From c47bbb504647930374183242a9fd1b7bdec86669 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gutyina=20Gerg=C5=91?= <gutyina.gergo.2@gmail.com>
Date: Tue, 19 Nov 2024 23:43:36 +0100
Subject: [PATCH 1/5] cryptomator: nixfmt

---
 pkgs/tools/security/cryptomator/default.nix | 39 ++++++++++++++++-----
 1 file changed, 30 insertions(+), 9 deletions(-)

diff --git a/pkgs/tools/security/cryptomator/default.nix b/pkgs/tools/security/cryptomator/default.nix
index f76a2a853f9c0..ab469700c5798 100644
--- a/pkgs/tools/security/cryptomator/default.nix
+++ b/pkgs/tools/security/cryptomator/default.nix
@@ -1,8 +1,14 @@
-{ lib, fetchFromGitHub
-, autoPatchelfHook
-, fuse3
-, maven, jdk, makeShellWrapper, glib, wrapGAppsHook3
-, libayatana-appindicator
+{
+  lib,
+  fetchFromGitHub,
+  autoPatchelfHook,
+  fuse3,
+  maven,
+  jdk,
+  makeShellWrapper,
+  glib,
+  wrapGAppsHook3,
+  libayatana-appindicator,
 }:
 
 maven.buildMavenPackage rec {
@@ -55,8 +61,18 @@ maven.buildMavenPackage rec {
       --add-flags "-Dcryptomator.disableUpdateCheck=true" \
       --add-flags "-Dcryptomator.integrationsLinux.trayIconsDir='$out/share/icons/hicolor/symbolic/apps'" \
       --add-flags "--module org.cryptomator.desktop/org.cryptomator.launcher.Cryptomator" \
-      --prefix PATH : "$out/share/cryptomator/libs/:${lib.makeBinPath [ jdk glib ]}" \
-      --prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath [ fuse3 libayatana-appindicator ]}" \
+      --prefix PATH : "$out/share/cryptomator/libs/:${
+        lib.makeBinPath [
+          jdk
+          glib
+        ]
+      }" \
+      --prefix LD_LIBRARY_PATH : "${
+        lib.makeLibraryPath [
+          fuse3
+          libayatana-appindicator
+        ]
+      }" \
       --set JAVA_HOME "${jdk.home}"
 
     # install desktop entry and icons
@@ -83,7 +99,12 @@ maven.buildMavenPackage rec {
     wrapGAppsHook3
     jdk
   ];
-  buildInputs = [ fuse3 jdk glib libayatana-appindicator ];
+  buildInputs = [
+    fuse3
+    jdk
+    glib
+    libayatana-appindicator
+  ];
 
   meta = with lib; {
     description = "Free client-side encryption for your cloud files";
@@ -91,7 +112,7 @@ maven.buildMavenPackage rec {
     homepage = "https://cryptomator.org";
     sourceProvenance = with sourceTypes; [
       fromSource
-      binaryBytecode  # deps
+      binaryBytecode # deps
     ];
     license = licenses.gpl3Plus;
     maintainers = with maintainers; [ bachp ];

From 3388084c24d65ae3d40e8f0cb26e121c141d7147 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gutyina=20Gerg=C5=91?= <gutyina.gergo.2@gmail.com>
Date: Wed, 20 Nov 2024 00:07:22 +0100
Subject: [PATCH 2/5] cryptomator: migrate to by-name

---
 .../default.nix => by-name/cr/cryptomator/package.nix}       | 5 ++++-
 pkgs/top-level/all-packages.nix                              | 4 ----
 2 files changed, 4 insertions(+), 5 deletions(-)
 rename pkgs/{tools/security/cryptomator/default.nix => by-name/cr/cryptomator/package.nix} (98%)

diff --git a/pkgs/tools/security/cryptomator/default.nix b/pkgs/by-name/cr/cryptomator/package.nix
similarity index 98%
rename from pkgs/tools/security/cryptomator/default.nix
rename to pkgs/by-name/cr/cryptomator/package.nix
index ab469700c5798..bf357c0e171a1 100644
--- a/pkgs/tools/security/cryptomator/default.nix
+++ b/pkgs/by-name/cr/cryptomator/package.nix
@@ -4,13 +4,16 @@
   autoPatchelfHook,
   fuse3,
   maven,
-  jdk,
+  jdk23,
   makeShellWrapper,
   glib,
   wrapGAppsHook3,
   libayatana-appindicator,
 }:
 
+let
+  jdk = jdk23.override { enableJavaFX = true; };
+in
 maven.buildMavenPackage rec {
   pname = "cryptomator";
   version = "1.14.1";
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 74b4bde625804..607a3e31a482f 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -12484,10 +12484,6 @@ with pkgs;
     inherit (pkgs) meson;
   };
 
-  cryptomator = callPackage ../tools/security/cryptomator {
-    jdk = jdk23.override { enableJavaFX = true; };
-  };
-
   # Darwin package set
   #
   # Even though this is a set of packages not single package, use `callPackage`

From 9d0f47a8c28702999d7dc18cd61b11f66ba6340b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gutyina=20Gerg=C5=91?= <gutyina.gergo.2@gmail.com>
Date: Wed, 20 Nov 2024 00:11:13 +0100
Subject: [PATCH 3/5] cryptomator: remove `with lib;`, order attrs

---
 pkgs/by-name/cr/cryptomator/package.nix | 28 +++++++++++++------------
 1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/pkgs/by-name/cr/cryptomator/package.nix b/pkgs/by-name/cr/cryptomator/package.nix
index bf357c0e171a1..1df445bf0d6cf 100644
--- a/pkgs/by-name/cr/cryptomator/package.nix
+++ b/pkgs/by-name/cr/cryptomator/package.nix
@@ -1,14 +1,14 @@
 {
-  lib,
-  fetchFromGitHub,
   autoPatchelfHook,
+  fetchFromGitHub,
   fuse3,
-  maven,
+  glib,
   jdk23,
+  lib,
+  libayatana-appindicator,
   makeShellWrapper,
-  glib,
+  maven,
   wrapGAppsHook3,
-  libayatana-appindicator,
 }:
 
 let
@@ -98,28 +98,30 @@ maven.buildMavenPackage rec {
 
   nativeBuildInputs = [
     autoPatchelfHook
+    jdk
     makeShellWrapper
     wrapGAppsHook3
-    jdk
   ];
   buildInputs = [
     fuse3
-    jdk
     glib
+    jdk
     libayatana-appindicator
   ];
 
-  meta = with lib; {
+  meta = {
     description = "Free client-side encryption for your cloud files";
-    mainProgram = "cryptomator";
     homepage = "https://cryptomator.org";
-    sourceProvenance = with sourceTypes; [
+    license = lib.licenses.gpl3Plus;
+    mainProgram = "cryptomator";
+    maintainers = with lib.maintainers; [
+      bachp
+    ];
+    platforms = [ "x86_64-linux" ];
+    sourceProvenance = with lib.sourceTypes; [
       fromSource
       binaryBytecode # deps
     ];
-    license = licenses.gpl3Plus;
-    maintainers = with maintainers; [ bachp ];
-    platforms = [ "x86_64-linux" ];
     # Uses abandoned JEP 430 string template preview, removed in JDK 23
     broken = true;
   };

From 40a94ea935269171e75d7a5feaa80eff90851043 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gutyina=20Gerg=C5=91?= <gutyina.gergo.2@gmail.com>
Date: Wed, 20 Nov 2024 00:16:38 +0100
Subject: [PATCH 4/5] cryptomator: 1.14.1 -> 1.14.2, unbreak

---
 pkgs/by-name/cr/cryptomator/package.nix       |  13 +-
 .../string-template-removal-and-jdk23.patch   | 135 ++++++++++++++++++
 2 files changed, 143 insertions(+), 5 deletions(-)
 create mode 100644 pkgs/by-name/cr/cryptomator/string-template-removal-and-jdk23.patch

diff --git a/pkgs/by-name/cr/cryptomator/package.nix b/pkgs/by-name/cr/cryptomator/package.nix
index 1df445bf0d6cf..efe7c3ecf3259 100644
--- a/pkgs/by-name/cr/cryptomator/package.nix
+++ b/pkgs/by-name/cr/cryptomator/package.nix
@@ -16,18 +16,23 @@ let
 in
 maven.buildMavenPackage rec {
   pname = "cryptomator";
-  version = "1.14.1";
+  version = "1.14.2";
 
   src = fetchFromGitHub {
     owner = "cryptomator";
     repo = "cryptomator";
     rev = version;
-    hash = "sha256-so8RINjFLF9H4K9f/60Ym/v/VpcVfxJ/c+JDOAPFgZU=";
+    hash = "sha256-TSE83QYFry8O6MKAoggJBjqonYiGax5GG/a7sm7aHf8=";
   };
 
