Skip to content
This repository was archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 8634c3b61990
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 1c6bdbc766e9
Choose a head ref
13 contributors

Commits on Jun 22, 2019

  1. bzip2: patch CVE-2019-12900 

    The vulnerability seems quite serious.
It isn't practical to use fetchpatch here due to bootstrapping,
so I just committed the small patch file.

(cherry picked from commit 4fd6cb7)
    @vcunat
    vcunat committed Jun 22, 2019
    Copy the full SHA
    d7366bb View commit details

  2. Merge branch 'release-19.03' into staging-19.03

    @vcunat
    vcunat committed Jun 22, 2019
    Copy the full SHA
    b41ca72 View commit details

Commits on Jun 24, 2019

  1. nixos: add hardware/network/intel-2200bg.nix to module-list 

    this is referenced by nixos-generate-config.pl. See
NixOS/nixpkgs#63091 for more discussion.

(cherry picked from commit 8768d1c)
    @matthewbauer
    matthewbauer committed Jun 24, 2019
    Copy the full SHA
    d5a3e5f View commit details

  2. Merge branch 'staging-19.03' into release-19.03

    @vcunat
    vcunat committed Jun 24, 2019
    Copy the full SHA
    47d7882 View commit details

  3. tomcat9: 9.0.13 -> 9.0.21

    @danbst
    Johan Thomsen authored and danbst committed Jun 24, 2019
    Copy the full SHA
    c3446ff View commit details

  4. tomcat85: 8.5.35 -> 8.5.42

    @danbst
    Johan Thomsen authored and danbst committed Jun 24, 2019
    Copy the full SHA
    53346d7 View commit details

  5. mkshell: improve mergeInputs 

    mergeInputs is now simply defined in terms of `concatLists` and
`catAttrs` instead of a more complicated `foldr`.

Note that the order of PATH has also changed. For example running the
following with nix-shell:

  let
    pkgs = import <nixpkgs> {};

    shell1 = pkgs.mkShell {
      buildInputs = [ pkgs.htop ];
    };

    shell2 = pkgs.mkShell {
      buildInputs = [ pkgs.hello ];
    };

    shell3 = pkgs.mkShell {
      inputsFrom = [ shell1 shell2 ];
      buildInputs = [ pkgs.tree ];
    };

  in shell3

Results in the following PATH:

$ echo $PATH
...
/nix/store/yifq4bikf7m07160bpia7z48ciqddbfi-tree-1.8.0/bin:
/nix/store/vhxqk81234ivqw1a7j200a1c69k8mywi-htop-2.2.0/bin:
/nix/store/n9vm3m58y1n3rg3mlll17wanc9hln58k-hello-2.10/bin
...

Previously the order was:

/nix/store/n9vm3m58y1n3rg3mlll17wanc9hln58k-hello-2.10/bin
/nix/store/vhxqk81234ivqw1a7j200a1c69k8mywi-htop-2.2.0/bin:
/nix/store/yifq4bikf7m07160bpia7z48ciqddbfi-tree-1.8.0/bin:

I think the new order makes more sense because it allows to override
the PATH in the outermost mkShell.

(cherry picked from commit cee3573)
    @basvandijk
    basvandijk committed Jun 24, 2019
    Copy the full SHA
    e65b6ff View commit details

  6. mkShell: compose shellHooks 

    Running the following expression with nix-shell:

  let
    pkgs = import <nixpkgs> {};

    shell1 = pkgs.mkShell {
      shellHook = ''
        echo shell1
      '';
    };

    shell2 = pkgs.mkShell {
      shellHook = ''
        echo shell2
      '';
    };

    shell3 = pkgs.mkShell {
      inputsFrom = [ shell1 shell2 ];
      shellHook = ''
        echo shell3
      '';
    };
  in shell3

Will now results in:
shell2
shell1
shell3

Note that packages in the front of inputsFrom have precedence over
packages in the back. The outermost mkShell has precedence over all.

