chore(3p/sources): bump channels & overlays – xz edition
Update all 3p/sources as we do normally except - agenix which is still pinned to 0.15.0 - nixpkgs (unstable) which we bump to the HEAD of the staging-next branch. This branch includes the downgrade of xz from 5.6.1 to 5.4.6 (https://github.com/nixos/nixpkgs/commit/d6dc19adbd). It also includes the second haskell-updates rotation with GHC 9.6.4 which contains a few build fixes that seem to be required to get our Haskell targets to work. Note that this only reverts xz to a version that doesn't contain the now known backdoor (CVE-2024-3094) which may or may not actually affect NixOS. Additionally reverting to a version before the malicious contributor's involvement may be difficult, but prudent: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068024 Changes required by the updates: - //3p/overlays/haskell: - Update ihp-hsx to latest master to fix build with Stackage LTS 22. - Update tmp-postgres to latest master to work around failure with ansi-wl-pprint >= 1. - Patch punycode for mtl >= 2.3. - //users/Profpatsch: - Clean up some warnings, mostly about unused dependencies - my-prelude: Fix build with ghc-boot-9.6.4 - cas-serve: Use crypton over unmaintained cryptonite - ical-smolify: skip in ci, iCalendar would require heavy patching to work with Stackage LTS 22. - //users/{wpcarro,aspen,flokli}: Disable home-manager / nixos configuration builds that seem to have transient failures that should disappear as we move away from staging-next and closer to an actual channel release. Change-Id: I5cca48e101041c3aedc1d9932dbca2cac885fcc1 Reviewed-on: https://cl.tvl.fyi/c/depot/+/11289 Tested-by: BuildkiteCI Autosubmit: sterni <sternenseemann@systemli.org> Reviewed-by: sterni <sternenseemann@systemli.org> Reviewed-by: tazjin <tazjin@tvl.su>
This commit is contained in:
parent
b67b0a6d72
commit
73b1f0407b
10 changed files with 68 additions and 32 deletions
13
default.nix
13
default.nix
|
@ -110,6 +110,19 @@ readTree.fix (self: (readDepot {
|
||||||
# xanthous and related targets are disabled until cl/9186 is submitted
|
# xanthous and related targets are disabled until cl/9186 is submitted
|
||||||
self.users.aspen.xanthous
|
self.users.aspen.xanthous
|
||||||
self.users.aspen.system.system.mugwumpSystem
|
self.users.aspen.system.system.mugwumpSystem
|
||||||
|
|
||||||
|
# Temporarily disabled after cl/11289. Hopefully these failures are transient
|
||||||
|
# and will disappear with the next channel bump.
|
||||||
|
self.users.aspen.system.home.ogopogoHome
|
||||||
|
self.users.aspen.system.home.luscaHome
|
||||||
|
self.users.aspen.system.home.yerenHome
|
||||||
|
self.users.aspen.system.system.roswellSystem
|
||||||
|
self.users.flokli.nixos.archeologyEc2System
|
||||||
|
self.users.flokli.nixos.deploy-archeology-ec2
|
||||||
|
self.users.wpcarro.nixos.avaSystem
|
||||||
|
self.users.wpcarro.nixos.kyokoSystem
|
||||||
|
self.users.wpcarro.nixos.marcusSystem
|
||||||
|
self.users.wpcarro.nixos.tarascoSystem
|
||||||
];
|
];
