Merge staging-next into staging

maintainers/maintainer-list.nix

@@ -2933,7 +2933,7 @@
     name = "David Rusu";
   };
   davidtwco = {
-    email = "nix@david.davidtw.co";
+    email = "david@davidtw.co";
     github = "davidtwco";
     githubId = 1295100;
     name = "David Wood";

nixos/modules/installer/cd-dvd/installation-cd-graphical-calamares-gnome.nix

@@ -18,7 +18,8 @@
     extraGSettingsOverrides = ''
       [org.gnome.shell]
       welcome-dialog-last-shown-version='9999999999'
-
+      [org.gnome.desktop.session]
+      idle-delay=0
       [org.gnome.settings-daemon.plugins.power]
       sleep-inactive-ac-type='nothing'
       sleep-inactive-battery-type='nothing'

pkgs/applications/audio/vcv-rack/default.nix

@@ -1,50 +1,107 @@
-{ lib, stdenv, makeWrapper, fetchzip, fetchFromGitHub, pkg-config
-, alsa-lib, curl, glew, glfw, gtk2-x11, jansson, libjack2, libXext, libXi
-, libzip, rtaudio, rtmidi, speex, libsamplerate }:
+{ alsa-lib
+, copyDesktopItems
+, curl
+, fetchFromBitbucket
+, fetchFromGitHub
+, fetchzip
+, ghc_filesystem
+, glew
+, glfw
+, gnome
+, gtk3-x11
+, imagemagick
+, jansson
+, jq
+, lib
+, libarchive
+, libicns
+, libjack2
+, libpulseaudio
+, libsamplerate
+, libXext
+, libXi
+, makeDesktopItem
+, makeWrapper
+, pkg-config
+, rtaudio
+, rtmidi
+, speex
+, stdenv
+, wrapGAppsHook
+, zstd
+}:
 
 let
   # The package repo vendors some of the package dependencies as submodules.
-  # Others are downloaded with `make deps`. Due to previous issues with the
-  # `glfw` submodule (see above) and because we can not access the network when
-  # building in a sandbox, we fetch the dependency source manually.
-  pfft-source = fetchzip {
-    url = "https://vcvrack.com/downloads/dep/pffft.zip";
-    sha256 = "084csgqa6f1a270bhybjayrh3mpyi2jimc87qkdgsqcp8ycsx1l1";
+  # Unfortunately, they are not pinned, so we have no guarantee that they
+  # will be stable, and therefore, we can't use them directly. Instead
+  # we'll have to fetch them separately ourselves.
+  pffft-source = fetchFromBitbucket {
+    owner = "jpommier";
+    repo = "pffft";
+    rev = "988259a41d1522047a9420e6265a6ba8289c1654";
+    sha256 = "Oq5N02UNXsbhcPUfjMtD0cgqAZsGx9ke9A+ArrenzGE=";
+  };
+  fuzzysearchdatabase-source = fetchFromBitbucket {
+    owner = "j_norberg";
+    repo = "fuzzysearchdatabase";
+    rev = "fe62479811e503ef3c091f5a859d27bfcf0a44da";
+    sha256 = "zgeUzuuInHPeveBIjlivRGIz+NSb7cW/9hMndxm6qOA=";
   };
   nanovg-source = fetchFromGitHub {
-    owner = "memononen";
+    owner = "VCVRack";
     repo = "nanovg";
-    rev = "1f9c8864fc556a1be4d4bf1d6bfe20cde25734b4";
-    sha256 = "08r15zrr6p1kxigxzxrg5rgya7wwbdx7d078r362qbkmws83wk27";
+    rev = "0bebdb314aff9cfa28fde4744bcb037a2b3fd756";
+    sha256 = "HmQhCE/zIKc3f+Zld229s5i5MWzRrBMF9gYrn8JVQzg=";
   };
   nanosvg-source = fetchFromGitHub {
     owner = "memononen";
     repo = "nanosvg";
-    rev = "25241c5a8f8451d41ab1b02ab2d865b01600d949";
-    sha256 = "114qgfmazsdl53rm4pgqif3gv8msdmfwi91lyc2jfadgzfd83xkg";
+    rev = "ccdb1995134d340a93fb20e3a3d323ccb3838dd0";
+    sha256 = "ymziU0NgGqxPOKHwGm0QyEdK/8jL/QYk5UdIQ3Tn8jw=";
   };
   osdialog-source = fetchFromGitHub {
     owner = "AndrewBelt";
     repo = "osdialog";
-    rev = "e5db5de6444f4b2c4e1390c67b3efd718080c3da";
-    sha256 = "0iqxn1md053nl19hbjk8rqsdcmjwa5l5z0ci4fara77q43rc323i";
+    rev = "21b9dcc2a1bbdacb9b46da477ffd82a4ce9204b9";
+    sha256 = "+4VCBuQvfiuEUdjFu3IB2FwbHFrDJXTb4vcVg6ZFwSM=";
   };
   oui-blendish-source = fetchFromGitHub {
     owner = "AndrewBelt";
     repo = "oui-blendish";
-    rev = "79ec59e6bc7201017fc13a20c6e33380adca1660";
-    sha256 = "17kd0lh2x3x12bxkyhq6z8sg6vxln8m9qirf0basvcsmylr6rb64";
+    rev = "2fc6405883f8451944ed080547d073c8f9f31898";
+    sha256 = "/QZFZuI5kSsEvSfMJlcqB1HiZ9Vcf3vqLqWIMEgxQK8=";
+  };
+  fundamental-source = fetchFromGitHub {
+    owner = "VCVRack";
+    repo = "Fundamental";
+    rev = "533397cdcad5c6401ebd3937d6c1663de2473627"; # tip of branch v2
+    sha256 = "QnwOgrYxiCa/7t/u6F63Ks8C9E8k6T+hia4JZFhp1LI=";
   };
 in
-with lib; stdenv.mkDerivation rec {
+stdenv.mkDerivation rec {
   pname = "VCV-Rack";
-  version = "1.1.6";
+  version = "2.0.6";
+
+  desktopItems = [
+    (makeDesktopItem {
+      type = "Application";
+      name = pname;
+      desktopName = "VCV Rack";
+      genericName = "Eurorack simulator";
+      comment = "Create music by patching together virtual synthesizer modules";
+      exec = "Rack";
+      icon = "Rack";
+      categories = [ "AudioVideo" "AudioVideoEditing" "Audio" ];
+      keywords = [ "music" ];
+    })
+  ];
 
