libxml2: 2.14.6 -> 2.15.0

  pkg-config,

  autoreconfHook,

  python3,

  doxygen,

  ncurses,

  findXMLCatalogs,

  libiconv,

  # Python limits cross-compilation to an allowlist of host OSes.

  # https://github.com/python/cpython/blob/dfad678d7024ab86d265d84ed45999e031a03691/configure.ac#L534-L562

  pythonSupport ?

    enableShared

    && (

      stdenv.hostPlatform == stdenv.buildPlatform

      || stdenv.hostPlatform.isCygwin

      || stdenv.hostPlatform.isLinux

      || stdenv.hostPlatform.isWasi

    ),

  pythonSupport ? false,

  icuSupport ? false,

  icu,

  zlibSupport ? false,

    "bin"

    "dev"

    "out"

    "devdoc"

  ]

  ++ lib.optional pythonSupport "py"

  ++ lib.optional (enableStatic && enableShared) "static";

  outputMan = "bin";

  patches = [

    # Unmerged ABI-breaking patch required to fix the following security issues:

    # - https://gitlab.gnome.org/GNOME/libxslt/-/issues/139

    # - https://gitlab.gnome.org/GNOME/libxslt/-/issues/140

    # See also https://gitlab.gnome.org/GNOME/libxml2/-/issues/906

    # Source: https://github.com/chromium/chromium/blob/4fb4ae8ce3daa399c3d8ca67f2dfb9deffcc7007/third_party/libxml/chromium/xml-attr-extra.patch

    ./xml-attr-extra.patch

  ]

  ++ extraPatches;

  patches = [ ] ++ extraPatches;

  strictDeps = true;

  nativeBuildInputs = [

    pkg-config

    autoreconfHook

  ]

  ++ lib.optionals pythonSupport [

    doxygen

  ];

  buildInputs =

    (lib.withFeature icuSupport "icu")

    (lib.withFeature pythonSupport "python")

    (lib.optionalString pythonSupport "PYTHON=${python3.pythonOnBuildForHost.interpreter}")

  ]

  # avoid rebuilds, can be merged into list in version bumps

  ++ lib.optional enableHttp "--with-http"

  ++ lib.optional zlibSupport "--with-zlib";

    (lib.withFeature enableHttp "http")

    (lib.withFeature zlibSupport "zlib")

    (lib.withFeature false "docs") # docs are built with xsltproc, which would be a cyclic dependency

  ];

  installFlags = lib.optionals pythonSupport [

    "pythondir=\"${placeholder "py"}/${python3.sitePackages}\""

    license = lib.licenses.mit;

    platforms = lib.platforms.all;

    pkgConfigModules = [ "libxml-2.0" ];

    # Python limits cross-compilation to an allowlist of host OSes.

    # https://github.com/python/cpython/blob/dfad678d7024ab86d265d84ed45999e031a03691/configure.ac#L534-L562

    broken =

      pythonSupport

      && !(

        enableShared

        && (

          stdenv.hostPlatform == stdenv.buildPlatform

          || stdenv.hostPlatform.isCygwin

          || stdenv.hostPlatform.isLinux

          || stdenv.hostPlatform.isWasi

        )

      );

  }

  // extraMeta;

})

        # same as upstream, fixed conflicts

        # https://gitlab.gnome.org/GNOME/libxml2/-/commit/c340e419505cf4bf1d9ed7019a87cc00ec200434

        ./CVE-2025-6170.patch

        # Unmerged ABI-breaking patch required to fix the following security issues:

        # - https://gitlab.gnome.org/GNOME/libxslt/-/issues/139

        # - https://gitlab.gnome.org/GNOME/libxslt/-/issues/140

        # See also https://gitlab.gnome.org/GNOME/libxml2/-/issues/906

        # Source: https://github.com/chromium/chromium/blob/4fb4ae8ce3daa399c3d8ca67f2dfb9deffcc7007/third_party/libxml/chromium/xml-attr-extra.patch

        ./xml-attr-extra.patch

      ];

      freezeUpdateScript = true;

      extraMeta = {

      };

    };

    libxml2 = callPackage ./common.nix {

      version = "2.14.6";

      version = "2.15.0";

      src = fetchFromGitLab {

        domain = "gitlab.gnome.org";

        owner = "GNOME";

        repo = "libxml2";

        tag = "v${packages.libxml2.version}";

        hash = "sha256-EIcNL5B/o74hyc1N+ShrlKsPL5tHhiGgkCR1D7FcDjw=";

        hash = "sha256-jumHSiIMDzqG2hvPUdcBP8LsszcU+loOY+vqEh/0Yqo=";

      };

      extraMeta = {

        maintainers = with lib.maintainers; [