Breaking changes announcement for unstable

hexa · October 6, 2025, 7:52pm

3 posts were split to a new topic: Tt-rss project is ending, what alternatives exist?

h7x4 · October 13, 2025, 11:55am

pkgs.formats.systemd was earlier an attrset containing the relevant format functionality. It has been changed into a function taking an attrset as its argument, conforming to the usual pattern of items in pkgs.formats.

github.com/NixOS/nixpkgs

pkgs-lib/formats/systemd: make format a function

master ← h7x4:pkgs-lib-fix-systemd-format

opened 07:07AM - 04 Oct 25 UTC

h7x4

+19 -5

`pkgs.formats.systemd` does not follow the usual pattern of formats being functi…ons. This fixes both the formats and its usage within nixpkgs. There is unfortunately [a bit of usage outside of nixpkgs already](https://github.com/search?q=lang%3Anix+formats.systemd+-is%3Afork&type=code), but even there there is an example of someone trying to use it as a function... ## Things done - Built on platform: - [ ] x86_64-linux - [ ] aarch64-linux - [ ] x86_64-darwin - [ ] aarch64-darwin - Tested, as applicable: - [ ] [NixOS tests] in [nixos/tests]. - [ ] [Package tests] at `passthru.tests`. - [ ] Tests in [lib/tests] or [pkgs/test] for functions and "core" functionality. - [X] Ran `nixpkgs-review` on this PR. See [nixpkgs-review usage]. - [ ] Tested basic functionality of all binary files, usually in `./result/bin/`. - Nixpkgs Release Notes - [ ] Package update: when the change is major or breaking. - NixOS Release Notes - [ ] Module addition: when adding a new NixOS module. - [ ] Module update: when the change is significant. - [X] Fits [CONTRIBUTING.md], [pkgs/README.md], [maintainers/README.md] and other READMEs. [NixOS tests]: https://nixos.org/manual/nixos/unstable/index.html#sec-nixos-tests [Package tests]: https://github.com/NixOS/nixpkgs/blob/master/pkgs/README.md#package-tests [nixpkgs-review usage]: https://github.com/Mic92/nixpkgs-review#usage [CONTRIBUTING.md]: https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md [lib/tests]: https://github.com/NixOS/nixpkgs/blob/master/lib/tests [maintainers/README.md]: https://github.com/NixOS/nixpkgs/blob/master/maintainers/README.md [nixos/tests]: https://github.com/NixOS/nixpkgs/blob/master/nixos/tests [pkgs/README.md]: https://github.com/NixOS/nixpkgs/blob/master/pkgs/README.md [pkgs/test]: https://github.com/NixOS/nixpkgs/blob/master/pkgs/test --- Add a :+1: [reaction] to [pull requests you find important]. [reaction]: https://github.blog/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/ [pull requests you find important]: https://github.com/NixOS/nixpkgs/pulls?q=is%3Aopen+sort%3Areactions-%2B1-desc

arianvp · November 8, 2025, 7:55pm

systemd-boot 258 on unstable is bricking certain devices with infinite boot loops.

