pyrox.dev
+1
-1
doc/languages-frameworks/cuda.section.md
+1
-1
doc/languages-frameworks/cuda.section.md
···In the scenario you are unable to run the resulting binary: this is arguably the most complicated as it could be any combination of the previous reasons. This type of failure typically occurs when a library attempts to load or open a library it depends on that it does not declare in its `DT_NEEDED` section. As a first step, ensure that dependencies are patched with [`autoAddDriverRunpath`](https://search.nixos.org/packages?channel=unstable&type=packages&query=autoAddDriverRunpath). Failing that, try running the application with [`nixGL`](https://github.com/guibou/nixGL) or a similar wrapper tool. If that works, it likely means that the application is attempting to load a library that is not in the `RPATH` or `RUNPATH` of the binary.-## Running Docker or Podman containers with CUDA support {#running-docker-or-podman-containers-with-cuda-support}It is possible to run Docker or Podman containers with CUDA support. The recommended mechanism to perform this task is to use the [NVIDIA Container Toolkit](https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/latest/index.html).
···In the scenario you are unable to run the resulting binary: this is arguably the most complicated as it could be any combination of the previous reasons. This type of failure typically occurs when a library attempts to load or open a library it depends on that it does not declare in its `DT_NEEDED` section. As a first step, ensure that dependencies are patched with [`autoAddDriverRunpath`](https://search.nixos.org/packages?channel=unstable&type=packages&query=autoAddDriverRunpath). Failing that, try running the application with [`nixGL`](https://github.com/guibou/nixGL) or a similar wrapper tool. If that works, it likely means that the application is attempting to load a library that is not in the `RPATH` or `RUNPATH` of the binary.It is possible to run Docker or Podman containers with CUDA support. The recommended mechanism to perform this task is to use the [NVIDIA Container Toolkit](https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/latest/index.html).
+12
maintainers/maintainer-list.nix
+12
maintainers/maintainer-list.nix
······
······
+14
nixos/doc/manual/release-notes/rl-2411.section.md
+14
nixos/doc/manual/release-notes/rl-2411.section.md
······- The `services.prometheus.exporters.minio` option has been removed, as it's upstream implementation was broken and unmaintained.Minio now has built-in [Prometheus metrics exposure](https://min.io/docs/minio/linux/operations/monitoring/collect-minio-metrics-using-prometheus.html), which can be used instead.- The `services.patroni.raft` option has been removed, as Raft has been [deprecated by upstream since 3.0.0](https://github.com/patroni/patroni/blob/master/docs/releases.rst#version-300)- `services.roundcube.maxAttachmentSize` will multiply the value set with `1.37` to offset overhead introduced by the base64 encoding applied to attachments.
···+- `gradle_6` was removed due to being [unsupported upstream as of 10 Feb 2023](https://endoflife.date/gradle).+[CVE-2021-29427](https://nvd.nist.gov/vuln/detail/CVE-2021-29427), [CVE-2021-29428](https://nvd.nist.gov/vuln/detail/CVE-2021-29428), and [CVE-2021-32751](https://nvd.nist.gov/vuln/detail/CVE-2021-32751).···- The `services.prometheus.exporters.minio` option has been removed, as it's upstream implementation was broken and unmaintained.Minio now has built-in [Prometheus metrics exposure](https://min.io/docs/minio/linux/operations/monitoring/collect-minio-metrics-using-prometheus.html), which can be used instead.+- The `services.prometheus.exporters.tor` option has been removed, as its upstream implementation was broken and unmaintained.- The `services.patroni.raft` option has been removed, as Raft has been [deprecated by upstream since 3.0.0](https://github.com/patroni/patroni/blob/master/docs/releases.rst#version-300)+- The `jd-cli` package was removed due to an inactive upstream and a dependency on the shut down+Java decompilers already packaged in Nixpkgs include `bytecode-viewer` (GUI), `cfr` (CLI), and `procyon` (CLI).+- The `jd-gui` package was removed due to an inactive upstream and a dependency on the end-of-life Gradle 6.+Java decompilers already packaged in Nixpkgs include `bytecode-viewer` (GUI), `cfr` (CLI), and `procyon` (CLI).- `services.roundcube.maxAttachmentSize` will multiply the value set with `1.37` to offset overhead introduced by the base64 encoding applied to attachments.
