When I rebuild my configuration to upgrade my system, I get an error error: Package ‘electron-10.4.7’ [...] is marked as insecure, refusing to evaluate. The problem is that I can’t find the name of the app that uses electron, I don’t have a single reference to electron in my file. I guess I could try to bisect my file until finding the problematic entry… but it is likely to take quite a long time. Any more efficient solution? I can’t find any useful information in the trace:
building Nix...
building the system configuration...
error: Package ‘electron-10.4.7’ in /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/pkgs/development/tools/electron/generic.nix:26 is marked as insecure, refusing to evaluate.
Known issues:
- Electron version 10.4.7 is EOL
You can install it anyway by allowing this package, using the
following methods:
a) To temporarily allow all insecure packages, you can use an environment
variable for a single invocation of the nix tools:
$ export NIXPKGS_ALLOW_INSECURE=1
Note: For `nix shell`, `nix build`, `nix develop` or any other Nix 2.4+
(Flake) command, `--impure` must be passed in order to read this
environment variable.
b) for `nixos-rebuild` you can add ‘electron-10.4.7’ to
`nixpkgs.config.permittedInsecurePackages` in the configuration.nix,
like so:
{
nixpkgs.config.permittedInsecurePackages = [
"electron-10.4.7"
];
}
c) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
‘electron-10.4.7’ to `permittedInsecurePackages` in
~/.config/nixpkgs/config.nix, like so:
{
permittedInsecurePackages = [
"electron-10.4.7"
];
}
… while evaluating 'handleEvalIssue'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/pkgs/stdenv/generic/check-meta.nix:188:38:
187|
188| handleEvalIssue = { meta, attrs }: { reason , errormsg ? "" }:
| ^
189| let
… from call site
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/pkgs/stdenv/generic/check-meta.nix:300:14:
299| handled = if !validity.valid
300| then handleEvalIssue { inherit meta attrs; } { inherit (validity) reason errormsg; }
| ^
301| else true;
… while evaluating the attribute 'handled'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/pkgs/stdenv/generic/check-meta.nix:299:7:
298| # Throw an error if trying to evaluate an non-valid derivation
299| handled = if !validity.valid
| ^
300| then handleEvalIssue { inherit meta attrs; } { inherit (validity) reason errormsg; }
… while evaluating the attribute 'postFixup' of the derivation 'teleprompter-2.4.0'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/pkgs/stdenv/generic/make-derivation.nix:205:7:
204| // (lib.optionalAttrs (attrs ? name || (attrs ? pname && attrs ? version)) {
205| name =
| ^
206| let
… while evaluating the attribute 'passAsFile'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/pkgs/build-support/buildenv/default.nix:77:5:
76| # XXX: The size is somewhat arbitrary
77| passAsFile = if builtins.stringLength pkgs >= 128*1024 then [ "pkgs" ] else [ ];
| ^
78| }
… while evaluating the attribute 'passAsFile' of the derivation 'system-path'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/pkgs/stdenv/generic/make-derivation.nix:205:7:
204| // (lib.optionalAttrs (attrs ? name || (attrs ? pname && attrs ? version)) {
205| name =
| ^
206| let
… while evaluating 'check'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/types.nix:394:15:
393| name = "path";
394| check = x: isCoercibleToString x && builtins.substring 0 1 (toString x) == "/";
| ^
395| merge = mergeEqualOption;
… from call site
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:773:22:
772| if isDefined then
773| if all (def: type.check def.value) defsFinal then type.merge loc defsFinal
| ^
774| else let allInvalid = filter (def: ! type.check def.value) defsFinal;
… while evaluating anonymous lambda
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:773:17:
772| if isDefined then
773| if all (def: type.check def.value) defsFinal then type.merge loc defsFinal
| ^
774| else let allInvalid = filter (def: ! type.check def.value) defsFinal;
… from call site
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:773:12:
772| if isDefined then
773| if all (def: type.check def.value) defsFinal then type.merge loc defsFinal
| ^
774| else let allInvalid = filter (def: ! type.check def.value) defsFinal;
… while evaluating the attribute 'value'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:784:27:
783| optionalValue =
784| if isDefined then { value = mergedValue; }
| ^
785| else {};
… while evaluating anonymous lambda
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/types.nix:403:14:
402| merge = loc: defs:
403| map (x: x.value) (filter (x: x ? value) (concatLists (imap1 (n: def:
| ^
404| imap1 (m: def':
… from call site