   src = fetchFromGitHub {
     owner = "VCVRack";
     repo = "Rack";
     rev = "v${version}";
-    sha256 = "0ji64prr74qzxf5bx1sw022kbslx9nzll16lmk5in78hbl137b3i";
+    sha256 = "vvGx8tnE7gMiboVUTywIzBB1q/IfiJ8TPnSHvmfHUQg=";
   };
 
   patches = [
@@ -56,46 +113,101 @@ with lib; stdenv.mkDerivation rec {
     # above), we do it here manually
     mkdir -p dep/include
 
-    cp -r ${pfft-source} dep/jpommier-pffft-source
+    cp -r ${pffft-source}/* dep/pffft
+    cp -r ${fuzzysearchdatabase-source}/* dep/fuzzysearchdatabase
     cp -r ${nanovg-source}/* dep/nanovg
     cp -r ${nanosvg-source}/* dep/nanosvg
     cp -r ${osdialog-source}/* dep/osdialog
     cp -r ${oui-blendish-source}/* dep/oui-blendish
 
-    cp dep/jpommier-pffft-source/*.h dep/include
+    cp dep/pffft/*.h dep/include
+    cp dep/fuzzysearchdatabase/src/*.hpp dep/include
     cp dep/nanosvg/**/*.h dep/include
     cp dep/nanovg/src/*.h dep/include
     cp dep/osdialog/*.h dep/include
     cp dep/oui-blendish/*.h dep/include
 
-    substituteInPlace include/audio.hpp --replace "<RtAudio.h>" "<rtaudio/RtAudio.h>"
-    substituteInPlace compile.mk --replace "-march=nocona" ""
+    # Build and dist the Fundamental plugins
+    cp -r ${fundamental-source} plugins/Fundamental/
+    chmod -R +rw plugins/Fundamental # will be used as build dir
+    substituteInPlace plugin.mk --replace ":= all" ":= dist"
+
+    # Fix reference to zenity
+    substituteInPlace dep/osdialog/osdialog_zenity.c \
+      --replace 'zenityBin[] = "zenity"' 'zenityBin[] = "${gnome.zenity}/bin/zenity"'
   '';
 
   enableParallelBuilding = true;
 
-  nativeBuildInputs = [ makeWrapper pkg-config ];
-  buildInputs = [ alsa-lib curl glew glfw gtk2-x11 jansson libjack2 libsamplerate libzip rtaudio rtmidi speex ];
+  nativeBuildInputs = [
+    copyDesktopItems
+    imagemagick
+    jq
+    libicns
+    makeWrapper
+    pkg-config
+    wrapGAppsHook
+  ];
+  buildInputs = [
+    alsa-lib
+    curl
+    ghc_filesystem
+    glew
+    glfw
+    gnome.zenity
+    gtk3-x11
+    jansson
+    libarchive
+    libjack2
+    libpulseaudio
+    libsamplerate
+    rtaudio
+    rtmidi
+    speex
+    zstd
+  ];
 
-  buildFlags = [ "Rack" ];
+  makeFlags = [ "all" "plugins" ];
 
   installPhase = ''
+    runHook preInstall
+
     install -D -m755 -t $out/bin Rack
+    install -D -m755 -t $out/lib libRack.so
 
     mkdir -p $out/share/vcv-rack
-    cp -r res Core.json template.vcv LICENSE* cacert.pem $out/share/vcv-rack
+    cp -r res cacert.pem Core.json template.vcv LICENSE-GPLv3.txt $out/share/vcv-rack
+    cp -r plugins/Fundamental/dist/Fundamental-*.vcvplugin $out/share/vcv-rack/Fundamental.vcvplugin
 
-    # Override the default global resource file directory
-    wrapProgram $out/bin/Rack --add-flags "-s $out/share/vcv-rack"
+    # Extract pngs from the Apple icon image and create
+    # the missing ones from the 1024x1024 image.
+    icns2png --extract icon.icns
+    for size in 16 24 32 48 64 128 256 512 1024; do
+      mkdir -pv $out/share/icons/hicolor/"$size"x"$size"/apps
+      if [ ! -e icon_"$size"x"$size"x32.png ] ; then
+        convert -resize "$size"x"$size" icon_1024x1024x32.png icon_"$size"x"$size"x32.png
+      fi
+      install -Dm644 icon_"$size"x"$size"x32.png $out/share/icons/hicolor/"$size"x"$size"/apps/Rack.png
+    done;
+
+    runHook postInstall
+  '';
+
+  dontWrapGApps = true;
+  postFixup = ''
+    # Wrap gApp and override the default global resource file directory
+    wrapProgram $out/bin/Rack \
+        "''${gappsWrapperArgs[@]}" \
+        --add-flags "-s $out/share/vcv-rack"
   '';
 
   meta = with lib; {
     description = "Open-source virtual modular synthesizer";
     homepage = "https://vcvrack.com/";
-    # The source is BSD-3 licensed, some of the art is CC-BY-NC 4.0 or under a
+    # The source is GPL3+ licensed, some of the art is CC-BY-NC 4.0 or under a
     # no-derivatives clause
-    license = with licenses; [ bsd3 cc-by-nc-40 unfreeRedistributable ];
-    maintainers = with maintainers; [ moredread nathyong ];
+    license = with licenses; [ gpl3Plus cc-by-nc-40 unfreeRedistributable ];
+    maintainers = with maintainers; [ nathyong jpotier ddelabru ];
     platforms = platforms.linux;
   };
 }

pkgs/applications/audio/vcv-rack/rack-minimize-vendoring.patch

@@ -1,13 +1,12 @@
 diff -ru a/Makefile b/Makefile
---- a/Makefile	1970-01-01 01:00:01.000000000 +0100
-+++ b/Makefile	1970-01-01 01:00:01.000000000 +0100
-@@ -21,8 +21,8 @@
- build/dep/osdialog/osdialog_gtk2.c.o: FLAGS += $(shell pkg-config --cflags gtk+-2.0)
+--- a/Makefile 1970-01-01 01:00:01.000000000 +0100
++++ b/Makefile 1970-01-01 01:00:01.000000000 +0100
+@@ -36,7 +36,7 @@ build/dep/osdialog/osdialog_gtk3.c.o: FLAGS += $(shell pkg-config --cflags gtk+-
  
- 	LDFLAGS += -rdynamic \
--		dep/lib/libGLEW.a dep/lib/libglfw3.a dep/lib/libjansson.a dep/lib/libcurl.a dep/lib/libssl.a dep/lib/libcrypto.a dep/lib/libzip.a dep/lib/libz.a dep/lib/libspeexdsp.a dep/lib/libsamplerate.a dep/lib/librtmidi.a dep/lib/librtaudio.a \
-+		-lGLEW -lglfw -ljansson -lcurl -lssl -lcrypto -lzip -lz -lspeexdsp -lsamplerate -lrtmidi -lrtaudio \
-		-lpthread -lGL -ldl -lX11 -lasound -ljack \
- 		$(shell pkg-config --libs gtk+-2.0)
- 	TARGET := Rack
- endif
+ 	LDFLAGS += -Wl,--whole-archive
+ 	LDFLAGS += -static-libstdc++ -static-libgcc
+-	LDFLAGS += dep/lib/libGLEW.a dep/lib/libglfw3.a dep/lib/libjansson.a dep/lib/libcurl.a dep/lib/libssl.a dep/lib/libcrypto.a dep/lib/libarchive.a dep/lib/libzstd.a dep/lib/libspeexdsp.a dep/lib/libsamplerate.a dep/lib/librtmidi.a dep/lib/librtaudio.a
++	LDFLAGS += -lGLEW -lglfw -ljansson -lcurl -lssl -lcrypto -larchive -lz -lspeexdsp -lsamplerate -lrtmidi -lrtaudio
+ 	LDFLAGS += -Wl,--no-whole-archive
+ 	LDFLAGS += -lpthread -lGL -ldl -lX11 -lasound -ljack -lpulse -lpulse-simple
+ 	LDFLAGS += $(shell pkg-config --libs gtk+-3.0)

pkgs/applications/networking/ipfs/default.nix

@@ -2,7 +2,7 @@
 
 buildGoModule rec {
   pname = "ipfs";
-  version = "0.12.2"; # When updating, also check if the repo version changed and adjust repoVersion below
+  version = "0.13.0"; # When updating, also check if the repo version changed and adjust repoVersion below
   rev = "v${version}";
 
   repoVersion = "12"; # Also update ipfs-migrator when changing the repo version
@@ -10,7 +10,7 @@ buildGoModule rec {
   # go-ipfs makes changes to it's source tarball that don't match the git source.
   src = fetchurl {
     url = "https://github.com/ipfs/go-ipfs/releases/download/${rev}/go-ipfs-source.tar.gz";
-    sha256 = "sha256-66NNLMSfeBHQh/QlnETB/ssra9CKbD+jtaJuX+14x00=";
+    sha256 = "sha256-eEIHsmtD3vF48RVFHEz28gkVv7u50pMBE8Z+oaM6pLM=";
   };
 
   # tarball contains multiple files/directories

pkgs/development/interpreters/dhall/build-dhall-url.nix

@@ -76,7 +76,8 @@ let
    sourceFile = "source.dhall";
 
 in
-  runCommand name { } (''
+  runCommand name { impureEnvVars = lib.fetchers.proxyImpureEnvVars; }
+ (''
     set -eu
 
     mkdir -p ${cacheDhall} $out/${cacheDhall}

pkgs/development/python-modules/fastcore/default.nix

@@ -8,7 +8,7 @@
 
 buildPythonPackage rec {
   pname = "fastcore";
-  version = "1.4.4";
+  version = "1.4.5";
   format = "setuptools";
 
   disabled = pythonOlder "3.8";
@@ -17,7 +17,7 @@ buildPythonPackage rec {
     owner = "fastai";
     repo = pname;
     rev = "refs/tags/${version}";
-    sha256 = "sha256-2lV96QOlXfQ8PjSW45u9ZyXpssDgLyiUgmIC0VLOGus=";
+    sha256 = "sha256-i/Xw9lyKEW7uiNIyqeIXzwdowIugsNraQBb4fKGaX9U=";
   };
 
   propagatedBuildInputs = [

pkgs/development/python-modules/gvm-tools/default.nix

@@ -10,7 +10,7 @@
 
 buildPythonPackage rec {
   pname = "gvm-tools";
-  version = "21.10.0";
+  version = "22.6.0";
   format = "pyproject";
 
   disabled = pythonOlder "3.7";
@@ -19,7 +19,7 @@ buildPythonPackage rec {
     owner = "greenbone";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-LGdbqkIKdmtUOGSoCme6oVG1aCbtASSxi9K9f3khafA=";
+    sha256 = "sha256-H97pVLhXdO56cFzNV2hzaAqax3zKyeBORPiLc7pllEo=";
   };
 
   nativeBuildInputs = [

pkgs/development/python-modules/hahomematic/default.nix

@@ -14,7 +14,7 @@
 
 buildPythonPackage rec {
   pname = "hahomematic";
-  version = "1.8.4";
+  version = "1.8.5";
   format = "pyproject";
 
   disabled = pythonOlder "3.9";
@@ -23,7 +23,7 @@ buildPythonPackage rec {
     owner = "danielperna84";
     repo = pname;
     rev = "refs/tags/${version}";
-    sha256 = "sha256-ZoHH96BliXDTO6+yVs+GFSAxG9wx32tHrr74zTVq1FI=";
+    sha256 = "sha256-hkfTFmiJAgVgbJ/0G61sq6k0+B5gCo7t51DCAESzGUQ=";
   };
 
   propagatedBuildInputs = [

pkgs/development/python-modules/peaqevcore/default.nix

@@ -6,14 +6,14 @@
 
 buildPythonPackage rec {
   pname = "peaqevcore";
-  version = "1.0.14";
+  version = "1.0.19";
   format = "setuptools";
 
   disabled = pythonOlder "3.7";
 
   src = fetchPypi {
     inherit pname version;
-    hash = "sha256-zHVi950iUultt66amL22d/7INglJtSOHvWCPUSaw5h4=";
+    hash = "sha256-c+DTawzDwrNmv9RGRa5hEw+cKLTo3BKx3hK8zHW7tWk=";
   };
 
   postPatch = ''

pkgs/development/python-modules/pytenable/default.nix

@@ -20,7 +20,7 @@
 
 buildPythonPackage rec {
   pname = "pytenable";
-  version = "1.4.6";
+  version = "1.4.7";
   format = "setuptools";
 
   disabled = pythonOlder "3.7";
@@ -28,8 +28,8 @@ buildPythonPackage rec {
   src = fetchFromGitHub {
     owner = "tenable";
     repo = "pyTenable";
-    rev = version;
-    hash = "sha256-0isXHh0b2l8Br4XXR1y8A+zu8vkJjEsJ6faNNEx12lM=";
+    rev = "refs/tags/${version}";
+    hash = "sha256-w6IM82nxv6rg3XbrHZfoN517usOOo/ly1GGgjnIdcEw=";
   };
 
   propagatedBuildInputs = [

pkgs/development/python-modules/scmrepo/default.nix

@@ -14,7 +14,7 @@
 
 buildPythonPackage rec {
   pname = "scmrepo";
-  version = "0.0.24";
+  version = "0.0.25";
   format = "pyproject";
 
   disabled = pythonOlder "3.7";
@@ -23,7 +23,7 @@ buildPythonPackage rec {
     owner = "iterative";
     repo = pname;
     rev = "refs/tags/${version}";
-    hash = "sha256-S1jeLls0do9sCqTWe8h8+8CO3oM160J97UmISUhTU/s=";
+    hash = "sha256-269vJNclTBWEqM9AJbF96R1I6Ru3q8YBd5A8Rmw7Jjo=";
   };
 
   propagatedBuildInputs = [

pkgs/development/python-modules/ssh-mitm/default.nix

@@ -17,7 +17,7 @@
 
 buildPythonPackage rec {
   pname = "ssh-mitm";
-  version = "2.0.4";
+  version = "2.0.5";
   format = "setuptools";
 
   disabled = pythonOlder "3.7";
@@ -26,7 +26,7 @@ buildPythonPackage rec {
     owner = pname;
     repo = pname;
     rev = "refs/tags/${version}";
-    hash = "sha256-F7+odIWiEy7Aea+Jnx5VuDv5PdMlvxX975QmlLQ5APE=";
+    hash = "sha256-zLVi+9XvNAfa3fB2GRdNnEPoDY2Wf3XkbQGOT0RNkdQ=";
   };
 
   propagatedBuildInputs = [

pkgs/development/python-modules/stripe/default.nix

@@ -7,14 +7,14 @@
 
 buildPythonPackage rec {
   pname = "stripe";
-  version = "3.3.0";
+  version = "3.4.0";
   format = "setuptools";
 
   disabled = pythonOlder "3.7";
 
   src = fetchPypi {
     inherit pname version;
-    hash = "sha256-2sYMEC+2eorJqhZWmwr9DWO5bGK+BkCIUZ4cZhs/Ofo=";
+    hash = "sha256-XcN979nWXgUwItq8tlnnNisFinr3QEfuWFGKKQenYfI=";
   };
 
   propagatedBuildInputs = [

pkgs/development/python-modules/svg-path/default.nix

@@ -8,14 +8,14 @@
 
 buildPythonPackage rec {
   pname = "svg.path";
-  version = "6.1";
+  version = "6.2";
   format = "setuptools";
 
   disabled = pythonOlder "3.7";
 
   src = fetchPypi {
     inherit pname version;
-    hash = "sha256-i0Rx37c2GwibZstC2pZBWO0A6aXKEVuKaaxPXcJHSj8=";
+    hash = "sha256-GiFZ+duJjfk8RjfP08yvfaH9Bz9Z+ppZUMc+RtSqGso=";
   };
 
   checkInputs = [

pkgs/development/python-modules/threat9-test-bed/default.nix

@@ -0,0 +1,65 @@
+{ lib
+, buildPythonPackage
+, click
+, faker
+, fetchFromGitHub
+, flask
+, gunicorn
+, pyopenssl
+, pytestCheckHook
+, pythonOlder
+, setuptools-scm
+, requests
+}:
+
+buildPythonPackage rec {
+  pname = "threat9-test-bed";
+  version = "0.6.0";
+  format = "setuptools";
+
+  disabled = pythonOlder "3.7";
+
+  src = fetchFromGitHub {
+    owner = "threat9";
+    repo = pname;
+    rev = "v${version}";
+    hash = "sha256-0YSjMf2gDdrvkDaT77iwfCkiDDXKHnZyI8d7JmBSuCg=";
+  };
+
+  SETUPTOOLS_SCM_PRETEND_VERSION = version;
+
+  nativeBuildInputs = [
+    setuptools-scm
+  ];
+
+  propagatedBuildInputs = [
+    click
+    faker
+    flask
+    gunicorn
+    pyopenssl
+    requests
+  ];
+
+  checkInputs = [
+    pytestCheckHook
+  ];
+
+  pythonImportsCheck = [
+    "threat9_test_bed"
+  ];
+
+  disabledTests = [
+    # Assertion issue with the response codes
+    "test_http_service_mock"
+    "tests_http_service_mock"
+    "test_http_service_mock_random_port"
+  ];
+
+  meta = with lib; {
+    description = "Module for adding unittests.mock as view functions";
+    homepage = "https://github.com/threat9/threat9-test-bed";
+    license = licenses.bsd3;
+    maintainers = with maintainers; [ fab ];
+  };
+}

pkgs/development/tools/database/sqlfluff/default.nix

@@ -5,13 +5,13 @@
 
 python3.pkgs.buildPythonApplication rec {
   pname = "sqlfluff";
-  version = "0.13.2";
+  version = "1.0.0";
 
   src = fetchFromGitHub {
     owner = pname;
     repo = pname;
     rev = "refs/tags/${version}";
-    hash = "sha256-tPcj4QTqO03SKyZh7OQbXvjJPheUeWGhWfqpy/IBrk4=";
+    hash = "sha256-qJVzeorNojWzJ6TRTFQNNOXLWbHLMTteJaDWUcrz0j0=";
   };
 
   propagatedBuildInputs = with python3.pkgs; [

pkgs/development/tools/gosec/default.nix

@@ -5,16 +5,16 @@
 
 buildGoModule rec {
   pname = "gosec";
-  version = "2.11.0";
+  version = "2.12.0";
 
   src = fetchFromGitHub {
     owner = "securego";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-AYD45L1FFT/S1toLK489C2TTasTHVXIs4Tf7TLOaye0=";
+    sha256 = "sha256-Y4QL6vYCTZUCh+HF86QI+ENel/pK16XpLd6CF4RWcK0=";
   };
 
-  vendorSha256 = "sha256-zzbINVp8EA5aIvwUiFlQRtD6YL0iytbgVzCHbo+clYI=";
+  vendorSha256 = "sha256-5rA2C3nyvSUiBQ/Nk5OJ9e9tf8CKHQB+6rLUJXESK/0=";
 
   subPackages = [
     "cmd/gosec"

pkgs/tools/graphics/vulkan-tools/default.nix

@@ -103,6 +103,7 @@ stdenv.mkDerivation rec {
       use of the Vulkan API.
     '';
     homepage    = "https://github.com/KhronosGroup/Vulkan-Tools";
+    hydraPlatforms = [ "x86_64-linux" "i686-linux" ];
     platforms   = platforms.unix;
     license     = licenses.asl20;
     maintainers = [ maintainers.ralith ];

pkgs/tools/misc/calamares-nixos-extensions/default.nix

@@ -2,13 +2,13 @@
 
 stdenv.mkDerivation rec {
   pname = "calamares-nixos-extensions";
-  version = "0.3.8";
+  version = "0.3.10";
 
   src = fetchFromGitHub {
     owner = "NixOS";
     repo = "calamares-nixos-extensions";
     rev = version;
-    sha256 = "MtqAOwlY5euVNAGRl2pRkbg/OolJPNOSQcR4DS5gFz4=";
+    sha256 = "YJyK0rsrftrCwYD+aCAkPe/kAqUXsP/4WBAGtNKIGj8=";
   };
 
   installPhase = ''

pkgs/tools/misc/calamares/default.nix

@@ -7,12 +7,12 @@
 
 mkDerivation rec {
   pname = "calamares";
-  version = "3.2.57";
+  version = "3.2.59";
 
   # release including submodule
   src = fetchurl {
     url = "https://github.com/calamares/calamares/releases/download/v${version}/${pname}-${version}.tar.gz";
-    sha256 = "ef7f564ec2cd8baaf94a44982ce1db88c1192696617f21538d0b8472a63b4c2b";
+    sha256 = "55adef250613e80a868f2aa3d1e57bdae5b769387d91decf0fe2b64e3605574f";
   };
 
   patches = lib.optionals nixos-extensions [
@@ -57,7 +57,7 @@ mkDerivation rec {
 
   postPatch = ''
     # Run calamares without root. Other patches make it functional as a normal user
-    sed -e "s,pkexec calamares,calamares," \
+    sed -e "s,pkexec calamares,calamares -D6," \
         -i calamares.desktop
 
     sed -e "s,X-AppStream-Ignore=true,&\nStartupWMClass=calamares," \

pkgs/tools/nix/nixpkgs-fmt/default.nix

@@ -1,16 +1,16 @@
 { lib, rustPlatform, fetchFromGitHub }:
 rustPlatform.buildRustPackage rec {
   pname = "nixpkgs-fmt";
-  version = "1.2.0";
+  version = "1.3.0";
 
   src = fetchFromGitHub {
     owner = "nix-community";
     repo = pname;
     rev = "v${version}";
-    sha256 = "0dqirvn8pq6ssxjlf6rkqcsx6ndasws93lz2v9f9s01k9ny8x8mq";
+    sha256 = "sha256-6Ut4/ix915EoaPCewoG3KhKBA+OaggpDqnx2nvKxEpQ=";
   };
 
-  cargoSha256 = "0mm79hfh8p1rs02pkpcv25p59b24q1rymwh11yxry4d4f12b6aw0";
+  cargoSha256 = "sha256-yIwCBm46sgrpTt45uCyyS7M6V0ReGUXVu7tyrjdNqeQ=";
 
   meta = with lib; {
     description = "Nix code formatter for nixpkgs";

pkgs/tools/security/metasploit/Gemfile

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 source "https://rubygems.org"
 
-gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.2.2"
+gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.2.3"

pkgs/tools/security/metasploit/Gemfile.lock

@@ -1,9 +1,9 @@
 GIT
   remote: https://github.com/rapid7/metasploit-framework
-  revision: 1bfa54f5d72a9c088ee4a65443753e1d10b05504
-  ref: refs/tags/6.2.2
+  revision: ef3f1dfb9c196e19174e59f5d75707fffb847073
+  ref: refs/tags/6.2.3
   specs:
-    metasploit-framework (6.2.2)
+    metasploit-framework (6.2.3)
       actionpack (~> 6.0)
       activerecord (~> 6.0)
       activesupport (~> 6.0)
@@ -130,13 +130,13 @@ GEM
     arel-helpers (2.14.0)
       activerecord (>= 3.1.0, < 8)
     aws-eventstream (1.2.0)
-    aws-partitions (1.598.0)
+    aws-partitions (1.600.0)
     aws-sdk-core (3.131.1)
       aws-eventstream (~> 1, >= 1.0.2)
       aws-partitions (~> 1, >= 1.525.0)
       aws-sigv4 (~> 1.1)
       jmespath (~> 1, >= 1.6.1)
-    aws-sdk-ec2 (1.317.0)
+    aws-sdk-ec2 (1.318.0)
       aws-sdk-core (~> 3, >= 3.127.0)
       aws-sigv4 (~> 1.1)
     aws-sdk-iam (1.69.0)
@@ -182,7 +182,8 @@ GEM
       faraday-net_http (~> 2.0)
       ruby2_keywords (>= 0.0.4)
     faraday-net_http (2.0.3)
-    faraday-retry (1.0.3)
+    faraday-retry (2.0.0)
+      faraday (~> 2.0)
     faye-websocket (0.11.1)
       eventmachine (>= 0.12.0)
       websocket-driver (>= 0.5.1)
@@ -233,7 +234,7 @@ GEM
       rex-socket
       rubyntlm
       rubyzip
-    metasploit-model (4.0.4)
+    metasploit-model (4.0.5)
       activemodel (~> 6.0)
       activesupport (~> 6.0)
       railties (~> 6.0)
@@ -251,7 +252,7 @@ GEM
     metasploit_payloads-mettle (1.0.18)
     method_source (1.0.0)
     mini_portile2 (2.8.0)
-    minitest (5.15.0)
+    minitest (5.16.0)
     mqtt (0.5.0)
     msgpack (1.5.2)
     multi_json (1.15.0)
@@ -273,7 +274,7 @@ GEM
       mini_portile2 (~> 2.8.0)
       racc (~> 1.4)
     nori (2.6.0)
-    octokit (4.24.0)
+    octokit (4.25.0)
       faraday (>= 1, < 3)
       sawyer (~> 0.9)
     openssl-ccm (1.2.2)
@@ -355,7 +356,7 @@ GEM
       metasm
       rex-core
       rex-text
-    rex-socket (0.1.39)
+    rex-socket (0.1.40)
       rex-core
     rex-sslscan (0.1.7)
       rex-core
@@ -388,7 +389,7 @@ GEM
       rack (~> 2.2)
       rack-protection (= 2.2.0)
       tilt (~> 2.0)
-    sqlite3 (1.4.2)
+    sqlite3 (1.4.4)
     sshkey (2.0.0)
     swagger-blocks (3.0.0)
     thin (1.8.1)
@@ -429,7 +430,7 @@ GEM
       activesupport (>= 4.2, < 8.0)
     xmlrpc (0.3.2)
       webrick
-    zeitwerk (2.5.4)
+    zeitwerk (2.6.0)
 