+3
-1
nixos/modules/services/monitoring/prometheus/exporters.nix
+3
-1
nixos/modules/services/monitoring/prometheus/exporters.nix
······
-43
nixos/modules/services/monitoring/prometheus/exporters/tor.nix
-43
nixos/modules/services/monitoring/prometheus/exporters/tor.nix
···
···
-19
nixos/tests/prometheus-exporters.nix
-19
nixos/tests/prometheus-exporters.nix
···
+3
-3
pkgs/applications/audio/spotify-player/default.nix
+3
-3
pkgs/applications/audio/spotify-player/default.nix
···
···
+8
-8
pkgs/applications/editors/vscode/vscode.nix
+8
-8
pkgs/applications/editors/vscode/vscode.nix
······
······
+5
-2
pkgs/applications/graphics/ImageMagick/default.nix
+5
-2
pkgs/applications/graphics/ImageMagick/default.nix
············
············
pkgs/applications/misc/bambu-studio/0001-not-for-upstream-CMakeLists-Link-against-webkit2gtk-.patch
pkgs/applications/misc/bambu-studio/patches/0001-not-for-upstream-CMakeLists-Link-against-webkit2gtk-.patch
pkgs/applications/misc/bambu-studio/0001-not-for-upstream-CMakeLists-Link-against-webkit2gtk-.patch
pkgs/applications/misc/bambu-studio/patches/0001-not-for-upstream-CMakeLists-Link-against-webkit2gtk-.patch
pkgs/applications/misc/bambu-studio/0002-fix-build-for-gcc-13.diff
pkgs/applications/misc/bambu-studio/patches/0002-fix-build-for-gcc-13.diff
pkgs/applications/misc/bambu-studio/0002-fix-build-for-gcc-13.diff
pkgs/applications/misc/bambu-studio/patches/0002-fix-build-for-gcc-13.diff
+39
-25
pkgs/applications/misc/bambu-studio/default.nix
+39
-25
pkgs/applications/misc/bambu-studio/default.nix
························
························
pkgs/applications/misc/bambu-studio/dont-link-opencv-world.patch
pkgs/applications/misc/bambu-studio/patches/dont-link-opencv-world-orca.patch
pkgs/applications/misc/bambu-studio/dont-link-opencv-world.patch
pkgs/applications/misc/bambu-studio/patches/dont-link-opencv-world-orca.patch
pkgs/applications/misc/bambu-studio/meshboolean-const.patch
pkgs/applications/misc/bambu-studio/patches/meshboolean-const.patch
pkgs/applications/misc/bambu-studio/meshboolean-const.patch
pkgs/applications/misc/bambu-studio/patches/meshboolean-const.patch
+9
-15
pkgs/applications/misc/bambu-studio/orca-slicer.nix
+9
-15
pkgs/applications/misc/bambu-studio/orca-slicer.nix
······
······
+14
pkgs/applications/misc/bambu-studio/patches/dont-link-opencv-world-bambu.patch
+14
pkgs/applications/misc/bambu-studio/patches/dont-link-opencv-world-bambu.patch
···
···
+13
-8
pkgs/applications/misc/bb/default.nix
+13
-8
pkgs/applications/misc/bb/default.nix
······-env.NIX_CFLAGS_COMPILE = lib.optionalString (stdenv.hostPlatform.isDarwin && stdenv.hostPlatform.isAarch64)
······
+145
pkgs/applications/misc/bb/included-files-updates.diff
+145
pkgs/applications/misc/bb/included-files-updates.diff
···
···
+7
-2
pkgs/applications/misc/gallery-dl/default.nix
+7
-2
pkgs/applications/misc/gallery-dl/default.nix
······
······
+2
-2
pkgs/applications/misc/gremlin-console/default.nix
+2
-2
pkgs/applications/misc/gremlin-console/default.nix
···url = "https://downloads.apache.org/tinkerpop/${version}/apache-tinkerpop-gremlin-console-${version}-bin.zip";
···url = "https://downloads.apache.org/tinkerpop/${version}/apache-tinkerpop-gremlin-console-${version}-bin.zip";
+6
-6
pkgs/applications/video/qctools/default.nix
+6
-6
pkgs/applications/video/qctools/default.nix
·········
·········
+28
pkgs/by-name/ar/armitage/gradle-8.patch
+28
pkgs/by-name/ar/armitage/gradle-8.patch
···
···+configurations.compileClasspath.filter { it.exists() }.collect { it.isDirectory() ? it : zipTree(it) }+configurations.compileClasspath.filter { it.exists() }.collect { it.isDirectory() ? it : zipTree(it) }
+3
-3
pkgs/by-name/ar/armitage/package.nix
+3
-3
pkgs/by-name/ar/armitage/package.nix
·········url = "https://gitlab.com/kalilinux/packages/armitage/-/raw/042beb7494a10227761ecb3ddabf4019bbb78681/debian/patches/fix-meterpreter.patch";
·········url = "https://gitlab.com/kalilinux/packages/armitage/-/raw/042beb7494a10227761ecb3ddabf4019bbb78681/debian/patches/fix-meterpreter.patch";
+3
-3
pkgs/by-name/at/atproto-goat/package.nix
+3
-3
pkgs/by-name/at/atproto-goat/package.nix
···
···
pkgs/by-name/au/auto-patchelf/auto-patchelf.py
pkgs/by-name/au/auto-patchelf/src/auto-patchelf.py
pkgs/by-name/au/auto-patchelf/auto-patchelf.py
pkgs/by-name/au/auto-patchelf/src/auto-patchelf.py
+1
-6
pkgs/by-name/au/auto-patchelf/package.nix
+1
-6
pkgs/by-name/au/auto-patchelf/package.nix
+4
-6
pkgs/by-name/aw/awscli2/package.nix
+4
-6
pkgs/by-name/aw/awscli2/package.nix
···
···
+2
-2
pkgs/by-name/bi/bitbake-language-server/package.nix
+2
-2
pkgs/by-name/bi/bitbake-language-server/package.nix
···
···
+59
pkgs/by-name/ct/ctune/cmake_disable_git_clone.patch
+59
pkgs/by-name/ct/ctune/cmake_disable_git_clone.patch
···
···+-#========================================== PRE-CHECKS ============================================#+#======================================== LIB IMPORTS =============================================#
+66
pkgs/by-name/ct/ctune/package.nix
+66
pkgs/by-name/ct/ctune/package.nix
···
···+description = "A nice terminal nCurses (tui) internet radio player for Linux, browse and search from api.radio-browser.info";
+1
-1
pkgs/by-name/fa/facter/Gemfile.lock
+1
-1
pkgs/by-name/fa/facter/Gemfile.lock
+2
-2
pkgs/by-name/fa/facter/gemset.nix
+2
-2
pkgs/by-name/fa/facter/gemset.nix
+41
pkgs/by-name/he/hexyl/package.nix
+41
pkgs/by-name/he/hexyl/package.nix
···
···
pkgs/by-name/ma/matrix-hebbot/package.nix
pkgs/by-name/he/hebbot/package.nix
pkgs/by-name/ma/matrix-hebbot/package.nix
pkgs/by-name/he/hebbot/package.nix
+2
-2
pkgs/by-name/mu/mullvad-browser/package.nix
+2
-2
pkgs/by-name/mu/mullvad-browser/package.nix
······"https://tor.eff.org/dist/mullvadbrowser/${version}/mullvad-browser-linux-x86_64-${version}.tar.xz""https://tor.calyxinstitute.org/dist/mullvadbrowser/${version}/mullvad-browser-linux-x86_64-${version}.tar.xz"
······"https://tor.eff.org/dist/mullvadbrowser/${version}/mullvad-browser-linux-x86_64-${version}.tar.xz""https://tor.calyxinstitute.org/dist/mullvadbrowser/${version}/mullvad-browser-linux-x86_64-${version}.tar.xz"
+6
-11
pkgs/by-name/or/orbiton/package.nix
+6
-11
