From 3ec20383af8deeb46c94972996d275b1593e63e2 Mon Sep 17 00:00:00 2001 From: savil <676452+savil@users.noreply.github.com> Date: Mon, 4 Aug 2025 22:18:39 -0700 Subject: [PATCH 1/4] [docker image] set filter-syscalls = false in nix.conf to workaround missing `seccomp BPF program` in arm64 linux (#2665) ## Summary The docker-image is failing to build in GHA: https://github.com/jetify-com/devbox/actions/runs/16204700194/job/47358742840 The error indicates that the seccomp (secure computing mode) BPF (Berkeley Packet Filter) program that Nix tries to load is incompatible with the Docker container environment on ARM64. When filter-syscalls = true (the default), Nix uses seccomp BPF to filter system calls for security sandboxing. Setting filter-syscalls = false disables Nix's syscall filtering, which bypasses the seccomp BPF program entirely and prevents the error. This PR uses the approach from #1811 to fix this for arm64 platforms. ## How was it tested? `docker build --platform linux/arm64 -t devbox-image-arm64 -f /Users/savil/code/jetpack/devbox/internal/devbox/generate/tmpl/DevboxImageDockerfile .` `docker build --platform linux/arm64 -t devbox-image-arm64 -f /Users/savil/code/jetpack/devbox/internal/devbox/generate/tmpl/DevboxImageDockerfileRootUser .` BEFORE: these failed with the error seen in the GHA above AFTER: build successfully Also confirmed that --platform linux/amd64 would build successfully ## Community Contribution License All community contributions in this pull request are licensed to the project maintainers under the terms of the [Apache 2 License](https://www.apache.org/licenses/LICENSE-2.0). By creating this pull request, I represent that I have the right to license the contributions to the project maintainers under the Apache 2 License as stated in the [Community Contribution License](https://github.com/jetify-com/opensource/blob/main/CONTRIBUTING.md#community-contribution-license). --- internal/devbox/generate/tmpl/DevboxImageDockerfile | 13 ++++++++++--- .../generate/tmpl/DevboxImageDockerfileRootUser | 6 +++++- 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/internal/devbox/generate/tmpl/DevboxImageDockerfile b/internal/devbox/generate/tmpl/DevboxImageDockerfile index d04560d2a3f..8664d6585e4 100644 --- a/internal/devbox/generate/tmpl/DevboxImageDockerfile +++ b/internal/devbox/generate/tmpl/DevboxImageDockerfile @@ -7,20 +7,27 @@ ARG DEVBOX_USE_VERSION RUN apt-get update RUN apt-get -y install bash binutils git xz-utils wget sudo -# Step 1.5: Setting up devbox user +# Step 2: Prepare for Nix +ARG TARGETPLATFORM +RUN mkdir -p /etc/nix/ +RUN if [ "$TARGETPLATFORM" = "linux/arm64" ] || [ "$TARGETPLATFORM" = "linux/arm64/v8" ]; then \ + echo "filter-syscalls = false" >> /etc/nix/nix.conf; \ + fi + +# Step 3: Setting up devbox user ENV DEVBOX_USER=devbox RUN adduser $DEVBOX_USER RUN usermod -aG sudo $DEVBOX_USER RUN echo "devbox ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/$DEVBOX_USER USER $DEVBOX_USER -# Step 2: Installing Nix +# Step 4: Installing Nix RUN