256;

     
···

       111
       111
        
             asar pack $tmp/ $out/share/trilium/resources/app.asar

     

       112
       112
        
             rm -rf $tmp

     

       113
       113
        
       

     

       114
       114
       -
             makeWrapper ${lib.getExe electron_36} $out/bin/trilium \

     

       114
       114
       +
             makeWrapper ${lib.getExe electron_37} $out/bin/trilium \

     

       115
       115
        
               "''${gappsWrapperArgs[@]}" \

     

       116
       116
        
               --set-default ELECTRON_IS_DEV 0 \

     

       117
       117
        
               --add-flags $out/share/trilium/resources/app.asar

+7 -7

pkgs/by-name/tr/trilium-next-desktop/update.sh

···

       8
       8
        
           sed -i "s|$2 = \".*\"|$2 = \"${3:-}\"|" $1

     

       9
       9
        
       }

     

       10
       10
        
       

     

       11
       11
       -
       version=$(curl -s --show-error "https://api.github.com/repos/TriliumNext/Notes/releases/latest" | jq -r '.tag_name' | tail -c +2)

     

       11
       11
       +
       version=$(curl -s --show-error "https://api.github.com/repos/TriliumNext/Trilium/releases/latest" | jq -r '.tag_name' | tail -c +2)

     

       12
       12
        
       setKV ./package.nix version $version

     

       13
       13
        
       

     

       14
       14
        
       # Update desktop application

     

       15
       15
       -
       sha256_linux64=$(nix-prefetch-url --quiet https://github.com/TriliumNext/Notes/releases/download/v${version}/TriliumNextNotes-v${version}-linux-x64.zip)

     

       16
       16
       -
       sha256_linux64_arm=$(nix-prefetch-url --quiet https://github.com/TriliumNext/Notes/releases/download/v${version}/TriliumNextNotes-v${version}-linux-arm64.zip)

     

       17
       17
       -
       sha256_darwin64=$(nix-prefetch-url --quiet https://github.com/TriliumNext/Notes/releases/download/v${version}/TriliumNextNotes-v${version}-macos-x64.zip)

     

       18
       18
       -
       sha256_darwin64_arm=$(nix-prefetch-url --quiet https://github.com/TriliumNext/Notes/releases/download/v${version}/TriliumNextNotes-v${version}-macos-arm64.zip)

     

       15
       15
       +
       sha256_linux64=$(nix-prefetch-url --quiet https://github.com/TriliumNext/Trilium/releases/download/v${version}/TriliumNotes-v${version}-linux-x64.zip)

     

       16
       16
       +
       sha256_linux64_arm=$(nix-prefetch-url --quiet https://github.com/TriliumNext/Trilium/releases/download/v${version}/TriliumNotes-v${version}-linux-arm64.zip)

     

       17
       17
       +
       sha256_darwin64=$(nix-prefetch-url --quiet https://github.com/TriliumNext/Trilium/releases/download/v${version}/TriliumNotes-v${version}-macos-x64.zip)

     

       18
       18
       +
       sha256_darwin64_arm=$(nix-prefetch-url --quiet https://github.com/TriliumNext/Trilium/releases/download/v${version}/TriliumNotes-v${version}-macos-arm64.zip)

     

       19
       19
        
       setKV ./package.nix x86_64-linux.sha256 $sha256_linux64

     

       20
       20
        
       setKV ./package.nix aarch64-linux.sha256 $sha256_linux64_arm

     

       21
       21
        
       setKV ./package.nix x86_64-darwin.sha256 $sha256_darwin64

     

       22
       22
        
       setKV ./package.nix aarch64-darwin.sha256 $sha256_darwin64_arm

     

       23
       23
        
       

     

       24
       24
        
       # Update server

     

       25
       25
       -
       sha256_linux64_server=$(nix-prefetch-url --quiet https://github.com/TriliumNext/Notes/releases/download/v${version}/TriliumNextNotes-Server-v${version}-linux-x64.tar.xz)

     

       26
       26
       -
       sha256_linux64_server_arm=$(nix-prefetch-url --quiet https://github.com/TriliumNext/Notes/releases/download/v${version}/TriliumNextNotes-Server-v${version}-linux-arm64.tar.xz)

     

       25
       25
       +
       sha256_linux64_server=$(nix-prefetch-url --quiet https://github.com/TriliumNext/Trilium/releases/download/v${version}/TriliumNotes-Server-v${version}-linux-x64.tar.xz)

     

       26
       26
       +
       sha256_linux64_server_arm=$(nix-prefetch-url --quiet https://github.com/TriliumNext/Trilium/releases/download/v${version}/TriliumNotes-Server-v${version}-linux-arm64.tar.xz)

     

       27
       27
        
       setKV ../trilium-next-server/package.nix version $version

     

       28
       28
        
       setKV ../trilium-next-server/package.nix serverSource_x64.sha256 $sha256_linux64_server

     

       29
       29
        
       setKV ../trilium-next-server/package.nix serverSource_arm64.sha256 $sha256_linux64_server_arm

+5 -5

pkgs/by-name/tr/trilium-next-server/package.nix

···

       7
       7
        
       }:

     

       8
       8
        
       

     

       9
       9
        
       let

     

       10
       10
       -
         version = "0.95.0";

     

       10
       10
       +
         version = "0.97.1";

     

       11
       11
        
       

     

       12
       12
       -
         serverSource_x64.url = "https://github.com/TriliumNext/Notes/releases/download/v${version}/TriliumNextNotes-Server-v${version}-linux-x64.tar.xz";

     

       13
       13
       -
         serverSource_x64.sha256 = "1rjl38i6l894kwpmc925amf9zbwyjlc4sqh3skm1f13vhv9pj9dx";

     

       14
       14
       -
         serverSource_arm64.url = "https://github.com/TriliumNext/Notes/releases/download/v${version}/TriliumNextNotes-Server-v${version}-linux-arm64.tar.xz";

     

       15
       15
       -
         serverSource_arm64.sha256 = "1rpzc13vdp5b3iwwc1l6h78nb5iairlxbflwvjwhy1149lpqnn8m";

     

       12
       12
       +
         serverSource_x64.url = "https://github.com/TriliumNext/Trilium/releases/download/v${version}/TriliumNotes-Server-v${version}-linux-x64.tar.xz";

     

       13
       13
       +
         serverSource_x64.sha256 = "1y0ass5b3c8qx28b31x2h7i1rlvdyjimsklgjpv8d47micsg6m7z";

     

       14
       14
       +
         serverSource_arm64.url = "https://github.com/TriliumNext/Trilium/releases/download/v${version}/TriliumNotes-Server-v${version}-linux-arm64.tar.xz";

     

       15
       15
       +
         serverSource_arm64.sha256 = "12bnmbm1p98633xsyxq6rr05jl79bn820915a0gmq14np7vskhmp";

     

       16
       16
        
       

     

       17
       17
        
         serverSource =

     

       18
       18
        
           if stdenv.hostPlatform.isx86_64 then

+51 -26

pkgs/by-name/yt/yt-dlp/package.nix

···

       1
       1
        
       {

     

       2
       2
        
         lib,

     

       3
       3
        
         python3Packages,

     

       4
       4
       -
         fetchPypi,

     

       4
       4
       +
         fetchFromGitHub,

     

       5
       5
        
         ffmpeg-headless,

     

       6
       6
        
         rtmpdump,

     

       7
       7
        
         atomicparsley,

     

       8
       8
       +
         pandoc,

     

       9
       9
       +
         installShellFiles,

     

       8
       10
        
         atomicparsleySupport ? true,

     

       9
       11
        
         ffmpegSupport ? true,

     

       10
       12
        
         rtmpSupport ? true,

     

       11
       13
        
         withAlias ? false, # Provides bin/youtube-dl for backcompat

     

       12
       12
       -
         update-python-libraries,

     

       14
       14
       +
         nix-update-script,

     

       13
       15
        
       }:

     

       14
       16
        
       

     

       15
       17
        
       python3Packages.buildPythonApplication rec {

     
···

       17
       19
        
         # The websites yt-dlp deals with are a very moving target. That means that

     

       18
       20
        
         # downloads break constantly. Because of that, updates should always be backported

     

       19
       21
        
         # to the latest stable release.

     

       20
       20
       -
         version = "2025.6.30";

     

       22
       22
       +
         version = "2025.06.30";

     

       21
       23
        
         pyproject = true;

     

       22
       24
        
       

     

       23
       23
       -
         src = fetchPypi {

     

       24
       24
       -
           inherit version;

     

       25
       25
       -
           pname = "yt_dlp";

     

       26
       26
       -
           hash = "sha256-bQroVcClW/zCjf+6gE7IUlublV00pBGRoVYaTOwD2L0=";

     

       25
       25
       +
         src = fetchFromGitHub {

     

       26
       26
       +
           owner = "yt-dlp";

     

       27
       27
       +
           repo = "yt-dlp";

     

       28
       28
       +
           tag = version;

     

       29
       29
       +
           hash = "sha256-dwBe6oXh7G67kfiI6BqiC0ZHzleR7QlfMiTVXWYW85I=";

     

       27
       30
        
         };

     

       28
       31
        
       

     

       29
       29
       -
         build-system = with python3Packages; [

     

       30
       30
       -
           hatchling

     

       32
       32
       +
         build-system = with python3Packages; [ hatchling ];

     

       33
       33
       +
       

     

       34
       34
       +
         nativeBuildInputs = [

     

       35
       35
       +
           installShellFiles

     

       36
       36
       +
           pandoc

     

       31
       37
        
         ];

     

       32
       38
        
       

     

       33
       39
        
         # expose optional-dependencies, but provide all features

     
···

       51
       57
        
         };

     

       52
       58
        
       

     

       53
       59
        
         pythonRelaxDeps = [ "websockets" ];

     

       60
       60
       +
       

     

       61
       61
       +
         preBuild = ''

     

       62
       62
       +
           python devscripts/make_lazy_extractors.py

     

       63
       63
       +
         '';

     

       64
       64
       +
       

     

       65
       65
       +
         postBuild = ''

     

       66
       66
       +
           python devscripts/prepare_manpage.py yt-dlp.1.temp.md

     

       67
       67
       +
           pandoc -s -f markdown-smart -t man yt-dlp.1.temp.md -o yt-dlp.1

     

       68
       68
       +
           rm yt-dlp.1.temp.md

     

       69
       69
       +
       

     

       70
       70
       +
           mkdir -p completions/{bash,fish,zsh}

     

       71
       71
       +
           python devscripts/bash-completion.py completions/bash/yt-dlp

     

       72
       72
       +
           python devscripts/zsh-completion.py completions/zsh/_yt-dlp

     

       73
       73
       +
           python devscripts/fish-completion.py completions/fish/yt-dlp.fish

     

       74
       74
       +
         '';

     

       54
       75
        
       

     

       55
       76
        
         # Ensure these utilities are available in $PATH:

     

       56
       77
        
         # - ffmpeg: post-processing & transcoding support

     
···

       68
       89
        
             ''--prefix PATH : "${lib.makeBinPath packagesToBinPath}"''

     

       69
       90
        
           ];

     

       70
       91
        
       

     

       71
       71
       -
         setupPyBuildFlags = [

     

       72
       72
       -
           "build_lazy_extractors"

     

       73
       73
       -
         ];

     

       74
       74
       -
       

     

       75
       92
        
         # Requires network

     

       76
       93
        
         doCheck = false;

     

       77
       94
        
       

     

       78
       78
       -
         postInstall = lib.optionalString withAlias ''

     

       79
       79
       -
           ln -s "$out/bin/yt-dlp" "$out/bin/youtube-dl"

     

       80
       80
       -
         '';

     

       95
       95
       +
         postInstall =

     

       96
       96
       +
           ''

     

       97
       97
       +
             installManPage yt-dlp.1

     

       81
       98
        
       

     

       82
       82
       -
         passthru.updateScript = [

     

       83
       83
       -
           update-python-libraries

     

       84
       84
       -
           (toString ./.)

     

       85
       85
       -
         ];

     

       99
       99
       +
             installShellCompletion \

     

       100
       100
       +
               --bash completions/bash/yt-dlp \

     

       101
       101
       +
               --fish completions/fish/yt-dlp.fish \

     

       102
       102
       +
               --zsh completions/zsh/_yt-dlp

     

       86
       103
        
       

     

       87
       87
       -
         meta = with lib; {

     

       104
       104
       +
             install -Dm644 Changelog.md README.md -t "$out/share/doc/yt_dlp"

     

       105
       105
       +
           ''

     

       106
       106
       +
           + lib.optionalString withAlias ''

     

       107
       107
       +
             ln -s "$out/bin/yt-dlp" "$out/bin/youtube-dl"

     

       108
       108
       +
           '';

     

       109
       109
       +
       

     

       110
       110
       +
         passthru.updateScript = nix-update-script { };

     

       111
       111
       +
       

     

       112
       112
       +
         meta = {

     

       113
       113
       +
           changelog = "https://github.com/yt-dlp/yt-dlp/blob/${version}/Changelog.md";

     

       114
       114
       +
           description = "Command-line tool to download videos from YouTube.com and other sites (youtube-dl fork)";

     

       88
       115
        
           homepage = "https://github.com/yt-dlp/yt-dlp/";

     

       89
       89
       -
           description = "Command-line tool to download videos from YouTube.com and other sites (youtube-dl fork)";

     

       116
       116
       +
           license = lib.licenses.unlicense;

     

       90
       117
        
           longDescription = ''

     

       91
       118
        
             yt-dlp is a youtube-dl fork based on the now inactive youtube-dlc.

     

       92
       119
        
       

     
···

       95
       122
        
             youtube-dl is released to the public domain, which means

     

       96
       123
        
             you can modify it, redistribute it or use it however you like.

     

       97
       124
        
           '';

     

       98
       98
       -
           changelog = "https://github.com/yt-dlp/yt-dlp/blob/HEAD/Changelog.md";

     

       99
       99
       -
           license = licenses.unlicense;

     

       100
       100
       -
           maintainers = with maintainers; [

     

       125
       125
       +
           mainProgram = "yt-dlp";

     

       126
       126
       +
           maintainers = with lib.maintainers; [

     

       101
       127
        
             SuperSandro2000

     

       102
       128
        
             donteatoreo

     

       103
       129
        
           ];

     

       104
       104
       -
           mainProgram = "yt-dlp";

     

       105
       130
        
         };

     

       106
       131
        
       }

+20 -13

pkgs/development/python-modules/ffmpy/default.nix

···

       24
       24
        
           hash = "sha256-U20mBg+428kkka6NY9qc7X8jH8A5bKa++g2+PTn/MYg=";

     

       25
       25
        
         };

     

       26
       26
        
       

     

       27
       27
       -
         postPatch = ''

     

       28
       28
       -
           # default to store ffmpeg

     

       29
       29
       -
           substituteInPlace ffmpy/ffmpy.py \

     

       30
       30
       -
             --replace-fail \

     

       31
       31
       -
               'executable: str = "ffmpeg",' \

     

       32
       32
       -
               'executable: str = "${ffmpeg-headless}/bin/ffmpeg",'

     

       33
       33
       -
       

     

       34
       34
       -
           #  The tests test a mock that does not behave like ffmpeg. If we default to the nix-store ffmpeg they fail.

