diff options
Diffstat (limited to 'nixpkgs/.github')
25 files changed, 1283 insertions, 0 deletions
diff --git a/nixpkgs/.github/CODEOWNERS b/nixpkgs/.github/CODEOWNERS new file mode 100644 index 000000000000..f5679a1a1420 --- /dev/null +++ b/nixpkgs/.github/CODEOWNERS @@ -0,0 +1,327 @@ +# CODEOWNERS file +# +# This file is used to describe who owns what in this repository. This file does not +# replace `meta.maintainers` but is instead used for other things than derivations +# and modules, like documentation, package sets, and other assets. +# +# For documentation on this file, see https://help.github.com/articles/about-codeowners/ +# Mentioned users will get code review requests. +# +# IMPORTANT NOTE: in order to actually get pinged, commit access is required. +# This also holds true for GitHub teams. Since almost none of our teams have write +# permissions, you need to list all members of the team with commit access individually. + +# This file +/.github/CODEOWNERS @edolstra + +# GitHub actions +/.github/workflows @NixOS/Security @Mic92 @zowoq +/.github/workflows/merge-staging @FRidh + +# EditorConfig +/.editorconfig @Mic92 @zowoq + +# Libraries +/lib @edolstra @infinisil +/lib/systems @alyssais @ericson2314 @matthewbauer @amjoseph-nixpkgs +/lib/generators.nix @edolstra @Profpatsch +/lib/cli.nix @edolstra @Profpatsch +/lib/debug.nix @edolstra @Profpatsch +/lib/asserts.nix @edolstra @Profpatsch +/lib/path.* @infinisil @fricklerhandwerk + +# Nixpkgs Internals +/default.nix @Ericson2314 +/pkgs/top-level/default.nix @Ericson2314 +/pkgs/top-level/impure.nix @Ericson2314 +/pkgs/top-level/stage.nix @Ericson2314 @matthewbauer +/pkgs/top-level/splice.nix @Ericson2314 @matthewbauer +/pkgs/top-level/release-cross.nix @Ericson2314 @matthewbauer +/pkgs/stdenv/generic @Ericson2314 @matthewbauer @amjoseph-nixpkgs +/pkgs/stdenv/generic/check-meta.nix @Ericson2314 @matthewbauer @piegamesde +/pkgs/stdenv/cross @Ericson2314 @matthewbauer @amjoseph-nixpkgs +/pkgs/build-support/cc-wrapper @Ericson2314 @amjoseph-nixpkgs +/pkgs/build-support/bintools-wrapper @Ericson2314 +/pkgs/build-support/setup-hooks @Ericson2314 +/pkgs/build-support/setup-hooks/auto-patchelf.sh @layus +/pkgs/build-support/setup-hooks/auto-patchelf.py @layus +/pkgs/pkgs-lib @infinisil + +# pkgs/by-name +/pkgs/test/nixpkgs-check-by-name @infinisil + +# Nixpkgs build-support +/pkgs/build-support/writers @lassulus @Profpatsch + +# Nixpkgs make-disk-image +/doc/builders/images/makediskimage.section.md @raitobezarius +/nixos/lib/make-disk-image.nix @raitobezarius + +# Nixpkgs documentation +/maintainers/scripts/db-to-md.sh @jtojnar @ryantm +/maintainers/scripts/doc @jtojnar @ryantm + +# Contributor documentation +/CONTRIBUTING.md @infinisil +/.github/PULL_REQUEST_TEMPLATE.md @infinisil +/doc/contributing/ @fricklerhandwerk @infinisil +/doc/contributing/contributing-to-documentation.chapter.md @jtojnar @fricklerhandwerk @infinisil +/lib/README.md @infinisil +/doc/README.md @infinisil +/nixos/README.md @infinisil +/pkgs/README.md @infinisil +/maintainers/README.md @infinisil + +# User-facing development documentation +/doc/development.md @infinisil +/doc/development @infinisil + +# NixOS Internals +/nixos/default.nix @infinisil +/nixos/lib/from-env.nix @infinisil +/nixos/lib/eval-config.nix @infinisil +/nixos/modules/system @dasJ +/nixos/modules/system/activation/bootspec.nix @grahamc @cole-h @raitobezarius +/nixos/modules/system/activation/bootspec.cue @grahamc @cole-h @raitobezarius + +# NixOS integration test driver +/nixos/lib/test-driver @tfc + +# NixOS QEMU virtualisation +/nixos/virtualisation/qemu-vm.nix @raitobezarius + +# Systemd +/nixos/modules/system/boot/systemd.nix @NixOS/systemd +/nixos/modules/system/boot/systemd @NixOS/systemd +/nixos/lib/systemd-*.nix @NixOS/systemd +/pkgs/os-specific/linux/systemd @NixOS/systemd + +# Updaters +## update.nix +/maintainers/scripts/update.nix @jtojnar +/maintainers/scripts/update.py @jtojnar +## common-updater-scripts +/pkgs/common-updater/scripts/update-source-version @jtojnar + +# Python-related code and docs +/maintainers/scripts/update-python-libraries @FRidh +/pkgs/development/interpreters/python @FRidh +/doc/languages-frameworks/python.section.md @FRidh @mweinelt +/pkgs/development/tools/poetry2nix @adisbladis +/pkgs/development/interpreters/python/hooks @FRidh @jonringer + +# Haskell +/doc/languages-frameworks/haskell.section.md @cdepillabout @sternenseemann @maralorn +/maintainers/scripts/haskell @cdepillabout @sternenseemann @maralorn +/pkgs/development/compilers/ghc @cdepillabout @sternenseemann @maralorn +/pkgs/development/haskell-modules @cdepillabout @sternenseemann @maralorn +/pkgs/test/haskell @cdepillabout @sternenseemann @maralorn +/pkgs/top-level/release-haskell.nix @cdepillabout @sternenseemann @maralorn +/pkgs/top-level/haskell-packages.nix @cdepillabout @sternenseemann @maralorn + +# Perl +/pkgs/development/interpreters/perl @stigtsp @zakame @dasJ +/pkgs/top-level/perl-packages.nix @stigtsp @zakame @dasJ +/pkgs/development/perl-modules @stigtsp @zakame @dasJ + +# R +/pkgs/applications/science/math/R @jbedo +/pkgs/development/r-modules @jbedo + +# Ruby +/pkgs/development/interpreters/ruby @marsam +/pkgs/development/ruby-modules @marsam + +# Rust +/pkgs/development/compilers/rust @Mic92 @zowoq @winterqt @figsoda +/pkgs/build-support/rust @zowoq @winterqt @figsoda +/doc/languages-frameworks/rust.section.md @zowoq @winterqt @figsoda + +# C compilers +/pkgs/development/compilers/gcc @matthewbauer @amjoseph-nixpkgs +/pkgs/development/compilers/llvm @matthewbauer @RaitoBezarius + +# Compatibility stuff +/pkgs/top-level/unix-tools.nix @matthewbauer +/pkgs/development/tools/xcbuild @matthewbauer + +# Audio +/nixos/modules/services/audio/botamusique.nix @mweinelt +/nixos/modules/services/audio/snapserver.nix @mweinelt +/nixos/tests/modules/services/audio/botamusique.nix @mweinelt +/nixos/tests/snapcast.nix @mweinelt + +# Browsers +/pkgs/applications/networking/browsers/firefox @mweinelt + +# Certificate Authorities +pkgs/data/misc/cacert/ @ajs124 @lukegb @mweinelt +pkgs/development/libraries/nss/ @ajs124 @lukegb @mweinelt +pkgs/development/python-modules/buildcatrust/ @ajs124 @lukegb @mweinelt + +# Jetbrains +/pkgs/applications/editors/jetbrains @edwtjo + +# Licenses +/lib/licenses.nix @alyssais + +# Qt / KDE +/pkgs/applications/kde @ttuegel +/pkgs/desktops/plasma-5 @ttuegel +/pkgs/development/libraries/kde-frameworks @ttuegel +/pkgs/development/libraries/qt-5 @ttuegel + +# PostgreSQL and related stuff +/pkgs/servers/sql/postgresql @thoughtpolice @marsam +/nixos/modules/services/databases/postgresql.xml @thoughtpolice +/nixos/modules/services/databases/postgresql.nix @thoughtpolice +/nixos/tests/postgresql.nix @thoughtpolice + +# Hardened profile & related modules +/nixos/modules/profiles/hardened.nix @joachifm +/nixos/modules/security/hidepid.nix @joachifm +/nixos/modules/security/lock-kernel-modules.nix @joachifm +/nixos/modules/security/misc.nix @joachifm +/nixos/tests/hardened.nix @joachifm +/pkgs/os-specific/linux/kernel/hardened-config.nix @joachifm + +# Home Automation +/nixos/modules/services/misc/home-assistant.nix @mweinelt +/nixos/modules/services/misc/zigbee2mqtt.nix @mweinelt +/nixos/tests/home-assistant.nix @mweinelt +/nixos/tests/zigbee2mqtt.nix @mweinelt +/pkgs/servers/home-assistant @mweinelt +/pkgs/tools/misc/esphome @mweinelt + +# Network Time Daemons +/pkgs/tools/networking/chrony @thoughtpolice +/pkgs/tools/networking/ntp @thoughtpolice +/pkgs/tools/networking/openntpd @thoughtpolice +/nixos/modules/services/networking/ntp @thoughtpolice + +# Network +/pkgs/tools/networking/kea/default.nix @mweinelt +/pkgs/tools/networking/babeld/default.nix @mweinelt +/nixos/modules/services/networking/babeld.nix @mweinelt +/nixos/modules/services/networking/kea.nix @mweinelt +/nixos/modules/services/networking/knot.nix @mweinelt +/nixos/modules/services/monitoring/prometheus/exporters/kea.nix @mweinelt +/nixos/tests/babeld.nix @mweinelt +/nixos/tests/kea.nix @mweinelt +/nixos/tests/knot.nix @mweinelt + +# Web servers +/doc/builders/packages/nginx.section.md @raitobezarius +/pkgs/servers/http/nginx/ @raitobezarius +/nixos/modules/services/web-servers/nginx/ @raitobezarius + +# Dhall +/pkgs/development/dhall-modules @Gabriella439 @Profpatsch @ehmry +/pkgs/development/interpreters/dhall @Gabriella439 @Profpatsch @ehmry + +# Idris +/pkgs/development/idris-modules @Infinisil + +# Bazel +/pkgs/development/tools/build-managers/bazel @Profpatsch + +# NixOS modules for e-mail and dns services +/nixos/modules/services/mail/mailman.nix @peti +/nixos/modules/services/mail/postfix.nix @peti +/nixos/modules/services/networking/bind.nix @peti +/nixos/modules/services/mail/rspamd.nix @peti + +# Emacs +/pkgs/applications/editors/emacs/elisp-packages @adisbladis +/pkgs/applications/editors/emacs @adisbladis +/pkgs/top-level/emacs-packages.nix @adisbladis + +# Neovim +/pkgs/applications/editors/neovim @figsoda @jonringer @teto + +# VimPlugins +/pkgs/applications/editors/vim/plugins @figsoda @jonringer + +# VsCode Extensions +/pkgs/applications/editors/vscode/extensions @jonringer + +# PHP interpreter, packages, extensions, tests and documentation +/doc/languages-frameworks/php.section.md @aanderse @drupol @etu @globin @ma27 @talyz +/nixos/tests/php @aanderse @drupol @etu @globin @ma27 @talyz +/pkgs/build-support/build-pecl.nix @aanderse @drupol @etu @globin @ma27 @talyz +/pkgs/development/interpreters/php @jtojnar @aanderse @drupol @etu @globin @ma27 @talyz +/pkgs/development/php-packages @aanderse @drupol @etu @globin @ma27 @talyz +/pkgs/top-level/php-packages.nix @jtojnar @aanderse @drupol @etu @globin @ma27 @talyz + +# Podman, CRI-O modules and related +/nixos/modules/virtualisation/containers.nix @adisbladis +/nixos/modules/virtualisation/cri-o.nix @adisbladis +/nixos/modules/virtualisation/podman @adisbladis +/nixos/tests/cri-o.nix @adisbladis +/nixos/tests/podman @adisbladis + +# Docker tools +/pkgs/build-support/docker @roberth +/nixos/tests/docker-tools* @roberth +/doc/builders/images/dockertools.section.md @roberth + +# Blockchains +/pkgs/applications/blockchains @mmahut @RaghavSood + +# Go +/doc/languages-frameworks/go.section.md @kalbasit @Mic92 @zowoq +/pkgs/build-support/go @kalbasit @Mic92 @zowoq +/pkgs/development/compilers/go @kalbasit @Mic92 @zowoq + +# GNOME +/pkgs/desktops/gnome @jtojnar +/pkgs/desktops/gnome/extensions @piegamesde @jtojnar +/pkgs/build-support/make-hardcode-gsettings-patch @jtojnar + +# Cinnamon +/pkgs/desktops/cinnamon @mkg20001 + +# nim +/pkgs/development/compilers/nim @ehmry +/pkgs/development/nim-packages @ehmry +/pkgs/top-level/nim-packages.nix @ehmry + +# terraform providers +/pkgs/applications/networking/cluster/terraform-providers @zowoq + +# Matrix +/pkgs/servers/heisenbridge @piegamesde +/pkgs/servers/matrix-conduit @piegamesde +/nixos/modules/services/misc/heisenbridge.nix @piegamesde +/nixos/modules/services/misc/matrix-conduit.nix @piegamesde +/nixos/tests/matrix-conduit.nix @piegamesde + +# Dotnet +/pkgs/build-support/dotnet @IvarWithoutBones +/pkgs/development/compilers/dotnet @IvarWithoutBones +/pkgs/test/dotnet @IvarWithoutBones +/doc/languages-frameworks/dotnet.section.md @IvarWithoutBones + +# Node.js +/pkgs/build-support/node/build-npm-package @lilyinstarlight @winterqt +/pkgs/build-support/node/fetch-npm-deps @lilyinstarlight @winterqt +/doc/languages-frameworks/javascript.section.md @lilyinstarlight @winterqt + +# OCaml +/pkgs/build-support/ocaml @ulrikstrid +/pkgs/development/compilers/ocaml @ulrikstrid +/pkgs/development/ocaml-modules @ulrikstrid + +# ZFS +pkgs/os-specific/linux/zfs @raitobezarius +nixos/lib/make-single-disk-zfs-image.nix @raitobezarius +nixos/lib/make-multi-disk-zfs-image.nix @raitobezarius +nixos/modules/tasks/filesystems/zfs.nix @raitobezarius +nixos/tests/zfs.nix @raitobezarius + +# Zig +/pkgs/development/compilers/zig @AndersonTorres @figsoda +/doc/hooks/zig.section.md @AndersonTorres @figsoda + +# Linux Kernel +pkgs/os-specific/linux/kernel/manual-config.nix @amjoseph-nixpkgs diff --git a/nixpkgs/.github/ISSUE_TEMPLATE.md b/nixpkgs/.github/ISSUE_TEMPLATE.md new file mode 100644 index 000000000000..1913e321a8c8 --- /dev/null +++ b/nixpkgs/.github/ISSUE_TEMPLATE.md @@ -0,0 +1,11 @@ +## Issue description + + + +### Steps to reproduce + + + +## Technical details + +Please run `nix-shell -p nix-info --run "nix-info -m"` and paste the result. diff --git a/nixpkgs/.github/ISSUE_TEMPLATE/bug_report.md b/nixpkgs/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 000000000000..258c85f9dde8 --- /dev/null +++ b/nixpkgs/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,41 @@ +--- +name: Bug report +about: Create a report to help us improve +title: '' +labels: '0.kind: bug' +assignees: '' + +--- + +### Describe the bug +A clear and concise description of what the bug is. + +### Steps To Reproduce +Steps to reproduce the behavior: +1. ... +2. ... +3. ... + +### Expected behavior +A clear and concise description of what you expected to happen. + +### Screenshots +If applicable, add screenshots to help explain your problem. + +### Additional context +Add any other context about the problem here. + +### Notify maintainers + +<!