add back patch level

Signed-off-by: Todd Gamblin <tgamblin@llnl.gov>

lib/spack/spack/caches.py

@@ -74,6 +74,6 @@ def store(self, fetcher, relative_dest):
 
 
 #: Spack's local cache for downloaded source archives
-FETCH_CACHE: Union[spack.fetch_strategy.FsCache, llnl.util.lang.Singleton] = (
+FETCH_CACHE: Union["spack.fetch_strategy.FsCache", llnl.util.lang.Singleton] = (
     llnl.util.lang.Singleton(_fetch_cache)
 )

lib/spack/spack/fetch_strategy.py

@@ -33,7 +33,7 @@
 import urllib.parse
 import urllib.request
 from pathlib import PurePath
-from typing import List, Optional
+from typing import Dict, List, Optional
 
 import llnl.url
 import llnl.util
@@ -49,6 +49,7 @@
 import spack.util.archive
 import spack.util.crypto as crypto
 import spack.util.git
+import spack.util.spack_yaml as syaml
 import spack.util.url as url_util
 import spack.util.web as web_util
 import spack.version
@@ -110,6 +111,28 @@ def __init__(self, **kwargs):
 
         self.package = None
 
+    def source_provenance(self) -> Dict:
+        """Create a metadata dictionary that describes the artifacts fetched by this FetchStrategy.
+
+        The returned dictionary is added to the content used to determine the full hash
+        for a package. It should be serializable as JSON.
+
+        It should include data like sha256 hashes for archives, commits for source
+        repositories, and any information needed to describe exactly what artifacts went
+        into a build.
+
+        If a package has no soruce artifacts, it should return an empty dictionary.
+
+        """
+        attrs = syaml.syaml_dict()
+        if self.url_attr:
+            attrs["type"] = "archive" if self.url_attr == "url" else self.url_attr
+        for attr in self.optional_attrs:
+            value = getattr(self, attr, None)
+            if value:
+                attrs[attr] = value
+        return attrs
+
     def set_package(self, package):
         self.package = package
 
@@ -152,17 +175,6 @@ def cachable(self):
             bool: True if can cache, False otherwise.
         """
 
-    def source_id(self):
-        """A unique ID for the source.
-
-        It is intended that a human could easily generate this themselves using
-        the information available to them in the Spack package.
-
-        The returned value is added to the content which determines the full
-        hash for a package using `str()`.
-        """
-        raise NotImplementedError
-
     def mirror_id(self):
         """This is a unique ID for a source that is intended to help identify
         reuse of resources across packages.
@@ -213,9 +225,9 @@ def cachable(self):
         """Report False as there is no code to cache."""
         return False
 
-    def source_id(self):
-        """BundlePackages don't have a source id."""
-        return ""
+    def source_provenance(self) -> Dict:
+        """BundlePackages don't have a source of their own."""
+        return {}
 
     def mirror_id(self):
         """BundlePackages don't have a mirror id."""
@@ -260,8 +272,15 @@ def curl(self) -> Executable:
             self._curl = web_util.require_curl()
         return self._curl
 
-    def source_id(self):
-        return self.digest
+    def source_provenance(self) -> Dict:
+        attrs = super().source_provenance()
+        if self.digest:
+            try:
+                hash_type = spack.util.crypto.hash_algo_for_digest(self.digest)
+            except ValueError:
+                hash_type = "digest"
+            attrs[hash_type] = self.digest
+        return attrs
 
     def mirror_id(self):
         if not self.digest:
@@ -772,9 +791,15 @@ def git(self):
     def cachable(self):
         return self.cache_enabled and bool(self.commit)
 
-    def source_id(self):
-        # TODO: tree-hash would secure download cache and mirrors, commit only secures checkouts.
-        return self.commit
+    def source_provenance(self) -> Dict:
+        attrs = super().source_provenance()
+
+        # need to fully resolve submodule callbacks for node dicts
+        submodules = attrs.get("submodules", None)
+        if submodules and callable(submodules):
+            attrs["submodules"] = submodules(self.package)
+
+        return attrs
 
     def mirror_id(self):
         if self.commit:
@@ -1084,17 +1109,6 @@ def cvs(self):
     def cachable(self):
         return self.cache_enabled and (bool(self.branch) or bool(self.date))
 
-    def source_id(self):
-        if not (self.branch or self.date):
-            # We need a branch or a date to make a checkout reproducible
-            return None
-        id = "id"
-        if self.branch:
-            id += "-branch=" + self.branch
-        if self.date:
-            id += "-date=" + self.date
-        return id
-
     def mirror_id(self):
         if not (self.branch or self.date):
             # We need a branch or a date to make a checkout reproducible
@@ -1197,9 +1211,6 @@ def svn(self):
     def cachable(self):
         return self.cache_enabled and bool(self.revision)
 
-    def source_id(self):
-        return self.revision
-
     def mirror_id(self):
         if self.revision:
             repo_path = urllib.parse.urlparse(self.url).path
@@ -1307,9 +1318,6 @@ def hg(self):
     def cachable(self):
         return self.cache_enabled and bool(self.revision)
 
-    def source_id(self):
-        return self.revision
-
     def mirror_id(self):
         if self.revision:
             repo_path = urllib.parse.urlparse(self.url).path

lib/spack/spack/hash_types.py

@@ -5,7 +5,6 @@
 """Definitions that control how Spack creates Spec hashes."""
 
 import spack.deptypes as dt
-import spack.repo
 
 hashes = []
 
@@ -13,20 +12,17 @@
 class SpecHashDescriptor:
     """This class defines how hashes are generated on Spec objects.
 
-    Spec hashes in Spack are generated from a serialized (e.g., with
-    YAML) representation of the Spec graph.  The representation may only
-    include certain dependency types, and it may optionally include a
-    canonicalized hash of the package.py for each node in the graph.
+    Spec hashes in Spack are generated from a serialized JSON representation of the DAG.
+    The representation may only include certain dependency types, and it may optionally
+    include a canonicalized hash of the ``package.py`` for each node in the graph.
 
-    We currently use different hashes for different use cases."""
+    """
 
-    def __init__(self, depflag: dt.DepFlag, package_hash, name, override=None):
+    def __init__(self, depflag: dt.DepFlag, package_hash, name):
         self.depflag = depflag
         self.package_hash = package_hash
         self.name = name
         hashes.append(self)
-        # Allow spec hashes to have an alternate computation method
-        self.override = override
 
     @property
     def attr(self):
@@ -54,18 +50,6 @@ def __repr__(self):
 )
 
 
-def _content_hash_override(spec):
-    pkg_cls = spack.repo.PATH.get_pkg_class(spec.name)
-    pkg = pkg_cls(spec)
-    return pkg.content_hash()
-
-
-#: Package hash used as part of dag hash
-package_hash = SpecHashDescriptor(
-    depflag=0, package_hash=True, name="package_hash", override=_content_hash_override
-)
-
-
 # Deprecated hash types, no longer used, but needed to understand old serialized
 # spec formats
 

lib/spack/spack/installer.py

@@ -36,6 +36,7 @@
 import shutil
 import sys
 import time
+import traceback
 from collections import defaultdict
 from gzip import GzipFile
 from typing import Dict, Iterator, List, Optional, Set, Tuple, Union
@@ -2214,7 +2215,7 @@ def install(self) -> None:
                 if task.is_build_request:
                     if single_requested_spec:
                         raise
-                    failed_build_requests.append((pkg, pkg_id, str(exc)))
+                    failed_build_requests.append((pkg, pkg_id, exc))
 
             finally:
                 # Remove the install prefix if anything went wrong during
@@ -2241,6 +2242,9 @@ def install(self) -> None:
         if failed_build_requests or missing:
             for _, pkg_id, err in failed_build_requests:
                 tty.error(f"{pkg_id}: {err}")
+                if spack.error.debug:
+                    # note: in python 3.10+ this can just be print_exception(err)
+                    traceback.print_exception(type(err), err, err.__traceback__)
 
             for _, pkg_id in missing:
                 tty.error(f"{pkg_id}: Package was not installed")

lib/spack/spack/package_base.py

@@ -9,12 +9,10 @@
 packages.
 """
 
-import base64
 import collections
 import copy
 import functools
 import glob
-import hashlib
 import importlib
 import io
 import os
@@ -49,14 +47,15 @@
 import spack.store
 import spack.url
 import spack.util.environment
+import spack.util.package_hash as ph
 import spack.util.path
+import spack.util.spack_yaml as syaml
 import spack.util.web
 from spack.error import InstallError, NoURLError, PackageError
 from spack.filesystem_view import YamlFilesystemView
 from spack.install_test import PackageTest, TestSuite
 from spack.solver.version_order import concretization_version_order
 from spack.stage import DevelopStage, ResourceStage, Stage, StageComposite, compute_stage_name
-from spack.util.package_hash import package_hash
 from spack.version import GitVersion, StandardVersion
 
 FLAG_HANDLER_RETURN_TYPE = Tuple[
@@ -1754,65 +1753,78 @@ def all_patches(cls):
 
         return patches
 
-    def content_hash(self, content=None):
-        """Create a hash based on the artifacts and patches used to build this package.
+    def artifact_hashes(self, content=None):
+        """Create a dictionary of hashes of artifacts used in the build of this package.
 
         This includes:
             * source artifacts (tarballs, repositories) used to build;
             * content hashes (``sha256``'s) of all patches applied by Spack; and
             * canonicalized contents the ``package.py`` recipe used to build.
 
-        This hash is only included in Spack's DAG hash for concrete specs, but if it
-        happens to be called on a package with an abstract spec, only applicable (i.e.,
-        determinable) portions of the hash will be included.
+        Example::
+
+            {
+              "package_hash": "qovi2hm2n2qsatng2r4n55yzjlhnwflx",
+              "sources": [
+                {
+                  "sha256": "fc5fd69bb8736323f026672b1b7235da613d7177e72558893a0bdcd320466d60",
+                  "type": "archive"
+                },
+                {
+                  "sha256": "56ab9b90f5acbc42eb7a94cf482e6c058a63e8a1effdf572b8b2a6323a06d923",
+                  "type": "archive"
+                }
+             }
+
+        All hashes are added to concrete specs at the end of concretization. If this
+        method is called on an abstract spec, only hashes that can be known from the
+        abstract spec will be included.
 