(cherry picked from commit 76ef802)
    @basvandijk
    basvandijk committed Jun 24, 2019
    Copy the full SHA
    0004631 View commit details

  7. Merge pull request #63718 from basvandijk/composable-mkshell-shellHoo… 

    …k-release-19.03

Backport "Improve composability of mkShell" to release-19.03
    @basvandijk
    basvandijk authored Jun 24, 2019
    Copy the full SHA
    13781ee View commit details

  8. Merge #63484: linux_5_0: remove 

    (cherry picked from commit 57b1f53)
    @alyssais @vcunat
    alyssais authored and vcunat committed Jun 24, 2019
    Copy the full SHA
    a383c37 View commit details

  9. duplicati: 2.0.3.3 -> 2.0.4.5 

    (cherry picked from commit 5a21a52)
Signed-off-by: Domen Kožar <domen@dev.si>
    @domenkozar
    domenkozar committed Jun 24, 2019
    Copy the full SHA
    01966e8 View commit details

  10. rambox: 0.6.6 -> 0.6.7 

    (cherry picked from commit c0abf3c)
    @andywhite37 @Mic92
    andywhite37 authored and Mic92 committed Jun 24, 2019
    Copy the full SHA
    531c448 View commit details

  11. rambox: 0.6.7 -> 0.6.9 

    (cherry picked from commit dce97da)
    @Mic92
    Mic92 committed Jun 24, 2019
    Copy the full SHA
    cb62916 View commit details

  12. journalwatch: fix pytest checks 

    (cherry picked from commit ee20ba83144551497fcecedca277f5de32e81c0c)

Reason: The more strict dependency handling of buildPythonPackage in
19.03 uncovered the error of having pytest as buildInput instead of
checkInput, which leads to a broken package on 19.03.
    @florianjacob
    florianjacob committed Jun 24, 2019
    Copy the full SHA
    dbccbd5 View commit details

  13. Merge pull request #63742 from florianjacob/backport-journalwatch 

    journalwatch: fix pytest checks
    @worldofpeace
    worldofpeace authored Jun 24, 2019
    Copy the full SHA
    fb8abc9 View commit details

Commits on Jun 25, 2019

  1. rambox: 0.6.6 -> 0.6.9 (19.03 backport) (#63737) 

    rambox: 0.6.6 -> 0.6.9 (19.03 backport)
    @Mic92
    Mic92 authored Jun 25, 2019
    Copy the full SHA
    1dafc1e View commit details

  2. duplicati: allow changing the user 

    (cherry picked from commit e8916cc)
Signed-off-by: Domen Kožar <domen@dev.si>
    @domenkozar
    domenkozar committed Jun 25, 2019
    Copy the full SHA
    0c6161e View commit details

  3. linux: 4.14.129 -> 4.14.130

    @NeQuissimus
    NeQuissimus committed Jun 25, 2019
    Copy the full SHA
    c18d73f View commit details

  4. linux: 4.19.55 -> 4.19.56

    @NeQuissimus
    NeQuissimus committed Jun 25, 2019
    Copy the full SHA
    066bf9f View commit details

  5. linux: 5.1.14 -> 5.1.15

    @NeQuissimus
    NeQuissimus committed Jun 25, 2019
    Copy the full SHA
    20c15d4 View commit details

Commits on Jun 26, 2019

  1. grafana: 6.2.4 -> 6.2.5 

    (cherry picked from commit d0683d4)
    @WilliButz @fpletz
    WilliButz authored and fpletz committed Jun 26, 2019
    Copy the full SHA
    1c6bdbc View commit details
1 change: 1 addition & 0 deletions nixos/modules/module-list.nix
View file
Original file line number Diff line number Diff line change
@@ -47,6 +47,7 @@
./hardware/ledger.nix
./hardware/mcelog.nix
./hardware/network/b43.nix
./hardware/network/intel-2200bg.nix
./hardware/nitrokey.nix
./hardware/opengl.nix
./hardware/pcmcia.nix
18 changes: 16 additions & 2 deletions nixos/modules/services/backup/duplicati.nix
View file
Original file line number Diff line number Diff line change
@@ -26,6 +26,15 @@ in
Set it to "any" to listen on all available interfaces
'';
};

user = mkOption {
default = "duplicati";
type = types.str;
description = ''
Duplicati runs as it's own user. It will only be able to backup world-readable files.
Run as root with special care.
'';
};
};
};