+  patches = [
+    # https://github.com/cryptomator/cryptomator/pull/3621
+    ./string-template-removal-and-jdk23.patch
+  ];
+
   mvnJdk = jdk;
   mvnParameters = "-Dmaven.test.skip=true -Plinux";
-  mvnHash = "sha256-aB7wgnJAYvCizC0/gG/amcId/WVVWmZndItm398nDfQ=";
+  mvnHash = "sha256-LFD150cGW6OdwkK28GYI9j44GtVE0pwFMaQ8dQqArLo=";
 
   preBuild = ''
     VERSION=${version}
@@ -122,7 +127,5 @@ maven.buildMavenPackage rec {
       fromSource
       binaryBytecode # deps
     ];
-    # Uses abandoned JEP 430 string template preview, removed in JDK 23
-    broken = true;
   };
 }
diff --git a/pkgs/by-name/cr/cryptomator/string-template-removal-and-jdk23.patch b/pkgs/by-name/cr/cryptomator/string-template-removal-and-jdk23.patch
new file mode 100644
index 0000000000000..10ec8aa4ff57b
--- /dev/null
+++ b/pkgs/by-name/cr/cryptomator/string-template-removal-and-jdk23.patch
@@ -0,0 +1,135 @@
+diff --git a/src/main/java/org/cryptomator/common/mount/Mounter.java b/src/main/java/org/cryptomator/common/mount/Mounter.java
+index 6ca067305b..89f8fb7822 100644
+--- a/src/main/java/org/cryptomator/common/mount/Mounter.java
++++ b/src/main/java/org/cryptomator/common/mount/Mounter.java
+@@ -160,7 +160,7 @@ public MountHandle mount(VaultSettings vaultSettings, Path cryptoFsRoot) throws
+ 		var mountService = mountProviders.stream().filter(s -> s.getClass().getName().equals(vaultSettings.mountService.getValue())).findFirst().orElse(defaultMountService.getValue());
+ 
+ 		if (isConflictingMountService(mountService)) {
+-			var msg = STR."\{mountService.getClass()} unavailable due to conflict with either of \{CONFLICTING_MOUNT_SERVICES.get(mountService.getClass().getName())}";
++			var msg = mountService.getClass() + " unavailable due to conflict with either of " + CONFLICTING_MOUNT_SERVICES.get(mountService.getClass().getName());
+ 			throw new ConflictingMountServiceException(msg);
+ 		}
+ 
+diff --git a/src/main/java/org/cryptomator/ui/keyloading/hub/HubConfig.java b/src/main/java/org/cryptomator/ui/keyloading/hub/HubConfig.java
+index eefad55a2f..0e7a6cc3ab 100644
+--- a/src/main/java/org/cryptomator/ui/keyloading/hub/HubConfig.java
++++ b/src/main/java/org/cryptomator/ui/keyloading/hub/HubConfig.java
+@@ -20,7 +20,7 @@ public class HubConfig {
+ 	public String devicesResourceUrl;
+ 
+ 	/**
+-	 * A collection of String template processors to construct URIs related to this Hub instance.
++	 * A collection of functions to construct URIs related to this Hub instance.
+ 	 */
+ 	@JsonIgnore
+ 	public final URIProcessors URIs = new URIProcessors();
+@@ -52,8 +52,7 @@ public class URIProcessors {
+ 		/**
+ 		 * Resolves paths relative to the <code>/api/</code> endpoint of this Hub instance.
+ 		 */
+-		public final StringTemplate.Processor<URI, RuntimeException> API = template -> {
+-			var path = template.interpolate();
++		public URI getApi(String path) {
+ 			var relPath = path.startsWith("/") ? path.substring(1) : path;
+ 			return getApiBaseUrl().resolve(relPath);
+ 		};
+diff --git a/src/main/java/org/cryptomator/ui/keyloading/hub/ReceiveKeyController.java b/src/main/java/org/cryptomator/ui/keyloading/hub/ReceiveKeyController.java
