Skip to content
This repository was archived by the owner on Apr 12, 2021. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: b68697c3a49c
Choose a base ref
...
head repository: NixOS/nixpkgs-channels
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: fe0da425ce85
Choose a head ref
  • 7 commits
  • 9 files changed
  • 6 contributors

Commits on Apr 22, 2018

  1. libimobiledevice: use cve tag in patchname for vulnix auto-detection 

    (cherry picked from commit 81a255d)
    @pSub
    pSub committed Apr 22, 2018
    Copy the full SHA
    29e5da8 View commit details

  2. libusbmuxd: use cve tag in patchname for vulnix auto-detection

    @pSub
    pSub committed Apr 22, 2018
    Copy the full SHA
    7395480 View commit details

  3. Merge #31320: docs and glibc: explicit comments on outputs 

    (cherry picked from commit 17c4b83)
    @vcunat
    vcunat committed Apr 22, 2018
    Copy the full SHA
    ad222f3 View commit details

  4. systemd.nspawn: fix missing suffix 

    Fix files placed in `/etc/systemd/nspawn/` missing `.nspawn` suffix

(cherry picked from commit 87cbb86)
    @Mic92
    Giumo X. Clanjor (哆啦比猫/兰威举) authored and Mic92 committed Apr 22, 2018
    Copy the full SHA
    0517698 View commit details

  5. farbfeld, sent: wrap PATH for 2ff and sent 

    (cherry picked from commit fa3f620)
    @oxzi @Mic92
    oxzi authored and Mic92 committed Apr 22, 2018
    Copy the full SHA
    4adf3a7 View commit details

  6. exempi: 2.4.4 -> 2.4.5 

    Semi-automatic update generated by https://github.com/ryantm/nix-update tools. These checks were done:

- built on NixOS
- Warning: no binary found that responded to help or version flags. (This warning appears even if the package isn't expected to have binaries.)
- found 2.4.5 with grep in /nix/store/l4nmjlanshgdwrh95g1h0714zcm1kk3z-exempi-2.4.5
- directory tree listing: https://gist.github.com/2d437e9ea408cfda7abaa772865a0b82

(cherry picked from commit 34682dd)
    @ryantm @pSub
    ryantm authored and pSub committed Apr 22, 2018
    Copy the full SHA
    bae7df6 View commit details

  7. nixos/installer/channel: Add some files that the channel also has 

    Nothing probably uses this, but let's be pedantic and have the
pre-included channel on the install media be as close as possible to
what 'nix-channel --update' will give them.

The only remaining difference is that the channel adds programs.sqlite,
which is fundamentally unfixable.

(cherry picked from commit bd77849)
    @dezgeg
    dezgeg committed Apr 22, 2018
    Copy the full SHA
    fe0da42 View commit details
10 changes: 8 additions & 2 deletions doc/multiple-output.xml
View file
Original file line number Diff line number Diff line change
@@ -36,10 +36,16 @@
<para>Here you find how to write a derivation that produces multiple outputs.</para>
<para>In nixpkgs there is a framework supporting multiple-output derivations. It tries to cover most cases by default behavior. You can find the source separated in &lt;<filename>nixpkgs/pkgs/build-support/setup-hooks/multiple-outputs.sh</filename>&gt;; it's relatively well-readable. The whole machinery is triggered by defining the <varname>outputs</varname> attribute to contain the list of desired output names (strings).</para>
<programlisting>outputs = [ "bin" "dev" "out" "doc" ];</programlisting>
<para>Often such a single line is enough. For each output an equally named environment variable is passed to the builder and contains the path in nix store for that output. By convention, the first output should contain the executable programs provided by the package as that output is used by Nix in string conversions, allowing references to binaries like <literal>${pkgs.perl}/bin/perl</literal> to always work. Typically you also want to have the main <varname>out</varname> output, as it catches any files that didn't get elsewhere.</para>

