diff --git a/pkgs/applications/editors/emacs/sources.nix b/pkgs/applications/editors/emacs/sources.nix index 37bab4923bfc3..aa73fa29b0d19 100644 --- a/pkgs/applications/editors/emacs/sources.nix +++ b/pkgs/applications/editors/emacs/sources.nix @@ -77,10 +77,10 @@ in emacs29 = import ./make-emacs.nix (mkArgs { pname = "emacs"; - version = "29.1"; + version = "29.2"; variant = "mainline"; - rev = "29.1"; - hash = "sha256-3HDCwtOKvkXwSULf3W7YgTz4GV8zvYnh2RrL28qzGKg="; + rev = "29.2"; + hash = "sha256-qSQmQzVyEGSr4GAI6rqnEwBvhl09D2D8MNasHqZQPL8="; }); emacs28-macport = import ./make-emacs.nix (mkArgs { diff --git a/pkgs/applications/graphics/ImageMagick/default.nix b/pkgs/applications/graphics/ImageMagick/default.nix index 8ac0496488895..b2d5dacb20fc4 100644 --- a/pkgs/applications/graphics/ImageMagick/default.nix +++ b/pkgs/applications/graphics/ImageMagick/default.nix @@ -49,13 +49,13 @@ in stdenv.mkDerivation (finalAttrs: { pname = "imagemagick"; - version = "7.1.1-25"; + version = "7.1.1-26"; src = fetchFromGitHub { owner = "ImageMagick"; repo = "ImageMagick"; rev = finalAttrs.version; - hash = "sha256-HKDeeh8DNj0y7wS4DqctXhmNaOqZ02JeBXRFrEpH0M4="; + hash = "sha256-diJhCRDT0SbAYZdBPoxZJWlrUW2Nz4/d7H0Nnybw0Yw="; }; outputs = [ "out" "dev" "doc" ]; # bin/ isn't really big diff --git a/pkgs/build-support/setup-hooks/auto-patchelf.sh b/pkgs/build-support/setup-hooks/auto-patchelf.sh index 371389df427bc..9f6366b3feaed 100644 --- a/pkgs/build-support/setup-hooks/auto-patchelf.sh +++ b/pkgs/build-support/setup-hooks/auto-patchelf.sh @@ -53,17 +53,30 @@ autoPatchelf() { esac done - readarray -td' ' ignoreMissingDepsArray < <(echo -n "$autoPatchelfIgnoreMissingDeps") - if [ "$autoPatchelfIgnoreMissingDeps" == "1" ]; then - echo "autoPatchelf: WARNING: setting 'autoPatchelfIgnoreMissingDeps" \ - "= true;' is deprecated and will be removed in a future release." \ - "Use 'autoPatchelfIgnoreMissingDeps = [ \"*\" ];' instead." >&2 - ignoreMissingDepsArray=( "*" ) + if [ -n "$__structuredAttrs" ]; then + local ignoreMissingDepsArray=( "${autoPatchelfIgnoreMissingDeps[@]}" ) + local appendRunpathsArray=( "${appendRunpaths[@]}" ) + local runtimeDependenciesArray=( "${runtimeDependencies[@]}" ) + local patchelfFlagsArray=( "${patchelfFlags[@]}" ) + else + readarray -td' ' ignoreMissingDepsArray < <(echo -n "$autoPatchelfIgnoreMissingDeps") + local appendRunpathsArray=($appendRunpaths) + local runtimeDependenciesArray=($runtimeDependencies) + local patchelfFlagsArray=($patchelfFlags) fi - local appendRunpathsArray=($appendRunpaths) - local runtimeDependenciesArray=($runtimeDependencies) - local patchelfFlagsArray=($patchelfFlags) + # Check if ignoreMissingDepsArray contains "1" and if so, replace it with + # "*", printing a deprecation warning. + for dep in "${ignoreMissingDepsArray[@]}"; do + if [ "$dep" == "1" ]; then + echo "autoPatchelf: WARNING: setting 'autoPatchelfIgnoreMissingDeps" \ + "= true;' is deprecated and will be removed in a future release." \ + "Use 'autoPatchelfIgnoreMissingDeps = [ \"*\" ];' instead." >&2 + ignoreMissingDepsArray=( "*" ) + break + fi + done + @pythonInterpreter@ @autoPatchelfScript@ \ ${norecurse:+--no-recurse} \ --ignore-missing "${ignoreMissingDepsArray[@]}" \ diff --git a/pkgs/by-name/al/alsa-ucm-conf/package.nix b/pkgs/by-name/al/alsa-ucm-conf/package.nix index b7203a7376387..cb3bf00a00380 100644 --- a/pkgs/by-name/al/alsa-ucm-conf/package.nix +++ b/pkgs/by-name/al/alsa-ucm-conf/package.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl }: +{ lib, stdenv, fetchurl, fetchpatch }: stdenv.mkDerivation rec { pname = "alsa-ucm-conf"; @@ -9,6 +9,16 @@ stdenv.mkDerivation rec { hash = "sha256-nCHj8B/wC6p1jfF+hnzTbiTrtBpr7ElzfpkQXhbyrpc="; }; + patches = [ + (fetchpatch { + # ToDo: Remove this patch in the next package upgrade + # Fixes SplitPCM to make some audio devices work with alsa-ucm-conf v1.2.10 again + name = "alsa-ucm-conf-splitpcm-device-argument-fix.patch"; + url = "https://github.com/alsa-project/alsa-ucm-conf/commit/b68aa52acdd2763fedad5eec0f435fbf43e5ccc6.patch"; + hash = "sha256-8WE4+uhi4W7cCSZYmL7uFpcHJ9muX09UkGXyZIpEd9I="; + }) + ]; + dontBuild = true; installPhase = '' diff --git a/pkgs/data/misc/shared-mime-info/default.nix b/pkgs/data/misc/shared-mime-info/default.nix index 8de13f2eaf368..6bad73e683927 100644 --- a/pkgs/data/misc/shared-mime-info/default.nix +++ b/pkgs/data/misc/shared-mime-info/default.nix @@ -1,7 +1,6 @@ { stdenv , lib , fetchFromGitLab -, fetchpatch , meson , ninja , pkg-config @@ -14,7 +13,7 @@ stdenv.mkDerivation rec { pname = "shared-mime-info"; - version = "2.3"; + version = "2.4"; outputs = [ "out" "dev" ]; @@ -23,15 +22,9 @@ stdenv.mkDerivation rec { owner = "xdg"; repo = pname; rev = version; - sha256 = "sha256-cEfknRVtOJykEO9Iqlb0UoiayYtu+ugvmmZqAD5cGnE="; + hash = "sha256-5eyMkfSBUOD7p8woIYTgz5C/L8uQMXyr0fhL0l23VMA="; }; - patches = [ - # Submitted upstream at - # https://gitlab.freedesktop.org/xdg/shared-mime-info/-/issues/211 - ./fix-clang-warnings.patch - ]; - nativeBuildInputs = [ meson ninja diff --git a/pkgs/data/misc/shared-mime-info/fix-clang-warnings.patch b/pkgs/data/misc/shared-mime-info/fix-clang-warnings.patch deleted file mode 100644 index 2d185549c4e6b..0000000000000 --- a/pkgs/data/misc/shared-mime-info/fix-clang-warnings.patch +++ /dev/null @@ -1,31 +0,0 @@ -diff --git a/meson.build b/meson.build -index 1780c44..7998a51 100644 ---- a/meson.build -+++ b/meson.build -@@ -49,12 +49,7 @@ endif - ############################################################################### - # Dependencies - --check_functions = [ -- 'fdatasync', --] --foreach function : check_functions -- config.set('HAVE_'+function.to_upper(), cc.has_function(function)) --endforeach -+config.set('HAVE_FDATASYNC', cc.has_function('fdatasync', prefix: '#include ')) - - - if get_option('build-translations') -diff --git a/src/update-mime-database.cpp b/src/update-mime-database.cpp -index 733ba06..4ca6d06 100644 ---- a/src/update-mime-database.cpp -+++ b/src/update-mime-database.cpp -@@ -2158,7 +2158,7 @@ static void check_in_path_xdg_data(const char *mime_path) - - env = getenv("XDG_DATA_DIRS"); - if (!env) -- env = "/usr/local/share/"PATH_SEPARATOR"/usr/share/"; -+ env = "/usr/local/share/" PATH_SEPARATOR "/usr/share/"; - dirs = g_strsplit(env, PATH_SEPARATOR, 0); - g_return_if_fail(dirs != NULL); - for (n = 0; dirs[n]; n++) diff --git a/pkgs/development/compilers/llvm/15/libcxx/default.nix b/pkgs/development/compilers/llvm/15/libcxx/default.nix index ed5f48e8c38fe..be56770039d80 100644 --- a/pkgs/development/compilers/llvm/15/libcxx/default.nix +++ b/pkgs/development/compilers/llvm/15/libcxx/default.nix @@ -56,6 +56,14 @@ stdenv.mkDerivation rec { hash = "sha256-AaM9A6tQ4YAw7uDqCIV4VaiUyLZv+unwcOqbakwW9/k="; relative = "libcxx"; }) + # fix for https://github.com/NixOS/nixpkgs/issues/269548 + # https://github.com/llvm/llvm-project/pull/77218 + (fetchpatch { + name = "darwin-system-libcxxabi-link-flags.patch"; + url = "https://github.com/llvm/llvm-project/commit/c5b89b29ee6e3c444a355fd1cf733ce7ab2e316a.patch"; + hash = "sha256-LNoPg1KCoP8RWxU/AzHR52f4Dww24I9BGQJedMhFxyQ="; + relative = "libcxx"; + }) ] ++ lib.optionals stdenv.hostPlatform.isMusl [ ../../libcxx-0001-musl-hacks.patch ]; diff --git a/pkgs/development/compilers/llvm/16/libcxx/default.nix b/pkgs/development/compilers/llvm/16/libcxx/default.nix index 78cd632024cda..d6c8c57c17437 100644 --- a/pkgs/development/compilers/llvm/16/libcxx/default.nix +++ b/pkgs/development/compilers/llvm/16/libcxx/default.nix @@ -1,5 +1,5 @@ { lib, stdenv, llvm_meta -, monorepoSrc, runCommand +, monorepoSrc, runCommand, fetchpatch , cmake, ninja, python3, fixDarwinDylibNames, version , cxxabi ? if stdenv.hostPlatform.isFreeBSD then libcxxrt else libcxxabi , libcxxabi, libcxxrt, libunwind @@ -47,6 +47,14 @@ stdenv.mkDerivation rec { patches = [ ./gnu-install-dirs.patch + # fix for https://github.com/NixOS/nixpkgs/issues/269548 + # https://github.com/llvm/llvm-project/pull/77218 + (fetchpatch { + name = "darwin-system-libcxxabi-link-flags.patch"; + url = "https://github.com/llvm/llvm-project/commit/c5b89b29ee6e3c444a355fd1cf733ce7ab2e316a.patch"; + hash = "sha256-LNoPg1KCoP8RWxU/AzHR52f4Dww24I9BGQJedMhFxyQ="; + relative = "libcxx"; + }) ]; postPatch = '' diff --git a/pkgs/development/compilers/llvm/17/libcxx/default.nix b/pkgs/development/compilers/llvm/17/libcxx/default.nix index 7b99966416638..8a5272ea07af0 100644 --- a/pkgs/development/compilers/llvm/17/libcxx/default.nix +++ b/pkgs/development/compilers/llvm/17/libcxx/default.nix @@ -1,5 +1,5 @@ { lib, stdenv, llvm_meta -, monorepoSrc, runCommand +, monorepoSrc, runCommand, fetchpatch , cmake, ninja, python3, fixDarwinDylibNames, version , cxxabi ? if stdenv.hostPlatform.isFreeBSD then libcxxrt else libcxxabi , libcxxabi, libcxxrt, libunwind @@ -45,6 +45,17 @@ stdenv.mkDerivation rec { chmod -R u+w . ''; + patches = [ + # fix for https://github.com/NixOS/nixpkgs/issues/269548 + # https://github.com/llvm/llvm-project/pull/77218 + (fetchpatch { + name = "darwin-system-libcxxabi-link-flags.patch"; + url = "https://github.com/llvm/llvm-project/commit/c5b89b29ee6e3c444a355fd1cf733ce7ab2e316a.patch"; + hash = "sha256-LNoPg1KCoP8RWxU/AzHR52f4Dww24I9BGQJedMhFxyQ="; + relative = "libcxx"; + }) + ]; + postPatch = '' cd ../runtimes ''; diff --git a/pkgs/development/compilers/llvm/git/libcxx/default.nix b/pkgs/development/compilers/llvm/git/libcxx/default.nix index 7b99966416638..8a5272ea07af0 100644 --- a/pkgs/development/compilers/llvm/git/libcxx/default.nix +++ b/pkgs/development/compilers/llvm/git/libcxx/default.nix @@ -1,5 +1,5 @@ { lib, stdenv, llvm_meta -, monorepoSrc, runCommand +, monorepoSrc, runCommand, fetchpatch , cmake, ninja, python3, fixDarwinDylibNames, version , cxxabi ? if stdenv.hostPlatform.isFreeBSD then libcxxrt else libcxxabi , libcxxabi, libcxxrt, libunwind @@ -45,6 +45,17 @@ stdenv.mkDerivation rec { chmod -R u+w . ''; + patches = [ + # fix for https://github.com/NixOS/nixpkgs/issues/269548 + # https://github.com/llvm/llvm-project/pull/77218 + (fetchpatch { + name = "darwin-system-libcxxabi-link-flags.patch"; + url = "https://github.com/llvm/llvm-project/commit/c5b89b29ee6e3c444a355fd1cf733ce7ab2e316a.patch"; + hash = "sha256-LNoPg1KCoP8RWxU/AzHR52f4Dww24I9BGQJedMhFxyQ="; + relative = "libcxx"; + }) + ]; + postPatch = '' cd ../runtimes ''; diff --git a/pkgs/development/libraries/gnutls/default.nix b/pkgs/development/libraries/gnutls/default.nix index bbbdf19a19095..b8c95653e366b 100644 --- a/pkgs/development/libraries/gnutls/default.nix +++ b/pkgs/development/libraries/gnutls/default.nix @@ -35,11 +35,11 @@ in stdenv.mkDerivation rec { pname = "gnutls"; - version = "3.8.2"; + version = "3.8.3"; src = fetchurl { url = "mirror://gnupg/gnutls/v${lib.versions.majorMinor version}/gnutls-${version}.tar.xz"; - hash = "sha256-52XlAW/6m53SQ+NjoEYNV3B0RE7iSRJn2y6WycKt73c="; + hash = "sha256-90/FlUsn1Oxt+7Ed6ph4iLWxJCiaNwOvytoO5SD0Fz4="; }; outputs = [ "bin" "dev" "out" "man" "devdoc" ]; diff --git a/pkgs/development/libraries/gtk/3.x.nix b/pkgs/development/libraries/gtk/3.x.nix index 27afba7833e8a..c244414c55087 100644 --- a/pkgs/development/libraries/gtk/3.x.nix +++ b/pkgs/development/libraries/gtk/3.x.nix @@ -64,7 +64,7 @@ in stdenv.mkDerivation (finalAttrs: { pname = "gtk+3"; - version = "3.24.38"; + version = "3.24.39"; outputs = [ "out" "dev" ] ++ lib.optional withIntrospection "devdoc"; outputBin = "dev"; @@ -78,7 +78,7 @@ stdenv.mkDerivation (finalAttrs: { inherit (finalAttrs) version; in fetchurl { url = "mirror://gnome/sources/gtk+/${lib.versions.majorMinor version}/gtk+-${version}.tar.xz"; - sha256 = "sha256-zhHezwGLJb3YUFVEpPhyQoVOyIvgVNmt5fOiBETdjuc="; + sha256 = "sha256-HKw+VmubLzZTpFjAjC3N/cqfkIA3rAPJ2FZLQpV3jXk="; }; patches = [ diff --git a/pkgs/development/libraries/libdrm/default.nix b/pkgs/development/libraries/libdrm/default.nix index 63a8522bd073c..a7ead8f227472 100644 --- a/pkgs/development/libraries/libdrm/default.nix +++ b/pkgs/development/libraries/libdrm/default.nix @@ -6,11 +6,11 @@ stdenv.mkDerivation rec { pname = "libdrm"; - version = "2.4.117"; + version = "2.4.118"; src = fetchurl { url = "https://dri.freedesktop.org/${pname}/${pname}-${version}.tar.xz"; - hash = "sha256-ooiNaePrHIp3rcCKdaYPuuAfDSCNJvA00aEuNiNhJCs="; + hash = "sha256-p3e9hfK1/JxX+IbIIFgwBXgxfK/bx30Kdp1+mpVnq4g="; }; outputs = [ "out" "dev" "bin" ]; diff --git a/pkgs/development/libraries/libzip/default.nix b/pkgs/development/libraries/libzip/default.nix index 14e2f44808242..b343184760330 100644 --- a/pkgs/development/libraries/libzip/default.nix +++ b/pkgs/development/libraries/libzip/default.nix @@ -1,5 +1,6 @@ { lib, stdenv , cmake +, fetchpatch2 , fetchurl , perl , zlib @@ -24,6 +25,15 @@ stdenv.mkDerivation (finalAttrs: { sha256 = "sha256-lmmuXf46xbOJdTbchGaodMjPLA47H90I11snOIQpk2M="; }; + patches = [ + # https://github.com/nih-at/libzip/issues/404 + (fetchpatch2 { + name = "Check-for-zstd_TARGET-before-using-it-in-a-regex.patch"; + url = "https://github.com/nih-at/libzip/commit/c719428916b4d19e838f873b1a177b126a080d61.patch"; + hash = "sha256-4ksbXEM8kNvs3wtbIaXLEQNSKaxl0es/sIg0EINaTHE="; + }) + ]; + outputs = [ "out" "dev" "man" ]; nativeBuildInputs = [ cmake perl groff ]; diff --git a/pkgs/development/libraries/pipewire/default.nix b/pkgs/development/libraries/pipewire/default.nix index fa5cb97b214fa..0d1e3b03a09a8 100644 --- a/pkgs/development/libraries/pipewire/default.nix +++ b/pkgs/development/libraries/pipewire/default.nix @@ -81,7 +81,7 @@ let self = stdenv.mkDerivation rec { pname = "pipewire"; - version = "1.0.0"; + version = "1.0.1"; outputs = [ "out" @@ -97,7 +97,7 @@ let owner = "pipewire"; repo = "pipewire"; rev = version; - sha256 = "sha256-mfnMluxJAxDbB6JlIM6HJ0zg7e1q3ia3uFbht6zeHCk="; + sha256 = "sha256-rvf0sZRgDDLcqroLg7hcMUqXD/4JT+3lBRX6/m+3Ry8="; }; patches = [ diff --git a/pkgs/development/libraries/readline/8.2.nix b/pkgs/development/libraries/readline/8.2.nix index 274938145ccd8..72e3370576e72 100644 --- a/pkgs/development/libraries/readline/8.2.nix +++ b/pkgs/development/libraries/readline/8.2.nix @@ -54,9 +54,9 @@ stdenv.mkDerivation rec { }) (fetchpatch { name = "0003-fd_set.patch"; - url = "https://github.com/msys2/MINGW-packages/raw/90e7536e3b9c3af55c336d929cfcc32468b2f135/mingw-w64-readline/0003-fd_set.patch"; + url = "https://github.com/msys2/MINGW-packages/raw/35830ab27e5ed35c2a8d486961ab607109f5af50/mingw-w64-readline/0003-fd_set.patch"; stripLen = 1; - hash = "sha256-MlsX5JYp1PHD25uuVnDKJWEquegUN3dkj9fhjQX51/M="; + hash = "sha256-UiaXZRPjKecpSaflBMCphI2kqOlcz1JkymlCrtpMng4="; }) (fetchpatch { name = "0004-locale.patch"; diff --git a/pkgs/development/libraries/readline/readline-8.2-patches.nix b/pkgs/development/libraries/readline/readline-8.2-patches.nix index 48d2bd14badb0..bc075df237c7b 100644 --- a/pkgs/development/libraries/readline/readline-8.2-patches.nix +++ b/pkgs/development/libraries/readline/readline-8.2-patches.nix @@ -2,4 +2,10 @@ patch: [ (patch "001" "1xxgfgr6hn3ads8m8xsrdi1kbx1f3s69k0danpd9x4haqhg7zydv") +(patch "002" "0ly0siy6qy3l7hv12847adpfa34yq1w4qz9qkw6vrxv25j106rg0") +(patch "003" "1c5cwvvkx9mfmpaapymq9cavmzh4fnagkjlchsqx4vml8sx8gx94") +(patch "004" "1b15sndx9v5vj3x1f3h73099nlagknx4rbfpd5ldrbw2xgm2wmvr") +(patch "005" "16ac25jz1a1mgkpfp1sydqf6qpsfh0s0dcmrnjpqbhg5va3s6av2") +(patch "006" "18gmh6y3klh0vv28cyqz4is3rlb32pl7f1kf5r482kfjq3w5zd67") +(patch "007" "1xmnpahs983n4w0gn3j0wr8nh1dpva33yj7fvfmhm46ph2wsa4ar") ] diff --git a/pkgs/development/python-modules/fonttools/default.nix b/pkgs/development/python-modules/fonttools/default.nix index 3c167debba37c..07f60371d96b9 100644 --- a/pkgs/development/python-modules/fonttools/default.nix +++ b/pkgs/development/python-modules/fonttools/default.nix @@ -4,6 +4,7 @@ , pythonOlder , isPyPy , fetchFromGitHub +, fetchpatch , setuptools-scm , fs , lxml @@ -36,6 +37,14 @@ buildPythonPackage rec { hash = "sha256-fcFFJi9Hr0m74LwFIhhhm/bMfxepAvg4/ymU53MmsPg="; }; + patches = [ + (fetchpatch { + name = "CVE-2023-45139.patch"; + url = "https://github.com/fonttools/fonttools/commit/9f61271dc1ca82ed91f529b130fe5dc5c9bf1f4c.patch"; + hash = "sha256-29OB21B8S4hGZlvNJnOTYTFAmEii+z5oK6tycoK3PXc="; + }) + ]; + nativeBuildInputs = [ setuptools-scm ]; passthru.optional-dependencies = let diff --git a/pkgs/development/python-modules/jinja2/default.nix b/pkgs/development/python-modules/jinja2/default.nix index 1fb7b26db5b3b..e3328c7d766fb 100644 --- a/pkgs/development/python-modules/jinja2/default.nix +++ b/pkgs/development/python-modules/jinja2/default.nix @@ -15,14 +15,14 @@ buildPythonPackage rec { pname = "Jinja2"; - version = "3.1.2"; + version = "3.1.3"; outputs = [ "out" ] ++ lib.optional enableDocumentation "doc"; disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - hash = "sha256-MTUacCpAip51laj8YVD8P0O7a/fjGXcMvA2535Q36FI="; + hash = "sha256-rIvWVE1Lssl5K/OhWegLuo/afwfoG8Ou1WVDLVklupA="; }; patches = lib.optionals enableDocumentation [ ./patches/import-order.patch ]; diff --git a/pkgs/os-specific/linux/bluez/default.nix b/pkgs/os-specific/linux/bluez/default.nix index af3e4391f75db..d864f30096d7c 100644 --- a/pkgs/os-specific/linux/bluez/default.nix +++ b/pkgs/os-specific/linux/bluez/default.nix @@ -36,6 +36,12 @@ in stdenv.mkDerivation rec { url = "https://git.alpinelinux.org/aports/plain/main/bluez/max-input.patch?id=32b31b484cb13009bd8081c4106e4cf064ec2f1f"; sha256 = "sha256-SczbXtsxBkCO+izH8XOBcrJEO2f7MdtYVT3+2fCV8wU="; }) + # Fix device pairing regression + # FIXME: remove in next release + (fetchpatch { + url = "https://github.com/bluez/bluez/commit/3a9c637010f8dc1ba3e8382abe01065761d4f5bb.patch"; + hash = "sha256-UUmYMHnxYrw663nEEC2mv3zj5e0omkLNejmmPUtgS3c="; + }) # CVE-2023-45866 / https://github.com/skysafe/reblog/tree/main/cve-2023-45866 (fetchpatch { name = "CVE-2023-45866.patch"; diff --git a/pkgs/servers/nosql/redis/default.nix b/pkgs/servers/nosql/redis/default.nix index c3ac0ebbf969b..8fd23ae186c48 100644 --- a/pkgs/servers/nosql/redis/default.nix +++ b/pkgs/servers/nosql/redis/default.nix @@ -12,11 +12,11 @@ stdenv.mkDerivation (finalAttrs: { pname = "redis"; - version = "7.2.3"; + version = "7.2.4"; src = fetchurl { url = "https://download.redis.io/releases/redis-${finalAttrs.version}.tar.gz"; - hash = "sha256-PisZbW603bnnQwiL/CkVzLtC1A9aij7djLaccW7DS+c="; + hash = "sha256-jRBMJqFUsp/WfWVotPN1ISISrUHgwsqj1mSA5429O1k="; }; patches = lib.optionals useSystemJemalloc [ diff --git a/pkgs/test/auto-patchelf-hook/default.nix b/pkgs/test/auto-patchelf-hook/default.nix new file mode 100644 index 0000000000000..6e05e729fba84 --- /dev/null +++ b/pkgs/test/auto-patchelf-hook/default.nix @@ -0,0 +1,6 @@ +{ lib, callPackage }: + +lib.recurseIntoAttrs { + withStructuredAttrs = callPackage ./package.nix { __structuredAttrs = true; }; + withoutStructuredAttrs = callPackage ./package.nix { __structuredAttrs = false; }; +} diff --git a/pkgs/test/auto-patchelf-hook/package.nix b/pkgs/test/auto-patchelf-hook/package.nix new file mode 100644 index 0000000000000..be03ee68c0391 --- /dev/null +++ b/pkgs/test/auto-patchelf-hook/package.nix @@ -0,0 +1,96 @@ +# This is a test for autoPatchelfHook. To test it, we just need a simple binary +# which uses the hook. We took the derivation from tonelib-jam, which sounds +# like a good candidate with a small closure, and trimmed it down. + +{ stdenv +, lib +, fetchurl +, autoPatchelfHook +, dpkg +, freetype +, curl +# This test checks that the behavior of autoPatchelfHook is correct whether +# __structuredAttrs +# (https://nixos.org/manual/nix/stable/language/advanced-attributes#adv-attr-structuredAttrs) +# is set or not. Hence __structuredAttrs is provided as a parameter. +, __structuredAttrs +}: + +let runtimeDependencies = [ + (lib.getLib curl) + "/some/dep" + "/some/other/dep" +] +# A dependency with space only works with __structuredAttrs set to true. +++ lib.lists.optional __structuredAttrs "/some/dep with space"; +in + +stdenv.mkDerivation { + name = "auto-patchelf-test"; + + src = fetchurl { + url = "https://tonelib.net/download/221222/ToneLib-Jam-amd64.deb"; + sha256 = "sha256-c6At2lRPngQPpE7O+VY/Hsfw+QfIb3COIuHfbqqIEuM="; + }; + + unpackCmd = '' + dpkg -x $curSrc source + ''; + + nativeBuildInputs = [ + dpkg + autoPatchelfHook + ]; + + installPhase = '' + mv usr $out + ''; + + buildInputs = [ + freetype + ]; + + autoPatchelfIgnoreMissingDeps = [ + "libGL.so.1" + "libasound.so.2" + ]; + + inherit runtimeDependencies; + + # Additional phase performing the actual test. + installCheckPhase = + let allDeps = runtimeDependencies ++ [ (lib.getLib freetype) ]; + in + '' + local binary="$out/bin/ToneLib-Jam" + local interpreter=$(patchelf --print-interpreter $binary) + local runpath=$(patchelf --print-rpath $binary) + local glibcStorePath="${stdenv.cc.libc}" + + # Check that the glibc path is a prefix of the interpreter. If + # autoPatchelfHook ran correctly, the binary should have set the interpreter + # to point to the store. + echo "[auto-patchelf-hook-test]: Check that the interpreter is in the store" + test "''${interpreter#$glibcStorePath}" != "$interpreter" + + readarray -td':' runpathArray < <(echo -n "$runpath") + + echo "[auto-patchelf-hook-test]: Check that the runpath has the right number of entries" + test "''${#runpathArray[@]}" -eq ${builtins.toString (builtins.length allDeps)} + + echo "[auto-patchelf-hook-test]: Check that the runpath contains the expected runtime deps" + '' + + lib.strings.concatStringsSep "\n" + (lib.lists.imap0 + (i: path: + let iAsStr = builtins.toString i; in + '' + echo "[auto-patchelf-hook-test]: Check that entry ${iAsStr} is ${path}" + test "''${paths[${iAsStr}]}" = "$path" + '') + allDeps + ); + + doInstallCheck = true; + inherit __structuredAttrs; +} diff --git a/pkgs/test/default.nix b/pkgs/test/default.nix index 097749e218b4e..741cc562763e9 100644 --- a/pkgs/test/default.nix +++ b/pkgs/test/default.nix @@ -173,4 +173,6 @@ with pkgs; pkgs-lib = recurseIntoAttrs (import ../pkgs-lib/tests { inherit pkgs; }); nixpkgs-check-by-name = callPackage ./nixpkgs-check-by-name { }; + + auto-patchelf-hook = callPackage ./auto-patchelf-hook { }; } diff --git a/pkgs/tools/package-management/nix/common.nix b/pkgs/tools/package-management/nix/common.nix index 7aa7b1cc1a1da..11fb90ee1a9f2 100644 --- a/pkgs/tools/package-management/nix/common.nix +++ b/pkgs/tools/package-management/nix/common.nix @@ -216,7 +216,7 @@ self = stdenv.mkDerivation { # Prevent crashes in libcurl due to invoking Objective-C `+initialize` methods after `fork`. # See http://sealiesoftware.com/blog/archive/2017/6/5/Objective-C_and_fork_in_macOS_1013.html. + lib.optionalString stdenv.isDarwin '' - export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=yes + export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=YES '' # See https://github.com/NixOS/nix/issues/5687 + lib.optionalString (atLeast25 && stdenv.isDarwin) ''