qbit/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
master
nixpkgs/pkgs/servers/squid/default.nix
Artturin e0464e4788 treewide: replace stdenv.is with stdenv.hostPlatform.is 
In preparation for the deprecation of `stdenv.isX`.

These shorthands are not conducive to cross-compilation because they
hide the platforms.

Darwin might get cross-compilation for which the continued usage of `stdenv.isDarwin` will get in the way

One example of why this is bad and especially affects compiler packages
https://www.github.com/NixOS/nixpkgs/pull/343059

There are too many files to go through manually but a treewide should
get users thinking when they see a `hostPlatform.isX` in a place where it
doesn't make sense.

```
fd --type f "\.nix" | xargs sd --fixed-strings "stdenv.is" "stdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "stdenv'.is" "stdenv'.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "clangStdenv.is" "clangStdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "gccStdenv.is" "gccStdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "stdenvNoCC.is" "stdenvNoCC.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "inherit (stdenv) is" "inherit (stdenv.hostPlatform) is"
fd --type f "\.nix" | xargs sd --fixed-strings "buildStdenv.is" "buildStdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "effectiveStdenv.is" "effectiveStdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "originalStdenv.is" "originalStdenv.hostPlatform.is"
```
2024-09-25 00:04:37 +03:00

61 lines
2.0 KiB
Nix
Raw Permalink Blame History

{ lib, stdenv, fetchurl, perl, openldap, pam, db, cyrus_sasl, libcap
, expat, libxml2, openssl, pkg-config, systemd
, cppunit
}:
stdenv.mkDerivation (finalAttrs: {
pname = "squid";
version = "6.10";
src = fetchurl {
url = "http://www.squid-cache.org/Versions/v6/squid-${finalAttrs.version}.tar.xz";
hash = "sha256-Cwexh+cj8Edw3SW+uJrsEgMKFYaWqoiS2HyLJoU0CKc=";
};
nativeBuildInputs = [ pkg-config ];
buildInputs = [
perl openldap db cyrus_sasl expat libxml2 openssl
] ++ lib.optionals stdenv.hostPlatform.isLinux [ libcap pam systemd ];
enableParallelBuilding = true;
configureFlags = [
"--enable-ipv6"
"--disable-strict-error-checking"
"--disable-arch-native"
"--with-openssl"
"--enable-ssl-crtd"
"--enable-storeio=ufs,aufs,diskd,rock"
"--enable-removal-policies=lru,heap"
"--enable-delay-pools"
"--enable-x-accelerator-vary"
"--enable-htcp"
] ++ lib.optional (stdenv.hostPlatform.isLinux && !stdenv.hostPlatform.isMusl)
"--enable-linux-netfilter";
doCheck = true;
nativeCheckInputs = [ cppunit ];
preCheck = ''
# tests attempt to copy around "/bin/true" to make some things
# no-ops but this doesn't work if our "true" is a multi-call
# binary, so make our own fake "true" which will work when used
# this way
echo "#!$SHELL" > fake-true
chmod +x fake-true
grep -rlF '/bin/true' test-suite/ | while read -r filename ; do
substituteInPlace "$filename" \
--replace "$(type -P true)" "$(realpath fake-true)" \
--replace "/bin/true" "$(realpath fake-true)"
done
'';
meta = with lib; {
description = "Caching proxy for the Web supporting HTTP, HTTPS, FTP, and more";
homepage = "http://www.squid-cache.org";
license = licenses.gpl2Plus;
platforms = platforms.linux;
maintainers = with maintainers; [ raskin ];
knownVulnerabilities = [ "Squid has multiple unresolved security vulnerabilities, for more information see https://megamansec.github.io/Squid-Security-Audit/" ];
};
})
Reference in New Issue View Git Blame Copy Permalink