diff --git a/flake.lock b/flake.lock index c5e787d..78add6b 100644 --- a/flake.lock +++ b/flake.lock @@ -28,11 +28,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1689068808, - "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", + "lastModified": 1694529238, + "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", "owner": "numtide", "repo": "flake-utils", - "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", + "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", "type": "github" }, "original": { @@ -43,11 +43,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1692207601, - "narHash": "sha256-tfPGNKQcJT1cvT6ufqO/7ydYNL6mcJClvzbrzhKjB80=", + "lastModified": 1694753796, + "narHash": "sha256-QPE7dqcicQH/nq9aywVXJWWtci4FvxHaM+BSIEbGBvA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b30c68669df77d981ce4aefd6b9d378563f6fc4e", + "rev": "360a7d31c30abefdc490d203f80e3221b7a24af2", "type": "github" }, "original": { @@ -59,11 +59,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1692279307, - "narHash": "sha256-7BMWvpLpGs3zvAm0c1HVYVoVIe0m0Cfp2GPpqxDte3U=", + "lastModified": 1694760568, + "narHash": "sha256-3G07BiXrp2YQKxdcdms22MUx6spc6A++MSePtatCYuI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "02bba6c619c91e8c8eef9ba1129d0eff31741445", + "rev": "46688f8eb5cd6f1298d873d4d2b9cf245e09e88e", "type": "github" }, "original": { diff --git a/pkgs/pinned.nix b/pkgs/pinned.nix index aeb8ac0..efbdc43 100644 --- a/pkgs/pinned.nix +++ b/pkgs/pinned.nix @@ -7,12 +7,12 @@ pkgs: pkgsUnstable: elementsd extra-container fulcrum - hwi lndconnect; inherit (pkgsUnstable) btcpayserver clightning + hwi lightning-loop lightning-pool nbxplorer; diff --git a/pkgs/python-packages/coincurve/default.nix b/pkgs/python-packages/coincurve/default.nix deleted file mode 100644 index 2e5156d..0000000 --- a/pkgs/python-packages/coincurve/default.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ lib, stdenv, buildPythonPackage, fetchPypi, asn1crypto, cffi, pkg-config, -autoconf, automake, libtool, libffi, requests }: - -buildPythonPackage rec { - pname = "coincurve"; - version = "17.0.0"; - - src = fetchPypi { - inherit pname version; - hash = "sha256-aNpVr/iYcClS/aPuBP1u1gu2uR+RnGknB4btdmtUi5M"; - }; - - doCheck = false; - nativeBuildInputs = [ autoconf automake libtool pkg-config ]; - propagatedBuildInputs = [ asn1crypto cffi libffi requests ]; - - meta = with lib; { - description = "Cross-platform Python CFFI bindings for libsecp256k1"; - homepage = "https://github.com/ofek/coincurve"; - maintainers = with maintainers; [ nixbitcoin ]; - license = licenses.asl20; - }; -} diff --git a/pkgs/python-packages/default.nix b/pkgs/python-packages/default.nix index d079f4f..d8f7c45 100644 --- a/pkgs/python-packages/default.nix +++ b/pkgs/python-packages/default.nix @@ -16,7 +16,6 @@ rec { clightningPkg = pkg: callPackage pkg { inherit (nbPkgs.pinned) clightning; }; in { - coincurve = callPackage ./coincurve {}; txzmq = callPackage ./txzmq {}; pyln-client = clightningPkg ./pyln-client; @@ -24,6 +23,26 @@ rec { pyln-bolt7 = clightningPkg ./pyln-bolt7; pylightning = clightningPkg ./pylightning; + # cryptography 41, required by pyln-proto + cryptography = callPackage ./specific-versions/cryptography_41 { + Security = super.darwin.apple_sdk.frameworks.Security; + }; + + # The versions of these packages that ship with nixos-23.05 are incompatible + # with cryptography 41 + pyopenssl = callPackage ./specific-versions/pyopenssl_23_2 {}; + service-identity = callPackage ./specific-versions/service-identity_23_1 {}; + + # The twisted package in nixos-23.05 runs a test that fails with + # service-identity 23.1. This package is backported from nixos-unstable + # and disables the test. (see + # https://github.com/twisted/twisted/issues/11877, + # https://github.com/NixOS/nixpkgs/commit/1ee622b10fcafcf2343960e3ffae0169afc59804) + twisted = callPackage ./specific-versions/twisted_22_10 {}; + + # Used by cryptography 41, backported from nixpkgs-unstable + setuptoolsRustBuildHook = callPackage ./setuptools-rust-hook {}; + # bitstring 3.1.9, required by pyln-proto bitstring = callPackage ./specific-versions/bitstring.nix {}; diff --git a/pkgs/python-packages/jmbase/default.nix b/pkgs/python-packages/jmbase/default.nix index 6af339f..42ee252 100644 --- a/pkgs/python-packages/jmbase/default.nix +++ b/pkgs/python-packages/jmbase/default.nix @@ -8,6 +8,7 @@ buildPythonPackage rec { patchPhase = '' sed -i 's|twisted==22.4.0|twisted==22.10.0|' setup.py + sed -i 's|service-identity==21.1.0|service-identity==23.1.0|' setup.py ''; propagatedBuildInputs = [ future twisted service-identity chromalog txtorcon ]; diff --git a/pkgs/python-packages/pyln-proto/default.nix b/pkgs/python-packages/pyln-proto/default.nix index bfeac82..cde5e44 100644 --- a/pkgs/python-packages/pyln-proto/default.nix +++ b/pkgs/python-packages/pyln-proto/default.nix @@ -6,6 +6,7 @@ , cryptography , coincurve , base58 +, pysocks }: buildPythonPackage rec { @@ -22,13 +23,10 @@ buildPythonPackage rec { cryptography coincurve base58 + pysocks ]; checkInputs = [ pytestCheckHook ]; postUnpack = "sourceRoot=$sourceRoot/contrib/pyln-proto"; - - postPatch = '' - sed -i 's|cryptography = "^36.0.1"|cryptography = "^40.0"|' pyproject.toml - ''; } diff --git a/pkgs/python-packages/setuptools-rust-hook/default.nix b/pkgs/python-packages/setuptools-rust-hook/default.nix new file mode 100644 index 0000000..86c65a1 --- /dev/null +++ b/pkgs/python-packages/setuptools-rust-hook/default.nix @@ -0,0 +1,13 @@ +{ lib, stdenv, python, makePythonHook, setuptools-rust, rust }: +makePythonHook { + name = "setuptools-rust-setup-hook"; + propagatedBuildInputs = [ setuptools-rust ]; + substitutions = { + pyLibDir = "${python}/lib/${python.libPrefix}"; + cargoBuildTarget = rust.toRustTargetSpec stdenv.hostPlatform; + cargoLinkerVar = lib.toUpper ( + builtins.replaceStrings ["-"] ["_"] ( + rust.toRustTarget stdenv.hostPlatform)); + targetLinker = "${stdenv.cc}/bin/${stdenv.cc.targetPrefix}cc"; + }; +} ./setuptools-rust-hook.sh diff --git a/pkgs/python-packages/setuptools-rust-hook/setuptools-rust-hook.sh b/pkgs/python-packages/setuptools-rust-hook/setuptools-rust-hook.sh new file mode 100644 index 0000000..917c19e --- /dev/null +++ b/pkgs/python-packages/setuptools-rust-hook/setuptools-rust-hook.sh @@ -0,0 +1,18 @@ +echo "Sourcing setuptools-rust-hook" + +setuptoolsRustSetup() { + # This can work only if rustPlatform.cargoSetupHook is also included + if ! command -v cargoSetupPostPatchHook >/dev/null; then + echo "ERROR: setuptools-rust has to be used alongside with rustPlatform.cargoSetupHook!" + exit 1 + fi + + export PYO3_CROSS_LIB_DIR="@pyLibDir@" + export CARGO_BUILD_TARGET=@cargoBuildTarget@ + # TODO theoretically setting linker should not be required because it is + # already set in pkgs/build-support/rust/hooks/default.nix but build fails + # on missing linker without this. + export CARGO_TARGET_@cargoLinkerVar@_LINKER=@targetLinker@ +} + +preConfigureHooks+=(setuptoolsRustSetup) diff --git a/pkgs/python-packages/specific-versions/cryptography_41/default.nix b/pkgs/python-packages/specific-versions/cryptography_41/default.nix new file mode 100644 index 0000000..d82215d --- /dev/null +++ b/pkgs/python-packages/specific-versions/cryptography_41/default.nix @@ -0,0 +1,116 @@ +{ lib +, stdenv +, buildPythonPackage +, callPackage +, cargo +, cffi +, fetchPypi +, hypothesis +, iso8601 +, isPyPy +, libiconv +, libxcrypt +, openssl +, pkg-config +, pretend +, py +, pytest-subtests +, pytestCheckHook +, pythonOlder +, pytz +, rustc +, rustPlatform +, Security +, setuptoolsRustBuildHook +}: + +let + cryptography-vectors = callPackage ./vectors.nix { }; +in +buildPythonPackage rec { + pname = "cryptography"; + version = "41.0.3"; # Also update the hash in vectors.nix + format = "pyproject"; + disabled = pythonOlder "3.7"; + + src = fetchPypi { + inherit pname version; + hash = "sha256-bRknQRE+9eMNidy1uVbvThV48wRwhwG4tz044+FGHzQ="; + }; + + cargoDeps = rustPlatform.fetchCargoTarball { + inherit src; + sourceRoot = "${pname}-${version}/${cargoRoot}"; + name = "${pname}-${version}"; + hash = "sha256-LQu7waympGUs+CZun2yDQd2gUUAgyisKBG5mddrfSo0="; + }; + + postPatch = '' + substituteInPlace pyproject.toml \ + --replace "--benchmark-disable" "" + ''; + + cargoRoot = "src/rust"; + + nativeBuildInputs = [ + rustPlatform.cargoSetupHook + setuptoolsRustBuildHook + cargo + rustc + pkg-config + ] ++ lib.optionals (!isPyPy) [ + cffi + ]; + + buildInputs = [ + openssl + ] ++ lib.optionals stdenv.isDarwin [ + Security + libiconv + ] ++ lib.optionals (pythonOlder "3.9") [ + libxcrypt + ]; + + propagatedBuildInputs = lib.optionals (!isPyPy) [ + cffi + ]; + + nativeCheckInputs = [ + cryptography-vectors + # Work around `error: infinite recursion encountered` + (hypothesis.override { enableDocumentation = false; }) + iso8601 + pretend + py + pytestCheckHook + pytest-subtests + pytz + ]; + + pytestFlagsArray = [ + "--disable-pytest-warnings" + ]; + + disabledTestPaths = [ + # save compute time by not running benchmarks + "tests/bench" + ] ++ lib.optionals (stdenv.isDarwin && stdenv.isAarch64) [ + # aarch64-darwin forbids W+X memory, but this tests depends on it: + # * https://cffi.readthedocs.io/en/latest/using.html#callbacks + "tests/hazmat/backends/test_openssl_memleak.py" + ]; + + meta = with lib; { + description = "A package which provides cryptographic recipes and primitives"; + longDescription = '' + Cryptography includes both high level recipes and low level interfaces to + common cryptographic algorithms such as symmetric ciphers, message + digests, and key derivation functions. + ''; + homepage = "https://github.com/pyca/cryptography"; + changelog = "https://cryptography.io/en/latest/changelog/#v" + + replaceStrings [ "." ] [ "-" ] version; + license = with licenses; [ asl20 bsd3 psfl ]; + maintainers = with maintainers; [ SuperSandro2000 ]; + }; +} diff --git a/pkgs/python-packages/specific-versions/cryptography_41/vectors.nix b/pkgs/python-packages/specific-versions/cryptography_41/vectors.nix new file mode 100644 index 0000000..ff8bfa0 --- /dev/null +++ b/pkgs/python-packages/specific-versions/cryptography_41/vectors.nix @@ -0,0 +1,38 @@ +{ lib +, buildPythonPackage +, fetchPypi +, cryptography +, setuptools +}: + +buildPythonPackage rec { + pname = "cryptography-vectors"; + # The test vectors must have the same version as the cryptography package + inherit (cryptography) version; + format = "pyproject"; + + src = fetchPypi { + pname = "cryptography_vectors"; + inherit version; + hash = "sha256-gN4EUsSzT1b1UY6B69dba5BfVyiq7VIdQuQfTryKQ/s="; + }; + + nativeBuildInputs = [ + setuptools + ]; + + # No tests included + doCheck = false; + + pythonImportsCheck = [ + "cryptography_vectors" + ]; + + meta = with lib; { + description = "Test vectors for the cryptography package"; + homepage = "https://cryptography.io/en/latest/development/test-vectors/"; + downloadPage = "https://github.com/pyca/cryptography/tree/master/vectors"; + license = with licenses; [ asl20 bsd3 ]; + maintainers = with maintainers; [ SuperSandro2000 ]; + }; +} diff --git a/pkgs/python-packages/specific-versions/pyopenssl_23_2/default.nix b/pkgs/python-packages/specific-versions/pyopenssl_23_2/default.nix new file mode 100644 index 0000000..4e67fd0 --- /dev/null +++ b/pkgs/python-packages/specific-versions/pyopenssl_23_2/default.nix @@ -0,0 +1,100 @@ +{ lib +, stdenv +, buildPythonPackage +, fetchPypi +, openssl +, cryptography +, pytestCheckHook +, pretend +, sphinxHook +, sphinx-rtd-theme +, flaky +}: + +buildPythonPackage rec { + pname = "pyopenssl"; + version = "23.2.0"; + format = "setuptools"; + + src = fetchPypi { + pname = "pyOpenSSL"; + inherit version; + hash = "sha256-J2+TH1WkUufeppxxc+mE6ypEB85BPJGKo0tV+C+bi6w="; + }; + + outputs = [ + "out" + "dev" + "doc" + ]; + + nativeBuildInputs = [ + openssl + sphinxHook + sphinx-rtd-theme + ]; + + postPatch = '' + # remove cryptography pin + sed "/cryptography/ s/,<[0-9]*//g" setup.py + ''; + + propagatedBuildInputs = [ + cryptography + ]; + + nativeCheckInputs = [ + flaky + pretend + pytestCheckHook + ]; + + __darwinAllowLocalNetworking = true; + + preCheck = '' + export LANG="en_US.UTF-8" + ''; + + disabledTests = [ + # https://github.com/pyca/pyopenssl/issues/692 + # These tests, we disable always. + "test_set_default_verify_paths" + "test_fallback_default_verify_paths" + # https://github.com/pyca/pyopenssl/issues/768 + "test_wantWriteError" + # https://github.com/pyca/pyopenssl/issues/1043 + "test_alpn_call_failure" + ] ++ lib.optionals (lib.hasPrefix "libressl" openssl.meta.name) [ + # https://github.com/pyca/pyopenssl/issues/791 + # These tests, we disable in the case that libressl is passed in as openssl. + "test_op_no_compression" + "test_npn_advertise_error" + "test_npn_select_error" + "test_npn_client_fail" + "test_npn_success" + "test_use_certificate_chain_file_unicode" + "test_use_certificate_chain_file_bytes" + "test_add_extra_chain_cert" + "test_set_session_id_fail" + "test_verify_with_revoked" + "test_set_notAfter" + "test_set_notBefore" + ] ++ lib.optionals (lib.versionAtLeast (lib.getVersion openssl.name) "1.1") [ + # these tests are extremely tightly wed to the exact output of the openssl cli tool, including exact punctuation. + "test_dump_certificate" + "test_dump_privatekey_text" + "test_dump_certificate_request" + "test_export_text" + ] ++ lib.optionals stdenv.is32bit [ + # https://github.com/pyca/pyopenssl/issues/974 + "test_verify_with_time" + ]; + + meta = with lib; { + description = "Python wrapper around the OpenSSL library"; + homepage = "https://github.com/pyca/pyopenssl"; + changelog = "https://github.com/pyca/pyopenssl/blob/${version}/CHANGELOG.rst"; + license = licenses.asl20; + maintainers = with maintainers; [ ]; + }; +} diff --git a/pkgs/python-packages/specific-versions/service-identity_23_1/default.nix b/pkgs/python-packages/specific-versions/service-identity_23_1/default.nix new file mode 100644 index 0000000..53fa54a --- /dev/null +++ b/pkgs/python-packages/specific-versions/service-identity_23_1/default.nix @@ -0,0 +1,59 @@ +{ lib +, attrs +, buildPythonPackage +, cryptography +, fetchFromGitHub +, hatch-fancy-pypi-readme +, hatch-vcs +, hatchling +, idna +, pyasn1 +, pyasn1-modules +, pytestCheckHook +, pythonOlder +}: + +buildPythonPackage rec { + pname = "service-identity"; + version = "23.1.0"; + format = "pyproject"; + + disabled = pythonOlder "3.8"; + + src = fetchFromGitHub { + owner = "pyca"; + repo = pname; + rev = "refs/tags/${version}"; + hash = "sha256-PGDtsDgRwh7GuuM4OuExiy8L4i3Foo+OD0wMrndPkvo="; + }; + + nativeBuildInputs = [ + hatch-fancy-pypi-readme + hatch-vcs + hatchling + ]; + + propagatedBuildInputs = [ + attrs + cryptography + idna + pyasn1 + pyasn1-modules + ]; + + nativeCheckInputs = [ + pytestCheckHook + ]; + + pythonImportsCheck = [ + "service_identity" + ]; + + meta = with lib; { + description = "Service identity verification for pyOpenSSL"; + homepage = "https://service-identity.readthedocs.io"; + changelog = "https://github.com/pyca/service-identity/releases/tag/${version}"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/python-packages/specific-versions/twisted_22_10/default.nix b/pkgs/python-packages/specific-versions/twisted_22_10/default.nix new file mode 100644 index 0000000..582a9e0 --- /dev/null +++ b/pkgs/python-packages/specific-versions/twisted_22_10/default.nix @@ -0,0 +1,208 @@ +{ lib +, stdenv +, buildPythonPackage +, pythonAtLeast +, pythonOlder +, fetchPypi +, fetchpatch +, python +, appdirs +, attrs +, automat +, bcrypt +, constantly +, cryptography +, git +, glibcLocales +, h2 +, hyperlink +, hypothesis +, idna +, incremental +, priority +, pyasn1 +, pyhamcrest +, pynacl +, pyopenssl +, pyserial +, service-identity +, setuptools +, typing-extensions +, zope_interface + + # for passthru.tests +, cassandra-driver +, klein +, magic-wormhole +, scrapy +, treq +, txaio +, txamqp +, txrequests +, txtorcon +, thrift +, nixosTests +}: + +buildPythonPackage rec { + pname = "twisted"; + version = "22.10.0"; + format = "setuptools"; + + disabled = pythonOlder "3.6"; + + src = fetchPypi { + pname = "Twisted"; + inherit