Paul Meyer<p>After some months of work, I got the legacy `buildGoPackage` builder removed from <a href="https://infosec.exchange/tags/nixpkgs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixpkgs</span></a>. Most packages using the legacy builder were migrated to `buildGoModule`. Now we have less maintenance burden and thus the chance to work on something new!<br><a href="https://github.com/NixOS/nixpkgs/issues/318069" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/NixOS/nixpkgs/issue</span><span class="invisible">s/318069</span></a></p><p>Check out the updated Go section in the nixpkgs manual: <a href="https://nixos.org/manual/nixpkgs/unstable/#sec-language-go" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">nixos.org/manual/nixpkgs/unsta</span><span class="invisible">ble/#sec-language-go</span></a></p><p><a href="https://infosec.exchange/tags/Nix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nix</span></a> <a href="https://infosec.exchange/tags/nixpkgs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixpkgs</span></a> <a href="https://infosec.exchange/tags/NixOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NixOS</span></a> <a href="https://infosec.exchange/tags/golang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>golang</span></a></p>
Recent searches
No recent searches
Search options
Not available on handmade.social.
handmade.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
handmade.social is for all handmade artisans to create accounts for their Etsy and other handmade business shops.
Administered by:
Server stats:
36active users
handmade.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#nixpkgs
0 posts · 0 participants · 0 posts today
Paul Meyer<p>Shortly after the branch off for the upcoming release of NixOS 24.11, there was quite a drop in the share of Go package sources that are vulnerable, compared to the last scan 3 months ago.</p><p>Report with all vulnerable packages can be found here: <a href="https://github.com/katexochen/govulncheck-nixpkgs" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/katexochen/govulnch</span><span class="invisible">eck-nixpkgs</span></a></p><p><a href="https://infosec.exchange/tags/Go" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Go</span></a> <a href="https://infosec.exchange/tags/NixOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NixOS</span></a> <a href="https://infosec.exchange/tags/nixpkgs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixpkgs</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://infosec.exchange/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a></p>
Paul Meyer<p><a href="https://infosec.exchange/tags/nixpkgs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixpkgs</span></a> issue for this is <a href="https://github.com/NixOS/nixpkgs/issues/84312" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/NixOS/nixpkgs/issue</span><span class="invisible">s/84312</span></a></p>
Paul Meyer<p>TIL: `git archive` is used by GitHub and other forges to create an archive of a repo to download. git can do unexpected thing when creating such archive, like variable substitution using the `export-subst` feature. So even if a commit is immutable, you can still download different content if a ref or tag changed.</p><p><a href="https://git-scm.com/docs/git-archive/2.46.0#Documentation/git-archive.txt-export-subst" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">git-scm.com/docs/git-archive/2</span><span class="invisible">.46.0#Documentation/git-archive.txt-export-subst</span></a></p><p>Example: <a href="https://github.com/smallstep/cli/blob/master/.VERSION" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/smallstep/cli/blob/</span><span class="invisible">master/.VERSION</span></a></p><p>That's a real problem in context of reproducible builds (or just source-pinning in general).</p><p><a href="https://infosec.exchange/tags/ReproducibleBuilds" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ReproducibleBuilds</span></a> <a href="https://infosec.exchange/tags/nixpkgs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixpkgs</span></a> <a href="https://infosec.exchange/tags/nix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nix</span></a> <a href="https://infosec.exchange/tags/git" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>git</span></a> <a href="https://infosec.exchange/tags/github" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>github</span></a></p>
samueldr<p>So I ran the script that <span class="h-card"><a class="u-url mention" href="https://fosstodon.org/@kees" rel="nofollow noopener noreferrer" target="_blank">@<span>kees</span></a></span> adapted from <span class="h-card"><a class="u-url mention" href="https://mastodon.social/@bagder" rel="nofollow noopener noreferrer" target="_blank">@<span>bagder</span></a></span> 's initial concept on the older×biggest repo I still make use of.</p><p>(Side-note, It would be interesting to have an AST-aware equivalent that can guesstimate the age of the constructs, rather than the age the "source" stringy-based serialization, especially since it's likely some changes refreshed some line's age, but actually only changed part of its semantics, or nothing at all.)</p><p>I ran it on the release tags (in other words, the initial point in time a numbered release was marked stable).</p><p>It took a surprisingly long amount of time, but I did not change the implementation. Maybe there's some accidentally quadratic operation that could be made faster... But also this is a legitimately big git repo, and maybe the hours it spent on the last few tags were legitimate.</p><p>Anyways, <a class="hashtag" href="https://ap.samueldr.com/tag/nixpkgs" rel="nofollow noopener noreferrer" target="_blank">#Nixpkgs</a> and <a class="hashtag" href="https://ap.samueldr.com/tag/nixos" rel="nofollow noopener noreferrer" target="_blank">#NixOS</a> peeps might like that.</p>