     

       35
       35
       -
           for fname in tests/*.py; do

     

       36
       36
       -
             echo >>"$fname" 'FFmpeg.__init__.__defaults__ = ("ffmpeg", *FFmpeg.__init__.__defaults__[1:])'

     

       37
       37
       -
           done

     

       38
       38
       -
         '';

     

       27
       27
       +
         postPatch =

     

       28
       28
       +
           # Default to store ffmpeg.

     

       29
       29
       +
           ''

     

       30
       30
       +
             substituteInPlace ffmpy/ffmpy.py \

     

       31
       31
       +
               --replace-fail \

     

       32
       32
       +
                 'executable: str = "ffmpeg",' \

     

       33
       33
       +
                 'executable: str = "${lib.getExe ffmpeg-headless}",'

     

       34
       34
       +
           ''

     

       35
       35
       +
           # The tests test a mock that does not behave like ffmpeg. If we default to the nix-store ffmpeg they fail.

     

       36
       36
       +
           + ''

     

       37
       37
       +
             for fname in tests/*.py; do

     

       38
       38
       +
               echo >>"$fname" 'FFmpeg.__init__.__defaults__ = ("ffmpeg", *FFmpeg.__init__.__defaults__[1:])'

     

       39
       39
       +
             done

     

       40
       40
       +
           ''

     

       41
       41
       +
           # uv-build in nixpkgs is now at 0.8.0, which otherwise breaks the constraint set by the package.

     

       42
       42
       +
           + ''

     

       43
       43
       +
             substituteInPlace pyproject.toml \

     

       44
       44
       +
               --replace-fail 'requires = ["uv_build>=0.7.9,<0.8.0"]' 'requires = ["uv_build>=0.7.9,<0.9.0"]'

     

       45
       45
       +
           '';

     

       39
       46
        
       

     

       40
       47
        
         pythonImportsCheck = [ "ffmpy" ];

     

       41
       48
        
       

     

       42
       42
       -
         nativeBuildInputs = [ uv-build ];

     

       49
       49
       +
         build-system = [ uv-build ];

     

       43
       50
        
       

     

       44
       51
        
         nativeCheckInputs = [

     

       45
       52
        
           pytestCheckHook

+2 -2

pkgs/development/python-modules/llama-cpp-python/default.nix

···

       39
       39
        
       in

     

       40
       40
        
       buildPythonPackage rec {

     

       41
       41
        
         pname = "llama-cpp-python";

     

       42
       42
       -
         version = "0.3.12";

     

       42
       42
       +
         version = "0.3.14";

     

       43
       43
        
         pyproject = true;

     

       44
       44
        
       

     

       45
       45
        
         src = fetchFromGitHub {

     

       46
       46
        
           owner = "abetlen";

     

       47
       47
        
           repo = "llama-cpp-python";

     

       48
       48
        
           tag = "v${version}";

     

       49
       49
       -
           hash = "sha256-TTGweGfav1uI2+87iUYc1Esmuor9sEZdZqSU2YVPCdQ=";

     

       49
       49
       +
           hash = "sha256-RJP2QkelqxZuEoxI3CHyenqUJdjw2MsZKUKM+UUxJB8=";

     

       50
       50
        
           fetchSubmodules = true;

     

       51
       51
        
         };

     

       52
       52
        
         # src = /home/gaetan/llama-cpp-python;

+2 -2

pkgs/development/python-modules/nanobind/default.nix

···

       26
       26
        
       }:

     

       27
       27
        
       buildPythonPackage rec {

     

       28
       28
        
         pname = "nanobind";

     

       29
       29
       -
         version = "2.7.0";

     

       29
       29
       +
         version = "2.8.0";

     

       30
       30
        
         pyproject = true;

     

       31
       31
        
       

     

       32
       32
        
         src = fetchFromGitHub {

     
···

       34
       34
        
           repo = "nanobind";

     

       35
       35
        
           tag = "v${version}";

     

       36
       36
        
           fetchSubmodules = true;

     

       37
       37
       -
           hash = "sha256-ex5svqDp9XJtiNCxu0249ORL6LbG679U6PvKQaWANmE=";

     

       37
       37
       +
           hash = "sha256-GGYnyO8eILYNu7va2tMB0QJkBCRDMIfRQO4a9geV49Y=";

     

       38
       38
        
         };

     

       39
       39
        
       

     

       40
       40
        
         build-system = [

+2 -4

pkgs/development/python-modules/pysilero-vad/default.nix

···

       17
       17
        
       

     

       18
       18
        
       buildPythonPackage rec {

     

       19
       19
        
         pname = "pysilero-vad";

     

       20
       20
       -
         version = "2.1.0";

     

       20
       20
       +
         version = "2.1.1";

     

       21
       21
        
         pyproject = true;

     

       22
       22
        
       

     

       23
       23
        
         src = fetchFromGitHub {

     

       24
       24
        
           owner = "rhasspy";

     

       25
       25
        
           repo = "pysilero-vad";

     

       26
       26
        
           tag = "v${version}";

     

       27
       27
       -
           hash = "sha256-h49AD3ICh0NYyh2EDogynQ0qgkKCAQTVKS9rbXbrqPE=";

     

       27
       27
       +
           hash = "sha256-zxvYvPnL99yIVHrzbRbKmTazzlefOS+s2TAWLweRSYE=";

     

       28
       28
        
         };

     

       29
       29
        
       

     

       30
       30
        
         build-system = [ setuptools ];

     

       31
       31
       -
       

     

       32
       32
       -
         pythonRelaxDeps = [ "numpy" ];

     

       33
       31
        
       

     

       34
       32
        
         dependencies = [

     

       35
       33
        
           numpy

+2 -2

pkgs/development/python-modules/sagemaker-core/default.nix

···

       28
       28
        
       

     

       29
       29
        
       buildPythonPackage rec {

     

       30
       30
        
         pname = "sagemaker-core";

     

       31
       31
       -
         version = "1.0.42";

     

       31
       31
       +
         version = "1.0.45";

     

       32
       32
        
         pyproject = true;

     

       33
       33
        
       

     

       34
       34
        
         src = fetchFromGitHub {

     

       35
       35
        
           owner = "aws";

     

       36
       36
        
           repo = "sagemaker-core";

     

       37
       37
        
           tag = "v${version}";

     

       38
       38
       -
           hash = "sha256-To4VjTuE9fkVQSXR1k6NMAjrByzFhAidvui8w+etOQc=";

     

       38
       38
       +
           hash = "sha256-/NXSuDQAhRQ5RuYV1Eaat0TjMzqj1IYp3LECmTISoK8=";

     

       39
       39
        
         };

     

       40
       40
        
       

     

       41
       41
        
         build-system = [

+2 -2

pkgs/development/python-modules/scim2-client/default.nix

···

       17
       17
        
       

     

       18
       18
        
       buildPythonPackage rec {

     

       19
       19
        
         pname = "scim2-client";

     

       20
       20
       -
         version = "0.5.1";

     

       20
       20
       +
         version = "0.5.2";

     

       21
       21
        
       

     

       22
       22
        
         pyproject = true;

     

       23
       23
        
       

     
···

       26
       26
        
         src = fetchPypi {

     

       27
       27
        
           inherit version;

     

       28
       28
        
           pname = "scim2_client";

     

       29
       29
       -
           hash = "sha256-g2RR+Ruvjw88cGHcwEPoktTmB8VcWAPnea3BErS8JyI=";

     

       29
       29
       +
           hash = "sha256-viIriAFyfJVrJRr04GBD3dhaQ+iUVujigsx1ucSSeqA=";

     

       30
       30
        
         };

     

       31
       31
        
       

     

       32
       32
        
         build-system = [ hatchling ];

-2

pkgs/os-specific/linux/kernel/generic.nix

···

       94
       94
        
           # cgit) that are needed here should be included directly in Nixpkgs as

     

       95
       95
        
           # files.

     

       96
       96
        
       

     

       97
       97
       -
           assert stdenv.hostPlatform.isLinux;

     

       98
       98
       -
       

     

       99
       97
        
           let

     

       100
       98
        
             # Dirty hack to make sure that `version` & `src` have

     

       101
       99
        
             # `<nixpkgs/pkgs/os-specific/linux/kernel/linux-x.y.nix>` as position

+2 -2

pkgs/os-specific/linux/kernel/zen-kernels.nix

···

       23
       23
        
           };

     

       24
       24
        
           # ./update-zen.py lqx

     

       25
       25
        
           lqx = {

     

       26
       26
       -
             version = "6.15.6"; # lqx

     

       26
       26
       +
             version = "6.15.7"; # lqx

     

       27
       27
        
             suffix = "lqx1"; # lqx

     

       28
       28
       -
             sha256 = "092yz6r6wzkafr0rafb1qdapghjwr33dlx3id5jn03jkq4g8jgmd"; # lqx

     

       28
       28
       +
             sha256 = "05pr17hqrlf4jfw3fxja9n0lfs4piy03fh4wqjhbd601sjif6akh"; # lqx

     

       29
       29
        
             isLqx = true;

     

       30
       30
        
           };

     

       31
       31
        
         };

pkgs/os-specific/linux/ply/default.nix

···

       55
       55
        
             mic92

     

       56
       56
        
             mbbx6spp

     

       57
       57
        
           ];

     

       58
       58
       +
           platforms = lib.platforms.linux;

     

       58
       59
        
         };

     

       59
       60
        
       }

+25

pkgs/servers/home-assistant/custom-components/roborock_custom_map/package.nix

···

       1
       1
       +
       {

     

       2
       2
       +
         lib,

     

       3
       3
       +
         buildHomeAssistantComponent,

     

       4
       4
       +
         fetchFromGitHub,

     

       5
       5
       +
       }:

     

       6
       6
       +
       

     

       7
       7
       +
       buildHomeAssistantComponent rec {

     

       8
       8
       +
         owner = "Lash-L";

     

       9
       9
       +
         domain = "roborock_custom_map";

     

       10
       10
       +
         version = "0.1.1";

     

       11
       11
       +
       

     

       12
       12
       +
         src = fetchFromGitHub {

     

       13
       13
       +
           owner = "Lash-L";

     

       14
       14
       +
           repo = "RoborockCustomMap";

     

       15
       15
       +
           tag = version;

     

       16
       16
       +
           hash = "sha256-ZKaUTUTN0tTW8bks0TYixfmbEa7A7ERdJ+xZ365HEbU=";

     

       17
       17
       +
         };

     

       18
       18
       +
       

     

       19
       19
       +
         meta = {

     

       20
       20
       +
           description = "This allows you to use the core Roborock integration with the Xiaomi Map Card";

     

       21
       21
       +
           homepage = "https://github.com/Lash-L/RoborockCustomMap";

     

       22
       22
       +
           license = lib.licenses.mit;

     

       23
       23
       +
           maintainers = with lib.maintainers; [ kranzes ];

     

       24
       24
       +
         };

     

       25
       25
       +
       }

+2 -2

pkgs/servers/home-assistant/custom-lovelace-modules/advanced-camera-card/package.nix

···

       6
       6
        
       

     

       7
       7
        
       stdenv.mkDerivation rec {

     

       8
       8
        
         pname = "advanced-camera-card";

     

       9
       9
       -
         version = "7.14.2";

     

       9
       9
       +
         version = "7.14.3";

     

       10
       10
        
       

     

       11
       11
        
         src = fetchzip {

     

       12
       12
        
           url = "https://github.com/dermotduffy/advanced-camera-card/releases/download/v${version}/advanced-camera-card.zip";

     

       13
       13
       -
           hash = "sha256-I4ZrkhrwP+b7IHNWbGpGPmlH9CP7o2mFTfN5J1fOY/E=";

     

       13
       13
       +
           hash = "sha256-pbca+z0abg2aeffBZ3yqfz7nbR+sqQgvRUML2DH0tIY=";

     

       14
       14
        
         };

     

       15
       15
        
       

     

       16
       16
        
         # TODO: build from source once yarn berry support lands in nixpkgs

+11 -11

pkgs/test/nixos-functions/default.nix

···

       21
       21
        
           label = "test";

     

       22
       22
        
         };

     

       23
       23
        
       in

     

       24
       24
       -
       pkgs.recurseIntoAttrs {

     

       25
       25
       -
       

     

       26
       26
       -
         nixos-test =

     

       27
       27
       -
           (pkgs.nixos {

     

       28
       28
       -
             system.nixos = dummyVersioning;

     

       29
       29
       -
             boot.loader.grub.enable = false;

     

       30
       30
       -
             fileSystems."/".device = "/dev/null";

     

       31
       31
       -
             system.stateVersion = lib.trivial.release;

     

       32
       32
       -
           }).toplevel;

     

       33
       33
       -
       

     

       34
       34
       -
       }

     

       24
       24
       +
       lib.optionalAttrs (stdenv.hostPlatform.isLinux) (

     

       25
       25
       +
         pkgs.recurseIntoAttrs {

     

       26
       26
       +
           nixos-test =

     

       27
       27
       +
             (pkgs.nixos {

     

       28
       28
       +
               system.nixos = dummyVersioning;

     

       29
       29
       +
               boot.loader.grub.enable = false;

     

       30
       30
       +
               fileSystems."/".device = "/dev/null";

     

       31
       31
       +
               system.stateVersion = lib.trivial.release;

     

       32
       32
       +
             }).toplevel;

     

       33
       33
       +
         }

     

       34
       34
       +
       )

+551 -556

pkgs/tools/misc/grub/default.nix

···

       88
       88
        
           hash = "sha256-IoRiJHNQ58y0UhCAD0CrpFiI8Mz1upzAtyh5K4Njh/w=";

     

       89
       89
        
         };

     

       90
       90
        
       in

     

       91
       91
       -
       (

     

       91
       91
       +
       stdenv.mkDerivation rec {

     

       92
       92
       +
         pname = "grub";

     

       93
       93
       +
         version = "2.12";

     

       94
       94
       +
         inherit src;

     

       92
       95
        
       

     

       93
       93
       -
         assert efiSupport -> canEfi;

     

       94
       94
       -
         assert zfsSupport -> zfs != null;

     

       95
       95
       -
         assert !(efiSupport && xenSupport);

     

       96
       96
       +
         patches = [

     

       97
       97
       +
           ./fix-bash-completion.patch

     

       98
       98
       +
           ./add-hidden-menu-entries.patch

     

       96
       99
        
       

     

       97
       97
       -
         stdenv.mkDerivation rec {

     

       98
       98
       -
           pname = "grub";

     

       99
       99
       -
           version = "2.12";

     

       100
       100
       -
           inherit src;

     

       100
       100
       +
           # https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

     

       101
       101
       +
           (fetchpatch {

     

       102
       102
       +
             name = "01_implement_grub_strlcpy.patch";

     

       103
       103
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=ea703528a8581a2ea7e0bad424a70fdf0aec7d8f";

     

       104
       104
       +
             hash = "sha256-MSMgu1vMG83HRImUUsTyA1YQaIhgEreGGPd+ZDWSI2I=";

     

       105
       105
       +
           })

     

       106
       106
       +
           (fetchpatch {

     

       107
       107
       +
             name = "02_CVE-2024-45781.patch";

     

       108
       108
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=c1a291b01f4f1dcd6a22b61f1c81a45a966d16ba";

     

       109
       109
       +
             hash = "sha256-q8ErK+cQzaqwSuhLRFL3AfYBkpgJq1IQmadnlmlz2yw=";

