[Backport release-24.11] GitHub Actions PRs

[getchoo]

Similar in vein to #361168 and #362513, this is a backport of the QoL changes, fixes, and improvements to our CI from master

Most importantly, this backports the new rebuildsByPlatform comparison artifact schema that nixpkgs-review expects -- which the lack of currently makes it fail on all PRs targeting stable :(

And here's the obligatory big list of original PRs (feel free to double check I didn't miss anything!):

• add actionlint script and fix linting errors #358087
• ci/check-shell: only run if shell.nix or ./ci/** is changed #360249
• ci/check-shell: fix ci/** path #360283
• workflows/check-nix-format: Improve error message #337577
• build(deps): bump korthout/backport-action from 3.0.2 to 3.1.0 #337448
• ci/eval: re-implement compare in nix #362844
• ci/eval: fix compare label assignment #363851
• ci/eval: add rebuildsByPlatform to the comparison result #363751
• ci/eval: allow precisely choosing which systems to evaluate for (evalSystem -> evalSystems) #365244
• workflows/eval: Improve debuggabilitiy #364308
• ci/eval: Avoid noise for failing attribute evals #364565
• workflows/eval: Catch empty conclusion #366049
• ci/eval/compare: truncate step summary to 1024k #365366
• workflows/eval: evaluate all systems to completion on failure #367108
• build(deps): bump actions/create-github-app-token from 1.11.0 to 1.11.1 #367609
• build(deps): bump actions/upload-artifact from 4.4.3 to 4.5.0 #367610
• ci: Label 10.rebuild-*-stdenv #369102

Things done

• Built on platform(s)
  • x86_64-linux
  • aarch64-linux
  • x86_64-darwin
  • aarch64-darwin
• For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
  • sandbox = relaxed
  • sandbox = true
• Tested, as applicable:
  • NixOS test(s) (look inside nixos/tests)
  • and/or package tests
  • or, for functions and "core" functionality, tests in lib/tests or pkgs/test
  • made sure NixOS tests are linked to the relevant packages
• Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
• Tested basic functionality of all binary files (usually in ./result/bin/)
• 25.05 Release Notes (or backporting 24.11 and 25.05 Release notes)
  • (Package updates) Added a release notes entry if the change is major or breaking
  • (Module updates) Added a release notes entry if the change is significant
  • (Module addition) Added a release notes entry if adding a new NixOS module
• Fits CONTRIBUTING.md.

---

Add a 👍 reaction to pull requests you find important.

[getchoo]

$ git diff origin/master -- .github/workflows
diff --git a/.github/workflows/periodic-merge-24h.yml b/.github/workflows/periodic-merge-24h.yml
index 08570d60e1d4..919d927cdbb4 100644
--- a/.github/workflows/periodic-merge-24h.yml
+++ b/.github/workflows/periodic-merge-24h.yml
@@ -35,10 +35,10 @@ jobs:
         pairs:
           - from: master
             into: haskell-updates
-          - from: release-24.11
-            into: staging-next-24.11
-          - from: staging-next-24.11
-            into: staging-24.11
+          - from: release-24.05
+            into: staging-next-24.05
+          - from: staging-next-24.05
+            into: staging-24.05
     name: ${{ matrix.pairs.from }} → ${{ matrix.pairs.into }}
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
$ git diff origin/master -- ci/ ':!ci/OWNERS'
diff --git a/ci/request-reviews/dev-branches.txt b/ci/request-reviews/dev-branches.txt
index 9e0609e325ec..b34092546f18 100644
--- a/ci/request-reviews/dev-branches.txt
+++ b/ci/request-reviews/dev-branches.txt
@@ -6,4 +6,3 @@ staging
 release-*
 staging-*
 haskell-updates
-python-updates

[getchoo]

(Limited) test run at getchoo-contrib#16

[wolfgangwalther]

We now have #366046 and soon #370186 as well.

[infinisil]

Kind of a pain to have to backport all of these all the time, but for now the only way

Thanks!