From 85ceb3d6b1d4c3bab292f262f9eb772849ea838a Mon Sep 17 00:00:00 2001
From: Raito Bezarius <masterancpp@gmail.com>
Date: Sat, 20 May 2023 15:47:48 +0200
Subject: [PATCH] pkgs/top-level/release: allow nodejs 16 and openssl 1.1 to be
 cached on Hydra temporarily

Until the 11 September 2023, those two packages will be built and cached by Hydra so they can be used
by users without recompilation penalties.

This is an exception due to mismatched release windows and should not set any precedent
without community discussion in coordination with release managers.
---
 pkgs/top-level/release.nix | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/pkgs/top-level/release.nix b/pkgs/top-level/release.nix
index 8888371aa06..12a340446a5 100644
--- a/pkgs/top-level/release.nix
+++ b/pkgs/top-level/release.nix
@@ -16,7 +16,19 @@
   # Strip most of attributes when evaluating to spare memory usage
 , scrubJobs ? true
   # Attributes passed to nixpkgs. Don't build packages marked as unfree.
-, nixpkgsArgs ? { config = { allowUnfree = false; inHydra = true; }; }
+, nixpkgsArgs ? { config = {
+    allowUnfree = false;
+    inHydra = true;
+    permittedInsecurePackages = [
+      # *Exceptionally*, those packages will be cached with their *secure* dependents
+      # because they will reach EOL in the middle of the 23.05 release
+      # and it will be too much painful for our users to recompile them
+      # for no real reason.
+      # Remove them for 23.11.
+      "nodejs-16.20.0"
+      "openssl-1.1.1t"
+    ];
+  }; }
 }:
 
 with import ./release-lib.nix { inherit supportedSystems scrubJobs nixpkgsArgs; };