Niko🏳️🌈🏳️⚧️<p>Flakes has so many good ideas in theory, but the way they are implemented is so half-baked it feels. It's unfortunate since I think flakes has *potential* to be good.</p><p><a href="https://mastodon.online/tags/nix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nix</span></a> <a href="https://mastodon.online/tags/nix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nix</span></a> <a href="https://mastodon.online/tags/nixpkgs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixpkgs</span></a> <a href="https://mastodon.online/tags/nixos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixos</span></a></p>
Paul Meyer<p>There will be a Go meetup @ NixCon on Sunday, 11:00. Join us in discussing Go in nixpkgs, buildGoModule and community projects around Go and Nix. Check out the pad and feel free to add topics: <a href="https://pad.fluxfingers.net/E6VPRRYGQ2-0KtAjj_zKGA?both" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">pad.fluxfingers.net/E6VPRRYGQ2</span><span class="invisible">-0KtAjj_zKGA?both</span></a></p><p><a href="https://infosec.exchange/tags/NixCon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NixCon</span></a> <a href="https://infosec.exchange/tags/Go" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Go</span></a> <a href="https://infosec.exchange/tags/nixpkgs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixpkgs</span></a></p>
Niko🏳️🌈🏳️⚧️<p>Voting for the Nix Elections starts today (again)!<br><a href="https://github.com/NixOS/SC-election-2024/pull/85#issuecomment-2423145483" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/NixOS/SC-election-2</span><span class="invisible">024/pull/85#issuecomment-2423145483</span></a><br><a href="https://mastodon.online/tags/nixos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixos</span></a> <a href="https://mastodon.online/tags/nix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nix</span></a> <a href="https://mastodon.online/tags/nixpkgs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixpkgs</span></a></p>
Matt C<p>Since I moved accounts, I figure I should re-create the post:</p><p>If you use <a href="https://goobersin.space/tags/NixOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NixOS</span></a> , or have, what would you like to see improved? Working on a new project called NixSphere (<a href="https://goobersin.space/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a>) that aims to make a reliable and easy-to-use desktop on top of the amazing NixOS and <a href="https://goobersin.space/tags/nixpkgs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixpkgs</span></a></p><p>Nothing 100% concrete or downloadable yet, but if you're interested please check out <a href="https://nixsphere.org" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">nixsphere.org</span><span class="invisible"></span></a> (website is also _very_ much a WIP)</p>
seth 🍃<p>I got to be on an episode of the Full Time Nix podcast!</p><p>This is a part of a series where <span class="h-card" translate="no"><a href="https://hachyderm.io/@mightyiam" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>mightyiam</span></a></span> interviews some of the candidates for the upcoming NixOS Steering Committee election. It was a lot of fun to record and I hope you all enjoy :)</p><p><a href="https://fulltimenix.com/episodes/getchoo-steering-committee-candidate" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">fulltimenix.com/episodes/getch</span><span class="invisible">oo-steering-committee-candidate</span></a></p><p><a href="https://wetdry.world/tags/nix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nix</span></a> <a href="https://wetdry.world/tags/nixos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixos</span></a> <a href="https://wetdry.world/tags/nixpkgs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixpkgs</span></a></p>
seth 🍃<p>I've been nominated for the first NixOS Steering Committee!</p><p>You can read my candidate form here, where I explain some of my goals, previous work, and motivation in running for this position. I also encourage everyone to check the issues of this repository, which is filled with some great questions from the community and responses by myself and my fellow candidates</p><p>I will be continuing this thread by highlighting some of the questions I find most important for this election 🧵</p><p><a href="https://github.com/NixOS/SC-election-2024/blob/main/candidates/getchoo.md" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/NixOS/SC-election-2</span><span class="invisible">024/blob/main/candidates/getchoo.md</span></a></p><p><a href="https://wetdry.world/tags/nix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nix</span></a> <a href="https://wetdry.world/tags/nixos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixos</span></a> <a href="https://wetdry.world/tags/nixpkgs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixpkgs</span></a></p>
nixpkgs security changes<p>Nix 2.24.8 released fixing builtin:fetchurl credentials leak, severity 5.9 (moderate)</p><p><a href="https://discourse.nixos.org/t/nix-2-24-8-released-fixing-builtin-fetchurl-credentials-leak-severity-5-9-moderate/52732" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">discourse.nixos.org/t/nix-2-24</span><span class="invisible">-8-released-fixing-builtin-fetchurl-credentials-leak-severity-5-9-moderate/52732</span></a></p><p><a href="https://social.gerbet.me/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://social.gerbet.me/tags/nixpkgs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixpkgs</span></a> <a href="https://social.gerbet.me/tags/nixos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixos</span></a></p>
