Also move prompt.fish out of configs, which is a deprecated location.
Change-Id: I95360bc24b0b147a611881ed53e70bf1f9e5deea
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5256
Reviewed-by: wpcarro <wpcarro@gmail.com>
Autosubmit: wpcarro <wpcarro@gmail.com>
Tested-by: BuildkiteCI
... and build //third_party/nix with the one from nixpkgs.
Change-Id: Iae7f1772a31286f2c22955cdc1fe61ee82d112aa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3016
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: grfn <grfn@gws.fyi>
apparently the cache can get out-of-sync or something; either way we
had a build where it missed a file that was misformated.
Change-Id: I2967aec99ee1c7c8b978a3dfdfed4ff213bb6591
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5249
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
In some cases we want to be able to "emergency approve" something on
behalf of a different user.
Example cases:
* clean up of abandoned directories with restrictive OWNERS
* security fixes blocked on people in different timezones
This script can be used to perform these approvals if the user is a
member of depot-interventions. Note that access to depot-interventions
is audit logged.
The user on behalf of whom approval is performed is always added to
the attention set to ensure that they are made aware of the CRFO
approval.
Note: This depends on nixpkgs#156466. Keeping WIP until we have a
channel with that patch.
Change-Id: I16e5f9d7baa9daab49c88b629bb8f024aad9d94c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5085
Tested-by: BuildkiteCI
Reviewed-by: kn <klemens@posteo.de>
Reviewed-by: sterni <sternenseemann@systemli.org>
this feature makes it so that if you jump to a workspace by index, and
then ask to jump that same index again, you end up where you started.
this is useful for quickly jumping to something to look at it, and
then back.
Change-Id: I12f5bba88c0d5b3ae5956d2b6a606f49146551f7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5244
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
this makes it possible to move forwards/backwards in workspace history
in the order in which I used them, while tracking the offset (e.g. it
is possible to go 3 steps back, do something, then move 2 steps
forward again).
this should make it possible to learn ad-hoc relative layouts for
whatever task i'm working on and reduce the number of times where i
frantically flip through all workspaces and try to figure out where
anything is.
note that this key binding is not very ergonomic, but i've remapped it
on my kinesis to the prior/next buttons. i never use those. using
<prior>/<next> directly doesn't work because too many modes override
them.
Change-Id: I257723b9e14a68b53be68539dd752db3445546e7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5243
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
With this change running git blame will ignore the reformat and start
from the commits before it (wherever possible).
Change-Id: I384a4261a6d4f1c2fe79453f696b23503a56e96e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5239
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
unbind & close the stream of newly created LDAP connections after
auth, which might prevent some of the resource leaking we've got going
on
i did actually verify in sly that this still works. yay.
Change-Id: I92c8ca20de642585ae4c24aa455d051ee6e44a87
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5193
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
rustfmt only sometimes detects path-based nested config
files (probably some kind of race?), so my users folder uses a
separate formatting check for rustfmt to avoid flaky CI. Enough flakes
around already ...
Change-Id: Ifd862f9974f071b3a256643dd8e56c019116156a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5242
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
This means that we use the meta.ci attribute more consistently.
The meta.targets attribute is still read, but prints a big, red
warning telling people to migrate to the new one.
Fixes b/176
Change-Id: Ifb4452f529cfc6bbd5018ad7374cac1c83b10045
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5238
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
This function is more generically useful than just for pipeline
construction.
A subsequent commit will use it inside of readTree itself.
Change-Id: I5eabd6f659726484667e060958865dddbc205762
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5237
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
I am trying to publish this to crates.io, and `mq` is already taken up
by what seems to be a dead project.
Change-Id: I14d1f5f31f167fde954d9c1e39fc9fec5f4c3d10
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5234
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Same trick as in the last commit, trying to hit the right revision.
Change-Id: I0af9e88b4d2fd8239a7819dbe0da13f26cca8d6b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5233
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
... and update some outdated stuff in the README while we're at it.
Change-Id: Ib3a12596bd1ba61e91ac6e1d37106b616da3030d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5232
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
This was useful to have in CI, e.g. when targeting a specific NixOS
system. The actual result symlink which is printed is not useful.
Alternative solution would be to change the wrapping of this so that
we conditionally create the symlink for extra steps, but I think it's
not worth the complexity of evaluating the step twice.
Change-Id: Id86eb5114bec935c63a2907ec5f169fc5d41a6cc
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5227
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
The previous version had a CVE.
As part of this upgrade, the handling of errors inside of the Nix
crate changed, which we now accommodate.
Change-Id: Iad9a473c1782e0d79919cb5dc3f76316852d8a16
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5226
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
* //3p/nix: probably not worth investing time into this anymore
* //users/sterni/emacs: The emoji problem disappeared by itself with a
newer emacs version, however a different one remains…
* //web/panettone: If we ever want to change the behavior, we should
just decide the behavior statically instead of using conditions and
restarts, as we only call it in one place, so making different
decisions depending on call sites is not really a use case we have.
Change-Id: Iff9d439ce356db41ce34d690fb7b6a01822022fa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5223
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
* //nix/buildLisp: This channel bump brought a bizarre regression
in ccl, causing binaries to crash on thread clean up. This was
likely caused by a glibc update in nixpkgs. We'll disable emitting CI
targets for ccl until we can find out and fix what's going on.
Change-Id: I37629f384fa99ec4ef96ce7127fa7569adecb687
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5207
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
The previous mem::unitialized method was deprecated in favour of this
struct which carries information about the initialisation state
forward to the compiler.
