Commit graph

5 commits

Author SHA1 Message Date
sterni
73b1f0407b chore(3p/sources): bump channels & overlays – xz edition
Update all 3p/sources as we do normally except

- agenix which is still pinned to 0.15.0

- nixpkgs (unstable) which we bump to the HEAD of the staging-next
  branch. This branch includes the downgrade of xz from 5.6.1 to
  5.4.6 (https://github.com/nixos/nixpkgs/commit/d6dc19adbd). It
  also includes the second haskell-updates rotation with GHC 9.6.4
  which contains a few build fixes that seem to be required to get
  our Haskell targets to work.

Note that this only reverts xz to a version that doesn't contain the now
known backdoor (CVE-2024-3094) which may or may not actually affect
NixOS. Additionally reverting to a version before the malicious
contributor's involvement may be difficult, but prudent:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068024

Changes required by the updates:

- //3p/overlays/haskell:

  - Update ihp-hsx to latest master to fix build with Stackage LTS 22.
  - Update tmp-postgres to latest master to work around failure with
    ansi-wl-pprint >= 1.
  - Patch punycode for mtl >= 2.3.

- //users/Profpatsch:

  - Clean up some warnings, mostly about unused dependencies
  - my-prelude: Fix build with ghc-boot-9.6.4
  - cas-serve: Use crypton over unmaintained cryptonite
  - ical-smolify: skip in ci, iCalendar would require heavy patching to
    work with Stackage LTS 22.

- //users/{wpcarro,aspen,flokli}:

  Disable home-manager / nixos configuration builds that seem to have
  transient failures that should disappear as we move away from
  staging-next and closer to an actual channel release.

Change-Id: I5cca48e101041c3aedc1d9932dbca2cac885fcc1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11289
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
2024-03-31 22:27:04 +00:00
Profpatsch
8c4730c433 chore(users/Profpatsch/*): more cabal maintenance
Change-Id: Ib1714abce2815873eb50dbeac088e812fa9098ab
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8686
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
Autosubmit: Profpatsch <mail@profpatsch.de>
2023-07-13 23:03:09 +00:00
Profpatsch
e5fa10b209 chore(users/Profpatsch/cas-serve): remove dependency on superrecord
The use of superrecord here can be replaced by simple labelled tuples.

Change-Id: I23690cd0b88896440521fe81e83347ef4773d4a0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7713
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: Profpatsch <mail@profpatsch.de>
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
2023-01-01 22:02:25 +00:00
sterni
5a063def51 chore(3p/sources): Bump channels & overlays
The main change is that nixpkgs updated to GHC 9.2 and Stackage LTS-20,
so we suffer from a bit of churn.

* //3p/overlays/haskell:

  - use updated dhall-nix patch for hnix 0.16

  - use superrecord fork with fixes for GHC 9.2

  - use graphmod-1.4.5.1 which has support for GHC 9.2

* //users/Profpatsch: relax constraints on base in Haskell pkgs

* //users/Profpatsch/cas-serve: inherit superrecord from 3p

* //users/grfn/xanthous:

  - //3p/overlays/haskell for 8.10.7:

    * Provide missing dependency of binary-orphans. Fix already commited
      upstream as e238c3fdaab710a2ce0135e5a77cd7e6bb023a22, can be
      dropped when channel advances.

    * Downgrade to brick 0.71.1, the latest version xanthous supports.

  - Adjust to generic-arbitrary >= 1.0, providing Arg constraints where
    necessary.

  - Increase constraint-solver-iterations to 6 (default 4), so
    Xanthous.Command and Xanthous.Data can be typechecked.

  - Drop NFData instances for Key and Modifier which have been added to
    vty upstream.

Change-Id: I2170438c2ce8130b65f1a9fe07c4fecab5683d66
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7654
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
2022-12-29 20:06:12 +00:00
Profpatsch
c04c66c637 feat(users/Profpatsch/cas-serve): init
A dumb little daemon that stores arbitrary files by content-hash, and
exposes a randomly generated URL by which the file can be fetched
again.

If the same file is uploaded twice, it will only be stored once.
CAS hashes are not exposed to the user, so they can’t figure out
whether a file they know is in the database.

Change-Id: Ie57bc09d429a9f31c8f0fc5f63f78d6a84d650f7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5952
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
2022-07-17 17:00:43 +00:00