From cb1e7d8d35bc39709315c055f691df6d0e100e83 Mon Sep 17 00:00:00 2001 From: Floatpane Bot Date: Thu, 14 May 2026 01:37:11 +0400 Subject: [PATCH] chore(deps): cachix/install-nix-action ^ v31.10.6 (#1285) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ## What? This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [cachix/install-nix-action](https://redirect.github.com/cachix/install-nix-action) | action | major | `v30` → `v31` | --- ### Release Notes
cachix/install-nix-action (cachix/install-nix-action) ### [`v31.10.6`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.10.6) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.10.5...v31.10.6) #### What's Changed - nix: 2.34.6 -> 2.34.7 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​275](https://redirect.github.com/cachix/install-nix-action/pull/275) **[GHSA-vh5x-56v6-4368](https://redirect.github.com/NixOS/nix/security/advisories/GHSA-vh5x-56v6-4368)**: Fixes a coroutine stack-to-heap overflow via unbounded recursion in the NAR directory parser. **Severity: High.** **[GHSA-gr92-w2r5-qw5p](https://redirect.github.com/NixOS/nix/security/advisories/GHSA-gr92-w2r5-qw5p)**: Fixes an absolute path traversal vulnerability when unpacking archives to disk. Severity: Moderate. **Full Changelog**: ### [`v31.10.5`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.10.5) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.10.4...v31.10.5) #### What's Changed - nix: 2.34.5 -> 2.34.6 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​274](https://redirect.github.com/cachix/install-nix-action/pull/274) **Full Changelog**: ### [`v31.10.4`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.10.4) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.10.3...v31.10.4) #### What's Changed - nix: 2.34.4 -> 2.34.5 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​273](https://redirect.github.com/cachix/install-nix-action/pull/273) **\[SECURITY]** Fixes a root privilege escalation vulnerability via sandbox escape **Full Changelog**: ### [`v31.10.3`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.10.3) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.10.2...v31.10.3) #### What's Changed - nix: 2.34.2 -> 2.34.4 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​271](https://redirect.github.com/cachix/install-nix-action/pull/271) **Full Changelog**: ### [`v31.10.2`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.10.2) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.10.1...v31.10.2) #### What's Changed - nix: 2.34.1 -> 2.34.2 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​270](https://redirect.github.com/cachix/install-nix-action/pull/270) **Full Changelog**: ### [`v31.10.1`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.10.1) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.10.0...v31.10.1) #### What's Changed - nix: 2.34.0 -> 2.34.1 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​269](https://redirect.github.com/cachix/install-nix-action/pull/269) Fixes a bug introduced in 2.34.0 that made the Nix daemon fail to load authentication keys configured by `cachix-action`. **Full Changelog**: ### [`v31.10.0`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.10.0) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.9.1...v31.10.0) #### What's Changed - nix: 2.33.3 -> 2.34.0 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​267](https://redirect.github.com/cachix/install-nix-action/pull/267) Release notes: ⚠️ Nix 2.34.0 contains a regression that, under certain scenarios (a `trusted-user` + a client-side `netrc-file`), breaks authentication with private caches that rely on `netrc` files. This regression affects `cachix/cachix-action`. **UPD: 2.34.1 has been released with a patch for the authentication issue** **Full Changelog**: ### [`v31.9.1`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.9.1) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.9.0...v31.9.1) #### What's Changed - nix: 2.33.0 -> 2.33.3 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​266](https://redirect.github.com/cachix/install-nix-action/pull/266) **Full Changelog**: ### [`v31.9.0`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.9.0) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.8.4...v31.9.0) #### What's Changed - nix: 2.32.4 -> 