@@ -37,14 +46,19 @@ in
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = "duplicati";
User = cfg.user;
PermissionsStartOnly = true;
Group = "duplicati";
ExecStart = "${pkgs.duplicati}/bin/duplicati-server --webservice-interface=${cfg.interface} --webservice-port=${toString cfg.port} --server-datafolder=/var/lib/duplicati";
Restart = "on-failure";
};
preStart = ''
mkdir -p /var/lib/duplicati
chown -R ${cfg.user}:duplicati /var/lib/duplicati
'';
};

users.users.duplicati = {
users.users.duplicati = lib.optionalAttrs (cfg.user == "duplicati") {
uid = config.ids.uids.duplicati;
home = "/var/lib/duplicati";
createHome = true;
6 changes: 3 additions & 3 deletions pkgs/applications/networking/instant-messengers/rambox/bare.nix
View file
Original file line number Diff line number Diff line change
@@ -3,13 +3,13 @@

stdenv.mkDerivation rec {
name = "rambox-bare-${version}";
version = "0.6.6";
version = "0.6.9";

src = fetchFromGitHub {
owner = "ramboxapp";
repo = "community-edition";
rev = version;
sha256 = "15cy8krzl66b6sfazhff41adq4kf2857sj4h0qvzmadv85dy301v";
sha256 = "1h44srl2gzkhjaazpwz1pwy4dp5x776fc685kahlvjlsfls0fvy9";
};

nativeBuildInputs = [ nodejs-8_x ruby sencha ];
@@ -18,7 +18,7 @@ stdenv.mkDerivation rec {
inherit src;

nodejs = nodejs-8_x;
sha256 = "0ifk0fzw4zhi4195jlmiq5k57bdmf912372r4bwa4z500wipikq3";
sha256 = "0qsgr8cq81yismal5sqr02skakqpynwwzk5s98dr5bg91y361fgy";
};

patches = [ ./isDev.patch ];
13 changes: 6 additions & 7 deletions pkgs/build-support/mkshell/default.nix
View file
Original file line number Diff line number Diff line change
@@ -11,20 +11,16 @@
...
}@attrs:
let
mergeInputs = name:
let
op = item: sum: sum ++ item."${name}" or [];
nul = [];
list = [attrs] ++ inputsFrom;
in
lib.foldr op nul list;
mergeInputs = name: lib.concatLists (lib.catAttrs name
([attrs] ++ inputsFrom));

rest = builtins.removeAttrs attrs [
"inputsFrom"
"buildInputs"
"nativeBuildInputs"
"propagatedBuildInputs"
"propagatedNativeBuildInputs"
"shellHook"
];
in

@@ -37,6 +33,9 @@ stdenv.mkDerivation ({
propagatedBuildInputs = mergeInputs "propagatedBuildInputs";
propagatedNativeBuildInputs = mergeInputs "propagatedNativeBuildInputs";

shellHook = lib.concatStringsSep "\n" (lib.catAttrs "shellHook"
(lib.reverseList inputsFrom ++ [attrs]));

nobuildPhase = ''
echo
echo "This derivation is not meant to be built, aborting";
4 changes: 2 additions & 2 deletions pkgs/os-specific/linux/kernel/linux-4.14.nix
View file
Original file line number Diff line number Diff line change
@@ -3,7 +3,7 @@
with stdenv.lib;

buildLinux (args // rec {
version = "4.14.129";
version = "4.14.130";

# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStrings (intersperse "." (take 3 (splitString "." "${version}.0"))) else modDirVersionArg;
@@ -13,6 +13,6 @@ buildLinux (args // rec {

src = fetchurl {
url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
sha256 = "1r1njg7vwzssjbn5365zklfcdax2fpz2jkcff977i8df0cmlhj3m";
sha256 = "0najfj0m8s61hjyag4ll6bvv1y4d03dbgm137fmvfq4szx891ji9";
};
} // (args.argsOverride or {}))
4 changes: 2 additions & 2 deletions pkgs/os-specific/linux/kernel/linux-4.19.nix
View file
Original file line number Diff line number Diff line change
@@ -3,7 +3,7 @@
with stdenv.lib;

buildLinux (args // rec {
version = "4.19.55";
version = "4.19.56";

# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStrings (intersperse "." (take 3 (splitString "." "${version}.0"))) else modDirVersionArg;
@@ -13,6 +13,6 @@ buildLinux (args // rec {

src = fetchurl {
url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
sha256 = "0ixrc1ryj0xj0pd1cf37gbs08pwjxbw4w0zpm915k34rlz5z01n9";
sha256 = "1pvbjsy2bd76mmxxv6bf8kh7g6ixlrbj92cm5qq6yjdr2lr989kk";
};
} // (args.argsOverride or {}))
18 changes: 0 additions & 18 deletions pkgs/os-specific/linux/kernel/linux-5.0.nix
View file

This file was deleted.

4 changes: 2 additions & 2 deletions pkgs/os-specific/linux/kernel/linux-5.1.nix
View file
Original file line number Diff line number Diff line change
@@ -3,7 +3,7 @@
with stdenv.lib;

buildLinux (args // rec {
version = "5.1.14";
version = "5.1.15";

# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStrings (intersperse "." (take 3 (splitString "." "${version}.0"))) else modDirVersionArg;
@@ -13,6 +13,6 @@ buildLinux (args // rec {

src = fetchurl {
url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
sha256 = "0bhiqgfm0wcs0r9al800syrjnxp54bk2n2472ccpwp2nn6mv6dkl";
sha256 = "168kvin7s7f1rxfy187bw4dfzhm1dr2ypfs4gkrskkl04rq2i8g8";
};
} // (args.argsOverride or {}))
8 changes: 4 additions & 4 deletions pkgs/servers/http/tomcat/default.nix
View file
Original file line number Diff line number Diff line change
@@ -44,13 +44,13 @@ in {

tomcat85 = common {
versionMajor = "8";
versionMinor = "5.35";
sha256 = "0n6agr2wn8m5mv0asz73hy2194n9rk7mh5wsp2pz7aq0andbhh5s";
versionMinor = "5.42";
sha256 = "1d90abwwvl0ghr0g0drk48j37wr2zgw74vws9z2rshyzrwgbvgp3";
};

tomcat9 = common {
versionMajor = "9";
versionMinor = "0.13";
sha256 = "1rsrnmkkrbzrj56jk2wh8hrr79kfkk3fz1j0abk3midn1jnbgxxq";
versionMinor = "0.21";
sha256 = "0nsylbqvky4pf3wpsx3a29b85lvwk91ay37mljk9636qffjj1vjh";
};
}
6 changes: 3 additions & 3 deletions pkgs/servers/monitoring/grafana/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{ lib, buildGoPackage, fetchurl, fetchFromGitHub, phantomjs2 }:

buildGoPackage rec {
version = "6.2.4";
version = "6.2.5";
name = "grafana-${version}";
goPackagePath = "github.com/grafana/grafana";

