| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2023-01-16 | python37: remove leftover files | Nick Cao | |
| 2023-01-15 | Merge pull request #210078 from thiagokokada/dont-expose-resholve | Thiago Kenji Okada | |
| resholve: mark it as knownVulnerabilities, allow resholve-utils usage | |||
| 2023-01-15 | python27: remove stripLibs argument | Thiago Kenji Okada | |
| Since we are now guarantee that the `resholve` is not exposing `python27`, let's remove the `stripLibs` hack that tried to reduce its size. | |||
| 2023-01-13 | Merge master into staging-next | github-actions[bot] | |
| 2023-01-12 | Merge pull request #208744 from wegank/python312-darwin | Mario Rodas | |
| python312: fix build on darwin | |||
| 2023-01-08 | python311: fix cross compilation | Nick Cao | |
| 2023-01-08 | Merge master into staging-next | github-actions[bot] | |
| 2023-01-07 | python27: mark as vulnerable/insecure due to EOL on 2020-01-01 | Fabián Heredia Montiel | |
| More information: https://www.activestate.com/products/python/python-2-end-of-life-security-updates/ | |||
| 2023-01-05 | Merge remote-tracking branch 'origin/master' into staging-next | Martin Weinelt | |
| 2023-01-05 | python37: drop | Martin Weinelt | |
| The package set hasn't been working for a long time now, due to infinite recursions, that nobody was going to fix. The release is going to go EOL in 2023/06 and we don't want to ship it in NixOS 23.05 anyway. | |||
| 2023-01-04 | python27: 2.7.18.5 -> 2.7.18.6 | Thiago Kenji Okada | |
| 2023-01-04 | Merge staging-next into staging | github-actions[bot] | |
| 2023-01-02 | python312: fix build on darwin | Weijia Wang | |
| 2023-01-01 | python3: allow enabling framework on darwin | Weijia Wang | |
| 2022-12-18 | python27: use ffi/expat as system libraries | Thiago Kenji Okada | |
| Without `--with-system-{ffi,expat}` flags, Python will use its own embedded libraries that are out-of-date. Thanks to it, they can be a security issue. So let's use our own libraries instead. This is already what Python 3.x does, so should be safe. | |||
| 2022-12-17 | Merge staging-next into staging | github-actions[bot] | |
| 2022-12-17 | Merge master into staging-next | github-actions[bot] | |
| 2022-12-15 | resholve: strip unused libraries from python27 | Thiago Kenji Okada | |
| Strip unused libraries from resholve's own python27 derivation, further reducing its size and reducing its attack surface. | |||
| 2022-12-13 | Merge staging-next into staging | github-actions[bot] | |
| 2022-12-13 | Merge master into staging-next | github-actions[bot] | |
| 2022-12-13 | resholve: use stripped-down python27 | Thiago Kenji Okada | |
| This PR strips down the modified `python27` derivation used by `resholve`. The idea is to reduce the possible security issues, and also to make it easier to bootstrap. | |||
| 2022-12-12 | Merge staging-next into staging | github-actions[bot] | |
| 2022-12-12 | python311: revert asyncio changes done in 3.11.1 | Vladimír Čunát | |
| Almost same as in the parent commit. | |||
| 2022-12-12 | python310: revert asyncio changes done in 3.10.9 | Vladimír Čunát | |
| They brought significant regressions. Upstream is now discussing what to do, but we still want the security fixes from 3.10.9. | |||
| 2022-12-10 | Merge pull request #175649 from Artturin/opt-in-structured-attrs | Robert Hensing | |
| stdenv: support opt-in __structuredAttrs | |||
| 2022-12-09 | Merge branch 'staging-next' into staging | Vladimír Čunát | |
| 2022-12-08 | treewide: fix some core package structuredAttrs | Artturin | |
| 2022-12-07 | cpython: Update meta and add changelog url | Martin Weinelt | |
| 2022-12-02 | cpython: Restore libxcrypt CFLAGS and LIBS in configureFlags | Martin Weinelt | |
