about summary refs log tree commit diff
path: root/users/Profpatsch/ical-smolify/default.nix
diff options
context:
space:
mode:
authorsterni <sternenseemann@systemli.org>2024-03-31T09·56+0200
committerclbot <clbot@tvl.fyi>2024-03-31T22·27+0000
commit73b1f0407bb224f82cca6ce1854a6080a6afecca (patch)
treeb5a9f287e6ccd983ecb77fd63f6d706db18f5869 /users/Profpatsch/ical-smolify/default.nix
parentb67b0a6d7243135f3341c0a449895d209d0908d8 (diff)
chore(3p/sources): bump channels & overlays – xz edition r/7837
Update all 3p/sources as we do normally except

- agenix which is still pinned to 0.15.0

- nixpkgs (unstable) which we bump to the HEAD of the staging-next
  branch. This branch includes the downgrade of xz from 5.6.1 to
  5.4.6 (https://github.com/nixos/nixpkgs/commit/d6dc19adbd). It
  also includes the second haskell-updates rotation with GHC 9.6.4
  which contains a few build fixes that seem to be required to get
  our Haskell targets to work.

Note that this only reverts xz to a version that doesn't contain the now
known backdoor (CVE-2024-3094) which may or may not actually affect
NixOS. Additionally reverting to a version before the malicious
contributor's involvement may be difficult, but prudent:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068024

Changes required by the updates:

- //3p/overlays/haskell:

  - Update ihp-hsx to latest master to fix build with Stackage LTS 22.
  - Update tmp-postgres to latest master to work around failure with
    ansi-wl-pprint >= 1.
  - Patch punycode for mtl >= 2.3.

- //users/Profpatsch:

  - Clean up some warnings, mostly about unused dependencies
  - my-prelude: Fix build with ghc-boot-9.6.4
  - cas-serve: Use crypton over unmaintained cryptonite
  - ical-smolify: skip in ci, iCalendar would require heavy patching to
    work with Stackage LTS 22.

- //users/{wpcarro,aspen,flokli}:

  Disable home-manager / nixos configuration builds that seem to have
  transient failures that should disappear as we move away from
  staging-next and closer to an actual channel release.

Change-Id: I5cca48e101041c3aedc1d9932dbca2cac885fcc1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11289
Tested-by: BuildkiteCI
Autosubmit: sterni <sternenseemann@systemli.org>
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Diffstat (limited to 'users/Profpatsch/ical-smolify/default.nix')
-rw-r--r--users/Profpatsch/ical-smolify/default.nix11
1 files changed, 9 insertions, 2 deletions
diff --git a/users/Profpatsch/ical-smolify/default.nix b/users/Profpatsch/ical-smolify/default.nix
index f67d175ce3f3..bf766db0e974 100644
--- a/users/Profpatsch/ical-smolify/default.nix
+++ b/users/Profpatsch/ical-smolify/default.nix
@@ -1,7 +1,7 @@
 { depot, pkgs, lib, ... }:
 
 let
-  cas-serve = pkgs.writers.writeHaskell "ical-smolify"
+  ical-smolify = pkgs.writers.writeHaskell "ical-smolify"
     {
       libraries = [
         pkgs.haskellPackages.iCalendar
@@ -13,4 +13,11 @@ let
     } ./IcalSmolify.hs;
 
 in
-cas-serve
+
+ical-smolify.overrideAttrs (old: {
+  meta = lib.recursiveUpdate old.meta or { } {
+    # Dependency iCalendar no longer builds in nixpkgs due to a lack of maintenance upstream
+    # https://github.com/nixos/nixpkgs/commit/13d10cc6e302e7d5800c6a08c1728b14c3801e26
+    ci.skip = true;
+  };
+})