-- +Please @ people who are in the `meta.maintainers` list of the offending package or module. +If in doubt, check `git blame` for whoever last touched something. +--> + +### Metadata +Please run `nix-shell -p nix-info --run "nix-info -m"` and paste the result. + +```console +[user@system:~]$ nix-shell -p nix-info --run "nix-info -m" +output here +``` diff --git a/nixpkgs/.github/ISSUE_TEMPLATE/build_failure.md b/nixpkgs/.github/ISSUE_TEMPLATE/build_failure.md new file mode 100644 index 000000000000..dd6d681775ac --- /dev/null +++ b/nixpkgs/.github/ISSUE_TEMPLATE/build_failure.md @@ -0,0 +1,39 @@ +--- +name: Build failure +about: Create a report to help us improve +title: 'Build failure: PACKAGENAME' +labels: '0.kind: build failure' +assignees: '' + +--- + +### Steps To Reproduce + +Steps to reproduce the behavior: +1. build *X* + +### Build log + +``` +log here if short otherwise a link to a gist +``` + +### Additional context + +Add any other context about the problem here. + +### Notify maintainers + +<!-- +Please @ people who are in the `meta.maintainers` list of the offending package or module. +If in doubt, check `git blame` for whoever last touched something. +--> + +### Metadata + +Please run `nix-shell -p nix-info --run "nix-info -m"` and paste the result. + +```console +[user@system:~]$ nix-shell -p nix-info --run "nix-info -m" +output here +``` diff --git a/nixpkgs/.github/ISSUE_TEMPLATE/missing_documentation.md b/nixpkgs/.github/ISSUE_TEMPLATE/missing_documentation.md new file mode 100644 index 000000000000..3018b6b99448 --- /dev/null +++ b/nixpkgs/.github/ISSUE_TEMPLATE/missing_documentation.md @@ -0,0 +1,32 @@ +--- +name: Missing or incorrect documentation +about: Help us improve the Nixpkgs and NixOS reference manuals +title: 'Documentation: ' +labels: '9.needs: documentation' +assignees: '' + +--- + +## Problem + +<!-- describe your problem --> + +## Proposal + +<!-- propose a solution (optional) --> + +## Checklist + +<!-- make sure this issue is not redundant or obsolete --> + +- [ ] checked [latest Nixpkgs manual] \([source][nixpkgs-source]) and [latest NixOS manual] \([source][nixos-source]) +- [ ] checked [open documentation issues] for possible duplicates +- [ ] checked [open documentation pull requests] for possible solutions + +[latest Nixpkgs manual]: https://nixos.org/manual/nixpkgs/unstable/ +[latest NixOS manual]: https://nixos.org/manual/nixos/unstable/ +[nixpkgs-source]: https://github.com/NixOS/nixpkgs/tree/master/doc +[nixos-source]: https://github.com/NixOS/nixpkgs/tree/master/nixos/doc/manual +[open documentation issues]: https://github.com/NixOS/nixpkgs/issues?q=is%3Aissue+is%3Aopen+label%3A%229.needs%3A+documentation%22 +[open documentation pull requests]: https://github.com/NixOS/nixpkgs/pulls?q=is%3Aopen+is%3Apr+label%3A%228.has%3A+documentation%22%2C%226.topic%3A+documentation%22 + diff --git a/nixpkgs/.github/ISSUE_TEMPLATE/out_of_date_package_report.md b/nixpkgs/.github/ISSUE_TEMPLATE/out_of_date_package_report.md new file mode 100644 index 000000000000..2735534b0bc9 --- /dev/null +++ b/nixpkgs/.github/ISSUE_TEMPLATE/out_of_date_package_report.md @@ -0,0 +1,28 @@ +--- +name: Out-of-date package reports +about: For packages that are out-of-date +title: 'Update request: PACKAGENAME OLDVERSION → NEWVERSION' +labels: '9.needs: package (update)' +assignees: '' + +--- + +- Package name: +- Latest released version: +<!-- Search your package here: https://search.nixos.org/packages?channel=unstable --> +- Current version on the unstable channel: +- Current version on the stable/release channel: +<!-- +Type the name of your package and try to find an open pull request for the package +If you find an open pull request, you can review it! +There's a high chance that you'll have the new version right away while helping the community! +--> +- [ ] Checked the [nixpkgs pull requests](https://github.com/NixOS/nixpkgs/pulls) + +**Notify maintainers** + +<!-- If the search.nixos.org result shows no maintainers, tag the person that last updated the package. --> + +----- + +Note for maintainers: Please tag this issue in your PR. diff --git a/nixpkgs/.github/ISSUE_TEMPLATE/packaging_request.md b/nixpkgs/.github/ISSUE_TEMPLATE/packaging_request.md new file mode 100644 index 000000000000..a76741fa8e6a --- /dev/null +++ b/nixpkgs/.github/ISSUE_TEMPLATE/packaging_request.md @@ -0,0 +1,19 @@ +--- +name: Packaging requests +about: For packages that are missing +title: 'Package request: PACKAGENAME' +labels: '0.kind: packaging request' +assignees: '' + +--- + +**Project description** + +<!