<para>Often such a single line is enough. For each output an equally named environment variable is passed to the builder and contains the path in nix store for that output. Typically you also want to have the main <varname>out</varname> output, as it catches any files that didn't get elsewhere.</para>
<note><para>There is a special handling of the <varname>debug</varname> output, described at <xref linkend="stdenv-separateDebugInfo" />.</para></note>

<section xml:id="multiple-output-file-binaries-first-convention">
<title><quote>Binaries first</quote></title>
<para>A commonly adopted convention in <literal>nixpkgs</literal> is that executables provided by the package are contained within its first output. This convention allows the dependent packages to reference the executables provided by packages in a uniform manner. For instance, provided with the knowledge that the <literal>perl</literal> package contains a <literal>perl</literal> executable it can be referenced as <literal>${pkgs.perl}/bin/perl</literal> within a Nix derivation that needs to execute a Perl script.</para>
<para>The <literal>glibc</literal> package is a deliberate single exception to the <quote>binaries first</quote> convention. The <literal>glibc</literal> has <literal>libs</literal> as its first output allowing the libraries provided by <literal>glibc</literal> to be referenced directly (e.g. <literal>${stdenv.glibc}/lib/ld-linux-x86-64.so.2</literal>). The executables provided by <literal>glibc</literal> can be accessed via its <literal>bin</literal> attribute (e.g. <literal>${stdenv.glibc.bin}/bin/ldd</literal>).</para>
<para>The reason for why <literal>glibc</literal> deviates from the convention is because referencing a library provided by <literal>glibc</literal> is a very common operation among Nix packages. For instance, third-party executables packaged by Nix are typically patched and relinked with the relevant version of <literal>glibc</literal> libraries from Nix packages (please see the documentation on <link xlink:href="https://nixos.org/patchelf.html">patchelf</link> for more details).</para>
</section>

<section xml:id="multiple-output-file-type-groups">
<title>File type groups</title>
<para>The support code currently recognizes some particular kinds of outputs and either instructs the build system of the package to put files into their desired outputs or it moves the files during the fixup phase. Each group of file types has an <varname>outputFoo</varname> variable specifying the output name where they should go. If that variable isn't defined by the derivation writer, it is guessed &ndash; a default output name is defined, falling back to other possibilities if the output isn't defined.</para>
2 changes: 2 additions & 0 deletions nixos/modules/installer/cd-dvd/channel.nix
View file
Original file line number Diff line number Diff line change
@@ -21,7 +21,9 @@ let
if [ ! -e $out/nixos/nixpkgs ]; then
ln -s . $out/nixos/nixpkgs
fi
echo -n ${config.system.nixos.revision} > $out/nixos/.git-revision
echo -n ${config.system.nixos.versionSuffix} > $out/nixos/.version-suffix
echo ${config.system.nixos.versionSuffix} | sed -e s/pre// > $out/nixos/svn-revision
'';

in
2 changes: 1 addition & 1 deletion nixos/modules/system/boot/systemd-nspawn.nix
View file
Original file line number Diff line number Diff line change
@@ -110,7 +110,7 @@ in {

config =
let
units = mapAttrs' (n: v: nameValuePair "${n}.nspawn" (instanceToUnit n v)) cfg;
units = mapAttrs' (n: v: let nspawnFile = "${n}.nspawn"; in nameValuePair nspawnFile (instanceToUnit nspawnFile v)) cfg;
in mkIf (cfg != {}) {

environment.etc."systemd/nspawn".source = generateUnits "nspawn" units [] [];
8 changes: 6 additions & 2 deletions pkgs/applications/misc/sent/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{ stdenv, fetchurl, farbfeld, libX11, libXft
{ stdenv, fetchurl, farbfeld, libX11, libXft, makeWrapper
, patches ? [] }:

stdenv.mkDerivation rec {
@@ -9,14 +9,18 @@ stdenv.mkDerivation rec {
sha256 = "0cxysz5lp25mgww73jl0mgip68x7iyvialyzdbriyaff269xxwvv";
};

buildInputs = [ farbfeld libX11 libXft ];
buildInputs = [ libX11 libXft ];
nativeBuildInputs = [ makeWrapper ];

