Loading ci/github-script/merge.js +3 −2 Original line number Diff line number Diff line Loading @@ -66,8 +66,9 @@ function runChecklist({ if (allByName) { // We can only determine the below, if all packages are in by-name, since // we can't reliably relate changed files to packages outside by-name. checklist[`${user.login} is a maintainer of all touched packages.`] = eligible.has(user.id) checklist[ `${user.login} is a maintainer of all touched packages on the ${pull_request.base.ref} branch.` ] = eligible.has(user.id) } } else { // This is only used when no user is passed, i.e. for labeling. Loading lib/services/lib.nix +51 −5 Original line number Diff line number Diff line Loading @@ -37,17 +37,63 @@ rec { ); /** This is the entrypoint for the portable part of modular services. Entrypoint for integrating modular services into a containing module system. It provides the various options that are consumed by service manager implementations. Each containing system (NixOS, ...) calls `configure` to obtain a `serviceSubmodule` type for its services option. The returned submodule includes the portable service base and any service-manager-specific modules passed via `extraRootModules`. **Implementing for a new system** (e.g. home-manager, nix-darwin): ```nix # darwin/modules/services/system.nix { lib, config, pkgs, ... }: let portable-lib = import <nixpkgs/lib/services/lib.nix> { inherit lib; }; modularServiceConfiguration = portable-lib.configure { serviceManagerPkgs = pkgs; extraRootModules = [ ./launchd-service.nix # launchd-specific options (plist generation, etc.) ]; }; in { options.services = lib.mkOption { type = lib.types.attrsOf modularServiceConfiguration.serviceSubmodule; default = { }; }; config = { # Convert service tree -> launchd plists, assertions, etc. # (analogous to how NixOS converts to systemd units) launchd.agents = ...; assertions = ...; warnings = ...; }; } ``` lib.services.configure :: AttrSet -> { serviceSubmodule :: SubmoduleType } # Inputs `serviceManagerPkgs`: A Nixpkgs instance which will be used for built-in logic such as converting `configData.<path>.text` to a store path. `serviceManagerPkgs` : 1\. A Nixpkgs instance used for built-in logic such as converting `configData.<path>.text` to a store path. `extraRootModules` : 2\. Modules to be loaded into the "root" service submodule, but not into its sub-`services`. That's the modules' own responsibility. Typically contains service-manager-specific option modules (e.g. systemd unit options, launchd plist options). `extraRootModules`: Modules to be loaded into the "root" service submodule, but not into its sub-`services`. That's the modules' own responsibility. `extraRootSpecialArgs` `extraRootSpecialArgs`: Fixed module arguments that are provided in a similar manner to `extraRootModules`. : 3\. Fixed module arguments provided alongside `extraRootModules`. # Output Loading nixos/modules/security/dhparams.nix +74 −61 Original line number Diff line number Diff line Loading @@ -143,7 +143,19 @@ in }; }; config = lib.mkIf (cfg.enable && cfg.stateful) { config = lib.mkMerge [ (lib.mkIf cfg.enable { warnings = [ '' The `security.dhparam` module is deprecated