diff --git a/Makefile b/Makefile index 6ecf57183ef..a9a0200f74b 100644 --- a/Makefile +++ b/Makefile @@ -499,10 +499,6 @@ kube-integration-test: kube-integration-teardown: export NAMESPACE=$(NAMESPACE); export HELM_PARALLELISM=$(HELM_PARALLELISM); ./hack/bin/integration-teardown-federation.sh -.PHONY: kube-integration-e2e-telepresence -kube-integration-e2e-telepresence: - ./services/brig/federation-tests.sh $(NAMESPACE) - .PHONY: helm-oci-login helm-oci-login: ./hack/bin/helm-oci-login.sh diff --git a/flake.lock b/flake.lock index 7777eb2c68a..ae1e0b1c673 100644 --- a/flake.lock +++ b/flake.lock @@ -3,17 +3,16 @@ "amazonka": { "flake": false, "locked": { - "lastModified": 1759730860, - "narHash": "sha256-cCRhHH/IgM7tPy8rXHTSRec1zxohO8NWxSVZEG1OjQw=", + "lastModified": 1781133009, + "narHash": "sha256-zeA69byUJv59avBMfstNuHzeG8V09o87Fp9N98aioII=", "owner": "brendanhay", "repo": "amazonka", - "rev": "a7d699be1076e2aad05a1930ca3937ffea954ad8", + "rev": "b562aa3f24845e34b95748daae671860017426be", "type": "github" }, "original": { "owner": "brendanhay", "repo": "amazonka", - "rev": "a7d699be1076e2aad05a1930ca3937ffea954ad8", "type": "github" } }, @@ -68,6 +67,22 @@ "type": "github" } }, + "cryptostore": { + "flake": false, + "locked": { + "lastModified": 1775634484, + "narHash": "sha256-L4sFE6+1MwwRFIkz/EZhTPuty8dH3IbKU6GyDQylEYg=", + "ref": "refs/heads/master", + "rev": "06afcd9e10445053ef8dc42aa0d9b94f900adfb7", + "revCount": 254, + "type": "git", + "url": "https://codeberg.org/ocheron/cryptostore.git" + }, + "original": { + "type": "git", + "url": "https://codeberg.org/ocheron/cryptostore.git" + } + }, "flake-compat": { "flake": false, "locked": { @@ -186,11 +201,11 @@ "hasql-migration": { "flake": false, "locked": { - "lastModified": 1777986637, - "narHash": "sha256-NdrqeecEdokSCqBm6BqZ9mCDnqgDzAiN5BMwjMcvv1Q=", + "lastModified": 1781189692, + "narHash": "sha256-2Z2M65X8Sw8X4Vn5DLhBoVj40MMngqURQUiFR815PPw=", "owner": "wireapp", "repo": "hasql-migration", - "rev": "6fe20bfb145dde56254089902734e2fcb079fc19", + "rev": "61a53a4b7dc589a5dad7c57c1ca9a38c87eb5690", "type": "github" }, "original": { @@ -200,20 +215,20 @@ "type": "github" } }, - "hedis": { + "hsaml2": { "flake": false, "locked": { - "lastModified": 1748594228, - "narHash": "sha256-BwcqQZf2GaEn2i6o9bVl+jiu/CjShYlHCmO81bYfc8Y=", + "lastModified": 1781188458, + "narHash": "sha256-qWyv8W84jw5JQpmqHCvxMoLtvfxO2eK6qIoeX95rBJ0=", "owner": "wireapp", - "repo": "hedis", - "rev": "00d7fbf5f19b812b9e64e12be8860c4741be8558", + "repo": "hsaml2", + "rev": "b464d0e3ad173c10d773aef951020470beb72b3f", "type": "github" }, "original": { "owner": "wireapp", - "ref": "wire-changes", - "repo": "hedis", + "ref": "use-crypton-asn1", + "repo": "hsaml2", "type": "github" } }, @@ -237,11 +252,11 @@ "http-client": { "flake": false, "locked": { - "lastModified": 1706706086, - "narHash": "sha256-z47GlT+tHsSlRX4ApSGQIpOpaZiBeqr72/tWuvzw8tc=", + "lastModified": 1781190499, + "narHash": "sha256-Ni40f1bsR7Rm9qtlVwve9KrMNv++pu8r9LEal4veDFk=", "owner": "wireapp", "repo": "http-client", - "rev": "37494bb9a89dd52f97a8dc582746c6ff52943934", + "rev": "08ae6f7b9b5d760feacabb4c5887abb44b5a080a", "type": "github" }, "original": { @@ -253,16 +268,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1779796641, - "narHash": "sha256-ZsIrKmhp4vbBXoXXmR/tBXA/UCsAQiJL9vsgZEduhVY=", + "lastModified": 1780902259, + "narHash": "sha256-q8yYEC5f1mFlQO9RGna4LTc9QrcvWunX6FYp83munkQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "25f538306313eae3927264466c70d7001dcea1df", + "rev": "bd0ff2d3eac24699c3664d5966b9ef36f388e2ca", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-25.11", + "ref": "nixos-26.05", "repo": "nixpkgs", "type": "github" } @@ -282,22 +297,6 @@ "type": "github" } }, - "nixpkgs-unstable": { - "locked": { - "lastModified": 1772963539, - "narHash": "sha256-9jVDGZnvCckTGdYT53d/EfznygLskyLQXYwJLKMPsZs=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "9dcb002ca1690658be4a04645215baea8b95f31d", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs_24_11": { "locked": { "lastModified": 1751274312, @@ -354,13 +353,13 @@ "bloodhound": "bloodhound", "cql": "cql", "cql-io": "cql-io", + "cryptostore": "cryptostore", "flake-utils": "flake-utils", "hasql-migration": "hasql-migration", - "hedis": "hedis", + "hsaml2": "hsaml2", "hspec-wai": "hspec-wai", "http-client": "http-client", "nixpkgs": "nixpkgs", - "nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs_24_11": "nixpkgs_24_11", "postgresql-connection-string": "postgresql-connection-string", "postie": "postie", diff --git a/flake.nix b/flake.nix index 5a9b40ea81a..bbc3c8826f9 100644 --- a/flake.nix +++ b/flake.nix @@ -3,9 +3,8 @@ inputs = { self.submodules = true; - nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-25.11"; + nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-26.05"; nixpkgs_24_11.url = "github:nixos/nixpkgs?ref=nixos-24.11"; - nixpkgs-unstable.url = "github:nixos/nixpkgs?ref=nixos-unstable"; flake-utils.url = "github:numtide/flake-utils"; tom-bombadil = { url = "github:wireapp/tom-bombadil"; @@ -21,10 +20,6 @@ url = "github:wireapp/bloodhound?ref=wire-fork"; flake = false; }; - hedis = { - url = "github:wireapp/hedis?ref=wire-changes"; - flake = false; - }; http-client = { url = "github:wireapp/http-client?ref=master"; @@ -82,7 +77,7 @@ }; amazonka = { - url = "github:brendanhay/amazonka?rev=a7d699be1076e2aad05a1930ca3937ffea954ad8"; + url = "github:brendanhay/amazonka"; flake = false; }; @@ -95,9 +90,20 @@ url = "github:wireapp/postgresql-connection-string?ref=expose-from-key-value-params"; flake = false; }; + + cryptostore = { + # Use master because the released version doesn't work with the latest version of cyrpton. + url = "git+https://codeberg.org/ocheron/cryptostore.git"; + flake = false; + }; + + hsaml2 = { + url = "github:wireapp/hsaml2/use-crypton-asn1"; + flake = false; + }; }; - outputs = inputs@{ nixpkgs, nixpkgs_24_11, nixpkgs-unstable, flake-utils, tom-bombadil, sbomnix, ... }: + outputs = inputs@{ nixpkgs, nixpkgs_24_11, flake-utils, tom-bombadil, sbomnix, ... }: flake-utils.lib.eachDefaultSystem (system: let pkgs = import nixpkgs { @@ -110,9 +116,6 @@ pkgs_24_11 = import nixpkgs_24_11 { inherit system; }; - pkgs_unstable = import nixpkgs-unstable { - inherit system; - }; bomDependenciesDrv = tom-bombadil.lib.${system}.bomDependenciesDrv; wireServerPkgs = import ./nix { inherit pkgs pkgs_24_11 inputs bomDependenciesDrv; }; in @@ -145,7 +148,7 @@ # Container and SBOM tools pkgs.cyclonedx-cli - pkgs_unstable.syft + pkgs.syft pkgs.kubernetes-helm pkgs.helmfile sbomnix.packages.${system}.default diff --git a/integration/default.nix b/integration/default.nix index 3902d31641f..8ef7ea4b4c6 100644 --- a/integration/default.nix +++ b/integration/default.nix @@ -8,8 +8,6 @@ , aeson-pretty , amqp , array -, asn1-encoding -, asn1-types , async , attoparsec , base @@ -25,6 +23,9 @@ , cql-io , criterion , crypton +, crypton-asn1-encoding +, crypton-asn1-types +, crypton-pem , crypton-x509 , cryptostore , data-default @@ -39,7 +40,6 @@ , filepath , haskell-src-exts , hex -, hourglass , HsOpenSSL , http-client , http-types @@ -48,16 +48,15 @@ , lens , lens-aeson , lib -, memory , mime , monad-control , mtl , network , network-uri , optparse-applicative -, pem , process , proto-lens +, ram , random , raw-strings-qq , regex @@ -78,6 +77,7 @@ , temporary , text , time +, time-hourglass , transformers , transformers-base , unix @@ -115,8 +115,6 @@ mkDerivation { aeson-pretty amqp array - asn1-encoding - asn1-types async attoparsec base @@ -131,6 +129,9 @@ mkDerivation { cql-io criterion crypton + crypton-asn1-encoding + crypton-asn1-types + crypton-pem crypton-x509 cryptostore data-default @@ -144,7 +145,6 @@ mkDerivation { extra filepath hex - hourglass HsOpenSSL http-client http-types @@ -152,16 +152,15 @@ mkDerivation { kan-extensions lens lens-aeson - memory mime monad-control mtl network network-uri optparse-applicative - pem process proto-lens + ram random raw-strings-qq regex @@ -182,6 +181,7 @@ mkDerivation { temporary text time + time-hourglass transformers transformers-base unix @@ -199,5 +199,5 @@ mkDerivation { xml-conduit yaml ]; - license = lib.licenses.agpl3Only; + license = lib.meta.getLicenseFromSpdxId "AGPL-3.0-only"; } diff --git a/integration/integration.cabal b/integration/integration.cabal index f516226dbff..616b77df37f 100644 --- a/integration/integration.cabal +++ b/integration/integration.cabal @@ -252,8 +252,6 @@ library , aeson-pretty , amqp , array - , asn1-encoding - , asn1-types , async , attoparsec , base @@ -268,6 +266,9 @@ library , cql-io , criterion , crypton + , crypton-asn1-encoding + , crypton-asn1-types + , crypton-pem , crypton-x509 , cryptostore , data-default @@ -281,7 +282,6 @@ library , extra , filepath , hex - , hourglass , HsOpenSSL , http-client , http-types @@ -289,16 +289,15 @@ library , kan-extensions , lens , lens-aeson - , memory , mime , monad-control , mtl , network , network-uri , optparse-applicative - , pem , process , proto-lens + , ram , random , raw-strings-qq , regex @@ -319,6 +318,7 @@ library , temporary , text , time + , time-hourglass , transformers , transformers-base , unix diff --git a/libs/extended/default.nix b/libs/extended/default.nix index 8fe0353f7ae..06b5f70244a 100644 --- a/libs/extended/default.nix +++ b/libs/extended/default.nix @@ -5,12 +5,12 @@ { mkDerivation , aeson , amqp -, asn1-types , base , bytestring , cassandra-util , containers , crypton +, crypton-asn1-types , crypton-connection , crypton-pem , crypton-x509 @@ -20,7 +20,6 @@ , exceptions , hasql , hasql-pool -, hourglass , hspec , hspec-discover , http-client @@ -28,11 +27,11 @@ , http-types , imports , lib -, memory , metrics-wai , monad-control , postgresql-connection-string , prometheus-client +, ram , retry , servant , servant-client @@ -43,6 +42,7 @@ , temporary , text , time +, time-hourglass , tinylog , tls , transformers @@ -58,12 +58,12 @@ mkDerivation { libraryHaskellDepends = [ aeson amqp - asn1-types base bytestring cassandra-util containers crypton + crypton-asn1-types crypton-connection crypton-x509 crypton-x509-store @@ -72,16 +72,15 @@ mkDerivation { exceptions hasql hasql-pool - hourglass http-client http-client-tls http-types imports - memory metrics-wai monad-control postgresql-connection-string prometheus-client + ram retry servant servant-client @@ -90,6 +89,7 @@ mkDerivation { servant-server text time + time-hourglass tinylog tls transformers @@ -100,17 +100,17 @@ mkDerivation { ]; testHaskellDepends = [ aeson - asn1-types base bytestring crypton + crypton-asn1-types crypton-pem crypton-x509 - hourglass hspec imports string-conversions temporary + time-hourglass ]; testToolDepends = [ hspec-discover ]; description = "Extended versions of common modules"; diff --git a/libs/extended/extended.cabal b/libs/extended/extended.cabal index 58d587bed59..537bb10aabd 100644 --- a/libs/extended/extended.cabal +++ b/libs/extended/extended.cabal @@ -90,12 +90,12 @@ library build-depends: aeson , amqp - , asn1-types , base , bytestring , cassandra-util , containers , crypton + , crypton-asn1-types , crypton-connection , crypton-x509 , crypton-x509-store @@ -104,16 +104,15 @@ library , exceptions , hasql , hasql-pool - , hourglass , http-client , http-client-tls , http-types , imports - , memory , metrics-wai , monad-control , postgresql-connection-string , prometheus-client + , ram , retry , servant , servant-client @@ -122,6 +121,7 @@ library , servant-server , text , time + , time-hourglass , tinylog , tls , transformers @@ -195,17 +195,17 @@ test-suite extended-tests build-depends: aeson - , asn1-types , base , bytestring , crypton + , crypton-asn1-types , crypton-pem , crypton-x509 , extended - , hourglass , hspec , imports , string-conversions , temporary + , time-hourglass default-language: GHC2021 diff --git a/libs/galley-types/default.nix b/libs/galley-types/default.nix index 305d67cb2c5..69e69e32281 100644 --- a/libs/galley-types/default.nix +++ b/libs/galley-types/default.nix @@ -13,7 +13,7 @@ , http-types , imports , lib -, memory +, ram , text , types-common , uuid @@ -34,7 +34,7 @@ mkDerivation { errors http-types imports - memory + ram text types-common uuid diff --git a/libs/galley-types/galley-types.cabal b/libs/galley-types/galley-types.cabal index ddb920af71b..5f10d475d75 100644 --- a/libs/galley-types/galley-types.cabal +++ b/libs/galley-types/galley-types.cabal @@ -78,7 +78,7 @@ library , errors , http-types , imports - , memory + , ram , text >=0.11 , types-common >=0.16 , uuid diff --git a/libs/saml2-web-sso/default.nix b/libs/saml2-web-sso/default.nix index 2c47377bae7..c2cf3618c36 100644 --- a/libs/saml2-web-sso/default.nix +++ b/libs/saml2-web-sso/default.nix @@ -4,9 +4,6 @@ # dependencies are added or removed. { mkDerivation , aeson -, asn1-encoding -, asn1-parse -, asn1-types , base , base64-bytestring , binary @@ -15,6 +12,9 @@ , containers , cookie , crypton +, crypton-asn1-encoding +, crypton-asn1-parse +, crypton-asn1-types , crypton-x509 , data-default , directory @@ -29,7 +29,6 @@ , ghc-prim , hedgehog , hedgehog-quickcheck -, hourglass , hsaml2 , hspec , hspec-core @@ -44,7 +43,6 @@ , lens , lens-datetime , lib -, memory , mtl , network-uri , openapi3 @@ -52,6 +50,7 @@ , process , QuickCheck , quickcheck-instances +, ram , random , schema-profunctor , servant @@ -63,6 +62,7 @@ , temporary , text , time +, time-hourglass , tinylog , transformers , types-common @@ -87,9 +87,6 @@ mkDerivation { src = ./.; libraryHaskellDepends = [ aeson - asn1-encoding - asn1-parse - asn1-types base base64-bytestring binary @@ -98,6 +95,9 @@ mkDerivation { containers cookie crypton + crypton-asn1-encoding + crypton-asn1-parse + crypton-asn1-types crypton-x509 data-default directory @@ -112,7 +112,6 @@ mkDerivation { ghc-prim hedgehog hedgehog-quickcheck - hourglass hsaml2 hspec hspec-wai @@ -124,7 +123,6 @@ mkDerivation { invertible-hxt lens lens-datetime - memory mtl network-uri openapi3 @@ -132,6 +130,7 @@ mkDerivation { process QuickCheck quickcheck-instances + ram random schema-profunctor servant @@ -143,6 +142,7 @@ mkDerivation { temporary text time + time-hourglass tinylog transformers types-common @@ -163,9 +163,6 @@ mkDerivation { ]; testHaskellDepends = [ aeson - asn1-encoding - asn1-parse - asn1-types base base64-bytestring binary @@ -174,6 +171,9 @@ mkDerivation { containers cookie crypton + crypton-asn1-encoding + crypton-asn1-parse + crypton-asn1-types crypton-x509 data-default directory @@ -187,7 +187,6 @@ mkDerivation { ghc-prim hedgehog hedgehog-quickcheck - hourglass hsaml2 hspec hspec-core @@ -199,13 +198,13 @@ mkDerivation { imports lens lens-datetime - memory mtl network-uri pretty-show process QuickCheck quickcheck-instances + ram random schema-profunctor servant @@ -217,6 +216,7 @@ mkDerivation { temporary text time + time-hourglass tinylog transformers types-common @@ -236,5 +236,5 @@ mkDerivation { ]; testToolDepends = [ hspec-discover ]; description = "Library and example web app for the SAML Web-based SSO profile"; - license = lib.licenses.agpl3Only; + license = lib.meta.getLicenseFromSpdxId "AGPL-3.0-only"; } diff --git a/libs/saml2-web-sso/saml2-web-sso.cabal b/libs/saml2-web-sso/saml2-web-sso.cabal index 710e94e32d0..5959492d602 100644 --- a/libs/saml2-web-sso/saml2-web-sso.cabal +++ b/libs/saml2-web-sso/saml2-web-sso.cabal @@ -80,80 +80,80 @@ library -Wincomplete-uni-patterns -Wtabs -Wno-x-partial -Wno-deprecations build-depends: - , aeson >=1.4.5.0 - , asn1-encoding >=0.9.6 - , asn1-parse >=0.9.5 - , asn1-types >=0.3.3 - , base >=4.12.0.0 - , base64-bytestring >=1.0.0.2 - , binary >=0.8.6.0 - , bytestring >=0.10.8.2 - , case-insensitive >=1.2.1.0 - , containers >=0.6.0.1 - , cookie >=0.4.4 - , crypton >=0.30 - , crypton-x509 >=1.7.5 - , data-default >=0.7.1.1 - , directory >=1.3.6.0 - , dns >=4.0.0 - , email-validate >=2.3.2.12 - , errors >=2.3.0 - , exceptions >=0.10.3 - , extra >=1.6.18 + , aeson >=1.4.5.0 + , base >=4.12.0.0 + , base64-bytestring >=1.0.0.2 + , binary >=0.8.6.0 + , bytestring >=0.10.8.2 + , case-insensitive >=1.2.1.0 + , containers >=0.6.0.1 + , cookie >=0.4.4 + , crypton >=0.30 + , crypton-asn1-encoding >=0.9.6 + , crypton-asn1-parse >=0.9.5 + , crypton-asn1-types >=0.3.3 + , crypton-x509 >=1.7.5 + , data-default >=0.7.1.1 + , directory >=1.3.6.0 + , dns >=4.0.0 + , email-validate >=2.3.2.12 + , errors >=2.3.0 + , exceptions >=0.10.3 + , extra >=1.6.18 , file-path-th - , filepath >=1.4.2.1 - , foundation >=0.0.25 - , ghc-prim >=0.5.3 - , hedgehog >=1.0.1 - , hedgehog-quickcheck >=0.1.1 - , hourglass >=0.2.12 - , hsaml2 >=0.1 - , hspec >=2.7.1 - , hspec-wai >=0.9.0 - , http-media >=0.8.0.0 - , http-types >=0.12.3 - , hxt >=9.3.1.18 + , filepath >=1.4.2.1 + , foundation >=0.0.25 + , ghc-prim >=0.5.3 + , hedgehog >=1.0.1 + , hedgehog-quickcheck >=0.1.1 + , hsaml2 >=0.1 + , hspec >=2.7.1 + , hspec-wai >=0.9.0 + , http-media >=0.8.0.0 + , http-types >=0.12.3 + , hxt >=9.3.1.18 , hxt-regex-xmlschema , imports , invertible-hxt - , lens >=4.17.1 - , lens-datetime >=0.3 - , memory >=0.14.18 - , mtl >=2.2.2 - , network-uri >=2.6.1.0 + , lens >=4.17.1 + , lens-datetime >=0.3 + , mtl >=2.2.2 + , network-uri >=2.6.1.0 , openapi3 - , pretty-show >=1.9.5 - , process >=1.6.5.0 - , QuickCheck >=2.13.2 - , quickcheck-instances >=0.3.22 - , random >=1.1 + , pretty-show >=1.9.5 + , process >=1.6.5.0 + , QuickCheck >=2.13.2 + , quickcheck-instances >=0.3.22 + , ram >=0.14.18 + , random >=1.1 , schema-profunctor - , servant >=0.16.2 - , servant-multipart >=0.12 - , servant-server >=0.16.2 - , shelly >=1.8.1 - , silently >=1.2.5.1 - , string-conversions >=0.4.0.1 - , temporary >=1.3 - , text >=1.2.3.1 - , time >=1.8.0.2 + , servant >=0.16.2 + , servant-multipart >=0.12 + , servant-server >=0.16.2 + , shelly >=1.8.1 + , silently >=1.2.5.1 + , string-conversions >=0.4.0.1 + , temporary >=1.3 + , text >=1.2.3.1 + , time >=1.8.0.2 + , time-hourglass >=0.2.12 , tinylog - , transformers >=0.5.6.2 + , transformers >=0.5.6.2 , types-common - , uniplate >=1.6.12 - , uri-bytestring >=0.3.2.2 + , uniplate >=1.6.12 + , uri-bytestring >=0.3.2.2 , utf8-string - , uuid >=1.3.13 - , wai >=3.2.2.1 - , wai-extra >=3.0.28 + , uuid >=1.3.13 + , wai >=3.2.2.1 + , wai-extra >=3.0.28 , wai-utilities - , warp >=3.2.28 - , word8 >=0.1.3 - , xml-conduit >=1.8.0.1 - , xml-conduit-writer >=0.1.1.2 - , xml-hamlet >=0.5.0.1 - , xml-types >=0.3.6 - , yaml >=0.8.25.1 + , warp >=3.2.28 + , word8 >=0.1.3 + , xml-conduit >=1.8.0.1 + , xml-conduit-writer >=0.1.1.2 + , xml-hamlet >=0.5.0.1 + , xml-types >=0.3.6 + , yaml >=0.8.25.1 default-language: GHC2021 @@ -209,77 +209,77 @@ test-suite saml2-web-sso-tests -with-rtsopts=-N build-depends: - , aeson >=1.4.5.0 - , asn1-encoding >=0.9.6 - , asn1-parse >=0.9.5 - , asn1-types >=0.3.3 - , base >=4.12.0.0 - , base64-bytestring >=1.0.0.2 - , binary >=0.8.6.0 - , bytestring >=0.10.8.2 - , case-insensitive >=1.2.1.0 - , containers >=0.6.0.1 - , cookie >=0.4.4 - , crypton >=0.30 - , crypton-x509 >=1.7.5 - , data-default >=0.7.1.1 - , directory >=1.3.6.0 - , dns >=4.0.0 - , email-validate >=2.3.2.12 - , errors >=2.3.0 - , exceptions >=0.10.3 - , extra >=1.6.18 - , filepath >=1.4.2.1 - , foundation >=0.0.25 - , ghc-prim >=0.5.3 + , aeson >=1.4.5.0 + , base >=4.12.0.0 + , base64-bytestring >=1.0.0.2 + , binary >=0.8.6.0 + , bytestring >=0.10.8.2 + , case-insensitive >=1.2.1.0 + , containers >=0.6.0.1 + , cookie >=0.4.4 + , crypton >=0.30 + , crypton-asn1-encoding >=0.9.6 + , crypton-asn1-parse >=0.9.5 + , crypton-asn1-types >=0.3.3 + , crypton-x509 >=1.7.5 + , data-default >=0.7.1.1 + , directory >=1.3.6.0 + , dns >=4.0.0 + , email-validate >=2.3.2.12 + , errors >=2.3.0 + , exceptions >=0.10.3 + , extra >=1.6.18 + , filepath >=1.4.2.1 + , foundation >=0.0.25 + , ghc-prim >=0.5.3 , hedgehog - , hedgehog-quickcheck >=0.1.1 - , hourglass >=0.2.12 - , hsaml2 >=0.1 - , hspec >=2.7.1 + , hedgehog-quickcheck >=0.1.1 + , hsaml2 >=0.1 + , hspec >=2.7.1 , hspec-core , hspec-discover - , hspec-wai >=0.9.0 - , http-media >=0.8.0.0 - , http-types >=0.12.3 - , hxt >=9.3.1.18 + , hspec-wai >=0.9.0 + , http-media >=0.8.0.0 + , http-types >=0.12.3 + , hxt >=9.3.1.18 , imports - , lens >=4.17.1 - , lens-datetime >=0.3 - , memory >=0.14.18 - , mtl >=2.2.2 - , network-uri >=2.6.1.0 + , lens >=4.17.1 + , lens-datetime >=0.3 + , mtl >=2.2.2 + , network-uri >=2.6.1.0 , pretty-show - , process >=1.6.5.0 - , QuickCheck >=2.13.2 - , quickcheck-instances >=0.3.22 - , random >=1.1 + , process >=1.6.5.0 + , QuickCheck >=2.13.2 + , quickcheck-instances >=0.3.22 + , ram >=0.14.18 + , random >=1.1 , saml2-web-sso , schema-profunctor - , servant >=0.16.2 - , servant-multipart >=0.12 - , servant-server >=0.16.2 - , shelly >=1.8.1 - , silently >=1.2.5.1 - , string-conversions >=0.4.0.1 - , temporary >=1.3 - , text >=1.2.3.1 - , time >=1.8.0.2 + , servant >=0.16.2 + , servant-multipart >=0.12 + , servant-server >=0.16.2 + , shelly >=1.8.1 + , silently >=1.2.5.1 + , string-conversions >=0.4.0.1 + , temporary >=1.3 + , text >=1.2.3.1 + , time >=1.8.0.2 + , time-hourglass >=0.2.12 , tinylog - , transformers >=0.5.6.2 + , transformers >=0.5.6.2 , types-common - , uniplate >=1.6.12 - , uri-bytestring >=0.3.2.2 + , uniplate >=1.6.12 + , uri-bytestring >=0.3.2.2 , utf8-string - , uuid >=1.3.13 - , wai >=3.2.2.1 - , wai-extra >=3.0.28 - , warp >=3.2.28 - , word8 >=0.1.3 - , xml-conduit >=1.8.0.1 - , xml-conduit-writer >=0.1.1.2 - , xml-hamlet >=0.5.0.1 - , xml-types >=0.3.6 - , yaml >=0.8.25.1 + , uuid >=1.3.13 + , wai >=3.2.2.1 + , wai-extra >=3.0.28 + , warp >=3.2.28 + , word8 >=0.1.3 + , xml-conduit >=1.8.0.1 + , xml-conduit-writer >=0.1.1.2 + , xml-hamlet >=0.5.0.1 + , xml-types >=0.3.6 + , yaml >=0.8.25.1 default-language: GHC2021 diff --git a/libs/types-common/default.nix b/libs/types-common/default.nix index 106a1c2cb78..1709d719291 100644 --- a/libs/types-common/default.nix +++ b/libs/types-common/default.nix @@ -18,6 +18,7 @@ , cryptohash-md5 , cryptohash-sha1 , crypton +, crypton-pem , currency-codes , email-validate , generic-random @@ -33,7 +34,6 @@ , mime , openapi3 , optparse-applicative -, pem , polysemy , polysemy-time , protobuf @@ -79,6 +79,7 @@ mkDerivation { cryptohash-md5 cryptohash-sha1 crypton + crypton-pem currency-codes email-validate generic-random @@ -93,7 +94,6 @@ mkDerivation { mime openapi3 optparse-applicative - pem polysemy polysemy-time protobuf diff --git a/libs/types-common/types-common.cabal b/libs/types-common/types-common.cabal index 31ef91e6d86..e2249067182 100644 --- a/libs/types-common/types-common.cabal +++ b/libs/types-common/types-common.cabal @@ -109,6 +109,7 @@ library , cryptohash-md5 >=0.11.7.2 , cryptohash-sha1 >=0.11.7.2 , crypton >=0.26 + , crypton-pem , currency-codes >=3.0.0.1 , email-validate , generic-random >=1.4.0.0 @@ -123,7 +124,6 @@ library , mime >=0.4.0.2 , openapi3 , optparse-applicative >=0.10 - , pem , polysemy , polysemy-time , protobuf >=0.2 diff --git a/libs/wai-utilities/default.nix b/libs/wai-utilities/default.nix index 19fd1864bb7..dccf4412810 100644 --- a/libs/wai-utilities/default.nix +++ b/libs/wai-utilities/default.nix @@ -79,5 +79,5 @@ mkDerivation { ]; testToolDepends = [ hspec-discover ]; description = "Various helpers for WAI"; - license = lib.licenses.agpl3Only; + license = lib.meta.getLicenseFromSpdxId "AGPL-3.0-only"; } diff --git a/libs/wire-api/default.nix b/libs/wire-api/default.nix index 2af107b2482..5671728c638 100644 --- a/libs/wire-api/default.nix +++ b/libs/wire-api/default.nix @@ -8,7 +8,6 @@ , aeson-pretty , aeson-qq , amqp -, asn1-encoding , async , attoparsec , barbies @@ -30,6 +29,8 @@ , containers , cookie , crypton +, crypton-asn1-encoding +, crypton-pem , crypton-x509 , currency-codes , data-default @@ -63,13 +64,11 @@ , kan-extensions , lens , lib -, memory , metrics-wai , mime , mtl , network-uri , openapi3 -, pem , polysemy , polysemy-wire-zoo , process @@ -78,6 +77,7 @@ , protobuf , QuickCheck , quickcheck-instances +, ram , random , regex-base , regex-tdfa @@ -132,7 +132,6 @@ mkDerivation { libraryHaskellDepends = [ aeson amqp - asn1-encoding attoparsec barbies base @@ -152,6 +151,8 @@ mkDerivation { containers cookie crypton + crypton-asn1-encoding + crypton-pem crypton-x509 currency-codes data-default @@ -181,13 +182,11 @@ mkDerivation { jose kan-extensions lens - memory metrics-wai mime mtl network-uri openapi3 - pem polysemy polysemy-wire-zoo profunctors @@ -195,6 +194,7 @@ mkDerivation { protobuf QuickCheck quickcheck-instances + ram random regex-base regex-tdfa @@ -250,6 +250,7 @@ mkDerivation { cassava containers crypton + crypton-pem currency-codes filepath hex @@ -261,13 +262,12 @@ mkDerivation { iso3166-country-codes iso639 lens - memory metrics-wai openapi3 - pem process proto-lens QuickCheck + ram random saml2-web-sso schema-profunctor @@ -288,5 +288,5 @@ mkDerivation { wai wire-message-proto-lens ]; - license = lib.licenses.agpl3Only; + license = lib.meta.getLicenseFromSpdxId "AGPL-3.0-only"; } diff --git a/libs/wire-api/wire-api.cabal b/libs/wire-api/wire-api.cabal index 841fc2114b6..1ef9703bef6 100644 --- a/libs/wire-api/wire-api.cabal +++ b/libs/wire-api/wire-api.cabal @@ -283,7 +283,6 @@ library build-depends: , aeson >=2.0.1.0 , amqp - , asn1-encoding , attoparsec >=0.10 , barbies , base >=4 && <5 @@ -303,6 +302,8 @@ library , containers >=0.5 , cookie , crypton + , crypton-asn1-encoding + , crypton-pem >=0.2 , crypton-x509 , currency-codes >=2.0 , data-default @@ -332,13 +333,11 @@ library , jose , kan-extensions , lens >=4.12 - , memory , metrics-wai , mime >=0.4 , mtl , network-uri , openapi3 - , pem >=0.2 , polysemy , polysemy-wire-zoo , profunctors @@ -346,6 +345,7 @@ library , protobuf >=0.2 , QuickCheck >=2.14 , quickcheck-instances >=0.3.16 + , ram , random >=1.2.0 , regex-base , regex-tdfa @@ -674,13 +674,13 @@ test-suite wire-api-golden-tests , bytestring , bytestring-conversion , containers >=0.5 + , crypton-pem , currency-codes , http-api-data , imports , iso3166-country-codes , iso639 , lens - , pem , proto-lens , saml2-web-sso , string-conversions @@ -749,11 +749,11 @@ test-suite wire-api-tests , http-types , imports , lens - , memory , metrics-wai , openapi3 , process , QuickCheck + , ram , random , schema-profunctor , servant diff --git a/libs/wire-otel/default.nix b/libs/wire-otel/default.nix index 47240bd9d56..33e03c0bd07 100644 --- a/libs/wire-otel/default.nix +++ b/libs/wire-otel/default.nix @@ -42,5 +42,5 @@ mkDerivation { unliftio ]; homepage = "https://wire.com/"; - license = lib.licenses.agpl3Only; + license = lib.meta.getLicenseFromSpdxId "AGPL-3.0-only"; } diff --git a/libs/wire-subsystems/default.nix b/libs/wire-subsystems/default.nix index 292b9a59947..50b26ec421f 100644 --- a/libs/wire-subsystems/default.nix +++ b/libs/wire-subsystems/default.nix @@ -11,8 +11,6 @@ , amazonka-ses , amazonka-sqs , amqp -, asn1-encoding -, asn1-types , async , attoparsec , base @@ -33,6 +31,8 @@ , cookie , cql , crypton +, crypton-asn1-encoding +, crypton-asn1-types , crypton-pem , crypton-x509 , crypton-x509-store @@ -75,7 +75,6 @@ , lens-aeson , lib , lrucaching -, memory , mime , mime-mail , MonadRandom @@ -94,6 +93,7 @@ , proto-lens , QuickCheck , quickcheck-instances +, ram , random , raw-strings-qq , resource-pool @@ -152,8 +152,6 @@ mkDerivation { amazonka-ses amazonka-sqs amqp - asn1-encoding - asn1-types async attoparsec base @@ -174,6 +172,8 @@ mkDerivation { cookie cql crypton + crypton-asn1-encoding + crypton-asn1-types crypton-pem crypton-x509 currency-codes @@ -212,7 +212,6 @@ mkDerivation { lens lens-aeson lrucaching - memory mime mime-mail MonadRandom @@ -230,6 +229,7 @@ mkDerivation { prometheus-client proto-lens QuickCheck + ram raw-strings-qq resource-pool resourcet @@ -281,8 +281,6 @@ mkDerivation { amazonka-ses amazonka-sqs amqp - asn1-encoding - asn1-types async attoparsec base @@ -302,6 +300,8 @@ mkDerivation { cookie cql crypton + crypton-asn1-encoding + crypton-asn1-types crypton-pem crypton-x509 crypton-x509-store @@ -341,7 +341,6 @@ mkDerivation { lens lens-aeson lrucaching - memory mime mime-mail MonadRandom @@ -358,6 +357,7 @@ mkDerivation { proto-lens QuickCheck quickcheck-instances + ram random raw-strings-qq resource-pool @@ -403,5 +403,5 @@ mkDerivation { zauth ]; testToolDepends = [ hspec-discover ]; - license = lib.licenses.agpl3Only; + license = lib.meta.getLicenseFromSpdxId "AGPL-3.0-only"; } diff --git a/libs/wire-subsystems/src/Wire/EmailSending/SMTP.hs b/libs/wire-subsystems/src/Wire/EmailSending/SMTP.hs index 5c71f8a2c84..f76d0478579 100644 --- a/libs/wire-subsystems/src/Wire/EmailSending/SMTP.hs +++ b/libs/wire-subsystems/src/Wire/EmailSending/SMTP.hs @@ -105,7 +105,7 @@ initSMTP' timeoutDuration lg host port credentials connType = do catch ( logExceptionOrResult lg - ("Checking test connection to " ++ unpack host ++ " on startup") + ("Checking test connection to " ++ unpack host ++ ":" ++ show port ++ " on startup") establishConnection ) ( \(e :: SomeException) -> do @@ -155,7 +155,7 @@ initSMTP' timeoutDuration lg host port credentials connType = do create = logExceptionOrResult lg - ("Creating pooled SMTP connection to " ++ unpack host) + ("Creating pooled SMTP connection to " ++ unpack host ++ ":" ++ show port) establishConnection -- NOTE: because `Data.Pool` masks the async exceptions for the resource deallocation function, @@ -166,9 +166,11 @@ initSMTP' timeoutDuration lg host port credentials connType = do withAsyncWithUnmask do \unmask -> do - logExceptionOrResult lg ("Closing pooled SMTP connection to " ++ unpack host) $ + logExceptionOrResult lg ("Closing pooled SMTP connection to " ++ unpack host ++ ":" ++ show port) $ unmask do - ensureTimeout $ SMTP.gracefullyCloseSMTP c + ensureTimeout $ + SMTP.gracefullyCloseSMTP c + `catch` (\(_ :: SMTP.SMTPException) -> pure ()) do wait logExceptionOrResult :: (MonadIO m, MonadCatch m) => Logger -> String -> m a -> m a diff --git a/libs/wire-subsystems/wire-subsystems.cabal b/libs/wire-subsystems/wire-subsystems.cabal index 881b3965068..680a8e71519 100644 --- a/libs/wire-subsystems/wire-subsystems.cabal +++ b/libs/wire-subsystems/wire-subsystems.cabal @@ -91,8 +91,6 @@ common common-all , amazonka-ses , amazonka-sqs , amqp - , asn1-encoding - , asn1-types , async , attoparsec , base @@ -112,6 +110,8 @@ common common-all , cookie , cql , crypton + , crypton-asn1-encoding + , crypton-asn1-types , crypton-pem , currency-codes , data-default @@ -148,7 +148,6 @@ common common-all , lens , lens-aeson , lrucaching - , memory , mime , mime-mail , MonadRandom @@ -164,6 +163,7 @@ common common-all , prometheus-client , proto-lens , QuickCheck + , ram , raw-strings-qq , resource-pool , resourcet @@ -519,7 +519,6 @@ library , iso639 , lens , lrucaching - , memory , mime , mime-mail , mtl @@ -532,6 +531,7 @@ library , postgresql-error-codes , prometheus-client , QuickCheck + , ram , resource-pool , resourcet , retry diff --git a/nix/default.nix b/nix/default.nix index a1cc06954f1..b4789d3798a 100644 --- a/nix/default.nix +++ b/nix/default.nix @@ -17,7 +17,7 @@ let docsPkgs = [ pkgs.plantuml pkgs.texlive.combined.scheme-full - (pkgs.python310.withPackages + (pkgs.python315.withPackages (ps: with ps; [ myst-parser rst2pdf diff --git a/nix/haskell-pins.nix b/nix/haskell-pins.nix index cf7490f1b68..40cd37a0110 100644 --- a/nix/haskell-pins.nix +++ b/nix/haskell-pins.nix @@ -62,12 +62,6 @@ let src = inputs.bloodhound; }; - # PR: https://github.com/informatikr/hedis/pull/224 - # PR: https://github.com/informatikr/hedis/pull/226 - # PR: https://github.com/informatikr/hedis/pull/227 - hedis = { - src = inputs.hedis; - }; # Our fork because we need to a few special things http-client = { @@ -173,57 +167,36 @@ let postgresql-connection-string = { src = inputs.postgresql-connection-string; }; - }; - hackagePins = { - # This pin should not be necessary. However, without it, Nix tries to fetch - # the sources from the `amazonka` package and fails. - # Fix: https://github.com/NixOS/nixpkgs/pull/409098 - amazonka-s3-streaming = { - version = "2.0.0.0"; - sha256 = "sha256-SQyFjl1Zf4vnntjZHJpf46gMR3LXWCQAMsR56NdsvRA="; + cryptostore = { + src = inputs.cryptostore; + }; + + hsaml2 = { + src = inputs.hsaml2; }; + }; + hackagePins = { # Pin uri-bytestring: newer parser rejects unescaped Set-Cookie in SSO mobile redirect query, breaking Spar’s URI substitution; stick to 0.3.3.1 for now uri-bytestring = { version = "0.3.3.1"; sha256 = "sha256-jgSTBBDcxRQ0tjs0wTyvEpEAkGA7npJKjdXDT81VpT4="; }; + hedis = { + version = "0.16.1"; + sha256 = "sha256-Kx0oOKRcxeemmZ80bMT9ULYxCboLYp3pcabk0ND2bZU="; + }; + warp = { version = "3.4.12"; sha256 = "sha256-Y9xQ1wBbBtSZ4qw3yTGSYX27qi2uFRDJVtAdmQqRnFQ="; }; - # Version freshly released, thus not in nixpkgs, yet: https://github.com/dylex/hsaml2/issues/21 - hsaml2 = { - version = "0.2.0"; - sha256 = "sha256-kEalrs79uI8CMaVa7suYEzeer/YqFoJOqkV+LhiUwY4="; - }; - - postgresql-binary = { - version = "0.15.0.1"; - sha256 = "sha256-q5t2OgiDxyt8WU+zHVxpyVhFF9PtDu2BlQRfuPpBkgk="; - }; - - hasql = { - version = "1.10.3"; - sha256 = "sha256-aJg6+oSWGkXm9pYLVv15d7M7HcnHhZpkw5c7ezxh2Yc="; - }; - - hasql-th = { - version = "0.5"; - sha256 = "sha256-qD9RljGDwMpPZ2epCxzL3Sbbn2Ce1472Vf2AGFroIW8="; - }; - - hasql-transaction = { - version = "1.2.2"; - sha256 = "sha256-o53h6ly2Kukhw9dcyAOvywzwlZDdgb+b/jqbw72lLHg="; - }; - - hasql-pool = { - version = "1.4.2"; - sha256 = "sha256-iQB2TD9hsPnqoVh5mR3Y2K8Cv67rWqBR0WHxOWZeiD8="; + jose = { + version = "0.13"; + sha256 = "sha256-m8Q1jwCyDrlEPbv2cZ/FIv/ey3dPjDVkmppzvi3Zjw4="; }; }; # Name -> Source -> Maybe Subpath -> Drv diff --git a/nix/manual-overrides.nix b/nix/manual-overrides.nix index 5d69d5bc657..b176136ead1 100644 --- a/nix/manual-overrides.nix +++ b/nix/manual-overrides.nix @@ -16,17 +16,20 @@ hself: hsuper: { quickcheck-state-machine = hlib.markUnbroken (hlib.dontCheck hsuper.quickcheck-state-machine); + # Tests fail, don't know why + sandwich = hlib.dontCheck hsuper.sandwich; + # Tests require a running redis hedis = hlib.dontCheck hsuper.hedis; HaskellNet = hlib.dontCheck hsuper.HaskellNet; # Tests require a running postgresql - hasql = hlib.dontCheck hsuper.hasql; - hasql-pool = hlib.dontCheck hsuper.hasql-pool; - hasql-migration = hlib.markUnbroken (hlib.dontCheck hsuper.hasql-migration); - hasql-transaction = hlib.dontCheck hsuper.hasql-transaction; # users 1.2.1 from nixpkgs - postgresql-binary = hlib.dontCheck (hsuper.postgresql-binary); + hasql = hlib.dontCheck hsuper.hasql_1_10_3; + hasql-pool = hlib.dontCheck hsuper.hasql-pool_1_4_2; + hasql-migration = hlib.markUnbroken (hlib.doJailbreak (hlib.dontCheck hsuper.hasql-migration)); + hasql-transaction = hlib.dontCheck hsuper.hasql-transaction_1_2_2; + postgresql-binary = hlib.dontCheck (hsuper.postgresql-binary_0_15_0_1); # Test fixtures don't seem to be bundled for Hackage hsaml2 = hlib.dontCheck (hsuper.hsaml2); @@ -36,14 +39,13 @@ hself: hsuper: { # (these need to be fixed upstream eventually) # FUTUREWORK: fix the dependency bounds upstream # --------------------- - binary-parsers = hlib.markUnbroken (hlib.doJailbreak hsuper.binary-parsers); bytestring-arbitrary = hlib.markUnbroken (hlib.doJailbreak hsuper.bytestring-arbitrary); lens-datetime = hlib.markUnbroken (hlib.doJailbreak hsuper.lens-datetime); postie = hlib.doJailbreak hsuper.postie; - lrucaching = hlib.doJailbreak (hlib.markUnbroken hsuper.lrucaching); # added servant-openapi3 because the version bounds of some dependent packages # of our pin exclude the versions in our current nixpkgs servant-openapi3 = hlib.doJailbreak (hlib.dontCheck hsuper.servant-openapi3); + amazonka-s3-streaming = hlib.doJailbreak hsuper.amazonka-s3-streaming; # the libsodium haskell library is incompatible with the new version of the libsodium c library # that nixpkgs has - this downgrades libsodium from 1.0.19 to 1.0.18 @@ -60,17 +62,10 @@ hself: hsuper: { } ))); - # hs-opentelemetry pin removal bumps API -> 0.3.0.0 and SDK -> 0.1.0.1 from the pinned commit; instrumentation stays at 0.1.1.0/0.1.0.1. - hs-opentelemetry-instrumentation-wai = hlib.markUnbroken (hlib.doJailbreak hsuper.hs-opentelemetry-instrumentation-wai); - hs-opentelemetry-instrumentation-conduit = hlib.markUnbroken (hlib.doJailbreak hsuper.hs-opentelemetry-instrumentation-conduit); - hs-opentelemetry-instrumentation-http-client = hlib.doJailbreak hsuper.hs-opentelemetry-instrumentation-http-client; - hs-opentelemetry-utils-exceptions = hlib.markUnbroken (hlib.doJailbreak hsuper.hs-opentelemetry-utils-exceptions); - # ------------------------------------ # okay but marked broken (nixpkgs bug) # (we can unfortunately not do anything here but update nixpkgs) # ------------------------------------ - template = hlib.markUnbroken hsuper.template; # /proc doesn't exist on macOS, so skip tests there system-linux-proc = (if stdenv.isDarwin then hlib.dontCheck else (x: x)) (hlib.markUnbroken hsuper.system-linux-proc); @@ -91,13 +86,27 @@ hself: hsuper: { http-semantics = hsuper.http-semantics_0_4_0; network-run = hsuper.network-run_0_5_0; http2 = hsuper.http2_5_4_0; + crypton = hsuper.crypton_1_1_2; + crypton-x509 = hsuper.crypton-x509_1_9_0; + crypton-x509-validation = hsuper.crypton-x509-validation_1_9_0; + crypton-x509-store = hsuper.crypton-x509-store_1_9_0; + crypton-x509-system = hsuper.crypton-x509-system_1_9_0; + crypto-token = hsuper.crypto-token_0_2_0; + tls = hsuper.tls_2_4_1; + hpke = hsuper.hpke_0_1_0; + mlkem = hlib.dontCheck (hlib.markUnbroken hsuper.mlkem); + crypton-connection = hsuper.crypton-connection_0_4_6; + tls-session-manager = hsuper.tls-session-manager_0_1_0; + wreq = hlib.dontCheck hsuper.wreq_0_5_4_5; + hasql-th = hsuper.hasql-th_0_5; + resource-pool = hsuper.resource-pool_0_5_0_0; # ----------------- # flags and patches # (these are fine) # ----------------- cryptostore = hlib.addBuildDepends (hlib.dontCheck (hlib.appendConfigureFlags hsuper.cryptostore [ "-fuse_crypton" ])) - [ hself.crypton hself.crypton-x509 hself.crypton-x509-validation ]; + [ hself.crypton hself.crypton-x509 hself.crypton-x509-validation hself.crypton-asn1-encoding hself.crypton-asn1-types hself.crypton-pem hself.time-hourglass ]; # doJailbreak because upstreams requires a specific crypton-connection version we don't have hoogle = hlib.justStaticExecutables (hlib.dontCheck (hsuper.hoogle)); @@ -108,9 +117,6 @@ hself: hsuper: { types-common-journal = hlib.addBuildTool hsuper.types-common-journal protobuf; wire-api = hlib.addBuildTool hsuper.wire-api mls-test-cli; wire-message-proto-lens = hlib.addBuildTool hsuper.wire-message-proto-lens protobuf; - postgresql-libpq-pkgconfig = hlib.addBuildDepends - (hlib.markUnbroken hsuper.postgresql-libpq-pkgconfig) - [ pkg-config postgresql.dev openssl.dev ]; postgresql-libpq = hlib.overrideCabal (hlib.enableCabalFlag hsuper.postgresql-libpq "use-pkg-config") (drv: { diff --git a/nix/overlay-docs.nix b/nix/overlay-docs.nix index 210822d70dc..306347bf269 100644 --- a/nix/overlay-docs.nix +++ b/nix/overlay-docs.nix @@ -1,13 +1,9 @@ self: super: rec { - python310 = super.python310.override { + python315 = super.python315.override { packageOverrides = pself: psuper: { - rst2pdf = pself.callPackage ./pkgs/python-docs/rst2pdf.nix { }; - sphinx-multiversion = pself.callPackage ./pkgs/python-docs/sphinx-multiversion.nix { }; - sphinx_reredirects = pself.callPackage ./pkgs/python-docs/sphinx_reredirects.nix { }; sphinxcontrib-kroki = pself.callPackage ./pkgs/python-docs/sphinxcontrib-kroki.nix { }; - svg2rlg = pself.callPackage ./pkgs/python-docs/svg2rlg.nix { }; }; }; - python310Packages = python310.pkgs; + python315Packages = python315.pkgs; } diff --git a/nix/pkgs/python-docs/rst2pdf.nix b/nix/pkgs/python-docs/rst2pdf.nix deleted file mode 100644 index caab238eabc..00000000000 --- a/nix/pkgs/python-docs/rst2pdf.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ buildPythonApplication -, buildPythonPackage -, fetchPypi -, docutils -, importlib-metadata -, jinja2 -, packaging -, pygments -, pyyaml -, reportlab -, smartypants -, pillow -, -}: -buildPythonPackage rec { - pname = "rst2pdf"; - version = "0.99"; - src = fetchPypi { - inherit pname version; - sha256 = "sha256-j6I/qTvd0fUtBYzq6rZYLBRVRtgPL4qVl083A71sgVI="; - }; - - doCheck = false; - - propagatedBuildInputs = [ - docutils - importlib-metadata - jinja2 - packaging - pygments - pyyaml - reportlab - smartypants - pillow - ]; -} diff --git a/nix/pkgs/python-docs/sphinx-multiversion.nix b/nix/pkgs/python-docs/sphinx-multiversion.nix deleted file mode 100644 index 2b97e1ef912..00000000000 --- a/nix/pkgs/python-docs/sphinx-multiversion.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ buildPythonApplication -, buildPythonPackage -, fetchPypi -, sphinx -, -}: -buildPythonPackage rec { - pname = "sphinx-multiversion"; - version = "0.2.4"; - src = fetchPypi { - inherit pname version; - sha256 = "sha256:1jqbk7a1sm5yfvrvczlfm57sy4ya732fkrbcip5n7vayrfgcmlaw"; - }; - - doCheck = false; - - propagatedBuildInputs = [ - sphinx - ]; -} diff --git a/nix/pkgs/python-docs/sphinx_reredirects.nix b/nix/pkgs/python-docs/sphinx_reredirects.nix deleted file mode 100644 index a5c05d758cb..00000000000 --- a/nix/pkgs/python-docs/sphinx_reredirects.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ fetchPypi -, buildPythonPackage -, sphinx -}: -buildPythonPackage rec { - doCheck = false; - pname = "sphinx_reredirects"; - version = "0.1.2"; - src = fetchPypi { - inherit pname version; - sha256 = "sha256-oOchMwR1mwHtwi8DLxcVocYRdvyPFnFk56Urn+7JrGQ="; - }; - - propagatedBuildInputs = [ - sphinx - ]; - -} diff --git a/nix/pkgs/python-docs/svg2rlg.nix b/nix/pkgs/python-docs/svg2rlg.nix deleted file mode 100644 index d154f215952..00000000000 --- a/nix/pkgs/python-docs/svg2rlg.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ buildPythonPackage -, fetchPypi -, reportlab -}: -buildPythonPackage rec { - pname = "svg2rlg"; - version = "0.3"; - src = fetchPypi { - inherit pname version; - sha256 = "sha256-BdtEgLkOkS4Icn1MskOF/jPoQ23vB5uPFJtho1Bji+4="; - }; - - buildInputs = [ reportlab ]; - doCheck = false; -} diff --git a/nix/wire-server.nix b/nix/wire-server.nix index 656f6cac4e8..47ff465720e 100644 --- a/nix/wire-server.nix +++ b/nix/wire-server.nix @@ -526,7 +526,6 @@ let ++ pkgs.lib.optionals pkgs.stdenv.isLinux [ # linux-only, not strictly required tools pkgs.docker-compose - (pkgs.telepresence.override { pythonPackages = pkgs.python310Packages; }) ]; in { diff --git a/services/brig/brig.cabal b/services/brig/brig.cabal index 70e95dcd393..2f7ab0b0789 100644 --- a/services/brig/brig.cabal +++ b/services/brig/brig.cabal @@ -261,7 +261,6 @@ library , jose , jwt-tools , lens >=3.8 - , memory , metrics-core >=0.3 , metrics-wai >=0.3 , mime @@ -280,6 +279,7 @@ library , polysemy-wire-zoo , prometheus-client , proto-lens >=0.1 + , ram , random-shuffle >=0.0.3 , raw-strings-qq , resourcet >=1.1 @@ -392,6 +392,7 @@ executable brig-integration , cassandra-util , containers , cookie + , crypton-pem , data-default , data-timeout , email-validate @@ -421,7 +422,6 @@ executable brig-integration , network , network-uri , optparse-applicative - , pem , pipes , polysemy , polysemy-wire-zoo diff --git a/services/brig/default.nix