joinmarket: 0.9.9 -> 0.9.10

modules/joinmarket.nix

@@ -212,6 +212,7 @@ let
     segwit = true
     native = true
     merge_algorithm = default
+    gaplimit = 6
     tx_fees = 3
     tx_fees_factor = 0.2
     absurd_fee_per_kb = 350000
@@ -252,7 +253,6 @@ let
     txfee_contribution_factor = ${toString yg.txfee_contribution_factor}
     minsize = ${toString yg.minsize}
     size_factor = ${toString yg.size_factor}
-    gaplimit = 6
 
     [SNICKER]
     enabled = false

pkgs/joinmarket/default.nix

@@ -1,12 +1,12 @@
 { stdenv, lib, fetchFromGitHub, python3, nbPython3PackagesJoinmarket }:
 
 let
-  version = "0.9.9";
+  version = "0.9.10";
   src = fetchFromGitHub {
     owner = "joinmarket-org";
     repo = "joinmarket-clientserver";
     rev = "v${version}";
-    sha256 = "sha256-dkeSgAhjNl8o/ATKYAlQxxCrur5fLdXuMDXSnWaxYP8=";
+    sha256 = "sha256-uNweI7VKC16CFn8MNOAvadcSnTjK/Fznfy4qctM5PR8=";
   };
 
   runtimePackages = with nbPython3PackagesJoinmarket; [

pkgs/joinmarket/get-sha256.sh

@@ -11,6 +11,8 @@ git clone --depth 1 --branch "${newVersion}" -c advice.detachedHead=false https:
 export GNUPGHOME=$tmpdir
 echo "Fetching Adam Gibson's key"
 gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 2B6FC204D9BF332D062B461A141001A1AF77F20B 2> /dev/null
+echo "Fetch Kristaps Kaupe's key"
+gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 70A1D47DD44F59DF8B22244333E472FE870C7E5D 2> /dev/null
 echo
 echo "Verifying commit"
 git -C "$repo" verify-commit HEAD

pkgs/python-packages/default.nix

@@ -70,18 +70,9 @@ rec {
 
       ## Specific versions of packages that already exist in nixpkgs
 
-      # cryptography 3.3.2, required by joinmarketdaemon
-      cryptography = callPackage ./specific-versions/cryptography {
-        openssl = openssl_1_1;
-        cryptography_vectors = callPackage ./specific-versions/cryptography/vectors.nix {};
-      };
-
       # autobahn 20.12.3, required by joinmarketclient
       autobahn = callPackage ./specific-versions/autobahn.nix {};
 
-      # pyopenssl 21.0.0, required by joinmarketdaemon
-      pyopenssl = callPackage ./specific-versions/pyopenssl.nix {};
-
       # txtorcon 22.0.0, required by joinmarketdaemon
       txtorcon = callPackage ./specific-versions/txtorcon.nix {};
     };

pkgs/python-packages/jmbase/default.nix

@@ -1,4 +1,4 @@
-{ version, src, lib, buildPythonPackage, fetchurl, future, twisted, service-identity, chromalog, txtorcon }:
+{ version, src, lib, buildPythonPackage, fetchurl, future, twisted, service-identity, chromalog, txtorcon, pyaes }:
 
 buildPythonPackage rec {
   pname = "joinmarketbase";
@@ -11,7 +11,7 @@ buildPythonPackage rec {
     sed -i 's|service-identity==21.1.0|service-identity==23.1.0|' setup.py
   '';
 
-  propagatedBuildInputs = [ future twisted service-identity chromalog txtorcon ];
+  propagatedBuildInputs = [ future twisted service-identity chromalog txtorcon pyaes ];
 
   meta = with lib; {
     homepage = "https://github.com/Joinmarket-Org/joinmarket-clientserver";

pkgs/python-packages/jmbitcoin/default.nix

@@ -1,4 +1,4 @@
-{ version, src, lib, buildPythonPackage, fetchurl, pyaes, python-bitcointx, joinmarketbase }:
+{ version, src, lib, buildPythonPackage, fetchurl, python-bitcointx, joinmarketbase }:
 
 buildPythonPackage rec {
   pname = "joinmarketbitcoin";
@@ -6,7 +6,7 @@ buildPythonPackage rec {
 
   postUnpack = "sourceRoot=$sourceRoot/jmbitcoin";
 