… while evaluating the attribute 'serviceDirectories' of the derivation 'dbus-1'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/pkgs/stdenv/generic/make-derivation.nix:205:7:
204| // (lib.optionalAttrs (attrs ? name || (attrs ? pname && attrs ? version)) {
205| name =
| ^
206| let
… while evaluating 'check'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/types.nix:394:15:
393| name = "path";
394| check = x: isCoercibleToString x && builtins.substring 0 1 (toString x) == "/";
| ^
395| merge = mergeEqualOption;
… from call site
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:773:22:
772| if isDefined then
773| if all (def: type.check def.value) defsFinal then type.merge loc defsFinal
| ^
774| else let allInvalid = filter (def: ! type.check def.value) defsFinal;
… while evaluating anonymous lambda
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:773:17:
772| if isDefined then
773| if all (def: type.check def.value) defsFinal then type.merge loc defsFinal
| ^
774| else let allInvalid = filter (def: ! type.check def.value) defsFinal;
… from call site
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:773:12:
772| if isDefined then
773| if all (def: type.check def.value) defsFinal then type.merge loc defsFinal
| ^
774| else let allInvalid = filter (def: ! type.check def.value) defsFinal;
… while evaluating the attribute 'mergedValue'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:771:5:
770| # Type-check the remaining definitions, and merge them. Or throw if no definitions.
771| mergedValue =
| ^
772| if isDefined then
… while evaluating the option `environment.etc.dbus-1.source':
… while evaluating the attribute 'value'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:737:9:
736| in warnDeprecation opt //
737| { value = builtins.addErrorContext "while evaluating the option `${showOption loc}':" value;
| ^
738| inherit (res.defsFinal') highestPrio;
… while evaluating anonymous lambda
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:289:72:
288| # For definitions that have an associated option
289| declaredConfig = mapAttrsRecursiveCond (v: ! isOption v) (_: v: v.value) options;
| ^
290|
… from call site
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/attrsets.nix:401:20:
400| then recurse (path ++ [name]) value
401| else f (path ++ [name]) value;
| ^
402| in mapAttrs g;
… while evaluating 'g'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/attrsets.nix:398:19:
397| g =
398| name: value:
| ^
399| if isAttrs value && cond value
… from call site
… while evaluating 'escapeShellArg'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/strings.nix:318:20:
317| */
318| escapeShellArg = arg: "'${replaceStrings ["'"] ["'\\''"] (toString arg)}'";
| ^
319|
… from call site
… while evaluating 'concatMapStringsSep'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/strings.nix:110:5:
109| # List of input strings
110| list: concatStringsSep sep (map f list);
| ^
111|
… from call site
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/nixos/modules/system/etc/etc.nix:54:43:
53| mkdir -p "$out/etc"
54| ${concatMapStringsSep "\n" (etcEntry: escapeShellArgs [
| ^
55| "makeEtcEntry"
… while evaluating anonymous lambda
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/nixos/modules/system/etc/etc.nix:54:33:
53| mkdir -p "$out/etc"
54| ${concatMapStringsSep "\n" (etcEntry: escapeShellArgs [
| ^
55| "makeEtcEntry"
… from call site
… while evaluating 'concatMapStringsSep'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/strings.nix:110:5:
109| # List of input strings
110| list: concatStringsSep sep (map f list);
| ^
111|
… from call site
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/nixos/modules/system/etc/etc.nix:54:7:
53| mkdir -p "$out/etc"
54| ${concatMapStringsSep "\n" (etcEntry: escapeShellArgs [
| ^
55| "makeEtcEntry"
… while evaluating the attribute 'buildCommand' of the derivation 'etc'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/pkgs/stdenv/generic/make-derivation.nix:205:7:
204| // (lib.optionalAttrs (attrs ? name || (attrs ? pname && attrs ? version)) {
205| name =
| ^
206| let
… while evaluating the attribute 'value'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:572:44:
571| defnsByName' = byName "config" (module: value:
572| [{ inherit (module) file; inherit value; }]
| ^
573| ) configs;
… while evaluating 'atDepth'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/attrsets.nix:60:17:
59| len = length attrPath;
60| atDepth = n:
| ^
61| if n == len
… from call site
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/attrsets.nix:63:39:
62| then value
63| else { ${elemAt attrPath n} = atDepth (n + 1); };
| ^
64| in atDepth 0;
… while evaluating the attribute 'value'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/types.nix:461:58:
460| # Push down position info.
