Unverified Commit 50c332eb authored by Tobias Mayer's avatar Tobias Mayer
Browse files

rapidjson: 1.1.0 -> unstable-2024-04-09, rapidjson-unstable: drop 

The last oficial release of rapidjson is 8 years old, development has
continued without releases since then. The old version is affected
by CVE-2024-38517.

https://www.opencve.io/cve/CVE-2024-38517
parent 6badbad9

pkgs/development/libraries/rapidjson/default.nix

+51 −36
Original line number Diff line number Diff line 
{ lib

, stdenv

, fetchFromGitHub

, fetchpatch

, pkg-config

, cmake

, doxygen

, graphviz

, gtest

, valgrind

, buildDocs ? true

, buildTests ? !stdenv.hostPlatform.isStatic && !stdenv.isDarwin

, buildExamples ? true

}:



stdenv.mkDerivation rec {

stdenv.mkDerivation (finalAttrs: {

  pname = "rapidjson";

  version = "1.1.0";

  version = "unstable-2024-04-09";



  outputs = [

    "out"

  ] ++ lib.optionals buildDocs [

    "doc"

  ] ++ lib.optionals buildExamples [

    "example"

  ];



  src = fetchFromGitHub {

    owner = "Tencent";

    repo = "rapidjson";

    rev = "v${version}";

    sha256 = "1jixgb8w97l9gdh3inihz7avz7i770gy2j2irvvlyrq3wi41f5ab";

    rev = "ab1842a2dae061284c0a62dca1cc6d5e7e37e346";

    hash = "sha256-kAGVJfDHEUV2qNR1LpnWq3XKBJy4hD3Swh6LX5shJpM=";

  };



  patches = [

    (fetchpatch {

      url = "https://src.fedoraproject.org/rpms/rapidjson/raw/48402da9f19d060ffcd40bf2b2e6987212c58b0c/f/rapidjson-1.1.0-c++20.patch";

      sha256 = "1qm62iad1xfsixv1li7qy475xc7gc04hmi2q21qdk6l69gk7mf82";

    })

    (fetchpatch {

      name = "do-not-include-gtest-src-dir.patch";

      url = "https://git.alpinelinux.org/aports/plain/community/rapidjson/do-not-include-gtest-src-dir.patch?id=9e5eefc7a5fcf5938a8dc8a3be8c75e9e6809909";

      hash = "sha256-BjSZEwfCXA/9V+kxQ/2JPWbc26jQn35CfN8+8NW24s4=";

    })

    # One of these three tests reports memcpy overlap after update to glibc-2.38

    ./test-skip-valgrind.diff

  patches = lib.optionals buildTests [

    ./0000-unstable-use-nixpkgs-gtest.patch

    # https://github.com/Tencent/rapidjson/issues/2214

    ./0001-unstable-valgrind-suppress-failures.patch

  ];



  postPatch = ''

    find -name CMakeLists.txt | xargs \

      sed -i -e "s/-Werror//g" -e "s/-march=native//g"

  '';



  nativeBuildInputs = [ pkg-config cmake ];

  nativeBuildInputs = [

    cmake

  ] ++ lib.optionals buildDocs [

    doxygen

    graphviz

  ];



  # for tests, adding gtest to checkInputs does not work

  # https://github.com/NixOS/nixpkgs/pull/212200

  buildInputs = [ gtest ];

  cmakeFlags = [

    "-DGTEST_SOURCE_DIR=${gtest.dev}/include"

    (lib.cmakeBool "RAPIDJSON_BUILD_DOC" buildDocs)

    (lib.cmakeBool "RAPIDJSON_BUILD_TESTS" buildTests)

    (lib.cmakeBool "RAPIDJSON_BUILD_EXAMPLES" buildExamples)

    # gtest 1.13+ requires C++14 or later.

    (lib.cmakeBool "RAPIDJSON_BUILD_CXX11" false)

    (lib.cmakeBool "RAPIDJSON_BUILD_CXX17" true)

  ] ++ lib.optionals buildTests [

    (lib.cmakeFeature "GTEST_INCLUDE_DIR" "${lib.getDev gtest}")

  ];



  doCheck = buildTests;



    # Build rapidjson with std=c++17 so gtest 1.13.0+ works

    # https://github.com/NixOS/nixpkgs/pull/282245#issuecomment-1951796902

    "-DRAPIDJSON_BUILD_CXX11=OFF"

    "-DRAPIDJSON_BUILD_CXX17=ON"

  nativeCheckInputs = [

    gtest

    valgrind

  ];



  nativeCheckInputs = [ valgrind ];

  doCheck = !stdenv.hostPlatform.isStatic && !stdenv.isDarwin;

  postInstall = lib.optionalString buildExamples ''

    mkdir -p $example/bin



    find bin -type f -executable \

      -not -name "perftest" \

      -not -name "unittest" \

      -exec cp -a {} $example/bin \;