@@ -11,12 +11,12 @@ buildGoPackage rec {
rev = "v${version}";
owner = "grafana";
repo = "grafana";
sha256 = "1xfxvjhq96s3hchvigji7ppz777kggf39gh4dcqjzhls5qy6rm3i";
sha256 = "03wign7dkc2a9267mmqicvvzgya0g1i9ygr0dz3jvks2k1yhlv2j";
};

srcStatic = fetchurl {
url = "https://s3-us-west-2.amazonaws.com/grafana-releases/release/grafana-${version}.linux-amd64.tar.gz";
sha256 = "082mmwksv97r2g8ywvsj5f126ycp3jwxjp21jfq0135l8yz73vwh";
sha256 = "19zc9x1gkmdr7ijsrhrlln5cib20iyx0vgk0z79d8qyhq69nxfs8";
};

postPatch = ''
6 changes: 3 additions & 3 deletions pkgs/tools/backup/duplicati/default.nix
View file
Original file line number Diff line number Diff line change
@@ -2,13 +2,13 @@

stdenv.mkDerivation rec {
name = "duplicati-${version}";
version = "2.0.3.3";
version = "2.0.4.5";
channel = "beta";
build_date = "2018-04-02";
build_date = "2018-11-28";

src = fetchzip {
url = "https://github.com/duplicati/duplicati/releases/download/v${version}-${version}_${channel}_${build_date}/duplicati-${version}_${channel}_${build_date}.zip";
sha256 = "0hwdpsgrvm3gq648mg9g0z0rk49g71dd8r5i1a8w83pwdqv0hn9c";
sha256 = "118rhzm8vk1092214vq7kxnmrnz4jl32lk8j90965a8pg05m53gn";
stripRoot = false;
};

13 changes: 13 additions & 0 deletions pkgs/tools/compression/bzip2/cve-2019-12900.patch
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d
diff --git a/decompress.c b/decompress.c
--- a/decompress.c
+++ b/decompress.c
@@ -287,7 +287,7 @@
GET_BITS(BZ_X_SELECTOR_1, nGroups, 3);
if (nGroups < 2 || nGroups > 6) RETURN(BZ_DATA_ERROR);
GET_BITS(BZ_X_SELECTOR_2, nSelectors, 15);
- if (nSelectors < 1) RETURN(BZ_DATA_ERROR);
+ if (nSelectors < 1 || nSelectors > BZ_MAX_SELECTORS) RETURN(BZ_DATA_ERROR);
for (i = 0; i < nSelectors; i++) {
j = 0;
while (True) {
1 change: 1 addition & 0 deletions pkgs/tools/compression/bzip2/default.nix
View file
Original file line number Diff line number Diff line change
@@ -22,6 +22,7 @@ stdenv.mkDerivation rec {

patches = [
./CVE-2016-3189.patch
./cve-2019-12900.patch
];


8 changes: 2 additions & 6 deletions pkgs/tools/system/journalwatch/default.nix
View file
Original file line number Diff line number Diff line change
@@ -20,14 +20,10 @@ buildPythonPackage rec {


doCheck = true;

checkInputs = [ pytest ];
checkPhase = ''
pytest test_journalwatch.py
'';

buildInputs = [
pytest
];
'';

propagatedBuildInputs = [
systemd
9 changes: 0 additions & 9 deletions pkgs/top-level/all-packages.nix
View file
Original file line number Diff line number Diff line change
@@ -14731,14 +14731,6 @@ in
];
};

linux_5_0 = callPackage ../os-specific/linux/kernel/linux-5.0.nix {
kernelPatches =
[ kernelPatches.bridge_stp_helper
kernelPatches.modinst_arg_list_too_long
kernelPatches.export_kernel_fpu_functions
];
};

linux_5_1 = callPackage ../os-specific/linux/kernel/linux-5.1.nix {
kernelPatches =
[ kernelPatches.bridge_stp_helper
@@ -14940,7 +14932,6 @@ in
linuxPackages_4_9 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_4_9);
linuxPackages_4_14 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_4_14);
linuxPackages_4_19 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_4_19);
linuxPackages_5_0 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_5_0);
linuxPackages_5_1 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_5_1);

# When adding to this list: