sublime4: drop openssl_1_1#531298
Conversation
bf7cd76 to
90a4bb2
Compare
|
There's a ST setting, |
|
4200 only announced the deprecation, the old plugin host is still there for now. Looking at 4200, it seems even For So I would be in favour of doing that and marking stable as broken: diff --git a/pkgs/applications/editors/sublime/4/common.nix b/pkgs/applications/editors/sublime/4/common.nix
index be77793c7964..36e7a4b4896c 100644
--- a/pkgs/applications/editors/sublime/4/common.nix
+++ b/pkgs/applications/editors/sublime/4/common.nix
@@ -22,7 +22,6 @@
writeShellScript,
common-updater-scripts,
curl,
- openssl_1_1,
openssl_3_5,
bzip2,
sqlite,
@@ -33,7 +32,6 @@ let
packageAttribute = "sublime4${lib.optionalString dev "-dev"}";
binaries = [
"sublime_text"
- "plugin_host-3.3"
"plugin_host-3.${if lib.versionAtLeast buildVersion "4205" then "14" else "8"}"
crashHandlerBinary
];
@@ -55,7 +53,6 @@ let
libxtst
glib
libglvnd
- openssl_1_1
gtk3
cairo
pango
@@ -88,6 +85,8 @@ let
buildPhase = ''
runHook preBuild
+ rm plugin_host-3.3
+
for binary in ${builtins.concatStringsSep " " binaries}; do
patchelf \
--interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \
@@ -95,6 +94,8 @@ let
$binary
done
+ echo '{"disable_plugin_host_3.3": true}' > Packages/Preferences.sublime-settings
+
# Unable to get plugin_host-3.14 not crash with Python from Nixpkgs
${lib.optionalString (lib.versionAtLeast buildVersion "4205") "patchelf --set-rpath ${
lib.makeLibraryPath [
@@ -223,6 +224,8 @@ stdenv.mkDerivation (finalAttrs: {
];
sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ];
license = lib.licenses.unfree;
+ # Packages, including core ones, do not run without plug-in host depending on insecure OpenSSL.
+ broken = lib.versionOlder buildVersion "4205";
platforms = [
"aarch64-linux"
"x86_64-linux" |
b39ba43 to
147a2d2
Compare
jtojnar
left a comment
There was a problem hiding this comment.
Thanks. Btw, you have atuhored in the commit message.
|
Actually, I wonder if we should perhaps mark the
|
147a2d2 to
e0d52c6
Compare
I wouldn't want to mark it broken since most of the editor is working, but it sounds like an important enough change to emit a warning, I'm not sure how well the plugin ecosystem migrated to newer python. |
e0d52c6 to
897d5ea
Compare
| "aarch64-linux" | ||
| "x86_64-linux" | ||
| ]; | ||
| problems.removal.message = "We have removed Python 3.3 package support ahead of upstream schedule but if you do not use any old packages, this should just work."; |
There was a problem hiding this comment.
This should be deprecated, but weirdly it doesn't emit a warning by default.
I'm pretty sure removal means that the package in nixpkgs will be removed soon and not that we have removed a feature of the package.
| problems.removal.message = "We have removed Python 3.3 package support ahead of upstream schedule but if you do not use any old packages, this should just work."; | |
| problems.deprecated.message = "We have removed Python 3.3 package support ahead of upstream schedule but if you do not use any old packages, this should just work."; |
There was a problem hiding this comment.
I think this is fine, the warning is not misleading:
warning: Package 'sublimetext4-4205' in /home/gep/nixpkgs/pkgs/applications/editors/sublime/4/common.nix:218 has the following problem: removal: We have removed Python 3.3 package support ahead of upstream schedule but if you do not use any old packages, this should just work. See https://nixos.org/manual/nixpkgs/unstable#sec-problems
Currently there's also meta.problems.maintainerless that also doesn't warn by default and fits even less for this use case, I wonder if it's worth adding something like meta.problems.modified for making modifications that are visible to users from upstream's distribution.
|
CI is failing because this package newly emits a warning that is intended, cc @NixOS/nixpkgs-ci |
Indeed, CI is intentionally strict about not allowing eval warnings, as usually that means something is wrong in the "default" package set. That's the main reason why In this case you're running into #523712, |
897d5ea to
d6e3085
Compare
MattSturgeon
left a comment
There was a problem hiding this comment.
Diff SGTM. The nitpicks don't necessarily need addressing, just LMK whether you plan to or not, so we know whether to wait before merging.
| $binary | ||
| done | ||
|
|
||
| echo '{"disable_plugin_host_3.3": true}' > Packages/Preferences.sublime-settings |
There was a problem hiding this comment.
Same. I assume this is overwriting some default settings? It'd be nice to explain what and/or why.
Again from #531298 (comment), so cc @jtojnar for a wording suggestion
Co-authored-by: Jan Tojnar <jtojnar@gmail.com>
d6e3085 to
76f58ee
Compare
Tracking: #269713
I didn't mark it broken, because the core functionality seems to work, I can edit and save files. There's an annoying popup however: "plugin_host-3.3 has exited unexpectedly, some plugin functionality won't be available until Sublime Text has restarted" on launch.
Our options are:
openssl_1_1. According to Upgrade OpenSSL sublimehq/sublime_text#5984 (comment), from 4200 (which we have in nixpkgs) we should be able to only depend onopenssl_3Things done
passthru.tests.nixpkgs-reviewon this PR. See nixpkgs-review usage../result/bin/.