pkgs/by-name/or/orbiton/package.nix
···
···
+1
-1
pkgs/by-name/pd/pdk/Gemfile
+1
-1
pkgs/by-name/pd/pdk/Gemfile
+17
-11
pkgs/by-name/pd/pdk/Gemfile.lock
+17
-11
pkgs/by-name/pd/pdk/Gemfile.lock
·········
·········
+37
-15
pkgs/by-name/pd/pdk/gemset.nix
+37
-15
pkgs/by-name/pd/pdk/gemset.nix
············-dependencies = ["childprocess" "cri" "deep_merge" "diff-lcs" "ffi" "hitimes" "json-schema" "json_pure" "minitar" "pathspec" "tty-prompt" "tty-spinner" "tty-which"];
············+dependencies = ["childprocess" "cri" "deep_merge" "diff-lcs" "ffi" "hitimes" "json-schema" "json_pure" "minitar" "pathspec" "puppet-modulebuilder" "tty-prompt" "tty-spinner" "tty-which"];
+137
pkgs/by-name/po/positron-bin/package.nix
+137
pkgs/by-name/po/positron-bin/package.nix
···
···+url = "https://github.com/posit-dev/positron/releases/download/${version}/Positron-${version}.dmg";+url = "https://github.com/posit-dev/positron/releases/download/${version}/Positron-${version}.deb";+${lib.optionalString stdenv.hostPlatform.isLinux ''dpkg-deb --fsys-tarfile "$src" | tar -x --no-same-owner''}+install -m 444 -D usr/share/applications/positron.desktop "$out/share/applications/positron.desktop"
+54
pkgs/by-name/po/positron-bin/update.sh
+54
pkgs/by-name/po/positron-bin/update.sh
···
···+"https://github.com/posit-dev/positron/releases/download/${current_version}/Positron-${current_version}.dmg" \+"https://github.com/posit-dev/positron/releases/download/${new_version}/Positron-${new_version}.dmg" \+"https://github.com/posit-dev/positron/releases/download/${current_version}/Positron-${current_version}.deb" \+"https://github.com/posit-dev/positron/releases/download/${new_version}/Positron-${new_version}.deb" \
+3
-3
pkgs/by-name/si/simple64-netplay-server/package.nix
+3
-3
pkgs/by-name/si/simple64-netplay-server/package.nix
···
···
+20
-27
pkgs/by-name/sy/syncstorage-rs/Cargo.lock
+20
-27
pkgs/by-name/sy/syncstorage-rs/Cargo.lock
····························································
···+source = "git+https://github.com/getsentry/sentry-rust?rev=1b65b5c#1b65b5c99af975496880e7325218479e0037d097"···+source = "git+https://github.com/getsentry/sentry-rust?rev=1b65b5c#1b65b5c99af975496880e7325218479e0037d097"···+source = "git+https://github.com/getsentry/sentry-rust?rev=1b65b5c#1b65b5c99af975496880e7325218479e0037d097"···+source = "git+https://github.com/getsentry/sentry-rust?rev=1b65b5c#1b65b5c99af975496880e7325218479e0037d097"···+source = "git+https://github.com/getsentry/sentry-rust?rev=1b65b5c#1b65b5c99af975496880e7325218479e0037d097"···+source = "git+https://github.com/getsentry/sentry-rust?rev=1b65b5c#1b65b5c99af975496880e7325218479e0037d097"···+source = "git+https://github.com/getsentry/sentry-rust?rev=1b65b5c#1b65b5c99af975496880e7325218479e0037d097"·······································
+6
-2
pkgs/by-name/sy/syncstorage-rs/package.nix
+6
-2
pkgs/by-name/sy/syncstorage-rs/package.nix
·········
·········
+1
pkgs/development/interpreters/lua-5/interpreter.nix
+1
pkgs/development/interpreters/lua-5/interpreter.nix
+39
pkgs/development/python-modules/automower-ble/default.nix
+39
pkgs/development/python-modules/automower-ble/default.nix
···
···
+2
-2
pkgs/development/python-modules/aw-client/default.nix
+2
-2
pkgs/development/python-modules/aw-client/default.nix
······
······
+11
-13
pkgs/development/python-modules/ftfy/default.nix
+11
-13
pkgs/development/python-modules/ftfy/default.nix
·········
·········
+67
pkgs/development/python-modules/go2rtc-client/default.nix
+67
pkgs/development/python-modules/go2rtc-client/default.nix
···
···+changelog = "https://github.com/home-assistant-libs/python-go2rtc-client/releases/tag/${version}";
+2
-2
pkgs/development/python-modules/jupyterlab-git/default.nix
+2
-2
pkgs/development/python-modules/jupyterlab-git/default.nix
······
······
+4
-4
pkgs/development/python-modules/pyexploitdb/default.nix
+4
-4
pkgs/development/python-modules/pyexploitdb/default.nix
·········
·········
+2
-2
pkgs/development/python-modules/sagemaker-core/default.nix
+2
-2
pkgs/development/python-modules/sagemaker-core/default.nix
···
···
+33
pkgs/development/python-modules/sphinx-lv2-theme/default.nix
+33
pkgs/development/python-modules/sphinx-lv2-theme/default.nix
···
···
+4
-5
pkgs/development/python-modules/thinqconnect/default.nix
+4
-5
pkgs/development/python-modules/thinqconnect/default.nix
······
······
+7
-15
pkgs/development/python-modules/walrus/default.nix
+7
-15
pkgs/development/python-modules/walrus/default.nix
······-url = "https://github.com/coleifer/walrus/commit/79e20c89aa4015017ef8a3e0b5c27ca2731dc9b2.patch";
······
+59
pkgs/development/python-modules/webrtc-models/default.nix
+59
pkgs/development/python-modules/webrtc-models/default.nix
···
···+changelog = "https://github.com/home-assistant-libs/python-webrtc-models/releases/tag/${version}";
-12
pkgs/development/tools/build-managers/gradle/default.nix
-12
pkgs/development/tools/build-managers/gradle/default.nix
···-"CVE-2021-29429: '[...]files created with open permissions in the system temporary directory can allow an attacker to access information downloaded by Gradle[...]'"-"CVE-2021-29427: '[...]there is a vulnerability which can lead to information disclosure and/or dependency poisoning[...] In some cases, Gradle may ignore content filters and search all repositories for dependencies. This only occurs when repository content filtering is used from within a `pluginManagement` block in a settings file.'"-"CVE-2021-29428: '[...]the system temporary directory can be created with open permissions that allow multiple users to create and delete files within it. Gradle builds could be vulnerable to a local privilege escalation from an attacker quickly deleting and recreating files in the system temporary directory.'"-"CVE-2021-32751: '[...]start scripts generated by the `application` plugin and the `gradlew` script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script[...]'"lib, callPackage, mitm-cache, substituteAll, symlinkJoin, concatTextFile, makeSetupHook, nix-update-script
+3
-3
pkgs/servers/home-assistant/custom-lovelace-modules/mushroom/default.nix
+3
-3
pkgs/servers/home-assistant/custom-lovelace-modules/mushroom/default.nix
