New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[19.09] gitea: 1.9.6 -> 1.10.1 #73741
Conversation
(cherry picked from commit 8d5a0e1)
@GrahamcOfBorg test gitea |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
gitea 1.9.6 -> 1.10.0 introduces breaking changes: https://github.com/go-gitea/gitea/releases/tag/v1.10.0
Does NixOS's stable track offer any guarantees on not introducing breaking changes?
@tomfitzhenry Yes... This is quite hard because since 1.10 is out 1.9 is now unmaintained. And if any security related problems are found in 1.9.x, gitea won't release a 1.9.x-series release to address this. They just expect people to upgrade to latest instead. The reasoning gitea has for this is that it's a small community project that doesn't have the resources to maintain LTS releases. And most of nixpkgs is maintained by contributors that don't get paid either, so we don't really have the resources to do backports of patches to address certain issues. During the 19.03 cycle we did a backport of 1.7->1.8 or something like that. Something broke with locales because it was only copied on the first start. But that has been fixed in the service. But sure, other things can show up. I'm on the fence on this. But the maintainer requested a backport so I made a backport PR for @kolaente to review at least. |
I really wish @tomfitzhenry if you're behind a private network and have a trusted set of users you could make use of https://nixos.org/nixos/options.html#services.gitea.package @etu maybe we should consider mentioning something about no LTS in the options documentation. |
@aanderse You're right, we should advertise this more. I'll talk with the other maintainers about the option of at least supporting the last release with security fixes. We had some of that discussion in the past, and decided to not release an LTS version because of the reasons mentioned by @etu. Another (workaround) option would be to not merge this until there is a security issue with 1.9.6 and then merge this. That way, we would keep breaking changes as long as possible from entering 19.09. |
Where exactly is the problem with updating to version 1.10? Standstill means simply postponing the effort until later. At some point you have to do it anyway. Who guarantees a quick fix to the old version? If a bug in the current version is no longer present but in the old version it is, who controls this? Maybe bugs have been fixed, which were not made public? Not doing updates is not a good option in my eyes. |
If you choose a stable release, then you expect something that keeps working and potentially has fixes over time for issues you've accepted from the beginning on. A release that changes behavior in its interface is thus from a stable point of view a regression (hence the minor version increase). That outweighs fixes for issues you've accepted from the beginning on. |
So, what should we do here? I would propose to get 1.10 into stable for all the reasons discussed before. Meanwhile, there is a Bugfix release 1.10.1: #75066 |
Generally I agree with @FRidh but if upstream isn't supporting a their old code I think they need to advertise that better... and we can then too. I see I haven't convinced the team at work to ditch |
We currently also bump gitlab versions on 19.09 the same as we do on master (mostly due to lack of manpower, even though gitlab provides stable releases), so I assume it's even more fine to do with gitea as well, if they don't even provide stable releases. |
(cherry picked from commit c2682a0)
@flokli No problem and done! :) @GrahamcOfBorg test gitea |
I still don't see an actual need to upgrade the package. Are there any security fixes that necessitate an upgrade? As far as I can tell not. Anyone that wants the unstable version can easily import a newer nixpkgs and set |
Regarding gitlab updates on stable #74978 |
@FRidh a bit off-topic, but the linked issue was a bug causing nix store paths to be persisted in state files. I don't really see how this is an argument in favor or against update policies - it was broken all the time, and a NixOS specific patch was added to make these entries more stable for all newly inserted entries. It didn't have anything to do with the GitLab version that was used - it did break every time store paths were garbage collected, and entries referred to an old version of gitlab-shell. Regarding gitea: I agree if there are no imminent security issues with the current gitea version in stable, it could stay at that version - as you described, people could always pull in things from unstable by passing a custom However, I also wouldn't strongly advocate against the maintainers of the gitea package to decide to just keep it in sync with master (There were some security issues without CVEs issued in gitea in the past). I'd leave that decision to them. I wouldn't assume |
What happens if NixOS 20.03 wants to update from Gitea 1.9.6 to a future version 1.1X.Y? Who guarantees that this will work? |
Current Between NixOS releases we reserve the right to make (and document) breaking changes, especially if upstream forces our hand. Does this adequately answer your question? |
Assuming with release NixOS |
@foxit64 I thought the following statement from earlier in this thread would make the situation very clear:
So the answer is no, an upgrade from NixOS |
At least to my understanding Gitea's use breaking changes might be a bit different from what has been asked here: The release notes don't say anything so we can either assume that implying everything's fine, or taking that as something to check before the next release. |
Even that should usually work, it's just not tested and midght break something. But each version has all migrations for all past versions included. |
Uff, this should be made sure to work in any case - you can't really control when people do upgrade gitea, and whether they do incremental upgrades or just bump to the latest version, especially if they use the package(s) provided by their distro. |
@flokli We could add a test for that case, but from my experience it usually works and the only cases where it does not are edge cases and only affect a minority of users. |
Motivation for this change
(cherry picked from commit 8d5a0e1)
Follow up on #73415 and #73416.
Backport by request from maintainer @kolaente.
Things done
sandbox
innix.conf
on non-NixOS linux)nix-shell -p nix-review --run "nix-review wip"
./result/bin/
)nix path-info -S
before and after)Notify maintainers
cc @