chore(3p): Bump NixOS channels to 2021-02-18

Main motivation for this is to get the openldap update that fixes
10 CVEs: CVE-2020-36221 to including CVE-2020-36230. See also this
issue which lists them all: https://github.com/NixOS/nixpkgs/issues/113490

Someone should also redeploy whitby as soon as this lands in canon and
all build failures have been fixed.

Things done to resolve upstream breakages:

* grpc no longer takes abseil-cpp as an input, it has also been removed
  in the override.

* Upgrade glittershark's kernel to 5.11 since the linuxPackages_5_9
  attribute has been removed by upstream and the patch used by them is
  available for 5.11 as well.

* The fixed output hash for third_patry.apereo-cas changed for some reason.

* Remove the pin of haskellPackages.vector from the haskell overlay. It
  broke as the most recent version of vector in nixos-unstable no longer
  depends on semigroups. This effectively updates vector from 0.12.1.2
  to 0.12.2.0.

* Align two comments in tvix/libstore/worker-protocol.hh because the
  updated clang-format now demands that.

Change-Id: I2ecf10a98de935e9222acf1feaea447d4c11ed2d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2538
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
This commit is contained in:
sterni 2021-02-19 12:42:24 +01:00
parent e174bad35b
commit e628862e97
7 changed files with 11 additions and 20 deletions

View file

@ -37,7 +37,7 @@ let
outputHashAlgo = "sha256";
outputHashMode = "recursive";
outputHash = "1mjk7nh0sr4xb8v5mqb8kzjk1xk9rsx8g069lhpvdkyrc5bq1w8j";
outputHash = "07wxmgljs8v0pmnryqjz6dr6jl93x3023y8zx3al5314mmqkpaan";
};
in
pkgs.stdenvNoCC.mkDerivation {

View file

@ -5,11 +5,11 @@
{ ... }:
let
# Tracking nixos-unstable as of 2021-01-19.
nixpkgsCommit = "68398d2dd50efc2d878bf0f83bbc8bc323b6b0e0";
# Tracking nixos-unstable as of 2021-02-18.
nixpkgsCommit = "6b1057b452c55bb3b463f0d7055bc4ec3fd1f381";
nixpkgsSrc = fetchTarball {
url = "https://github.com/NixOS/nixpkgs/archive/${nixpkgsCommit}.tar.gz";
sha256 = "1bivcxnajll53ixwyl304fq22w5dg97fqbwk8imp6ipwq84bq5ga";
sha256 = "10qfg11g8m0q2k3ibcm0ivjq494gqynshm3smjl1rfn5ifjf5fz8";
};
nixpkgs = import nixpkgsSrc {
config.allowUnfree = true;
@ -21,11 +21,11 @@ let
];
};
# Tracking nixos-20.09 as of 2021-01-19.
stableCommit = "88f00e7e12d2669583fffd3f33aae01101464386";
# Tracking nixos-20.09 as of 2021-02-17.
stableCommit = "5c53c720ff690ef82a9fe4849e7b70c104e1c82f";
stableNixpkgsSrc = fetchTarball {
url = "https://github.com/NixOS/nixpkgs/archive/${stableCommit}.tar.gz";
sha256 = "0972lcah2wm1j7ab5acnpn1il68q90cdqhvq1vj4nlnygnwzhcfr";
sha256 = "0gjxfxbfc6maqg48k9ai476s6zkc94p0y3v9yjgwbiy7b38pqfys";
};
stableNixpkgs = import stableNixpkgsSrc {};

View file

@ -1,7 +1,6 @@
{ pkgs, ... }:
(pkgs.originals.grpc.override {
abseil-cpp = pkgs.abseil_cpp;
protobuf = pkgs.protobuf;
stdenv = pkgs.llvmPackages.libcxxStdenv;
}).overrideAttrs(orig: rec {

View file

@ -53,7 +53,7 @@ typedef enum {
} WorkerOp;
#define STDERR_NEXT 0x6f6c6d67
#define STDERR_READ 0x64617461 // data needed from source
#define STDERR_READ 0x64617461 // data needed from source
#define STDERR_WRITE 0x64617416 // data for sink
#define STDERR_LAST 0x616c7473
#define STDERR_ERROR 0x63787470

View file

@ -79,7 +79,7 @@
lib
libredirect
linuxPackages
linuxPackages_5_9
linuxPackages_5_11
luajit
lutris
makeFontsConf

View file

@ -90,14 +90,6 @@ self: super: with pkgs.haskell.lib; rec {
test-framework-quickcheck2 = doJailbreak super.test-framework-quickcheck2;
vector = overrideSrc (doJailbreak super.vector) rec {
src = pkgs.fetchzip {
url = "mirror://hackage/vector-${version}/vector-${version}.tar.gz";
sha256 = "1312lpb1f4jzbmcjp7mdf9l9ykp1hscxdr66cl8zlcs8kbr13bm7";
};
version = "0.12.1.2";
};
vinyl = overrideSrc (markUnbroken super.vinyl)
rec {
src = pkgs.fetchzip {

View file

@ -11,7 +11,7 @@ let
name = "linux-ck-patch-${mm}-ck1.xz";
# example: http://ck.kolivas.org/patches/5.0/5.4/5.4-ck1/patch-5.4-ck1.xz
url = "http://ck.kolivas.org/patches/${mj}.0/${mm}/${mm}-ck1/patch-${mm}-ck1.xz";
sha256 = "0cv1ayj9akl83q2whabj8v3qygkkfwvzcjqx539sw6j3r9qhrs64";
sha256 = "14lfpq9hvq1amxrl0ayfid1d04kd35vwsvk1ppnqa87nqfkjq47c";
};
unpackPhase = ''
@ -24,7 +24,7 @@ let
};
in
{
boot.kernelPackages = pkgs.linuxPackages_5_9.extend (self: super: {
boot.kernelPackages = pkgs.linuxPackages_5_11.extend (self: super: {
kernel = super.kernel.override {
ignoreConfigErrors = true;
kernelPatches = super.kernel.kernelPatches ++ [{