3a49e4f4bf
OpenSSL released an update which fixes two severity high security issues: * https://mta.openssl.org/pipermail/openssl-announce/2021-March/000197.html * https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html Update to the nixpkgs (currently still master) commits updating OpenSSL. Other changes: * Use GHC 8.8.4 for haskell-language-server as GHC 8.8.3 got removed from nixpkgs last friday. Change-Id: Ic1b2f49284e78193a4330da4bb4b718a797f5ab1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/2653 Tested-by: BuildkiteCI Reviewed-by: tazjin <mail@tazj.in> Reviewed-by: lukegb <lukegb@tvl.fyi> Reviewed-by: glittershark <grfn@gws.fyi>
72 lines
2.3 KiB
Nix
72 lines
2.3 KiB
Nix
# This file controls the import of external dependencies (i.e.
|
|
# third-party code) into my package tree.
|
|
#
|
|
# This includes *all packages needed from nixpkgs*.
|
|
{ ... }:
|
|
|
|
let
|
|
# Tracking nixos-unstable as of 2021-03-25.
|
|
nixpkgsCommit = "60dd94fb7e01a8288f6638eee71d7cb354c49327";
|
|
nixpkgsSrc = fetchTarball {
|
|
url = "https://github.com/NixOS/nixpkgs/archive/${nixpkgsCommit}.tar.gz";
|
|
sha256 = "0skdwk9bdld295kzrymirs8xrzycqmhsclaz8s18jhcz75hb8sk3";
|
|
};
|
|
nixpkgs = import nixpkgsSrc {
|
|
config.allowUnfree = true;
|
|
config.allowBroken = true;
|
|
|
|
# Lutris depends on p7zip, which is considered insecure.
|
|
config.permittedInsecurePackages = [
|
|
"p7zip-16.02"
|
|
];
|
|
};
|
|
|
|
# Tracking nixos-20.09 as of 2021-03-25.
|
|
stableCommit = "223d0d733a66b46504ea6b4c15f88b7cc4db58fb";
|
|
stableNixpkgsSrc = fetchTarball {
|
|
url = "https://github.com/NixOS/nixpkgs/archive/${stableCommit}.tar.gz";
|
|
sha256 = "073327ris0frqa3kpid3nsjr9w8yx2z83xpsc24w898mrs9r7d5v";
|
|
};
|
|
stableNixpkgs = import stableNixpkgsSrc {};
|
|
|
|
exposed = import ./nixpkgs-exposed/exposed { inherit nixpkgs stableNixpkgs; };
|
|
|
|
in exposed.lib.fix(self: exposed // {
|
|
callPackage = nixpkgs.lib.callPackageWith self;
|
|
|
|
# Provide the source code of nixpkgs, but do not provide an imported
|
|
# version of it.
|
|
inherit nixpkgsCommit nixpkgsSrc stableNixpkgsSrc;
|
|
|
|
# Packages to be overridden
|
|
originals = {
|
|
inherit (nixpkgs) gtest openldap go grpc notmuch rr;
|
|
inherit (stableNixpkgs) git tdlib;
|
|
ffmpeg = nixpkgs.ffmpeg-full;
|
|
telega = stableNixpkgs.emacsPackages.telega;
|
|
};
|
|
|
|
# Use LLVM 11
|
|
llvmPackages = nixpkgs.llvmPackages_11;
|
|
clangStdenv = nixpkgs.llvmPackages_11.stdenv;
|
|
stdenv = nixpkgs.llvmPackages_11.stdenv;
|
|
|
|
clang-tools = (nixpkgs.clang-tools.override {
|
|
llvmPackages = nixpkgs.llvmPackages_11;
|
|
});
|
|
|
|
# Provide Emacs 27
|
|
#
|
|
# The assert exists because the name of the attribute is unversioned
|
|
# (which is different from previous versions).
|
|
emacs27 = assert ((exposed.lib.versions.major nixpkgs.emacs.version) == "27");
|
|
nixpkgs.emacs.overrideAttrs(old: {
|
|
configureFlags = old.configureFlags ++ [ "--with-cairo" ];
|
|
});
|
|
|
|
emacs27-nox = assert ((exposed.lib.versions.major nixpkgs.emacs.version) == "27");
|
|
nixpkgs.emacs-nox;
|
|
|
|
# Make NixOS available
|
|
nixos = import "${nixpkgsSrc}/nixos";
|
|
})
|