Loading nixos/tests/openssh.nix +0 −44 Original line number Diff line number Diff line Loading @@ -35,38 +35,6 @@ import ./make-test-python.nix ( ]; }; server-x11 = { ... }: { environment.systemPackages = [ pkgs.xorg.xauth ]; services.openssh = { enable = true; settings.X11Forwarding = true; }; users.users.root.openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; }; server-x11-disable = { ... }: { environment.systemPackages = [ pkgs.xorg.xauth ]; services.openssh = { enable = true; settings = { X11Forwarding = true; # CVE-2025-32728: the following line is ineffectual DisableForwarding = true; }; }; users.users.root.openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; }; server-allowed-users = { ... }: Loading Loading @@ -272,8 +240,6 @@ import ./make-test-python.nix ( start_all() server.wait_for_unit("sshd", timeout=30) server_x11.wait_for_unit("sshd", timeout=30) server_x11_disable.wait_for_unit("sshd", timeout=30) server_allowed_users.wait_for_unit("sshd", timeout=30) server_localhost_only.wait_for_unit("sshd", timeout=30) server_match_rule.wait_for_unit("sshd", timeout=30) Loading Loading @@ -341,16 +307,6 @@ import ./make-test-python.nix ( timeout=30 ) with subtest("x11-forwarding"): client.succeed( "[ \"$(ssh -Y -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil server-x11 'xauth list' | tee /dev/stderr | wc -l)\" -eq 1 ]", timeout=30 ) client.succeed( "[ \"$(ssh -Y -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil server-x11-disable 'xauth list' | tee /dev/stderr | wc -l)\" -eq 0 ]", timeout=30 ) with subtest("localhost-only"): server_localhost_only.succeed("ss -nlt | grep '127.0.0.1:22'") server_localhost_only_lazy.succeed("ss -nlt | grep '127.0.0.1:22'") Loading pkgs/applications/misc/slstatus/default.nix +2 −2 Original line number Diff line number Diff line Loading @@ -15,12 +15,12 @@ stdenv.mkDerivation rec { pname = "slstatus"; version = "1.0"; version = "1.1"; src = fetchgit { url = "https://git.suckless.org/slstatus"; rev = version; hash = "sha256-cFah6EgApslLSlJaOy/5W9ZV9Z1lzfKye/rRh9Om3T4="; hash = "sha256-MRDovZpQsvnLEvsbJNBzprkzQQ4nIs1T9BLT+tSGta8="; }; preBuild = Loading pkgs/applications/networking/browsers/librewolf/librewolf.nix +6 −2 Original line number Diff line number Diff line Loading @@ -15,8 +15,12 @@ rec { extraPostPatch = '' while read patch_name; do if [ "$patch_name" -neq "patches/macos-import-vector.patch"]; then echo "applying LibreWolf patch: $patch_name" patch -p1 < ${source}/$patch_name else echo "skipping LibreWolf patch: $patch" fi done <${source}/assets/patches.txt cp -r ${source}/themes/browser . Loading pkgs/applications/networking/browsers/librewolf/src.json +5 −5 Original line number Diff line number Diff line { "packageVersion": "137.0.2-1", "packageVersion": "138.0.1-2", "source": { "rev": "137.0.2-1", "hash": "sha256-PZapXnpVGdQrTXWjlNuFj3idqelTKTpwapuwx+XuwW8=" "rev": "138.0.1-2", "hash": "sha256-H4GvKTrx0+GdUFOjW+E53VwZcZnrrBiXiMvR6aCEKDE=" }, "firefox": { "version": "137.0.2", "hash": "sha512-ghQMQyUjPqLi9XkIjOu5jA6NuISLQBjP+V1O1Cv4RwSe1lIPwFHZMO4melrLAIkIFwgl04FYnaDRCcoEph4cJA==" "version": "138.0.1", "hash": "sha512-vFqNZYFAxMPbKdURNMlxBaAiVWfVzhR1f2lZQGa/akShPgYmzr3it6B4usEooUaQ7gYIPQMG13id4qXp2DlLIw==" } } pkgs/by-name/ca/cargo-embassy/package.nix +3 −1 Original line number Diff line number Diff line { lib, stdenv, rustPlatform, fetchFromGitHub, pkg-config, Loading @@ -18,7 +19,7 @@ rustPlatform.buildRustPackage { hash = "sha256-C8eFQFHYIj2P+zPOKLVBNX97UDVbbcdjbqh5n53ktCU="; }; buildInputs = [ buildInputs = lib.optionals stdenv.hostPlatform.isLinux [ udev ]; Loading @@ -34,6 +35,7 @@ rustPlatform.buildRustPackage { homepage = "https://github.com/adinack/cargo-embassy"; license = lib.licenses.gpl3Only; maintainers = [ lib.maintainers.samw ]; platforms = lib.platforms.unix; mainProgram = "cargo-embassy"; }; } Loading