and scheduled for removal in NixOS 26.11. Generating your own params has been shown to be problematic in RFC 7919 (2016). Remove any uses of DHE and migrate to ECDHE (RFC 8422, 2018) and Hybrid PQ (draft-ietf-tls-ecdhe-mlkem, 2026) key exchange algorithms. '' ]; }) (lib.mkIf (cfg.enable && cfg.stateful) { systemd.services = { dhparams-init = { description = "Clean Up Old Diffie-Hellman Parameters"; Loading Loading @@ -205,6 +217,7 @@ in ''; } ) cfg.params; }; }) ]; } pkgs/applications/editors/vscode/extensions/detachhead.basedpyright/default.nix +2 −2 Original line number Diff line number Diff line Loading @@ -8,8 +8,8 @@ vscode-utils.buildVscodeMarketplaceExtension { mktplcRef = { name = "basedpyright"; publisher = "detachhead"; version = "1.39.2"; hash = "sha256-iSjwEPSlPWmg3cYLSCp2YmHOR8EShGuPHzXMHGoa4iM="; version = "1.39.3"; hash = "sha256-uuWkSxjsY7ZL1QUwqkiwPTN8oGUktfm7/Hgv3Enmgqc="; }; meta = { changelog = "https://github.com/detachhead/basedpyright/releases"; Loading pkgs/applications/networking/cluster/terraform-providers/providers.json +9 −9 Original line number Diff line number Diff line Loading @@ -1247,13 +1247,13 @@ "vendorHash": "sha256-u3WK/pLsuwySJX6GMNho8ImB+F+XXUPC6h+IQtDrOp8=" }, "spotinst_spotinst": { "hash": "sha256-DWMa48u6D9lT6xtcYOQxWyHfMwFvI+iYufKoXgQJmC0=", "hash": "sha256-0Wc+QgEeizydsvtyBdnxgLhpYuBZLMB3JGjmTDXzJY0=", "homepage": "https://registry.terraform.io/providers/spotinst/spotinst", "owner": "spotinst", "repo": "terraform-provider-spotinst", "rev": "v1.234.0", "rev": "v1.235.0", "spdx": "MPL-2.0", "vendorHash": "sha256-iUu/SG4VprmEuYo6e8az5GARJhJWHyvyyJNSapnpWME=" "vendorHash": "sha256-odyKlnrYufT5pQsYuGN0hKQeQx7LzTLVNTwde97wyPc=" }, "statuscakedev_statuscake": { "hash": "sha256-zXBZZA+2uRN2FeGrayq0a4EBk7T+PvlBIwbuxwM7yBc=", Loading Loading @@ -1373,13 +1373,13 @@ "vendorHash": "sha256-Bat/S4e5vzT0/XOhJ9zCWLa4IE4owLC6ec1yvEh+c0Y=" }, "topicusonderwijs_octodns": { "hash": "sha256-ZfQ7OgW0kKfcoBNBe+wDFKL+hlyxyb80LrfArPBjtv4=", "hash": "sha256-gbw0Na3m5X5CjoaXHPREfQIpwzQ9hpa7A3Hn+rwcjEA=", "homepage": "https://registry.terraform.io/providers/topicusonderwijs/octodns", "owner": "topicusonderwijs", "repo": "terraform-provider-octodns", "rev": "v1.1.5", "rev": "v1.2.0", "spdx": "MPL-2.0", "vendorHash": "sha256-6qQ1k/fCxJGseqU+kjsE29kWYOpzorCeCTldXZo4ukY=" "vendorHash": "sha256-da0+/aLNEuMZWD7+zMUGpc1Ch5VKyN+EyO0Mp4mZWv8=" }, "trozz_pocketid": { "hash": "sha256-/rEdOnAbVM69mA/eP6SlZhk1FZfzrYpej2aO0NUP6E4=", Loading Loading @@ -1418,13 +1418,13 @@ "vendorHash": null }, "vancluever_acme": { "hash": "sha256-uYlaJfXerng7VfZt08fwvdBTy9UU6DgD5WGIca36LrA=", "hash": "sha256-8uMCtwldGlGqwyZXV4Q1g+9lHQqa952Sd+mywkt0weo=", "homepage": "https://registry.terraform.io/providers/vancluever/acme", "owner": "vancluever", "repo": "terraform-provider-acme", "rev": "v2.47.0", "rev": "v2.48.0", "spdx": "MPL-2.0", "vendorHash": "sha256-uXcqb1yTHzERpVtPnu0HCETJyo8BjI/Vw6dVeOyGXys=" "vendorHash": "sha256-i6Hw1hCr/LRhGjemGAzhZQYr/LsjBrT5aFVXAHDE85M=" }, "venafi_venafi": { "hash": "sha256-wpAckNRqZjSDt7KpCRpLSYkn6Gm+QPzn5sIJ90wRXjI=", Loading Loading