-- Describe the project a little: --> + +**Metadata** + +* homepage URL: +* source URL: +* license: mit, bsd, gpl2+ , ... +* platforms: unix, linux, darwin, ... diff --git a/nixpkgs/.github/ISSUE_TEMPLATE/unreproducible_package.md b/nixpkgs/.github/ISSUE_TEMPLATE/unreproducible_package.md new file mode 100644 index 000000000000..a868c26ca54b --- /dev/null +++ b/nixpkgs/.github/ISSUE_TEMPLATE/unreproducible_package.md @@ -0,0 +1,31 @@ +--- +name: Unreproducible package +about: A package that does not produce a bit-by-bit reproducible result each time it is built +title: '' +labels: [ '0.kind: enhancement', '6.topic: reproducible builds' ] +assignees: '' + +--- + +Building this package twice does not produce the bit-by-bit identical result each time, making it harder to detect CI breaches. You can read more about this at https://reproducible-builds.org/ . + +Fixing bit-by-bit reproducibility also has additional advantages, such as avoiding hard-to-reproduce bugs, making content-addressed storage more effective and reducing rebuilds in such systems. + +### Steps To Reproduce + +``` +nix-build '<nixpkgs>' -A ... --check --keep-failed +``` + +You can use `diffoscope` to analyze the differences in the output of the two builds. + +To view the build log of the build that produced the artifact in the binary cache: + +``` +nix-store --read-log $(nix-instantiate '<nixpkgs>' -A ...) +``` + +### Additional context + +(please share the relevant fragment of the diffoscope output here, +and any additional analysis you may have done) diff --git a/nixpkgs/.github/PULL_REQUEST_TEMPLATE.md b/nixpkgs/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 000000000000..4517080bb301 --- /dev/null +++ b/nixpkgs/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,40 @@ +## Description of changes + +<!-- +For package updates please link to a changelog or describe changes, this helps your fellow maintainers discover breaking updates. +For new packages please briefly describe the package or provide a link to its homepage. +--> + +## Things done + +<!-- Please check what applies. Note that these are not hard requirements but merely serve as information for reviewers. --> + +- Built on platform(s) + - [ ] x86_64-linux + - [ ] aarch64-linux + - [ ] x86_64-darwin + - [ ] aarch64-darwin +- [ ] For non-Linux: Is `sandbox = true` set in `nix.conf`? (See [Nix manual](https://nixos.org/manual/nix/stable/command-ref/conf-file.html)) +- [ ] Tested, as applicable: + - [NixOS test(s)](https://nixos.org/manual/nixos/unstable/index.html#sec-nixos-tests) (look inside [nixos/tests](https://github.com/NixOS/nixpkgs/blob/master/nixos/tests)) + - and/or [package tests](https://nixos.org/manual/nixpkgs/unstable/#sec-package-tests) + - or, for functions and "core" functionality, tests in [lib/tests](https://github.com/NixOS/nixpkgs/blob/master/lib/tests) or [pkgs/test](https://github.com/NixOS/nixpkgs/blob/master/pkgs/test) + - made sure NixOS tests are [linked](https://nixos.org/manual/nixpkgs/unstable/#ssec-nixos-tests-linking) to the relevant packages +- [ ] Tested compilation of all packages that depend on this change using `nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD"`. Note: all changes have to be committed, also see [nixpkgs-review usage](https://github.com/Mic92/nixpkgs-review#usage) +- [ ] Tested basic functionality of all binary files (usually in `./result/bin/`) +- [23.11 Release Notes](https://github.com/NixOS/nixpkgs/blob/master/nixos/doc/manual/release-notes/rl-2311.section.md) (or backporting [23.05 Release notes](https://github.com/NixOS/nixpkgs/blob/master/nixos/doc/manual/release-notes/rl-2305.section.md)) + - [ ] (Package updates) Added a release notes entry if the change is major or breaking + - [ ] (Module updates) Added a release notes entry if the change is significant + - [ ] (Module addition) Added a release notes entry if adding a new NixOS module +- [ ] Fits [CONTRIBUTING.md](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md). + +<!-- +To help with the large amounts of pull requests, we would appreciate your +reviews of other pull requests, especially simple package updates. Just leave a +comment describing what you have tested in the relevant package/service. +Reviewing helps to reduce the average time-to-merge for everyone. +Thanks a lot if you do! + +List of open PRs: https://github.com/NixOS/nixpkgs/pulls +Reviewing guidelines: https://nixos.org/manual/nixpkgs/unstable/#chap-reviewing-contributions +--> diff --git a/nixpkgs/.github/STALE-BOT.md b/nixpkgs/.github/STALE-BOT.md new file mode 100644 index 000000000000..dff787300d40 --- /dev/null +++ b/nixpkgs/.github/STALE-BOT.md @@ -0,0 +1,36 @@ +# Stale bot information + +- Thanks for your contribution! +- Our stale bot will never close an issue or PR. +- To remove the stale label, just leave a new comment. +- _How to find the right people to ping?_ → [`git blame`](https://git-scm.com/docs/git-blame) to the rescue! (or GitHub's history and blame buttons.) +- You can always ask for help on [our Discourse Forum](https://discourse.nixos.org/), [our Matrix room](https://matrix.to/#/#nix:nixos.org), or on the [#nixos IRC channel](https://web.libera.chat/#nixos). + +## Suggestions for PRs + +1. GitHub sometimes doesn't notify people who commented / reviewed a PR previously, when you (force) push commits. If you have addressed the reviews you can [officially ask for a review](https://docs.github.com/en/free-pro-team@latest/github/collaborating-with-issues-and-pull-requests/requesting-a-pull-request-review) from those who commented to you or anyone else. +2. If it is unfinished but you plan to finish it, please mark it as a draft. +3. If you don't expect to work on it any time soon, closing it with a short comment may encourage someone else to pick up your work. +4. To get things rolling again, rebase the PR against the target branch and address valid comments. +5. If you need a review to move forward, ask in [the Discourse thread for PRs that need help](https://discourse.nixos.org/t/prs-in-distress/3604). +6. If all you need is a merge, check the git history to find and [request reviews](https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/requesting-a-pull-request-review) from people who usually merge related contributions. + +## Suggestions for issues + +1. If it is resolved (either for you personally, or in general), please consider closing it. +2. If this might still be an issue, but you are not interested in promoting its resolution, please consider closing it while encouraging others to take over and reopen an issue if they care enough. +3. If you still have interest in resolving it, try to ping somebody who you believe might have an interest in the topic. Consider discussing the problem in [our Discourse Forum](https://discourse.nixos.org/). +4. As with all open source projects, your best option is to submit a Pull Request that addresses this issue. We :heart: this attitude! + +**Memorandum on closing issues** + +Don't be afraid to close an issue that holds valuable information. Closed issues stay