         """
-        # list of components to make up the hash
-        hash_content = []
+        hashes = syaml.syaml_dict()
 
         # source artifacts/repositories
-        # TODO: resources
         if self.spec.versions.concrete:
+            sources = []
             try:
-                source_id = fs.for_package_version(self).source_id()
+                fetcher = fs.for_package_version(self)
+                provenance_dict = fetcher.source_provenance()
+                if provenance_dict:
+                    sources.append(provenance_dict)
+
             except (fs.ExtrapolationError, fs.InvalidArgsError):
                 # ExtrapolationError happens if the package has no fetchers defined.
                 # InvalidArgsError happens when there are version directives with args,
                 #     but none of them identifies an actual fetcher.
-                source_id = None
 
-            if not source_id:
-                # TODO? in cases where a digest or source_id isn't available,
-                # should this attempt to download the source and set one? This
-                # probably only happens for source repositories which are
-                # referenced by branch name rather than tag or commit ID.
+                # if this is a develop spec, say so
                 from_local_sources = "dev_path" in self.spec.variants
+
+                # don't bother setting a hash if none is available, but warn if
+                # it seems like there should be one.
                 if self.has_code and not self.spec.external and not from_local_sources:
-                    message = "Missing a source id for {s.name}@{s.version}"
+                    message = "Missing a hash for {s.name}@{s.version}"
                     tty.debug(message.format(s=self))
-                hash_content.append("".encode("utf-8"))
-            else:
-                hash_content.append(source_id.encode("utf-8"))
+
+            for resource in self._get_needed_resources():
+                sources.append(resource.fetcher.source_provenance())
+
+            if sources:
+                hashes["sources"] = sources
 
         # patch sha256's
         # Only include these if they've been assigned by the concretizer.
         # We check spec._patches_assigned instead of spec.concrete because
         # we have to call package_hash *before* marking specs concrete
         if self.spec._patches_assigned():
-            hash_content.extend(
-                ":".join((p.sha256, str(p.level))).encode("utf-8") for p in self.spec.patches
-            )
+            hashes["patches"] = [
+                {"sha256": patch.sha256, "level": patch.level} for patch in self.spec.patches
+            ]
 
         # package.py contents
-        hash_content.append(package_hash(self.spec, source=content).encode("utf-8"))
+        hashes["package_hash"] = ph.package_hash(self.spec, source=content)
 
-        # put it all together and encode as base32
-        b32_hash = base64.b32encode(
-            hashlib.sha256(bytes().join(sorted(hash_content))).digest()
-        ).lower()
-        b32_hash = b32_hash.decode("utf-8")
-
-        return b32_hash
+        return hashes
 
     @property
     def cmake_prefix_paths(self):

lib/spack/spack/repo.py

@@ -805,7 +805,7 @@ def tag_index(self) -> spack.tag.TagIndex:
         return self._tag_index
 
     @property
-    def patch_index(self) -> spack.patch.PatchCache:
+    def patch_index(self) -> "spack.patch.PatchCache":
         """Merged PatchIndex from all Repos in the RepoPath."""
         if self._patch_index is None:
             self._patch_index = spack.patch.PatchCache(repository=self)
@@ -1158,7 +1158,7 @@ def tag_index(self) -> spack.tag.TagIndex:
         return self.index["tags"]
 
     @property
-    def patch_index(self) -> spack.patch.PatchCache:
+    def patch_index(self) -> "spack.patch.PatchCache":
         """Index of patches and packages they're defined on."""
         return self.index["patches"]
 

lib/spack/spack/spec.py

@@ -1478,6 +1478,12 @@ def __init__(
         for h in ht.hashes:
             setattr(self, h.attr, None)
 
+        # hash of package.py at the time of concretization
+        self._package_hash = None
+
+        # dictionary of source artifact hashes, set at concretization time
+        self._artifact_hashes = None
+
         # Python __hash__ is handled separately from the cached spec hashes
         self._dunder_hash = None
 
@@ -1968,10 +1974,6 @@ def spec_hash(self, hash):
         Arguments:
             hash (spack.hash_types.SpecHashDescriptor): type of hash to generate.
         """
-        # TODO: currently we strip build dependencies by default.  Rethink
-        # this when we move to using package hashing on all specs.
-        if hash.override is not None:
-            return hash.override(self)
         node_dict = self.to_node_dict(hash=hash)
         json_text = sjson.dump(node_dict)
         # This implements "frankenhashes", preserving the last 7 characters of the
@@ -1981,7 +1983,7 @@ def spec_hash(self, hash):
             return out[:-7] + self.build_spec.spec_hash(hash)[-7:]
         return out
 
-    def _cached_hash(self, hash, length=None, force=False):
+    def _cached_hash(self, hash, length=None):
         """Helper function for storing a cached hash on the spec.
 
         This will run spec_hash() with the deptype and package_hash
@@ -1991,7 +1993,6 @@ def _cached_hash(self, hash, length=None, force=False):
         Arguments:
             hash (spack.hash_types.SpecHashDescriptor): type of hash to generate.
             length (int): length of hash prefix to return (default is full hash string)
-            force (bool): cache the hash even if spec is not concrete (default False)
         """
         if not hash.attr:
             return self.spec_hash(hash)[:length]
@@ -2001,21 +2002,24 @@ def _cached_hash(self, hash, length=None, force=False):
             return hash_string[:length]
         else:
             hash_string = self.spec_hash(hash)
-            if force or self.concrete:
+            if self.concrete:
                 setattr(self, hash.attr, hash_string)
 
             return hash_string[:length]
 
     def package_hash(self):
         """Compute the hash of the contents of the package for this node"""
+        if not self.concrete:
+            raise ValueError("Spec is not concrete: " + str(self))
+
         # Concrete specs with the old DAG hash did not have the package hash, so we do
         # not know what the package looked like at concretization time
-        if self.concrete and not self._package_hash:
+        if not self._package_hash:
             raise ValueError(
                 "Cannot call package_hash() on concrete specs with the old dag_hash()"
             )
 
-        return self._cached_hash(ht.package_hash)
+        return self._package_hash
 
     def dag_hash(self, length=None):
         """This is Spack's default hash, used to identify installations.
@@ -2202,23 +2206,25 @@ def to_node_dict(self, hash=ht.dag_hash):
             if hasattr(variant, "_patches_in_order_of_appearance"):
                 d["patches"] = variant._patches_in_order_of_appearance
 
-        if (
-            self._concrete
-            and hash.package_hash
-            and hasattr(self, "_package_hash")
-            and self._package_hash
-        ):
-            # We use the attribute here instead of `self.package_hash()` because this
-            # should *always* be assignhed at concretization time. We don't want to try
-            # to compute a package hash for concrete spec where a) the package might not
-            # exist, or b) the `dag_hash` didn't include the package hash when the spec
-            # was concretized.
-            package_hash = self._package_hash
+        if self._concrete and hash.package_hash:
+            # We use the `_package_hash` attribute here instead of `self.package_hash()`
+            # because `_package_hash` is *always* assigned at concretization time. If
+            # the attribute is present, we should include it. If it isn't, we avoid
+            # computing it because a) the package may no longer exist, or b) this is an
+            # older spec and the `dag_hash` didn't include the package hash when the
+            # spec was concretized.
+            if hasattr(self, "_package_hash") and self._package_hash:
+                d["package_hash"] = self._package_hash
 
-            # Full hashes are in bytes
-            if not isinstance(package_hash, str) and isinstance(package_hash, bytes):
-                package_hash = package_hash.decode("utf-8")
-            d["package_hash"] = package_hash
+            if self._artifact_hashes:
+                for key, source_list in sorted(self._artifact_hashes.items()):
+                    # sources may be dictionaries (for archives/resources)
+                    def order(source):
+                        if isinstance(source, dict):
+                            return syaml.syaml_dict(sorted(source.items()))
+                        return source
+
+                    d[key] = [order(source) for source in source_list]
 
         # Note: Relies on sorting dict by keys later in algorithm.
         deps = self._dependencies_dict(depflag=hash.depflag)
@@ -2917,12 +2923,15 @@ def _finalize_concretization(self):
             # We only assign package hash to not-yet-concrete specs, for which we know
             # we can compute the hash.
             if not spec.concrete:
-                # we need force=True here because package hash assignment has to happen
-                # before we mark concrete, so that we know what was *already* concrete.
-                spec._cached_hash(ht.package_hash, force=True)
+                # package hash assignment has to happen before we mark concrete, so that
+                # we know what was *already* concrete.
+                # can't use self.package here b/c not concrete yet
+                pkg_cls = spack.repo.PATH.get_pkg_class(spec.name)
+                pkg = pkg_cls(spec)
+                artifact_hashes = pkg.artifact_hashes()
 
-                # keep this check here to ensure package hash is saved
-                assert getattr(spec, ht.package_hash.attr)
+                spec._package_hash = artifact_hashes.pop("package_hash")
+                spec._artifact_hashes = artifact_hashes
 