···
···
+41
pkgs/servers/monitoring/nagios-plugins/openbsd_snmp3_check/default.nix
+41
pkgs/servers/monitoring/nagios-plugins/openbsd_snmp3_check/default.nix
···
···+changelog = "https://github.com/alexander-naumov/openbsd_snmp3_check/releases/tag/v${version}";
+1
pkgs/servers/monitoring/nagios-plugins/plugins.nix
+1
pkgs/servers/monitoring/nagios-plugins/plugins.nix
-40
pkgs/servers/monitoring/prometheus/tor-exporter.nix
-40
pkgs/servers/monitoring/prometheus/tor-exporter.nix
···
···
+4
-4
pkgs/servers/teleport/15/default.nix
+4
-4
pkgs/servers/teleport/15/default.nix
···
···
+3
-3
pkgs/servers/teleport/16/default.nix
+3
-3
pkgs/servers/teleport/16/default.nix
···
···
+1
-1
pkgs/servers/teleport/generic.nix
+1
-1
pkgs/servers/teleport/generic.nix
+1
-1
pkgs/servers/teleport/tsh.patch
+1
-1
pkgs/servers/teleport/tsh.patch
-17
pkgs/servers/teleport/tsh_16.patch
-17
pkgs/servers/teleport/tsh_16.patch
···
···
+2
-2
pkgs/servers/web-apps/nifi/default.nix
+2
-2
pkgs/servers/web-apps/nifi/default.nix
+3
-3
pkgs/servers/x11/xorg/default.nix
+3
-3
pkgs/servers/x11/xorg/default.nix
···libAppleWM = callPackage ({ stdenv, pkg-config, fetchurl, xorgproto, libX11, libXext, testers }: stdenv.mkDerivation (finalAttrs: {
···libAppleWM = callPackage ({ stdenv, pkg-config, fetchurl, xorgproto, libX11, libXext, testers }: stdenv.mkDerivation (finalAttrs: {+url = "https://gitlab.freedesktop.org/xorg/lib/libAppleWM/-/archive/be972ebc3a97292e7d2b2350eff55ae12df99a42/libAppleWM-be972ebc3a97292e7d2b2350eff55ae12df99a42.tar.bz2";
+2
-4
pkgs/servers/x11/xorg/overrides.nix
+2
-4
pkgs/servers/x11/xorg/overrides.nix
···
+1
-1
pkgs/servers/x11/xorg/tarballs.list
+1
-1
pkgs/servers/x11/xorg/tarballs.list
···
···+https://gitlab.freedesktop.org/xorg/lib/libAppleWM/-/archive/be972ebc3a97292e7d2b2350eff55ae12df99a42/libAppleWM-be972ebc3a97292e7d2b2350eff55ae12df99a42.tar.bz2
-30
pkgs/tools/misc/hexyl/default.nix
-30
pkgs/tools/misc/hexyl/default.nix
···
···
+2
-2
pkgs/tools/misc/panoply/default.nix
+2
-2
pkgs/tools/misc/panoply/default.nix
···
···
+4
pkgs/tools/package-management/nix/common.nix
+4
pkgs/tools/package-management/nix/common.nix
·········
·········
+51
pkgs/tools/package-management/nix/default.nix
+51
pkgs/tools/package-management/nix/default.nix
······
······
+315
pkgs/tools/package-management/nix/patches/2_18/0001-fix-Run-all-derivation-builders-inside-the-sandbox-o.patch
+315
pkgs/tools/package-management/nix/patches/2_18/0001-fix-Run-all-derivation-builders-inside-the-sandbox-o.patch
···
···+diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc++extern "C" int sandbox_init_with_parameters(const char *profile, uint64_t flags, const char *const parameters[], char **errorbuf);+- /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */+- /* And we want the store in there regardless of how empty dirsInChroot. We include the innermost++ /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */+- /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be configurable */++ /* And we want the store in there regardless of how empty dirsInChroot. We include the innermost++ /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be configurable */+- /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different mechanisms+- to find temporary directories, so we want to open up a broader place for them to dump their files, if needed. */++ /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different mechanisms++ to find temporary directories, so we want to open up a broader place for them to dump their files, if needed. */++ if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), NULL)) {
+34
pkgs/tools/package-management/nix/patches/2_18/0002-local-derivation-goal-Print-sandbox-error-detail-on-.patch
+34
pkgs/tools/package-management/nix/patches/2_18/0002-local-derivation-goal-Print-sandbox-error-detail-on-.patch
···
···+diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc+- if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), NULL)) {++ if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), &sandbox_errbuf)) {++ writeFull(STDERR_FILENO, fmt("failed to configure sandbox: %s\n", sandbox_errbuf ? sandbox_errbuf : "(null)"));
+41
pkgs/tools/package-management/nix/patches/2_18/0003-local-derivation-goal-Refactor.patch
+41
pkgs/tools/package-management/nix/patches/2_18/0003-local-derivation-goal-Refactor.patch
···
···+diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc
+75
pkgs/tools/package-management/nix/patches/2_18/0004-local-derivation-goal-Move-builder-preparation-to-no.patch
+75
pkgs/tools/package-management/nix/patches/2_18/0004-local-derivation-goal-Move-builder-preparation-to-no.patch
···
···+diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc+- posix_spawn(NULL, builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());++ posix_spawn(NULL, drv->builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());++ execve(drv->builder.c_str(), stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());
+312
pkgs/tools/package-management/nix/patches/2_19/0001-fix-Run-all-derivation-builders-inside-the-sandbox-o.patch
+312
pkgs/tools/package-management/nix/patches/2_19/0001-fix-Run-all-derivation-builders-inside-the-sandbox-o.patch
···
···+diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc++extern "C" int sandbox_init_with_parameters(const char *profile, uint64_t flags, const char *const parameters[], char **errorbuf);+- /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */+- /* And we want the store in there regardless of how empty pathsInChroot. We include the innermost++ /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */++ /* And we want the store in there regardless of how empty pathsInChroot. We include the innermost+- /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be configurable */++ /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be configurable */+- /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different mechanisms+- to find temporary directories, so we want to open up a broader place for them to dump their files, if needed. */++ /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different mechanisms++ to find temporary directories, so we want to open up a broader place for them to dump their files, if needed. */++ if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), NULL)) {
