diff --git a/nixos/modules/hardware/sata.nix b/nixos/modules/hardware/sata.nix new file mode 100644 index 000000000000..541897527a8d --- /dev/null +++ b/nixos/modules/hardware/sata.nix @@ -0,0 +1,100 @@ +{ config, lib, pkgs, ... }: +let + inherit (lib) mkEnableOption mkIf mkOption types; + + cfg = config.hardware.sata.timeout; + + buildRule = d: + lib.concatStringsSep ", " [ + ''ACTION=="add"'' + ''SUBSYSTEM=="block"'' + ''ENV{ID_${lib.toUpper d.idBy}}=="${d.name}"'' + ''TAG+="systemd"'' + ''ENV{SYSTEMD_WANTS}="${unitName d}"'' + ]; + + devicePath = device: + "/dev/disk/by-${device.idBy}/${device.name}"; + + unitName = device: + "sata-timeout-${lib.strings.sanitizeDerivationName device.name}"; + + startScript = + pkgs.writeShellScript "sata-timeout.sh" '' + set -eEuo pipefail + + device="$1" + + ${pkgs.smartmontools}/bin/smartctl \ + -l scterc,${toString cfg.deciSeconds},${toString cfg.deciSeconds} \ + --quietmode errorsonly \ + "$device" + ''; + +in +{ + meta.maintainers = with lib.maintainers; [ peterhoeg ]; + + options.hardware.sata.timeout = { + enable = mkEnableOption "SATA drive timeouts"; + + deciSeconds = mkOption { + example = "70"; + type = types.int; + description = '' + Set SCT Error Recovery Control timeout in deciseconds for use in RAID configurations. + + Values are as follows: + 0 = disable SCT ERT + 70 = default in consumer drives (7 seconds) + + Maximum is disk dependant but probably 60 seconds. + ''; + }; + + drives = mkOption { + description = "List of drives for which to configure the timeout."; + type = types.listOf + (types.submodule { + options = { + name = mkOption { + description = "Drive name without the full path."; + type = types.str; + }; + + idBy = mkOption { + description = "The method to identify the drive."; + type = types.enum [ "path" "wwn" ]; + default = "path"; + }; + }; + }); + }; + }; + + config = mkIf cfg.enable { + services.udev.extraRules = lib.concatMapStringsSep "\n" buildRule cfg.drives; + + systemd.services = lib.listToAttrs (map + (e: + lib.nameValuePair (unitName e) { + description = "SATA timeout for ${e.name}"; + wantedBy = [ "sata-timeout.target" ]; + serviceConfig = { + Type = "oneshot"; + ExecStart = "${startScript} '${devicePath e}'"; + PrivateTmp = true; + PrivateNetwork = true; + ProtectHome = "tmpfs"; + ProtectSystem = "strict"; + }; + } + ) + cfg.drives); + + systemd.targets.sata-timeout = { + description = "SATA timeout"; + wantedBy = [ "multi-user.target" ]; + }; + }; +} diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index ca7898687b8b..e9b9664f8e7b 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -70,6 +70,7 @@ ./hardware/usb-wwan.nix ./hardware/onlykey.nix ./hardware/opentabletdriver.nix + ./hardware/sata.nix ./hardware/wooting.nix ./hardware/uinput.nix ./hardware/video/amdgpu.nix diff --git a/pkgs/development/python-modules/boto3/default.nix b/pkgs/development/python-modules/boto3/default.nix index e1733116dda7..c287295b61d0 100644 --- a/pkgs/development/python-modules/boto3/default.nix +++ b/pkgs/development/python-modules/boto3/default.nix @@ -13,11 +13,11 @@ buildPythonPackage rec { pname = "boto3"; - version = "1.17.39"; # N.B: if you change this, change botocore and awscli to a matching version + version = "1.17.40"; # N.B: if you change this, change botocore and awscli to a matching version src = fetchPypi { inherit pname version; - sha256 = "sha256-tYFP9ztbj8hgHBtztwZ1gH+c5kcTVi4YOghBWiUW7tQ="; + sha256 = "sha256-7pmbRrLGMOUOewUtbf4iQgOjSNg7AOFoylAAmvDydsE="; }; propagatedBuildInputs = [ botocore jmespath s3transfer ] ++ lib.optionals (!isPy3k) [ futures ]; @@ -35,6 +35,8 @@ buildPythonPackage rec { # Network access doCheck = false; + pythonImportsCheck = [ "boto3" ]; + meta = { homepage = "https://github.com/boto/boto3"; license = lib.licenses.asl20; diff --git a/pkgs/development/python-modules/botocore/default.nix b/pkgs/development/python-modules/botocore/default.nix index 3fb30ba8a73b..039d52baa9fd 100644 --- a/pkgs/development/python-modules/botocore/default.nix +++ b/pkgs/development/python-modules/botocore/default.nix @@ -1,4 +1,5 @@ -{ buildPythonPackage +{ lib +, buildPythonPackage , fetchPypi , dateutil , jmespath @@ -12,11 +13,11 @@ buildPythonPackage rec { pname = "botocore"; - version = "1.20.39"; # N.B: if you change this, change boto3 and awscli to a matching version + version = "1.20.40"; # N.B: if you change this, change boto3 and awscli to a matching version src = fetchPypi { inherit pname version; - sha256 = "sha256-KFBtI/+pq/VmbCyQnH7cg6ERLNRP506xpJYN9WFTHpg="; + sha256 = "sha256-ajWpl3zb16g52UjdX549JgwZt93nTgqETJcgaITTu6A="; }; propagatedBuildInputs = [ @@ -37,9 +38,11 @@ buildPythonPackage rec { # Network access doCheck = false; - meta = { + pythonImportsCheck = [ "botocore" ]; + + meta = with lib; { homepage = "https://github.com/boto/botocore"; - license = "bsd"; + license = licenses.asl20; description = "A low-level interface to a growing number of Amazon Web Services"; }; } diff --git a/pkgs/development/python-modules/pytenable/default.nix b/pkgs/development/python-modules/pytenable/default.nix new file mode 100644 index 000000000000..39d1116f0bb3 --- /dev/null +++ b/pkgs/development/python-modules/pytenable/default.nix @@ -0,0 +1,66 @@ +{ lib +, buildPythonPackage +, defusedxml +, fetchFromGitHub +, marshmallow +, pytest-datafiles +, pytest-vcr +, pytestCheckHook +, python-box +, python-dateutil +, requests +, requests-pkcs12 +, responses +, restfly +, semver +}: + +buildPythonPackage rec { + pname = "pytenable"; + version = "1.2.8"; + + src = fetchFromGitHub { + owner = "tenable"; + repo = "pyTenable"; + rev = version; + sha256 = "12x0w1c4blm73ixv07w90jkydl7d8dx5l27ih9vc1yv9v2zzb53k"; + }; + + propagatedBuildInputs = [ + semver + ]; + + buildInputs = [ + defusedxml + marshmallow + python-box + python-dateutil + requests + requests-pkcs12 + restfly + ]; + + checkInputs = [ + responses + pytest-datafiles + pytest-vcr + pytestCheckHook + ]; + + disabledTests = [ + # Disable tests that requires a Docker container + "test_uploads_docker_push_name_typeerror" + "test_uploads_docker_push_tag_typeerror" + "test_uploads_docker_push_cs_name_typeerror" + "test_uploads_docker_push_cs_tag_typeerror" + ]; + + pythonImportsCheck = [ "tenable" ]; + + meta = with lib; { + description = "Python library for the Tenable.io and TenableSC API"; + homepage = "https://github.com/tenable/pyTenable"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/development/python-modules/python-box/default.nix b/pkgs/development/python-modules/python-box/default.nix new file mode 100644 index 000000000000..cb176109fefb --- /dev/null +++ b/pkgs/development/python-modules/python-box/default.nix @@ -0,0 +1,43 @@ +{ lib +, buildPythonPackage +, fetchFromGitHub +, msgpack +, pytestCheckHook +, pythonOlder +, pyyaml +, ruamel_yaml +, toml +}: + +buildPythonPackage rec { + pname = "python-box"; + version = "5.3.0"; + disabled = pythonOlder "3.6"; + + src = fetchFromGitHub { + owner = "cdgriffith"; + repo = "Box"; + rev = version; + sha256 = "0fhmkjdcacpwyg7fajqfvnv3n9xd9rxjdpvi8z3j73a1gls36gf4"; + }; + + propagatedBuildInputs = [ + msgpack + pyyaml + ruamel_yaml + toml + ]; + + checkInputs = [ + pytestCheckHook + ]; + + pythonImportsCheck = [ "box" ]; + + meta = with lib; { + description = "Python dictionaries with advanced dot notation access"; + homepage = "https://github.com/cdgriffith/Box"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/development/python-modules/requests-pkcs12/default.nix b/pkgs/development/python-modules/requests-pkcs12/default.nix new file mode 100644 index 000000000000..c58e8a926c82 --- /dev/null +++ b/pkgs/development/python-modules/requests-pkcs12/default.nix @@ -0,0 +1,34 @@ +{ lib +, buildPythonPackage +, fetchFromGitHub +, pyopenssl +, requests +}: + +buildPythonPackage rec { + pname = "requests-pkcs12"; + version = "1.9"; + + src = fetchFromGitHub { + owner = "m-click"; + repo = "requests_pkcs12"; + rev = version; + sha256 = "09nm3c6v911d1vwwi0f7mzapbkq7rnsl7026pb13j6ma8pkxznms"; + }; + + propagatedBuildInputs = [ + requests + pyopenssl + ]; + + # Project has no tests + doCheck = false; + pythonImportsCheck = [ "requests_pkcs12" ]; + + meta = with lib; { + description = "PKCS#12 support for the Python requests library"; + homepage = "https://github.com/m-click/requests_pkcs12"; + license = with licenses; [ isc ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/development/python-modules/restfly/default.nix b/pkgs/development/python-modules/restfly/default.nix new file mode 100644 index 000000000000..b572b0a385d1 --- /dev/null +++ b/pkgs/development/python-modules/restfly/default.nix @@ -0,0 +1,43 @@ +{ lib +, arrow +, buildPythonPackage +, fetchFromGitHub +, pytest-datafiles +, pytest-vcr +, pytestCheckHook +, python-box +, requests +}: + +buildPythonPackage rec { + pname = "restfly"; + version = "1.3.5"; + + src = fetchFromGitHub { + owner = "stevemcgrath"; + repo = pname; + rev = version; + sha256 = "0cq07wj6g3kg7i4qyjp3n3pv13k9p4p43rd6kn139wsn1mh8fr56"; + }; + + propagatedBuildInputs = [ + requests + arrow + python-box + ]; + + checkInputs = [ + pytest-datafiles + pytest-vcr + pytestCheckHook + ]; + + pythonImportsCheck = [ "restfly" ]; + + meta = with lib; { + description = "Python RESTfly API Library Framework"; + homepage = "https://github.com/stevemcgrath/restfly"; + license = with licenses; [ mit ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/development/tools/jq/default.nix b/pkgs/development/tools/jq/default.nix index ad4304fc6e1f..39819db47def 100644 --- a/pkgs/development/tools/jq/default.nix +++ b/pkgs/development/tools/jq/default.nix @@ -1,26 +1,52 @@ -{ lib, stdenv, nixosTests, fetchurl, oniguruma }: +{ lib, stdenv, fetchpatch, fetchFromGitHub, autoreconfHook +, onigurumaSupport ? true, oniguruma }: stdenv.mkDerivation rec { pname = "jq"; version = "1.6"; - src = fetchurl { - url = - "https://github.com/stedolan/jq/releases/download/jq-${version}/jq-${version}.tar.gz"; - sha256 = "0wmapfskhzfwranf6515nzmm84r7kwljgfs7dg6bjgxakbicis2x"; + src = fetchFromGitHub { + owner = "stedolan"; + repo = "jq"; + rev = "${pname}-${version}"; + hash = "sha256-CIE8vumQPGK+TFAncmpBijANpFALLTadOvkob0gVzro"; }; + patches = [ + (fetchpatch { + name = "fix-tests-when-building-without-regex-supports.patch"; + url = "https://github.com/stedolan/jq/pull/2292/commits/f6a69a6e52b68a92b816a28eb20719a3d0cb51ae.patch"; + sha256 = "pTM5FZ6hFs5Rdx+W2dICSS2lcoLY1Q//Lan3Hu8Gr58="; + }) + ]; + outputs = [ "bin" "doc" "man" "dev" "lib" "out" ]; - buildInputs = [ oniguruma ]; + # Upstream script that writes the version that's eventually compiled + # and printed in `jq --help` relies on a .git directory which our src + # doesn't keep. + preConfigure = '' + echo "#!/bin/sh" > scripts/version + echo "echo ${version}" >> scripts/version + patchShebangs scripts/version + ''; + + # paranoid mode: make sure we never use vendored version of oniguruma + # Note: it must be run after automake, or automake will complain + preBuild = '' + rm -r ./modules/oniguruma + ''; + + buildInputs = lib.optionals onigurumaSupport [ oniguruma ]; + nativeBuildInputs = [ autoreconfHook ]; configureFlags = [ "--bindir=\${bin}/bin" "--sbindir=\${bin}/bin" "--datadir=\${doc}/share" "--mandir=\${man}/share/man" - ] - # jq is linked to libjq: + ] ++ lib.optional (!onigurumaSupport) "--with-oniguruma=no" + # jq is linked to libjq: ++ lib.optional (!stdenv.isDarwin) "LDFLAGS=-Wl,-rpath,\\\${libdir}"; doInstallCheck = true; @@ -31,6 +57,8 @@ stdenv.mkDerivation rec { $bin/bin/jq -r '.values[1]' <<< '{"values":["hello","world"]}' | grep '^world$' > /dev/null ''; + passthru = { inherit onigurumaSupport; }; + meta = with lib; { description = "A lightweight and flexible command-line JSON processor"; license = licenses.mit; diff --git a/pkgs/development/tools/misc/pahole/default.nix b/pkgs/development/tools/misc/pahole/default.nix index c39ef5e00516..86e1dac021c2 100644 --- a/pkgs/development/tools/misc/pahole/default.nix +++ b/pkgs/development/tools/misc/pahole/default.nix @@ -2,11 +2,12 @@ stdenv.mkDerivation rec { pname = "pahole"; - version = "1.17"; + version = "1.20"; src = fetchgit { url = "https://git.kernel.org/pub/scm/devel/pahole/pahole.git"; rev = "v${version}"; - sha256 = "13dxsmhpf9n2wqggf4gd6f12rm0vhv0q96jd50gkvaxzzvgpzzbc"; + sha256 = "11q9dpfi4qj2v8z0nlf8c0079mlv10ljhh0d1yr0j4ds3saacd15"; + fetchSubmodules = true; }; nativeBuildInputs = [ cmake ]; @@ -18,7 +19,7 @@ stdenv.mkDerivation rec { meta = with lib; { homepage = "https://git.kernel.org/cgit/devel/pahole/pahole.git/"; description = "Pahole and other DWARF utils"; - license = licenses.gpl2; + license = licenses.gpl2Only; platforms = platforms.linux; maintainers = [ maintainers.bosu ]; diff --git a/pkgs/development/web/nodejs/v12.nix b/pkgs/development/web/nodejs/v12.nix index 08b8025f9bc1..fc9a170dd90d 100644 --- a/pkgs/development/web/nodejs/v12.nix +++ b/pkgs/development/web/nodejs/v12.nix @@ -8,7 +8,7 @@ let in buildNodejs { inherit enableNpm; - version = "12.21.0"; - sha256 = "17cp3sv6smpig5xq0z3xgnqdii6k8lm4n5d1nl9vasgmwsn3fbq5"; + version = "12.22.0"; + sha256 = "08xsc1pw6352v5lz92ppfhrcmqnbm6m5wmjfs9frz26lp875yp6z"; patches = lib.optional stdenv.isDarwin ./bypass-xcodebuild.diff; } diff --git a/pkgs/games/unciv/default.nix b/pkgs/games/unciv/default.nix index 