Skip to content

gnupg24: add freepg patches#368275

Merged
emilazy merged 1 commit intoNixOS:stagingfrom
stigtsp:gnupg-freepg
Jan 5, 2025
Merged

gnupg24: add freepg patches#368275
emilazy merged 1 commit intoNixOS:stagingfrom
stigtsp:gnupg-freepg

Conversation

@stigtsp
Copy link
Member

@stigtsp stigtsp commented Dec 26, 2024
edited
Loading

Add patches to GnuPG 2.4 from FreePG, a common resource for GnuPG downstream packagers to track, maintain, and apply commonly-used patches for GnuPG that have been refused by upstream.

The purpose of adding these patches to nixpkgs is to ensure compatibility with other OpenPGP tools.

https://gitlab.com/freepg/gnupg/

Arch Linux is also doing the same:
https://gitlab.archlinux.org/archlinux/packaging/packages/gnupg/-/merge_requests/8

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 25.05 Release Notes (or backporting 24.11 and 25.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 👍 reaction to pull requests you find important.

@github-actions github-actions bot added 10.rebuild-darwin: 101-500 This PR causes between 101 and 500 packages to rebuild on Darwin. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. labels Dec 26, 2024
@ofborg ofborg bot requested a review from fpletz December 26, 2024 09:58
@ofborg ofborg bot added 11.by: package-maintainer This PR was created by a maintainer of all the package it changes. 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 501-1000 This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. and removed 10.rebuild-darwin: 101-500 This PR causes between 101 and 500 packages to rebuild on Darwin. labels Dec 26, 2024
@github-actions github-actions bot added 10.rebuild-darwin: 101-500 This PR causes between 101 and 500 packages to rebuild on Darwin. and removed 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 501-1000 This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. labels Dec 26, 2024
@ofborg ofborg bot added 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 501-1000 This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. and removed 10.rebuild-darwin: 101-500 This PR causes between 101 and 500 packages to rebuild on Darwin. labels Dec 26, 2024
@stigtsp stigtsp changed the base branch from master to staging December 26, 2024 16:49
@ofborg ofborg bot added the 2.status: merge conflict This PR has merge conflicts with the target branch label Dec 26, 2024
@github-actions github-actions bot added 10.rebuild-darwin: 101-500 This PR causes between 101 and 500 packages to rebuild on Darwin. and removed 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 501-1000 This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. labels Dec 29, 2024
@stigtsp stigtsp force-pushed the gnupg-freepg branch 2 times, most recently from ca54d44 to 7ac027e Compare December 29, 2024 18:02
@fpletz fpletz removed the 2.status: merge conflict This PR has merge conflicts with the target branch label Dec 29, 2024
fpletz
fpletz approved these changes Dec 29, 2024
View reviewed changes
Copy link
Member

@fpletz fpletz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Haven't tested this yet but 👍 on introducing the freepg patches.

@stigtsp
gnupg24: add freepg patches
0d7cdd8 
Add patches to GnuPG 2.4 from FreePG, a common resource for GnuPG
downstream packagers to track, maintain, and apply commonly-used patches
for GnuPG that have been refused by upstream.

The purpose of adding these patches to nixpkgs is to ensure
compatibility with other OpenPGP tools.

https://gitlab.com/freepg/gnupg/
@stigtsp stigtsp marked this pull request as ready for review December 29, 2024 18:39
@ofborg ofborg bot requested a review from fpletz December 30, 2024 02:46
@ofborg ofborg bot added 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 501-1000 This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. and removed 10.rebuild-darwin: 101-500 This PR causes between 101 and 500 packages to rebuild on Darwin. labels Dec 30, 2024
emilazy
emilazy approved these changes Jan 5, 2025
View reviewed changes
Copy link
Member

@emilazy emilazy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sad that this is necessary, but I agree that it’s a good idea. I’ve confirmed the build on x86_64-darwin (rebased on top of master). Two non‐blocking comments for the future.

pkgs/tools/security/gnupg/24.nix
domain = "gitlab.com";
owner = "freepg";
repo = "gnupg";
rev = "541772915dc4ec832c37f85bc629a22051f0e8f7";
Copy link
Member

@emilazy emilazy Jan 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Upstream have tags corresponding to GnuPG releases; it would be nice if we could convince them to also tag the branch with the patch files in them in future. Or we could just source directly from their patched tags.

pkgs/tools/security/gnupg/24.nix
Comment on lines +86 to +94
"0002-gpg-accept-subkeys-with-a-good-revocation-but-no-sel.patch"
"0003-gpg-allow-import-of-previously-known-keys-even-witho.patch"
"0004-tests-add-test-cases-for-import-without-uid.patch"
"0005-gpg-drop-import-clean-from-default-keyserver-import-.patch"
"0006-Do-not-use-OCB-mode-even-if-AEAD-OCB-key-preference-.patch"
"0007-Revert-the-introduction-of-the-RFC4880bis-draft-into.patch"
"0008-avoid-systemd-deprecation-warning.patch"
"0009-Add-systemd-support-for-keyboxd.patch"
"0010-doc-Remove-profile-and-systemd-example-files.patch"
Copy link
Member

@emilazy emilazy Jan 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don’t know if globs work here, but if not perhaps we could do it manually in postPatch instead, to ensure that we never miss a new patch.

@emilazy emilazy merged commit 093ec45 into NixOS:staging Jan 5, 2025
4 of 5 checks passed
@x10an14 x10an14 mentioned this pull request Feb 15, 2025
Closed
14 tasks
@DvdGiessen DvdGiessen mentioned this pull request Sep 12, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@emilazy emilazy emilazy approved these changes

@fpletz fpletz Awaiting requested review from fpletz

Assignees

No one assigned

Labels

10.rebuild-darwin: 501-1000 This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-darwin: 501+ This PR causes many rebuilds on Darwin and should normally target the staging branches. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 5001+ This PR causes many rebuilds on Linux and must target the staging branches. 11.by: package-maintainer This PR was created by a maintainer of all the package it changes.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@stigtsp @fpletz @emilazy