Commit Graph

948 Commits

Author SHA1 Message Date
K900
66f01b7af9 Merge remote-tracking branch 'origin/master' into staging-next 2024-10-28 15:11:30 +03:00
dependabot[bot]
6baeff261f
build(deps): bump actions/checkout from 4.2.1 to 4.2.2
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](eef61447b9...11bd71901b)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-28 11:50:56 +00:00
Emery Hemingway
da6da7189e buildNimPackage: move into /pkgs/build-support, tidy OWNERS 2024-10-28 10:26:14 +00:00
K900
f21f4ca3ee Merge remote-tracking branch 'origin/master' into staging-next 2024-10-26 21:05:47 +03:00
Francesco Gazzetta
1009ec8796 tclPackages: init 2024-10-26 16:23:15 +00:00
Silvan Mosberger
5bbbc3a30b workflows: Rename after security fixes
In the previous two commits, security issues with these workflows were
fixed. In order for these to not be exploitable for PRs to branches that
don't have the fixes yet (including read-only branches like
nixos-unstable), these workflows are renamed, so that the old ones can
be turned off manually via GitHub interface.

Co-Authored-By: 13x1 <tori@disroot.org>
Co-Authored-By: basti564 <e3e@disroot.org>
2024-10-26 15:30:52 +02:00
Silvan Mosberger
6b8ce4aedf workflows: Fix security issues
read-all permissions gives access to e.g. security-events, which these
don't need, and can easily lead to leaks

Co-Authored-By: 13x1 <tori@disroot.org>
Co-Authored-By: basti564 <e3e@disroot.org>
2024-10-26 15:03:37 +02:00
Silvan Mosberger
59aee1ca5d workflows/codeowners: Fix security issue
Co-Authored-By: 13x1 <tori@disroot.org>
Co-Authored-By: basti564 <e3e@disroot.org>
2024-10-26 15:01:12 +02:00
K900
7f898ed413 Merge remote-tracking branch 'origin/master' into staging-next 2024-10-25 21:06:42 +03:00
Victor Engmark
54e4669c75 docs: Clarify how to provide technical details/metadata
`nix-info -m` outputs Markdown, so it makes more sense to include it in
issues verbatim than within a preformatted code block.

Co-authored-by: Gavin John <gavinnjohn@gmail.com>
2024-10-25 10:12:44 +02:00
github-actions[bot]
2f507992fe
Merge master into staging-next 2024-10-22 06:05:03 +00:00
Cole Helbling
705fdd9ccc ci/basic-eval: check that flake outputs are valid 2024-10-16 08:49:28 -07:00
github-actions[bot]
05ae933cd6
Merge master into staging-next 2024-10-16 12:05:34 +00:00
zowoq
f30a046672 .github/workflows: remove update-terraform-providers
semi-broken, will try using r-ryantm bot for updates instead
2024-10-16 17:20:57 +10:00
github-actions[bot]
e2daa3d1b0
Merge master into staging-next 2024-10-15 18:04:32 +00:00
dependabot[bot]
f3143a7eda
build(deps): bump actions/checkout from 4.2.0 to 4.2.1
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.0 to 4.2.1.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](d632683dd7...eef61447b9)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-14 11:35:32 +00:00
github-actions[bot]
bf97df9c1c
Merge staging-next into staging 2024-10-13 00:15:51 +00:00
Philip Taron
d6d9c6125a
Improve PR merge check for CI (#347786) 2024-10-12 09:11:24 -07:00
Silvan Mosberger
7f9d297838 workflows/nixpkgs-vet: Make merge check script reusable
This is useful for other workflows as well. Originally I thought it
couldn't be put in the repo, but it can (just needs another checkout)
2024-10-12 03:58:39 +02:00
Silvan Mosberger
f9b28d5678 workflows/codeowners: Cache codeowner validator build
The codeowner-validator build declared in ci/codeowners-validator was
not cached before and needed to be built for every PR, which is slow and
wasteful: https://github.com/NixOS/nixpkgs/actions/runs/11280533037/job/31373720922
2024-10-10 21:21:22 +02:00
Emily
e694240f77 Merge staging-next into staging 2024-10-10 01:23:52 +01:00
Silvan Mosberger
b01ca00aed CODEOWNERS: Switch to alternate mechanism
This effectively disables the native GitHub codeowners feature
and enables the new alternate codeowners mechanism introduced in
https://github.com/NixOS/nixpkgs/pull/336261

