Hacker Read top | best | new | newcomments | leaders | about | bookmarklet login

Release channels.

If you follow one for nixpkgs, it means that the infrastructure has at least attempted all possible builds. If you're starting to build something, it's likely broken. However, that's usually not the case. https://hydra.nixos.org/jobset/nixos/release-21.05



sort by: page size:

The latest version of something failing to build. Like when the Tor project removes a Tor Browser package from its servers and `tor-browser-bin` hasn't yet been updated in nixpkgs.

That is the 10.0 release announcement. The directory linked here is not-yet-released 10.1.

As always, until the release announcement comes out, the release is not done. Until that time, there's always a possibility the release builds will need to be rebuilt for some reason.


It means it is released [edit: oops, released tomorrow]. The final freeze was earlier this month.

https://fedoraproject.org/wiki/Releases/17/Schedule


Releases is not the proper word here. It should be 'US DoD starts using 11.0.0.0/8'. Nowhere in that thread does it say the subnet is being released back into the generally available pool, just that it's started to be routed.

Sometimes we do releases that fix things that are kinda hard to exploit, or mostly are just hardening existing stuff to make it even better.

Sometimes we do releases because there's a serious exploitable thing in the wild.

This is the latter: it's a DoS vector, and it got out via a posting to a public mailing list. Please do not hold off on upgrading.


Looks like a release candidate.

> At this point we have a set of images that we consider release grade, pending final testing, we will move to release these unless a major blocker is reported.


I don't love that a post from July talked about stabilizing and releasing 2.4 "in the next few weeks", and now it's September with still no release. OTOH, the list of milestone issues is pretty short:

https://github.com/NixOS/nix/issues?q=is%3Aopen+is%3Aissue+m...

I expect the delay is mostly due to all this debate raging about `nix shell` naming and semantics: https://github.com/NixOS/nix/issues/4715


it can't make releases.

We're working on a 4.1.3 release right now.

Yes, the project has had its issues, yes there's been adversity. But we'll fight through it and come out better in the end.


(which seems to be maintained for a year, receiving security patches)

Releases are maintained until one month after the next release. So, 21.05 will be maintained until a month after 21.11 is released.


> 2018-06-06.1

What is the trailing 1? Are you doing multiple releases per day? Is an emergency bug fix release on June 8th 2018-06-08.1 or 2018-06-06.2?


It seems that all of their recent releases are either testing releases ([1] [2]), or bug fix releases relative to testing releases ([3]), or bug fix releases relative to bug fix releases relative to testing releases ([4]).

[1] https://libreboot.org/news/libreboot20210522.html

[2] https://libreboot.org/news/libreboot20221214.html

[3] https://libreboot.org/news/libreboot20211122.html

[4] https://libreboot.org/news/libreboot20220710.html


TFA is a stable channel announcement. Everything in it has been available for a while now, but under the mainline channel. Like a new release of Ubuntu getting Linux 4.4 while Arch and Gentoo are on 4.5 already.

So it means they are waiting for more bug fixes to upload 4.18.x? Then how are some releases uploaded to experimental?

Those may not be final, mirrors resync release files all up to the release day.

They are probably as valid as all snapshots around release day, as long as the signify keys check out fine, but no guarantees for that set to be 100% identical with what ends up being the actual release.


This is defined here: https://github.com/kubernetes/community/blob/b3349d5b1354df8...

Specifically, a supported release is one which will receive patch updates (e.g. for security flaws or other issues).

If you do not use a "supported version", you'll have to scramble to update or backport patches yourself if you're hit by a serious issue that is fixed upstream.


Chrome stable 89.0.4389.90 was released on March 12: https://chromereleases.googleblog.com/2021/03/stable-channel...

Version bump in nixpkgs: https://github.com/NixOS/nixpkgs/commit/5f8b95113983c8f31d63... on March 13 (one day later)

Released in nixos-unstable on Mar 16 11:11:22 UTC (four days later)

Backport to 20.09: https://github.com/NixOS/nixpkgs/commit/26ba8cd77b5a4408799f... on March 13 (one day later)

Released in nixos-20.09 on Mar 16 16:31:31 UTC (four days later)

Again, four days is not great for a Chrome zero-day. NixOS doesn't have a professional security team, and if you need that assurance, maybe you can't use it. But please don't exaggerate and muddy the facts.

Most of the delay is due to hydra having to build everything that came in ahead of that change on the master branch, and sometimes the master branch is just broken.... I wish there was a fast-track process that could bump urgent security changes ahead of other ones, but it seems like it could complicate things a lot.

Of course, as I said above, it's relatively easy for you to update your local install without waiting for all that, if you're aware of the release and its severity.


The "Attaching Perf" section shows that "./target/release/day-5" was being launched, which is the release binary.

s/Most/All/. I've never heard of a release candidate meaning anything else, it's something you'll release as-is with a non-rc version unless critical bugs emerge. This is a beta, not a RC.

Still a little odd for a release announcement. It feels disingenuous to only afterwards make the fine-grained distinction that yes the libraries are technically v1, but the tooling is still in preview.

Kinda like announcing your new line of cars is ready for purchase today! Except that down in the fine print you might find out that the engine is ready to go, but the steering wheel, headlights, dashboard, and pedals are all still in development and so it's justifiable that they're broken.

next

Legal | privacy