461| (map (def: mapAttrs (n: v: { inherit (def) file; value = v; }) def.value) defs);
| ^
462| emptyValue = { value = {}; };
… while evaluating 'dischargeProperties'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:823:25:
822| */
823| dischargeProperties = def:
| ^
824| if def._type or "" == "merge" then
… from call site
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:752:137:
751| defs' = concatMap (m:
752| map (value: { inherit (m) file; inherit value; }) (builtins.addErrorContext "while evaluating definitions from `${m.file}':" (dischargeProperties m.value))
| ^
753| ) defs;
… while evaluating definitions from `/nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/nixos/modules/system/etc/etc.nix':
… while evaluating anonymous lambda
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:751:28:
750| # Process mkMerge and mkIf properties.
751| defs' = concatMap (m:
| ^
752| map (value: { inherit (m) file; inherit value; }) (builtins.addErrorContext "while evaluating definitions from `${m.file}':" (dischargeProperties m.value))
… from call site
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:751:17:
750| # Process mkMerge and mkIf properties.
751| defs' = concatMap (m:
| ^
752| map (value: { inherit (m) file; inherit value; }) (builtins.addErrorContext "while evaluating definitions from `${m.file}':" (dischargeProperties m.value))
… while evaluating the attribute 'values'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:864:7:
863| in {
864| values = concatMap (def: if getPrio def == highestPrio then [(strip def)] else []) defs;
| ^
865| inherit highestPrio;
… while evaluating the attribute 'values'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:765:9:
764| in {
765| values = defs''';
| ^
766| inherit (defs'') highestPrio;
… while evaluating the attribute 'optionalValue.value'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:783:5:
782|
783| optionalValue =
| ^
784| if isDefined then { value = mergedValue; }
… while evaluating anonymous lambda
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/types.nix:455:29:
454| merge = loc: defs:
455| zipAttrsWith (name: defs:
| ^
456| let merged = mergeDefinitions (loc ++ [name]) elemType defs;
… from call site
… while evaluating anonymous lambda
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/attrsets.nix:518:24:
517| let f = attrPath:
518| zipAttrsWith (n: values:
| ^
519| let here = attrPath ++ [n]; in
… from call site
… while evaluating the attribute 'value'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:572:44:
571| defnsByName' = byName "config" (module: value:
572| [{ inherit (module) file; inherit value; }]
| ^
573| ) configs;
… while evaluating 'dischargeProperties'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:823:25:
822| */
823| dischargeProperties = def:
| ^
824| if def._type or "" == "merge" then
… from call site
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:752:137:
751| defs' = concatMap (m:
752| map (value: { inherit (m) file; inherit value; }) (builtins.addErrorContext "while evaluating definitions from `${m.file}':" (dischargeProperties m.value))
| ^
753| ) defs;
… while evaluating definitions from `/nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/nixos/modules/system/etc/etc-activation.nix':
… while evaluating anonymous lambda
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:751:28:
750| # Process mkMerge and mkIf properties.