|
||||||
|
|
||||||
# List of all buildable targets, for CI purposes.
|
# List of all buildable targets, for CI purposes.
|
||||||
|
|
29
third_party/overlays/haskell/default.nix
vendored
29
third_party/overlays/haskell/default.nix
vendored
|
@ -12,15 +12,38 @@ in
|
||||||
{
|
{
|
||||||
haskellPackages = super.haskellPackages.override {
|
haskellPackages = super.haskellPackages.override {
|
||||||
overrides = hsSelf: hsSuper: {
|
overrides = hsSelf: hsSuper: {
|
||||||
|
punycode = haskellLib.appendPatch
|
||||||
|
(self.fetchpatch {
|
||||||
|
name = "punycode-mtl-2.3.patch";
|
||||||
|
url = "https://github.com/litherum/punycode/pull/5/commits/41e55c8b7cef14563e6d04a7190dbabff5a77886.patch";
|
||||||
|
sha256 = "03kgmy4z36jv16ffp5jrig2gr8ydc8cl1iscc7difisaq88mxvqc";
|
||||||
|
})
|
||||||
|
hsSuper.punycode;
|
||||||
|
|
||||||
|
# Build with deprecated ansi-wl-pprint is broken now, use HEAD which switched to
|
||||||
|
# prettyprinter
|
||||||
|
tmp-postgres = haskellLib.overrideSrc
|
||||||
|
{
|
||||||
|
version = "unstable-2023-08-08";
|
||||||
|
src = self.fetchFromGitHub {
|
||||||
|
owner = "jfischoff";
|
||||||
|
repo = "tmp-postgres";
|
||||||
|
rev = "7f2467a6d6d5f6db7eed59919a6773fe006cf22b";
|
||||||
|
sha256 = "0l1gdx5s8ximgawd3yzfy47pv5pgwqmjqp8hx5rbrq68vr04wkbl";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
(hsSuper.tmp-postgres.override {
|
||||||
|
ansi-wl-pprint = hsSelf.prettyprinter;
|
||||||
|
});
|
||||||
|
|
||||||
ihp-hsx = lib.pipe hsSuper.ihp-hsx [
|
ihp-hsx = lib.pipe hsSuper.ihp-hsx [
|
||||||
(haskellLib.overrideSrc {
|
(haskellLib.overrideSrc {
|
||||||
version = "1.1.0";
|
version = "unstable-2023-03-28";
|
||||||
src = "${self.fetchFromGitHub {
|
src = "${self.fetchFromGitHub {
|
||||||
owner = "digitallyinduced";
|
owner = "digitallyinduced";
|
||||||
repo = "ihp";
|
repo = "ihp";
|
||||||
rev = "b5d47963c998ccd779aa5c3d46484338fd621f0d";
|
rev = "ab4ecd05f4e7b6b3c4b74b82d39fc6c5cc48766b";
|
||||||
sha256 = "sha256-M22W8VX4sRaeU2yVraR0S2t2VOwWGmoteD/M8TahdoE=";
|
sha256 = "1fj5q9lygnmvqqv2fwqdj12sv63gkdfv5ha6fi190sv07dp9n9an";
|
||||||
}}/ihp-hsx";
|
}}/ihp-hsx";
|
||||||
})
|
})
|
||||||
haskellLib.doJailbreak
|
haskellLib.doJailbreak
|
||||||
|
|
32
third_party/sources/sources.json
vendored
32
third_party/sources/sources.json
vendored
|
@ -29,10 +29,10 @@
|
||||||
"homepage": "https://nix-community.github.io/home-manager/",
|
"homepage": "https://nix-community.github.io/home-manager/",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "206f457fffdb9a73596a4cb2211a471bd305243d",
|
"rev": "30f2ec39519f4f5a8a96af808c439e730c15aeab",
|
||||||
"sha256": "0imc472hq7mmqhf5h8rhgfplw6575rl15fni0dc4wpypv9jccia9",
|
"sha256": "11jy0k35j1f27agqzvs3yq37chdvw1xvnymgv2ds3fymasg5m5j2",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/nix-community/home-manager/archive/206f457fffdb9a73596a4cb2211a471bd305243d.tar.gz",
|
"url": "https://github.com/nix-community/home-manager/archive/30f2ec39519f4f5a8a96af808c439e730c15aeab.tar.gz",
|
||||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||||
},
|
},
|
||||||
"impermanence": {
|
"impermanence": {
|
||||||
|
@ -72,15 +72,15 @@
|
||||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"branch": "nixos-unstable",
|
"branch": "staging-next",
|
||||||
"description": "Nix Packages collection",
|
"description": "Nix Packages collection",
|
||||||
"homepage": "",
|
"homepage": "",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "d691274a972b3165335d261cc4671335f5c67de9",
|
"rev": "b4bf622e464f47c69fefb43746c531044b630d59",
|
||||||
"sha256": "05lkkw0a63v1zan5g31blhckw6zf66p4gfqkpp01mp7fqwykmzx4",
|
"sha256": "0k35khcx03rfr9l997mmmmya78c2rqcg4kflmdgkfyz73v0lllaa",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/NixOS/nixpkgs/archive/d691274a972b3165335d261cc4671335f5c67de9.tar.gz",
|
"url": "https://github.com/NixOS/nixpkgs/archive/b4bf622e464f47c69fefb43746c531044b630d59.tar.gz",
|
||||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||||
},
|
},
|
||||||
"nixpkgs-stable": {
|
"nixpkgs-stable": {
|
||||||
|
@ -89,10 +89,10 @@
|
||||||
"homepage": "",
|
