Merge remote-tracking branch 'nixos/master'

This commit is contained in:
Max Headroom 2024-07-23 14:18:10 +02:00
commit 2bb425a402
1044 changed files with 26394 additions and 23352 deletions

View file

@ -15,7 +15,7 @@ SpaceAfterCStyleCast: true
SpaceAfterTemplateKeyword: false SpaceAfterTemplateKeyword: false
AccessModifierOffset: -4 AccessModifierOffset: -4
AlignAfterOpenBracket: AlwaysBreak AlignAfterOpenBracket: AlwaysBreak
AlignEscapedNewlines: DontAlign AlignEscapedNewlines: Left
ColumnLimit: 120 ColumnLimit: 120
BreakStringLiterals: false BreakStringLiterals: false
BitFieldColonSpacing: None BitFieldColonSpacing: None
@ -30,3 +30,4 @@ BreakBeforeBinaryOperators: NonAssignment
AlwaysBreakBeforeMultilineStrings: true AlwaysBreakBeforeMultilineStrings: true
IndentPPDirectives: AfterHash IndentPPDirectives: AfterHash
PPIndentWidth: 2 PPIndentWidth: 2
BinPackArguments: false

View file

@ -4,20 +4,20 @@
# Top-most EditorConfig file # Top-most EditorConfig file
root = true root = true
# Unix-style newlines with a newline ending every file, utf-8 charset # Unix-style newlines with a newline ending every file, UTF-8 charset
[*] [*]
end_of_line = lf end_of_line = lf
insert_final_newline = true insert_final_newline = true
trim_trailing_whitespace = true trim_trailing_whitespace = true
charset = utf-8 charset = utf-8
# Match nix files, set indent to spaces with width of two # Match Nix files, set indent to spaces with width of two
[*.nix] [*.nix]
indent_style = space indent_style = space
indent_size = 2 indent_size = 2
# Match c++/shell/perl, set indent to spaces with width of four # Match C++/C/shell/Perl, set indent to spaces with width of four
[*.{hpp,cc,hh,sh,pl,xs}] [*.{hpp,cc,hh,c,h,sh,pl,xs}]
indent_style = space indent_style = space
indent_size = 4 indent_size = 4

13
.github/CODEOWNERS vendored
View file

@ -11,7 +11,16 @@
.github/CODEOWNERS @edolstra .github/CODEOWNERS @edolstra
# Documentation of built-in functions # Documentation of built-in functions
src/libexpr/primops.cc @roberth src/libexpr/primops.cc @roberth @fricklerhandwerk
# Documentation of settings
src/libexpr/eval-settings.hh @fricklerhandwerk
src/libstore/globals.hh @fricklerhandwerk
# Documentation
doc/manual @fricklerhandwerk
maintainers/*.md @fricklerhandwerk
src/**/*.md @fricklerhandwerk
# Libstore layer # Libstore layer
/src/libstore @thufschmitt @ericson2314 /src/libstore @ericson2314

2
.github/labeler.yml vendored
View file

@ -13,7 +13,7 @@
"documentation": "documentation":
- changed-files: - changed-files:
- any-glob-to-any-file: "doc/manual/*" - any-glob-to-any-file: "doc/manual/**/*"
- any-glob-to-any-file: "src/nix/**/*.md" - any-glob-to-any-file: "src/nix/**/*.md"
"store": "store":

View file

@ -21,7 +21,7 @@ jobs:
fetch-depth: 0 fetch-depth: 0
- name: Create backport PRs - name: Create backport PRs
# should be kept in sync with `version` # should be kept in sync with `version`
uses: zeebe-io/backport-action@v2.5.0 uses: zeebe-io/backport-action@v3.0.2
with: with:
# Config README: https://github.com/zeebe-io/backport-action#backport-action # Config README: https://github.com/zeebe-io/backport-action#backport-action
github_token: ${{ secrets.GITHUB_TOKEN }} github_token: ${{ secrets.GITHUB_TOKEN }}

View file

@ -20,19 +20,45 @@ jobs:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
with: with:
fetch-depth: 0 fetch-depth: 0
- uses: cachix/install-nix-action@v26 - uses: cachix/install-nix-action@V27
with: with:
# The sandbox would otherwise be disabled by default on Darwin # The sandbox would otherwise be disabled by default on Darwin
extra_nix_config: "sandbox = true" extra_nix_config: "sandbox = true"
- run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
- uses: cachix/cachix-action@v14 - uses: cachix/cachix-action@v15
if: needs.check_secrets.outputs.cachix == 'true' if: needs.check_secrets.outputs.cachix == 'true'
with: with:
name: '${{ env.CACHIX_NAME }}' name: '${{ env.CACHIX_NAME }}'
signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}' signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- if: matrix.os == 'ubuntu-latest'
run: |
free -h
swapon --show
swap=$(swapon --show --noheadings | head -n 1 | awk '{print $1}')
echo "Found swap: $swap"
sudo swapoff $swap
# resize it (fallocate)
sudo fallocate -l 10G $swap
sudo mkswap $swap
sudo swapon $swap
free -h
(
while sleep 60; do
free -h
done
) &
- run: nix --experimental-features 'nix-command flakes' flake check -L - run: nix --experimental-features 'nix-command flakes' flake check -L
# Steps to test CI automation in your own fork.
# Cachix:
# 1. Sign-up for https://www.cachix.org/
# 2. Create a cache for $githubuser-nix-install-tests
# 3. Create a cachix auth token and save it in https://github.com/$githubuser/nix/settings/secrets/actions in "Repository secrets" as CACHIX_AUTH_TOKEN
# Dockerhub:
# 1. Sign-up for https://hub.docker.com/
# 2. Store your dockerhub username as DOCKERHUB_USERNAME in "Repository secrets" of your fork repository settings (https://github.com/$githubuser/nix/settings/secrets/actions)
# 3. Create an access token in https://hub.docker.com/settings/security and store it as DOCKERHUB_TOKEN in "Repository secrets" of your fork
check_secrets: check_secrets:
permissions: permissions:
contents: none contents: none
@ -62,14 +88,15 @@ jobs:
with: with:
fetch-depth: 0 fetch-depth: 0
- run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
- uses: cachix/install-nix-action@v26 - uses: cachix/install-nix-action@V27
with: with:
install_url: https://releases.nixos.org/nix/nix-2.20.3/install install_url: https://releases.nixos.org/nix/nix-2.20.3/install
- uses: cachix/cachix-action@v14 - uses: cachix/cachix-action@v15
with: with:
name: '${{ env.CACHIX_NAME }}' name: '${{ env.CACHIX_NAME }}'
signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}' signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
cachixArgs: '-v'
- id: prepare-installer - id: prepare-installer
run: scripts/prepare-installer-for-github-actions run: scripts/prepare-installer-for-github-actions
@ -84,7 +111,7 @@ jobs:
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
- uses: cachix/install-nix-action@v26 - uses: cachix/install-nix-action@V27
with: with:
install_url: '${{needs.installer.outputs.installerURL}}' install_url: '${{needs.installer.outputs.installerURL}}'
install_options: "--tarball-url-prefix https://${{ env.CACHIX_NAME }}.cachix.org/serve" install_options: "--tarball-url-prefix https://${{ env.CACHIX_NAME }}.cachix.org/serve"
@ -114,12 +141,12 @@ jobs:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
with: with:
fetch-depth: 0 fetch-depth: 0
- uses: cachix/install-nix-action@v26 - uses: cachix/install-nix-action@V27
with: with:
install_url: https://releases.nixos.org/nix/nix-2.20.3/install install_url: https://releases.nixos.org/nix/nix-2.20.3/install
- run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
- run: echo NIX_VERSION="$(nix --experimental-features 'nix-command flakes' eval .\#default.version | tr -d \")" >> $GITHUB_ENV - run: echo NIX_VERSION="$(nix --experimental-features 'nix-command flakes' eval .\#default.version | tr -d \")" >> $GITHUB_ENV
- uses: cachix/cachix-action@v14 - uses: cachix/cachix-action@v15
if: needs.check_secrets.outputs.cachix == 'true' if: needs.check_secrets.outputs.cachix == 'true'
with: with:
name: '${{ env.CACHIX_NAME }}' name: '${{ env.CACHIX_NAME }}'
@ -127,8 +154,8 @@ jobs:
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- run: nix --experimental-features 'nix-command flakes' build .#dockerImage -L - run: nix --experimental-features 'nix-command flakes' build .#dockerImage -L
- run: docker load -i ./result/image.tar.gz - run: docker load -i ./result/image.tar.gz
- run: docker tag nix:$NIX_VERSION nixos/nix:$NIX_VERSION - run: docker tag nix:$NIX_VERSION ${{ secrets.DOCKERHUB_USERNAME }}/nix:$NIX_VERSION
- run: docker tag nix:$NIX_VERSION nixos/nix:master - run: docker tag nix:$NIX_VERSION ${{ secrets.DOCKERHUB_USERNAME }}/nix:master
# We'll deploy the newly built image to both Docker Hub and Github Container Registry. # We'll deploy the newly built image to both Docker Hub and Github Container Registry.
# #
# Push to Docker Hub first # Push to Docker Hub first
@ -137,8 +164,8 @@ jobs:
with: with:
username: ${{ secrets.DOCKERHUB_USERNAME }} username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }} password: ${{ secrets.DOCKERHUB_TOKEN }}
- run: docker push nixos/nix:$NIX_VERSION - run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/nix:$NIX_VERSION
- run: docker push nixos/nix:master - run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/nix:master
# Push to GitHub Container Registry as well # Push to GitHub Container Registry as well
- name: Login to GitHub Container Registry - name: Login to GitHub Container Registry
uses: docker/login-action@v3 uses: docker/login-action@v3
@ -166,4 +193,38 @@ jobs:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- uses: DeterminateSystems/nix-installer-action@main - uses: DeterminateSystems/nix-installer-action@main
- uses: DeterminateSystems/magic-nix-cache-action@main - uses: DeterminateSystems/magic-nix-cache-action@main
- run: nix build -L .#hydraJobs.tests.githubFlakes .#hydraJobs.tests.tarballFlakes - run: nix build -L .#hydraJobs.tests.githubFlakes .#hydraJobs.tests.tarballFlakes .#hydraJobs.tests.functional_user
meson_build:
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-latest]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
- uses: DeterminateSystems/nix-installer-action@main
- uses: DeterminateSystems/magic-nix-cache-action@main
# Only meson packages that don't have a tests.run derivation.
# Those that have it are already built and tested as part of nix flake check.
- run: nix build -L .#hydraJobs.build.{nix-cmd,nix-main}.$(nix-instantiate --eval --expr builtins.currentSystem | sed -e 's/"//g')
flake_regressions:
needs: vm_tests
runs-on: ubuntu-22.04
steps:
- name: Checkout nix
uses: actions/checkout@v4
- name: Checkout flake-regressions
uses: actions/checkout@v4
with:
repository: NixOS/flake-regressions
path: flake-regressions
- name: Checkout flake-regressions-data
uses: actions/checkout@v4
with:
repository: NixOS/flake-regressions-data
path: flake-regressions/tests
- uses: DeterminateSystems/nix-installer-action@main
- uses: DeterminateSystems/magic-nix-cache-action@main
- run: nix build --out-link ./new-nix && PATH=$(pwd)/new-nix/bin:$PATH scripts/flake-regressions.sh

View file

@ -1,20 +0,0 @@
name: Hydra status
permissions: read-all
on:
schedule:
- cron: "12,42 * * * *"
workflow_dispatch:
jobs:
check_hydra_status:
name: Check Hydra status
if: github.repository_owner == 'NixOS'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- run: bash scripts/check-hydra-status.sh

7
.gitignore vendored
View file

@ -11,6 +11,8 @@ perl/Makefile.config
/svn-revision /svn-revision
/libtool /libtool
/config/config.* /config/config.*
# Default meson build dir
/build
# /doc/manual/ # /doc/manual/
/doc/manual/*.1 /doc/manual/*.1
@ -52,6 +54,9 @@ perl/Makefile.config
# /src/libfetchers # /src/libfetchers
/tests/unit/libfetchers/libnixfetchers-tests /tests/unit/libfetchers/libnixfetchers-tests
# /src/libflake
/tests/unit/libflake/libnixflake-tests
# /src/libstore/ # /src/libstore/
*.gen.* *.gen.*
/src/libstore/tests /src/libstore/tests
@ -92,7 +97,7 @@ perl/Makefile.config
# /tests/functional/ # /tests/functional/
/tests/functional/test-tmp /tests/functional/test-tmp
/tests/functional/common/vars-and-functions.sh /tests/functional/common/subst-vars.sh
/tests/functional/result* /tests/functional/result*
/tests/functional/restricted-innocent /tests/functional/restricted-innocent
/tests/functional/shell /tests/functional/shell

4
.shellcheckrc Normal file
View file

@ -0,0 +1,4 @@
external-sources=true
source-path=SCRIPTDIR
# Hack for scripts in e.g. tests/functional/ca
source-path=SCRIPTDIR/..

View file

@ -1 +1 @@
2.22.0 2.24.0

42
CITATION.cff Normal file
View file

@ -0,0 +1,42 @@
cff-version: 1.2.0
title: Nix
message: >-
If you use this software, please cite it using the
metadata from this file.
type: software
authors:
- given-names: Eelco
family-names: Dolstra
email: edolstra@gmail.com
- name: The Nix contributors
website: 'https://github.com/NixOS/nix'
references:
- title: The Purely Functional Software Deployment Model
authors:
- family-names: Dolstra
given-names: Eelco
year: 2006
type: thesis
thesis-type: PhD thesis
isbn: 90-393-4130-3
url: https://dspace.library.uu.nl/handle/1874/7540
database-provider: Utrecht University Repository
institution:
name: Utrecht University
keywords:
- configuration management
- software deployment
- purely functional
- component-based software engineering
repository-code: 'https://github.com/NixOS/nix'
url: 'https://nixos.org/'
abstract: >-
Nix, a purely functional package manager, is a powerful
package manager for Linux and other Unix systems that
makes package management reliable and reproducible.
keywords:
- reproducibility
- open-source
- c++
- functional
license: LGPL-2.1

View file

@ -27,6 +27,8 @@ Check out the [security policy](https://github.com/NixOS/nix/security/policy).
1. Search for related issues that cover what you're going to work on. 1. Search for related issues that cover what you're going to work on.
It could help to mention there that you will work on the issue. It could help to mention there that you will work on the issue.
We strongly recommend first-time contributors not to propose new features but rather fix tightly-scoped problems in order to build trust and a working relationship with maintainers.
Issues labeled [good first issue](https://github.com/NixOS/nix/labels/good%20first%20issue) should be relatively easy to fix and are likely to get merged quickly. Issues labeled [good first issue](https://github.com/NixOS/nix/labels/good%20first%20issue) should be relatively easy to fix and are likely to get merged quickly.
Pull requests addressing issues labeled [idea approved](https://github.com/NixOS/nix/labels/idea%20approved) or [RFC](https://github.com/NixOS/nix/labels/RFC) are especially welcomed by maintainers and will receive prioritised review. Pull requests addressing issues labeled [idea approved](https://github.com/NixOS/nix/labels/idea%20approved) or [RFC](https://github.com/NixOS/nix/labels/RFC) are especially welcomed by maintainers and will receive prioritised review.

View file

@ -18,6 +18,7 @@ makefiles = \
src/libfetchers/local.mk \ src/libfetchers/local.mk \
src/libmain/local.mk \ src/libmain/local.mk \
src/libexpr/local.mk \ src/libexpr/local.mk \
src/libflake/local.mk \
src/libcmd/local.mk \ src/libcmd/local.mk \
src/nix/local.mk \ src/nix/local.mk \
src/libutil-c/local.mk \ src/libutil-c/local.mk \
@ -45,7 +46,8 @@ makefiles += \
tests/unit/libstore-support/local.mk \ tests/unit/libstore-support/local.mk \
tests/unit/libfetchers/local.mk \ tests/unit/libfetchers/local.mk \
tests/unit/libexpr/local.mk \ tests/unit/libexpr/local.mk \
tests/unit/libexpr-support/local.mk tests/unit/libexpr-support/local.mk \
tests/unit/libflake/local.mk
endif endif
ifeq ($(ENABLE_FUNCTIONAL_TESTS), yes) ifeq ($(ENABLE_FUNCTIONAL_TESTS), yes)
@ -68,14 +70,6 @@ ifeq ($(ENABLE_DOC_GEN), yes)
makefiles-late += doc/manual/local.mk makefiles-late += doc/manual/local.mk
endif endif
ifeq ($(ENABLE_INTERNAL_API_DOCS), yes)
makefiles-late += doc/internal-api/local.mk
endif
ifeq ($(ENABLE_EXTERNAL_API_DOCS), yes)
makefiles-late += doc/external-api/local.mk
endif
# Miscellaneous global Flags # Miscellaneous global Flags
OPTIMIZE = 1 OPTIMIZE = 1
@ -98,7 +92,7 @@ ifdef HOST_WINDOWS
GLOBAL_LDFLAGS += -Wl,--export-all-symbols GLOBAL_LDFLAGS += -Wl,--export-all-symbols
endif endif
GLOBAL_CXXFLAGS += -g -Wall -Wimplicit-fallthrough -include $(buildprefix)config.h -std=c++2a -I src GLOBAL_CXXFLAGS += -g -Wall -Wdeprecated-copy -Wignored-qualifiers -Wimplicit-fallthrough -Werror=unused-result -include $(buildprefix)config.h -std=c++2a -I src
# Include the main lib, causing rules to be defined # Include the main lib, causing rules to be defined
@ -131,17 +125,3 @@ manual-html manpages:
@echo "Generated docs are disabled. Configure without '--disable-doc-gen', or avoid calling 'make manpages' and 'make manual-html'." @echo "Generated docs are disabled. Configure without '--disable-doc-gen', or avoid calling 'make manpages' and 'make manual-html'."
@exit 1 @exit 1
endif endif
ifneq ($(ENABLE_INTERNAL_API_DOCS), yes)
.PHONY: internal-api-html
internal-api-html:
@echo "Internal API docs are disabled. Configure with '--enable-internal-api-docs', or avoid calling 'make internal-api-html'."
@exit 1
endif
ifneq ($(ENABLE_EXTERNAL_API_DOCS), yes)
.PHONY: external-api-html
external-api-html:
@echo "External API docs are disabled. Configure with '--enable-external-api-docs', or avoid calling 'make external-api-html'."
@exit 1
endif

View file

@ -11,8 +11,6 @@ EDITLINE_LIBS = @EDITLINE_LIBS@
ENABLE_BUILD = @ENABLE_BUILD@ ENABLE_BUILD = @ENABLE_BUILD@
ENABLE_DOC_GEN = @ENABLE_DOC_GEN@ ENABLE_DOC_GEN = @ENABLE_DOC_GEN@
ENABLE_FUNCTIONAL_TESTS = @ENABLE_FUNCTIONAL_TESTS@ ENABLE_FUNCTIONAL_TESTS = @ENABLE_FUNCTIONAL_TESTS@
ENABLE_INTERNAL_API_DOCS = @ENABLE_INTERNAL_API_DOCS@
ENABLE_EXTERNAL_API_DOCS = @ENABLE_EXTERNAL_API_DOCS@
ENABLE_S3 = @ENABLE_S3@ ENABLE_S3 = @ENABLE_S3@
ENABLE_UNIT_TESTS = @ENABLE_UNIT_TESTS@ ENABLE_UNIT_TESTS = @ENABLE_UNIT_TESTS@
GTEST_LIBS = @GTEST_LIBS@ GTEST_LIBS = @GTEST_LIBS@

View file

@ -0,0 +1,36 @@
# These are private dependencies with pkg-config files. What private
# means is that the dependencies are used by the library but they are
# *not* used (e.g. `#include`-ed) in any installed header file, and only
# in regular source code (`*.cc`) or private, uninstalled headers. They
# are thus part of the *implementation* of the library, but not its
# *interface*.
#
# See `man pkg-config` for some details.
deps_private = [ ]
# These are public dependencies with pkg-config files. Public is the
# opposite of private: these dependencies are used in installed header
# files. They are part of the interface (and implementation) of the
# library.
#
# N.B. This concept is mostly unrelated to our own concept of a public
# (stable) API, for consumption outside of the Nix repository.
# `libnixutil` is an unstable C++ library, whose public interface is
# likewise unstable. `libutilc` conversely is a hopefully-soon stable
# C library, whose public interface --- including public but not private
# dependencies --- will also likewise soon be stable.
#
# N.B. For distributions that care about "ABI" stability and not just
# "API" stability, the private dependencies also matter as they can
# potentially affect the public ABI.
deps_public = [ ]
# These are subproject deps (type == "internal"). They are other
# packages in `/src` in this repo. The private vs public distinction is
# the same as above.
deps_private_subproject = [ ]
deps_public_subproject = [ ]
# These are dependencencies without pkg-config files. Ideally they are
# just private, but they may also be public (e.g. boost).
deps_other = [ ]

View file

@ -0,0 +1,13 @@
add_project_arguments(
'-Wno-deprecated-declarations',
'-Wimplicit-fallthrough',
'-Werror=switch',
'-Werror=switch-enum',
'-Werror=unused-result',
'-Wdeprecated-copy',
'-Wignored-qualifiers',
# Enable assertions in libstdc++ by default. Harmless on libc++. Benchmarked
# at ~1% overhead in `nix search`.
#
language : 'cpp',
)

View file

@ -0,0 +1,11 @@
if host_machine.system() == 'cygwin' or host_machine.system() == 'windows'
# Windows DLLs are stricter about symbol visibility than Unix shared
# objects --- see https://gcc.gnu.org/wiki/Visibility for details.
# This is a temporary sledgehammer to export everything like on Unix,
# and not detail with this yet.
#
# TODO do not do this, and instead do fine-grained export annotations.
linker_export_flags = ['-Wl,--export-all-symbols']
else
linker_export_flags = []
endif

View file

@ -0,0 +1,30 @@
requires_private = []
foreach dep : deps_private_subproject
requires_private += dep.name()
endforeach
requires_private += deps_private
requires_public = []
foreach dep : deps_public_subproject
requires_public += dep.name()
endforeach
requires_public += deps_public
import('pkgconfig').generate(
this_library,
filebase : meson.project_name(),
name : 'Nix',
description : 'Nix Package Manager',
subdirs : ['nix'],
extra_cflags : ['-std=c++2a'],
requires : requires_public,
requires_private : requires_private,
libraries_private : libraries_private,
)
meson.override_dependency(meson.project_name(), declare_dependency(
include_directories : include_dirs,
link_with : this_library,
compile_args : ['-std=c++2a'],
dependencies : deps_public_subproject + deps_public,
))

View file

@ -0,0 +1,7 @@
bash = find_program('bash', native: true)
gen_header = generator(
bash,
arguments : [ '-c', '{ echo \'R"__NIX_STR(\' && cat @INPUT@ && echo \')__NIX_STR"\'; } > "$1"', '_ignored_argv0', '@OUTPUT@' ],
output : '@PLAINNAME@.gen.hh',
)

View file

@ -0,0 +1,19 @@
foreach maybe_subproject_dep : deps_private_maybe_subproject
if maybe_subproject_dep.type_name() == 'internal'
deps_private_subproject += maybe_subproject_dep
# subproject sadly no good for pkg-config module
deps_other += maybe_subproject_dep
else
deps_private += maybe_subproject_dep
endif
endforeach
foreach maybe_subproject_dep : deps_public_maybe_subproject
if maybe_subproject_dep.type_name() == 'internal'
deps_public_subproject += maybe_subproject_dep
# subproject sadly no good for pkg-config module
deps_other += maybe_subproject_dep
else
deps_public += maybe_subproject_dep
endif
endforeach

View file

@ -0,0 +1,6 @@
# This is only conditional to work around
# https://github.com/mesonbuild/meson/issues/13293. It should be
# unconditional.
if not (host_machine.system() == 'windows' and cxx.get_id() == 'gcc')
deps_private += dependency('threads')
endif

View file

@ -63,7 +63,6 @@ AC_SYS_LARGEFILE
# Solaris-specific stuff. # Solaris-specific stuff.
AC_STRUCT_DIRENT_D_TYPE
case "$host_os" in case "$host_os" in
solaris*) solaris*)
# Solaris requires -lsocket -lnsl for network functions # Solaris requires -lsocket -lnsl for network functions
@ -150,11 +149,6 @@ AC_ARG_ENABLE(unit-tests, AS_HELP_STRING([--disable-unit-tests],[Do not build th
ENABLE_UNIT_TESTS=$enableval, ENABLE_UNIT_TESTS=$ENABLE_BUILD) ENABLE_UNIT_TESTS=$enableval, ENABLE_UNIT_TESTS=$ENABLE_BUILD)
AC_SUBST(ENABLE_UNIT_TESTS) AC_SUBST(ENABLE_UNIT_TESTS)
# Build external API docs by default
AC_ARG_ENABLE(external_api_docs, AS_HELP_STRING([--enable-external-api-docs],[Build API docs for Nix's C interface]),
external_api_docs=$enableval, external_api_docs=yes)
AC_SUBST(external_api_docs)
AS_IF( AS_IF(
[test "$ENABLE_BUILD" == "no" && test "$ENABLE_UNIT_TESTS" == "yes"], [test "$ENABLE_BUILD" == "no" && test "$ENABLE_UNIT_TESTS" == "yes"],
[AC_MSG_ERROR([Cannot enable unit tests when building overall is disabled. Please do not pass '--enable-unit-tests' or do not pass '--disable-build'.])]) [AC_MSG_ERROR([Cannot enable unit tests when building overall is disabled. Please do not pass '--enable-unit-tests' or do not pass '--disable-build'.])])
@ -172,15 +166,6 @@ AS_IF(
[test "$ENABLE_BUILD" == "no" && test "$ENABLE_DOC_GEN" == "yes"], [test "$ENABLE_BUILD" == "no" && test "$ENABLE_DOC_GEN" == "yes"],
[AC_MSG_ERROR([Cannot enable generated docs when building overall is disabled. Please do not pass '--enable-doc-gen' or do not pass '--disable-build'.])]) [AC_MSG_ERROR([Cannot enable generated docs when building overall is disabled. Please do not pass '--enable-doc-gen' or do not pass '--disable-build'.])])
# Building without API docs is the default as Nix' C++ interfaces are internal and unstable.
AC_ARG_ENABLE(internal-api-docs, AS_HELP_STRING([--enable-internal-api-docs],[Build API docs for Nix's internal unstable C++ interfaces]),
ENABLE_INTERNAL_API_DOCS=$enableval, ENABLE_INTERNAL_API_DOCS=no)
AC_SUBST(ENABLE_INTERNAL_API_DOCS)
AC_ARG_ENABLE(external-api-docs, AS_HELP_STRING([--enable-external-api-docs],[Build API docs for Nix's external unstable C interfaces]),
ENABLE_EXTERNAL_API_DOCS=$enableval, ENABLE_EXTERNAL_API_DOCS=no)
AC_SUBST(ENABLE_EXTERNAL_API_DOCS)
AS_IF( AS_IF(
[test "$ENABLE_FUNCTIONAL_TESTS" == "yes" || test "$ENABLE_DOC_GEN" == "yes"], [test "$ENABLE_FUNCTIONAL_TESTS" == "yes" || test "$ENABLE_DOC_GEN" == "yes"],
[NEED_PROG(jq, jq)]) [NEED_PROG(jq, jq)])
@ -314,7 +299,7 @@ case "$host_os" in
])) ]))
if test "x$enable_seccomp_sandboxing" != "xno"; then if test "x$enable_seccomp_sandboxing" != "xno"; then
PKG_CHECK_MODULES([LIBSECCOMP], [libseccomp], PKG_CHECK_MODULES([LIBSECCOMP], [libseccomp],
[CXXFLAGS="$LIBSECCOMP_CFLAGS $CXXFLAGS"]) [CXXFLAGS="$LIBSECCOMP_CFLAGS $CXXFLAGS" CFLAGS="$LIBSECCOMP_CFLAGS $CFLAGS"])
have_seccomp=1 have_seccomp=1
AC_DEFINE([HAVE_SECCOMP], [1], [Whether seccomp is available and should be used for sandboxing.]) AC_DEFINE([HAVE_SECCOMP], [1], [Whether seccomp is available and should be used for sandboxing.])
AC_COMPILE_IFELSE([ AC_COMPILE_IFELSE([
@ -355,13 +340,6 @@ AC_CHECK_HEADERS([aws/s3/S3Client.h],
AC_SUBST(ENABLE_S3, [$enable_s3]) AC_SUBST(ENABLE_S3, [$enable_s3])
AC_LANG_POP(C++) AC_LANG_POP(C++)
if test -n "$enable_s3"; then
declare -a aws_version_tokens=($(printf '#include <aws/core/VersionConfig.h>\nAWS_SDK_VERSION_STRING' | $CPP $CPPFLAGS - | grep -v '^#.*' | sed 's/"//g' | tr '.' ' '))
AC_DEFINE_UNQUOTED([AWS_VERSION_MAJOR], ${aws_version_tokens@<:@0@:>@}, [Major version of aws-sdk-cpp.])
AC_DEFINE_UNQUOTED([AWS_VERSION_MINOR], ${aws_version_tokens@<:@1@:>@}, [Minor version of aws-sdk-cpp.])
AC_DEFINE_UNQUOTED([AWS_VERSION_PATCH], ${aws_version_tokens@<:@2@:>@}, [Patch version of aws-sdk-cpp.])
fi
# Whether to use the Boehm garbage collector. # Whether to use the Boehm garbage collector.
AC_ARG_ENABLE(gc, AS_HELP_STRING([--enable-gc],[enable garbage collection in the Nix expression evaluator (requires Boehm GC) [default=yes]]), AC_ARG_ENABLE(gc, AS_HELP_STRING([--enable-gc],[enable garbage collection in the Nix expression evaluator (requires Boehm GC) [default=yes]]),
@ -370,6 +348,14 @@ if test "$gc" = yes; then
PKG_CHECK_MODULES([BDW_GC], [bdw-gc]) PKG_CHECK_MODULES([BDW_GC], [bdw-gc])
CXXFLAGS="$BDW_GC_CFLAGS $CXXFLAGS" CXXFLAGS="$BDW_GC_CFLAGS $CXXFLAGS"
AC_DEFINE(HAVE_BOEHMGC, 1, [Whether to use the Boehm garbage collector.]) AC_DEFINE(HAVE_BOEHMGC, 1, [Whether to use the Boehm garbage collector.])
# See `fixupBoehmStackPointer`, for the integration between Boehm GC
# and Boost coroutines.
old_CFLAGS="$CFLAGS"
# Temporary set `-pthread` just for the next check
CFLAGS="$CFLAGS -pthread"
AC_CHECK_FUNCS([pthread_attr_get_np pthread_getattr_np])
CFLAGS="$old_CFLAGS"
fi fi
AS_IF([test "$ENABLE_UNIT_TESTS" == "yes"],[ AS_IF([test "$ENABLE_UNIT_TESTS" == "yes"],[
@ -407,6 +393,11 @@ AS_CASE(["$enable_markdown"],
PKG_CHECK_MODULES([LIBGIT2], [libgit2]) PKG_CHECK_MODULES([LIBGIT2], [libgit2])
# Look for toml11, a required dependency.
AC_LANG_PUSH(C++)
AC_CHECK_HEADER([toml.hpp], [], [AC_MSG_ERROR([toml11 is not found.])])
AC_LANG_POP(C++)
# Setuid installations. # Setuid installations.
AC_CHECK_FUNCS([setresuid setreuid lchown]) AC_CHECK_FUNCS([setresuid setreuid lchown])

