stdenv.mkDerivation: remove pie hardening flag warning

- The default packages in `services.jenkins.packages` have been dropped, since not every Jenkins installation needs any package at all. It's more reasonable to leave it empty and let users configure what they need.

- The `pie` hardening flag has been removed and will now error, after being deprecated in 25.11. Compilers are expected to enable PIE by default, as has been common practice since 2016 outside of Nixpkgs. If a package needs `pie` disabled pass `-no-pie` in `CFLAGS`. It is unlikely this will be necessary in many cases; due to the prevalence of default PIE toolchains, most packages incompatible with PIE already pass `-no-pie`.

## Other Notable Changes {#sec-nixpkgs-release-26.05-notable-changes}

<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->

        else

          subtractLists hardeningDisable' (defaultHardeningFlags ++ hardeningEnable);

      # hardeningDisable additionally supports "all".

      erroneousHardeningFlags = subtractLists (knownHardeningFlags ++ [ "pie" ]) (

      erroneousHardeningFlags = subtractLists knownHardeningFlags (

        hardeningEnable ++ remove "all" hardeningDisable

      );

            else

              null

          } =

            lib.warnIf (elem "pie" hardeningEnable || elem "pie" hardeningDisable)

              "The 'pie' hardening flag has been removed in favor of enabling PIE by default in compilers and should no longer be used. PIE can be disabled with the -no-pie compiler flag, but this is usually not necessary as most build systems pass this if needed. Usage of the 'pie' hardening flag will become an error in future."

              (concatStringsSep " " enabledHardeningOptions);

            concatStringsSep " " enabledHardeningOptions;

          # TODO: remove platform condition

          # Enabling this check could be a breaking change as it requires to edit nix.conf