+34
pkgs/tools/package-management/nix/patches/2_19/0002-local-derivation-goal-Print-sandbox-error-detail-on-.patch
+34
pkgs/tools/package-management/nix/patches/2_19/0002-local-derivation-goal-Print-sandbox-error-detail-on-.patch
···
···+diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc+- if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), NULL)) {++ if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), &sandbox_errbuf)) {++ writeFull(STDERR_FILENO, fmt("failed to configure sandbox: %s\n", sandbox_errbuf ? sandbox_errbuf : "(null)"));
+41
pkgs/tools/package-management/nix/patches/2_19/0003-local-derivation-goal-Refactor.patch
+41
pkgs/tools/package-management/nix/patches/2_19/0003-local-derivation-goal-Refactor.patch
···
···+diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc
+75
pkgs/tools/package-management/nix/patches/2_19/0004-local-derivation-goal-Move-builder-preparation-to-no.patch
+75
pkgs/tools/package-management/nix/patches/2_19/0004-local-derivation-goal-Move-builder-preparation-to-no.patch
···
···+diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc+- posix_spawn(NULL, builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());++ posix_spawn(NULL, drv->builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());++ execve(drv->builder.c_str(), stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());
+320
pkgs/tools/package-management/nix/patches/2_20/0001-fix-Run-all-derivation-builders-inside-the-sandbox-o.patch
+320
pkgs/tools/package-management/nix/patches/2_20/0001-fix-Run-all-derivation-builders-inside-the-sandbox-o.patch
···
···+++ lib.optional (stdenv.hostPlatform == stdenv.buildPlatform && (stdenv.isLinux || stdenv.isDarwin))+diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc++extern "C" int sandbox_init_with_parameters(const char *profile, uint64_t flags, const char *const parameters[], char **errorbuf);+- /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */+- /* And we want the store in there regardless of how empty pathsInChroot. We include the innermost++ /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */++ /* And we want the store in there regardless of how empty pathsInChroot. We include the innermost+- /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be configurable */++ /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be configurable */+- /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different mechanisms+- to find temporary directories, so we want to open up a broader place for them to dump their files, if needed. */++ /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different mechanisms++ to find temporary directories, so we want to open up a broader place for them to dump their files, if needed. */++ if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), NULL)) {
+34
pkgs/tools/package-management/nix/patches/2_20/0002-local-derivation-goal-Print-sandbox-error-detail-on-.patch
+34
pkgs/tools/package-management/nix/patches/2_20/0002-local-derivation-goal-Print-sandbox-error-detail-on-.patch
···
···+diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc+- if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), NULL)) {++ if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), &sandbox_errbuf)) {++ writeFull(STDERR_FILENO, fmt("failed to configure sandbox: %s\n", sandbox_errbuf ? sandbox_errbuf : "(null)"));
+41
pkgs/tools/package-management/nix/patches/2_20/0003-local-derivation-goal-Refactor.patch
+41
pkgs/tools/package-management/nix/patches/2_20/0003-local-derivation-goal-Refactor.patch
···
···+diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc
+75
pkgs/tools/package-management/nix/patches/2_20/0004-local-derivation-goal-Move-builder-preparation-to-no.patch
+75
pkgs/tools/package-management/nix/patches/2_20/0004-local-derivation-goal-Move-builder-preparation-to-no.patch
···
···+diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc+- posix_spawn(NULL, builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());++ posix_spawn(NULL, drv->builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());++ execve(drv->builder.c_str(), stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());
+320
pkgs/tools/package-management/nix/patches/2_21/0001-fix-Run-all-derivation-builders-inside-the-sandbox-o.patch
+320
pkgs/tools/package-management/nix/patches/2_21/0001-fix-Run-all-derivation-builders-inside-the-sandbox-o.patch
···
···+++ lib.optional (stdenv.hostPlatform == stdenv.buildPlatform && (stdenv.isLinux || stdenv.isDarwin))+diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc++extern "C" int sandbox_init_with_parameters(const char *profile, uint64_t flags, const char *const parameters[], char **errorbuf);+- /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */+- /* And we want the store in there regardless of how empty pathsInChroot. We include the innermost++ /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */++ /* And we want the store in there regardless of how empty pathsInChroot. We include the innermost+- /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be configurable */++ /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be configurable */+- /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different mechanisms+- to find temporary directories, so we want to open up a broader place for them to dump their files, if needed. */++ /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different mechanisms++ to find temporary directories, so we want to open up a broader place for them to dump their files, if needed. */++ if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), NULL)) {
+34
pkgs/tools/package-management/nix/patches/2_21/0002-local-derivation-goal-Print-sandbox-error-detail-on-.patch
+34
pkgs/tools/package-management/nix/patches/2_21/0002-local-derivation-goal-Print-sandbox-error-detail-on-.patch
···
