about summary refs log tree commit diff
path: root/nixos/doc/manual/release-notes
Commit message (Collapse)AuthorAge
* modules: add support for module replacement with disabledModulesDaiderd Jordan2017-02-28
| | | | | This is based on a prototype Nicolas B. Pierron worked on during a discussion we had at FOSDEM.
* 17.09 release notes: fix typosVladimír Čunát2017-02-27
|
* release-notes: add 17.09Robin Gloster2017-02-27
|
* nixpkgs: allow packages to be marked insecureGraham Christensen2017-02-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If a package's meta has `knownVulnerabilities`, like so: stdenv.mkDerivation { name = "foobar-1.2.3"; ... meta.knownVulnerabilities = [ "CVE-0000-00000: remote code execution" "CVE-0000-00001: local privilege escalation" ]; } and a user attempts to install the package, they will be greeted with a warning indicating that maybe they don't want to install it: error: Package ‘foobar-1.2.3’ in ‘...default.nix:20’ is marked as insecure, refusing to evaluate. Known issues: - CVE-0000-00000: remote code execution - CVE-0000-00001: local privilege escalation You can install it anyway by whitelisting this package, using the following methods: a) for `nixos-rebuild` you can add ‘foobar-1.2.3’ to `nixpkgs.config.permittedInsecurePackages` in the configuration.nix, like so: { nixpkgs.config.permittedInsecurePackages = [ "foobar-1.2.3" ]; } b) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add ‘foobar-1.2.3’ to `permittedInsecurePackages` in ~/.config/nixpkgs/config.nix, like so: { permittedInsecurePackages = [ "foobar-1.2.3" ]; } Adding either of these configurations will permit this specific version to be installed. A third option also exists: NIXPKGS_ALLOW_INSECURE=1 nix-build ... though I specifically avoided having a global file-based toggle to disable this check. This way, users don't disable it once in order to get a single package, and then don't realize future packages are insecure.
* nixos/release-notes: fix typosFranz Pletz2017-02-22
|
* nixos/release-notes: mention iputils changesJörg Thalheim2017-02-22
|
* Revert "nix-daemon: default useSandbox to true"Graham Christensen2017-02-14
| | | | This reverts commit d0a086770a1be8c1f3175c195587052c5a5bfe1c.
* Merge pull request #22767 from grahamc/sandbox-by-defaultGraham Christensen2017-02-14
|\ | | | | nix-daemon: default useSandbox to true
| * nix-daemon: default useSandbox to trueGraham Christensen2017-02-13
| |
* | Addressing feedback and fixing a bugParnell Springmeyer2017-02-14
| |
* | Merging against upstream masterParnell Springmeyer2017-02-13
|\|
| * php: default to php71Robin Gloster2017-02-13
| |
| * xorg-server: major bump 1.18.4 -> 1.19.1Vladimír Čunát2017-02-12
| | | | | | | | | | I encountered no problems with it. Nvidia binary drivers are tested, and AMD ones now both set `abiCompat` to use older server versions.
| * nixos, doc: dictd dbs moveEdward Tjörnhammar2017-02-09
| |
| * nixos, doc: named nylonsEdward Tjörnhammar2017-02-09
| |
| * release notes: mention JRE changes and jre_headlessNikolay Amiantov2017-02-08
| |
| * postfix service: don't empty local_recipient_mapsNikolay Amiantov2017-02-06
| | | | | | | | | | | | | | | | | | | | | | From Postfix documentation: With this setting, the Postfix SMTP server will not reject mail with "User unknown in local recipient table". Don't do this on systems that receive mail directly from the Internet. With today's worms and viruses, Postfix will become a backscatter source: it accepts mail for non-existent recipients and then tries to return that mail as "undeliverable" to the often forged sender address.
* | Merging with upstreamParnell Springmeyer2017-01-29
|\|
| * pythonPackages.ansible2: move 2.2 to separate file, make defaultFrederik Rietdijk2017-01-27
| | | | | | | | `pythonPackages.ansible_2_2` is now the default `ansible`.
* | Addressing PR feedbackParnell Springmeyer2017-01-28
| |
* | Merging against master - updating smokingpig, rebase was going to be messyParnell Springmeyer2017-01-26
|\|
| * nixos/release-notes: document conntrack helper changesFranz Pletz2017-01-25
| |
| * nixos doc: Mention cross overhaul in 17.03 release notesJohn Ericson2017-01-24
| |
| * Remove extra "in" keyword from the release notes about overlays.Nicolas B. Pierron2017-01-17
| | | | | | Thanks to @teh for reporting this issue on the pull request.
| * Fix release-notes compilation.Nicolas B. Pierron2017-01-16
| |
| * Update overlay documentation by following nits from aneeshusa.Nicolas B. Pierron2017-01-16
| |
| * Improve the realse notes with the upcoming documentation links, and a better ↵Nicolas B. Pierron2017-01-16
| | | | | | | | example of how to convert overridePackages usage.
