From 4e2614fc0709ff77e40a8f39e2744239ee371826 Mon Sep 17 00:00:00 2001 From: h0nIg Date: Sun, 29 Jun 2025 21:44:02 +0200 Subject: [PATCH 01/39] stdenv: pURL implementation --- doc/redirects.json | 9 ++++ doc/release-notes/rl-2511.section.md | 2 + doc/stdenv/meta.chapter.md | 15 +++++++ pkgs/build-support/fetchgit/default.nix | 10 ++++- pkgs/build-support/fetchgithub/default.nix | 43 +++++++++++++++---- pkgs/build-support/fetchpypi/default.nix | 16 ++++++- .../python/mk-python-derivation.nix | 1 + pkgs/development/ruby-modules/gem/default.nix | 10 +++++ pkgs/stdenv/generic/check-meta.nix | 17 +++++++- 9 files changed, 111 insertions(+), 12 deletions(-) diff --git a/doc/redirects.json b/doc/redirects.json index 1230b6460b54..0ab407db19f3 100644 --- a/doc/redirects.json +++ b/doc/redirects.json @@ -231,6 +231,9 @@ "sec-meta-identifiers-cpe": [ "index.html#sec-meta-identifiers-cpe" ], + "sec-meta-identifiers-purl": [ + "index.html#sec-meta-identifiers-purl" + ], "sec-modify-via-packageOverrides": [ "index.html#sec-modify-via-packageOverrides" ], @@ -643,6 +646,12 @@ "var-meta-identifiers-possibleCPEs": [ "index.html#var-meta-identifiers-possibleCPEs" ], + "var-meta-identifiers-purl": [ + "index.html#var-meta-identifiers-purl" + ], + "var-meta-identifiers-purlParts": [ + "index.html#var-meta-identifiers-purlParts" + ], "var-meta-teams": [ "index.html#var-meta-teams" ], diff --git a/doc/release-notes/rl-2511.section.md b/doc/release-notes/rl-2511.section.md index 018554743449..6d5cf577fb72 100644 --- a/doc/release-notes/rl-2511.section.md +++ b/doc/release-notes/rl-2511.section.md @@ -176,6 +176,8 @@ +- Metadata identifier pURL (https://github.com/package-url/purl-spec) has been added, which enables a SBOM generation. Maintainers are urged to check their `drv.meta.identifiers.v1.purl` for completeness. + - Added `rewriteURL` attribute to the nixpkgs `config`, to allow for rewriting the URLs downloaded by `fetchurl`. - The `dockerTools.streamLayeredImage` builder now uses a better algorithm for generating layered docker images, such that much more sharing is possible when the number of store paths exceeds the layer limit. It gives each of the largest store paths its own layer and adds dependencies to those layers when they aren't used elsewhere. diff --git a/doc/stdenv/meta.chapter.md b/doc/stdenv/meta.chapter.md index 947009869ff1..606d607e04d1 100644 --- a/doc/stdenv/meta.chapter.md +++ b/doc/stdenv/meta.chapter.md @@ -319,3 +319,18 @@ A readonly attribute that concatenates all CPE parts in one string. #### `meta.identifiers.possibleCPEs` {#var-meta-identifiers-possibleCPEs} A readonly attribute containing the list of guesses for what CPE for this package can look like. It includes all variants of version handling mentioned above. Each item is an attrset with attributes `cpeParts` and `cpe` for each guess. + +### Package URL {#sec-meta-identifiers-purl} + +[Package URL](https://github.com/package-url/purl-spec) (pURL) is a specification to reliably identify and locate software packages. + +#### `meta.identifiers.purlParts` {#var-meta-identifiers-purlParts} + +This attribute contains an attribute set of all parts of the pURL for this package. + +* `type` mandatory [type](https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/docs/standard/summary.md) which needs to be provided +* `spec` specify the pURL in accordance with the [purl-spec](https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/purl-specification.md) + +#### `meta.identifiers.purl` {#var-meta-identifiers-purl} + +A readonly attribute which is built based on purlParts. diff --git a/pkgs/build-support/fetchgit/default.nix b/pkgs/build-support/fetchgit/default.nix index b2f5f15a309d..ed9daa7ff525 100644 --- a/pkgs/build-support/fetchgit/default.nix +++ b/pkgs/build-support/fetchgit/default.nix @@ -185,7 +185,15 @@ lib.makeOverridable ( "FETCHGIT_HTTP_PROXIES" ]; - inherit preferLocalBuild meta allowedRequisites; + inherit preferLocalBuild allowedRequisites; + + meta = meta // { + identifiers.purlParts = { + type = "generic"; + # https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/types-doc/generic-definition.md + spec = "${name}?vcs_url=${url}@${(lib.revOrTag rev tag)}"; + }; + }; passthru = { gitRepoUrl = url; diff --git a/pkgs/build-support/fetchgithub/default.nix b/pkgs/build-support/fetchgithub/default.nix index 2b3ab060418a..fbbf1dd153b1 100644 --- a/pkgs/build-support/fetchgithub/default.nix +++ b/pkgs/build-support/fetchgithub/default.nix @@ -43,14 +43,36 @@ lib.makeOverridable ( ); baseUrl = "https://${githubBase}/${owner}/${repo}"; newMeta = - meta - // { - homepage = meta.homepage or baseUrl; - } - // lib.optionalAttrs (position != null) { - # to indicate where derivation originates, similar to make-derivation.nix's mkDerivation - position = "${position.file}:${toString position.line}"; - }; + lib.recursiveUpdate + ( + meta + // { + homepage = meta.homepage or baseUrl; + } + // lib.optionalAttrs (position != null) { + # to indicate where derivation originates, similar to make-derivation.nix's mkDerivation + position = "${position.file}:${toString position.line}"; + } + ) + + ( + { + identifiers.purlParts = + if githubBase == "github.com" then + { + type = "github"; + # https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/types-doc/github-definition.md + spec = "${owner}/${repo}@${(lib.revOrTag rev tag)}"; + } + else + { + type = "generic"; + # https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/types-doc/generic-definition.md + spec = "${repo}?vcs_url=https://${githubBase}/${owner}/${repo}@${(lib.revOrTag rev tag)}"; + }; + } + ); + passthruAttrs = removeAttrs args [ "owner" "repo" @@ -153,12 +175,15 @@ lib.makeOverridable ( // passthruAttrs // { inherit name; + } + # fetchurl / fetchzip is not a function, but fetchurlBoot is - ensure that the parameter is accepted and passed through + // lib.optionalAttrs (!builtins.isFunction fetcher || (builtins.functionArgs fetcher) ? meta) { + meta = newMeta; }; in fetcher fetcherArgs // { - meta = newMeta; inherit owner repo tag; rev = revWithTag; } diff --git a/pkgs/build-support/fetchpypi/default.nix b/pkgs/build-support/fetchpypi/default.nix index cb7e443ab7ef..7510582ccf58 100644 --- a/pkgs/build-support/fetchpypi/default.nix +++ b/pkgs/build-support/fetchpypi/default.nix @@ -51,6 +51,8 @@ makeOverridable ( format ? "setuptools", sha256 ? "", hash ? "", + pname, + version, ... }@attrs: let @@ -60,8 +62,20 @@ makeOverridable ( "hash" ] ); + meta = { + identifiers.purlParts = { + type = "pypi"; + # https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/types-doc/pypi-definition.md + spec = "${pname}@${version}"; + }; + }; in fetchurl { - inherit url sha256 hash; + inherit + url + sha256 + hash + meta + ; } ) diff --git a/pkgs/development/interpreters/python/mk-python-derivation.nix b/pkgs/development/interpreters/python/mk-python-derivation.nix index eb8e76101c49..c7ff2f0dce70 100644 --- a/pkgs/development/interpreters/python/mk-python-derivation.nix +++ b/pkgs/development/interpreters/python/mk-python-derivation.nix @@ -416,6 +416,7 @@ let # default to python's platforms platforms = python.meta.platforms; isBuildPythonPackage = python.meta.platforms; + identifiers.purlParts = attrs.src.meta.identifiers.purlParts or { }; } // meta; } diff --git a/pkgs/development/ruby-modules/gem/default.nix b/pkgs/development/ruby-modules/gem/default.nix index 0e3c1c4187f2..d8b91063ef51 100644 --- a/pkgs/development/ruby-modules/gem/default.nix +++ b/pkgs/development/ruby-modules/gem/default.nix @@ -300,6 +300,16 @@ lib.makeOverridable ( platforms = ruby.meta.platforms; mainProgram = gemName; } + // (lib.optionalAttrs (type == "gem") { + identifiers.purlParts = { + type = "gem"; + # https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/types-doc/gem-definition.md + spec = "${gemName}@${version}?platform=${platform}"; + }; + }) + // (lib.optionalAttrs (type == "git") { + identifiers.purlParts = src.meta.identifiers.purlParts or { }; + }) // meta; } ) diff --git a/pkgs/stdenv/generic/check-meta.nix b/pkgs/stdenv/generic/check-meta.nix index d8f519b0f185..4dbc7dd0520a 100644 --- a/pkgs/stdenv/generic/check-meta.nix +++ b/pkgs/stdenv/generic/check-meta.nix @@ -605,6 +605,12 @@ let }) tryCPEPatchVersionInUpdateWithVendor ]; + hasAllPURLParts = + purlParts: + let + values = attrValues purlParts; + in + (length values == 2) && !any isNull values; # The meta attribute is passed in the resulting attribute set, # but it's not part of the actual derivation, i.e., it's not @@ -710,9 +716,18 @@ let cpe = makeCPE guessedParts; } ) possibleCPEPartsFuns; + + purlParts = attrs.meta.identifiers.purlParts or { }; + purl = if hasAllPURLParts purlParts then "pkg:${purlParts.type}/${purlParts.spec}" else null; + v1 = { - inherit cpeParts possibleCPEs; + inherit + cpeParts + possibleCPEs + purlParts + ; ${if cpe != null then "cpe" else null} = cpe; + ${if purl != null then "purl" else null} = purl; }; in v1 From 0a69474ed34ef6a4e82804b4b2d844deb126a1ab Mon Sep 17 00:00:00 2001 From: Hans Joachim Kliemeck Date: Sat, 20 Sep 2025 18:22:53 +0200 Subject: [PATCH 02/39] stdenv: pURL github speed optimization --- pkgs/build-support/fetchgithub/default.nix | 50 +++++++++------------- 1 file changed, 21 insertions(+), 29 deletions(-) diff --git a/pkgs/build-support/fetchgithub/default.nix b/pkgs/build-support/fetchgithub/default.nix index fbbf1dd153b1..caf82cf7de53 100644 --- a/pkgs/build-support/fetchgithub/default.nix +++ b/pkgs/build-support/fetchgithub/default.nix @@ -43,35 +43,27 @@ lib.makeOverridable ( ); baseUrl = "https://${githubBase}/${owner}/${repo}"; newMeta = - lib.recursiveUpdate - ( - meta - // { - homepage = meta.homepage or baseUrl; - } - // lib.optionalAttrs (position != null) { - # to indicate where derivation originates, similar to make-derivation.nix's mkDerivation - position = "${position.file}:${toString position.line}"; - } - ) - - ( - { - identifiers.purlParts = - if githubBase == "github.com" then - { - type = "github"; - # https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/types-doc/github-definition.md - spec = "${owner}/${repo}@${(lib.revOrTag rev tag)}"; - } - else - { - type = "generic"; - # https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/types-doc/generic-definition.md - spec = "${repo}?vcs_url=https://${githubBase}/${owner}/${repo}@${(lib.revOrTag rev tag)}"; - }; - } - ); + meta + // { + homepage = meta.homepage or baseUrl; + identifiers.purlParts = + if githubBase == "github.com" then + { + type = "github"; + # https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/types-doc/github-definition.md + spec = "${owner}/${repo}@${(lib.revOrTag rev tag)}"; + } + else + { + type = "generic"; + # https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/types-doc/generic-definition.md + spec = "${repo}?vcs_url=https://${githubBase}/${owner}/${repo}@${(lib.revOrTag rev tag)}"; + }; + } + // lib.optionalAttrs (position != null) { + # to indicate where derivation originates, similar to make-derivation.nix's mkDerivation + position = "${position.file}:${toString position.line}"; + }; passthruAttrs = removeAttrs args [ "owner" From 2e46d00d76d3c9690e9713a9c2686c328e3779da Mon Sep 17 00:00:00 2001 From: Hans Joachim Kliemeck Date: Sat, 20 Sep 2025 18:24:18 +0200 Subject: [PATCH 03/39] stdenv: pURL docu enhancements & list interface --- doc/redirects.json | 3 +++ doc/release-notes/rl-2511.section.md | 2 +- doc/stdenv/meta.chapter.md | 8 ++++++-- pkgs/stdenv/generic/check-meta.nix | 2 ++ 4 files changed, 12 insertions(+), 3 deletions(-) diff --git a/doc/redirects.json b/doc/redirects.json index 0ab407db19f3..72b46ad9aba2 100644 --- a/doc/redirects.json +++ b/doc/redirects.json @@ -652,6 +652,9 @@ "var-meta-identifiers-purlParts": [ "index.html#var-meta-identifiers-purlParts" ], + "var-meta-identifiers-purls": [ + "index.html#var-meta-identifiers-purls" + ], "var-meta-teams": [ "index.html#var-meta-teams" ], diff --git a/doc/release-notes/rl-2511.section.md b/doc/release-notes/rl-2511.section.md index 6d5cf577fb72..9f59e6f92ffe 100644 --- a/doc/release-notes/rl-2511.section.md +++ b/doc/release-notes/rl-2511.section.md @@ -176,7 +176,7 @@ -- Metadata identifier pURL (https://github.com/package-url/purl-spec) has been added, which enables a SBOM generation. Maintainers are urged to check their `drv.meta.identifiers.v1.purl` for completeness. +- Metadata identifier purl (Package URL, https://github.com/package-url/purl-spec) has been added for fetchgit, fetchpypi and fetchFromGithub fetchers and derivations for Perl, Python and Ruby derivations have been adjusted to reuse these informations. Package URL's enables a reliable identification and locatization of software packages. Maintainers should rely on the `drv.src.meta.identifiers.v1.purl` default identifier and can enhance their `drv.meta.identifiers.v1.purls` list once they would like to have additional identifiers. - Added `rewriteURL` attribute to the nixpkgs `config`, to allow for rewriting the URLs downloaded by `fetchurl`. diff --git a/doc/stdenv/meta.chapter.md b/doc/stdenv/meta.chapter.md index 606d607e04d1..94352e00d935 100644 --- a/doc/stdenv/meta.chapter.md +++ b/doc/stdenv/meta.chapter.md @@ -322,7 +322,7 @@ A readonly attribute containing the list of guesses for what CPE for this packag ### Package URL {#sec-meta-identifiers-purl} -[Package URL](https://github.com/package-url/purl-spec) (pURL) is a specification to reliably identify and locate software packages. +[Package URL](https://github.com/package-url/purl-spec) (pURL) is a specification to reliably identify and locate software packages. Through identification of software packages, additional (non-major) use cases are e.g. software license cross-verification via third party databases or initial vulnerability response management. Package URL's default to the mkDerivation.src, as the original consumed software package is the single point of truth. #### `meta.identifiers.purlParts` {#var-meta-identifiers-purlParts} @@ -333,4 +333,8 @@ This attribute contains an attribute set of all parts of the pURL for this packa #### `meta.identifiers.purl` {#var-meta-identifiers-purl} -A readonly attribute which is built based on purlParts. +A readonly attribute which is built based on purlParts. It is the main identifier, consumers should consider using the pURL's list interface to be prepared for edge cases. + +#### `meta.identifiers.purls` {#var-meta-identifiers-purls} + +A readonly attribute list which defaults to a single element equal to the main pURL. It provides an interface for additional identifiers of mkDerivation.src and / or vendored dependencies inside mkDerivation.src, which maintainers can conciously decide to use on top. Identifiers different to the default src identifier are not recommended by default as they might cause maintenance overhead or may diverge (e.g. differences between source distribution pkg:github and binary distribution like pkg:pypi). diff --git a/pkgs/stdenv/generic/check-meta.nix b/pkgs/stdenv/generic/check-meta.nix index 4dbc7dd0520a..231867cd04cd 100644 --- a/pkgs/stdenv/generic/check-meta.nix +++ b/pkgs/stdenv/generic/check-meta.nix @@ -719,12 +719,14 @@ let purlParts = attrs.meta.identifiers.purlParts or { }; purl = if hasAllPURLParts purlParts then "pkg:${purlParts.type}/${purlParts.spec}" else null; + purls = optional (purl != null) purl; v1 = { inherit cpeParts possibleCPEs purlParts + purls ; ${if cpe != null then "cpe" else null} = cpe; ${if purl != null then "purl" else null} = purl; From c78e6a235962eb272981ea6b16939034c0fde575 Mon Sep 17 00:00:00 2001 From: Hans Joachim Kliemeck Date: Sat, 20 Sep 2025 18:23:32 +0200 Subject: [PATCH 04/39] stdenv: pURL golang support --- doc/release-notes/rl-2511.section.md | 2 +- pkgs/build-support/go/module.nix | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/doc/release-notes/rl-2511.section.md b/doc/release-notes/rl-2511.section.md index 9f59e6f92ffe..44099ea8c8b8 100644 --- a/doc/release-notes/rl-2511.section.md +++ b/doc/release-notes/rl-2511.section.md @@ -176,7 +176,7 @@ -- Metadata identifier purl (Package URL, https://github.com/package-url/purl-spec) has been added for fetchgit, fetchpypi and fetchFromGithub fetchers and derivations for Perl, Python and Ruby derivations have been adjusted to reuse these informations. Package URL's enables a reliable identification and locatization of software packages. Maintainers should rely on the `drv.src.meta.identifiers.v1.purl` default identifier and can enhance their `drv.meta.identifiers.v1.purls` list once they would like to have additional identifiers. +- Metadata identifier purl (Package URL, https://github.com/package-url/purl-spec) has been added for fetchgit, fetchpypi and fetchFromGithub fetchers and derivations for Perl, Python, Ruby and Golang derivations have been adjusted to reuse these informations. Package URL's enables a reliable identification and locatization of software packages. Maintainers should rely on the `drv.src.meta.identifiers.v1.purl` default identifier and can enhance their `drv.meta.identifiers.v1.purls` list once they would like to have additional identifiers. - Added `rewriteURL` attribute to the nixpkgs `config`, to allow for rewriting the URLs downloaded by `fetchurl`. diff --git a/pkgs/build-support/go/module.nix b/pkgs/build-support/go/module.nix index 00ba03533e34..7759fbd4b897 100644 --- a/pkgs/build-support/go/module.nix +++ b/pkgs/build-support/go/module.nix @@ -424,6 +424,7 @@ lib.extendMkDerivation { meta = { # Add default meta information. platforms = go.meta.platforms or lib.platforms.all; + identifiers.purlParts = finalAttrs.src.meta.identifiers.purlParts or { }; } // meta; }; From 64a6ca1114355caca991817cba83c4beb18136e2 Mon Sep 17 00:00:00 2001 From: Hans Joachim Kliemeck Date: Sat, 20 Sep 2025 22:53:24 +0200 Subject: [PATCH 05/39] stdenv: pURL speed optimization --- pkgs/build-support/go/module.nix | 7 ++++++- .../interpreters/python/mk-python-derivation.nix | 7 ++++++- pkgs/development/ruby-modules/gem/default.nix | 6 +++++- pkgs/stdenv/generic/check-meta.nix | 16 ++++++---------- 4 files changed, 23 insertions(+), 13 deletions(-) diff --git a/pkgs/build-support/go/module.nix b/pkgs/build-support/go/module.nix index 7759fbd4b897..2ed86cb759c7 100644 --- a/pkgs/build-support/go/module.nix +++ b/pkgs/build-support/go/module.nix @@ -424,7 +424,12 @@ lib.extendMkDerivation { meta = { # Add default meta information. platforms = go.meta.platforms or lib.platforms.all; - identifiers.purlParts = finalAttrs.src.meta.identifiers.purlParts or { }; + identifiers = { + ${if (finalAttrs.src.meta.identifiers.purl or null) != null then "purl" else null} = + finalAttrs.src.meta.identifiers.purl; + ${if (finalAttrs.src.meta.identifiers.purls or null) != null then "purls" else null} = + finalAttrs.src.meta.identifiers.purls; + }; } // meta; }; diff --git a/pkgs/development/interpreters/python/mk-python-derivation.nix b/pkgs/development/interpreters/python/mk-python-derivation.nix index c7ff2f0dce70..c153d2c01fc0 