Unverified Commit d089679c authored by Sandro Jäckel's avatar Sandro Jäckel Committed by GitHub
Browse files

Merge pull request #291177 from Naxdy/work/opentoonz-1.7.1 

opentoonz: 1.5.0 -> 1.7.1
parents 48cf5c7b 40be4427

pkgs/applications/graphics/opentoonz/default.nix

+93 −11
Original line number Diff line number Diff line 
{ boost, cmake, fetchFromGitHub, freeglut, freetype, glew, libjpeg, libmypaint

, libpng, libtiff, libusb1, lz4, xz, lzo, openblas, opencv, pkg-config, qtbase

, qtmultimedia, qtscript, qtserialport, lib, stdenv, superlu, wrapQtAppsHook, }:

let source = import ./source.nix { inherit fetchFromGitHub; };

in stdenv.mkDerivation rec {

  inherit (source) src;

{ boost

, cmake

, fetchFromGitHub

, freeglut

, freetype

, glew

, libjpeg

, libmypaint

, libpng

, libusb1

, lz4

, xz

, lzo

, openblas

, opencv

, pkg-config

, qtbase

, qtmultimedia

, qtscript

, qtserialport

, lib

, stdenv

, superlu

, wrapQtAppsHook

, libtiff

, zlib

}:

let

  libtiff-ver = "4.0.3"; # The version in thirdparty/tiff-*

  opentoonz-ver = "1.7.1";



  src = fetchFromGitHub {

    owner = "opentoonz";

    repo = "opentoonz";

    rev = "v${opentoonz-ver}";

    hash = "sha256-5iXOvh4QTv+G0fjEHU62u7QCee+jbvKhK0+fQXbdJis=";

  };



  opentoonz-opencv = opencv.override {

    inherit libtiff;

  };



  opentoonz-libtiff = stdenv.mkDerivation {

    pname = "libtiff";

    version = "${libtiff-ver}-opentoonz";



    inherit src;

    outputs = [ "bin" "dev" "out" "man" "doc" ];



    nativeBuildInputs = [ pkg-config ];

    propagatedBuildInputs = [ zlib libjpeg xz ];



    postUnpack = ''

      sourceRoot="$sourceRoot/thirdparty/tiff-${libtiff-ver}"

    '';



    # opentoonz uses internal libtiff headers

    postInstall = ''

      cp libtiff/{tif_config,tif_dir,tiffiop}.h $dev/include

    '';



    meta = libtiff.meta // {

      knownVulnerabilities = [

        ''

          Do not open untrusted files with Opentoonz:

          Opentoonz uses an old custom fork of tibtiff from 2012 that is known to

          be affected by at least these 50 vulnerabilities:

            CVE-2012-4564 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 CVE-2014-8127

            CVE-2014-8128 CVE-2014-8129 CVE-2014-8130 CVE-2014-9330 CVE-2015-1547

            CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 CVE-2015-8784 CVE-2015-8870

            CVE-2016-3620 CVE-2016-3621 CVE-2016-3623 CVE-2016-3624 CVE-2016-3625

            CVE-2016-3631 CVE-2016-3632 CVE-2016-3633 CVE-2016-3634 CVE-2016-3658

            CVE-2016-3945 CVE-2016-3990 CVE-2016-3991 CVE-2016-5102 CVE-2016-5314

            CVE-2016-5315 CVE-2016-5316 CVE-2016-5318 CVE-2016-5319 CVE-2016-5321

            CVE-2016-5322 CVE-2016-5323 CVE-2016-6223 CVE-2016-9453 CVE-2016-9532

            CVE-2017-9935 CVE-2017-9937 CVE-2018-10963 CVE-2018-5360

            CVE-2019-14973 CVE-2019-17546 CVE-2020-35521 CVE-2020-35522

            CVE-2020-35523 CVE-2020-35524

          More info at https://github.com/opentoonz/opentoonz/issues/4193

        ''

      ];

      maintainers = with lib.maintainers; [ chkno ];

    };

  };

in

stdenv.mkDerivation {

  inherit src;



  pname = "opentoonz";

  version = source.versions.opentoonz;

  version = opentoonz-ver;



  nativeBuildInputs = [ cmake pkg-config wrapQtAppsHook ];
@@ -18,13 +99,13 @@ in stdenv.mkDerivation rec { 
    libjpeg

    libmypaint

    libpng

    libtiff

    opentoonz-libtiff

    libusb1

    lz4

    xz

    lzo

    openblas

    opencv

    opentoonz-opencv

    qtbase

    qtmultimedia

    qtscript
@@ -37,8 +118,9 @@ in stdenv.mkDerivation rec { 
  cmakeDir = "../sources";

  cmakeFlags = [

    "-DCMAKE_SKIP_BUILD_RPATH=ON"

    "-DTIFF_INCLUDE_DIR=${libtiff.dev}/include"

    "-DTIFF_LIBRARY=${libtiff.out}/lib/libtiff.so"