···+diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc+- if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), NULL)) {++ if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), &sandbox_errbuf)) {++ writeFull(STDERR_FILENO, fmt("failed to configure sandbox: %s\n", sandbox_errbuf ? sandbox_errbuf : "(null)"));
+41
pkgs/tools/package-management/nix/patches/2_21/0003-local-derivation-goal-Refactor.patch
+41
pkgs/tools/package-management/nix/patches/2_21/0003-local-derivation-goal-Refactor.patch
···
···+diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc
+75
pkgs/tools/package-management/nix/patches/2_21/0004-local-derivation-goal-Move-builder-preparation-to-no.patch
+75
pkgs/tools/package-management/nix/patches/2_21/0004-local-derivation-goal-Move-builder-preparation-to-no.patch
···
···+diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc+- posix_spawn(NULL, builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());++ posix_spawn(NULL, drv->builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());++ execve(drv->builder.c_str(), stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());
+327
pkgs/tools/package-management/nix/patches/2_22/0001-fix-Run-all-derivation-builders-inside-the-sandbox-o.patch
+327
pkgs/tools/package-management/nix/patches/2_22/0001-fix-Run-all-derivation-builders-inside-the-sandbox-o.patch
···
···+url = "https://github.com/seccomp/libseccomp/releases/download/v${version}/libseccomp-${version}.tar.gz";+diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc++extern "C" int sandbox_init_with_parameters(const char *profile, uint64_t flags, const char *const parameters[], char **errorbuf);+- /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */+- /* And we want the store in there regardless of how empty pathsInChroot. We include the innermost++ /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */+- /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be configurable */++ /* And we want the store in there regardless of how empty pathsInChroot. We include the innermost++ /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be configurable */+- /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different mechanisms+- to find temporary directories, so we want to open up a broader place for them to put their files, if needed. */++ /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different mechanisms++ to find temporary directories, so we want to open up a broader place for them to put their files, if needed. */++ if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), NULL)) {
+34
pkgs/tools/package-management/nix/patches/2_22/0002-local-derivation-goal-Print-sandbox-error-detail-on-.patch
+34
pkgs/tools/package-management/nix/patches/2_22/0002-local-derivation-goal-Print-sandbox-error-detail-on-.patch
···
···+diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc+- if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), NULL)) {++ if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), &sandbox_errbuf)) {++ writeFull(STDERR_FILENO, fmt("failed to configure sandbox: %s\n", sandbox_errbuf ? sandbox_errbuf : "(null)"));
+41
pkgs/tools/package-management/nix/patches/2_22/0003-local-derivation-goal-Refactor.patch
+41
pkgs/tools/package-management/nix/patches/2_22/0003-local-derivation-goal-Refactor.patch
···
···+diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc
+75
pkgs/tools/package-management/nix/patches/2_22/0004-local-derivation-goal-Move-builder-preparation-to-no.patch
+75
pkgs/tools/package-management/nix/patches/2_22/0004-local-derivation-goal-Move-builder-preparation-to-no.patch
···
···+diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc+- posix_spawn(NULL, builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());++ posix_spawn(NULL, drv->builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());++ execve(drv->builder.c_str(), stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());
+323
pkgs/tools/package-management/nix/patches/2_23/0001-fix-Run-all-derivation-builders-inside-the-sandbox-o.patch
+323
pkgs/tools/package-management/nix/patches/2_23/0001-fix-Run-all-derivation-builders-inside-the-sandbox-o.patch
···
···+++ lib.optional (stdenv.hostPlatform == stdenv.buildPlatform && (stdenv.isLinux || stdenv.isDarwin))+diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc++extern "C" int sandbox_init_with_parameters(const char *profile, uint64_t flags, const char *const parameters[], char **errorbuf);+- /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */+- /* And we want the store in there regardless of how empty pathsInChroot. We include the innermost++ /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */+- /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be configurable */++ /* And we want the store in there regardless of how empty pathsInChroot. We include the innermost++ /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be configurable */+- /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different mechanisms+- to find temporary directories, so we want to open up a broader place for them to put their files, if needed. */++ /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different mechanisms++ to find temporary directories, so we want to open up a broader place for them to put their files, if needed. */++ if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), NULL)) {
+34
pkgs/tools/package-management/nix/patches/2_23/0002-local-derivation-goal-Print-sandbox-error-detail-on-.patch
+34
pkgs/tools/package-management/nix/patches/2_23/0002-local-derivation-goal-Print-sandbox-error-detail-on-.patch
···
···+diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc+- if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), NULL)) {++ if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), &sandbox_errbuf)) {++ writeFull(STDERR_FILENO, fmt("failed to configure sandbox: %s\n", sandbox_errbuf ? sandbox_errbuf : "(null)"));
+41
pkgs/tools/package-management/nix/patches/2_23/0003-local-derivation-goal-Refactor.patch
+41
pkgs/tools/package-management/nix/patches/2_23/0003-local-derivation-goal-Refactor.patch
···
···+diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc
+75
pkgs/tools/package-management/nix/patches/2_23/0004-local-derivation-goal-Move-builder-preparation-to-no.patch