100644 --- a/pkgs/development/interpreters/python/mk-python-derivation.nix +++ b/pkgs/development/interpreters/python/mk-python-derivation.nix @@ -416,7 +416,12 @@ let # default to python's platforms platforms = python.meta.platforms; isBuildPythonPackage = python.meta.platforms; - identifiers.purlParts = attrs.src.meta.identifiers.purlParts or { }; + identifiers = { + ${if (attrs.src.meta.identifiers.purl or null) != null then "purl" else null} = + attrs.src.meta.identifiers.purl; + ${if (attrs.src.meta.identifiers.purls or null) != null then "purls" else null} = + attrs.src.meta.identifiers.purls; + }; } // meta; } diff --git a/pkgs/development/ruby-modules/gem/default.nix b/pkgs/development/ruby-modules/gem/default.nix index d8b91063ef51..ec4777d1ee50 100644 --- a/pkgs/development/ruby-modules/gem/default.nix +++ b/pkgs/development/ruby-modules/gem/default.nix @@ -308,7 +308,11 @@ lib.makeOverridable ( }; }) // (lib.optionalAttrs (type == "git") { - identifiers.purlParts = src.meta.identifiers.purlParts or { }; + identifiers = { + ${if (src.meta.identifiers.purl or null) != null then "purl" else null} = src.meta.identifiers.purl; + ${if (src.meta.identifiers.purls or null) != null then "purls" else null} = + src.meta.identifiers.purls; + }; }) // meta; } diff --git a/pkgs/stdenv/generic/check-meta.nix b/pkgs/stdenv/generic/check-meta.nix index 231867cd04cd..cd690197939b 100644 --- a/pkgs/stdenv/generic/check-meta.nix +++ b/pkgs/stdenv/generic/check-meta.nix @@ -605,12 +605,6 @@ let }) tryCPEPatchVersionInUpdateWithVendor ]; - hasAllPURLParts = - purlParts: - let - values = attrValues purlParts; - in - (length values == 2) && !any isNull values; # The meta attribute is passed in the resulting attribute set, # but it's not part of the actual derivation, i.e., it's not @@ -718,14 +712,16 @@ let ) possibleCPEPartsFuns; purlParts = attrs.meta.identifiers.purlParts or { }; - purl = if hasAllPURLParts purlParts then "pkg:${purlParts.type}/${purlParts.spec}" else null; - purls = optional (purl != null) purl; + purl = + attrs.meta.identifiers.purl or ( + if purlParts ? type && purlParts ? spec then "pkg:${purlParts.type}/${purlParts.spec}" else null + ); + purls = attrs.meta.identifiers.purls or (optional (purl != null) purl); v1 = { inherit cpeParts possibleCPEs - purlParts purls ; ${if cpe != null then "cpe" else null} = cpe; @@ -734,7 +730,7 @@ let in v1 // { - inherit v1; + inherit v1 purlParts; }; # Expose the result of the checks for everyone to see. From 22dbee80107516b858abd3d7a45c149a316a78d8 Mon Sep 17 00:00:00 2001 From: Hans Joachim Kliemeck Date: Sun, 21 Sep 2025 12:49:31 +0200 Subject: [PATCH 06/39] stdenv: pURL non-default adjustment examples --- doc/release-notes/rl-2511.section.md | 2 +- pkgs/by-name/jq/jq/package.nix | 4 ++++ pkgs/by-name/po/popt/package.nix | 4 ++++ 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/doc/release-notes/rl-2511.section.md b/doc/release-notes/rl-2511.section.md index 44099ea8c8b8..1e88dfe174a4 100644 --- a/doc/release-notes/rl-2511.section.md +++ b/doc/release-notes/rl-2511.section.md @@ -176,7 +176,7 @@ -- Metadata identifier purl (Package URL, https://github.com/package-url/purl-spec) has been added for fetchgit, fetchpypi and fetchFromGithub fetchers and derivations for Perl, Python, Ruby and Golang derivations have been adjusted to reuse these informations. Package URL's enables a reliable identification and locatization of software packages. Maintainers should rely on the `drv.src.meta.identifiers.v1.purl` default identifier and can enhance their `drv.meta.identifiers.v1.purls` list once they would like to have additional identifiers. +- Metadata identifier purl (Package URL, https://github.com/package-url/purl-spec) has been added for fetchgit, fetchpypi and fetchFromGithub fetchers and derivations for Perl, Python, Ruby and Golang derivations have been adjusted to reuse these informations. Package URL's enables a reliable identification and locatization of software packages. Maintainers of derivations using the adopted fetchers should rely on the `drv.src.meta.identifiers.v1.purl` default identifier and can enhance their `drv.meta.identifiers.v1.purls` list once they would like to have additional identifiers. Maintainers using fetchurl for `drv.src` are urged to adopt their `drv.meta.identifiers.purlParts` for proper identification. - Added `rewriteURL` attribute to the nixpkgs `config`, to allow for rewriting the URLs downloaded by `fetchurl`. diff --git a/pkgs/by-name/jq/jq/package.nix b/pkgs/by-name/jq/jq/package.nix index b2a0941a79fe..5ad75de67faf 100644 --- a/pkgs/by-name/jq/jq/package.nix +++ b/pkgs/by-name/jq/jq/package.nix @@ -134,5 +134,9 @@ stdenv.mkDerivation (finalAttrs: { ]; platforms = lib.platforms.unix; mainProgram = "jq"; + identifiers.purlParts = { + type = "github"; + spec = "jqlang/jq@jq-${finalAttrs.version}"; + }; }; }) diff --git a/pkgs/by-name/po/popt/package.nix b/pkgs/by-name/po/popt/package.nix index eb9e4f3685ed..c40e17228f54 100644 --- a/pkgs/by-name/po/popt/package.nix +++ b/pkgs/by-name/po/popt/package.nix @@ -49,5 +49,9 @@ stdenv.mkDerivation rec { maintainers = with maintainers; [ qyliss ]; license = licenses.mit; platforms = platforms.unix; + identifiers.purlParts = { + type = "github"; + spec = "rpm-software-management/popt@popt-${version}-release"; + }; }; } From 7390bbd8b533986f0893f8c57d21d17e6219fce4 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sat, 4 Oct 2025 23:42:44 +0000 Subject: [PATCH 07/39] kokkos: 4.7.00 -> 4.7.01 --- pkgs/by-name/ko/kokkos/package.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/by-name/ko/kokkos/package.nix b/pkgs/by-name/ko/kokkos/package.nix index 51ec26644676..541c5294e0b3 100644 --- a/pkgs/by-name/ko/kokkos/package.nix +++ b/pkgs/by-name/ko/kokkos/package.nix @@ -9,13 +9,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "kokkos"; - version = "4.7.00"; + version = "4.7.01"; src = fetchFromGitHub { owner = "kokkos"; repo = "kokkos"; rev = finalAttrs.version; - hash = "sha256-KCGUv6SnTfKiWw0zzvKgiggANPCxSQY8bmqQT4xTMb8="; + hash = "sha256-l5vSYaUtavQLjBSbKHGK2/JtgKzO2KD5+mcPPnWKNkI="; }; nativeBuildInputs = [ From 52c8f7c14f5fdd65ee5c4664cb153b796bb8418a Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 10 Oct 2025 01:13:06 +0000 Subject: [PATCH 08/39] libphonenumber: 9.0.15 -> 9.0.16 --- pkgs/by-name/li/libphonenumber/package.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/by-name/li/libphonenumber/package.nix b/pkgs/by-name/li/libphonenumber/package.nix index bbaf268282bd..96bec1c7e244 100644 --- a/pkgs/by-name/li/libphonenumber/package.nix +++ b/pkgs/by-name/li/libphonenumber/package.nix @@ -15,13 +15,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "libphonenumber"; - version = "9.0.15"; + version = "9.0.16"; src = fetchFromGitHub { owner = "google"; repo = "libphonenumber"; tag = "v${finalAttrs.version}"; - hash = "sha256-JpQ9I6Bm6HbRYDGZYkif/IWK6PXhGeTl2yY+K3ydLqI="; + hash = "sha256-+WXxeRsL++60VstR7GN7alrLG0rOQJbtrC7qaZaOPlY="; }; patches = [ From 1f173d017207dc039a1c2494fd88c20d757d864c Mon Sep 17 00:00:00 2001 From: Hans Joachim Kliemeck Date: Fri, 10 Oct 2025 11:09:22 +0200 Subject: [PATCH 09/39] stdenv: pURL review suggestions --- pkgs/build-support/fetchgithub/default.nix | 10 ++++---- pkgs/build-support/go/module.nix | 8 ++----- .../python/mk-python-derivation.nix | 8 ++----- pkgs/development/ruby-modules/gem/default.nix | 23 ++++++++----------- 4 files changed, 19 insertions(+), 30 deletions(-) diff --git a/pkgs/build-support/fetchgithub/default.nix b/pkgs/build-support/fetchgithub/default.nix index caf82cf7de53..92a83de0f051 100644 --- a/pkgs/build-support/fetchgithub/default.nix +++ b/pkgs/build-support/fetchgithub/default.nix @@ -167,10 +167,12 @@ lib.makeOverridable ( // passthruAttrs // { inherit name; - } - # fetchurl / fetchzip is not a function, but fetchurlBoot is - ensure that the parameter is accepted and passed through - // lib.optionalAttrs (!builtins.isFunction fetcher || (builtins.functionArgs fetcher) ? meta) { - meta = newMeta; + + # fetchurl / fetchzip is not a function, but fetchurlBoot is - ensure that the parameter is accepted and passed through + ${ + if (!builtins.isFunction fetcher || (builtins.functionArgs fetcher) ? meta) then "meta" else null + } = + newMeta; }; in diff --git a/pkgs/build-support/go/module.nix b/pkgs/build-support/go/module.nix index 2ed86cb759c7..a6d027c6bf06 100644 --- a/pkgs/build-support/go/module.nix +++ b/pkgs/build-support/go/module.nix @@ -424,12 +424,8 @@ lib.extendMkDerivation { meta = { # Add default meta information. platforms = go.meta.platforms or lib.platforms.all; - identifiers = { - ${if (finalAttrs.src.meta.identifiers.purl or null) != null then "purl" else null} = - finalAttrs.src.meta.identifiers.purl; - ${if (finalAttrs.src.meta.identifiers.purls or null) != null then "purls" else null} = - finalAttrs.src.meta.identifiers.purls; - }; + ${if (finalAttrs.src.meta.identifiers or null) != null then "identifiers" else null} = + finalAttrs.src.meta.identifiers; } // meta; }; diff --git a/pkgs/development/interpreters/python/mk-python-derivation.nix b/pkgs/development/interpreters/python/mk-python-derivation.nix index c153d2c01fc0..7450fc2b9bc3 100644 --- a/pkgs/development/interpreters/python/mk-python-derivation.nix +++ b/pkgs/development/interpreters/python/mk-python-derivation.nix @@ -416,12 +416,8 @@ let # default to python's platforms platforms = python.meta.platforms; isBuildPythonPackage = python.meta.platforms; - identifiers = { - ${if (attrs.src.meta.identifiers.purl or null) != null then "purl" else null} = - attrs.src.meta.identifiers.purl; - ${if (attrs.src.meta.identifiers.purls or null) != null then "purls" else null} = - attrs.src.meta.identifiers.purls; - }; + ${if (attrs.src.meta.identifiers or null) != null then "identifiers" else null} = + attrs.src.meta.identifiers; } // meta; } diff --git a/pkgs/development/ruby-modules/gem/default.nix b/pkgs/development/ruby-modules/gem/default.nix index ec4777d1ee50..80ad8fa48413 100644 --- a/pkgs/development/ruby-modules/gem/default.nix +++ b/pkgs/development/ruby-modules/gem/default.nix @@ -77,6 +77,13 @@ lib.makeOverridable ( attrs.source.remotes or [ "https://rubygems.org" ] ); inherit (attrs.source) sha256; + meta = { + identifiers.purlParts = { + type = "gem"; + # https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/types-doc/gem-definition.md + spec = "${gemName}@${version}?platform=${platform}"; + }; + }; } else if type == "git" then fetchgit { @@ -299,21 +306,9 @@ lib.makeOverridable ( # default to Ruby's platforms platforms = ruby.meta.platforms; mainProgram = gemName; + ${if (attrs.src.meta.identifiers or null) != null then "identifiers" else null} = + attrs.src.meta.identifiers; } - // (lib.optionalAttrs (type == "gem") { - identifiers.purlParts = { - type = "gem"; - # https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/types-doc/gem-definition.md - spec = "${gemName}@${version}?platform=${platform}"; - }; - }) - // (lib.optionalAttrs (type == "git") { - identifiers = { - ${if (src.meta.identifiers.purl or null) != null then "purl" else null} = src.meta.identifiers.purl; - ${if (src.meta.identifiers.purls or null) != null then "purls" else null} = - src.meta.identifiers.purls; - }; - }) // meta; } ) From cadcde9f7f04c239c0e187903d524ae57afce569 Mon Sep 17 00:00:00 2001 From: Hans Joachim Kliemeck Date: Fri, 10 Oct 2025 11:54:33 +0000 Subject: [PATCH 10/39] stdenv: pURL review suggestions - part 2 --- pkgs/build-support/go/module.nix | 8 ++++++-- .../interpreters/python/mk-python-derivation.nix | 8 ++++++-- pkgs/development/ruby-modules/gem/default.nix | 5 +++-- 3 files changed, 15 insertions(+), 6 deletions(-) diff --git a/pkgs/build-support/go/module.nix b/pkgs/build-support/go/module.nix index a6d027c6bf06..2ed86cb759c7 100644 --- a/pkgs/build-support/go/module.nix +++ b/pkgs/build-support/go/module.nix @@ -424,8 +424,12 @@ lib.extendMkDerivation { meta = { # Add default meta information. platforms = go.meta.platforms or lib.platforms.all; - ${if (finalAttrs.src.meta.identifiers or null) != null then "identifiers" else null} = - finalAttrs.src.meta.identifiers; + identifiers = { + ${if (finalAttrs.src.meta.identifiers.purl or null) != null then "purl" else null} = + finalAttrs.src.meta.identifiers.purl; + ${if (finalAttrs.src.meta.identifiers.purls or null) != null then "purls" else null} = + finalAttrs.src.meta.identifiers.purls; + }; } // meta; }; diff --git a/pkgs/development/interpreters/python/mk-python-derivation.nix b/pkgs/development/interpreters/python/mk-python-derivation.nix index 7450fc2b9bc3..fa0916fa5a6e 100644 --- a/pkgs/development/interpreters/python/mk-python-derivation.nix +++ b/pkgs/development/interpreters/python/mk-python-derivation.nix @@ -416,8 +416,12 @@ let # default to python's platforms platforms = python.meta.platforms; isBuildPythonPackage = python.meta.platforms; - ${if (attrs.src.meta.identifiers or null) != null then "identifiers" else null} = - attrs.src.meta.identifiers; + identifiers = { + ${if (finalAttrs.src.meta.identifiers.purl or null) != null then "purl" else null} = + finalAttrs.src.meta.identifiers.purl; + ${if (finalAttrs.src.meta.identifiers.purls or null) != null then "purls" else null} = + finalAttrs.src.meta.identifiers.purls; + }; } // meta; } diff --git a/pkgs/development/ruby-modules/gem/default.nix b/pkgs/development/ruby-modules/gem/default.nix index 80ad8fa48413..8da6bd0d9f0c 100644 --- a/pkgs/development/ruby-modules/gem/default.nix +++ b/pkgs/development/ruby-modules/gem/default.nix @@ -306,9 +306,10 @@ lib.makeOverridable ( # default to Ruby's platforms platforms = ruby.meta.platforms; mainProgram = gemName; - ${if (attrs.src.meta.identifiers or null) != null then "identifiers" else null} = - attrs.src.meta.identifiers; } + // (lib.optionalAttrs ((attrs.src.meta or { }) ? identifiers) { + inherit (attrs.src.meta) identifiers; + }) // meta; } ) From 25f90d7d20c46acd8eca5a8bf1b7f558e0efda02 Mon Sep 17 00:00:00 2001 From: Hans Joachim Kliemeck Date: Fri, 10 Oct 2025 14:38:19 +0200 Subject: [PATCH 11/39] stdenv: pURL review suggestions - part 3 --- doc/stdenv/meta.chapter.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/stdenv/meta.chapter.md b/doc/stdenv/meta.chapter.md index 94352e00d935..fdf7712415b3 100644 --- a/doc/stdenv/meta.chapter.md +++ b/doc/stdenv/meta.chapter.md @@ -333,8 +333,8 @@ This attribute contains an attribute set of all parts of the pURL for this packa #### `meta.identifiers.purl` {#var-meta-identifiers-purl} -A readonly attribute which is built based on purlParts. It is the main identifier, consumers should consider using the pURL's list interface to be prepared for edge cases. +An extendable attribute which is built based on purlParts. It is the main identifier, consumers should consider using the pURL's list interface to be prepared for edge cases. #### `meta.identifiers.purls` {#var-meta-identifiers-purls} -A readonly attribute list which defaults to a single element equal to the main pURL. It provides an interface for additional identifiers of mkDerivation.src and / or vendored dependencies inside mkDerivation.src, which maintainers can conciously decide to use on top. Identifiers different to the default src identifier are not recommended by default as they might cause maintenance overhead or may diverge (e.g. differences between source distribution pkg:github and binary distribution like pkg:pypi). +An extendable attribute list which defaults to a single element equal to the main pURL. It provides an interface for additional identifiers of mkDerivation.src and / or vendored dependencies inside mkDerivation.src, which maintainers can conciously decide to use on top. Identifiers different to the default src identifier are not recommended by default as they might cause maintenance overhead or may diverge (e.g. differences between source distribution pkg:github and binary distribution like pkg:pypi). From 83b6d2e657e2bbc19d55c48b0a888988014ac805 Mon Sep 17 00:00:00 2001 From: Hans Joachim Kliemeck Date: Fri, 10 Oct 2025 15:13:18 +0200 Subject: [PATCH 12/39] stdenv: pURL review suggestions - part 4 --- pkgs/build-support/fetchgithub/default.nix | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/pkgs/build-support/fetchgithub/default.nix b/pkgs/build-support/fetchgithub/default.nix index 92a83de0f051..115f8b5e867e 100644 --- a/pkgs/build-support/fetchgithub/default.nix +++ b/pkgs/build-support/fetchgithub/default.nix @@ -167,12 +167,7 @@ lib.makeOverridable ( // passthruAttrs // { inherit name; - - # fetchurl / fetchzip is not a function, but fetchurlBoot is - ensure that the parameter is accepted and passed through - ${ - if (!builtins.isFunction fetcher || (builtins.functionArgs fetcher) ? meta) then "meta" else null - } = - newMeta; + meta = newMeta; }; in From 87977474f1802bb0a5dbc1e5ad60ce7f04624cc7 Mon Sep 17 00:00:00 2001 From: Hans Joachim Kliemeck Date: Fri, 10 Oct 2025 17:00:16 +0200 Subject: [PATCH 13/39] stdenv: pURL review suggestions - move all logic to mkDerivation --- doc/release-notes/rl-2511.section.md | 2 +- pkgs/build-support/go/module.nix | 6 ---- .../python/mk-python-derivation.nix | 6 ---- pkgs/development/ruby-modules/gem/default.nix | 3 -- pkgs/stdenv/generic/check-meta.nix | 29 +++++++++++++++++-- 5 files changed, 27 insertions(+), 19 deletions(-) diff --git a/doc/release-notes/rl-2511.section.md b/doc/release-notes/rl-2511.section.md index 1e88dfe174a4..93c5143f9679 100644 --- a/doc/release-notes/rl-2511.section.md +++ b/doc/release-notes/rl-2511.section.md @@ -176,7 +176,7 @@ -- Metadata identifier purl (Package URL, https://github.com/package-url/purl-spec) has been added for fetchgit, fetchpypi and fetchFromGithub fetchers and derivations for Perl, Python, Ruby and Golang derivations have been adjusted to reuse these informations. Package URL's enables a reliable identification and locatization of software packages. Maintainers of derivations using the adopted fetchers should rely on the `drv.src.meta.identifiers.v1.purl` default identifier and can enhance their `drv.meta.identifiers.v1.purls` list once they would like to have additional identifiers. Maintainers using fetchurl for `drv.src` are urged to adopt their `drv.meta.identifiers.purlParts` for proper identification. +- Metadata identifier purl (Package URL, https://github.com/package-url/purl-spec) has been added for fetchgit, fetchpypi and fetchFromGithub fetchers and mkDerivation has been adjusted to reuse these informations. Package URL's enables a reliable identification and locatization of software packages. Maintainers of derivations using the adopted fetchers should rely on the `drv.src.meta.identifiers.v1.purl` default identifier and can enhance their `drv.meta.identifiers.v1.purls` list once they would like to have additional identifiers. Maintainers using fetchurl for `drv.src` are urged to adopt their `drv.meta.identifiers.purlParts` for proper identification. - Added `rewriteURL` attribute to the nixpkgs `config`, to