View file

@ -1,99 +0,0 @@
diff --git a/darwin_stop_world.c b/darwin_stop_world.c
index 0468aaec..b348d869 100644
--- a/darwin_stop_world.c
+++ b/darwin_stop_world.c
@@ -356,6 +356,7 @@ GC_INNER void GC_push_all_stacks(void)
int nthreads = 0;
word total_size = 0;
mach_msg_type_number_t listcount = (mach_msg_type_number_t)THREAD_TABLE_SZ;
+ size_t stack_limit;
if (!EXPECT(GC_thr_initialized, TRUE))
GC_thr_init();
@@ -411,6 +412,19 @@ GC_INNER void GC_push_all_stacks(void)
GC_push_all_stack_sections(lo, hi, p->traced_stack_sect);
}
if (altstack_lo) {
+ // When a thread goes into a coroutine, we lose its original sp until
+ // control flow returns to the thread.
+ // While in the coroutine, the sp points outside the thread stack,
+ // so we can detect this and push the entire thread stack instead,
+ // as an approximation.
+ // We assume that the coroutine has similarly added its entire stack.
+ // This could be made accurate by cooperating with the application
+ // via new functions and/or callbacks.
+ stack_limit = pthread_get_stacksize_np(p->id);
+ if (altstack_lo >= altstack_hi || altstack_lo < altstack_hi - stack_limit) { // sp outside stack
+ altstack_lo = altstack_hi - stack_limit;
+ }
+
total_size += altstack_hi - altstack_lo;
GC_push_all_stack(altstack_lo, altstack_hi);
}
diff --git a/include/gc.h b/include/gc.h
index edab6c22..f2c61282 100644
--- a/include/gc.h
+++ b/include/gc.h
@@ -2172,6 +2172,11 @@ GC_API void GC_CALL GC_win32_free_heap(void);
(*GC_amiga_allocwrapper_do)(a,GC_malloc_atomic_ignore_off_page)
#endif /* _AMIGA && !GC_AMIGA_MAKINGLIB */
+#if !__APPLE__
+/* Patch doesn't work on apple */
+#define NIX_BOEHM_PATCH_VERSION 1
+#endif
+
#ifdef __cplusplus
} /* extern "C" */
#endif
diff --git a/pthread_stop_world.c b/pthread_stop_world.c
index b5d71e62..aed7b0bf 100644
--- a/pthread_stop_world.c
+++ b/pthread_stop_world.c
@@ -768,6 +768,8 @@ STATIC void GC_restart_handler(int sig)
/* world is stopped. Should not fail if it isn't. */
GC_INNER void GC_push_all_stacks(void)
{
+ size_t stack_limit;
+ pthread_attr_t pattr;
GC_bool found_me = FALSE;
size_t nthreads = 0;
int i;
@@ -851,6 +853,37 @@ GC_INNER void GC_push_all_stacks(void)
hi = p->altstack + p->altstack_size;
/* FIXME: Need to scan the normal stack too, but how ? */
/* FIXME: Assume stack grows down */
+ } else {
+#ifdef HAVE_PTHREAD_ATTR_GET_NP
+ if (!pthread_attr_init(&pattr)
+ || !pthread_attr_get_np(p->id, &pattr))
+#else /* HAVE_PTHREAD_GETATTR_NP */
+ if (pthread_getattr_np(p->id, &pattr))
+#endif
+ {
+ ABORT("GC_push_all_stacks: pthread_getattr_np failed!");
+ }
+ if (pthread_attr_getstacksize(&pattr, &stack_limit)) {
+ ABORT("GC_push_all_stacks: pthread_attr_getstacksize failed!");
+ }
+ if (pthread_attr_destroy(&pattr)) {
+ ABORT("GC_push_all_stacks: pthread_attr_destroy failed!");
+ }
+ // When a thread goes into a coroutine, we lose its original sp until
+ // control flow returns to the thread.
+ // While in the coroutine, the sp points outside the thread stack,
+ // so we can detect this and push the entire thread stack instead,
+ // as an approximation.
+ // We assume that the coroutine has similarly added its entire stack.
+ // This could be made accurate by cooperating with the application
+ // via new functions and/or callbacks.
+ #ifndef STACK_GROWS_UP
+ if (lo >= hi || lo < hi - stack_limit) { // sp outside stack
+ lo = hi - stack_limit;
+ }
+ #else
+ #error "STACK_GROWS_UP not supported in boost_coroutine2 (as of june 2021), so we don't support it in Nix."
+ #endif
}
GC_push_all_stack_sections(lo, hi, traced_stack_sect);
# ifdef STACK_GROWS_UP

View file

@ -1,12 +0,0 @@
diff --git a/include/gc_allocator.h b/include/gc_allocator.h
index 597c7f13..587286be 100644
--- a/include/gc_allocator.h
+++ b/include/gc_allocator.h
@@ -312,6 +312,7 @@ public:
template<>
class traceable_allocator<void> {
+public:
typedef size_t size_type;
typedef ptrdiff_t difference_type;
typedef void* pointer;

View file

@ -1,7 +0,0 @@
$(docdir)/external-api/html/index.html $(docdir)/external-api/latex: $(d)/doxygen.cfg
mkdir -p $(docdir)/external-api
{ cat $< ; echo "OUTPUT_DIRECTORY=$(docdir)/external-api" ; } | doxygen -
# Generate the HTML API docs for Nix's unstable C bindings
.PHONY: external-api-html
external-api-html: $(docdir)/external-api/html/index.html

View file

@ -1,7 +0,0 @@
$(docdir)/internal-api/html/index.html $(docdir)/internal-api/latex: $(d)/doxygen.cfg
mkdir -p $(docdir)/internal-api
{ cat $< ; echo "OUTPUT_DIRECTORY=$(docdir)/internal-api" ; } | doxygen -
# Generate the HTML API docs for Nix's unstable internal interfaces.
.PHONY: internal-api-html
internal-api-html: $(docdir)/internal-api/html/index.html

View file

@ -6,8 +6,6 @@ additional-css = ["custom.css"]
additional-js = ["redirects.js"] additional-js = ["redirects.js"]
edit-url-template = "https://github.com/NixOS/nix/tree/master/doc/manual/{path}" edit-url-template = "https://github.com/NixOS/nix/tree/master/doc/manual/{path}"
git-repository-url = "https://github.com/NixOS/nix" git-repository-url = "https://github.com/NixOS/nix"
fold.enable = true
fold.level = 1
[preprocessor.anchors] [preprocessor.anchors]
renderers = ["html"] renderers = ["html"]

View file

@ -1,31 +0,0 @@
let
inherit (builtins) concatStringsSep attrValues mapAttrs;
inherit (import <nix/utils.nix>) optionalString squash;
in
builtinsInfo:
let
showBuiltin = name: { doc, type, impure-only }:
let
type' = optionalString (type != null) " (${type})";
impureNotice = optionalString impure-only ''
> **Note**
>
> Not available in [pure evaluation mode](@docroot@/command-ref/conf-file.md#conf-pure-eval).
'';
in
squash ''
<dt id="builtins-${name}">
<a href="#builtins-${name}"><code>${name}</code></a>${type'}
</dt>
<dd>
${doc}
${impureNotice}
</dd>
'';
in
concatStringsSep "\n" (attrValues (mapAttrs showBuiltin builtinsInfo))

View file

@ -5,8 +5,10 @@ in
builtinsInfo: builtinsInfo:
let let
showBuiltin = name: { doc, args, arity, experimental-feature }: showBuiltin = name: { doc, type ? null, args ? [ ], experimental-feature ? null, impure-only ? false }:
let let
type' = optionalString (type != null) " (${type})";
experimentalNotice = optionalString (experimental-feature != null) '' experimentalNotice = optionalString (experimental-feature != null) ''
> **Note** > **Note**
> >
@ -18,18 +20,26 @@ let
> extra-experimental-features = ${experimental-feature} > extra-experimental-features = ${experimental-feature}
> ``` > ```
''; '';
impureNotice = optionalString impure-only ''
> **Note**
>
> Not available in [pure evaluation mode](@docroot@/command-ref/conf-file.md#conf-pure-eval).
'';
in in
squash '' squash ''
<dt id="builtins-${name}"> <dt id="builtins-${name}">
<a href="#builtins-${name}"><code>${name} ${listArgs args}</code></a> <a href="#builtins-${name}"><code>${name}${listArgs args}</code></a>${type'}
</dt> </dt>
<dd> <dd>
${experimentalNotice} ${experimentalNotice}
${doc} ${doc}
${impureNotice}
</dd> </dd>
''; '';
listArgs = args: concatStringsSep " " (map (s: "<var>${s}</var>") args); listArgs = args: concatStringsSep "" (map (s: " <var>${s}</var>") args);
in in
concatStringsSep "\n" (attrValues (mapAttrs showBuiltin builtinsInfo)) concatStringsSep "\n" (attrValues (mapAttrs showBuiltin builtinsInfo))

View file

@ -116,9 +116,12 @@ let
storeInfo = commandInfo.stores; storeInfo = commandInfo.stores;
inherit inlineHTML; inherit inlineHTML;
}; };
hasInfix = infix: content:
builtins.stringLength content != builtins.stringLength (replaceStrings [ infix ] [ "" ] content);
in in
optionalString (details ? doc) ( optionalString (details ? doc) (
if match ".*@store-types@.*" details.doc != null # An alternate implementation with builtins.match stack overflowed on some systems.
if hasInfix "@store-types@" details.doc
then help-stores then help-stores
else details.doc else details.doc
); );

View file

@ -140,16 +140,10 @@ $(d)/xp-features.json: $(doc_nix)
$(d)/src/language/builtins.md: $(d)/language.json $(d)/generate-builtins.nix $(d)/src/language/builtins-prefix.md $(doc_nix) $(d)/src/language/builtins.md: $(d)/language.json $(d)/generate-builtins.nix $(d)/src/language/builtins-prefix.md $(doc_nix)
@cat doc/manual/src/language/builtins-prefix.md > $@.tmp @cat doc/manual/src/language/builtins-prefix.md > $@.tmp
$(trace-gen) $(nix-eval) --expr 'import doc/manual/generate-builtins.nix (builtins.fromJSON (builtins.readFile $<)).builtins' >> $@.tmp; $(trace-gen) $(nix-eval) --expr 'import doc/manual/generate-builtins.nix (builtins.fromJSON (builtins.readFile $<))' >> $@.tmp;
@cat doc/manual/src/language/builtins-suffix.md >> $@.tmp @cat doc/manual/src/language/builtins-suffix.md >> $@.tmp
@mv $@.tmp $@ @mv $@.tmp $@
$(d)/src/language/builtin-constants.md: $(d)/language.json $(d)/generate-builtin-constants.nix $(d)/src/language/builtin-constants-prefix.md $(doc_nix)
@cat doc/manual/src/language/builtin-constants-prefix.md > $@.tmp
$(trace-gen) $(nix-eval) --expr 'import doc/manual/generate-builtin-constants.nix (builtins.fromJSON (builtins.readFile $<)).constants' >> $@.tmp;
@cat doc/manual/src/language/builtin-constants-suffix.md >> $@.tmp
@mv $@.tmp $@
$(d)/language.json: $(doc_nix) $(d)/language.json: $(doc_nix)
$(trace-gen) $(dummy-env) $(doc_nix) __dump-language > $@.tmp $(trace-gen) $(dummy-env) $(doc_nix) __dump-language > $@.tmp
@mv $@.tmp $@ @mv $@.tmp $@
@ -217,7 +211,7 @@ doc/manual/generated/man1/nix3-manpages: $(d)/src/command-ref/new-cli
# `@docroot@` is to be preserved for documenting the mechanism # `@docroot@` is to be preserved for documenting the mechanism
# FIXME: maybe contributing guides should live right next to the code # FIXME: maybe contributing guides should live right next to the code
# instead of in the manual # instead of in the manual
$(docdir)/manual/index.html: $(MANUAL_SRCS) $(d)/book.toml $(d)/anchors.jq $(d)/custom.css $(d)/src/SUMMARY.md $(d)/src/store/types $(d)/src/command-ref/new-cli $(d)/src/contributing/experimental-feature-descriptions.md $(d)/src/command-ref/conf-file.md $(d)/src/language/builtins.md $(d)/src/language/builtin-constants.md $(d)/src/release-notes/rl-next.md $(d)/src/figures $(d)/src/favicon.png $(d)/src/favicon.svg $(docdir)/manual/index.html: $(MANUAL_SRCS) $(d)/book.toml $(d)/anchors.jq $(d)/custom.css $(d)/src/SUMMARY.md $(d)/src/store/types $(d)/src/command-ref/new-cli $(d)/src/contributing/experimental-feature-descriptions.md $(d)/src/command-ref/conf-file.md $(d)/src/language/builtins.md $(d)/src/release-notes/rl-next.md $(d)/src/figures $(d)/src/favicon.png $(d)/src/favicon.svg
$(trace-gen) \ $(trace-gen) \
tmp="$$(mktemp -d)"; \ tmp="$$(mktemp -d)"; \
cp -r doc/manual "$$tmp"; \ cp -r doc/manual "$$tmp"; \

View file

@ -1,7 +1,7 @@
// redirect rules for URL fragments (client-side) to prevent link rot. // redirect rules for URL fragments (client-side) to prevent link rot.
// this must be done on the client side, as web servers do not see the fragment part of the URL. // this must be done on the client side, as web servers do not see the fragment part of the URL.
// it will only work with JavaScript enabled in the browser, but this is the best we can do here. // it will only work with JavaScript enabled in the browser, but this is the best we can do here.
// see ./_redirects for path redirects (client-side) // see src/_redirects for path redirects (server-side)
// redirects are declared as follows: // redirects are declared as follows:
// each entry has as its key a path matching the requested URL path, relative to the mdBook document root. // each entry has as its key a path matching the requested URL path, relative to the mdBook document root.
@ -238,12 +238,12 @@ const redirects = {
"attr-system": "language/derivations.html#attr-system", "attr-system": "language/derivations.html#attr-system",
"ssec-derivation": "language/derivations.html", "ssec-derivation": "language/derivations.html",
"ch-expression-language": "language/index.html", "ch-expression-language": "language/index.html",
"sec-constructs": "language/constructs.html", "sec-constructs": "language/syntax.html",
"sect-let-language": "language/constructs.html#let-language", "sect-let-language": "language/syntax.html#let-expressions",
"ss-functions": "language/constructs.html#functions", "ss-functions": "language/syntax.html#functions",
"sec-language-operators": "language/operators.html", "sec-language-operators": "language/operators.html",
"table-operators": "language/operators.html", "table-operators": "language/operators.html",
"ssec-values": "language/values.html", "ssec-values": "language/types.html",
"gloss-closure": "glossary.html#gloss-closure", "gloss-closure": "glossary.html#gloss-closure",
"gloss-derivation": "glossary.html#gloss-derivation", "gloss-derivation": "glossary.html#gloss-derivation",
"gloss-deriver": "glossary.html#gloss-deriver", "gloss-deriver": "glossary.html#gloss-deriver",
@ -285,15 +285,15 @@ const redirects = {
"ch-basic-package-mgmt": "package-management/basic-package-mgmt.html", "ch-basic-package-mgmt": "package-management/basic-package-mgmt.html",
"ssec-binary-cache-substituter": "package-management/binary-cache-substituter.html", "ssec-binary-cache-substituter": "package-management/binary-cache-substituter.html",
"sec-channels": "command-ref/nix-channel.html", "sec-channels": "command-ref/nix-channel.html",
"ssec-copy-closure": "package-management/copy-closure.html", "ssec-copy-closure": "command-ref/nix-copy-closure.html",
"sec-garbage-collection": "package-management/garbage-collection.html", "sec-garbage-collection": "package-management/garbage-collection.html",
"ssec-gc-roots": "package-management/garbage-collector-roots.html", "ssec-gc-roots": "package-management/garbage-collector-roots.html",
"chap-package-management": "package-management/index.html", "chap-package-management": "package-management/index.html",
"sec-profiles": "package-management/profiles.html", "sec-profiles": "package-management/profiles.html",
"ssec-s3-substituter": "package-management/s3-substituter.html", "ssec-s3-substituter": "store/types/s3-substituter.html",
"ssec-s3-substituter-anonymous-reads": "package-management/s3-substituter.html#anonymous-reads-to-your-s3-compatible-binary-cache", "ssec-s3-substituter-anonymous-reads": "store/types/s3-substituter.html#anonymous-reads-to-your-s3-compatible-binary-cache",
"ssec-s3-substituter-authenticated-reads": "package-management/s3-substituter.html#authenticated-reads-to-your-s3-binary-cache", "ssec-s3-substituter-authenticated-reads": "store/types/s3-substituter.html#authenticated-reads-to-your-s3-binary-cache",
"ssec-s3-substituter-authenticated-writes": "package-management/s3-substituter.html#authenticated-writes-to-your-s3-compatible-binary-cache", "ssec-s3-substituter-authenticated-writes": "store/types/s3-substituter.html#authenticated-writes-to-your-s3-compatible-binary-cache",
"sec-sharing-packages": "package-management/sharing-packages.html", "sec-sharing-packages": "package-management/sharing-packages.html",
"ssec-ssh-substituter": "package-management/ssh-substituter.html", "ssec-ssh-substituter": "package-management/ssh-substituter.html",
"chap-quick-start": "quick-start.html", "chap-quick-start": "quick-start.html",
@ -335,11 +335,15 @@ const redirects = {
"ssec-relnotes-2.2": "release-notes/rl-2.2.html", "ssec-relnotes-2.2": "release-notes/rl-2.2.html",
"ssec-relnotes-2.3": "release-notes/rl-2.3.html", "ssec-relnotes-2.3": "release-notes/rl-2.3.html",
}, },
"language/values.html": { "language/types.html": {
"simple-values": "#primitives", "simple-values": "#primitives",
"lists": "#list", "lists": "#list",
"strings": "#string", "strings": "#string",
"attribute-sets": "#attribute-set", "attribute-sets": "#attribute-set",
"type-number": "#type-int",
},
"language/syntax.html": {
"scoping-rules": "scoping.html",
}, },
"installation/installing-binary.html": { "installation/installing-binary.html": {
"linux": "uninstall.html#linux", "linux": "uninstall.html#linux",

View file

@ -0,0 +1,6 @@
---
synopsis: Stop vendoring toml11
---
We don't apply any patches to it, and vendoring it locks users into
bugs (it hasn't been updated since its introduction in late 2021).

View file

@ -0,0 +1,7 @@
---
synopsis: Harden the user sandboxing
significance: significant
issues:
---
The build directory has been hardened against interference with the outside world by nesting it inside another directory owned by (and only readable by) the daemon user.

View file

@ -1,13 +0,0 @@
---
synopsis: "`nix eval` prints derivations as `.drv` paths"
prs: 10200
---
`nix eval` will now print derivations as their `.drv` paths, rather than as
attribute sets. This makes commands like `nix eval nixpkgs#bash` terminate
instead of infinitely looping into recursive self-referential attributes:
```ShellSession
$ nix eval nixpkgs#bash
«derivation /nix/store/m32cbgbd598f4w299g0hwyv7gbw6rqcg-bash-5.2p26.drv»
```

View file

@ -0,0 +1,28 @@
---
synopsis: "`nix-shell <directory>` looks for `shell.nix`"
significance: significant
issues:
- 496
- 2279
- 4529
- 5431
- 11053
prs:
- 11057
---
`nix-shell $x` now looks for `$x/shell.nix` when `$x` resolves to a directory.
Although this might be seen as a breaking change, its primarily interactive usage makes it a minor issue.
This adjustment addresses a commonly reported problem.
This also applies to `nix-shell` shebang scripts. Consider the following example:
```shell
#!/usr/bin/env nix-shell
#!nix-shell -i bash
```
This will now load `shell.nix` from the script's directory, if it exists; `default.nix` otherwise.
The old behavior can be opted into by setting the option [`nix-shell-always-looks-for-shell-nix`](@docroot@/command-ref/conf-file.md#conf-nix-shell-always-looks-for-shell-nix) to `false`.

View file

@ -1,8 +0,0 @@
---
synopsis: Remove experimental repl-flake
significance: significant
issues: 10103
prs: 10299
---
The `repl-flake` experimental feature has been removed. The `nix repl` command now works like the rest of the new CLI in that `nix repl {path}` now tries to load a flake at `{path}` (or fails if the `flakes` experimental feature isn't enabled).*

View file

@ -0,0 +1,53 @@
---
synopsis: "`nix-repl`'s `:doc` shows documentation comments"
significance: significant
issues:
- 3904
- 10771
prs:
- 1652
- 9054
- 11072
---
`nix repl` has a `:doc` command that previously only rendered documentation for internally defined functions.
This feature has been extended to also render function documentation comments, in accordance with [RFC 145].
Example:
```
nix-repl> :doc lib.toFunction
Function toFunction
… defined at /home/user/h/nixpkgs/lib/trivial.nix:1072:5
Turns any non-callable values into constant functions. Returns
callable values as is.
Inputs
v
: Any value
Examples
:::{.example}
## lib.trivial.toFunction usage example
| nix-repl> lib.toFunction 1 2
| 1
|
| nix-repl> lib.toFunction (x: x + 1) 2
| 3
:::
```
Known limitations:
- It does not render documentation for "formals", such as `{ /** the value to return */ x, ... }: x`.
- Some extensions to markdown are not yet supported, as you can see in the example above.
We'd like to acknowledge Yingchi Long for proposing a proof of concept for this functionality in [#9054](https://github.com/NixOS/nix/pull/9054), as well as @sternenseemann and Johannes Kirschbauer for their contributions, proposals, and their work on [RFC 145].
[RFC 145]: https://github.com/NixOS/rfcs/pull/145

View file

@ -0,0 +1,62 @@
---
synopsis: "`nix-shell` shebang uses relative path"
prs:
- 5088
- 11058
issues:
- 4232
---
<!-- unfortunately no link target for the specific syntax -->
Relative [path](@docroot@/language/values.md#type-path) literals in `nix-shell` shebang scripts' options are now resolved relative to the [script's location](@docroot@/glossary?highlight=base%20directory#gloss-base-directory).
Previously they were resolved relative to the current working directory.
For example, consider the following script in `~/myproject/say-hi`:
```shell
#!/usr/bin/env nix-shell
#!nix-shell --expr 'import ./shell.nix'
#!nix-shell --arg toolset './greeting-tools.nix'
#!nix-shell -i bash
hello
```
Older versions of `nix-shell` would resolve `shell.nix` relative to the current working directory; home in this example:
```console
[hostname:~]$ ./myproject/say-hi
error:
… while calling the 'import' builtin
at «string»:1:2:
1| (import ./shell.nix)
| ^
error: path '/home/user/shell.nix' does not exist
```
Since this release, `nix-shell` resolves `shell.nix` relative to the script's location, and `~/myproject/shell.nix` is used.
```console
$ ./myproject/say-hi
Hello, world!
```
**Opt-out**
This is technically a breaking change, so we have added an option so you can adapt independently of your Nix update.
The old behavior can be opted into by setting the option [`nix-shell-shebang-arguments-relative-to-script`](@docroot@/command-ref/conf-file.md#conf-nix-shell-shebang-arguments-relative-to-script) to `false`.
This option will be removed in a future release.
**`nix` command shebang**
The experimental [`nix` command shebang](@docroot@/command-ref/new-cli/nix.md?highlight=shebang#shebang-interpreter) already behaves in this script-relative manner.
Example:
```shell
#!/usr/bin/env nix
#!nix develop
#!nix --expr ``import ./shell.nix``
#!nix -c bash
hello
```

View file

@ -18,21 +18,24 @@
- [Uninstalling Nix](installation/uninstall.md) - [Uninstalling Nix](installation/uninstall.md)
- [Nix Store](store/index.md) - [Nix Store](store/index.md)
- [File System Object](store/file-system-object.md) - [File System Object](store/file-system-object.md)
- [Content-Addressing File System Objects](store/file-system-object/content-address.md)
- [Store Object](store/store-object.md) - [Store Object](store/store-object.md)
- [Content-Addressing Store Objects](store/store-object/content-address.md)
- [Store Path](store/store-path.md) - [Store Path](store/store-path.md)
- [Store Types](store/types/index.md) - [Store Types](store/types/index.md)
{{#include ./store/types/SUMMARY.md}} {{#include ./store/types/SUMMARY.md}}
- [Nix Language](language/index.md) - [Nix Language](language/index.md)
- [Data Types](language/values.md) - [Data Types](language/types.md)
- [Language Constructs](language/constructs.md) - [String context](language/string-context.md)
- [Syntax and semantics](language/syntax.md)
- [Scoping rules](language/scope.md)
- [String interpolation](language/string-interpolation.md) - [String interpolation](language/string-interpolation.md)
- [Lookup path](language/constructs/lookup-path.md) - [Lookup path](language/constructs/lookup-path.md)
- [Operators](language/operators.md) - [Operators](language/operators.md)
- [Built-ins](language/builtins.md)
- [Derivations](language/derivations.md) - [Derivations](language/derivations.md)
- [Advanced Attributes](language/advanced-attributes.md) - [Advanced Attributes](language/advanced-attributes.md)
- [Import From Derivation](language/import-from-derivation.md) - [Import From Derivation](language/import-from-derivation.md)
- [Built-in Constants](language/builtin-constants.md)
- [Built-in Functions](language/builtins.md)
- [Package Management](package-management/index.md) - [Package Management](package-management/index.md)
- [Profiles](package-management/profiles.md) - [Profiles](package-management/profiles.md)
- [Garbage Collection](package-management/garbage-collection.md) - [Garbage Collection](package-management/garbage-collection.md)
@ -40,9 +43,7 @@
- [Advanced Topics](advanced-topics/index.md) - [Advanced Topics](advanced-topics/index.md)
- [Sharing Packages Between Machines](package-management/sharing-packages.md) - [Sharing Packages Between Machines](package-management/sharing-packages.md)
- [Serving a Nix store via HTTP](package-management/binary-cache-substituter.md) - [Serving a Nix store via HTTP](package-management/binary-cache-substituter.md)
- [Copying Closures via SSH](package-management/copy-closure.md)
- [Serving a Nix store via SSH](package-management/ssh-substituter.md) - [Serving a Nix store via SSH](package-management/ssh-substituter.md)
- [Serving a Nix store via S3](package-management/s3-substituter.md)
- [Remote Builds](advanced-topics/distributed-builds.md) - [Remote Builds](advanced-topics/distributed-builds.md)
- [Tuning Cores and Jobs](advanced-topics/cores-vs-jobs.md) - [Tuning Cores and Jobs](advanced-topics/cores-vs-jobs.md)
- [Verifying Build Reproducibility](advanced-topics/diff-hook.md) - [Verifying Build Reproducibility](advanced-topics/diff-hook.md)
@ -112,6 +113,7 @@
- [Store Path Specification](protocols/store-path.md) - [Store Path Specification](protocols/store-path.md)
- [Nix Archive (NAR) Format](protocols/nix-archive.md) - [Nix Archive (NAR) Format](protocols/nix-archive.md)
- [Derivation "ATerm" file format](protocols/derivation-aterm.md) - [Derivation "ATerm" file format](protocols/derivation-aterm.md)
- [C API](c-api.md)
- [Glossary](glossary.md) - [Glossary](glossary.md)
- [Contributing](contributing/index.md) - [Contributing](contributing/index.md)
- [Hacking](contributing/hacking.md) - [Hacking](contributing/hacking.md)
@ -119,9 +121,12 @@
- [Documentation](contributing/documentation.md) - [Documentation](contributing/documentation.md)
- [Experimental Features](contributing/experimental-features.md) - [Experimental Features](contributing/experimental-features.md)
- [CLI guideline](contributing/cli-guideline.md) - [CLI guideline](contributing/cli-guideline.md)
- [JSON guideline](contributing/json-guideline.md)
- [C++ style guide](contributing/cxx.md) - [C++ style guide](contributing/cxx.md)
- [Releases](release-notes/index.md) - [Releases](release-notes/index.md)
{{#include ./SUMMARY-rl-next.md}} {{#include ./SUMMARY-rl-next.md}}
- [Release 2.23 (2024-06-03)](release-notes/rl-2.23.md)
- [Release 2.22 (2024-04-23)](release-notes/rl-2.22.md)
- [Release 2.21 (2024-03-11)](release-notes/rl-2.21.md) - [Release 2.21 (2024-03-11)](release-notes/rl-2.21.md)
- [Release 2.20 (2024-01-29)](release-notes/rl-2.20.md) - [Release 2.20 (2024-01-29)](release-notes/rl-2.20.md)
- [Release 2.19 (2023-11-17)](release-notes/rl-2.19.md) - [Release 2.19 (2023-11-17)](release-notes/rl-2.19.md)

View file

@ -1,5 +1,5 @@
# redirect rules for paths (server-side) to prevent link rot. # redirect rules for paths (server-side) to prevent link rot.
# see ./redirects.js for redirects based on URL fragments (client-side) # see ../redirects.js for redirects based on URL fragments (client-side)
# #
# concrete user story this supports: # concrete user story this supports:
# - user finds URL to the manual for Nix x.y # - user finds URL to the manual for Nix x.y
@ -27,6 +27,9 @@
/expressions/language-operators /language/operators 301! /expressions/language-operators /language/operators 301!
/expressions/language-values /language/values 301! /expressions/language-values /language/values 301!
/expressions/* /language/:splat 301! /expressions/* /language/:splat 301!
/language/values /language/types 301!
/language/constructs /language/syntax 301!
/language/builtin-constants /language/builtins 301!
/installation/installation /installation 301! /installation/installation /installation 301!
@ -39,3 +42,5 @@
/json/* /protocols/json/:splat 301! /json/* /protocols/json/:splat 301!
/release-notes/release-notes /release-notes 301! /release-notes/release-notes /release-notes 301!
/package-management/copy-closure /command-ref/nix-copy-closure 301!