  '';



  meta = with lib; {

    description = "Fast JSON parser/generator for C++ with both SAX/DOM style API";

    homepage = "http://rapidjson.org/";

    license = licenses.mit;

    platforms = platforms.unix;

    maintainers = with maintainers; [ dotlambda ];

    maintainers = with maintainers; [ dotlambda Madouura tobim ];

  };

}
 
})

pkgs/development/libraries/rapidjson/unstable.nix

deleted100644 → 0
+0 −80
Original line number Diff line number Diff line 
{ lib

, stdenv

, fetchFromGitHub

, cmake

, doxygen

, graphviz

, gtest

, valgrind

, buildDocs ? true

, buildTests ? !stdenv.hostPlatform.isStatic && !stdenv.isDarwin

, buildExamples ? true

}:



stdenv.mkDerivation (finalAttrs: {

  pname = "rapidjson";

  version = "unstable-2023-09-28";



  outputs = [

    "out"

  ] ++ lib.optionals buildDocs [

    "doc"

  ] ++ lib.optionals buildExamples [

    "example"

  ];



  src = fetchFromGitHub {

    owner = "Tencent";

    repo = "rapidjson";

    rev = "f9d53419e912910fd8fa57d5705fa41425428c35";

    hash = "sha256-rl7iy14jn1K2I5U2DrcZnoTQVEGEDKlxmdaOCF/3hfY=";

  };



  patches = lib.optionals buildTests [

    ./0000-unstable-use-nixpkgs-gtest.patch

    # https://github.com/Tencent/rapidjson/issues/2214

    ./0001-unstable-valgrind-suppress-failures.patch

  ];



  nativeBuildInputs = [

    cmake

  ] ++ lib.optionals buildDocs [

    doxygen

    graphviz

  ];



  cmakeFlags = [

    (lib.cmakeBool "RAPIDJSON_BUILD_DOC" buildDocs)

    (lib.cmakeBool "RAPIDJSON_BUILD_TESTS" buildTests)

    (lib.cmakeBool "RAPIDJSON_BUILD_EXAMPLES" buildExamples)

    # gtest 1.13+ requires C++14 or later.

    (lib.cmakeBool "RAPIDJSON_BUILD_CXX11" false)

    (lib.cmakeBool "RAPIDJSON_BUILD_CXX17" true)

  ] ++ lib.optionals buildTests [

    (lib.cmakeFeature "GTEST_INCLUDE_DIR" "${lib.getDev gtest}")

  ];



  doCheck = buildTests;



  nativeCheckInputs = [

    gtest

    valgrind

  ];



  postInstall = lib.optionalString buildExamples ''

    mkdir -p $example/bin



    find bin -type f -executable \

      -not -name "perftest" \

      -not -name "unittest" \

      -exec cp -a {} $example/bin \;

  '';



  meta = with lib; {

    description = "Fast JSON parser/generator for C++ with both SAX/DOM style API";

    homepage = "http://rapidjson.org/";

    license = licenses.mit;

    platforms = platforms.unix;

    maintainers = with maintainers; [ Madouura ];

  };

})

pkgs/development/rocm-modules/5/default.nix

+0 −2
Original line number Diff line number Diff line
@@ -10,7 +10,6 @@ 
, opencv

, ffmpeg_4

, libjpeg_turbo

, rapidjson-unstable

}:



let
@@ -304,7 +303,6 @@ in rec { 
    inherit (llvm) clang openmp;

    opencv = opencv.override { enablePython = true; };

    ffmpeg = ffmpeg_4;

    rapidjson = rapidjson-unstable;

    stdenv = llvm.rocmClangStdenv;



    # Unfortunately, rocAL needs a custom libjpeg-turbo until further notice

pkgs/development/rocm-modules/6/default.nix

+0 −2
Original line number Diff line number Diff line
@@ -10,7 +10,6 @@ 
, opencv

, ffmpeg_4

, libjpeg_turbo

, rapidjson-unstable

}:



let
@@ -303,7 +302,6 @@ in rec { 
    inherit (llvm) clang openmp;

    opencv = opencv.override { enablePython = true; };

    ffmpeg = ffmpeg_4;

    rapidjson = rapidjson-unstable;

    stdenv = llvm.rocmClangStdenv;



    # Unfortunately, rocAL needs a custom libjpeg-turbo until further notice

pkgs/top-level/aliases.nix

+1 −0
Original line number Diff line number Diff line
@@ -1232,6 +1232,7 @@ mapAliases ({ 
  radicle-upstream = throw "'radicle-upstream' was sunset, see <https://community.radworks.org/t/2962>"; # Added 2024-05-04

  railway-travel = diebahn; # Added 2024-04-01

  rambox-pro = rambox; # Added 2022-12-12

  rapidjson-unstable = lib.warn "'rapidjson-unstable' has been renamed to 'rapidjson'" rapidjson; # Added 2024-07-28

  rarian = throw "rarian has been removed as unused"; # Added 2023-07-05

  rccl = throw "'rccl' has been replaced with 'rocmPackages.rccl'"; # Added 2023-10-08

  rdc = throw "'rdc' has been replaced with 'rocmPackages.rdc'"; # Added 2023-10-08