allow for rewriting the URLs downloaded by `fetchurl`. diff --git a/pkgs/build-support/go/module.nix b/pkgs/build-support/go/module.nix index 2ed86cb759c7..00ba03533e34 100644 --- a/pkgs/build-support/go/module.nix +++ b/pkgs/build-support/go/module.nix @@ -424,12 +424,6 @@ lib.extendMkDerivation { meta = { # Add default meta information. platforms = go.meta.platforms or lib.platforms.all; - identifiers = { - ${if (finalAttrs.src.meta.identifiers.purl or null) != null then "purl" else null} = - finalAttrs.src.meta.identifiers.purl; - ${if (finalAttrs.src.meta.identifiers.purls or null) != null then "purls" else null} = - finalAttrs.src.meta.identifiers.purls; - }; } // meta; }; diff --git a/pkgs/development/interpreters/python/mk-python-derivation.nix b/pkgs/development/interpreters/python/mk-python-derivation.nix index fa0916fa5a6e..eb8e76101c49 100644 --- a/pkgs/development/interpreters/python/mk-python-derivation.nix +++ b/pkgs/development/interpreters/python/mk-python-derivation.nix @@ -416,12 +416,6 @@ let # default to python's platforms platforms = python.meta.platforms; isBuildPythonPackage = python.meta.platforms; - identifiers = { - ${if (finalAttrs.src.meta.identifiers.purl or null) != null then "purl" else null} = - finalAttrs.src.meta.identifiers.purl; - ${if (finalAttrs.src.meta.identifiers.purls or null) != null then "purls" else null} = - finalAttrs.src.meta.identifiers.purls; - }; } // meta; } diff --git a/pkgs/development/ruby-modules/gem/default.nix b/pkgs/development/ruby-modules/gem/default.nix index 8da6bd0d9f0c..7ea5a32d70cc 100644 --- a/pkgs/development/ruby-modules/gem/default.nix +++ b/pkgs/development/ruby-modules/gem/default.nix @@ -307,9 +307,6 @@ lib.makeOverridable ( platforms = ruby.meta.platforms; mainProgram = gemName; } - // (lib.optionalAttrs ((attrs.src.meta or { }) ? identifiers) { - inherit (attrs.src.meta) identifiers; - }) // meta; } ) diff --git a/pkgs/stdenv/generic/check-meta.nix b/pkgs/stdenv/generic/check-meta.nix index cd690197939b..09d5362fc7fe 100644 --- a/pkgs/stdenv/generic/check-meta.nix +++ b/pkgs/stdenv/generic/check-meta.nix @@ -34,6 +34,7 @@ let toList isList elem + flatten ; inherit (lib.meta) @@ -711,12 +712,34 @@ let } ) possibleCPEPartsFuns; + # search for a pURL in the following order: + # - locally set + # - src.meta.pURL + # - srcs[].meta.pURL (for pURLs only) purlParts = attrs.meta.identifiers.purlParts or { }; purl = - attrs.meta.identifiers.purl or ( - if purlParts ? type && purlParts ? spec then "pkg:${purlParts.type}/${purlParts.spec}" else null + if purlParts ? type && purlParts ? spec then + "pkg:${purlParts.type}/${purlParts.spec}" + else + (attrs.src.meta.identifiers.purl or null); + purls = + attrs.meta.identifiers.purls or ( + if purl != null then + [ purl ] + else + (attrs.src.meta.identifiers.purls or ( + # some of the srcs may not have a pURL + builtins.filter (purl: purl != null) ( + map + # get the pURLs from a single derivation + (derivation: derivation.meta.identifiers.purls or null) + + # sometimes srcs is a single derivation + (flatten (attrs.srcs or [ ])) + ) + ) + ) ); - purls = attrs.meta.identifiers.purls or (optional (purl != null) purl); v1 = { inherit From 81dc446ee36274f737a05755af92b74e70e0c07d Mon Sep 17 00:00:00 2001 From: Hans Joachim Kliemeck Date: Fri, 10 Oct 2025 17:17:13 +0200 Subject: [PATCH 14/39] stdenv: pURL review suggestions - align naming Co-authored-by: Philippe Ombredanne --- doc/stdenv/meta.chapter.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/doc/stdenv/meta.chapter.md b/doc/stdenv/meta.chapter.md index fdf7712415b3..55727bb84b8b 100644 --- a/doc/stdenv/meta.chapter.md +++ b/doc/stdenv/meta.chapter.md @@ -322,19 +322,19 @@ A readonly attribute containing the list of guesses for what CPE for this packag ### Package URL {#sec-meta-identifiers-purl} -[Package URL](https://github.com/package-url/purl-spec) (pURL) is a specification to reliably identify and locate software packages. Through identification of software packages, additional (non-major) use cases are e.g. software license cross-verification via third party databases or initial vulnerability response management. Package URL's default to the mkDerivation.src, as the original consumed software package is the single point of truth. +[Package-URL](https://github.com/package-url/purl-spec) (PURL) is a specification to reliably identify and locate software packages. Through identification of software packages, additional (non-major) use cases are e.g. software license cross-verification via third party databases or initial vulnerability response management. Package URL's default to the mkDerivation.src, as the original consumed software package is the single point of truth. #### `meta.identifiers.purlParts` {#var-meta-identifiers-purlParts} -This attribute contains an attribute set of all parts of the pURL for this package. +This attribute contains an attribute set of all parts of the PURL for this package. * `type` mandatory [type](https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/docs/standard/summary.md) which needs to be provided -* `spec` specify the pURL in accordance with the [purl-spec](https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/purl-specification.md) +* `spec` specify the PURL in accordance with the [purl-spec](https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/purl-specification.md) #### `meta.identifiers.purl` {#var-meta-identifiers-purl} -An extendable attribute which is built based on purlParts. It is the main identifier, consumers should consider using the pURL's list interface to be prepared for edge cases. +An extendable attribute which is built based on purlParts. It is the main identifier, consumers should consider using the PURL's list interface to be prepared for edge cases. #### `meta.identifiers.purls` {#var-meta-identifiers-purls} -An extendable attribute list which defaults to a single element equal to the main pURL. It provides an interface for additional identifiers of mkDerivation.src and / or vendored dependencies inside mkDerivation.src, which maintainers can conciously decide to use on top. Identifiers different to the default src identifier are not recommended by default as they might cause maintenance overhead or may diverge (e.g. differences between source distribution pkg:github and binary distribution like pkg:pypi). +An extendable attribute list which defaults to a single element equal to the main PURL. It provides an interface for additional identifiers of mkDerivation.src and / or vendored dependencies inside mkDerivation.src, which maintainers can conciously decide to use on top. Identifiers different to the default src identifier are not recommended by default as they might cause maintenance overhead or may diverge (e.g. differences between source distribution pkg:github and binary distribution like pkg:pypi). From 3ddee85a175472d063063a3423524f668ed31b86 Mon Sep 17 00:00:00 2001 From: Hans Joachim Kliemeck Date: Tue, 14 Oct 2025 12:51:15 +0200 Subject: [PATCH 15/39] stdenv: pURL review suggestions - part 5 --- pkgs/stdenv/generic/check-meta.nix | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/pkgs/stdenv/generic/check-meta.nix b/pkgs/stdenv/generic/check-meta.nix index 09d5362fc7fe..873d75d26d7b 100644 --- a/pkgs/stdenv/generic/check-meta.nix +++ b/pkgs/stdenv/generic/check-meta.nix @@ -35,6 +35,7 @@ let isList elem flatten + filter ; inherit (lib.meta) @@ -300,7 +301,7 @@ let let expectedOutputs = attrs.meta.outputsToInstall or [ ]; actualOutputs = attrs.outputs or [ "out" ]; - missingOutputs = builtins.filter (output: !builtins.elem output actualOutputs) expectedOutputs; + missingOutputs = filter (output: !builtins.elem output actualOutputs) expectedOutputs; in '' The package ${getNameWithVersion attrs} has set meta.outputsToInstall to: ${builtins.concatStringsSep ", " expectedOutputs} @@ -476,7 +477,7 @@ let let expectedOutputs = attrs.meta.outputsToInstall or [ ]; actualOutputs = attrs.outputs or [ "out" ]; - missingOutputs = builtins.filter (output: !builtins.elem output actualOutputs) expectedOutputs; + missingOutputs = filter (output: !builtins.elem output actualOutputs) expectedOutputs; in if config.checkMeta then builtins.length missingOutputs > 0 else false; @@ -712,10 +713,10 @@ let } ) possibleCPEPartsFuns; - # search for a pURL in the following order: + # search for a PURL in the following order: # - locally set - # - src.meta.pURL - # - srcs[].meta.pURL (for pURLs only) + # - src.meta.PURL + # - srcs[].meta.PURL (for PURL only) purlParts = attrs.meta.identifiers.purlParts or { }; purl = if purlParts ? type && purlParts ? spec then @@ -728,11 +729,11 @@ let [ purl ] else (attrs.src.meta.identifiers.purls or ( - # some of the srcs may not have a pURL - builtins.filter (purl: purl != null) ( + # some of the srcs may not have a PURL + filter (purl: purl != null) ( map - # get the pURLs from a single derivation - (derivation: derivation.meta.identifiers.purls or null) + # get the PURLs from a single derivation + (drv: drv.meta.identifiers.purls or null) # sometimes srcs is a single derivation (flatten (attrs.srcs or [ ])) From f7cbf2374b500cc2b87dbba11baa9b4ea03d6086 Mon Sep 17 00:00:00 2001 From: Hans Joachim Kliemeck Date: Tue, 14 Oct 2025 15:36:56 +0200 Subject: [PATCH 16/39] stdenv: pURL review suggestions - fix srcs flatten case --- pkgs/stdenv/generic/check-meta.nix | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/pkgs/stdenv/generic/check-meta.nix b/pkgs/stdenv/generic/check-meta.nix index 