chore: Upgrade nix dependencies #8328

cdecker · 2025-06-07T08:48:31Z

flake: Address two small warnings about outdated versions

Changelog-None

cdecker · 2025-06-07T09:15:54Z

Paging our resident nix expert @nepet to help out address the nix flake check failure. It is complaining about a vulnerable ring version being used:

Crate:     ring
Version:   0.17.8
Title:     Some AES functions may panic when overflow checking is enabled.
Date:      2025-03-06
ID:        RUSTSEC-2025-0009
URL:       https://rustsec.org/advisories/RUSTSEC-2025-0009
Solution:  Upgrade to >=0.17.12
Dependency tree:
ring 0.17.8
├── x509-parser 0.16.0
│   └── rcgen 0.13.2
│       ├── clnrest 0.2.0
│       └── cln-grpc-plugin 0.4.0
├── sct 0.7.1
│   └── rustls 0.21.12
│       ├── tokio-rustls 0.24.1
│       │   └── axum-server 0.6.0
│       │       └── clnrest 0.2.0
│       └── axum-server 0.6.0
├── rustls-webpki 0.102.8
│   └── rustls 0.22.4
│       └── tokio-rustls 0.25.0
│           └── tonic 0.11.0
│               ├── cln-grpc-plugin 0.4.0
│               └── cln-grpc 0.4.1
│                   ├── cln-plugin 0.4.0
│                   │   ├── clnrest 0.2.0
│                   │   ├── cln-lsps 0.1.0
│                   │   └── cln-grpc-plugin 0.4.0
│                   └── cln-grpc-plugin 0.4.0
├── rustls-webpki 0.101.7
│   └── rustls 0.21.12
├── rustls 0.22.4
├── rustls 0.21.12
└── rcgen 0.13.2

Do you know how to pin an older, non-vulnerable, version?

flake: Address two small warnings about outdated versions

6960e6d

cdecker force-pushed the 202506-nix-upgrade branch from 115ca95 to 6960e6d Compare June 7, 2025 08:48

cdecker changed the title ~~202506 nix upgrade~~ chore: Upgrade nix dependencies Jun 7, 2025

cdecker requested a review from nepet June 7, 2025 09:14

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore: Upgrade nix dependencies #8328

chore: Upgrade nix dependencies #8328

Uh oh!

cdecker commented Jun 7, 2025 •

edited

Loading

Uh oh!

cdecker commented Jun 7, 2025

Uh oh!

Uh oh!

chore: Upgrade nix dependencies #8328

Are you sure you want to change the base?

chore: Upgrade nix dependencies #8328

Uh oh!

Conversation

cdecker commented Jun 7, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

cdecker commented Jun 7, 2025

Uh oh!

Uh oh!

cdecker commented Jun 7, 2025 •

edited

Loading