github.com/NixOS/nixpkgs

systemd bootloop bug which could brick some devices

opened 11:26PM - 24 Oct 25 UTC

closed 03:14PM - 01 Nov 25 UTC

S0AndS0

> Note; this was moved from Issue [449939](https://github.com/NixOS/nixpkgs/issu…es/449939) because is sufficiently unique to likely be a different bug. I do not know which packages to `git blame` so this Issue is without aid of templates, however, due to what ever bug causing a near bricked device I hope y'all can forgive me x-) ## TLDR -- symptoms of broken bootloader and/or kernel causing bootloop - Press power button - Backlight turns on - Fans start spinning - Flash of hits of maybe text - Backlight turns off - Fans stop spinning - Backlight turns on... and repeats from there This is very, **very**, bad because some manufactures have made choices to not enable BIOS menu on boot when in such a state! No amount of _F_ buttoning, or mashing other keys, results in popping a BIOS menu. Meaning if users do not have an alternate drive **already** configured as a boot option in the BIOS menu, then device is a **brick** ## TLDR -- steps I took to un-scruch-this-pooch - Get screw-driver, use choice words, and unplug internal drive - Plugin USB bootable drive previously configured in BIOS when things did work - Power-up device and boot into USB - Reboot into BIOS - Reorder boot priority to prefer USB drive - Turn off device - Plugin internal drive and re-screw screws - Power-up device an boot into USB - Use VM with hardware pass-through to boot internal drive - Question why, really, why will it boot in VM but not on bare-mettle... but don't question it too deeply - SSH into VM booted from internal drive - Find where things when wrong -> `pushd /etc/nixos && git log` - Checkout previous commit -> `git checkout <knownGoodHash>` - Rebuild OS -> `nixos-rebuild --impure --flake . switch` - Reinstall bootloader -> `nixos-rebuild --impure --flake . --install-bootloader boot` - Shutdown NixOS VM then Arch host - Unplug USB with Arch installed on it - Cross fingers, and tows, while powering-up into NixOS on bare mettle --- ## Specs and logs and things <details><summary>`uname -a`</summary> ``` [nixos nixos]# uname -a Linux nixos 6.17.4 #1-NixOS SMP PREEMPT_DYNAMIC Sun Oct 19 14:37:45 UTC 2025 x86_64 GNU/Linux ``` </details> <details><summary>`journalctl` snippets after noticing things going wrong</summary> ``` warning: the following units failed: hdapsd@sda.service × hdapsd@sda.service - hdapsd hard drive active protection system daemon - sda Loaded: loaded (/etc/systemd/system/hdapsd@.service; static) Active: failed (Result: exit-code) since Fri 2025-10-24 09:58:12 PDT; 9s ago Duration: 178ms Invocation: 9c8d6cc4992f486e8fd48ac18ae4b336 Docs: man:hdapsd(8) Process: 4666 ExecStart=/nix/store/0zpv7y3kdp50an4dx6128hk64xa69l4h-hdapsd-20141203/bin/hdapsd -d sda (code=exited, status=255/EXCEPTION) Main PID: 4666 (code=exited, status=255/EXCEPTION) IP: 0B in, 0B out IO: 104K read, 0B written Mem peak: 1.8M CPU: 79ms Oct 24 09:58:12 nixos systemd[1]: Started hdapsd hard drive active protection system daemon - sda. Oct 24 09:58:12 nixos hdapsd(sda)[4666]: Fri Oct 24 09:58:12 2025: Starting hdapsd Oct 24 09:58:12 nixos hdapsd(sda)[4666]: Fri Oct 24 09:58:12 2025: Could not find a suitable interface Oct 24 09:58:12 nixos systemd[1]: hdapsd@sda.service: Main process exited, code=exited, status=255/EXCEPTION Oct 24 09:58:12 nixos systemd[1]: hdapsd@sda.service: Failed with result 'exit-code'. ``` ``` Oct 24 09:56:42 nixos systemd-modules-load[3944]: Module 'ctr' is built in Oct 24 09:56:42 nixos systemd-modules-load[3944]: Failed to find module 'hdapsd' Oct 24 09:56:42 nixos acpid[3921]: 3 rules loaded Oct 24 09:56:42 nixos acpid[3921]: waiting for events: event logging is off Oct 24 09:56:42 nixos systemd[1]: Finished Load Kernel Modules. Oct 24 09:56:42 nixos systemd[1]: Starting Apply Kernel Variables... Oct 24 09:56:42 nixos systemd[1]: Started RealtimeKit Scheduling Policy Service. Oct 24 09:56:42 nixos systemd[1]: Finished Coldplug All udev Devices. Oct 24 09:56:42 nixos systemd-oomd[3947]: No swap; memory pressure usage will be degraded ... Oct 24 09:56:43 nixos hm-activate-s0ands0[3926]: Activating checkLinkTargets Oct 24 09:56:43 nixos kwin_wayland[2503]: Received unexpected add udev event for: "/dev/dri/card1" Oct 24 09:56:43 nixos kwin_wayland[2503]: failed to open drm device at "" Oct 24 09:56:43 nixos kwin_wayland[2503]: failed to open drm device at "" Oct 24 09:56:43 nixos kwin_wayland[2503]: failed to open drm device at "" Oct 24 09:56:43 nixos