| 2022-11-29 | python312: init at 3.12.0a2 | Martin Weinelt | |
| https://blog.python.org/2022/10/python-3120-alpha-1-released.html https://blog.python.org/2022/11/python-3120-alpha-2-released.html | |||
| 2022-11-29 | cpython: drop leftover 3.5/3.6 logic and patches | Martin Weinelt | |
| 2022-11-28 | python27: fix CVE-2021-3733 | Thiago Kenji Okada | |
| 2022-11-28 | python27: add thiagokokada as maintainer | Thiago Kenji Okada | |
| 2022-11-28 | python27: switch to ActiveState's fork for Python 2 | Thiago Kenji Okada | |
| ActiveState is a company that is maintaining a fork of Python 2 to fixes its security issues. Their support is paid, however the code is open-source. See the details here: https://www.activestate.com/products/python/python-2-end-of-life-security-updates/ This enable us to drop a bunch of CVE's patches for Python 2.7 and also it should be easier to maintain, since we can just bump the version once ActiveState tags a new version. | |||
| 2022-11-28 | Merge pull request #203362 from thiagokokada/add-patches-to-python27-cves | Martin Weinelt | |
| 2022-11-27 | python27: add patches for known security issues | Thiago Kenji Okada | |
| Add patches from Arch Linux package (that itself source its patches from Gentoo) to the following known security issues in Python 2.7: - CVE-2020-26116 - CVE-2020-27619 - CVE-2020-8492 This should cover all security issues currently listed in https://www.activestate.com/products/python/python-2-end-of-life-security-updates/. | |||
| 2022-11-21 | python3: use openssl_legacy | ajs124 | |
| 2022-11-21 | Revert "Revert "python3: pin to openssl_1_1"" | ajs124 | |
| This reverts commit 017fd895276dc0e45e9a596b1aa1ad199bfc7c4d. | |||
| 2022-11-11 | Merge pull request #196906 from helsinki-systems/feat/less-openssl_1_1 | Lassulus | |
| 2022-10-30 | pythonFull: drop unused xlibsWrapper input | Sergei Trofimovich | |
| Tested as no material change in `out` output with `diffoscope`. | |||
| 2022-10-28 | Revert "python3: pin to openssl_1_1" | ajs124 | |
| This reverts commit 8dfc998207dca2e2928cd1f204e4f37444aa40a6. | |||
| 2022-10-10 | treewide: optional -> optionals where the argument is a list | Artturin | |
| the argument to optional should not be list | |||
| 2022-10-09 | cpython: fix build with libxcrypt | Franz Pletz | |
| 2022-09-29 | Merge pull request #193528 from cidkidnix/android-cpyth | John Ericson | |
| android: cpython: fix stdenv.cc.cc.libllvm | |||
| 2022-09-29 | cpython: fix stdenv.cc.cc.libllvm | cidkidnix | |
| 2022-09-24 | pythonDocs: fix eval | K900 | |
| 2022-09-23 | pythonDocs: bring back pname+version, allow script to be executed from anywhere | Sandro Jäckel | |
| 2022-09-23 | pythonDocs: 3.7 -> 3.10 | Spencer Baugh | |
| Also include texinfo docs for Python 3 (they aren't generated for Python 2) A few minor fixes had to be made to generate.sh as well. | |||
| 2022-08-17 | python3: pin to openssl_1_1 | ajs124 | |
| 2022-08-07 | setup-hooks/separate-debug-info.sh: don't inhibit strip hook | Sergei Trofimovich | |
| Before the change separate-debug-info.sh did the stripping itself. This scheme has a few problems: 1. Stripping happens only on ELF files. *.a and *.o files are skipped. Derivations have to do it manually. Usually incorrectly as they don't run $RANLIB (true for `glibc` and `musl`). 2. Stripping happens on all paths. Ideally only `stripDebugList` paths should be considered. 3. Host strip is called on Target files. This change offloads stripping logic to strip hook. This strips more files for `glibc` and `musl`. Now we can remove most $STRIP calls from individual derivations. Co-authored-by: Sandro <sandro.jaeckel@gmail.com> | |||
 |
index : nixos/nixpkgs.git | |
| Nix Packages collection | Octavian Cerna |
| summaryrefslogtreecommitdiff |