This will be EOL at the end of November, so there's little reason to
keep it in 24.11[1]. As discussed, we'd like to keep it for as long as
possible to make sure there's a state in nixpkgs that has the latest
minor of postgresql_12 available with the most recent CVEs fixed for
people who cannot upgrade[2].
This aspect has been made explicit in the manual now for the next .11
release.
During the discussions it has been brought up that if people just do
`services.postgresql.enable = true;` and let the code decide the
postgresql version based on `system.stateVersion`, there's a chance that
such EOL dates will be missed. To make this harder, a warning will now
be raised when using the stateVersion-condition and the oldest still
available major is selected.
Additionally regrouped the postgresql things in the release notes to
make sure these are all shown consecutively. Otherwise it's a little
hard to keep track of all the changes made to postgresql in 24.11.
[1] https://endoflife.date/postgresql
[2] https://github.com/NixOS/nixpkgs/pull/353158#issuecomment-2453056692
the `devmode` helper made for the Nixpkgs/NixOS manual was exposed wrapped
in `mkShell`, which made it impossible to reuse.
this change strips that wrapper and reproduces it at the call site.
now one can use `devmode` from anywhere Nixpkgs is available:
devmode = pkgs.callPackage "${pkgs.path}/pkgs/tools/nix/web-devmode.nix" {
buildArgs = toString ./.;
open = "/index.html";
};
The first version that supports zstd compression, to create the option
to eventually switch compression for the binary cache.
It was released one year ago on 2023-11-03 and first shipped in NixOS
23.11.
"Freeform options" is a term that's a bit more meaningful to regular
users who don't follow development, and thus does a better job at
describing the changes
The main goal is to make these points a bit more concise, fix errors,
and (somewhat subjectively) improve word choice to avoid repetition and
have a better flow
The main goal is to make these points a bit more concise, have better
consistency in how removals and deprecations are described, and improve
grammar/flow
The main goal is to make these highlights a bit more concise,
consistently link to newly introduced option definitions, and (somewhat
subjectively) improve word choice to avoid repetition and have a better
flow
Reverts #344407
This has broken nixos-rebuild switch so that it no longer updates the profile, which has bad consequences including not updating the systemd-boot menu with new generations.
Upstream has no commits since 2019:
https://github.com/java-decompiler/jd-gui
jd-gui uses Gradle 6, which has been EOL since 10 Feb 2023:
https://endoflife.date/gradle
(The JDK team is working on dropping Gradle 6).
Attempting to build with a newer Gradle fails with a nontrivial error.
Potential replacements: cfr, bytecode-viewer, procyon
`pkgs.testers.runNixOSTest` is the latest and best way to run NixOS Tests
outside of nixpkgs as it also improves evaluation performance by
injecting the host pkgs into all the guests.
It seems no one uses it because it is not mentioned at the right places.
On the 2024 matrix conference the EOL for the sliding-sync-proxy was
announced to be 2024-10-15. While the repo does not yet reflect that
state, we should not be taking the the sliding-sync proxy into NixOS
24.11 under any circumstances.
`option.html#opt-services.zapret` is an invalid path to what should be
`options.html#opt-services.zapret`.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
See notice in the README:
https://github.com/neoclide/coc-python
> WARNING: it's recommended to use coc-pyright if
> you're using python3 or use coc-jedi if you're using jedi,
> the code of coc-python is too hard to maintain!
If that isn't convincing, the repo was archived on 2020-12-24.
Part of #229475
Upstream do not plan to support this version (see
<https://github.com/NixOS/nixpkgs/pull/347484#issuecomment-2404777102>),
so we should not package a version that will surely accumulate CVEs
from V8 etc. in 24.11. As this package was only added yesterday,
I don’t think there’s any need for a compatibility alias.
🎉
This package has been deprecated and unmaintained upstream for almost a
decade, has required extensive patching to keep working on new Python
versions, will inevitably break again with Python 3.13 dropping 2to3,
is lacking a maintainer in Nixpkgs, is now unused in the tree, and
has caused us all far too many headaches lately. Let’s put an end
to this!