"homepage": "",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "8ac30a39abc5ea67037dfbf090d6e89f187c6e50",
|
"rev": "219951b495fc2eac67b1456824cc1ec1fd2ee659",
|
||||||
"sha256": "0g8iy5qgb6qp2nq9p0yqhh1w5yp60v90h8zlkgxqhx4dj2fw9vy6",
|
"sha256": "065jy7qivlbdqmbvd7r9h97b23f21axmc4r7sqmq2h0j82rmymxv",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/NixOS/nixpkgs/archive/8ac30a39abc5ea67037dfbf090d6e89f187c6e50.tar.gz",
|
"url": "https://github.com/NixOS/nixpkgs/archive/219951b495fc2eac67b1456824cc1ec1fd2ee659.tar.gz",
|
||||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||||
},
|
},
|
||||||
"rust-overlay": {
|
"rust-overlay": {
|
||||||
|
@ -101,10 +101,10 @@
|
||||||
"homepage": "",
|
"homepage": "",
|
||||||
"owner": "oxalica",
|
"owner": "oxalica",
|
||||||
"repo": "rust-overlay",
|
"repo": "rust-overlay",
|
||||||
"rev": "50db54295d3922a3b7a40d580b84d75150b36c34",
|
"rev": "f258266af947599e8069df1c2e933189270f143a",
|
||||||
"sha256": "0v8indbzb97dk9qk4srrxq8z5ds614kazi72zcxjhjzdxc8mklj7",
|
"sha256": "0436rpv58risp1149pga61vg85mbmfh92v8bkil1i2kxfg3kg78h",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/oxalica/rust-overlay/archive/50db54295d3922a3b7a40d580b84d75150b36c34.tar.gz",
|
"url": "https://github.com/oxalica/rust-overlay/archive/f258266af947599e8069df1c2e933189270f143a.tar.gz",
|
||||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||||
},
|
},
|
||||||
"rustsec-advisory-db": {
|
"rustsec-advisory-db": {
|
||||||
|
@ -113,10 +113,10 @@
|
||||||
"homepage": "https://rustsec.org",
|
"homepage": "https://rustsec.org",
|
||||||
"owner": "RustSec",
|
"owner": "RustSec",
|
||||||
"repo": "advisory-db",
|
"repo": "advisory-db",
|
||||||
"rev": "369d98c1b95b7b56d0859605916d7b81a7d1f1c4",
|
"rev": "aa8e65c812517eae85190715fa63f312aa875773",
|
||||||
"sha256": "1npq87rjn606fhrpaxkphn8spdr1xafpy79nvrc3dnlvq163sr5n",
|
"sha256": "0li4c2ssza42jw1f3d5y7h3ds7kw88bf4r4l6xniznjvxi8vxf32",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/RustSec/advisory-db/archive/369d98c1b95b7b56d0859605916d7b81a7d1f1c4.tar.gz",
|
"url": "https://github.com/RustSec/advisory-db/archive/aa8e65c812517eae85190715fa63f312aa875773.tar.gz",
|
||||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -65,10 +65,9 @@ executable cas-serve
|
||||||
text,
|
text,
|
||||||
sqlite-simple,
|
sqlite-simple,
|
||||||
http-types,
|
http-types,
|
||||||
ihp-hsx,
|
|
||||||
wai,
|
wai,
|
||||||
warp,
|
warp,
|
||||||
mtl,
|
mtl,
|
||||||
bytestring,
|
bytestring,
|
||||||
memory,
|
memory,
|
||||||
cryptonite,
|
crypton,
|
||||||
|
|
|
@ -15,7 +15,7 @@ let
|
||||||
libraryHaskellDepends = [
|
libraryHaskellDepends = [
|
||||||
pkgs.haskellPackages.pa-prelude
|
pkgs.haskellPackages.pa-prelude
|
||||||
pkgs.haskellPackages.pa-label
|
pkgs.haskellPackages.pa-label
|
||||||
pkgs.haskellPackages.ihp-hsx
|
pkgs.haskellPackages.crypton
|
||||||
pkgs.haskellPackages.wai
|
pkgs.haskellPackages.wai
|
||||||
pkgs.haskellPackages.warp
|
pkgs.haskellPackages.warp
|
||||||
pkgs.haskellPackages.sqlite-simple
|
pkgs.haskellPackages.sqlite-simple
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
{ depot, pkgs, lib, ... }:
|
{ depot, pkgs, lib, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
cas-serve = pkgs.writers.writeHaskell "ical-smolify"
|
ical-smolify = pkgs.writers.writeHaskell "ical-smolify"
|
||||||
{
|
{
|
||||||
libraries = [
|
libraries = [
|
||||||
pkgs.haskellPackages.iCalendar
|
pkgs.haskellPackages.iCalendar
|
||||||
|
@ -13,4 +13,11 @@ let
|
||||||
} ./IcalSmolify.hs;
|
} ./IcalSmolify.hs;
|
||||||
|
|
||||||
in
|
in
|
||||||
cas-serve
|
|
||||||
|
ical-smolify.overrideAttrs (old: {
|
||||||
|
meta = lib.recursiveUpdate old.meta or { } {
|
||||||
|
# Dependency iCalendar no longer builds in nixpkgs due to a lack of maintenance upstream
|
||||||
|
# https://github.com/nixos/nixpkgs/commit/13d10cc6e302e7d5800c6a08c1728b14c3801e26
|
||||||
|
ci.skip = true;
|
||||||
|
};
|
||||||
|
})
|
||||||
|
|
|
@ -345,7 +345,8 @@ stringToText = Data.Text.pack
|
||||||
--
|
--
|
||||||
-- ATTN: Don’t use `String` in code if you can avoid it, prefer `Text` instead.
