gologin: init at 4.0.2

[Felipe-9]

Things done

• Built on platform:
  • x86_64-linux
  • aarch64-linux
  • x86_64-darwin
  • aarch64-darwin
• Tested, as applicable:
  • NixOS tests in nixos/tests.
  • Package tests at passthru.tests.
  • Tests in lib/tests or pkgs/test for functions and "core" functionality.
• Ran nixpkgs-review on this PR. See nixpkgs-review usage.
• Tested basic functionality of all binary files, usually in ./result/bin/.
• Nixpkgs Release Notes
  • Package update: when the change is major or breaking.
• NixOS Release Notes
  • Module addition: when adding a new NixOS module.
  • Module update: when the change is significant.
• Fits CONTRIBUTING.md, pkgs/README.md, maintainers/README.md and other READMEs.

---

Add a 👍 reaction to pull requests you find important.

[Hythera]

You have to call it package.nix instead of default.nix, since the package is located under pkgs/by-name.

[Felipe-9]

Ohh i see thanks

[Felipe-9]

nixpkgs-review result

Generated using nixpkgs-review.

Command: nixpkgs-review pr 476954
Commit: 03459965d51c7d58b2dc1064e22daa14d70f7cad

---

x86_64-linux

✅ 1 package built:

• gologin

[Felipe-9]

Anything else i can do from my side?

[Hythera]

I just want to mention that since this is a browser (I think), it's going to need at least one committer as a maintainer (see https://github.com/NixOS/nixpkgs/blob/master/pkgs/README.md#quick-start-to-adding-a-package).

[Felipe-9]

I feel like most criteria is check, im not so sure on the third point "How realistic is it that it will be used by other people?" but i havent heard of any other service that does the same and that is already present on nixpkgs, so i guess this adds something new? what are your toughs?

[Hythera]

Suggested change

	mainProgram = pname;
	mainProgram = "gologin";

I think it's preferred to set the mainProgram separately.

[Felipe-9]

Yeah you are right

Always prefer using a hardcoded string (don't use pname, for example).

[Hythera]

Any security-critical fast-moving package such as Chrome or Firefox (or their forks) must have at least one committer among the maintainers, who actively reviews, merges and backports updates. This ensures no critical fixes are delayed unnecessarily, endangering unsuspecting users.

I think this applies to this package?

[Felipe-9]

I think this applies to this package?

You are right to check on that point.
im not much sure if this pkg will have such a fast pacing update such as it is with chrome, im checking on their version history

[Felipe-9]

They had 30 updates starting from feb 2025, indeed its fast paced about 2.5 updates per month.
So if i understand right it means the pkg is off till i figure out how to automate the bumps or someone comes in and do it, right?

[Hythera]

It's not about how frequent the updates are, but rather how security essential the packages is. It applies to all browser now, but I'm not sure if this applies to this package as it differs a bit from the "main" browsers. It's probably good to ask someone with more expertise on this 👍

[Felipe-9]

Well then, does that mean we should wait for someone to come and review or i should ping chrome maintainers?

[Hythera]

I don't think this is going to work as the download link isn't version fixed. The hash would break when they update it.

[Felipe-9]

INDEED this is a issue here, they also dont provide any way to download older versions...
I dont see how to solve this, maybe its better to leave this outside nixpkgs

[Hythera]

Well then, does that mean we should wait for someone to come and review or i should ping chrome maintainers?

You can ask in the Matrix chat or maybe ask the security team. Or just wait for another reviewer.

[Felipe-9]

You can ask in the Matrix chat or maybe ask the security team. Or just wait for another reviewer.

If the previous issue on the versions doesnt have a solution its not worth pursuing someone to help with this