Home Explore Blog CI



nixpkgs
23th chunk of `nixos/doc/manual/release-notes/rl-2411.section.md`
acfd6db0b863ac905f61fbaae0cb0366dd6a6d8eb043f001000000010000101d
  The derivation now installs "impl" headers selectively instead of by a wildcard.
  Use `imgui.src` if you just want to access the unpacked sources.

- The new `boot.loader.systemd-boot.windows` option makes setting up dual-booting with Windows on a different drive easier.

- The `boot.loader.raspberryPi` options were marked as deprecated in 23.11 and have now been removed.

- Linux 4.19 has been removed because it will reach its end of life within the lifespan of 24.11.

- Unprivileged access to the kernel syslog via `dmesg` is now restricted by default. Users wanting to keep an
  unrestricted access to it can set `boot.kernel.sysctl."kernel.dmesg_restrict" = false`.

- The `i18n.inputMethod` module introduces two new properties:
  `enable` and `type`, for declaring whether to enable an alternative input method and defining which input method respectfully. The options available in `type` are the same as the existing `enabled` option. `enabled` is now deprecated, and will be removed in a future release.

- `security.pam.u2f` now uses freeform options; all module options are now configurable through `security.pam.u2f.settings`.

- `mikutter` was removed as the package was broken and had no maintainers.

- `services.getty.autologinOnce` was added to limit the automatic login to once per boot and on the first tty only.
  When using full disk encryption, this option allows to unlock the system without retyping the passphrase while keeping the other ttys protected.

- Gollum was upgraded to major version 6. Read their [migration notes](https://github.com/gollum/gollum/wiki/6.0-Release-Notes).

- The hooks `yarnConfigHook` and `yarnBuildHook` were added. These should replace `yarn2nix.mkYarnPackage` and other `yarn2nix` related tools. The motivation to get rid of `yarn2nix` tools is the fact that they are too complex and hard to maintain, and they rely upon too much Nix evaluation which is problematic if import-from-derivation is not allowed (see more details at [#296856](https://github.com/NixOS/nixpkgs/issues/296856). The transition from `mkYarnPackage` to `yarn{Config,Build}Hook` is tracked at [#324246](https://github.com/NixOS/nixpkgs/issues/324246).

- `services.timesyncd.servers` now defaults to `null`, allowing systemd-timesyncd to use NTP servers advertised by DHCP.

- `services.timesyncd.fallbackServers` was added and defaults to `networking.timeServers`.

- Cinnamon has been updated to 6.2. Please check [upstream announcement](https://www.linuxmint.com/rel_wilma_whatsnew.php) for more details.
  Following Mint 22 defaults, the Cinnamon module no longer ships `geary` and `hexchat` by default.

- `zfs.latestCompatibleLinuxPackages` is deprecated and is now pointing at the default kernel. If using the stable LTS kernel (default `linuxPackages` is not possible then you must explicitly pin a specific kernel release. For example, `boot.kernelPackages = pkgs.linuxPackages_6_6`. Please be aware that non-LTS kernels are likely to go EOL before ZFS supports the latest supported non-LTS release, requiring manual intervention.

- The `shadowstack` hardening flag has been added, though disabled by default.

- `writeReferencesToFile` has been removed after its deprecation in 24.05. Use the trivial build helper `writeClosure` instead.

- `xxd` is now provided by the `tinyxxd` package rather than `vim.xxd` to reduce closure size and vulnerability impact. Since it has the same options and semantics as Vim's `xxd` utility, there is no user impact. Vim's `xxd` remains available as the `vim.xxd` package.

- `restic` module now has an option for inhibiting system sleep while backups are running, defaulting to off (not inhibiting sleep). Available as [`services.restic.backups.<name>.inhibitsSleep`](#opt-services.restic.backups._name_.inhibitsSleep).

- Mattermost has been updated from 9.5 to 9.11 ESR. See the [changelog](https://docs.mattermost.com/about/mattermost-v9-changelog.html#release-v9-11-extended-support-release) for more details.

- `cargo-tauri.hook` was introduced to help users build [Tauri](https://tauri.app/) projects. It is meant to be used alongside
Title: NixOS 24.11 Updates: Input Methods, Security, Package Changes, and System Services
Summary
This section covers various updates in NixOS 24.11. The `i18n.inputMethod` module introduces `enable` and `type` properties, deprecating `enabled`. `security.pam.u2f` now uses freeform options via `security.pam.u2f.settings`. `mikutter` has been removed, while `services.getty.autologinOnce` limits automatic login to once per boot. Gollum is upgraded to version 6. New hooks, `yarnConfigHook` and `yarnBuildHook`, replace `yarn2nix` tools. `services.timesyncd.servers` defaults to `null`, and `services.timesyncd.fallbackServers` is added. Cinnamon is updated to 6.2, with changes to default packages. `zfs.latestCompatibleLinuxPackages` is deprecated, requiring explicit kernel pinning if using LTS. The `shadowstack` flag is added, `writeReferencesToFile` is removed, and `xxd` is now provided by `tinyxxd`. The `restic` module offers sleep inhibition during backups. Mattermost is updated to 9.11 ESR, and `cargo-tauri.hook` assists in building Tauri projects.