     

       110
       110
       +
           })

     

       111
       111
       +
           (fetchpatch {

     

       112
       112
       +
             name = "03_CVE-2024-45782_CVE-2024-56737.patch";

     

       113
       113
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=417547c10410b714e43f08f74137c24015f8f4c3";

     

       114
       114
       +
             hash = "sha256-mRinw27WZ2d1grzyzFGO18yXx72UVBM6Lf5cR8XJfs8=";

     

       115
       115
       +
           })

     

       116
       116
       +
           (fetchpatch {

     

       117
       117
       +
             name = "04_fs_tar_initialize_name_in_grub_cpio_find_file.patch";

     

       118
       118
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=2c8ac08c99466c0697f704242363fc687f492a0d";

     

       119
       119
       +
             hash = "sha256-EMGF0B+Fw6tSmllWUJAp1ynzWk+w2C/XM1LmXSReHWg=";

     

       120
       120
       +
           })

     

       121
       121
       +
           (fetchpatch {

     

       122
       122
       +
             name = "05_CVE-2024-45780.patch";

     

       123
       123
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=0087bc6902182fe5cedce2d034c75a79cf6dd4f3";

     

       124
       124
       +
             hash = "sha256-IlW5i4EJVoUYPu9/lb0LeytTpzltQuu5fpkFPQNIhls=";

     

       125
       125
       +
           })

     

       126
       126
       +
           (fetchpatch {

     

       127
       127
       +
             name = "06_fs_f2fs_grub_errno_mount_fails.patch";

     

       128
       128
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=563436258cde64da6b974880abff1bf0959f4da3";

     

       129
       129
       +
             hash = "sha256-Iu0RPyB+pAnqMT+MTX+TrJbYJsvYPn7jbMgE1jcLh/Q=";

     

       130
       130
       +
           })

     

       131
       131
       +
           (fetchpatch {

     

       132
       132
       +
             name = "07_CVE-2024-45783.patch";

     

       133
       133
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=f7c070a2e28dfab7137db0739fb8db1dc02d8898";

     

       134
       134
       +
             hash = "sha256-V1wh2dPeTazmad61jFtOjhq2MdoD+txPWY/AfwwyTZM=";

     

       135
       135
       +
           })

     

       136
       136
       +
           (fetchpatch {

     

       137
       137
       +
             name = "08_fs_iso9660_grub_errno_mount_fails.patch";

     

       138
       138
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=965db5970811d18069b34f28f5f31ddadde90a97";

     

       139
       139
       +
             hash = "sha256-6eN1AvZwXkJOQVcjgymy/E7QiAxzL/d0W3KlAZRqUzI=";

     

       140
       140
       +
           })

     

       141
       141
       +
           (fetchpatch {

     

       142
       142
       +
             name = "09_fs_iso9660_fix_invalid_free.patch";

     

       143
       143
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=1443833a9535a5873f7de3798cf4d8389f366611";

     

       144
       144
       +
             hash = "sha256-Gt5yMy5Vg9zrDggj3o/TLNt2vT9/6IuHg4Se2p8e8pI=";

     

       145
       145
       +
           })

     

       146
       146
       +
           (fetchpatch {

     

       147
       147
       +
             name = "10_fs_jfs_fix_oob_read_jfs_getent.patch";

     

       148
       148
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=66175696f3a385b14bdf1ebcda7755834bd2d5fb";

     

       149
       149
       +
             hash = "sha256-ETbzbc5gvf55sTLjmJOXXC9VH3qcP1Gv5seR/U9NRiY=";

     

       150
       150
       +
           })

     

       151
       151
       +
           (fetchpatch {

     

       152
       152
       +
             name = "11_fs_jfs_fix_oob_read_caused_by_invalid_dir_slot_index.patch";

     

       153
       153
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=ab09fd0531f3523ac0ef833404526c98c08248f7";

     

       154
       154
       +
             hash = "sha256-wE6niiIx4BdN800/Eegb6IbBRoMFpXq9kPvatwhWNXY=";

     

       155
       155
       +
           })

     

       156
       156
       +
           (fetchpatch {

     

       157
       157
       +
             name = "12_fs_jfs_use_full_40_bits_offset_and_address_for_data_extent.patch";

     

       158
       158
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=bd999310fe67f35a66de3bfa2836da91589d04ef";

     

       159
       159
       +
             hash = "sha256-fbC4oTEIoGWJASzJI5RXfoanrMLTfjFOI51LCUU7Ctg=";

     

       160
       160
       +
           })

     

       161
       161
       +
           (fetchpatch {

     

       162
       162
       +
             name = "13_fs_jfs_inconsistent_signed_unsigned_types_usage.patch";

     

       163
       163
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=edd995a26ec98654d907a9436a296c2d82bc4b28";

     

       164
       164
       +
             hash = "sha256-aa1G1vi4bPZejfKEqZokAZTzY9Ea2lyxTrP4drDV9tk=";

     

       165
       165
       +
           })

     

       166
       166
       +
           (fetchpatch {

     

       167
       167
       +
             name = "14_fs_ext2_fix_out-of-bounds_read_for_inline_extent.patch";

     

       168
       168
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=7e2f750f0a795c4d64ec7dc7591edac8da2e978c";

     

       169
       169
       +
             hash = "sha256-PtPqZHMU2fy7btRRaaswLyHizplxnygCzDfcg5ievOQ=";

     

       170
       170
       +
           })

     

       171
       171
       +
           (fetchpatch {

     

       172
       172
       +
             name = "15_fs_ntfs_fix_out-of-bounds_read.patch";

     

       173
       173
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=aff26318783a135562b904ff09e2359893885732";

     

       174
       174
       +
             hash = "sha256-znN6lkAB9aAhTGKR1038DzOz5nzuTp+7ylHVqRM7HeI=";

     

       175
       175
       +
           })

     

       176
       176
       +
           (fetchpatch {

     

       177
       177
       +
             name = "16_fs_ntfs_track_the_end_of_the_MFT_attribute_buffer.patch";

     

       178
       178
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=237a71184a32d1ef7732f5f49ed6a89c5fe1c99a";

     

       179
       179
       +
             hash = "sha256-0I/g0qHkWY6PArPn1UaYRhCrrh9bHknADh34v5eSjjM=";

     

       180
       180
       +
           })

     

       181
       181
       +
           (fetchpatch {

     

       182
       182
       +
             name = "17_fs_ntfs_use_a_helper_function_to_access_attributes.patch";

     

       183
       183
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=048777bc29043403d077d41a81d0183767b8bc71";

     

       184
       184
       +
             hash = "sha256-Mm49MSLqCq143r8ruLJm1QoyCoLtOlCBfqoAPwPlv8E=";

     

       185
       185
       +
           })

     

       186
       186
       +
           # Patch 18 (067b6d225d482280abad03944f04e30abcbdafa1) has been removed because it causes regressions

     

       187
       187
       +
           # https://lists.gnu.org/archive/html/grub-devel/2025-03/msg00067.html

     

       188
       188
       +
           (fetchpatch {

     

       189
       189
       +
             name = "19_fs_xfs_fix_out-of-bounds_read.patch";

     

       190
       190
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=6ccc77b59d16578b10eaf8a4fe85c20b229f0d8a";

     

       191
       191
       +
             hash = "sha256-FvTzFvfEi3oyxPC/dUHreyzzeVCskaUlYUjpKY/l0DE=";

     

       192
       192
       +
           })

     

       193
       193
       +
           (fetchpatch {

     

       194
       194
       +
             name = "20_fs_xfs_ensuring_failing_to_mount_sets_a_grub_errno.patch";

     

       195
       195
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=d1d6b7ea58aa5a80a4c4d0666b49460056c8ef0a";

     

       196
       196
       +
             hash = "sha256-SLdXMmYHq/gRmWrjRrOu5ZYFod84EllUL6hk+gnr3kg=";

     

       197
       197
       +
           })

     

       198
       198
       +
           (fetchpatch {

     

       199
       199
       +
             name = "21_kern_file_ensure_file_data_is_set.patch";

     

       200
       200
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=a7910687294b29288ac649e71b47493c93294f17";

     

       201
       201
       +
             hash = "sha256-DabZK9eSToEmSA9dEwtEN+URiVyS9qf6e2Y2UiMuy8Q=";

     

       202
       202
       +
           })

     

       203
       203
       +
           (fetchpatch {

     

       204
       204
       +
             name = "22_kern_file_implement_filesystem_reference_counting.patch";

     

       205
       205
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=16f196874fbe360a1b3c66064ec15adadf94c57b";

     

       206
       206
       +
             excludes = [ "grub-core/fs/erofs.c" ]; # Does not exist on 2.12

     

       207
       207
       +
             hash = "sha256-yGU//1tPaxi+xFKZrsbUAnvgFpwtrIMG+8cPbSud4+U=";

     

       208
       208
       +
           })

     

       209
       209
       +
           (fetchpatch {

     

       210
       210
       +
             name = "23_prerequisite_1_key_protector_add_key_protectors_framework.patch";

     

       211
       211
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=5d260302da672258444b01239803c8f4d753e3f3";

     

       212
       212
       +
             hash = "sha256-9WnFN6xMiv+1XMhNHgVEegkhwzp9KpRZI6MIZY/Ih3Q=";

     

       213
       213
       +
           })

     

       214
       214
       +
           (fetchpatch {

     

       215
       215
       +
             name = "23_prerequisite_2_disk_cryptodisk_allow_user_to_retry_failed_passphrase.patch";

     

       216
       216
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=386b59ddb42fa3f86ddfe557113b25c8fa16f88c";

     

       217
       217
       +
             hash = "sha256-e1kGQB7wGWvEb2bY3xIpZxE1uzTt9JOKi05jXyUm+bI=";

     

       218
       218
       +
           })

     

       219
       219
       +
           (fetchpatch {

     

       220
       220
       +
             name = "23_prerequisite_3_cryptodisk_support_key_protectors.patch";

     

       221
       221
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=ad0c52784a375cecaa8715d7deadcf5d65baf173";

     

       222
       222
       +
             hash = "sha256-+YIvUYA3fLiOFFsXDrQjqjWFluzLa7N1tv0lwq8BqCs=";

     

       223
       223
       +
           })

     

       224
       224
       +
           (fetchpatch {

     

       225
       225
       +
             name = "23_prerequisite_4_cryptodisk_fallback_to_passphrase.patch";

     

       226
       226
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=6abf8af3c54abc04c4ec71c75d10fcfbc190e181";

     

       227
       227
       +
             hash = "sha256-eMu9rW4iJucDAsTQMJD1XE6dDIcUmn02cGqIaqBbO3o=";

     

       228
       228
       +
           })

     

       229
       229
       +
           (fetchpatch {

     

       230
       230
       +
             name = "23_prerequisite_5_cryptodisk_wipe_out_the_cached_keys_from_protectors.patch";

     

       231
       231
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=b35480b48e6f9506d8b7ad8a3b5206d29c24ea95";

     

       232
       232
       +
             hash = "sha256-5L6Rr+X5Z+Ip91z8cpLcatDW1vyEoZa1icL2oMXPXuI=";

     

       233
       233
       +
           })

     

       234
       234
       +
           (fetchpatch {

     

       235
       235
       +
             name = "23_prerequisite_6_cli_lock_add_build_option_to_block_command_line_interface.patch";

     

       236
       236
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=bb65d81fe320e4b20d0a9b32232a7546eb275ecc";

     

       237
       237
       +
             hash = "sha256-HxXgtvEhtaIjXbOcxJHNpD9/NVOv3uXPnue7cagEMu8=";

     

       238
       238
       +
           })

     

       239
       239
       +
           (fetchpatch {

     

       240
       240
       +
             name = "23_CVE-2024-49504.patch";

     

       241
       241
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=13febd78db3cd85dcba67d8ad03ad4d42815f11e";

     

       242
       242
       +
             hash = "sha256-U7lNUb4iVAyQ1yEg5ECHCQGE51tKvY13T9Ji09Q1W9Y=";

     

       243
       243
       +
           })

     

       244
       244
       +
           (fetchpatch {

     

       245
       245
       +
             name = "24_disk_loopback_reference_tracking_for_the_loopback.patch";

     

       246
       246
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=67f70f70a36b6e87a65f928fe1e840a12eafb7ae";

     

       247
       247
       +
             hash = "sha256-sWBnSF3rAuY1A/IIK1Pc+BqTvyK3j7+lLEhvImtBQMA=";

     

       248
       248
       +
           })

     

       249
       249
       +
           (fetchpatch {

     

       250
       250
       +
             name = "25_kern_disk_limit_recursion_depth.patch";

     

       251
       251
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=18212f0648b6de7d71d4c8f41eb4d8b78b3a299b";

     

       252
       252
       +
             hash = "sha256-HiVzXUNs45Fxh4DSqO8wAxSBM7CaYU/bix0PVBcIHGw=";

     

       253
       253
       +
           })

     

       254
       254
       +
           (fetchpatch {

     

       255
       255
       +
             name = "26_kern_partition_limit_recursion_in_part_iterate.patch";

     

       256
       256
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=8a7103fddfd6664f41081f3bb88eebbf2871da2a";

     

       257
       257
       +
             hash = "sha256-Nw1VFRVww1VSDSBkRrnTGeaA2PKCitugM12XH6X/2YI=";

     

       258
       258
       +
           })

     

       259
       259
       +
           (fetchpatch {

     

       260
       260
       +
             name = "27_script_execute_limit_the_recursion_depth.patch";

     

       261
       261
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=d8a937ccae5c6d86dc4375698afca5cefdcd01e1";

     

       262
       262
       +
             hash = "sha256-YOAdPMZ2iBNMzIwAXFkkyTMKh4ptZUQ0J3v9EjnRlbo=";

     

       263
       263
       +
           })

     

       264
       264
       +
           (fetchpatch {

     

       265
       265
       +
             name = "28_net_unregister_net_default_ip_and_net_default_mac_variables_hooks_on_unload.patch";

     

       266
       266
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=a1dd8e59da26f1a9608381d3a1a6c0f465282b1d";

     

       267
       267
       +
             hash = "sha256-7fqdkhFqLECzhz1OLavkHrE9ktDAEmx9ZxZayNr/Eo4=";

     

       268
       268
       +
           })

     

       269
       269
       +
           (fetchpatch {

     

       270
       270
       +
             name = "29_net_remove_variables_hooks_when_interface_is_unregisted.patch";

     

       271
       271
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=aa8b4d7facef7b75a2703274b1b9d4e0e734c401";

     

       272
       272
       +
             hash = "sha256-m3VLDbJlwchV5meEpU4LJrDxBtA80qvYcVMJinHLnac=";

     

       273
       273
       +
           })

     

       274
       274
       +
           (fetchpatch {

     

       275
       275
       +
             name = "30_CVE-2025-0624.patch";

     

       276
       276
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=5eef88152833062a3f7e017535372d64ac8ef7e1";

     

       277
       277
       +
             hash = "sha256-DvhzHnenAmO9SZpi4kU+0GhyKZB4q4xQYuNJgEhJmn0=";

     

       278
       278
       +
           })

     

       279
       279
       +
           (fetchpatch {

     

       280
       280
       +
             name = "31_net_tftp_fix_stack_buffer_overflow_in_tftp_open.patch";

     

       281
       281
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=0707accab1b9be5d3645d4700dde3f99209f9367";

