From 16b4a9472e452f9fccfaefe6b6275a3484ce0517 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Sun, 15 Oct 2023 00:18:32 +0000 Subject: [PATCH 1/3] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'filter': 'github:numtide/nix-filter/d90c75e8319d0dd9be67d933d8eb9d0894ec9174' (2023-06-19) → 'github:numtide/nix-filter/41fd48e00c22b4ced525af521ead8792402de0ea' (2023-09-16) • Updated input 'flake-compat': 'github:edolstra/flake-compat/35bb57c0c8d8b62bbfd284272c928ceb64ddbde9' (2023-01-17) → 'github:edolstra/flake-compat/0f9255e01c2351cc7d116c072cb317785dd33b33' (2023-10-04) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/0d2fb29f5071a12d7983319c2c2576be6a130582' (2023-08-05) → 'github:NixOS/nixpkgs/01441e14af5e29c9d27ace398e6dd0b293e25a54' (2023-10-11) • Updated input 'unblob-native': 'github:onekey-sec/unblob-native/3844f4fd5ffd5a3befcd25e8176eb889237b8eb4' (2023-07-31) → 'github:onekey-sec/unblob-native/042a7fea29d295d04877b31c41d9ebd5166e354f' (2023-10-08) • Updated input 'unblob-native/advisory-db': 'github:rustsec/advisory-db/98e8483ac17d42eeeeee51d4d02ad8a690bd12c7' (2023-07-29) → 'github:rustsec/advisory-db/da470caa84d3dd3be02657a9cb35bd5269636127' (2023-10-03) • Updated input 'unblob-native/crane': 'github:ipetkov/crane/8b08e96c9af8c6e3a2b69af5a7fa168750fcf88e' (2023-07-07) → 'github:ipetkov/crane/f2143cd27f8bd09ee4f0121336c65015a2a0a19c' (2023-10-04) • Updated input 'unblob-native/crane/flake-compat': 'github:edolstra/flake-compat/35bb57c0c8d8b62bbfd284272c928ceb64ddbde9' (2023-01-17) → 'github:edolstra/flake-compat/4f910c9827911b1ec2bf26b5a062cd09f8d89f85' (2023-10-02) • Updated input 'unblob-native/crane/flake-utils': 'github:numtide/flake-utils/dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7' (2023-06-25) → 'github:numtide/flake-utils/ff7b65b44d01cf9ba6a71320833626af21126384' (2023-09-12) • Updated input 'unblob-native/crane/rust-overlay': 'github:oxalica/rust-overlay/f9b92316727af9e6c7fee4a761242f7f46880329' (2023-07-03) → 'github:oxalica/rust-overlay/611ccdceed92b4d94ae75328148d84ee4a5b462d' (2023-10-03) • Updated input 'unblob-native/flake-utils': 'github:numtide/flake-utils/919d646de7be200f3bf08cb76ae1f09402b6f9b4' (2023-07-11) → 'github:numtide/flake-utils/ff7b65b44d01cf9ba6a71320833626af21126384' (2023-09-12) • Updated input 'unblob-native/nix-filter': 'github:numtide/nix-filter/d90c75e8319d0dd9be67d933d8eb9d0894ec9174' (2023-06-19) → 'github:numtide/nix-filter/41fd48e00c22b4ced525af521ead8792402de0ea' (2023-09-16) • Updated input 'unblob-native/rust-overlay': 'github:oxalica/rust-overlay/5c06b0ed7bfb00f3a925af6c4acd1636596381c1' (2023-07-29) → 'github:oxalica/rust-overlay/6528a18a62d817200099c520b6eea7833ade9a9a' (2023-10-08) --- flake.lock | 141 ++++++++++++----------------------------------------- 1 file changed, 31 insertions(+), 110 deletions(-) diff --git a/flake.lock b/flake.lock index e29f977365..a94608569e 100644 --- a/flake.lock +++ b/flake.lock @@ -19,11 +19,11 @@ "advisory-db_2": { "flake": false, "locked": { - "lastModified": 1690651200, - "narHash": "sha256-0aDZUueboXYxKy/ckHQYA6zkvLOVsb2wyzJjSuEdJzE=", + "lastModified": 1697318478, + "narHash": "sha256-ZEDgHfurZiv9lBGTmHnQ0YECoi6H2NYs3pTo1VU1koQ=", "owner": "rustsec", "repo": "advisory-db", - "rev": "98e8483ac17d42eeeeee51d4d02ad8a690bd12c7", + "rev": "71d80e811f2e29a4b82d3e545ad6591e35227e03", "type": "github" }, "original": { @@ -58,20 +58,17 @@ }, "crane_2": { "inputs": { - "flake-compat": "flake-compat_3", - "flake-utils": "flake-utils_3", "nixpkgs": [ "unblob-native", "nixpkgs" - ], - "rust-overlay": "rust-overlay_2" + ] }, "locked": { - "lastModified": 1688772518, - "narHash": "sha256-ol7gZxwvgLnxNSZwFTDJJ49xVY5teaSvF7lzlo3YQfM=", + "lastModified": 1697840921, + "narHash": "sha256-zXHwu104SQOxogkMgg+w22c3+zI/FvK83TAkfLmeKw0=", "owner": "ipetkov", "repo": "crane", - "rev": "8b08e96c9af8c6e3a2b69af5a7fa168750fcf88e", + "rev": "758ae442227103fa501276e8225609a11c99718e", "type": "github" }, "original": { @@ -106,11 +103,11 @@ }, "filter": { "locked": { - "lastModified": 1687178632, - "narHash": "sha256-HS7YR5erss0JCaUijPeyg2XrisEb959FIct3n2TMGbE=", + "lastModified": 1694857738, + "narHash": "sha256-bxxNyLHjhu0N8T3REINXQ2ZkJco0ABFPn6PIe2QUfqo=", "owner": "numtide", "repo": "nix-filter", - "rev": "d90c75e8319d0dd9be67d933d8eb9d0894ec9174", + "rev": "41fd48e00c22b4ced525af521ead8792402de0ea", "type": "github" }, "original": { @@ -122,11 +119,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1673956053, - "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "owner": "edolstra", "repo": "flake-compat", - "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", "type": "github" }, "original": { @@ -151,22 +148,6 @@ "type": "github" } }, - "flake-compat_3": { - "flake": false, - "locked": { - "lastModified": 1673956053, - "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, "flake-utils": { "inputs": { "systems": "systems" @@ -208,11 +189,11 @@ "systems": "systems_3" }, "locked": { - "lastModified": 1687709756, - "narHash": "sha256-Y5wKlQSkgEK2weWdOu4J3riRd+kV/VCgHsqLNTTWQ/0=", + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", "owner": "numtide", "repo": "flake-utils", - "rev": "dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", "type": "github" }, "original": { @@ -225,24 +206,6 @@ "inputs": { "systems": "systems_4" }, - "locked": { - "lastModified": 1689068808, - "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "flake-utils_5": { - "inputs": { - "systems": "systems_5" - }, "locked": { "lastModified": 1681202837, "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", @@ -259,11 +222,11 @@ }, "nix-filter": { "locked": { - "lastModified": 1687178632, - "narHash": "sha256-HS7YR5erss0JCaUijPeyg2XrisEb959FIct3n2TMGbE=", + "lastModified": 1694857738, + "narHash": "sha256-bxxNyLHjhu0N8T3REINXQ2ZkJco0ABFPn6PIe2QUfqo=", "owner": "numtide", "repo": "nix-filter", - "rev": "d90c75e8319d0dd9be67d933d8eb9d0894ec9174", + "rev": "41fd48e00c22b4ced525af521ead8792402de0ea", "type": "github" }, "original": { @@ -274,11 +237,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1691218994, - "narHash": "sha256-46GJ5vLf9H+Oh7Jii2gJI9GATJHGbx2iQpon5nUSFPI=", + "lastModified": 1697915759, + "narHash": "sha256-WyMj5jGcecD+KC8gEs+wFth1J1wjisZf8kVZH13f1Zo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0d2fb29f5071a12d7983319c2c2576be6a130582", + "rev": "51d906d2341c9e866e48c2efcaac0f2d70bfd43e", "type": "github" }, "original": { @@ -354,45 +317,18 @@ }, "rust-overlay_2": { "inputs": { - "flake-utils": [ - "unblob-native", - "crane", - "flake-utils" - ], - "nixpkgs": [ - "unblob-native", - "crane", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1688351637, - "narHash": "sha256-CLTufJ29VxNOIZ8UTg0lepsn3X03AmopmaLTTeHDCL4=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "f9b92316727af9e6c7fee4a761242f7f46880329", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, - "rust-overlay_3": { - "inputs": { - "flake-utils": "flake-utils_5", + "flake-utils": "flake-utils_4", "nixpkgs": [ "unblob-native", "nixpkgs" ] }, "locked": { - "lastModified": 1690596958, - "narHash": "sha256-SWqxUiEP9O2gvlWtR4Ku6rIMGM7PuNZreAPrU2yAjsk=", + "lastModified": 1697854201, + "narHash": "sha256-H+0Wb20PQx/8N7X/OfwwAVPeN9TbfjcyG0sXbdgsh50=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "5c06b0ed7bfb00f3a925af6c4acd1636596381c1", + "rev": "6e8e3332433847cd56186b1f6fc8c47603cf5b46", "type": "github" }, "original": { @@ -481,38 +417,23 @@ "type": "github" } }, - "systems_5": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, "unblob-native": { "inputs": { "advisory-db": "advisory-db_2", "crane": "crane_2", - "flake-utils": "flake-utils_4", + "flake-utils": "flake-utils_3", "nix-filter": "nix-filter", "nixpkgs": [ "nixpkgs" ], - "rust-overlay": "rust-overlay_3" + "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1690811550, - "narHash": "sha256-Q0B0GwXuzAmOFz9jEK6XvoaGer6q7117ayxTO60tqeM=", + "lastModified": 1698046070, + "narHash": "sha256-zs1TB+Fj+fKwqxXpz1CjeA8tQ9AKsp0Co4maiFwGEQg=", "owner": "onekey-sec", "repo": "unblob-native", - "rev": "3844f4fd5ffd5a3befcd25e8176eb889237b8eb4", + "rev": "ad931a3016122e862817ad7f30968024c649e3b3", "type": "github" }, "original": { From 7f54a725d379cb23f30eae3f78bc23b271362f85 Mon Sep 17 00:00:00 2001 From: Quentin Kaiser Date: Mon, 16 Oct 2023 08:30:30 +0200 Subject: [PATCH 2/3] chore(deps): adapt nix derivation for pyfatfs. --- nix/pyfatfs/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nix/pyfatfs/default.nix b/nix/pyfatfs/default.nix index 5dd32a25fc..15377866e6 100644 --- a/nix/pyfatfs/default.nix +++ b/nix/pyfatfs/default.nix @@ -9,7 +9,7 @@ python3.pkgs.buildPythonApplication rec { nativeBuildInputs = with python3.pkgs; [ pytest-runner setuptools-scm ]; - propagatedBuildInputs = with python3.pkgs; [ fs ]; + propagatedBuildInputs = with python3.pkgs; [ pip fs ]; postPatch = '' substituteInPlace ./setup.py --replace 'setuptools_scm~=5.0.0' setuptools_scm From e71232a105ce585932d987c868d9acb5561871dc Mon Sep 17 00:00:00 2001 From: Quentin Kaiser Date: Mon, 16 Oct 2023 17:31:56 +0200 Subject: [PATCH 3/3] chore(deps): adapt nix derivation for lief. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adapted CXX flags so warnings are no longer displayed when building with clang++ on OSX. The nixpkgs derivation[0] for lief made use of "/build/source" symlink, which is not available on Darwin. build commands are taken from LIEF build scripts [1] [0]: https://github.com/NixOS/nixpkgs/blob/8efd5d1e283604f75a808a20e6cde0ef313d07d4/pkgs/development/libraries/lief/default.nix#L37 [1]: https://github.com/lief-project/LIEF/tree/master/scripts Co-authored-by: László Vaskó <1771332+vlaci@users.noreply.github.com> --- nix/_sources/generated.json | 20 +++++++++++ nix/_sources/generated.nix | 11 ++++++ nvfetcher.toml | 4 +++ overlay.nix | 69 +++++++++++++++++++++++++++++++------ 4 files changed, 94 insertions(+), 10 deletions(-) diff --git a/nix/_sources/generated.json b/nix/_sources/generated.json index b40a3d51d2..1c3e7b022c 100644 --- a/nix/_sources/generated.json +++ b/nix/_sources/generated.json @@ -14,6 +14,26 @@ }, "version": "0.4.5" }, + "lief": { + "cargoLocks": null, + "date": null, + "extract": null, + "name": "lief", + "passthru": null, + "pinned": false, + "src": { + "deepClone": false, + "fetchSubmodules": false, + "leaveDotGit": false, + "name": null, + "owner": "lief-project", + "repo": "LIEF", + "rev": "0.13.2", + "sha256": "sha256-lH4SqwPB2Jp/wUI2Cll67PQbHbwMqpNuLy/ei8roiHg=", + "type": "github" + }, + "version": "0.13.2" + }, "lzallright": { "cargoLocks": { "Cargo.lock": [ diff --git a/nix/_sources/generated.nix b/nix/_sources/generated.nix index 2191a8280c..8d8619a003 100644 --- a/nix/_sources/generated.nix +++ b/nix/_sources/generated.nix @@ -9,6 +9,17 @@ sha256 = "sha256-+cPOzzO3bCQAu8LrbjUJ5S/SR5OFitOYLIu5L9t/q+k="; }; }; + lief = { + pname = "lief"; + version = "0.13.2"; + src = fetchFromGitHub { + owner = "lief-project"; + repo = "LIEF"; + rev = "0.13.2"; + fetchSubmodules = false; + sha256 = "sha256-lH4SqwPB2Jp/wUI2Cll67PQbHbwMqpNuLy/ei8roiHg="; + }; + }; lzallright = { pname = "lzallright"; version = "v0.2.3"; diff --git a/nvfetcher.toml b/nvfetcher.toml index 66d9c20a7b..998e279575 100644 --- a/nvfetcher.toml +++ b/nvfetcher.toml @@ -18,3 +18,7 @@ fetch.pypi = "treelib" [pyfatfs] src.pypi = "pyfatfs" fetch.pypi = "pyfatfs" + +[lief] +src.github_tag = "lief-project/LIEF" +fetch.github = "lief-project/LIEF" diff --git a/overlay.nix b/overlay.nix index 1b19017a5a..465ed18981 100644 --- a/overlay.nix +++ b/overlay.nix @@ -11,19 +11,68 @@ inputs: final: prev: hardeningDisable = (super.hardeningDisable or [ ]) ++ [ "fortify3" ]; }); - # Lief 12.3 incompatibility with Cmake 3.26 - lief = prev.lief.overrideAttrs (super: { - postPatch = '' - substituteInPlace setup.py \ - --replace \ - 'cmake_args = ["-DLIEF_FORCE_API_EXPORTS=ON", "-DLIEF_PYTHON_API=on"]' \ - 'cmake_args = ["-DLIEF_FORCE_API_EXPORTS=ON", "-DLIEF_PYTHON_API=on", "-DLIEF_EXAMPLES=off"]' - ''; - }); - # Own package updated independently of nixpkgs jefferson = final.callPackage ./nix/jefferson { }; + lief = prev.lief.overrideAttrs (super: with final; { + + outputs = [ "out" "py" ]; + + nativeBuildInputs = [ + cmake + ninja + ]; + + # Not a propagatedBuildInput because only the $py output needs it; $out is + # just the library itself (e.g. C/C++ headers). + buildInputs = with python3.pkgs; [ + python3 + setuptools + tomli + ]; + + CXXFLAGS = lib.optional stdenv.isLinux [ "-ffunction-sections" "-fdata-sections" "-fvisibility-inlines-hidden" "-static-libstdc++" "-static-libgcc" ] + ++ lib.optional stdenv.isDarwin [ "-faligned-allocation" "-fno-aligned-new" "-fvisibility=hidden" ]; + + CFLAGS = lib.optional stdenv.isLinux [ "-ffunction-sections" "-fdata-sections" "-static-libstdc++" "-static-libgcc" ]; + LDFLAGS = lib.optional stdenv.isLinux [ "-Wl,--gc-sections" "-Wl,--exclude-libs,ALL" ]; + + + dontUseCmakeConfigure = true; + + buildPhase = '' + runHook preBuild + + mkdir -p build + cmake -S . -B build -GNinja -DCMAKE_LINK_WHAT_YOU_USE=on -DBUILD_SHARED_LIBS=on -DLIEF_INSTALL_COMPILED_EXAMPLES=off -DCMAKE_INSTALL_PREFIX=$out -DCMAKE_BUILD_TYPE=Release + + cmake --build build --target all + + runHook postBuild + ''; + + postBuild = '' + pushd api/python + ${python3.interpreter} setup.py build --parallel=$NIX_BUILD_CORES + popd + ''; + + installPhase = '' + runHook preInstall + + cmake --build build --target install + + runHook postInstall + ''; + + postInstall = '' + pushd api/python + ${python3.interpreter} setup.py install --skip-build --root=/ --prefix=$py + popd + ''; + + }); + python3 = prev.python3 // { pkgs = prev.python3.pkgs.overrideScope (pyFinal: pyPrev: {