Merge master into staging-nixos (438071d6) · Commits · nix / nixpkgs

nixos/modules/services/web-apps/lasuite-docs.nix

+50 −0

Original line number	Diff line number	Diff line
		@@ -346,6 +346,56 @@ in
		};

		config = mkIf cfg.enable {
		systemd.services.lasuite-docs-postgresql-setup = mkIf cfg.postgresql.createLocally {
		wantedBy = [ "lasuite-docs.target" ];
		requiredBy = [ "lasuite-docs.service" ];
		before = [ "lasuite-docs.service" ];
		after = [ "postgresql-setup.service" ];

		serviceConfig = {
		Slice = "system-lasuite-docs.slice";
		Type = "oneshot";
		User = "postgres";

		# lasuite-docs user cannot create a C function as it is unsafe.
		ExecStart = ''
		${lib.getExe' config.services.postgresql.package "psql"} --port=${toString config.services.postgresql.settings.port} -d lasuite-docs -c "CREATE OR REPLACE FUNCTION public.immutable_unaccent(regdictionary, text) RETURNS text LANGUAGE c IMMUTABLE PARALLEL SAFE STRICT AS '$libdir/unaccent', 'unaccent_dict';"
		'';

		# hardening
		AmbientCapabilities = "";
		CapabilityBoundingSet = [ "" ];
		DevicePolicy = "closed";
		LockPersonality = true;
		NoNewPrivileges = true;
		PrivateDevices = true;
		PrivateTmp = true;
		PrivateUsers = true;
		ProcSubset = "pid";
		ProtectClock = true;
		ProtectControlGroups = true;
		ProtectHome = true;
		ProtectHostname = true;
		ProtectKernelLogs = true;
		ProtectKernelModules = true;
		ProtectKernelTunables = true;
		ProtectProc = "invisible";
		ProtectSystem = "strict";
		RemoveIPC = true;
		RestrictAddressFamilies = [
		"AF_INET"
		"AF_INET6"
		"AF_UNIX"
		];
		RestrictNamespaces = true;
		RestrictRealtime = true;
		RestrictSUIDSGID = true;
		SystemCallArchitectures = "native";
		UMask = "0077";
		};

		};

		systemd.services.lasuite-docs = {
		description = "Docs from SuiteNumérique";
		after = [

pkgs/applications/editors/vim/plugins/generated.nix

+13 −0

Original line number	Diff line number	Diff line
		@@ -22118,6 +22118,19 @@ final: prev: {
		meta.hydraPlatforms = [ ];
		};

		vim-waikiki = buildVimPlugin {
		pname = "vim-waikiki";
		version = "0-unstable-2020-09-19";
		src = fetchFromGitHub {
		owner = "fcpg";
		repo = "vim-waikiki";
		rev = "7af1879a8ea0e4a0a7bd181ed17ad3d37478215e";
		hash = "sha256-8zMKrmCV4Erp0Q4WyuqyyKgZS5JGu1dXSzrhftdmNFE=";
		};
		meta.homepage = "https://github.com/fcpg/vim-waikiki/";
		meta.hydraPlatforms = [ ];
		};

		vim-wakatime = buildVimPlugin {
		pname = "vim-wakatime";
		version = "11.3.0-unstable-2025-08-31";

pkgs/applications/editors/vim/plugins/vim-plugin-names

+1 −0

Original line number	Diff line number	Diff line
		@@ -1698,6 +1698,7 @@ https://github.com/hrsh7th/vim-vsnip/,,
		https://github.com/hrsh7th/vim-vsnip-integ/,,
		https://github.com/posva/vim-vue/,,
		https://github.com/leafOfTree/vim-vue-plugin/,HEAD,
		https://github.com/fcpg/vim-waikiki/,HEAD,
		https://github.com/wakatime/vim-wakatime/,,
		https://github.com/osyo-manga/vim-watchdogs/,,
		https://github.com/jasonccox/vim-wayland-clipboard/,,

pkgs/applications/editors/vscode/extensions/charliermarsh.ruff/default.nix

+5 −5

Original line number	Diff line number	Diff line
		@@ -12,26 +12,26 @@ vscode-utils.buildVscodeMarketplaceExtension {
		sources = {
		"x86_64-linux" = {
		arch = "linux-x64";
		hash = "sha256-oN7pb/KKhzx7LgODvEh5GyX9Nismtz1lsDcGsDlmaO0=";
		hash = "sha256-Mm0OXz9yURDyi8liVhbzrAAFB+atfSu4YKaanxsLN1s=";
		};
		"x86_64-darwin" = {
		arch = "darwin-x64";
		hash = "sha256-MeX4waPhX4/hmQH+iYs+RZlRGC/giXOtXG31zSAzcKI=";
		hash = "sha256-wWIve2qM3qXcuuCA63Xc5S69UdOTvNDWjyQfaBsRruA=";
		};
		"aarch64-linux" = {
		arch = "linux-arm64";
		hash = "sha256-pALbGD8Gikfyn4wNjCK9CTwZzaK/LjfHfJmFW0ns+yo=";
		hash = "sha256-1ckD1nc2K/hJHZPXDZ/eCE2zIQGkvDJGyDiFD/3V/xs=";
		};
		"aarch64-darwin" = {
		arch = "darwin-arm64";
		hash = "sha256-Tr6KjEDTtCH3EgSKK0WqU/5w8gjSz3azhxHVHlXwZTw=";
		hash = "sha256-T6+9h5pn/NI7ZDvl9hmCu8KWrleRiZ8qLEfsKPXO56A=";
		};
		};
		in
		{
		name = "ruff";
		publisher = "charliermarsh";
		version = "2025.32.0";
		version = "2026.34.0";
		}
		// sources.${stdenvNoCC.hostPlatform.system}
		or (throw "Unsupported system ${stdenvNoCC.hostPlatform.system}");

pkgs/applications/networking/browsers/firefox/packages/firefox.nix

+2 −2

Original line number	Diff line number	Diff line
		@@ -9,10 +9,10 @@

		buildMozillaMach rec {
		pname = "firefox";
		version = "147.0";
		version = "147.0.1";
		src = fetchurl {
		url = "mirror://mozilla/firefox/releases/${version}/source/firefox-${version}.source.tar.xz";
		sha512 = "ac9017b1a2da7b2f139392c394c36341fd3476e3d4ea1a3c7e5e7bf100dc30d185132ef9256be7e6b0f9dbfc69234ac571ea1fc6db9d84543b15772f4ec85161";
		sha512 = "f1e1bc486451254f33b000fb4513fd948a5a6e84841980ee767c42d326e1856f44a8437c8fdbff2cb34d177fea2b1907fcd72dd33bcec3f06ddb8d88151853a8";
		};

		meta = {