about summary refs log tree commit diff
path: root/third_party/default.nix
diff options
context:
space:
mode:
authorsterni <sternenseemann@systemli.org>2021-02-19T11·42+0100
committersterni <sternenseemann@systemli.org>2021-02-19T14·45+0000
commite628862e97acc5cd9aa2c9da86f26edd6d14605c (patch)
tree186c425ff9f56cd65603f4416c0d521581379bb7 /third_party/default.nix
parente174bad35ba1a5a7de3a8aec3420ca210b78f7e5 (diff)
chore(3p): Bump NixOS channels to 2021-02-18 r/2221
Main motivation for this is to get the openldap update that fixes
10 CVEs: CVE-2020-36221 to including CVE-2020-36230. See also this
issue which lists them all: https://github.com/NixOS/nixpkgs/issues/113490

Someone should also redeploy whitby as soon as this lands in canon and
all build failures have been fixed.

Things done to resolve upstream breakages:

* grpc no longer takes abseil-cpp as an input, it has also been removed
  in the override.

* Upgrade glittershark's kernel to 5.11 since the linuxPackages_5_9
  attribute has been removed by upstream and the patch used by them is
  available for 5.11 as well.

* The fixed output hash for third_patry.apereo-cas changed for some reason.

* Remove the pin of haskellPackages.vector from the haskell overlay. It
  broke as the most recent version of vector in nixos-unstable no longer
  depends on semigroups. This effectively updates vector from 0.12.1.2
  to 0.12.2.0.

* Align two comments in tvix/libstore/worker-protocol.hh because the
  updated clang-format now demands that.

Change-Id: I2ecf10a98de935e9222acf1feaea447d4c11ed2d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2538
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
Diffstat (limited to 'third_party/default.nix')
-rw-r--r--third_party/default.nix12
1 files changed, 6 insertions, 6 deletions
diff --git a/third_party/default.nix b/third_party/default.nix
index 096396d3b64f..c3c5ea11bb3d 100644
--- a/third_party/default.nix
+++ b/third_party/default.nix
@@ -5,11 +5,11 @@
 { ... }:
 
 let
-  # Tracking nixos-unstable as of 2021-01-19.
-  nixpkgsCommit = "68398d2dd50efc2d878bf0f83bbc8bc323b6b0e0";
+  # Tracking nixos-unstable as of 2021-02-18.
+  nixpkgsCommit = "6b1057b452c55bb3b463f0d7055bc4ec3fd1f381";
   nixpkgsSrc = fetchTarball {
     url = "https://github.com/NixOS/nixpkgs/archive/${nixpkgsCommit}.tar.gz";
-    sha256 = "1bivcxnajll53ixwyl304fq22w5dg97fqbwk8imp6ipwq84bq5ga";
+    sha256 = "10qfg11g8m0q2k3ibcm0ivjq494gqynshm3smjl1rfn5ifjf5fz8";
   };
   nixpkgs = import nixpkgsSrc {
     config.allowUnfree = true;
@@ -21,11 +21,11 @@ let
     ];
   };
 
-  # Tracking nixos-20.09 as of 2021-01-19.
-  stableCommit = "88f00e7e12d2669583fffd3f33aae01101464386";
+  # Tracking nixos-20.09 as of 2021-02-17.
+  stableCommit = "5c53c720ff690ef82a9fe4849e7b70c104e1c82f";
   stableNixpkgsSrc = fetchTarball {
     url = "https://github.com/NixOS/nixpkgs/archive/${stableCommit}.tar.gz";
-    sha256 = "0972lcah2wm1j7ab5acnpn1il68q90cdqhvq1vj4nlnygnwzhcfr";
+    sha256 = "0gjxfxbfc6maqg48k9ai476s6zkc94p0y3v9yjgwbiy7b38pqfys";
   };
   stableNixpkgs = import stableNixpkgsSrc {};