max/nix-super
1
0
Fork 0
mirror of https://github.com/privatevoid-net/nix-super.git synced 2024-11-15 02:36:16 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
17160 commits 7 branches 0 tags 64 MiB
Commit graph

17160 commits

This branch
This branch
All branches
Author SHA1 Message Date
John Ericson
65cc237b3a
Merge pull request #10482 from tweag/fix-symlink-in-sandbox 
Fix the access of symlinks to host files in the sandbox
 2024-04-15 09:29:00 -04:00
John Ericson
bcda38c272 Have clang-format indent conditional CPP 
This reflects the style I've been introducing in tandem with Windows
support.

See https://clang.llvm.org/docs/ClangFormatStyleOptions.html#indentppdirectives for this configuration option.
 2024-04-15 08:33:45 -04:00
Eelco Dolstra
cceae30aaf Combine the domain and key arguments into a single value for convenience 2024-04-15 13:03:27 +02:00
Eelco Dolstra
aad11f4496 Simplify the fetcher cache 2024-04-15 13:03:27 +02:00
Eelco Dolstra
d084c1cb41 Remove the "locked" flag from the fetcher cache 
This also reworks the Mercurial fetcher (which was still using the
old cache interface) to have two distinct cache mappings:

* A ref-to-rev mapping, which is store-independent.
* A rev-to-store-path mapping.
 2024-04-15 13:03:27 +02:00
José Luis Lafuente
774e7213e8
C API: Use nix_get_string_callback typedef 2024-04-15 12:05:57 +02:00
John Ericson
03eb4f7baa
Merge pull request #10503 from haenoe/public-key-json-impl 
`fetchers::PublicKey` json impl
 2024-04-14 18:02:27 -04:00
HaeNoe
e3fed2ebcf
update fetchers::PublicKey json (de)serialization 2024-04-14 22:42:48 +02:00
HaeNoe
ff4c286e80
add tests for optionalValueAt 2024-04-14 22:36:03 +02:00
HaeNoe
bb939d3772
change implementation of optionalValueAt 2024-04-14 22:35:51 +02:00
José Luis Lafuente
76444a3958
C API: proper ifdef endif indentation 2024-04-14 16:18:32 +02:00
Roland Coeurjoly
62ce139e3f No need to undef now that there is no collision 2024-04-13 23:34:01 +02:00
Roland Coeurjoly
40a6a9fdb8 Rename SearchPath to LookupPath and searchPath to lookupPath 2024-04-13 17:35:15 +02:00
John Ericson
aa438b8fba
Merge pull request #10414 from edolstra/remove-downloadFile-locked 
downloadFile(): Remove the "locked" (aka "immutable") flag
 2024-04-12 17:23:53 -04:00
José Luis Lafuente
01bad63c72
C API: Safer function pointer casting 
See https://github.com/NixOS/nix/pull/8699#discussion_r1554312181

Casting a function pointer to `void*` is undefined behavior in the C
spec, since there are platforms with different sizes for these two kinds
of pointers. A safe alternative might be `void (*callback)()`
 2024-04-12 21:41:15 +02:00
John Ericson
03e74e125e
Merge pull request #10483 from obsidiansystems/docroot-glossary 
docs: Refer to the glossary with `@docroot@` instead of `..`
 2024-04-12 12:17:08 -04:00
John Ericson
95ae12b607 docs: Refer to the glossary with @docroot@ instead of .. 
These unweildy relative paths probably predate the `@docroot@`
mechanism.
 2024-04-12 11:46:47 -04:00
Valentin Gagarin
13c2005e7d
add intermediate variables and clarifying comments (#9274) 
* add intermediate variables and clarifying comments

Co-authored-by: Alexander Groleau <alex@proof.construction>
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
 2024-04-12 17:43:35 +02:00
Théophane Hufschmitt
cef677ddbc Test the inclusion of transitive symlinks in the sandbox 2024-04-12 16:10:22 +02:00
Théophane Hufschmitt
acbb1523c1 Fix the access of symlinks to host files in the sandbox 
https://github.com/NixOS/nix/pull/10456 fixed the addition of symlink
store paths to the sandbox, but also made it so that the hardcoded
sandbox paths (like `/etc/hosts`) were now bind-mounted without
following the possible symlinks. This made these files unreadable if
there were symlinks (because the sandbox would now contain a symlink to
an unreachable file rather than the underlying file).
In particular, this broke FOD derivations on NixOS as `/etc/hosts` is a
symlink there.

