c44e0571fc
We are marking `resholve` itself with `meta.knownVulnerabilities`, and overriding `resholve-utils` functions's `resholve` with `meta.knownVulnerabilities = [ ]`. This way, we can still use `resholve` at build-time without triggering security warnings, however we can't instantiate `resholve` itself. See: ``` $ nix-build -A resholve error: Package ‘resholve-0.8.4’ in /.../nixpkgs/pkgs/development/misc/resholve/resholve.nix:48 is marked as insecure, refusing to evaluate. $ nix-build -A ix /nix/store/k8cvj1bfxkjj8zdg6kgm7r8942bbj7w7-ix-20190815 ``` For debugging purposes, you can still bypass the security checks and instantiate `resholve` by: ``` $ NIXPKGS_ALLOW_INSECURE=1 nix-build -A resholve /nix/store/77s87hhqymc6x9wpclb04zg5jwm6fsij-resholve-0.8.4 ``` |
||
|---|---|---|
| .. | ||
| applications | ||
| build-support | ||
| common-updater | ||
| data | ||
| desktops | ||
| development | ||
| games | ||
| misc | ||
| os-specific | ||
| pkgs-lib | ||
| servers | ||
| shells | ||
| stdenv | ||
| test | ||
| tools | ||
| top-level | ||