2.33.0 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​264](https://redirect.github.com/cachix/install-nix-action/pull/264) - chore(deps): bump peter-evans/create-pull-request from 7 to 8 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​263](https://redirect.github.com/cachix/install-nix-action/pull/263) - chore(deps): bump actions/checkout from 5 to 6 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​262](https://redirect.github.com/cachix/install-nix-action/pull/262) **Full Changelog**: ### [`v31.8.4`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.8.4) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.8.3...v31.8.4) #### What's Changed - nix: 2.32.3 -> 2.32.4 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​261](https://redirect.github.com/cachix/install-nix-action/pull/261) **Full Changelog**: ### [`v31.8.3`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.8.3) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.8.2...v31.8.3) #### What's Changed - nix: 2.32.2 -> 2.32.3 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​260](https://redirect.github.com/cachix/install-nix-action/pull/260) **Full Changelog**: ### [`v31.8.2`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.8.2) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.8.1...v31.8.2) #### What's Changed - nix: 2.32.1 -> 2.32.2 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​259](https://redirect.github.com/cachix/install-nix-action/pull/259) **Full Changelog**: ### [`v31.8.1`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.8.1) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.8.0...v31.8.1) #### What's Changed - nix: 2.32.0 -> 2.32.1 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​258](https://redirect.github.com/cachix/install-nix-action/pull/258) **Full Changelog**: ### [`v31.8.0`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.8.0) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.7.0...v31.8.0) #### What's Changed - nix: 2.31.2 -> 2.32.0 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​257](https://redirect.github.com/cachix/install-nix-action/pull/257) Release notes: **Full Changelog**: ### [`v31.7.0`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.7.0) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.6.2...v31.7.0) #### What's Changed - feat: set up the environment based on the installer shell scripts by [@​sandydoo](https://redirect.github.com/sandydoo) in [#​251](https://redirect.github.com/cachix/install-nix-action/pull/251) Configures the following environment variables: - `NIX_PROFILES` - `NIX_SSL_CERT_FILE` (if not set) Adds the bin directory from the user's profile to `$PATH`. **Full Changelog**: ### [`v31.6.2`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.6.2) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.6.1...v31.6.2) #### What's Changed - nix: 2.31.1 -> 2.31.2 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​256](https://redirect.github.com/cachix/install-nix-action/pull/256) **Full Changelog**: ### [`v31.6.1`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.6.1) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.6.0...v31.6.1) #### What's Changed - ci: adjust oldest supported installer for macos-15 by [@​sandydoo](https://redirect.github.com/sandydoo) in [#​252](https://redirect.github.com/cachix/install-nix-action/pull/252) - nix: 2.31.0 -> 2.31.1 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​253](https://redirect.github.com/cachix/install-nix-action/pull/253) **Full Changelog**: ### [`v31.6.0`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.6.0) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.5.2...v31.6.0) #### What's Changed - chore(deps): bump actions/checkout from 4 to 5 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​249](https://redirect.github.com/cachix/install-nix-action/pull/249) - docs: add example for `nix develop` by [@​jennydaman](https://redirect.github.com/jennydaman) in [#​248](https://redirect.github.com/cachix/install-nix-action/pull/248) - nix: 2.30.2 -> 2.31.0 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​250](https://redirect.github.com/cachix/install-nix-action/pull/250) Release notes: #### New Contributors - [@​jennydaman](https://redirect.github.com/jennydaman) made their first