nixVersions.nix_2_3: add knownVulnerabilities
This commit is contained in:
parent
1063473001
commit
a61841a597
@ -18,7 +18,9 @@ let
|
||||
|
||||
pkgs = import nixpkgs' {
|
||||
inherit system;
|
||||
config = { };
|
||||
config = {
|
||||
permittedInsecurePackages = [ "nix-2.3.18" ];
|
||||
};
|
||||
overlays = [ ];
|
||||
};
|
||||
|
||||
|
@ -2,9 +2,16 @@
|
||||
# The pkgs used for dependencies for the testing itself
|
||||
# Don't test properties of pkgs.lib, but rather the lib in the parent directory
|
||||
system ? builtins.currentSystem,
|
||||
pkgs ? import ../.. { inherit system; } // {
|
||||
lib = throw "pkgs.lib accessed, but the lib tests should use nixpkgs' lib path directly!";
|
||||
},
|
||||
pkgs ?
|
||||
import ../.. {
|
||||
inherit system;
|
||||
config = {
|
||||
permittedInsecurePackages = [ "nix-2.3.18" ];
|
||||
};
|
||||
}
|
||||
// {
|
||||
lib = throw "pkgs.lib accessed, but the lib tests should use nixpkgs' lib path directly!";
|
||||
},
|
||||
# For testing someone may edit impure.nix to return cross pkgs, use `pkgsBuildBuild` directly so everything here works.
|
||||
pkgsBB ? pkgs.pkgsBuildBuild,
|
||||
nix ? pkgs-nixVersions.stable,
|
||||
|
@ -11,6 +11,7 @@
|
||||
inherit hash;
|
||||
},
|
||||
patches ? [ ],
|
||||
knownVulnerabilities ? [ ],
|
||||
maintainers ? [
|
||||
lib.maintainers.lovesegfault
|
||||
lib.maintainers.artturin
|
||||
@ -335,7 +336,7 @@ let
|
||||
'';
|
||||
homepage = "https://nixos.org/";
|
||||
license = licenses.lgpl21Plus;
|
||||
inherit maintainers teams;
|
||||
inherit knownVulnerabilities maintainers teams;
|
||||
platforms = platforms.unix;
|
||||
outputsToInstall = [ "out" ] ++ optional enableDocumentation "man";
|
||||
mainProgram = "nix";
|
||||
|
@ -159,6 +159,15 @@ lib.makeExtensible (
|
||||
patch-monitorfdhup
|
||||
];
|
||||
self_attribute_name = "nix_2_3";
|
||||
knownVulnerabilities = [
|
||||
"CVE-2024-38531"
|
||||
"CVE-2024-47174"
|
||||
"CVE-2025-46415"
|
||||
"CVE-2025-46416"
|
||||
"CVE-2025-52991"
|
||||
"CVE-2025-52992"
|
||||
"CVE-2025-52993"
|
||||
];
|
||||
maintainers = with lib.maintainers; [ flokli ];
|
||||
teams = [ ];
|
||||
}).overrideAttrs
|
||||
|
@ -3,7 +3,13 @@
|
||||
officialRelease,
|
||||
pkgs ? import nixpkgs.outPath { },
|
||||
nix ? pkgs.nix,
|
||||
lib-tests ? import ../../lib/tests/release.nix { inherit pkgs; },
|
||||
lib-tests ? import ../../lib/tests/release.nix {
|
||||
pkgs = import nixpkgs.outPath {
|
||||
config = {
|
||||
permittedInsecurePackages = [ "nix-2.3.18" ];
|
||||
};
|
||||
};
|
||||
},
|
||||
}:
|
||||
|
||||
pkgs.releaseTools.sourceTarball {
|
||||
|
@ -86,6 +86,7 @@ let
|
||||
id
|
||||
isDerivation
|
||||
optionals
|
||||
recursiveUpdate
|
||||
;
|
||||
|
||||
inherit (release-lib.lib.attrsets) unionOfDisjoint;
|
||||
@ -111,7 +112,20 @@ let
|
||||
|
||||
manual = pkgs.nixpkgs-manual.override { inherit nixpkgs; };
|
||||
metrics = import ./metrics.nix { inherit pkgs nixpkgs; };
|
||||
lib-tests = import ../../lib/tests/release.nix { inherit pkgs; };
|
||||
lib-tests = import ../../lib/tests/release.nix {
|
||||
pkgs = import nixpkgs (
|
||||
recursiveUpdate
|
||||
(recursiveUpdate {
|
||||
inherit system;
|
||||
config.allowUnsupportedSystem = true;
|
||||
} nixpkgsArgs)
|
||||
{
|
||||
config.permittedInsecurePackages = nixpkgsArgs.config.permittedInsecurePackages or [ ] ++ [
|
||||
"nix-2.3.18"
|
||||
];
|
||||
}
|
||||
);
|
||||
};
|
||||
pkgs-lib-tests = import ../pkgs-lib/tests { inherit pkgs; };
|
||||
|
||||
darwin-tested =
|
||||
|
Loading…
x
Reference in New Issue
Block a user