diff --git a/nixos/modules/config/i18n.nix b/nixos/modules/config/i18n.nix index 5b8d5b214496b..ad20312d89e1e 100644 --- a/nixos/modules/config/i18n.nix +++ b/nixos/modules/config/i18n.nix @@ -10,12 +10,12 @@ with lib; i18n = { glibcLocales = mkOption { type = types.path; - default = pkgs.buildPackages.glibcLocales.override { + default = pkgs.glibcLocales.override { allLocales = any (x: x == "all") config.i18n.supportedLocales; locales = config.i18n.supportedLocales; }; defaultText = literalExpression '' - pkgs.buildPackages.glibcLocales.override { + pkgs.glibcLocales.override { allLocales = any (x: x == "all") config.i18n.supportedLocales; locales = config.i18n.supportedLocales; } diff --git a/nixos/modules/services/desktops/pipewire/daemon/minimal.conf.json b/nixos/modules/services/desktops/pipewire/daemon/minimal.conf.json index c7f58fd5799ad..0f1ebe5749c67 100644 --- a/nixos/modules/services/desktops/pipewire/daemon/minimal.conf.json +++ b/nixos/modules/services/desktops/pipewire/daemon/minimal.conf.json @@ -91,6 +91,7 @@ "adapter.auto-port-config": { "mode": "dsp", "monitor": false, + "control": false, "position": "unknown" } } @@ -109,6 +110,7 @@ "adapter.auto-port-config": { "mode": "dsp", "monitor": false, + "control": false, "position": "unknown" } } diff --git a/pkgs/development/compilers/rust/rustc.nix b/pkgs/development/compilers/rust/rustc.nix index a996f987bed66..cda9330daea2d 100644 --- a/pkgs/development/compilers/rust/rustc.nix +++ b/pkgs/development/compilers/rust/rustc.nix @@ -129,6 +129,10 @@ in stdenv.mkDerivation rec { # Useful debugging parameter # export VERBOSE=1 + '' + lib.optionalString (stdenv.isDarwin && stdenv.isx86_64) '' + # See https://github.com/jemalloc/jemalloc/issues/1997 + # Using a value of 48 should work on both emulated and native x86_64-darwin. + export JEMALLOC_SYS_WITH_LG_VADDR=48 ''; # rustc unfortunately needs cmake to compile llvm-rt but doesn't diff --git a/pkgs/development/libraries/glibc/locales.nix b/pkgs/development/libraries/glibc/locales.nix index bada8b3f31f7c..d2cf0f89cb070 100644 --- a/pkgs/development/libraries/glibc/locales.nix +++ b/pkgs/development/libraries/glibc/locales.nix @@ -19,19 +19,26 @@ callPackage ./common.nix { inherit stdenv; } { extraNativeBuildInputs = [ glibc ]; - # Awful hack: `localedef' doesn't allow the path to `locale-archive' - # to be overriden, but you *can* specify a prefix, i.e. it will use - # //lib/locale/locale-archive. So we use - # $TMPDIR as a prefix, meaning that the locale-archive is placed in - # $TMPDIR/nix/store/...-glibc-.../lib/locale/locale-archive. - buildPhase = - '' + LOCALEDEF_FLAGS = [ + (if stdenv.hostPlatform.isLittleEndian + then "--little-endian" + else "--big-endian") + ]; + + buildPhase = '' + # Awful hack: `localedef' doesn't allow the path to `locale-archive' + # to be overriden, but you *can* specify a prefix, i.e. it will use + # //lib/locale/locale-archive. So we use + # $TMPDIR as a prefix, meaning that the locale-archive is placed in + # $TMPDIR/nix/store/...