* //3p/sources: Note that emacs-overlay is not updated for now, as
changes in emacs HEAD break //users/sterni/emacs.
* //3p/gerrit_plugins/code-owners: deps hash changed once again
or was no longer in the Nix store.
Unfortunately, building the deps derivations from scratch for gerrit
and the gerrit plugins no longer works due to a nixpkgs regression:
Due to a (operator precedence) mistake in the way the deps
derivation's installPhase is computed, it would append extra code to
the installPhase provided by us, causing a bash syntax error.
I have proposed a fix for this
upstream (<https://github.com/NixOS/nixpkgs/pull/228305>). Adding a
workaround in the repo would be possible, but a bit annoying. Since
the derivations are fixed output anyways, I've opted to build the
missing deps derivation (for code-owners) locally using the fixed
nixpkgs, updated the sha256 and copied the result into whitby's Nix
store. Hopefully by the next time we'll be rebuilding the deps
derivations again the fix will have propagated into the NixOS unstable
channel.
* //users/grfn/system/system:roswellSystem: Use mysql80 from stable.
See also https://github.com/NixOS/nixpkgs/issues/226673.
Change-Id: I9b9d57f589be4cdc3fd4f39729c170a25a655b74
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8483
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
Update all sources, hopefully we get a less cursed nixpkgs commit than
the last one.
Change-Id: I86ecd572225520e99e340373ea219c96fa2fc758
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8474
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
* Satisfy new assert that the corresponding shell needs to be enabled
via programs.* if it is as the login shell of at least one user.
* //users/tazjin: “Address” removal of hardware.video.hidpi option.
* //3p/gerrit: update fetch sha256
Change-Id: Id0988a0ea7f393d6b7848a7104fc3526ee1177f4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8407
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
decode-RFC2047 used babel's octets-to-string, but we can replace it with
the function of the same name from flexi-streams. This doesn't make a
difference for the moment, but will be useful in the future:
flexi-streams provides de- and encoding streams that we'll be able to
use to replace and augment some of the stream based MIME part handling
code in mime4cl. babel doesn't have as powerful stream functionality
although it seems to be planned.
Another big upside of flexi-streams is that we'll be able to replace
delimited-input-string using it. This should allow us to slowly work
towards correct and more efficient decoding of MIME bodies.
Change-Id: I17174f1c96c5be7d103d396564e6aa0fe24c80fc
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8371
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Previously there was an issue in nmd which prevents it from working with
Nix 2.3 (it passed --store dummy://) which is why we hadn't updated
home-manager for a while. home-manager has now [included] the [fix] for
nmd I proposed, so we can finally update!
[fix]: f5a1859425
[included]: db37c53760
Change-Id: Ia1447549c0f97aa754ac1842eb453e95838c00c5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8346
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
* //users/wpcarro/avaSystem: disable hidpi
Recent changes have made nixpkgs adopt the position that hidpi
optimization can't be done generically and at the very least needs to
know a specific DPI number to optimize for. In addition to knowledge
of the display(s) in question (i.e. wpcarro needs to do this) the
issue <https://github.com/NixOS/nixpkgs/issues/222805> can give
guidance as to how to restore the desired hidpi look and feel.
Change-Id: Ia4b079a06dcb710050619f350cd0655216b4a42f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8345
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: wpcarro <wpcarro@gmail.com>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
This should avoid having two builds of Nix 2.3 in the closure of whitby
and sanduny.
Change-Id: Id4b8d34da73d3f579c97adcda44df26992290764
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8192
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
It's been a long time since we updated josh, almost 400 commits in
between. I read through the entire changelog, and here are relevant
josh commits from in between that might be interesting to us:
38eecee Fix optimisation bug for compose filter (#1159)
e1d10b6 Add :rev(...) filter
0f1a07b Initial implementation of refs locking (#929)
88cea2a Initial work on meta repo support
030ad93 Change magic refs to include "for"
28b1d75 Add split changes feature (#904)
1f908d7 Discover filters only on HEAD (#774)
a368d8f Make --require-auth only apply to push
8d80230 Add :linear filter (#741)
3460ec2 Implement redundant refs filtering (#700)
55b4e50 Implement stacked changes support (#699)
ea1f814 Handle @sha urls by creating magic ref (#690)
883a381 Run filter discovery only on changed refs (#685)
4bb004f Prepend refs/heads to base parameter as default (#664)
Of particular interest is a368d8f, which allows us to drop our
authentication patch and use the standard --require-auth flag again.
