fd956c4864
flake.lock: Update
...
Flake lock file updates:
• Updated input 'nixpkgs-test':
'github:RaitoBezarius/nixpkgs/e51bf8cc8e2c75192e930ad83ed272938729e7be' (2022-12-23)
→ 'github:NixOS/nixpkgs/371d3778c4f9cee7d5cf014e6ce400d57366570f' (2023-03-16)
2023-03-20 07:47:21 -04:00
738d986536
flake: update nixpkgs-test
...
The nixpkgs-test input has been moved to the branch from
NixOS/nixpkgs#207039 .
2023-03-20 07:46:24 -04:00
658d753d1c
Properly handle fwupd update capsules
...
Co-Authored-By: Janne Heß <janne@hess.ooo>
2023-03-20 07:46:24 -04:00
bdcada4bc2
Merge pull request #137 from nix-community/renovate/all
...
fix(deps): update all dependencies
2023-03-20 10:34:53 +01:00
9bbbae3168
fix(deps): update all dependencies
2023-03-20 09:25:02 +00:00
a5dcc2cc3f
Merge pull request #138 from nix-community/renovate/lock-file-maintenance
...
chore(deps): lock file maintenance
2023-03-20 10:23:09 +01:00
5a03bb751d
stub: update dependencies
...
Update nightly toolchain and UEFI dependencies. The latest crane
version comes with a bug where it fails to compile UEFI binaries.
2023-03-20 09:51:30 +01:00
dfa6c3db1f
chore(deps): lock file maintenance
2023-03-20 01:57:17 +00:00
73fca9b923
Merge pull request #132 from nix-community/toctou
...
Don't Reload Stub from the File System
2023-03-15 23:57:12 +01:00
7060389698
stub: add safety comment for PE parsing
2023-03-15 21:53:19 +01:00
9c128e9ef6
stub: do not read loaded image again from ESP
...
... because this might not work, if we were not loaded from a file
system. It also removes the issue where we might not load the signed
image that was actually loaded.
Fixes #123
2023-03-15 00:36:50 +01:00
8aad4af5ad
renovate: enable lockfile maintenance
...
This allows Renovate to update Flake dependencies and indirect Rust
dependencies.
2023-03-14 00:31:46 +01:00
73ee9198e7
Merge pull request #130 from nix-community/renovate/all
...
fix(deps): update all dependencies
2023-03-14 00:06:23 +01:00
eed59b4d16
fix(deps): update all dependencies
2023-03-13 00:45:02 +00:00
3efb505a2a
Merge pull request #125 from nix-community/tool-finetune-log-messsages
...
tool: fine tune a few log messages
2023-03-06 10:04:37 +01:00
721b584940
tool: fine tune a few log messages
2023-03-06 00:52:46 +01:00
f590204e8f
Merge pull request #121 from nix-community/tool-configurable-logging
...
tool: init configurable logging
2023-03-05 23:27:11 +01:00
c8522e02b4
Merge pull request #122 from nix-community/renovate/all
...
fix(deps): update all dependencies
2023-02-28 22:20:33 +01:00
a3bff52602
Merge pull request #122 from nix-community/renovate/all
...
fix(deps): update all dependencies
2023-02-27 10:03:37 +01:00
e321ad1626
fix(deps): update all dependencies
2023-02-27 02:01:48 +00:00
a393ac7673
Merge pull request #120 from nix-community/renovate/configure
...
Configure Renovate
2023-02-26 19:56:30 +01:00
342cc80b08
Add renovate.json
2023-02-26 17:18:14 +01:00
9dedcaea15
Merge pull request #118 from nix-community/qs-nonflakes
...
docs: add non-flakes quick start documentation
2023-02-26 00:07:51 +01:00
eab58bda3e
docs: add non-flakes quick start documentation
2023-02-26 00:06:11 +01:00
cf7efb6b93
Merge pull request #119 from nix-community/revert-113-feat/fwupd
...
Revert "Properly handle fwupd update capsules"
2023-02-25 23:28:27 +01:00
754656d500
Revert "Properly handle fwupd update capsules"
2023-02-25 23:27:39 +01:00
9daa941320
Merge pull request #113 from dasJ/feat/fwupd
...