873d75d26d7b..e2464e76ac35 100644 --- a/pkgs/stdenv/generic/check-meta.nix +++ b/pkgs/stdenv/generic/check-meta.nix @@ -731,12 +731,14 @@ let (attrs.src.meta.identifiers.purls or ( # some of the srcs may not have a PURL filter (purl: purl != null) ( - map - # get the PURLs from a single derivation - (drv: drv.meta.identifiers.purls or null) + flatten ( + map + # get the PURLs from a single derivation + (drv: drv.meta.identifiers.purls or null) - # sometimes srcs is a single derivation - (flatten (attrs.srcs or [ ])) + # sometimes srcs is a single derivation + (flatten (attrs.srcs or [ ])) + ) ) ) ) From bacccc39a9cfd80b62940002f0c656add2aa3619 Mon Sep 17 00:00:00 2001 From: Hans Joachim Kliemeck Date: Tue, 14 Oct 2025 14:53:13 +0000 Subject: [PATCH 17/39] stdenv: pURL - fix chaining case (github&submodules using fetchgit) --- pkgs/build-support/fetchgit/default.nix | 4 ++-- pkgs/build-support/fetchgithub/default.nix | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/pkgs/build-support/fetchgit/default.nix b/pkgs/build-support/fetchgit/default.nix index ed9daa7ff525..581cd1c9a19c 100644 --- a/pkgs/build-support/fetchgit/default.nix +++ b/pkgs/build-support/fetchgit/default.nix @@ -187,13 +187,13 @@ lib.makeOverridable ( inherit preferLocalBuild allowedRequisites; - meta = meta // { + meta = lib.recursiveUpdate { identifiers.purlParts = { type = "generic"; # https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/types-doc/generic-definition.md spec = "${name}?vcs_url=${url}@${(lib.revOrTag rev tag)}"; }; - }; + } meta; passthru = { gitRepoUrl = url; diff --git a/pkgs/build-support/fetchgithub/default.nix b/pkgs/build-support/fetchgithub/default.nix index 115f8b5e867e..07c4c393ed88 100644 --- a/pkgs/build-support/fetchgithub/default.nix +++ b/pkgs/build-support/fetchgithub/default.nix @@ -42,9 +42,8 @@ lib.makeOverridable ( builtins.unsafeGetAttrPos "rev" args ); baseUrl = "https://${githubBase}/${owner}/${repo}"; - newMeta = - meta - // { + newMeta = lib.recursiveUpdate ( + { homepage = meta.homepage or baseUrl; identifiers.purlParts = if githubBase == "github.com" then @@ -63,7 +62,8 @@ lib.makeOverridable ( // lib.optionalAttrs (position != null) { # to indicate where derivation originates, similar to make-derivation.nix's mkDerivation position = "${position.file}:${toString position.line}"; - }; + } + ) meta; passthruAttrs = removeAttrs args [ "owner" From 028af7c17dacf56953cafd8a19aaecd12edf7921 Mon Sep 17 00:00:00 2001 From: Hans Joachim Kliemeck Date: Tue, 14 Oct 2025 18:59:25 +0200 Subject: [PATCH 18/39] stdenv: pURL review suggestions - replace merge --- pkgs/build-support/fetchgit/default.nix | 17 ++++++---- pkgs/build-support/fetchgithub/default.nix | 37 ++++++++++++---------- 2 files changed, 30 insertions(+), 24 deletions(-) diff --git a/pkgs/build-support/fetchgit/default.nix b/pkgs/build-support/fetchgit/default.nix index 581cd1c9a19c..05abacef8d80 100644 --- a/pkgs/build-support/fetchgit/default.nix +++ b/pkgs/build-support/fetchgit/default.nix @@ -187,13 +187,16 @@ lib.makeOverridable ( inherit preferLocalBuild allowedRequisites; - meta = lib.recursiveUpdate { - identifiers.purlParts = { - type = "generic"; - # https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/types-doc/generic-definition.md - spec = "${name}?vcs_url=${url}@${(lib.revOrTag rev tag)}"; - }; - } meta; + meta = meta // { + identifiers = { + purlParts = { + type = "generic"; + # https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/types-doc/generic-definition.md + spec = "${name}?vcs_url=${url}@${(lib.revOrTag rev tag)}"; + }; + } + // meta.identifiers or { }; + }; passthru = { gitRepoUrl = url; diff --git a/pkgs/build-support/fetchgithub/default.nix b/pkgs/build-support/fetchgithub/default.nix index 07c4c393ed88..a19a0a5a3cab 100644 --- a/pkgs/build-support/fetchgithub/default.nix +++ b/pkgs/build-support/fetchgithub/default.nix @@ -42,28 +42,31 @@ lib.makeOverridable ( builtins.unsafeGetAttrPos "rev" args ); baseUrl = "https://${githubBase}/${owner}/${repo}"; - newMeta = lib.recursiveUpdate ( - { + newMeta = + meta + // { homepage = meta.homepage or baseUrl; - identifiers.purlParts = - if githubBase == "github.com" then - { - type = "github"; - # https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/types-doc/github-definition.md - spec = "${owner}/${repo}@${(lib.revOrTag rev tag)}"; - } - else - { - type = "generic"; - # https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/types-doc/generic-definition.md - spec = "${repo}?vcs_url=https://${githubBase}/${owner}/${repo}@${(lib.revOrTag rev tag)}"; - }; + identifiers = { + purlParts = + if githubBase == "github.com" then + { + type = "github"; + # https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/types-doc/github-definition.md + spec = "${owner}/${repo}@${(lib.revOrTag rev tag)}"; + } + else + { + type = "generic"; + # https://github.com/package-url/purl-spec/blob/18fd3e395dda53c00bc8b11fe481666dc7b3807a/types-doc/generic-definition.md + spec = "${repo}?vcs_url=https://${githubBase}/${owner}/${repo}@${(lib.revOrTag rev tag)}"; + }; + } + // meta.identifiers or { }; } // lib.optionalAttrs (position != null) { # to indicate where derivation originates, similar to make-derivation.nix's mkDerivation position = "${position.file}:${toString position.line}"; - } - ) meta; + }; passthruAttrs = removeAttrs args [ "owner" From 8f93050009418801c9cb2ee3d1c6e2d05b389222 Mon Sep 17 00:00:00 2001 From: Matteo Pacini Date: Wed, 15 Oct 2025 11:21:24 +0100 Subject: [PATCH 19/39] swiftlint: 0.61.0 -> 0.62.1 --- pkgs/by-name/sw/swiftlint/package.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/by-name/sw/swiftlint/package.nix b/pkgs/by-name/sw/swiftlint/package.nix index 99c0f63474ae..6de5c097e849 100644 --- a/pkgs/by-name/sw/swiftlint/package.nix +++ b/pkgs/by-name/sw/swiftlint/package.nix @@ -8,11 +8,11 @@ }: stdenvNoCC.mkDerivation rec { pname = "swiftlint"; - version = "0.61.0"; + version = "0.62.1"; src = fetchurl { url = "https://github.com/realm/SwiftLint/releases/download/${version}/portable_swiftlint.zip"; - hash = "sha256-I0LzeEMHoCEX4Y90X801DGrMbKsOUhwMDgHDKlOjsnQ="; + hash = "sha256-VB20vZT4z4+6q3YvWX5/DkkBan+MpccNhrQ3CnzSNkE="; }; dontPatch = true; From f03e6a79c1bbcc87d0ab5581eda68b440ba26b17 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Wed, 15 Oct 2025 15:10:59 +0000 Subject: [PATCH 20/39] syft: 1.33.0 -> 1.34.0 --- pkgs/by-name/sy/syft/package.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/by-name/sy/syft/package.nix b/pkgs/by-name/sy/syft/package.nix index 32cfb2219905..a91dd0b252fa 100644 --- a/pkgs/by-name/sy/syft/package.nix +++ b/pkgs/by-name/sy/syft/package.nix @@ -8,13 +8,13 @@ buildGoModule rec { pname = "syft"; - version = "1.33.0"; + version = "1.34.0"; src = fetchFromGitHub { owner = "anchore"; repo = "syft"; tag = "v${version}"; - hash = "sha256-S7PvaLjrd6W7AyCgi8yAC0kjFwVxpf/FlzyOq3yvayE="; + hash = "sha256-J9ia5VjEItwDS2YjKAGAuQTTig5IIQA70yBYM/2r4B4="; # populate values that require us to use git. By doing this in postFetch we # can delete .git afterwards and maintain better reproducibility of the src. leaveDotGit = true; @@ -29,7 +29,7 @@ buildGoModule rec { # hash mismatch with darwin proxyVendor = true; - vendorHash = "sha256-JppXYoge4hK5hw2O2KSRL1n/UX/bc2LmGEzwQW6xD44="; + vendorHash = "sha256-r1P3dWNiVLDFLJ5IM/VHdMTDS/Yh+pb8VODxEnmxmks="; nativeBuildInputs = [ installShellFiles ]; From 6893073ddd4657be8f5091b16eb7b2254f9ace63 Mon Sep 17 00:00:00 2001 From: Anthony ROUSSEL Date: Thu, 16 Oct 2025 10:32:54 +0200 Subject: [PATCH 21/39] okms-cli: 0.3.5 -> 0.4.0 Diff: https://github.com/ovh/okms-cli/compare/v0.3.5...v0.4.0 Changelog: https://github.com/ovh/okms-cli/releases/tag/v0.4.0 --- pkgs/by-name/ok/okms-cli/package.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/by-name/ok/okms-cli/package.nix b/pkgs/by-name/ok/okms-cli/package.nix index 9e06126fd3e2..9d66557ab71c 100644 --- a/pkgs/by-name/ok/okms-cli/package.nix +++ b/pkgs/by-name/ok/okms-cli/package.nix @@ -8,16 +8,16 @@ buildGoModule (finalAttrs: { pname = "okms-cli"; - version = "0.3.5"; + version = "0.4.0"; src = fetchFromGitHub { owner = "ovh"; repo = "okms-cli"; tag = "v${finalAttrs.version}"; - hash = "sha256-zYhK2ulFVw7XlhoKrN9JoZg8lUFisfKS/Iez+Ll0eME="; + hash = "sha256-XW+otYeEQAuPVOXI6unTi28vn6dvpO7aVkr2bZ039Mk="; }; - vendorHash = "sha256-LFZ4dsWnODHLFc6k7p+Rd3zR0befCSOZLanwUFIWRl0="; + vendorHash = "sha256-GxHOWJcRBBHVm/RLeXChSDg59sX6dnO+yKyNEvUNup4="; ldflags = [ "-s" From 0ef545933fb1a707b70cb94b475a07343aa9ae7e Mon Sep 17 00:00:00 2001 From: Hans Joachim Kliemeck Date: Thu, 16 Oct 2025 08:42:08 +0000 Subject: [PATCH 22/39] stdenv: pURL - last review suggestion --- pkgs/stdenv/generic/check-meta.nix | 53 ++++++++++++++++-------------- 1 file changed, 28 insertions(+), 25 deletions(-) diff --git a/pkgs/stdenv/generic/check-meta.nix b/pkgs/stdenv/generic/check-meta.nix index e2464e76ac35..da0e8f4bb182 100644 --- a/pkgs/stdenv/generic/check-meta.nix +++ b/pkgs/stdenv/generic/check-meta.nix @@ -713,33 +713,36 @@ let } ) possibleCPEPartsFuns; - # search for a PURL in the following order: - # - locally set - # - src.meta.PURL - # - srcs[].meta.PURL (for PURL only) purlParts = attrs.meta.identifiers.purlParts or { }; - purl = - if purlParts ? type && purlParts ? spec then - "pkg:${purlParts.type}/${purlParts.spec}" - else - (attrs.src.meta.identifiers.purl or null); - purls = - attrs.meta.identifiers.purls or ( - if purl != null then - [ purl ] - else - (attrs.src.meta.identifiers.purls or ( - # some of the srcs may not have a PURL - filter (purl: purl != null) ( - flatten ( - map - # get the PURLs from a single derivation - (drv: drv.meta.identifiers.purls or null) + purlPartsFormatted = + if purlParts ? type && purlParts ? spec then "pkg:${purlParts.type}/${purlParts.spec}" else null; - # sometimes srcs is a single derivation - (flatten (attrs.srcs or [ ])) - ) - ) + # search for a PURL in the following order: + purl = + # 1) locally set through API + if purlPartsFormatted != null then + purlPartsFormatted + else + # 2) locally overwritten through meta.identifiers.purl + (attrs.src.meta.identifiers.purl or null); + + # search for a PURL in the following order: + purls = + # 1) locally overwritten through meta.identifiers.purls (e.g. extension of list) + attrs.meta.identifiers.purls or ( + # 2) locally set through API + if purlPartsFormatted != null then + [ purlPartsFormatted ] + else + # 3) src.meta.PURL + (attrs.src.meta.identifiers.purls or ( + # 4) srcs.meta.PURL + if !attrs ? srcs then + [ ] + else if isList attrs.srcs then + concatMap (drv: drv.meta.identifiers.purls or [ ]) attrs.srcs + else + attrs.srcs.meta.identifiers.purls or [ ] ) ) ); From 4125c43ca5c5282423cfc946d48ebfe7a4e9a951 Mon Sep 17 00:00:00 2001 From: Sarah Clark Date: Thu, 16 Oct 2025 10:44:06 -0700 Subject: [PATCH 23/39] python3Packages.torch-geometric: disable test that fails on some Darwin configurations --- pkgs/development/python-modules/torch-geometric/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkgs/development/python-modules/torch-geometric/default.nix b/pkgs/development/python-modules/torch-geometric/default.nix index 35e96a4ca46d..18800e8304b9 100644 --- a/pkgs/development/python-modules/torch-geometric/default.nix +++ b/pkgs/development/python-modules/torch-geometric/default.nix @@ -246,6 +246,10 @@ buildPythonPackage rec { # RuntimeError: Boolean value of Tensor with more than one value is ambiguous "test_feature_store" + ] + ++ lib.optionals stdenv.hostPlatform.isDarwin [ + # NotImplementedError: The operator 'aten::logspace.out' is not currently implemented for the MPS device. + "test_positional_encoding" ]; meta = { From b7c1c552491e9e6e68e4b04ab810cdf306b83858 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 16 Oct 2025 20:17:51 +0000 Subject: [PATCH 24/39] eloquent: 1.2 -> 1.3 --- pkgs/by-name/el/eloquent/package.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/by-name/el/eloquent/package.nix b/pkgs/by-name/el/eloquent/package.nix index cca2f7d875ba..ec5117a6736b 100644 --- a/pkgs/by-name/el/eloquent/package.nix +++ b/pkgs/by-name/el/eloquent/package.nix @@ -28,14 +28,14 @@ stdenv.mkDerivation (finalAttrs: { pname = "eloquent"; - version = "1.2"; + version = "1.3"; src = fetchFromGitHub { owner = "sonnyp"; repo = "Eloquent"; tag = "v${finalAttrs.version}"; fetchSubmodules = true; - hash = "sha256-I4AQZl1zoZPhOwDR1uYNJTMRq5vQHPvyimC8OUAe+vY="; + hash = "sha256-+XAiRB5dRq2A2XP9ZdmIfxLjhCXb72TXRxnLnOprNT4="; }; nativeBuildInputs = [ From f950ddad0cb4cbc3d90ddbf10a159674125e317a Mon Sep 17 00:00:00 2001 From: lucasew Date: Thu, 16 Oct 2025 10:56:37 -0300 Subject: [PATCH 25/39] i3pystatus: 3.35-unstable-2024-06-13 -> 3.35-unstable-2025-06-24 Signed-off-by: lucasew --- pkgs/by-name/i3/i3pystatus/package.nix | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/pkgs/by-name/i3/i3pystatus/package.nix b/pkgs/by-name/i3/i3pystatus/package.nix index 84b5809f9420..46c1d229cee5 100644 --- a/pkgs/by-name/i3/i3pystatus/package.nix +++ b/pkgs/by-name/i3/i3pystatus/package.nix @@ -7,13 +7,14 @@ python3Packages, unstableGitUpdater, fetchpatch2, + writableTmpDirAsHomeHook, extraLibs ? [ ], }: python3Packages.buildPythonApplication rec { # i3pystatus moved to rolling release: # https://github.com/enkore/i3pystatus/issues/584 - version = "3.35-unstable-2024-06-13"; + version = "3.35-unstable-2025-06-24"; pname = "i3pystatus"; pyproject = true; build-system = [ python3Packages.setuptools ]; @@ -21,8 +22,8 @@ python3Packages.buildPythonApplication rec { src = fetchFromGitHub { owner = "enkore"; repo = "i3pystatus"; - rev = "f3c539ad78ad1c54fc36e8439bf3905a784ccb34"; - hash = "sha256-3AGREY+elHQk8kaoFp8AHEzk2jNC/ICGYPh2hXo2G/w="; + rev = "e8e03934d95658c85fa9f594987dac0481ca26c9"; + hash = "sha256-uAt6jxNAUR9txyPtHS4BRtu8Z5QaP6uqFg0sROf356c="; }; patches = [ @@ -41,7 +42,10 @@ python3Packages.buildPythonApplication rec { libnotify ]; - nativeCheckInputs = [ python3Packages.pytestCheckHook ]; + nativeCheckInputs = [ + python3Packages.pytestCheckHook + writableTmpDirAsHomeHook + ]; checkInputs = [ python3Packages.requests ]; From 961aa040a52cc1b9514ce0a681b7f9f8ea43d78e Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Thu, 16 Oct 2025 22:26:43 +0000 Subject: [PATCH 26/39] shader-slang: 2025.19 -> 2025.19.1 --- pkgs/by-name/sh/shader-slang/package.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/by-name/sh/shader-slang/package.nix b/pkgs/by-name/sh/shader-slang/package.nix index 699824fb99cc..1331cccf20f1 100644 --- a/pkgs/by-name/sh/shader-slang/package.nix +++ b/pkgs/by-name/sh/shader-slang/package.nix @@ -20,13 +20,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "shader-slang"; - version = "2025.19"; + version = "2025.19.1"; src = fetchFromGitHub { owner = "shader-slang"; repo = "slang"; tag = "v${finalAttrs.version}"; - hash = "sha256-WG+yW76iFrrYFldCp85LcbwQ8cz61NkAvdlvIfaPgac="; + hash = "sha256-mbtyvPM3dtIZRU9dWMCZ/XCf2mDAPuJMhagMLgFsdWI="; fetchSubmodules = true; }; From 85813b77613360035e51997a0e96fcc72a250d5d Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 17 Oct 2025 00:37:51 +0000 Subject: [PATCH 27/39] kissat: 4.0.3 -> 4.0.4 --- pkgs/by-name/ki/kissat/package.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/by-name/ki/kissat/package.nix b/pkgs/by-name/ki/kissat/package.nix index 29d4520c31db..7940d96d0038 100644 --- a/pkgs/by-name/ki/kissat/package.nix +++ b/pkgs/by-name/ki/kissat/package.nix @@ -25,13 +25,13 @@ let in stdenv.mkDerivation rec { pname = "kissat"; - version = "4.0.3"; + version = "4.0.4"; src = fetchFromGitHub { owner = "arminbiere"; repo = "kissat"; rev = "rel-${version}"; - sha256 = "sha256-IlMHtsEYafpbCNZfbeJo1JS5S5qcZQt1aDWjv+xxoqM="; + sha256 = "sha256-hgB1U2Pmh1hEyNA3ej3fXxxf0YjCRgtOuSddRl6s0eo="; }; outputs = [ From 23be2804990d761cc713259a6e7629c9900344ca Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 17 Oct 2025 02:50:18 +0000 Subject: [PATCH 28/39] python3Packages.hcloud: 2.8.0 -> 2.9.0 --- pkgs/development/python-modules/hcloud/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/hcloud/default.nix b/pkgs/development/python-modules/hcloud/default.nix index 13b1120e82ae..98e8494cd0a2 100644 --- a/pkgs/development/python-modules/hcloud/default.nix +++ b/pkgs/development/python-modules/hcloud/default.nix @@ -10,12 +10,12 @@ buildPythonPackage rec { pname = "hcloud"; - version = "2.8.0"; + version = "2.9.0"; pyproject = true; src = fetchPypi { inherit pname version; - hash = "sha256-5ehqw5qERzR5+RCetWgu9npjdMFDHRWMO/dEMqCIPSs="; + hash = "sha256-MkYvojUd20ehps6whNcMg1hRgiTkS04Bl/LlwPZ62O8="; }; build-system = [ setuptools ]; From 56dfecffea884e9d5b33b635f6f6724b3cb6a27c Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 17 Oct 2025 03:48:16 +0000 Subject: [PATCH 29/39] cosmic-ext-applet-caffeine: 0-unstable-2025-09-29 -> 0-unstable-2025-10-16 --- pkgs/by-name/co/cosmic-ext-applet-caffeine/package.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/by-name/co/cosmic-ext-applet-caffeine/package.nix b/pkgs/by-name/co/cosmic-ext-applet-caffeine/package.nix index 306b8fd12279..a508e77d7565 100644 --- a/pkgs/by-name/co/cosmic-ext-applet-caffeine/package.nix +++ b/pkgs/by-name/co/cosmic-ext-applet-caffeine/package.nix @@ -9,16 +9,16 @@ }: rustPlatform.buildRustPackage { pname = "cosmic-ext-applet-caffeine"; - version = "0-unstable-2025-09-29"; + version = "0-unstable-2025-10-16"; src = fetchFromGitHub { owner = "tropicbliss"; repo = "cosmic-ext-applet-caffeine"; - rev = "a43db670e03894ff402fa19eec3d60f7c7bf663c"; - hash = "sha256-0hIc62FdjIGU028z8/WCx2q317e+PCA25CSibBVi/p0="; + rev = "0b50a109495d02ab8c99a501d2dd7575c6fabc1b"; + hash = "sha256-Z84LqsPVGd7PfOUmC1iJWgTGrl6FicaxZHwTZmgmAyk="; }; - cargoHash = "sha256-nl/giMIQ5xNSOgjv67OMWkfuAVtdIcqZDbXC1mYwXBM="; + cargoHash = "sha256-TC7WNJUxGZpfDbDgnifBSZM7SvN2/Iw0HRXWPDXnDBM="; nativeBuildInputs = [ libcosmicAppHook From 85c6ec2309f5567377e299e8195318680cbafeae Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 17 Oct 2025 04:19:49 +0000 Subject: [PATCH 30/39] angular-language-server: 20.2.2 -> 20.3.0 --- pkgs/by-name/an/angular-language-server/package.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/by-name/an/angular-language-server/package.nix b/pkgs/by-name/an/angular-language-server/package.nix index 54219bea2d4b..9e5375612f96 100644 --- a/pkgs/by-name/an/angular-language-server/package.nix +++ b/pkgs/by-name/an/angular-language-server/package.nix @@ -16,11 +16,11 @@ stdenvNoCC.mkDerivation (finalAttrs: { pname = "angular-language-server"; - version = "20.2.2"; + version = "20.3.0"; src = fetchurl { name = "angular-language-server-${finalAttrs.version}.zip"; url = "https://github.com/angular/vscode-ng-language-service/releases/download/v${finalAttrs.version}/ng-template.vsix"; - hash = "sha256-2I5Pmd05zNGjM15tFo2yw6AGUKp3zxufVcoe4oSAO5U="; + hash = "sha256-o3e2qVKw/sfnFHbHHdRlB9UjEx1KLD1KVoaAsnlYjmY="; }; nativeBuildInputs = [ From 0ad8866a1953aa3c546354e85ba182c7994f4f75 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 17 Oct 2025 04:30:02 +0000 Subject: [PATCH 31/39] libretro.ppsspp: 0-unstable-2025-09-30 -> 0-unstable-2025-10-17 --- pkgs/applications/emulators/libretro/cores/ppsspp.