35397e262ea7..5e4b262c878f 100644 --- a/pkgs/games/unciv/default.nix +++ b/pkgs/games/unciv/default.nix @@ -25,11 +25,11 @@ let in stdenv.mkDerivation rec { pname = "unciv"; - version = "3.13.11"; + version = "3.13.11-patch2"; src = fetchurl { url = "https://github.com/yairm210/Unciv/releases/download/${version}/Unciv.jar"; - sha256 = "sha256-U0kTkdcEC1cu+UFmQmgadNn1bIZ5Rq4+bBqjFU3c4+M="; + sha256 = "sha256-UN/M1G36nYy1mhKz0xA3/oZ8hWrkyeXWm9dMxL9PSDo="; }; dontUnpack = true; diff --git a/pkgs/servers/sql/postgresql/ext/timescaledb.nix b/pkgs/servers/sql/postgresql/ext/timescaledb.nix index 69e140058f00..505aff666781 100644 --- a/pkgs/servers/sql/postgresql/ext/timescaledb.nix +++ b/pkgs/servers/sql/postgresql/ext/timescaledb.nix @@ -8,7 +8,7 @@ stdenv.mkDerivation rec { pname = "timescaledb"; - version = "2.1.0"; + version = "2.1.1"; nativeBuildInputs = [ cmake ]; buildInputs = [ postgresql openssl ]; @@ -17,7 +17,7 @@ stdenv.mkDerivation rec { owner = "timescale"; repo = "timescaledb"; rev = "refs/tags/${version}"; - sha256 = "03bsvf5iwgiwxq4p1pxri795n3qm70gvd1sz9p0dxixxsjl34vxf"; + sha256 = "0mjqy0d60l62vqqbrayj6270173501i6aqgnkczywrqyzqw8522l"; }; # -DWARNINGS_AS_ERRORS=OFF to be removed once https://github.com/timescale/timescaledb/issues/2770 is fixed in upstream diff --git a/pkgs/tools/admin/awscli/default.nix b/pkgs/tools/admin/awscli/default.nix index 173bf1329563..ff244501516b 100644 --- a/pkgs/tools/admin/awscli/default.nix +++ b/pkgs/tools/admin/awscli/default.nix @@ -7,13 +7,6 @@ let py = python3.override { packageOverrides = self: super: { - rsa = super.rsa.overridePythonAttrs (oldAttrs: rec { - version = "3.4.2"; - src = oldAttrs.src.override { - inherit version; - sha256 = "25df4e10c263fb88b5ace923dd84bf9aa7f5019687b5e55382ffcdb8bede9db5"; - }; - }); # TODO: https://github.com/aws/aws-cli/pull/5712 colorama = super.colorama.overridePythonAttrs (oldAttrs: rec { version = "0.4.3"; @@ -28,11 +21,11 @@ let in with py.pkgs; buildPythonApplication rec { pname = "awscli"; - version = "1.19.39"; # N.B: if you change this, change botocore and boto3 to a matching version too + version = "1.19.40"; # N.B: if you change this, change botocore and boto3 to a matching version too src = fetchPypi { inherit pname version; - sha256 = "sha256-qX8ThQwvwc5wGud5Q4KqO24kGdqvi3oK7K71O5aeJeQ="; + sha256 = "sha256-J1IuTA/DrBCDclRA3cjAU71Um4Eygjgo+rMTyvT/my4="; }; # https://github.com/aws/aws-cli/issues/4837 diff --git a/pkgs/tools/networking/shadowsocks-rust/default.nix b/pkgs/tools/networking/shadowsocks-rust/default.nix index 27b8197f4c42..54c5701b8eca 100644 --- a/pkgs/tools/networking/shadowsocks-rust/default.nix +++ b/pkgs/tools/networking/shadowsocks-rust/default.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "shadowsocks-rust"; - version = "1.9.2"; + version = "1.10.2"; src = fetchFromGitHub { rev = "v${version}"; owner = "shadowsocks"; repo = pname; - sha256 = "1mqxfw21ilcy0gc2jrn5f385y3g9inabp9fjc39m5ydljja4g5b9"; + sha256 = "155v63v0wf0ky5nl2f1dvky8n9pdk40l1lqyz8l1i1kjcvvcmj26"; }; - cargoSha256 = "1ja2hcsa2wa0zmblz4ps35jcx1y29j469lf4i9a7sw0kgh3xp1ha"; + cargoSha256 = "1vb6kis54g4lfc9d0h1961dclaqhq019iw509ydcsa1n7bp25caq"; RUSTC_BOOTSTRAP = 1; diff --git a/pkgs/tools/security/rekor/default.nix b/pkgs/tools/security/rekor/default.nix new file mode 100644 index 