Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

flake depends on insecure nodejs-14 #320

Open
brianmay opened this issue Oct 10, 2023 · 3 comments
Open

flake depends on insecure nodejs-14 #320

brianmay opened this issue Oct 10, 2023 · 3 comments

Comments

@brianmay
Copy link 

error: Package ‘nodejs-14.21.3’ in /nix/store/g68f5abh3xhcz8xsdlfw7wkgkkcx3nwy-source/pkgs/development/web/nodejs/v14.nix:11 is marked as insecure, refusing to evaluate.


       Known issues:
        - This NodeJS release has reached its end of life. See https://nodejs.org/en/about/releases/.

       You can install it anyway by allowing this package, using the
       following methods:

       a) To temporarily allow all insecure packages, you can use an environment
          variable for a single invocation of the nix tools:

            $ export NIXPKGS_ALLOW_INSECURE=1

        Note: For `nix shell`, `nix build`, `nix develop` or any other Nix 2.4+
        (Flake) command, `--impure` must be passed in order to read this
        environment variable.

       b) for `nixos-rebuild` you can add ‘nodejs-14.21.3’ to
          `nixpkgs.config.permittedInsecurePackages` in the configuration.nix,
          like so:

            {
              nixpkgs.config.permittedInsecurePackages = [
                "nodejs-14.21.3"
              ];
            }

       c) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
          ‘nodejs-14.21.3’ to `permittedInsecurePackages` in
          ~/.config/nixpkgs/config.nix, like so:

            {
              permittedInsecurePackages = [
                "nodejs-14.21.3"
              ];
            }
(use '--show-trace' to show detailed location information)
error: getting status of '/home/brian/tree/personal/robotica/robotica-rust/.direnv/flake-profile.549140': No such file or directory
warning: Git tree '/home/brian/tree/personal/robotica/robotica-rust' is dirty
direnv: nix-direnv: renewed cache
direnv: export +AMBER_SITE_ID +AMBER_TOKEN +CLASSIFICATIONS_FILE +CONFIG_FILE +HOSTNAME +INFLUXDB_DATABASE +INFLUXDB_URL +LIFE360_PASSWORD +LIFE360_USERNAME +MQTT_CA_CERT_FILE +MQTT_HOST +MQTT_PASSWORD +MQTT_PORT +MQTT_USERNAME +OIDC_CLIENT_ID +OIDC_CLIENT_SECRET +OIDC_DISCOVERY_URL +OIDC_SCOPES +ROBOTICA_DEBUG +ROOT_URL +SCHEDULE_FILE +SEQUENCES_FILE +SESSION_SECRET +STATE_DIR

brian in 🌐 canidae in ☸ arn:aws:eks:us-east-2:234999735313:cluster/opscicd in robotica-rust on  nix_backend [!?] is 📦 v0.1.0 via 🦀 
at 16:38:27 ❯                                                                              
direnv: loading ~/tree/personal/robotica/robotica-rust/.envrc                                         
direnv: using flake
warning: Git tree '/home/brian/tree/personal/robotica/robotica-rust' is dirty
evaluating derivation 'git+file:///home/brian/tree/personal/robotica/robotica-rust#devShells.x86_64-li
error: Package ‘nodejs-14.21.3’ in /nix/store/sg8d2aslxnyr4krwynnh2aszdrcnz3sq-source/pkgs/development/web/nodejs/v14.nix:11 is marked as insecure, refusing to evaluate.


       Known issues:
        - This NodeJS release has reached its end of life. See https://nodejs.org/en/about/releases/.

       You can install it anyway by allowing this package, using the
       following methods:

       a) To temporarily allow all insecure packages, you can use an environment
          variable for a single invocation of the nix tools:

            $ export NIXPKGS_ALLOW_INSECURE=1

        Note: For `nix shell`, `nix build`, `nix develop` or any other Nix 2.4+
        (Flake) command, `--impure` must be passed in order to read this
        environment variable.

       b) for `nixos-rebuild` you can add ‘nodejs-14.21.3’ to
          `nixpkgs.config.permittedInsecurePackages` in the configuration.nix,
          like so:

            {
              nixpkgs.config.permittedInsecurePackages = [
                "nodejs-14.21.3"
              ];
            }

       c) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
          ‘nodejs-14.21.3’ to `permittedInsecurePackages` in
          ~/.config/nixpkgs/config.nix, like so:

            {
              permittedInsecurePackages = [
                "nodejs-14.21.3"
              ];
            }
(use '--show-trace' to show detailed location information)

As far as I can tell, not possible to override this when installing from flake.

I think this might be where it is coming from: https://github.com/svanderburg/node2nix/blob/master/default.nix#L5
@adamgoose
Copy link

Addressed by #310

@brianmay
Copy link
Author

Maybe not. That PR doesn't change the nodejs version. As of right now anyway.

@pmiddend
Copy link

Indeed. I tried a simple node2nix -l package-lock.json && nix-build -A package and got an error about a missing nodejs_14.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@brianmay @pmiddend @adamgoose