+index 3bfb4ec8ea..3353d78dd6 100644
+--- a/src/main/java/org/cryptomator/ui/keyloading/hub/ReceiveKeyController.java
++++ b/src/main/java/org/cryptomator/ui/keyloading/hub/ReceiveKeyController.java
+@@ -88,7 +88,7 @@ public void receiveKey() {
+ 	 * STEP 0 (Request): GET /api/config
+ 	 */
+ 	private void requestApiConfig() {
+-		var configUri = hubConfig.URIs.API."config";
++		var configUri = hubConfig.URIs.getApi("config");
+ 		var request = HttpRequest.newBuilder(configUri) //
+ 				.GET() //
+ 				.timeout(REQ_TIMEOUT) //
+@@ -122,7 +122,7 @@ private void receivedApiConfig(HttpResponse<String> response) {
+ 	 * STEP 1 (Request): GET user key for this device
+ 	 */
+ 	private void requestDeviceData() {
+-		var deviceUri = hubConfig.URIs.API."devices/\{deviceId}";
++		var deviceUri = hubConfig.URIs.getApi("devices/" + deviceId);
+ 		var request = HttpRequest.newBuilder(deviceUri) //
+ 				.header("Authorization", "Bearer " + bearerToken) //
+ 				.GET() //
+@@ -162,7 +162,7 @@ private void needsDeviceRegistration() {
+ 	 * STEP 2 (Request): GET vault key for this user
+ 	 */
+ 	private void requestVaultMasterkey(String encryptedUserKey) {
+-		var vaultKeyUri = hubConfig.URIs.API."vaults/\{vaultId}/access-token";
++		var vaultKeyUri = hubConfig.URIs.getApi("vaults/" + vaultId + "/access-token");
+ 		var request = HttpRequest.newBuilder(vaultKeyUri) //
+ 				.header("Authorization", "Bearer " + bearerToken) //
+ 				.GET() //
+@@ -205,7 +205,7 @@ private void receivedBothEncryptedKeys(String encryptedVaultKey, String encrypte
+ 	 */
+ 	@Deprecated
+ 	private void requestLegacyAccessToken() {
+-		var legacyAccessTokenUri = hubConfig.URIs.API."vaults/\{vaultId}/keys/\{deviceId}";
++		var legacyAccessTokenUri = hubConfig.URIs.getApi("vaults/" + vaultId + "/keys/" + deviceId);
+ 		var request = HttpRequest.newBuilder(legacyAccessTokenUri) //
+ 				.header("Authorization", "Bearer " + bearerToken) //
+ 				.GET() //
+diff --git a/src/main/java/org/cryptomator/ui/keyloading/hub/RegisterDeviceController.java b/src/main/java/org/cryptomator/ui/keyloading/hub/RegisterDeviceController.java
+index b00d49874e..d711ff86ef 100644
+--- a/src/main/java/org/cryptomator/ui/keyloading/hub/RegisterDeviceController.java
++++ b/src/main/java/org/cryptomator/ui/keyloading/hub/RegisterDeviceController.java
+@@ -115,7 +115,7 @@ public void register() {
+ 		workInProgress.set(true);
+ 
+ 
+-		var userReq = HttpRequest.newBuilder(hubConfig.URIs.API."users/me") //
++		var userReq = HttpRequest.newBuilder(hubConfig.URIs.getApi("users/me")) //
+ 				.GET() //
+ 				.timeout(REQ_TIMEOUT) //
+ 				.header("Authorization", "Bearer " + bearerToken) //
+@@ -143,7 +143,7 @@ public void register() {
+ 					var now = Instant.now().toString();
+ 					var dto = new CreateDeviceDto(deviceId, deviceNameField.getText(), BaseEncoding.base64().encode(deviceKeyPair.getPublic().getEncoded()), "DESKTOP", jwe.serialize(), now);
+ 					var json = toJson(dto);
+-					var deviceUri = hubConfig.URIs.API."devices/\{deviceId}";
++					var deviceUri = hubConfig.URIs.getApi("devices/" + deviceId);
+ 					var putDeviceReq = HttpRequest.newBuilder(deviceUri) //