ci/github-script/merge.js +3 −2 Original line number Diff line number Diff line Loading @@ -66,8 +66,9 @@ function runChecklist({ if (allByName) { // We can only determine the below, if all packages are in by-name, since // we can't reliably relate changed files to packages outside by-name. checklist[`${user.login} is a maintainer of all touched packages.`] = eligible.has(user.id) checklist[ `${user.login} is a maintainer of all touched packages on the ${pull_request.base.ref} branch.` ] = eligible.has(user.id) } } else { // This is only used when no user is passed, i.e. for labeling. Loading
lib/services/lib.nix +51 −5 Original line number Diff line number Diff line Loading @@ -37,17 +37,63 @@ rec { ); /** This is the entrypoint for the portable part of modular services. Entrypoint for integrating modular services into a containing module system. It provides the various options that are consumed by service manager implementations. Each containing system (NixOS, ...) calls `configure` to obtain a `serviceSubmodule` type for its services option. The returned submodule includes the portable service base and any service-manager-specific modules passed via `extraRootModules`. **Implementing for a new system** (e.g. home-manager, nix-darwin): ```nix # darwin/modules/services/system.nix { lib, config, pkgs, ... }: let portable-lib = import <nixpkgs/lib/services/lib.nix> { inherit lib; }; modularServiceConfiguration = portable-lib.configure { serviceManagerPkgs = pkgs; extraRootModules = [ ./launchd-service.nix # launchd-specific options (plist generation, etc.) ]; }; in { options.services = lib.mkOption { type = lib.types.attrsOf modularServiceConfiguration.serviceSubmodule; default = { }; }; config = { # Convert service tree -> launchd plists, assertions, etc. # (analogous to how NixOS converts to systemd units) launchd.agents = ...; assertions = ...; warnings = ...; }; } ``` lib.services.configure :: AttrSet -> { serviceSubmodule :: SubmoduleType } # Inputs `serviceManagerPkgs`: A Nixpkgs instance which will be used for built-in logic such as converting `configData.<path>.text` to a store path. `serviceManagerPkgs` : 1\. A Nixpkgs instance used for built-in logic such as converting `configData.<path>.text` to a store path. `extraRootModules` : 2\. Modules to be loaded into the "root" service submodule, but not into its sub-`services`. That's the modules' own responsibility. Typically contains service-manager-specific option modules (e.g. systemd unit options, launchd plist options). `extraRootModules`: Modules to be loaded into the "root" service submodule, but not into its sub-`services`. That's the modules' own responsibility. `extraRootSpecialArgs` `extraRootSpecialArgs`: Fixed module arguments that are provided in a similar manner to `extraRootModules`. : 3\. Fixed module arguments provided alongside `extraRootModules`. # Output Loading