in the system for people to search, read, cross-reference, or even reopen--nothing is lost! Closing obsolete issues is an important way to help maintainers focus their time and effort. + +## Useful GitHub search queries + +- [Open PRs with any stale-bot interaction](https://github.com/NixOS/nixpkgs/pulls?q=is%3Apr+is%3Aopen+commenter%3Aapp%2Fstale+) +- [Open PRs with any stale-bot interaction and `2.status: stale`](https://github.com/NixOS/nixpkgs/pulls?q=is%3Apr+is%3Aopen+commenter%3Aapp%2Fstale+label%3A%222.status%3A+stale%22) +- [Open PRs with any stale-bot interaction and NOT `2.status: stale`](https://github.com/NixOS/nixpkgs/pulls?q=is%3Apr+is%3Aopen+commenter%3Aapp%2Fstale+-label%3A%222.status%3A+stale%22+) +- [Open Issues with any stale-bot interaction](https://github.com/NixOS/nixpkgs/issues?q=is%3Aissue+is%3Aopen+commenter%3Aapp%2Fstale+) +- [Open Issues with any stale-bot interaction and `2.status: stale`](https://github.com/NixOS/nixpkgs/issues?q=is%3Aissue+is%3Aopen+commenter%3Aapp%2Fstale+label%3A%222.status%3A+stale%22+) +- [Open Issues with any stale-bot interaction and NOT `2.status: stale`](https://github.com/NixOS/nixpkgs/issues?q=is%3Aissue+is%3Aopen+commenter%3Aapp%2Fstale+-label%3A%222.status%3A+stale%22+) diff --git a/nixpkgs/.github/dependabot.yml b/nixpkgs/.github/dependabot.yml new file mode 100644 index 000000000000..5ace4600a1f2 --- /dev/null +++ b/nixpkgs/.github/dependabot.yml @@ -0,0 +1,6 @@ +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" diff --git a/nixpkgs/.github/labeler.yml b/nixpkgs/.github/labeler.yml new file mode 100644 index 000000000000..c05c496cb102 --- /dev/null +++ b/nixpkgs/.github/labeler.yml @@ -0,0 +1,204 @@ +"6.topic: agda": + - doc/languages-frameworks/agda.section.md + - nixos/tests/agda.nix + - pkgs/build-support/agda/**/* + - pkgs/development/libraries/agda/**/* + - pkgs/top-level/agda-packages.nix + +"6.topic: cinnamon": + - pkgs/desktops/cinnamon/**/* + - nixos/modules/services/x11/desktop-managers/cinnamon.nix + - nixos/tests/cinnamon.nix + +"6.topic: emacs": + - nixos/modules/services/editors/emacs.nix + - nixos/modules/services/editors/emacs.xml + - nixos/tests/emacs-daemon.nix + - pkgs/applications/editors/emacs/elisp-packages/**/* + - pkgs/applications/editors/emacs/**/* + - pkgs/build-support/emacs/**/* + - pkgs/top-level/emacs-packages.nix + +"6.topic: Enlightenment DE": + - nixos/modules/services/x11/desktop-managers/enlightenment.nix + - pkgs/desktops/enlightenment/**/* + - pkgs/development/python-modules/python-efl/* + +"6.topic: erlang": + - doc/languages-frameworks/beam.section.md + - pkgs/development/beam-modules/**/* + - pkgs/development/interpreters/elixir/**/* + - pkgs/development/interpreters/erlang/**/* + - pkgs/development/tools/build-managers/rebar/**/* + - pkgs/development/tools/build-managers/rebar3/**/* + - pkgs/development/tools/erlang/**/* + - pkgs/top-level/beam-packages.nix + +"6.topic: fetch": + - pkgs/build-support/fetch*/**/* + +"6.topic: GNOME": + - doc/languages-frameworks/gnome.section.md + - nixos/modules/services/desktops/gnome/**/* + - nixos/modules/services/x11/desktop-managers/gnome.nix + - nixos/tests/gnome-xorg.nix + - nixos/tests/gnome.nix + - pkgs/desktops/gnome/**/* + +"6.topic: golang": + - doc/languages-frameworks/go.section.md + - pkgs/build-support/go/**/* + - pkgs/development/compilers/go/**/* + +"6.topic: haskell": + - doc/languages-frameworks/haskell.section.md + - maintainers/scripts/haskell/**/* + - pkgs/development/compilers/ghc/**/* + - pkgs/development/haskell-modules/**/* + - pkgs/development/tools/haskell/**/* + - pkgs/test/haskell/**/* + - pkgs/top-level/haskell-packages.nix + - pkgs/top-level/release-haskell.nix + +"6.topic: kernel": + - pkgs/build-support/kernel/**/* + - pkgs/os-specific/linux/kernel/**/* + +"6.topic: lib": + - lib/** + +"6.topic: lua": + - pkgs/development/interpreters/lua-5/**/* + - pkgs/development/interpreters/luajit/**/* + - pkgs/development/lua-modules/**/* + - pkgs/top-level/lua-packages.nix + +"6.topic: Lumina DE": + - nixos/modules/services/x11/desktop-managers/lumina.nix + - pkgs/desktops/lumina/**/* + +"6.topic: LXQt": + - nixos/modules/services/x11/desktop-managers/lxqt.nix + - pkgs/desktops/lxqt/**/* + +"6.topic: mate": + - nixos/modules/services/x11/desktop-managers/mate.nix + - nixos/tests/mate.nix + - pkgs/desktops/mate/**/* + +"6.topic: module system": + - lib/modules.nix + - lib/types.nix + - lib/options.nix + - lib/tests/modules.sh + - lib/tests/modules/** + +"6.topic: nixos": + - nixos/**/* + - pkgs/os-specific/linux/nixos-rebuild/**/* + +"6.topic: nim": + - doc/languages-frameworks/nim.section.md + - pkgs/development/compilers/nim/* + - pkgs/development/nim-packages/**/* + - pkgs/top-level/nim-packages.nix + +"6.topic: nodejs": + - doc/languages-frameworks/javascript.section.md + - pkgs/build-support/node/**/* + - pkgs/development/node-packages/**/* + - pkgs/development/tools/yarn/* + - pkgs/development/tools/yarn2nix-moretea/**/* + - pkgs/development/web/nodejs/* + +"6.topic: ocaml": + - doc/languages-frameworks/ocaml.section.md + - pkgs/development/compilers/ocaml/**/* + - pkgs/development/compilers/reason/**/* + - pkgs/development/ocaml-modules/**/* + - pkgs/development/tools/ocaml/**/* + - pkgs/top-level/ocaml-packages.nix + +"6.topic: pantheon": + - nixos/modules/services/desktops/pantheon/**/* + - nixos/modules/services/x11/desktop-managers/pantheon.nix + - nixos/modules/services/x11/display-managers/lightdm-greeters/pantheon.nix + - nixos/tests/pantheon.nix + - pkgs/desktops/pantheon/**/* + +"6.topic: policy discussion": + - .github/**/* + +"6.topic: printing": + - nixos/modules/services/printing/cupsd.nix + - pkgs/misc/cups/**/* + +"6.topic: python": + - doc/languages-frameworks/python.section.md + - pkgs/development/interpreters/python/**/* + - pkgs/development/python-modules/**/* + - pkgs/top-level/python-packages.nix + +"6.topic: qt/kde": + - doc/languages-frameworks/qt.section.md + - nixos/modules/services/x11/desktop-managers/plasma5.nix + - nixos/tests/plasma5.nix + - pkgs/applications/kde/**/* + - pkgs/desktops/plasma-5/**/* + - pkgs/development/libraries/kde-frameworks/**/* + - pkgs/development/libraries/qt-5/**/* + +"6.topic: ruby": + - doc/languages-frameworks/ruby.section.md + - pkgs/development/interpreters/ruby/**/* + - pkgs/development/ruby-modules/**/* + +"6.topic: rust": + - doc/languages-frameworks/rust.section.md + - pkgs/build-support/rust/**/* + - pkgs/development/compilers/rust/**/* + +"6.topic: stdenv": + - pkgs/stdenv/**/* + +"6.topic: steam": + - pkgs/games/steam/**/* + +"6.topic: systemd": + - pkgs/os-specific/linux/systemd/**/* + - nixos/modules/system/boot/systemd*/**/* + +"6.topic: TeX": + - doc/languages-frameworks/texlive.section.md + - pkgs/test/texlive/** + - pkgs/tools/typesetting/tex/**/* + +"6.topic: vim": + - doc/languages-frameworks/vim.section.md + - pkgs/applications/editors/vim/**/* + - pkgs/applications/editors/vim/plugins/**/* + - nixos/modules/programs/neovim.nix + - pkgs/applications/editors/neovim/**/* + +"6.topic: vscode": + - pkgs/applications/editors/vscode/**/* + +"6.topic: xfce": + - nixos/doc/manual/configuration/xfce.xml + - nixos/modules/services/x11/desktop-managers/xfce.nix + - nixos/tests/xfce.nix + - pkgs/desktops/xfce/**/* + +"6.topic: zig": + - pkgs/development/compilers/zig/**/* + - doc/hooks/zig.section.md + +"8.has: changelog": + - nixos/doc/manual/release-notes/**/* + +"8.has: documentation": + - doc/**/* + - nixos/doc/**/* + +"8.has: module (update)": + - nixos/modules/**/* diff --git a/nixpkgs/.github/stale.yml b/nixpkgs/.github/stale.yml new file mode 100644 index 000000000000..d6134c7ce112 --- /dev/null +++ b/nixpkgs/.github/stale.yml @@ -0,0 +1,9 @@ +# Configuration for probot-stale - https://github.com/probot/stale +daysUntilStale: 180 +daysUntilClose: false +exemptLabels: + - "1.severity: security" + - "2.status: never-stale" +staleLabel: "2.status: stale" +markComment: false +closeComment: false diff --git a/nixpkgs/.github/workflows/backport.yml b/nixpkgs/.github/workflows/backport.yml new file mode 100644 index 000000000000..81fc5306fea1 --- /dev/null +++ b/nixpkgs/.github/workflows/backport.yml @@ -0,0 +1,35 @@ +name: Backport +on: + pull_request_target: + types: [closed, labeled] + +# WARNING: +# When extending this action, be aware that $GITHUB_TOKEN allows write access to +# the GitHub repository. This means that it should not evaluate user input in a +# way that allows code injection. + +permissions: + contents: read + +jobs: + backport: + permissions: + contents: write # for korthout/backport-action to create branch + pull-requests: write # for korthout/backport-action to create PR to backport + name: Backport Pull Request + if: github.repository_owner == 'NixOS' && github.event.pull_request.merged == true && (github.event_name != 'labeled' || startsWith('backport', github.event.label.name)) + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + ref: ${{ github.event.pull_request.head.sha }} + - name: Create backport PRs + uses: korthout/backport-action@v1.3.1 + with: + # Config README: https://github.com/korthout/backport-action#backport-action + copy_labels_pattern: 'severity:\ssecurity' + pull_description: |- + Bot-based backport to `${target_branch}`, triggered by a label in #${pull_number}. + + * [ ] Before merging, ensure that this backport complies with the [Criteria for Backporting](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md#criteria-for-backporting-changes). + * Even as a non-commiter, if you find that it does not comply, leave a comment. diff --git a/nixpkgs/.github/workflows/basic-eval.yml b/nixpkgs/.github/workflows/basic-eval.yml new file mode 100644 index 000000000000..272447ecee87 --- /dev/null +++ b/nixpkgs/.github/workflows/basic-eval.yml @@ -0,0 +1,29 @@ +name: Basic evaluation checks + +on: + workflow_dispatch + # pull_request: + # branches: + # - master + # - release-** + # push: + # branches: + # - master + # - release-** +permissions: + contents: read + +jobs: + tests: + runs-on: ubuntu-latest + # we don't limit this action to only NixOS repo since the checks are cheap and useful developer feedback + steps: + - uses: actions/checkout@v3 + - uses: cachix/install-nix-action@v22 + - uses: cachix/cachix-action@v12 + with: + # This cache is for the nixpkgs repo checks and should not be trusted or used elsewhere. + name: nixpkgs-ci + signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}' + # explicit list of supportedSystems is needed until aarch64-darwin becomes part of the trunk jobset + - run: nix-build pkgs/top-level/release.nix -A tarball.nixpkgs-basic-release-checks --arg supportedSystems '[ "aarch64-darwin" "aarch64-linux" "x86_64-linux" "x86_64-darwin" ]' diff --git a/nixpkgs/.github/workflows/check-maintainers-sorted.yaml b/nixpkgs/.github/workflows/check-maintainers-sorted.yaml new file mode 100644 index 000000000000..652ddd07496a --- /dev/null +++ b/nixpkgs/.github/workflows/check-maintainers-sorted.yaml @@ -0,0 +1,24 @@ +name: "Check that maintainer list is sorted" + +on: + pull_request_target: + paths: + - 'maintainers/maintainer-list.nix' +permissions: + contents: read + +jobs: + nixos: + runs-on: ubuntu-latest + if: github.repository_owner == 'NixOS' + steps: + - uses: actions/checkout@v3 + with: + # pull_request_target checks out the base branch by default + ref: refs/pull/${{ github.event.pull_request.number }}/merge + - uses: cachix/install-nix-action@v22 + with: + # explicitly enable sandbox + extra_nix_config: sandbox = true + - name: Check that maintainer-list.nix is sorted + run: nix-instantiate --eval maintainers/scripts/check-maintainers-sorted.nix diff --git a/nixpkgs/.github/workflows/editorconfig.yml b/nixpkgs/.github/workflows/editorconfig.yml new file mode 100644 index 000000000000..e72f706deff1 --- /dev/null +++ b/nixpkgs/.github/workflows/editorconfig.yml @@ -0,0 +1,41 @@ +name: "Checking EditorConfig" + +permissions: read-all + +on: + # avoids approving first time contributors + pull_request_target: + branches-ignore: + - 'release-**' + +jobs: + tests: + runs-on: ubuntu-latest + if: "github.repository_owner == 'NixOS' && !contains(github.event.pull_request.title, '[skip treewide]')" + steps: + - name: Get list of changed files from PR + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + gh api \ + repos/NixOS/nixpkgs/pulls/${{github.event.number}}/files --paginate \ + | jq '.