+ 							.PUT(HttpRequest.BodyPublishers.ofString(json, StandardCharsets.UTF_8)) //
+ 							.timeout(REQ_TIMEOUT) //
+@@ -164,7 +164,7 @@ public void register() {
+ 	private void migrateLegacyDevices(ECPublicKey userPublicKey) {
+ 		try {
+ 			// GET legacy access tokens
+-			var getUri = hubConfig.URIs.API."devices/\{deviceId}/legacy-access-tokens";
++			var getUri = hubConfig.URIs.getApi("devices/" + deviceId + "/legacy-access-tokens");
+ 			var getReq = HttpRequest.newBuilder(getUri).GET().timeout(REQ_TIMEOUT).header("Authorization", "Bearer " + bearerToken).build();
+ 			var getRes = httpClient.send(getReq, HttpResponse.BodyHandlers.ofString(StandardCharsets.UTF_8));
+ 			if (getRes.statusCode() != 200) {
+@@ -185,12 +185,12 @@ private void migrateLegacyDevices(ECPublicKey userPublicKey) {
+ 					LOG.warn("Failed to decrypt legacy access token for vault {}. Skipping migration.", entry.getKey());
+ 				}
+ 			}).collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue));
+-			var postUri = hubConfig.URIs.API."users/me/access-tokens";
++			var postUri = hubConfig.URIs.getApi("users/me/access-tokens");
+ 			var postBody = JSON.writer().writeValueAsString(newAccessTokens);
+ 			var postReq = HttpRequest.newBuilder(postUri).POST(HttpRequest.BodyPublishers.ofString(postBody)).timeout(REQ_TIMEOUT).header("Authorization", "Bearer " + bearerToken).build();
+ 			var postRes = httpClient.send(postReq, HttpResponse.BodyHandlers.ofString(StandardCharsets.UTF_8));
+ 			if (postRes.statusCode() != 200) {
+-				throw new IOException(STR."Unexpected response from POST \{postUri}: \{postRes.statusCode()}");
++				throw new IOException("Unexpected response from POST " + postUri + ": " + postRes.statusCode());
+ 			}
+ 		} catch (IOException e) {
+ 			// log and ignore: this is merely a best-effort attempt of migrating legacy devices. Failure is uncritical as this is merely a convenience feature.
+diff --git a/pom.xml b/pom.xml
+index 3290b3121d..0812419af1 100644
+--- a/pom.xml
++++ b/pom.xml
+@@ -26,7 +26,7 @@
+ 
+ 	<properties>
+ 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+-		<project.jdk.version>22</project.jdk.version>
++		<project.jdk.version>23</project.jdk.version>
+ 
+ 		<!-- Group IDs of jars that need to stay on the class path for now -->
+ 		<!-- remove them, as soon they got modularized or support is dropped (i.e., WebDAV) -->

From cabf11fe5566e7c9b62e86a364772bf0723cac25 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Gutyina=20Gerg=C5=91?= <gutyina.gergo.2@gmail.com>
Date: Wed, 20 Nov 2024 01:04:59 +0100
Subject: [PATCH 5/5] cryptomator: add maintainer gepbird

---
 pkgs/by-name/cr/cryptomator/package.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/pkgs/by-name/cr/cryptomator/package.nix b/pkgs/by-name/cr/cryptomator/package.nix
index efe7c3ecf3259..1ebc237936f74 100644
--- a/pkgs/by-name/cr/cryptomator/package.nix
+++ b/pkgs/by-name/cr/cryptomator/package.nix
@@ -121,6 +121,7 @@ maven.buildMavenPackage rec {
     mainProgram = "cryptomator";
     maintainers = with lib.maintainers; [
       bachp
+      gepbird
     ];
     platforms = [ "x86_64-linux" ];
     sourceProvenance = with lib.sourceTypes; [