contribution in [#​248](https://redirect.github.com/cachix/install-nix-action/pull/248) **Full Changelog**: ### [`v31.5.2`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.5.2) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.5.1...v31.5.2) #### What's Changed - nix: 2.30.1 -> 2.30.2 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​246](https://redirect.github.com/cachix/install-nix-action/pull/246) **Full Changelog**: ### [`v31.5.1`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.5.1) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.5.0...v31.5.1) #### What's Changed - nix: 2.30.0 -> 2.30.1 by [@​xokdvium](https://redirect.github.com/xokdvium) in [#​245](https://redirect.github.com/cachix/install-nix-action/pull/245) **\[SECURITY]** Builds with Nix 2.30.0 on macOS were executed with elevated privileges (root), instead of the build users. #### New Contributors - [@​xokdvium](https://redirect.github.com/xokdvium) made their first contribution in [#​245](https://redirect.github.com/cachix/install-nix-action/pull/245) **Full Changelog**: ### [`v31.5.0`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.5.0) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.4.1...v31.5.0) #### What's Changed - nix: 2.29.1 -> 2.30.0 by [@​github-actions](https://redirect.github.com/github-actions) in [#​244](https://redirect.github.com/cachix/install-nix-action/pull/244) Release notes: **Full Changelog**: ### [`v31.4.1`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.4.1) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.4.0...v31.4.1) #### What's Changed - nix: 2.29.0 -> 2.29.1 by [@​github-actions](https://redirect.github.com/github-actions) in [#​243](https://redirect.github.com/cachix/install-nix-action/pull/243) **\[SECURITY]** #### New Contributors - [@​github-actions](https://redirect.github.com/github-actions) made their first contribution in [#​243](https://redirect.github.com/cachix/install-nix-action/pull/243) **Full Changelog**: ### [`v31.4.0`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.4.0) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.3.0...v31.4.0) #### What's Changed - nix: 2.28.3 -> 2.29.0 by [@​Mic92](https://redirect.github.com/Mic92) in [#​239](https://redirect.github.com/cachix/install-nix-action/pull/239) Release notes: - Automate nix updates in CI by [@​Mic92](https://redirect.github.com/Mic92) in [#​241](https://redirect.github.com/cachix/install-nix-action/pull/241) **Full Changelog**: ### [`v31.3.0`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.3.0) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.2.0...v31.3.0) #### What's Changed - feat: Pin actions to hashes by [@​l0b0](https://redirect.github.com/l0b0) in [#​201](https://redirect.github.com/cachix/install-nix-action/pull/201) - chore(deps): bump actions/checkout from 4.1.1 to 4.2.2 by [@​dependabot](https://redirect.github.com/dependabot) in [#​234](https://redirect.github.com/cachix/install-nix-action/pull/234) - docs: document how to provide AWS credentials to the nix-daemon by [@​sandydoo](https://redirect.github.com/sandydoo) in [#​235](https://redirect.github.com/cachix/install-nix-action/pull/235) - nix: 2.28.2 -> 2.28.3 by [@​Mic92](https://redirect.github.com/Mic92) in [#​236](https://redirect.github.com/cachix/install-nix-action/pull/236) **Full Changelog**: ### [`v31.2.0`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.2.0) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31.1.0...v31.2.0) #### What's Changed - nix: 2.26.3 -> 2.28.2 by [@​Mic92](https://redirect.github.com/Mic92) in [#​232](https://redirect.github.com/cachix/install-nix-action/pull/232) **Full Changelog**: ### [`v31.1.0`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.1.0) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31...v31.1.0) #### What's Changed - Remove deprecated `--darwin-use-unencrypted-nix-store-volume` flag by [@​sandydoo](https://redirect.github.com/sandydoo) in [#​230](https://redirect.github.com/cachix/install-nix-action/pull/230) - action: add option to configure updating trusted users by [@​Enzime](https://redirect.github.com/Enzime) in [#​231](https://redirect.github.com/cachix/install-nix-action/pull/231) **Full Changelog**: ### [`v31.0.0`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31.0.0) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v31...v31) #### What's Changed - nix: 2.24.9 -> 2.25.2 by [@​Mic92](https://redirect.github.com/Mic92) in [#​218](https://redirect.github.com/cachix/install-nix-action/pull/218) - ci: fix latest installer tests by [@​sandydoo](https://redirect.github.com/sandydoo) in [#​220](https://redirect.github.com/cachix/install-nix-action/pull/220) - GitHub test.yml: add ubuntu-24.04-arm to matrix by [@​msgilligan](https://redirect.github.com/msgilligan) in [#​221](https://redirect.github.com/cachix/install-nix-action/pull/221) - nix: 2.25.2 -> 2.26.2 by [@​Mic92](https://redirect.github.com/Mic92) in [#​226](https://redirect.github.com/cachix/install-nix-action/pull/226) - nix: 2.26.2 -> 2.26.3 by [@​sandydoo](https://redirect.github.com/sandydoo) in [#​228](https://redirect.github.com/cachix/install-nix-action/pull/228) #### New Contributors - [@​msgilligan](https://redirect.github.com/msgilligan) made their first contribution in [#​221](https://redirect.github.com/cachix/install-nix-action/pull/221) **Full Changelog**: ### [`v31`](https://redirect.github.com/cachix/install-nix-action/releases/tag/v31) [Compare Source](https://redirect.github.com/cachix/install-nix-action/compare/v30...v31) Starting with v31, this action will use semantic versioning for releases. Major tags, like v31, will be bumped to point to the latest minor/patch release. This is in line with how most GitHub actions manage releases. #### What's Changed - nix: 2.26.3 -> 2.28.2 by [@​Mic92](https://redirect.github.com/Mic92) in [#​232](https://redirect.github.com/cachix/install-nix-action/pull/232) - nix: 2.24.9 -> 2.25.2 by [@​Mic92](https://redirect.github.com/Mic92) in [#​218](https://redirect.github.com/cachix/install-nix-action/pull/218) - ci: fix latest installer tests by [@​sandydoo](https://redirect.github.com/sandydoo) in [#​220](https://redirect.github.com/cachix/install-nix-action/pull/220) - ci: add ubuntu-24.04-arm to matrix by [@​msgilligan](https://redirect.github.com/msgilligan) in [#​221](https://redirect.github.com/cachix/install-nix-action/pull/221) - nix: 2.25.2 -> 2.26.2 by [@​Mic92](https://redirect.github.com/Mic92) in [#​226](https://redirect.github.com/cachix/install-nix-action/pull/226) - nix: 2.26.2 -> 2.26.3 by [@​sandydoo](https://redirect.github.com/sandydoo) in [#​228](https://redirect.github.com/cachix/install-nix-action/pull/228) - feat: Pin actions to hashes by [@​l0b0](https://redirect.github.com/l0b0) in [#​201](https://redirect.github.com/cachix/install-nix-action/pull/201) - chore(deps): bump actions/checkout from 4.1.1 to 4.2.2 by [@​dependabot](https://redirect.github.com/dependabot) in [#​234](https://redirect.github.com/cachix/install-nix-action/pull/234) - docs: document how to provide AWS credentials to the nix-daemon by [@​sandydoo](https://redirect.github.com/sandydoo) in [#​235](https://redirect.github.com/cachix/install-nix-action/pull/235) - nix: 2.28.2 -> 2.28.3 by [@​Mic92](https://redirect.github.com/Mic92) in [#​236](https://redirect.github.com/cachix/install-nix-action/pull/236) - nix: 2.28.3 -> 2.29.0 by [@​Mic92](https://redirect.github.com/Mic92) in [#​239](https://redirect.github.com/cachix/install-nix-action/pull/239) Release notes: - Automate nix updates in CI by [@​Mic92](https://redirect.github.com/Mic92) in [#​241](https://redirect.github.com/cachix/install-nix-action/pull/241) - nix: 2.29.0 -> 2.29.1 by [@​github-actions](https://redirect.github.com/github-actions) in [#​243](https://redirect.github.com/cachix/install-nix-action/pull/243) **\[SECURITY]** - nix: 2.29.1 -> 2.30.0 by [@​github-actions](https://redirect.github.com/github-actions) in [#​244](https://redirect.github.com/cachix/install-nix-action/pull/244) Release notes: - nix: 2.30.0 -> 2.30.1 by [@​xokdvium](https://redirect.github.com/xokdvium) in [#​245](https://redirect.github.com/cachix/install-nix-action/pull/245) **\[SECURITY]** Builds with Nix 2.30.0 on macOS were executed with elevated privileges (root), instead of the build users. - docs: add example for `nix develop` by [@​jennydaman](https://redirect.github.com/jennydaman) in [#​248](https://redirect.github.com/cachix/install-nix-action/pull/248) - nix: 2.30.2 -> 2.31.0 