This means that:
- We can now declare users without write access as code owners!
- Targeting the wrong branch won't trigger mass pings anymore!
2024-10-10 01:40:05 +02:00
Silvan Mosberger
c1710f234c workflows/codeowners: Dry mode for now
Apparently it started requesting reviews from code owners already
because the DRY_MODE from the global env was overridden in the local job
declaration: https://github.com/NixOS/nixpkgs/pull/347354#event-14570645380
2024-10-09 18:34:34 +02:00
Silvan Mosberger
ff85531454 CODEOWNERS: Fix auto-patchelf path
After https://github.com/NixOS/nixpkgs/pull/340162 and https://github.com/NixOS/nixpkgs/pull/336261 it started failing:

  https://github.com/NixOS/nixpkgs/actions/runs/11246996195/job/31269748379
2024-10-09 04:24:46 +02:00
Silvan Mosberger
dd2808213c CODEOWNERS: Fix non-matching patterns
Since https://github.com/NixOS/nixpkgs/pull/336261 we have CI that
checks that the codeowners file is valid:

https://github.com/NixOS/nixpkgs/actions/runs/11243668280/job/31260095472#step:7:34

Which files are correct (or whether they were removed) was determined
using the Git history and some grepping
2024-10-08 23:25:08 +02:00
Philip Taron
ecf10b087d
Alternate more flexible code owners mechanism, soon to avoid mass pings (#336261) 2024-10-08 13:58:11 -07:00
Silvan Mosberger
93dcd42f2b OWNERS: placeholder init 2024-10-08 22:23:25 +02:00
Silvan Mosberger
87a2986c1a workflows/codeowners: init 2024-10-08 22:23:23 +02:00
dependabot[bot]
557d69a3d0
build(deps): bump cachix/install-nix-action from 29 to 30
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 29 to 30.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](9f70348d77...08dcb3a5e6)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-07 11:17:58 +00:00
Fernando Rodrigues
b1cb7f4ce8
.github/labeler.yml: edit the xen-project label to reflect the new paths.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
2024-10-06 20:24:28 +00:00
Silvan Mosberger
442f93b721
github/PULL_REQUEST_TEMPLATE: replace first heading with comment (#345035) 2024-10-01 02:03:45 +02:00
dependabot[bot]
b93144cbc0
build(deps): bump actions/checkout from 4.1.7 to 4.2.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.7 to 4.2.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](692973e3d9...d632683dd7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-30 12:02:46 +00:00
dependabot[bot]
7816a35ee7
build(deps): bump cachix/install-nix-action from 27 to 29
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 27 to 29.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](ba0dd844c9...9f70348d77)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-30 11:58:38 +00:00
Fernando Rodrigues
44d65c61b3
.github/labeler.yml: xen -> xen-project
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
2024-09-28 14:51:12 +00:00
Atemu
347255a29a github/PULL_REQUEST_TEMPLATE: replace first heading with comment
When creating a PR from a branch that only adds a single commit, this heading
would always jankily be left *below* the actual commit message because github
simply inserts the commit message before the template.

The heading also only served as a light call to action whereas the comment is
rather explicit in asking the PR author to provide a proper PR description.
2024-09-28 08:51:44 +02:00
Pol Dellaiera
cf88e010f7
.github/labeler.yml: label Xen-related pull requests (#344329) 2024-09-26 22:02:29 +02:00
Will Fancher
c4594ed779
CODEOWNERS: Add ElvishJerricco to ISO image. (#344537) 2024-09-25 23:10:48 -04:00
Will Fancher
1908a62e49 CODEOWNERS: Add ElvishJerricco to ISO image. 2024-09-25 18:12:12 -04:00
Fernando Rodrigues
dbb7797d4e
.github/labeler.yml: label Xen-related pull requests
Some things must still be labeled manually (notably, qemu_xen and
specific kernel changes), but these should be pretty infrequent.

Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
2024-09-25 00:40:02 +00:00
Alyssa Ross
21315e31f8
CODEOWNERS: add myself to LLVM 2024-09-23 21:09:59 +02:00
Emily
2e00bfd393
nixos: remove environment.noXlibs (#341717) 2024-09-22 16:25:00 +01:00
Peder Bergebakken Sundt
447d1edf50 .github/labeler.yml: mark CONTRIBUTING.md and README's for "policy discussion" 2024-09-18 02:45:57 +02:00
dependabot[bot]
d8f973058b
build(deps): bump peter-evans/create-pull-request from 7.0.1 to 7.0.3
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.1 to 7.0.3.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](8867c4aba1...6cd32fd936)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-16 11:06:39 +00:00
Matt Moriarity
768db4009e nixos: remove environment.noXlibs 2024-09-15 07:51:45 -06:00
github-actions[bot]
f3e8528ff7
Merge master into staging-next 2024-09-09 14:31:17 +00:00
dependabot[bot]
02e7ca9482
build(deps): bump peter-evans/create-pull-request from 6.1.0 to 7.0.1
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.1.0 to 7.0.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](c5a7806660...8867c4aba1)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-09 11:37:51 +00:00
K900
23b4832da0 Merge remote-tracking branch 'origin/master' into staging-next 2024-09-04 08:53:48 +03:00
Philip Taron
cc45e69475
.github: continue finessing the text and names for nixpkgs-vet 2024-09-03 14:13:13 -07:00
Philip Taron
89cbfde96d
nixpkgs-vet: update CI, docs, and release to 0.1.4
Everything gets moved into the `ci/` top-level directory.

We keep behind `maintainers/scripts/check-by-name.sh` and `pkgs/test/check-by-name/pinned-version.txt` as they are going to cause CI errors and confusion until we get all the way through the various channels.
They'll be removed in about a week or so.
2024-09-03 13:53:25 -07:00
github-actions[bot]
46a57b6e9d
Merge master into staging-next 2024-09-02 06:04:55 +00:00
Fabián Heredia Montiel
ae612969f4
CODEOWNERS: add mattpolzin for idris2Packages (#337967) 2024-09-01 19:51:30 -06:00
github-actions[bot]
eacf5283f3
Merge staging-next into staging 2024-08-29 18:04:46 +00:00
Philip Taron
b305dc2006
workflows/check-by-name: Mention who to ping for trouble (#337120) 2024-08-29 05:57:28 -07:00
Anderson Torres
32897dce90 CODEOWNERS: update ownership for installShellFiles
Since Ericson2314 is the original codeowner of the files.
2024-08-28 19:56:16 -03:00
Mathew Polzin
0f8ef96fa1 CODEOWNERS: add mattpolzin for idris2Packages 2024-08-28 11:19:10 -05:00
Silvan Mosberger
249d4a97d5 workflows/check-nix-format: Improve error message
Looks like the error message could be a bit clearer still: https://github.com/NixOS/nixpkgs/pull/337109#issuecomment-2311175326
2024-08-27 00:32:49 +02:00
dependabot[bot]
8ba961591c
build(deps): bump korthout/backport-action from 3.0.2 to 3.1.0
Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](bd410d37cd...be567af183)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-26 11:32:53 +00:00
Silvan Mosberger
32b96d3449 workflows/check-by-name: Mention who to ping for trouble
The check-by-name team can't be looking through all PRs to see if anybody
is struggling.
2024-08-25 01:18:11 +02:00
Silvan Mosberger
e120425bb2 workflows/check-nix-format: Mention who to ping for trouble
The formatting team can't be looking through all PRs to see if anybody
is struggling.
2024-08-25 01:12:25 +02:00
Emily
bb9c3eec48 CODEOWNERS: add myself to ACME
The comment is no longer accurate 🎉 (But @m1cr0man really ought
to have the commit bit as well…)

