flake depends on insecure nodejs-14

[brianmay]

error: Package ‘nodejs-14.21.3’ in /nix/store/g68f5abh3xhcz8xsdlfw7wkgkkcx3nwy-source/pkgs/development/web/nodejs/v14.nix:11 is marked as insecure, refusing to evaluate.

       Known issues:
        - This NodeJS release has reached its end of life. See https://nodejs.org/en/about/releases/.

       You can install it anyway by allowing this package, using the
       following methods:

       a) To temporarily allow all insecure packages, you can use an environment
          variable for a single invocation of the nix tools:

            $ export NIXPKGS_ALLOW_INSECURE=1

        Note: For `nix shell`, `nix build`, `nix develop` or any other Nix 2.4+
        (Flake) command, `--impure` must be passed in order to read this
        environment variable.

       b) for `nixos-rebuild` you can add ‘nodejs-14.21.3’ to
          `nixpkgs.config.permittedInsecurePackages` in the configuration.nix,
          like so:

            {
              nixpkgs.config.permittedInsecurePackages = [
                "nodejs-14.21.3"
              ];
            }

       c) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
          ‘nodejs-14.21.3’ to `permittedInsecurePackages` in
          ~/.config/nixpkgs/config.nix, like so:

            {
              permittedInsecurePackages = [
                "nodejs-14.21.3"
              ];
            }
(use '--show-trace' to show detailed location information)
error: getting status of '/home/brian/tree/personal/robotica/robotica-rust/.direnv/flake-profile.549140': No such file or directory
warning: Git tree '/home/brian/tree/personal/robotica/robotica-rust' is dirty
direnv: nix-direnv: renewed cache
direnv: export +AMBER_SITE_ID +AMBER_TOKEN +CLASSIFICATIONS_FILE +CONFIG_FILE +HOSTNAME +INFLUXDB_DATABASE +INFLUXDB_URL +LIFE360_PASSWORD +LIFE360_USERNAME +MQTT_CA_CERT_FILE +MQTT_HOST +MQTT_PASSWORD +MQTT_PORT +MQTT_USERNAME +OIDC_CLIENT_ID +OIDC_CLIENT_SECRET +OIDC_DISCOVERY_URL +OIDC_SCOPES +ROBOTICA_DEBUG +ROOT_URL +SCHEDULE_FILE +SEQUENCES_FILE +SESSION_SECRET +STATE_DIR

brian in 🌐 canidae in ☸ arn:aws:eks:us-east-2:234999735313:cluster/opscicd in robotica-rust on  nix_backend [!?] is 📦 v0.1.0 via 🦀 
at 16:38:27 ❯                                                                              
direnv: loading ~/tree/personal/robotica/robotica-rust/.envrc                                         
direnv: using flake
warning: Git tree '/home/brian/tree/personal/robotica/robotica-rust' is dirty
evaluating derivation 'git+file:///home/brian/tree/personal/robotica/robotica-rust#devShells.x86_64-li
error: Package ‘nodejs-14.21.3’ in /nix/store/sg8d2aslxnyr4krwynnh2aszdrcnz3sq-source/pkgs/development/web/nodejs/v14.nix:11 is marked as insecure, refusing to evaluate.

       Known issues:
        - This NodeJS release has reached its end of life. See https://nodejs.org/en/about/releases/.

       You can install it anyway by allowing this package, using the
       following methods:

       a) To temporarily allow all insecure packages, you can use an environment
          variable for a single invocation of the nix tools:

            $ export NIXPKGS_ALLOW_INSECURE=1

        Note: For `nix shell`, `nix build`, `nix develop` or any other Nix 2.4+
        (Flake) command, `--impure` must be passed in order to read this
        environment variable.

       b) for `nixos-rebuild` you can add ‘nodejs-14.21.3’ to
          `nixpkgs.config.permittedInsecurePackages` in the configuration.nix,
          like so:

            {
              nixpkgs.config.permittedInsecurePackages = [
                "nodejs-14.21.3"
              ];
            }

       c) For `nix-env`, `nix-build`, `nix-shell` or any other Nix command you can add
          ‘nodejs-14.21.3’ to `permittedInsecurePackages` in
          ~/.config/nixpkgs/config.nix, like so:

            {
              permittedInsecurePackages = [
                "nodejs-14.21.3"
              ];
            }
(use '--show-trace' to show detailed location information)

As far as I can tell, not possible to override this when installing from flake.

I think this might be where it is coming from: https://github.com/svanderburg/node2nix/blob/master/default.nix#L5

[adamgoose]

Addressed by #310

[brianmay]

Maybe not. That PR doesn't change the nodejs version. As of right now anyway.

[pmiddend]

Indeed. I tried a simple node2nix -l package-lock.json && nix-build -A package and got an error about a missing nodejs_14.