[] | select(.status != "removed") | .filename' \ + > "$HOME/changed_files" + - name: print list of changed files + run: | + cat "$HOME/changed_files" + - uses: actions/checkout@v3 + with: + # pull_request_target checks out the base branch by default + ref: refs/pull/${{ github.event.pull_request.number }}/merge + - uses: cachix/install-nix-action@v22 + with: + # nixpkgs commit is pinned so that it doesn't break + # editorconfig-checker 2.4.0 + nix_path: nixpkgs=https://github.com/NixOS/nixpkgs/archive/c473cc8714710179df205b153f4e9fa007107ff9.tar.gz + - name: Checking EditorConfig + run: | + cat "$HOME/changed_files" | nix-shell -p editorconfig-checker --run 'xargs -r editorconfig-checker -disable-indent-size' + - if: ${{ failure() }} + run: | + echo "::error :: Hey! It looks like your changes don't follow our editorconfig settings. Read https://editorconfig.org/#download to configure your editor so you never see this error again." diff --git a/nixpkgs/.github/workflows/labels.yml b/nixpkgs/.github/workflows/labels.yml new file mode 100644 index 000000000000..35f5f24ce309 --- /dev/null +++ b/nixpkgs/.github/workflows/labels.yml @@ -0,0 +1,24 @@ +name: "Label PR" + +on: + pull_request_target: + types: [edited, opened, synchronize, reopened] + +# WARNING: +# When extending this action, be aware that $GITHUB_TOKEN allows some write +# access to the GitHub API. This means that it should not evaluate user input in +# a way that allows code injection. + +permissions: + contents: read + pull-requests: write + +jobs: + labels: + runs-on: ubuntu-latest + if: "github.repository_owner == 'NixOS' && !contains(github.event.pull_request.title, '[skip treewide]')" + steps: + - uses: actions/labeler@v4 + with: + repo-token: ${{ secrets.GITHUB_TOKEN }} + sync-labels: true diff --git a/nixpkgs/.github/workflows/manual-nixos.yml b/nixpkgs/.github/workflows/manual-nixos.yml new file mode 100644 index 000000000000..9862d8d72434 --- /dev/null +++ b/nixpkgs/.github/workflows/manual-nixos.yml @@ -0,0 +1,31 @@ +name: "Build NixOS manual" + +permissions: read-all + +on: + pull_request_target: + branches: + - master + paths: + - 'nixos/**' + +jobs: + nixos: + runs-on: ubuntu-latest + if: github.repository_owner == 'NixOS' + steps: + - uses: actions/checkout@v3 + with: + # pull_request_target checks out the base branch by default + ref: refs/pull/${{ github.event.pull_request.number }}/merge + - uses: cachix/install-nix-action@v22 + with: + # explicitly enable sandbox + extra_nix_config: sandbox = true + - uses: cachix/cachix-action@v12 + with: + # This cache is for the nixpkgs repo checks and should not be trusted or used elsewhere. + name: nixpkgs-ci + signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}' + - name: Building NixOS manual + run: NIX_PATH=nixpkgs=$(pwd) nix-build --option restrict-eval true nixos/release.nix -A manual.x86_64-linux diff --git a/nixpkgs/.github/workflows/manual-nixpkgs.yml b/nixpkgs/.github/workflows/manual-nixpkgs.yml new file mode 100644 index 000000000000..812907ab84e2 --- /dev/null +++ b/nixpkgs/.github/workflows/manual-nixpkgs.yml @@ -0,0 +1,32 @@ +name: "Build Nixpkgs manual" + +permissions: read-all + +on: + pull_request_target: + branches: + - master + paths: + - 'doc/**' + - 'lib/**' + +jobs: + nixpkgs: + runs-on: ubuntu-latest + if: github.repository_owner == 'NixOS' + steps: + - uses: actions/checkout@v3 + with: + # pull_request_target checks out the base branch by default + ref: refs/pull/${{ github.event.pull_request.number }}/merge + - uses: cachix/install-nix-action@v22 + with: + # explicitly enable sandbox + extra_nix_config: sandbox = true + - uses: cachix/cachix-action@v12 + with: + # This cache is for the nixpkgs repo checks and should not be trusted or used elsewhere. + name: nixpkgs-ci + signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}' + - name: Building Nixpkgs manual + run: NIX_PATH=nixpkgs=$(pwd) nix-build --option restrict-eval true pkgs/top-level/release.nix -A manual diff --git a/nixpkgs/.github/workflows/no-channel.yml b/nixpkgs/.github/workflows/no-channel.yml new file mode 100644 index 000000000000..90c38f22c007 --- /dev/null +++ b/nixpkgs/.github/workflows/no-channel.yml @@ -0,0 +1,26 @@ +name: "No channel PR" + +on: + pull_request: + branches: + - 'nixos-**' + - 'nixpkgs-**' + +permissions: + contents: read + +jobs: + fail: + permissions: + contents: none + name: "This PR is is targeting a channel branch" + runs-on: ubuntu-latest + steps: + - run: | + cat <<EOF + The nixos-* and nixpkgs-* branches are pushed to by the channel + release script and should not be merged into directly. + + Please target the equivalent release-* branch or master instead. + EOF + exit 1 diff --git a/nixpkgs/.github/workflows/ofborg-pending.yml b/nixpkgs/.github/workflows/ofborg-pending.yml new file mode 100644 index 000000000000..b5e0a7c46c8c --- /dev/null +++ b/nixpkgs/.github/workflows/ofborg-pending.yml @@ -0,0 +1,33 @@ +name: "Set pending OfBorg status" +on: + pull_request_target: + +# Sets the ofborg-eval status to "pending" to signal that we are waiting for +# OfBorg even if it is running late. The status will be overwritten by OfBorg +# once it starts evaluation. + +# WARNING: +# When extending this action, be aware that $GITHUB_TOKEN allows (restricted) write access to +# the GitHub repository. This means that it should not evaluate user input in a +# way that allows code injection. + +permissions: + contents: read + +jobs: + action: + if: github.repository_owner == 'NixOS' + permissions: + statuses: write + runs-on: ubuntu-latest + steps: + - name: "Set pending OfBorg status" + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + curl \ + -X POST \ + -H "Accept: application/vnd.github.v3+json" \ + -H "Authorization: Bearer $GITHUB_TOKEN" \ + -d '{"context": "ofborg-eval", "state": "pending", "description": "Waiting for OfBorg..."