max/nix-super
1
0
Fork 0
mirror of https://github.com/privatevoid-net/nix-super.git synced 2024-11-10 00:08:07 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
17738 commits 7 branches 0 tags 62 MiB
Commit graph

17738 commits

This branch
This branch
All branches
Author SHA1 Message Date
John Ericson
3755493642
Merge pull request #11060 from obsidiansystems/meson-nix 
Package the Nix CLI with Meson
 2024-07-09 09:49:03 -04:00
Robert Hensing
d69fcbc9d7
Merge pull request #11065 from DeterminateSystems/remove-hydra-status-check 
Remove the Hydra status check workflow
 2024-07-09 10:28:48 +02:00
John Ericson
7a6269ba7b Package the Nix CLI with Meson 
Co-Authored-By: Qyriad <qyriad@qyriad.me>
 2024-07-08 17:49:44 -04:00
John Ericson
f1d88e0f27
Merge pull request #11064 from obsidiansystems/header-generater 
Use a meson "generator" to deduplicate `.gen.hh` creation
 2024-07-08 12:03:59 -04:00
John Ericson
1439de874f
Merge pull request #11063 from obsidiansystems/config-expr 
Forgot to include `config-expr.hh` in two places
 2024-07-08 11:27:57 -04:00
John Ericson
6e5cec292b Use a meson "generator" to deduplicate .gen.hh creation 2024-07-08 11:13:11 -04:00
John Ericson
c5284a84f3 Forgot to include config-expr.hh in some places 2024-07-08 10:37:34 -04:00
Eelco Dolstra
ab0b54b905 Remove the Hydra status check workflow 
I'm sick of receiving an email about this every 30 minutes.
 2024-07-08 14:39:33 +02:00
Robert Hensing
cfe3ee3de8
nix-shell: look up shell.nix when argument is a directory (#11057) 
* Refactor: rename runEnv -> isNixShell

* Refactor: rename left -> remainingArgs

* nix-build.cc: Refactor: extract baseDir variable

* nix-build.cc: Refactor: extract sourcePath, resolvedPath variables

* nix-shell: Look for shell.nix when directory is specified

* Add legacy setting: nix-shell-always-looks-for-shell-nix

* rl-next: Add note about shell.nix lookups

* tests/functional/shell.nix: Implement runHook for dummy stdenv
 2024-07-08 14:36:36 +02:00
John Ericson
d8850618b6
Merge pull request #11059 from rhendric/rhendric/reference-manual 
docs: merge builtin-constants into builtins
 2024-07-07 21:47:33 -04:00
Ryan Hendrickson
95890b3e1d docs: merge builtin-constants into builtins 2024-07-07 15:57:23 -04:00
Robert Hensing
a9592077fb
Merge pull request #11055 from NixOS/packaging-for-nixpkgs 
Indirections for packaging meson-based granular build for Nixpkgs
 2024-07-07 21:33:01 +02:00
Robert Hensing
fd4b17ab2c
Merge pull request #11056 from romain-neil/s3-allow-use-of-proxy 
Configure aws s3 lib to use system defined proxy, if existent
 2024-07-07 02:47:24 +02:00
John Ericson
41b6c735eb
Merge pull request #11054 from NixOS/meson-fixes 
Meson fixes
 2024-07-06 17:11:11 -04:00
Romain NEIL
514062c227 feat: configure aws s3 lib to use system defined proxy, if existent 2024-07-06 21:46:58 +02:00
Robert Hensing
bea54d116e Add resolvePath, filesetToSource indirections for Nixpkgs 2024-07-06 19:49:55 +02:00
Robert Hensing
da4c55995b ci.yml: Build non unit-tested components in meson_build 2024-07-06 19:15:53 +02:00
Robert Hensing
0729f0a113 packaging: Pass version directly 2024-07-06 17:52:57 +02:00
Robert Hensing
efd5f50f5e nix-perl: Add deps, use mkMesonDerivation 2024-07-06 17:52:57 +02:00
Robert Hensing
4c014e238b nix-main: Add openssl 2024-07-06 17:52:57 +02:00
Robert Hensing
4d0c55ae55 api docs: Use mkMesonDerivation 2024-07-06 17:52:57 +02:00
Robert Hensing
b7e5446b81 flake.nix: Remove unused binding 2024-07-06 17:52:57 +02:00
Robert Hensing
896eb7a44b
Merge pull request #11034 from obsidiansystems/meson-nix 
Package libnixmain and libnixcmd with Meson
 2024-07-06 01:26:59 +02:00
John Ericson
3acf3fc746 Package libnixmain and libnixcmd with Meson 
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
 2024-07-05 16:40:55 -04:00
Robert Hensing
0b901e10ee
Merge pull request #11050 from hercules-ci/issue-10677 
Explain when `man` is missing
 2024-07-05 22:25:38 +02:00
John Ericson
ff9b6d0e1f
Merge pull request #11037 from fricklerhandwerk/document-config-parsing 
use self-descriptive name for config file parser, document
 2024-07-05 15:21:26 -04:00
Eelco Dolstra
d5461b9009
Merge pull request #11051 from Mic92/fix-prefetch 
src/nix/prefetch: fix prefetch containing current directory instead o…
 2024-07-05 20:33:05 +02:00
Robert Hensing
ddff76f667
Merge pull request #10973 from NixOS/meson-libexpr 
Meson build for libexpr libflake, external C API, unit tests
 2024-07-05 20:27:12 +02:00
Jörg Thalheim
05381c0b30
Update src/nix/prefetch.cc 
Co-authored-by: Eelco Dolstra <edolstra@gmail.com>
 2024-07-05 19:45:03 +02:00
Jörg Thalheim
8cea1fbd97 src/nix/prefetch: fix prefetch containing current directory instead of tarball 
When --unpack was used the nix would add the current directory to the
nix store instead of the content of unpacked.
The reason for this is that std::distance already consumes the iterator.
To fix this we re-instantiate the directory iterator in case the
directory only contains a single entry.
 2024-07-05 19:18:49 +02:00
Robert Hensing
6ef00a503a Explain when man is missing 
Have you seen this man?

