summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
46 hours[release-25.05] treewide: fix rec-set-dynamic-attrs (#480803)release-25.05piegames
2 daystreewide: fix `rec-set-dynamic-attrs`Justin !
This is a backport of `#479126`. Not-cherry-picked-because: there was more packages to fix then in 25.11 and master. > Lix will soon warn, and in the future, error on `rec-set-dynamic-attrs`. > This commit fix where attrs are dynamically set in a recursive function > currently present in nixpkgs.
2026-01-02[Backport release-25.05] treewide: fix or-as-identifier (#475901)nixos-25.05-smallnixos-25.05Silvan Mosberger
2026-01-01[Backport release-25.05] maintainers/github-teams.json: Automated sync (#475954)Michael Daniels
2026-01-01maintainers/github-teams.json: Automated syncnixpkgs-ci[bot]
(cherry picked from commit 3faf6cd61e3610290ad3735030661b0c7131973f)
2026-01-01treewide: fix or-as-identifierJustin !
Lix will soon warn, and in the future, error when `or` is used as an identifier. This commit fix those cases. (cherry picked from commit 511bf56650e7a29dde9e48ee1e06ec3250df140c)
2025-12-31[Backport release-25.05] microsoft-edge: 143.0.3650.80 -> 143.0.3650.96 ↵nixpkgs-ci[bot]
(#475456)
2025-12-31microsoft-edge: 143.0.3650.80 -> 143.0.3650.96R. Ryantm
(cherry picked from commit 9070355de5efa18d85db0ac0258d0c9c690b4c02)
2025-12-30[Backport release-25.05] microsoft-edge: 143.0.3650.66 -> 143.0.3650.80 ↵nixpkgs-ci[bot]
(#475434)
2025-12-30microsoft-edge: 143.0.3650.66 -> 143.0.3650.80R. Ryantm
(cherry picked from commit e2395cd63edaf78d5d1ad8c1f9c7743449e5cbbe)
2025-12-30[Backport release-25.05] php: 8.4.15 -> 8.4.16, 8.3.28 -> 8.3.29, 8.2.29 -> ↵Maximilian Bosch
8.2.30, fixes CVE-2025-14177, CVE-2025-14178, CVE-2025-14180, GHSA-www2-q4fc-65wf (#475266)
2025-12-30[Backport release-25.05] perlPackages.YAMLSyck: 1.34 -> 1.36 (#475167)Thomas Gerbet
2025-12-30php82: 8.2.29 -> 8.2.30, fixes CVE-2025-14177, CVE-2025-14178, ↵Maximilian Bosch
CVE-2025-14180, GHSA-www2-q4fc-65wf ChangeLog: https://www.php.net/ChangeLog-8.php#8.2.30 (cherry picked from commit 9960abcf8fa651a48a1d4f43fd2a5ea7a4dffa46)
2025-12-30php83: 8.3.28 -> 8.3.29, fixes CVE-2025-14177, CVE-2025-14178, ↵Maximilian Bosch
CVE-2025-14180, GHSA-www2-q4fc-65wf ChangeLog: https://www.php.net/ChangeLog-8.php#8.3.29 (cherry picked from commit 865f2e83588d9c455a4933b28067f507aacbbde4)
2025-12-30php84: 8.4.15 -> 8.4.16, fixes CVE-2025-14177, CVE-2025-14178, ↵Maximilian Bosch
CVE-2025-14180, GHSA-www2-q4fc-65wf ChangeLog: https://www.php.net/ChangeLog-8.php#8.4.16 (cherry picked from commit 2652fae156a7d5e05aa1e71ccc0284a9ede49d41)
2025-12-30microsoft-edge: 142.0.3595.65 -> 143.0.3650.66 (#475058)Ulrik Strid
2025-12-29[Backport release-25.05] maintainers/github-teams.json: Automated sync (#475161)Silvan Mosberger
2025-12-29perlPackages.YAMLSyck: 1.34 -> 1.36Thomas Gerbet
Fixes CVE-2025-11683. ``` 1.36 Oct 10 2025 - Address memory corruption leading to 'str' value being set on empty keys Thanks @timlegge 1.35 Oct 9 2025 - Address parsing error related to string detection on read for empty strings. ``` Fixes #475110 (cherry picked from commit 68535984e661cd041de91066b3118768fbb4d69f)
2025-12-29maintainers/github-teams.json: Automated syncnixpkgs-ci[bot]
(cherry picked from commit d1b683a399b0e631ff17d74c01cf141b16d399ab)
2025-12-29[release-25.05] treewide: fix broken-string-escape (#474906)piegames
2025-12-29treewide: fix broken-string-escapeJustin !
This is a backport of `#473065`: > Lix is going to warn, and in the future, error on broken string escape. > After a flaker run, the following escape were flagged as broken, so this > commit fix them to make sure Lix is still able to build nixpkgs once the > patch deprecating the broken escapes land.