nixos/tests/openssh.nix +0 −44 Original line number Diff line number Diff line Loading @@ -35,38 +35,6 @@ import ./make-test-python.nix ( ]; }; server-x11 = { ... }: { environment.systemPackages = [ pkgs.xorg.xauth ]; services.openssh = { enable = true; settings.X11Forwarding = true; }; users.users.root.openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; }; server-x11-disable = { ... }: { environment.systemPackages = [ pkgs.xorg.xauth ]; services.openssh = { enable = true; settings = { X11Forwarding = true; # CVE-2025-32728: the following line is ineffectual DisableForwarding = true; }; }; users.users.root.openssh.authorizedKeys.keys = [ snakeOilPublicKey ]; }; server-allowed-users = { ... }: Loading Loading @@ -272,8 +240,6 @@ import ./make-test-python.nix ( start_all() server.wait_for_unit("sshd", timeout=30) server_x11.wait_for_unit("sshd", timeout=30) server_x11_disable.wait_for_unit("sshd", timeout=30) server_allowed_users.wait_for_unit("sshd", timeout=30) server_localhost_only.wait_for_unit("sshd", timeout=30) server_match_rule.wait_for_unit("sshd", timeout=30) Loading Loading @@ -341,16 +307,6 @@ import ./make-test-python.nix ( timeout=30 ) with subtest("x11-forwarding"): client.succeed( "[ \"$(ssh -Y -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil server-x11 'xauth list' | tee /dev/stderr | wc -l)\" -eq 1 ]", timeout=30 ) client.succeed( "[ \"$(ssh -Y -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i privkey.snakeoil server-x11-disable 'xauth list' | tee /dev/stderr | wc -l)\" -eq 0 ]", timeout=30 ) with subtest("localhost-only"): server_localhost_only.succeed("ss -nlt | grep '127.0.0.1:22'") server_localhost_only_lazy.succeed("ss -nlt | grep '127.0.0.1:22'") Loading
pkgs/applications/misc/slstatus/default.nix +2 −2 Original line number Diff line number Diff line Loading @@ -15,12 +15,12 @@ stdenv.mkDerivation rec { pname = "slstatus"; version = "1.0"; version = "1.1"; src = fetchgit { url = "https://git.suckless.org/slstatus"; rev = version; hash = "sha256-cFah6EgApslLSlJaOy/5W9ZV9Z1lzfKye/rRh9Om3T4="; hash = "sha256-MRDovZpQsvnLEvsbJNBzprkzQQ4nIs1T9BLT+tSGta8="; }; preBuild = Loading
pkgs/applications/networking/browsers/librewolf/librewolf.nix +6 −2 Original line number Diff line number Diff line Loading @@ -15,8 +15,12 @@ rec { extraPostPatch = '' while read patch_name; do if [ "$patch_name" -neq "patches/macos-import-vector.patch"]; then echo "applying LibreWolf patch: $patch_name" patch -p1 < ${source}/$patch_name else echo "skipping LibreWolf patch: $patch" fi done <${source}/assets/patches.txt cp -r ${source}/themes/browser . Loading
pkgs/applications/networking/browsers/librewolf/src.json +5 −5 Original line number Diff line number Diff line { "packageVersion": "137.0.2-1", "packageVersion": "138.0.1-2", "source": { "rev": "137.0.2-1", "hash": "sha256-PZapXnpVGdQrTXWjlNuFj3idqelTKTpwapuwx+XuwW8=" "rev": "138.0.1-2", "hash": "sha256-H4GvKTrx0+GdUFOjW+E53VwZcZnrrBiXiMvR6aCEKDE=" }, "firefox": { "version": "137.0.2", "hash": "sha512-ghQMQyUjPqLi9XkIjOu5jA6NuISLQBjP+V1O1Cv4RwSe1lIPwFHZMO4melrLAIkIFwgl04FYnaDRCcoEph4cJA==" "version": "138.0.1", "hash": "sha512-vFqNZYFAxMPbKdURNMlxBaAiVWfVzhR1f2lZQGa/akShPgYmzr3it6B4usEooUaQ7gYIPQMG13id4qXp2DlLIw==" } }
pkgs/by-name/ca/cargo-embassy/package.nix +3 −1 Original line number Diff line number Diff line { lib, stdenv, rustPlatform, fetchFromGitHub, pkg-config, Loading @@ -18,7 +19,7 @@ rustPlatform.buildRustPackage { hash = "sha256-C8eFQFHYIj2P+zPOKLVBNX97UDVbbcdjbqh5n53ktCU="; }; buildInputs = [ buildInputs = lib.optionals stdenv.hostPlatform.isLinux [ udev ]; Loading @@ -34,6 +35,7 @@ rustPlatform.buildRustPackage { homepage = "https://github.com/adinack/cargo-embassy"; license = lib.licenses.gpl3Only; maintainers = [ lib.maintainers.samw ]; platforms = lib.platforms.unix; mainProgram = "cargo-embassy"; }; }
![nixpkgs-ci[bot]'s avatar](https://secure.gravatar.com/avatar/21d9e4256a026824783d9069d7622ceb22d44398fd318ddfee596c72e5556369?s=48&d=identicon "nixpkgs-ci[bot]")