Home Explore Blog CI



nixpkgs
21th chunk of `nixos/doc/manual/release-notes/rl-2411.section.md`
4e45c13cfec981ca49e036dd23efafb45df8e96d8b1fe7430000000100000fd5
  - The `atlassian-crowd` package and its `services.crowd` NixOS module
  - The `atlassian-jira` package and its `services.jira` NixOS module

- `python3Packages.nose` has been removed, as it has been deprecated and unmaintained for almost a decade and does not work on Python 3.12.
  Please switch to `pytest` or another test runner/framework.

- `dotnet-sdk`, `dotnet-runtime`, and all other dotnet packages now use a
  wrapper package containing `bin/dotnet`, build hooks, etc. If you need to
  reference the underlying dotnet distribution (DOTNET_ROOT) you should use e.g.
  `dotnet-runtime.unwrapped`.

- The root of dotnet distribution packages (DOTNET_ROOT) is now under e.g.
  `${dotnet-sdk.unwrapped}/share/dotnet` instead of directly in the package
  root. This is consistent with packaging guidelines and more friendly for FHS
  environments.

- `dotnet-sdk`, `dotnet-runtime`, and `dotnet-aspnetcore` now point to dotnet 8
  rather than dotnet 6. For packages that still need dotnet 6, use
  `dotnet-sdk_6`, etc.

- torq has been removed because upstreamed went closed source.

## Other Notable Changes {#sec-release-24.11-notable-changes}

<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->

- The `zerocallusedregs` hardening flag is enabled by default on compilers that support it.

- The `stackclashprotection` hardening flag has been added, though disabled by default.

- The `pacret` hardening flag has been added, though disabled by default.

- `cargoSha256` in `rustPlatform.buildRustPackage` has been deprecated in favor
  of `cargoHash` which supports SRI hashes. See
  [buildRustPackage: Compiling Rust applications with Cargo](https://nixos.org/manual/nixpkgs/unstable/#compiling-rust-applications-with-cargo)
  for more information.

- The `vendorHash` of Go packages built with `buildGoModule` can now be overridden with `overrideAttrs`.
  `goModules`, `modRoot`, `vendorHash`, `deleteVendor`, and `proxyVendor` are now passed as derivation attributes.
  `goModules` and `vendorHash` are no longer placed under `passthru`.

- `buildFlags`/`buildFlagsArray` on `buildGoModule` have been deprecated. 24.11 is the last release where `buildGoModule` accepts these flags (while throwing a warning).
  Use the [`ldflags`](https://nixos.org/manual/nixpkgs/unstable/#var-go-ldflags) and/or [`tags`](https://nixos.org/manual/nixpkgs/unstable/#var-go-tags) attributes or
  [the environment](https://nixos.org/manual/nixpkgs/unstable/#ssec-go-environment) instead.

- `buildGoPackage` has been deprecated. 24.11 is the last release with `buildGoPackage` available.

- `hareHook` has been added as the language framework for Hare. From now on, it,
  not the `hare` package, should be added to `nativeBuildInputs` when building
  Hare programs.

- `virtualisation.docker.liveRestore` has been renamed to `virtualisation.docker.daemon.settings."live-restore"` and turned off by default for state versions of at least 24.11.

- Tailscale's `authKeyFile` can now have its corresponding parameters set through `config.services.tailscale.authKeyParameters`, allowing for non-ephemeral unsupervised deployment and more.
  See [Registering new nodes using OAuth credentials](https://tailscale.com/kb/1215/oauth-clients#registering-new-nodes-using-oauth-credentials) for the supported options.

- `nixosTests` now provide a working IPv6 setup for VLAN 1 by default.

- Kanidm can now be provisioned using the new [`services.kanidm.provision`] option, but requires using a patched version available via `pkgs.kanidm.withSecretProvisioning`.

- Kanidm previously had an incorrect systemd service type, causing dependent units with an `after` and `requires` directive to start before `kanidm*` finished startup. The module has now been updated in line with upstream recommendations.

- [`services.jupyter`](#opt-services.jupyter.enable) is now compatible with `Jupyter Notebook 7`. See [the migration guide](https://jupyter-notebook.readthedocs.io/en/latest/migrate_to_notebook7.html) for details.
Title: More Package Changes and Notable Updates in NixOS 24.11
Summary
This section continues detailing changes in NixOS 24.11, including the removal of Atlassian's Crowd and Jira packages, and `python3Packages.nose`. Dotnet packages now utilize a wrapper and have an updated directory structure, with default versions pointing to dotnet 8. `torq` has also been removed. Other notable changes include enabling the `zerocallusedregs` hardening flag by default, adding `stackclashprotection` and `pacret` flags (disabled by default), deprecating `cargoSha256` in favor of `cargoHash`, and updates to Go package building with `buildGoModule` and the deprecation of `buildGoPackage`. Also includes the addition of `hareHook`, renaming `virtualisation.docker.liveRestore`, enhanced Tailscale auth key configuration, IPv6 setup in `nixosTests`, Kanidm provisioning via `services.kanidm.provision`, and compatibility of `services.jupyter` with Jupyter Notebook 7.