-glibc-.../lib/locale/locale-archive. + LOCALEDEF_FLAGS+=" --prefix=$TMPDIR" + mkdir -p $TMPDIR/"${buildPackages.glibc.out}/lib/locale" echo 'C.UTF-8/UTF-8 \' >> ../glibc-2*/localedata/SUPPORTED # Hack to allow building of the locales (needed since glibc-2.12) - sed -i -e 's,^$(rtld-prefix) $(common-objpfx)locale/localedef,localedef --prefix='$TMPDIR',' ../glibc-2*/localedata/Makefile + sed -i -e 's,^$(rtld-prefix) $(common-objpfx)locale/localedef,localedef $(LOCALEDEF_FLAGS),' ../glibc-2*/localedata/Makefile '' + lib.optionalString (!allLocales) '' # Check that all locales to be built are supported diff --git a/pkgs/development/libraries/jemalloc/default.nix b/pkgs/development/libraries/jemalloc/default.nix index 8ed9219fb7b49..c355b9f9004fb 100644 --- a/pkgs/development/libraries/jemalloc/default.nix +++ b/pkgs/development/libraries/jemalloc/default.nix @@ -39,6 +39,9 @@ stdenv.mkDerivation rec { "--disable-thp" "je_cv_thp=no" ] + # See https://github.com/jemalloc/jemalloc/issues/1997 + # Using a value of 48 should work on both emulated and native x86_64-darwin. + ++ lib.optional (stdenv.isDarwin && stdenv.isx86_64) "--with-lg-vaddr=48" ; doCheck = true; diff --git a/pkgs/development/libraries/libcamera/default.nix b/pkgs/development/libraries/libcamera/default.nix index 37acf1fc8f03d..ab2095be8fcdb 100644 --- a/pkgs/development/libraries/libcamera/default.nix +++ b/pkgs/development/libraries/libcamera/default.nix @@ -5,11 +5,10 @@ , ninja , pkg-config , makeFontsConf -, boost -, gnutls , openssl , libdrm , libevent +, libyaml , lttng-ust , gst_all_1 , gtest @@ -22,12 +21,12 @@ stdenv.mkDerivation { pname = "libcamera"; - version = "unstable-2022-01-03"; + version = "unstable-2022-09-15"; src = fetchgit { url = "https://git.libcamera.org/libcamera/libcamera.git"; - rev = "1db1e31e664c1f613dc964d8519fe75d67b154b6"; - hash = "sha256-pXYPIU9xDWA870Gp1Jgizi5xnUHRvTqEq/ofFXdVZdg="; + rev = "74ab3f778c848b20cbf8fe299170756ff6ebab1a"; + hash = "sha256-w0I4L6xXTBUdqj30LpVW/KZW6bdoUeoW9lnMOW0OLJY="; }; postPatch = '' @@ -38,8 +37,7 @@ stdenv.mkDerivation { buildInputs = [ # IPA and signing - gnutls - boost + openssl # gstreamer integration gst_all_1.gstreamer @@ -55,6 +53,9 @@ stdenv.mkDerivation { # lttng tracing lttng-ust + # yamlparser + libyaml + gtest ]; diff --git a/pkgs/development/libraries/nss/esr.nix b/pkgs/development/libraries/nss/esr.nix index a789f0306d327..b4a566030d071 100644 --- a/pkgs/development/libraries/nss/esr.nix +++ b/pkgs/development/libraries/nss/esr.nix @@ -1,4 +1,4 @@ import ./generic.nix { - version = "3.68.4"; - hash = "sha256-K5/T9aG0nzs7KdEgAmdPcEgRViV1b7R3KELsfDm+Fgs="; + version = "3.79.1"; + hash = "sha256-NwxS5niE0dnCG5d+lzPcwYzIR2WmsgGBT77VDCbfThQ="; } diff --git a/pkgs/development/libraries/pipewire/default.nix b/pkgs/development/libraries/pipewire/default.nix index 3d6fcb9f391ce..1019ca1155e4e 100644 --- a/pkgs/development/libraries/pipewire/default.nix +++ b/pkgs/development/libraries/pipewire/default.nix @@ -6,7 +6,9 @@ , python3 , meson , ninja +, eudev , systemd +, enableSystemd ? true , pkg-config , docutils , doxygen @@ -44,6 +46,7 @@ , libfreeaptx , ldacbt , fdk_aac +, libopus , nativeHspSupport ? true , nativeHfpSupport ? true , ofonoSupport ? true @@ -67,7 +70,7 @@ let self = stdenv.mkDerivation rec { pname = "pipewire"; - version = "0.3.51"; + version = "0.3.58"; outputs = [ "out" @@ -85,7 +88,7 @@ let owner = "pipewire"; repo = "pipewire"; rev = version; - sha256 = "sha256-k5OdKgkQUaelvrGS4KtO0MtSJg6cF2Nf8RrsR8Kf+C8="; + sha256 = "sha256-r8sDXyXwtA2o2xqglOI8XflttSScrqJ57cj1//k2tZ8="; }; patches = [ @@ -127,11 +130,11 @@ let vulkan-headers vulkan-loader webrtc-audio-processing - systemd - ] ++ lib.optionals gstreamerSupport [ gst_all_1.gst-plugins-base gst_all_1.gstreamer ] + ] ++ (if enableSystemd then [ systemd ] else [ eudev ]) + ++ lib.optionals gstreamerSupport [ gst_all_1.gst-plugins-base gst_all_1.gstreamer ] ++ lib.optionals libcameraSupport [ libcamera libdrm ] ++ lib.optional ffmpegSupport ffmpeg - ++ lib.optionals bluezSupport [ bluez libfreeaptx ldacbt sbc fdk_aac ] + ++ lib.optionals bluezSupport [ bluez libfreeaptx ldacbt sbc fdk_aac libopus ] ++ lib.optional pulseTunnelSupport libpulseaudio ++ lib.optional zeroconfSupport avahi ++ lib.optional raopSupport openssl @@ -148,18 +151,22 @@ let "-Dinstalled_test_prefix=${placeholder "installedTests"}" "-Dpipewire_pulse_prefix=${placeholder "pulse"}" "-Dlibjack-path=${placeholder "jack"}/lib" + "-Dlibv4l2-path=${placeholder "out"}/lib" "-Dlibcamera=${mesonEnableFeature libcameraSupport}" "-Droc=${mesonEnableFeature rocSupport}" "-Dlibpulse=${mesonEnableFeature pulseTunnelSupport}" "-Davahi=${mesonEnableFeature zeroconfSupport}" "-Dgstreamer=${mesonEnableFeature gstreamerSupport}" - "-Dsystemd-system-service=enabled" + "-Dsystemd-system-service=${mesonEnableFeature enableSystemd}" + "-Dudev=${mesonEnableFeature (!enableSystemd)}" + "-Dudevrulesdir=${placeholder "out"}/lib/udev/rules.d" "-Dffmpeg=${mesonEnableFeature ffmpegSupport}" "-Dbluez5=${mesonEnableFeature bluezSupport}" "-Dbluez5-backend-hsp-native=${mesonEnableFeature nativeHspSupport}" "-Dbluez5-backend-hfp-native=${mesonEnableFeature nativeHfpSupport}" "-Dbluez5-backend-ofono=${mesonEnableFeature ofonoSupport}" "-Dbluez5-backend-hsphfpd=${mesonEnableFeature hsphfpdSupport}" + "-Dbluez5-codec-lc3plus=disabled" "-Dsysconfdir=/etc" "-Dpipewire_confdata_dir=${placeholder "lib"}/share/pipewire" "-Draop=${mesonEnableFeature raopSupport}" @@ -193,8 +200,11 @@ let cp ${buildPackages.pipewire}/nix-support/*.json "$out/nix-support" ''} - moveToOutput "share/systemd/user/pipewire-pulse.*" "$pulse" - moveToOutput "lib/systemd/user/pipewire-pulse.*" "$pulse" + ${lib.optionalString enableSystemd '' + moveToOutput "share/systemd/user/pipewire-pulse.*" "$pulse" + moveToOutput "lib/systemd/user/pipewire-pulse.*" "$pulse" + ''} + moveToOutput "bin/pipewire-pulse" "$pulse" moveToOutput "bin/pw-jack" "$jack" diff --git a/pkgs/development/libraries/pipewire/wireplumber.nix b/pkgs/development/libraries/pipewire/wireplumber.nix index f7b26d2809ad0..bbed4caf3d31f 100644 --- a/pkgs/development/libraries/pipewire/wireplumber.nix +++ b/pkgs/development/libraries/pipewire/wireplumber.nix @@ -1,6 +1,7 @@ { lib , stdenv , fetchFromGitLab +, fetchpatch , nix-update-script , # base build deps meson @@ -26,7 +27,7 @@ let in stdenv.mkDerivation rec { pname = "wireplumber"; - version = "0.4.10"; + version = "0.4.11"; outputs = [ "out" "dev" ] ++ lib.optional enableDocs "doc"; @@ -35,9 +36,24 @@ stdenv.mkDerivation rec { owner = "pipewire"; repo = "wireplumber"; rev = version; - sha256 = "sha256-Z5Uqjw05SdEU9bGLuhdS+hDv7Fgqx4oW92k4AG1p3Ug="; + sha256 = "sha256-3NrzOsL0MekxMMXCFubEkazzSWFNsjUsX8n2ECcr7yY="; }; + patches = [ + # fix sound not working in VMs + # FIXME: drop in next release + (fetchpatch { + url = "https://gitlab.freedesktop.org/pipewire/wireplumber/-/commit/c16e637c329bc9dda8544b18f5bd47a8d63ee253.patch"; + sha256 = "sha256-xhhAlhOovwIjwAxXxvHRTG4GzpIPYvKQE2F4ZP1Udq8="; + }) + # fix bluetooth rescan loops + # FIXME: drop in next release + (fetchpatch { + url = "https://gitlab.freedesktop.org/pipewire/wireplumber/-/merge_requests/398.patch"; + sha256 = "sha256-rEp/3fjBRbkFuw4rBW6h8O5hcy/oBP3DW7bPu5rVfNY="; + }) + ]; + nativeBuildInputs = [ meson pkg-config diff --git a/pkgs/development/libraries/protobuf/3.19.nix b/pkgs/development/libraries/protobuf/3.19.nix index e47bb62e736ac..8e8674f150412 100644 --- a/pkgs/development/libraries/protobuf/3.19.nix +++ b/pkgs/development/libraries/protobuf/3.19.nix @@ -1,6 +1,6 @@ { callPackage, ... }: callPackage ./generic-v3.nix { - version = "3.19.4"; - sha256 = "sha256-mxQ8XonVgctfaNAyd3vqQHMLHVnkjBa9EObk47vxH24="; + version = "3.19.5"; + sha256 = "sha256-C5ZfPXHtUtNjPGS4tbswCwVH1gjd6A64KtIR16DgHzQ="; } diff --git a/pkgs/development/python-modules/django/3.nix b/pkgs/development/python-modules/django/3.nix index c5b9adcca3e90..ca279bf8ae5bc 100644 --- a/pkgs/development/python-modules/django/3.nix +++ b/pkgs/development/python-modules/django/3.nix @@ -13,14 +13,14 @@ buildPythonPackage rec { pname = "django"; - version = "3.2.15"; + version = "3.2.16"; disabled = pythonOlder "3.7"; src = fetchPypi { pname = "Django"; inherit version; - hash = "sha256-9xk0sagi8UqGyayWNAU2iSec0ErmnLat5KWUcbiGWCs="; + hash = "sha256-OtwoUSQkRySjlPqbmDnMjNEW+vfRWVVMQ+zaqM3wuU0="; }; patches = lib.optional withGdal diff --git a/pkgs/os-specific/linux/bpftrace/btf-dump-new-0.6.0.patch b/pkgs/os-specific/linux/bpftrace/btf-dump-new-0.6.0.patch deleted file mode 100644 index b5037192203c5..0000000000000 --- a/pkgs/os-specific/linux/bpftrace/btf-dump-new-0.6.0.patch +++ /dev/null @@ -1,39 +0,0 @@ -diff -ur source/src/btf.cpp new/src/btf.cpp ---- source/src/btf.cpp 1970-01-01 09:00:01.000000000 +0900 -+++ new/src/btf.cpp 2021-12-04 21:46:59.337023489 +0900 -@@ -225,7 +225,7 @@ - char err_buf[256]; - int err; - -- dump = btf_dump__new(btf, nullptr, &opts, dump_printf); -+ dump = btf_dump__new_deprecated(btf, nullptr, &opts, dump_printf); - err = libbpf_get_error(dump); - if (err) - { -@@ -496,7 +496,7 @@ - char err_buf[256]; - int err; - -- dump = btf_dump__new(btf, nullptr, &opts, dump_printf); -+ dump = btf_dump__new_deprecated(btf, nullptr, &opts, dump_printf); - err = libbpf_get_error(dump); - if (err) - { -@@ -554,7 +554,7 @@ - char err_buf[256]; - int err; - -- dump = btf_dump__new(btf, nullptr, &opts, dump_printf); -+ dump = btf_dump__new_deprecated(btf, nullptr, &opts, dump_printf); - err = libbpf_get_error(dump); - if (err) - { -@@ -648,7 +648,7 @@ - char err_buf[256]; - int err; - -- dump = btf_dump__new(btf, nullptr, &opts, dump_printf); -+ dump = btf_dump__new_deprecated(btf, nullptr, &opts, dump_printf); - err = libbpf_get_error(dump); - if (err) - { diff --git a/pkgs/os-specific/linux/bpftrace/default.nix b/pkgs/os-specific/linux/bpftrace/default.nix index 61bf6167c039b..5828ef2860c57 100644 --- a/pkgs/os-specific/linux/bpftrace/default.nix +++ b/pkgs/os-specific/linux/bpftrace/default.nix @@ -8,20 +8,15 @@ stdenv.mkDerivation rec { pname = "bpftrace"; - version = "0.14.1"; + version = "0.15.0"; src = fetchFromGitHub { owner = "iovisor"; repo = "bpftrace"; rev = "v${version}"; - sha256 = "sha256-QDqHAEVM/XHCFMS0jMLdKJfDUOpkUqONOf8+Fbd5dCY="; + sha256 = "sha256-9adZAKSn00W2yNwVDbVB1/O5Y+10c4EkVJGCHyd4Tgg="; }; - # libbpf 0.6.0 relies on typeof in bpf/btf.h to pick the right version of - # btf_dump__new() but that's not valid c++. - # see https://github.com/iovisor/bpftrace/issues/2068 - patches = [ ./btf-dump-new-0.6.0.patch ]; - buildInputs = with llvmPackages; [ llvm libclang elfutils bcc diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index e1d4cdb836485..ea6a420f787aa 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -41,6 +41,9 @@ let (whenBetween "5.2" "5.18" yes) ]; DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT = whenAtLeast "5.18" yes; + # Reduced debug info conflict with BTF and have been enabled in + # aarch64 defconfig since 5.13 + DEBUG_INFO_REDUCED = whenAtLeast "5.13" (option no); DEBUG_INFO_BTF = whenAtLeast "5.2" (option yes); # Allow loading modules with mismatched BTFs # FIXME: figure out how to actually make BTFs reproducible instead diff --git a/pkgs/os-specific/linux/libbpf/default.nix b/pkgs/os-specific/linux/libbpf/default.nix index cb2f4611fde06..2c15e3d49ee16 100644 --- a/pkgs/os-specific/linux/libbpf/default.nix +++ b/pkgs/os-specific/linux/libbpf/default.nix @@ -1,6 +1,5 @@ { fetchFromGitHub -, fetchpatch -, libelf +, elfutils , pkg-config , stdenv , zlib @@ -10,17 +9,17 @@ stdenv.mkDerivation rec { pname = "libbpf"; - version = "0.7.0"; + version = "0.8.1"; src = fetchFromGitHub { owner = "libbpf"; repo = "libbpf"; rev = "v${version}"; - sha256 = "sha256-NFVJ8JquWVzu+QoaaOMzhnu6/IqdP1FPhtJFidXA4L4="; + sha256 = "sha256-daVS+TErmDU8ksThOvcepg1A61iD8N8GIkC40cmc9/8="; }; nativeBuildInputs = [ pkg-config ]; - buildInputs = [ libelf zlib ]; + buildInputs = [ elfutils zlib ]; enableParallelBuilding = true; makeFlags = [ "PREFIX=$(out)" "-C src" ]; diff --git a/pkgs/tools/compression/gzip/default.nix b/pkgs/tools/compression/gzip/default.nix index bd28ca63e80a4..771188a98cd9f 100644 --- a/pkgs/tools/compression/gzip/default.nix +++ b/pkgs/tools/compression/gzip/default.nix @@ -24,7 +24,14 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ xz.bin ]; - makeFlags = [ "SHELL=/bin/sh" "GREP=grep" ]; + makeFlags = [ + "SHELL=/bin/sh" + "GREP=grep" + # gzip 1.12 doesn't build `zless` unless it can find `less`, but we + # can avoid having `less` as a build input if we just override these. + "ZLESS_MAN=zless.1" + "ZLESS_PROG=zless" + ]; # Many gzip executables are shell scripts that depend upon other gzip # executables being in $PATH. Rather than try to re-write all the diff --git a/pkgs/tools/networking/dnsmasq/default.nix b/pkgs/tools/networking/dnsmasq/default.nix index ba17f10e96c78..29827d205ea57 100644 --- a/pkgs/tools/networking/dnsmasq/default.nix +++ b/pkgs/tools/networking/dnsmasq/default.nix @@ -24,6 +24,15 @@ stdenv.mkDerivation rec { sha256 = "sha256-KNUs/J4gBKxPhSdPUrMuFke028l2G4Ln3h5BxJkH6wg="; }; + patches = [ + (fetchpatch { + name = "CVE-2022-0934.patch"; + url = "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=patch;h=03345ecefeb0d82e3c3a4c28f27c3554f0611b39"; + excludes = [ "CHANGELOG" ]; + sha256 = "sha256-cordOsHQB3g3kEIUYaGastZ2fGKJsJSl+6+AErVdHr0="; + }) + ]; + postPatch = lib.optionalString stdenv.hostPlatform.isLinux '' sed '1i#include ' -i src/dhcp.c '';