 PLATFORMS
   ruby

pkgs/tools/security/metasploit/default.nix

@@ -15,13 +15,13 @@ let
   };
 in stdenv.mkDerivation rec {
   pname = "metasploit-framework";
-  version = "6.2.2";
+  version = "6.2.3";
 
   src = fetchFromGitHub {
     owner = "rapid7";
     repo = "metasploit-framework";
     rev = version;
-    sha256 = "sha256-Did2OFR/0F3aeS3qbHIRLRmqOlvC29l1yCVZgsdxPAM=";
+    sha256 = "sha256-5G2xjzdZro01Es3oqnUFO9TrvBCku5QE7DjPgU0xlc8=";
   };
 
   nativeBuildInputs = [ makeWrapper ];

pkgs/tools/security/metasploit/gemset.nix

@@ -104,10 +104,10 @@
     platforms = [];
     source = {
       remotes = ["https://rubygems.org"];
-      sha256 = "1vcw9p4ngkcdrdallp6fgzmj4cgm7i04z1dc8rcxd5awybbglvv8";
+      sha256 = "0cx73zazv4jsh51b08jgf7pzn62wmfqlwwg2z8w4rcqbvn326n93";
       type = "gem";
     };
-    version = "1.598.0";
+    version = "1.600.0";
   };
   aws-sdk-core = {
     groups = ["default"];
@@ -124,10 +124,10 @@
     platforms = [];
     source = {
       remotes = ["https://rubygems.org"];
-      sha256 = "0ihv5bbyphpbifviw57nfw733d1mcaf8qy7ws7hfbb462cizgxl0";
+      sha256 = "0airi3qgnjdxl3n459nxq6bjwq0i3jyvwa0pv8nivw6lnskl1jps";
       type = "gem";
     };
-    version = "1.317.0";
+    version = "1.318.0";
   };
   aws-sdk-iam = {
     groups = ["default"];
@@ -374,10 +374,10 @@
     platforms = [];
     source = {
       remotes = ["https://rubygems.org"];
-      sha256 = "153i967yrwnswqgvnnajgwp981k9p50ys1h80yz3q94rygs59ldd";
+      sha256 = "07bn75d784ndj9ljqk19ff6217hkqqmxjlnjx5b9v36k2nnj9kys";
       type = "gem";
     };
-    version = "1.0.3";
+    version = "2.0.0";
   };
   faye-websocket = {
     groups = ["default"];
@@ -614,22 +614,22 @@
     platforms = [];
     source = {
       fetchSubmodules = false;
-      rev = "1bfa54f5d72a9c088ee4a65443753e1d10b05504";
-      sha256 = "00rwf73q4n95r1sxkny2bcxal69d25r6rsidg7d5vl3zahw7c9qf";
+      rev = "ef3f1dfb9c196e19174e59f5d75707fffb847073";
+      sha256 = "1kwm656q3krqxh299fx422yfpm1v0mssms6d28sqvbjr6y7v2vg4";
       type = "git";
       url = "https://github.com/rapid7/metasploit-framework";
     };
-    version = "6.2.2";
+    version = "6.2.3";
   };
   metasploit-model = {
     groups = ["default"];
     platforms = [];
     source = {
       remotes = ["https://rubygems.org"];
-      sha256 = "16mc0f7hqpqmnvyqar3hn3yr83xxvnm1ikmq6sxwbf08zhgz6v64";
+      sha256 = "1i08iwb7xgddh798xb3blyygqwgnb15ww3vlvw45248llk01gay3";
       type = "gem";
     };
-    version = "4.0.4";
+    version = "4.0.5";
   };
   metasploit-payloads = {
     groups = ["default"];
@@ -686,10 +686,10 @@
     platforms = [];
     source = {
       remotes = ["https://rubygems.org"];
-      sha256 = "06xf558gid4w8lwx13jwfdafsch9maz8m0g85wnfymqj63x5nbbd";
+      sha256 = "05ik7y422ylnv391w7lh812w43p1dirlvkzyq09v27ag683fvsbh";
       type = "gem";
     };
-    version = "5.15.0";
+    version = "5.16.0";
   };
   mqtt = {
     groups = ["default"];
@@ -837,10 +837,10 @@
     platforms = [];
     source = {
       remotes = ["https://rubygems.org"];
-      sha256 = "0mzrjqsdm4gdiwjpqs089ihfr3l184lfjxlmxvyma85ayyqarmkv";
+      sha256 = "0yqs5cn07lwh7nhc6zh92rymk0aran90zfjgcbvpgsr2mjsyq8rc";
       type = "gem";
     };
-    version = "4.24.0";
+    version = "4.25.0";
   };
   openssl-ccm = {
     groups = ["default"];
@@ -1197,10 +1197,10 @@
     platforms = [];
     source = {
       remotes = ["https://rubygems.org"];
-      sha256 = "07nbcnn2pb7rcl6flr4kb9dzq29zrwa01kw5333pzwy5b5jfp65w";
+      sha256 = "1ckcqycg8jl2iiibpcry88rl0j2hsiklsxh6za5vp9rxsl09wlv6";
       type = "gem";
     };
-    version = "0.1.39";
+    version = "0.1.40";
   };
   rex-sslscan = {
     groups = ["default"];
@@ -1357,10 +1357,10 @@
     platforms = [];
     source = {
       remotes = ["https://rubygems.org"];
-      sha256 = "0lja01cp9xd5m6vmx99zwn4r7s97r1w5cb76gqd8xhbm1wxyzf78";
+      sha256 = "1z1wa639c278bsipczn6kv8b13fj85pi8gk7x462chqx6k0wm0ax";
       type = "gem";
     };
-    version = "1.4.2";
+    version = "1.4.4";
   };
   sshkey = {
     groups = ["default"];
@@ -1577,9 +1577,9 @@
     platforms = [];
     source = {
       remotes = ["https://rubygems.org"];
-      sha256 = "09bq7j2p6mkbxnsg71s253dm2463kg51xc7bmjcxgyblqbh4ln7m";
+      sha256 = "0xjdr2szxvn3zb1sb5l8nfd6k9jr3b4qqbbg1mj9grf68m3fxckc";
       type = "gem";
     };
-    version = "2.5.4";
+    version = "2.6.0";
   };
 }