    "-DTIFF_INCLUDE_DIR=${opentoonz-libtiff.dev}/include"

    "-DTIFF_LIBRARY=${opentoonz-libtiff.out}/lib/libtiff.so"

    (lib.cmakeBool "CMAKE_SKIP_BUILD_RPATH" true)

  ];



  postInstall = ''

pkgs/applications/graphics/opentoonz/libtiff.nix

deleted100644 → 0
+0 −56
Original line number Diff line number Diff line 
# Per https://github.com/opentoonz/opentoonz/blob/master/doc/how_to_build_linux.md ,

# opentoonz requires its own modified version of libtiff.  We still build it as

# a separate package

#  1. For visibility for tools like vulnix, and

#  2. To avoid a diamond-dependency problem with opencv linking the normal libtiff

#     and opentoonz linking opencv and this modified libtiff, we build an opencv

#     against this modified libtiff as well.

#

# We use a separate mkDerivation rather than a minimal libtiff.overrideAttrs

# because the main libtiff builds with cmake and this version of libtiff was

# forked before libtiff gained CMake build capability (added in libtiff-4.0.5).



{ lib, fetchFromGitHub, stdenv, pkg-config, zlib, libjpeg, xz, libtiff, }:



let source = import ./source.nix { inherit fetchFromGitHub; };



in stdenv.mkDerivation {

  pname = "libtiff";

  version = source.versions.libtiff + "-opentoonz";



  inherit (source) src;

  outputs = [ "bin" "dev" "out" "man" "doc" ];



  nativeBuildInputs = [ pkg-config ];

  propagatedBuildInputs = [ zlib libjpeg xz ];



  postUnpack = ''

    sourceRoot="$sourceRoot/thirdparty/tiff-${source.versions.libtiff}"

  '';



  # opentoonz uses internal libtiff headers

  postInstall = ''

    cp libtiff/{tif_config,tif_dir,tiffiop}.h $dev/include

  '';



  meta = libtiff.meta // {

    knownVulnerabilities = [''

      Do not open untrusted files with Opentoonz:

      Opentoonz uses an old custom fork of tibtiff from 2012 that is known to

      be affected by at least these 50 vulnerabilities:

        CVE-2012-4564 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 CVE-2014-8127

        CVE-2014-8128 CVE-2014-8129 CVE-2014-8130 CVE-2014-9330 CVE-2015-1547

        CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 CVE-2015-8784 CVE-2015-8870

        CVE-2016-3620 CVE-2016-3621 CVE-2016-3623 CVE-2016-3624 CVE-2016-3625

        CVE-2016-3631 CVE-2016-3632 CVE-2016-3633 CVE-2016-3634 CVE-2016-3658

        CVE-2016-3945 CVE-2016-3990 CVE-2016-3991 CVE-2016-5102 CVE-2016-5314

        CVE-2016-5315 CVE-2016-5316 CVE-2016-5318 CVE-2016-5319 CVE-2016-5321

        CVE-2016-5322 CVE-2016-5323 CVE-2016-6223 CVE-2016-9453 CVE-2016-9532

        CVE-2017-9935 CVE-2017-9937 CVE-2018-10963 CVE-2018-5360

        CVE-2019-14973 CVE-2019-17546 CVE-2020-35521 CVE-2020-35522

        CVE-2020-35523 CVE-2020-35524

      More info at https://github.com/opentoonz/opentoonz/issues/4193

    ''];

    maintainers = with lib.maintainers; [ chkno ];

  };

}

pkgs/applications/graphics/opentoonz/source.nix

deleted100644 → 0
+0 −16
Original line number Diff line number Diff line 
# opentoonz's source archive contains both opentoonz's source and a modified

# version of libtiff that opentoonz requires.



{ fetchFromGitHub, }: rec {

  versions = {

    opentoonz = "1.7.1";

    libtiff = "4.0.3";  # The version in thirdparty/tiff-*

  };



  src = fetchFromGitHub {

    owner = "opentoonz";

    repo = "opentoonz";

    rev = "v${versions.opentoonz}";

    hash = "sha256-5iXOvh4QTv+G0fjEHU62u7QCee+jbvKhK0+fQXbdJis=";

  };

}

pkgs/top-level/all-packages.nix

+1 −6
Original line number Diff line number Diff line
@@ -33833,12 +33833,7 @@ with pkgs; 














  opentimestamps-client = python3Packages.callPackage ../tools/misc/opentimestamps-client { };



























  opentoonz = let













    opentoonz-libtiff = callPackage ../applications/graphics/opentoonz/libtiff.nix { };













  in qt5.callPackage ../applications/graphics/opentoonz {













    libtiff = opentoonz-libtiff;













    opencv = opencv.override { libtiff = opentoonz-libtiff; };













  };













  opentoonz = libsForQt5.callPackage ../applications/graphics/opentoonz { };





























  opentabletdriver = callPackage ../tools/X11/opentabletdriver { };