Merge branch 'master' into auto-update/chipsec

54 files changed, 347 insertions, 319 deletions

diff --git a/pkgs/tools/X11/arandr/default.nix b/pkgs/tools/X11/arandr/default.nix
index 51f2f5ec2494..3fffd1dbc1a0 100644
--- a/pkgs/tools/X11/arandr/default.nix
+++ b/pkgs/tools/X11/arandr/default.nix
@@ -5,8 +5,11 @@
 
 let
   inherit (python3Packages) buildPythonApplication docutils pygobject3;
+  pname = "arandr";
+  version = "0.1.10";
+  name = "${pname}-${version}";
 in buildPythonApplication rec {
-  name = "arandr-0.1.10";
+  inherit pname version;
 
   src = fetchurl {
     url = "https://christian.amsuess.com/tools/arandr/files/${name}.tar.gz";
diff --git a/pkgs/tools/admin/azure-cli/python-packages.nix b/pkgs/tools/admin/azure-cli/python-packages.nix
index cbec7e86a63f..01172adf075d 100644
--- a/pkgs/tools/admin/azure-cli/python-packages.nix
+++ b/pkgs/tools/admin/azure-cli/python-packages.nix
@@ -11,10 +11,7 @@ let
     '';
 
     # Prevent these __init__'s from violating PEP420, only needed for python2
-    postInstall = (attrs.postInstall or "") + ''
-      rm $out/${python.sitePackages}/azure/{,__pycache__/}__init__.* \
-         $out/${python.sitePackages}/azure/cli/{,__pycache__/}__init__.*
-    '';
+    pythonNamespaces = [ "azure.cli" ];
 
     checkInputs = [ mock pytest ] ++ (attrs.checkInputs or []);
     checkPhase = attrs.checkPhase or ''
@@ -39,9 +36,7 @@ let
       '';
 
       # force PEP420
-      postInstall = ''
-        rm -f $out/${py.sitePackages}/azure/{,mgmt/}__init__.py
-      '';
+      pythonNamespaces = [ "azure.mgmt" ];
     });
 
   py = python.override {
@@ -277,9 +272,7 @@ let
         propagatedBuildInputs = with self; [
           azure-common azure-nspkg msrest msrestazure cryptography
         ];
-        postInstall = ''
-          rm -f $out/${self.python.sitePackages}/azure/__init__.py
-        '';
+        pythonNamespaces = [ "azure" ];
         pythonImportsCheck = [ ];
       });
 
diff --git a/pkgs/tools/admin/bubblewrap/default.nix b/pkgs/tools/admin/bubblewrap/default.nix
index 6c61a0439ff6..b98cadd57d11 100644
--- a/pkgs/tools/admin/bubblewrap/default.nix
+++ b/pkgs/tools/admin/bubblewrap/default.nix
@@ -9,7 +9,8 @@ stdenv.mkDerivation rec {
     sha256 = "00ycgi6q2yngh06bnz50wkvar6r2jnjf3j158grhi9k13jdrpimr";
   };
 
-  nativeBuildInputs = [ libcap libxslt docbook_xsl ];
+  nativeBuildInputs = [ libxslt docbook_xsl ];
+  buildInputs = [ libcap ];
 
   meta = with stdenv.lib; {
     description = "Unprivileged sandboxing tool";
diff --git a/pkgs/tools/admin/certbot/0001-Don-t-use-distutils.StrictVersion-that-cannot-handle.patch b/pkgs/tools/admin/certbot/0001-Don-t-use-distutils.StrictVersion-that-cannot-handle.patch
index 62351a70160a..789efd185cae 100644
--- a/pkgs/tools/admin/certbot/0001-Don-t-use-distutils.StrictVersion-that-cannot-handle.patch
+++ b/pkgs/tools/admin/certbot/0001-Don-t-use-distutils.StrictVersion-that-cannot-handle.patch
@@ -22,18 +22,16 @@ ValueError: invalid version number '41.4.0.post20191022'
  1 file changed, 1 insertion(+), 14 deletions(-)
 
 diff --git a/certbot/setup.py b/certbot/setup.py
-index c1bf914..7456bf2 100644
+index d19327e5e..ac1524793 100644
 --- a/certbot/setup.py
 +++ b/certbot/setup.py
-@@ -3,7 +3,6 @@ import os
+@@ -1,5 +1,4 @@
+ import codecs
+-from distutils.version import StrictVersion
+ import os
  import re
  import sys
- 
--from distutils.version import StrictVersion
- from setuptools import find_packages, setup, __version__ as setuptools_version
- from setuptools.command.test import test as TestCommand
- 
-@@ -56,20 +55,8 @@ install_requires = [
+@@ -58,20 +57,8 @@ install_requires = [
  