+75
pkgs/tools/package-management/nix/patches/2_23/0004-local-derivation-goal-Move-builder-preparation-to-no.patch
···
···+diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc+- posix_spawn(NULL, builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());++ posix_spawn(NULL, drv->builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());++ execve(drv->builder.c_str(), stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());
+323
pkgs/tools/package-management/nix/patches/2_24/0001-fix-Run-all-derivation-builders-inside-the-sandbox-o.patch
+323
pkgs/tools/package-management/nix/patches/2_24/0001-fix-Run-all-derivation-builders-inside-the-sandbox-o.patch
···
···+++ lib.optional (stdenv.hostPlatform == stdenv.buildPlatform && (stdenv.isLinux || stdenv.isDarwin))+diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc++extern "C" int sandbox_init_with_parameters(const char *profile, uint64_t flags, const char *const parameters[], char **errorbuf);+- /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */+- /* And we want the store in there regardless of how empty pathsInChroot. We include the innermost++ /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */+- /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be configurable */++ /* And we want the store in there regardless of how empty pathsInChroot. We include the innermost++ /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be configurable */+- /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different mechanisms+- to find temporary directories, so we want to open up a broader place for them to put their files, if needed. */++ /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different mechanisms++ to find temporary directories, so we want to open up a broader place for them to put their files, if needed. */++ if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), NULL)) {
+53
pkgs/tools/package-management/nix/patches/2_24/0002-packaging-Add-darwin-lsandbox-in-meson.patch
+53
pkgs/tools/package-management/nix/patches/2_24/0002-packaging-Add-darwin-lsandbox-in-meson.patch
···
···+++ lib.optional (stdenv.hostPlatform == stdenv.buildPlatform && (stdenv.isLinux || stdenv.isDarwin))
+34
pkgs/tools/package-management/nix/patches/2_24/0003-local-derivation-goal-Print-sandbox-error-detail-on-.patch
+34
pkgs/tools/package-management/nix/patches/2_24/0003-local-derivation-goal-Print-sandbox-error-detail-on-.patch
···
···+diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc+- if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), NULL)) {++ if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), &sandbox_errbuf)) {++ writeFull(STDERR_FILENO, fmt("failed to configure sandbox: %s\n", sandbox_errbuf ? sandbox_errbuf : "(null)"));
+41
pkgs/tools/package-management/nix/patches/2_24/0004-local-derivation-goal-Refactor.patch
+41
pkgs/tools/package-management/nix/patches/2_24/0004-local-derivation-goal-Refactor.patch
···
···+diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc
+75
pkgs/tools/package-management/nix/patches/2_24/0005-local-derivation-goal-Move-builder-preparation-to-no.patch
+75
pkgs/tools/package-management/nix/patches/2_24/0005-local-derivation-goal-Move-builder-preparation-to-no.patch
···
···+diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc+- posix_spawn(NULL, builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());++ posix_spawn(NULL, drv->builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());++ execve(drv->builder.c_str(), stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());
+28
pkgs/tools/package-management/nix/patches/git/0001-Fix-meson-build-on-darwin.patch
+28
pkgs/tools/package-management/nix/patches/git/0001-Fix-meson-build-on-darwin.patch
···
···
+323
pkgs/tools/package-management/nix/patches/git/0002-fix-Run-all-derivation-builders-inside-the-sandbox-o.patch
+323
pkgs/tools/package-management/nix/patches/git/0002-fix-Run-all-derivation-builders-inside-the-sandbox-o.patch
···
···+++ lib.optional (stdenv.hostPlatform == stdenv.buildPlatform && (stdenv.isLinux || stdenv.isDarwin))+diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc++extern "C" int sandbox_init_with_parameters(const char *profile, uint64_t flags, const char *const parameters[], char **errorbuf);+- /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */+- /* And we want the store in there regardless of how empty pathsInChroot. We include the innermost++ /* Lots and lots and lots of file functions freak out if they can't stat their full ancestry */+- /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be configurable */++ /* And we want the store in there regardless of how empty pathsInChroot. We include the innermost++ /* Violations will go to the syslog if you set this. Unfortunately the destination does not appear to be configurable */+- /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different mechanisms+- to find temporary directories, so we want to open up a broader place for them to put their files, if needed. */++ /* The tmpDir in scope points at the temporary build directory for our derivation. Some packages try different mechanisms++ to find temporary directories, so we want to open up a broader place for them to put their files, if needed. */++ if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), NULL)) {
+53
pkgs/tools/package-management/nix/patches/git/0003-packaging-Add-darwin-lsandbox-in-meson.patch
+53
pkgs/tools/package-management/nix/patches/git/0003-packaging-Add-darwin-lsandbox-in-meson.patch
···
···+++ lib.optional (stdenv.hostPlatform == stdenv.buildPlatform && (stdenv.isLinux || stdenv.isDarwin))
+34
pkgs/tools/package-management/nix/patches/git/0004-local-derivation-goal-Print-sandbox-error-detail-on-.patch
+34
pkgs/tools/package-management/nix/patches/git/0004-local-derivation-goal-Print-sandbox-error-detail-on-.patch
···
···+diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc+- if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), NULL)) {++ if (sandbox_init_with_parameters(sandboxProfile.c_str(), 0, stringsToCharPtrs(sandboxArgs).data(), &sandbox_errbuf)) {++ writeFull(STDERR_FILENO, fmt("failed to configure sandbox: %s\n", sandbox_errbuf ? sandbox_errbuf : "(null)"));