Change-Id: Ib5f5d1ad91f9957b18eebabc1048f8649bc74049
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5225
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Many of the vulnerabilities (in the respective crates) reported are not
actually exploitable vulnerabilties of the packages we report them for.
Consequently it is more accurate to state that they are advisories.
Change-Id: I02932125b77fc9c71e583ae49e822fd3438dce05
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5202
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Buildkite doesn't understand GitHub Flavored Markdown and having a read
only checklist in there is probably not much use.
Change-Id: I41538487087e8c817b1a5e653f077bb0fbe6eb47
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5201
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
In the spirit of the readTree filter we should also not include files in
user directories from the outside.
Change-Id: I1abe36a721048900d2758b5986063b68b8d1af93
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5200
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
check-all-our-lock-files works very similarly to
//users/sterni/nixpkgs-crate-holes, even reusing some parts of it, but
is much simpler since we don't need to extract the lock files — they are
already in tree.
It is implemented as a very simple script which just traverses the
subtree of the current directory, collecting all warnings. When
executing this script in buildkite via extraSteps, it never fails,
instead annotating the pipeline run with a warning.
Change-Id: I0a0bc26deffe7b20b99f5aa7238fb3c3bb9deb92
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3721
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Any other cgit configuration in depot would need this script wrapper as
well.
Change-Id: Ifa04e1c9de9c925eb3f60c5d3854221ae02ef06c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5206
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
Not sure if this used to work or if I started using the rev attribute in
nixpkgs-crate-holes without actually testing it. The failure in any case
is hidden from CI as it occurs at runtime, being hidden behind a
function.
Change-Id: Ib1db5393554a699c7c4b18697a9c9c902e93a507
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5199
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
They're big and I don't use them.
Change-Id: I87978c93ecf6cb5b5dd9935da61b0671522b06fa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5203
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Accessing the headers of a MIME message feels like something mime4cl
should handle. We implemented this ad hoc in mblog before in order to
not need to worry about doing it in a sensible way. Now we introduce a
decent-ish interface for getting a header from a MIME message,
mime-message-header-values:
* It returns a list because MIME message headers may appear multiple
times.
* It decodes RFC2047 only upon request, as you may want to be stricter
about parsing certain fields.
* It checks header name equality case insensitively.
The code for decoding the RFC2047 string is retained and still uses
babel for doing the actual decoding.
Change-Id: I58bbbe4b46dbded04160b481a28a40d14775673d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5150
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Depending on the stream backing this, read-sequence should be more
efficient.
Change-Id: I5d0461f76f4b132ac6e6c3a2e503f0173d5f4114
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5194
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
This change finally sort of puts the parts together: We take a maildir,
render all its note messages as standalone HTML, extract the attachments
alongside and finally generate a global index page linking all notes.
The new executable and mnote-html are both contained in the same image
and we dispatch the right functionality based on argv[0].
Change-Id: I5a5bdbfaca79199f92e73ea4a2f070fa900d2bc4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5113
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
This is the only thing we need from that package and it avoids having
to solve the annoying conflict between closure-html and who.
Change-Id: Iacfb8d4948d1987e767ffc456b8e141b468ef6d9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5111
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Non ASCII Subjects will use RFC2047 to encode their content. Using
mime4cl's parse-RFC2047-text we obtain a list of ASCII strings and byte
vectors tagged with their encoding. Using babel we can then decode the
byte sequence, assuming the encoding is named the same in babel and
RFC2047 (which it is for UTF-8 at least…).
Change-Id: I2840672409452bd194fb1635721e338364d9b484
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5078
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
By computing the amount the stream position advanced we can save a
syscall on every read which speeds up mime:mime-body-stream by /a lot/,
e.g. extracting a ~3MB attachment drops from over 15s to under ~0.5s.
There's still a lot to be gained and correctness left to be desired
which can be addressed as described in the newly added comment.
Change-Id: I5e1dfd213aac41203f271cf220db456dfb95a02b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5073
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
* Upon creation of an apple-note object we can check if certain fields
we are interested in are present and of the right type etc.
These currently are:
- UUID (for links later)
- Subject (title)
- Time
- Text part with supported MIME type
These are then put into their own shortcut fields in the apple-note
subclass which allows for easier access and forces us to make sure
they are present.
* Split out everything note related into its own package. Using the new
type, we can expose an interface which sort of makes sense.
Change-Id: Ic9d67518354e61a3cc8388bb0e566fce661e90d0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5072
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Detection is broken there, too, as UIOP relies on setting the variable
before dumping the image in its portability wrapper dump-image which we
don't use at all.
Change-Id: If7bea5a8522a2e64707b1ee88d62d420bd00a952
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5112
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
These are required for standalone imports of the kit now.
Change-Id: Ie3c7218a606b1ba9cf274bb80b314a7889d8ede9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5189
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
This can be used to override the parent derivation if its output is
required, for example to inject versions which are only used during
releases to avoid cache-busting.
Change-Id: I2211496efa8f9bc98ea43b23e4f3f92c61a6da73
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5184
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
Derivations that support overrideAttrs now have their readTree
markers merged in using it, as passthru attributes.
This makes the significant difference that overriding readTree targets
using `overrideAttrs` keeps their readTree data intact.
Change-Id: Ieef635f048781bf4782c1a28532b89a66d9ca24d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5186
Tested-by: BuildkiteCI
Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
Autosubmit: tazjin <tazjin@tvl.su>