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​250](https://redirect.github.com/cachix/install-nix-action/pull/250) Release notes: - nix: 2.31.0 -> 2.31.1 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​253](https://redirect.github.com/cachix/install-nix-action/pull/253) - nix: 2.31.1 -> 2.31.2 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​256](https://redirect.github.com/cachix/install-nix-action/pull/256) - feat: set up the environment based on the installer shell scripts by [@​sandydoo](https://redirect.github.com/sandydoo) in [#​251](https://redirect.github.com/cachix/install-nix-action/pull/251) Adds the bin directory from the user's profile to `$PATH`. Configures the following environment variables: - `NIX_PROFILES` - `NIX_SSL_CERT_FILE` (if not set) - nix: 2.31.2 -> 2.32.0 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​257](https://redirect.github.com/cachix/install-nix-action/pull/257) Release notes: - nix: 2.32.0 -> 2.32.1 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​258](https://redirect.github.com/cachix/install-nix-action/pull/258) - nix: 2.32.1 -> 2.32.2 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​259](https://redirect.github.com/cachix/install-nix-action/pull/259) - nix: 2.32.2 -> 2.32.3 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​260](https://redirect.github.com/cachix/install-nix-action/pull/260) - nix: 2.32.3 -> 2.32.4 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​261](https://redirect.github.com/cachix/install-nix-action/pull/261) - nix: 2.32.4 -> 2.33.0 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​264](https://redirect.github.com/cachix/install-nix-action/pull/264) - nix: 2.33.0 -> 2.33.3 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​266](https://redirect.github.com/cachix/install-nix-action/pull/266) - ~~nix: 2.33.3 -> 2.34.0 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​267](https://redirect.github.com/cachix/install-nix-action/pull/267) Release notes: ~~ **Rolled back due to reports of issues with cachix-action** - nix: 2.34.0 -> 2.34.1 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​269](https://redirect.github.com/cachix/install-nix-action/pull/269) Fixes a bug introduced in 2.34.0 that made the Nix daemon fail to load authentication keys configured by `cachix-action`. - nix: 2.34.1 -> 2.34.2 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​270](https://redirect.github.com/cachix/install-nix-action/pull/270) - nix: 2.34.2 -> 2.34.4 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​271](https://redirect.github.com/cachix/install-nix-action/pull/271) - nix: 2.34.4 -> 2.34.5 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​273](https://redirect.github.com/cachix/install-nix-action/pull/273) **[CVE-2026-39860](https://redirect.github.com/NixOS/nix/security/advisories/GHSA-g3g9-5vj6-r3gj)** Fixes a root privilege escalation vulnerability via sandbox escape. **Severity: Critical.** - nix: 2.34.5 -> 2.34.6 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​274](https://redirect.github.com/cachix/install-nix-action/pull/274) - nix: 2.34.6 -> 2.34.7 by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​275](https://redirect.github.com/cachix/install-nix-action/pull/275) **[GHSA-vh5x-56v6-4368](https://redirect.github.com/NixOS/nix/security/advisories/GHSA-vh5x-56v6-4368)**: Fixes a coroutine stack-to-heap overflow via unbounded recursion in the NAR directory parser. **Severity: High.** **[GHSA-gr92-w2r5-qw5p](https://redirect.github.com/NixOS/nix/security/advisories/GHSA-gr92-w2r5-qw5p)**: Fixes an absolute path traversal vulnerability when unpacking archives to disk. Severity: Moderate. **Full Changelog**:
## Why? Automated dependency update via Renovate. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). --- .github/workflows/nixpkgs-bump.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nixpkgs-bump.yml b/.github/workflows/nixpkgs-bump.yml index 3ef38d7fdacd53e1d741cbc75cb3b875b62504d8..cdfc128c462ce4aa76dd165d7dd633546721b77a 100644 --- a/.github/workflows/nixpkgs-bump.yml +++ b/.github/workflows/nixpkgs-bump.yml @@ -44,7 +44,7 @@ jobs: - name: Install Nix if: steps.ver.outputs.skip != 'true' - uses: cachix/install-nix-action@v30 + uses: cachix/install-nix-action@v31 with: extra_nix_config: | experimental-features = nix-command flakes