+41
pkgs/tools/package-management/nix/patches/git/0005-local-derivation-goal-Refactor.patch
+41
pkgs/tools/package-management/nix/patches/git/0005-local-derivation-goal-Refactor.patch
···
···+diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc
+75
pkgs/tools/package-management/nix/patches/git/0006-local-derivation-goal-Move-builder-preparation-to-no.patch
+75
pkgs/tools/package-management/nix/patches/git/0006-local-derivation-goal-Move-builder-preparation-to-no.patch
···
···+diff --git a/src/libstore/unix/build/local-derivation-goal.cc b/src/libstore/unix/build/local-derivation-goal.cc+- posix_spawn(NULL, builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());++ posix_spawn(NULL, drv->builder.c_str(), NULL, &attrp, stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());++ execve(drv->builder.c_str(), stringsToCharPtrs(args).data(), stringsToCharPtrs(envStrs).data());
+44
-22
pkgs/tools/security/fulcio/default.nix
pkgs/by-name/fu/fulcio/package.nix
+44
-22
pkgs/tools/security/fulcio/default.nix
pkgs/by-name/fu/fulcio/package.nix
············
············
-34
pkgs/tools/security/jd-cli/default.nix
-34
pkgs/tools/security/jd-cli/default.nix
···
···
-96
pkgs/tools/security/jd-gui/default.nix
-96
pkgs/tools/security/jd-gui/default.nix
···-url = "https://github.com/java-decompiler/jd-gui/commit/91f805f9dc8ce0097460e63c8095ccea870687e6.patch";
···
-210
pkgs/tools/security/jd-gui/deps.json
-210
pkgs/tools/security/jd-gui/deps.json
···-"!comment": "This is a nixpkgs Gradle dependency lockfile. For more details, refer to the Gradle section in the nixpkgs manual.",
···
+5
pkgs/top-level/aliases.nix
+5
pkgs/top-level/aliases.nix
···gnuradio3_9Minimal = throw "gnuradio3_9Minimal has been removed because it is not compatible with the latest volk and it had no dependent packages which justified it's distribution"; # Added 2024-07-28gnuradio3_9Packages = throw "gnuradio3_9Minimal has been removed because it is not compatible with the latest volk and it had no dependent packages which justified it's distribution"; # Added 2024-07-28gobby5 = throw "'gobby5' has been renamed to/replaced by 'gobby'"; # Converted to throw 2024-10-17···jsawk = throw "'jsawk' has been removed because it is unmaintained upstream"; # Added 2028-08-07···prometheus-openldap-exporter = throw "'prometheus-openldap-exporter' has been removed from nixpkgs, as it was unmaintained"; # Added 2024-09-01prometheus-minio-exporter = throw "'prometheus-minio-exporter' has been removed from nixpkgs, use Minio's built-in Prometheus integration instead"; # Added 2024-06-10
···gnuradio3_9Minimal = throw "gnuradio3_9Minimal has been removed because it is not compatible with the latest volk and it had no dependent packages which justified it's distribution"; # Added 2024-07-28gnuradio3_9Packages = throw "gnuradio3_9Minimal has been removed because it is not compatible with the latest volk and it had no dependent packages which justified it's distribution"; # Added 2024-07-28gobby5 = throw "'gobby5' has been renamed to/replaced by 'gobby'"; # Converted to throw 2024-10-17+gradle_6 = throw "Gradle 6 has been removed, as it is end-of-life (https://endoflife.date/gradle) and has many vulnerabilities that are not resolved until Gradle 7."; # Added 2024-10-30+gradle_6-unwrapped = throw "Gradle 6 has been removed, as it is end-of-life (https://endoflife.date/gradle) and has many vulnerabilities that are not resolved until Gradle 7."; # Added 2024-10-30···+jd-cli = throw "jd-cli has been removed due to upstream being unmaintained since 2019. Other Java decompilers in Nixpkgs include bytecode-viewer (GUI), cfr (CLI), and procyon (CLI)."; # Added 2024-10-30+jd-gui = throw "jd-gui has been removed due to a dependency on the dead JCenter Bintray. Other Java decompilers in Nixpkgs include bytecode-viewer (GUI), cfr (CLI), and procyon (CLI)."; # Added 2024-10-30jsawk = throw "'jsawk' has been removed because it is unmaintained upstream"; # Added 2028-08-07···prometheus-openldap-exporter = throw "'prometheus-openldap-exporter' has been removed from nixpkgs, as it was unmaintained"; # Added 2024-09-01prometheus-minio-exporter = throw "'prometheus-minio-exporter' has been removed from nixpkgs, use Minio's built-in Prometheus integration instead"; # Added 2024-06-10+prometheus-tor-exporter = throw "'prometheus-tor-exporter' has been removed from nixpkgs, as it was broken and unmaintained"; # Added 2024-10-30
+1
-20
pkgs/top-level/all-packages.nix
+1
-20
pkgs/top-level/all-packages.nix
···············prometheus-surfboard-exporter = callPackage ../servers/monitoring/prometheus/surfboard-exporter.nix { };prometheus-systemd-exporter = callPackage ../servers/monitoring/prometheus/systemd-exporter.nix { };-prometheus-tor-exporter = callPackage ../servers/monitoring/prometheus/tor-exporter.nix { };prometheus-unbound-exporter = callPackage ../servers/monitoring/prometheus/unbound-exporter.nix { };prometheus-v2ray-exporter = callPackage ../servers/monitoring/prometheus/v2ray-exporter.nix { };prometheus-varnish-exporter = callPackage ../servers/monitoring/prometheus/varnish-exporter.nix { };···
···············prometheus-surfboard-exporter = callPackage ../servers/monitoring/prometheus/surfboard-exporter.nix { };prometheus-systemd-exporter = callPackage ../servers/monitoring/prometheus/systemd-exporter.nix { };prometheus-unbound-exporter = callPackage ../servers/monitoring/prometheus/unbound-exporter.nix { };prometheus-v2ray-exporter = callPackage ../servers/monitoring/prometheus/v2ray-exporter.nix { };prometheus-varnish-exporter = callPackage ../servers/monitoring/prometheus/varnish-exporter.nix { };···
+8
pkgs/top-level/python-packages.nix
+8
pkgs/top-level/python-packages.nix
·········sphinx-jupyterbook-latex = callPackage ../development/python-modules/sphinx-jupyterbook-latex { };sphinx-multitoc-numbering = callPackage ../development/python-modules/sphinx-multitoc-numbering { };···
·········sphinx-jupyterbook-latex = callPackage ../development/python-modules/sphinx-jupyterbook-latex { };sphinx-multitoc-numbering = callPackage ../development/python-modules/sphinx-multitoc-numbering { };···