  # Add pywin32 on Windows platforms to handle low-level system calls.
  # This dependency needs to be added using environment markers to avoid its installation on Linux.
@@ -54,7 +52,7 @@ index c1bf914..7456bf2 100644
 +install_requires.append(pywin32_req + " ; sys_platform == 'win32'")
  
  dev_extras = [
-     'astroid==1.6.5',
+     'coverage',
 -- 
 2.24.1
 
diff --git a/pkgs/tools/admin/certbot/default.nix b/pkgs/tools/admin/certbot/default.nix
index 8fdbfd127783..cabf335fb697 100644
--- a/pkgs/tools/admin/certbot/default.nix
+++ b/pkgs/tools/admin/certbot/default.nix
@@ -1,22 +1,27 @@
-{ stdenv, python37Packages, fetchFromGitHub, fetchurl, dialog, autoPatchelfHook }:
+{ lib
+, buildPythonApplication
+, fetchFromGitHub
+, ConfigArgParse, acme, configobj, cryptography, distro, josepy, parsedatetime, pyRFC3339, pyopenssl, pytz, requests, six, zope_component, zope_interface
+, dialog, mock, gnureadline
+, pytest_xdist, pytest, dateutil
+}:
 
-
-python37Packages.buildPythonApplication rec {
+buildPythonApplication rec {
   pname = "certbot";
-  version = "1.0.0";
+  version = "1.3.0";
 
   src = fetchFromGitHub {
     owner = pname;
     repo = pname;
     rev = "v${version}";
-    sha256 = "180x7gcpfbrzw8k654s7b5nxdy2yg61lq513dykyn3wz4gssw465";
+    sha256 = "1nzp1l63f64qqp89y1vyd4lgfhykfp5dkr6iwfiyf273y7sjwpsa";
   };
 
   patches = [
     ./0001-Don-t-use-distutils.StrictVersion-that-cannot-handle.patch
   ];
 
-  propagatedBuildInputs = with python37Packages; [
+  propagatedBuildInputs = [
     ConfigArgParse
     acme
     configobj
@@ -24,26 +29,21 @@ python37Packages.buildPythonApplication rec {
     distro
     josepy
     parsedatetime
-    psutil
     pyRFC3339
     pyopenssl
     pytz
+    requests
     six
     zope_component
     zope_interface
   ];
 
-  buildInputs = [ dialog ] ++ (with python37Packages; [ mock gnureadline ]);
+  buildInputs = [ dialog mock gnureadline ];
 
-  checkInputs = with python37Packages; [
-    pytest_xdist
-    pytest
-    dateutil
-  ];
+  checkInputs = [ pytest_xdist pytest dateutil ];
 
-  postPatch = ''
+  preBuild = ''
     cd certbot
-    substituteInPlace certbot/_internal/notify.py --replace "/usr/sbin/sendmail" "/run/wrappers/bin/sendmail"
   '';
 
   postInstall = ''
@@ -55,11 +55,11 @@ python37Packages.buildPythonApplication rec {
 
   doCheck = true;
 
-  meta = with stdenv.lib; {
+  meta = with lib; {
     homepage = src.meta.homepage;
     description = "ACME client that can obtain certs and extensibly update server configurations";
     platforms = platforms.unix;
-    maintainers = [ maintainers.domenkozar ];
-    license = licenses.asl20;
+    maintainers = with maintainers; [ domenkozar ];
+    license = with licenses; [ asl20 ];
   };
 }
diff --git a/pkgs/tools/admin/eksctl/default.nix b/pkgs/tools/admin/eksctl/default.nix
index 4c01383f8986..fdb03b50feb8 100644
--- a/pkgs/tools/admin/eksctl/default.nix
+++ b/pkgs/tools/admin/eksctl/default.nix
@@ -2,16 +2,16 @@
 
 buildGoModule rec {
   pname = "eksctl";
-  version = "0.15.0";
+  version = "0.16.0";
 
   src = fetchFromGitHub {
     owner = "weaveworks";
     repo = pname;
     rev = version;
-    sha256 = "1193i30k2m7cibn79xw51i2lxg90f5i97h8sbjiv0hr9g502r2qf";
+    sha256 = "067q2cj4iwhiijv6nd9crjfncn67829f4d2ls07lwdcsvgi1cyfi";
   };
 