wget --output-document=/dev/stdout https://nixos.org/nix/install | sh -s -- --no-daemon RUN . ~/.nix-profile/etc/profile.d/nix.sh ENV PATH="/home/${DEVBOX_USER}/.nix-profile/bin:$PATH" -# Step 3: Installing devbox +# Step 5: Installing devbox ENV DEVBOX_USE_VERSION=$DEVBOX_USE_VERSION RUN wget --quiet --output-document=/dev/stdout https://get.jetify.com/devbox | bash -s -- -f RUN chown -R "${DEVBOX_USER}:${DEVBOX_USER}" /usr/local/bin/devbox diff --git a/internal/devbox/generate/tmpl/DevboxImageDockerfileRootUser b/internal/devbox/generate/tmpl/DevboxImageDockerfileRootUser index 4a841f37c00..108d23be5de 100644 --- a/internal/devbox/generate/tmpl/DevboxImageDockerfileRootUser +++ b/internal/devbox/generate/tmpl/DevboxImageDockerfileRootUser @@ -8,8 +8,12 @@ RUN apt-get update RUN apt-get -y install bash binutils git xz-utils wget sudo # Step 2: Installing Nix +ARG TARGETPLATFORM RUN mkdir -p /etc/nix/ -RUN echo "filter-syscalls = false" >> /etc/nix/nix.conf && wget --output-document=/dev/stdout https://nixos.org/nix/install | sh -s -- --daemon +RUN if [ "$TARGETPLATFORM" = "linux/arm64" ] || [ "$TARGETPLATFORM" = "linux/arm64/v8" ]; then \ + echo "filter-syscalls = false" >> /etc/nix/nix.conf; \ + fi +RUN wget --output-document=/dev/stdout https://nixos.org/nix/install | sh -s -- --daemon RUN . ~/.nix-profile/etc/profile.d/nix.sh ENV PATH="/root/.nix-profile/bin:$PATH" From 026caabb05faab8ad99e314aa55c35361927aeea Mon Sep 17 00:00:00 2001 From: Mike Landau Date: Mon, 11 Aug 2025 14:03:04 -0700 Subject: [PATCH 2/4] [cicd] Fix github rate limit issue (#2667) ## Summary Fixes https://github.com/jetify-com/devbox/actions/runs/16847493651/job/47729104601 This is a very specific fix to this job. I think a better solution is to pass `--extra-access-tokens` flag into nix commands that may interact with github. ## How was it tested? Not sure how to test. ## Community Contribution License All community contributions in this pull request are licensed to the project maintainers under the terms of the [Apache 2 License](https://www.apache.org/licenses/LICENSE-2.0). By creating this pull request, I represent that I have the right to license the contributions to the project maintainers under the Apache 2 License as stated in the [Community Contribution License](https://github.com/jetify-com/opensource/blob/main/CONTRIBUTING.md#community-contribution-license). --- .github/workflows/cache-upload.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/cache-upload.yml b/.github/workflows/cache-upload.yml index a81562f2a52..be488dfb369 100644 --- a/.github/workflows/cache-upload.yml +++ b/.github/workflows/cache-upload.yml @@ -22,6 +22,9 @@ env: DEVBOX_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }} DEVBOX_DEBUG: 1 GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # I think this should be added to individual nix commands within devbox, but this is quick fix for now + NIX_CONFIG: | + access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} jobs: upload-cache: From 4be11f7b3b064381abc960a34c7312a1ad26b932 