     

       282
       282
       +
             hash = "sha256-16NrpWFSE4jFT2uxmJg16jChw8HiGRTol25XQXNQ5l4=";

     

       283
       283
       +
           })

     

       284
       284
       +
           (fetchpatch {

     

       285
       285
       +
             name = "32_CVE-2024-45774.patch";

     

       286
       286
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=2c34af908ebf4856051ed29e46d88abd2b20387f";

     

       287
       287
       +
             hash = "sha256-OWmF+fp2TmetQjV4EWMcESW8u52Okkb5C5IPLfczyv4=";

     

       288
       288
       +
           })

     

       289
       289
       +
           (fetchpatch {

     

       290
       290
       +
             name = "33_kern_dl_fix_for_an_integer_overflow_in_grub_dl_ref.patch";

     

       291
       291
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=500e5fdd82ca40412b0b73f5e5dda38e4a3af96d";

     

       292
       292
       +
             hash = "sha256-FNqOWo+oZ4/1sCbTi2uaeKchUxwAKXtbzhScezm0yxk=";

     

       293
       293
       +
           })

     

       294
       294
       +
           # Patch 34 (https://git.savannah.gnu.org/cgit/grub.git/patch/?id=d72208423dcabf9eb4a3bcb17b6b31888396bd49)

     

       295
       295
       +
           # is skipped, grub_dl_set_mem_attrs() does not exist on 2.12

     

       296
       296
       +
           (fetchpatch {

     

       297
       297
       +
             name = "35_kern_dl_check_for_the_SHF_INFO_LINK_flag_in_grub_dl_relocate_symbols.patch";

     

       298
       298
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=98ad84328dcabfa603dcf5bd217570aa6b4bdd99";

     

       299
       299
       +
             hash = "sha256-Zi4Pj2NbodL0VhhO5MWhvErb8xmA7Li0ur0MxpgQjzg=";

     

       300
       300
       +
           })

     

       301
       301
       +
           (fetchpatch {

     

       302
       302
       +
             name = "36_CVE-2024-45775.patch";

     

       303
       303
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=05be856a8c3aae41f5df90cab7796ab7ee34b872";

     

       304
       304
       +
             hash = "sha256-T6DO8iuImQTP7hPaCAHMtFnheQoCkZ6w+kfNolLPmrY=";

     

       305
       305
       +
           })

     

       306
       306
       +
           (fetchpatch {

     

       307
       307
       +
             name = "37_commands_ls_fix_NULL_dereference.patch";

     

       308
       308
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=0bf56bce47489c059e50e61a3db7f682d8c44b56";

     

       309
       309
       +
             hash = "sha256-h5okwqv4ZFahP3ANUbsk1fiSV4pwEnxUExeBgQ4tiTI=";

     

       310
       310
       +
           })

     

       311
       311
       +
           (fetchpatch {

     

       312
       312
       +
             name = "38_CVE-2025-0622.patch";

     

       313
       313
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=2123c5bca7e21fbeb0263df4597ddd7054700726";

     

       314
       314
       +
             hash = "sha256-tFE7VgImGZWDICyvHbrI1hqW6/XohgdTmk21MzljMGw=";

     

       315
       315
       +
           })

     

       316
       316
       +
           (fetchpatch {

     

       317
       317
       +
             name = "39_CVE-2025-0622.patch";

     

       318
       318
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=9c16197734ada8d0838407eebe081117799bfe67";

     

       319
       319
       +
             hash = "sha256-tTeuEvadKbXVuY0m0dKtTr11Lpb3yQi4zk0bpwrMOeA=";

     

       320
       320
       +
           })

     

       321
       321
       +
           (fetchpatch {

     

       322
       322
       +
             name = "40_CVE-2025-0622.patch";

     

       323
       323
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=7580addfc8c94cedb0cdfd7a1fd65b539215e637";

     

       324
       324
       +
             hash = "sha256-khRLpWqE7hzzoqssVkGFMjAv09T+uHn13Q9pCpogMms=";

     

       325
       325
       +
           })

     

       326
       326
       +
           (fetchpatch {

     

       327
       327
       +
             name = "41_CVE-2024-45776.patch";

     

       328
       328
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=09bd6eb58b0f71ec273916070fa1e2de16897a91";

     

       329
       329
       +
             hash = "sha256-yrl/6XUdKQg/MLe8KFuFoRRbQSyOhDmyvnWBV+sr3EY=";

     

       330
       330
       +
           })

     

       331
       331
       +
           (fetchpatch {

     

       332
       332
       +
             name = "42_CVE-2024-45777.patch";

     

       333
       333
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=b970a5ed967816bbca8225994cd0ee2557bad515";

     

       334
       334
       +
             hash = "sha256-Vl5Emw3O3Ba2hD1GCWune4PGduDDPO0gM5u+zx/OwKo=";

     

       335
       335
       +
           })

     

       336
       336
       +
           (fetchpatch {

     

       337
       337
       +
             name = "43_CVE-2025-0690.patch";

     

       338
       338
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=dad8f502974ed9ad0a70ae6820d17b4b142558fc";

     

       339
       339
       +
             hash = "sha256-DeWOncndX2VM8w1lb5fd5wHAZrI+ChB5Pj9XbUIfDWY=";

     

       340
       340
       +
           })

     

       341
       341
       +
           (fetchpatch {

     

       342
       342
       +
             name = "44_commands_test_stack_overflow_due_to_unlimited_recursion_depth.patch";

     

       343
       343
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=c68b7d23628a19da67ebe2e06f84165ee04961af";

     

       344
       344
       +
             hash = "sha256-aputM9KqkB/cK8hBiU9VXbu0LpLNlNCMVIeE9h2pMgY=";

     

       345
       345
       +
           })

     

       346
       346
       +
           (fetchpatch {

     

       347
       347
       +
             name = "45_CVE-2025-1118.patch";

     

       348
       348
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=34824806ac6302f91e8cabaa41308eaced25725f";

     

       349
       349
       +
             hash = "sha256-PKQs+fCwj4a9p4hbMqAT3tFNoAOw4xnbKmCwjPUgEOc=";

     

       350
       350
       +
           })

     

       351
       351
       +
           (fetchpatch {

     

       352
       352
       +
             name = "46_commands_memrw_disable_memory_reading_in_lockdown_mode.patch";

     

       353
       353
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=340e4d058f584534f4b90b7dbea2b64a9f8c418c";

     

       354
       354
       +
             hash = "sha256-NiMIUnfRreDBw+k4yxUzoRNMFL8pkJhVtkINVgmv5XA=";

     

       355
       355
       +
           })

     

       356
       356
       +
           (fetchpatch {

     

       357
       357
       +
             name = "47_commands_hexdump_disable_memory_reading_in_lockdown_mode.patch";

     

       358
       358
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=5f31164aed51f498957cdd6ed733ec71a8592c99";

     

       359
       359
       +
             hash = "sha256-NA7QjxZ9FP+WwiOveqLkbZqsF7hULIyaVS3gNaSUXJE=";

     

       360
       360
       +
           })

     

       361
       361
       +
           (fetchpatch {

     

       362
       362
       +
             name = "48_CVE-2024-45778_CVE-2024-45779.patch";

     

       363
       363
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=26db6605036bd9e5b16d9068a8cc75be63b8b630";

     

       364
       364
       +
             hash = "sha256-1+ImwkF/qsejWs2lpyO6xbcqVo2NJGv32gjrP8mEPnI=";

     

       365
       365
       +
           })

     

       366
       366
       +
           (fetchpatch {

     

       367
       367
       +
             name = "49_CVE-2025-0677_CVE-2025-0684_CVE-2025-0685_CVE-2025-0686_CVE-2025-0689.patch";

     

       368
       368
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=c4bc55da28543d2522a939ba4ee0acde45f2fa74";

     

       369
       369
       +
             hash = "sha256-qrlErSImMX8eXJHkXjOe5GZ6lWOya5SVpNoiqyEM1lE=";

     

       370
       370
       +
           })

     

       371
       371
       +
           (fetchpatch {

     

       372
       372
       +
             name = "50_disk_use_safe_math_macros_to_prevent_overflows.patch";

     

       373
       373
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=c407724dad6c3e2fc1571e57adbda71cc03f82aa";

     

       374
       374
       +
             hash = "sha256-kkAjxXvCdzwqh+oWtEF3qSPiUX9cGWO6eSFVeo7WJzQ=";

     

       375
       375
       +
           })

     

       376
       376
       +
           (fetchpatch {

     

       377
       377
       +
             name = "51_disk_prevent_overflows_when_allocating_memory_for_arrays.patch";

     

       378
       378
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=d8151f98331ee4d15fcca59edffa59246d8fc15f";

     

       379
       379
       +
             hash = "sha256-2U+gMLigOCCg3P1GB615xQ0B9PDA6j92tt1ba3Tqg+E=";

     

       380
       380
       +
           })

     

       381
       381
       +
           (fetchpatch {

     

       382
       382
       +
             name = "52_disk_check_if_returned_pointer_for_allocated_memory_is_NULL.patch";

     

       383
       383
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=33bd6b5ac5c77b346769ab5284262f94e695e464";

     

       384
       384
       +
             hash = "sha256-+BaJRskWP/YVEdvIxMvEydjQx2LpLlGphRtZjiOUxJ0=";

     

       385
       385
       +
           })

     

       386
       386
       +
           (fetchpatch {

     

       387
       387
       +
             name = "53_disk_ieee1275_ofdisk_call_grub_ieee1275_close_when_grub_malloc_fails.patch";

     

       388
       388
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=fbaddcca541805c333f0fc792b82772594e73753";

     

       389
       389
       +
             hash = "sha256-9sGA41HlB/8rtT/fMfkDo4ZJMXBSr+EyN92l/0gDfl4=";

     

       390
       390
       +
           })

     

       391
       391
       +
           (fetchpatch {

     

       392
       392
       +
             name = "54_fs_use_safe_math_macros_to_prevent_overflows.patch";

     

       393
       393
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=6608163b08a7a8be4b0ab2a5cd4593bba07fe2b7";

     

       394
       394
       +
             excludes = [ "grub-core/fs/erofs.c" ]; # Does not exist on 2.12

     

       395
       395
       +
             hash = "sha256-mW4MH5VH5pDxCaFhNh/4mEcYloga56p8vCi7X4kSaek=";

     

       396
       396
       +
           })

     

       397
       397
       +
           (fetchpatch {

     

       398
       398
       +
             name = "55_CVE-2025-0678_CVE-2025-1125.patch";

     

       399
       399
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=84bc0a9a68835952ae69165c11709811dae7634e";

     

       400
       400
       +
             hash = "sha256-rCliqM2+k7rTGNpdHFkg3pHvuISjoG0MQr6/8lIvwK4=";

     

       401
       401
       +
           })

     

       402
       402
       +
           (fetchpatch {

     

       403
       403
       +
             name = "56_fs_prevent_overflows_when_assigning_returned_values_from_read_number.patch";

     

       404
       404
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=cde9f7f338f8f5771777f0e7dfc423ddf952ad31";

     

       405
       405
       +
             hash = "sha256-dN3HJXNIYtaUZL0LhLabC4VKK6CVC8km9UTw/ln/6ys=";

     

       406
       406
       +
           })

     

       407
       407
       +
           (fetchpatch {

     

       408
       408
       +
             name = "57_fs_zfs_use_safe_math_macros_to_prevent_overflows.patch";

     

       409
       409
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=88e491a0f744c6b19b6d4caa300a576ba56db7c9";

     

       410
       410
       +
             hash = "sha256-taSuKyCf9+TiQZcF26yMWpDDQqCfTdRuZTqB9aEz3aA=";

     

       411
       411
       +
           })

     

       412
       412
       +
           (fetchpatch {

     

       413
       413
       +
             name = "58_fs_zfs_prevent_overflows_when_allocating_memory_for_arrays.patch";

     

       414
       414
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=7f38e32c7ebeaebb79e2c71e3c7d5ea367d3a39c";

     

       415
       415
       +
             hash = "sha256-E5VmP7I4TAEXxTz3j7mi/uIr9kOSzMoPHAYAbyu56Xk=";

     

       416
       416
       +
           })

     

       417
       417
       +
           (fetchpatch {

     

       418
       418
       +
             name = "59_fs_zfs_check_if_returned_pointer_for_allocated_memory_is_NULL.patch";

     

       419
       419
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=13065f69dae0eeb60813809026de5bd021051892";

     

       420
       420
       +
             hash = "sha256-1W//rHUspDS+utdNc069J8lX1ONfoBKiJYnUt46C/D0=";

     

       421
       421
       +
           })

     

       422
       422
       +
           (fetchpatch {

     

       423
       423
       +
             name = "60_fs_zfs_add_missing_NULL_check_after_grub_strdup_call.patch";

     

       424
       424
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=dd6a4c8d10e02ca5056681e75795041a343636e4";

     

       425
       425
       +
             hash = "sha256-iFLEkz5G6aQ8FXGuY7/wgN4d4o0+sUxWMKYIFcQ/H+o=";

     

       426
       426
       +
           })

     

       427
       427
       +
           (fetchpatch {

     

       428
       428
       +
             name = "61_net_use_safe_math_macros_to_prevent_overflows.patch";

     

       429
       429
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=4beeff8a31c4fb4071d2225533cfa316b5a58391";

     

       430
       430
       +
             hash = "sha256-/gs5ZhplQ1h7PWw0p+b5+0OxmRcvDRKWHj39ezhivcg=";

     

       431
       431
       +
           })

     

       432
       432
       +
           (fetchpatch {

     

       433
       433
       +
             name = "62_net_prevent_overflows_when_allocating_memory_for_arrays.patch";

     

       434
       434
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=dee2c14fd66bc497cdc74c69fde8c9b84637c8eb";

     

       435
       435
       +
             hash = "sha256-cO02tCGEeQhQF0TmgtNOgUwRLnNgmxhEefo1gtSlFOk=";

     

       436
       436
       +
           })

     

       437
       437
       +
           (fetchpatch {

     

       438
       438
       +
             name = "63_net_check_if_returned_pointer_for_allocated_memory_is_NULL.patch";

     

       439
       439
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=1c06ec900591d1fab6fbacf80dc010541d0a5ec8";

     

       440
       440
       +
             hash = "sha256-oSRhWWVraitoVDqGlFOVzdCkaNqFGOHLjJu75CSc388=";

     

       441
       441
       +
           })

     

       442
       442
       +
           (fetchpatch {

     

       443
       443
       +
             name = "64_fs_sfs_check_if_allocated_memory_is_NULL.patch";

     

       444
       444
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=e3c578a56f9294e286b6028ca7c1def997a17b15";

     

       445
       445
       +
             hash = "sha256-7tvFbmjWmWmmRykQjMvZV6IYlhSS8oNR7YfaO5XXAfU=";

     

       446
       446
       +
           })

     

       447
       447
       +
           (fetchpatch {

     

       448
       448
       +
             name = "65_script_execute_fix_potential_underflow_and_NULL.patch";

     

       449
       449
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=d13b6e8ebd10b4eb16698a002aa40258cf6e6f0e";

     

       450
       450
       +
             hash = "sha256-paMWaAIImzxtufUrVF5v4T4KnlDAJIPhdaHznu5CyZ8=";

     

       451
       451
       +
           })

     

       452
       452
       +
           (fetchpatch {

     