Fixes #10677
 2024-07-05 19:18:23 +02:00
Eelco Dolstra
8f280d72ff
Merge pull request #11019 from DeterminateSystems/fix-failed-to-open-archive 
Tarball fetcher: Fix handling of cached tarballs
 2024-07-05 17:10:02 +02:00
Robert Hensing
a476383f46
Merge pull request #11031 from emilazy/push-xsrvoyspsvqx 
libstore: fix sandboxed builds on macOS
 2024-07-05 17:08:39 +02:00
Eelco Dolstra
98bef7c38e
Merge pull request #11035 from siddhantk232/refactor 
Factor duplicate code into util function `append`
 2024-07-05 16:34:23 +02:00
Eelco Dolstra
61e1880847
Merge pull request #11041 from hercules-ci/trace-nix-env-attribute-names 
getDerivations: add attributes to trace
 2024-07-05 16:32:27 +02:00
Eelco Dolstra
e1b6b3ce27
Merge pull request #11020 from DeterminateSystems/fix-tarball-caching 
Tarball fetcher: Fix fetchToStore() and eval caching
 2024-07-05 16:30:12 +02:00
Eelco Dolstra
e7e070d36b Document 2024-07-05 16:29:16 +02:00
Robert Hensing
09763c7cad getDerivations: add attributes to trace 
This improves the error message of nix-env -qa, among others, which
is crucial for understanding some ofborg eval error reports, such as
https://gist.github.com/GrahamcOfBorg/89101ca9c2c855d288178f1d3c78efef

After this change, it will report the same trace, but also start with

```
error:
       … while evaluating the attribute 'devShellTools'

       … while evaluating the attribute 'nixos'

       … while evaluating the attribute 'docker-tools-nix-shell'

       … while evaluating the attribute 'aarch64-darwin'

       … from call site
         at /home/user/h/nixpkgs/outpaths.nix:48:6:
           47|   tweak = lib.mapAttrs
           48|     (name: val:
             |      ^
           49|       if name == "recurseForDerivations" then true

<same>
```
 2024-07-05 15:30:07 +02:00
John Ericson
e4056b9afd
Apply suggestions from code review 
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
 2024-07-04 17:48:27 -04:00
Emily
af2e1142b1 libstore: fix sandboxed builds on macOS 
The recent fix for CVE-2024-38531 broke the sandbox on macOS
completely. As it’s not practical to use `chroot(2)` on
macOS, the build takes place in the main filesystem tree, and the
world‐unreadable wrapper directory prevents the build from accessing
its `$TMPDIR` at all.

The macOS sandbox probably shouldn’t be treated as any kind of a
security boundary in its current state, but this specific vulnerability
wasn’t possible to exploit on macOS anyway, as creating `set{u,g}id`
binaries is blocked by sandbox policy.

Locking down the build sandbox further may be a good idea in future,
but it already has significant compatibility issues. For now, restore
the previous status quo on macOS.

Thanks to @alois31 for helping me come to a better understanding of
the vulnerability.

Fixes: 1d3696f0fb
Closes: #11002
 2024-07-04 16:28:37 +01:00
Emily
76e4adfaac libstore: clean up the build directory properly 
After the fix for CVE-2024-38531, this was only removing the nested
build directory, rather than the top‐level temporary directory.

Fixes: 1d3696f0fb
 2024-07-04 16:22:02 +01:00
Valentin Gagarin
c66079f1e8 use self-descriptive name for config file parser, document 
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
 2024-07-04 10:36:48 +02:00
siddhantCodes
976c05879f factor duplicate code into util function append 2024-07-04 11:09:23 +05:30
Eelco Dolstra
5b4102c3b2 Tarball fetcher: Include revCount/lastModified in the fingerprint 
This can influence the evaluation result so they should be included in
the fingerprint.
 2024-07-03 22:05:45 +02:00
John Ericson
509be0e77a
Merge pull request #11022 from obsidiansystems/fix-openbsd-socket-peercred 
Use proper struct sockpeercred for SO_PEERCRED for OpenBSD
 2024-07-03 11:56:39 -04:00
kn
10ccdb7a41 Use proper struct sockpeercred for SO_PEERCRED for OpenBSD 
getsockopt(2) documents this;  ucred is wrong ("cr_" member prefix, no pid).
 2024-07-03 11:16:39 -04:00
John Ericson
a09360400b Ident some CPP in nix daemon 
Makes it easier for me to read.
 2024-07-03 11:15:56 -04:00
Eelco Dolstra
1ff186fc6e nix flake metadata: Show flake fingerprint 
This is useful for testing/debugging and maybe for sharing eval caches
(since it tells you what file in ~/.cache/nix/eval-cache-v5 to copy).
 2024-07-03 17:00:30 +02:00
Eelco Dolstra
9d95c228ee Tarball fetcher: Fix fetchToStore() and eval caching 2024-07-03 16:50:45 +02:00
John Ericson
30de61f16d
Merge pull request #11018 from siddhantk232/canonpath-fs-sink 
Use `CanonPath` in `fs-sink.hh`
 2024-07-03 10:36:18 -04:00