| * Add missing line break in the release notes.Nicolas B. Pierron2017-01-16
| |
| * Add overlays mechanism to Nixpkgs.Nicolas B. Pierron2017-01-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch add a new argument to Nixpkgs default expression named "overlays". By default, the value of the argument is either taken from the environment variable `NIXPKGS_OVERLAYS`, or from the directory `~/.nixpkgs/overlays/`. If the environment variable does not name a valid directory then this mechanism would fallback on the home directory. If the home directory does not exists it will fallback on an empty list of overlays. The overlays directory should contain the list of extra Nixpkgs stages which would be used to extend the content of Nixpkgs, with additional set of packages. The overlays, i-e directory, files, symbolic links are used in alphabetical order. The simplest overlay which extends Nixpkgs with nothing looks like: ```nix self: super: { } ``` More refined overlays can use `super` as the basis for building new packages, and `self` as a way to query the final result of the fix-point. An example of overlay which extends Nixpkgs with a small set of packages can be found at: https://github.com/nbp/nixpkgs-mozilla/blob/nixpkgs-overlay/moz-overlay.nix To use this file, checkout the repository and add a symbolic link to the `moz-overlay.nix` file in `~/.nixpkgs/overlays` directory.
| * top-level: Modernize stdenv.overrides giving it self and superJohn Ericson2017-01-13
| | | | | | | | Document breaking change in 17.03 release notes
* | More fixes and improvementsParnell Springmeyer2017-01-26
|/
* release notes: grammar nitpicks in an entryVladimír Čunát2016-12-18
| | | | /cc #21257.
* ntp: document new default ntp service in release notesJörg Thalheim2016-12-18
|
* parsoid service: update, use declarative configurationNikolay Amiantov2016-11-20
| | | | | Old configuration format is disabled now (it can still be used, but with additional steps). This is a backwards incompatible change.
* module system: extensible option typesEric Sagnes2016-11-06
|
* nixos/release-notes: move "PHP config-file-scan-dir" from 16.09 to 17.03Bjørn Forsman2016-10-16
| | | | | | | | | | | Commits 351d12437 ("nixos/release-notes: PHP config-file-scan-dir /etc -> /etc/php.d") 41c8aa8d6 ("php: change config-file-scan-dir from /etc to /etc/php.d") were merged to master _after_ NixOS 16.09. Commit 351d12437 then wrongly updated the NixSO 16.09 release notes. Fix by moving the entry to NixOS 17.03.
* release-notes: fixup bad conflict resolution in bef6befVladimír Čunát2016-10-13
| | | | /cc #19324.
* stdenv/stripHash: print to stdout, not to variableProfpatsch2016-10-11
| | | | | | | | | | `stripHash` documentation states that it prints out the stripped name to the stdout, but the function stored the value in `strippedName` instead. Basically all usages did something like `$(stripHash $foo | echo $strippedName)` which is just braindamaged. Fixed the implementation and all invocations.
* Merge pull request #17922 from bjornfor/php-config-file-scan-dirJörg Thalheim2016-10-09
|\ | | | | php: change config-file-scan-dir from /etc to /etc/php.d
| * nixos/release-notes: PHP config-file-scan-dir /etc -> /etc/php.dBjørn Forsman2016-09-08
| |
* | kernel: Document Yama implications in release notesAneesh Agrawal2016-10-08
| |
* | Document removal of LTS Haskell package sets in 16.09 release notes.Peter Simons2016-09-30
| | | | | | | | This patch closes https://github.com/NixOS/nixpkgs/issues/14897.
* | changelog for #18011Domen Kožar2016-09-30
| | | | | | | | | | (cherry picked from commit 51cf16f4b4281edb788c1097d18201a86656be4d) Signed-off-by: Domen Kožar <domen@dev.si>
* | changelog for #18365Domen Kožar2016-09-30
| | | | | | | | | | (cherry picked from commit 14c16f2fdb41794e7b9eeb9ab52137c1edbe3471) Signed-off-by: Domen Kožar <domen@dev.si>
* | changelog for hydra package/moduleDomen Kožar2016-09-30
| | | | | | | | | | (cherry picked from commit 1eaad0150c13efe0c0912f29143983067194f0ee) Signed-off-by: Domen Kožar <domen@dev.si>
* | changelog for #9523Domen Kožar2016-09-30
| | | | | | | | | | (cherry picked from commit b3a5bc5f577824229f43539f3035014ed6fdc8a2) Signed-off-by: Domen Kožar <domen@dev.si>
* | changelog for #14148Domen Kožar2016-09-30
| | | | | | | | | | (cherry picked from commit e293a85e24e8a9029c2ca5ce9187607f25a1a108) Signed-off-by: Domen Kožar <domen@dev.si>
* | changelog for gnupg bump, fixes #18293Domen Kožar2016-09-30
| | | | | | | | | | (cherry picked from commit 1ff2b10f282d7ae694b70b713cfefcdee467f873) Signed-off-by: Domen Kožar <domen@dev.si>
* | Some release notes updatesEelco Dolstra2016-09-29
| |
* | radicale: break into own packageRobert Helgesson2016-09-25
| | | | | | | | | | Since this is an application it is not suitable for pythonPackages, which is more appropriate for Python modules.
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-14 02:50:53 +0000