View file

@ -12,14 +12,14 @@ machine is accessible via SSH and that it has Nix installed. You can
test whether connecting to the remote Nix instance works, e.g. test whether connecting to the remote Nix instance works, e.g.
```console ```console
$ nix store info --store ssh://mac $ nix store ping --store ssh://mac
``` ```
will try to connect to the machine named `mac`. It is possible to will try to connect to the machine named `mac`. It is possible to
specify an SSH identity file as part of the remote store URI, e.g. specify an SSH identity file as part of the remote store URI, e.g.
```console ```console
$ nix store info --store ssh://mac?ssh-key=/home/alice/my-key $ nix store ping --store ssh://mac?ssh-key=/home/alice/my-key
``` ```
Since builds should be non-interactive, the key should not have a Since builds should be non-interactive, the key should not have a

16
doc/manual/src/c-api.md Normal file
View file

@ -0,0 +1,16 @@
# C API
Nix provides a C API with the intent of [_becoming_](https://github.com/NixOS/nix/milestone/52) a stable API, which it is currently not.
It is in development.
See:
- C API documentation for a recent build of master
- [Getting Started]
- [Index]
- [Matrix Room *Nix Bindings*](https://matrix.to/#/#nix-bindings:nixos.org) for discussion and questions.
- [Stabilisation Milestone](https://github.com/NixOS/nix/milestone/52)
- [Other C API PRs and issues](https://github.com/NixOS/nix/labels/c%20api)
- [Contributing C API Documentation](contributing/documentation.md#c-api-documentation), including how to build it locally.
[Getting Started]: https://hydra.nixos.org/job/nix/master/external-api-docs/latest/download-by-type/doc/external-api-docs
[Index]: https://hydra.nixos.org/job/nix/master/external-api-docs/latest/download-by-type/doc/external-api-docs/globals.html

View file

@ -66,5 +66,12 @@ Configuration options can be set on the command line, overriding the values set
The `extra-` prefix is supported for settings that take a list of items (e.g. `--extra-trusted users alice` or `--option extra-trusted-users alice`). The `extra-` prefix is supported for settings that take a list of items (e.g. `--extra-trusted users alice` or `--option extra-trusted-users alice`).
## Integer settings
Settings that have an integer type support the suffixes `K`, `M`, `G`
and `T`. These cause the specified value to be multiplied by 2^10,
2^20, 2^30 and 2^40, respectively. For instance, `--min-free 1M` is
equivalent to `--min-free 1048576`.
# Available settings # Available settings

View file

@ -10,7 +10,7 @@ Most Nix commands interpret the following environment variables:
- <span id="env-NIX_PATH">[`NIX_PATH`](#env-NIX_PATH)</span> - <span id="env-NIX_PATH">[`NIX_PATH`](#env-NIX_PATH)</span>
A colon-separated list of directories used to look up the location of Nix A colon-separated list of directories used to look up the location of Nix
expressions using [paths](@docroot@/language/values.md#type-path) expressions using [paths](@docroot@/language/types.md#type-path)
enclosed in angle brackets (i.e., `<path>`), enclosed in angle brackets (i.e., `<path>`),
e.g. `/home/eelco/Dev:/etc/nixos`. It can be extended using the e.g. `/home/eelco/Dev:/etc/nixos`. It can be extended using the
[`-I` option](@docroot@/command-ref/opt-common.md#opt-I). [`-I` option](@docroot@/command-ref/opt-common.md#opt-I).

View file

@ -55,17 +55,17 @@ All options not listed here are passed to
[`nix-store --realise`](nix-store/realise.md), [`nix-store --realise`](nix-store/realise.md),
except for `--arg` and `--attr` / `-A` which are passed to [`nix-instantiate`](nix-instantiate.md). except for `--arg` and `--attr` / `-A` which are passed to [`nix-instantiate`](nix-instantiate.md).
- <span id="opt-no-out-link">[`--no-out-link`](#opt-no-out-link)<span> - <span id="opt-no-out-link">[`--no-out-link`](#opt-no-out-link)<span>
Do not create a symlink to the output path. Note that as a result Do not create a symlink to the output path. Note that as a result
the output does not become a root of the garbage collector, and so the output does not become a root of the garbage collector, and so
might be deleted by `nix-store --gc`. might be deleted by `nix-store --gc`.
- <span id="opt-dry-run">[`--dry-run`](#opt-dry-run)</span> - <span id="opt-dry-run">[`--dry-run`](#opt-dry-run)</span>
Show what store paths would be built or downloaded. Show what store paths would be built or downloaded.
- <span id="opt-out-link">[`--out-link`](#opt-out-link)</span> / `-o` *outlink* - <span id="opt-out-link">[`--out-link`](#opt-out-link)</span> / `-o` *outlink*
Change the name of the symlink to the output path created from Change the name of the symlink to the output path created from
`result` to *outlink*. `result` to *outlink*.

View file

@ -27,7 +27,8 @@ The moving parts of channels are:
This command has the following operations: This command has the following operations:
- `--add` *url* \[*name*\]\ - `--add` *url* \[*name*\]
Add a channel *name* located at *url* to the list of subscribed channels. Add a channel *name* located at *url* to the list of subscribed channels.
If *name* is omitted, default to the last component of *url*, with the suffixes `-stable` or `-unstable` removed. If *name* is omitted, default to the last component of *url*, with the suffixes `-stable` or `-unstable` removed.
@ -39,17 +40,21 @@ This command has the following operations:
A channel URL must point to a directory containing a file `nixexprs.tar.gz`. A channel URL must point to a directory containing a file `nixexprs.tar.gz`.
At the top level, that tarball must contain a single directory with a `default.nix` file that serves as the channels entry point. At the top level, that tarball must contain a single directory with a `default.nix` file that serves as the channels entry point.
- `--remove` *name*\ - `--remove` *name*
Remove the channel *name* from the list of subscribed channels. Remove the channel *name* from the list of subscribed channels.
- `--list`\ - `--list`
Print the names and URLs of all subscribed channels on standard output. Print the names and URLs of all subscribed channels on standard output.
- `--update` \[*names*…\]\ - `--update` \[*names*…\]
Download the Nix expressions of subscribed channels and create a new generation. Download the Nix expressions of subscribed channels and create a new generation.
Update all channels if none is specified, and only those included in *names* otherwise. Update all channels if none is specified, and only those included in *names* otherwise.
- `--list-generations`\ - `--list-generations`
Prints a list of all the current existing generations for the Prints a list of all the current existing generations for the
channel profile. channel profile.
@ -58,7 +63,8 @@ This command has the following operations:
nix-env --profile /nix/var/nix/profiles/per-user/$USER/channels --list-generations nix-env --profile /nix/var/nix/profiles/per-user/$USER/channels --list-generations
``` ```
- `--rollback` \[*generation*\]\ - `--rollback` \[*generation*\]
Revert channels to the state before the last call to `nix-channel --update`. Revert channels to the state before the last call to `nix-channel --update`.
Optionally, you can specify a specific channel *generation* number to restore. Optionally, you can specify a specific channel *generation* number to restore.

View file

@ -48,12 +48,14 @@ Instead, it looks in a few locations, and acts on all profiles it finds there:
These options are for deleting old [profiles] prior to deleting unreachable [store objects]. These options are for deleting old [profiles] prior to deleting unreachable [store objects].
- <span id="opt-delete-old">[`--delete-old`](#opt-delete-old)</span> / `-d`\ - <span id="opt-delete-old">[`--delete-old`](#opt-delete-old)</span> / `-d`
Delete all old generations of profiles. Delete all old generations of profiles.
This is the equivalent of invoking [`nix-env --delete-generations old`](@docroot@/command-ref/nix-env/delete-generations.md#generations-old) on each found profile. This is the equivalent of invoking [`nix-env --delete-generations old`](@docroot@/command-ref/nix-env/delete-generations.md#generations-old) on each found profile.
- <span id="opt-delete-older-than">[`--delete-older-than`](#opt-delete-older-than)</span> *period*\ - <span id="opt-delete-older-than">[`--delete-older-than`](#opt-delete-older-than)</span> *period*
Delete all generations of profiles older than the specified amount (except for the generations that were active at that point in time). Delete all generations of profiles older than the specified amount (except for the generations that were active at that point in time).
*period* is a value such as `30d`, which would mean 30 days. *period* is a value such as `30d`, which would mean 30 days.
@ -74,4 +76,4 @@ $ nix-collect-garbage -d
``` ```
[profiles]: @docroot@/command-ref/files/profiles.md [profiles]: @docroot@/command-ref/files/profiles.md
[store objects]: @docroot@/glossary.md#gloss-store-object [store objects]: @docroot@/store/store-object.md

View file

@ -1,91 +1,91 @@
# Name # Name
`nix-copy-closure` - copy a closure to or from a remote machine via SSH `nix-copy-closure` - copy store objects to or from a remote machine via SSH
# Synopsis # Synopsis
`nix-copy-closure` `nix-copy-closure`
[`--to` | `--from`] [`--to` | `--from` ]
[`--gzip`] [`--gzip`]
[`--include-outputs`] [`--include-outputs`]
[`--use-substitutes` | `-s`] [`--use-substitutes` | `-s`]
[`-v`] [`-v`]
_user@machine_ _paths_ [_user_@]_machine_[:_port_] _paths_
# Description # Description
`nix-copy-closure` gives you an easy and efficient way to exchange Given _paths_ from one machine, `nix-copy-closure` computes the [closure](@docroot@/glossary.md#gloss-closure) of those paths (i.e. all their dependencies in the Nix store), and copies [store objects](@docroot@/glossary.md#gloss-store-object) in that closure to another machine via SSH.
software between machines. Given one or more Nix store _paths_ on the It doesnt copy store objects that are already present on the other machine.
local machine, `nix-copy-closure` computes the closure of those paths
(i.e. all their dependencies in the Nix store), and copies all paths
in the closure to the remote machine via the `ssh` (Secure Shell)
command. With the `--from` option, the direction is reversed: the
closure of _paths_ on a remote machine is copied to the Nix store on
the local machine.
This command is efficient because it only sends the store paths > **Note**
that are missing on the target machine. >
> While the Nix store to use on the local machine can be specified on the command line with the [`--store`](@docroot@/command-ref/conf-file.md#conf-store) option, the Nix store to be accessed on the remote machine can only be [configured statically](@docroot@/command-ref/conf-file.md#configuration-file) on that remote machine.
Since `nix-copy-closure` calls `ssh`, you may be asked to type in the Since `nix-copy-closure` calls `ssh`, you may need to authenticate with the remote machine.
appropriate password or passphrase. In fact, you may be asked _twice_ In fact, you may be asked for authentication _twice_ because `nix-copy-closure` currently connects twice to the remote machine: first to get the set of paths missing on the target machine, and second to send the dump of those paths.
because `nix-copy-closure` currently connects twice to the remote When using public key authentication, you can avoid typing the passphrase with `ssh-agent`.
machine, first to get the set of paths missing on the target machine,
and second to send the dump of those paths. When using public key
authentication, you can avoid typing the passphrase with `ssh-agent`.
# Options # Options
- `--to`\ - `--to`
Copy the closure of _paths_ from the local Nix store to the Nix
store on _machine_. This is the default.
- `--from`\ Copy the closure of _paths_ from a Nix store accessible from the local machine to the Nix store on the remote _machine_.
Copy the closure of _paths_ from the Nix store on _machine_ to the This is the default behavior.
local Nix store.
- `--from`
Copy the closure of _paths_ from the Nix store on the remote _machine_ to the local machine's specified Nix store.
- `--gzip`
- `--gzip`\
Enable compression of the SSH connection. Enable compression of the SSH connection.
- `--include-outputs`\ - `--include-outputs`
Also copy the outputs of [store derivation]s included in the closure. Also copy the outputs of [store derivation]s included in the closure.
[store derivation]: @docroot@/glossary.md#gloss-store-derivation [store derivation]: @docroot@/glossary.md#gloss-store-derivation
- `--use-substitutes` / `-s`\ - `--use-substitutes` / `-s`
Attempt to download missing paths on the target machine using Nixs
substitute mechanism. Any paths that cannot be substituted on the
target are still copied normally from the source. This is useful,
for instance, if the connection between the source and target
machine is slow, but the connection between the target machine and
`nixos.org` (the default binary cache server) is
fast.
- `-v`\ Attempt to download missing store objects on the target from [substituters](@docroot@/command-ref/conf-file.md#conf-substituters).
Show verbose output. Any store objects that cannot be substituted on the target are still copied normally from the source.
This is useful, for instance, if the connection between the source and target machine is slow, but the connection between the target machine and `cache.nixos.org` (the default binary cache server) is fast.
{{#include ./opt-common.md}} {{#include ./opt-common.md}}
# Environment variables # Environment variables
- `NIX_SSHOPTS`\ - `NIX_SSHOPTS`
Additional options to be passed to `ssh` on the command
line. Additional options to be passed to `ssh` on the command line.
{{#include ./env-common.md}} {{#include ./env-common.md}}
# Examples # Examples
Copy Firefox with all its dependencies to a remote machine: > **Example**
>
> Copy GNU Hello with all its dependencies to a remote machine:
>
> ```shell-session
> $ storePath="$(nix-build '<nixpkgs>' -I nixpkgs=channel:nixpkgs-unstable -A hello --no-out-link)"
> $ nix-copy-closure --to alice@itchy.example.org "$storePath"
> copying 5 paths...
> copying path '/nix/store/nrwkk6ak3rgkrxbqhsscb01jpzmslf2r-xgcc-13.2.0-libgcc' to 'ssh://alice@itchy.example.org'...
> copying path '/nix/store/gm61h1y42pqyl6178g90x8zm22n6pyy5-libunistring-1.1' to 'ssh://alice@itchy.example.org'...
> copying path '/nix/store/ddfzjdykw67s20c35i7a6624by3iz5jv-libidn2-2.3.7' to 'ssh://alice@itchy.example.org'...
> copying path '/nix/store/apab5i73dqa09wx0q27b6fbhd1r18ihl-glibc-2.39-31' to 'ssh://alice@itchy.example.org'...
> copying path '/nix/store/g1n2vryg06amvcc1avb2mcq36faly0mh-hello-2.12.1' to 'ssh://alice@itchy.example.org'...
> ```
```console > **Example**
$ nix-copy-closure --to alice@itchy.labs $(type -tP firefox) >
``` > Copy GNU Hello from a remote machine using a known store path, and run it:
>
Copy Subversion from a remote machine and then install it into a user > ```shell-session
environment: > $ storePath="$(nix-instantiate --eval '<nixpkgs>' -I nixpkgs=channel:nixpkgs-unstable -A hello.outPath | tr -d '"')"
> $ nix-copy-closure --from alice@itchy.example.org "$storePath"
```console > $ "$storePath"/bin/hello
$ nix-copy-closure --from alice@itchy.labs \ > Hello, world!
/nix/store/0dj0503hjxy5mbwlafv1rsbdiyx1gkdy-subversion-1.4.4 > ```
$ nix-env --install /nix/store/0dj0503hjxy5mbwlafv1rsbdiyx1gkdy-subversion-1.4.4
```

View file

@ -47,39 +47,83 @@ These pages can be viewed offline:
Example: `nix-env --help --install` Example: `nix-env --help --install`
# Package sources
`nix-env` can obtain packages from multiple sources:
- An attribute set of derivations from:
- The [default Nix expression](@docroot@/command-ref/files/default-nix-expression.md) (by default)
- A Nix file, specified via `--file`
- A [profile](@docroot@/command-ref/files/profiles.md), specified via `--from-profile`
- A Nix expression that is a function which takes default expression as argument, specified via `--from-expression`
- A [store path](@docroot@/store/store-path.md)
# Selectors # Selectors
Several commands, such as `nix-env --query ` and `nix-env --install `, take a list of Several operations, such as [`nix-env --query`](./nix-env/query.md) and [`nix-env --install`](./nix-env/install.md), take a list of *arguments* that specify the packages on which to operate.
arguments that specify the packages on which to operate. These are
extended regular expressions that must match the entire name of the
package. (For details on regular expressions, see **regex**(7).) The match is
case-sensitive. The regular expression can optionally be followed by a
dash and a version number; if omitted, any version of the package will
match. Here are some examples:
- `firefox`\ Packages are identified based on a `name` part and a `version` part of a [symbolic derivation name](@docroot@/language/derivations.md#attr-names):
Matches the package name `firefox` and any version.
- `firefox-32.0`\ - `name`: Everything up to but not including the first dash (`-`) that is *not* followed by a letter.
Matches the package name `firefox` and version `32.0`. - `version`: The rest, excluding the separating dash.
- `gtk\\+`\ > **Example**
Matches the package name `gtk+`. The `+` character must be escaped >
using a backslash to prevent it from being interpreted as a > `nix-env` parses the symbolic derivation name `apache-httpd-2.0.48` as:
quantifier, and the backslash must be escaped in turn with another >
backslash to ensure that the shell passes it on. > ```json
> {
> "name": "apache-httpd",
> "version": "2.0.48"
> }
> ```
- `.\*`\ > **Example**
Matches any package name. This is the default for most commands. >
> `nix-env` parses the symbolic derivation name `firefox.*` as:
>
> ```json
> {
> "name": "firefox.*",
> "version": ""
> }
> ```
- `'.*zip.*'`\ The `name` parts of the *arguments* to `nix-env` are treated as extended regular expressions and matched against the `name` parts of derivation names in the package source.
Matches any package name containing the string `zip`. Note the dots: The match is case-sensitive.
`'*zip*'` does not work, because in a regular expression, the The regular expression can optionally be followed by a dash (`-`) and a version number; if omitted, any version of the package will match.
character `*` is interpreted as a quantifier. For details on regular expressions, see [**regex**(7)](https://linux.die.net/man/7/regex).
- `'.*(firefox|chromium).*'`\ > **Example**
Matches any package name containing the strings `firefox` or >
`chromium`. > Common patterns for finding package names with `nix-env`:
>
> - `firefox`
>
> Matches the package name `firefox` and any version.
>
> - `firefox-32.0`
>
> Matches the package name `firefox` and version `32.0`.
>
> - `gtk\\+`
>
> Matches the package name `gtk+`.
> The `+` character must be escaped using a backslash (`\`) to prevent it from being interpreted as a quantifier, and the backslash must be escaped in turn with another backslash to ensure that the shell passes it on.
>
> - `.\*`
>
> Matches any package name.
> This is the default for most commands.
>
> - `'.*zip.*'`
>
> Matches any package name containing the string `zip`.
> Note the dots: `'*zip*'` does not work, because in a regular expression, the character `*` is interpreted as a quantifier.
>
> - `'.*(firefox|chromium).*'`
>
> Matches any package name containing the strings `firefox` or `chromium`.
# Files # Files

View file

@ -12,7 +12,8 @@ This operation deletes the specified generations of the current profile.
*generations* can be a one of the following: *generations* can be a one of the following:
- <span id="generations-list">[`<number>...`](#generations-list)</span>:\ - <span id="generations-list">[`<number>...`](#generations-list)</span>
A list of generation numbers, each one a separate command-line argument. A list of generation numbers, each one a separate command-line argument.
Delete exactly the profile generations given by their generation number. Delete exactly the profile generations given by their generation number.
@ -30,7 +31,8 @@ This operation deletes the specified generations of the current profile.
> Because one can roll back to a previous generation, it is possible to have generations newer than the current one. > Because one can roll back to a previous generation, it is possible to have generations newer than the current one.
> They will also be deleted. > They will also be deleted.
- <span id="generations-time">[`<number>d`](#generations-time)</span>:\ - <span id="generations-time">[`<number>d`](#generations-time)</span>
The last *number* days The last *number* days
*Example*: `30d` *Example*: `30d`
@ -38,7 +40,8 @@ This operation deletes the specified generations of the current profile.
Delete all generations created more than *number* days ago, except the most recent one of them. Delete all generations created more than *number* days ago, except the most recent one of them.
This allows rolling back to generations that were available within the specified period. This allows rolling back to generations that were available within the specified period.
- <span id="generations-count">[`+<number>`](#generations-count)</span>:\ - <span id="generations-count">[`+<number>`](#generations-count)</span>
The last *number* generations up to the present The last *number* generations up to the present
*Example*: `+5` *Example*: `+5`
@ -49,7 +52,7 @@ Periodically deleting old generations is important to make garbage collection
effective. effective.
The is because profiles are also garbage collection roots — any [store object] reachable from a profile is "alive" and ineligible for deletion. The is because profiles are also garbage collection roots — any [store object] reachable from a profile is "alive" and ineligible for deletion.
[store object]: @docroot@/glossary.md#gloss-store-object [store object]: @docroot@/store/store-object.md
{{#include ./opt-common.md}} {{#include ./opt-common.md}}

View file

@ -1,6 +1,7 @@
# Environment variables # Environment variables
- `NIX_PROFILE`\ - `NIX_PROFILE`
Location of the Nix profile. Defaults to the target of the symlink Location of the Nix profile. Defaults to the target of the symlink
`~/.nix-profile`, if it exists, or `/nix/var/nix/profiles/default` `~/.nix-profile`, if it exists, or `/nix/var/nix/profiles/default`
otherwise. otherwise.

View file

@ -14,15 +14,14 @@
# Description # Description
The install operation creates a new user environment. The `--install` operation creates a new user environment.
It is based on the current generation of the active [profile](@docroot@/command-ref/files/profiles.md), to which a set of [store paths] described by *args* is added. It is based on the current generation of the active [profile](@docroot@/command-ref/files/profiles.md), to which a set of [store paths] described by *args* is added.
[store paths]: @docroot@/glossary.md#gloss-store-path [store paths]: @docroot@/store/store-path.md
The arguments *args* map to store paths in a number of possible ways: The arguments *args* map to store paths in a number of possible ways:
- By default, *args* is a set of [derivation] names denoting derivations in the [default Nix expression].
- By default, *args* is a set of [derivation] names denoting derivations in the [default Nix expression].
These are [realised], and the resulting output paths are installed. These are [realised], and the resulting output paths are installed.
Currently installed derivations with a name equal to the name of a derivation being added are removed unless the option `--preserve-installed` is specified. Currently installed derivations with a name equal to the name of a derivation being added are removed unless the option `--preserve-installed` is specified.
@ -45,28 +44,28 @@ The arguments *args* map to store paths in a number of possible ways:
gcc-3.3.6 gcc-4.1.1` will install both version of GCC (and will gcc-3.3.6 gcc-4.1.1` will install both version of GCC (and will
probably cause a user environment conflict\!). probably cause a user environment conflict\!).
- If [`--attr`](#opt-attr) / `-A` is specified, the arguments are *attribute paths* that select attributes from the [default Nix expression]. - If [`--attr`](#opt-attr) / `-A` is specified, the arguments are *attribute paths* that select attributes from the [default Nix expression].
This is faster than using derivation names and unambiguous. This is faster than using derivation names and unambiguous.
Show the attribute paths of available packages with [`nix-env --query`](./query.md): Show the attribute paths of available packages with [`nix-env --query`](./query.md):
```console ```console
nix-env --query --available --attr-path` nix-env --query --available --attr-path
``` ```
- If `--from-profile` *path* is given, *args* is a set of names - If `--from-profile` *path* is given, *args* is a set of names
denoting installed [store paths] in the profile *path*. This is an denoting installed [store paths] in the profile *path*. This is an
easy way to copy user environment elements from one profile to easy way to copy user environment elements from one profile to
another. another.
- If `--from-expression` is given, *args* are [Nix language functions](@docroot@/language/constructs.md#functions) that are called with the [default Nix expression] as their single argument. - If `--from-expression` is given, *args* are [Nix language functions](@docroot@/language/syntax.md#functions) that are called with the [default Nix expression] as their single argument.
The derivations returned by those function calls are installed. The derivations returned by those function calls are installed.
This allows derivations to be specified in an unambiguous way, which is necessary if there are multiple derivations with the same name. This allows derivations to be specified in an unambiguous way, which is necessary if there are multiple derivations with the same name.
- If *args* are [store derivations](@docroot@/glossary.md#gloss-store-derivation), then these are [realised], and the resulting output paths are installed. - If *args* are [store derivations](@docroot@/glossary.md#gloss-store-derivation), then these are [realised], and the resulting output paths are installed.
- If *args* are [store paths] that are not store derivations, then these are [realised] and installed. - If *args* are [store paths] that are not store derivations, then these are [realised] and installed.
- By default all [outputs](@docroot@/language/derivations.md#attr-outputs) are installed for each [derivation]. - By default all [outputs](@docroot@/language/derivations.md#attr-outputs) are installed for each [derivation].
This can be overridden by adding a `meta.outputsToInstall` attribute on the derivation listing a subset of the output names. This can be overridden by adding a `meta.outputsToInstall` attribute on the derivation listing a subset of the output names.
Example: Example:
@ -120,14 +119,14 @@ The arguments *args* map to store paths in a number of possible ways:
# Options # Options
- `--prebuilt-only` / `-b` - `--prebuilt-only` / `-b`
Use only derivations for which a substitute is registered, i.e., Use only derivations for which a substitute is registered, i.e.,
there is a pre-built binary available that can be downloaded in lieu there is a pre-built binary available that can be downloaded in lieu
of building the derivation. Thus, no packages will be built from of building the derivation. Thus, no packages will be built from
source. source.
- `--preserve-installed` / `-P` - `--preserve-installed` / `-P`
Do not remove derivations with a name matching one of the Do not remove derivations with a name matching one of the
derivations being installed. Usually, trying to have two versions of derivations being installed. Usually, trying to have two versions of
@ -136,7 +135,7 @@ The arguments *args* map to store paths in a number of possible ways:
clashes between the two versions. However, this is not the case for clashes between the two versions. However, this is not the case for
all packages. all packages.
- `--remove-all` / `-r` - `--remove-all` / `-r`
Remove all previously installed packages first. This is equivalent Remove all previously installed packages first. This is equivalent
to running `nix-env --uninstall '.*'` first, except that everything happens to running `nix-env --uninstall '.*'` first, except that everything happens

View file

@ -2,7 +2,8 @@
The following options are allowed for all `nix-env` operations, but may not always have an effect. The following options are allowed for all `nix-env` operations, but may not always have an effect.
- `--file` / `-f` *path*\ - `--file` / `-f` *path*
Specifies the Nix expression (designated below as the *active Nix Specifies the Nix expression (designated below as the *active Nix
expression*) used by the `--install`, `--upgrade`, and `--query expression*) used by the `--install`, `--upgrade`, and `--query
--available` operations to obtain derivations. The default is --available` operations to obtain derivations. The default is
@ -13,13 +14,15 @@ The following options are allowed for all `nix-env` operations, but may not alwa
unpacked to a temporary location. The tarball must include a single unpacked to a temporary location. The tarball must include a single
top-level directory containing at least a file named `default.nix`. top-level directory containing at least a file named `default.nix`.
- `--profile` / `-p` *path*\ - `--profile` / `-p` *path*
Specifies the profile to be used by those operations that operate on Specifies the profile to be used by those operations that operate on
a profile (designated below as the *active profile*). A profile is a a profile (designated below as the *active profile*). A profile is a
sequence of user environments called *generations*, one of which is sequence of user environments called *generations*, one of which is
the *current generation*. the *current generation*.
- `--dry-run`\ - `--dry-run`
For the `--install`, `--upgrade`, `--uninstall`, For the `--install`, `--upgrade`, `--uninstall`,
`--switch-generation`, `--delete-generations` and `--rollback` `--switch-generation`, `--delete-generations` and `--rollback`
operations, this flag will cause `nix-env` to print what *would* be operations, this flag will cause `nix-env` to print what *would* be
@ -29,7 +32,7 @@ The following options are allowed for all `nix-env` operations, but may not alwa
[substituted](@docroot@/glossary.md) (i.e., downloaded) and which paths [substituted](@docroot@/glossary.md) (i.e., downloaded) and which paths
will be built from source (because no substitute is available). will be built from source (because no substitute is available).
- `--system-filter` *system*\ - `--system-filter` *system*
By default, operations such as `--query
--available` show derivations matching any platform. This option By default, operations such as `--query --available` show derivations matching any platform. This option
allows you to use derivations for the specified platform *system*. allows you to use derivations for the specified platform *system*.

