node2nix
node2nix copied to clipboard
Published
20 hours ago •
svanderburg
svanderburg
flake depends on insecure nodejs-14
error: Package ‘nodejs-14.21.3’ in /nix/store/g68f5abh3xhcz8xsdlfw7wkgkkcx3nwy-source/pkgs/development/web/nodejs/v14.nix:11 is marked as insecure, refusing to evaluate.
Known issues:
- This NodeJS release has reached its end of life. See https://nodejs.org/en/about/releases/.
You can install it anyway by allowing this package, using the
following methods:
a) To temporarily allow all insecure packages, you can use an environment
variable for a single invocation of the nix tools:
$ export NIXPKGS_ALLOW_INSECURE=1
Note: For `nix shell`, `nix build`, `nix develop` or any other Nix 2.4+
(Flake) command, `--impure` must be passed in order to read this
environment variable.
b) for `nixos-rebuild` you can add ‘nodejs-14.21.3’ to
`nixpkgs.config.permittedInsecurePackages` in the configuration.nix,
like so:
{
nixpkgs.config.permittedInsecurePackages = [
"nodejs-14.21.3"
];
}
c) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
‘nodejs-14.21.3’ to `permittedInsecurePackages` in
~/.config/nixpkgs/config.nix, like so:
{
permittedInsecurePackages = [
"nodejs-14.21.3"
];
}
(use '--show-trace' to show detailed location information)
error: getting status of '/home/brian/tree/personal/robotica/robotica-rust/.direnv/flake-profile.549140': No such file or directory
warning: Git tree '/home/brian/tree/personal/robotica/robotica-rust' is dirty
direnv: nix-direnv: renewed cache
direnv: export +AMBER_SITE_ID +AMBER_TOKEN +CLASSIFICATIONS_FILE +CONFIG_FILE +HOSTNAME +INFLUXDB_DATABASE +INFLUXDB_URL +LIFE360_PASSWORD +LIFE360_USERNAME +MQTT_CA_CERT_FILE +MQTT_HOST +MQTT_PASSWORD +MQTT_PORT +MQTT_USERNAME +OIDC_CLIENT_ID +OIDC_CLIENT_SECRET +OIDC_DISCOVERY_URL +OIDC_SCOPES +ROBOTICA_DEBUG +ROOT_URL +SCHEDULE_FILE +SEQUENCES_FILE +SESSION_SECRET +STATE_DIR
brian in 🌐 canidae in ☸ arn:aws:eks:us-east-2:234999735313:cluster/opscicd in robotica-rust on nix_backend [!?] is 📦 v0.1.0 via 🦀
at 16:38:27 ❯
direnv: loading ~/tree/personal/robotica/robotica-rust/.envrc
direnv: using flake
warning: Git tree '/home/brian/tree/personal/robotica/robotica-rust' is dirty
evaluating derivation 'git+file:///home/brian/tree/personal/robotica/robotica-rust#devShells.x86_64-li
error: Package ‘nodejs-14.21.3’ in /nix/store/sg8d2aslxnyr4krwynnh2aszdrcnz3sq-source/pkgs/development/web/nodejs/v14.nix:11 is marked as insecure, refusing to evaluate.
Known issues:
- This NodeJS release has reached its end of life. See https://nodejs.org/en/about/releases/.
You can install it anyway by allowing this package, using the
following methods:
a) To temporarily allow all insecure packages, you can use an environment
variable for a single invocation of the nix tools:
$ export NIXPKGS_ALLOW_INSECURE=1
Note: For `nix shell`, `nix build`, `nix develop` or any other Nix 2.4+
(Flake) command, `--impure` must be passed in order to read this
environment variable.
b) for `nixos-rebuild` you can add ‘nodejs-14.21.3’ to
`nixpkgs.config.permittedInsecurePackages` in the configuration.nix,
like so:
{
nixpkgs.config.permittedInsecurePackages = [
"nodejs-14.21.3"
];
}
c) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
‘nodejs-14.21.3’ to `permittedInsecurePackages` in
~/.config/nixpkgs/config.nix, like so:
{
permittedInsecurePackages = [
"nodejs-14.21.3"
];
}
(use '--show-trace' to show detailed location information)
As far as I can tell, not possible to override this when installing from flake.
I think this might be where it is coming from: https://github.com/svanderburg/node2nix/blob/master/default.nix#L5
Maybe not. That PR doesn't change the nodejs version. As of right now anyway.
Indeed. I tried a simple node2nix -l package-lock.json && nix-build -A package and got an error about a missing nodejs_14.