Mon Sep 17 00:00:00 2001 From: Mike Landau Date: Tue, 12 Aug 2025 07:18:42 -0700 Subject: [PATCH 3/4] [deps] Update go (#2669) ## Summary Fixes https://github.com/jetify-com/devbox/issues/2668 ## How was it tested? ## Community Contribution License All community contributions in this pull request are licensed to the project maintainers under the terms of the [Apache 2 License](https://www.apache.org/licenses/LICENSE-2.0). By creating this pull request, I represent that I have the right to license the contributions to the project maintainers under the Apache 2 License as stated in the [Community Contribution License](https://github.com/jetify-com/opensource/blob/main/CONTRIBUTING.md#community-contribution-license). --- .github/workflows/cli-tests.yaml | 7 +- devbox.json | 1 + devbox.lock | 80 +++++++++---------- .../development/go/hello-world/devbox.json | 26 +++--- .../development/go/hello-world/devbox.lock | 49 ++++++++++-- examples/development/go/hello-world/go.mod | 2 +- examples/development/go/hello-world/main.go | 2 +- flake.lock | 6 +- flake.nix | 2 +- go.mod | 2 +- 10 files changed, 106 insertions(+), 71 deletions(-) diff --git a/.github/workflows/cli-tests.yaml b/.github/workflows/cli-tests.yaml index 2348393be63..89ec99f345f 100644 --- a/.github/workflows/cli-tests.yaml +++ b/.github/workflows/cli-tests.yaml @@ -83,10 +83,13 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: DeterminateSystems/nix-installer-action@main + - name: Install devbox + uses: jetify-com/devbox-install-action@v0.13.0 + with: + enable-cache: true - name: Build flake run: | - if ! nix build .; then + if ! devbox run build-flake; then echo "::warning::If this fails, you probably have to run 'devbox run update-hash'" exit 1 fi diff --git a/devbox.json b/devbox.json index f346011420f..b4b4b8fc19c 100644 --- a/devbox.json +++ b/devbox.json @@ -50,6 +50,7 @@ "go mod vendor -o $vendor", "nix hash path $vendor >vendor-hash" ], + "build-flake": "nix build .", "tidy": ["go mod tidy", "devbox run update-hash"], // docker-testscripts runs the testscripts with Docker to exercise // Linux-specific tests. It invokes the test binary directly, so any extra diff --git a/devbox.lock b/devbox.lock index 3e972c85304..825c82cd315 100644 --- a/devbox.lock +++ b/devbox.lock @@ -2,8 +2,8 @@ "lockfile_version": "1", "packages": { "fd@latest": { - "last_modified": "2025-03-11T17:52:14Z", - "resolved": "github:NixOS/nixpkgs/0d534853a55b5d02a4ababa1d71921ce8f0aee4c#fd", + "last_modified": "2025-07-28T17:09:23Z", + "resolved": "github:NixOS/nixpkgs/648f70160c03151bc2121d179291337ad6bc564b#fd", "source": "devbox-search", "version": "10.2.0", "systems": { @@ -11,165 +11,165 @@ "outputs": [ { "name": "out", - "path": "/nix/store/40pdazk980kp3h26py4hjyx9rys1g14n-fd-10.2.0", + "path": "/nix/store/40nk6ri500aip6a34x8nnhr9k0ikgl8f-fd-10.2.0", "default": true } ], - "store_path": "/nix/store/40pdazk980kp3h26py4hjyx9rys1g14n-fd-10.2.0" + "store_path": "/nix/store/40nk6ri500aip6a34x8nnhr9k0ikgl8f-fd-10.2.0" }, "aarch64-linux": { "outputs": [ { "name": "out", - "path": "/nix/store/76zcwa1d33vciy4gyqvk6jl2n3g1542q-fd-10.2.0", + "path": "/nix/store/f0cm3mr35dxk6ziwcarwmk5psnzklg6k-fd-10.2.0", "default": true } ], - "store_path": "/nix/store/76zcwa1d33vciy4gyqvk6jl2n3g1542q-fd-10.2.0" + "store_path": "/nix/store/f0cm3mr35dxk6ziwcarwmk5psnzklg6k-fd-10.2.0" }, "x86_64-darwin": { "outputs": [ { "name": "out", - "path": "/nix/store/ys9qmljs0ag7j040radgg48l6pvjmv9l-fd-10.2.0", + "path": "/nix/store/5vqrgkgb3ishhjrjfvd08401bzj80yhl-fd-10.2.0", "default": true } ], - "store_path": "/nix/store/ys9qmljs0ag7j040radgg48l6pvjmv9l-fd-10.2.0" + "store_path": "/nix/store/5vqrgkgb3ishhjrjfvd08401bzj80yhl-fd-10.2.0" }, "x86_64-linux": { "outputs": [ { "name": "out", - "path": "/nix/store/rrdvpl7rym4ia0h7rfz1vmlcvvivj30j-fd-10.2.0", + "path": "/nix/store/d8gs5vih8f1nkck5q8jrndzxzdkpsl01-fd-10.2.0", "default": true } ], - "store_path": "/nix/store/rrdvpl7rym4ia0h7rfz1vmlcvvivj30j-fd-10.2.0" + "store_path": "/nix/store/d8gs5vih8f1nkck5q8jrndzxzdkpsl01-fd-10.2.0" } } }, "git@latest": { - "last_modified": "2025-03-11T17:52:14Z", - "resolved": "github:NixOS/nixpkgs/0d534853a55b5d02a4ababa1d71921ce8f0aee4c#git", + "last_modified": "2025-07-28T17:09:23Z", + "resolved": "github:NixOS/nixpkgs/648f70160c03151bc2121d179291337ad6bc564b#git", "source": "devbox-search", - "version": "2.48.1", + "version": "2.50.1", "systems": { "aarch64-darwin": { "outputs": [ { "name": "out", - "path": "/nix/store/b3sci30zzzlj3rzj1y89cijnd6zcwapk-git-2.48.1", + "path": "/nix/store/jn9byxgdjndngf0d2by0djg8gcdll7xc-git-2.50.1", "default": true }, { "name": "doc", - "path": "/nix/store/086knqdw7fjgzczp0i6nad95s2v6jbya-git-2.48.1-doc" + "path": "/nix/store/j8djmq64ckbah7bl6jv1y6arrjr0shmv-git-2.50.1-doc" } ], - "store_path": "/nix/store/b3sci30zzzlj3rzj1y89cijnd6zcwapk-git-2.48.1" + "store_path": "/nix/store/jn9byxgdjndngf0d2by0djg8gcdll7xc-git-2.50.1" }, "aarch64-linux": { "outputs": [ { "name": "out", - "path": "/nix/store/pck1dr5jxrd5b8nmfasbn13z422jhcfm-git-2.48.1", + "path": "/nix/store/h4pvvix6pvnvys9a6y1xj2442r1ajdhl-git-2.50.1", "default": true }, { "name": "debug", - "path": "/nix/store/xqqsvzlilh843rm6knykyng81apapr33-git-2.48.1-debug" + "path": "/nix/store/rpxnrnsn4nbx8wm9d2vrgj0fr5xzz5lg-git-2.50.1-debug" }, { "name": "doc", - "path": "/nix/store/485b32ys0s2dvjfisn7405ildmpqvfzk-git-2.48.1-doc" + "path": "/nix/store/q8sicpx16gyzxnp3345a46lj4cz9wd09-git-2.50.1-doc" } ], - "store_path": "/nix/store/pck1dr5jxrd5b8nmfasbn13z422jhcfm-git-2.48.1" + "store_path": "/nix/store/h4pvvix6pvnvys9a6y1xj2442r1ajdhl-git-2.50.1" }, "x86_64-darwin": { "outputs": [ { "name": "out", - "path": "/nix/store/9qjzgsf9mvdp6sfd7xyzhgrahl2qhhp6-git-2.48.1", + "path": "/nix/store/8d1n8cvi5x1j0v61459lvhqs26vmcqbl-git-2.50.1", "default": true }, { "name": "doc", - "path": "/nix/store/cgv7qa0ix059ma9a0qac0bywfvl3k7k2-git-2.48.1-doc" + "path": "/nix/store/yn9cvbs7jz4dfdb17qralgr0ybi5rmjf-git-2.50.1-doc" } ], - "store_path": "/nix/store/9qjzgsf9mvdp6sfd7xyzhgrahl2qhhp6-git-2.48.1" + "store_path": "/nix/store/8d1n8cvi5x1j0v61459lvhqs26vmcqbl-git-2.50.1" }, "x86_64-linux": { "outputs": [ { "name": "out", - "path": "/nix/store/lqx2rv26sdndpa2vyy2vxsahj03km69z-git-2.48.1", + "path": "/nix/store/5i8zvall945kypmwgqd0y47f02pldwp4-git-2.50.1", "default": true }, { "name": "doc", - "path": "/nix/store/hjczhs1dm3hzij7mx5c91rkzqvkb89av-git-2.48.1-doc" + "path": "/nix/store/d2lhlzkdziwmijik8nszfwp8srbkskb9-git-2.50.1-doc" }, { "name": "debug", - "path": "/nix/store/bk8xndavdnc2qgyvc6hcc8h29lk9jzqb-git-2.48.1-debug" + "path": "/nix/store/l46kpjpcwwp8l7kzzr1s2dlk646r73z2-git-2.50.1-debug" } ], - "store_path": "/nix/store/lqx2rv26sdndpa2vyy2vxsahj03km69z-git-2.48.1" + "store_path": "/nix/store/5i8zvall945kypmwgqd0y47f02pldwp4-git-2.50.1" } } }, "github:NixOS/nixpkgs/nixpkgs-unstable": { - "last_modified": "2025-04-07T13:23:10Z", - "resolved": "github:NixOS/nixpkgs/b0b4b5f8f621bfe213b8b21694bab52ecfcbf30b?lastModified=1744032190&narHash=sha256-KSlfrncSkcu1YE%2BuuJ%2FPTURsSlThoGkRqiGDVdbiE%2Fk%3D" + "last_modified": "2025-08-12T09:17:37Z", + "resolved": "github:NixOS/nixpkgs/372d9eeeafa5b15913201e2b92e8e539ac7c64d1?lastModified=1754990257&narHash=sha256-eEq2wlYNF2t89PsNyEv5Sz4lSxdukZCj4SdhZBVAGpI%3D" }, "go@latest": { - "last_modified": "2025-03-11T17:52:14Z", - "resolved": "github:NixOS/nixpkgs/0d534853a55b5d02a4ababa1d71921ce8f0aee4c#go", + "last_modified": "2025-07-28T17:09:23Z", + "resolved": "github:NixOS/nixpkgs/648f70160c03151bc2121d179291337ad6bc564b#go", "source": "devbox-search", - "version": "1.24.1", + "version": "1.24.5", "systems": { "aarch64-darwin": { "outputs": [ { "name": "out", - "path": "/nix/store/ja4jxx60lh1qfqfl4z4p2rff56ia1c3c-go-1.24.1", + "path": "/nix/store/kw1vd98s15vj700m3gx2x2xca2z477i3-go-1.24.5", "default": true } ], - "store_path": "/nix/store/ja4jxx60lh1qfqfl4z4p2rff56ia1c3c-go-1.24.1" + "store_path": "/nix/store/kw1vd98s15vj700m3gx2x2xca2z477i3-go-1.24.5" }, "aarch64-linux": { "outputs": [ { "name": "out", - "path": "/nix/store/8ply43gnxk1xwichr81mpgbjcd9a1y5w-go-1.24.1", + "path": "/nix/store/5bzlaj0c4mqw9p0zrcx5g9vz16vd45dl-go-1.24.5", "default": true } ], - "store_path": "/nix/store/8ply43gnxk1xwichr81mpgbjcd9a1y5w-go-1.24.1" + "store_path": "/nix/store/5bzlaj0c4mqw9p0zrcx5g9vz16vd45dl-go-1.24.5" }, "x86_64-darwin": { "outputs": [ { "name": "out", - "path": "/nix/store/87yxrfx5lh78bdz393i33cr5z23x06q4-go-1.24.1", + "path": "/nix/store/b72n20ixzl5ja9vciwahkr30bhmsn5jc-go-1.24.5", "default": true } ], - "store_path": "/nix/store/87yxrfx5lh78bdz393i33cr5z23x06q4-go-1.24.1" + "store_path": "/nix/store/b72n20ixzl5ja9vciwahkr30bhmsn5jc-go-1.24.5" }, "x86_64-linux": { "outputs": [ { "name": "out", - "path": "/nix/store/cfjhl0kn7xc65466pha9fkrvigw3g72n-go-1.24.1", + "path": "/nix/store/y4awwzp30ka130wmjrpaqjmjdf9p010w-go-1.24.5", "default": true } ], - "store_path": "/nix/store/cfjhl0kn7xc65466pha9fkrvigw3g72n-go-1.24.1" + "store_path": "/nix/store/y4awwzp30ka130wmjrpaqjmjdf9p010w-go-1.24.5" } } } diff --git a/examples/development/go/hello-world/devbox.json