b/services/brig/default.nix index e6a0d4347b9..4ccc141c029 100644 --- a/services/brig/default.nix +++ b/services/brig/default.nix @@ -28,6 +28,7 @@ , containers , cookie , crypton +, crypton-pem , currency-codes , data-default , data-timeout @@ -68,7 +69,6 @@ , lens , lens-aeson , lib -, memory , metrics-core , metrics-wai , mime @@ -81,7 +81,6 @@ , network-uri , openapi3 , optparse-applicative -, pem , pipes , polysemy , polysemy-conc @@ -93,6 +92,7 @@ , prometheus-client , proto-lens , QuickCheck +, ram , random , random-shuffle , raw-strings-qq @@ -208,7 +208,6 @@ mkDerivation { jose jwt-tools lens - memory metrics-core metrics-wai mime @@ -227,6 +226,7 @@ mkDerivation { polysemy-wire-zoo prometheus-client proto-lens + ram random-shuffle raw-strings-qq resourcet @@ -277,6 +277,7 @@ mkDerivation { cassandra-util containers cookie + crypton-pem data-default data-timeout email-validate @@ -306,7 +307,6 @@ mkDerivation { network network-uri optparse-applicative - pem pipes polysemy polysemy-wire-zoo @@ -385,5 +385,5 @@ mkDerivation { wire-subsystems ]; description = "User Service"; - license = lib.licenses.agpl3Only; + license = lib.meta.getLicenseFromSpdxId "AGPL-3.0-only"; } diff --git a/services/brig/federation-tests.sh b/services/brig/federation-tests.sh deleted file mode 100755 index 09a9597d868..00000000000 --- a/services/brig/federation-tests.sh +++ /dev/null @@ -1,47 +0,0 @@ -#!/usr/bin/env bash - -USAGE="$0 " -NAMESPACE=${1:?$USAGE} - -set -e - -command -v telepresence >/dev/null 2>&1 || { - echo >&2 "telepresence is not installed, aborting." - exit 1 -} - -# This script assumes: -# * two wire-server backends under NAMEPACE and NAMESPACE-fed2 have been deployed with helm. -# * you have a locally compiled brig-integration executable -# -# It then downloads the configmaps, performs a hacky override for two configuration flags, -# and then uses telepresence to run a locally-compiled brig-integration executable against -# the brigs and federators inside kubernetes in the two NAMESPACES. - -cd "$(dirname "${BASH_SOURCE[0]}")" - -kubectl -n "$NAMESPACE" get configmap brig-integration -o jsonpath='{.data.integration\.yaml}' >i.yaml -kubectl -n "$NAMESPACE" get configmap brig -o jsonpath='{.data.brig\.yaml}' >b.yaml - -# override some settings so the local brig-integration executable doesn't fail -sed -i "s=privateKeys: /etc/wire/brig/secrets/secretkey.txt=privateKeys: test/resources/zauth/privkeys.txt=g" b.yaml -sed -i "s=publicKeys: /etc/wire/brig/secrets/publickey.txt=publicKeys: test/resources/zauth/pubkeys.txt=g" b.yaml - -# We need to pass --also-proxy to cannon pod IPs, as for some reason (maybe due -# to calico) the pod IPs in some clusters are not within the podCIDR range -# defined on the nodes and cannons need to be accessed directly (without using -# the kubernetes services) -declare -a alsoProxyOptions -while read -r ip; do - alsoProxyOptions+=("--also-proxy=${ip}") -done < <(kubectl get pods -n "$NAMESPACE" -l app=cannon -o json | jq -r '.items[].status.podIPs[].ip') - -AWS_ACCESS_KEY_ID="$(kubectl get secret -n "$NAMESPACE" brig -o json | jq -r '.data | map_values(@base64d) | .awsKeyId')" -export AWS_ACCESS_KEY_ID -AWS_SECRET_ACCESS_KEY="$(kubectl get secret -n "$NAMESPACE" brig -o json | jq -r '.data | map_values(@base64d) | .awsSecretKey')" -export AWS_SECRET_ACCESS_KEY -AWS_REGION="$(kubectl get deployment -n "$NAMESPACE" brig -o json | jq -r '.spec.template.spec.containers | map(.env | map(select(.name == "AWS_REGION").value))[0][0]')" -export AWS_REGION - -# shellcheck disable=SC2086 -telepresence --namespace "$NAMESPACE" --also-proxy=cassandra-ephemeral "${alsoProxyOptions[@]}" --run bash -c "./dist/brig-integration -p federation-end2end-user -i i.yaml -s b.yaml" diff --git a/services/brig/src/Brig/API/OAuth.hs b/services/brig/src/Brig/API/OAuth.hs index 8738656b71b..b84df3d0a62 100644 --- a/services/brig/src/Brig/API/OAuth.hs +++ b/services/brig/src/Brig/API/OAuth.hs @@ -313,7 +313,7 @@ createAccessToken key uid cid scope = do doSignClaims :: IO (Either JWTError SignedJWT) doSignClaims = runJOSE $ do algo <- bestJWSAlg key - signJWT key (newJWSHeader ((), algo)) claims + signJWT key (newJWSHeaderProtected algo) claims signRefreshToken :: ClaimsSet -> (Handler r) SignedJWT signRefreshToken claims = do @@ -323,7 +323,7 @@ createAccessToken key uid cid scope = do doSignClaims :: IO (Either JWTError SignedJWT) doSignClaims = runJOSE $ do algo <- bestJWSAlg key - signClaims key (newJWSHeader ((), algo)) claims + signClaims key (newJWSHeaderProtected algo) claims revokeRefreshToken :: (Member Jwk r) => OAuthRevokeRefreshTokenRequest -> (Handler r) () revokeRefreshToken req = do diff --git a/services/brig/test/integration/API/OAuth.hs b/services/brig/test/integration/API/OAuth.hs index 894a6a8f4be..4f245f776d8 100644 --- a/services/brig/test/integration/API/OAuth.hs +++ b/services/brig/test/integration/API/OAuth.hs @@ -44,7 +44,7 @@ import Brig.Options qualified as Opt import Cassandra qualified as C import Control.Lens import Control.Monad.Catch (MonadCatch) -import Crypto.JOSE (JOSE, JWK, bestJWSAlg, newJWSHeader, runJOSE) +import Crypto.JOSE (JOSE, JWK, bestJWSAlg, newJWSHeaderProtected, runJOSE) import Crypto.JWT (Audience (Audience), ClaimsSet, JWTError, NumericDate (NumericDate), SignedJWT, claimAud, claimExp, claimIat, claimIss, claimSub, defaultJWTValidationSettings, emptyClaimsSet, signClaims, signJWT, stringOrUri, verifyClaims) import Data.Aeson qualified as A import Data.ByteString.Char8 qualified as BS @@ -823,7 +823,7 @@ signAccessToken key claims = do doSignClaims :: IO (Either JWTError SignedJWT) doSignClaims = runJOSE $ do algo <- bestJWSAlg key - signJWT key (newJWSHeader ((), algo)) claims + signJWT key (newJWSHeaderProtected algo) claims signRefreshToken :: JWK -> ClaimsSet -> IO SignedJWT signRefreshToken key claims = do @@ -833,7 +833,7 @@ signRefreshToken key claims = do doSignClaims :: IO (Either JWTError SignedJWT) doSignClaims = runJOSE $ do algo <- bestJWSAlg key - signClaims key (newJWSHeader ((), algo)) claims + signClaims key (newJWSHeaderProtected algo) claims badKey :: JWK badKey = do diff --git a/services/brig/test/integration/API/User/Client.hs b/services/brig/test/integration/API/User/Client.hs index 917c42cef19..61d06eaf1a1 100644 --- a/services/brig/test/integration/API/User/Client.hs +++ b/services/brig/test/integration/API/User/Client.hs @@ -1487,18 +1487,18 @@ testCreateAccessToken opts n brig = do _signProof claims = runJOSE $ do algo <- bestJWSAlg jwkKey let h = - newJWSHeader ((), algo) - & (jwk ?~ HeaderParam () jwkPubKey) - & (typ ?~ HeaderParam () "dpop+jwt") + newJWSHeaderProtected algo + & (jwk ?~ HeaderParam RequiredProtection jwkPubKey) + & (typ ?~ HeaderParam RequiredProtection "dpop+jwt") signJWT jwkKey h claims signProofEcdsaP256 :: DPoPClaimsSet -> IO (Either JWTError SignedJWT) signProofEcdsaP256 claims = runJOSE $ do algo <- bestJWSAlg jwkKeyBundleEcdsaP256 let h = - newJWSHeader ((), algo) - & (jwk ?~ HeaderParam () jwkPublicKeyEcdsaP256) - & (typ ?~ HeaderParam () "dpop+jwt") + newJWSHeaderProtected algo + & (jwk ?~ HeaderParam RequiredProtection jwkPublicKeyEcdsaP256) + & (typ ?~ HeaderParam RequiredProtection "dpop+jwt") signJWT jwkKeyBundleEcdsaP256 h claims jwkKey :: JWK diff --git a/services/federator/default.nix b/services/federator/default.nix index 5c6a9f429d2..fa8eac96bda 100644 --- a/services/federator/default.nix +++ b/services/federator/default.nix @@ -13,6 +13,7 @@ , containers , crypton , crypton-connection +, crypton-pem , crypton-x509 , crypton-x509-validation , data-default @@ -42,7 +43,6 @@ , mtl , network , optparse-applicative -, pem , polysemy , polysemy-wire-zoo , prometheus-client @@ -87,6 +87,7 @@ mkDerivation { bytestring bytestring-conversion containers + crypton-pem crypton-x509 crypton-x509-validation data-default @@ -110,7 +111,6 @@ mkDerivation { metrics-wai mtl network - pem polysemy polysemy-wire-zoo prometheus-client diff --git a/services/federator/federator.cabal b/services/federator/federator.cabal index 6194c6020b1..872f9911236 100644 --- a/services/federator/federator.cabal +++ b/services/federator/federator.cabal @@ -112,6 +112,7 @@ library , bytestring , bytestring-conversion , containers + , crypton-pem , crypton-x509 , crypton-x509-validation , data-default @@ -135,7 +136,6 @@ library , metrics-wai , mtl , network - , pem , polysemy , polysemy-wire-zoo , prometheus-client diff --git a/services/galley/default.nix b/services/galley/default.nix index 9e2a96b6721..8ab0f4c24c8 100644 --- a/services/galley/default.nix +++ b/services/galley/default.nix @@ -21,6 +21,7 @@ , conduit , containers , cookie +, crypton-pem , currency-codes , data-default , data-timeout @@ -47,14 +48,12 @@ , lens , lens-aeson , lib -, memory , metrics-core , metrics-wai , mtl , network , network-uri , optparse-applicative -, pem , polysemy , polysemy-conc , polysemy-plugin @@ -65,6 +64,7 @@ , protobuf , QuickCheck , quickcheck-instances +, ram , random , raw-strings-qq , retry @@ -198,6 +198,7 @@ mkDerivation { conduit containers cookie + crypton-pem currency-codes data-default data-timeout @@ -218,17 +219,16 @@ mkDerivation { kan-extensions lens lens-aeson - memory mtl network network-uri optparse-applicative - pem process proto-lens protobuf QuickCheck quickcheck-instances + ram random retry servant-client @@ -266,5 +266,5 @@ mkDerivation { yaml ]; description = "Conversations"; - license = lib.licenses.agpl3Only; + license = lib.meta.getLicenseFromSpdxId "AGPL-3.0-only"; } diff --git a/services/galley/galley.cabal b/services/galley/galley.cabal index 760d46ae5de..2ecfe746462 100644 --- a/services/galley/galley.cabal +++ b/services/galley/galley.cabal @@ -365,6 +365,7 @@ executable galley-integration , cereal , containers , cookie + , crypton-pem , currency-codes , data-default , data-timeout @@ -385,17 +386,16 @@ executable galley-integration , kan-extensions , lens , lens-aeson - , memory , mtl , network , network-uri , optparse-applicative - , pem , process , proto-lens , protobuf , QuickCheck , quickcheck-instances + , ram , random , retry , servant-client diff --git a/services/gundeck/default.nix b/services/gundeck/default.nix index 55ad533405f..2e4f8b69d5f 100644 --- a/services/gundeck/default.nix +++ b/services/gundeck/default.nix @@ -242,5 +242,5 @@ mkDerivation { wire-api ]; description = "Push Notification Hub"; - license = lib.licenses.agpl3Only; + license = lib.meta.getLicenseFromSpdxId "AGPL-3.0-only"; } diff --git a/services/gundeck/gundeck.cabal b/services/gundeck/gundeck.cabal index 470cd7b5ae7..06bf1b5024f 100644 --- a/services/gundeck/gundeck.cabal +++ b/services/gundeck/gundeck.cabal @@ -40,7 +40,6 @@ library Gundeck.Push.Websocket Gundeck.React Gundeck.Redis - Gundeck.Redis.HedisExtensions Gundeck.Run Gundeck.Schema.Run Gundeck.Schema.V1 diff --git a/services/gundeck/src/Gundeck/Env.hs b/services/gundeck/src/Gundeck/Env.hs index e3670c13a8e..39f6f98bda7 100644 --- a/services/gundeck/src/Gundeck/Env.hs +++ b/services/gundeck/src/Gundeck/Env.hs @@ -38,7 +38,6 @@ import Gundeck.Aws qualified as Aws import Gundeck.Options as Opt hiding (host, port) import Gundeck.Options qualified as O import Gundeck.Redis qualified as Redis -import Gundeck.Redis.HedisExtensions qualified as Redis import Gundeck.ThreadBudget import Imports import Network.AMQP (Channel) @@ -136,8 +135,7 @@ createRedisPool l ep username password identifier = do } let redisConnInfo = Redis.defaultConnectInfo - { Redis.connectHost = Text.unpack $ ep ^. O.host, - Redis.connectPort = Redis.PortNumber (fromIntegral $ ep ^. O.port), + { Redis.connectAddr = Redis.ConnectAddrHostPort (Text.unpack ep._host) (fromIntegral ep._port), Redis.connectUsername = username, Redis.connectAuth = password, Redis.connectTimeout = Just (secondsToNominalDiffTime 5), diff --git a/services/gundeck/src/Gundeck/Redis.hs b/services/gundeck/src/Gundeck/Redis.hs index 17e1f2e3171..e9bf1affafe 100644 --- a/services/gundeck/src/Gundeck/Redis.hs +++ b/services/gundeck/src/Gundeck/Redis.hs @@ -32,7 +32,7 @@ import Control.Concurrent.Async (Async, async) import Control.Monad.Catch qualified as Catch import Control.Retry import Database.Redis -import Gundeck.Redis.HedisExtensions +import Database.Redis.Connection (ClusterDownError) import Imports import System.Logger qualified as Log import System.Logger.Class (MonadLogger) diff --git a/services/gundeck/src/Gundeck/Redis/HedisExtensions.hs b/services/gundeck/src/Gundeck/Redis/HedisExtensions.hs deleted file mode 100644 index 7842fc98822..00000000000 --- a/services/gundeck/src/Gundeck/Redis/HedisExtensions.hs +++ /dev/null @@ -1,182 +0,0 @@ --- This file is part of the Wire Server implementation. --- --- Copyright (C) 2022 Wire Swiss GmbH --- --- This program is free software: you can redistribute it and/or modify it under --- the terms of the GNU Affero General Public License as published by the Free --- Software Foundation, either version 3 of the License, or (at your option) any --- later version. --- --- This program is distributed in the hope that it will be useful, but WITHOUT --- ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS --- FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more --- details. --- --- You should have received a copy of the GNU Affero General Public License along --- with this program. If not, see . -module Gundeck.Redis.HedisExtensions - ( ClusterInfoResponse (..), - ClusterInfoResponseState (..), - clusterInfo, - checkedConnectCluster, - ClusterDownError, - ) -where - -import Data.ByteString.Char8 qualified as Char8 -import Database.Redis -import Imports hiding (Down) -import UnliftIO - --- https://redis.io/commands/cluster-info/ -data ClusterInfoResponse = ClusterInfoResponse - { clusterInfoResponseState :: ClusterInfoResponseState, - clusterInfoResponseSlotsAssigned :: Integer, - clusterInfoResponseSlotsOK :: Integer, - clusterInfoResponseSlotsPfail :: Integer, - clusterInfoResponseSlotsFail :: Integer, - clusterInfoResponseKnownNodes :: Integer, - clusterInfoResponseSize :: Integer, - clusterInfoResponseCurrentEpoch :: Integer, - clusterInfoResponseMyEpoch :: Integer, - clusterInfoResponseStatsMessagesSent :: Integer, - clusterInfoResponseStatsMessagesReceived :: Integer, - clusterInfoResponseTotalLinksBufferLimitExceeded :: Integer, - clusterInfoResponseStatsMessagesPingSent :: Maybe Integer, - clusterInfoResponseStatsMessagesPingReceived :: Maybe Integer, - clusterInfoResponseStatsMessagesPongSent :: Maybe Integer, - clusterInfoResponseStatsMessagesPongReceived :: Maybe Integer, - clusterInfoResponseStatsMessagesMeetSent :: Maybe Integer, - clusterInfoResponseStatsMessagesMeetReceived :: Maybe Integer, - clusterInfoResponseStatsMessagesFailSent :: Maybe Integer, - clusterInfoResponseStatsMessagesFailReceived :: Maybe Integer, - clusterInfoResponseStatsMessagesPublishSent :: Maybe Integer, - clusterInfoResponseStatsMessagesPublishReceived :: Maybe Integer, - clusterInfoResponseStatsMessagesAuthReqSent :: Maybe Integer, - clusterInfoResponseStatsMessagesAuthReqReceived :: Maybe Integer, - clusterInfoResponseStatsMessagesAuthAckSent :: Maybe Integer, - clusterInfoResponseStatsMessagesAuthAckReceived :: Maybe Integer, - clusterInfoResponseStatsMessagesUpdateSent :: Maybe Integer, - clusterInfoResponseStatsMessagesUpdateReceived :: Maybe Integer, - clusterInfoResponseStatsMessagesMfstartSent :: Maybe Integer, - clusterInfoResponseStatsMessagesMfstartReceived :: Maybe Integer, - clusterInfoResponseStatsMessagesModuleSent :: Maybe Integer, - clusterInfoResponseStatsMessagesModuleReceived :: Maybe Integer, - clusterInfoResponseStatsMessagesPublishshardSent :: Maybe Integer, - clusterInfoResponseStatsMessagesPublishshardReceived :: Maybe Integer - } - deriving (Show, Eq) - -data ClusterInfoResponseState - = OK - | Down - deriving (Show, Eq) - -defClusterInfoResponse :: ClusterInfoResponse -defClusterInfoResponse = - ClusterInfoResponse - { clusterInfoResponseState = Down, - clusterInfoResponseSlotsAssigned = 0, - clusterInfoResponseSlotsOK = 0, - clusterInfoResponseSlotsPfail = 0, - clusterInfoResponseSlotsFail = 0, - clusterInfoResponseKnownNodes = 0, - clusterInfoResponseSize = 0, - clusterInfoResponseCurrentEpoch = 0, - clusterInfoResponseMyEpoch = 0, - clusterInfoResponseStatsMessagesSent = 0, - clusterInfoResponseStatsMessagesReceived = 0, - clusterInfoResponseTotalLinksBufferLimitExceeded = 0, - clusterInfoResponseStatsMessagesPingSent = Nothing, - clusterInfoResponseStatsMessagesPingReceived = Nothing, - clusterInfoResponseStatsMessagesPongSent = Nothing, - clusterInfoResponseStatsMessagesPongReceived = Nothing, - clusterInfoResponseStatsMessagesMeetSent = Nothing, - clusterInfoResponseStatsMessagesMeetReceived = Nothing, - clusterInfoResponseStatsMessagesFailSent = Nothing, - clusterInfoResponseStatsMessagesFailReceived = Nothing, - clusterInfoResponseStatsMessagesPublishSent = Nothing, - clusterInfoResponseStatsMessagesPublishReceived = Nothing, - clusterInfoResponseStatsMessagesAuthReqSent = Nothing, - clusterInfoResponseStatsMessagesAuthReqReceived = Nothing, - clusterInfoResponseStatsMessagesAuthAckSent = Nothing, - clusterInfoResponseStatsMessagesAuthAckReceived = Nothing, - clusterInfoResponseStatsMessagesUpdateSent = Nothing, - clusterInfoResponseStatsMessagesUpdateReceived = Nothing, - clusterInfoResponseStatsMessagesMfstartSent = Nothing, - clusterInfoResponseStatsMessagesMfstartReceived = Nothing, - clusterInfoResponseStatsMessagesModuleSent = Nothing, - clusterInfoResponseStatsMessagesModuleReceived = Nothing, - clusterInfoResponseStatsMessagesPublishshardSent = Nothing, - clusterInfoResponseStatsMessagesPublishshardReceived = Nothing - } - -parseClusterInfoResponse :: [[ByteString]] -> ClusterInfoResponse -> Maybe ClusterInfoResponse -parseClusterInfoResponse fields resp = case fields of - [] -> pure resp - (["cluster_state", state] : fs) -> parseState state >>= \s -> parseClusterInfoResponse fs $ resp {clusterInfoResponseState = s} - (["cluster_slots_assigned", value] : fs) -> parseInteger value >>= \v -> parseClusterInfoResponse fs $ resp {clusterInfoResponseSlotsAssigned = v} - (["cluster_slots_ok", value] : fs) -> parseInteger value >>= \v -> parseClusterInfoResponse fs $ resp {clusterInfoResponseSlotsOK = v} - (["cluster_slots_pfail", value] : fs) -> parseInteger value >>= \v -> parseClusterInfoResponse fs $ resp {clusterInfoResponseSlotsPfail = v} - (["cluster_slots_fail", value] : fs) -> parseInteger value >>= \v -> parseClusterInfoResponse fs $ resp {clusterInfoResponseSlotsFail = v} - (["cluster_known_nodes", value] : fs) -> parseInteger value >>= \v -> parseClusterInfoResponse fs $ resp {clusterInfoResponseKnownNodes = v} - (["cluster_size", value] : fs) -> parseInteger value >>= \v -> parseClusterInfoResponse fs $ resp {clusterInfoResponseSize = v} - (["cluster_current_epoch", value] : fs) -> parseInteger value >>= \v -> parseClusterInfoResponse fs $ resp {clusterInfoResponseCurrentEpoch = v} - (["cluster_my_epoch", value] : fs) -> parseInteger value >>= \v -> parseClusterInfoResponse fs $ resp {clusterInfoResponseMyEpoch = v} - (["cluster_stats_messages_sent", value] : fs) -> parseInteger value >>= \v -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesSent = v} - (["cluster_stats_messages_received", value] : fs) -> parseInteger value >>= \v -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesReceived = v} - (["total_cluster_links_buffer_limit_exceeded", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseTotalLinksBufferLimitExceeded = fromMaybe 0 $ parseInteger value} -- this value should be mandatory according to the spec, but isn't necessarily set in Redis 6 - (["cluster_stats_messages_ping_sent", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesPingSent = parseInteger value} - (["cluster_stats_messages_ping_received", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesPingReceived = parseInteger value} - (["cluster_stats_messages_pong_sent", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesPongSent = parseInteger value} - (["cluster_stats_messages_pong_received", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesPongReceived = parseInteger value} - (["cluster_stats_messages_meet_sent", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesMeetSent = parseInteger value} - (["cluster_stats_messages_meet_received", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesMeetReceived = parseInteger value} - (["cluster_stats_messages_fail_sent", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesFailSent = parseInteger value} - (["cluster_stats_messages_fail_received", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesFailReceived = parseInteger value} - (["cluster_stats_messages_publish_sent", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesPublishSent = parseInteger value} - (["cluster_stats_messages_publish_received", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesPublishReceived = parseInteger value} - (["cluster_stats_messages_auth_req_sent", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesAuthReqSent = parseInteger value} - (["cluster_stats_messages_auth_req_received", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesAuthReqReceived = parseInteger value} - (["cluster_stats_messages_auth_ack_sent", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesAuthAckSent = parseInteger value} - (["cluster_stats_messages_auth_ack_received", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesAuthAckReceived = parseInteger value} - (["cluster_stats_messages_update_sent", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesUpdateSent = parseInteger value} - (["cluster_stats_messages_update_received", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesUpdateReceived = parseInteger value} - (["cluster_stats_messages_mfstart_sent", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesMfstartSent = parseInteger value} - (["cluster_stats_messages_mfstart_received", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesMfstartReceived = parseInteger value} - (["cluster_stats_messages_module_sent", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesModuleSent = parseInteger value} - (["cluster_stats_messages_module_received", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesModuleReceived = parseInteger value} - (["cluster_stats_messages_publishshard_sent", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesPublishshardSent = parseInteger value} - (["cluster_stats_messages_publishshard_received", value] : fs) -> parseClusterInfoResponse fs $ resp {clusterInfoResponseStatsMessagesPublishshardReceived = parseInteger value} - (_ : fs) -> parseClusterInfoResponse fs resp - where - parseState bs = case bs of - "ok" -> Just OK - "fail" -> Just Down - _ -> Nothing - parseInteger = fmap fst . Char8.readInteger - -instance RedisResult ClusterInfoResponse where - decode r@(Bulk (Just bulkData)) = - maybe (Left r) Right - . flip parseClusterInfoResponse defClusterInfoResponse - . map (Char8.split ':' . Char8.takeWhile (/= '\r')) - $ Char8.lines bulkData - decode r = Left r - -clusterInfo :: (RedisCtx m f) => m (f ClusterInfoResponse) -clusterInfo = sendRequest ["CLUSTER", "INFO"] - -checkedConnectCluster :: ConnectInfo -> IO Connection -checkedConnectCluster connInfo = do - conn <- connectCluster connInfo - res <- runRedis conn clusterInfo - case res of - Right r -> case clusterInfoResponseState r of - OK -> pure conn - _ -> throwIO $ ClusterDownError r - Left e -> throwIO $ ConnectSelectError e - -newtype ClusterDownError = ClusterDownError ClusterInfoResponse deriving (Eq, Show, Typeable) - -instance Exception ClusterDownError diff --git a/tools/db/assets/default.nix b/tools/db/assets/default.nix index 225b7d192bf..4c9ee2e5d9a 100644 --- a/tools/db/assets/default.nix +++ b/tools/db/assets/default.nix @@ -39,6 +39,6 @@ mkDerivation { ]; executableHaskellDepends = [ base ]; description = "Scan the brig user table, search for malformatted asset keys and print them"; - license = lib.licenses.agpl3Only; + license = lib.meta.getLicenseFromSpdxId "AGPL-3.0-only"; mainProgram = "assets"; } diff --git a/tools/db/mls-users/default.nix b/tools/db/mls-users/default.nix index 1db91c77ba7..fa485dbada4 100644 --- a/tools/db/mls-users/default.nix +++ b/tools/db/mls-users/default.nix @@ -46,6 +46,6 @@ mkDerivation { ]; executableHaskellDepends = [ base ]; description = "Find users without MLS support"; - license = lib.licenses.agpl3Only; + license = lib.meta.getLicenseFromSpdxId "AGPL-3.0-only"; mainProgram = "mls-users"; } diff --git a/tools/db/phone-users/default.nix b/tools/db/phone-users/default.nix index aaae96945ea..8821720170d 100644 --- a/tools/db/phone-users/default.nix +++ b/tools/db/phone-users/default.nix @@ -42,6 +42,6 @@ mkDerivation { ]; executableHaskellDepends = [ base ]; description = "Check users that are only able to login via phone"; - license = lib.licenses.agpl3Only; + license = lib.meta.getLicenseFromSpdxId "AGPL-3.0-only"; mainProgram = "phone-users"; } diff --git a/tools/db/team-info/default.nix b/tools/db/team-info/default.nix index aa1bbce4aaf..d190467795f 100644 --- a/tools/db/team-info/default.nix +++ b/tools/db/team-info/default.nix @@ -34,6 +34,6 @@ mkDerivation { ]; executableHaskellDepends = [ base ]; description = "get team info from cassandra"; - license = lib.licenses.agpl3Only; + license = lib.meta.getLicenseFromSpdxId "AGPL-3.0-only"; mainProgram = "team-info"; } diff --git a/tools/rabbitmq-consumer/default.nix b/tools/rabbitmq-consumer/default.nix index f0729c1caf6..6553128045a 100644 --- a/tools/rabbitmq-consumer/default.nix +++ b/tools/rabbitmq-consumer/default.nix @@ -39,6 +39,6 @@ mkDerivation { ]; executableHaskellDepends = [ base ]; description = "CLI tool to consume messages from a RabbitMQ queue"; - license = lib.licenses.agpl3Only; + license = lib.meta.getLicenseFromSpdxId "AGPL-3.0-only"; mainProgram = "rabbitmq-consumer"; }