Properly handle fwupd update capsules
2023-02-25 23:01:12 +01:00
29e0aaf934
Merge pull request #117 from nix-community/fix-initrd-secrets-test
...
tests: correctly test appending secret to initrd
2023-02-25 22:52:55 +01:00
ab4e90c331
tests: correctly test appending secret to initrd
...
The way the test was implemented previously did not make it fail if no
secret was appended to the initrd. Now it is implemented similary to the
initrd-secrets test in Nixpkgs and works correctly.
2023-02-25 21:41:38 +01:00
195e29f935
Merge pull request #116 from nix-community/installation-order
...
Make File Installation Order Deterministic
2023-02-25 21:25:23 +01:00
cbccd64c57
tool: make file installation deterministic
...
Due to the use of hash maps, the order of file installation was not
deterministic. I've changed the code the use BTreeMaps instead, which
makes this deterministic. While I was here, I tried to simplify the
code a bit.
2023-02-25 20:42:08 +01:00
a5e283ca44
Merge pull request #112 from nix-community/log
...
Minimalistic Logging Support
2023-02-25 11:20:01 +01:00
46b8a553b9
Merge pull request #115 from nix-community/install-typos
...
tool: fix typos
2023-02-24 01:33:44 +01:00
32950b7708
tool: fix typos
2023-02-24 01:29:15 +01:00
ed1676e544
Merge pull request #109 from nix-community/correctly-update-initrd-secrets
...
tool: correctly update initrd secrets
2023-02-24 01:18:57 +01:00
f4f8c41005
tests: add initrd-secrets-update
...
Add a test for updating the secrets on an existing initrd.
2023-02-24 01:16:52 +01:00
75a19cd818
tool: correctly sort generation links
...
To correctly overwrite existing initrd with newer secrets (from newer
generations), the links need to be sorted from oldest generation to
newest.
2023-02-24 00:32:14 +01:00
3f0669607d
Merge pull request #110 from nix-community/ensure-signed-generations
...
tool: ensure correct up to date files in the ESP
2023-02-24 00:12:02 +01:00
1d21d7bdd8
tool: add install tests
...
Add a few integration tests for installing files, e.g. overwriting
signed and unsigned files.
2023-02-24 00:04:00 +01:00
362205c2ec
tool: check file hashes before copying
...
To minimize writes to the ESP but still find necessary changes, compare
the hashes of the files on the ESP with the "expected" hashes. Only copy
and overwrite already existing files if the hashes don't match. This
ensures a working-as-expected state on the ESP as opposed to previously
where already existing files were just ignored.
2023-02-24 00:04:00 +01:00
06b9cdc69e
tool: move file_hash() to utils module
2023-02-24 00:04:00 +01:00
3a3ad7c40d
tool: write all generation artifacts at once
...
Previously, generations were installed one after another. Now all
artifacts (kernels, initrd etc.) are first collected and then installed.
This way the writes to the ESP are reduced as duplicate paths are
already removed in the collection phase.
2023-02-24 00:04:00 +01:00
048df99975
Properly handle fwupd update capsules
...
Closes #85
2023-02-23 11:38:27 +01:00
de4c62a1bd
stub: lanzatool -> lzbt
2023-02-23 09:32:28 +01:00
90755b789f
stub: use logger instead of printing manually
2023-02-21 01:32:29 +01:00
7bde42f4a8
stub: enable logger in uefi-services
2023-02-21 01:32:29 +01:00
5af69f0d63
Merge pull request #111 from nix-community/uefi-update
...
Update Dependencies of Stub
2023-02-21 01:23:58 +01:00
3a9cd26c5e
stub: update uefi dependency to 0.19.1
2023-02-21 00:50:34 +01:00
697d0d1baa
stub: drop unused ed25519-compact dependency
2023-02-21 00:35:00 +01:00
6924e6ea09
Merge pull request #107 from nix-community/random-names-for-tmpfiles
...
tool: use random names for secure tempfiles
2023-02-21 00:27:50 +01:00
Lily Foster