I don’t actively use the NixOS ACME implementation these days, but
I think I have enough experience and relevant knowledge from my past
contributions to the module and general ACME know‐how to contribute
to reviews and help avoid kerfuffles like the recent issue that broke
everyone’s ACME accounts.
2024-08-22 19:53:50 +01:00
Jörg Thalheim
b6c51f7884 nix: add nix-team to CODEOWNERS
Update .github/CODEOWNERS

Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2024-08-22 14:28:03 +02:00
Silvan Mosberger
91add64d00 workflows/check-nix-format: Better nix-shell message
As [suggested](https://github.com/NixOS/nixpkgs/pull/334286#issuecomment-2286131096) by @nh2
2024-08-19 16:26:54 +02:00
Michael Lohmann
168e66ac81 github/PULL_REQUEST_TEMPLATE: fix link to linking tests
The under the old link there was only a hint that it was moved to the
new location, so we can get rid of this indirection
2024-08-19 15:39:33 +02:00
emilylange
aab0392f32
CODEOWNERS: fix forgejo path after refactor
Ref: f3bffa8c62, a2e9da2c40
2024-08-17 21:11:53 +02:00
Adam Stephens
e68a336a31
CODEOWNERS: remove lxd paths for adamcstephens 2024-08-10 13:23:40 -04:00
Naïm Favier
132c426b3b
CODEOWNERS: remove ncfavier from Haskell 2024-08-09 09:39:20 +02:00
Philip Taron
3f43af5843
.github: add myself as stdenv and build-support CODEOWNER
I'm deeply interested and want the system to ping me.
2024-08-07 07:27:50 -07:00
Philip Taron
2f3e77e1f2
kakoune: add philiptaron as maintainer to most kakoune-related things 2024-08-01 18:06:40 -07:00
Adam Stephens
15e9fcd961
workflows/*: ensure jobs have names 2024-07-31 23:28:40 -04:00
Silvan Mosberger
74aba63e9f
Merge pull request #330454 from Aleksanaa/ci-nixf-tidy
workflows/check-nixf-tidy.yml: temporarily ignore sema-escaping-with
2024-07-27 20:13:43 +02:00
aleksana
7fcc319d5e workflows/check-nixf-tidy.yml: temporarily ignore sema-escaping-with 2024-07-28 00:28:21 +08:00
Silvan Mosberger
a64e2c4de1
Merge pull request #330400 from infinisil/nix-format-check-minor-fix
Nix format check minor fix
2024-07-27 15:48:27 +02:00
Silvan Mosberger
c1d3cc57ef
Merge pull request #330066 from Aleksanaa/ci-nixf-tidy
workflows/check-nixf-tidy.yml: init
2024-07-27 15:47:30 +02:00
Silvan Mosberger
a1c36999b8 workflows/check-nix-format: Allow testing in forks
It seems like imposed limitation came from ofborg not running in forks,
which doesn't apply for standard GitHub actions:
88c60d97fc
2024-07-27 14:14:12 +02:00
Silvan Mosberger
44f17f8392 workflows/check-nix-format: Fix reporting of renamed files
When a file was renamed, it would previously report the old path as
being unformatted. This fixes it to report the new one instead.
2024-07-27 14:08:22 +02:00
aleksana
81755ffcde workflows/check-nixf-tidy.yml: init 2024-07-27 16:45:39 +08:00
Silvan Mosberger
eac58dca33 Revert "Partially revert "build(deps): bump cachix/install-nix-action from 26 to 27""
This reverts commit 99069476ca.

With the parent commit,
https://github.com/NixOS/nixpkgs-check-by-name/issues/78 is fixed, so
there's no problem related to the Nix version anymore.
2024-07-27 01:59:48 +02:00
Silvan Mosberger
236fdd549f
Merge pull request #325793 from toastal/remove-envrc
Remove .envrc
2024-07-26 18:36:31 +02:00
Bobby Rong
3a422267eb
Merge pull request #329199 from bobby285271/upd/cinnamon-by-name
Move all packages out of cinnamon scope
2024-07-24 22:04:34 +08:00
Silvan Mosberger
1f0b359712
Enforce nixfmt on new files and changed files that were already formatted (#326407)
* workflows/check-nix-format: Enforce nixfmt on new/changed files

This makes the Nix format workflow check new/changed files instead of
just an allowlist.