b/examples/development/go/hello-world/devbox.json index d1049a1e5aa..2530808c755 100644 --- a/examples/development/go/hello-world/devbox.json +++ b/examples/development/go/hello-world/devbox.json @@ -1,17 +1,15 @@ { - "packages": [ - "go@1.19.8" + "packages": ["go@1.24.5"], + "env": { + "GOPATH": "$HOME/go/", + "PATH": "$PATH:$HOME/go/bin" + }, + "shell": { + "init_hook": [ + "export \"GOROOT=$(go env GOROOT)\"" ], - "env": { - "GOPATH": "$HOME/go/", - "PATH": "$PATH:$HOME/go/bin" - }, - "shell": { - "init_hook": [ - "export \"GOROOT=$(go env GOROOT)\"" - ], - "scripts": { - "run_test": "go run main.go" - } + "scripts": { + "run_test": "go run main.go" } -} \ No newline at end of file + } +} diff --git a/examples/development/go/hello-world/devbox.lock b/examples/development/go/hello-world/devbox.lock index 0020002c39d..69235d59f96 100644 --- a/examples/development/go/hello-world/devbox.lock +++ b/examples/development/go/hello-world/devbox.lock @@ -1,22 +1,55 @@ { "lockfile_version": "1", "packages": { - "go@1.19.8": { - "last_modified": "2023-05-01T16:53:22Z", - "resolved": "github:NixOS/nixpkgs/8670e496ffd093b60e74e7fa53526aa5920d09eb#go_1_19", - "version": "1.19.8", + "github:NixOS/nixpkgs/nixpkgs-unstable": { + "last_modified": "2025-08-12T09:17:37Z", + "resolved": "github:NixOS/nixpkgs/372d9eeeafa5b15913201e2b92e8e539ac7c64d1?lastModified=1754990257&narHash=sha256-eEq2wlYNF2t89PsNyEv5Sz4lSxdukZCj4SdhZBVAGpI%3D" + }, + "go@1.24.5": { + "last_modified": "2025-07-28T17:09:23Z", + "resolved": "github:NixOS/nixpkgs/648f70160c03151bc2121d179291337ad6bc564b#go", + "source": "devbox-search", + "version": "1.24.5", "systems": { "aarch64-darwin": { - "store_path": "/nix/store/7m99ip3616l3z670y83p34r3plwd4iq1-go-1.19.8" + "outputs": [ + { + "name": "out", + "path": "/nix/store/kw1vd98s15vj700m3gx2x2xca2z477i3-go-1.24.5", + "default": true + } + ], + "store_path": "/nix/store/kw1vd98s15vj700m3gx2x2xca2z477i3-go-1.24.5" }, "aarch64-linux": { - "store_path": "/nix/store/zpaj1y4iwmkk3ci43ab9k10rr9ilpa3a-go-1.19.8" + "outputs": [ + { + "name": "out", + "path": "/nix/store/5bzlaj0c4mqw9p0zrcx5g9vz16vd45dl-go-1.24.5", + "default": true + } + ], + "store_path": "/nix/store/5bzlaj0c4mqw9p0zrcx5g9vz16vd45dl-go-1.24.5" }, "x86_64-darwin": { - "store_path": "/nix/store/m0fkw6wi5m73y78yqmwhd15y0fjfx5vq-go-1.19.8" + "outputs": [ + { + "name": "out", + "path": "/nix/store/b72n20ixzl5ja9vciwahkr30bhmsn5jc-go-1.24.5", + "default": true + } + ], + "store_path": "/nix/store/b72n20ixzl5ja9vciwahkr30bhmsn5jc-go-1.24.5" }, "x86_64-linux": { - "store_path": "/nix/store/r0x0agq0vwn0p6z99vkkvn8l8a8idzsb-go-1.19.8" + "outputs": [ + { + "name": "out", + "path": "/nix/store/y4awwzp30ka130wmjrpaqjmjdf9p010w-go-1.24.5", + "default": true + } + ], + "store_path": "/nix/store/y4awwzp30ka130wmjrpaqjmjdf9p010w-go-1.24.5" } } } diff --git a/examples/development/go/hello-world/go.mod b/examples/development/go/hello-world/go.mod index 927c03d27dc..995513a53e3 100644 --- a/examples/development/go/hello-world/go.mod +++ b/examples/development/go/hello-world/go.mod @@ -1,3 +1,3 @@ module example -go 1.19 +go 1.24.5 diff --git a/examples/development/go/hello-world/main.go b/examples/development/go/hello-world/main.go index a3999032676..55e5a9c38d9 100644 --- a/examples/development/go/hello-world/main.go +++ b/examples/development/go/hello-world/main.go @@ -6,7 +6,7 @@ import ( ) func main() { - expected := "go1.19.8" + expected := "go1.24.5" goVersion := runtime.Version() fmt.Printf("Go version: %s\n", goVersion) if goVersion != expected { diff --git a/flake.lock b/flake.lock index 90c914452b6..081117fe89e 100644 --- a/flake.lock +++ b/flake.lock @@ -20,11 +20,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1744463964, - "narHash": "sha256-LWqduOgLHCFxiTNYi3Uj5Lgz0SR+Xhw3kr/3Xd0GPTM=", + "lastModified": 1754725699, + "narHash": "sha256-iAcj9T/Y+3DBy2J0N+yF9XQQQ8IEb5swLFzs23CdP88=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2631b0b7abcea6e640ce31cd78ea58910d31e650", + "rev": "85dbfc7aaf52ecb755f87e577ddbe6dbbdbc1054", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 70c806db0f9..c73ed710100 100644 --- a/flake.nix +++ b/flake.nix @@ -17,7 +17,7 @@ let pkgs = nixpkgs.legacyPackages.${system}; - lastTag = "0.14.2"; + lastTag = "0.15.1"; revision = if (self ? shortRev) then "${self.shortRev}" else "${self.dirtyShortRev or "dirty"}"; diff --git a/go.mod b/go.mod index 43a47759df7..8f82f54c885 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module go.jetify.com/devbox -go 1.24.0 +go 1.24.5 require ( al.essio.dev/pkg/shellescape v1.5.1 From f2920fdc4d56433b45486b80b051de284dd2ea5f Mon Sep 17 00:00:00 2001 From: Mike Landau Date: Tue, 12 Aug 2025 08:47:11 -0700 Subject: [PATCH 4/4] [nix] Test devbox on latest nix (#2670) ## Summary ## How was it tested? ## Community Contribution License All community contributions in this pull request are licensed to the project maintainers under the terms of the [Apache 2 License](https://www.apache.org/licenses/LICENSE-2.0). By creating this pull request, I represent that I have the right to license the contributions to the project maintainers under the Apache 2 License as stated in the [Community Contribution License](https://github.com/jetify-com/opensource/blob/main/CONTRIBUTING.md#community-contribution-license). --- .github/workflows/cli-tests.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cli-tests.yaml b/.github/workflows/cli-tests.yaml index 89ec99f345f..dfab5ba06a1 100644 --- a/.github/workflows/cli-tests.yaml +++ b/.github/workflows/cli-tests.yaml @@ -135,7 +135,7 @@ jobs: # 1. the oldest supported nix version (which is 2.9.0? But determinate-systems installer has 2.12.0) # 2. nix 2.19.2: version before nix profile changes # 2. latest nix version (note, 2.20.1 introduced a new profile change) - nix-version: ["2.12.0", "2.19.2", "2.20.1"] + nix-version: ["2.12.0", "2.19.2", "2.30.2"] exclude: # Only runs tests on macos if explicitly requested, or on a schedule - os: "${{ (inputs.run-mac-tests || github.event.schedule != '') && 'dummy' || 'macos-13' }}"