View file

@ -35,11 +35,13 @@ The derivations are sorted by their `name` attributes.
The following flags specify the set of things on which the query The following flags specify the set of things on which the query
operates. operates.
- `--installed`\ - `--installed`
The query operates on the store paths that are installed in the The query operates on the store paths that are installed in the
current generation of the active profile. This is the default. current generation of the active profile. This is the default.
- `--available`; `-a`\ - `--available` / `-a`
The query operates on the derivations that are available in the The query operates on the derivations that are available in the
active Nix expression. active Nix expression.
@ -50,24 +52,28 @@ selected derivations. Multiple flags may be specified, in which case the
information is shown in the order given here. Note that the name of the information is shown in the order given here. Note that the name of the
derivation is shown unless `--no-name` is specified. derivation is shown unless `--no-name` is specified.
- `--xml`\ - `--xml`
Print the result in an XML representation suitable for automatic Print the result in an XML representation suitable for automatic
processing by other tools. The root element is called `items`, which processing by other tools. The root element is called `items`, which
contains a `item` element for each available or installed contains a `item` element for each available or installed
derivation. The fields discussed below are all stored in attributes derivation. The fields discussed below are all stored in attributes
of the `item` elements. of the `item` elements.
- `--json`\ - `--json`
Print the result in a JSON representation suitable for automatic Print the result in a JSON representation suitable for automatic
processing by other tools. processing by other tools.
- `--prebuilt-only` / `-b`\ - `--prebuilt-only` / `-b`
Show only derivations for which a substitute is registered, i.e., Show only derivations for which a substitute is registered, i.e.,
there is a pre-built binary available that can be downloaded in lieu there is a pre-built binary available that can be downloaded in lieu
of building the derivation. Thus, this shows all packages that of building the derivation. Thus, this shows all packages that
probably can be installed quickly. probably can be installed quickly.
- `--status`; `-s`\ - `--status` / `-s`
Print the *status* of the derivation. The status consists of three Print the *status* of the derivation. The status consists of three
characters. The first is `I` or `-`, indicating whether the characters. The first is `I` or `-`, indicating whether the
derivation is currently installed in the current generation of the derivation is currently installed in the current generation of the
@ -78,49 +84,61 @@ derivation is shown unless `--no-name` is specified.
derivation to be built. The third is `S` or `-`, indicating whether derivation to be built. The third is `S` or `-`, indicating whether
a substitute is available for the derivation. a substitute is available for the derivation.
- `--attr-path`; `-P`\ - `--attr-path` / `-P`
Print the *attribute path* of the derivation, which can be used to Print the *attribute path* of the derivation, which can be used to
unambiguously select it using the `--attr` option available in unambiguously select it using the `--attr` option available in
commands that install derivations like `nix-env --install`. This commands that install derivations like `nix-env --install`. This
option only works together with `--available` option only works together with `--available`
- `--no-name`\ - `--no-name`
Suppress printing of the `name` attribute of each derivation. Suppress printing of the `name` attribute of each derivation.
- `--compare-versions` / `-c`\ - `--compare-versions` / `-c`
Compare installed versions to available versions, or vice versa (if Compare installed versions to available versions, or vice versa (if
`--available` is given). This is useful for quickly seeing whether `--available` is given). This is useful for quickly seeing whether
upgrades for installed packages are available in a Nix expression. A upgrades for installed packages are available in a Nix expression. A
column is added with the following meaning: column is added with the following meaning:
- `<` *version*\ - `<` *version*
A newer version of the package is available or installed. A newer version of the package is available or installed.
- `=` *version*\ - `=` *version*
At most the same version of the package is available or At most the same version of the package is available or
installed. installed.
- `>` *version*\ - `>` *version*
Only older versions of the package are available or installed. Only older versions of the package are available or installed.
- `- ?`\ - `- ?`
No version of the package is available or installed. No version of the package is available or installed.
- `--system`\ - `--system`
Print the `system` attribute of the derivation. Print the `system` attribute of the derivation.
- `--drv-path`\ - `--drv-path`
Print the path of the [store derivation](@docroot@/glossary.md#gloss-store-derivation). Print the path of the [store derivation](@docroot@/glossary.md#gloss-store-derivation).
- `--out-path`\ - `--out-path`
Print the output path of the derivation. Print the output path of the derivation.
- `--description`\ - `--description`
Print a short (one-line) description of the derivation, if Print a short (one-line) description of the derivation, if
available. The description is taken from the `meta.description` available. The description is taken from the `meta.description`
attribute of the derivation. attribute of the derivation.
- `--meta`\ - `--meta`
Print all of the meta-attributes of the derivation. This option is Print all of the meta-attributes of the derivation. This option is
only available with `--xml` or `--json`. only available with `--xml` or `--json`.

View file

@ -13,7 +13,7 @@ to be modified. There are several attributes that can be usefully
modified, because they affect the behaviour of `nix-env` or the user modified, because they affect the behaviour of `nix-env` or the user
environment build script: environment build script:
- `priority` can be changed to resolve filename clashes. The user - `priority` can be changed to resolve filename clashes. The user
environment build script uses the `meta.priority` attribute of environment build script uses the `meta.priority` attribute of
derivations to resolve filename collisions between packages. Lower derivations to resolve filename collisions between packages. Lower
priority values denote a higher priority. For instance, the GCC priority values denote a higher priority. For instance, the GCC
@ -23,11 +23,11 @@ environment build script:
priority than Binutils, so the formers `bin/ld` is symlinked in the priority than Binutils, so the formers `bin/ld` is symlinked in the
user environment. user environment.
- `keep` can be set to `true` to prevent the package from being - `keep` can be set to `true` to prevent the package from being
upgraded or replaced. This is useful if you want to hang on to an upgraded or replaced. This is useful if you want to hang on to an
older version of a package. older version of a package.
- `active` can be set to `false` to “disable” the package. That is, no - `active` can be set to `false` to “disable” the package. That is, no
symlinks will be generated to the files of the package, but it symlinks will be generated to the files of the package, but it
remains part of the profile (so it wont be garbage-collected). It remains part of the profile (so it wont be garbage-collected). It
can be set back to `true` to re-enable the package. can be set back to `true` to re-enable the package.

View file

@ -28,36 +28,42 @@ version is installed.
# Flags # Flags
- `--lt`\ - `--lt`
Only upgrade a derivation to newer versions. This is the default. Only upgrade a derivation to newer versions. This is the default.
- `--leq`\ - `--leq`
In addition to upgrading to newer versions, also “upgrade” to In addition to upgrading to newer versions, also “upgrade” to
derivations that have the same version. Version are not a unique derivations that have the same version. Version are not a unique
identification of a derivation, so there may be many derivations identification of a derivation, so there may be many derivations
that have the same version. This flag may be useful to force that have the same version. This flag may be useful to force
“synchronisation” between the installed and available derivations. “synchronisation” between the installed and available derivations.
- `--eq`\ - `--eq`
*Only* “upgrade” to derivations that have the same version. This may *Only* “upgrade” to derivations that have the same version. This may
not seem very useful, but it actually is, e.g., when there is a new not seem very useful, but it actually is, e.g., when there is a new
release of Nixpkgs and you want to replace installed applications release of Nixpkgs and you want to replace installed applications
with the same versions built against newer dependencies (to reduce with the same versions built against newer dependencies (to reduce
the number of dependencies floating around on your system). the number of dependencies floating around on your system).
- `--always`\ - `--always`
In addition to upgrading to newer versions, also “upgrade” to In addition to upgrading to newer versions, also “upgrade” to
derivations that have the same or a lower version. I.e., derivations derivations that have the same or a lower version. I.e., derivations
may actually be downgraded depending on what is available in the may actually be downgraded depending on what is available in the
active Nix expression. active Nix expression.
- `--prebuilt-only` / `-b`\ - `--prebuilt-only` / `-b`
Use only derivations for which a substitute is registered, i.e., Use only derivations for which a substitute is registered, i.e.,
there is a pre-built binary available that can be downloaded in lieu there is a pre-built binary available that can be downloaded in lieu
of building the derivation. Thus, no packages will be built from of building the derivation. Thus, no packages will be built from
source. source.
- `--preserve-installed` / `-P`\ - `--preserve-installed` / `-P`
Do not remove derivations with a name matching one of the Do not remove derivations with a name matching one of the
derivations being installed. Usually, trying to have two versions of derivations being installed. Usually, trying to have two versions of
the same package installed in the same generation of a profile will the same package installed in the same generation of a profile will

View file

@ -20,56 +20,72 @@ an example.
The hash is computed over a *serialisation* of each path: a dump of The hash is computed over a *serialisation* of each path: a dump of
the file system tree rooted at the path. This allows directories and the file system tree rooted at the path. This allows directories and
symlinks to be hashed as well as regular files. The dump is in the symlinks to be hashed as well as regular files. The dump is in the
*NAR format* produced by [`nix-store *[Nix Archive (NAR)][Nix Archive] format* produced by [`nix-store
--dump`](@docroot@/command-ref/nix-store/dump.md). Thus, `nix-hash path` --dump`](@docroot@/command-ref/nix-store/dump.md). Thus, `nix-hash path`
yields the same cryptographic hash as `nix-store --dump path | yields the same cryptographic hash as `nix-store --dump path |
md5sum`. md5sum`.
[Nix Archive]: @docroot@/store/file-system-object/content-address.md#serial-nix-archive
# Options # Options
- `--flat`\ - `--flat`
Print the cryptographic hash of the contents of each regular file
*path*. That is, do not compute the hash over the dump of *path*. Print the cryptographic hash of the contents of each regular file *path*.
That is, instead of computing
the hash of the [Nix Archive (NAR)](@docroot@/store/file-system-object/content-address.md#serial-nix-archive) of *path*,
just [directly hash]((@docroot@/store/file-system-object/content-address.md#serial-flat) *path* as is.
This requires *path* to resolve to a regular file rather than directory.
The result is identical to that produced by the GNU commands The result is identical to that produced by the GNU commands
`md5sum` and `sha1sum`. `md5sum` and `sha1sum`.
- `--base16`\ - `--base16`
Print the hash in a hexadecimal representation (default). Print the hash in a hexadecimal representation (default).
- `--base32`\ - `--base32`
Print the hash in a base-32 representation rather than hexadecimal. Print the hash in a base-32 representation rather than hexadecimal.
This base-32 representation is more compact and can be used in Nix This base-32 representation is more compact and can be used in Nix
expressions (such as in calls to `fetchurl`). expressions (such as in calls to `fetchurl`).
- `--base64`\ - `--base64`
Similar to --base32, but print the hash in a base-64 representation, Similar to --base32, but print the hash in a base-64 representation,
which is more compact than the base-32 one. which is more compact than the base-32 one.
- `--sri`\ - `--sri`
Print the hash in SRI format with base-64 encoding. Print the hash in SRI format with base-64 encoding.
The type of hash algorithm will be prepended to the hash string, The type of hash algorithm will be prepended to the hash string,
followed by a hyphen (-) and the base-64 hash body. followed by a hyphen (-) and the base-64 hash body.
- `--truncate`\ - `--truncate`
Truncate hashes longer than 160 bits (such as SHA-256) to 160 bits. Truncate hashes longer than 160 bits (such as SHA-256) to 160 bits.
- `--type` *hashAlgo*\ - `--type` *hashAlgo*
Use the specified cryptographic hash algorithm, which can be one of Use the specified cryptographic hash algorithm, which can be one of
`md5`, `sha1`, `sha256`, and `sha512`. `md5`, `sha1`, `sha256`, and `sha512`.
- `--to-base16`\ - `--to-base16`
Dont hash anything, but convert the base-32 hash representation Dont hash anything, but convert the base-32 hash representation
*hash* to hexadecimal. *hash* to hexadecimal.
- `--to-base32`\ - `--to-base32`
Dont hash anything, but convert the hexadecimal hash representation Dont hash anything, but convert the hexadecimal hash representation
*hash* to base-32. *hash* to base-32.
- `--to-base64`\ - `--to-base64`
Dont hash anything, but convert the hexadecimal hash representation Dont hash anything, but convert the hexadecimal hash representation
*hash* to base-64. *hash* to base-64.
- `--to-sri`\ - `--to-sri`
Dont hash anything, but convert the hexadecimal hash representation Dont hash anything, but convert the hexadecimal hash representation
*hash* to SRI. *hash* to SRI.

View file

@ -30,14 +30,17 @@ standard input.
# Options # Options
- `--add-root` *path*\ - `--add-root` *path*
See the [corresponding option](nix-store.md) in `nix-store`. See the [corresponding option](nix-store.md) in `nix-store`.
- `--parse`\ - `--parse`
Just parse the input files, and print their abstract syntax trees on Just parse the input files, and print their abstract syntax trees on
standard output as a Nix expression. standard output as a Nix expression.
- `--eval`\ - `--eval`
Just parse and evaluate the input files, and print the resulting Just parse and evaluate the input files, and print the resulting
values on standard output. No instantiation of store derivations values on standard output. No instantiation of store derivations
takes place. takes place.
@ -80,14 +83,16 @@ standard input.
> </expr> > </expr>
> ``` > ```
- `--find-file`\ - `--find-file`
Look up the given files in Nixs search path (as specified by the Look up the given files in Nixs search path (as specified by the
`NIX_PATH` environment variable). If found, print the corresponding `NIX_PATH` environment variable). If found, print the corresponding
absolute paths on standard output. For instance, if `NIX_PATH` is absolute paths on standard output. For instance, if `NIX_PATH` is
`nixpkgs=/home/alice/nixpkgs`, then `nix-instantiate --find-file `nixpkgs=/home/alice/nixpkgs`, then `nix-instantiate --find-file
nixpkgs/default.nix` will print `/home/alice/nixpkgs/default.nix`. nixpkgs/default.nix` will print `/home/alice/nixpkgs/default.nix`.
- `--strict`\ - `--strict`
When used with `--eval`, recursively evaluate list elements and When used with `--eval`, recursively evaluate list elements and
attributes. Normally, such sub-expressions are left unevaluated attributes. Normally, such sub-expressions are left unevaluated
(since the Nix language is lazy). (since the Nix language is lazy).
@ -97,17 +102,20 @@ standard input.
> This option can cause non-termination, because lazy data > This option can cause non-termination, because lazy data
> structures can be infinitely large. > structures can be infinitely large.
- `--json`\ - `--json`
When used with `--eval`, print the resulting value as an JSON When used with `--eval`, print the resulting value as an JSON
representation of the abstract syntax tree rather than as a Nix expression. representation of the abstract syntax tree rather than as a Nix expression.
- `--xml`\ - `--xml`
When used with `--eval`, print the resulting value as an XML When used with `--eval`, print the resulting value as an XML
representation of the abstract syntax tree rather than as a Nix expression. representation of the abstract syntax tree rather than as a Nix expression.
The schema is the same as that used by the [`toXML` The schema is the same as that used by the [`toXML`
built-in](../language/builtins.md). built-in](../language/builtins.md).
- `--read-write-mode`\ - `--read-write-mode`
When used with `--eval`, perform evaluation in read/write mode so When used with `--eval`, perform evaluation in read/write mode so
nix language features that require it will still work (at the cost nix language features that require it will still work (at the cost
of needing to do instantiation of every evaluated derivation). If of needing to do instantiation of every evaluated derivation). If

View file

@ -39,23 +39,28 @@ the path of the downloaded file in the Nix store is also printed.
# Options # Options
- `--type` *hashAlgo*\ - `--type` *hashAlgo*
Use the specified cryptographic hash algorithm, Use the specified cryptographic hash algorithm,
which can be one of `md5`, `sha1`, `sha256`, and `sha512`. which can be one of `md5`, `sha1`, `sha256`, and `sha512`.
The default is `sha256`. The default is `sha256`.
- `--print-path`\ - `--print-path`
Print the store path of the downloaded file on standard output. Print the store path of the downloaded file on standard output.
- `--unpack`\ - `--unpack`
Unpack the archive (which must be a tarball or zip file) and add the Unpack the archive (which must be a tarball or zip file) and add the
result to the Nix store. The resulting hash can be used with result to the Nix store. The resulting hash can be used with
functions such as Nixpkgss `fetchzip` or `fetchFromGitHub`. functions such as Nixpkgss `fetchzip` or `fetchFromGitHub`.
- `--executable`\ - `--executable`
Set the executable bit on the downloaded file. Set the executable bit on the downloaded file.
- `--name` *name*\ - `--name` *name*
Override the name of the file in the Nix store. By default, this is Override the name of the file in the Nix store. By default, this is
`hash-basename`, where *basename* is the last component of *url*. `hash-basename`, where *basename* is the last component of *url*.
Overriding the name is necessary when *basename* contains characters Overriding the name is necessary when *basename* contains characters

View file

@ -60,7 +60,8 @@ All options not listed here are passed to `nix-store
--realise`, except for `--arg` and `--attr` / `-A` which are passed to --realise`, except for `--arg` and `--attr` / `-A` which are passed to
`nix-instantiate`. `nix-instantiate`.
- `--command` *cmd*\ - `--command` *cmd*
In the environment of the derivation, run the shell command *cmd*. In the environment of the derivation, run the shell command *cmd*.
This command is executed in an interactive shell. (Use `--run` to This command is executed in an interactive shell. (Use `--run` to
use a non-interactive shell instead.) However, a call to `exit` is use a non-interactive shell instead.) However, a call to `exit` is
@ -70,34 +71,40 @@ All options not listed here are passed to `nix-store
drop you into the interactive shell. This can be useful for doing drop you into the interactive shell. This can be useful for doing
any additional initialisation. any additional initialisation.
- `--run` *cmd*\ - `--run` *cmd*
Like `--command`, but executes the command in a non-interactive Like `--command`, but executes the command in a non-interactive
shell. This means (among other things) that if you hit Ctrl-C while shell. This means (among other things) that if you hit Ctrl-C while
the command is running, the shell exits. the command is running, the shell exits.
- `--exclude` *regexp*\ - `--exclude` *regexp*
Do not build any dependencies whose store path matches the regular Do not build any dependencies whose store path matches the regular
expression *regexp*. This option may be specified multiple times. expression *regexp*. This option may be specified multiple times.
- `--pure`\ - `--pure`
If this flag is specified, the environment is almost entirely If this flag is specified, the environment is almost entirely
cleared before the interactive shell is started, so you get an cleared before the interactive shell is started, so you get an
environment that more closely corresponds to the “real” Nix build. A environment that more closely corresponds to the “real” Nix build. A
few variables, in particular `HOME`, `USER` and `DISPLAY`, are few variables, in particular `HOME`, `USER` and `DISPLAY`, are
retained. retained.
- `--packages` / `-p` *packages*…\ - `--packages` / `-p` *packages*
Set up an environment in which the specified packages are present. Set up an environment in which the specified packages are present.
The command line arguments are interpreted as attribute names inside The command line arguments are interpreted as attribute names inside
the Nix Packages collection. Thus, `nix-shell --packages libjpeg openjdk` the Nix Packages collection. Thus, `nix-shell --packages libjpeg openjdk`
will start a shell in which the packages denoted by the attribute will start a shell in which the packages denoted by the attribute
names `libjpeg` and `openjdk` are present. names `libjpeg` and `openjdk` are present.
- `-i` *interpreter*\ - `-i` *interpreter*
The chained script interpreter to be invoked by `nix-shell`. Only The chained script interpreter to be invoked by `nix-shell`. Only
applicable in `#!`-scripts (described below). applicable in `#!`-scripts (described below).
- `--keep` *name*\ - `--keep` *name*
When a `--pure` shell is started, keep the listed environment When a `--pure` shell is started, keep the listed environment
variables. variables.
@ -105,7 +112,8 @@ All options not listed here are passed to `nix-store
# Environment variables # Environment variables
- `NIX_BUILD_SHELL`\ - `NIX_BUILD_SHELL`
Shell used to start the interactive environment. Defaults to the Shell used to start the interactive environment. Defaults to the
`bash` found in `<nixpkgs>`, falling back to the `bash` found in `bash` found in `<nixpkgs>`, falling back to the `bash` found in
`PATH` if not found. `PATH` if not found.
@ -202,14 +210,14 @@ For example, here is a Python script that depends on Python and the
```python ```python
#! /usr/bin/env nix-shell #! /usr/bin/env nix-shell
#! nix-shell -i python --packages python pythonPackages.prettytable #! nix-shell -i python3 --packages python3 python3Packages.prettytable
import prettytable import prettytable
# Print a simple table. # Print a simple table.
t = prettytable.PrettyTable(["N", "N^2"]) t = prettytable.PrettyTable(["N", "N^2"])
for n in range(1, 10): t.add_row([n, n * n]) for n in range(1, 10): t.add_row([n, n * n])
print t print(t)
``` ```
Similarly, the following is a Perl script that specifies that it Similarly, the following is a Perl script that specifies that it

View file

@ -16,7 +16,8 @@ public url or broke since the download expression was written.
This operation has the following options: This operation has the following options:
- `--recursive`\ - `--recursive`
Use recursive instead of flat hashing mode, used when adding Use recursive instead of flat hashing mode, used when adding
directories to the store. directories to the store.

View file

@ -1,6 +1,6 @@
# Name # Name
`nix-store --dump` - write a single path to a Nix Archive `nix-store --dump` - write a single path to a [Nix Archive]
## Synopsis ## Synopsis
@ -8,7 +8,7 @@
## Description ## Description
The operation `--dump` produces a NAR (Nix ARchive) file containing the The operation `--dump` produces a [Nix archive](@docroot@/glossary.md#gloss-nar) (NAR) file containing the
contents of the file system tree rooted at *path*. The archive is contents of the file system tree rooted at *path*. The archive is
written to standard output. written to standard output.
@ -30,8 +30,9 @@ NAR archives support filenames of unlimited length and 64-bit file
sizes. They can contain regular files, directories, and symbolic links, sizes. They can contain regular files, directories, and symbolic links,
but not other types of files (such as device nodes). but not other types of files (such as device nodes).
A Nix archive can be unpacked using `nix-store A Nix archive can be unpacked using [`nix-store --restore`](@docroot@/command-ref/nix-store/restore.md).
--restore`.
[Nix Archive]: @docroot@/store/file-system-object/content-address.md#serial-nix-archive
{{#include ./opt-common.md}} {{#include ./opt-common.md}}

View file

@ -1,6 +1,6 @@
# Name # Name
`nix-store --export` - export store paths to a Nix Archive `nix-store --export` - export store paths to a [Nix Archive]
## Synopsis ## Synopsis
@ -8,16 +8,22 @@
## Description ## Description
The operation `--export` writes a serialisation of the specified store The operation `--export` writes a serialisation of the given [store objects](@docroot@/glossary.md#gloss-store-object) to standard output in a format that can be imported into another [Nix store](@docroot@/store/index.md) with [`nix-store --import`](./import.md).
paths to standard output in a format that can be imported into another
Nix store with `nix-store --import`. This is like `nix-store
--dump`, except that the NAR archive produced by that command doesnt
contain the necessary meta-information to allow it to be imported into
another Nix store (namely, the set of references of the path).
This command does not produce a *closure* of the specified paths, so if > **Warning**
a store path references other store paths that are missing in the target >
Nix store, the import will fail. > This command *does not* produce a [closure](@docroot@/glossary.md#gloss-closure) of the specified store paths.
> Trying to import a store object that refers to store paths not available in the target Nix store will fail.
>
> Use [`nix-store --query`](@docroot@/command-ref/nix-store/query.md) to obtain the closure of a store path.
This command is different from [`nix-store --dump`](./dump.md), which produces a [Nix archive](@docroot@/glossary.md#gloss-nar) that *does not* contain the set of [references](@docroot@/glossary.md#gloss-reference) of a given store path.
> **Note**
>
> For efficient transfer of closures to remote machines over SSH, use [`nix-copy-closure`](@docroot@/command-ref/nix-copy-closure.md).
[Nix Archive]: @docroot@/store/file-system-object/content-address.md#serial-nix-archive
{{#include ./opt-common.md}} {{#include ./opt-common.md}}
@ -27,15 +33,21 @@ Nix store, the import will fail.
# Examples # Examples
To copy a whole closure, do something > **Example**
like: >
> Deploy GNU Hello to an airgapped machine via USB stick.
```console >
$ nix-store --export $(nix-store --query --requisites paths) > out > Write the closure to the block device on a machine with internet connection:
``` >
> ```shell-session
To import the whole closure again, run: > [alice@itchy]$ storePath=$(nix-build '<nixpkgs>' -I nixpkgs=channel:nixpkgs-unstable -A hello --no-out-link)
> [alice@itchy]$ nix-store --export $(nix-store --query --requisites $storePath) | sudo dd of=/dev/usb
```console > ```
$ nix-store --import < out >
``` > Read the closure from the block device on the machine without internet connection:
>
> ```shell-session
> [bob@scratchy]$ hello=$(sudo dd if=/dev/usb | nix-store --import | tail -1)
> [bob@scratchy]$ $hello/bin/hello
> Hello, world!
> ```

View file

@ -14,18 +14,21 @@ reachable via file system references from a set of “roots”, are deleted.
The following suboperations may be specified: The following suboperations may be specified:
- `--print-roots`\ - `--print-roots`
This operation prints on standard output the set of roots used by This operation prints on standard output the set of roots used by
the garbage collector. the garbage collector.
- `--print-live`\ - `--print-live`
This operation prints on standard output the set of “live” store This operation prints on standard output the set of “live” store
paths, which are all the store paths reachable from the roots. Live paths, which are all the store paths reachable from the roots. Live
paths should never be deleted, since that would break consistency — paths should never be deleted, since that would break consistency —
it would become possible that applications are installed that it would become possible that applications are installed that
reference things that are no longer present in the store. reference things that are no longer present in the store.
- `--print-dead`\ - `--print-dead`
This operation prints out on standard output the set of “dead” store This operation prints out on standard output the set of “dead” store
paths, which is just the opposite of the set of live paths: any path paths, which is just the opposite of the set of live paths: any path
in the store that is not live (with respect to the roots) is dead. in the store that is not live (with respect to the roots) is dead.
@ -33,7 +36,8 @@ The following suboperations may be specified:
By default, all unreachable paths are deleted. The following options By default, all unreachable paths are deleted. The following options
control what gets deleted and in what order: control what gets deleted and in what order:
- `--max-freed` *bytes*\ - `--max-freed` *bytes*
Keep deleting paths until at least *bytes* bytes have been deleted, Keep deleting paths until at least *bytes* bytes have been deleted,
then stop. The argument *bytes* can be followed by the then stop. The argument *bytes* can be followed by the
multiplicative suffix `K`, `M`, `G` or `T`, denoting KiB, MiB, GiB multiplicative suffix `K`, `M`, `G` or `T`, denoting KiB, MiB, GiB

View file

@ -1,6 +1,8 @@
# Name # Name
`nix-store --import` - import Nix Archive into the store `nix-store --import` - import [Nix Archive] into the store
[Nix Archive]: @docroot@/store/file-system-object/content-address.md#serial-nix-archive
# Synopsis # Synopsis
@ -8,14 +10,34 @@
# Description # Description
The operation `--import` reads a serialisation of a set of store paths The operation `--import` reads a serialisation of a set of [store objects](@docroot@/glossary.md#gloss-store-object) produced by [`nix-store --export`](./export.md) from standard input, and adds those store objects to the specified [Nix store](@docroot@/store/index.md).
produced by `nix-store --export` from standard input and adds those Paths that already exist in the target Nix store are ignored.
store paths to the Nix store. Paths that already exist in the Nix store If a path [refers](@docroot@/glossary.md#gloss-reference) to another path that doesnt exist in the target Nix store, the import fails.
are ignored. If a path refers to another path that doesnt exist in the
Nix store, the import fails. > **Note**
>
> For efficient transfer of closures to remote machines over SSH, use [`nix-copy-closure`](@docroot@/command-ref/nix-copy-closure.md).
{{#include ./opt-common.md}} {{#include ./opt-common.md}}
{{#include ../opt-common.md}} {{#include ../opt-common.md}}
{{#include ../env-common.md}} {{#include ../env-common.md}}
# Examples
> **Example**
>
> Given a closure of GNU Hello as a file:
>
> ```shell-session
> $ storePath="$(nix-build '<nixpkgs>' -I nixpkgs=channel:nixpkgs-unstable -A hello --no-out-link)"
> $ nix-store --export $(nix-store --query --requisites $storePath) > hello.closure
> ```
>
> Import the closure into a [remote SSH store](@docroot@/store/types/ssh-store.md) using the [`--store`](@docroot@/command-ref/conf-file.md#conf-store) option:
>
> ```console
> $ nix-store --import --store ssh://alice@itchy.example.org < hello.closure
> ```