000000000000..b260d46f934f --- /dev/null +++ b/pkgs/tools/security/rekor/default.nix @@ -0,0 +1,51 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +let + generic = { pname, subPackages, description, postInstall }: + buildGoModule rec { + inherit pname; + version = "0.1.1"; + + src = fetchFromGitHub { + owner = "sigstore"; + repo = "rekor"; + rev = "v${version}"; + sha256 = "1hvkfvc747g5r4h8vb1d8ikqxmlyxsycnlh78agmmjpxlasspmbk"; + }; + + vendorSha256 = "0vdir9ia3hv27rkm6jnvhsfc3mxw36xfvwqnfd34rgzmzcfxlrbv"; + + inherit subPackages postInstall; + + meta = with lib; { + inherit description; + homepage = "https://github.com/sigstore/rekor"; + changelog = "https://github.com/sigstore/rekor/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ lesuisse ]; + }; + }; +in { + rekor-cli = generic { + pname = "rekor-cli"; + subPackages = [ "cmd/cli" ]; + # Will not be needed with the next version, the package as been renamed upstream + postInstall = '' + if [ -f "$out/bin/cli" ]; then + mv "$out/bin/cli" "$out/bin/rekor-client" + fi + ''; + description = "CLI client for Sigstore, the Signature Transparency Log"; + }; + rekor-server = generic { + pname = "rekor-server"; + subPackages = [ "cmd/server" ]; + # Will not be needed with the next version, the package as been renamed upstream + postInstall = '' + if [ -f "$out/bin/server" ]; then + mv "$out/bin/server" "$out/bin/rekor-server" + fi + ''; + description = "Sigstore server, the Signature Transparency Log"; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 397047368e32..889dd1c88014 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7701,6 +7701,10 @@ in retext = libsForQt5.callPackage ../applications/editors/retext { }; + inherit (callPackage ../tools/security/rekor { }) + rekor-cli + rekor-server; + richgo = callPackage ../development/tools/richgo { }; rs = callPackage ../tools/text/rs { }; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 301521e3735a..37dd1582197d 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -6396,6 +6396,8 @@ in { pyte = callPackage ../development/python-modules/pyte { }; + pytenable = callPackage ../development/python-modules/pytenable { }; + pytelegrambotapi = callPackage ../development/python-modules/pyTelegramBotAPI { }; pytesseract = callPackage ../development/python-modules/pytesseract { }; @@ -6639,6 +6641,8 @@ in { python-binance = callPackage ../development/python-modules/python-binance { }; + python-box = callPackage ../development/python-modules/python-box { }; + python-constraint = callPackage ../development/python-modules/python-constraint { }; python-crontab = callPackage ../development/python-modules/python-crontab { }; @@ -7212,6 +7216,8 @@ in { requests_oauthlib = callPackage ../development/python-modules/requests-oauthlib { }; + requests-pkcs12 = callPackage ../development/python-modules/requests-pkcs12 { }; + requests-toolbelt = callPackage ../development/python-modules/requests-toolbelt { }; requests_toolbelt = self.requests-toolbelt; # Old attr, 2017-09-26 @@ -7226,6 +7232,8 @@ in { respx = callPackage ../development/python-modules/respx { }; + restfly = callPackage ../development/python-modules/restfly { }; + restrictedpython = callPackage ../development/python-modules/restrictedpython { }; restructuredtext_lint = callPackage ../development/python-modules/restructuredtext_lint { };