Impact
If any of the HTTP requests to cachix service failed, that would leak your auth token in the command output.
Auth token is only needed when using private caches.
As a precaution we recommend contacting support@cachix.org to revoke your auth token.
Patches
Upstream patch is awaiting approval and merge.
Applying the fix
Upstream patch has been applied to nixpkgs master and release-19.09 branch.
The best way to upgrade is to use official installation: nix-env -iA cachix -f https://cachix.org/api/v1/install.
Alternatively, you can upgrade to the latest nixpkgs master or 19.09.
If you have installed cachix in any other way, you will have to apply the upstream patch
yourself.
Workarounds
You can contact support@cachix.org and we will revoke your auth token.
Impact
If any of the HTTP requests to cachix service failed, that would leak your auth token in the command output.
Auth token is only needed when using private caches.
As a precaution we recommend contacting support@cachix.org to revoke your auth token.
Patches
Upstream patch is awaiting approval and merge.
Applying the fix
Upstream patch has been applied to nixpkgs
masterandrelease-19.09branch.The best way to upgrade is to use official installation:
nix-env -iA cachix -f https://cachix.org/api/v1/install.Alternatively, you can upgrade to the latest nixpkgs master or 19.09.
If you have installed cachix in any other way, you will have to apply the upstream patch
yourself.
Workarounds
You can contact support@cachix.org and we will revoke your auth token.