Conversation
cd5bd67 to
65d850d
Compare
|
Spoke too soon about the |
Ruby 3.1 has been EOL since March.
Ruby 3.2 will go EOL during the Nixpkgs 25.11 release cycle.
65d850d to
2f42412
Compare
|
No idea why |
LeSuisse
left a comment
There was a problem hiding this comment.
The changes look good. Thanks for the tags on macvim.
nixpkgs-review result
Generated using nixpkgs-review.
Command: nixpkgs-review pr 451385
Commit: 2f42412f783baad067a4f51b160f4b7b190c5057
x86_64-linux
⏩ 1 package marked as broken and skipped:
- tests.pkg-config.defaultPkgConfigPackages.tests-combined
⏩ 2 packages blacklisted:
- nixos-install-tools
- tests.nixos-functions.nixos-test
✅ 4 packages built:
- nixpkgs-manual
- sonic-pi
- tree-from-tags
- unit
| knownVulnerabilities = [ | ||
| "CVE-2023-46246" | ||
| "CVE-2023-48231" | ||
| "CVE-2023-48232" | ||
| "CVE-2023-48233" | ||
| "CVE-2023-48234" | ||
| "CVE-2023-48235" | ||
| "CVE-2023-48236" | ||
| "CVE-2023-48237" | ||
| "CVE-2023-48706" | ||
| "CVE-2023-5344" | ||
| "CVE-2023-5441" | ||
| "CVE-2023-5535" | ||
| "CVE-2024-22667" | ||
| "CVE-2024-41957" | ||
| "CVE-2024-41965" | ||
| "CVE-2024-43374" | ||
| "CVE-2024-47814" | ||
| "CVE-2025-1215" | ||
| "CVE-2025-22134" | ||
| "CVE-2025-24014" | ||
| "CVE-2025-26603" | ||
| "CVE-2025-29768" | ||
| "CVE-2025-53905" | ||
| "CVE-2025-53906" |
There was a problem hiding this comment.
Where did this list come from? Everything up to CVE-2024-22667 is about Vim 9.0.x versions, and MacVim r179 is Vim 9.1. The ones starting with CVE-2024-41957 are presumably valid, since that one is about Vim 9.1.x.
There was a problem hiding this comment.
It’s from https://nvd.nist.gov/vuln/search#/nvd/home?cpeFilterMode=cpe&cpeName=cpe:2.3:a:vim:vim:9.0.1897:*:*:*:*:*:*:*&resultType=records; I think I mixed up the base Vim version with the previous one. The correct list is presumably https://nvd.nist.gov/vuln/search#/nvd/home?cpeFilterMode=cpe&cpeName=cpe:2.3:a:vim:vim:9.1.0000:*:*:*:*:*:*:*&resultType=records, which matches CVE-2024-41957 as the starting point. Sorry about that. Fix is #454720.
There was a problem hiding this comment.
CPE are always a pleasure to work with 😩
3.1 is already EOL, 3.2 will go EOL during 25.11.
Things done
sonic-pi)tree-from-tags)passthru.tests.nixpkgs-reviewon this PR. See nixpkgs-review usage../result/bin/.Add a 👍 reaction to pull requests you find important.