Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

python3Packages.astropy: apply patch removing the usage of polyfill.io #323658

Merged
merged 1 commit into from
Jul 1, 2024
Merged

python3Packages.astropy: apply patch removing the usage of polyfill.io #323658

merged 1 commit into from
Jul 1, 2024

Conversation

doronbehar
Copy link
Contributor

Description of changes

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 24.11 Release Notes (or backporting 23.11 and 24.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 👍 reaction to pull requests you find important.

@doronbehar doronbehar mentioned this pull request Jun 30, 2024
Closed
13 tasks
@doronbehar doronbehar requested a review from mweinelt June 30, 2024 20:42
@ofborg ofborg bot requested a review from KentJames June 30, 2024 21:25
@ofborg ofborg bot added 11.by: package-maintainer This PR was created by the maintainer of the package it changes 10.rebuild-darwin: 101-500 10.rebuild-linux: 101-500 labels Jun 30, 2024
LeSuisse
LeSuisse reviewed Jul 1, 2024
View reviewed changes
pkgs/development/python-modules/astropy/default.nix Outdated
Comment on lines 40 to 43
postPatch = ''
substituteInPlace pyproject.toml \
--replace-fail "numpy>=2.0.0" "numpy"
'';
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure to understand why this removal is part of this change.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure to understand why this removal is part of this change.

You are right! It was a cherry-pick + merge conflict mistake.

@LeSuisse LeSuisse added 1.severity: security Issues which raise a security issue, or PRs that fix one backport release-24.05 labels Jul 1, 2024
@LeSuisse LeSuisse mentioned this pull request Jul 1, 2024
Open
11 tasks
@doronbehar
python3Packages.astropy: apply patch removing the usage of polyfill.io
abde345 
`cdn.polyfill.io` is now considered to be a bad actor.

https://sansec.io/research/polyfill-supply-chain-attack

Disabled on more test that was flaky on my side.
@vcunat vcunat merged commit 9b8b1b9 into NixOS:staging-next Jul 1, 2024
8 of 9 checks passed
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jul 1, 2024

Backport failed for release-24.05, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally and resolve any conflicts.

git fetch origin release-24.05
git worktree add -d .worktree/backport-323658-to-release-24.05 origin/release-24.05
cd .worktree/backport-323658-to-release-24.05
git switch --create backport-323658-to-release-24.05
git cherry-pick -x abde345eca6de5a6dfa07cbc3cfda7dfd1a52648

@vcunat
Copy link
Member

vcunat commented Jul 1, 2024

A bit late... but the test change was also intentional? (given that the patch only changes docs if I read it right)

@doronbehar
Copy link
Contributor Author

Aish I didn't mean to push that test change :/, it was also part of my a bit careless git cherry-pick. The original author of this commit stated that the test was flaky, like a few more others, but I wanted to test that out here. In general the flaky tests might not be flaky anymore, and we might be able to remove more of them, but that will take time, and can be done in a PR against master if someone really cares.

@LeSuisse
Copy link
Contributor

LeSuisse commented Jul 1, 2024

Yup I confirm I had trouble with it when I tested on master. It might be because I was building on a quite loaded machine and the test seems to be timing sensitive.

Also, @doronbehar do you want to handle the cherry-pick to stable or should I plan to do it?

@doronbehar
Copy link
Contributor Author

Yup I confirm I had trouble with it when I tested on master. It might be because I was building on a quite loaded machine and the test seems to be timing sensitive.

Also, @doronbehar do you want to handle the cherry-pick to stable or should I plan to do it?

Yes please go ahead.

@doronbehar doronbehar deleted the pkg/astropy branch October 30, 2024 06:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@LeSuisse LeSuisse LeSuisse left review comments

@mweinelt mweinelt Awaiting requested review from mweinelt

@KentJames KentJames Awaiting requested review from KentJames

Assignees
No one assigned
Labels
1.severity: security Issues which raise a security issue, or PRs that fix one 6.topic: python 10.rebuild-darwin: 101-500 10.rebuild-linux: 101-500 11.by: package-maintainer This PR was created by the maintainer of the package it changes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@doronbehar @vcunat @LeSuisse