nixpkgs.config.permittedInsecurePackages cannot be set in multiple files at the same time

husky · November 16, 2024, 7:06pm

Basically nixpkgs.config.permittedInsecurePackages cannot be defined in multiple files at the same time, when this happens the value in the first file get silently picked.

Here’s a minimal configuration to reproduce https://github.com/huskyistaken/nix-bad-vine-boom.

You’ll notice that when switching the order module 1 and module 2 are declared in the flake the package changes.

I’ve tested this both with Nix v.2.18.8 and Lix v.2.91.0.

I’m not familiar enough with how things work under the hood to understand whether this is a parser bug or a nixpkgs bug, where should I report it?

winter · November 16, 2024, 7:14pm

This isn’t a parser bug. Nixpkgs does the merging of option values.

N.B. I’m not even sure if this can be considered a bug in configType, or expected behavior. If others don’t chime in here, feel free to file an issue I suppose.

stereomato · January 12, 2025, 4:29am

I just got bit by this.

husky · January 12, 2025, 11:00am

I opened an issue on the GitHub, and a PR got made to fix this. It’s still unmeged however.

waffle8946 · January 12, 2025, 1:16pm

The bug is because the option is not declared with mkOption. If it was declared then this custom merging would be unnecessary, and the option would actually become documented (!) in the nixpkgs config reference documentation.