Lmst

#LIX issues Record Event Report (RER) at Jun 29, 4:32 PM CDT ...RECORD DAILY MAXIMUM RAINFALL SET AT BATON ROUGE AIRPORT... https://mesonet.agron.iastate.edu/p.php?pid=202506292132-KLIX-SXUS74-RERBTR

IMPORTANT for #Lix users: look out for this critical bug that can bork your system: https://lix.systems/blog/2025-06-27-lix-critical-bug/

They give you other ways of fixing the issue, like patching Lix. But if you need a quick fix, you can downgrade, but that will make you susceptible to a security CVE (granted there's no known attack vector yet). If you want to downgrade but don't know how, here's a reference for Flakes: https://codeberg.org/8bitbuddhist/nix-configuration/src/commit/d5d7eebf169fc98c5fe47d578833498b77bf4ac5/flake.nix#L31

#NixOS #Nix

@lix_project I personally ran into this problem by CTRL-C interrupting a build of Lix, and was able to recover usage of Lix by finding an existing /nix/store path with libeditline.so, and forcing Lix to load that while bypassing the daemon:

This is what that looked like for me:

$ sudo env LD_PRELOAD=/nix/store/pr2xhavyz59p98mpjndyn4acqbliw1fa-editline-1.17.1/lib/libeditline.so.1 nix-store --repair-path /nix/store/dpih77kxyw9kvyyncdj4abfx59padqik-editline-1.17.1

Root usage is necessary to bypass the Nix daemon. LD_PRELOAD after sudo is also necessary as sudo always strips LD_PRELOAD even with --preserve-env.

Your individual recovery options may vary. Ask in Lix's public Matrix help channels if you need assistance.

#Lix

Is it just me, or is #lix (or is it #homemanager?) straight up ignoring the flake.lock of an input chosen with --override-input???

I can't reproduce it, but it happens just so frequently. what is going on here. why is my computer haunted

@vera @lix_project
It would help if the post would include a link to a static nix binary.
It's not necessarily trivial to find.

#lix #nix

if you're running lix and you updated it for the CVE patches you should really check this post, there was a serious regression:

https://lix.systems/blog/2025-06-27-lix-critical-bug/

#lix #nix #nixos

Lix releases are now out, please upgrade. A detailed writeup about the issue and the mitigations is at https://lix.systems/blog/2025-06-24-lix-cves/, scroll a bit down for for instructions on how to protect yourselves.

See also the Discourse announcement post at https://discourse.nixos.org/t/security-advisory-privilege-escalations-in-nix-lix-and-guix/66017, which also links to the various Nixpkgs PRs for those that use Lix from Nixpkgs.

#Nix #Lix

Security Advisory: Privilege Escalations in Nix, Lix and Guix

https://discourse.nixos.org/t/security-advisory-privilege-escalations-in-nix-lix-and-guix/66017

#security #nixpkgs #nixos #nix #lix #guix

An official announcement will come soon, but if you are using the #Lix package manager, it's recommended you upgrade NOW.

For more details, read https://lix.systems/blog/2025-06-24-lix-cves/.

This blog post will be updated with more information as we go (PRs in nixpkgs, etc.).

#NixOS

Security pre-disclosure:

A critical security advisory for #Nix and #Lix (and #Guix) will be published tomorrow at 14:00 UTC.

If you're building untrusted derivations, you must upgrade to ensure your systems remain secure.

Lix versions 2.91, 2.92, 2.93, and main will receive upgrades on all known channels to Lix. Lix 2.90 WILL NOT receive upgrades.

More details are available in the pre-disclosure post:
https://discourse.nixos.org/t/pre-disclosure-announcement-security-advisory-for-nix-and-lix-on-june-24-2025/65831

Please stay alert for the full announcement tomorrow at 14:00 UTC.

in case someone here didn't hear about this, it seems there will be a security release for lix, nix and guix on the 24th

EDIT: Patches have been released for lix and nix now
- https://lix.systems/blog/2025-06-24-lix-cves/
- https://discourse.nixos.org/t/security-advisory-privilege-escalations-in-nix-lix-and-guix/66017

#lix #nix #guix #nixos

Pre-disclosure announcement: Security Advisory for Nix and Lix on June 24, 2025

https://discourse.nixos.org/t/pre-disclosure-announcement-security-advisory-for-nix-and-lix-on-june-24-2025/65831

#security #nixpkgs #nixos #nix #lix

#LIX issues Record Event Report (RER) at Jun 10, 2:32 AM CDT ...RECORD WARM LOW TEMPERATURE TIED AT BATON ROUGE YESTERDAY... https://mesonet.agron.iastate.edu/p.php?pid=202506100732-KLIX-SXUS74-RERBTR

#LIX issues Record Event Report (RER) at Jun 9, 2:34 AM CDT ...RECORD WARM LOW TEMPERATURE TIED AT BATON ROUGE YESTERDAY... https://mesonet.agron.iastate.edu/p.php?pid=202506090734-KLIX-SXUS74-RERBTR

So I decided to poke around a bit in the #lix codebase, and just add a toBeautifiedJSON builtin, how hard could it be. Turns out, this was a fun 20min adventure.

I already knew that I had to look around in libexpr. From there copying the existing toJSON code, was trivial, and making it format the json was as easy as appending `.dump(2)` to the json object, because nlohmann/json already has pretty printing support.

For me the size trade off, compared to compact json is worth the convenience. 🧵

Exploring #lix codebase :3

A textual build output by running `just setup build test-unit` within the lix codebase.

Gamethread LIX – Tigers at Royals https://www.rawchili.com/mlb/69773/ #2025RoyalsGamethreads #at #Baseball #FrontPage #gamethread #Kansas #KansasCity #KansasCityRoyals #KansasCity #KansasCityRoyals #lix #MLB #review #royals #Tigers

@sandro @ma27 @hexa The work #lix is doing demonstrates well that language evolution is not really held back and that #nixpkgs inability to change is really a nixpkgs problem, which is not really limited to nix 2.3 compatibility either.
#lix pushing the envelope is a good thing in my opinion and nixpkgs has to do the work to keep up.