View file

@ -12,7 +12,7 @@ The operation `--optimise` reduces Nix store disk space usage by finding
identical files in the store and hard-linking them to each other. It identical files in the store and hard-linking them to each other. It
typically reduces the size of the store by something like 25-35%. Only typically reduces the size of the store by something like 25-35%. Only
regular files and symlinks are hard-linked in this manner. Files are regular files and symlinks are hard-linked in this manner. Files are
considered identical when they have the same NAR archive serialisation: considered identical when they have the same [Nix Archive (NAR)][Nix Archive] serialisation:
that is, regular files must have the same contents and permission that is, regular files must have the same contents and permission
(executable or non-executable), and symlinks must have the same (executable or non-executable), and symlinks must have the same
contents. contents.
@ -38,3 +38,4 @@ hashing files in `/nix/store/qhqx7l2f1kmwihc9bnxs7rc159hsxnf3-gcc-4.1.1'
there are 114486 files with equal contents out of 215894 files in total there are 114486 files with equal contents out of 215894 files in total
``` ```
[Nix Archive]: @docroot@/store/file-system-object/content-address.md#serial-nix-archive

View file

@ -24,25 +24,29 @@ symlink.
# Common query options # Common query options
- `--use-output`; `-u`\ - `--use-output` / `-u`
For each argument to the query that is a [store derivation], apply the For each argument to the query that is a [store derivation], apply the
query to the output path of the derivation instead. query to the output path of the derivation instead.
- `--force-realise`; `-f`\ - `--force-realise` / `-f`
Realise each argument to the query first (see [`nix-store --realise`](./realise.md)). Realise each argument to the query first (see [`nix-store --realise`](./realise.md)).
[store derivation]: @docroot@/glossary.md#gloss-store-derivation [store derivation]: @docroot@/glossary.md#gloss-store-derivation
# Queries # Queries
- `--outputs`\ - `--outputs`
Prints out the [output paths] of the store Prints out the [output paths] of the store
derivations *paths*. These are the paths that will be produced when derivations *paths*. These are the paths that will be produced when
the derivation is built. the derivation is built.
[output paths]: @docroot@/glossary.md#gloss-output-path [output paths]: @docroot@/glossary.md#gloss-output-path
- `--requisites`; `-R`\ - `--requisites` / `-R`
Prints out the [closure] of the store path *paths*. Prints out the [closure] of the store path *paths*.
[closure]: @docroot@/glossary.md#gloss-closure [closure]: @docroot@/glossary.md#gloss-closure
@ -61,27 +65,31 @@ symlink.
dependencies) is obtained by distributing the closure of a store dependencies) is obtained by distributing the closure of a store
derivation and specifying the option `--include-outputs`. derivation and specifying the option `--include-outputs`.
- `--references`\ - `--references`
Prints the set of [references] of the store paths Prints the set of [references] of the store paths
*paths*, that is, their immediate dependencies. (For *all* *paths*, that is, their immediate dependencies. (For *all*
dependencies, use `--requisites`.) dependencies, use `--requisites`.)
[references]: @docroot@/glossary.md#gloss-reference [references]: @docroot@/glossary.md#gloss-reference
- `--referrers`\ - `--referrers`
Prints the set of *referrers* of the store paths *paths*, that is, Prints the set of *referrers* of the store paths *paths*, that is,
the store paths currently existing in the Nix store that refer to the store paths currently existing in the Nix store that refer to
one of *paths*. Note that contrary to the references, the set of one of *paths*. Note that contrary to the references, the set of
referrers is not constant; it can change as store paths are added or referrers is not constant; it can change as store paths are added or
removed. removed.
- `--referrers-closure`\ - `--referrers-closure`
Prints the closure of the set of store paths *paths* under the Prints the closure of the set of store paths *paths* under the
referrers relation; that is, all store paths that directly or referrers relation; that is, all store paths that directly or
indirectly refer to one of *paths*. These are all the path currently indirectly refer to one of *paths*. These are all the path currently
in the Nix store that are dependent on *paths*. in the Nix store that are dependent on *paths*.
- `--deriver`; `-d`\ - `--deriver` / `-d`
Prints the [deriver] that was used to build the store paths *paths*. If Prints the [deriver] that was used to build the store paths *paths*. If
the path has no deriver (e.g., if it is a source file), or if the the path has no deriver (e.g., if it is a source file), or if the
deriver is not known (e.g., in the case of a binary-only deriver is not known (e.g., in the case of a binary-only
@ -92,12 +100,14 @@ symlink.
[deriver]: @docroot@/glossary.md#gloss-deriver [deriver]: @docroot@/glossary.md#gloss-deriver
- `--valid-derivers`\ - `--valid-derivers`
Prints a set of derivation files (`.drv`) which are supposed produce Prints a set of derivation files (`.drv`) which are supposed produce
said paths when realized. Might print nothing, for example for source paths said paths when realized. Might print nothing, for example for source paths
or paths subsituted from a binary cache. or paths subsituted from a binary cache.
- `--graph`\ - `--graph`
Prints the references graph of the store paths *paths* in the format Prints the references graph of the store paths *paths* in the format
of the `dot` tool of AT\&T's [Graphviz of the `dot` tool of AT\&T's [Graphviz
package](http://www.graphviz.org/). This can be used to visualise package](http://www.graphviz.org/). This can be used to visualise
@ -105,39 +115,45 @@ symlink.
this to a store derivation. To obtain a runtime dependency graph, this to a store derivation. To obtain a runtime dependency graph,
apply it to an output path. apply it to an output path.
- `--tree`\ - `--tree`
Prints the references graph of the store paths *paths* as a nested Prints the references graph of the store paths *paths* as a nested
ASCII tree. References are ordered by descending closure size; this ASCII tree. References are ordered by descending closure size; this
tends to flatten the tree, making it more readable. The query only tends to flatten the tree, making it more readable. The query only
recurses into a store path when it is first encountered; this recurses into a store path when it is first encountered; this
prevents a blowup of the tree representation of the graph. prevents a blowup of the tree representation of the graph.
- `--graphml`\ - `--graphml`
Prints the references graph of the store paths *paths* in the Prints the references graph of the store paths *paths* in the
[GraphML](http://graphml.graphdrawing.org/) file format. This can be [GraphML](http://graphml.graphdrawing.org/) file format. This can be
used to visualise dependency graphs. To obtain a build-time used to visualise dependency graphs. To obtain a build-time
dependency graph, apply this to a [store derivation]. To obtain a dependency graph, apply this to a [store derivation]. To obtain a
runtime dependency graph, apply it to an output path. runtime dependency graph, apply it to an output path.
- `--binding` *name*; `-b` *name*\ - `--binding` *name* / `-b` *name*
Prints the value of the attribute *name* (i.e., environment Prints the value of the attribute *name* (i.e., environment
variable) of the [store derivation]s *paths*. It is an error for a variable) of the [store derivation]s *paths*. It is an error for a
derivation to not have the specified attribute. derivation to not have the specified attribute.
- `--hash`\ - `--hash`
Prints the SHA-256 hash of the contents of the store paths *paths* Prints the SHA-256 hash of the contents of the store paths *paths*
(that is, the hash of the output of `nix-store --dump` on the given (that is, the hash of the output of `nix-store --dump` on the given
paths). Since the hash is stored in the Nix database, this is a fast paths). Since the hash is stored in the Nix database, this is a fast
operation. operation.
- `--size`\ - `--size`
Prints the size in bytes of the contents of the store paths *paths* Prints the size in bytes of the contents of the store paths *paths*
— to be precise, the size of the output of `nix-store --dump` on — to be precise, the size of the output of `nix-store --dump` on
the given paths. Note that the actual disk space required by the the given paths. Note that the actual disk space required by the
store paths may be higher, especially on filesystems with large store paths may be higher, especially on filesystems with large
cluster sizes. cluster sizes.
- `--roots`\ - `--roots`
Prints the garbage collector roots that point, directly or Prints the garbage collector roots that point, directly or
indirectly, at the store paths *paths*. indirectly, at the store paths *paths*.

View file

@ -25,11 +25,11 @@ Each of *paths* is processed as follows:
If no substitutes are available and no store derivation is given, realisation fails. If no substitutes are available and no store derivation is given, realisation fails.
[store paths]: @docroot@/glossary.md#gloss-store-path [store paths]: @docroot@/store/store-path.md
[valid]: @docroot@/glossary.md#gloss-validity [valid]: @docroot@/glossary.md#gloss-validity
[store derivation]: @docroot@/glossary.md#gloss-store-derivation [store derivation]: @docroot@/glossary.md#gloss-store-derivation
[output paths]: @docroot@/glossary.md#gloss-output-path [output paths]: @docroot@/glossary.md#gloss-output-path
[store objects]: @docroot@/glossary.md#gloss-store-object [store objects]: @docroot@/store/store-object.md
[closure]: @docroot@/glossary.md#gloss-closure [closure]: @docroot@/glossary.md#gloss-closure
[substituters]: @docroot@/command-ref/conf-file.md#conf-substituters [substituters]: @docroot@/command-ref/conf-file.md#conf-substituters
[content-addressed derivations]: @docroot@/contributing/experimental-features.md#xp-feature-ca-derivations [content-addressed derivations]: @docroot@/contributing/experimental-features.md#xp-feature-ca-derivations
@ -42,15 +42,18 @@ For non-derivation arguments, the argument itself is printed.
# Options # Options
- `--dry-run`\ - `--dry-run`
Print on standard error a description of what packages would be Print on standard error a description of what packages would be
built or downloaded, without actually performing the operation. built or downloaded, without actually performing the operation.
- `--ignore-unknown`\ - `--ignore-unknown`
If a non-derivation path does not have a substitute, then silently If a non-derivation path does not have a substitute, then silently
ignore it. ignore it.
- `--check`\ - `--check`
This option allows you to check whether a derivation is This option allows you to check whether a derivation is
deterministic. It rebuilds the specified derivation and checks deterministic. It rebuilds the specified derivation and checks
whether the result is bitwise-identical with the existing outputs, whether the result is bitwise-identical with the existing outputs,

View file

@ -8,9 +8,11 @@
## Description ## Description
The operation `--restore` unpacks a NAR archive to *path*, which must The operation `--restore` unpacks a [Nix Archive (NAR)][Nix Archive] to *path*, which must
not already exist. The archive is read from standard input. not already exist. The archive is read from standard input.
[Nix Archive]: @docroot@/store/file-system-object/content-address.md#serial-nix-archive
{{#include ./opt-common.md}} {{#include ./opt-common.md}}
{{#include ../opt-common.md}} {{#include ../opt-common.md}}

View file

@ -14,7 +14,8 @@ access to a restricted ssh user.
The following flags are available: The following flags are available:
- `--write`\ - `--write`
Allow the connected client to request the realization of Allow the connected client to request the realization of
derivations. In effect, this can be used to make the host act as a derivations. In effect, this can be used to make the host act as a
remote builder. remote builder.

View file

@ -16,14 +16,16 @@ being modified by non-Nix tools, or of bugs in Nix itself.
This operation has the following options: This operation has the following options:
- `--check-contents`\ - `--check-contents`
Checks that the contents of every valid store path has not been Checks that the contents of every valid store path has not been
altered by computing a SHA-256 hash of the contents and comparing it altered by computing a SHA-256 hash of the contents and comparing it
with the hash stored in the Nix database at build time. Paths that with the hash stored in the Nix database at build time. Paths that
have been modified are printed out. For large stores, have been modified are printed out. For large stores,
`--check-contents` is obviously quite slow. `--check-contents` is obviously quite slow.
- `--repair`\ - `--repair`
If any valid path is missing from the store, or (if If any valid path is missing from the store, or (if
`--check-contents` is given) the contents of a valid path has been `--check-contents` is given) the contents of a valid path has been
modified, then try to repair the path by redownloading it. See modified, then try to repair the path by redownloading it. See

View file

@ -143,7 +143,7 @@ Most Nix commands accept the following command-line options:
This option is accepted by `nix-env`, `nix-instantiate`, `nix-shell` and `nix-build`. This option is accepted by `nix-env`, `nix-instantiate`, `nix-shell` and `nix-build`.
When evaluating Nix expressions, the expression evaluator will automatically try to call functions that it encounters. When evaluating Nix expressions, the expression evaluator will automatically try to call functions that it encounters.
It can automatically call functions for which every argument has a [default value](@docroot@/language/constructs.md#functions) (e.g., `{ argName ? defaultValue }: ...`). It can automatically call functions for which every argument has a [default value](@docroot@/language/syntax.md#functions) (e.g., `{ argName ? defaultValue }: ...`).
With `--arg`, you can also call functions that have arguments without a default value (or override a default value). With `--arg`, you can also call functions that have arguments without a default value (or override a default value).
That is, if the evaluator encounters a function with an argument named *name*, it will call it with value *value*. That is, if the evaluator encounters a function with an argument named *name*, it will call it with value *value*.

View file

@ -389,88 +389,6 @@ colors, no emojis and using ASCII instead of Unicode symbols). The same should
happen when TTY is not detected on STDERR. We should not display progress / happen when TTY is not detected on STDERR. We should not display progress /
status section, but only print warnings and errors. status section, but only print warnings and errors.
## Returning future proof JSON
The schema of JSON output should allow for backwards compatible extension. This section explains how to achieve this.
Two definitions are helpful here, because while JSON only defines one "key-value"
object type, we use it to cover two use cases:
- **dictionary**: a map from names to value that all have the same type. In
C++ this would be a `std::map` with string keys.
- **record**: a fixed set of attributes each with their own type. In C++, this
would be represented by a `struct`.
It is best not to mix these use cases, as that may lead to incompatibilities when the schema changes. For example, adding a record field to a dictionary breaks consumers that assume all JSON object fields to have the same meaning and type.
This leads to the following guidelines:
- The top-level (root) value must be a record.
Otherwise, one can not change the structure of a command's output.
- The value of a dictionary item must be a record.
Otherwise, the item type can not be extended.
- List items should be records.
Otherwise, one can not change the structure of the list items.
If the order of the items does not matter, and each item has a unique key that is a string, consider representing the list as a dictionary instead. If the order of the items needs to be preserved, return a list of records.
- Streaming JSON should return records.
An example of a streaming JSON format is [JSON lines](https://jsonlines.org/), where each line represents a JSON value. These JSON values can be considered top-level values or list items, and they must be records.
### Examples
This is bad, because all keys must be assumed to be store types:
```json
{
"local": { ... },
"remote": { ... },
"http": { ... }
}
```
This is good, because the it is extensible at the root, and is somewhat self-documenting:
```json
{
"storeTypes": { "local": { ... }, ... },
"pluginSupport": true
}
```
While the dictionary of store types seems like a very complete response at first, a use case may arise that warrants returning additional information.
For example, the presence of plugin support may be crucial information for a client to proceed when their desired store type is missing.
The following representation is bad because it is not extensible:
```json
{ "outputs": [ "out" "bin" ] }
```
However, simply converting everything to records is not enough, because the order of outputs must be preserved:
```json
{ "outputs": { "bin": {}, "out": {} } }
```
The first item is the default output. Deriving this information from the outputs ordering is not great, but this is how Nix currently happens to work.
While it is possible for a JSON parser to preserve the order of fields, we can not rely on this capability to be present in all JSON libraries.
This representation is extensible and preserves the ordering:
```json
{ "outputs": [ { "outputName": "out" }, { "outputName": "bin" } ] }
```
## Dialog with the user ## Dialog with the user
CLIs don't always make it clear when an action has taken place. For every CLIs don't always make it clear when an action has taken place. For every

View file

@ -147,7 +147,7 @@ Please observe these guidelines to ease reviews:
``` ```
A [store object] contains a [file system object] and [references] to other store objects. A [store object] contains a [file system object] and [references] to other store objects.
[store object]: @docroot@/glossary.md#gloss-store-object [store object]: @docroot@/store/store-object.md
[file system object]: @docroot@/architecture/file-system-object.md [file system object]: @docroot@/architecture/file-system-object.md
[references]: @docroot@/glossary.md#gloss-reference [references]: @docroot@/glossary.md#gloss-reference
``` ```
@ -196,32 +196,35 @@ You can also build and view it yourself:
[Doxygen API documentation]: https://hydra.nixos.org/job/nix/master/internal-api-docs/latest/download-by-type/doc/internal-api-docs [Doxygen API documentation]: https://hydra.nixos.org/job/nix/master/internal-api-docs/latest/download-by-type/doc/internal-api-docs
```console ```console
# nix build .#hydraJobs.internal-api-docs $ nix build .#hydraJobs.internal-api-docs
# xdg-open ./result/share/doc/nix/internal-api/html/index.html $ xdg-open ./result/share/doc/nix/internal-api/html/index.html
``` ```
or inside `nix-shell` or `nix develop`: or inside `nix-shell` or `nix develop`:
``` ```console
# make internal-api-html $ mesonConfigurePhase
# xdg-open ./outputs/doc/share/doc/nix/internal-api/html/index.html $ ninja src/internal-api-docs/html
$ xdg-open src/internal-api-docs/html/index.html
``` ```
## C API documentation (experimental) ## C API documentation
Note that the C API is not yet stable.
[C API documentation] is available online. [C API documentation] is available online.
You can also build and view it yourself: You can also build and view it yourself:
[C API documentation]: https://hydra.nixos.org/job/nix/master/external-api-docs/latest/download-by-type/doc/external-api-docs [C API documentation]: https://hydra.nixos.org/job/nix/master/external-api-docs/latest/download-by-type/doc/external-api-docs
```console ```console
# nix build .#hydraJobs.external-api-docs $ nix build .#hydraJobs.external-api-docs
# xdg-open ./result/share/doc/nix/external-api/html/index.html $ xdg-open ./result/share/doc/nix/external-api/html/index.html
``` ```
or inside `nix-shell` or `nix develop`: or inside `nix-shell` or `nix develop`:
``` ```
# make external-api-html $ mesonConfigurePhase
# xdg-open ./outputs/doc/share/doc/nix/external-api/html/index.html $ ninja src/external-api-docs/html
$ xdg-open src/external-api-docs/html/index.html
``` ```

View file

@ -122,7 +122,6 @@ Run `make` with [`-e` / `--environment-overrides`](https://www.gnu.org/software/
The docs can take a while to build, so you may want to disable this for local development. The docs can take a while to build, so you may want to disable this for local development.
- `ENABLE_FUNCTIONAL_TESTS=yes` to enable building the functional tests. - `ENABLE_FUNCTIONAL_TESTS=yes` to enable building the functional tests.
- `ENABLE_UNIT_TESTS=yes` to enable building the unit tests.
- `OPTIMIZE=1` to enable optimizations. - `OPTIMIZE=1` to enable optimizations.
- `libraries=libutil programs=` to only build a specific library. - `libraries=libutil programs=` to only build a specific library.

View file

@ -0,0 +1,128 @@
# JSON guideline
Nix consumes and produces JSON in a variety of contexts.
These guidelines ensure consistent practices for all our JSON interfaces, for ease of use, and so that experience in one part carries over to another.
## Extensibility
The schema of JSON input and output should allow for backwards compatible extension.
This section explains how to achieve this.
Two definitions are helpful here, because while JSON only defines one "key-value" object type, we use it to cover two use cases:
- **dictionary**: a map from names to value that all have the same type.
In C++ this would be a `std::map` with string keys.
- **record**: a fixed set of attributes each with their own type.
In C++, this would be represented by a `struct`.
It is best not to mix these use cases, as that may lead to incompatibilities when the schema changes.
For example, adding a record field to a dictionary breaks consumers that assume all JSON object fields to have the same meaning and type, and dictionary items with a colliding name can not be represented anymore.
This leads to the following guidelines:
- The top-level (root) value must be a record.
Otherwise, one can not change the structure of a command's output.
- The value of a dictionary item must be a record.
Otherwise, the item type can not be extended.
- List items should be records.
Otherwise, one can not change the structure of the list items.
If the order of the items does not matter, and each item has a unique key that is a string, consider representing the list as a dictionary instead.
If the order of the items needs to be preserved, return a list of records.
- Streaming JSON should return records.
An example of a streaming JSON format is [JSON lines](https://jsonlines.org/), where each line represents a JSON value.
These JSON values can be considered top-level values or list items, and they must be records.
### Examples
This is bad, because all keys must be assumed to be store types:
```json
{
"local": { ... },
"remote": { ... },
"http": { ... }
}
```
This is good, because the it is extensible at the root, and is somewhat self-documenting:
```json
{
"storeTypes": { "local": { ... }, ... },
"pluginSupport": true
}
```
While the dictionary of store types seems like a very complete response at first, a use case may arise that warrants returning additional information.
For example, the presence of plugin support may be crucial information for a client to proceed when their desired store type is missing.
The following representation is bad because it is not extensible:
```json
{ "outputs": [ "out" "bin" ] }
```
However, simply converting everything to records is not enough, because the order of outputs must be preserved:
```json
{ "outputs": { "bin": {}, "out": {} } }
```
The first item is the default output. Deriving this information from the outputs ordering is not great, but this is how Nix currently happens to work.
While it is possible for a JSON parser to preserve the order of fields, we can not rely on this capability to be present in all JSON libraries.
This representation is extensible and preserves the ordering:
```json
{ "outputs": [ { "outputName": "out" }, { "outputName": "bin" } ] }
```
## Self-describing values
As described in the previous section, it's crucial that schemas can be extended with with new fields without breaking compatibility.
However, that should *not* mean we use the presence/absence of fields to indicate optional information *within* a version of the schema.
Instead, always include the field, and use `null` to indicate the "nothing" case.
### Examples
Here are two JSON objects:
```json
{
"foo": {}
}
```
```json
{
"foo": {},
"bar": {}
}
```
Since they differ in which fields they contain, they should *not* both be valid values of the same schema.
At most, they can match two different schemas where the second (with `foo` and `bar`) is considered a newer version of the first (with just `foo`).
Within each version, all fields are mandatory (always `foo`, and always `foo` and `bar`).
Only *between* each version, `bar` gets added as a new mandatory field.
Here are another two JSON objects:
```json
{ "foo": null }
```
```json
{ "foo": { "bar": 1 } }
```
Since they both contain a `foo` field, they could be valid values of the same schema.
The schema would have `foo` has an optional field, which is either `null` or an object where `bar` is an integer.

View file

@ -59,15 +59,15 @@ The unit tests are defined using the [googletest] and [rapidcheck] frameworks.
> … > …
> ``` > ```
The tests for each Nix library (`libnixexpr`, `libnixstore`, etc..) live inside a directory `tests/unit/${library_name_without-nix}`. The tests for each Nix library (`libnixexpr`, `libnixstore`, etc..) live inside a directory `src/${library_name_without-nix}-test`.
Given a interface (header) and implementation pair in the original library, say, `src/libexpr/value/context.{hh,cc}`, we write tests for it in `tests/unit/libexpr/tests/value/context.cc`, and (possibly) declare/define additional interfaces for testing purposes in `tests/unit/libexpr-support/tests/value/context.{hh,cc}`. Given an interface (header) and implementation pair in the original library, say, `src/libexpr/value/context.{hh,cc}`, we write tests for it in `src/nix-expr-tests/value/context.cc`, and (possibly) declare/define additional interfaces for testing purposes in `src/nix-expr-test-support/tests/value/context.{hh,cc}`.
Data for unit tests is stored in a `data` subdir of the directory for each unit test executable. Data for unit tests is stored in a `data` subdir of the directory for each unit test executable.
For example, `libnixstore` code is in `src/libstore`, and its test data is in `tests/unit/libstore/data`. For example, `libnixstore` code is in `src/libstore`, and its test data is in `src/nix-store-tests/data`.
The path to the `tests/unit/data` directory is passed to the unit test executable with the environment variable `_NIX_TEST_UNIT_DATA`. The path to the `src/${library_name_without-nix}-test/data` directory is passed to the unit test executable with the environment variable `_NIX_TEST_UNIT_DATA`.
Note that each executable only gets the data for its tests. Note that each executable only gets the data for its tests.
The unit test libraries are in `tests/unit/${library_name_without-nix}-lib`. The unit test libraries are in `src/${library_name_without-nix}-test-support`.
All headers are in a `tests` subdirectory so they are included with `#include "tests/"`. All headers are in a `tests` subdirectory so they are included with `#include "tests/"`.
The use of all these separate directories for the unit tests might seem inconvenient, as for example the tests are not "right next to" the part of the code they are testing. The use of all these separate directories for the unit tests might seem inconvenient, as for example the tests are not "right next to" the part of the code they are testing.
@ -76,8 +76,25 @@ there is no risk of any build-system wildcards for the library accidentally pick
### Running tests ### Running tests
You can run the whole testsuite with `make check`, or the tests for a specific component with `make libfoo-tests_RUN`. You can run the whole testsuite with `meson test` from the Meson build directory, or the tests for a specific component with `meson test nix-store-tests`.
Finer-grained filtering is also possible using the [--gtest_filter](https://google.github.io/googletest/advanced.html#running-a-subset-of-the-tests) command-line option, or the `GTEST_FILTER` environment variable, e.g. `GTEST_FILTER='ErrorTraceTest.*' make check`. A environment variables that Google Test accepts are also worth knowing:
1. [`GTEST_FILTER`](https://google.github.io/googletest/advanced.html#running-a-subset-of-the-tests)
This is used for finer-grained filtering of which tests to run.
2. [`GTEST_BRIEF`](https://google.github.io/googletest/advanced.html#suppressing-test-passes)
This is used to avoid logging passing tests.
Putting the two together, one might run
```bash
GTEST_BRIEF=1 GTEST_FILTER='ErrorTraceTest.*' meson test nix-expr-tests -v
```
for short but comprensive output.
### Characterisation testing { #characaterisation-testing-unit } ### Characterisation testing { #characaterisation-testing-unit }
@ -86,7 +103,7 @@ See [functional characterisation testing](#characterisation-testing-functional)
Like with the functional characterisation, `_NIX_TEST_ACCEPT=1` is also used. Like with the functional characterisation, `_NIX_TEST_ACCEPT=1` is also used.
For example: For example:
```shell-session ```shell-session
$ _NIX_TEST_ACCEPT=1 make libstore-tests_RUN $ _NIX_TEST_ACCEPT=1 meson test nix-store-tests -v
... ...
[ SKIPPED ] WorkerProtoTest.string_read [ SKIPPED ] WorkerProtoTest.string_read
[ SKIPPED ] WorkerProtoTest.string_write [ SKIPPED ] WorkerProtoTest.string_write
@ -114,6 +131,8 @@ On other platforms they wouldn't be run at all.
The functional tests reside under the `tests/functional` directory and are listed in `tests/functional/local.mk`. The functional tests reside under the `tests/functional` directory and are listed in `tests/functional/local.mk`.
Each test is a bash script. Each test is a bash script.
Functional tests are run during `installCheck` in the `nix` package build, as well as separately from the build, in VM tests.
### Running the whole test suite ### Running the whole test suite
The whole test suite can be run with: The whole test suite can be run with:
@ -162,14 +181,14 @@ ran test tests/functional/${testName}.sh... [PASS]
or without `make`: or without `make`:
```shell-session ```shell-session
$ ./mk/run-test.sh tests/functional/${testName}.sh tests/functional/init.sh $ ./mk/run-test.sh tests/functional/${testName}.sh
ran test tests/functional/${testName}.sh... [PASS] ran test tests/functional/${testName}.sh... [PASS]
``` ```
To see the complete output, one can also run: To see the complete output, one can also run:
```shell-session ```shell-session
$ ./mk/debug-test.sh tests/functional/${testName}.sh tests/functional/init.sh $ ./mk/debug-test.sh tests/functional/${testName}.sh
+(${testName}.sh:1) foo +(${testName}.sh:1) foo
output from foo output from foo
+(${testName}.sh:2) bar +(${testName}.sh:2) bar
@ -204,7 +223,7 @@ edit it like so:
Then, running the test with `./mk/debug-test.sh` will drop you into GDB once the script reaches that point: Then, running the test with `./mk/debug-test.sh` will drop you into GDB once the script reaches that point:
```shell-session ```shell-session
$ ./mk/debug-test.sh tests/functional/${testName}.sh tests/functional/init.sh $ ./mk/debug-test.sh tests/functional/${testName}.sh
... ...
+ gdb blash blub + gdb blash blub
GNU gdb (GDB) 12.1 GNU gdb (GDB) 12.1
@ -252,13 +271,30 @@ Regressions are caught, and improvements always show up in code review.
To ensure that characterisation testing doesn't make it harder to intentionally change these interfaces, there always must be an easy way to regenerate the expected output, as we do with `_NIX_TEST_ACCEPT=1`. To ensure that characterisation testing doesn't make it harder to intentionally change these interfaces, there always must be an easy way to regenerate the expected output, as we do with `_NIX_TEST_ACCEPT=1`.
### Running functional tests on NixOS
We run the functional tests not just in the build, but also in VM tests.
This helps us ensure that Nix works correctly on NixOS, and environments that have similar characteristics that are hard to reproduce in a build environment.
The recommended way to run these tests during development is:
```shell
nix build .#hydraJobs.tests.functional_user.quickBuild
```
The `quickBuild` attribute configures the test to use a `nix` package that's built without integration tests, so that you can iterate on the tests without performing recompilations due to the changed sources for `installCheck`.
Generally, this build is sufficient, but in nightly or CI we also test the attributes `functional_root` and `functional_trusted`, in which the test suite is run with different levels of authorization.
## Integration tests ## Integration tests
The integration tests are defined in the Nix flake under the `hydraJobs.tests` attribute. The integration tests are defined in the Nix flake under the `hydraJobs.tests` attribute.
These tests include everything that needs to interact with external services or run Nix in a non-trivial distributed setup. These tests include everything that needs to interact with external services or run Nix in a non-trivial distributed setup.
Because these tests are expensive and require more than what the standard github-actions setup provides, they only run on the master branch (on <https://hydra.nixos.org/jobset/nix/master>). Because these tests are expensive and require more than what the standard github-actions setup provides, they only run on the master branch (on <https://hydra.nixos.org/jobset/nix/master>).
You can run them manually with `nix build .#hydraJobs.tests.{testName}` or `nix-build -A hydraJobs.tests.{testName}` You can run them manually with `nix build .#hydraJobs.tests.{testName}` or `nix-build -A hydraJobs.tests.{testName}`.
If you are testing a build of `nix` that you haven't compiled yet, you may iterate faster by appending the `quickBuild` attribute: `nix build .#hydraJobs.tests.{testName}.quickBuild`.
## Installer tests ## Installer tests

View file

@ -1,5 +1,24 @@
# Glossary # Glossary
- [content address]{#gloss-content-address}
A
[*content address*](https://en.wikipedia.org/wiki/Content-addressable_storage)
is a secure way to reference immutable data.
The reference is calculated directly from the content of the data being referenced, which means the reference is
[*tamper proof*](https://en.wikipedia.org/wiki/Tamperproofing)
--- variations of the data should always calculate to distinct content addresses.
For how Nix uses content addresses, see:
- [Content-Addressing File System Objects](@docroot@/store/file-system-object/content-address.md)
- [Content-Addressing Store Objects](@docroot@/store/store-object/content-address.md)
- [content-addressed derivation](#gloss-content-addressed-derivation)
Software Heritage's writing on [*Intrinsic and Extrinsic identifiers*](https://www.softwareheritage.org/2020/07/09/intrinsic-vs-extrinsic-identifiers) is also a good introduction to the value of content-addressing over other referencing schemes.
Besides content addressing, the Nix store also uses [input addressing](#gloss-input-addressed-store-object).
- [derivation]{#gloss-derivation} - [derivation]{#gloss-derivation}
A description of a build task. The result of a derivation is a A description of a build task. The result of a derivation is a
@ -52,10 +71,9 @@
[`__contentAddressed`](./language/advanced-attributes.md#adv-attr-__contentAddressed) [`__contentAddressed`](./language/advanced-attributes.md#adv-attr-__contentAddressed)
attribute set to `true`. attribute set to `true`.
- [fixed-output derivation]{#gloss-fixed-output-derivation} - [fixed-output derivation]{#gloss-fixed-output-derivation} (FOD)
A derivation which includes the A [derivation] where a cryptographic hash of the [output] is determined in advance using the [`outputHash`](./language/advanced-attributes.md#adv-attr-outputHash) attribute, and where the [`builder`](@docroot@/language/derivations.md#attr-builder) executable has access to the network.
[`outputHash`](./language/advanced-attributes.md#adv-attr-outputHash) attribute.
- [store]{#gloss-store} - [store]{#gloss-store}
@ -118,9 +136,12 @@
- [content-addressed store object]{#gloss-content-addressed-store-object} - [content-addressed store object]{#gloss-content-addressed-store-object}
A [store object] whose [store path] is determined by its contents. A [store object] which is [content-addressed](#gloss-content-address),
i.e. whose [store path] is determined by its contents.
This includes derivations, the outputs of [content-addressed derivations](#gloss-content-addressed-derivation), and the outputs of [fixed-output derivations](#gloss-fixed-output-derivation). This includes derivations, the outputs of [content-addressed derivations](#gloss-content-addressed-derivation), and the outputs of [fixed-output derivations](#gloss-fixed-output-derivation).
See [Content-Addressing Store Objects](@docroot@/store/store-object/content-address.md) for details.
- [substitute]{#gloss-substitute} - [substitute]{#gloss-substitute}
A substitute is a command invocation stored in the [Nix database] that A substitute is a command invocation stored in the [Nix database] that
@ -218,6 +239,17 @@
- [output closure]{#gloss-output-closure}\ - [output closure]{#gloss-output-closure}\
The [closure] of an [output path]. It only contains what is [reachable] from the output. The [closure] of an [output path]. It only contains what is [reachable] from the output.
- [deriving path]{#gloss-deriving-path}
Deriving paths are a way to refer to [store objects][store object] that ar not yet [realised][realise].
This is necessary because, in general and particularly for [content-addressed derivations][content-addressed derivation], the [output path] of an [output] is not known in advance.
There are two forms:
- *constant*: just a [store path]
It can be made [valid][validity] by copying it into the store: from the evaluator, command line interface or another store.
- *output*: a pair of a [store path] to a [derivation] and an [output] name.
- [deriver]{#gloss-deriver} - [deriver]{#gloss-deriver}
The [store derivation] that produced an [output path]. The [store derivation] that produced an [output path].
@ -255,13 +287,15 @@
See [installables](./command-ref/new-cli/nix.md#installables) for [`nix` commands](./command-ref/new-cli/nix.md) (experimental) for details. See [installables](./command-ref/new-cli/nix.md#installables) for [`nix` commands](./command-ref/new-cli/nix.md) (experimental) for details.
- [NAR]{#gloss-nar} - [Nix Archive (NAR)]{#gloss-nar}
A *N*ix *AR*chive. This is a serialisation of a path in the Nix A *N*ix *AR*chive. This is a serialisation of a path in the Nix
store. It can contain regular files, directories and symbolic store. It can contain regular files, directories and symbolic
links. NARs are generated and unpacked using `nix-store --dump` links. NARs are generated and unpacked using `nix-store --dump`
and `nix-store --restore`. and `nix-store --restore`.
See [Nix Archive](store/file-system-object/content-address.html#serial-nix-archive) for details.
- [`∅`]{#gloss-emtpy-set} - [`∅`]{#gloss-emtpy-set}
The empty set symbol. In the context of profile history, this denotes a package is not present in a particular version of the profile. The empty set symbol. In the context of profile history, this denotes a package is not present in a particular version of the profile.
@ -278,7 +312,7 @@
- [package attribute set]{#package-attribute-set} - [package attribute set]{#package-attribute-set}
An [attribute set](@docroot@/language/values.md#attribute-set) containing the attribute `type = "derivation";` (derivation for historical reasons), as well as other attributes, such as An [attribute set](@docroot@/language/types.md#attribute-set) containing the attribute `type = "derivation";` (derivation for historical reasons), as well as other attributes, such as
- attributes that refer to the files of a [package], typically in the form of [derivation outputs](#output), - attributes that refer to the files of a [package], typically in the form of [derivation outputs](#output),
- attributes that declare something about how the package is supposed to be installed or used, - attributes that declare something about how the package is supposed to be installed or used,
- other metadata or arbitrary attributes. - other metadata or arbitrary attributes.
@ -291,9 +325,9 @@
See [String interpolation](./language/string-interpolation.md) for details. See [String interpolation](./language/string-interpolation.md) for details.
[string]: ./language/values.md#type-string [string]: ./language/types.md#type-string
[path]: ./language/values.md#type-path [path]: ./language/types.md#type-path
[attribute name]: ./language/values.md#attribute-set [attribute name]: ./language/types.md#attribute-set
- [base directory]{#gloss-base-directory} - [base directory]{#gloss-base-directory}