|
-- ATTN: Don’t use `String` in code if you can avoid it, prefer `Text` instead.
|
||||||
stringToBytesUtf8 :: String -> ByteString
|
stringToBytesUtf8 :: String -> ByteString
|
||||||
stringToBytesUtf8 = GHC.utf8EncodeString
|
-- TODO(Profpatsch): use a stable interface
|
||||||
|
stringToBytesUtf8 = GHC.utf8EncodeByteString
|
||||||
|
|
||||||
-- | Like `show`, but generate a 'Text'
|
-- | Like `show`, but generate a 'Text'
|
||||||
--
|
--
|
||||||
|
|
|
@ -8,7 +8,6 @@ module Postgres.MonadPostgres where
|
||||||
import AtLeast (AtLeast)
|
import AtLeast (AtLeast)
|
||||||
import Control.Exception
|
import Control.Exception
|
||||||
import Control.Foldl qualified as Fold
|
import Control.Foldl qualified as Fold
|
||||||
import Control.Monad.Except
|
|
||||||
import Control.Monad.Logger.CallStack (MonadLogger, logDebug, logWarn)
|
import Control.Monad.Logger.CallStack (MonadLogger, logDebug, logWarn)
|
||||||
import Control.Monad.Reader (MonadReader (ask), ReaderT (..))
|
import Control.Monad.Reader (MonadReader (ask), ReaderT (..))
|
||||||
import Control.Monad.Trans.Resource
|
import Control.Monad.Trans.Resource
|
||||||
|
|
|
@ -31,7 +31,6 @@ let
|
||||||
pkgs.haskellPackages.pa-run-command
|
pkgs.haskellPackages.pa-run-command
|
||||||
pkgs.haskellPackages.aeson-better-errors
|
pkgs.haskellPackages.aeson-better-errors
|
||||||
pkgs.haskellPackages.blaze-html
|
pkgs.haskellPackages.blaze-html
|
||||||
pkgs.haskellPackages.dlist
|
|
||||||
pkgs.haskellPackages.hs-opentelemetry-sdk
|
pkgs.haskellPackages.hs-opentelemetry-sdk
|
||||||
pkgs.haskellPackages.http-conduit
|
pkgs.haskellPackages.http-conduit
|
||||||
pkgs.haskellPackages.http-types
|
pkgs.haskellPackages.http-types
|
||||||
|
@ -39,7 +38,6 @@ let
|
||||||
pkgs.haskellPackages.monad-logger
|
pkgs.haskellPackages.monad-logger
|
||||||
pkgs.haskellPackages.resource-pool
|
pkgs.haskellPackages.resource-pool
|
||||||
pkgs.haskellPackages.postgresql-simple
|
pkgs.haskellPackages.postgresql-simple
|
||||||
pkgs.haskellPackages.selective
|
|
||||||
pkgs.haskellPackages.tmp-postgres
|
pkgs.haskellPackages.tmp-postgres
|
||||||
pkgs.haskellPackages.unliftio
|
pkgs.haskellPackages.unliftio
|
||||||
pkgs.haskellPackages.wai-extra
|
pkgs.haskellPackages.wai-extra
|
||||||
|
|
|
@ -86,13 +86,11 @@ library
|
||||||
aeson-better-errors,
|
aeson-better-errors,
|
||||||
aeson,
|
aeson,
|
||||||
blaze-html,
|
blaze-html,
|
||||||
blaze-markup,
|
|
||||||
bytestring,
|
bytestring,
|
||||||
case-insensitive,
|
case-insensitive,
|
||||||
containers,
|
containers,
|
||||||
unordered-containers,
|
unordered-containers,
|
||||||
directory,
|
directory,
|
||||||
dlist,
|
|
||||||
exceptions,
|
exceptions,
|
||||||
filepath,
|
filepath,
|
||||||
hs-opentelemetry-sdk,
|
hs-opentelemetry-sdk,
|
||||||
|
@ -107,8 +105,6 @@ library
|
||||||
resource-pool,
|
resource-pool,
|
||||||
postgresql-simple,
|
postgresql-simple,
|
||||||
punycode,
|
punycode,
|
||||||
scientific,
|
|
||||||
selective,
|
|
||||||
tmp-postgres,
|
tmp-postgres,
|
||||||
unliftio,
|
unliftio,
|
||||||
wai-extra,
|
wai-extra,
|
||||||
|
|
Loading…
Reference in a new issue