         # Mark everything in the spec as concrete
         self._mark_concrete()
@@ -3558,6 +3567,8 @@ def _dup(self, other, deps: Union[bool, dt.DepTypes, dt.DepFlag] = True, clearde
             self._normal = other._normal
             for h in ht.hashes:
                 setattr(self, h.attr, getattr(other, h.attr, None))
+            self._package_hash = getattr(other, "_package_hash", None)
+            self._artifact_hashes = getattr(other, "_artifact_hashes", None)
         else:
             self._dunder_hash = None
             # Note, we could use other._normal if we are copying all deps, but
@@ -3565,6 +3576,8 @@ def _dup(self, other, deps: Union[bool, dt.DepTypes, dt.DepFlag] = True, clearde
             self._normal = False
             for h in ht.hashes:
                 setattr(self, h.attr, None)
+            self._package_hash = None
+            self._artifact_hashes = None
 
         return changed
 
@@ -4225,7 +4238,11 @@ def _splice_detach_and_add_dependents(self, replacement, context):
         for ancestor in ancestors_in_context:
             # Only set it if it hasn't been spliced before
             ancestor._build_spec = ancestor._build_spec or ancestor.copy()
-            ancestor.clear_cached_hashes(ignore=(ht.package_hash.attr,))
+
+            # reset all hashes *except* package and artifact hashes (since we are not
+            # rebuilding the spec)
+            ancestor.clear_cached_hashes(content_hashes=False)
+
             for edge in ancestor.edges_to_dependencies(depflag=dt.BUILD):
                 if edge.depflag & ~dt.BUILD:
                     edge.depflag &= ~dt.BUILD
@@ -4419,14 +4436,18 @@ def mask_build_deps(in_spec):
 
         return spec
 
-    def clear_cached_hashes(self, ignore=()):
+    def clear_cached_hashes(self, content_hashes=True):
         """
         Clears all cached hashes in a Spec, while preserving other properties.
         """
         for h in ht.hashes:
-            if h.attr not in ignore:
-                if hasattr(self, h.attr):
-                    setattr(self, h.attr, None)
+            if hasattr(self, h.attr):
+                setattr(self, h.attr, None)
+
+        if content_hashes:
+            self._package_hash = None
+            self._artifact_hashes = None
+
         self._dunder_hash = None
 
     def __hash__(self):
@@ -4702,6 +4723,14 @@ def from_node_dict(cls, node):
         for h in ht.hashes:
             setattr(spec, h.attr, node.get(h.name, None))
 
+        # old and new-style package hash
+        if "package_hash" in node:
+            spec._package_hash = node["package_hash"]
+
+        # all source artifact hashes
+        if "sources" in node:
+            spec._artifact_hashes = syaml.syaml_dict([("sources", node["sources"])])
+
         spec.name = name
         spec.namespace = node.get("namespace", None)
 

lib/spack/spack/test/cmd/install.py

@@ -779,6 +779,7 @@ def test_install_no_add_in_env(tmpdir, mock_fetch, install_mockery, mutable_mock
     #         ^pkg-b
     #     pkg-a
     #         ^pkg-b
+
     e = ev.create("test", with_view=False)
     e.add("mpileaks")
     e.add("libelf@0.8.10")  # so env has both root and dep libelf specs
@@ -786,14 +787,14 @@ def test_install_no_add_in_env(tmpdir, mock_fetch, install_mockery, mutable_mock
     e.add("pkg-a ~bvv")
     e.concretize()
     e.write()
-    env_specs = e.all_specs()
+    initial_concrete_specs = e.all_specs()
 
     a_spec = None
     b_spec = None
     mpi_spec = None
 
     # First find and remember some target concrete specs in the environment
-    for e_spec in env_specs:
+    for e_spec in initial_concrete_specs:
         if e_spec.satisfies(Spec("pkg-a ~bvv")):
             a_spec = e_spec
         elif e_spec.name == "pkg-b":
@@ -815,8 +816,7 @@ def test_install_no_add_in_env(tmpdir, mock_fetch, install_mockery, mutable_mock
     with e:
         # Assert using --no-add with a spec not in the env fails
         inst_out = install("--no-add", "boost", fail_on_error=False, output=str)
-
-        assert "You can add specs to the environment with 'spack add " in inst_out
+        assert "You can add specs to the environment with 'spack add boost'" in inst_out
 
         # Without --add, ensure that two packages "a" get installed
         inst_out = install("pkg-a", output=str)
@@ -828,13 +828,18 @@ def test_install_no_add_in_env(tmpdir, mock_fetch, install_mockery, mutable_mock
         install("dyninst")
 
         find_output = find("-l", output=str)
+
         assert "dyninst" in find_output
         assert "libdwarf" in find_output
         assert "libelf" in find_output
         assert "callpath" not in find_output
 
-        post_install_specs = e.all_specs()
-        assert all([s in env_specs for s in post_install_specs])
+        post_install_concrete_specs = e.all_specs()
+
+        for s in post_install_concrete_specs:
+            assert (
+                s in initial_concrete_specs
+            ), f"installed spec {s.format('{name}{@version}{/hash:7}')} not in original env"
 
         # Make sure we can install a concrete dependency spec from a spec.json
         # file on disk, and the spec is installed but not added as a root

lib/spack/spack/test/install.py

@@ -410,7 +410,7 @@ def test_nosource_pkg_install(install_mockery, mock_fetch, mock_packages, capfd,
     assert "Installing dependency-install" in out[0]
 
     # Make sure a warning for missing code is issued
-    assert "Missing a source id for nosource" in out[1]
+    assert "Missing a hash for nosource" in out[1]
 
 
 @pytest.mark.disable_clean_stage_check
@@ -427,7 +427,7 @@ def test_nosource_bundle_pkg_install(
     assert "Installing dependency-install" in out[0]
 
     # Make sure a warning for missing code is *not* issued
-    assert "Missing a source id for nosource" not in out[1]
+    assert "Missing a hash for nosource" not in out[1]
 
 
 def test_nosource_pkg_install_post_install(install_mockery, mock_fetch, mock_packages):

lib/spack/spack/test/spec_semantics.py

@@ -15,6 +15,7 @@
 import spack.solver.asp
 import spack.spec
 import spack.store
+import spack.util.package_hash as ph
 import spack.variant
 import spack.version as vn
 from spack.error import SpecError, UnsatisfiableSpecError
@@ -1640,20 +1641,27 @@ def test_spec_installed(default_mock_concretization, database):
     assert not spec.installed
 
 
+def test_cannot_call_dag_hash_on_abstract_spec():
+    with pytest.raises(ValueError, match="Spec is not concrete"):
+        Spec("pkg-a").package_hash()
+
+
 @pytest.mark.regression("30678")
 def test_call_dag_hash_on_old_dag_hash_spec(mock_packages, default_mock_concretization):
     # create a concrete spec
     a = default_mock_concretization("pkg-a")
     dag_hashes = {spec.name: spec.dag_hash() for spec in a.traverse()}
 
+    for spec in a.traverse():
+        assert dag_hashes[spec.name] == spec.dag_hash()
+        assert spec.package_hash() == ph.package_hash(spec)
+
     # make it look like an old DAG hash spec with no package hash on the spec.
     for spec in a.traverse():
         assert spec.concrete
         spec._package_hash = None
 
     for spec in a.traverse():
-        assert dag_hashes[spec.name] == spec.dag_hash()
-
         with pytest.raises(ValueError, match="Cannot call package_hash()"):
             spec.package_hash()
 

lib/spack/spack/test/spec_yaml.py

@@ -96,6 +96,20 @@ def test_invalid_json_spec(invalid_json, error_message):
         # Virtuals on edges
         "callpath",
         "mpileaks",
+        # Vvarious types of git versions
+        # Ensure that we try to serialize all the things that might be in the node dict,
+        # e.g., submodule callbacks can fail serialization if they're not fully resolved.
+        "git-url-top-level@develop",
+        "git-url-top-level@submodules",
+        "git-url-top-level@submodules_callback",
+        "git-url-top-level@3.4",
+        "git-url-top-level@3.3",
+        "git-url-top-level@3.2",
+        "git-url-top-level@3.1",
+        "git-url-top-level@3.0",
+        # URL versions with checksums
+        "git-url-top-level@2.3",
+        "git-url-top-level@2.1",
     ],
 )
 def test_roundtrip_concrete_specs(abstract_spec, default_mock_concretization):

lib/spack/spack/test/util/package_hash.py

@@ -19,29 +19,27 @@
 datadir = os.path.join(spack.paths.test_path, "data", "unparse")
 
 
-def compare_sans_name(eq, spec1, spec2):
+def canonical_source_equal_sans_name(spec1, spec2):
     content1 = ph.canonical_source(spec1)
     content1 = content1.replace(spack.repo.PATH.get_pkg_class(spec1.name).__name__, "TestPackage")
     content2 = ph.canonical_source(spec2)
     content2 = content2.replace(spack.repo.PATH.get_pkg_class(spec2.name).__name__, "TestPackage")
-    if eq:
-        assert content1 == content2
-    else:
-        assert content1 != content2
+
+    return content1 == content2
 
 
-def compare_hash_sans_name(eq, spec1, spec2):
+def package_hash_equal_sans_name(spec1, spec2):
     content1 = ph.canonical_source(spec1)
     pkg_cls1 = spack.repo.PATH.get_pkg_class(spec1.name)
     content1 = content1.replace(pkg_cls1.__name__, "TestPackage")
-    hash1 = pkg_cls1(spec1).content_hash(content=content1)
+    hash1 = ph.package_hash(spec1, source=content1)
 
     content2 = ph.canonical_source(spec2)
     pkg_cls2 = spack.repo.PATH.get_pkg_class(spec2.name)
     content2 = content2.replace(pkg_cls2.__name__, "TestPackage")
-    hash2 = pkg_cls2(spec2).content_hash(content=content2)
+    hash2 = ph.package_hash(spec2, source=content2)
 
-    assert (hash1 == hash2) == eq
+    return hash1 == hash2
 
 
 def test_hash(mock_packages, config):
@@ -57,11 +55,11 @@ def test_different_variants(mock_packages, config):
 def test_all_same_but_name(mock_packages, config):
     spec1 = Spec("hash-test1@=1.2")
     spec2 = Spec("hash-test2@=1.2")
-    compare_sans_name(True, spec1, spec2)
+    assert canonical_source_equal_sans_name(spec1, spec2)
 
     spec1 = Spec("hash-test1@=1.2 +varianty")
     spec2 = Spec("hash-test2@=1.2 +varianty")
-    compare_sans_name(True, spec1, spec2)
+    assert canonical_source_equal_sans_name(spec1, spec2)
 
 
 def test_all_same_but_archive_hash(mock_packages, config):
@@ -70,60 +68,63 @@ def test_all_same_but_archive_hash(mock_packages, config):
     """
     spec1 = Spec("hash-test1@=1.3")
     spec2 = Spec("hash-test2@=1.3")
-    compare_sans_name(True, spec1, spec2)
+    assert canonical_source_equal_sans_name(spec1, spec2)
 
 
 def test_all_same_but_patch_contents(mock_packages, config):
     spec1 = Spec("hash-test1@=1.1")
     spec2 = Spec("hash-test2@=1.1")
-    compare_sans_name(True, spec1, spec2)
+    assert canonical_source_equal_sans_name(spec1, spec2)
 
 
 def test_all_same_but_patches_to_apply(mock_packages, config):
     spec1 = Spec("hash-test1@=1.4")
     spec2 = Spec("hash-test2@=1.4")
-    compare_sans_name(True, spec1, spec2)
+    assert canonical_source_equal_sans_name(spec1, spec2)
 
 
 def test_all_same_but_install(mock_packages, config):
     spec1 = Spec("hash-test1@=1.5")
     spec2 = Spec("hash-test2@=1.5")
-    compare_sans_name(False, spec1, spec2)
+    assert not canonical_source_equal_sans_name(spec1, spec2)
 