This enforces that all PRs updated after this is merged are required to
have fully standard formatted Nix files!

* workflows/check-nix-format: determine changed files via base commit

The next commit will use this to have a simpler change

* workflows/check-nix-format: Only ensure for already formatted files

This prevents situations where contributors need to suddenly format a
huge file even if they only changed a small part of it (e.g.
all-packages.nix)
2024-07-23 15:03:15 -04:00
Silvan Mosberger
99069476ca Partially revert "build(deps): bump cachix/install-nix-action from 26 to 27"
This partially reverts commit ab7becf047.

The pkgs/by-name check doesn't work for newer Nix versions yet,
see https://github.com/NixOS/nixpkgs-check-by-name/issues/78
2024-07-23 17:35:28 +02:00
Bobby Rong
ede20d78de
.github: Update Cinnamon file paths 2024-07-23 22:12:43 +08:00
toastal
58add4f8e9 Revert ".envrc: init for new shell.nix"
This reverts commit f0160baa7a.

This is an anti-feature for this project.
2024-07-23 17:06:33 +07:00
dependabot[bot]
ab7becf047
build(deps): bump cachix/install-nix-action from 26 to 27
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 26 to 27.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](8887e596b4...ba0dd844c9)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-22 20:04:12 +00:00
Robert Hensing
88043e30f5
Merge pull request #328567 from tie/labeler-build-support-testers
.github/labeler.yml: add pkgs/build-support/testers/**
2024-07-20 21:22:13 +02:00
Ivan Trubach
ee12a84c70 .github/labeler.yml: add pkgs/build-support/testers/** 2024-07-20 04:41:16 +03:00
Adam Stephens
58111a1c3b
CODEOWNERS: remove migrated lxc path 2024-07-19 08:40:51 -04:00
Thomas Gerbet
7a44a7b081 ci: add the security team to the codeowners of the ci/ directory
Given its content is used in items already code-owned by the security
team it should have the same level of scrutiny.
2024-07-15 17:12:33 +02:00
Artturin
4564dfe772
Merge pull request #322157 from NixOS/dependabot/github_actions/peter-evans/create-pull-request-6.1.0
build(deps): bump peter-evans/create-pull-request from 6.0.4 to 6.1.0
2024-07-12 22:28:47 +03:00
Artturin
cd538b4b84
Merge pull request #316876 from NixOS/dependabot/github_actions/korthout/backport-action-3.0.2
build(deps): bump korthout/backport-action from 2.5.0 to 3.0.2
2024-07-12 22:11:26 +03:00
Silvan Mosberger
c94140085c
Merge pull request #322650 from tweag/direnv
Direnv support
2024-07-08 19:25:26 +02:00
Tristan Ross
7d372b76e5
Merge pull request #324963 from ExpidusOS/feat/labeler
github: add flutter label, fix llvm/clang label
2024-07-08 07:23:12 -07:00
Anderson Torres
a87228b7c6 .github/labeler.yml: update Emacs labeler
Because the directories were moved.
2024-07-06 09:41:13 -03:00
Tristan Ross
f7c3324114
github: add flutter label 2024-07-05 22:07:31 -07:00
Tristan Ross
9934f2c35e
github: fix llvm/clang label 2024-07-05 22:05:20 -07:00
éclairevoyant
1c9d41d25b
Merge pull request #317261 from arianvp/add-nixos-acme
CODEOWNERS: add @NixOS/acme
2024-07-06 01:56:51 +00:00
Silvan Mosberger
d2a6a829ad
Merge pull request #323216 from tweag/github-status
workflows/check-by-name: link to githubstatus
2024-07-05 02:13:13 +02:00
Silvan Mosberger
435f0daf18 workflows/check-by-name: link to githubstatus
Co-authored-by: Philip Taron <philip.taron@gmail.com>
2024-07-05 02:10:47 +02:00
natsukium
f5d926d4a7
CODEOWNERS: add natsukium to python stuff 2024-07-03 01:35:13 +09:00
Lily Foster
b8cbdee734 codeowners: remove lilyinstarlight 2024-07-02 03:17:01 +02:00