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/emulators/libretro/cores/ppsspp.nix b/pkgs/applications/emulators/libretro/cores/ppsspp.nix index cb789b79d809..2ac064a36510 100644 --- a/pkgs/applications/emulators/libretro/cores/ppsspp.nix +++ b/pkgs/applications/emulators/libretro/cores/ppsspp.nix @@ -13,13 +13,13 @@ }: mkLibretroCore { core = "ppsspp"; - version = "0-unstable-2025-09-30"; + version = "0-unstable-2025-10-17"; src = fetchFromGitHub { owner = "hrydgard"; repo = "ppsspp"; - rev = "2f4b1adc98d36a4d3fdd0a413d65a7a0b306ed4c"; - hash = "sha256-9azuw2uCwc1cpqnrqCBGp4uS2AHOc2gBJIaOTSullvs="; + rev = "4ccf013d3b52314b935d8fc49b70f08d546aa48b"; + hash = "sha256-e1iqnhJQKYXddp3VwpAPg6eHBnDHOFvo1b4evp8f8X4="; fetchSubmodules = true; }; From 45dce8ef0949d485d1f18583907b8007b61927ef Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 17 Oct 2025 05:34:49 +0000 Subject: [PATCH 32/39] androidStudioPackages.canary: 2025.2.1.5 -> 2025.2.2.1 --- pkgs/applications/editors/android-studio/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/editors/android-studio/default.nix b/pkgs/applications/editors/android-studio/default.nix index 18422951f78b..181471838a87 100644 --- a/pkgs/applications/editors/android-studio/default.nix +++ b/pkgs/applications/editors/android-studio/default.nix @@ -24,8 +24,8 @@ let sha256Hash = "sha256-KrKUsA7wFeI7IBa9VOp+MERqWIiMnNzLFO8oF0rCiIw="; }; latestVersion = { - version = "2025.2.1.5"; # "Android Studio Otter | 2025.2.1 Canary 5" - sha256Hash = "sha256-Slpp29OMpG4i/9ykYBF/KMwnBgOTSuqObZrfdcMfDbQ="; + version = "2025.2.2.1"; # "Android Studio Otter 2 Feature Drop | 2025.2.2 Canary 1" + sha256Hash = "sha256-sSp9IpGpo7pE0x7C5wSmZiGKt2uLoUlNVh7NHF4j/N4="; }; in { From 4f2b7e0b4a3db51163800a998cbf379dd9a1a2f8 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 17 Oct 2025 06:04:49 +0000 Subject: [PATCH 33/39] quisk: 4.2.44 -> 4.2.46 --- pkgs/by-name/qu/quisk/package.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/by-name/qu/quisk/package.nix b/pkgs/by-name/qu/quisk/package.nix index 79079cd67322..82bdbce848ca 100644 --- a/pkgs/by-name/qu/quisk/package.nix +++ b/pkgs/by-name/qu/quisk/package.nix @@ -9,12 +9,12 @@ python3.pkgs.buildPythonApplication rec { pname = "quisk"; - version = "4.2.44"; + version = "4.2.46"; pyproject = true; src = fetchPypi { inherit pname version; - hash = "sha256-OSGrLbCS255e/btagD7RCVpLpyIX1jveeJnzIwyegH4="; + hash = "sha256-Tp6ctOZLGYyRe3q5EU1dZjAZTCXTsHywFzE5jKF2Ssc="; }; buildInputs = [ From b9a4311babf2dd64b095fb78c10a1f820ee2c078 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 17 Oct 2025 06:58:35 +0000 Subject: [PATCH 34/39] libretro.vba-m: 0-unstable-2024-10-21 -> 0-unstable-2025-10-17 --- pkgs/applications/emulators/libretro/cores/vba-m.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/emulators/libretro/cores/vba-m.nix b/pkgs/applications/emulators/libretro/cores/vba-m.nix index 04b25cbcedca..613861b185e5 100644 --- a/pkgs/applications/emulators/libretro/cores/vba-m.nix +++ b/pkgs/applications/emulators/libretro/cores/vba-m.nix @@ -5,13 +5,13 @@ }: mkLibretroCore { core = "vbam"; - version = "0-unstable-2024-10-21"; + version = "0-unstable-2025-10-17"; src = fetchFromGitHub { owner = "libretro"; repo = "vbam-libretro"; - rev = "379dd97301458a51fb69dd93ba21b64f81e01ef2"; - hash = "sha256-UbXSHdKfa91MpcYityo+aILbI0DfkLqZh8YfGcRx/BI="; + rev = "badf47c0e050983e44ac1217033283ca78313298"; + hash = "sha256-PwqwG+YMgdWNMoWx0mdUIBebQBMgaFd8BiI27xSUhps="; }; makefile = "Makefile"; From f15bf0ab82063e0fa0ba6b411b5d6406b9d9db4b Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 17 Oct 2025 09:08:23 +0000 Subject: [PATCH 35/39] cosmic-reader: 0-unstable-2025-10-09 -> 0-unstable-2025-10-12 --- pkgs/by-name/co/cosmic-reader/package.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/by-name/co/cosmic-reader/package.nix b/pkgs/by-name/co/cosmic-reader/package.nix index 02f84e4ea9a1..f865177284e3 100644 --- a/pkgs/by-name/co/cosmic-reader/package.nix +++ b/pkgs/by-name/co/cosmic-reader/package.nix @@ -19,13 +19,13 @@ }: rustPlatform.buildRustPackage (finalAttrs: { pname = "cosmic-reader"; - version = "0-unstable-2025-10-09"; + version = "0-unstable-2025-10-12"; src = fetchFromGitHub { owner = "pop-os"; repo = "cosmic-reader"; - rev = "8d02b136b0b558de09a2de0c99511a8bf0bb99cd"; - hash = "sha256-ldmrn2R6gZ+heXARqsMShWCDazH8MGA9Rm2M65T1aqI="; + rev = "35bf8c556bbff415e1149d7cbf267d2b6ff6f300"; + hash = "sha256-721Y1VbBPWMXcH8rt5AyO2GFV1Q70kHnG4TAPmeX414="; }; cargoHash = "sha256-4ofAtZN3FpYwNahinldALbdEJA5lDwa+CUsVIISnSTc="; From 0fefc9ae973b60edc4163a761f3de1469aeab3bb Mon Sep 17 00:00:00 2001 From: Anthony ROUSSEL Date: Fri, 17 Oct 2025 11:08:44 +0200 Subject: [PATCH 36/39] ovhcloud-cli: 0.6.0 -> 0.7.1 https://github.com/ovh/ovhcloud-cli/compare/v0.6.0...v0.7.1 --- pkgs/by-name/ov/ovhcloud-cli/package.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/by-name/ov/ovhcloud-cli/package.nix b/pkgs/by-name/ov/ovhcloud-cli/package.nix index 664f04528818..5e6cd30d88ee 100644 --- a/pkgs/by-name/ov/ovhcloud-cli/package.nix +++ b/pkgs/by-name/ov/ovhcloud-cli/package.nix @@ -8,13 +8,13 @@ buildGoModule (finalAttrs: { pname = "ovhcloud-cli"; - version = "0.6.0"; + version = "0.7.1"; src = fetchFromGitHub { owner = "ovh"; repo = "ovhcloud-cli"; tag = "v${finalAttrs.version}"; - hash = "sha256-ZW/o9YpENWmiBYRy+gPQyLM00QM6f+Ym7IFSeArqZ64="; + hash = "sha256-pps6PuaIJxZ0ewrBXgq4TnICOW3wjHJQDDmcQUfYDNg="; }; vendorHash = "sha256-WNONEceR/cDVloosQ/BMYjPTk9elQ1oTX89lgzENSAI="; From ee70e4d0a0913e300d5b69a9dc966f227b1918a8 Mon Sep 17 00:00:00 2001 From: Gaetan Lepage Date: Fri, 17 Oct 2025 09:23:50 +0000 Subject: [PATCH 37/39] python3Packages.pymc: 5.25.1 -> 5.26.0 Diff: https://github.com/pymc-devs/pymc/compare/v5.25.1...v5.26.0 Changelog: https://github.com/pymc-devs/pymc/releases/tag/v5.26.0 --- pkgs/development/python-modules/pymc/default.nix | 15 ++------------- 1 file changed, 2 insertions(+), 13 deletions(-) diff --git a/pkgs/development/python-modules/pymc/default.nix b/pkgs/development/python-modules/pymc/default.nix index 836ee2f3f183..e773b843a894 100644 --- a/pkgs/development/python-modules/pymc/default.nix +++ b/pkgs/development/python-modules/pymc/default.nix @@ -2,7 +2,6 @@ lib, buildPythonPackage, fetchFromGitHub, - fetchpatch2, # build-system setuptools, @@ -23,26 +22,16 @@ buildPythonPackage rec { pname = "pymc"; - version = "5.25.1"; + version = "5.26.0"; pyproject = true; src = fetchFromGitHub { owner = "pymc-devs"; repo = "pymc"; tag = "v${version}"; - hash = "sha256-zh6FsCEviuyqapguTrUDsWKq70ef0IKRhnn2dkgQ/KA="; + hash = "sha256-RN/7xO8aq8mWW2/48Ve1KTq3q1GWMZpMxv8w6yco/GE="; }; - patches = [ - # TODO: remove at next release - # https://github.com/pymc-devs/pytensor/pull/1471 - (fetchpatch2 { - name = "pytensor-2-32-compat"; - url = "https://github.com/pymc-devs/pymc/commit/59176b6adda88971e546a0cf93ca04424af5197f.patch"; - hash = "sha256-jkDwlKwxbn9DwpkxEbSXk/kbGjT/Xu8bsZHFBWYpMgA="; - }) - ]; - build-system = [ setuptools versioneer From 436c9419f71598019b9875ab7663a86e310a6202 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 17 Oct 2025 09:58:35 +0000 Subject: [PATCH 38/39] python3Packages.pytransportnswv2: 2.0.7 -> 2.0.8 --- pkgs/development/python-modules/pytransportnswv2/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/pytransportnswv2/default.nix b/pkgs/development/python-modules/pytransportnswv2/default.nix index 4cb73305c023..c5c4f4d922fb 100644 --- a/pkgs/development/python-modules/pytransportnswv2/default.nix +++ b/pkgs/development/python-modules/pytransportnswv2/default.nix @@ -10,13 +10,13 @@ buildPythonPackage rec { pname = "pytransportnswv2"; - version = "2.0.7"; + version = "2.0.8"; pyproject = true; src = fetchPypi { pname = "PyTransportNSWv2"; inherit version; - hash = "sha256-TuLcOjP8ij9+FsaGqeukPFQDS2QRRxFMsXPfrqaq+ec="; + hash = "sha256-+hE5onXQ/Isv+U7y9+CphpYTOW7CsMxR7M8jZS1djSs="; }; build-system = [ setuptools ]; From 6bf21927f90a8a5d6a1abde5d5c020d96bb7480a Mon Sep 17 00:00:00 2001 From: Defelo Date: Thu, 9 Oct 2025 10:48:34 +0000 Subject: [PATCH 39/39] bruijn: 0-unstable-2025-09-28 -> 0-unstable-2025-10-09 Diff: https://github.com/marvinborner/bruijn/compare/31ba54046e33618905fc99e0b079bd3aa2594284...3e9636b4c0c37f5c5df509e30fb37564464e5850 --- pkgs/by-name/br/bruijn/generated.nix | 4 ++-- pkgs/by-name/br/bruijn/version.txt | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/by-name/br/bruijn/generated.nix b/pkgs/by-name/br/bruijn/generated.nix index 6dce2ef52efd..6ca9c88dd9c0 100644 --- a/pkgs/by-name/br/bruijn/generated.nix +++ b/pkgs/by-name/br/bruijn/generated.nix @@ -24,8 +24,8 @@ mkDerivation { pname = "bruijn"; version = "0.1.0.0"; src = fetchzip { - url = "https://github.com/marvinborner/bruijn/archive/31ba54046e33618905fc99e0b079bd3aa2594284.tar.gz"; - sha256 = "11b3i32y36i29haym4agn1pgik20byldihgs2qsi5p7vy17z0a78"; + url = "https://github.com/marvinborner/bruijn/archive/3e9636b4c0c37f5c5df509e30fb37564464e5850.tar.gz"; + sha256 = "0pk6vyw03ys0jp1na0m3kz5k0x4xqr9zcna8c53dzkzlk5h5d85z"; }; isLibrary = true; isExecutable = true; diff --git a/pkgs/by-name/br/bruijn/version.txt b/pkgs/by-name/br/bruijn/version.txt index 758d57bf33ac..ab71cfe80a63 100644 --- a/pkgs/by-name/br/bruijn/version.txt +++ b/pkgs/by-name/br/bruijn/version.txt @@ -1 +1 @@ -0-unstable-2025-09-28 +0-unstable-2025-10-09