-  modSha256 = "0f8dlcp3q84fa5dnnzx4347ngb1raw1mxkcqpz2s3zq6d1kv0nvf";
+  modSha256 = "187jv78asav97cbvn7336ycflqa0c2alvkhvlyv2mp5f3crygagy";
 
   subPackages = [ "cmd/eksctl" ];
 
diff --git a/pkgs/tools/admin/sewer/default.nix b/pkgs/tools/admin/sewer/default.nix
index 776ba89e48ce..471a8788a95e 100644
--- a/pkgs/tools/admin/sewer/default.nix
+++ b/pkgs/tools/admin/sewer/default.nix
@@ -2,17 +2,17 @@
 
 python3Packages.buildPythonApplication rec {
   pname = "sewer";
-  version = "0.7.9";
+  version = "0.8.1";
 
   src = python3Packages.fetchPypi {
     inherit pname version;
-    sha256 = "c083223d8aa66d4fc6801452d291a98540d1ee41557ce3e1754c62e73f7c9738";
+    sha256 = "0s8f0w6nv8dcs5yw7rn49981b3c9mnnx4f6wzqw4zha0rpp60z22";
   };
 
   propagatedBuildInputs = with python3Packages; [ pyopenssl requests tldextract ];
 
   meta = with stdenv.lib; {
-    homepage = https://github.com/komuw/sewer;
+    homepage = "https://github.com/komuw/sewer";
     description = "ACME client";
     license = licenses.mit;
     maintainers = with maintainers; [ kevincox ];
diff --git a/pkgs/tools/backup/easysnap/default.nix b/pkgs/tools/backup/easysnap/default.nix
index a56d1274f92e..7f9b06275097 100644
--- a/pkgs/tools/backup/easysnap/default.nix
+++ b/pkgs/tools/backup/easysnap/default.nix
@@ -2,13 +2,13 @@
 
 stdenv.mkDerivation {
   pname = "easysnap";
-  version = "unstable-2019-02-17";
+  version = "unstable-2020-04-04";
 
   src = fetchFromGitHub {
     owner = "sjau";
     repo = "easysnap";
-    rev = "9ef5d1ff51ccf9939a88b7b32b4959d27cf61ecc";
-    sha256 = "0m0217ni909nham15w5vxg8y7cw2zwjibnhvgnpxxsap8zkhv1m4";
+    rev = "26f89c0c3cda01e2595ee19ae5fb8518da25b4ef";
+    sha256 = "sha256:1k49k1m7y8s099wyiiz8411i77j1156ncirynmjfyvdhmhcyp5rw";
   };
 
   installPhase = ''
diff --git a/pkgs/tools/compression/lz4/default.nix b/pkgs/tools/compression/lz4/default.nix
index fd967fce9c6c..6bc365b8e1e1 100644
--- a/pkgs/tools/compression/lz4/default.nix
+++ b/pkgs/tools/compression/lz4/default.nix
@@ -4,23 +4,15 @@
 
 stdenv.mkDerivation rec {
   pname = "lz4";
-  version = "1.9.1";
+  version = "1.9.2";
 
   src = fetchFromGitHub {
-    sha256 = "1l1caxrik1hqs40vj3bpv1pikw6b74cfazv5c0v6g48zpcbmshl0";
+    sha256 = "0lpaypmk70ag2ks3kf2dl4ac3ba40n5kc1ainkp9wfjawz76mh61";
     rev = "v${version}";
     repo = pname;
     owner = pname;
   };
 
-  patches = [
-    # Fix detection of Darwin
-    (fetchpatch {
-      url = "https://github.com/lz4/lz4/commit/024216ef7394b6411eeaa5b52d0cec9953a44249.patch";
-      sha256 = "0j0j2pr6pkplxf083hlwl5q4cfp86q3wd8mc64bcfcr7ysc5pzl3";
-    })
-  ];
-
   # TODO(@Ericson2314): Separate binaries and libraries
   outputs = [ "bin" "out" "dev" ];
 
