chore(3p/sources): bump to OpenSSH vulnerability hotfix

See https://github.com/NixOS/nixpkgs/pull/323753 for details. Changes: * git: temporarily comment out dottime patch (it doesn't apply, but it's not critical) * third-party/cgit: use an older git version where dottime patch still applies * 3p/crate2nix: remove crate2nix patches included in latest release * tvix: remove unneeded defaultCrateOverrides (upstreamed to nixpkgs) * tvix: regenerate Cargo.nix * tvix/nix-compat: remove unnused AtermWriteable::aterm_bytes pub(crate) function * tvix/nix-compat: remove redundant trait bounds * tvix/glue: use clone_into() to set drv.{builder,system} * tools/crate2nix: apply workaround for https://github.com/numtide/treefmt/issues/327 * toold/depotfmt: expose treefmt config as passthru * tools/crate2nix: undo some more hacks in the crate2nix-check drv Change-Id: Ifbcedeb3e8f81b2f6ec1dbf10189bfa6dfd9c75c Co-Authored-By: Florian Klink <flokli@flokli.de> Reviewed-on: https://cl.tvl.fyi/c/depot/+/11907 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de>
2024-07-01 12:47:15 +03:00 · 2024-07-01 12:47:15 +03:00 · 4b2f3c5454
commit 4b2f3c5454
parent 17bdf9a574
15 changed files with 124 additions and 230 deletions
--- a/third_party/cgit/default.nix
+++ b/third_party/cgit/default.nix
@ -27,12 +27,25 @@ stdenv.mkDerivation rec {
  #
  # TODO(tazjin): Add an assert for this somewhere so we notice it on
  # channel bumps.
-  preBuild = ''
-    rm -rf git # remove submodule dir ...
-    cp -r --no-preserve=ownership,mode ${pkgs.srcOnly depot.third_party.git} git
-    makeFlagsArray+=(prefix="$out" CGIT_SCRIPT_PATH="$out/cgit/")
-    cat tvl-extra.css >> cgit.css
-  '';
+  preBuild =
+    let
+      # we have to give cgit a git with dottime support to build
+      git' = pkgs.git.overrideAttrs (old: {
+        src = pkgs.fetchurl {
+          url = "https://github.com/git/git/archive/refs/tags/v2.44.2.tar.gz";
+          hash = "sha256-3h0LBfAD4MXfZc0tjWQDO81UdbRo3w5C0W7j7rr9m9I=";
+        };
+        patches = (old.patches or [ ]) ++ [
+          ../git/0001-feat-third_party-git-date-add-dottime-format.patch
+        ];
+      });
+    in
+    ''
+      rm -rf git # remove submodule dir ...
+      cp -r --no-preserve=ownership,mode ${pkgs.srcOnly git'} git
+      makeFlagsArray+=(prefix="$out" CGIT_SCRIPT_PATH="$out/cgit/")
+      cat tvl-extra.css >> cgit.css
+    '';

  stripDebugList = [ "cgit" ];