View file

@ -53,7 +53,8 @@ ssl-cert-file = /etc/ssl/my-certificate-bundle.crt
The Nix installer has special handling for these proxy-related The Nix installer has special handling for these proxy-related
environment variables: `http_proxy`, `https_proxy`, `ftp_proxy`, environment variables: `http_proxy`, `https_proxy`, `ftp_proxy`,
`no_proxy`, `HTTP_PROXY`, `HTTPS_PROXY`, `FTP_PROXY`, `NO_PROXY`. `all_proxy`, `no_proxy`, `HTTP_PROXY`, `HTTPS_PROXY`, `FTP_PROXY`,
`ALL_PROXY`, `NO_PROXY`.
If any of these variables are set when running the Nix installer, then If any of these variables are set when running the Nix installer, then
the installer will create an override file at the installer will create an override file at

View file

@ -1,17 +1,8 @@
# Uninstalling Nix # Uninstalling Nix
## Single User
If you have a [single-user installation](./installing-binary.md#single-user-installation) of Nix, uninstall it by running:
```console
$ rm -rf /nix ~/.nix-channels ~/.nix-defexpr ~/.nix-profile
```
You might also want to manually remove references to Nix from your `~/.profile`.
## Multi User ## Multi User
Removing a [multi-user installation](./installing-binary.md#multi-user-installation) of Nix is more involved, and depends on the operating system. Removing a [multi-user installation](./installing-binary.md#multi-user-installation) depends on the operating system.
### Linux ### Linux
@ -52,7 +43,15 @@ which you may remove.
### macOS ### macOS
1. Edit `/etc/zshrc`, `/etc/bashrc`, and `/etc/bash.bashrc` to remove the lines sourcing `nix-daemon.sh`, which should look like this: 1. If system-wide shell initialisation files haven't been altered since installing Nix, use the backups made by the installer:
```console
sudo mv /etc/zshrc.backup-before-nix /etc/zshrc
sudo mv /etc/bashrc.backup-before-nix /etc/bashrc
sudo mv /etc/bash.bashrc.backup-before-nix /etc/bash.bashrc
```
Otherwise, edit `/etc/zshrc`, `/etc/bashrc`, and `/etc/bash.bashrc` to remove the lines sourcing `nix-daemon.sh`, which should look like this:
```bash ```bash
# Nix # Nix
@ -62,18 +61,6 @@ which you may remove.
# End Nix # End Nix
``` ```
If these files haven't been altered since installing Nix you can simply put
the backups back in place:
```console
sudo mv /etc/zshrc.backup-before-nix /etc/zshrc
sudo mv /etc/bashrc.backup-before-nix /etc/bashrc
sudo mv /etc/bash.bashrc.backup-before-nix /etc/bash.bashrc
```
This will stop shells from sourcing the file and bringing everything you
installed using Nix in scope.
2. Stop and remove the Nix daemon services: 2. Stop and remove the Nix daemon services:
```console ```console
@ -83,8 +70,7 @@ which you may remove.
sudo rm /Library/LaunchDaemons/org.nixos.darwin-store.plist sudo rm /Library/LaunchDaemons/org.nixos.darwin-store.plist
``` ```
This stops the Nix daemon and prevents it from being started next time you This stops the Nix daemon and prevents it from being started next time you boot the system.
boot the system.
3. Remove the `nixbld` group and the `_nixbuildN` users: 3. Remove the `nixbld` group and the `_nixbuildN` users:
@ -95,25 +81,42 @@ which you may remove.
This will remove all the build users that no longer serve a purpose. This will remove all the build users that no longer serve a purpose.
4. Edit fstab using `sudo vifs` to remove the line mounting the Nix Store 4. Edit fstab using `sudo vifs` to remove the line mounting the Nix Store volume on `/nix`, which looks like
volume on `/nix`, which looks like
`UUID=<uuid> /nix apfs rw,noauto,nobrowse,suid,owners` or
`LABEL=Nix\040Store /nix apfs rw,nobrowse`. This will prevent automatic
mounting of the Nix Store volume.
5. Edit `/etc/synthetic.conf` to remove the `nix` line. If this is the only ```
line in the file you can remove it entirely, `sudo rm /etc/synthetic.conf`. UUID=<uuid> /nix apfs rw,noauto,nobrowse,suid,owners
This will prevent the creation of the empty `/nix` directory to provide a ```
mountpoint for the Nix Store volume. or
6. Remove the files Nix added to your system: ```
LABEL=Nix\040Store /nix apfs rw,nobrowse
```
by setting the cursor on the respective line using the error keys, and pressing `dd`, and then `:wq` to save the file.
This will prevent automatic mounting of the Nix Store volume.
5. Edit `/etc/synthetic.conf` to remove the `nix` line.
If this is the only line in the file you can remove it entirely:
```bash
if [ -f /etc/synthetic.conf ]; then
if [ "$(cat /etc/synthetic.conf)" = "nix" ]; then
sudo rm /etc/synthetic.conf
else
sudo vi /etc/synthetic.conf
fi
fi
```
This will prevent the creation of the empty `/nix` directory.
6. Remove the files Nix added to your system, except for the store:
```console ```console
sudo rm -rf /etc/nix /var/root/.nix-profile /var/root/.nix-defexpr /var/root/.nix-channels ~/.nix-profile ~/.nix-defexpr ~/.nix-channels sudo rm -rf /etc/nix /var/root/.nix-profile /var/root/.nix-defexpr /var/root/.nix-channels ~/.nix-profile ~/.nix-defexpr ~/.nix-channels
``` ```
This gets rid of any data Nix may have created except for the store which is
removed next.
7. Remove the Nix Store volume: 7. Remove the Nix Store volume:
@ -121,29 +124,32 @@ which you may remove.
sudo diskutil apfs deleteVolume /nix sudo diskutil apfs deleteVolume /nix
``` ```
This will remove the Nix Store volume and everything that was added to the This will remove the Nix Store volume and everything that was added to the store.
store.
If the output indicates that the command couldn't remove the volume, you should If the output indicates that the command couldn't remove the volume, you should make sure you don't have an _unmounted_ Nix Store volume.
make sure you don't have an _unmounted_ Nix Store volume. Look for a Look for a "Nix Store" volume in the output of the following command:
"Nix Store" volume in the output of the following command:
```console ```console
diskutil list diskutil list
``` ```
If you _do_ see a "Nix Store" volume, delete it by re-running the diskutil If you _do_ find a "Nix Store" volume, delete it by running `diskutil deleteVolume` with the store volume's `diskXsY` identifier.
deleteVolume command, but replace `/nix` with the store volume's `diskXsY`
identifier.
> **Note** > **Note**
> >
> After you complete the steps here, you will still have an empty `/nix` > After you complete the steps here, you will still have an empty `/nix` directory.
> directory. This is an expected sign of a successful uninstall. The empty > This is an expected sign of a successful uninstall.
> `/nix` directory will disappear the next time you reboot. > The empty `/nix` directory will disappear the next time you reboot.
> >
> You do not have to reboot to finish uninstalling Nix. The uninstall is > You do not have to reboot to finish uninstalling Nix.
> complete. macOS (Catalina+) directly controls root directories and its > The uninstall is complete.
> read-only root will prevent you from manually deleting the empty `/nix` > macOS (Catalina+) directly controls root directories, and its read-only root will prevent you from manually deleting the empty `/nix` mountpoint.
> mountpoint.
## Single User
To remove a [single-user installation](./installing-binary.md#single-user-installation) of Nix, run:
```console
$ rm -rf /nix ~/.nix-channels ~/.nix-defexpr ~/.nix-profile
```
You might also want to manually remove references to Nix from your `~/.profile`.

