This has been marked insecure a while ago, as some CVEs have not been
backported. Even if *some* CVEs are fixed, we'd need **all** of them to
be, to get it back into the cache.
Not having it in the cache means, we can not test it in CI. This means
we can't make sure to actually support this version to evaluate Nixpkgs.
After final improvements to the official formatter implementation,
this commit now performs the first treewide reformat of Nix files using it.
This is part of the implementation of RFC 166.
Only "inactive" files are reformatted, meaning only files that
aren't being touched by any PR with activity in the past 2 months.
This is to avoid conflicts for PRs that might soon be merged.
Later we can do a full treewide reformat to get the rest,
which should not cause as many conflicts.
A CI check has already been running for some time to ensure that new and
already-formatted files are formatted, so the files being reformatted here
should also stay formatted.
This commit was automatically created and can be verified using
nix-build a08b3a4d19.tar.gz \
--argstr baseRev b32a094368
result/bin/apply-formatting $NIXPKGS_PATH
- Making sure everything evals? That's covered by release-checks!
- Building a list of tarballs? We throw it out anyway!
- Copying files around to produce the right paths in the tarball? Just tell tar to do it!
Also, multithread xz compression for additional fast.
Tarball job is under two minutes now. I hate computers.
This allows you to specify the system-wide flake registry. One use is
to pin 'nixpkgs' to the Nixpkgs version used to build the system:
nix.registry.nixpkgs.flake = nixpkgs;
where 'nixpkgs' is a flake input. This ensures that commands like
$ nix run nixpkgs#hello
pull in a minimum of additional store paths.
You can also use this to redirect flakes, e.g.
nix.registry.nixpkgs.to = {
type = "github";
owner = "my-org";
repo = "my-nixpkgs";
};
This reverts commit 5e8545e723.
It breaks eval:
attribute 'rev' missing, at /var/lib/ofborg/checkout/repo/38dca4e3aa6bca43ea96d2fcc04e8229/mr-est/eval-0-gleber.ewr1.nix.ci/pkgs/top-level/make-tarball.nix:106:39
This was broken by 6bcf194449, which
caused the result of the check to be ignored (since xargs will return
a non-zero exit status if *any* grep doesn't find a match).
nixos/lib/make-channel.nix:16:
echo -n ${nixpkgs.rev or nixpkgs.shortRev} > .git-revision
This means the .git-revision exists in nixos channels, but not
Nixpkgs channels. Adding it to the nixpkgs channel makes it a
common API for any Nixpkgs use cases.
Since Nix now runs builds in a user namespace with uid == 0, this
triggered the message
warning: the group ‘nixbld’ specified in ‘build-users-group’ does not exist
which make-tarball.nix turns into a fatal error. So clear
build-users-group.
http://hydra.nixos.org/build/44817408
They're broken after all. In particular, this prevents us from
evaluating packages that are unsupported on a particular platform.
Reverts a147ddc42c.
Fixes#20817.
Deprecation warnings should not be used in Nixpkgs because they spam
innocent "nix-env -qa" users with (in this case) dozens of messages
that they can't do anything about.
This also reverts commit 2ca8833383.
This was preventing the Nixpkgs channel from updating, since the
program indexer barfed on:
error: anonymous function at /nix/store/wdnwbh3kmf68nhqqp0khcyxbdbp43vg5-nixos-14.12.626.b0d594c/nixos/nixpkgs/pkgs/top-level/node-packages.nix:1:1 called without required argument ‘neededNatives’, at /data/releases/nixos/unstable-small/.tmp-nixos-16.03pre72946.c50d013-787/unpack/nixos-16.03pre72946.c50d013/lib/customisation.nix:56:12
because Nixpkgs 16.03 was importing files from Nixpkgs 14.12.
Also added some half-assed checks to detect this issue in the future.
Commit 3d6110d221 added a well-meaning
warning message, which unfortunately would also show up each time
`nix-env -qa` was run. It has been since fixed, but let's add a check
to prevent such errors from reaching the nixpkgs channel in the future.
