This week the Nix Community saw a brand new rewrite of Devenv for its 1.0 release and a series of videos and a blog post about how to manage secrets with NixOS.

@domenkozar stole the show with the announcement of Devenv 1.0. This release has moved Devenv from Python to Rust to take advantage of much of the tooling created for Tvix and a host of other improvements enabled by rebuilding things in Rust. Devenv 1.0 is not entirely backwards compatible so it is advised to read the migration guide if you are using a previous version.

@EmergentMind has created a series of videos and a blog post explaining how to handle NixOS Secrets Management. These materials go into detail, explaining how Sops and nix-sops work and can be integrated into your configuration.

New packages added this week:

• @azuwis: added blueutil: Pull Request
• @NyCodeGHG: added appium-inspector: Pull Request
• @fgaz: added apng2gif, gif2apng, and apngopt: Pull Request
• @max-niederman: added photonvision: Pull Request
• @lorenz: added tinymembench: Pull Request
• @PierreBeucher: added novops: Pull Request
• @flokli: added cbtemulator: Pull Request
• @imadnyc: added plasticity: Pull Request
• @doronbehar: added vim-language-server: Pull Request
• @soispha: added redlib: Pull Request
• @mkg20001: added cert-viewer: Pull Request
• @xokdvium: added ch341eeprom: Pull Request
• @jonboh: added opcua-commander: Pull Request
• @zebreus: added zebreus: Pull Request
• @elpdt852: added nix-snapshotter: Pull Request

New modules added this week:

• @diogotcorreia: added dnsproxy: Pull Request
• max-niederman: added photonvision: Pull Request
• @NyCodeGHG: added prometheus-fritz-exporter Pull Request

Security fixes this week:

• @risicle: added patches for wolfssl to fix CVE-2024-0901 and CVE-2024-1545: Pull Request
• @xworld21: updated texlive to fix CVE-2024-25262 Pull Request
• @LeSuisse: updated smarty3 to fix CVE-2018-25047, CVE-2022-29221 and CVE-2023-28447: Pull Request
• @LeSuisse: updated varnish60 to fix CVE-2023-44487: Pull Request
• @mweinelt: updated spidermonkey_115 to fix CVE-2024-29943 and CVE-2024-29944: Pull Request
• @ifurther: updated teamviewer to fix CVE-2023-38545: Pull Request
• @LeSuisse: updated zookeeper to fix CVE-2024-23944: Pull Request
• @felschr: updated tor-browser and mullvad-browser to fix CVE-2024-29944: Pull Request