version; + extension = "tar.gz"; + hash = "sha256-Mqy9QKlPX0bntCwQm/riswIlCUVWF4Oot6BZBI8tTTE="; + }; + + patches = [ + (fetchpatch { + url = "https://github.com/twisted/twisted/pull/11787.diff"; + hash = "sha256-bQgUmbvDa61Vg8p/o/ivfkOAHyj1lTgHkrRVEGLM9aU="; + }) + (fetchpatch { + # Conditionally skip tests that require METHOD_CRYPT + # https://github.com/twisted/twisted/pull/11827 + url = "https://github.com/mweinelt/twisted/commit/e69e652de671aac0abf5c7e6c662fc5172758c5a.patch"; + hash = "sha256-LmvKUTViZoY/TPBmSlx4S9FbJNZfB5cxzn/YcciDmoI="; + }) + # remove half broken pyasn1 integration that blow up with pyasn 0.5.0 + # https://github.com/twisted/twisted/pull/11843 + (fetchpatch { + url = "https://github.com/twisted/twisted/commit/bdee0eb835a76b2982beaf10c85269ff25ea09fa.patch"; + excludes = [ "pyproject.toml" "tox.ini" ]; + hash = "sha256-oGAHmZMpMWfK+2zEDjHD115sW7exCYqfORVOLw+Wa6M="; + }) + ] ++ lib.optionals (pythonAtLeast "3.11") [ + (fetchpatch { + url = "https://github.com/twisted/twisted/pull/11734.diff"; + excludes = [ ".github/workflows/*" ]; + hash = "sha256-Td08pDxHwl7fPLCA6rUySuXpy8YmZfvXPHGsBpdcmSo="; + }) + (fetchpatch { + url = "https://github.com/twisted/twisted/commit/00bf5be704bee022ba4d9b24eb6c2c768b4a1921.patch"; + hash = "sha256-fnBzczm3OlhbjRcePIQ7dSX6uldlCZ9DJTS+UFO2nAQ="; + }) + ]; + + __darwinAllowLocalNetworking = true; + + propagatedBuildInputs = [ + attrs + automat + constantly + hyperlink + incremental + setuptools + typing-extensions + zope_interface + ]; + + postPatch = '' + substituteInPlace pyproject.toml \ + --replace '"pyasn1 >= 0.4",' "" + + echo 'ListingTests.test_localeIndependent.skip = "Timezone issue"'>> src/twisted/conch/test/test_cftp.py + echo 'ListingTests.test_newFile.skip = "Timezone issue"'>> src/twisted/conch/test/test_cftp.py + echo 'ListingTests.test_newSingleDigitDayOfMonth.skip = "Timezone issue"'>> src/twisted/conch/test/test_cftp.py + echo 'ListingTests.test_oldFile.skip = "Timezone issue"'>> src/twisted/conch/test/test_cftp.py + echo 'ListingTests.test_oldSingleDigitDayOfMonth.skip = "Timezone issue"'>> src/twisted/conch/test/test_cftp.py + + echo 'WrapClientTLSParserTests.test_tls.skip = "pyopenssl update"' >> src/twisted/internet/test/test_endpoints.py + echo 'UNIXTestsBuilder_AsyncioSelectorReactorTests.test_sendFileDescriptorTriggersPauseProducing.skip = "sendFileDescriptor producer was not paused"'>> src/twisted/internet/test/test_unix.py + echo 'UNIXTestsBuilder_SelectReactorTests.test_sendFileDescriptorTriggersPauseProducing.skip = "sendFileDescriptor producer was not paused"'>> src/twisted/internet/test/test_unix.py + + echo 'FileObserverTests.test_getTimezoneOffsetEastOfUTC.skip = "mktime argument out of range"'>> src/twisted/test/test_log.py + echo 'FileObserverTests.test_getTimezoneOffsetWestOfUTC.skip = "mktime argument out of range"'>> src/twisted/test/test_log.py + echo 'FileObserverTests.test_getTimezoneOffsetWithoutDaylightSavingTime.skip = "tuple differs, values not"'>> src/twisted/test/test_log.py + + echo 'MulticastTests.test_joinLeave.skip = "No such device"'>> src/twisted/test/test_udp.py + echo 'MulticastTests.test_loopback.skip = "No such device"'>> src/twisted/test/test_udp.py + echo 'MulticastTests.test_multicast.skip = "Reactor was unclean"'>> src/twisted/test/test_udp.py + echo 'MulticastTests.test_multiListen.skip = "No such device"'>> src/twisted/test/test_udp.py + + # fails since migrating to libxcrypt + echo 'HelperTests.test_refuteCryptedPassword.skip = "OSError: Invalid argument"' >> src/twisted/conch/test/test_checkers.py + + # not packaged + substituteInPlace src/twisted/test/test_failure.py \ + --replace "from cython_test_exception_raiser import raiser # type: ignore[import]" "raiser = None" + '' + lib.optionalString stdenv.isLinux '' + echo 'PTYProcessTestsBuilder_EPollReactorTests.test_openFileDescriptors.skip = "invalid syntax"'>> src/twisted/internet/test/test_process.py + echo 'PTYProcessTestsBuilder_PollReactorTests.test_openFileDescriptors.skip = "invalid syntax"'>> src/twisted/internet/test/test_process.py + echo 'UNIXTestsBuilder_EPollReactorTests.test_sendFileDescriptorTriggersPauseProducing.skip = "sendFileDescriptor producer was not paused"'>> src/twisted/internet/test/test_unix.py + echo 'UNIXTestsBuilder_PollReactorTests.test_sendFileDescriptorTriggersPauseProducing.skip = "sendFileDescriptor producer was not paused"'>> src/twisted/internet/test/test_unix.py + + # Patch t.p._inotify to point to libc. Without this, + # twisted.python.runtime.platform.supportsINotify() == False + substituteInPlace src/twisted/python/_inotify.py --replace \ + "ctypes.util.find_library(\"c\")" "'${stdenv.cc.libc}/lib/libc.so.6'" + '' + lib.optionalString (stdenv.isAarch64 && stdenv.isDarwin) '' + echo 'AbortConnectionTests_AsyncioSelectorReactorTests.test_fullWriteBufferAfterByteExchange.skip = "Timeout after 120 seconds"' >> src/twisted/internet/test/test_tcp.py + echo 'AbortConnectionTests_AsyncioSelectorReactorTests.test_resumeProducingAbort.skip = "Timeout after 120 seconds"' >> src/twisted/internet/test/test_tcp.py + + echo 'PosixReactorBaseTests.test_removeAllSkipsInternalReaders.skip = "Fails due to unclosed event loop"' >> src/twisted/internet/test/test_posixbase.py + echo 'PosixReactorBaseTests.test_wakerIsInternalReader.skip = "Fails due to unclosed event loop"' >> src/twisted/internet/test/test_posixbase.py + + echo 'TCPPortTests.test_connectionLostFailed.skip = "Fails due to unclosed event loop"' >> src/twisted/internet/test/test_posixbase.py + ''; + + # Generate Twisted's plug-in cache. Twisted users must do it as well. See + # http://twistedmatrix.com/documents/current/core/howto/plugin.html#auto3 + # and http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=477103 for details. + postFixup = lib.optionalString (stdenv.buildPlatform.canExecute stdenv.hostPlatform) '' + $out/bin/twistd --help > /dev/null + ''; + + nativeCheckInputs = [ + git + glibcLocales + hypothesis + pyhamcrest + ] + ++ passthru.optional-dependencies.conch + # not supported on aarch64-darwin: https://github.com/pyca/pyopenssl/issues/873 + ++ lib.optionals (!