kwin_wayland[2503]: failed to open drm device at "" ... Oct 24 09:56:44 nixos hm-activate-s0ands0[3926]: Activating reloadSystemd Oct 24 09:56:44 nixos hm-activate-s0ands0[3926]: The user systemd session is degraded: Oct 24 09:56:44 nixos hm-activate-s0ands0[4607]: UNIT LOAD ACTIVE SUB DESCRIPTION Oct 24 09:56:44 nixos hm-activate-s0ands0[4607]: ● plasma-ksplash.service loaded failed failed Splash screen shown during boot Oct 24 09:56:44 nixos hm-activate-s0ands0[4607]: ● nix-gc.timer not-found failed failed nix-gc.timer Oct 24 09:56:44 nixos hm-activate-s0ands0[4607]: Legend: LOAD → Reflects whether the unit definition was properly loaded. Oct 24 09:56:44 nixos hm-activate-s0ands0[4607]: ACTIVE → The high-level unit activation state, i.e. generalization of SUB. Oct 24 09:56:44 nixos hm-activate-s0ands0[4607]: SUB → The low-level unit activation state, values depend on unit type. Oct 24 09:56:44 nixos hm-activate-s0ands0[4607]: 2 loaded units listed. Oct 24 09:56:44 nixos hm-activate-s0ands0[3926]: Attempting to reload services anyway... Oct 24 09:56:44 nixos udisksd[3917]: Error probing device: Error sending ATA command IDENTIFY PACKET DEVICE to '/dev/sr0': Unexpected sense data returned: 0000: f0 00 0b 00 58 00 01 0a 00 00 00 00 00 00 00 00 ....X........... 0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ (g-io-error-quark, 0) Oct 24 09:56:44 nixos thermald[3949]: [1761325004][WARN]Thermal DTS: No coretemp sysfs found Oct 24 09:56:44 nixos thermald[3949]: [1761325004][MSG]Using config file /nix/store/11f5pz63dfax9y9495zayvb88vvp5jsp-thermald-2.5.10/etc/thermald/thermal-conf.xml Oct 24 09:56:45 nixos thermald[3949]: [1761325005][ERR]Thermal DTS or hwmon: No Zones present Need to configure manually Oct 24 09:56:45 nixos thermald[3949]: [1761325005][ERR]No thermal sensors found Oct 24 09:56:45 nixos thermald[3949]: [1761325005][ERR]THD engine init failed Oct 24 09:56:45 nixos thermald[3949]: [1761325005][MSG]Polling mode is enabled: 4 Oct 24 09:56:45 nixos tor[4199]: Oct 24 09:56:45.000 [notice] Set list of supported TLS groups to: ?*X25519MLKEM768 / ?SecP256r1MLKEM768 / *P-256:?X25519:P-224 Oct 24 09:56:45 nixos tor[4199]: Oct 24 09:56:45.000 [notice] Bootstrapped 0% (starting): Starting Oct 24 09:56:45 nixos hm-activate-s0ands0[4608]: The service manager is degraded. Oct 24 09:56:45 nixos hm-activate-s0ands0[4608]: Failed services: plasma-ksplash.service, nix-gc.timer Oct 24 09:56:45 nixos hm-activate-s0ands0[4608]: Attempting to continue anyway... Oct 24 09:56:45 nixos systemd[2148]: Reload requested from client PID 4608 ('sd-switch')... ... Oct 24 09:56:48 nixos ModemManager[3916]: <msg> [base-manager] couldn't check support for device '/sys/devices/pci0000:00/0000:00:02.1/0000:03:00.0': not supported by any plugin Oct 24 09:56:53 nixos systemd[1]: NetworkManager-dispatcher.service: Deactivated successfully. Oct 24 09:56:53 nixos systemd[1]: NetworkManager-dispatcher.service: Consumed 27ms CPU time, 6.9M memory peak, 10.1M read from disk. Oct 24 09:57:08 nixos NetworkManager[3920]: <warn> [1761325028.5418] hostname: only one level of symbolic link indirection is allowed when monitoring /etc/hostname Oct 24 09:57:08 nixos dbus-daemon[1173]: [system] Failed to activate service 'org.freedesktop.hostname1': timed out (service_start_timeout=25000ms) Oct 24 09:57:08 nixos dbus-daemon[1173]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service' requested by ':1.74' (uid=0 pid=3920 comm="/nix/store/rilcccdw42a5wj4h> Oct 24 09:57:08 nixos systemd[1]: Started Network Manager. ... Oct 24 09:58:12 nixos systemd[1]: dev-disk-by\x2duuid-<UUID>.device: Job dev-disk-by\x2duuid-<UUID>.device/start timed out. Oct 24 09:58:12 nixos systemd[1]: Timed out waiting for device /dev/disk/by-uuid/<UUID>. Oct 24 09:58:12 nixos systemd[1]: Dependency failed for /dev/disk/by-uuid/<UUID>. Oct 24 09:58:12 nixos systemd[1]: Dependency failed for Swaps. Oct 24 09:58:12 nixos systemd[1]: swap.target: Job swap.target/start failed with result 'dependency'. Oct 24 09:58:12 nixos systemd[1]: dev-disk-by\x2duuid-<UUID>.swap: Job dev-disk-by\x2duuid-<UUID>.swap/start failed with result 'dependency'. Oct 24 09:58:12 nixos systemd[1]: dev-disk-by\x2duuid-<UUID>.device: Job dev-disk-by\x2duuid-<UUID>.device/start failed with result 'timeout'. Oct 24 09:58:12 nixos systemd[1]: Started hdapsd hard drive active protection system daemon - sda. Oct 24 09:58:12 nixos systemd[1]: Starting Network Manager Script Dispatcher Service... Oct 24 09:58:12 nixos systemd[1]: Starting Ensure that NetworkManager declarative profiles