 
-def test_content_hash_all_same_but_patch_contents(mock_packages, config):
+def test_package_hash_all_same_but_patch_contents_different(mock_packages, config):
     spec1 = Spec("hash-test1@1.1").concretized()
     spec2 = Spec("hash-test2@1.1").concretized()
-    compare_hash_sans_name(False, spec1, spec2)
+
+    assert package_hash_equal_sans_name(spec1, spec2)
+    assert spec1.dag_hash() != spec2.dag_hash()
+    assert spec1.to_node_dict()["patches"] != spec2.to_node_dict()["patches"]
 
 
-def test_content_hash_not_concretized(mock_packages, config):
-    """Check that Package.content_hash() works on abstract specs."""
-    # these are different due to the package hash
+def test_package_hash_not_concretized(mock_packages, config):
+    """Check that ``package_hash()`` works on abstract specs."""
+    # these are different due to patches but not package hash
     spec1 = Spec("hash-test1@=1.1")
     spec2 = Spec("hash-test2@=1.3")
-    compare_hash_sans_name(False, spec1, spec2)
+    assert package_hash_equal_sans_name(spec1, spec2)
 
     # at v1.1 these are actually the same package when @when's are removed
     # and the name isn't considered
     spec1 = Spec("hash-test1@=1.1")
     spec2 = Spec("hash-test2@=1.1")
-    compare_hash_sans_name(True, spec1, spec2)
+    assert package_hash_equal_sans_name(spec1, spec2)
 
-    # these end up being different b/c we can't eliminate much of the package.py
-    # without a version.
+    # these end up being different b/c without a version, we can't eliminate much of the
+    # package.py when canonicalizing source.
     spec1 = Spec("hash-test1")
     spec2 = Spec("hash-test2")
-    compare_hash_sans_name(False, spec1, spec2)
+    assert not package_hash_equal_sans_name(spec1, spec2)
 
 
-def test_content_hash_different_variants(mock_packages, config):
+def test_package_hash_different_variants(mock_packages, config):
     spec1 = Spec("hash-test1@1.2 +variantx").concretized()
     spec2 = Spec("hash-test2@1.2 ~variantx").concretized()
-    compare_hash_sans_name(True, spec1, spec2)
+    assert package_hash_equal_sans_name(spec1, spec2)
 
 
-def test_content_hash_cannot_get_details_from_ast(mock_packages, config):
+def test_package_hash_cannot_get_details_from_ast(mock_packages, config):
     """Packages hash-test1 and hash-test3 would be considered the same
     except that hash-test3 conditionally executes a phase based on
     a "when" directive that Spack cannot evaluate by examining the
@@ -135,18 +136,36 @@ def test_content_hash_cannot_get_details_from_ast(mock_packages, config):
     """
     spec3 = Spec("hash-test1@1.7").concretized()
     spec4 = Spec("hash-test3@1.7").concretized()
-    compare_hash_sans_name(False, spec3, spec4)
+    assert not package_hash_equal_sans_name(spec3, spec4)
 
 
-def test_content_hash_all_same_but_archive_hash(mock_packages, config):
+def test_package_hash_all_same_but_archive_hash(mock_packages, config):
     spec1 = Spec("hash-test1@1.3").concretized()
     spec2 = Spec("hash-test2@1.3").concretized()
-    compare_hash_sans_name(False, spec1, spec2)
+
+    assert package_hash_equal_sans_name(spec1, spec2)
+
+    # the sources for these two packages will not be the same b/c their archive hashes differ
+    assert spec1.to_node_dict()["sources"] != spec2.to_node_dict()["sources"]
 
 
-def test_content_hash_parse_dynamic_function_call(mock_packages, config):
+def test_package_hash_all_same_but_resources(mock_packages, config):
+    spec1 = Spec("hash-test1@1.7").concretized()
+    spec2 = Spec("hash-test1@1.8").concretized()
+
+    # these should be the same
+    assert canonical_source_equal_sans_name(spec1, spec2)
+    assert package_hash_equal_sans_name(spec1, spec2)
+
+    # but 1.7 has a resource that affects the hash
+    assert spec1.to_node_dict()["sources"] != spec2.to_node_dict()["sources"]
+
+    assert spec1.dag_hash() != spec2.dag_hash()
+
+
+def test_package_hash_parse_dynamic_function_call(mock_packages, config):
     spec = Spec("hash-test4").concretized()
-    spec.package.content_hash()
+    ph.package_hash(spec)
 
 
 many_strings = '''\

share/spack/gitlab/cloud_pipelines/.gitlab-ci.yml

@@ -735,52 +735,6 @@ ml-linux-x86_64-rocm-build:
     - artifacts: True
       job: ml-linux-x86_64-rocm-generate
 
-########################################
-# Machine Learning - Linux aarch64 (CPU)
-########################################
-.ml-linux-aarch64-cpu:
-  extends: [ ".linux_aarch64" ]
-  variables:
-    SPACK_CI_STACK_NAME: ml-linux-aarch64-cpu
-
-ml-linux-aarch64-cpu-generate:
-  extends: [ ".generate-aarch64", .ml-linux-aarch64-cpu ]
-  image: ghcr.io/spack/ubuntu-24.04:v2024-09-05-v2
-
-ml-linux-aarch64-cpu-build:
-  extends: [ ".build", ".ml-linux-aarch64-cpu" ]
-  trigger:
-    include:
-      - artifact: jobs_scratch_dir/cloud-ci-pipeline.yml
-        job: ml-linux-aarch64-cpu-generate
-    strategy: depend
-  needs:
-    - artifacts: True
-      job: ml-linux-aarch64-cpu-generate
-
-#########################################
-# Machine Learning - Linux aarch64 (CUDA)
-#########################################
-.ml-linux-aarch64-cuda:
-  extends: [ ".linux_aarch64" ]
-  variables:
-    SPACK_CI_STACK_NAME: ml-linux-aarch64-cuda
-
-ml-linux-aarch64-cuda-generate:
-  extends: [ ".generate-aarch64", .ml-linux-aarch64-cuda ]
-  image: ghcr.io/spack/ubuntu-24.04:v2024-09-05-v2
-
-ml-linux-aarch64-cuda-build:
-  extends: [ ".build", ".ml-linux-aarch64-cuda" ]
-  trigger:
-    include:
-      - artifact: jobs_scratch_dir/cloud-ci-pipeline.yml
-        job: ml-linux-aarch64-cuda-generate
-    strategy: depend
-  needs:
-    - artifacts: True
-      job: ml-linux-aarch64-cuda-generate
-
 #########################################
 # Machine Learning - Darwin aarch64 (MPS)
 #########################################

share/spack/gitlab/cloud_pipelines/stacks/ml-linux-aarch64-cpu/spack.yaml

@@ -1,85 +0,0 @@
-spack:
-  view: false
-  packages:
-    all:
-      require:
-      - target=aarch64
-      - ~cuda
-      - ~rocm
-    mpi:
-      require: openmpi
-
-  specs:
-    # Horovod
-    - py-horovod
-
-    # Hugging Face
-    - py-transformers
-
-    # JAX
-    - py-jax
-    - py-jaxlib
-
-    # Keras
-    - py-keras backend=tensorflow
-    - py-keras backend=jax
-    - py-keras backend=torch
-    - py-keras-applications
-    - py-keras-preprocessing
-    - py-keras2onnx
-
-    # PyTorch
-    - py-botorch
-    - py-efficientnet-pytorch
-    - py-gpytorch
-    - py-kornia
-    - py-lightning
-    - py-pytorch-gradual-warmup-lr
-    - py-pytorch-lightning
-    - py-segmentation-models-pytorch
-    - py-timm
-    - py-torch
-    - py-torch-cluster
-    - py-torch-geometric
-    - py-torch-nvidia-apex
-    - py-torch-scatter
-    - py-torch-sparse
-    - py-torch-spline-conv
-    - py-torchaudio
-    - py-torchdata
-    - py-torchfile
-    - py-torchgeo
-    - py-torchmetrics
-    - py-torchtext
-    - py-torchvision
-    - py-vector-quantize-pytorch
-
-    # scikit-learn
-    - py-scikit-learn
-    - py-scikit-learn-extra
-
-    # TensorBoard
-    - py-tensorboard
-    - py-tensorboard-data-server
-    - py-tensorboard-plugin-wit
-    - py-tensorboardx
-
-    # TensorFlow
-    - py-tensorflow
-    - py-tensorflow-datasets
-    - py-tensorflow-hub
-    - py-tensorflow-metadata
-    - py-tensorflow-probability
-
-    # XGBoost
-    - py-xgboost
-
-  ci:
-    pipeline-gen:
-    - build-job:
-        image:
-          name: ghcr.io/spack/ubuntu-24.04:v2024-09-05-v2
-          entrypoint: ['']
-
-  cdash:
-    build-group: Machine Learning