pkgs/tools/security/routersploit/default.nix

@@ -0,0 +1,56 @@
+{ lib
+, fetchFromGitHub
+, python3
+}:
+
+python3.pkgs.buildPythonApplication rec {
+  pname = "routersploit";
+  version = "unstable-2021-02-06";
+  format = "setuptools";
+
+  src = fetchFromGitHub {
+    owner = "threat9";
+    repo = pname;
+    rev = "3fd394637f5566c4cf6369eecae08c4d27f93cda";
+    hash = "sha256-IET0vL0VVP9ZNn75hKdTCiEmOZRHHYICykhzW2g3LEg=";
+  };
+
+  propagatedBuildInputs = with python3.pkgs; [
+    future
+    paramiko
+    pycryptodome
+    pysnmp
+    requests
+    setuptools
+  ];
+
+  checkInputs = with python3.pkgs; [
+    pytest-xdist
+    pytestCheckHook
+    threat9-test-bed
+  ];
+
+  postInstall = ''
+    mv $out/bin/rsf.py $out/bin/rsf
+  '';
+
+  pythonImportsCheck = [
+    "routersploit"
+  ];
+
+  pytestFlagsArray = [
+    "-n"
+    "$NIX_BUILD_CORES"
+    # Run the same tests as upstream does in the first round
+    "tests/core/"
+    "tests/test_exploit_scenarios.py"
+    "tests/test_module_info.py"
+  ];
+
+  meta = with lib; {
+    description = "Exploitation Framework for Embedded Devices";
+    homepage = "https://github.com/threat9/routersploit";
+    license = with licenses; [ bsd3 ];
+    maintainers = with maintainers; [ fab ];
+  };
+}

pkgs/top-level/all-packages.nix

@@ -4350,6 +4350,8 @@ with pkgs;
 
   roundcubePlugins = dontRecurseIntoAttrs (callPackage ../servers/roundcube/plugins { });
 
+  routersploit = callPackage ../tools/security/routersploit { };
+
   routinator = callPackage ../servers/routinator {
     inherit (darwin.apple_sdk.frameworks) Security;
   };

pkgs/top-level/python-packages.nix

@@ -10471,6 +10471,8 @@ in {
 
   threadpoolctl = callPackage ../development/python-modules/threadpoolctl { };
 
+  threat9-test-bed = callPackage ../development/python-modules/threat9-test-bed { };
+
   three-merge = callPackage ../development/python-modules/three-merge { };
 
   thrift = callPackage ../development/python-modules/thrift { };