are created... Oct 24 09:58:12 nixos systemd[1]: Starting Network Manager Wait Online... Oct 24 09:58:12 nixos systemd[1]: Starting libvirt legacy monolithic daemon... Oct 24 09:58:12 nixos systemd[1]: Starting Name Service Cache Daemon (nsncd)... Oct 24 09:58:12 nixos systemd[1]: Starting Hostname Service... Oct 24 09:58:12 nixos systemd[1]: Started Network Manager Script Dispatcher Service. Oct 24 09:58:12 nixos nsncd[4671]: Oct 24 16:58:12.445 INFO started, config: Config { ignored_request_types: {}, worker_count: 8, handoff_timeout: 10s }, path: "/var/run/nscd/socket" Oct 24 09:58:12 nixos systemd[1]: Started Name Service Cache Daemon (nsncd). Oct 24 09:58:12 nixos systemd[1]: Reached target Host and Network Name Lookups. Oct 24 09:58:12 nixos systemd[1]: Reached target User and Group Name Lookups. Oct 24 09:58:12 nixos systemd[1]: Starting Accounts Service... Oct 24 09:58:12 nixos systemd[1]: Finished Network Manager Wait Online. Oct 24 09:58:12 nixos systemd-timesyncd[3959]: Contacted time server 149.28.61.105:123 (0.nixos.pool.ntp.org). Oct 24 09:58:12 nixos hdapsd(sda)[4666]: Fri Oct 24 09:58:12 2025: Starting hdapsd Oct 24 09:58:12 nixos hdapsd(sda)[4666]: Fri Oct 24 09:58:12 2025: Could not find a suitable interface Oct 24 09:58:12 nixos systemd[1]: hdapsd@sda.service: Main process exited, code=exited, status=255/EXCEPTION Oct 24 09:58:12 nixos systemd[1]: hdapsd@sda.service: Failed with result 'exit-code'. ... Oct 24 09:58:21 nixos nixos[3492]: switching to system configuration /nix/store/hzbi01hlk8aj108590xw8mq30hxlj43r-nixos-system-nixos-25.11.20251015.544961d failed (status 4) Oct 24 09:58:21 nixos systemd[1]: nixos-rebuild-switch-to-configuration.service: Main process exited, code=exited, status=4/NOPERMISSION Oct 24 09:58:21 nixos systemd[1]: nixos-rebuild-switch-to-configuration.service: Failed with result 'exit-code'. Oct 24 09:58:21 nixos systemd[1]: nixos-rebuild-switch-to-configuration.service: Consumed 1.333s CPU time, 101M memory peak, 181.7M read from disk, 458.5K written to disk. ``` </details> <details><summary>`flake.lock` **good**</summary> ```nix { "nodes": { "flake-parts": { "inputs": { "nixpkgs-lib": [ "nur", "nixpkgs" ] }, "locked": { "lastModified": 1733312601, "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", "owner": "hercules-ci", "repo": "flake-parts", "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", "type": "github" }, "original": { "owner": "hercules-ci", "repo": "flake-parts", "type": "github" } }, "home-manager": { "inputs": { "nixpkgs": [ "nixpkgs" ] }, "locked": { "lastModified": 1760500983, "narHash": "sha256-zfY4F4CpeUjTGgecIJZ+M7vFpwLc0Gm9epM/iMQd4w8=", "owner": "nix-community", "repo": "home-manager", "rev": "c53e65ec92f38d30e3c14f8d628ab55d462947aa", "type": "github" }, "original": { "owner": "nix-community", "repo": "home-manager", "type": "github" } }, "nixos-hardware": { "locked": { "lastModified": 1760106635, "narHash": "sha256-2GoxVaKWTHBxRoeUYSjv0AfSOx4qw5CWSFz2b+VolKU=", "owner": "NixOS", "repo": "nixos-hardware", "rev": "9ed85f8afebf2b7478f25db0a98d0e782c0ed903", "type": "github" }, "original": { "owner": "NixOS", "ref": "master", "repo": "nixos-hardware", "type": "github" } }, "nixpkgs": { "locked": { "lastModified": 1760524057, "narHash": "sha256-EVAqOteLBFmd7pKkb0+FIUyzTF61VKi7YmvP1tw4nEw=", "owner": "nixos", "repo": "nixpkgs", "rev": "544961dfcce86422ba200ed9a0b00dd4b1486ec5", "type": "github" }, "original": { "owner": "nixos", "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } }, "nur": { "inputs": { "flake-parts": "flake-parts", "nixpkgs": [ "nixpkgs" ] }, "locked": { "lastModified": 1760561137, "narHash": "sha256-G2x6BFCv9CD7V8oiANSSddYoqJZ2NXyFvuCYnk9WI44=", "owner": "nix-community", "repo": "NUR", "rev": "cd6b2f26b608c71b7ad3c4809a3ea4f72d32f985", "type": "github" }, "original": { "owner": "nix-community", "repo": "NUR", "type": "github" } }, "root": { "inputs": { "home-manager": "home-manager", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs", "nur": "nur", "sops-nix": "sops-nix" } }, "sops-nix": { "inputs": { "nixpkgs": [ "nixpkgs" ] }, "locked": { "lastModified": 1760393368, "narHash": "sha256-8mN3kqyqa2PKY0wwZ2UmMEYMcxvNTwLaOrrDsw6Qi4E=", "owner": "Mic92", "repo": "sops-nix", "rev": "ab8d56e85b8be14cff9d93735951e30c3e86a437", "type": "github" }, "original": { "owner": "Mic92", "repo": "sops-nix", "type": "github" } } }, "root": "root", "version": 7 } ``` </details> <details><summary>`flake.lock` **bad**</summary> ```nix { "nodes": { "flake-parts": { "inputs": { "nixpkgs-lib": [ "nur", "nixpkgs" ] }, "locked": { "lastModified": 1733312601, "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", "owner": "hercules-ci", "repo": "flake-parts", "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", "type": "github" }, "original": { "owner": "hercules-ci", "repo": "flake-parts", "type": "github" } }, "home-manager": { "inputs": { "nixpkgs": [ "nixpkgs" ] }, "locked": { "lastModified": 1761235135, "narHash": "sha256-cux9xeceLIER1lBxUa1gMafkz7gg5ntcUmJBynWdBWI=", "owner": "nix-community", "repo": "home-manager", "rev": "0adf9ba3f567da2d53af581a857aacf671aaa547", "type": "github" }, "original": { "owner": "nix-community", "repo": "home-manager", "type": "github" } }, "nixos-hardware": { "locked": { "lastModified": 1760958188, "narHash": "sha256-2m1S4jl+GEDtlt2QqeHil8Ny456dcGSKJAM7q3j/BFU=", "owner": "NixOS", "repo": "nixos-hardware", "rev": "d6645c340ef7d821602fd2cd199e8d1eed10afbc", "type": "github" }, "original": { "owner": "NixOS", "ref": "master", "repo": "nixos-hardware", "type": "github" } }, "nixpkgs": { "locked": { "lastModified": 1761114652, "narHash": "sha256-f/QCJM/YhrV/lavyCVz8iU3rlZun6d+dAiC3H+CDle4=", "owner": "nixos", "repo": "nixpkgs", "rev": "01f116e4df6a15f4ccdffb1bcd41096869fb385c", "type": "github" }, "original": { "owner": "nixos", "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } }, "nur": { "inputs": { "flake-parts": "flake-parts", "nixpkgs": [ "nixpkgs" ] }, "locked": { "lastModified": 1761255338, "narHash": "sha256-26s/zsHCXlzqR0rswpOPHoP91WZCgHOHxlM+LSx85ZQ=", "owner": "nix-community", "repo": "NUR", "rev": "6bfa7d6468a76c71a2294a12e9e163cbb8b824af", "type": "github" }, "original": { "owner": "nix-community", "repo": "NUR", "type": "github" } }, "root": { "inputs": { "home-manager": "home-manager", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs", "nur": "nur", "sops-nix": "sops-nix" } }, "sops-nix": { "inputs": { "nixpkgs": [ "nixpkgs" ] }, "locked": { "lastModified": 1760998189, "narHash": "sha256-ee2e1/AeGL5X8oy/HXsZQvZnae6XfEVdstGopKucYLY=", "owner": "Mic92", "repo": "sops-nix", "rev": "5a7d18b5c55642df5c432aadb757140edfeb70b3", "type": "github" }, "original": { "owner": "Mic92", "repo": "sops-nix", "type": "github" } } }, "root": "root", "version": 7 } ``` </details> <details><summary>Diff good vs bad `flake.lock` files</summary> ```diff diff --git a/flake.lock b/tmp/flake.lock_bad index 632942a..5c8eabb 100644 --- a/flake.lock +++ b/tmp/flake.lock_bad @@ -28,11 +28,11 @@ ] }, "locked": { - "lastModified": 1760500983, - "narHash": "sha256-zfY4F4CpeUjTGgecIJZ+M7vFpwLc0Gm9epM/iMQd4w8=", + "lastModified": 1761235135, + "narHash": "sha256-cux9xeceLIER1lBxUa1gMafkz7gg5ntcUmJBynWdBWI=", "owner": "nix-community", "repo": "home-manager", - "rev": "c53e65ec92f38d30e3c14f8d628ab55d462947aa", + "rev": "0adf9ba3f567da2d53af581a857aacf671aaa547", "type": "github" }, "original": { @@ -43,11 +43,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1760106635, - "narHash": "sha256-2GoxVaKWTHBxRoeUYSjv0AfSOx4qw5CWSFz2b+VolKU=", + "lastModified": 1760958188, + "narHash": "sha256-2m1S4jl+GEDtlt2QqeHil8Ny456dcGSKJAM7q3j/BFU=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "9ed85f8afebf2b7478f25db0a98d0e782c0ed903", + "rev": "d6645c340ef7d821602fd2cd199e8d1eed10afbc", "type": "github" }, "original": { @@ -59,11 +59,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1760524057, - "narHash": "sha256-EVAqOteLBFmd7pKkb0+FIUyzTF61VKi7YmvP1tw4nEw=", + "lastModified": 1761114652, + "narHash": "sha256-f/QCJM/YhrV/lavyCVz8iU3rlZun6d+dAiC3H+CDle4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "544961dfcce86422ba200ed9a0b00dd4b1486ec5", + "rev": "01f116e4df6a15f4ccdffb1bcd41096869fb385c", "type": "github" }, "original": { @@ -81,11 +81,11 @@ ] }, "locked": { - "lastModified": 1760561137, - "narHash": "sha256-G2x6BFCv9CD7V8oiANSSddYoqJZ2NXyFvuCYnk9WI44=", + "lastModified": 1761255338, + "narHash": "sha256-26s/zsHCXlzqR0rswpOPHoP91WZCgHOHxlM+LSx85ZQ=", "owner": "nix-community", "repo": "NUR", - "rev": "cd6b2f26b608c71b7ad3c4809a3ea4f72d32f985", + "rev": "6bfa7d6468a76c71a2294a12e9e163cbb8b824af", "type": "github" }, "original": { @@ -110,11 +110,11 @@ ] }, "locked": { - "lastModified": 1760393368, - "narHash": "sha256-8mN3kqyqa2PKY0wwZ2UmMEYMcxvNTwLaOrrDsw6Qi4E=", + "lastModified": 1760998189, + "narHash": "sha256-ee2e1/AeGL5X8oy/HXsZQvZnae6XfEVdstGopKucYLY=", "owner": "Mic92", "repo": "sops-nix", - "rev": "ab8d56e85b8be14cff9d93735951e30c3e86a437", + "rev": "5a7d18b5c55642df5c432aadb757140edfeb70b3", "type": "github" }, "original": { ``` </details>