View file

@ -120,12 +120,11 @@ Derivations can declare some infrequently used optional attributes.
configuration setting. configuration setting.
- [`outputHash`]{#adv-attr-outputHash}; [`outputHashAlgo`]{#adv-attr-outputHashAlgo}; [`outputHashMode`]{#adv-attr-outputHashMode}\ - [`outputHash`]{#adv-attr-outputHash}; [`outputHashAlgo`]{#adv-attr-outputHashAlgo}; [`outputHashMode`]{#adv-attr-outputHashMode}\
These attributes declare that the derivation is a so-called These attributes declare that the derivation is a so-called *fixed-output derivation* (FOD), which means that a cryptographic hash of the output is already known in advance.
*fixed-output derivation*, which means that a cryptographic hash of
the output is already known in advance. When the build of a As opposed to regular derivations, the [`builder`] executable of a fixed-output derivation has access to the network.
fixed-output derivation finishes, Nix computes the cryptographic Nix computes a cryptographic hash of its output and compares that to the hash declared with these attributes.
hash of the output and compares it to the hash declared with these If there is a mismatch, the derivation fails.
attributes. If there is a mismatch, the build fails.
The rationale for fixed-output derivations is derivations such as The rationale for fixed-output derivations is derivations such as
those produced by the `fetchurl` function. This function downloads a those produced by the `fetchurl` function. This function downloads a
@ -197,33 +196,40 @@ Derivations can declare some infrequently used optional attributes.
`outputHashAlgo` can only be `null` when `outputHash` follows the SRI format. `outputHashAlgo` can only be `null` when `outputHash` follows the SRI format.
The `outputHashMode` attribute determines how the hash is computed. The `outputHashMode` attribute determines how the hash is computed.
It must be one of the following two values: It must be one of the following values:
- `"flat"`\ - [`"flat"`](@docroot@/store/store-object/content-address.md#method-flat)
The output must be a non-executable regular file. If it isnt,
the build fails. The hash is simply computed over the contents
of that file (so its equal to what Unix commands like
`sha256sum` or `sha1sum` produce).
This is the default. This is the default.
- `"recursive"` or `"nar"`\ - [`"recursive"` or `"nar"`](@docroot@/store/store-object/content-address.md#method-nix-archive)
The hash is computed over the [NAR archive](@docroot@/glossary.md#gloss-nar) dump of the output
(i.e., the result of [`nix-store --dump`](@docroot@/command-ref/nix-store/dump.md)). In
this case, the output can be anything, including a directory
tree.
`"recursive"` is the traditional way of indicating this, > **Compatibility**
and is supported since 2005 (virtually the entire history of Nix). >
`"nar"` is more clear, and consistent with other parts of Nix (such as the CLI), > `"recursive"` is the traditional way of indicating this,
however support for it is only added in Nix version 2.21. > and is supported since 2005 (virtually the entire history of Nix).
> `"nar"` is more clear, and consistent with other parts of Nix (such as the CLI),
> however support for it is only added in Nix version 2.21.
- [`"text"`](@docroot@/store/store-object/content-address.md#method-text)
> **Warning**
>
> The use of this method for derivation outputs is part of the [`dynamic-derivations`][xp-feature-dynamic-derivations] experimental feature.
- [`"git"`](@docroot@/store/store-object/content-address.md#method-git)
> **Warning**
>
> This method is part of the [`git-hashing`][xp-feature-git-hashing] experimental feature.
- [`__contentAddressed`]{#adv-attr-__contentAddressed} - [`__contentAddressed`]{#adv-attr-__contentAddressed}
> **Warning** > **Warning**
> This attribute is part of an [experimental feature](@docroot@/contributing/experimental-features.md). > This attribute is part of an [experimental feature](@docroot@/contributing/experimental-features.md).
> >
> To use this attribute, you must enable the > To use this attribute, you must enable the
> [`ca-derivations`](@docroot@/contributing/experimental-features.md#xp-feature-ca-derivations) experimental feature. > [`ca-derivations`][xp-feature-ca-derivations] experimental feature.
> For example, in [nix.conf](../command-ref/conf-file.md) you could add: > For example, in [nix.conf](../command-ref/conf-file.md) you could add:
> >
> ``` > ```
@ -272,7 +278,9 @@ Derivations can declare some infrequently used optional attributes.
> **Note** > **Note**
> >
> If set to `false`, the [`builder`](./derivations.md#attr-builder) should be able to run on the system type specified in the [`system` attribute](./derivations.md#attr-system), since the derivation cannot be substituted. > If set to `false`, the [`builder`] should be able to run on the system type specified in the [`system` attribute](./derivations.md#attr-system), since the derivation cannot be substituted.
[`builder`]: ./derivations.md#attr-builder
- [`__structuredAttrs`]{#adv-attr-structuredAttrs}\ - [`__structuredAttrs`]{#adv-attr-structuredAttrs}\
If the special attribute `__structuredAttrs` is set to `true`, the other derivation If the special attribute `__structuredAttrs` is set to `true`, the other derivation
@ -294,6 +302,12 @@ Derivations can declare some infrequently used optional attributes.
(associative) arrays. For example, the attribute `hardening.format = true` (associative) arrays. For example, the attribute `hardening.format = true`
ends up as the Bash associative array element `${hardening[format]}`. ends up as the Bash associative array element `${hardening[format]}`.
> **Warning**
>
> If set to `true`, other advanced attributes such as [`allowedReferences`](#adv-attr-allowedReferences), [`allowedReferences`](#adv-attr-allowedReferences), [`allowedRequisites`](#adv-attr-allowedRequisites),
[`disallowedReferences`](#adv-attr-disallowedReferences) and [`disallowedRequisites`](#adv-attr-disallowedRequisites), maxSize, and maxClosureSize.
will have no effect.
- [`outputChecks`]{#adv-attr-outputChecks}\ - [`outputChecks`]{#adv-attr-outputChecks}\
When using [structured attributes](#adv-attr-structuredAttrs), the `outputChecks` When using [structured attributes](#adv-attr-structuredAttrs), the `outputChecks`
attribute allows defining checks per-output. attribute allows defining checks per-output.
@ -303,7 +317,7 @@ Derivations can declare some infrequently used optional attributes.
[`disallowedReferences`](#adv-attr-disallowedReferences) and [`disallowedRequisites`](#adv-attr-disallowedRequisites), [`disallowedReferences`](#adv-attr-disallowedReferences) and [`disallowedRequisites`](#adv-attr-disallowedRequisites),
the following attributes are available: the following attributes are available:
- `maxSize` defines the maximum size of the resulting [store object](@docroot@/glossary.md#gloss-store-object). - `maxSize` defines the maximum size of the resulting [store object](@docroot@/store/store-object.md).
- `maxClosureSize` defines the maximum size of the output's closure. - `maxClosureSize` defines the maximum size of the output's closure.
- `ignoreSelfRefs` controls whether self-references should be considered when - `ignoreSelfRefs` controls whether self-references should be considered when
checking for allowed references/requisites. checking for allowed references/requisites.
@ -355,3 +369,7 @@ Derivations can declare some infrequently used optional attributes.
``` ```
ensures that the derivation can only be built on a machine with the `kvm` feature. ensures that the derivation can only be built on a machine with the `kvm` feature.
[xp-feature-ca-derivations]: @docroot@/contributing/experimental-features.md#xp-feature-ca-derivations
[xp-feature-dynamic-derivations]: @docroot@/contributing/experimental-features.md#xp-feature-dynamic-derivations
[xp-feature-git-hashing]: @docroot@/contributing/experimental-features.md#xp-feature-git-hashing

View file

@ -1,5 +0,0 @@
# Built-in Constants
These constants are built into the Nix language evaluator:
<dl>

View file

@ -1 +0,0 @@
</dl>

View file

@ -1,9 +1,11 @@
# Built-in Functions # Built-ins
This section lists the functions built into the Nix language evaluator. This section lists the values and functions built into the Nix language evaluator.
All built-in functions are available through the global [`builtins`](./builtin-constants.md#builtins-builtins) constant. All built-ins are available through the global [`builtins`](#builtins-builtins) constant.
For convenience, some built-ins can be accessed directly: Some built-ins are also exposed directly in the global scope:
<!-- TODO(@rhendric, #10970): this list is incomplete -->
- [`derivation`](#builtins-derivation) - [`derivation`](#builtins-derivation)
- [`import`](#builtins-import) - [`import`](#builtins-import)

View file

@ -1,408 +0,0 @@
# Language Constructs
## Recursive sets
Recursive sets are like normal [attribute sets](./values.md#attribute-set), but the attributes can refer to each other.
> *rec-attrset* = `rec {` [ *name* `=` *expr* `;` `]`... `}`
Example:
```nix
rec {
x = y;
y = 123;
}.x
```
This evaluates to `123`.
Note that without `rec` the binding `x = y;` would
refer to the variable `y` in the surrounding scope, if one exists, and
would be invalid if no such variable exists. That is, in a normal
(non-recursive) set, attributes are not added to the lexical scope; in a
recursive set, they are.
Recursive sets of course introduce the danger of infinite recursion. For
example, the expression
```nix
rec {
x = y;
y = x;
}.x
```
will crash with an `infinite recursion encountered` error message.
## Let-expressions
A let-expression allows you to define local variables for an expression.
> *let-in* = `let` [ *identifier* = *expr* ]... `in` *expr*
Example:
```nix
let
x = "foo";
y = "bar";
in x + y
```
This evaluates to `"foobar"`.
## Inheriting attributes
When defining an [attribute set](./values.md#attribute-set) or in a [let-expression](#let-expressions) it is often convenient to copy variables from the surrounding lexical scope (e.g., when you want to propagate attributes).
This can be shortened using the `inherit` keyword.
Example:
```nix
let x = 123; in
{
inherit x;
y = 456;
}
```
is equivalent to
```nix
let x = 123; in
{
x = x;
y = 456;
}
```
and both evaluate to `{ x = 123; y = 456; }`.
> **Note**
>
> This works because `x` is added to the lexical scope by the `let` construct.
It is also possible to inherit attributes from another attribute set.
Example:
In this fragment from `all-packages.nix`,
```nix
graphviz = (import ../tools/graphics/graphviz) {
inherit fetchurl stdenv libpng libjpeg expat x11 yacc;
inherit (xorg) libXaw;
};
xorg = {
libX11 = ...;
libXaw = ...;
...
}
libpng = ...;
libjpg = ...;
...
```
the set used in the function call to the function defined in
`../tools/graphics/graphviz` inherits a number of variables from the
surrounding scope (`fetchurl` ... `yacc`), but also inherits `libXaw`
(the X Athena Widgets) from the `xorg` set.
Summarizing the fragment
```nix
...
inherit x y z;
inherit (src-set) a b c;
...
```
is equivalent to
```nix
...
x = x; y = y; z = z;
a = src-set.a; b = src-set.b; c = src-set.c;
...
```
when used while defining local variables in a let-expression or while
defining a set.
In a `let` expression, `inherit` can be used to selectively bring specific attributes of a set into scope. For example
```nix
let
x = { a = 1; b = 2; };
inherit (builtins) attrNames;
in
{
names = attrNames x;
}
```
is equivalent to
```nix
let
x = { a = 1; b = 2; };
in
{
names = builtins.attrNames x;
}
```
both evaluate to `{ names = [ "a" "b" ]; }`.
## Functions
Functions have the following form:
```nix
pattern: body
```
The pattern specifies what the argument of the function must look like,
and binds variables in the body to (parts of) the argument. There are
three kinds of patterns:
- If a pattern is a single identifier, then the function matches any
argument. Example:
```nix
let negate = x: !x;
concat = x: y: x + y;
in if negate true then concat "foo" "bar" else ""
```
Note that `concat` is a function that takes one argument and returns
a function that takes another argument. This allows partial
parameterisation (i.e., only filling some of the arguments of a
function); e.g.,
```nix
map (concat "foo") [ "bar" "bla" "abc" ]
```
evaluates to `[ "foobar" "foobla" "fooabc" ]`.
- A *set pattern* of the form `{ name1, name2, …, nameN }` matches a
set containing the listed attributes, and binds the values of those
attributes to variables in the function body. For example, the
function
```nix
{ x, y, z }: z + y + x
```
can only be called with a set containing exactly the attributes `x`,
`y` and `z`. No other attributes are allowed. If you want to allow
additional arguments, you can use an ellipsis (`...`):
```nix
{ x, y, z, ... }: z + y + x
```
This works on any set that contains at least the three named
attributes.
It is possible to provide *default values* for attributes, in
which case they are allowed to be missing. A default value is
specified by writing `name ? e`, where *e* is an arbitrary
expression. For example,
```nix
{ x, y ? "foo", z ? "bar" }: z + y + x
```
specifies a function that only requires an attribute named `x`, but
optionally accepts `y` and `z`.
- An `@`-pattern provides a means of referring to the whole value
being matched:
```nix
args@{ x, y, z, ... }: z + y + x + args.a
```
but can also be written as:
```nix
{ x, y, z, ... } @ args: z + y + x + args.a
```
Here `args` is bound to the argument *as passed*, which is further
matched against the pattern `{ x, y, z, ... }`.
The `@`-pattern makes mainly sense with an ellipsis(`...`) as
you can access attribute names as `a`, using `args.a`, which was
given as an additional attribute to the function.
> **Warning**
>
> `args@` binds the name `args` to the attribute set that is passed to the function.
> In particular, `args` does *not* include any default values specified with `?` in the function's set pattern.
>
> For instance
>
> ```nix
> let
> f = args@{ a ? 23, ... }: [ a args ];
> in
> f {}
> ```
>
> is equivalent to
>
> ```nix
> let
> f = args @ { ... }: [ (args.a or 23) args ];
> in
> f {}
> ```
>
> and both expressions will evaluate to:
>
> ```nix
> [ 23 {} ]
> ```
Note that functions do not have names. If you want to give them a name,
you can bind them to an attribute, e.g.,
```nix
let concat = { x, y }: x + y;
in concat { x = "foo"; y = "bar"; }
```
## Conditionals
Conditionals look like this:
```nix
if e1 then e2 else e3
```
where *e1* is an expression that should evaluate to a Boolean value
(`true` or `false`).
## Assertions
Assertions are generally used to check that certain requirements on or
between features and dependencies hold. They look like this:
```nix
assert e1; e2
```
where *e1* is an expression that should evaluate to a Boolean value. If
it evaluates to `true`, *e2* is returned; otherwise expression
evaluation is aborted and a backtrace is printed.
Here is a Nix expression for the Subversion package that shows how
assertions can be used:.
```nix
{ localServer ? false
, httpServer ? false
, sslSupport ? false
, pythonBindings ? false
, javaSwigBindings ? false
, javahlBindings ? false
, stdenv, fetchurl
, openssl ? null, httpd ? null, db4 ? null, expat, swig ? null, j2sdk ? null
}:
assert localServer -> db4 != null; ①
assert httpServer -> httpd != null && httpd.expat == expat; ②
assert sslSupport -> openssl != null && (httpServer -> httpd.openssl == openssl); ③
assert pythonBindings -> swig != null && swig.pythonSupport;
assert javaSwigBindings -> swig != null && swig.javaSupport;
assert javahlBindings -> j2sdk != null;
stdenv.mkDerivation {
name = "subversion-1.1.1";
...
openssl = if sslSupport then openssl else null; ④
...
}
```
The points of interest are:
1. This assertion states that if Subversion is to have support for
local repositories, then Berkeley DB is needed. So if the Subversion
function is called with the `localServer` argument set to `true` but
the `db4` argument set to `null`, then the evaluation fails.
Note that `->` is the [logical
implication](https://en.wikipedia.org/wiki/Truth_table#Logical_implication)
Boolean operation.
2. This is a more subtle condition: if Subversion is built with Apache
(`httpServer`) support, then the Expat library (an XML library) used
by Subversion should be same as the one used by Apache. This is
because in this configuration Subversion code ends up being linked
with Apache code, and if the Expat libraries do not match, a build-
or runtime link error or incompatibility might occur.
3. This assertion says that in order for Subversion to have SSL support
(so that it can access `https` URLs), an OpenSSL library must be
passed. Additionally, it says that *if* Apache support is enabled,
then Apache's OpenSSL should match Subversion's. (Note that if
Apache support is not enabled, we don't care about Apache's
OpenSSL.)
4. The conditional here is not really related to assertions, but is
worth pointing out: it ensures that if SSL support is disabled, then
the Subversion derivation is not dependent on OpenSSL, even if a
non-`null` value was passed. This prevents an unnecessary rebuild of
Subversion if OpenSSL changes.
## With-expressions
A *with-expression*,
```nix
with e1; e2
```
introduces the set *e1* into the lexical scope of the expression *e2*.
For instance,
```nix
let as = { x = "foo"; y = "bar"; };
in with as; x + y
```
evaluates to `"foobar"` since the `with` adds the `x` and `y` attributes
of `as` to the lexical scope in the expression `x + y`. The most common
use of `with` is in conjunction with the `import` function. E.g.,
```nix
with (import ./definitions.nix); ...
```
makes all attributes defined in the file `definitions.nix` available as
if they were defined locally in a `let`-expression.
The bindings introduced by `with` do not shadow bindings introduced by
other means, e.g.
```nix
let a = 3; in with { a = 1; }; let a = 4; in with { a = 2; }; ...
```
establishes the same scope as
```nix
let a = 1; in let a = 2; in let a = 3; in let a = 4; in ...
```
## Comments
Comments can be single-line, started with a `#` character, or
inline/multi-line, enclosed within `/* ... */`.

View file

@ -4,9 +4,9 @@
> >
> *lookup-path* = `<` *identifier* [ `/` *identifier* ]... `>` > *lookup-path* = `<` *identifier* [ `/` *identifier* ]... `>`
A lookup path is an identifier with an optional path suffix that resolves to a [path value](@docroot@/language/values.md#type-path) if the identifier matches a search path entry. A lookup path is an identifier with an optional path suffix that resolves to a [path value](@docroot@/language/types.md#type-path) if the identifier matches a search path entry.
The value of a lookup path is determined by [`builtins.nixPath`](@docroot@/language/builtin-constants.md#builtins-nixPath). The value of a lookup path is determined by [`builtins.nixPath`](@docroot@/language/builtins.md#builtins-nixPath).
See [`builtins.findFile`](@docroot@/language/builtins.md#builtins-findFile) for details on lookup path resolution. See [`builtins.findFile`](@docroot@/language/builtins.md#builtins-findFile) for details on lookup path resolution.

View file

@ -12,12 +12,12 @@ It outputs an attribute set, and produces a [store derivation] as a side effect
### Required ### Required
- [`name`]{#attr-name} ([String](@docroot@/language/values.md#type-string)) - [`name`]{#attr-name} ([String](@docroot@/language/types.md#type-string))
A symbolic name for the derivation. A symbolic name for the derivation.
It is added to the [store path] of the corresponding [store derivation] as well as to its [output paths](@docroot@/glossary.md#gloss-output-path). It is added to the [store path] of the corresponding [store derivation] as well as to its [output paths](@docroot@/glossary.md#gloss-output-path).
[store path]: @docroot@/glossary.md#gloss-store-path [store path]: @docroot@/store/store-path.md
> **Example** > **Example**
> >
@ -31,7 +31,7 @@ It outputs an attribute set, and produces a [store derivation] as a side effect
> The store derivation's path will be `/nix/store/<hash>-hello.drv`. > The store derivation's path will be `/nix/store/<hash>-hello.drv`.
> The [output](#attr-outputs) paths will be of the form `/nix/store/<hash>-hello[-<output>]` > The [output](#attr-outputs) paths will be of the form `/nix/store/<hash>-hello[-<output>]`
- [`system`]{#attr-system} ([String](@docroot@/language/values.md#type-string)) - [`system`]{#attr-system} ([String](@docroot@/language/types.md#type-string))
The system type on which the [`builder`](#attr-builder) executable is meant to be run. The system type on which the [`builder`](#attr-builder) executable is meant to be run.
@ -64,9 +64,9 @@ It outputs an attribute set, and produces a [store derivation] as a side effect
> } > }
> ``` > ```
> >
> [`builtins.currentSystem`](@docroot@/language/builtin-constants.md#builtins-currentSystem) has the value of the [`system` configuration option], and defaults to the system type of the current Nix installation. > [`builtins.currentSystem`](@docroot@/language/builtins.md#builtins-currentSystem) has the value of the [`system` configuration option], and defaults to the system type of the current Nix installation.
- [`builder`]{#attr-builder} ([Path](@docroot@/language/values.md#type-path) | [String](@docroot@/language/values.md#type-string)) - [`builder`]{#attr-builder} ([Path](@docroot@/language/types.md#type-path) | [String](@docroot@/language/types.md#type-string))
Path to an executable that will perform the build. Path to an executable that will perform the build.
@ -113,7 +113,7 @@ It outputs an attribute set, and produces a [store derivation] as a side effect
### Optional ### Optional
- [`args`]{#attr-args} ([List](@docroot@/language/values.md#list) of [String](@docroot@/language/values.md#type-string)) - [`args`]{#attr-args} ([List](@docroot@/language/types.md#list) of [String](@docroot@/language/types.md#type-string))
Default: `[ ]` Default: `[ ]`
@ -132,7 +132,7 @@ It outputs an attribute set, and produces a [store derivation] as a side effect
> }; > };
> ``` > ```
- [`outputs`]{#attr-outputs} ([List](@docroot@/language/values.md#list) of [String](@docroot@/language/values.md#type-string)) - [`outputs`]{#attr-outputs} ([List](@docroot@/language/types.md#list) of [String](@docroot@/language/types.md#type-string))
Default: `[ "out" ]` Default: `[ "out" ]`
@ -141,7 +141,7 @@ It outputs an attribute set, and produces a [store derivation] as a side effect
By default, a derivation produces a single output called `out`. By default, a derivation produces a single output called `out`.
However, derivations can produce multiple outputs. However, derivations can produce multiple outputs.
This allows the associated [store objects](@docroot@/glossary.md#gloss-store-object) and their [closures](@docroot@/glossary.md#gloss-closure) to be copied or garbage-collected separately. This allows the associated [store objects](@docroot@/store/store-object.md) and their [closures](@docroot@/glossary.md#gloss-closure) to be copied or garbage-collected separately.
> **Example** > **Example**
> >

View file

@ -2,9 +2,9 @@
The value of a Nix expression can depend on the contents of a [store object]. The value of a Nix expression can depend on the contents of a [store object].
[store object]: @docroot@/glossary.md#gloss-store-object [store object]: @docroot@/store/store-object.md
Passing an expression `expr` that evaluates to a [store path](@docroot@/glossary.md#gloss-store-path) to any built-in function which reads from the filesystem constitutes Import From Derivation (IFD): Passing an expression `expr` that evaluates to a [store path](@docroot@/store/store-path.md) to any built-in function which reads from the filesystem constitutes Import From Derivation (IFD):
- [`import`](./builtins.md#builtins-import)` expr` - [`import`](./builtins.md#builtins-import)` expr`
- [`builtins.readFile`](./builtins.md#builtins-readFile)` expr` - [`builtins.readFile`](./builtins.md#builtins-readFile)` expr`

View file

@ -53,7 +53,7 @@ This is an incomplete overview of language features, by example.
<td> <td>
*Basic values* *Basic values ([primitives](@docroot@/language/types.md#primitives))*
</td> </td>
@ -71,7 +71,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
A string A [string](@docroot@/language/types.md#type-string)
</td> </td>
</tr> </tr>
@ -94,6 +94,18 @@ This is an incomplete overview of language features, by example.
</td> </td>
</tr> </tr>
<tr>
<td>
`# Explanation`
</td>
<td>
A [comment](@docroot@/language/syntax.md#comments).
</td>
</tr>
<tr> <tr>
<td> <td>
@ -106,7 +118,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
String interpolation (expands to `"hello world"`, `"1 2 3"`, `"/nix/store/<hash>-bash-<version>/bin/sh"`) [String interpolation](@docroot@/language/string-interpolation.md) (expands to `"hello world"`, `"1 2 3"`, `"/nix/store/<hash>-bash-<version>/bin/sh"`)
</td> </td>
</tr> </tr>
@ -118,7 +130,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
Booleans [Booleans](@docroot@/language/types.md#type-boolean)
</td> </td>
</tr> </tr>
@ -130,7 +142,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
Null value [Null](@docroot@/language/types.md#type-null) value
</td> </td>
</tr> </tr>
@ -142,7 +154,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
An integer An [integer](@docroot@/language/types.md#type-int)
</td> </td>
</tr> </tr>
@ -154,7 +166,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
A floating point number A [floating point number](@docroot@/language/types.md#type-float)
</td> </td>
</tr> </tr>
@ -166,7 +178,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
An absolute path An absolute [path](@docroot@/language/types.md#type-path)
</td> </td>
</tr> </tr>
@ -178,7 +190,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
A path relative to the file containing this Nix expression A [path](@docroot@/language/types.md#type-path) relative to the file containing this Nix expression
</td> </td>
</tr> </tr>
@ -190,7 +202,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
A home path. Evaluates to the `"<user's home directory>/.config"`. A home [path](@docroot@/language/types.md#type-path). Evaluates to the `"<user's home directory>/.config"`.
</td> </td>
</tr> </tr>
@ -202,7 +214,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
Search path for Nix files. Value determined by [`$NIX_PATH` environment variable](../command-ref/env-common.md#env-NIX_PATH). A [lookup path](@docroot@/language/constructs/lookup-path.md) for Nix files. Value determined by [`$NIX_PATH` environment variable](../command-ref/env-common.md#env-NIX_PATH).
</td> </td>
</tr> </tr>
@ -226,7 +238,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
A set with attributes named `x` and `y` An [attribute set](@docroot@/language/types.md#attribute-set) with attributes named `x` and `y`
</td> </td>
</tr> </tr>
@ -250,7 +262,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
A recursive set, equivalent to `{ x = "foo"; y = "foobar"; }` A [recursive set](@docroot@/language/syntax.md#recursive-sets), equivalent to `{ x = "foo"; y = "foobar"; }`.
</td> </td>
</tr> </tr>
@ -266,7 +278,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
Lists with three elements. [Lists](@docroot@/language/types.md#list) with three elements.
</td> </td>
</tr> </tr>
@ -350,7 +362,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
Attribute selection (evaluates to `1`) [Attribute selection](@docroot@/language/types.md#attribute-set) (evaluates to `1`)
</td> </td>
</tr> </tr>
@ -362,7 +374,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
Attribute selection with default (evaluates to `3`) [Attribute selection](@docroot@/language/types.md#attribute-set) with default (evaluates to `3`)
</td> </td>
</tr> </tr>
@ -398,7 +410,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
Conditional expression [Conditional expression](@docroot@/language/syntax.md#conditionals).
</td> </td>
</tr> </tr>
@ -410,7 +422,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
Assertion check (evaluates to `"yes!"`). [Assertion](@docroot@/language/syntax.md#assertions) check (evaluates to `"yes!"`).
</td> </td>
</tr> </tr>
@ -422,7 +434,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
Variable definition Variable definition. See [`let`-expressions](@docroot@/language/syntax.md#let-expressions).
</td> </td>
</tr> </tr>
@ -434,7 +446,9 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
Add all attributes from the given set to the scope (evaluates to `1`) Add all attributes from the given set to the scope (evaluates to `1`).
See [`with`-expressions](@docroot@/language/syntax.md#with-expressions) for details and shadowing caveats.
</td> </td>
</tr> </tr>
@ -447,7 +461,8 @@ This is an incomplete overview of language features, by example.
<td> <td>
Adds the variables to the current scope (attribute set or `let` binding). Adds the variables to the current scope (attribute set or `let` binding).
Desugars to `pkgs = pkgs; src = src;` Desugars to `pkgs = pkgs; src = src;`.
See [Inheriting attributes](@docroot@/language/syntax.md#inheriting-attributes).
</td> </td>
</tr> </tr>
@ -460,14 +475,15 @@ This is an incomplete overview of language features, by example.
<td> <td>
Adds the attributes, from the attribute set in parentheses, to the current scope (attribute set or `let` binding). Adds the attributes, from the attribute set in parentheses, to the current scope (attribute set or `let` binding).
Desugars to `lib = pkgs.lib; stdenv = pkgs.stdenv;` Desugars to `lib = pkgs.lib; stdenv = pkgs.stdenv;`.
See [Inheriting attributes](@docroot@/language/syntax.md#inheriting-attributes).
</td> </td>
</tr> </tr>
<tr> <tr>
<td> <td>
*Functions (lambdas)* *[Functions](@docroot@/language/syntax.md#functions) (lambdas)*
</td> </td>
<td> <td>
@ -484,7 +500,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
A function that expects an integer and returns it increased by 1 A [function](@docroot@/language/syntax.md#functions) that expects an integer and returns it increased by 1.
</td> </td>
</tr> </tr>
@ -496,7 +512,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
Curried function, equivalent to `x: (y: x + y)`. Can be used like a function that takes two arguments and returns their sum. Curried [function](@docroot@/language/syntax.md#functions), equivalent to `x: (y: x + y)`. Can be used like a function that takes two arguments and returns their sum.
</td> </td>
</tr> </tr>
@ -508,7 +524,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
A function call (evaluates to 101) A [function](@docroot@/language/syntax.md#functions) call (evaluates to 101)
</td> </td>
</tr> </tr>
@ -520,7 +536,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
A function bound to a variable and subsequently called by name (evaluates to 103) A [function](@docroot@/language/syntax.md#functions) bound to a variable and subsequently called by name (evaluates to 103)
</td> </td>
</tr> </tr>
@ -532,7 +548,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
A function that expects a set with required attributes `x` and `y` and concatenates them A [function](@docroot@/language/syntax.md#functions) that expects a set with required attributes `x` and `y` and concatenates them
</td> </td>
</tr> </tr>
@ -544,7 +560,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
A function that expects a set with required attribute `x` and optional `y`, using `"bar"` as default value for `y` A [function](@docroot@/language/syntax.md#functions) that expects a set with required attribute `x` and optional `y`, using `"bar"` as default value for `y`
</td> </td>
</tr> </tr>
@ -556,7 +572,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
A function that expects a set with required attributes `x` and `y` and ignores any other attributes A [function](@docroot@/language/syntax.md#functions) that expects a set with required attributes `x` and `y` and ignores any other attributes
</td> </td>
</tr> </tr>
@ -570,7 +586,7 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
A function that expects a set with required attributes `x` and `y`, and binds the whole set to `args` A [function](@docroot@/language/syntax.md#functions) that expects a set with required attributes `x` and `y`, and binds the whole set to `args`
</td> </td>
</tr> </tr>
@ -594,7 +610,8 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
Load and return Nix expression in given file Load and return Nix expression in given file.
See [import](@docroot@/language/builtins.md#builtins-import).
</td> </td>
</tr> </tr>
@ -606,7 +623,8 @@ This is an incomplete overview of language features, by example.
</td> </td>
<td> <td>
Apply a function to every element of a list (evaluates to `[ 2 4 6 ]`) Apply a function to every element of a list (evaluates to `[ 2 4 6 ]`).
See [`map`](@docroot@/language/builtins.md#builtins-map).
</td> </td>
</tr> </tr>

View file

@ -27,11 +27,11 @@
| Logical disjunction (`OR`) | *bool* <code>\|\|</code> *bool* | left | 13 | | Logical disjunction (`OR`) | *bool* <code>\|\|</code> *bool* | left | 13 |
| [Logical implication] | *bool* `->` *bool* | right | 14 | | [Logical implication] | *bool* `->` *bool* | right | 14 |
[string]: ./values.md#type-string [string]: ./types.md#type-string
[path]: ./values.md#type-path [path]: ./types.md#type-path
[number]: ./values.md#type-number [number]: ./types.md#type-float <!-- TODO(@rhendric, #10970): rationalize this -->
[list]: ./values.md#list [list]: ./types.md#list
[attribute set]: ./values.md#attribute-set [attribute set]: ./types.md#attribute-set
## Attribute selection ## Attribute selection
@ -42,7 +42,7 @@
Select the attribute denoted by attribute path *attrpath* from [attribute set] *attrset*. Select the attribute denoted by attribute path *attrpath* from [attribute set] *attrset*.
If the attribute doesnt exist, return the *expr* after `or` if provided, otherwise abort evaluation. If the attribute doesnt exist, return the *expr* after `or` if provided, otherwise abort evaluation.
An attribute path is a dot-separated list of [attribute names](./values.md#attribute-set). An attribute path is a dot-separated list of [attribute names](./types.md#attribute-set).
> **Syntax** > **Syntax**
> >
@ -61,7 +61,7 @@ The result is a [Boolean] value.
See also: [`builtins.hasAttr`](@docroot@/language/builtins.md#builtins-hasAttr) See also: [`builtins.hasAttr`](@docroot@/language/builtins.md#builtins-hasAttr)
[Boolean]: ./values.md#type-boolean [Boolean]: ./types.md#type-boolean
[Has attribute]: #has-attribute [Has attribute]: #has-attribute
@ -128,7 +128,7 @@ The result is a string.
> The file or directory at *path* must exist and is copied to the [store]. > The file or directory at *path* must exist and is copied to the [store].
> The path appears in the result as the corresponding [store path]. > The path appears in the result as the corresponding [store path].
[store path]: @docroot@/glossary.md#gloss-store-path [store path]: @docroot@/store/store-path.md
[store]: @docroot@/glossary.md#gloss-store [store]: @docroot@/glossary.md#gloss-store
[String and path concatenation]: #string-and-path-concatenation [String and path concatenation]: #string-and-path-concatenation
@ -141,7 +141,7 @@ The result is a string.
Update [attribute set] *attrset1* with names and values from *attrset2*. Update [attribute set] *attrset1* with names and values from *attrset2*.
The returned attribute set will have of all the attributes in *attrset1* and *attrset2*. The returned attribute set will have all of the attributes in *attrset1* and *attrset2*.
If an attribute name is present in both, the attribute value from the latter is taken. If an attribute name is present in both, the attribute value from the latter is taken.
[Update]: #update [Update]: #update
@ -172,7 +172,7 @@ All comparison operators are implemented in terms of `<`, and the following equi
- Numbers are type-compatible, see [arithmetic] operators. - Numbers are type-compatible, see [arithmetic] operators.
- Floating point numbers only differ up to a limited precision. - Floating point numbers only differ up to a limited precision.
[function]: ./constructs.md#functions [function]: ./syntax.md#functions
[Equality]: #equality [Equality]: #equality

View file

@ -0,0 +1,14 @@
# Scoping rules
Nix is [statically scoped](https://en.wikipedia.org/wiki/Scope_(computer_science)#Lexical_scope), but with multiple scopes and shadowing rules.
* primary scope: explicitly-bound variables
* [`let`](./syntax.md#let-expressions)
* [`inherit`](./syntax.md#inheriting-attributes)
* [function](./syntax.md#functions) arguments
* secondary scope: implicitly-bound variables
* [`with`](./syntax.md#with-expressions)
Primary scope takes precedence over secondary scope.
See [`with`](./syntax.md#with-expressions) for a detailed example.

View file

@ -0,0 +1,134 @@
# String context
> **Note**
>
> This is an advanced topic.
> The Nix language is designed to be used without the programmer consciously dealing with string contexts or even knowing what they are.
A string in the Nix language is not just a sequence of characters like strings in other languages.
It is actually a pair of a sequence of characters and a *string context*.
The string context is an (unordered) set of *string context elements*.
The purpose of string contexts is to collect non-string values attached to strings via
[string concatenation](./operators.md#string-concatenation),
[string interpolation](./string-interpolation.md),
and similar operations.
The idea is that a user can combine together values to create a build instructions for derivations without manually keeping track of where they come from.
Then the Nix language implicitly does that bookkeeping to efficiently obtain the closure of derivation inputs.
> **Note**
>
> String contexts are *not* explicitly manipulated in idiomatic Nix language code.
String context elements come in different forms:
- [deriving path]{#string-context-element-derived-path}
A string context element of this type is a [deriving path](@docroot@/glossary.md#gloss-deriving-path).
They can be either of type [constant](#string-context-constant) or [output](#string-context-output), which correspond to the types of deriving paths.
- [Constant string context elements]{#string-context-constant}
> **Example**
>
> [`builtins.storePath`] creates a string with a single constant string context element:
>
> ```nix
> builtins.getContext (builtins.storePath "/nix/store/wkhdf9jinag5750mqlax6z2zbwhqb76n-hello-2.10")
> ```
> evaluates to
> ```nix
> {
> "/nix/store/wkhdf9jinag5750mqlax6z2zbwhqb76n-hello-2.10" = {
> path = true;
> };
> }
> ```
[deriving path]: @docroot@/glossary.md#gloss-deriving-path
[store path]: @docroot@/glossary.md#gloss-store-path
[`builtins.storePath`]: ./builtins.md#builtins-storePath
- [Output string context elements]{#string-context-output}
> **Example**
>
> The behavior of string contexts are best demonstrated with a built-in function that is still experimental: [`builtins.outputOf`].
> This example will *not* work with stable Nix!
>
> ```nix
> builtins.getContext
> (builtins.outputOf
> (builtins.storePath "/nix/store/fvchh9cvcr7kdla6n860hshchsba305w-hello-2.12.drv")
> "out")
> ```
> evaluates to
> ```nix
> {
> "/nix/store/fvchh9cvcr7kdla6n860hshchsba305w-hello-2.12.drv" = {
> outputs = [ "out" ];
> };
> }
> ```
[`builtins.outputOf`]: ./builtins.md#builtins-outputOf
- [*derivation deep*]{#string-context-element-derivation-deep}
*derivation deep* is an advanced feature intended to be used with the
[`exportReferencesGraph` derivation attribute](./advanced-attributes.html#adv-attr-exportReferencesGraph).
A *derivation deep* string context element is a derivation path, and refers to both its outputs and the entire build closure of that derivation:
all its outputs, all the other derivations the given derivation depends on, and all the outputs of those.
> **Example**
>
> The best way to illustrate *derivation deep* string contexts is with [`builtins.addDrvOutputDependencies`].
> Take a regular constant string context element pointing to a derivation, and transform it into a "Derivation deep" string context element.
>
> ```nix
> builtins.getContext
> (builtins.addDrvOutputDependencies
> (builtins.storePath "/nix/store/fvchh9cvcr7kdla6n860hshchsba305w-hello-2.12.drv"))
> ```
> evaluates to
> ```nix
> {
> "/nix/store/fvchh9cvcr7kdla6n860hshchsba305w-hello-2.12.drv" = {
> allOutputs = true;
> };
> }
> ```
[`builtins.addDrvOutputDependencies`]: ./builtins.md#builtins-addDrvOutputDependencies
[`builtins.unsafeDiscardOutputDependency`]: ./builtins.md#builtins-unsafeDiscardOutputDependency
## Inspecting string contexts
Most basically, [`builtins.hasContext`] will tell whether a string has a non-empty context.
When more granular information is needed, [`builtins.getContext`] can be used.
It creates an [attribute set] representing the string context, which can be inspected as usual.
[`builtins.hasContext`]: ./builtins.md#builtins-hasContext
[`builtins.getContext`]: ./builtins.md#builtins-getContext
[attribute set]: ./types.md#attribute-set
## Clearing string contexts
[`buitins.unsafeDiscardStringContext`](./builtins.md#builtins-unsafeDiscardStringContext) will make a copy of a string, but with an empty string context.
The returned string can be used in more ways, e.g. by operators that require the string context to be empty.
The requirement to explicitly discard the string context in such use cases helps ensure that string context elements are not lost by mistake.
The "unsafe" marker is only there to remind that Nix normally guarantees that dependencies are tracked, whereas the returned string has lost them.
## Constructing string contexts
[`builtins.appendContext`] will create a copy of a string, but with additional string context elements.
The context is specified explicitly by an [attribute set] in the format that [`builtins.hasContext`] produces.
A string with arbitrary contexts can be made like this:
1. Create a string with the desired string context elements.
(The contents of the string do not matter.)
2. Dump its context with [`builtins.getContext`].
3. Combine it with a base string and repeated [`builtins.appendContext`] calls.
[`builtins.appendContext`]: ./builtins.md#builtins-appendContext

View file

@ -4,9 +4,9 @@ String interpolation is a language feature where a [string], [path], or [attribu