The default behaviour of dropping signatures on commits (which are
invalid after filtering) has also been changed in josh, now only
occuring when the `:unsign` filter is present. Since this breaks
commit hashes with our existing exported histories, we are opting to
set a `:unsign` filter prefix on all proxy requests to ensure that the
hashes stay consistent.
During this update we found a bug (josh#1155) which was fixed in the
commit that this CL moves josh to.
Change-Id: I3afac1619f3aa90313a0441da91f0e4a96fe0a3b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8186
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
* //3p/sources: temporarily switch to nixos-unstable-small, since it
includes:
- evans update we are interested in, allowing us to drop our evans
patches.
- awscli2 update that unbreaks //users/grfn
* //3p/overlays/tvl:
- drop evans patches
- update tdlib to 1.8.11 to make tazjin's emacs happy
- drop obsolete mullvad workaround
* //users/grfn/keyboard: disable -Werror for array-bounds warnings.
Seems like a non-trivial job to resolve the warning properly,
hopefully GCC 12 still generates the same working code as GCC 11 used
to.
* //users/grfn/system/home: remove yubikey-manager-qt.
Yubico can't seem to keep that on pace with yubikey-manager. It
requires a <5 version of the latter which is incompatible with the
recently released cryptography >= 39.
* //3p/gerrit: update changed FOD hash for the fetch step
Change-Id: I590ab996247e69b0ab5059cd173840ef4ebfe939
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8133
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
Included fixes:
* //3p/overlays: tdlib override no longer needed (bump has landed upstream)
* //corp/{predlozhnik,tvixbolt}: bump wasm-bindgen to match nixpkgs
Home-manager has not been bumped as it has introduced an
incompatibility with Nix 2.3
Change-Id: I96ac3462b82c73db1ba23be03d7968f10abc9b53
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8033
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
Reviewed-by: sterni <sternenseemann@systemli.org>
subsurface has been fixed a while ago to not pull in qtwebkit anymore,
this can be dropped.
Change-Id: I173dda71770d02ce8064d1751aff889475d12dfb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7999
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: grfn <grfn@gws.fyi>
There is a code path in public-inbox that will (under certain
conditions) set the expected list-id as derived from the recipient
mail address (so in our case depot@tvl.su -> `List-ID: depot.tvl.su`).
However, when/how this triggers seems to be particular to the code
path taken based on certain config settings. I couldn't fully figure
it out, and to be honest I don't really know Perl, and I don't think
this warrants a super-high-effort investigation.
For that reason, this patches the appropriate line in
public-inbox-watch to always trigger this code path regardless of what
is going on with the email.
I tested this locally with a public-inbox config that does *not* have
a `listid` setting set, as that just adds an additional filter which
would be a no-op in this case. All emails are ingested correctly with
List-ID set.
There might be a better place to put this in (e.g. right before the
actual mail ingestion), if a Perl expert is interested in figuring
this out and considers it relevant, feel free to send a CL.
Note that this will not update old emails. Probably.
Change-Id: I4a8a42653aa2f408a85c9301a1ee3545f0e74eed
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7946
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: flokli <flokli@flokli.de>
Not updating home-manager, since its dependency nmd now uses the
`--store` flag not supported by Nix 2.3.
Change-Id: I32e253a47013e0314286b0e2a5f6025f1421880b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7931
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
* //3p/gerrit: prevent python2 from crashing evaluating due to
upstream now officially considering it insecure after being EOL
for 3 years.
Overriding the meta set has the benefit that we do not need to
whitelist the package globally, forcing us to opt in everywhere
the dependency is acceptable.
* //3p/overlays: bump tdlib so tazjin's emacs can build
Change-Id: I50df82d35d56b0dd44b5f687e2dcb101db79738d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7809
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Upgrade to syntect 5.0 and load the new kind of syntax set
serialisation with the new helper function for that purpose.
Includes other minor API fixes as well, note that the things that are
now calling `expect` previously failed internally at those points and
we're reasonably confident they don't fail in production.
This has been waiting for a long time ...
Change-Id: I8af4fef995ff64bfbe24e1f13917fa50ecb6e4ad
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7787
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
* //3p/overlays/haskell: upstream has the correct version of graphmod
now, but the updated meta set is not yet in the channel.