A fix has landed in 258.1 which is currently on staging-next and should land in unstable soon

https://nixpk.gs/pr-tracker.html?pr=453713

Damage · November 8, 2025, 8:44pm

I’ve not had chance to check why, but today’s update to 258 does not ask for the zfs password so I cannot boot. Sorry not sure if it is the same issue…

reckenrode · November 15, 2025, 4:37pm

As announced in the release notes for 25.05, the minimum supported version of macOS has been increased to 14.0. The default SDK is now 14.4.

Older versions of the SDK have been moved to darwin-aliases.nix and are no longer available. Packages that used them have been updated to use the default SDK.

github.com/NixOS/nixpkgs

apple-sdk: update darwinMinVersion to 14.0 and darwinSdkVersion to 14.4

staging ← reckenrode:push-mvlnvtppurtt

opened 01:44AM - 30 Sep 25 UTC

reckenrode

+236 -1069

This PR updates the Darwin minimum version (default deployment target) to 14.0 a…nd the default SDK to 14.4. * `darwinMinVersion` is now 14.0; * `darwinSdkVersion` (and `apple-sdk`) is now 14.4; * Release notes have been updated; * Packages using 14.4 and older SDKs have been updated to use the default SDK; * Source releases have been updated to assume and/or build with the 14.4 SDK; and * 11.3, 12.3, and 13.3 SDKs have been added to `aliases.nix`. ## Things done - Built on platform: - [ ] x86_64-linux - [ ] aarch64-linux - [x] x86_64-darwin - [x] aarch64-darwin - Tested, as applicable: - [ ] [NixOS tests] in [nixos/tests]. - [ ] [Package tests] at `passthru.tests`. - [ ] Tests in [lib/tests] or [pkgs/test] for functions and "core" functionality. - [ ] Ran `nixpkgs-review` on this PR. See [nixpkgs-review usage]. - [ ] Tested basic functionality of all binary files, usually in `./result/bin/`. - Nixpkgs Release Notes - [ ] Package update: when the change is major or breaking. - NixOS Release Notes - [ ] Module addition: when adding a new NixOS module. - [ ] Module update: when the change is significant. - [ ] Fits [CONTRIBUTING.md], [pkgs/README.md], [maintainers/README.md] and other READMEs. [NixOS tests]: https://nixos.org/manual/nixos/unstable/index.html#sec-nixos-tests [Package tests]: https://github.com/NixOS/nixpkgs/blob/master/pkgs/README.md#package-tests [nixpkgs-review usage]: https://github.com/Mic92/nixpkgs-review#usage [CONTRIBUTING.md]: https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md [lib/tests]: https://github.com/NixOS/nixpkgs/blob/master/lib/tests [maintainers/README.md]: https://github.com/NixOS/nixpkgs/blob/master/maintainers/README.md [nixos/tests]: https://github.com/NixOS/nixpkgs/blob/master/nixos/tests [pkgs/README.md]: https://github.com/NixOS/nixpkgs/blob/master/pkgs/README.md [pkgs/test]: https://github.com/NixOS/nixpkgs/blob/master/pkgs/test --- Add a :+1: [reaction] to [pull requests you find important]. [reaction]: https://github.blog/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/ [pull requests you find important]: https://github.com/NixOS/nixpkgs/pulls?q=is%3Aopen+sort%3Areactions-%2B1-desc

