| blob | a474550820ba30eaa3cdc253d184521ac0de0dd9 |
1 { boost
2 , cmake
3 , fetchFromGitHub
4 , libglut
5 , freetype
6 , glew
7 , libjpeg
8 , libmypaint
9 , libpng
10 , libusb1
11 , lz4
12 , xz
13 , lzo
14 , openblas
15 , opencv
16 , pkg-config
17 , qtbase
18 , qtmultimedia
19 , qtscript
20 , qtserialport
21 , lib
22 , stdenv
23 , superlu
24 , wrapQtAppsHook
25 , libtiff
26 , zlib
27 }:
28 let
29 libtiff-ver = "4.0.3"; # The version in thirdparty/tiff-*
30 opentoonz-ver = "1.7.1";
32 src = fetchFromGitHub {
33 owner = "opentoonz";
34 repo = "opentoonz";
35 rev = "v${opentoonz-ver}";
36 hash = "sha256-5iXOvh4QTv+G0fjEHU62u7QCee+jbvKhK0+fQXbdJis=";
37 };
39 opentoonz-opencv = opencv.override {
40 inherit libtiff;
41 };
43 opentoonz-libtiff = stdenv.mkDerivation {
44 pname = "libtiff";
45 version = "${libtiff-ver}-opentoonz";
47 inherit src;
48 outputs = [ "bin" "dev" "out" "man" "doc" ];
50 nativeBuildInputs = [ pkg-config ];
51 propagatedBuildInputs = [ zlib libjpeg xz ];
53 postUnpack = ''
54 sourceRoot="$sourceRoot/thirdparty/tiff-${libtiff-ver}"
55 '';
57 # opentoonz uses internal libtiff headers
58 postInstall = ''
59 cp libtiff/{tif_config,tif_dir,tiffiop}.h $dev/include
60 '';
62 meta = libtiff.meta // {
63 knownVulnerabilities = [
64 ''
65 Do not open untrusted files with Opentoonz:
66 Opentoonz uses an old custom fork of tibtiff from 2012 that is known to
67 be affected by at least these 50 vulnerabilities:
68 CVE-2012-4564 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 CVE-2014-8127
69 CVE-2014-8128 CVE-2014-8129 CVE-2014-8130 CVE-2014-9330 CVE-2015-1547
70 CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 CVE-2015-8784 CVE-2015-8870
71 CVE-2016-3620 CVE-2016-3621 CVE-2016-3623 CVE-2016-3624 CVE-2016-3625
72 CVE-2016-3631 CVE-2016-3632 CVE-2016-3633 CVE-2016-3634 CVE-2016-3658
73 CVE-2016-3945 CVE-2016-3990 CVE-2016-3991 CVE-2016-5102 CVE-2016-5314
74 CVE-2016-5315 CVE-2016-5316 CVE-2016-5318 CVE-2016-5319 CVE-2016-5321
75 CVE-2016-5322 CVE-2016-5323 CVE-2016-6223 CVE-2016-9453 CVE-2016-9532
76 CVE-2017-9935 CVE-2017-9937 CVE-2018-10963 CVE-2018-5360
77 CVE-2019-14973 CVE-2019-17546 CVE-2020-35521 CVE-2020-35522
78 CVE-2020-35523 CVE-2020-35524
79 More info at https://github.com/opentoonz/opentoonz/issues/4193
80 ''
81 ];
82 maintainers = with lib.maintainers; [ chkno ];
83 };
84 };
85 in
86 stdenv.mkDerivation {
87 inherit src;
89 pname = "opentoonz";
90 version = opentoonz-ver;
92 nativeBuildInputs = [ cmake pkg-config wrapQtAppsHook ];
94 buildInputs = [
95 boost
96 libglut
97 freetype
98 glew
99 libjpeg
100 libmypaint
101 libpng
102 opentoonz-libtiff
103 libusb1
104 lz4
105 xz
106 lzo
107 openblas
108 opentoonz-opencv
109 qtbase
110 qtmultimedia
111 qtscript
112 qtserialport
113 superlu
114 ];
116 postUnpack = "sourceRoot=$sourceRoot/toonz";
118 cmakeDir = "../sources";
119 cmakeFlags = [
120 "-DCMAKE_SKIP_BUILD_RPATH=ON"
121 "-DTIFF_INCLUDE_DIR=${opentoonz-libtiff.dev}/include"
122 "-DTIFF_LIBRARY=${opentoonz-libtiff.out}/lib/libtiff.so"
123 (lib.cmakeBool "CMAKE_SKIP_BUILD_RPATH" true)
124 ];
126 postInstall = ''
127 sed -i '/cp -r .*stuff/a\ chmod -R u+w $HOME/.config/OpenToonz/stuff' $out/bin/opentoonz
128 '';
130 meta = {
131 description = "Full-featured 2D animation creation software";
132 homepage = "https://opentoonz.github.io/";
133 license = lib.licenses.bsd3;
134 maintainers = with lib.maintainers; [ chkno ];
135 };
136 }