Notable version changes:
- Coreutils `9.0` to `9.1`
- OpenSSL `1.1.1n` to `1.1.1o`
- NodeJS `16.14.2` to `16.15.1`
- Clojure `1.11.1.1107` to `1.11.1.1113`
- Ruby `2.7.5p203` to `2.7.6p219`
- Cocoapods `1.11.0` to `1.11.3`
- Git `2.35.1` to `2.36.1`
- Curl `7.82.0` to `7.83.1`
- Android SDK Platform Tools `31.0.3` to `33.0.1`
Most important is the Coreutils upgrade to 9.1 which includes a fix for
iOS builds on new M1 ARM64 processors:
https://github.com/status-im/status-react/issues/12799
Also fixes broken Android SDK builds on Linux due to `auto-patchelf-hook` change:
https://github.com/NixOS/nixpkgs/pull/163924
I've fixed this in `nixpkgs` PR:
https://github.com/NixOS/nixpkgs/pull/173376
Signed-off-by: Jakub Sokołowski <jakub@status.im>
If we keep using specific `buildGo117Package` we can easily forge to
upgrade when we bump the Go compiler itself. By locking those explicitly
in `overlay.nix` we make sure they all get bumped together.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
This has several benefits:
* Less abuse of `extra-sandbox-paths` Nix option
* Less inputs to the Android release build derivation
* Easier for users to sign the build themselves
* Simplification of `scripts/release-android.sh`
* Preparation for building using Nix Flakes
The only two remaining credentials passed via `extra-sandbox-paths` is
the Infura and OpenSea API keys, and there is no way around that other
than passing them via Nix arguments, but that would cause them to end up
in `/nix/store` as part of `.drv` files.
I'm also renaming `release-fdroid` to `build-fdroid` to be consistent.
Depends on: https://github.com/status-im/status-jenkins-lib/pull/42
Signed-off-by: Jakub Sokołowski <jakub@status.im>
Otherwise on some devices with with good connecitons rate limiting might
cause failures to fetch POMs or JARs and in result failing the whole update.
Signed-off-by: Jakub Sokołowski <jakub@status.im>
This fixes two issues with the `nix-update-gradle` target:
* It now fails when a JAR is missing which used to be ignored.
* It ignores dependencies that have no JARs, like Eclipse plugins.
This makes the process more robust, since we can see something is
missing right away, and a developer may re-run the process to take
account of possible temporary networking failures or rate limiting.
It also slims down the size of the `deps.json` by removing dependencies
which contribute no actual JARs or AARs to the build process.
Signed-off-by: Jakub Sokołowski <jakub@status.im>