# unpacking doesn't create a directory
sourceRoot = ".";

inherit patches;

installFlags = [ "PREFIX=$(out)" ];
postInstall = ''
wrapProgram "$out/bin/sent" --prefix PATH : "${farbfeld}/bin"
'';

meta = with stdenv.lib; {
description = "A simple plaintext presentation tool";
4 changes: 2 additions & 2 deletions pkgs/development/libraries/exempi/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
{ stdenv, fetchurl, expat, zlib, boost, libiconv, darwin }:

stdenv.mkDerivation rec {
name = "exempi-2.4.4";
name = "exempi-2.4.5";

src = fetchurl {
url = "http://libopenraw.freedesktop.org/download/${name}.tar.bz2";
sha256 = "1c1xxiw9lazdaz4zvrnvcy9pif9l1wib7zy91m48i7a4bnf9mmd2";
sha256 = "07i29xmg8bqriviaf4vi1mwha4lrw85kfla29cfym14fp3z8aqa0";
};

configureFlags = [
6 changes: 5 additions & 1 deletion pkgs/development/libraries/farbfeld/default.nix
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{ stdenv, fetchgit, libpng, libjpeg }:
{ stdenv, fetchgit, makeWrapper, file, libpng, libjpeg }:

stdenv.mkDerivation rec {
name = "farbfeld-${version}";
@@ -11,8 +11,12 @@ stdenv.mkDerivation rec {
};

buildInputs = [ libpng libjpeg ];
nativeBuildInputs = [ makeWrapper ];

installFlags = "PREFIX=/ DESTDIR=$(out)";
postInstall = ''
wrapProgram "$out/bin/2ff" --prefix PATH : "${file}/bin"
'';

meta = with stdenv.lib; {
description = "Suckless image format with conversion tools";
18 changes: 17 additions & 1 deletion pkgs/development/libraries/glibc/common.nix
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,21 @@
/* Build configuration used to build glibc, Info files, and locale
information. */
information.
Note that this derivation has multiple outputs and does not respect the
standard convention of putting the executables into the first output. The
first output is `lib` so that the libraries provided by this derivation
can be accessed directly, e.g.
"${pkgs.glibc}/lib/ld-linux-x86_64.so.2"
The executables are put into `bin` output and need to be referenced via
the `bin` attribute of the main package, e.g.
"${pkgs.glibc.bin}/bin/ldd".
The executables provided by glibc typically include `ldd`, `locale`, `iconv`
but the exact set depends on the library version and the configuration.
*/

{ stdenv, lib
, buildPlatform, hostPlatform
3 changes: 2 additions & 1 deletion pkgs/development/libraries/libimobiledevice/default.nix
View file
Original file line number Diff line number Diff line change
@@ -10,7 +10,8 @@ stdenv.mkDerivation rec {

patches = [
./disable_sslv3.patch
(fetchpatch { # CVE-2016-5104
(fetchpatch {
name = "CVE-2016-5104.patch";
url = "https://github.com/libimobiledevice/libimobiledevice/commit/df1f5c4d70d0c19ad40072f5246ca457e7f9849e.patch";
sha256 = "06ygb9aqcvm4v08wrldsddjgyqv5bkpq6lxzq2a1nwqp9mq4a4k1";
})
3 changes: 2 additions & 1 deletion pkgs/development/libraries/libusbmuxd/default.nix
View file
Original file line number Diff line number Diff line change
@@ -8,7 +8,8 @@ stdenv.mkDerivation rec {
};

patches = [
(fetchpatch { # CVE-2016-5104
(fetchpatch {
name = "CVE-2016-5104.patch";
url = "https://github.com/libimobiledevice/libusbmuxd/commit/4397b3376dc4e4cb1c991d0aed61ce6482614196.patch";
sha256 = "0cl3vys7bkwbdzf64d0rz3zlqpfc30w4l7j49ljv01agh42ywhgk";
})