}' \ + "https://api.github.com/repos/NixOS/nixpkgs/commits/${{ github.event.pull_request.head.sha }}/statuses" diff --git a/nixpkgs/.github/workflows/periodic-merge-24h.yml b/nixpkgs/.github/workflows/periodic-merge-24h.yml new file mode 100644 index 000000000000..abfb51244fd6 --- /dev/null +++ b/nixpkgs/.github/workflows/periodic-merge-24h.yml @@ -0,0 +1,59 @@ +# This action periodically merges base branches into staging branches. +# This is done to +# * prevent conflicts or rather resolve them early +# * make all potential breakage happen on the staging branch +# * and make sure that all major rebuilds happen before the staging +# branch get’s merged back into its base branch. + +name: "Periodic Merges (24h)" + + +on: + schedule: + # * is a special character in YAML so you have to quote this string + # Merge every 24 hours + - cron: '0 0 * * *' + +permissions: + contents: read + +jobs: + periodic-merge: + permissions: + contents: write # for devmasx/merge-branch to merge branches + pull-requests: write # for peter-evans/create-or-update-comment to create or update comment + if: github.repository_owner == 'NixOS' + runs-on: ubuntu-latest + strategy: + # don't fail fast, so that all pairs are tried + fail-fast: false + # certain branches need to be merged in order, like master->staging-next->staging + # and disabling parallelism ensures the order of the pairs below. + max-parallel: 1 + matrix: + pairs: + - from: master + into: haskell-updates + - from: release-23.05 + into: staging-next-23.05 + - from: staging-next-23.05 + into: staging-23.05 + name: ${{ matrix.pairs.from }} → ${{ matrix.pairs.into }} + steps: + - uses: actions/checkout@v3 + + - name: ${{ matrix.pairs.from }} → ${{ matrix.pairs.into }} + uses: devmasx/merge-branch@1.4.0 + with: + type: now + from_branch: ${{ matrix.pairs.from }} + target_branch: ${{ matrix.pairs.into }} + github_token: ${{ secrets.GITHUB_TOKEN }} + + - name: Comment on failure + uses: peter-evans/create-or-update-comment@v3 + if: ${{ failure() }} + with: + issue-number: 105153 + body: | + Periodic merge from `${{ matrix.pairs.from }}` into `${{ matrix.pairs.into }}` has [failed](https://github.com/NixOS/nixpkgs/actions/runs/${{ github.run_id }}). diff --git a/nixpkgs/.github/workflows/periodic-merge-6h.yml b/nixpkgs/.github/workflows/periodic-merge-6h.yml new file mode 100644 index 000000000000..300c418054d7 --- /dev/null +++ b/nixpkgs/.github/workflows/periodic-merge-6h.yml @@ -0,0 +1,57 @@ +# This action periodically merges base branches into staging branches. +# This is done to +# * prevent conflicts or rather resolve them early +# * make all potential breakage happen on the staging branch +# * and make sure that all major rebuilds happen before the staging +# branch get’s merged back into its base branch. + +name: "Periodic Merges (6h)" + + +on: + schedule: + # * is a special character in YAML so you have to quote this string + # Merge every 6 hours + - cron: '0 */6 * * *' + +permissions: + contents: read + +jobs: + periodic-merge: + permissions: + contents: write # for devmasx/merge-branch to merge branches + pull-requests: write # for peter-evans/create-or-update-comment to create or update comment + if: github.repository_owner == 'NixOS' + runs-on: ubuntu-latest + strategy: + # don't fail fast, so that all pairs are tried + fail-fast: false + # certain branches need to be merged in order, like master->staging-next->staging + # and disabling parallelism ensures the order of the pairs below. + max-parallel: 1 + matrix: + pairs: + - from: master + into: staging-next + - from: staging-next + into: staging + name: ${{ matrix.pairs.from }} → ${{ matrix.pairs.into }} + steps: + - uses: actions/checkout@v3 + + - name: ${{ matrix.pairs.from }} → ${{ matrix.pairs.into }} + uses: devmasx/merge-branch@1.4.0 + with: + type: now + from_branch: ${{ matrix.pairs.from }} + target_branch: ${{ matrix.pairs.into }} + github_token: ${{ secrets.GITHUB_TOKEN }} + + - name: Comment on failure + uses: peter-evans/create-or-update-comment@v3 + if: ${{ failure() }} + with: + issue-number: 105153 + body: | + Periodic merge from `${{ matrix.pairs.from }}` into `${{ matrix.pairs.into }}` has [failed](https://github.com/NixOS/nixpkgs/actions/runs/${{ github.run_id }}). diff --git a/nixpkgs/.github/workflows/update-terraform-providers.yml b/nixpkgs/.github/workflows/update-terraform-providers.yml new file mode 100644 index 000000000000..e843b1404df5 --- /dev/null +++ b/nixpkgs/.github/workflows/update-terraform-providers.yml @@ -0,0 +1,69 @@ +name: "Update terraform-providers" + +on: + #schedule: + # - cron: "0 3 * * *" + workflow_dispatch: + +permissions: + contents: read + +jobs: + tf-providers: + permissions: + contents: write # for peter-evans/create-pull-request to create branch + pull-requests: write # for peter-evans/create-pull-request to create a PR + if: github.repository_owner == 'NixOS' && github.ref == 'refs/heads/master' # ensure workflow_dispatch only runs on master + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: cachix/install-nix-action@v22 + with: + nix_path: nixpkgs=channel:nixpkgs-unstable + - name: setup + id: setup + run: | + echo "title=terraform-providers: update $(date -u +"%Y-%m-%d")" >> $GITHUB_OUTPUT + - name: update terraform-providers + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + git config user.email "41898282+github-actions[bot]@users.noreply.github.com" + git config user.name "github-actions[bot]" + echo | nix-shell \ + maintainers/scripts/update.nix \ + --argstr commit true \ + --argstr keep-going true \ + --argstr max-workers 2 \ + --argstr path terraform-providers + - name: get failed updates + run: | + echo 'FAILED<<EOF' >> $GITHUB_ENV + git ls-files --others >> $GITHUB_ENV + echo 'EOF' >> $GITHUB_ENV + # cleanup logs of failed updates so they aren't included in the PR + - name: clean repo + run: | + git clean -f + - name: create PR + uses: peter-evans/create-pull-request@v5 + with: + body: | + Automatic update by [update-terraform-providers](https://github.com/NixOS/nixpkgs/blob/master/.github/workflows/update-terraform-providers.yml) action. + + https://github.com/NixOS/nixpkgs/actions/runs/${{ github.run_id }} + + These providers failed to update: + ``` + ${{ env.FAILED }} + ``` + + Check that all providers build with: + ``` + @ofborg build terraform.full + ``` + If there is more than ten commits in the PR `ofborg` won't build it automatically and you will need to use the above command. + branch: terraform-providers-update + delete-branch: false + title: ${{ steps.setup.outputs.title }} + token: ${{ secrets.GITHUB_TOKEN }} |