share/spack/gitlab/cloud_pipelines/stacks/ml-linux-aarch64-cuda/spack.yaml

@@ -1,91 +0,0 @@
-spack:
-  view: false
-  packages:
-    all:
-      require:
-      - target=aarch64
-      - ~rocm
-      - +cuda
-      - cuda_arch=80
-    llvm:
-      # https://github.com/spack/spack/issues/27999
-      require: ~cuda
-    mpi:
-      require: openmpi
-
-  specs:
-    # Horovod
-    - py-horovod
-
-    # Hugging Face
-    - py-transformers
-
-    # JAX
-    - py-jax
-    - py-jaxlib
-
-    # Keras
-    - py-keras backend=tensorflow
-    - py-keras backend=jax
-    - py-keras backend=torch
-    - py-keras-applications
-    - py-keras-preprocessing
-    - py-keras2onnx
-
-    # PyTorch
-    - py-botorch
-    - py-efficientnet-pytorch
-    - py-gpytorch
-    - py-kornia
-    - py-lightning
-    - py-pytorch-gradual-warmup-lr
-    - py-pytorch-lightning
-    - py-segmentation-models-pytorch
-    - py-timm
-    - py-torch
-    - py-torch-cluster
-    - py-torch-geometric
-    - py-torch-nvidia-apex
-    - py-torch-scatter
-    - py-torch-sparse
-    - py-torch-spline-conv
-    - py-torchaudio
-    - py-torchdata
-    - py-torchfile
-    - py-torchgeo
-    - py-torchmetrics
-    # torchtext requires older pytorch, which requires older cuda, which doesn't support newer GCC
-    # - py-torchtext
-    - py-torchvision
-    - py-vector-quantize-pytorch
-
-    # scikit-learn
-    - py-scikit-learn
-    - py-scikit-learn-extra
-
-    # TensorBoard
-    - py-tensorboard
-    - py-tensorboard-data-server
-    - py-tensorboard-plugin-wit
-    - py-tensorboardx
-
-    # TensorFlow
-    - py-tensorflow
-    - py-tensorflow-datasets
-    - py-tensorflow-hub
-    - py-tensorflow-metadata
-    - py-tensorflow-probability
-
-    # XGBoost
-    # xgboost requires older cuda, which doesn't support newer GCC
-    # - py-xgboost
-
-  ci:
-    pipeline-gen:
-    - build-job:
-        image:
-          name: ghcr.io/spack/ubuntu-24.04:v2024-09-05-v2
-          entrypoint: ['']
-
-  cdash:
-    build-group: Machine Learning

var/spack/repos/builtin.mock/packages/git-url-top-level/package.py

@@ -6,6 +6,11 @@
 from spack.package import *
 
 
+def use_submodules(pkg):
+    """test example of a submodule callback"""
+    return ["a", "b"]
+
+
 class GitUrlTopLevel(Package):
     """Mock package that top-level git and url attributes.
 
@@ -22,6 +27,7 @@ class GitUrlTopLevel(Package):
     # These resolve to git fetchers
     version("develop", branch="develop")
     version("submodules", submodules=True)
+    version("submodules_callback", submodules=use_submodules)
     version("3.4", commit="abc34")
     version("3.3", branch="releases/v3.3", commit="abc33")
     version("3.2", branch="releases/v3.2")

var/spack/repos/builtin.mock/packages/hash-test1/package.py

@@ -14,13 +14,14 @@ class HashTest1(Package):
     homepage = "http://www.hashtest1.org"
     url = "http://www.hashtest1.org/downloads/hashtest1-1.1.tar.bz2"
 
-    version("1.1", md5="a" * 32)
-    version("1.2", md5="b" * 32)
-    version("1.3", md5="c" * 32)
-    version("1.4", md5="d" * 32)
-    version("1.5", md5="d" * 32)
-    version("1.6", md5="e" * 32)
-    version("1.7", md5="f" * 32)
+    version("1.1", sha256="a" * 64)
+    version("1.2", sha256="b" * 64)
+    version("1.3", sha256="c" * 64)
+    version("1.4", sha256="d" * 64)
+    version("1.5", sha256="d" * 64)
+    version("1.6", sha256="e" * 64)
+    version("1.7", sha256="f" * 64)
+    version("1.8", sha256="1" * 64)
 
     patch("patch1.patch", when="@1.1")
     patch("patch2.patch", when="@1.4")
@@ -28,6 +29,12 @@ class HashTest1(Package):
     variant("variantx", default=False, description="Test variant X")
     variant("varianty", default=False, description="Test variant Y")
 
+    resource(
+        url="http://www.example.com/example-1.0-resource.tar.gz",
+        sha256="abcd1234" * 8,
+        when="@1.8",
+    )
+
     def setup_dependent_build_environment(self, env, dependent_spec):
         pass
 

var/spack/repos/builtin.mock/packages/hash-test2/package.py

@@ -14,10 +14,13 @@ class HashTest2(Package):
     homepage = "http://www.hashtest2.org"
     url = "http://www.hashtest1.org/downloads/hashtest2-1.1.tar.bz2"
 
-    version("1.1", md5="a" * 32)
-    version("1.2", md5="b" * 32)
-    version("1.3", md5="c" * 31 + "x")  # Source hash differs from hash-test1@1.3
-    version("1.4", md5="d" * 32)
+    version("1.1", sha256="a" * 64)
+    version("1.2", sha256="b" * 64)
+
+    # Source hash differs from hash-test1@1.3
+    version("1.3", sha256=("c" * 63) + "f")
+
+    version("1.4", sha256="d" * 64)
 
     patch("patch1.patch", when="@1.1")
 

var/spack/repos/builtin.mock/packages/hash-test3/package.py

@@ -14,11 +14,11 @@ class HashTest3(Package):
     homepage = "http://www.hashtest3.org"
     url = "http://www.hashtest1.org/downloads/hashtest3-1.1.tar.bz2"
 
-    version("1.2", md5="b" * 32)
-    version("1.3", md5="c" * 32)
-    version("1.5", md5="d" * 32)
-    version("1.6", md5="e" * 32)
-    version("1.7", md5="f" * 32)
+    version("1.2", sha256="b" * 64)
+    version("1.3", sha256="c" * 64)
+    version("1.5", sha256="d" * 64)
+    version("1.6", sha256="e" * 64)
+    version("1.7", sha256="f" * 64)
 
     variant("variantx", default=False, description="Test variant X")
     variant("varianty", default=False, description="Test variant Y")

var/spack/repos/builtin/packages/atk/package.py

@@ -6,7 +6,7 @@
 from spack.package import *
 
 
-class Atk(MesonPackage):
+class Atk(Package):
     """ATK provides the set of accessibility interfaces that are
     implemented by other toolkits and applications. Using the ATK
     interfaces, accessibility tools have full access to view and
@@ -23,10 +23,20 @@ class Atk(MesonPackage):
     version("2.36.0", sha256="fb76247e369402be23f1f5c65d38a9639c1164d934e40f6a9cf3c9e96b652788")
     version("2.30.0", sha256="dd4d90d4217f2a0c1fee708a555596c2c19d26fef0952e1ead1938ab632c027b")
     version("2.28.1", sha256="cd3a1ea6ecc268a2497f0cd018e970860de24a6d42086919d6bf6c8e8d53f4fc")
+    version(
+        "2.20.0",
+        sha256="493a50f6c4a025f588d380a551ec277e070b28a82e63ef8e3c06b3ee7c1238f0",
+        deprecated=True,
+    )
+    version(
+        "2.14.0",
+        sha256="2875cc0b32bfb173c066c22a337f79793e0c99d2cc5e81c4dac0d5a523b8fbad",
+        deprecated=True,
+    )
 
-    depends_on("c", type="build")
+    depends_on("c", type="build")  # generated
 
-    depends_on("meson@0.40.1:", type="build")
+    depends_on("meson@0.40.1:", type="build", when="@2.28:")
     depends_on("meson@0.46.0:", type="build", when="@2.29:")
     depends_on("glib")
     depends_on("gettext")
@@ -35,15 +45,33 @@ class Atk(MesonPackage):
     depends_on("libffi")
 
     def url_for_version(self, version):
-        return (
-            f"http://ftp.gnome.org/pub/gnome/sources/atk/"
-            f"{version.up_to(2)}/atk-{version}.tar.xz"
-        )
+        """Handle gnome's version-based custom URLs."""
+        url = "http://ftp.gnome.org/pub/gnome/sources/atk"
+        return url + f"/{version.up_to(2)}/atk-{version}.tar.xz"
 
     def setup_run_environment(self, env):
-        env.prepend_path("XDG_DATA_DIRS", self.prefix.share)
         env.prepend_path("GI_TYPELIB_PATH", join_path(self.prefix.lib, "girepository-1.0"))
 
     def setup_dependent_build_environment(self, env, dependent_spec):
         env.prepend_path("XDG_DATA_DIRS", self.prefix.share)
         env.prepend_path("GI_TYPELIB_PATH", join_path(self.prefix.lib, "girepository-1.0"))
+
+    def setup_dependent_run_environment(self, env, dependent_spec):
+        env.prepend_path("XDG_DATA_DIRS", self.prefix.share)
+        env.prepend_path("GI_TYPELIB_PATH", join_path(self.prefix.lib, "girepository-1.0"))
+
+    def install(self, spec, prefix):
+        with working_dir("spack-build", create=True):
+            meson("..", *std_meson_args)
+            ninja("-v")
+            ninja("install")
+
+    @when("@:2.27")
+    def install(self, spec, prefix):
+        configure(f"--prefix={prefix}")
+        make()
+        if self.run_tests:
+            make("check")
+        make("install")
+        if self.run_tests:
+            make("installcheck")

var/spack/repos/builtin/packages/bazel/package.py

@@ -140,9 +140,6 @@ class Bazel(Package):
     # Newer versions of grpc and abseil dependencies are needed but are not in bazel-4.0.0
     conflicts("@4.0.0", when="%gcc@11:")
 
-    # https://github.com/bazelbuild/bazel/pull/23667
-    conflicts("%apple-clang@16:", when="@:7.3")
-
     executables = ["^bazel$"]
 
     # Download resources to perform offline build with bazel.

var/spack/repos/builtin/packages/cpr/package.py

@@ -12,11 +12,8 @@ class Cpr(CMakePackage):
     homepage = "https://docs.libcpr.org/"
     url = "https://github.com/libcpr/cpr/archive/refs/tags/1.10.4.tar.gz"
 
-    maintainers("prudhomm")
     license("MIT")
 