nixpkgs security changes<p>Nix 2.24.8 release to fix `builtin:fetchurl` security issue</p><p><a href="https://discourse.nixos.org/t/nix-2-24-8-release-to-fix-builtin-fetchurl-security-issue/52732" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">discourse.nixos.org/t/nix-2-24</span><span class="invisible">-8-release-to-fix-builtin-fetchurl-security-issue/52732</span></a></p><p><a href="https://social.gerbet.me/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://social.gerbet.me/tags/nixpkgs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixpkgs</span></a> <a href="https://social.gerbet.me/tags/nixos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixos</span></a></p>
nixpkgs security changes<p>Security Advisory: Environment variables accessible during a build might be world readable</p><p><a href="https://discourse.nixos.org/t/security-advisory-environment-variables-accessible-during-a-build-might-be-world-readable/52601" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">discourse.nixos.org/t/security</span><span class="invisible">-advisory-environment-variables-accessible-during-a-build-might-be-world-readable/52601</span></a></p><p><a href="https://social.gerbet.me/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://social.gerbet.me/tags/nixpkgs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixpkgs</span></a> <a href="https://social.gerbet.me/tags/nixos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixos</span></a></p>
Jake Hamilton<p>I would like to move Aux Lib out of the Labs repository!</p><p><a href="https://forum.auxolotl.org/t/lib-adoption-proposal/853" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">forum.auxolotl.org/t/lib-adopt</span><span class="invisible">ion-proposal/853</span></a></p><p><a href="https://hachyderm.io/tags/Nix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nix</span></a> <a href="https://hachyderm.io/tags/Nixpkgs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nixpkgs</span></a> <a href="https://hachyderm.io/tags/NixOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NixOS</span></a> <a href="https://hachyderm.io/tags/Aux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Aux</span></a></p>
Paul Meyer<p>TIL, <a href="https://infosec.exchange/tags/nixpkgs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixpkgs</span></a> dev edition:</p><p>`${placeholder "out"}` can be used in nix expressions as placeholder for an output path. So you aren't limited to hooks where `$out` is defined. For example, using it in a make flag:</p><p>makeFlags = [ "PREFIX=${placeholder "out"}" ];</p><p><a href="https://noogle.dev/f/builtins/placeholder" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">noogle.dev/f/builtins/placehol</span><span class="invisible">der</span></a></p><p><a href="https://infosec.exchange/tags/Nix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nix</span></a></p>
The cat who walks thru walls<p>Oh. Right. <a href="https://oldbytes.space/tags/introduction" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>introduction</span></a> time.<br>Hi! I'm Peter Pentchev, born in <a href="https://oldbytes.space/tags/Sofia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Sofia</span></a>, <a href="https://oldbytes.space/tags/Bulgaria" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bulgaria</span></a>, a long, long time ago (a couple of days after Elvis died (allegedly)). I like to think of myself as a <a href="https://oldbytes.space/tags/programmer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>programmer</span></a>, mainly in <a href="https://oldbytes.space/tags/C" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>C</span></a>, <a href="https://oldbytes.space/tags/Perl" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Perl</span></a>, <a href="https://oldbytes.space/tags/Shell" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Shell</span></a> (POSIX preferred, <a href="https://oldbytes.space/tags/bash" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bash</span></a> tolerated), some <a href="https://oldbytes.space/tags/Forth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Forth</span></a>, <a href="https://oldbytes.space/tags/Pascal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Pascal</span></a> and <a href="https://oldbytes.space/tags/Prolog" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Prolog</span></a>, 6502 and x86 <a href="https://oldbytes.space/tags/assembly" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>assembly</span></a>. Lately I've done some <a href="https://oldbytes.space/tags/Rust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Rust</span></a> and (type-checked) <a href="https://oldbytes.space/tags/Python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Python</span></a>.<br>I was a <a href="https://oldbytes.space/tags/FreeBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FreeBSD</span></a> committer years ago, then moved on to <a href="https://oldbytes.space/tags/Debian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Debian</span></a> packaging; dabbling in <a href="https://oldbytes.space/tags/nixpkgs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nixpkgs</span></a> lately. I maintain some software of my own and I really, really need to update the <a href="https://devel.ringlet.net/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">devel.ringlet.net/</span><span class="invisible"></span></a> index.<br>I used to be a voracious reader, mainly many genres of <a href="https://oldbytes.space/tags/fantasy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fantasy</span></a> and <a href="https://oldbytes.space/tags/SF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SF</span></a>; sometimes I still find the time.<br>Decades ago I could say I played the piano, now I sometimes try to remember how to use an electronic keyboard.<br>I support <a href="https://oldbytes.space/tags/LGBTQIA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LGBTQIA</span></a>+ rights, I believe trans people are people who have finally found themselves and sometimes I envy them that.<br>Thanks for reading this far; live long and prosper, and be kind!</p>
SearchLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload