Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug: Git config pulls in gnupg without signing config on stateVersion < 24.11 #6630

Open
2 tasks done
olmokramer opened this issue Mar 14, 2025 · 2 comments
Open
2 tasks done

bug: Git config pulls in gnupg without signing config on stateVersion < 24.11 #6630

olmokramer opened this issue Mar 14, 2025 · 2 comments
Assignees
@rycee @sumnerevans @berbiche
Labels
bug triage Issues or feature request that have not been triaged yet

Comments

@olmokramer
Copy link
Contributor

olmokramer commented Mar 14, 2025
edited
Loading

Are you following the right branch?

  • My Nixpkgs and Home Manager versions are in sync

Is there an existing issue for this?

  • I have searched the existing issues

Issue description

After the changes in #5516 and #6478 my XDG_CONFIG_HOME/git/config started depending on the gnupg package on stateVersion = 24.05, even though I do not set anything in programs.git.signing. The problem is this check:

home-manager/modules/programs/git.nix

Line 517 in 6f71acf

(mkIf (cfg.signing != { }) {

The signing attrset is never empty, and because stateVersion < 24.11 the default value for signing.format is openpgp, which sets iniContent.gpg.openpgp.program = pkgs.gnupg.

I'm willing to write a PR to fix this, but I'm not sure how to proceed here, because we don't have a clear way of checking whether any value in programs.git.signing was actually set by the user. So to properly fix this I see two options: either go back to using a submodule for programs.git.signing, or add a programs.git.signing.enable option.

Maintainer CC

@rycee @khaneliman

Also pinging @Prince213 as author of #5516

System information

$ nix-shell -p nix-info --run "nix-info -m"
 - system: `"x86_64-linux"`
 - host os: `Linux 6.12.5, NixOS, 25.05 (Warbler), 25.05.20250227.6313551`
 - multi-user?: `yes`
 - sandbox: `yes`
 - version: `nix-env (Nix) 2.24.12`
 - nixpkgs: `/nix/store/mipgp0fr3zlcihi4x7xb67v47yfxwcwh-source`
@olmokramer olmokramer added bug triage Issues or feature request that have not been triaged yet labels Mar 14, 2025
@khaneliman
Copy link
Collaborator

khaneliman commented Mar 14, 2025
edited
Loading

I'm willing to write a PR to fix this, but I'm not sure how to proceed here, because we don't have a clear way of checking whether any value in programs.git.signing was actually set by the user.

Can check if the option is the default priority like I did with a recent home-cursor change. When a user sets an option, it will have a different priority.

home-manager/modules/config/home-cursor.nix

Line 242 in 4e12151

'') ++ (optional (opts.highestPrio != (lib.mkOptionDefault { }).priority

@olmokramer
Copy link
Contributor Author

That doesn't work in this case, because options.programs.git.signing is a simple attrset containing some options, not a lib.mkOption { type = lib.types.submodule; }.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rycee rycee

@sumnerevans sumnerevans

@berbiche berbiche

Labels
bug triage Issues or feature request that have not been triaged yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@rycee @khaneliman @olmokramer @sumnerevans @berbiche