-    version("1.11.0", sha256="fdafa3e3a87448b5ddbd9c7a16e7276a78f28bbe84a3fc6edcfef85eca977784")
-    version("1.10.5", sha256="c8590568996cea918d7cf7ec6845d954b9b95ab2c4980b365f582a665dea08d8")
     version("1.10.4", sha256="88462d059cd3df22c4d39ae04483ed50dfd2c808b3effddb65ac3b9aa60b542d")
     version("1.9.2", sha256="3bfbffb22c51f322780d10d3ca8f79424190d7ac4b5ad6ad896de08dbd06bf31")
 

var/spack/repos/builtin/packages/fmi4cpp/package.py

@@ -1,32 +0,0 @@
-# Copyright 2013-2024 Lawrence Livermore National Security, LLC and other
-# Spack Project Developers. See the top-level COPYRIGHT file for details.
-#
-# SPDX-License-Identifier: (Apache-2.0 OR MIT)
-
-from spack.package import *
-
-
-class Fmi4cpp(CMakePackage):
-    """FMI4cpp is a cross-platform FMI 2.0 implementation written in modern C++.
-    FMI4cpp supports both Co-simulation and Model Exchange.
-    """
-
-    homepage = "https://github.com/NTNU-IHB/FMI4cpp"
-    url = "https://github.com/NTNU-IHB/FMI4cpp/archive/refs/tags/v0.8.3.tar.gz"
-    git = "https://github.com/NTNU-IHB/FMI4cpp.git"
-
-    maintainers("prudhomm")
-    license("MIT", checked_by="prudhomm")
-
-    version("master", branch="master")
-    version("0.8.3", sha256="f48c630f087bdf8d7a04611f6f30942c870c3c1211a94ef2404c40baa4bcb2c9")
-
-    variant("shared", default=True, description="Build shared library")
-
-    depends_on("cxx", type="build")
-    depends_on("libzip")
-    depends_on("pugixml")
-
-    def cmake_args(self):
-        args = [self.define_from_variant("BUILD_SHARED_LIBS", "shared")]
-        return args

var/spack/repos/builtin/packages/gdk-pixbuf/package.py

@@ -6,10 +6,12 @@
 from spack.package import *
 
 
-class GdkPixbuf(MesonPackage):
-    """The Gdk Pixbuf is a toolkit for image loading and pixel buffer manipulation. It is used by
-    GTK+ 2 and GTK+ 3 to load and manipulate images. In the past it was distributed as part of
-    GTK+ 2 but it was split off into a separate package in preparation for the change to GTK+ 3."""
+class GdkPixbuf(Package):
+    """The Gdk Pixbuf is a toolkit for image loading and pixel buffer
+    manipulation. It is used by GTK+ 2 and GTK+ 3 to load and
+    manipulate images. In the past it was distributed as part of
+    GTK+ 2 but it was split off into a separate package in
+    preparation for the change to GTK+ 3."""
 
     homepage = "https://gitlab.gnome.org/GNOME/gdk-pixbuf"
     url = "https://ftp.acc.umu.se/pub/gnome/sources/gdk-pixbuf/2.40/gdk-pixbuf-2.40.0.tar.xz"
@@ -41,20 +43,44 @@ class GdkPixbuf(MesonPackage):
         sha256="83c66a1cfd591d7680c144d2922c5955d38b4db336d7cd3ee109f7bcf9afef15",
         deprecated=True,
     )
+    # https://nvd.nist.gov/vuln/detail/CVE-2021-20240
+    version(
+        "2.40.0",
+        sha256="1582595099537ca8ff3b99c6804350b4c058bb8ad67411bbaae024ee7cead4e6",
+        deprecated=True,
+    )
+    version(
+        "2.38.2",
+        sha256="73fa651ec0d89d73dd3070b129ce2203a66171dfc0bd2caa3570a9c93d2d0781",
+        deprecated=True,
+    )
+    version(
+        "2.38.0",
+        sha256="dd50973c7757bcde15de6bcd3a6d462a445efd552604ae6435a0532fbbadae47",
+        deprecated=True,
+    )
+    version(
+        "2.31.2",
+        sha256="9e467ed09894c802499fb2399cd9a89ed21c81700ce8f27f970a833efb1e47aa",
+        deprecated=True,
+    )
 
     depends_on("c", type="build")
 
+    variant("x11", default=False, description="Enable X11 support", when="@:2.41")
     variant("tiff", default=False, description="Enable TIFF support(partially broken)")
     # Man page creation was getting docbook errors, see issue #18853
     variant("man", default=False, description="Enable man page creation")
 
-    with default_args(type="build"):
-        depends_on("meson@0.55.3:")
-        depends_on("pkgconfig")
-        depends_on("libxslt", when="+man")
-        depends_on("docbook-xsl@1.79.2:", when="+man")
-
-    depends_on("shared-mime-info", when="platform=linux")
+    depends_on("meson@0.55.3:", type="build", when="@2.42.2:")
+    depends_on("meson@0.46.0:", type="build", when="@2.37.92:")
+    depends_on("meson@0.45.0:", type="build", when="@2.37.0:")
+    depends_on("ninja", type="build", when="@2.37.0:")
+    depends_on("shared-mime-info", when="@2.36.8: platform=linux")
+    depends_on("pkgconfig", type="build")
+    # Building the man pages requires libxslt and the Docbook stylesheets
+    depends_on("libxslt", type="build", when="+man")
+    depends_on("docbook-xsl@1.79.2:", type="build", when="+man")
     depends_on("gettext")
     depends_on("glib@2.38.0:")
     depends_on("jpeg")
@@ -62,28 +88,68 @@ class GdkPixbuf(MesonPackage):
     depends_on("zlib-api")
     depends_on("libtiff", when="+tiff")
     depends_on("gobject-introspection")
+    depends_on("libx11", when="+x11")
 
-    # Replace the docbook stylesheet URL with the one that our docbook-xsl package uses/recognizes.
-    patch("docbook-cdn.patch", when="+man")
+    # Replace the docbook stylesheet URL with the one that our
+    # docbook-xsl package uses/recognizes.
+    # Pach modifies meson build files, so it only applies to versions that
+    # depend on meson.
+    patch("docbook-cdn.patch", when="@2.37.0:+man")
 
     def url_for_version(self, version):
         url = "https://ftp.acc.umu.se/pub/gnome/sources/gdk-pixbuf/{0}/gdk-pixbuf-{1}.tar.xz"
         return url.format(version.up_to(2), version)
 
     def setup_run_environment(self, env):
-        env.prepend_path("XDG_DATA_DIRS", self.prefix.share)
         env.prepend_path("GI_TYPELIB_PATH", join_path(self.prefix.lib, "girepository-1.0"))
 
     def setup_dependent_build_environment(self, env, dependent_spec):
         env.prepend_path("XDG_DATA_DIRS", self.prefix.share)
         env.prepend_path("GI_TYPELIB_PATH", join_path(self.prefix.lib, "girepository-1.0"))
 
-    def meson_args(self):
-        args = [f"-Dman={'true' if self.spec.satisfies('+man') else 'false'}"]
-        if self.spec.satisfies("@2.42.9:"):
-            args.append(f"-Dtests={'true' if self.run_tests else 'false'}")
+    def setup_dependent_run_environment(self, env, dependent_spec):
+        env.prepend_path("XDG_DATA_DIRS", self.prefix.share)
+        env.prepend_path("GI_TYPELIB_PATH", join_path(self.prefix.lib, "girepository-1.0"))
+
+    def install(self, spec, prefix):
+        with working_dir("spack-build", create=True):
+            meson_args = std_meson_args + ["-Dman={0}".format("+man" in spec)]
+            # Only build tests when requested
+            if self.version >= Version("2.42.9"):
+                meson_args += ["-Dtests={0}".format(self.run_tests)]
+            # Based on suggestion by luigi-calori and the fixup shown by lee218llnl:
+            # https://github.com/spack/spack/pull/27254#issuecomment-974464174
+            if spec.satisfies("+x11"):
+                if self.version >= Version("2.42"):
+                    raise InstallError("+x11 is not valid for {0}".format(self.version))
+                meson_args += ["-Dx11=true"]
+            meson("..", *meson_args)
+            ninja("-v")
+            if self.run_tests:
+                ninja("test")
+            ninja("install")
+
+    def configure_args(self):
+        args = []
+        # disable building of gtk-doc files following #9771
+        args.append("--disable-gtk-doc-html")
+        true = which("true")
+        args.append("GTKDOC_CHECK={0}".format(true))
+        args.append("GTKDOC_CHECK_PATH={0}".format(true))
+        args.append("GTKDOC_MKPDF={0}".format(true))
+        args.append("GTKDOC_REBASE={0}".format(true))
         return args
 
+    @when("@:2.36")
+    def install(self, spec, prefix):
+        configure("--prefix={0}".format(prefix), *self.configure_args())
+        make()
+        if self.run_tests:
+            make("check")
+        make("install")
+        if self.run_tests:
+            make("installcheck")
+
     def setup_build_environment(self, env):
         # The "post-install.sh" script uses gdk-pixbuf-query-loaders,
         # which was installed earlier.

var/spack/repos/builtin/packages/geode/package.py

@@ -15,21 +15,14 @@ class Geode(Package):
 
     homepage = "https://geode.apache.org/"
     url = "https://archive.apache.org/dist/geode/1.9.2/apache-geode-1.9.2.tgz"
-    list_url = "https://archive.apache.org/dist/geode/"
-    list_depth = 1
 
     license("Apache-2.0")
 
-    version("1.15.1", sha256="2668970982d373ef42cff5076e7073b03e82c8e2fcd7757d5799b2506e265d57")
-    version("1.14.3", sha256="5efb1c71db34ba3b7ce1004579f8b9b7a43eae30f42c37837d5abd68c6d778bd")
-    version("1.13.8", sha256="b5fc105ce0a16aaf7ba341668e022d458b18d6d2c44705a8c79c42077c6d8229")
-    with default_args(deprecated=True):
-        # https://nvd.nist.gov/vuln/detail/CVE-2022-37021
-        version("1.9.2", sha256="4b8118114ef43166f6bf73af56b93aadbf9108fcab06d1fbbb8e27f7d559d7e0")
-        version("1.9.0", sha256="8794808ebc89bc855f0b989b32e91e890d446cfd058e123f6ccb9e12597c1c4f")
-        version("1.8.0", sha256="58edc41edac4eabd899322b73a24727eac41f6253274c2ce7d0a82227121ae3e")
-        version("1.7.0", sha256="91eec04420f46e949d32104479c4a4b5b34a4e5570dca7b98ca067a30d5a783d")
-        version("1.6.0", sha256="79e8d81d058b1c4edd5fb414ff30ac530f7913b978f5abc899c353fcb06e5ef3")
+    version("1.9.2", sha256="4b8118114ef43166f6bf73af56b93aadbf9108fcab06d1fbbb8e27f7d559d7e0")
+    version("1.9.0", sha256="8794808ebc89bc855f0b989b32e91e890d446cfd058e123f6ccb9e12597c1c4f")
+    version("1.8.0", sha256="58edc41edac4eabd899322b73a24727eac41f6253274c2ce7d0a82227121ae3e")
+    version("1.7.0", sha256="91eec04420f46e949d32104479c4a4b5b34a4e5570dca7b98ca067a30d5a783d")
+    version("1.6.0", sha256="79e8d81d058b1c4edd5fb414ff30ac530f7913b978f5abc899c353fcb06e5ef3")
 
     depends_on("java", type="run")
 

var/spack/repos/builtin/packages/less/package.py

@@ -17,13 +17,9 @@ class Less(AutotoolsPackage):
 
     depends_on("ncurses")
 
