Use nixos-unstable-small which fixes CVE-2018-25032
(out of bounds write while compressing).
* //users/grfn/xanthous:
- Supporting random-fu 0.3 requires considerable changes and patching
random-extras (https://github.com/aristidb/random-extras/pull/5).
For now we downgrade random-fu and its dependency rvar to 0.2.*,
forcing us to build xanthous with GHC 8.10.7, due to random-fu 0.2.*
not supporting that version.
Nix expressions for the downgraded packages are checked in to avoid
the potential need to compile Haskell at pipeline eval time.
- generic-arbitrary exposes a GenericArbitrary newtype now.
This means we no longer have to implement it in xanthous
downstream and patch generic-arbitrary to expose the
GArbitrary type class.
- Minor adjustments for lens 5.0:
Xanthous.Game.Memo: clear needs to use ASetter' instead of Lens'
Xanthous.Data.EntityMap: TraversableWithIndex no longer has an
itraversed function.
- Xanthous.Orphans: adjust for aeson's KeyMap, use KM.size explicitly
instead of relying on MonoTraversable's length
* //nix/buildLisp: the CCL issue has resurfaced, disabling the
implementation once again.
* //3p/arion: remove, as depot uses the nixpkgs package of it anyways.
* //users/wpcarro: accomodate GHC 9.0.1's stricter parsing of operators.
* //users/tazjin: disable rustfmt as it stopped respecting settings
* //3p/overlays: upgrade home-manager until fix for serivce generation
has landed upstream
* //users/grfn/system: remove rr override, as the pinned commit is part
of the 5.5.0 release shipped by nixpkgs.
Change-Id: If229e7317ba48498f85170b57ee9053f6997ff8a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5428
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: wpcarro <wpcarro@gmail.com>
* //3p/overlays: add workaround for broken URL in current channel.
The added assert should fire as soon as the fix lands in channels
as a reminder to clean it up.
Change-Id: I3014fbacec5f8933bb0c055a065c5ff2935b131b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5425
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Using the dhall executables from nixpkgs is basically always a
mistake, they have to be built and are regularly broken.
We don’t want to care about that, but just use the official statically
built binary releases.
Change-Id: Ia6d9254076ca21f55e020ae81548e80d6be8281d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3041
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: zseri <zseri.devel@ytrizja.de>
* //3p/overlays/tvl: propagate git as a native build input from magit,
because magit checks the version of git at load time ever since a
recent commit [1]. This check been escalated to a failure in a
subsequent commit [2]. The result is that anything require-ing magit
will fail with an error if git is not in PATH (or a path to git
provided) which is basically what happens in byte compilation of all
packages that depend on magit.
For now the easiest way to work around it is letting magit have its
way and provide git which easy enough for it. Upstream should probably
think about this behaviour or emacs-overlay address it somehow. For
now I've opened an issue with magit [3].
[1]: 6c4ff54a08
[2]: 8394f0d4ea
[3]: https://github.com/magit/magit/issues/4614
Change-Id: I6aaf8258c3798b76cdaa6eef066c6224e374e02e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5326
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Since upstream Hydra was stuck and was intermittently unable to complete
any evals, this is quite a big jump on nixpkgs' master branch despite
coming only a short amount of time after the previous channel update.
Change-Id: I83977e3e36da681a4ffe9a6a4718133686dd8985
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5322
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
josh-proxy calls git at runtime and needs to have it available
Change-Id: Ifccc6879cc5911060c7e6681c202fe5e8c2f5440
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5269
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: wpcarro <wpcarro@gmail.com>
Reviewed-by: grfn <grfn@gws.fyi>
This will make sure that the db is updated regularly (on every channel
bump). This is fine, because an advisory no longer implies a build
failure.
Change-Id: I1dc0b335e0881b5c58015da63c3c47f1ab1e645f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4554
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
With this change it becomes possible to push back to code.tvl.fyi
through josh views.
We probably want to change this patch so that it can be upstreamed,
but for now I just want to get this to work.
Change-Id: I7cdacf384e38da6ba9621e5818cfaf7c5d5c99a2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5273
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: tazjin <tazjin@tvl.su>
* //nix/buildLisp: re-enable CCL, as the crash has been fixed upstream,
although it is unclear what exactly caused / fixed it.
* //ops/whitby: the kitty build broke upstream, so we can't install the
terminfo on whitby for a bit.
Change-Id: I5710acbe837fbc936e334b2e81f9cf00ed6ae280
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5274
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
We're now using the upstream versions of all of these with minor
overrides, no separate nonsense required.
Change-Id: I61ace7ccf7ff807ef3c7219b36e08629a2251699
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5246
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
... and build //third_party/nix with the one from nixpkgs.
Change-Id: Iae7f1772a31286f2c22955cdc1fe61ee82d112aa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3016
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: grfn <grfn@gws.fyi>
* //3p/nix: probably not worth investing time into this anymore
* //users/sterni/emacs: The emoji problem disappeared by itself with a
newer emacs version, however a different one remains…
* //web/panettone: If we ever want to change the behavior, we should
just decide the behavior statically instead of using conditions and
restarts, as we only call it in one place, so making different
decisions depending on call sites is not really a use case we have.