       453
       453
       +
             name = "66_osdep_unix_getroot_fix_potential_underflow.patch";

     

       454
       454
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=66733f7c7dae889861ea3ef3ec0710811486019e";

     

       455
       455
       +
             hash = "sha256-/14HC1kcW7Sy9WfJQFfC+YnvS/GNTMP+Uy6Dxd3zkwc=";

     

       456
       456
       +
           })

     

       457
       457
       +
           (fetchpatch {

     

       458
       458
       +
             name = "67_misc_ensure_consistent_overflow_error_messages.patch";

     

       459
       459
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=f8795cde217e21539c2f236bcbb1a4bf521086b3";

     

       460
       460
       +
             hash = "sha256-4X7wr1Tg16xDE9FO6NTlgkfLV5zFKmajeaOspIqcCuI=";

     

       461
       461
       +
           })

     

       462
       462
       +
           (fetchpatch {

     

       463
       463
       +
             name = "68_bus_usb_ehci_define_GRUB_EHCI_TOGGLE_as_grub_uint32_t.patch";

     

       464
       464
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=9907d9c2723304b42cf6da74f1cc6c4601391956";

     

       465
       465
       +
             hash = "sha256-D8xaI8g7ffGGmZqqeS8wxWIFLUWUBfmHwMVOHkYTc2I=";

     

       466
       466
       +
           })

     

       467
       467
       +
           (fetchpatch {

     

       468
       468
       +
             name = "69_normal_menu_use_safe_math_to_avoid_an_integer_overflow.patch";

     

       469
       469
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=5b36a5210e21bee2624f8acc36aefd8f10266adb";

     

       470
       470
       +
             hash = "sha256-UourmM0Zlaj4o+SnYi5AtjfNujDOt+2ez2XH/uWyiaM=";

     

       471
       471
       +
           })

     

       472
       472
       +
           (fetchpatch {

     

       473
       473
       +
             name = "70_kern_partition_add_sanity_check_after_grub_strtoul_call.patch";

     

       474
       474
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=8e6e87e7923ca2ae880021cb42a35cc9bb4c8fe2";

     

       475
       475
       +
             hash = "sha256-4keMUu6ZDKmuSQlFnldV15dDGUibsnSvoEWhLsqWieI=";

     

       476
       476
       +
           })

     

       477
       477
       +
           (fetchpatch {

     

       478
       478
       +
             name = "71_kern_misc_add_sanity_check_after_grub_strtoul_call.patch";

     

       479
       479
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=a8d6b06331a75d75b46f3dd6cc6fcd40dcf604b7";

     

       480
       480
       +
             hash = "sha256-2Mpe1sqyuoUPyMAKGZTNzG/ig3G3K8w0gia7lc508Rg=";

     

       481
       481
       +
           })

     

       482
       482
       +
           (fetchpatch {

     

       483
       483
       +
             name = "72_loader_i386_linux_cast_left_shift_to_grub_uint32_t.patch";

     

       484
       484
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=490a6ab71cebd96fae7a1ceb9067484f5ccbec2a";

     

       485
       485
       +
             hash = "sha256-e49OC1EBaX0/nWTTXT5xE5apTJPQV0myP5Ohxn9Wwa8=";

     

       486
       486
       +
           })

     

       487
       487
       +
           (fetchpatch {

     

       488
       488
       +
             name = "73_loader_i386_bsd_use_safe_math_to_avoid_underflow.patch";

     

       489
       489
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=4dc6166571645780c459dde2cdc1b001a5ec844c";

     

       490
       490
       +
             hash = "sha256-e8X+oBvejcFNOY1Tp/f6QqCDwrgK7f9u1F8SdO/dhy4=";

     

       491
       491
       +
           })

     

       492
       492
       +
           (fetchpatch {

     

       493
       493
       +
             # Fixes 7e2f750f0a (security patch 14/73)

     

       494
       494
       +
             name = "fs_ext2_rework_out-of-bounds_read_for_inline_and_external_extents.patch";

     

       495
       495
       +
             url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=348cd416a3574348f4255bf2b04ec95938990997";

     

       496
       496
       +
             hash = "sha256-WBLYQxv8si2tvdPAvbm0/4NNqYWBMJpFV4GC0HhN/kE=";

     

       497
       497
       +
           })

     

       498
       498
       +
         ];

     

       101
       499
        
       

     

       102
       102
       -
           patches = [

     

       103
       103
       -
             ./fix-bash-completion.patch

     

       104
       104
       -
             ./add-hidden-menu-entries.patch

     

       500
       500
       +
         postPatch =

     

       501
       501
       +
           if kbdcompSupport then

     

       502
       502
       +
             ''

     

       503
       503
       +
               sed -i util/grub-kbdcomp.in -e 's@\bckbcomp\b@${ckbcomp}/bin/ckbcomp@'

     

       504
       504
       +
             ''

     

       505
       505
       +
           else

     

       506
       506
       +
             ''

     

       507
       507
       +
               echo '#! ${runtimeShell}' > util/grub-kbdcomp.in

     

       508
       508
       +
               echo 'echo "Compile grub2 with { kbdcompSupport = true; } to enable support for this command."' >> util/grub-kbdcomp.in

     

       509
       509
       +
             '';

     

       105
       510
        
       

     

       106
       106
       -
             # https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html

     

       107
       107
       -
             (fetchpatch {

     

       108
       108
       -
               name = "01_implement_grub_strlcpy.patch";

     

       109
       109
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=ea703528a8581a2ea7e0bad424a70fdf0aec7d8f";

     

       110
       110
       -
               hash = "sha256-MSMgu1vMG83HRImUUsTyA1YQaIhgEreGGPd+ZDWSI2I=";

     

       111
       111
       -
             })

     

       112
       112
       -
             (fetchpatch {

     

       113
       113
       -
               name = "02_CVE-2024-45781.patch";

     

       114
       114
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=c1a291b01f4f1dcd6a22b61f1c81a45a966d16ba";

     

       115
       115
       -
               hash = "sha256-q8ErK+cQzaqwSuhLRFL3AfYBkpgJq1IQmadnlmlz2yw=";

     

       116
       116
       -
             })

     

       117
       117
       -
             (fetchpatch {

     

       118
       118
       -
               name = "03_CVE-2024-45782_CVE-2024-56737.patch";

     

       119
       119
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=417547c10410b714e43f08f74137c24015f8f4c3";

     

       120
       120
       -
               hash = "sha256-mRinw27WZ2d1grzyzFGO18yXx72UVBM6Lf5cR8XJfs8=";

     

       121
       121
       -
             })

     

       122
       122
       -
             (fetchpatch {

     

       123
       123
       -
               name = "04_fs_tar_initialize_name_in_grub_cpio_find_file.patch";

     

       124
       124
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=2c8ac08c99466c0697f704242363fc687f492a0d";

     

       125
       125
       -
               hash = "sha256-EMGF0B+Fw6tSmllWUJAp1ynzWk+w2C/XM1LmXSReHWg=";

     

       126
       126
       -
             })

     

       127
       127
       -
             (fetchpatch {

     

       128
       128
       -
               name = "05_CVE-2024-45780.patch";

     

       129
       129
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=0087bc6902182fe5cedce2d034c75a79cf6dd4f3";

     

       130
       130
       -
               hash = "sha256-IlW5i4EJVoUYPu9/lb0LeytTpzltQuu5fpkFPQNIhls=";

     

       131
       131
       -
             })

     

       132
       132
       -
             (fetchpatch {

     

       133
       133
       -
               name = "06_fs_f2fs_grub_errno_mount_fails.patch";

     

       134
       134
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=563436258cde64da6b974880abff1bf0959f4da3";

     

       135
       135
       -
               hash = "sha256-Iu0RPyB+pAnqMT+MTX+TrJbYJsvYPn7jbMgE1jcLh/Q=";

     

       136
       136
       -
             })

     

       137
       137
       -
             (fetchpatch {

     

       138
       138
       -
               name = "07_CVE-2024-45783.patch";

     

       139
       139
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=f7c070a2e28dfab7137db0739fb8db1dc02d8898";

     

       140
       140
       -
               hash = "sha256-V1wh2dPeTazmad61jFtOjhq2MdoD+txPWY/AfwwyTZM=";

     

       141
       141
       -
             })

     

       142
       142
       -
             (fetchpatch {

     

       143
       143
       -
               name = "08_fs_iso9660_grub_errno_mount_fails.patch";

     

       144
       144
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=965db5970811d18069b34f28f5f31ddadde90a97";

     

       145
       145
       -
               hash = "sha256-6eN1AvZwXkJOQVcjgymy/E7QiAxzL/d0W3KlAZRqUzI=";

     

       146
       146
       -
             })

     

       147
       147
       -
             (fetchpatch {

     

       148
       148
       -
               name = "09_fs_iso9660_fix_invalid_free.patch";

     

       149
       149
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=1443833a9535a5873f7de3798cf4d8389f366611";

     

       150
       150
       -
               hash = "sha256-Gt5yMy5Vg9zrDggj3o/TLNt2vT9/6IuHg4Se2p8e8pI=";

     

       151
       151
       -
             })

     

       152
       152
       -
             (fetchpatch {

     

       153
       153
       -
               name = "10_fs_jfs_fix_oob_read_jfs_getent.patch";

     

       154
       154
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=66175696f3a385b14bdf1ebcda7755834bd2d5fb";

     

       155
       155
       -
               hash = "sha256-ETbzbc5gvf55sTLjmJOXXC9VH3qcP1Gv5seR/U9NRiY=";

     

       156
       156
       -
             })

     

       157
       157
       -
             (fetchpatch {

     

       158
       158
       -
               name = "11_fs_jfs_fix_oob_read_caused_by_invalid_dir_slot_index.patch";

     

       159
       159
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=ab09fd0531f3523ac0ef833404526c98c08248f7";

     

       160
       160
       -
               hash = "sha256-wE6niiIx4BdN800/Eegb6IbBRoMFpXq9kPvatwhWNXY=";

     

       161
       161
       -
             })

     

       162
       162
       -
             (fetchpatch {

     

       163
       163
       -
               name = "12_fs_jfs_use_full_40_bits_offset_and_address_for_data_extent.patch";

     

       164
       164
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=bd999310fe67f35a66de3bfa2836da91589d04ef";

     

       165
       165
       -
               hash = "sha256-fbC4oTEIoGWJASzJI5RXfoanrMLTfjFOI51LCUU7Ctg=";

     

       166
       166
       -
             })

     

       167
       167
       -
             (fetchpatch {

     

       168
       168
       -
               name = "13_fs_jfs_inconsistent_signed_unsigned_types_usage.patch";

     

       169
       169
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=edd995a26ec98654d907a9436a296c2d82bc4b28";

     

       170
       170
       -
               hash = "sha256-aa1G1vi4bPZejfKEqZokAZTzY9Ea2lyxTrP4drDV9tk=";

     

       171
       171
       -
             })

     

       172
       172
       -
             (fetchpatch {

     

       173
       173
       -
               name = "14_fs_ext2_fix_out-of-bounds_read_for_inline_extent.patch";

     

       174
       174
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=7e2f750f0a795c4d64ec7dc7591edac8da2e978c";

     

       175
       175
       -
               hash = "sha256-PtPqZHMU2fy7btRRaaswLyHizplxnygCzDfcg5ievOQ=";

     

       176
       176
       -
             })

     

       177
       177
       -
             (fetchpatch {

     

       178
       178
       -
               name = "15_fs_ntfs_fix_out-of-bounds_read.patch";

     

       179
       179
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=aff26318783a135562b904ff09e2359893885732";

     

       180
       180
       -
               hash = "sha256-znN6lkAB9aAhTGKR1038DzOz5nzuTp+7ylHVqRM7HeI=";

     

       181
       181
       -
             })

     

       182
       182
       -
             (fetchpatch {

     

       183
       183
       -
               name = "16_fs_ntfs_track_the_end_of_the_MFT_attribute_buffer.patch";

     

       184
       184
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=237a71184a32d1ef7732f5f49ed6a89c5fe1c99a";

     

       185
       185
       -
               hash = "sha256-0I/g0qHkWY6PArPn1UaYRhCrrh9bHknADh34v5eSjjM=";

     

       186
       186
       -
             })

     

       187
       187
       -
             (fetchpatch {

     

       188
       188
       -
               name = "17_fs_ntfs_use_a_helper_function_to_access_attributes.patch";

     

       189
       189
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=048777bc29043403d077d41a81d0183767b8bc71";

     

       190
       190
       -
               hash = "sha256-Mm49MSLqCq143r8ruLJm1QoyCoLtOlCBfqoAPwPlv8E=";

     

       191
       191
       -
             })

     

       192
       192
       -
             # Patch 18 (067b6d225d482280abad03944f04e30abcbdafa1) has been removed because it causes regressions

     

       193
       193
       -
             # https://lists.gnu.org/archive/html/grub-devel/2025-03/msg00067.html

     

       194
       194
       -
             (fetchpatch {

     

       195
       195
       -
               name = "19_fs_xfs_fix_out-of-bounds_read.patch";

     

       196
       196
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=6ccc77b59d16578b10eaf8a4fe85c20b229f0d8a";

     

       197
       197
       -
               hash = "sha256-FvTzFvfEi3oyxPC/dUHreyzzeVCskaUlYUjpKY/l0DE=";

     

       198
       198
       -
             })

     

       199
       199
       -
             (fetchpatch {

     

       200
       200
       -
               name = "20_fs_xfs_ensuring_failing_to_mount_sets_a_grub_errno.patch";

     

       201
       201
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=d1d6b7ea58aa5a80a4c4d0666b49460056c8ef0a";

     

       202
       202
       -
               hash = "sha256-SLdXMmYHq/gRmWrjRrOu5ZYFod84EllUL6hk+gnr3kg=";

     

       203
       203
       -
             })

     

       204
       204
       -
             (fetchpatch {

     

       205
       205
       -
               name = "21_kern_file_ensure_file_data_is_set.patch";

     

       206
       206
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=a7910687294b29288ac649e71b47493c93294f17";

     

       207
       207
       -
               hash = "sha256-DabZK9eSToEmSA9dEwtEN+URiVyS9qf6e2Y2UiMuy8Q=";

     

       208
       208
       -
             })

     

       209
       209
       -
             (fetchpatch {

     

       210
       210
       -
               name = "22_kern_file_implement_filesystem_reference_counting.patch";

     

       211
       211
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=16f196874fbe360a1b3c66064ec15adadf94c57b";

     

       212
       212
       -
               excludes = [ "grub-core/fs/erofs.c" ]; # Does not exist on 2.12

     

       213
       213
       -
               hash = "sha256-yGU//1tPaxi+xFKZrsbUAnvgFpwtrIMG+8cPbSud4+U=";

     

       214
       214
       -
             })

     

       215
       215
       -
             (fetchpatch {

     

       216
       216
       -
               name = "23_prerequisite_1_key_protector_add_key_protectors_framework.patch";

     

       217
       217
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=5d260302da672258444b01239803c8f4d753e3f3";

     

       218
       218
       -
               hash = "sha256-9WnFN6xMiv+1XMhNHgVEegkhwzp9KpRZI6MIZY/Ih3Q=";

     

       219
       219
       -
             })

     

       220
       220
       -
             (fetchpatch {

     

