Merge master into haskell-updates

/pkgs/build-support/node/build-npm-package      @winterqt

/pkgs/build-support/node/fetch-npm-deps         @winterqt

/doc/languages-frameworks/javascript.section.md @winterqt

/pkgs/development/tools/pnpm                    @Scrumplex @gepbird

# OCaml

/pkgs/build-support/ocaml           @ulrikstrid

`[Errno 8] Exec format error: './gdk3-scan'`

#### Using `-static` outside a `isStatic` platform. {#cross-static-on-non-static-platform}

Add `stdenv.cc.libc.static` (static output of glibc) to `buildInputs` conditionally on if `hostPlatform` uses `glibc`.

e.g.

```nix

{

  buildInputs = lib.optionals (stdenv.hostPlatform.libc == "glibc") [ stdenv.cc.libc.static ];

}

```

Examples of errors which this fixes.

`cannot find -lm: No such file or directory`

`cannot find -lc: No such file or directory`

::: {.note}

At the time of writing it is assumed the issue only happens on `glibc` because it splits the static libraries in to a different output.

::: {.note}

You may want to look in to using `stdenvAdapters.makeStatic` or `pkgsStatic` or a `isStatic = true` platform.

## Cross-building packages {#sec-cross-usage}

Nixpkgs can be instantiated with `localSystem` alone, in which case there is no cross-compiling and everything is built by and for that system, or also with `crossSystem`, in which case packages run on the latter, but all building happens on the former. Both parameters take the same schema as the 3 (build, host, and target) platforms defined in the previous section. As mentioned above, `lib.systems.examples` has some platforms which are used as arguments for these parameters in practice. You can use them programmatically, or on the command line:

    githubId = 26020062;

    name = "lumi";

  };

  luna_1024 = {

    email = "contact@luna.computer";

    github = "luna-1024";

    githubId = 7243615;

    name = "Luna";

  };

  lunarequest = {

    email = "nullarequest@vivlaid.net";

    github = "Lunarequest";

    * from `/var/log/private/gns3` to `/var/log/gns3`

  and to change the ownership of these directories and their contents to `gns3` (including `/etc/gns3`).

- The `sshd` module now doesn't include `%h/.ssh/authorized_keys` as `AuthorizedKeysFile` unless

  `services.openssh.authorizedKeysInHomedir` is set to `true` (the default is `false` for `stateVersion` 24.11 onwards).

- Legacy package `stalwart-mail_0_6` was dropped, please note the

  [manual upgrade process](https://github.com/stalwartlabs/mail-server/blob/main/UPGRADING.md)

  before changing the package to `pkgs.stalwart-mail` in

          If set, users can authenticate with their Kerberos password.

          This requires a valid Kerberos configuration

          (`config.security.krb5.enable` should be set to

          `true`).

          (`security.krb5.enable` should be set to `true`).

          Note that the Kerberos PAM modules are not necessary when using SSS

          to handle Kerberos authentication.

    warnings = lib.optional

      (with config.security.pam.sshAgentAuth;

        enable && lib.any (s: lib.hasPrefix "%h" s || lib.hasPrefix "~" s) authorizedKeysFiles)

      ''config.security.pam.sshAgentAuth.authorizedKeysFiles contains files in the user's home directory.

        enable && lib.any (s: lib.hasPrefix "%h" s || lib.hasPrefix "~" s) authorizedKeysFiles) ''

        security.pam.sshAgentAuth.authorizedKeysFiles contains files in the user's home directory.

        Specifying user-writeable files there result in an insecure configuration:

        a malicious process can then edit such an authorized_keys file and bypass the ssh-agent-based authentication.