diff --git a/nixos/modules/security/sudo.nix b/nixos/modules/security/sudo.nix index 4e4f186758e9..ff912dec5073 100644 --- a/nixos/modules/security/sudo.nix +++ b/nixos/modules/security/sudo.nix @@ -41,9 +41,15 @@ in ''; }; - enable = mkEnableOption (mdDoc '' - the {command}`sudo` command, which allows non-root users to execute commands as root. - ''); + enable = mkOption { + type = types.bool; + default = true; + description = + lib.mdDoc '' + Whether to enable the {command}`sudo` command, which + allows non-root users to execute commands as root. + ''; + }; package = mkPackageOption pkgs "sudo" { }; diff --git a/nixos/tests/sudo.nix b/nixos/tests/sudo.nix index 1b177391488d..1fe478f0bff1 100644 --- a/nixos/tests/sudo.nix +++ b/nixos/tests/sudo.nix @@ -21,7 +21,8 @@ in }; security.sudo = { - enable = true; + # Explicitly _not_ defining 'enable = true;' here, to check that sudo is enabled by default + wheelNeedsPassword = false; extraConfig = '' diff --git a/pkgs/applications/audio/qpwgraph/default.nix b/pkgs/applications/audio/qpwgraph/default.nix index 645ba0e16862..44a285c7b65a 100644 --- a/pkgs/applications/audio/qpwgraph/default.nix +++ b/pkgs/applications/audio/qpwgraph/default.nix @@ -13,14 +13,14 @@ stdenv.mkDerivation (finalAttrs: { pname = "qpwgraph"; - version = "0.5.3"; + version = "0.6.0"; src = fetchFromGitLab { domain = "gitlab.freedesktop.org"; owner = "rncbc"; repo = "qpwgraph"; rev = "v${finalAttrs.version}"; - sha256 = "sha256-50KaVpNB5/CTLs2bRbXEinYM23AZxZO/ForrVPFDN8U="; + sha256 = "sha256-wJ+vUw16yBBFjMdJogF1nkLnAh3o2ndN9+0png8ZVJ4="; }; nativeBuildInputs = [ cmake pkg-config wrapQtAppsHook ]; diff --git a/pkgs/applications/science/misc/root/5.nix b/pkgs/applications/science/misc/root/5.nix index 4a8411cd34f9..2d830e3d1016 100644 --- a/pkgs/applications/science/misc/root/5.nix +++ b/pkgs/applications/science/misc/root/5.nix @@ -64,6 +64,9 @@ stdenv.mkDerivation rec { url = "https://github.com/root-project/root/commit/c75458024082de0cc35b45505c652b8460a9e71b.patch"; sha256 = "sha256-A5zEjQE9OGPFp/L1HUs4NIdxQMRiwbwCRNWOLN2ENrM="; }) + # Backport Python 3.11 fix to v5 from v6.26 + # https://github.com/root-project/root/commit/484deb056dacf768aba4954073b41105c431bffc + ./root5-python311-fix.patch ]; # https://github.com/root-project/root/issues/13216 diff --git a/pkgs/applications/science/misc/root/root5-python311-fix.patch b/pkgs/applications/science/misc/root/root5-python311-fix.patch new file mode 100644 index 000000000000..3005b3a73f9b --- /dev/null +++ b/pkgs/applications/science/misc/root/root5-python311-fix.patch @@ -0,0 +1,17 @@ +diff --git a/bindings/pyroot/src/MethodProxy.cxx b/bindings/pyroot/src/MethodProxy.cxx +--- a/bindings/pyroot/src/MethodProxy.cxx ++++ b/bindings/pyroot/src/MethodProxy.cxx +@@ -4,10 +4,10 @@ + // Bindings + #include "PyROOT.h" + #include "structmember.h" // from Python +-#if PY_VERSION_HEX >= 0x02050000 +-#include "code.h" // from Python +-#else ++#if PY_VERSION_HEX < 0x02050000 + #include "compile.h" // from Python ++#elif PY_VERSION_HEX < 