       221
       221
       -
               name = "23_prerequisite_2_disk_cryptodisk_allow_user_to_retry_failed_passphrase.patch";

     

       222
       222
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=386b59ddb42fa3f86ddfe557113b25c8fa16f88c";

     

       223
       223
       -
               hash = "sha256-e1kGQB7wGWvEb2bY3xIpZxE1uzTt9JOKi05jXyUm+bI=";

     

       224
       224
       -
             })

     

       225
       225
       -
             (fetchpatch {

     

       226
       226
       -
               name = "23_prerequisite_3_cryptodisk_support_key_protectors.patch";

     

       227
       227
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=ad0c52784a375cecaa8715d7deadcf5d65baf173";

     

       228
       228
       -
               hash = "sha256-+YIvUYA3fLiOFFsXDrQjqjWFluzLa7N1tv0lwq8BqCs=";

     

       229
       229
       -
             })

     

       230
       230
       -
             (fetchpatch {

     

       231
       231
       -
               name = "23_prerequisite_4_cryptodisk_fallback_to_passphrase.patch";

     

       232
       232
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=6abf8af3c54abc04c4ec71c75d10fcfbc190e181";

     

       233
       233
       -
               hash = "sha256-eMu9rW4iJucDAsTQMJD1XE6dDIcUmn02cGqIaqBbO3o=";

     

       234
       234
       -
             })

     

       235
       235
       -
             (fetchpatch {

     

       236
       236
       -
               name = "23_prerequisite_5_cryptodisk_wipe_out_the_cached_keys_from_protectors.patch";

     

       237
       237
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=b35480b48e6f9506d8b7ad8a3b5206d29c24ea95";

     

       238
       238
       -
               hash = "sha256-5L6Rr+X5Z+Ip91z8cpLcatDW1vyEoZa1icL2oMXPXuI=";

     

       239
       239
       -
             })

     

       240
       240
       -
             (fetchpatch {

     

       241
       241
       -
               name = "23_prerequisite_6_cli_lock_add_build_option_to_block_command_line_interface.patch";

     

       242
       242
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=bb65d81fe320e4b20d0a9b32232a7546eb275ecc";

     

       243
       243
       -
               hash = "sha256-HxXgtvEhtaIjXbOcxJHNpD9/NVOv3uXPnue7cagEMu8=";

     

       244
       244
       -
             })

     

       245
       245
       -
             (fetchpatch {

     

       246
       246
       -
               name = "23_CVE-2024-49504.patch";

     

       247
       247
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=13febd78db3cd85dcba67d8ad03ad4d42815f11e";

     

       248
       248
       -
               hash = "sha256-U7lNUb4iVAyQ1yEg5ECHCQGE51tKvY13T9Ji09Q1W9Y=";

     

       249
       249
       -
             })

     

       250
       250
       -
             (fetchpatch {

     

       251
       251
       -
               name = "24_disk_loopback_reference_tracking_for_the_loopback.patch";

     

       252
       252
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=67f70f70a36b6e87a65f928fe1e840a12eafb7ae";

     

       253
       253
       -
               hash = "sha256-sWBnSF3rAuY1A/IIK1Pc+BqTvyK3j7+lLEhvImtBQMA=";

     

       254
       254
       -
             })

     

       255
       255
       -
             (fetchpatch {

     

       256
       256
       -
               name = "25_kern_disk_limit_recursion_depth.patch";

     

       257
       257
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=18212f0648b6de7d71d4c8f41eb4d8b78b3a299b";

     

       258
       258
       -
               hash = "sha256-HiVzXUNs45Fxh4DSqO8wAxSBM7CaYU/bix0PVBcIHGw=";

     

       259
       259
       -
             })

     

       260
       260
       -
             (fetchpatch {

     

       261
       261
       -
               name = "26_kern_partition_limit_recursion_in_part_iterate.patch";

     

       262
       262
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=8a7103fddfd6664f41081f3bb88eebbf2871da2a";

     

       263
       263
       -
               hash = "sha256-Nw1VFRVww1VSDSBkRrnTGeaA2PKCitugM12XH6X/2YI=";

     

       264
       264
       -
             })

     

       265
       265
       -
             (fetchpatch {

     

       266
       266
       -
               name = "27_script_execute_limit_the_recursion_depth.patch";

     

       267
       267
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=d8a937ccae5c6d86dc4375698afca5cefdcd01e1";

     

       268
       268
       -
               hash = "sha256-YOAdPMZ2iBNMzIwAXFkkyTMKh4ptZUQ0J3v9EjnRlbo=";

     

       269
       269
       -
             })

     

       270
       270
       -
             (fetchpatch {

     

       271
       271
       -
               name = "28_net_unregister_net_default_ip_and_net_default_mac_variables_hooks_on_unload.patch";

     

       272
       272
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=a1dd8e59da26f1a9608381d3a1a6c0f465282b1d";

     

       273
       273
       -
               hash = "sha256-7fqdkhFqLECzhz1OLavkHrE9ktDAEmx9ZxZayNr/Eo4=";

     

       274
       274
       -
             })

     

       275
       275
       -
             (fetchpatch {

     

       276
       276
       -
               name = "29_net_remove_variables_hooks_when_interface_is_unregisted.patch";

     

       277
       277
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=aa8b4d7facef7b75a2703274b1b9d4e0e734c401";

     

       278
       278
       -
               hash = "sha256-m3VLDbJlwchV5meEpU4LJrDxBtA80qvYcVMJinHLnac=";

     

       279
       279
       -
             })

     

       280
       280
       -
             (fetchpatch {

     

       281
       281
       -
               name = "30_CVE-2025-0624.patch";

     

       282
       282
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=5eef88152833062a3f7e017535372d64ac8ef7e1";

     

       283
       283
       -
               hash = "sha256-DvhzHnenAmO9SZpi4kU+0GhyKZB4q4xQYuNJgEhJmn0=";

     

       284
       284
       -
             })

     

       285
       285
       -
             (fetchpatch {

     

       286
       286
       -
               name = "31_net_tftp_fix_stack_buffer_overflow_in_tftp_open.patch";

     

       287
       287
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=0707accab1b9be5d3645d4700dde3f99209f9367";

     

       288
       288
       -
               hash = "sha256-16NrpWFSE4jFT2uxmJg16jChw8HiGRTol25XQXNQ5l4=";

     

       289
       289
       -
             })

     

       290
       290
       -
             (fetchpatch {

     

       291
       291
       -
               name = "32_CVE-2024-45774.patch";

     

       292
       292
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=2c34af908ebf4856051ed29e46d88abd2b20387f";

     

       293
       293
       -
               hash = "sha256-OWmF+fp2TmetQjV4EWMcESW8u52Okkb5C5IPLfczyv4=";

     

       294
       294
       -
             })

     

       295
       295
       -
             (fetchpatch {

     

       296
       296
       -
               name = "33_kern_dl_fix_for_an_integer_overflow_in_grub_dl_ref.patch";

     

       297
       297
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=500e5fdd82ca40412b0b73f5e5dda38e4a3af96d";

     

       298
       298
       -
               hash = "sha256-FNqOWo+oZ4/1sCbTi2uaeKchUxwAKXtbzhScezm0yxk=";

     

       299
       299
       -
             })

     

       300
       300
       -
             # Patch 34 (https://git.savannah.gnu.org/cgit/grub.git/patch/?id=d72208423dcabf9eb4a3bcb17b6b31888396bd49)

     

       301
       301
       -
             # is skipped, grub_dl_set_mem_attrs() does not exist on 2.12

     

       302
       302
       -
             (fetchpatch {

     

       303
       303
       -
               name = "35_kern_dl_check_for_the_SHF_INFO_LINK_flag_in_grub_dl_relocate_symbols.patch";

     

       304
       304
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=98ad84328dcabfa603dcf5bd217570aa6b4bdd99";

     

       305
       305
       -
               hash = "sha256-Zi4Pj2NbodL0VhhO5MWhvErb8xmA7Li0ur0MxpgQjzg=";

     

       306
       306
       -
             })

     

       307
       307
       -
             (fetchpatch {

     

       308
       308
       -
               name = "36_CVE-2024-45775.patch";

     

       309
       309
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=05be856a8c3aae41f5df90cab7796ab7ee34b872";

     

       310
       310
       -
               hash = "sha256-T6DO8iuImQTP7hPaCAHMtFnheQoCkZ6w+kfNolLPmrY=";

     

       311
       311
       -
             })

     

       312
       312
       -
             (fetchpatch {

     

       313
       313
       -
               name = "37_commands_ls_fix_NULL_dereference.patch";

     

       314
       314
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=0bf56bce47489c059e50e61a3db7f682d8c44b56";

     

       315
       315
       -
               hash = "sha256-h5okwqv4ZFahP3ANUbsk1fiSV4pwEnxUExeBgQ4tiTI=";

     

       316
       316
       -
             })

     

       317
       317
       -
             (fetchpatch {

     

       318
       318
       -
               name = "38_CVE-2025-0622.patch";

     

       319
       319
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=2123c5bca7e21fbeb0263df4597ddd7054700726";

     

       320
       320
       -
               hash = "sha256-tFE7VgImGZWDICyvHbrI1hqW6/XohgdTmk21MzljMGw=";

     

       321
       321
       -
             })

     

       322
       322
       -
             (fetchpatch {

     

       323
       323
       -
               name = "39_CVE-2025-0622.patch";

     

       324
       324
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=9c16197734ada8d0838407eebe081117799bfe67";

     

       325
       325
       -
               hash = "sha256-tTeuEvadKbXVuY0m0dKtTr11Lpb3yQi4zk0bpwrMOeA=";

     

       326
       326
       -
             })

     

       327
       327
       -
             (fetchpatch {

     

       328
       328
       -
               name = "40_CVE-2025-0622.patch";

     

       329
       329
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=7580addfc8c94cedb0cdfd7a1fd65b539215e637";

     

       330
       330
       -
               hash = "sha256-khRLpWqE7hzzoqssVkGFMjAv09T+uHn13Q9pCpogMms=";

     

       331
       331
       -
             })

     

       332
       332
       -
             (fetchpatch {

     

       333
       333
       -
               name = "41_CVE-2024-45776.patch";

     

       334
       334
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=09bd6eb58b0f71ec273916070fa1e2de16897a91";

     

       335
       335
       -
               hash = "sha256-yrl/6XUdKQg/MLe8KFuFoRRbQSyOhDmyvnWBV+sr3EY=";

     

       336
       336
       -
             })

     

       337
       337
       -
             (fetchpatch {

     

       338
       338
       -
               name = "42_CVE-2024-45777.patch";

     

       339
       339
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=b970a5ed967816bbca8225994cd0ee2557bad515";

     

       340
       340
       -
               hash = "sha256-Vl5Emw3O3Ba2hD1GCWune4PGduDDPO0gM5u+zx/OwKo=";

     

       341
       341
       -
             })

     

       342
       342
       -
             (fetchpatch {

     

       343
       343
       -
               name = "43_CVE-2025-0690.patch";

     

       344
       344
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=dad8f502974ed9ad0a70ae6820d17b4b142558fc";

     

       345
       345
       -
               hash = "sha256-DeWOncndX2VM8w1lb5fd5wHAZrI+ChB5Pj9XbUIfDWY=";

     

       346
       346
       -
             })

     

       347
       347
       -
             (fetchpatch {

     

       348
       348
       -
               name = "44_commands_test_stack_overflow_due_to_unlimited_recursion_depth.patch";

     

       349
       349
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=c68b7d23628a19da67ebe2e06f84165ee04961af";

     

       350
       350
       -
               hash = "sha256-aputM9KqkB/cK8hBiU9VXbu0LpLNlNCMVIeE9h2pMgY=";

     

       351
       351
       -
             })

     

       352
       352
       -
             (fetchpatch {

     

       353
       353
       -
               name = "45_CVE-2025-1118.patch";

     

       354
       354
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=34824806ac6302f91e8cabaa41308eaced25725f";

     

       355
       355
       -
               hash = "sha256-PKQs+fCwj4a9p4hbMqAT3tFNoAOw4xnbKmCwjPUgEOc=";

     

       356
       356
       -
             })

     

       357
       357
       -
             (fetchpatch {

     

       358
       358
       -
               name = "46_commands_memrw_disable_memory_reading_in_lockdown_mode.patch";

     

       359
       359
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=340e4d058f584534f4b90b7dbea2b64a9f8c418c";

     

       360
       360
       -
               hash = "sha256-NiMIUnfRreDBw+k4yxUzoRNMFL8pkJhVtkINVgmv5XA=";

     

       361
       361
       -
             })

     

       362
       362
       -
             (fetchpatch {

     

       363
       363
       -
               name = "47_commands_hexdump_disable_memory_reading_in_lockdown_mode.patch";

     

       364
       364
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=5f31164aed51f498957cdd6ed733ec71a8592c99";

     

       365
       365
       -
               hash = "sha256-NA7QjxZ9FP+WwiOveqLkbZqsF7hULIyaVS3gNaSUXJE=";

     

       366
       366
       -
             })

     

       367
       367
       -
             (fetchpatch {

     

       368
       368
       -
               name = "48_CVE-2024-45778_CVE-2024-45779.patch";

     

       369
       369
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=26db6605036bd9e5b16d9068a8cc75be63b8b630";

     

       370
       370
       -
               hash = "sha256-1+ImwkF/qsejWs2lpyO6xbcqVo2NJGv32gjrP8mEPnI=";

     

       371
       371
       -
             })

     

       372
       372
       -
             (fetchpatch {

     

       373
       373
       -
               name = "49_CVE-2025-0677_CVE-2025-0684_CVE-2025-0685_CVE-2025-0686_CVE-2025-0689.patch";

     

       374
       374
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=c4bc55da28543d2522a939ba4ee0acde45f2fa74";

     

       375
       375
       -
               hash = "sha256-qrlErSImMX8eXJHkXjOe5GZ6lWOya5SVpNoiqyEM1lE=";

     

       376
       376
       -
             })

     

       377
       377
       -
             (fetchpatch {

     

       378
       378
       -
               name = "50_disk_use_safe_math_macros_to_prevent_overflows.patch";

     

       379
       379
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=c407724dad6c3e2fc1571e57adbda71cc03f82aa";

     

       380
       380
       -
               hash = "sha256-kkAjxXvCdzwqh+oWtEF3qSPiUX9cGWO6eSFVeo7WJzQ=";

     

       381
       381
       -
             })

     

       382
       382
       -
             (fetchpatch {

     

       383
       383
       -
               name = "51_disk_prevent_overflows_when_allocating_memory_for_arrays.patch";

     

       384
       384
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=d8151f98331ee4d15fcca59edffa59246d8fc15f";

     

       385
       385
       -
               hash = "sha256-2U+gMLigOCCg3P1GB615xQ0B9PDA6j92tt1ba3Tqg+E=";

     

       386
       386
       -
             })

     

       387
       387
       -
             (fetchpatch {

     

       388
       388
       -
               name = "52_disk_check_if_returned_pointer_for_allocated_memory_is_NULL.patch";

     

       389
       389
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=33bd6b5ac5c77b346769ab5284262f94e695e464";

     

       390
       390
       -
               hash = "sha256-+BaJRskWP/YVEdvIxMvEydjQx2LpLlGphRtZjiOUxJ0=";

     

       391
       391
       -
             })

     

       392
       392
       -
             (fetchpatch {

     

