After final improvements to the official formatter implementation,
this commit now performs the first treewide reformat of Nix files using it.
This is part of the implementation of RFC 166.
Only "inactive" files are reformatted, meaning only files that
aren't being touched by any PR with activity in the past 2 months.
This is to avoid conflicts for PRs that might soon be merged.
Later we can do a full treewide reformat to get the rest,
which should not cause as many conflicts.
A CI check has already been running for some time to ensure that new and
already-formatted files are formatted, so the files being reformatted here
should also stay formatted.
This commit was automatically created and can be verified using
nix-build a08b3a4d19.tar.gz \
--argstr baseRev b32a094368
result/bin/apply-formatting $NIXPKGS_PATH
The bump to 2024.10.x is currently stalled in #345940.
The fix for CVE-2024-52289 involves a backward incompatible
API and DB change so it is also not great for a backport even
if we cherry-picks the security fixes.
Given no NixOS module is available in nixpkgs marking the package
with `knownVulnerabilities` should have a limited impact.
This cherry-picks a patch set fixing calls to m4_fatal which caused some
packages to fail in autoconf (e.g. cava).
(cherry picked from commit bdd6ddd20d)
(cherry picked from commit 83c8c7fad4)
The current package does not support reading NIS maps of autofs
templates. Adding the libnsl.dev package to buildInputs lets the
configure script detect rpcsvc/ypclnt.h which enables support for NIS.
We are migrating packages that meet below requirements:
1. using `callPackage`
2. called path is a directory
3. overriding set is empty (`{ }`)
4. not containing path expressions other than relative path (to
makenixpkgs-vet happy)
5. not referenced by nix files outside of the directory, other
than`pkgs/top-level/all-packages.nix`
6. not referencing nix files outside of the directory
7. not referencing `default.nix` (since it's changed to `package.nix`)
8. `outPath` doesn't change after migration
The tool is here: https://github.com/Aleksanaa/by-name-migrate.
https://github.com/NixOS/nixpkgs/pull/340162 introduced `autoPatchelfHook` as it's own top-level attribute.
This also made it use the Nixpkgs Python build infrastructure, which relies on dependency propagation, leaking Python as a dependency into many builds erroneously.
This change uses a `withPackages` constructed environment instead, and manually patches the script shebangs, not triggering the `buildPython*` dependency propagation mechanism