0x030b0000 ++#include "code.h" // from Python + #endif + #ifndef CO_NOFREE + // python2.2 does not have CO_NOFREE defined diff --git a/pkgs/by-name/oa/oauth2l/package.nix b/pkgs/by-name/oa/oauth2l/package.nix new file mode 100644 index 000000000000..612575d2b266 --- /dev/null +++ b/pkgs/by-name/oa/oauth2l/package.nix @@ -0,0 +1,35 @@ +{ stdenv +, lib +, buildGoModule +, fetchFromGitHub +}: + +buildGoModule rec { + pname = "oauth2l"; + version = "1.3.0"; + + src = fetchFromGitHub { + owner = "google"; + repo = "oauth2l"; + rev = "v${version}"; + hash = "sha256-bL1bys/CBo/P9VfWc/FB8JHW/aBwC521V8DB1sFBIAA="; + }; + + vendorHash = null; + + ldflags = [ "-s" "-w" ]; + + # Fix tests by preventing them from writing to /homeless-shelter. + preCheck = "export HOME=$(mktemp -d)"; + + # tests fail on linux for some reason + doCheck = stdenv.isDarwin; + + meta = with lib; { + description = "Simple CLI for interacting with Google API authentication"; + homepage = "https://github.com/google/oauth2l"; + license = licenses.asl20; + maintainers = with maintainers; [ happysalada ]; + mainProgram = "oauth2l"; + }; +} diff --git a/pkgs/development/libraries/physics/apfelgrid/default.nix b/pkgs/development/libraries/physics/apfelgrid/default.nix index 33ca03267270..92b6ae003fca 100644 --- a/pkgs/development/libraries/physics/apfelgrid/default.nix +++ b/pkgs/development/libraries/physics/apfelgrid/default.nix @@ -19,7 +19,7 @@ stdenv.mkDerivation rec { meta = with lib; { description = "Ultra-fast theory predictions for collider observables"; license = licenses.mit; - homepage = "http://nhartland.github.io/APFELgrid/"; + homepage = "https://nhartland.github.io/APFELgrid/"; platforms = platforms.unix; maintainers = with maintainers; [ veprbl ]; }; diff --git a/pkgs/development/libraries/webrtc-audio-processing/default.nix b/pkgs/development/libraries/webrtc-audio-processing/default.nix index c3f7d2591ac1..ad2b12de8910 100644 --- a/pkgs/development/libraries/webrtc-audio-processing/default.nix +++ b/pkgs/development/libraries/webrtc-audio-processing/default.nix @@ -1,4 +1,6 @@ -{ lib, stdenv, fetchFromGitLab +{ lib +, stdenv +, fetchFromGitLab , darwin , abseil-cpp , meson @@ -30,7 +32,7 @@ stdenv.mkDerivation rec { abseil-cpp ]; - buildInputs = lib.optionals stdenv.isDarwin (with darwin.apple_sdk.frameworks; [ ApplicationServices ]); + buildInputs = lib.optionals stdenv.isDarwin (with darwin.apple_sdk.frameworks; [ ApplicationServices Foundation ]); meta = with lib; { homepage = "https://www.freedesktop.org/software/pulseaudio/webrtc-audio-processing"; diff --git a/pkgs/development/python-modules/eigenpy/default.nix b/pkgs/development/python-modules/eigenpy/default.nix index 24abaebf7bb5..354f7b01af4e 100644 --- a/pkgs/development/python-modules/eigenpy/default.nix +++ b/pkgs/development/python-modules/eigenpy/default.nix @@ -9,14 +9,14 @@ stdenv.mkDerivation (finalAttrs: { pname = "eigenpy"; - version = "3.1.1"; + version = "3.1.3"; src = fetchFromGitHub { owner = "stack-of-tasks"; repo = finalAttrs.pname; rev = "v${finalAttrs.version}"; fetchSubmodules = true; - hash = "sha256-mUwckBelFVRCXp3hspB8WRFFaLVyRsfp6XbqU8HeHvw="; + hash = "sha256-8UuJA96pkXXRKDzQTjoz7w8TQrS5+nfLdsT0j9/oqz0="; }; strictDeps = true; diff --git a/pkgs/development/python-modules/timetagger/default.nix b/pkgs/development/python-modules/timetagger/default.nix index e41158d8c167..04c14fe5f068 100644 --- a/pkgs/development/python-modules/timetagger/default.nix +++ b/pkgs/development/python-modules/timetagger/default.nix @@ -19,7 +19,7 @@ buildPythonPackage rec { pname = "timetagger"; - version = "23.9.2"; + version = "23.11.2"; format = "setuptools"; disabled = pythonOlder "3.6"; @@ -28,7 +28,7 @@ buildPythonPackage rec { owner = "almarklein"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-pg4lKRsgi4SZrKYnVmMfU5hzJriRqVa3InYW9emFLy8="; + hash = "sha256-PPB/BTZLuHmbKmUIe5gZMAwV+TUDqXBYg6fKsokTotg="; }; propagatedBuildInputs = [ diff --git a/pkgs/os-specific/linux/tomb/default.nix b/pkgs/os-specific/linux/tomb/default.nix index af04476aa1d0..9c97377cfe04 100644 --- a/pkgs/os-specific/linux/tomb/default.nix +++ b/pkgs/os-specific/linux/tomb/default.nix @@ -1,19 +1,37 @@ -{ stdenv, lib, fetchFromGitHub, makeWrapper -, gettext, zsh, pinentry, cryptsetup, gnupg, util-linux, e2fsprogs, sudo +{ stdenv +, lib +, fetchFromGitHub +, substituteAll +, makeWrapper +, zsh +, coreutils +, cryptsetup +, e2fsprogs +, file +, gawk +, getent +, gettext +, gnugrep +, gnupg +, libargon2 +, lsof +, pinentry +, util-linux +, nix-update-script }: stdenv.mkDerivation rec { pname = "tomb"; - version = "2.9"; + version = "2.10"; src = fetchFromGitHub { - owner = "dyne"; - repo = "Tomb"; - rev = "v${version}"; - sha256 = "0d6vmfcf4kd0p2bcljmdnyc2fmbwvar81cc472zx86r7yc3ih102"; + owner = "dyne"; + repo = "Tomb"; + rev = "refs/tags/v${version}"; + hash = "sha256-lLxQJX0P6b6lbXEcrq45EsX9iKiayZ9XkhqgMfpN3/w="; }; - buildInputs = [ sudo zsh pinentry ]; + buildInputs = [ zsh pinentry ]; nativeBuildInputs = [ makeWrapper ]; @@ -23,22 +41,39 @@ stdenv.mkDerivation rec { --replace 'TOMBEXEC=$0' 'TOMBEXEC=tomb' ''; - doInstallCheck = true; - installCheckPhase = "$out/bin/tomb -h"; - installPhase = '' - install -Dm755 tomb $out/bin/tomb + install -Dm755 tomb $out/bin/tomb install -Dm644 doc/tomb.1 $out/share/man/man1/tomb.1 wrapProgram $out/bin/tomb \ - --prefix PATH : $out/bin:${lib.makeBinPath [ cryptsetup gettext gnupg pinentry util-linux e2fsprogs ]} + --prefix PATH : $out/bin:${lib.makeBinPath [ + coreutils + cryptsetup + e2fsprogs + file + gawk + getent + gettext + gnugrep + gnupg + libargon2 + lsof + pinentry + util-linux + ]} ''; + passthru = { + updateScript = nix-update-script { }; + }; + meta = with lib; { description = "File encryption on GNU/Linux"; - homepage = "https://www.dyne.org/software/tomb/"; - license = licenses.gpl3; - maintainers = with maintainers; [ peterhoeg ]; - platforms = platforms.linux; + homepage = "https://www.dyne.org/software/tomb/"; + changelog = "https://github.com/dyne/Tomb/blob/v${version}/ChangeLog.md"; + license = licenses.gpl3Only; + mainProgram = "tomb"; + maintainers = with maintainers; [ peterhoeg anthonyroussel ]; + platforms = platforms.linux; }; } diff --git a/pkgs/servers/networking/rustus/default.nix b/pkgs/servers/networking/rustus/default.nix index b399c3b84177..651ed424fc5f 100644 --- a/pkgs/servers/networking/rustus/default.nix +++ b/pkgs/servers/networking/rustus/default.nix @@ -10,7 +10,7 @@ let pname = "rustus"; - version = "0.7.4"; + version = "0.7.6"; in rustPlatform.buildRustPackage { inherit pname version; @@ -19,10 +19,10 @@ rustPlatform.buildRustPackage { owner = "s3rius"; repo = pname; rev = version; - hash = "sha256-RmtkGemFGqvDYd+om/2o4Ki3NWKjJ4/cJ0z40J+L+SY="; + hash = "sha256-osxdqwNUONCScFarpQV48C7CR1DVR/mCttaglqiAKPo="; }; - cargoHash = "sha256-Ayki+hJTyaITOZhiyY8X6d5tR3+CLHZe94zJ9d/Kn4I="; + cargoHash = "sha256-M0mJ+9VznzHDmdKAsT3YamyG/P0JF8oPeVHaX44NWM4="; env.OPENSSL_NO_VENDOR = 1; diff --git a/pkgs/servers/plex/raw.nix b/pkgs/servers/plex/raw.nix index 6ef9287004fd..93cd01950d6b 100644 --- a/pkgs/servers/plex/raw.nix +++ b/pkgs/servers/plex/raw.nix @@ -12,16 +12,16 @@ # server, and the FHS userenv and corresponding NixOS module should # automatically pick up the changes. stdenv.mkDerivation rec { - version = "1.32.6.7557-1cf77d501"; + version = "1.32.7.7621-871adbd44"; pname = "plexmediaserver"; # Fetch the source src = if stdenv.hostPlatform.system == "aarch64-linux" then fetchurl { url = "https://downloads.plex.tv/plex-media-server-new/${version}/debian/plexmediaserver_${version}_arm64.deb"; - sha256 = "0ym2s425084l5lzpw9j1aqw2nc6f4l5vzizvpj1gicf4yp2dyk91"; + sha256 = "0894hwbl05rsv80p3k0wjs1hv5jwn2zakv758kzx1dvqcmjzhy2w"; } else fetchurl { url = "https://downloads.plex.tv/plex-media-server-new/${version}/debian/plexmediaserver_${version}_amd64.deb"; - sha256 = "1jqgglyzlfzq5saa21338vn2v3x25vl24x1w17j5wq30ca7nmzdr"; + sha256 = "0r2i4y00pcd6hkrypzmgd03w4vj2hchhicgdy3zdwjmfk3aqs4jf"; }; outputs = [ "out" "basedb" ]; diff --git a/pkgs/tools/package-management/dnf5/default.nix b/pkgs/tools/package-management/dnf5/default.nix index 7f0160c2081c..97c9ba29b6a7 100644 --- a/pkgs/tools/package-management/dnf5/default.nix +++ b/pkgs/tools/package-management/dnf5/default.nix @@ -25,13 +25,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "dnf5"; - version = "5.1.6"; + version = "5.1.7"; src = fetchFromGitHub { owner = "rpm-software-management"; repo = "dnf5"; rev = finalAttrs.version; - hash = "sha256-yIv29mwCBk2H1HjJr2IYm/1eZU379jTNEuTuaoIu4TA="; + hash = "sha256-SXgl4YFWl1A3N2/IkDftvBl6Rwhnymxe8AqqaekGHTc="; }; nativeBuildInputs = [ cmake createrepo_c gettext help2man pkg-config ]; @@ -88,7 +88,7 @@ stdenv.mkDerivation (finalAttrs: { homepage = "https://github.com/rpm-software-management/dnf5"; changelog = "https://github.com/rpm-software-management/dnf5/releases/tag/${version}"; license = licenses.gpl2Plus; - maintainers = with lib.maintainers; [ malt3 ]; + maintainers = with lib.maintainers; [ malt3 katexochen ]; mainProgram = "dnf5"; platforms = platforms.linux ++ platforms.darwin; };