search

dckc / madmode-blog

my tinkering notebook (blog)
https://www.madmode.com
0 stars 2 forks source link

archivebox on nix failed: django/3.nix:55 is marked as insecure, refusing to evaluate #216

Open dckc opened 15 hours ago

dckc commented 15 hours ago 
$ nix shell nixpkgs#archivebox
error:
       … while evaluating the attribute 'drvPath'
         at /nix/store/c05d1sqfhkl93p3j5ykic68mgg1gsrvb-source/lib/customisation.nix:365:7:
          364|     in commonAttrs // {
          365|       drvPath = assert condition; drv.drvPath;
             |       ^
          366|       outPath = assert condition; drv.outPath;

       … while calling the 'derivationStrict' builtin
         at <nix/derivation-internal.nix>:9:12:
            8|
            9|   strict = derivationStrict drvAttrs;
             |            ^
           10|

       (stack trace truncated; use '--show-trace' to show the full trace)

       error: Package ‘python3.12-django-3.1.14’ in /nix/store/c05d1sqfhkl93p3j5ykic68mgg1gsrvb-source/pkgs/development/python-modules/django/3.nix:55 is marked as insecure, refusing to evaluate.

       Known issues:
        - CVE-2021-45115
        - CVE-2021-45116
        - CVE-2021-45452
        - CVE-2022-23833
        - CVE-2022-22818
        - CVE-2022-28347
        - CVE-2022-28346

       You can install it anyway by allowing this package, using the
       following methods:

       a) To temporarily allow all insecure packages, you can use an environment
          variable for a single invocation of the nix tools:

            $ export NIXPKGS_ALLOW_INSECURE=1

          Note: When using `nix shell`, `nix build`, `nix develop`, etc with a flake,
                then pass `--impure` in order to allow use of environment variables.

       b) for `nixos-rebuild` you can add ‘python3.12-django-3.1.14’ to
          `nixpkgs.config.permittedInsecurePackages` in the configuration.nix,
          like so:

            {
              nixpkgs.config.permittedInsecurePackages = [
                "python3.12-django-3.1.14"
              ];
            }

       c) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
          ‘python3.12-django-3.1.14’ to `permittedInsecurePackages` in
          ~/.config/nixpkgs/config.nix, like so:

            {
              permittedInsecurePackages = [
                "python3.12-django-3.1.14"
              ];
            }

context:

guix package mhtml web archive at DuckDuckGo

archivebox — Packages — GNU Guix

ArchiveBox | 🗃 Open source self-hosted web archiving. Takes URLs/browser history/bookmarks/Pocket/Pinboard/etc., saves HTML, JS, PDFs, media, and more…

Search Results

dckc commented 15 hours ago

guix failed too:

$ guix shell archivebox
...
 xvid-1.3.7  258KiB                  10.8MiB/s 00:00 ▕██████████████████▏ 100.0%
building /gnu/store/snr9mxc9ih070bf1ffd36ywf8hy5alkm-python-django-3.1.14.drv...
\ 'check' phasebuilder for `/gnu/store/snr9mxc9ih070bf1ffd36ywf8hy5alkm-python-django-3.1.14.drv' failed with exit code 1
build of /gnu/store/snr9mxc9ih070bf1ffd36ywf8hy5alkm-python-django-3.1.14.drv failed
View build log at '/var/log/guix/drvs/sn/r9mxc9ih070bf1ffd36ywf8hy5alkm-python-django-3.1.14.drv.gz'.
cannot build derivation `/gnu/store/dmhv8ykggr58kflw4b26lxa495q46wxl-archivebox-0.6.2.drv': 1 dependencies couldn't be built
guix shell: error: build of `/gnu/store/dmhv8ykggr58kflw4b26lxa495q46wxl-archivebox-0.6.2.drv' failed