       393
       393
       -
               name = "53_disk_ieee1275_ofdisk_call_grub_ieee1275_close_when_grub_malloc_fails.patch";

     

       394
       394
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=fbaddcca541805c333f0fc792b82772594e73753";

     

       395
       395
       -
               hash = "sha256-9sGA41HlB/8rtT/fMfkDo4ZJMXBSr+EyN92l/0gDfl4=";

     

       396
       396
       -
             })

     

       397
       397
       -
             (fetchpatch {

     

       398
       398
       -
               name = "54_fs_use_safe_math_macros_to_prevent_overflows.patch";

     

       399
       399
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=6608163b08a7a8be4b0ab2a5cd4593bba07fe2b7";

     

       400
       400
       -
               excludes = [ "grub-core/fs/erofs.c" ]; # Does not exist on 2.12

     

       401
       401
       -
               hash = "sha256-mW4MH5VH5pDxCaFhNh/4mEcYloga56p8vCi7X4kSaek=";

     

       402
       402
       -
             })

     

       403
       403
       -
             (fetchpatch {

     

       404
       404
       -
               name = "55_CVE-2025-0678_CVE-2025-1125.patch";

     

       405
       405
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=84bc0a9a68835952ae69165c11709811dae7634e";

     

       406
       406
       -
               hash = "sha256-rCliqM2+k7rTGNpdHFkg3pHvuISjoG0MQr6/8lIvwK4=";

     

       407
       407
       -
             })

     

       408
       408
       -
             (fetchpatch {

     

       409
       409
       -
               name = "56_fs_prevent_overflows_when_assigning_returned_values_from_read_number.patch";

     

       410
       410
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=cde9f7f338f8f5771777f0e7dfc423ddf952ad31";

     

       411
       411
       -
               hash = "sha256-dN3HJXNIYtaUZL0LhLabC4VKK6CVC8km9UTw/ln/6ys=";

     

       412
       412
       -
             })

     

       413
       413
       -
             (fetchpatch {

     

       414
       414
       -
               name = "57_fs_zfs_use_safe_math_macros_to_prevent_overflows.patch";

     

       415
       415
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=88e491a0f744c6b19b6d4caa300a576ba56db7c9";

     

       416
       416
       -
               hash = "sha256-taSuKyCf9+TiQZcF26yMWpDDQqCfTdRuZTqB9aEz3aA=";

     

       417
       417
       -
             })

     

       418
       418
       -
             (fetchpatch {

     

       419
       419
       -
               name = "58_fs_zfs_prevent_overflows_when_allocating_memory_for_arrays.patch";

     

       420
       420
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=7f38e32c7ebeaebb79e2c71e3c7d5ea367d3a39c";

     

       421
       421
       -
               hash = "sha256-E5VmP7I4TAEXxTz3j7mi/uIr9kOSzMoPHAYAbyu56Xk=";

     

       422
       422
       -
             })

     

       423
       423
       -
             (fetchpatch {

     

       424
       424
       -
               name = "59_fs_zfs_check_if_returned_pointer_for_allocated_memory_is_NULL.patch";

     

       425
       425
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=13065f69dae0eeb60813809026de5bd021051892";

     

       426
       426
       -
               hash = "sha256-1W//rHUspDS+utdNc069J8lX1ONfoBKiJYnUt46C/D0=";

     

       427
       427
       -
             })

     

       428
       428
       -
             (fetchpatch {

     

       429
       429
       -
               name = "60_fs_zfs_add_missing_NULL_check_after_grub_strdup_call.patch";

     

       430
       430
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=dd6a4c8d10e02ca5056681e75795041a343636e4";

     

       431
       431
       -
               hash = "sha256-iFLEkz5G6aQ8FXGuY7/wgN4d4o0+sUxWMKYIFcQ/H+o=";

     

       432
       432
       -
             })

     

       433
       433
       -
             (fetchpatch {

     

       434
       434
       -
               name = "61_net_use_safe_math_macros_to_prevent_overflows.patch";

     

       435
       435
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=4beeff8a31c4fb4071d2225533cfa316b5a58391";

     

       436
       436
       -
               hash = "sha256-/gs5ZhplQ1h7PWw0p+b5+0OxmRcvDRKWHj39ezhivcg=";

     

       437
       437
       -
             })

     

       438
       438
       -
             (fetchpatch {

     

       439
       439
       -
               name = "62_net_prevent_overflows_when_allocating_memory_for_arrays.patch";

     

       440
       440
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=dee2c14fd66bc497cdc74c69fde8c9b84637c8eb";

     

       441
       441
       -
               hash = "sha256-cO02tCGEeQhQF0TmgtNOgUwRLnNgmxhEefo1gtSlFOk=";

     

       442
       442
       -
             })

     

       443
       443
       -
             (fetchpatch {

     

       444
       444
       -
               name = "63_net_check_if_returned_pointer_for_allocated_memory_is_NULL.patch";

     

       445
       445
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=1c06ec900591d1fab6fbacf80dc010541d0a5ec8";

     

       446
       446
       -
               hash = "sha256-oSRhWWVraitoVDqGlFOVzdCkaNqFGOHLjJu75CSc388=";

     

       447
       447
       -
             })

     

       448
       448
       -
             (fetchpatch {

     

       449
       449
       -
               name = "64_fs_sfs_check_if_allocated_memory_is_NULL.patch";

     

       450
       450
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=e3c578a56f9294e286b6028ca7c1def997a17b15";

     

       451
       451
       -
               hash = "sha256-7tvFbmjWmWmmRykQjMvZV6IYlhSS8oNR7YfaO5XXAfU=";

     

       452
       452
       -
             })

     

       453
       453
       -
             (fetchpatch {

     

       454
       454
       -
               name = "65_script_execute_fix_potential_underflow_and_NULL.patch";

     

       455
       455
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=d13b6e8ebd10b4eb16698a002aa40258cf6e6f0e";

     

       456
       456
       -
               hash = "sha256-paMWaAIImzxtufUrVF5v4T4KnlDAJIPhdaHznu5CyZ8=";

     

       457
       457
       -
             })

     

       458
       458
       -
             (fetchpatch {

     

       459
       459
       -
               name = "66_osdep_unix_getroot_fix_potential_underflow.patch";

     

       460
       460
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=66733f7c7dae889861ea3ef3ec0710811486019e";

     

       461
       461
       -
               hash = "sha256-/14HC1kcW7Sy9WfJQFfC+YnvS/GNTMP+Uy6Dxd3zkwc=";

     

       462
       462
       -
             })

     

       463
       463
       -
             (fetchpatch {

     

       464
       464
       -
               name = "67_misc_ensure_consistent_overflow_error_messages.patch";

     

       465
       465
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=f8795cde217e21539c2f236bcbb1a4bf521086b3";

     

       466
       466
       -
               hash = "sha256-4X7wr1Tg16xDE9FO6NTlgkfLV5zFKmajeaOspIqcCuI=";

     

       467
       467
       -
             })

     

       468
       468
       -
             (fetchpatch {

     

       469
       469
       -
               name = "68_bus_usb_ehci_define_GRUB_EHCI_TOGGLE_as_grub_uint32_t.patch";

     

       470
       470
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=9907d9c2723304b42cf6da74f1cc6c4601391956";

     

       471
       471
       -
               hash = "sha256-D8xaI8g7ffGGmZqqeS8wxWIFLUWUBfmHwMVOHkYTc2I=";

     

       472
       472
       -
             })

     

       473
       473
       -
             (fetchpatch {

     

       474
       474
       -
               name = "69_normal_menu_use_safe_math_to_avoid_an_integer_overflow.patch";

     

       475
       475
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=5b36a5210e21bee2624f8acc36aefd8f10266adb";

     

       476
       476
       -
               hash = "sha256-UourmM0Zlaj4o+SnYi5AtjfNujDOt+2ez2XH/uWyiaM=";

     

       477
       477
       -
             })

     

       478
       478
       -
             (fetchpatch {

     

       479
       479
       -
               name = "70_kern_partition_add_sanity_check_after_grub_strtoul_call.patch";

     

       480
       480
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=8e6e87e7923ca2ae880021cb42a35cc9bb4c8fe2";

     

       481
       481
       -
               hash = "sha256-4keMUu6ZDKmuSQlFnldV15dDGUibsnSvoEWhLsqWieI=";

     

       482
       482
       -
             })

     

       483
       483
       -
             (fetchpatch {

     

       484
       484
       -
               name = "71_kern_misc_add_sanity_check_after_grub_strtoul_call.patch";

     

       485
       485
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=a8d6b06331a75d75b46f3dd6cc6fcd40dcf604b7";

     

       486
       486
       -
               hash = "sha256-2Mpe1sqyuoUPyMAKGZTNzG/ig3G3K8w0gia7lc508Rg=";

     

       487
       487
       -
             })

     

       488
       488
       -
             (fetchpatch {

     

       489
       489
       -
               name = "72_loader_i386_linux_cast_left_shift_to_grub_uint32_t.patch";

     

       490
       490
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=490a6ab71cebd96fae7a1ceb9067484f5ccbec2a";

     

       491
       491
       -
               hash = "sha256-e49OC1EBaX0/nWTTXT5xE5apTJPQV0myP5Ohxn9Wwa8=";

     

       492
       492
       -
             })

     

       493
       493
       -
             (fetchpatch {

     

       494
       494
       -
               name = "73_loader_i386_bsd_use_safe_math_to_avoid_underflow.patch";

     

       495
       495
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=4dc6166571645780c459dde2cdc1b001a5ec844c";

     

       496
       496
       -
               hash = "sha256-e8X+oBvejcFNOY1Tp/f6QqCDwrgK7f9u1F8SdO/dhy4=";

     

       497
       497
       -
             })

     

       498
       498
       -
             (fetchpatch {

     

       499
       499
       -
               # Fixes 7e2f750f0a (security patch 14/73)

     

       500
       500
       -
               name = "fs_ext2_rework_out-of-bounds_read_for_inline_and_external_extents.patch";

     

       501
       501
       -
               url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=348cd416a3574348f4255bf2b04ec95938990997";

     

       502
       502
       -
               hash = "sha256-WBLYQxv8si2tvdPAvbm0/4NNqYWBMJpFV4GC0HhN/kE=";

     

       503
       503
       -
             })

     

       504
       504
       -
           ];

     

       511
       511
       +
         depsBuildBuild = [ buildPackages.stdenv.cc ];

     

       512
       512
       +
         nativeBuildInputs = [

     

       513
       513
       +
           bison

     

       514
       514
       +
           flex

     

       515
       515
       +
           python3

     

       516
       516
       +
           pkg-config

     

       517
       517
       +
           gettext

     

       518
       518
       +
           freetype

     

       519
       519
       +
           autoconf

     

       520
       520
       +
           automake

     

       521
       521
       +
           help2man

     

       522
       522
       +
         ];

     

       523
       523
       +
         buildInputs =

     

       524
       524
       +
           [

     

       525
       525
       +
             ncurses

     

       526
       526
       +
             libusb-compat-0_1

     

       527
       527
       +
             freetype

     

       528
       528
       +
             lvm2

     

       529
       529
       +
             fuse

     

       530
       530
       +
             libtool

     

       531
       531
       +
             bash

     

       532
       532
       +
           ]

     

       533
       533
       +
           ++ lib.optional doCheck qemu

     

       534
       534
       +
           ++ lib.optional zfsSupport zfs;

     

       505
       535
        
       

     

       506
       506
       -
           postPatch =

     

       507
       507
       -
             if kbdcompSupport then

     

       508
       508
       -
               ''

     

       509
       509
       -
                 sed -i util/grub-kbdcomp.in -e 's@\bckbcomp\b@${ckbcomp}/bin/ckbcomp@'

     

       510
       510
       -
               ''

     

       511
       511
       -
             else

     

       512
       512
       -
               ''

     

       513
       513
       -
                 echo '#! ${runtimeShell}' > util/grub-kbdcomp.in

     

       514
       514
       -
                 echo 'echo "Compile grub2 with { kbdcompSupport = true; } to enable support for this command."' >> util/grub-kbdcomp.in

     

       515
       515
       -
               '';

     

       536
       536
       +
         strictDeps = true;

     

       516
       537
        
       

     

       517
       517
       -
           depsBuildBuild = [ buildPackages.stdenv.cc ];

     

       518
       518
       -
           nativeBuildInputs = [

     

       519
       519
       -
             bison

     

       520
       520
       -
             flex

     

       521
       521
       -
             python3

     

       522
       522
       -
             pkg-config

     

       523
       523
       -
             gettext

     

       524
       524
       -
             freetype

     

       525
       525
       -
             autoconf

     

       526
       526
       -
             automake

     

       527
       527
       -
             help2man

     

       528
       528
       -
           ];

     

       529
       529
       -
           buildInputs =

     

       530
       530
       -
             [

     

       531
       531
       -
               ncurses

     

       532
       532
       -
               libusb-compat-0_1

     

       533
       533
       -
               freetype

     

       534
       534
       -
               lvm2

     

       535
       535
       -
               fuse

     

       536
       536
       -
               libtool

     

       537
       537
       -
               bash

     

       538
       538
       -
             ]

     

       539
       539
       -
             ++ lib.optional doCheck qemu

     

       540
       540
       -
             ++ lib.optional zfsSupport zfs;

     

       538
       538
       +
         hardeningDisable = [ "all" ];

     

       541
       539
        
       

     

       542
       542
       -
           strictDeps = true;

     

       540
       540
       +
         separateDebugInfo = !xenSupport;

     

       543
       541
        
       

     

       544
       544
       -
           hardeningDisable = [ "all" ];

     

       545
       545
       -
       

     

       546
       546
       -
           separateDebugInfo = !xenSupport;

     

       542
       542
       +
         preConfigure = ''

     

       543
       543
       +
            for i in "tests/util/"*.in

     

       544
       544
       +
            do

     

       545
       545
       +
              sed -i "$i" -e's|/bin/bash|${stdenv.shell}|g'

     

       546
       546
       +
            done

     

       547
       547
        
       

     

       548
       548
       -
           preConfigure = ''

     

       549
       549
       -
              for i in "tests/util/"*.in

     

       550
       550
       -
              do

     

       551
       551
       -
                sed -i "$i" -e's|/bin/bash|${stdenv.shell}|g'

     

       552
       552
       -
              done

     

       548
       548
       +
            # Apparently, the QEMU executable is no longer called

     

       549
       549
       +
            # `qemu-system-i386', even on i386.

     

       550
       550
       +
            #

     

       551
       551
       +
            # In addition, use `-nodefaults' to avoid errors like:

     

       552
       552
       +
            #

     

       553
       553
       +
            #  chardev: opening backend "stdio" failed

     

       554
       554
       +
            #  qemu: could not open serial device 'stdio': Invalid argument

     

       555
       555
       +
            #

     

       556
       556
       +
            # See <http://www.mail-archive.com/qemu-devel@nongnu.org/msg22775.html>.

     

       557
       557
       +
            sed -i "tests/util/grub-shell.in" \

     

       558
       558
       +
                -e's/qemu-system-i386/qemu-system-x86_64 -nodefaults/g'

     

       553
       559
        
       

     

       554
       554
       -
              # Apparently, the QEMU executable is no longer called

     

       555
       555
       -
              # `qemu-system-i386', even on i386.