751| defs' = concatMap (m:
| ^
752| map (value: { inherit (m) file; inherit value; }) (builtins.addErrorContext "while evaluating definitions from `${m.file}':" (dischargeProperties m.value))
… from call site
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:751:17:
750| # Process mkMerge and mkIf properties.
751| defs' = concatMap (m:
| ^
752| map (value: { inherit (m) file; inherit value; }) (builtins.addErrorContext "while evaluating definitions from `${m.file}':" (dischargeProperties m.value))
… while evaluating the attribute 'values'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:864:7:
863| in {
864| values = concatMap (def: if getPrio def == highestPrio then [(strip def)] else []) defs;
| ^
865| inherit highestPrio;
… while evaluating the attribute 'values'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:765:9:
764| in {
765| values = defs''';
| ^
766| inherit (defs'') highestPrio;
… while evaluating the attribute 'mergedValue'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:771:5:
770| # Type-check the remaining definitions, and merge them. Or throw if no definitions.
771| mergedValue =
| ^
772| if isDefined then
… while evaluating the option `system.activationScripts.etc.text':
… while evaluating the attribute 'value'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:737:9:
736| in warnDeprecation opt //
737| { value = builtins.addErrorContext "while evaluating the option `${showOption loc}':" value;
| ^
738| inherit (res.defsFinal') highestPrio;
… while evaluating anonymous lambda
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/modules.nix:289:72:
288| # For definitions that have an associated option
289| declaredConfig = mapAttrsRecursiveCond (v: ! isOption v) (_: v: v.value) options;
| ^
290|
… from call site
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/attrsets.nix:401:20:
400| then recurse (path ++ [name]) value
401| else f (path ++ [name]) value;
| ^
402| in mapAttrs g;
… while evaluating 'g'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/attrsets.nix:398:19:
397| g =
398| name: value:
| ^
399| if isAttrs value && cond value
… from call site
… while evaluating the attribute 'text'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/nixos/modules/system/activation/activation-script.nix:9:5:
8| addAttributeName = mapAttrs (a: v: v // {
9| text = ''
| ^
10| #### Activation script snippet ${a}:
… while evaluating 'id'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/trivial.nix:14:5:
13| # The value to return
14| x: x;
| ^
15|
… from call site
… while evaluating 'textClosureMap'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/lib/strings-with-deps.nix:75:35:
74|
75| textClosureMap = f: predefined: names:
| ^
76| concatStringsSep "\n" (map f (textClosureList predefined names));
… from call site
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/nixos/modules/system/activation/activation-script.nix:49:9:
48|
49| ${textClosureMap id (withDrySnippets) (attrNames withDrySnippets)}
| ^
50|
… while evaluating 'systemActivationScript'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/nixos/modules/system/activation/activation-script.nix:20:33:
19|
20| systemActivationScript = set: onlyDry: let
| ^
21| set' = mapAttrs (_: v: if isString v then (noDepEntry v) // { supportsDryActivation = false; } else v) set;
… from call site
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/nixos/modules/system/activation/activation-script.nix:137:18:
136| apply = set: set // {
137| script = systemActivationScript set false;
| ^
138| };
… while evaluating the attribute 'system.activationScripts.script'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/nixos/modules/system/activation/activation-script.nix:137:9:
136| apply = set: set // {
137| script = systemActivationScript set false;
| ^
138| };
… while evaluating the attribute 'activationScript' of the derivation 'nixos-system-bestos-22.05pre-git'
at /nix/store/h96rpxzp4q192r3fnwzclg3rmdg4nlqk-source/pkgs/stdenv/generic/make-derivation.nix:205:7:
204| // (lib.optionalAttrs (attrs ? name || (attrs ? pname && attrs ? version)) {
205| name =
| ^
206| let