Change-Id: Iff9d439ce356db41ce34d690fb7b6a01822022fa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5223
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
* //nix/buildLisp: This channel bump brought a bizarre regression
in ccl, causing binaries to crash on thread clean up. This was
likely caused by a glibc update in nixpkgs. We'll disable emitting CI
targets for ccl until we can find out and fix what's going on.
Change-Id: I37629f384fa99ec4ef96ce7127fa7569adecb687
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5207
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
Not sure if this used to work or if I started using the rev attribute in
nixpkgs-crate-holes without actually testing it. The failure in any case
is hidden from CI as it occurs at runtime, being hidden behind a
function.
Change-Id: Ib1db5393554a699c7c4b18697a9c9c902e93a507
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5199
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Accessing the headers of a MIME message feels like something mime4cl
should handle. We implemented this ad hoc in mblog before in order to
not need to worry about doing it in a sensible way. Now we introduce a
decent-ish interface for getting a header from a MIME message,
mime-message-header-values:
* It returns a list because MIME message headers may appear multiple
times.
* It decodes RFC2047 only upon request, as you may want to be stricter
about parsing certain fields.
* It checks header name equality case insensitively.
The code for decoding the RFC2047 string is retained and still uses
babel for doing the actual decoding.
Change-Id: I58bbbe4b46dbded04160b481a28a40d14775673d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5150
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
By computing the amount the stream position advanced we can save a
syscall on every read which speeds up mime:mime-body-stream by /a lot/,
e.g. extracting a ~3MB attachment drops from over 15s to under ~0.5s.
There's still a lot to be gained and correctness left to be desired
which can be addressed as described in the newly added comment.
Change-Id: I5e1dfd213aac41203f271cf220db456dfb95a02b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5073
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Otherwise the skipping will be nuked by the subsequent readTree
change (cl/5186).
Change-Id: Ia1101d5073ecf892fb1881d6ee4a723c5d572c84
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5188
Tested-by: BuildkiteCI
Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
Autosubmit: tazjin <tazjin@tvl.su>
There's no need for us to reinvent the wheel here.
niv pins are in //third_party/sources, and niv commands need to be run
with `niv -s third_party/sources/sources.json` to operate on the
correct file.
Note that niv by default wants to put the loader file in
//nix/sources.nix. This file has been moved to
//third_party/sources/default.nix which makes niv throw a warning, but
everything still works as intended.
Change-Id: I2b2a6f8edf33c429a6d7be9d174ba1996d9a0193
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5143
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Use a nixos-unstable revision the channel has not yet advanced to (but
the tested jobset has succeeded already), so we'll benefit from the
polkit security update.
* //users/grfn/home/games: replace multimc with polymc.
Seems like this is the conclusion in in the trademark saga.
* //third_party/terrform-provider-glesys: use new mkProvider interface
See https://github.com/nixos/nixpkgs/commit/e7dbfd7ece0e
Change-Id: Ieb76a3d73c42ce1fa34050ac797fa4e3a905e8ef
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5075
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: grfn <grfn@gws.fyi>
Seems like some issues to do with bytecode compilation have been fixed
at HEAD. closer-mop compiles again and an ironclad failure with the
next quicklisp/channel bump is avoided.
In this change pathname handling in ECL also changed somehow, causing it
to make the :directory part absolute by prefixing it with a slash which
made ld.bfd unhappy while linking an output path that began with a
double slash. This problem can be avoided by constructing the path as
ANSI Common Lisp intended. The truename on the out path is important to
make it recognize that it is indeed a directory.
Change-Id: I5e744022b92502f99ac0b33411a6be443707e200
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5076
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Having #+cmu all over the place suggests that we maintain CMUCL support
or test with CMUCL which is not the case.
Change-Id: Ia0828cb1ac48e49acdee6fef7a0fa2c04c1805b3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5068
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
This should be a net positive for portability and lets us drop some of
the CMUCL cruft (which we don't test anyway, CMU support may have
regressed regardless).
Change-Id: I85664d82d211177da1db9eebea65c956295b09f7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5067
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
We need 'meta.ci' to be an attribute set for new CI features.
Change-Id: I83d04e2d74e42e49fe739b049ee4ba799f6d5d86
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5007
Tested-by: BuildkiteCI
Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
Reviewed-by: wpcarro <wpcarro@gmail.com>
This change is required for using our package set in exported josh
workspaces. It has no functional impact on depot itself.
Change-Id: Id48b40f067b5d53a2b7386a0ba1146a72268b923
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4990
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Moves to the derivation-based git fetchers everywhere in third-party.
This might help with forward-compatibility with newer Nix versions,
though that's not our primary concern right now.
Change-Id: I565bb72585b8639893e9ea3a9e233338aede63a9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3903
Tested-by: BuildkiteCI
Reviewed-by: zseri <zseri.devel@ytrizja.de>
Temporarily use a master commit as some interesting failures have been
fixed there (yubikey-manager and notmuch).
* //users/tazjin/nixos/camden: The acme module was moved around, so we
need to adjust the disabled module path.
Change-Id: I21c6a1963ffe4205f3577f531ce10b778a82e2ff
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4865
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>