(stdenv.isDarwin && stdenv.isAarch64)) passthru.optional-dependencies.tls; + + checkPhase = '' + export SOURCE_DATE_EPOCH=315532800 + export PATH=$out/bin:$PATH + # race conditions when running in paralell + ${python.interpreter} -m twisted.trial twisted + ''; + + passthru = { + optional-dependencies = rec { + conch = [ appdirs bcrypt cryptography pyasn1 ]; + conch_nacl = conch ++ [ pynacl ]; + http2 = [ h2 priority ]; + serial = [ pyserial ]; + tls = [ idna pyopenssl service-identity ]; + }; + + tests = { + inherit + cassandra-driver + klein + magic-wormhole + scrapy + treq + txaio + txamqp + txrequests + txtorcon + thrift; + inherit (nixosTests) buildbot matrix-synapse; + }; + }; + + meta = with lib; { + homepage = "https://github.com/twisted/twisted"; + description = "Asynchronous networking framework written in Python"; + license = licenses.mit; + maintainers = with maintainers; [ ]; + }; +} diff --git a/test/clightning-replication.nix b/test/clightning-replication.nix index 002fcb9..79e8fcc 100644 --- a/test/clightning-replication.nix +++ b/test/clightning-replication.nix @@ -117,7 +117,7 @@ makeTestVM { with subtest("local replication"): client.wait_for_unit("clightning.service") - client.succeed("runuser -u clightning -- ls /var/backup/clightning/lightningd.sqlite3") + client.wait_until_succeeds("runuser -u clightning -- ls /var/backup/clightning/lightningd.sqlite3") # No other user should be able to read the backup directory client.fail("runuser -u bitcoin -- ls /var/backup/clightning") @@ -126,7 +126,7 @@ makeTestVM { switch_to_system("replicationLocalEncrypted") with subtest("local replication encrypted"): replica_db = "/var/cache/clightning-replication/plaintext/lightningd.sqlite3" - client.succeed(f"runuser -u clightning -- ls {replica_db}") + client.wait_until_succeeds(f"runuser -u clightning -- ls {replica_db}") # No other user should be able to read the unencrypted files client.fail(f"runuser -u bitcoin -- ls {replica_db}") # A gocryptfs has been created @@ -136,7 +136,7 @@ makeTestVM { server.wait_for_unit("sshd.service") with subtest("remote replication"): replica_db = "/var/cache/clightning-replication/sshfs/lightningd.sqlite3" - client.succeed(f"runuser -u clightning -- ls {replica_db}") + client.wait_until_succeeds(f"runuser -u clightning -- ls {replica_db}") # No other user should be able to read the unencrypted files client.fail(f"runuser -u bitcoin -- ls {replica_db}") # A clighting db exists on the server @@ -145,7 +145,7 @@ makeTestVM { switch_to_system("replicationRemoteEncrypted") with subtest("remote replication encrypted"): replica_db = "/var/cache/clightning-replication/plaintext/lightningd.sqlite3" - client.succeed(f"runuser -u clightning -- ls {replica_db}") + client.wait_until_succeeds(f"runuser -u clightning -- ls {replica_db}") # No other user should be able to read the unencrypted files client.fail(f"runuser -u bitcoin -- ls {replica_db}") # A gocryptfs has been created on the server diff --git a/test/nixos-search/flake.lock b/test/nixos-search/flake.lock index 91ced1c..177d2b4 100644 --- a/test/nixos-search/flake.lock +++ b/test/nixos-search/flake.lock @@ -39,11 +39,11 @@ "npmlock2nix": "npmlock2nix" }, "locked": { - "lastModified": 1688414580, - "narHash": "sha256-U7ngzJ0ErKTxrjG5Okym9PLxnmjoeDIZZe0dfhv8ER4=", + "lastModified": 1693902773, + "narHash": "sha256-JFsiBAixnnkkPBl1RvnSvRKUiOZxwF6lXnm70LUIW4w=", "owner": "nixos", "repo": "nixos-search", - "rev": "1128c8fb69d4a8557baeee13053e7792339554f9", + "rev": "00f61f52aefe60b18059ec13201d9c94bdc04045", "type": "github" }, "original": {