I just updated my nixpkgs input and now thenodejs-20.20.2 package (prolly used by another package and idk why) is flagged as insecure, no big deal i just gotta add it to nixpkgs.config.permittedInsecurePackages, which I do:

  nixpkgs.config.permittedInsecurePackages = [
    "nodejs-20.20.2"
    "electron-38.8.4"
  ];

Execpt that it STILL doesn’t rebuild and tells me the same error message as when I didn’t have added it to the permitted insecure packages

       error: Refusing to evaluate package 'nodejs-20.20.2' in /nix/store/1hb1glkkpl6vjjpfrwzmvjyvhcyqfxfk-source/pkgs/development/web/nodejs/nodejs.nix:689 because it is marked as insecure

       Known issues:
        - This NodeJS release has reached its end of life. See https://nodejs.org/en/about/releases/.

       You can install it anyway by allowing this package, using the
       following methods:

       a) To temporarily allow all insecure packages, you can use an environment
          variable for a single invocation of the nix tools:

            $ export NIXPKGS_ALLOW_INSECURE=1

          Note: When using `nix shell`, `nix build`, `nix develop`, etc with a flake,
                then pass `--impure` in order to allow use of environment variables.

       b) for `nixos-rebuild` you can add ‘nodejs-20.20.2’ to
          `nixpkgs.config.permittedInsecurePackages` in the configuration.nix,
          like so:

            {
              nixpkgs.config.permittedInsecurePackages = [
                "nodejs-20.20.2"
              ];
            }

       c) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
          ‘nodejs-20.20.2’ to `permittedInsecurePackages` in
          ~/.config/nixpkgs/config.nix, like so:

            {
              permittedInsecurePackages = [
                "nodejs-20.20.2"
              ];
            }

not sure what to do when the option to allow insecure packages does not allow insecure packages, weirdly enough tho it works just fine with

  • claymorwan@lemmy.blahaj.zoneOPEnglish
    1·
    2 days ago

    yea I’m in fact evalutating a flake, u can find it here, but I usually override my inputs’ nixpkgs input with mine. I’m using nh to rebuild my config, running nh os switch -H nixos

    • Laser@feddit.orgEnglish
      2·
      2 days ago

      The input doesn’t really matter, it’s how the input is actually used in the flake. In fact it might be the overriding that is causing the issue in the first place when the flake you’re evaluating uses an older nixpkgs where the offensive package isn’t marked insecure yet and hence isn’t explicitly permitted, and then it fails because you’re overriding it with a nixpkgs where it is marked insecure.

      • claymorwan@lemmy.blahaj.zoneOPEnglish
        1·
        1 day ago

        so overriding this potential flake’s nixpkgs input won’t apply my permitted insecure package ? dam i thought it would, ig i gotta hunt for that flake now

        • Laser@feddit.orgEnglish
          2·
          1 day ago

          It’s a bit of a silly situation, I ran into it before when I created a flake for an unfree application. You can’t allow that unfree application in your nixpkgs system instantiation because the evaluation fails in the application flake; however, allowing that package there allows it on any system that uses the flake, even if they disallow unfree in their nixpkgs.