In preparation for the deprecation of `stdenv.isX`.
These shorthands are not conducive to cross-compilation because they
hide the platforms.
Darwin might get cross-compilation for which the continued usage of `stdenv.isDarwin` will get in the way
One example of why this is bad and especially affects compiler packages
https://www.github.com/NixOS/nixpkgs/pull/343059
There are too many files to go through manually but a treewide should
get users thinking when they see a `hostPlatform.isX` in a place where it
doesn't make sense.
```
fd --type f "\.nix" | xargs sd --fixed-strings "stdenv.is" "stdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "stdenv'.is" "stdenv'.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "clangStdenv.is" "clangStdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "gccStdenv.is" "gccStdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "stdenvNoCC.is" "stdenvNoCC.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "inherit (stdenv) is" "inherit (stdenv.hostPlatform) is"
fd --type f "\.nix" | xargs sd --fixed-strings "buildStdenv.is" "buildStdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "effectiveStdenv.is" "effectiveStdenv.hostPlatform.is"
fd --type f "\.nix" | xargs sd --fixed-strings "originalStdenv.is" "originalStdenv.hostPlatform.is"
```
Reproduction script:
# Bulk rewrite
./maintainers/scripts/sha-to-sri.py pkgs/by-name
# Revert some packages which will need manual intervention
for n in amdvlk azure-cli cargo-profiler corefonts flatito fluxcd gist perf_data_converter protoc-gen-js solana-cli swt verible; do
git checkout -- "pkgs/by-name/${n:0:2}/${n}"
done
https://forgejo.org/docs/latest/user/authentication/#pam-pluggable-authentication-module
PAM support has to be enabled at compile time and upstream considers it
opt-in.
Official upstream binaries have it disabled.
We enabled it by default because we simply inherited most of it from
Gitea when the split in nixpkgs happened.
Reasons why it had been enabled in nixpkgs for Gitea are unknown.
See 9406f240a7.
There is reason to believe not a single Forgejo instance running on
NixOS uses this feature because it literally segfaults due to our
sandboxing.
`nix-update` is unable to detect that the hashes are in `packages.nix`
and `lts.nix` instead of `generic.nix` (where the `.src` attribute lies)
respectively.
`nix-update` provides a `--override-filename` flag to override that
heuristic, so we use that.
Additionally, scope `lts.nix` to the 7.x version series by using
`--version-regex`.
We cannot rely on `buildGoModule`'s default test selection if
`subPackages` is set:
~~~
Running phase: checkPhase
? code.gitea.io/gitea [no test files]
? code.gitea.io/gitea/contrib/environment-to-ini [no test files]
checkPhase completed in 53 seconds
~~~
So we override it in `preCheck` and skip some tests that fail in our
sandbox (e.g. because they require networking).
Note that this does slow down building the package quite a bit because
there are a lot of tests to run.
Still worth it IMHO.