-  propagatedBuildInputs = [ pyaes python-bitcointx ];
+  propagatedBuildInputs = [ python-bitcointx ];
 
   checkInputs = [ joinmarketbase ];
 

pkgs/python-packages/jmclient/default.nix

@@ -1,4 +1,4 @@
-{ version, src, lib, buildPythonPackage, fetchurl, future, configparser, joinmarketbase, joinmarketdaemon, mnemonic, argon2_cffi, bencoderpyx, pyaes, joinmarketbitcoin, klein, pyjwt, autobahn }:
+{ version, src, lib, buildPythonPackage, fetchurl, future, configparser, joinmarketbase, joinmarketdaemon, mnemonic, argon2_cffi, bencoderpyx, joinmarketbitcoin, klein, pyjwt, autobahn, werkzeug }:
 
 buildPythonPackage rec {
   pname = "joinmarketclient";
@@ -8,7 +8,7 @@ buildPythonPackage rec {
 
   checkInputs = [ joinmarketbitcoin joinmarketdaemon ];
 
-  propagatedBuildInputs = [ future configparser joinmarketbase mnemonic argon2_cffi bencoderpyx pyaes klein pyjwt autobahn ];
+  propagatedBuildInputs = [ future configparser joinmarketbase mnemonic argon2_cffi bencoderpyx klein pyjwt autobahn werkzeug ];
 
   patchPhase = ''
     substituteInPlace setup.py \

pkgs/python-packages/jmdaemon/default.nix

@@ -9,9 +9,12 @@ buildPythonPackage rec {
   propagatedBuildInputs = [ txtorcon cryptography pyopenssl libnacl joinmarketbase ];
 
   # libnacl 1.8.0 is not on github
+  # cryptography 41.0.3 already in ../specific-versions
   patchPhase = ''
     substituteInPlace setup.py \
       --replace "'libnacl==1.8.0'" "'libnacl==1.7.2'"
+    substituteInPlace setup.py \
+      --replace "'cryptography==41.0.2" "'cryptography==41.0.3"
   '';
 
   meta = with lib; {

pkgs/python-packages/specific-versions/cryptography/default.nix

@@ -1,84 +0,0 @@
-# Copied from nixpkgs rev c7d0dbe094c988209edac801eb2a0cc21aa498d8
-
-{ lib, stdenv
-, buildPythonPackage
-, fetchPypi
-, fetchpatch
-, isPy27
-, ipaddress
-, openssl
-, cryptography_vectors
-, darwin
-, packaging
-, six
-, pythonOlder
-, isPyPy
-, cffi
-, pytest
-, pretend
-, iso8601
-, pytz
-, hypothesis
-, enum34
-}:
-
-buildPythonPackage rec {
-  pname = "cryptography";
-  version = "3.3.2"; # Also update the hash in vectors.nix
-
-  src = fetchPypi {
-    inherit pname version;
-    sha256 = "1vcvw4lkw1spiq322pm1256kail8nck6bbgpdxx3pqa905wd6q2s";
-  };
-
-  outputs = [ "out" "dev" ];
-
-  nativeBuildInputs = lib.optionals (!isPyPy) [
-    cffi
-  ];
-
-  buildInputs = [ openssl ]
-             ++ lib.optional stdenv.isDarwin darwin.apple_sdk.frameworks.Security;
-  propagatedBuildInputs = [
-    packaging
-    six
-  ] ++ lib.optionals (!isPyPy) [
-    cffi
-  ] ++ lib.optionals isPy27 [
-    ipaddress enum34
-  ];
-
-  checkInputs = [
-    cryptography_vectors
-    # Work around `error: infinite recursion encountered`
-    (hypothesis.override { enableDocumentation = false; })
-    iso8601
-    pretend
-    pytest
-    pytz
-  ];
-
-  checkPhase = ''
-    ${pytest}/bin/py.test --disable-pytest-warnings tests
-  '';
-
-  # IOKit's dependencies are inconsistent between OSX versions, so this is the best we
-  # can do until nix 1.11's release
-  __impureHostDeps = [ "/usr/lib" ];
-
-  meta = with lib; {
-    description = "A package which provides cryptographic recipes and primitives";
-    longDescription = ''
-      Cryptography includes both high level recipes and low level interfaces to
-      common cryptographic algorithms such as symmetric ciphers, message
-      digests, and key derivation functions.
-      Our goal is for it to be your "cryptographic standard library". It
-      supports Python 2.7, Python 3.5+, and PyPy 5.4+.
-    '';
-    homepage = "https://github.com/pyca/cryptography";
-    changelog = "https://cryptography.io/en/latest/changelog/#v"
-      + replaceStrings [ "." ] [ "-" ] version;
-    license = with licenses; [ asl20 bsd3 psfl ];
-    maintainers = with maintainers; [ primeos ];
-  };
-}

