openmodelica: qtWebKit is currently marked as insecure

[GiulioCocconi]

Describe the bug

Whilst trying to install openmodelica.omedit this error is displayed:

error: Package ‘qtwebkit-5.212.0-alpha4’ in /nix/store/hw0mp7awqma06m6s2h9yckyccxb63nqx-source/pkgs/development/libraries/qt-5/qtModule.nix:89 is marked as insecure, refusing to evaluate.

Known issues:
        QtWebkit upstream is unmaintained and receives no security updates, see
        https://blogs.gnome.org/mcatanzaro/2022/11/04/stop-using-qtwebkit/

Additional context

I know I could set NIXPKGS_ALLOW_INSECURE, but maybe is not the right thing to do.

Notify maintainers

@balodja @smironov

Metadata

Please run nix-shell -p nix-info --run "nix-info -m" and paste the result.

[user@system:~]$ nix-shell -p nix-info --run "nix-info -m"
 - system: `"x86_64-linux"`
 - host os: `Linux 6.6.1-zen1, NixOS, 23.11 (Tapir), 23.11.20231114.bf744fe`
 - multi-user?: `no`
 - sandbox: `yes`
 - version: `nix-env (Nix) 2.18.1`
 - channels(root): `"nixos"`
 - nixpkgs: `not found`

[NickCao]

You may do this more granularly with allowInsecurePredicate, but there's really not much else you can do.

[GiulioCocconi]

Is a fix upstream unlikely?

[kirillrdy]

@GiulioCocconi you should report upstream to "openmodelica.omedit"

[GiulioCocconi]

Do you mean the OpenModelica github page or omedit package here on NixOS?

[kirillrdy]

Do you mean the OpenModelica github page or omedit package here on NixOS?

• qtwebkit-5 is insecure and not supported by qt
• OpenModelica.medit ( version packaged in nixpkgs ) is using qtwebkit-5

there is not much nixpkgs can do, unless OpenModelica implements support for newer qtwebkit ( I am not even sure If it's a thing )

hopefully this makes sense, please feel free to follow up with questions, sometimes it's hard to provide all information in concise and well understood manner

[physics-enthusiast]

See OpenModelica/OpenModelica#11524