nixos/modules/security/dhparams.nix +74 −61 Original line number Diff line number Diff line Loading @@ -143,7 +143,19 @@ in }; }; config = lib.mkIf (cfg.enable && cfg.stateful) { config = lib.mkMerge [ (lib.mkIf cfg.enable { warnings = [ '' The `security.dhparam` module is deprecated and scheduled for removal in NixOS 26.11. Generating your own params has been shown to be problematic in RFC 7919 (2016). Remove any uses of DHE and migrate to ECDHE (RFC 8422, 2018) and Hybrid PQ (draft-ietf-tls-ecdhe-mlkem, 2026) key exchange algorithms. '' ]; }) (lib.mkIf (cfg.enable && cfg.stateful) { systemd.services = { dhparams-init = { description = "Clean Up Old Diffie-Hellman Parameters"; Loading Loading @@ -205,6 +217,7 @@ in ''; } ) cfg.params; }; }) ]; }
pkgs/applications/editors/vscode/extensions/detachhead.basedpyright/default.nix +2 −2 Original line number Diff line number Diff line Loading @@ -8,8 +8,8 @@ vscode-utils.buildVscodeMarketplaceExtension { mktplcRef = { name = "basedpyright"; publisher = "detachhead"; version = "1.39.2"; hash = "sha256-iSjwEPSlPWmg3cYLSCp2YmHOR8EShGuPHzXMHGoa4iM="; version = "1.39.3"; hash = "sha256-uuWkSxjsY7ZL1QUwqkiwPTN8oGUktfm7/Hgv3Enmgqc="; }; meta = { changelog = "https://github.com/detachhead/basedpyright/releases"; Loading
pkgs/applications/networking/cluster/terraform-providers/providers.json +9 −9 Original line number Diff line number Diff line Loading @@ -1247,13 +1247,13 @@ "vendorHash": "sha256-u3WK/pLsuwySJX6GMNho8ImB+F+XXUPC6h+IQtDrOp8=" }, "spotinst_spotinst": { "hash": "sha256-DWMa48u6D9lT6xtcYOQxWyHfMwFvI+iYufKoXgQJmC0=", "hash": "sha256-0Wc+QgEeizydsvtyBdnxgLhpYuBZLMB3JGjmTDXzJY0=", "homepage": "https://registry.terraform.io/providers/spotinst/spotinst", "owner": "spotinst", "repo": "terraform-provider-spotinst", "rev": "v1.234.0", "rev": "v1.235.0", "spdx": "MPL-2.0", "vendorHash": "sha256-iUu/SG4VprmEuYo6e8az5GARJhJWHyvyyJNSapnpWME=" "vendorHash": "sha256-odyKlnrYufT5pQsYuGN0hKQeQx7LzTLVNTwde97wyPc=" }, "statuscakedev_statuscake": { "hash": "sha256-zXBZZA+2uRN2FeGrayq0a4EBk7T+PvlBIwbuxwM7yBc=", Loading Loading @@ -1373,13 +1373,13 @@ "vendorHash": "sha256-Bat/S4e5vzT0/XOhJ9zCWLa4IE4owLC6ec1yvEh+c0Y=" }, "topicusonderwijs_octodns": { "hash": "sha256-ZfQ7OgW0kKfcoBNBe+wDFKL+hlyxyb80LrfArPBjtv4=", "hash": "sha256-gbw0Na3m5X5CjoaXHPREfQIpwzQ9hpa7A3Hn+rwcjEA=", "homepage": "https://registry.terraform.io/providers/topicusonderwijs/octodns", "owner": "topicusonderwijs", "repo": "terraform-provider-octodns", "rev": "v1.1.5", "rev": "v1.2.0", "spdx": "MPL-2.0", "vendorHash": "sha256-6qQ1k/fCxJGseqU+kjsE29kWYOpzorCeCTldXZo4ukY=" "vendorHash": "sha256-da0+/aLNEuMZWD7+zMUGpc1Ch5VKyN+EyO0Mp4mZWv8=" }, "trozz_pocketid": { "hash": "sha256-/rEdOnAbVM69mA/eP6SlZhk1FZfzrYpej2aO0NUP6E4=", Loading Loading @@ -1418,13 +1418,13 @@ "vendorHash": null }, "vancluever_acme": { "hash": "sha256-uYlaJfXerng7VfZt08fwvdBTy9UU6DgD5WGIca36LrA=", "hash": "sha256-8uMCtwldGlGqwyZXV4Q1g+9lHQqa952Sd+mywkt0weo=", "homepage": "https://registry.terraform.io/providers/vancluever/acme", "owner": "vancluever", "repo": "terraform-provider-acme", "rev": "v2.47.0", "rev": "v2.48.0", "spdx": "MPL-2.0", "vendorHash": "sha256-uXcqb1yTHzERpVtPnu0HCETJyo8BjI/Vw6dVeOyGXys=" "vendorHash": "sha256-i6Hw1hCr/LRhGjemGAzhZQYr/LsjBrT5aFVXAHDE85M=" }, "venafi_venafi": { "hash": "sha256-wpAckNRqZjSDt7KpCRpLSYkn6Gm+QPzn5sIJ90wRXjI=", Loading
![nixpkgs-ci[bot]'s avatar](https://secure.gravatar.com/avatar/21d9e4256a026824783d9069d7622ceb22d44398fd318ddfee596c72e5556369?s=48&d=identicon "nixpkgs-ci[bot]")