@@ -61,7 +53,7 @@ stdenv.mkDerivation rec {
       multiple GB/s per core, typically reaching RAM speed limits on
       multi-core systems.
     '';
-    homepage = https://lz4.github.io/lz4/;
+    homepage = "https://lz4.github.io/lz4/";
     license = with licenses; [ bsd2 gpl2Plus ];
     platforms = platforms.all;
   };
diff --git a/pkgs/tools/compression/xz/default.nix b/pkgs/tools/compression/xz/default.nix
index 0ff349e96e80..545384c396d2 100644
--- a/pkgs/tools/compression/xz/default.nix
+++ b/pkgs/tools/compression/xz/default.nix
@@ -1,11 +1,11 @@
 { stdenv, fetchurl, enableStatic ? false }:
 
 stdenv.mkDerivation rec {
-  name = "xz-5.2.4";
+  name = "xz-5.2.5";
 
   src = fetchurl {
     url = "https://tukaani.org/xz/${name}.tar.bz2";
-    sha256 = "1gxpayfagb4v7xfhs2w6h7k56c6hwwav1rk48bj8hggljlmgs4rk";
+    sha256 = "1ps2i8i212n0f4xpq6clp7h13q7m1y8slqvxha9i8d0bj0qgj5si";
   };
 
   outputs = [ "bin" "dev" "out" "man" "doc" ];
@@ -25,7 +25,7 @@ stdenv.mkDerivation rec {
   postInstall = "rm -rf $out/share/doc";
 
   meta = with stdenv.lib; {
-    homepage = https://tukaani.org/xz/;
+    homepage = "https://tukaani.org/xz/";
     description = "XZ, general-purpose data compression software, successor of LZMA";
 
     longDescription =
diff --git a/pkgs/tools/filesystems/bcachefs-tools/default.nix b/pkgs/tools/filesystems/bcachefs-tools/default.nix
index 144ed0a38459..ad159f08872d 100644
--- a/pkgs/tools/filesystems/bcachefs-tools/default.nix
+++ b/pkgs/tools/filesystems/bcachefs-tools/default.nix
@@ -1,27 +1,55 @@
 { stdenv, fetchgit, pkgconfig, attr, libuuid, libscrypt, libsodium, keyutils
-, liburcu, zlib, libaio, zstd, lz4 }:
+, liburcu, zlib, libaio, zstd, lz4, valgrind, python3Packages
+, fuseSupport ? false, fuse3 ? null }:
+
+assert fuseSupport -> fuse3 != null;
 
 stdenv.mkDerivation {
   pname = "bcachefs-tools";
-  version = "2019-10-12";
+  version = "2020-04-04";
 
   src = fetchgit {
     url = "https://evilpiepirate.org/git/bcachefs-tools.git";
-    rev = "6e696ea08703eecd0d1c7b8c520b6f62f06f4f26";
-    sha256 = "0m3valm68vc73b4kydlga17fglxa9bldrjaszlladzl5bd0zb967";
+    rev = "5d6e237b728cfb7c3bf2cb1a613e64bdecbd740d";
+    sha256 = "1syym9k3njb0bk2mg6832cbf6r42z6y8b6hjv7dg4gmv2h7v7l7g";
   };
 
-  enableParallelBuilding = true;
-  nativeBuildInputs = [ pkgconfig ];
-  buildInputs = [ attr libuuid libscrypt libsodium keyutils liburcu zlib libaio zstd lz4 ];
-  installFlags = [ "PREFIX=${placeholder "out"}" ];
-
-  preInstall = ''
+  postPatch = ''
     substituteInPlace Makefile \
+      --replace "pytest-3" "pytest --verbose" \
       --replace "INITRAMFS_DIR=/etc/initramfs-tools" \
                 "INITRAMFS_DIR=${placeholder "out"}/etc/initramfs-tools"
   '';
 
