Migrate from PCRE to PCRE2

[emilazy]

PCRE2 was released in 2015. The original PCRE is end‐of‐life and will not receive further bug fixes. Debian decided to remove it years ago (they called their original‐PCRE package pcre3 for historical reasons), filed mass bug reports against packages still using it, and it has been gone entirely since the release of Bookworm last year. We should follow suit, upgrading packages to PCRE2 where possible and considering dropping obsolete software that won’t get updated to a supported version, especially if it processes untrusted input.

Issues and PRs

• https://github.com/NixOS/nixpkgs/pull/355989
• https://github.com/NixOS/nixpkgs/pull/356690
• https://github.com/NixOS/nixpkgs/pull/356976

[SuperSandro2000]

We need to be careful with services that have systemd hardening because they can block the PCRE2 jit like eg https://github.com/NixOS/nixpkgs/pull/179444

[pluiedev]

Here's a list of all the packages in pkgs/by-name that still refer to pcre (may not be complete):

• [ ] adriconf
• [ ] aegisub
• [ ] ansel
• [ ] apvlv
• [ ] argyllcms
• [ ] atheme
• [ ] audacity
• [ ] bambu-studio
• [ ] blendfarm
• [ ] chow-kick
• [ ] chow-phaser
• [ ] chow-tape-model
• [ ] classads
• [ ] contour
• [ ] cppcheck
• [ ] cppcms
• [ ] cpu-x
• [ ] createrepo_c
• [ ] dablin
• [ ] darktable
• [ ] dico
• [ ] edbrowse
• [ ] ethtool
• [ ] ettercap
• [ ] evolution-data-server
• [ ] ezquake
• [ ] fastfetch
• [ ] fntsample
• [ ] frei0r
• [ ] gmt
• [ ] gromit-mpx
• [ ] gsmartcontrol
• [ ] haka
• [ ] hardinfo
• [ ] hashlink
• [ ] hybridreverb2
• [ ] hyperscan
• [ ] hyprpaper
• [ ] igprof
• [ ] infamousPlugins
• [ ] inspircd
• [ ] io
• [ ] ivan
• [ ] jiten
• [ ] kamailio
• [ ] kermit-terminal
• [ ] kismet
• [ ] lemminx
• [ ] libgaminggear
• [ ] liblognorm
• [ ] libmp3splt
• [ ] libr3
• [ ] lightdm-enso-os-greeter
• [ ] lightspark
• [ ] logstalgia
• [ ] luastatus
• [ ] maildrop
• [ ] megacmd
• [ ] memtier-benchmark
• [ ] min
• [ ] miraclecast
• [ ] mkbootimage
• [ ] modsecurity_standalone
• [ ] mosdepth
• [ ] mpfr
• [ ] mutt
• [ ] mydumper
• [ ] neko
• [ ] neocomp
• [ ] ngrep
• [ ] nim-2_2
• [ ] nim-unwrapped-2_2
• [ ] nimmm
• [ ] nnn
• [ ] nrpl
• [ ] omxplayer
• [ ] oobicpl
• [ ] opencollada
• [ ] openscap
• [ ] pnmixer
• [ ] poke
• [ ] polybar
• [ ] pplatex
• [ ] prboom-plus
• [ ] proxysql
• [ ] rcon
• [ ] rdup
• [ ] renderdoc
• [ ] rewritefs
• [ ] root5
• [ ] root
• [ ] rpm-ostree
• [ ] rspamd
• [ ] serd
• [ ] shadowsocks-libev
• [ ] silver-searcher
• [ ] simh
• [ ] slang
• [ ] smuview
• [ ] sngrep
• [ ] sniproxy
• [ ] snort
• [ ] solvespace
• [ ] sonarlint-ls
• [ ] sratom
• [ ] swig3
• [ ] swig
• [ ] syslogng
• [ ] taterclient-ddnet
• [ ] ted
• [ ] tenacity
• [ ] thc-hydra
• [ ] the-foundation
• [ ] tintin
• [ ] tiscamera
• [ ] touchegg
• [ ] trafficserver
• [ ] transmission_3
• [ ] ucg
• [ ] ultrastardx
• [ ] uwsgi
• [ ] vectorscan
• [ ] vimpc
• [ ] wget: https://github.com/NixOS/nixpkgs/pull/360567
• [ ] whatsapp-for-linux
• [ ] xastir
• [ ] xautoclick
• [ ] xneur
• [ ] yara
• [ ] yoshimi
• [ ] zoneminder

This is probably going to be much harder than expected.