Availability warnings are now errors by default when compiling with Clang on Darwin to ensure that packages do not unconditionally use newer APIs than the configured deployment target.

github.com/NixOS/nixpkgs

cc-wrapper: make availability warnings into errors

staging ← reckenrode:push-qqsrqtzvyyys

opened 02:20AM - 22 Sep 25 UTC

reckenrode

+30 -1

This is a prerequisite to updating the minimum version to 14.0. It makes failing… to check for API availability into an error when the API is for a newer version than the deployment target. ### Notes * This only affects Clang. Swift already makes this an error. GCC does not support availability checks. Other language ecosystems are unaffected. * This is also a trial run for possibly using only the newest SDK on Darwin. ## Things done - Built on platform: - [ ] x86_64-linux - [ ] aarch64-linux - [ ] x86_64-darwin - [x] aarch64-darwin - Tested, as applicable: - [ ] [NixOS tests] in [nixos/tests]. - [ ] [Package tests] at `passthru.tests`. - [ ] Tests in [lib/tests] or [pkgs/test] for functions and "core" functionality. - [ ] Ran `nixpkgs-review` on this PR. See [nixpkgs-review usage]. - [ ] Tested basic functionality of all binary files, usually in `./result/bin/`. - Nixpkgs Release Notes - [ ] Package update: when the change is major or breaking. - NixOS Release Notes - [ ] Module addition: when adding a new NixOS module. - [ ] Module update: when the change is significant. - [x] Fits [CONTRIBUTING.md], [pkgs/README.md], [maintainers/README.md] and other READMEs. [NixOS tests]: https://nixos.org/manual/nixos/unstable/index.html#sec-nixos-tests [Package tests]: https://github.com/NixOS/nixpkgs/blob/master/pkgs/README.md#package-tests [nixpkgs-review usage]: https://github.com/Mic92/nixpkgs-review#usage [CONTRIBUTING.md]: https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md [lib/tests]: https://github.com/NixOS/nixpkgs/blob/master/lib/tests [maintainers/README.md]: https://github.com/NixOS/nixpkgs/blob/master/maintainers/README.md [nixos/tests]: https://github.com/NixOS/nixpkgs/blob/master/nixos/tests [pkgs/README.md]: https://github.com/NixOS/nixpkgs/blob/master/pkgs/README.md [pkgs/test]: https://github.com/NixOS/nixpkgs/blob/master/pkgs/test --- Add a :+1: [reaction] to [pull requests you find important]. [reaction]: https://github.blog/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/ [pull requests you find important]: https://github.com/NixOS/nixpkgs/pulls?q=is%3Aopen+sort%3Areactions-%2B1-desc

raboof · November 17, 2025, 9:16am

services.onlyoffice.securityNonceFile is now a mandatory option for onlyoffice due to Hardcoded credentials in onlyoffice module · Advisory · NixOS/nixpkgs · GitHub

futile · November 17, 2025, 9:15pm

My Radeon 680M doesn’t work anymore with Vulkan after a system update, and I’m pretty sure it’s due to this: amdvlk,nixos/amdvlk: drop by pyrox0 · Pull Request #444693 · NixOS/nixpkgs · GitHub

Just for whoever else notices problems with their (older) AMD gpus recently.

Edit: I asked about how to bring this driver/module back on the PR: amdvlk,nixos/amdvlk: drop by pyrox0 · Pull Request #444693 · NixOS/nixpkgs · GitHub

Edit2: Actually my GPU is fully supported by the new open-source driver, just had to give the project I was working on a flake update it seems

wiggleforlife · November 18, 2025, 3:32pm

My Radeon 680M doesn’t work anymore with Vulkan after a system update, and I’m pretty sure it’s due to this

I think this has caused OpenCL to stop working on my 780M with Davinci Resolve. I’ve messed around with Rusticl via mesa.opencl and the Radeon ICD option to no avail. My solution was to use Davincibox, a Distrobox container. The only difference I see between my config now and from the last time I used Resolve is the lack of AMDVLK, since it was removed.