Change-Id: I55f23c6145d71346ced77d3c349e712f29752b9d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7730
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
The use of superrecord here can be replaced by simple labelled tuples.
Change-Id: I23690cd0b88896440521fe81e83347ef4773d4a0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7713
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: Profpatsch <mail@profpatsch.de>
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
* //users/grfn/modules: change deprecated loaOf to attrsOf, the former
is an alias for the latter nowadays.
Change-Id: I6fa71b43f8c1d0adeafb8b78b197e80733f5392a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7679
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
This is the latest version before 1.0 which has some bigger changes as
brick's EventM gains the ability to be MonadState which requires
adjusting basically all App code.
In 0.72, handleEditorEvent started taking a BrickEvent, so we no longer
need to unwrap the VtyEvent in handlePromptEvent.
Change-Id: Ic6a1ce6e21ba46177d3ce0b8a124abe7d8951464
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7666
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
The main change is that nixpkgs updated to GHC 9.2 and Stackage LTS-20,
so we suffer from a bit of churn.
* //3p/overlays/haskell:
- use updated dhall-nix patch for hnix 0.16
- use superrecord fork with fixes for GHC 9.2
- use graphmod-1.4.5.1 which has support for GHC 9.2
* //users/Profpatsch: relax constraints on base in Haskell pkgs
* //users/Profpatsch/cas-serve: inherit superrecord from 3p
* //users/grfn/xanthous:
- //3p/overlays/haskell for 8.10.7:
* Provide missing dependency of binary-orphans. Fix already commited
upstream as e238c3fdaab710a2ce0135e5a77cd7e6bb023a22, can be
dropped when channel advances.
* Downgrade to brick 0.71.1, the latest version xanthous supports.
- Adjust to generic-arbitrary >= 1.0, providing Arg constraints where
necessary.
- Increase constraint-solver-iterations to 6 (default 4), so
Xanthous.Command and Xanthous.Data can be typechecked.
- Drop NFData instances for Key and Modifier which have been added to
vty upstream.
Change-Id: I2170438c2ce8130b65f1a9fe07c4fecab5683d66
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7654
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
This ties the top-level localSystem so it's passed to the instance of
nixpkgs as well.
Change-Id: I9ea3431d5cb35bb99765c5b4d2f22190376435af
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5856
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
* //third_party/overlays/tvl: remove SBCL override, as SBCL 2.2.11 fixes
the bug we were running into.
* //fun/gemma: use historical nixpkgs for everything due to ABI
incompatibilities triggered by preloaded libredirect.so wanting
GLIBC_2.34 which is not available in elm-make.
Change-Id: I465f0366413856e45ddd1e67fc9d732075e2f3c5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7595
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
Add missing dependency alexandria. This update adds a feature to disable
the cffi which would be neat for ECL.
Change-Id: Iad5a4646317fb26bb2dec7bcf3d883075ab24842
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7564
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
This version supports newer Cargo features that are starting to appear
in our dependencies.
Change-Id: I2eb7efdf945cacc53e8ced6ac9cb0255d08ca582
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7589
Reviewed-by: flokli <flokli@flokli.de>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
For another project I need a way to fetch JS dependencies, as I couldn't
avoid them there. napalm seems to be the best option for this at the
moment, as the approach of running a local registry system seems to be
more robust than using npm's offline mode (which npmlock2nix) is doing.
If the latter gets better, it may be prudent to switch. napalm is
relatively unproblematic, i.e. no Haskell in IFD.
Change-Id: Icf57d3505a55422681bd90c445bde52fcf5841aa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7289
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
This includes a bump for mullvad to 2022-5, which is crucial for me.
Note that the Emacs packages bump has been manually excluded.
Fixes:
* //users/grfn/system: removed `ec2.hvm` option from roswell, this
option is no longer necessary and fails eval with an error now
Change-Id: I23f4998591397a820b5912f24ed9526d9bb1532d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7400
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
* //3p/nixpkgs: allow insecure qtwebkit, since a package
in grfn's home depends on it. Reasoning for marking
qtwebkit as insecure is given here:
https://blogs.gnome.org/mcatanzaro/2022/11/04/stop-using-qtwebkit/
* //3p/gerrit: update nondeterministic bazel output hash
Change-Id: Ie652905969bf43abb457f6af211f771cff093dce
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7353
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
By re-using the nix_2_3 expression from nixpkgs we are no longer stuck
with the 2021 expression from Nix's release.nix and the resulting
derivation has a shape that other expressions in nixpkgs expect (e.g.
nix-serve), so we can actually overlay our fork into the nix_2_3
attribute. This should reduce duplication on e.g. whitby.