Fix that by canonicalizing all these hardcoded sandbox paths before
adding them to the sandbox.
 2024-04-12 15:57:53 +02:00
John Ericson
5b9cb8b372
Merge pull request #10412 from roberth/c-string-context 
C API: Add `nix_string_realise`
 2024-04-11 12:07:31 -04:00
Robert Hensing
f2522d4ecd libexpr-c: Add nix_store_path_name 2024-04-11 17:39:21 +02:00
Robert Hensing
a512f4eebc test/libutil: Add OBSERVE_STRING macro 
Makes string callback easier to pass, without mistakes.
 2024-04-11 17:39:21 +02:00
Robert Hensing
876e70bc9a tests/unit/libexpr/local.mk 
A proper build system would catch errors like this.
 2024-04-11 17:39:21 +02:00
Robert Hensing
1233bcde37 libstore-c: Add nix_store_path_clone 2024-04-11 17:39:21 +02:00
Robert Hensing
48808a5320 tests/unit/libexpr: Enable nix_store_realise test, and add docs 2024-04-11 17:39:21 +02:00
Robert Hensing
94d9819bdc tests/unit/libexpr/main: Fix realisation 2024-04-11 17:39:19 +02:00
Robert Hensing
ed13cf05a2 build-hook: Allow empty 
Like always declining; local builds only, as can be inferred from the
docs. (Not worth spending too many words on this pretty obvious
behavior, I think. Also, plans to remove it? https://github.com/NixOS/nix/issues/1221)
 2024-04-11 17:39:16 +02:00
Théophane Hufschmitt
db6335d099
Merge pull request #10244 from bouk/submodule-fetch-default-method 
git fetcher: fix resolveSubmoduleUrl to work with all repo URLs
 2024-04-11 16:58:28 +02:00
Bouke van der Bijl
1e4f902b28 Add gitSubmodules test to github actions 2024-04-11 15:55:09 +02:00
Bouke van der Bijl
cd06193d13 Add nixos test 2024-04-11 15:28:38 +02:00
Bouke van der Bijl
1a76ca4161 Set the origin instead of hacking in the URL resolving 2024-04-11 14:22:12 +02:00
Bouke van der Bijl
1f73de2629 git fetcher: relax absolute URL check of resolveSubmoduleUrl 
This matches up the behavior with the internals of libgit2

Fixes #9979
 2024-04-11 14:22:12 +02:00
Théophane Hufschmitt
da1e977bf4
Merge pull request #10456 from NixOS/fixpermdeniedbind 
Fix adding symlink to the sandbox paths
 2024-04-11 13:41:49 +02:00
Eelco Dolstra
26a4688a86 nix shell: Test that store paths cannot link outside of the store 2024-04-11 11:06:35 +02:00
Eelco Dolstra
9d50f57fa3 Doh 2024-04-11 09:00:47 +02:00
Théophane Hufschmitt
def00d7b52
Merge pull request #10455 from tie/structured-attrs-get-env 
Do not rely on $stdenv/setup to set output variables
 2024-04-11 06:48:36 +02:00
Eelco Dolstra
85b9f4ef4f nix shell: Handle output paths that are symlinks 
This requires moving resolveSymlinks() into SourceAccessor. Also, it
requires LocalStoreAccessor::maybeLstat() to work on parents of the
store (to avoid an error like "/nix is not in the store").

Fixes #10375.
 2024-04-10 23:49:19 +02:00
Nikhil Dhiman
19c8867d2a
Fix store-path.md (#10457) 
Co-authored-by: John Ericson <git@JohnEricson.me>
Co-authored-by: Cole Helbling <cole.e.helbling@outlook.com>
 2024-04-10 21:11:57 +00:00
John Ericson
021488497d
Merge pull request #10464 from obsidiansystems/nar-format-docs 
Document the Nix Archive format
 2024-04-10 16:26:27 -04:00
Eelco Dolstra
74aab19c4b
Merge pull request #10458 from Ma27/rl-2.20-followup 
doc/rl-2.20: clarify builders-use-substitutes vs. substitute-on-destion
 2024-04-10 22:22:49 +02:00
John Ericson
3e5797e97f Document the Nix Archive format 
This is adopted from Eelco's PhD thesis.
 2024-04-10 15:21:22 -04:00
Ivan Trubach
664532c533 Do not rely on $stdenv/setup to set output variables 
Instead of relying on setup script to set output variables when
structured attributes are enabled, iterate over the values of an
outputs associative array.

See also
374fa3532e/pkgs/stdenv/generic/setup.sh (L23-L26)
 2024-04-10 19:50:19 +03:00
Maximilian Bosch
50557adb3b
doc/rl-2.20: clarify builders-use-substitutes vs. substitute-on-destination 
...as this lead to confusion before.
 2024-04-10 17:26:58 +02:00
Théophane Hufschmitt
a268c0de71
Merge pull request #10413 from Ma27/path-info-all-binary-cache 
path-info: print correct path when using `nix path-info --store file://... --all --json`
 2024-04-10 15:25:50 +02:00
Théophane Hufschmitt
ae4737294e doBind: Use our own lstat wrapper 
Doesn't change much, but brings a bit more consistency to the code
 2024-04-10 15:20:10 +02:00
Théophane Hufschmitt
913db9f738 Fix permission denied when building symlink derivation which points to a symlink out of the store 
Bind-mounting symlinks is apparently not possible, which is why the
thing was failing.

Fortunately, symlinks are small, so we can fallback to copy them at no cost.

Fix https://github.com/NixOS/nix/issues/9579

Co-authored-by: Artturin <Artturin@artturin.com>
 2024-04-10 15:19:18 +02:00
Théophane Hufschmitt
872d93eb13 Add a test for depending on a symlink store path 
Regression test for https://github.com/NixOS/nix/issues/9579
 2024-04-10 15:17:39 +02:00
Théophane Hufschmitt
65d711351e
Merge pull request #10449 from Ma27/rl-2.20-nix-copy-ssh-ng 
doc/rl-2.20: add missing entry about `nix copy --to ssh-ng://...`
 2024-04-10 11:44:31 +02:00
Eelco Dolstra
3fd8dfec4d
Merge pull request #10021 from obsidiansystems/ca-type-names 
Make `outputHashAlgo` accept `"nar"`, stay in sync
 2024-04-09 23:06:43 +02:00