Such a construct is called *interpolated string*, and the expression inside is an [interpolated expression](#interpolated-expression). Such a construct is called *interpolated string*, and the expression inside is an [interpolated expression](#interpolated-expression).
[string]: ./values.md#type-string [string]: ./types.md#type-string
[path]: ./values.md#type-path [path]: ./types.md#type-path
[attribute set]: ./values.md#attribute-set [attribute set]: ./types.md#attribute-set
## Examples ## Examples
@ -43,6 +43,47 @@ configureFlags = "
Note that Nix expressions and strings can be arbitrarily nested; Note that Nix expressions and strings can be arbitrarily nested;
in this case the outer string contains various interpolated expressions that themselves contain strings (e.g., `"-thread"`), some of which in turn contain interpolated expressions (e.g., `${mesa}`). in this case the outer string contains various interpolated expressions that themselves contain strings (e.g., `"-thread"`), some of which in turn contain interpolated expressions (e.g., `${mesa}`).
To write a literal `${` in an regular string, escape it with a backslash (`\`).
> **Example**
>
> ```nix
> "echo \${PATH}"
> ```
>
> "echo ${PATH}"
To write a literal `${` in an indented string, escape it with two single quotes (`''`).
> **Example**
>
> ```nix
> ''
> echo ''${PATH}
> ''
> ```
>
> "echo ${PATH}\n"
`$${` can be written literally in any string.
> **Example**
>
> In Make, `$` in file names or recipes is represented as `$$`, see [GNU `make`: Basics of Variable Reference](https://www.gnu.org/software/make/manual/html_node/Reference.html#Basics-of-Variable-References).
> This can be expressed directly in the Nix language strings:
>
> ```nix
> ''
> MAKEVAR = Hello
> all:
> @export BASHVAR=world; echo $(MAKEVAR) $${BASHVAR}
> ''
> ```
>
> "MAKEVAR = Hello\nall:\n\t@export BASHVAR=world; echo $(MAKEVAR) $\${BASHVAR}\n"
See the [documentation on strings][string] for details.
### Path ### Path
Rather than writing Rather than writing
@ -107,9 +148,9 @@ An expression that is interpolated must evaluate to one of the following:
A string interpolates to itself. A string interpolates to itself.
A path in an interpolated expression is first copied into the Nix store, and the resulting string is the [store path] of the newly created [store object](@docroot@/glossary.md#gloss-store-object). A path in an interpolated expression is first copied into the Nix store, and the resulting string is the [store path] of the newly created [store object](@docroot@/store/store-object.md).
[store path]: @docroot@/glossary.md#gloss-store-path [store path]: @docroot@/store/store-path.md
> **Example** > **Example**
> >

View file

@ -0,0 +1,827 @@
# Language Constructs
This section covers syntax and semantics of the Nix language.
## Basic Literals
### String {#string-literal}
*Strings* can be written in three ways.
The most common way is to enclose the string between double quotes, e.g., `"foo bar"`.
Strings can span multiple lines.
The results of other expressions can be included into a string by enclosing them in `${ }`, a feature known as [string interpolation].
[string interpolation]: ./string-interpolation.md
The following must be escaped to represent them within a string, by prefixing with a backslash (`\`):
- Double quote (`"`)
> **Example**
>
> ```nix
> "\""
> ```
>
> "\""
- Backslash (`\`)
> **Example**
>
> ```nix
> "\\"
> ```
>
> "\\"
- Dollar sign followed by an opening curly bracket (`${`) "dollar-curly"
> **Example**
>
> ```nix
> "\${"
> ```
>
> "\${"
The newline, carriage return, and tab characters can be written as `\n`, `\r` and `\t`, respectively.
A "double-dollar-curly" (`$${`) can be written literally.
> **Example**
>
> ```nix
> "$${"
> ```
>
> "$\${"
String values are output on the terminal with Nix-specific escaping.
Strings written to files will contain the characters encoded by the escaping.
The second way to write string literals is as an *indented string*, which is enclosed between pairs of *double single-quotes* (`''`), like so:
```nix
''
This is the first line.
This is the second line.
This is the third line.
''
```
This kind of string literal intelligently strips indentation from
the start of each line. To be precise, it strips from each line a
number of spaces equal to the minimal indentation of the string as a
whole (disregarding the indentation of empty lines). For instance,
the first and second line are indented two spaces, while the third
line is indented four spaces. Thus, two spaces are stripped from
each line, so the resulting string is
```nix
"This is the first line.\nThis is the second line.\n This is the third line.\n"
```
> **Note**
>
> Whitespace and newline following the opening `''` is ignored if there is no non-whitespace text on the initial line.
> **Warning**
>
> Prefixed tab characters are not stripped.
>
> > **Example**
> >
> > The following indented string is prefixed with tabs:
> >
> > ''
> > all:
> > @echo hello
> > ''
> >
> > "\tall:\n\t\t@echo hello\n"
Indented strings support [string interpolation].
The following must be escaped to represent them in an indented string:
- `$` is escaped by prefixing it with two single quotes (`''`)
> **Example**
>
> ```nix
> ''
> ''$
> ''
> ```
>
> "$\n"
- `''` is escaped by prefixing it with one single quote (`'`)
> **Example**
>
> ```nix
> ''
> '''
> ''
> ```
>
> "''\n"
These special characters are escaped as follows:
- Linefeed (`\n`): `''\n`
- Carriage return (`\r`): `''\r`
- Tab (`\t`): `''\t`
`''\` escapes any other character.
A "double-dollar-curly" (`$${`) can be written literally.
> **Example**
>
> ```nix
> ''
> $${
> ''
> ```
>
> "$\${\n"
Indented strings are primarily useful in that they allow multi-line
string literals to follow the indentation of the enclosing Nix
expression, and that less escaping is typically necessary for
strings representing languages such as shell scripts and
configuration files because `''` is much less common than `"`.
Example:
```nix
stdenv.mkDerivation {
...
postInstall =
''
mkdir $out/bin $out/etc
cp foo $out/bin
echo "Hello World" > $out/etc/foo.conf
${if enableBar then "cp bar $out/bin" else ""}
'';
...
}
```
Finally, as a convenience, *URIs* as defined in appendix B of
[RFC 2396](http://www.ietf.org/rfc/rfc2396.txt) can be written *as
is*, without quotes. For instance, the string
`"http://example.org/foo.tar.bz2"` can also be written as
`http://example.org/foo.tar.bz2`.
### Number {#number-literal}
<!-- TODO(@rhendric, #10970): split this into int and float -->
Numbers, which can be *integers* (like `123`) or *floating point*
(like `123.43` or `.27e13`).
See [arithmetic] and [comparison] operators for semantics.
[arithmetic]: ./operators.md#arithmetic
[comparison]: ./operators.md#comparison
### Path {#path-literal}
*Paths* can be expressed by path literals such as `./builder.sh`.
A path literal must contain at least one slash to be recognised as such.
For instance, `builder.sh` is not a path:
it's parsed as an expression that selects the attribute `sh` from the variable `builder`.
Path literals are resolved relative to their [base directory](@docroot@/glossary.md#gloss-base-directory).
Path literals may also refer to absolute paths by starting with a slash.
> **Note**
>
> Absolute paths make expressions less portable.
> In the case where a function translates a path literal into an absolute path string for a configuration file, it is recommended to write a string literal instead.
> This avoids some confusion about whether files at that location will be used during evaluation.
> It also avoids unintentional situations where some function might try to copy everything at the location into the store.
If the first component of a path is a `~`, it is interpreted such that the rest of the path were relative to the user's home directory.
For example, `~/foo` would be equivalent to `/home/edolstra/foo` for a user whose home directory is `/home/edolstra`.
Path literals that start with `~` are not allowed in [pure](@docroot@/command-ref/conf-file.md#conf-pure-eval) evaluation.
Path literals can also include [string interpolation], besides being [interpolated into other expressions].
[interpolated into other expressions]: ./string-interpolation.md#interpolated-expressions
At least one slash (`/`) must appear *before* any interpolated expression for the result to be recognized as a path.
`a.${foo}/b.${bar}` is a syntactically valid number division operation.
`./a.${foo}/b.${bar}` is a path.
[Lookup path](./constructs/lookup-path.md) literals such as `<nixpkgs>` also resolve to path values.
## List {#list-literal}
Lists are formed by enclosing a whitespace-separated list of values
between square brackets. For example,
```nix
[ 123 ./foo.nix "abc" (f { x = y; }) ]
```
defines a list of four elements, the last being the result of a call to
the function `f`. Note that function calls have to be enclosed in
parentheses. If they had been omitted, e.g.,
```nix
[ 123 ./foo.nix "abc" f { x = y; } ]
```
the result would be a list of five elements, the fourth one being a
function and the fifth being a set.
Note that lists are only lazy in values, and they are strict in length.
Elements in a list can be accessed using [`builtins.elemAt`](./builtins.md#builtins-elemAt).
## Attribute Set {#attrs-literal}
An attribute set is a collection of name-value-pairs (called *attributes*) enclosed in curly brackets (`{ }`).
An attribute name can be an identifier or a [string](#string).
An identifier must start with a letter (`a-z`, `A-Z`) or underscore (`_`), and can otherwise contain letters (`a-z`, `A-Z`), numbers (`0-9`), underscores (`_`), apostrophes (`'`), or dashes (`-`).
> **Syntax**
>
> *name* = *identifier* | *string* \
> *identifier* ~ `[a-zA-Z_][a-zA-Z0-9_'-]*`
Names and values are separated by an equal sign (`=`).
Each value is an arbitrary expression terminated by a semicolon (`;`).
> **Syntax**
>
> *attrset* = `{` [ *name* `=` *expr* `;` ]... `}`
Attributes can appear in any order.
An attribute name may only occur once.
Example:
```nix
{
x = 123;
text = "Hello";
y = f { bla = 456; };
}
```
This defines a set with attributes named `x`, `text`, `y`.
Attributes can be accessed with the [`.` operator](./operators.md#attribute-selection).
Example:
```nix
{ a = "Foo"; b = "Bar"; }.a
```
This evaluates to `"Foo"`.
It is possible to provide a default value in an attribute selection using the `or` keyword.
Example:
```nix
{ a = "Foo"; b = "Bar"; }.c or "Xyzzy"
```
```nix
{ a = "Foo"; b = "Bar"; }.c.d.e.f.g or "Xyzzy"
```
will both evaluate to `"Xyzzy"` because there is no `c` attribute in the set.
You can use arbitrary double-quoted strings as attribute names:
```nix
{ "$!@#?" = 123; }."$!@#?"
```
```nix
let bar = "bar"; in
{ "foo ${bar}" = 123; }."foo ${bar}"
```
Both will evaluate to `123`.
Attribute names support [string interpolation]:
```nix
let bar = "foo"; in
{ foo = 123; }.${bar}
```
```nix
let bar = "foo"; in
{ ${bar} = 123; }.foo
```
Both will evaluate to `123`.
In the special case where an attribute name inside of a set declaration
evaluates to `null` (which is normally an error, as `null` cannot be coerced to
a string), that attribute is simply not added to the set:
```nix
{ ${if foo then "bar" else null} = true; }
```
This will evaluate to `{}` if `foo` evaluates to `false`.
A set that has a `__functor` attribute whose value is callable (i.e. is
itself a function or a set with a `__functor` attribute whose value is
callable) can be applied as if it were a function, with the set itself
passed in first , e.g.,
```nix
let add = { __functor = self: x: x + self.x; };
inc = add // { x = 1; };
in inc 1
```
evaluates to `2`. This can be used to attach metadata to a function
without the caller needing to treat it specially, or to implement a form
of object-oriented programming, for example.
## Recursive sets
Recursive sets are like normal [attribute sets](./types.md#attribute-set), but the attributes can refer to each other.
> *rec-attrset* = `rec {` [ *name* `=` *expr* `;` `]`... `}`
Example:
```nix
rec {
x = y;
y = 123;
}.x
```
This evaluates to `123`.
Note that without `rec` the binding `x = y;` would
refer to the variable `y` in the surrounding scope, if one exists, and
would be invalid if no such variable exists. That is, in a normal
(non-recursive) set, attributes are not added to the lexical scope; in a
recursive set, they are.
Recursive sets of course introduce the danger of infinite recursion. For
example, the expression
```nix
rec {
x = y;
y = x;
}.x
```
will crash with an `infinite recursion encountered` error message.
## Let-expressions
A let-expression allows you to define local variables for an expression.
> *let-in* = `let` [ *identifier* = *expr* ]... `in` *expr*
Example:
```nix
let
x = "foo";
y = "bar";
in x + y
```
This evaluates to `"foobar"`.
## Inheriting attributes
When defining an [attribute set](./types.md#attribute-set) or in a [let-expression](#let-expressions) it is often convenient to copy variables from the surrounding lexical scope (e.g., when you want to propagate attributes).
This can be shortened using the `inherit` keyword.
Example:
```nix
let x = 123; in
{
inherit x;
y = 456;
}
```
is equivalent to
```nix
let x = 123; in
{
x = x;
y = 456;
}
```
and both evaluate to `{ x = 123; y = 456; }`.
> **Note**
>
> This works because `x` is added to the lexical scope by the `let` construct.
It is also possible to inherit attributes from another attribute set.
Example:
In this fragment from `all-packages.nix`,
```nix
graphviz = (import ../tools/graphics/graphviz) {
inherit fetchurl stdenv libpng libjpeg expat x11 yacc;
inherit (xorg) libXaw;
};
xorg = {
libX11 = ...;
libXaw = ...;
...
}
libpng = ...;
libjpg = ...;
...
```
the set used in the function call to the function defined in
`../tools/graphics/graphviz` inherits a number of variables from the
surrounding scope (`fetchurl` ... `yacc`), but also inherits `libXaw`
(the X Athena Widgets) from the `xorg` set.
Summarizing the fragment
```nix
...
inherit x y z;
inherit (src-set) a b c;
...
```
is equivalent to
```nix
...
x = x; y = y; z = z;
a = src-set.a; b = src-set.b; c = src-set.c;
...
```
when used while defining local variables in a let-expression or while
defining a set.
In a `let` expression, `inherit` can be used to selectively bring specific attributes of a set into scope. For example
```nix
let
x = { a = 1; b = 2; };
inherit (builtins) attrNames;
in
{
names = attrNames x;
}
```
is equivalent to
```nix
let
x = { a = 1; b = 2; };
in
{
names = builtins.attrNames x;
}
```
both evaluate to `{ names = [ "a" "b" ]; }`.
## Functions
Functions have the following form:
```nix
pattern: body
```
The pattern specifies what the argument of the function must look like,
and binds variables in the body to (parts of) the argument. There are
three kinds of patterns:
- If a pattern is a single identifier, then the function matches any
argument. Example:
```nix
let negate = x: !x;
concat = x: y: x + y;
in if negate true then concat "foo" "bar" else ""
```
Note that `concat` is a function that takes one argument and returns
a function that takes another argument. This allows partial
parameterisation (i.e., only filling some of the arguments of a
function); e.g.,
```nix
map (concat "foo") [ "bar" "bla" "abc" ]
```
evaluates to `[ "foobar" "foobla" "fooabc" ]`.
- A *set pattern* of the form `{ name1, name2, …, nameN }` matches a
set containing the listed attributes, and binds the values of those
attributes to variables in the function body. For example, the
function
```nix
{ x, y, z }: z + y + x
```
can only be called with a set containing exactly the attributes `x`,
`y` and `z`. No other attributes are allowed. If you want to allow
additional arguments, you can use an ellipsis (`...`):
```nix
{ x, y, z, ... }: z + y + x
```
This works on any set that contains at least the three named
attributes.
It is possible to provide *default values* for attributes, in
which case they are allowed to be missing. A default value is
specified by writing `name ? e`, where *e* is an arbitrary
expression. For example,
```nix
{ x, y ? "foo", z ? "bar" }: z + y + x
```
specifies a function that only requires an attribute named `x`, but
optionally accepts `y` and `z`.
- An `@`-pattern provides a means of referring to the whole value
being matched:
```nix
args@{ x, y, z, ... }: z + y + x + args.a
```
but can also be written as:
```nix
{ x, y, z, ... } @ args: z + y + x + args.a
```
Here `args` is bound to the argument *as passed*, which is further
matched against the pattern `{ x, y, z, ... }`.
The `@`-pattern makes mainly sense with an ellipsis(`...`) as
you can access attribute names as `a`, using `args.a`, which was
given as an additional attribute to the function.
> **Warning**
>
> `args@` binds the name `args` to the attribute set that is passed to the function.
> In particular, `args` does *not* include any default values specified with `?` in the function's set pattern.
>
> For instance
>
> ```nix
> let
> f = args@{ a ? 23, ... }: [ a args ];
> in
> f {}
> ```
>
> is equivalent to
>
> ```nix
> let
> f = args @ { ... }: [ (args.a or 23) args ];
> in
> f {}
> ```
>
> and both expressions will evaluate to:
>
> ```nix
> [ 23 {} ]
> ```
Note that functions do not have names. If you want to give them a name,
you can bind them to an attribute, e.g.,
```nix
let concat = { x, y }: x + y;
in concat { x = "foo"; y = "bar"; }
```
## Conditionals
Conditionals look like this:
```nix
if e1 then e2 else e3
```
where *e1* is an expression that should evaluate to a Boolean value
(`true` or `false`).
## Assertions
Assertions are generally used to check that certain requirements on or
between features and dependencies hold. They look like this:
```nix
assert e1; e2
```
where *e1* is an expression that should evaluate to a Boolean value. If
it evaluates to `true`, *e2* is returned; otherwise expression
evaluation is aborted and a backtrace is printed.
Here is a Nix expression for the Subversion package that shows how
assertions can be used:.
```nix
{ localServer ? false
, httpServer ? false
, sslSupport ? false
, pythonBindings ? false
, javaSwigBindings ? false
, javahlBindings ? false
, stdenv, fetchurl
, openssl ? null, httpd ? null, db4 ? null, expat, swig ? null, j2sdk ? null
}:
assert localServer -> db4 != null; ①
assert httpServer -> httpd != null && httpd.expat == expat; ②
assert sslSupport -> openssl != null && (httpServer -> httpd.openssl == openssl); ③
assert pythonBindings -> swig != null && swig.pythonSupport;
assert javaSwigBindings -> swig != null && swig.javaSupport;
assert javahlBindings -> j2sdk != null;
stdenv.mkDerivation {
name = "subversion-1.1.1";
...
openssl = if sslSupport then openssl else null; ④
...
}
```
The points of interest are:
1. This assertion states that if Subversion is to have support for
local repositories, then Berkeley DB is needed. So if the Subversion
function is called with the `localServer` argument set to `true` but
the `db4` argument set to `null`, then the evaluation fails.
Note that `->` is the [logical
implication](https://en.wikipedia.org/wiki/Truth_table#Logical_implication)
Boolean operation.
2. This is a more subtle condition: if Subversion is built with Apache
(`httpServer`) support, then the Expat library (an XML library) used
by Subversion should be same as the one used by Apache. This is
because in this configuration Subversion code ends up being linked
with Apache code, and if the Expat libraries do not match, a build-
or runtime link error or incompatibility might occur.
3. This assertion says that in order for Subversion to have SSL support
(so that it can access `https` URLs), an OpenSSL library must be
passed. Additionally, it says that *if* Apache support is enabled,
then Apache's OpenSSL should match Subversion's. (Note that if
Apache support is not enabled, we don't care about Apache's
OpenSSL.)
4. The conditional here is not really related to assertions, but is
worth pointing out: it ensures that if SSL support is disabled, then
the Subversion derivation is not dependent on OpenSSL, even if a
non-`null` value was passed. This prevents an unnecessary rebuild of
Subversion if OpenSSL changes.
## With-expressions
A *with-expression*,
```nix
with e1; e2
```
introduces the set *e1* into the lexical scope of the expression *e2*.
For instance,
```nix
let as = { x = "foo"; y = "bar"; };
in with as; x + y
```
evaluates to `"foobar"` since the `with` adds the `x` and `y` attributes
of `as` to the lexical scope in the expression `x + y`. The most common
use of `with` is in conjunction with the `import` function. E.g.,
```nix
with (import ./definitions.nix); ...
```
makes all attributes defined in the file `definitions.nix` available as
if they were defined locally in a `let`-expression.
The bindings introduced by `with` do not shadow bindings introduced by
other means, e.g.
```nix
let a = 3; in with { a = 1; }; let a = 4; in with { a = 2; }; ...
```
establishes the same scope as
```nix
let a = 1; in let a = 2; in let a = 3; in let a = 4; in ...
```
Variables coming from outer `with` expressions *are* shadowed:
```nix
with { a = "outer"; };
with { a = "inner"; };
a
```
Does evaluate to `"inner"`.
## Comments
- Inline comments start with `#` and run until the end of the line.
> **Example**
>
> ```nix
> # A number
> 2 # Equals 1 + 1
> ```
>
> ```console
> 2
> ```
- Block comments start with `/*` and run until the next occurrence of `*/`.
> **Example**
>
> ```nix
> /*
> Block comments
> can span multiple lines.
> */ "hello"
> ```
>
> ```console
> "hello"
> ```
This means that block comments cannot be nested.
> **Example**
>
> ```nix
> /* /* nope */ */ 1
> ```
>
> ```console
> error: syntax error, unexpected '*'
>
> at «string»:1:15:
>
> 1| /* /* nope */ *
> | ^
> ```
Consider escaping nested comments and unescaping them in post-processing.
> **Example**
>
> ```nix
> /* /* nested *\/ */ 1
> ```
>
> ```console
> 1
> ```

View file

@ -0,0 +1,120 @@
# Data Types
Every value in the Nix language has one of the following types:
* [Integer](#type-int)
* [Float](#type-float)
* [Boolean](#type-bool)
* [String](#type-string)
* [Path](#type-path)
* [Null](#type-null)
* [Attribute set](#type-attrs)
* [List](#type-list)
* [Function](#type-function)
* [External](#type-external)
## Primitives
### Integer {#type-int}
An _integer_ in the Nix language is a signed 64-bit integer.
Non-negative integers can be expressed as [integer literals](syntax.md#number-literal).
Negative integers are created with the [arithmetic negation operator](./operators.md#arithmetic).
The function [`builtins.isInt`](builtins.md#builtins-isInt) can be used to determine if a value is an integer.
### Float {#type-float}
A _float_ in the Nix language is a 64-bit [IEEE 754](https://en.wikipedia.org/wiki/IEEE_754) floating-point number.
Most non-negative floats can be expressed as [float literals](syntax.md#number-literal).
Negative floats are created with the [arithmetic negation operator](./operators.md#arithmetic).
The function [`builtins.isFloat`](builtins.md#builtins-isFloat) can be used to determine if a value is a float.
### Boolean {#type-bool}
A _boolean_ in the Nix language is one of _true_ or _false_.
<!-- TODO: mention the top-level environment -->
These values are available as attributes of [`builtins`](builtins.md#builtins-builtins) as [`builtins.true`](builtins.md#builtins-true) and [`builtins.false`](builtins.md#builtins-false).
The function [`builtins.isBool`](builtins.md#builtins-isBool) can be used to determine if a value is a boolean.
### String {#type-string}
A _string_ in the Nix language is an immutable, finite-length sequence of bytes, along with a [string context](string-context.md).
Nix does not assume or support working natively with character encodings.
String values without string context can be expressed as [string literals](syntax.md#string-literal).
The function [`builtins.isString`](builtins.md#builtins-isString) can be used to determine if a value is a string.
### Path {#type-path}
A _path_ in the Nix language is an immutable, finite-length sequence of bytes starting with `/`, representing a POSIX-style, canonical file system path.
Path values are distinct from string values, even if they contain the same sequence of bytes.
Operations that produce paths will simplify the result as the standard C function [`realpath`] would, except that there is no symbolic link resolution.
[`realpath`]: https://pubs.opengroup.org/onlinepubs/9699919799/functions/realpath.html
Paths are suitable for referring to local files, and are often preferable over strings.
- Path values do not contain trailing or duplicate slashes, `.`, or `..`.
- Relative path literals are automatically resolved relative to their [base directory].
- Tooling can recognize path literals and provide additional features, such as autocompletion, refactoring automation and jump-to-file.
[base directory]: @docroot@/glossary.md#gloss-base-directory
A file is not required to exist at a given path in order for that path value to be valid, but a path that is converted to a string with [string interpolation] or [string-and-path concatenation] must resolve to a readable file or directory which will be copied into the Nix store.
For instance, evaluating `"${./foo.txt}"` will cause `foo.txt` from the same directory to be copied into the Nix store and result in the string `"/nix/store/<hash>-foo.txt"`.
Operations such as [`import`] can also expect a path to resolve to a readable file or directory.
[string interpolation]: string-interpolation.md#interpolated-expression
[string-and-path concatenation]: operators.md#string-and-path-concatenation
[`import`]: builtins.md#builtins-import
> **Note**
>
> The Nix language assumes that all input files will remain _unchanged_ while evaluating a Nix expression.
> For example, assume you used a file path in an interpolated string during a `nix repl` session.
> Later in the same session, after having changed the file contents, evaluating the interpolated string with the file path again might not return a new [store path], since Nix might not re-read the file contents.
> Use `:r` to reset the repl as needed.
[store path]: @docroot@/store/store-path.md
Path values can be expressed as [path literals](syntax.md#path-literal).
The function [`builtins.isPath`](builtins.md#builtins-isPath) can be used to determine if a value is a path.
### Null {#type-null}
There is a single value of type _null_ in the Nix language.
<!-- TODO: mention the top-level environment -->
This value is available as an attribute on the [`builtins`](builtins.md#builtins-builtins) attribute set as [`builtins.null`](builtins.md#builtins-null).
## Compound values
### Attribute set {#type-attrs}
<!-- TODO(@rhendric, #10970): fill this out -->
An attribute set can be constructed with an [attribute set literal](syntax.md#attrs-literal).
The function [`builtins.isAttrs`](builtins.md#builtins-isAttrs) can be used to determine if a value is an attribute set.
### List {#type-list}
<!-- TODO(@rhendric, #10970): fill this out -->
A list can be constructed with a [list literal](syntax.md#list-literal).
The function [`builtins.isList`](builtins.md#builtins-isList) can be used to determine if a value is a list.
## Function {#type-function}
<!-- TODO(@rhendric, #10970): fill this out -->
A function can be constructed with a [function expression](syntax.md#functions).
The function [`builtins.isFunction`](builtins.md#builtins-isFunction) can be used to determine if a value is a function.
## External {#type-external}
An _external_ value is an opaque value created by a Nix [plugin](../command-ref/conf-file.md#conf-plugin-files).
Such a value can be substituted in Nix expressions but only created and used by plugin code.

View file

@ -1,269 +0,0 @@
# Data Types
## Primitives
- <a id="type-string" href="#type-string">String</a>
*Strings* can be written in three ways.
The most common way is to enclose the string between double quotes,
e.g., `"foo bar"`. Strings can span multiple lines. The special
characters `"` and `\` and the character sequence `${` must be
escaped by prefixing them with a backslash (`\`). Newlines, carriage
returns and tabs can be written as `\n`, `\r` and `\t`,
respectively.
You can include the results of other expressions into a string by enclosing them in `${ }`, a feature known as [string interpolation].
[string interpolation]: ./string-interpolation.md
The second way to write string literals is as an *indented string*,
which is enclosed between pairs of *double single-quotes*, like so:
```nix
''
This is the first line.
This is the second line.
This is the third line.
''
```
This kind of string literal intelligently strips indentation from
the start of each line. To be precise, it strips from each line a
number of spaces equal to the minimal indentation of the string as a
whole (disregarding the indentation of empty lines). For instance,
the first and second line are indented two spaces, while the third
line is indented four spaces. Thus, two spaces are stripped from
each line, so the resulting string is
```nix
"This is the first line.\nThis is the second line.\n This is the third line.\n"
```
Note that the whitespace and newline following the opening `''` is
ignored if there is no non-whitespace text on the initial line.
Indented strings support [string interpolation].
Since `${` and `''` have special meaning in indented strings, you
need a way to quote them. `$` can be escaped by prefixing it with
`''` (that is, two single quotes), i.e., `''$`. `''` can be escaped
by prefixing it with `'`, i.e., `'''`. `$` removes any special
meaning from the following `$`. Linefeed, carriage-return and tab
characters can be written as `''\n`, `''\r`, `''\t`, and `''\`
escapes any other character.
Indented strings are primarily useful in that they allow multi-line
string literals to follow the indentation of the enclosing Nix
expression, and that less escaping is typically necessary for
strings representing languages such as shell scripts and
configuration files because `''` is much less common than `"`.
Example:
```nix
stdenv.mkDerivation {
...
postInstall =
''
mkdir $out/bin $out/etc
cp foo $out/bin
echo "Hello World" > $out/etc/foo.conf
${if enableBar then "cp bar $out/bin" else ""}
'';
...
}
```
Finally, as a convenience, *URIs* as defined in appendix B of
[RFC 2396](http://www.ietf.org/rfc/rfc2396.txt) can be written *as
is*, without quotes. For instance, the string
`"http://example.org/foo.tar.bz2"` can also be written as
`http://example.org/foo.tar.bz2`.
- <a id="type-number" href="#type-number">Number</a>
Numbers, which can be *integers* (like `123`) or *floating point*
(like `123.43` or `.27e13`).
See [arithmetic] and [comparison] operators for semantics.
[arithmetic]: ./operators.md#arithmetic
[comparison]: ./operators.md#comparison
- <a id="type-path" href="#type-path">Path</a>
*Paths*, e.g., `/bin/sh` or `./builder.sh`. A path must contain at
least one slash to be recognised as such. For instance, `builder.sh`
is not a path: it's parsed as an expression that selects the
attribute `sh` from the variable `builder`. If the file name is
relative, i.e., if it does not begin with a slash, it is made
absolute at parse time relative to the [base directory](@docroot@/glossary.md#gloss-base-directory).
For instance, if a Nix expression in
`/foo/bar/bla.nix` refers to `../xyzzy/fnord.nix`, the absolute path
is `/foo/xyzzy/fnord.nix`.
If the first component of a path is a `~`, it is interpreted as if
the rest of the path were relative to the user's home directory.
e.g. `~/foo` would be equivalent to `/home/edolstra/foo` for a user
whose home directory is `/home/edolstra`.
For instance, evaluating `"${./foo.txt}"` will cause `foo.txt` in the base directory to be copied into the Nix store and result in the string `"/nix/store/<hash>-foo.txt"`.
Note that the Nix language assumes that all input files will remain _unchanged_ while evaluating a Nix expression.
For example, assume you used a file path in an interpolated string during a `nix repl` session.
Later in the same session, after having changed the file contents, evaluating the interpolated string with the file path again might not return a new [store path], since Nix might not re-read the file contents.
[store path]: @docroot@/glossary.md#gloss-store-path
Paths can include [string interpolation] and can themselves be [interpolated in other expressions].
[interpolated in other expressions]: ./string-interpolation.md#interpolated-expressions
At least one slash (`/`) must appear *before* any interpolated expression for the result to be recognized as a path.
`a.${foo}/b.${bar}` is a syntactically valid division operation.
`./a.${foo}/b.${bar}` is a path.
[Lookup paths](./constructs/lookup-path.md) such as `<nixpkgs>` resolve to path values.
- <a id="type-boolean" href="#type-boolean">Boolean</a>
*Booleans* with values `true` and `false`.
- <a id="type-null" href="#type-null">Null</a>
The null value, denoted as `null`.
## List
Lists are formed by enclosing a whitespace-separated list of values
between square brackets. For example,
```nix
[ 123 ./foo.nix "abc" (f { x = y; }) ]
```
defines a list of four elements, the last being the result of a call to
the function `f`. Note that function calls have to be enclosed in
parentheses. If they had been omitted, e.g.,
```nix
[ 123 ./foo.nix "abc" f { x = y; } ]
```
the result would be a list of five elements, the fourth one being a
function and the fifth being a set.
Note that lists are only lazy in values, and they are strict in length.
Elements in a list can be accessed using [`builtins.elemAt`](./builtins.md#builtins-elemAt).
## Attribute Set
An attribute set is a collection of name-value-pairs (called *attributes*) enclosed in curly brackets (`{ }`).
An attribute name can be an identifier or a [string](#string).
An identifier must start with a letter (`a-z`, `A-Z`) or underscore (`_`), and can otherwise contain letters (`a-z`, `A-Z`), numbers (`0-9`), underscores (`_`), apostrophes (`'`), or dashes (`-`).
> **Syntax**
>
> *name* = *identifier* | *string* \
> *identifier* ~ `[a-zA-Z_][a-zA-Z0-9_'-]*`
Names and values are separated by an equal sign (`=`).
Each value is an arbitrary expression terminated by a semicolon (`;`).
> **Syntax**
>
> *attrset* = `{` [ *name* `=` *expr* `;` ]... `}`
Attributes can appear in any order.
An attribute name may only occur once.
Example:
```nix
{
x = 123;
text = "Hello";
y = f { bla = 456; };
}
```
This defines a set with attributes named `x`, `text`, `y`.
Attributes can be accessed with the [`.` operator](./operators.md#attribute-selection).
Example:
```nix
{ a = "Foo"; b = "Bar"; }.a
```
This evaluates to `"Foo"`.
It is possible to provide a default value in an attribute selection using the `or` keyword.
Example:
```nix
{ a = "Foo"; b = "Bar"; }.c or "Xyzzy"
```
```nix
{ a = "Foo"; b = "Bar"; }.c.d.e.f.g or "Xyzzy"
```
will both evaluate to `"Xyzzy"` because there is no `c` attribute in the set.
You can use arbitrary double-quoted strings as attribute names:
```nix
{ "$!@#?" = 123; }."$!@#?"
```
```nix
let bar = "bar"; in
{ "foo ${bar}" = 123; }."foo ${bar}"
```
Both will evaluate to `123`.
Attribute names support [string interpolation]:
```nix
let bar = "foo"; in
{ foo = 123; }.${bar}
```
```nix
let bar = "foo"; in
{ ${bar} = 123; }.foo
```
Both will evaluate to `123`.
In the special case where an attribute name inside of a set declaration
evaluates to `null` (which is normally an error, as `null` cannot be coerced to
a string), that attribute is simply not added to the set:
```nix
{ ${if foo then "bar" else null} = true; }
```
This will evaluate to `{}` if `foo` evaluates to `false`.
A set that has a `__functor` attribute whose value is callable (i.e. is
itself a function or a set with a `__functor` attribute whose value is
callable) can be applied as if it were a function, with the set itself
passed in first , e.g.,
```nix
let add = { __functor = self: x: x + self.x; };
inc = add // { x = 1; };
in inc 1
```
evaluates to `2`. This can be used to attach metadata to a function
without the caller needing to treat it specially, or to implement a form
of object-oriented programming, for example.

View file

@ -1,34 +0,0 @@
# Copying Closures via SSH
The command `nix-copy-closure` copies a Nix store path along with all
its dependencies to or from another machine via the SSH protocol. It
doesnt copy store paths that are already present on the target machine.
For example, the following command copies Firefox with all its
dependencies:
$ nix-copy-closure --to alice@itchy.example.org $(type -p firefox)
See the [manpage for `nix-copy-closure`](../command-ref/nix-copy-closure.md) for details.
With `nix-store
--export` and `nix-store --import` you can write the closure of a store
path (that is, the path and all its dependencies) to a file, and then
unpack that file into another Nix store. For example,
$ nix-store --export $(nix-store --query --requisites $(type -p firefox)) > firefox.closure
writes the closure of Firefox to a file. You can then copy this file to
another machine and install the closure:
$ nix-store --import < firefox.closure
Any store paths in the closure that are already present in the target
store are ignored. It is also possible to pipe the export into another
command, e.g. to copy and install a closure directly to/on another
machine:
$ nix-store --export $(nix-store --query --requisites $(type -p firefox)) | bzip2 | \
ssh alice@itchy.example.org "bunzip2 | nix-store --import"
However, `nix-copy-closure` is generally more efficient because it only
copies paths that are not already present in the target Nix store.

View file

@ -18,10 +18,30 @@ is a JSON object with the following fields:
Information about the output paths of the derivation. Information about the output paths of the derivation.
This is a JSON object with one member per output, where the key is the output name and the value is a JSON object with these fields: This is a JSON object with one member per output, where the key is the output name and the value is a JSON object with these fields:
* `path`: The output path. * `path`:
The output path, if it is known in advanced.
Otherwise, `null`.
* `method`:
For an output which will be [content addresed], a string representing the [method](@docroot@/store/store-object/content-address.md) of content addressing that is chosen.
Valid method strings are:
- [`flat`](@docroot@/store/store-object/content-address.md#method-flat)
- [`nar`](@docroot@/store/store-object/content-address.md#method-nix-archive)
- [`text`](@docroot@/store/store-object/content-address.md#method-text)
- [`git`](@docroot@/store/store-object/content-address.md#method-git)
Otherwise, `null`.
* `hashAlgo`: * `hashAlgo`:
For fixed-output derivations, the hashing algorithm (e.g. `sha256`), optionally prefixed by `r:` if `hash` denotes a NAR hash rather than a flat file hash. For an output which will be [content addresed], the name of the hash algorithm used.
Valid algorithm strings are:
- `md5`
- `sha1`
- `sha256`
- `sha512`
* `hash`: * `hash`:
For fixed-output derivations, the expected content hash in base-16. For fixed-output derivations, the expected content hash in base-16.
@ -32,7 +52,8 @@ is a JSON object with the following fields:
> "outputs": { > "outputs": {
> "out": { > "out": {
> "path": "/nix/store/2543j7c6jn75blc3drf4g5vhb1rhdq29-source", > "path": "/nix/store/2543j7c6jn75blc3drf4g5vhb1rhdq29-source",
> "hashAlgo": "r:sha256", > "method": "nar",
> "hashAlgo": "sha256",
> "hash": "6fc80dcc62179dbc12fc0b5881275898f93444833d21b89dfe5f7fbcbb1d0d62" > "hash": "6fc80dcc62179dbc12fc0b5881275898f93444833d21b89dfe5f7fbcbb1d0d62"
> } > }
> } > }

View file

@ -24,41 +24,45 @@ Info about a [store object].
An array of [store paths][store path], possibly including this one. An array of [store paths][store path], possibly including this one.
* `ca` (optional): * `ca`:
Content address of this store object's file system object, used to compute its store path. If the store object is [content-addressed],
this is the content address of this store object's file system object, used to compute its store path.
Otherwise (i.e. if it is [input-addressed]), this is `null`.
[store path]: @docroot@/glossary.md#gloss-store-path [store path]: @docroot@/store/store-path.md
[file system object]: @docroot@/store/file-system-object.md [file system object]: @docroot@/store/file-system-object.md
[Nix Archive]: @docroot@/glossary.md#gloss-nar [Nix Archive]: @docroot@/store/file-system-object/content-address.md#serial-nix-archive
## Impure fields ## Impure fields
These are not intrinsic properties of the store object. These are not intrinsic properties of the store object.
In other words, the same store object residing in different store could have different values for these properties. In other words, the same store object residing in different store could have different values for these properties.
* `deriver` (optional): * `deriver`:
The path to the [derivation] from which this store object is produced. If known, the path to the [derivation] from which this store object was produced.
Otherwise `null`.
[derivation]: @docroot@/glossary.md#gloss-store-derivation [derivation]: @docroot@/glossary.md#gloss-store-derivation
* `registrationTime` (optional): * `registrationTime` (optional):
When this derivation was added to the store. If known, when this derivation was added to the store.
Otherwise `null`.
* `ultimate` (optional): * `ultimate`:
Whether this store object is trusted because we built it ourselves, rather than substituted a build product from elsewhere. Whether this store object is trusted because we built it ourselves, rather than substituted a build product from elsewhere.
* `signatures` (optional): * `signatures`:
Signatures claiming that this store object is what it claims to be. Signatures claiming that this store object is what it claims to be.
Not relevant for [content-addressed] store objects, Not relevant for [content-addressed] store objects,
but useful for [input-addressed] store objects. but useful for [input-addressed] store objects.
[content-addressed]: @docroot@/glossary.md#gloss-content-addressed-store-object [content-addressed]: @docroot@/store/store-object/content-address.md
[input-addressed]: @docroot@/glossary.md#gloss-input-addressed-store-object [input-addressed]: @docroot@/glossary.md#gloss-input-addressed-store-object
### `.narinfo` extra fields ### `.narinfo` extra fields

Some files were not shown because too many files have changed in this diff Show more