-    license("GPL-3.0-or-later OR BSD-2-Clause", checked_by="wdconinc")
+    license("GPL-3.0-or-later OR BSD-2-Clause")
 
-    version("668", sha256="dbc0de59ea9c50e1e8927e6b077858db3a84954e767909bc599e6e6f602c5717")
-    version("661", sha256="a900e3916738bf8c1a0a2a059810f1c59b8271ac8bb46898c6e921ea6aefd757")
     version("643", sha256="3bb417c4b909dfcb0adafc371ab87f0b22e8b15f463ec299d156c495fc9aa196")
-    with default_args(deprecated=True):
-        # https://nvd.nist.gov/vuln/detail/CVE-2022-46663
-        version("590", sha256="69056021c365b16504cf5bd3864436a5e50cb2f98b76cd68b99b457064139375")
-        version("551", sha256="2630db16ef188e88b513b3cc24daa9a798c45643cc7da06e549c9c00cfd84244")
-        version("530", sha256="8c1652ba88a726314aa2616d1c896ca8fe9a30253a5a67bc21d444e79a6c6bc3")
+    version("590", sha256="69056021c365b16504cf5bd3864436a5e50cb2f98b76cd68b99b457064139375")
+    version("551", sha256="2630db16ef188e88b513b3cc24daa9a798c45643cc7da06e549c9c00cfd84244")
+    version("530", sha256="8c1652ba88a726314aa2616d1c896ca8fe9a30253a5a67bc21d444e79a6c6bc3")

var/spack/repos/builtin/packages/nano/package.py

@@ -14,16 +14,13 @@ class Nano(AutotoolsPackage):
     list_url = "https://www.nano-editor.org/dist/"
     list_depth = 1
 
-    license("GPL-3.0-or-later", checked_by="wdconinc")
+    license("GPL-3.0-or-later")
 
     # 8.x
-    version("8.2", sha256="d5ad07dd862facae03051c54c6535e54c7ed7407318783fcad1ad2d7076fffeb")
-    version("8.1", sha256="93b3e3e9155ae389fe9ccf9cb7ab380eac29602835ba3077b22f64d0f0cbe8cb")
     version("8.0", sha256="c17f43fc0e37336b33ee50a209c701d5beb808adc2d9f089ca831b40539c9ac4")
     # 7.x
     version("7.2", sha256="86f3442768bd2873cec693f83cdf80b4b444ad3cc14760b74361474fc87a4526")
     # 6.x
-    version("6.4", sha256="4199ae8ca78a7796de56de1a41b821dc47912c0307e9816b56cc317df34661c0")
     version("6.3", sha256="eb532da4985672730b500f685dbaab885a466d08fbbf7415832b95805e6f8687")
     version("6.2", sha256="2bca1804bead6aaf4ad791f756e4749bb55ed860eec105a97fba864bc6a77cb3")
     version("6.1", sha256="3d57ec893fbfded12665b7f0d563d74431fc43abeaccacedea23b66af704db40")
@@ -85,11 +82,9 @@ class Nano(AutotoolsPackage):
     version("2.6.2", sha256="22f79cc635458e0c0d110d211576f1edc03b112a62d73b914826a46547a6ac27")
     version("2.6.1", sha256="45721fa6d6128068895ad71a6967ff7398d11b064b3f888e5073c97a2b6e9a81")
 
-    depends_on("c", type="build")
+    depends_on("c", type="build")  # generated
 
     depends_on("pkgconfig", type="build")
-    depends_on("gettext@0.18.3:")
-    depends_on("gettext@0.20:", when="@8.1:")
     depends_on("ncurses")
 
     def url_for_version(self, version):

var/spack/repos/builtin/packages/nextflow/package.py

@@ -14,11 +14,6 @@ class Nextflow(Package):
 
     maintainers("dialvarezs", "marcodelapierre")
 
-    version(
-        "24.10.0",
-        sha256="e848918fb9b85762822c078435d9ff71979a88cccff81ce5babd75d5eee52fe6",
-        expand=False,
-    )
     version(
         "24.04.3",
         sha256="e258f6395a38f044eb734cba6790af98b561aa521f63e2701fe95c050986e11c",
@@ -192,6 +187,7 @@ class Nextflow(Package):
         deprecated=True,
     )
 
+    depends_on("java@17", when="@24", type="run")
     depends_on("java", type="run")
 
     def install(self, spec, prefix):

var/spack/repos/builtin/packages/pango/package.py

@@ -22,7 +22,6 @@ class Pango(MesonPackage):
     # Do not upgrade to v1.90.x. It is a development release in preparation for
     # v2.0 that will break API and ABI compatibility. For more information see
     # https://download.gnome.org/sources/pango/1.90/pango-1.90.0.news
-    version("1.54.0", sha256="8a9eed75021ee734d7fc0fdf3a65c3bba51dfefe4ae51a9b414a60c70b2d1ed8")
     version("1.52.2", sha256="d0076afe01082814b853deec99f9349ece5f2ce83908b8e58ff736b41f78a96b")
     version("1.50.13", sha256="5cdcf6d761d26a3eb9412b6cb069b32bd1d9b07abf116321167d94c2189299fd")
     version("1.50.7", sha256="0477f369a3d4c695df7299a6989dc004756a7f4de27eecac405c6790b7e3ad33")
@@ -45,12 +44,6 @@ class Pango(MesonPackage):
 
     variant("X", default=False, description="Enable an X toolkit")
 
-    depends_on("meson@0.48:", type="build", when="@1.43:")
-    depends_on("meson@0.50:", type="build", when="@1.44.4:")
-    depends_on("meson@0.54:", type="build", when="@1.48.0:")
-    depends_on("meson@0.55.3:", type="build", when="@1.48.1:")
-    depends_on("meson@0.60:", type="build", when="@1.50.13:")
-    depends_on("meson@0.63:", type="build", when="@1.54:")
     depends_on("pkgconfig@0.9.0:", type="build")
     depends_on("harfbuzz")
     depends_on("harfbuzz+coretext", when="platform=darwin")
@@ -102,9 +95,7 @@ def meson_args(self):
             args.append("-Dxft=disabled")
 
         # disable building of gtk-doc files following #9885 and #9771
-        if spec.satisfies("@1.54:"):
-            args.append("-Ddocumentation=false")
-        elif spec.satisfies("@1.44:"):
+        if spec.satisfies("@1.44:"):
             args.append("-Dgtk_doc=false")
         else:
             args.append("-Denable_docs=false")

var/spack/repos/builtin/packages/py-arpeggio/package.py

@@ -1,19 +0,0 @@
-# Copyright 2013-2024 Lawrence Livermore National Security, LLC and other
-# Spack Project Developers. See the top-level COPYRIGHT file for details.
-#
-# SPDX-License-Identifier: (Apache-2.0 OR MIT)
-
-from spack.package import *
-
-
-class PyArpeggio(PythonPackage):
-    """Packrat parser interpreter."""
-
-    homepage = "https://github.com/textX/Arpeggio"
-    pypi = "Arpeggio/Arpeggio-2.0.2.tar.gz"
-
-    license("MIT")
-
-    version("2.0.2", sha256="c790b2b06e226d2dd468e4fbfb5b7f506cec66416031fde1441cf1de2a0ba700")
-
-    depends_on("py-setuptools", type="build")

var/spack/repos/builtin/packages/py-caliper-reader/package.py

@@ -1,19 +0,0 @@
-# Copyright 2013-2024 Lawrence Livermore National Security, LLC and other
-# Spack Project Developers. See the top-level COPYRIGHT file for details.
-#
-# SPDX-License-Identifier: (Apache-2.0 OR MIT)
-
-from spack.package import *
-
-
-class PyCaliperReader(PythonPackage):
-    """A Python library for reading Caliper .cali files."""
-
-    homepage = "https://github.com/LLNL/Caliper"
-    pypi = "caliper-reader/caliper-reader-0.4.0.tar.gz"
-
-    license("BSD-3-Clause")
-
-    version("0.4.0", sha256="00c2c0165a0665dbae58579a1477cb785b3f11350f060e95a6e5ce42f02d5c37")
-
-    depends_on("py-setuptools", type="build")

var/spack/repos/builtin/packages/py-hatchet/package.py

@@ -18,7 +18,6 @@ class PyHatchet(PythonPackage):
 
     license("MIT")
 
-    version("1.4.0", sha256="9f934f128666703d30818e9a091493df1bf1819bf7445ffb35a0f46871501b55")
     version("1.3.0", sha256="d77d071fc37863fdc9abc3fd9ea1088904cd98c6980a014a31e44595d2deac5e")
     version("1.2.0", sha256="1d5f80abfa69d1a379dff7263908c5c915023f18f26d50b639556e2f43ac755e")
     version("1.1.0", sha256="71bfa2881ef295294e5b4493acb8cce98d14c354e9ae59b42fb56a76d8ec7056")
@@ -31,14 +30,9 @@ class PyHatchet(PythonPackage):
     depends_on("python@2.7:3.8", when="@:1.3.0", type=("build", "run"))
     depends_on("python@2.7:", when="@1.3.1:", type=("build", "run"))
 