pkgs/python-packages/specific-versions/cryptography/vectors.nix

@@ -1,25 +0,0 @@
-# Copied from nixpkgs rev c7d0dbe094c988209edac801eb2a0cc21aa498d8
-
-{ buildPythonPackage, fetchPypi, lib, cryptography }:
-
-buildPythonPackage rec {
-  pname = "cryptography_vectors";
-  # The test vectors must have the same version as the cryptography package:
-  version = cryptography.version;
-
-  src = fetchPypi {
-    inherit pname version;
-    sha256 = "1yhaps0f3h2yjb6lmz953z1l1d84y9swk4k3gj9nqyk4vbx5m7cc";
-  };
-
-  # No tests included
-  doCheck = false;
-
-  meta = with lib; {
-    description = "Test vectors for the cryptography package";
-    homepage = "https://cryptography.io/en/latest/development/test-vectors/";
-    # Source: https://github.com/pyca/cryptography/tree/master/vectors;
-    license = with licenses; [ asl20 bsd3 ];
-    maintainers = with maintainers; [ primeos ];
-  };
-}

pkgs/python-packages/specific-versions/pyopenssl.nix

@@ -1,82 +0,0 @@
-{ lib
-, stdenv
-, buildPythonPackage
-, fetchPypi
-, openssl
-, cryptography
-, pyasn1
-, idna
-, pytestCheckHook
-, pretend
-, flaky
-, glibcLocales
-, six
-}:
-
-buildPythonPackage rec {
-  pname = "pyopenssl";
-  version = "21.0.0";
-
-  src = fetchPypi {
-    pname = "pyOpenSSL";
-    inherit version;
-    sha256 = "5e2d8c5e46d0d865ae933bef5230090bdaf5506281e9eec60fa250ee80600cb3";
-  };
-
-  outputs = [ "out" "dev" ];
-
-  # Seems to fail unpredictably on Darwin. See https://hydra.nixos.org/build/49877419/nixlog/1
-  # for one example, but I've also seen ContextTests.test_set_verify_callback_exception fail.
-  doCheck = !stdenv.isDarwin;
-
-  nativeBuildInputs = [ openssl ];
-  propagatedBuildInputs = [ cryptography pyasn1 idna six ];
-
-  checkInputs = [ pytestCheckHook pretend flaky glibcLocales ];
-
-  preCheck = ''
-    export LANG="en_US.UTF-8"
-  '';
-
-  disabledTests = [
-    # https://github.com/pyca/pyopenssl/issues/692
-    # These tests, we disable always.
-    "test_set_default_verify_paths"
-    "test_fallback_default_verify_paths"
-    # https://github.com/pyca/pyopenssl/issues/768
-    "test_wantWriteError"
-    # https://github.com/pyca/pyopenssl/issues/1043
-    "test_alpn_call_failure"
-  ] ++ lib.optionals (lib.hasPrefix "libressl" openssl.meta.name) [
-    # https://github.com/pyca/pyopenssl/issues/791
-    # These tests, we disable in the case that libressl is passed in as openssl.
-    "test_op_no_compression"
-    "test_npn_advertise_error"
-    "test_npn_select_error"
-    "test_npn_client_fail"
-    "test_npn_success"
-    "test_use_certificate_chain_file_unicode"
-    "test_use_certificate_chain_file_bytes"
-    "test_add_extra_chain_cert"
-    "test_set_session_id_fail"
-    "test_verify_with_revoked"
-    "test_set_notAfter"
-    "test_set_notBefore"
-  ] ++ lib.optionals (lib.versionAtLeast (lib.getVersion openssl.name) "1.1") [
-    # these tests are extremely tightly wed to the exact output of the openssl cli tool, including exact punctuation.
-    "test_dump_certificate"
-    "test_dump_privatekey_text"
-    "test_dump_certificate_request"
-    "test_export_text"
-  ] ++ lib.optionals stdenv.is32bit [
-    # https://github.com/pyca/pyopenssl/issues/974
-    "test_verify_with_time"
-  ];
-
-  meta = with lib; {
-    description = "Python wrapper around the OpenSSL library";
-    homepage = "https://github.com/pyca/pyopenssl";
-    license = licenses.asl20;
-    maintainers = with maintainers; [ SuperSandro2000 ];
-  };
-}