+  enableParallelBuilding = true;
+
+  nativeBuildInputs = [
+    pkgconfig
+  ];
+
+  buildInputs = [
+    libuuid libscrypt libsodium keyutils liburcu zlib libaio
+    zstd lz4 python3Packages.pytest
+  ] ++ stdenv.lib.optional fuseSupport fuse3;
+
+  doCheck = true;
+
+  checkFlags = [
+    "BCACHEFS_TEST_USE_VALGRIND=no"
+  ];
+
+  checkInputs = [
+    valgrind
+  ];
+
+  preCheck = stdenv.lib.optionalString fuseSupport ''
+    rm tests/test_fuse.py
+  '';
+
+  installFlags = [
+    "PREFIX=${placeholder "out"}"
+  ];
+
   meta = with stdenv.lib; {
     description = "Tool for managing bcachefs filesystems";
     homepage = https://bcachefs.org/;
diff --git a/pkgs/tools/filesystems/ceph/0000-dont-check-cherrypy-version.patch b/pkgs/tools/filesystems/ceph/0000-dont-check-cherrypy-version.patch
deleted file mode 100644
index 9604da87fb50..000000000000
--- a/pkgs/tools/filesystems/ceph/0000-dont-check-cherrypy-version.patch
+++ /dev/null
@@ -1,70 +0,0 @@
-diff --git a/src/pybind/mgr/dashboard/module.py b/src/pybind/mgr/dashboard/module.py
-index a8a3ec07c1..bcc9b86c37 100644
---- a/src/pybind/mgr/dashboard/module.py
-+++ b/src/pybind/mgr/dashboard/module.py
-@@ -25,40 +25,6 @@ except ImportError:
- 
- from .services.sso import load_sso_db
- 
--# The SSL code in CherryPy 3.5.0 is buggy.  It was fixed long ago,
--# but 3.5.0 is still shipping in major linux distributions
--# (Fedora 27, Ubuntu Xenial), so we must monkey patch it to get SSL working.
--if cherrypy is not None:
--    v = StrictVersion(cherrypy.__version__)
--    # It was fixed in 3.7.0.  Exact lower bound version is probably earlier,
--    # but 3.5.0 is what this monkey patch is tested on.
--    if StrictVersion("3.5.0") <= v < StrictVersion("3.7.0"):
--        from cherrypy.wsgiserver.wsgiserver2 import HTTPConnection,\
--                                                    CP_fileobject
--
--        def fixed_init(hc_self, server, sock, makefile=CP_fileobject):
--            hc_self.server = server
--            hc_self.socket = sock
--            hc_self.rfile = makefile(sock, "rb", hc_self.rbufsize)
--            hc_self.wfile = makefile(sock, "wb", hc_self.wbufsize)
--            hc_self.requests_seen = 0
--
--        HTTPConnection.__init__ = fixed_init
--
--# When the CherryPy server in 3.2.2 (and later) starts it attempts to verify
--# that the ports its listening on are in fact bound. When using the any address
--# "::" it tries both ipv4 and ipv6, and in some environments (e.g. kubernetes)
--# ipv6 isn't yet configured / supported and CherryPy throws an uncaught
--# exception.
--if cherrypy is not None:
--    v = StrictVersion(cherrypy.__version__)
--    # the issue was fixed in 3.2.3. it's present in 3.2.2 (current version on
--    # centos:7) and back to at least 3.0.0.
--    if StrictVersion("3.1.2") <= v < StrictVersion("3.2.3"):
--        # https://github.com/cherrypy/cherrypy/issues/1100
--        from cherrypy.process import servers
--        servers.wait_for_occupied_port = lambda host, port: None
--
- if 'COVERAGE_ENABLED' in os.environ:
-     import coverage
-     __cov = coverage.Coverage(config_file="{}/.coveragerc".format(os.path.dirname(__file__)),
-diff --git a/src/pybind/mgr/prometheus/module.py b/src/pybind/mgr/prometheus/module.py
-index b7fecf8d85..dfd4160591 100644
---- a/src/pybind/mgr/prometheus/module.py
-+++ b/src/pybind/mgr/prometheus/module.py
-@@ -18,20 +18,6 @@ from rbd import RBD
- DEFAULT_ADDR = '::'
- DEFAULT_PORT = 9283
- 
--# When the CherryPy server in 3.2.2 (and later) starts it attempts to verify
--# that the ports its listening on are in fact bound. When using the any address
--# "::" it tries both ipv4 and ipv6, and in some environments (e.g. kubernetes)
--# ipv6 isn't yet configured / supported and CherryPy throws an uncaught
--# exception.
--if cherrypy is not None:<