-    depends_on("py-cython", when="@1.4:", type="build")
     depends_on("py-setuptools", type="build")
-    depends_on("py-pydot", type=("build", "run"))
-    depends_on("py-pyyaml", type=("build", "run"))
     depends_on("py-matplotlib", type=("build", "run"))
     depends_on("py-numpy", type=("build", "run"))
     depends_on("py-pandas", type=("build", "run"))
-    depends_on("py-textx", when="@1.4:", type=("build", "run"))
-    depends_on("py-multiprocess", when="@1.4:", type=("build", "run"))
-    depends_on("py-caliper-reader", when="@1.4:", type=("build", "run"))
-    depends_on("py-pycubexr", when="@1.4:", type=("build", "run"))
+    depends_on("py-pydot", type=("build", "run"))
+    depends_on("py-pyyaml", type=("build", "run"))

var/spack/repos/builtin/packages/py-mgmetis/package.py

@@ -21,6 +21,6 @@ class PyMgmetis(PythonPackage):
     depends_on("py-setuptools", type="build")
     depends_on("py-numpy@1.20.0:1.26.4", type=("build", "run"))
     depends_on("py-cython", type=("build"))
-    depends_on("py-mpi4py@3.0.3:3", type=("build", "run"))
+    depends_on("py-mpi4py@3.0.3:", type=("build", "run"))
     depends_on("py-pytest")
     depends_on("metis+shared", type="all")

var/spack/repos/builtin/packages/py-non-regression-test-tools/package.py

@@ -18,8 +18,8 @@ class PyNonRegressionTestTools(PythonPackage):
 
     version("develop", branch="develop")
     version("main", branch="main")
-    version("1.1.2", tag="v1.1.2", preferred=True)
+    version("1.0.2", tag="v1.0.2", preferred=True)
 
     depends_on("py-numpy", type="run")
-    depends_on("python@3.10:", type="run")
+    depends_on("python@3.7:", type="run")
     depends_on("py-setuptools", type="build")

var/spack/repos/builtin/packages/py-pycubexr/package.py

@@ -1,20 +0,0 @@
-# Copyright 2013-2024 Lawrence Livermore National Security, LLC and other
-# Spack Project Developers. See the top-level COPYRIGHT file for details.
-#
-# SPDX-License-Identifier: (Apache-2.0 OR MIT)
-
-from spack.package import *
-
-
-class PyPycubexr(PythonPackage):
-    """pyCubexR is a Python package for reading the Cube4 file format."""
-
-    homepage = "https://github.com/extra-p/pycubexr"
-    pypi = "pycubexr/pycubexr-2.0.0.tar.gz"
-
-    license("BSD-3-Clause")
-
-    version("2.0.0", sha256="03504fbbc9cbd514943e8aeb57919ad49731fe264bdbab86711bf10851276924")
-
-    depends_on("py-setuptools", type="build")
-    depends_on("py-numpy@1.18:1", type=("build", "run"))

var/spack/repos/builtin/packages/py-textx/package.py

@@ -1,23 +0,0 @@
-# Copyright 2013-2024 Lawrence Livermore National Security, LLC and other
-# Spack Project Developers. See the top-level COPYRIGHT file for details.
-#
-# SPDX-License-Identifier: (Apache-2.0 OR MIT)
-
-from spack.package import *
-
-
-class PyTextx(PythonPackage):
-    """Meta-language for DSL implementation inspired by Xtext."""
-
-    homepage = "https://textx.github.io/textX/"
-    pypi = "textx/textx-4.0.1.tar.gz"
-
-    license("MIT")
-
-    version("4.0.1", sha256="84aff5c95fd2c947402fcbe83eeeddc23aabcfed3464ab84184ef193c52d831a")
-
-    depends_on("c", type="build")
-    depends_on("py-flit-core@3.8:3", type="build")
-    depends_on("python@3.8:3.12", type=("build", "run"))
-    depends_on("py-arpeggio@2:", type=("build", "run"))
-    depends_on("py-importlib-metadata", when="^python@:3.9", type=("build", "run"))

var/spack/repos/builtin/packages/sst-core/package.py

@@ -14,14 +14,12 @@ class SstCore(AutotoolsPackage):
 
     homepage = "https://github.com/sstsimulator"
     git = "https://github.com/sstsimulator/sst-core.git"
-    url = "https://github.com/sstsimulator/sst-core/releases/download/v14.1.0_Final/sstcore-14.1.0.tar.gz"
+    url = "https://github.com/sstsimulator/sst-core/releases/download/v13.1.0_Final/sstcore-13.1.0.tar.gz"
 
     maintainers("berquist", "naromero77")
 
     license("BSD-3-Clause")
 
-    version("14.1.0", sha256="9d17c37d1ebdff8d8eb10ab0084eb901c78a7c5a76db15189e3d7fc318fd6f9d")
-    version("14.0.0", sha256="fadc7ee99472ff3ac5d4b3f3e507123e32bd9fb89c4c6b48fbd2dca8aeb8b8d6")
     version("13.1.0", sha256="0a44c62ee0b18a20a3cb089f4e0d43e293dc5adc6c3fa7639d40986cf5b9854c")
     version("13.0.0", sha256="c9d868dcdd75d59bef7c73146709a3b2a52a78f0df5ec2c3dc9f21434c51d935")
     version("12.1.0", sha256="f7530226643439678e2f4183ec4dbadf7750411bdaa44d9443887f81feb97574")

var/spack/repos/builtin/packages/sst-elements/package.py

@@ -14,14 +14,12 @@ class SstElements(AutotoolsPackage):
 
     homepage = "https://github.com/sstsimulator"
     git = "https://github.com/sstsimulator/sst-elements.git"
-    url = "https://github.com/sstsimulator/sst-elements/releases/download/v14.1.0_Final/sstelements-14.1.0.tar.gz"
+    url = "https://github.com/sstsimulator/sst-elements/releases/download/v13.1.0_Final/sstelements-13.1.0.tar.gz"
 
     maintainers("berquist", "naromero77")
 
     license("BSD-3-Clause")
 
-    version("14.1.0", sha256="433994065810d3afee4e355173e781cd76171043cce8835bbc40887672a33350")
-    version("14.0.0", sha256="68eab77febdd0138a497249d854e1cb0c3a67b1c56c4d51f1fe35df12dcd1b9c")
     version("13.1.0", sha256="ebda6ee5af858192dff8a7faf3125010001d5c439beec22afe5b9828a74adf1a")
     version("13.0.0", sha256="1f6f6b403a8c1b22a27cdf2943c9e505825ee14866891e7bc944d4471b7b0321")
     version("12.1.0", sha256="77948cf8e1f8bf8d238d475cea111c9a72b307cbf403cb429ef0426d0cf708a4")

var/spack/repos/builtin/packages/sst-macro/package.py

@@ -17,12 +17,10 @@ class SstMacro(AutotoolsPackage):
 
     homepage = "https://github.com/sstsimulator"
     git = "https://github.com/sstsimulator/sst-macro.git"
-    url = "https://github.com/sstsimulator/sst-macro/releases/download/v14.1.0_Final/sstmacro-14.1.0.tar.gz"
+    url = "https://github.com/sstsimulator/sst-macro/releases/download/v13.1.0_Final/sstmacro-13.1.0.tar.gz"
 
     maintainers("berquist")
 
-    version("14.1.0", sha256="241f42f5c460b0e7462592a7f412bda9c9de19ad7a4b62c22f35be4093b57014")
-    version("14.0.0", sha256="3962942268dd9fe6ebd4462e2d6d305ab757f3f510487e84687146a8d461be13")
     version("13.1.0", sha256="022e39daae1067b56c0011dbe87e3234fee4587049fd53671e1ed6b23233f70e")
     version("13.0.0", sha256="410dad4ac0c7a4c0e16c54da308b6c6b631112af18ae2c37585c8a14472987d4")
     version("12.1.0", sha256="ee57e08acfd4b6429a0500d981d468ee6ded2638ec5abec7b47f172388b267f1")

var/spack/repos/builtin/packages/tasmanian/package.py

@@ -12,7 +12,7 @@ class Tasmanian(CMakePackage, CudaPackage, ROCmPackage):
     interpolation as well as parameter calibration."""
 
     homepage = "https://ornl.github.io/TASMANIAN/stable/"
-    url = "https://github.com/ORNL/TASMANIAN/archive/v8.1.tar.gz"
+    url = "https://github.com/ORNL/TASMANIAN/archive/v8.0.tar.gz"
     git = "https://github.com/ORNL/TASMANIAN.git"
 
     tags = ["e4s"]
@@ -22,15 +22,15 @@ class Tasmanian(CMakePackage, CudaPackage, ROCmPackage):
 
     version("develop", branch="master")
 
-    version("8.1", sha256="e870d26ebe9e5038a8bb75710e47a66f3040c5ad34d03c2fc993b984240d247b")
     version("8.0", sha256="248c941346150bf6cfb386ba86b69bd4697f4fc93bff0e8d5f57e555614fd534")
     version("7.9", sha256="decba62e6bbccf1bc26c6e773a8d4fd51d7f3e3e534ddd386ec41300694ce5cc")
     version("7.7", sha256="85fb3a7b302ea21a3b700712767a59a623d9ab93da03308fa47d4413654c3878")
+    version("7.5", sha256="d621bd36dced4db86ef638693ba89b336762e7a3d7fedb3b5bcefb03390712b3")
 
-    # when adding a new version, deprecate an old one, this gives us 3 - 4 years of support
+    # Tasmanian is backwards compatible, no need to use 7.3 from back in 2020
     version(
-        "7.5",
-        sha256="d621bd36dced4db86ef638693ba89b336762e7a3d7fedb3b5bcefb03390712b3",
+        "7.3",
+        sha256="5bd1dd89cc5c84506f6900b6569b17e50becd73eb31ec85cfa11d6f1f912c4fa",
         deprecated=True,
     )
 

var/spack/repos/builtin/packages/w3m/package.py

@@ -68,7 +68,7 @@ class W3m(AutotoolsPackage):
         values=("gdk-pixbuf", "imlib2"),
         multi=False,
     )
-    depends_on("gdk-pixbuf@2:", when="imagelib=gdk-pixbuf +image")
+    depends_on("gdk-pixbuf@2:+x11", when="imagelib=gdk-pixbuf +image")
     depends_on("imlib2@1.0.5:", when="imagelib=imlib2 +image")
 
     # fix for modern libraries