     

       556
       556
       -
              #

     

       557
       557
       -
              # In addition, use `-nodefaults' to avoid errors like:

     

       558
       558
       -
              #

     

       559
       559
       -
              #  chardev: opening backend "stdio" failed

     

       560
       560
       -
              #  qemu: could not open serial device 'stdio': Invalid argument

     

       561
       561
       -
              #

     

       562
       562
       -
              # See <http://www.mail-archive.com/qemu-devel@nongnu.org/msg22775.html>.

     

       563
       563
       -
              sed -i "tests/util/grub-shell.in" \

     

       564
       564
       -
                  -e's/qemu-system-i386/qemu-system-x86_64 -nodefaults/g'

     

       560
       560
       +
           unset CPP # setting CPP intereferes with dependency calculation

     

       565
       561
        
       

     

       566
       566
       -
             unset CPP # setting CPP intereferes with dependency calculation

     

       562
       562
       +
           patchShebangs .

     

       567
       563
        
       

     

       568
       568
       -
             patchShebangs .

     

       564
       564
       +
           GNULIB_REVISION=$(. bootstrap.conf; echo $GNULIB_REVISION)

     

       565
       565
       +
           if [ "$GNULIB_REVISION" != ${gnulib.rev} ]; then

     

       566
       566
       +
             echo "This version of GRUB requires a different gnulib revision!"

     

       567
       567
       +
             echo "We have: ${gnulib.rev}"

     

       568
       568
       +
             echo "GRUB needs: $GNULIB_REVISION"

     

       569
       569
       +
             exit 1

     

       570
       570
       +
           fi

     

       569
       571
        
       

     

       570
       570
       -
             GNULIB_REVISION=$(. bootstrap.conf; echo $GNULIB_REVISION)

     

       571
       571
       -
             if [ "$GNULIB_REVISION" != ${gnulib.rev} ]; then

     

       572
       572
       -
               echo "This version of GRUB requires a different gnulib revision!"

     

       573
       573
       -
               echo "We have: ${gnulib.rev}"

     

       574
       574
       -
               echo "GRUB needs: $GNULIB_REVISION"

     

       575
       575
       -
               exit 1

     

       576
       576
       -
             fi

     

       572
       572
       +
           cp -f --no-preserve=mode ${locales}/po/LINGUAS ${locales}/po/*.po po

     

       577
       573
        
       

     

       578
       578
       -
             cp -f --no-preserve=mode ${locales}/po/LINGUAS ${locales}/po/*.po po

     

       574
       574
       +
           ./bootstrap --no-git --gnulib-srcdir=${gnulib}

     

       579
       575
        
       

     

       580
       580
       -
             ./bootstrap --no-git --gnulib-srcdir=${gnulib}

     

       576
       576
       +
           substituteInPlace ./configure --replace '/usr/share/fonts/unifont' '${unifont}/share/fonts'

     

       577
       577
       +
         '';

     

       581
       578
        
       

     

       582
       582
       -
             substituteInPlace ./configure --replace '/usr/share/fonts/unifont' '${unifont}/share/fonts'

     

       583
       583
       -
           '';

     

       579
       579
       +
         postConfigure = ''

     

       580
       580
       +
           # make sure .po files are up to date to workaround

     

       581
       581
       +
           # parallel `msgmerge --update` on autogenerated .po files:

     

       582
       582
       +
           #   https://github.com/NixOS/nixpkgs/pull/248747#issuecomment-1676301670

     

       583
       583
       +
           make dist

     

       584
       584
       +
         '';

     

       584
       585
        
       

     

       585
       585
       -
           postConfigure = ''

     

       586
       586
       -
             # make sure .po files are up to date to workaround

     

       587
       587
       -
             # parallel `msgmerge --update` on autogenerated .po files:

     

       588
       588
       -
             #   https://github.com/NixOS/nixpkgs/pull/248747#issuecomment-1676301670

     

       589
       589
       -
             make dist

     

       590
       590
       -
           '';

     

       586
       586
       +
         configureFlags =

     

       587
       587
       +
           [

     

       588
       588
       +
             "--enable-grub-mount" # dep of os-prober

     

       589
       589
       +
           ]

     

       590
       590
       +
           ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [

     

       591
       591
       +
             # grub doesn't do cross-compilation as usual and tries to use unprefixed

     

       592
       592
       +
             # tools to target the host. Provide toolchain information explicitly for

     

       593
       593
       +
             # cross builds.

     

       594
       594
       +
             #

     

       595
       595
       +
             # Ref: # https://github.com/buildroot/buildroot/blob/master/boot/grub2/grub2.mk#L108

     

       596
       596
       +
             "TARGET_CC=${stdenv.cc.targetPrefix}cc"

     

       597
       597
       +
             "TARGET_NM=${stdenv.cc.targetPrefix}nm"

     

       598
       598
       +
             "TARGET_OBJCOPY=${stdenv.cc.targetPrefix}objcopy"

     

       599
       599
       +
             "TARGET_RANLIB=${stdenv.cc.targetPrefix}ranlib"

     

       600
       600
       +
             "TARGET_STRIP=${stdenv.cc.targetPrefix}strip"

     

       601
       601
       +
           ]

     

       602
       602
       +
           ++ lib.optional zfsSupport "--enable-libzfs"

     

       603
       603
       +
           ++ lib.optionals efiSupport [

     

       604
       604
       +
             "--with-platform=efi"

     

       605
       605
       +
             "--target=${efiSystemsBuild.${stdenv.hostPlatform.system}.target}"

     

       606
       606
       +
             "--program-prefix="

     

       607
       607
       +
           ]

     

       608
       608
       +
           ++ lib.optionals xenSupport [

     

       609
       609
       +
             "--with-platform=xen"

     

       610
       610
       +
             "--target=${efiSystemsBuild.${stdenv.hostPlatform.system}.target}"

     

       611
       611
       +
           ];

     

       591
       612
        
       

     

       592
       592
       -
           configureFlags =

     

       593
       593
       -
             [

     

       594
       594
       -
               "--enable-grub-mount" # dep of os-prober

     

       595
       595
       -
             ]

     

       596
       596
       -
             ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [

     

       597
       597
       -
               # grub doesn't do cross-compilation as usual and tries to use unprefixed

     

       598
       598
       -
               # tools to target the host. Provide toolchain information explicitly for

     

       599
       599
       -
               # cross builds.

     

       600
       600
       -
               #

     

       601
       601
       -
               # Ref: # https://github.com/buildroot/buildroot/blob/master/boot/grub2/grub2.mk#L108

     

       602
       602
       -
               "TARGET_CC=${stdenv.cc.targetPrefix}cc"

     

       603
       603
       -
               "TARGET_NM=${stdenv.cc.targetPrefix}nm"

     

       604
       604
       -
               "TARGET_OBJCOPY=${stdenv.cc.targetPrefix}objcopy"

     

       605
       605
       -
               "TARGET_RANLIB=${stdenv.cc.targetPrefix}ranlib"

     

       606
       606
       -
               "TARGET_STRIP=${stdenv.cc.targetPrefix}strip"

     

       607
       607
       -
             ]

     

       608
       608
       -
             ++ lib.optional zfsSupport "--enable-libzfs"

     

       609
       609
       -
             ++ lib.optionals efiSupport [

     

       610
       610
       -
               "--with-platform=efi"

     

       611
       611
       -
               "--target=${efiSystemsBuild.${stdenv.hostPlatform.system}.target}"

     

       612
       612
       -
               "--program-prefix="

     

       613
       613
       -
             ]

     

       614
       614
       -
             ++ lib.optionals xenSupport [

     

       615
       615
       -
               "--with-platform=xen"

     

       616
       616
       -
               "--target=${efiSystemsBuild.${stdenv.hostPlatform.system}.target}"

     

       617
       617
       -
             ];

     

       613
       613
       +
         # save target that grub is compiled for

     

       614
       614
       +
         grubTarget =

     

       615
       615
       +
           if efiSupport then

     

       616
       616
       +
             "${efiSystemsInstall.${stdenv.hostPlatform.system}.target}-efi"

     

       617
       617
       +
           else

     

       618
       618
       +
             lib.optionalString inPCSystems "${pcSystems.${stdenv.hostPlatform.system}.target}-pc";

     

       618
       619
        
       

     

       619
       619
       -
           # save target that grub is compiled for

     

       620
       620
       -
           grubTarget =

     

       621
       621
       -
             if efiSupport then

     

       622
       622
       -
               "${efiSystemsInstall.${stdenv.hostPlatform.system}.target}-efi"

     

       623
       623
       -
             else

     

       624
       624
       -
               lib.optionalString inPCSystems "${pcSystems.${stdenv.hostPlatform.system}.target}-pc";

     

       620
       620
       +
         doCheck = false;

     

       621
       621
       +
         enableParallelBuilding = true;

     

       625
       622
        
       

     

       626
       626
       -
           doCheck = false;

     

       627
       627
       -
           enableParallelBuilding = true;

     

       623
       623
       +
         postInstall = ''

     

       624
       624
       +
           # Avoid a runtime reference to gcc

     

       625
       625
       +
           sed -i $out/lib/grub/*/modinfo.sh -e "/grub_target_cppflags=/ s|'.*'|' '|"

     

       626
       626
       +
           # just adding bash to buildInputs wasn't enough to fix the shebang

     

       627
       627
       +
           substituteInPlace $out/lib/grub/*/modinfo.sh \

     

       628
       628
       +
             --replace ${buildPackages.bash} "/usr/bin/bash"

     

       629
       629
       +
         '';

     

       628
       630
        
       

     

       629
       629
       -
           postInstall = ''

     

       630
       630
       -
             # Avoid a runtime reference to gcc

     

       631
       631
       -
             sed -i $out/lib/grub/*/modinfo.sh -e "/grub_target_cppflags=/ s|'.*'|' '|"

     

       632
       632
       -
             # just adding bash to buildInputs wasn't enough to fix the shebang

     

       633
       633
       -
             substituteInPlace $out/lib/grub/*/modinfo.sh \

     

       634
       634
       -
               --replace ${buildPackages.bash} "/usr/bin/bash"

     

       635
       635
       -
           '';

     

       631
       631
       +
         passthru.tests = {

     

       632
       632
       +
           nixos-grub = nixosTests.grub;

     

       633
       633
       +
           nixos-install-simple = nixosTests.installer.simple;

     

       634
       634
       +
           nixos-install-grub-uefi = nixosTests.installer.simpleUefiGrub;

     

       635
       635
       +
           nixos-install-grub-uefi-spec = nixosTests.installer.simpleUefiGrubSpecialisation;

     

       636
       636
       +
         };

     

       636
       637
        
       

     

       637
       637
       -
           passthru.tests = {

     

       638
       638
       -
             nixos-grub = nixosTests.grub;

     

       639
       639
       -
             nixos-install-simple = nixosTests.installer.simple;

     

       640
       640
       -
             nixos-install-grub-uefi = nixosTests.installer.simpleUefiGrub;

     

       641
       641
       -
             nixos-install-grub-uefi-spec = nixosTests.installer.simpleUefiGrubSpecialisation;

     

       642
       642
       -
           };

     

       638
       638
       +
         meta = with lib; {

     

       639
       639
       +
           description = "GNU GRUB, the Grand Unified Boot Loader";

     

       643
       640
        
       

     

       644
       644
       -
           meta = with lib; {

     

       645
       645
       -
             description = "GNU GRUB, the Grand Unified Boot Loader";

     

       641
       641
       +
           longDescription = ''

     

       642
       642
       +
             GNU GRUB is a Multiboot boot loader. It was derived from GRUB, GRand

     

       643
       643
       +
             Unified Bootloader, which was originally designed and implemented by

     

       644
       644
       +
             Erich Stefan Boleyn.

     

       646
       645
        
       

     

       647
       647
       -
             longDescription = ''

     

       648
       648
       -
               GNU GRUB is a Multiboot boot loader. It was derived from GRUB, GRand

     

       649
       649
       -
               Unified Bootloader, which was originally designed and implemented by

     

       650
       650
       -
               Erich Stefan Boleyn.

     

       646
       646
       +
             Briefly, the boot loader is the first software program that runs when a

     

       647
       647
       +
             computer starts.  It is responsible for loading and transferring

     

       648
       648
       +
             control to the operating system kernel software (such as the Hurd or

     

       649
       649
       +
             the Linux).  The kernel, in turn, initializes the rest of the

     

       650
       650
       +
             operating system (e.g., GNU).

     

       651
       651
       +
           '';

     

       651
       652
        
       

     

       652
       652
       -
               Briefly, the boot loader is the first software program that runs when a

     

       653
       653
       -
               computer starts.  It is responsible for loading and transferring

     

       654
       654
       -
               control to the operating system kernel software (such as the Hurd or

     

       655
       655
       -
               the Linux).  The kernel, in turn, initializes the rest of the

     

       656
       656
       -
               operating system (e.g., GNU).

     

       657
       657
       -
             '';

     

       653
       653
       +
           homepage = "https://www.gnu.org/software/grub/";

     

       658
       654
        
       

     

       659
       659
       -
             homepage = "https://www.gnu.org/software/grub/";

     

       655
       655
       +
           license = licenses.gpl3Plus;

     

       660
       656
        
       

     

       661
       661
       -
             license = licenses.gpl3Plus;

     

       657
       657
       +
           platforms =

     

       658
       658
       +
             if xenSupport then

     

       659
       659
       +
               [

     

       660
       660
       +
                 "x86_64-linux"

     

       661
       661
       +
                 "i686-linux"

     

       662
       662
       +
               ]

     

       663
       663
       +
             else

     

       664
       664
       +
               platforms.gnu ++ platforms.linux;

     

       662
       665
        
       

     

       663
       663
       -
             platforms =

     

       664
       664
       -
               if xenSupport then

     

       665
       665
       -
                 [

     

       666
       666
       -
                   "x86_64-linux"

     

       667
       667
       -
                   "i686-linux"

     

       668
       668
       -
                 ]

     

       669
       669
       -
               else

     

       670
       670
       -
                 platforms.gnu ++ platforms.linux;

     

       666
       666
       +
           maintainers = [ ];

     

       671
       667
        
       

     

       672
       672
       -
             maintainers = [ ];

     

       673
       673
       -
           };

     

       674
       674
       -
         }

     

       675
       675
       -
       )

     

       668
       668
       +
           broken = !(efiSupport -> canEfi) || !(zfsSupport -> zfs != null) || (efiSupport && xenSupport);

     

       669
       669
       +
         };

     

       670
       670
       +
       }

+3 -3

pkgs/top-level/all-packages.nix

···

       6855
       6855
        
             electron-source.electron_37

     

       6856
       6856
        
           else

     

       6857
       6857
        
             electron_37-bin;

     

       6858
       6858
       -
         electron = electron_35;

     

       6859
       6859
       -
         electron-bin = electron_35-bin;

     

       6860
       6860
       -
         electron-chromedriver = electron-chromedriver_35;

     

       6858
       6858
       +
         electron = electron_37;

     

       6859
       6859
       +
         electron-bin = electron_37-bin;

     

       6860
       6860
       +
         electron-chromedriver = electron-chromedriver_37;

     

       6861
       6861
        
       

     

       6862
       6862
        
         autoconf = callPackage ../development/tools/misc/autoconf { };

     

       6863
       6863
        
         autoconf213 = callPackage ../development/tools/misc/autoconf/2.13.nix { };