nsjail 3.3 -> 3.4 https://repology.org/project/nsjail/versions
attrpath: nsjail
Checking auto update branch...
No auto update branch exists
[version] 
[version] updated version and sha256
[rustCrateVersion] 
[rustCrateVersion] No cargoSha256 or cargoHash found
[golangModuleVersion] 
[golangModuleVersion] Not a buildGoModule package with vendorSha256 or vendorHash
[npmDepsVersion] 
[npmDepsVersion] No npmDepsHash
[updateScript] 
[updateScript] skipping because derivation has no updateScript

[quotedUrls]
[quotedUrls] nothing found to replace
Diff after rewrites:
diff --git a/pkgs/tools/security/nsjail/default.nix b/pkgs/tools/security/nsjail/default.nix
index 5abb9012b7d3..9072fcb542df 100644
--- a/pkgs/tools/security/nsjail/default.nix
+++ b/pkgs/tools/security/nsjail/default.nix
@@ -4,14 +4,14 @@
 
 stdenv.mkDerivation rec {
   pname = "nsjail";
-  version = "3.3";
+  version = "3.4";
 
   src = fetchFromGitHub {
     owner           = "google";
     repo            = "nsjail";
     rev             = version;
     fetchSubmodules = true;
-    hash            = "sha256-L5x3rUDd1nXxDjoP/ZErQa02w2MJSkMBlgu00cy1D3M=";
+    hash            = "sha256-/K+qJV5Dq+my45Cpw6czdsWLtO9lnJwZTsOIRt4Iijk=";
   };
 
   nativeBuildInputs = [ autoconf bison flex installShellFiles libtool pkg-config which ];

Successfully finished processing
cachix "/nix/store/yfrl80ghdvgn7f4anlhb0q6rz5l1nphl-nsjail-3.4"
[check][nixpkgs-review]
Result of `nixpkgs-review` run on x86_64-linux [1](https://github.com/Mic92/nixpkgs-review)
<details>
  <summary>2 packages built:</summary>
  <ul>
    <li>nsjail</li>
    <li>windmill</li>
  </ul>
</details>

Waiting for OfBorg: https://events.ofborg.org/stats.php's evaluator.messages.waiting = 16
Waiting for OfBorg: https://events.ofborg.org/stats.php's evaluator.messages.waiting = 15
Waiting for OfBorg: https://events.ofborg.org/stats.php's evaluator.messages.waiting = 16
Waiting for OfBorg: https://events.ofborg.org/stats.php's evaluator.messages.waiting = 16
Waiting for OfBorg: https://events.ofborg.org/stats.php's evaluator.messages.waiting = 17
Waiting for OfBorg: https://events.ofborg.org/stats.php's evaluator.messages.waiting = 17
Waiting for OfBorg: https://events.ofborg.org/stats.php's evaluator.messages.waiting = 16
Waiting for OfBorg: https://events.ofborg.org/stats.php's evaluator.messages.waiting = 16
Waiting for OfBorg: https://events.ofborg.org/stats.php's evaluator.messages.waiting = 16
Waiting for OfBorg: https://events.ofborg.org/stats.php's evaluator.messages.waiting = 15
Waiting for OfBorg: https://events.ofborg.org/stats.php's evaluator.messages.waiting = 15
Waiting for OfBorg: https://events.ofborg.org/stats.php's evaluator.messages.waiting = 13
Waiting for OfBorg: https://events.ofborg.org/stats.php's evaluator.messages.waiting = 13
Waiting for OfBorg: https://events.ofborg.org/stats.php's evaluator.messages.waiting = 13
Waiting for OfBorg: https://events.ofborg.org/stats.php's evaluator.messages.waiting = 12
Automatic update generated by [nixpkgs-update](https://github.com/ryantm/nixpkgs-update) tools. This update was made based on information from https://repology.org/project/nsjail/versions.


meta.description for nsjail is: A light-weight process isolation tool, making use of Linux namespaces and seccomp-bpf syscall filters

meta.homepage for nsjail is: https://nsjail.dev/




###### Updates performed
- Version update

###### To inspect upstream changes





###### Impact

<details>
<summary>
<b>Checks done</b> (click to expand)
</summary>

---

- built on NixOS
- The tests defined in `passthru.tests`, if any, passed
- found 3.4 with grep in /nix/store/yfrl80ghdvgn7f4anlhb0q6rz5l1nphl-nsjail-3.4
- found 3.4 in filename of file in /nix/store/yfrl80ghdvgn7f4anlhb0q6rz5l1nphl-nsjail-3.4

---

</details>
<details>
<summary>
<b>Rebuild report</b> (if merged into master) (click to expand)
</summary>

```
2 total rebuild path(s)

2 package rebuild(s)

First fifty rebuilds by attrpath
nsjail
windmill
```

</details>

<details>
<summary>
<b>Instructions to test this update</b> (click to expand)
</summary>

---

Either **download from Cachix**:
```
nix-store -r /nix/store/yfrl80ghdvgn7f4anlhb0q6rz5l1nphl-nsjail-3.4 \
  --option binary-caches 'https://cache.nixos.org/ https://nix-community.cachix.org/' \
  --option trusted-public-keys '
  nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
  cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
  '
```
(The Cachix cache is only trusted for this store-path realization.)
For the Cachix download to work, your user must be in the `trusted-users` list or you can use `sudo` since root is effectively trusted.

Or, **build yourself**:
```
nix-build -A nsjail https://github.com/r-ryantm/nixpkgs/archive/552bd2373c16fec75d5963641dd0e6e6ea6e2fc5.tar.gz
```
Or:
```
nix build github:r-ryantm/nixpkgs/552bd2373c16fec75d5963641dd0e6e6ea6e2fc5#nsjail
```

After you've downloaded or built it, look at the files and if there are any, run the binaries:
```
ls -la /nix/store/yfrl80ghdvgn7f4anlhb0q6rz5l1nphl-nsjail-3.4
ls -la /nix/store/yfrl80ghdvgn7f4anlhb0q6rz5l1nphl-nsjail-3.4/bin
```

---

</details>
<br/>



### Pre-merge build results

We have automatically built all packages that will get rebuilt due to
this change.

This gives evidence on whether the upgrade will break dependent packages.
Note sometimes packages show up as _failed to build_ independent of the
change, simply because they are already broken on the target branch.

Result of `nixpkgs-review` run on x86_64-linux [1](https://github.com/Mic92/nixpkgs-review)
<details>
  <summary>2 packages built:</summary>
  <ul>
    <li>nsjail</li>
    <li>windmill</li>
  </ul>
</details>

---

###### Maintainer pings

cc @arcz @bosu @c0bw3b for [testing](https://github.com/ryantm/nixpkgs-update/blob/master/doc/nixpkgs-maintainer-faq.md#r-ryantm-opened-a-pr-for-my-package-what-do-i-do).
https://api.github.com/repos/NixOS/nixpkgs/pulls/260525