Since there is no nixUnstable expression in nixpkgs anymore, it expects
a Nix release tarball which we produle using the appropriate release.nix
job from the repository. Sadly there is some trickery involved in
getting it to respect localSystem, since the tarball job is not based on
the passed in systems list.
Change-Id: Ib49f298334d166327f91559a06b0a37b2488bc63
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7262
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
cl/5832 added a global system parameter to depot which allowed specifying
what `system` should be used for nixpkgs and all depot derivations
(assuming a native compilation case) which was implemented in cl/5846.
This allows instantiating derivations for a different system than
whatever builtins.currentSystem happens to be. This is useful for
debugging, allows you to schedule builds on build servers for
other platforms or build for architectures that are a subset of
the one you are running (e.g. i686-linux).
This change eliminates all remaining uses of builtins.currentSystem
which could lead to an inconsistent combination of `system` values
when passing `localSystem`.
Change-Id: I0f824f4f0afa88ef1ddd9a8cecb24bf94bacde7a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7260
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
We need a user in the context when we ask the groups backend to look up
groups by name, so for now if we don't have a _real_ user in the context
(such as during change indexing), then populate the context with the
anonymous user just for the duration of the groups backend calls.
Change-Id: If961d84fe57443cb95deb59628802658585ed1cb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7172
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Relatively minor bump, but makes sure we use a proper channel again
instead of a (not so) random commit on staging-next. Should include the
odd build fix or two as well.
Change-Id: Iefe7afdf173828edcb3e88263d27aba13ded691b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7167
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
If more of these issues crop up, we should consider making a patch for
our Nix fork that ignores the --experimental-features flag.
Change-Id: If146804f2c9f9375f2035985a6fd99f72b0fdcc7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7165
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
* //ops/machines/whitby: Disable grafana, since the grafana module was
changed upstream in a way that our configuration no longer works.
Since the OpenSSL security update is relatively pressing, adapting the
grafana configuration beforehand is not a hard requirement. See
https://github.com/NixOS/nixpkgs/pull/191768.
* //tools/depotfmt: keep Go at version 1.18 to forgo a reformat of the
tree.
* //nix/buildGo: keep Go at version 1.18, as 1.19 changed the CLI
interface (?) in a way that breaks buildGo.
* //3p/overlays/tvl: drop upstreamed tdlib upgrade.
* //3p/overlays/tvl: patch buf to work around breakage due to git 2.38.1
TODO items for Go are tracked in b/215.
Change-Id: Ie08fef49cf3db12e6b5225a8b992a990ddc5b642
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7141
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <tazjin@tvl.su>
* //users/grfn/system/home/modules:
The MultiMC saga continues with:
> PolyMC has been removed from nixpkgs due to a hostile takeover
> by a rogue maintainer. The rest of the maintainers have made a
> fork which is packaged as 'prismlauncher'.
* //third_party/overlays:
Override tdlib to 1.8.7 while waiting for nixpkgs to catch up.
* //users/tazjin/finito:
Disable on CI temporarily as it has been broken by some change
in nixpkgs, now failing to compile a dependency.
Change-Id: Ide038a8d466bfdc19dc9016beb03ae4817939a2b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7066
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Instead of waiting for nixpkgs to [update home-manager], we can track
the upstream repository directly (using master as a channel seems to
be common practice) and overlay the up to date source into our nixpkgs
instance.
For //users/tazjin/home and //users/wpcarro/nixos/marcus, we need to
set `home.stateVersion`, since the default value for this option was
removed some time this summer.
[update home-manager]: https://github.com/NixOS/nixpkgs/issues/197907
Change-Id: I8c153fb7d3b55a4040652a5d619761b640119105
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7098
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: wpcarro <wpcarro@gmail.com>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
The version of buf used is quite old.
nixpkgs provides a more recent version, but it requires us to migrate
config to the latest version.
depot_scanner.proto doesn't honor some of the conventions, so we need
allow_comment_ignores and drop a bunch of comments in there.
Change-Id: Ic978fe92fb7c8471f58c137497528f18aad8f3ab
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7053
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: tazjin <tazjin@tvl.su>