Shout‐outs to mweinelt and jchv for dealing with this situation
early on, pyrox0, Sigmanificient, and dotlambda for tackling a bunch
of packages, and natsukium for help with reviews. I never thought this
would get finished so quickly. We’ve collectively handled almost
1½ packages per day in the three months since I first opened the
tracking issue, and sometimes helped move the entire ecosystem forward.
Closes: #326513
When installing NixOS on a machine with Windows, the "easiest" solution
to dual-boot is re-using the existing EFI System Partition (ESP), which
allows systemd-boot to detect Windows automatically.
However, if there are multiple ESPs, maybe even on multiple disks,
systemd-boot is unable to detect the other OSes, and you either have to
use Grub and os-prober, or do a tedious manual configuration as
described in the wiki:
https://wiki.nixos.org/w/index.php?title=Dual_Booting_NixOS_and_Windows&redirect=no#EFI_with_multiple_disks
This commit automates and documents this properly so only a single line
like
boot.loader.systemd-boot.windows."10".efiDeviceHandle = "HD0c2";
is required.
In the future, we might want to try automatically detecting this
during installation, but finding the correct device handle while the
kernel is running is tricky.
Previously, setting listsAsDuplicateKeys or listToValue would make it so
merging these treat all values as lists, by coercing non-lists via
lib.singleton. Some programs (such as gamemode; see #345121), allow some
values to be repeated but not others, which can lead to unexpected
behavior when non-list values are merged like this rather than throwing
an error.
This now makes that behavior opt-in via the mergeAsList option. Setting
mergeAsList (to either true or false) without setting either
listsAsDuplicateKeys or listToValue is an error, since lists are
meaningless in this case.
Currently if a timezone was selected explicitly, the service will
silently override the value, essentially ignoring what is meant to be a
a deliberate choice of option. This may cause confusion as to why the
option is not doing anything when this service is enabled, particularly
in more complex set-ups after some time.
This will simply make the choice deliberate from the user's part, either
by having to remove the option or lowering its priority as a recognition
that it may be ignored.
This change was inspired by the `services.tzupdate` module, which does
the same.
[1]: <https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/misc/tzupdate.nix#L24>
Add a pre v2 copy of deno as deno_1 to provide some stability until our next
release and until 1.46 is fully abandoned soon.
deno_1 is expected to be removed prior to 24.11.
Added a release note.
Updates deno to v2.
Slight refactor of fetcher code for grabbing librusty_v8.
Updated the update scripts to use new Deno v2 interfaces and pull latest
toml dependency from jsr rather than the deno.land registry.
Added release note.
- use upstream service and scripts
- switch to integrated-vtysh-config, abandon per-daemon config
- use always daemon names in options (e.g. ospf -> ospfd)
- zebra, mgmtd and staticd are always enabled
- abandon vtyListenAddress, vtyListenPort options; use
just "extraOptions" or "options" instead, respectively
- extend test to test staticd
- update release-notes
- pkgs.servers.frr: fix sbindir and remove FHS PATH
- introduce services.frr.openFilesLimit option
Currently if a timezone was selected explicitly, the service will
silently override the value, essentially ignoring what is meant to be a
a deliberate choice of option. This may cause confusion as to why the
option is not doing anything when this service is enabled, particularly
in more complex set-ups after some time.
This will simply make the choice deliberate from the user's part, either
by having to remove the option or lowering its priority as a recognition
that it may be ignored.
This change was inspired by the `services.tzupdate` module, which does
the same.
[1]: <https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/misc/tzupdate.nix#L24>
Fixes CVE-2024-47176 and CVE-2024-47850. NixOS is not affected by these security issues by
default because we do not ship the default configuration file so it fallbacks to `BrowseRemoteProtocols dnssd`.
631/udp is removed from the open firewall ports, it was by the CUPS
browsing protocol.