Aleksanaa · December 5, 2025, 12:05pm

asio (standalone version of boost::asio) has been updated from 1.24.0 to 1.36.0. Some breaking changes were introduced between these two versions, and the one affected most was the removal of asio::io_service in favor of asio::io_context in 1.33.0. asio_1_32_0 is retained for packages that have not completed migration. asio_1_10 has been removed as no packages depend on it anymore. asio also no longer propagates boost as it is used independent from boost in most cases.

afics · December 17, 2025, 5:43pm

Are there any plans to make it possible to use custom OVMF builds again?

auipga · December 17, 2025, 6:08pm

Is there a way to silence messages (and their email notifications) like mine or the above, that are off topic?

PS: I’m sorry for those who are impacted again right now.

And why do even I have permission to post here?

limwa · December 17, 2025, 6:19pm

There is no way to silence off-topic messages, but if you want to ask a question related to one of these breaking changes, you should follow one of these methods to ensure that people are not unnecessarily notified.

If your question is related to a PR, you can just ask your question in the PR thread; OR
You can create an issue in the nixpkgs repository; OR
You can click “reply”, then select the top-left arrow in the reply box and click “Reply as linked topic”. This way, a new topic is created just for discussion around that item and people can unsubscribe from that topic.

And why do even I have permission to post here?

Anyone can create PRs with breaking changes, and therefore everyone should be able to post messages in this topic.

yshui · December 20, 2025, 5:11am

services.openssh.settings.AcceptEnv now explicitly defined as an option that takes a list of strings, to facilitate option merging. Setting it to a string value is no longer supported.

rnhmjoj · December 27, 2025, 9:48am

The networking.wireless module has been security hardened: the wpa_supplicant daemon now runs under an unprivileged user with restricted access to the system.

Some backward incompatibilities:

/etc/wpa_supplicant.conf has been deprecated: the NixOS-generated configuration file is now linked to /etc/wpa_supplicant/nixos.conf and /etc/wpa_supplicant/imperative.conf has been added for imperatively configuring wpa_supplicant or when using networking.wireless.allowAuxiliaryImperativeNetworks.
If client certificates, keys or other files are needed, these should be stored under /etc/wpa_supplicant and owned by wpa_supplicant to ensure the daemon can read them.
the networking.wireless.userControlled.group option has been removed since there is now a dedicated wpa_supplicant group to control the daemon, and networking.wireless.userControlled.enable has been renamed to networking.wireless.userControlled.

No functionality should have been impacted by these changes (including controlling via wpa_cli, integration with NetworkManager or connman), but if you find any problems, please open an issue on GitHub.

Note for NetworkManager users: before this changes NetworkManager spawned its own wpa_supplicant daemon, but now it uses networking.wireless. So, if you have a networking.wireless.enable = false in your configuration, you should remove that line.

link to PR: nixos/wpa_supplicant: harden and run as unprivileged user by rnhmjoj · Pull Request #427528 · NixOS/nixpkgs · GitHub

Sigmanificient · January 14, 2026, 4:04pm

ecryptfs has been removed due to questionable maintenance.

This following options are no longer be available:

security.pam.enableFscrypt
programs.ecryptfs`

If you were using them, please consider moving to a move maintained alternative, such as fscrypt, gocryptfs or cryfs.

link to PR: ecryptfs: drop by Sigmanificient · Pull Request #479934 · NixOS/nixpkgs · GitHub

jb55 · January 22, 2026, 5:07pm

just wanted to say this was one of the first times i’ve updated to unstable that broke my setup, preventing me from connecting to wifi. i will now redo my entire wifi setup. thanks!

jjpe · January 22, 2026, 6:15pm

I don’t know if this is related to this or a bug in KDE but roughly since updating to a version that includes this hardening, kde’s network-manager UI simply doesn’t remember VPN passwords anymore. The degradation in UX is quite annoying TBH.

But since I don’t know where it originates, I can’t submit a bug report for it either.

rnhmjoj · January 22, 2026, 11:51pm

Open an issue on github, ping me and we’ll try to figure it out.

I don’t think this has anything to do with wpa_supplicant, but if you want to be sure you can try setting networking.networkmanager.wifi.backend to iwd.

Also, it’s still useful to open an issue even if you haven’t identified the root of a problem: other users can find it and someone may help with triage.

Finally, please don’t reply to posts in this thread: you are pinging hundreds of people that subscribed for updates.

sigmasquadron · February 10, 2026, 1:07pm

~~The Traefik module has been refactored and all configurations should be migrated to the new syntax. Instructions are available in the 26.05 release notes. See #482512 for more details.~~

[EDIT 2026-02-16]: This PR has been reverted due to unforeseen issues with more complex Traefik configurations.