2025-12-29microsoft-edge: 142.0.3595.65 -> 143.0.3650.66R. Ryantm
(cherry picked from commit 77bca87567ad141883d0f2570c8761fff946afe5)
2025-12-29[Backport release-25.05] linux_6_17: remove (#475020)Alyssa Ross
2025-12-29linux_6_17: removeMaximilian Bosch
Was EOLed upstream. (cherry picked from commit dfec6429cb6f6018fce8f65287ebf4d16b7961ef)
2025-12-29[25.05] linux/hardened/patches/6.12: v6.12.56-hardened1 -> ↵Maximilian Bosch
v6.12.61-hardened1 (#474339)
2025-12-28[Backport release-25.05] yarn2nix-moretea: update dependencies for yarn2nix ↵Michael Daniels
(#474897)
2025-12-28yarn2nix-moretea: update dependencies for yarn2nixMichael Daniels
There are a lot of major version updates here, but I've tested this on itself, and the updated version produces identical output to 25.05's version. I also ran eslint and the formatter in this commit due to the bumps to both of those packages. This fixes all security issues with dependencies, including CVE-2022-25860, CVE-2020-7707, CVE-2022-25912, and about 10 others. (cherry picked from commit 840639e826c82150ddde94cc8f6235550ea3b39b)
2025-12-28[Backport release-25.05] postfix-tlspol: 1.8.23 -> 1.8.24 (#474890)Martin Weinelt
2025-12-28postfix-tlspol: 1.8.23 -> 1.8.24R. Ryantm
(cherry picked from commit 651cb9e280d64a746b49df0ab2b8ded68fdd5d72)
2025-12-28[Backport release-25.05] linuxKernel.kernels.linux_lqx: 6.17.13 -> 6.18.2 ↵Alyssa Ross
(#474670)
2025-12-28[Backport release-25.05] protoc-gen-grpc-java: 1.77.0 -> 1.78.0 (#474795)nixpkgs-ci[bot]
2025-12-28protoc-gen-grpc-java: 1.77.0 -> 1.78.0R. Ryantm
(cherry picked from commit aba2ef70a6cbce031815d6c965a781c64d6fee1d)
2025-12-28[Backport release-25.05] pgbouncer: 1.24.1 -> 1.25.1 (#474580)Fernando Rodrigues
2025-12-28[Backport release-25.05] moodle: 5.0 -> 5.0.4 (#474687)Michael Daniels
2025-12-27moodle: 5.0.2 -> 5.0.4Thomas Gerbet
Fixes: * CVE-2025-62395 * CVE-2025-62396 * CVE-2025-62397 * CVE-2025-62398 * CVE-2025-62399 * CVE-2025-62400 * CVE-2025-62401 * CVE-2025-62393 * CVE-2025-54869 * CVE-2025-62394 * CVE-2025-67847 * CVE-2025-67848 * CVE-2025-67849 * CVE-2025-67850 * CVE-2025-67851 * CVE-2025-67852 * CVE-2025-67853 * CVE-2025-67854 * CVE-2025-67855 * CVE-2025-67856 * CVE-2025-67857 Changes: https://moodledev.io/general/releases/5.0/5.0.3 https://moodledev.io/general/releases/5.0/5.0.4 (cherry picked from commit a02d96192ebb0291bc1fd26c2739631243827ecc)
2025-12-27moodle: 5.0.1 -> 5.0.2R. Ryantm
(cherry picked from commit 45d6f4fe1119fb3d0401927117babc9c6cdf550b)
2025-12-27moodle: 5.0 -> 5.0.1R. Ryantm
(cherry picked from commit ab8e8d550d16e37e5ab6f2195fc3cd4862fcee4c)
2025-12-27linuxKernel.kernels.linux_lqx: 6.17.13 -> 6.18.2R. Ryantm
(cherry picked from commit ed531ed04ef57a63a9fd712ed3400cc8919d8b58)
2025-12-27pgbouncer: 1.24.1 -> 1.25.1Thomas Gerbet
Fixes CVE-2025-12819. Changes: https://www.pgbouncer.org/changelog.html#pgbouncer-125x (cherry picked from commit 6ae776a97a71570f19307354a75668b7aaf36b41)
2025-12-27[25.05] mongodb*: mark vulnerable to CVE-2025-14847 (#474530)Fernando Rodrigues
2025-12-27mongodb*: mark vulnerable to 25.05Thomas Gerbet
Not-cherry-picked-because: Requires additional work to be backported, 25.05 is soon to be EOL
2025-12-26linux/hardened/patches/6.12: v6.12.56-hardened1 -> v6.12.61-hardened1Mio
(cherry picked from commit cfa6263e0a2f87bb9d2023bfa31b4300edeedccf)
2025-12-26[Backport release-25.05] linuxKernel.kernels.linux_zen: 6.18.1 -> 6.18.2 ↵Alyssa Ross
(#474336)
2025-12-26linuxKernel.kernels.linux_zen: 6.18.1 -> 6.18.2R. Ryantm
(cherry picked from commit 984fd7e251c5d9045ce756de20d601b7480fafbb)
2025-12-26[Backport release-25.05] workflows/labels: add "6.topic: tree-sitter" label ↵Wolfgang Walther
(#474306)
2025-12-26workflows/labels: add "6.topic: tree-sitter" labelteto
Add automatic labeling for tree-sitter related changes including: - Tree-sitter core parsing tools - Python tree-sitter modules and bindings - Vim/Neovim tree-sitter plugins - Emacs tree-sitter packages - Tree-sitter documentation (cherry picked from commit e8518435e8a38113be58d4f74d622b61a9ee5830)
2025-12-26[Backport release-25.05] thunderbird-latest-bin-unwrapped: 146.0 -> 146.0.1 ↵taku0
(#473833)
2025-12-25[Backport release-25.05] signal-desktop: 7.82.0 -> 7.83.0 (#474155)nixpkgs-ci[bot]
2025-12-25signal-desktop: 7.82.0 -> 7.83.0R. Ryantm
(cherry picked from commit d2577f77e7103ac1fdb21d8130416a996a852c7c)
2025-12-25[Backport release-25.05] nginxMainline: 1.29.3 -> 1.29.4 (#473598)Aleksana
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-19 09:48:21 +0000