Commit graph

10974 commits

Author SHA1 Message Date
Maximilian Bosch
ba68045187
libstore/local-derivation-goal: prohibit creating setuid/setgid binaries
With Linux kernel >=6.6 & glibc 2.39 a `fchmodat2(2)` is available that
isn't filtered away by the libseccomp sandbox.

Being able to use this to bypass that restriction has surprising results
for some builds such as lxc[1]:

> With kernel ≥6.6 and glibc 2.39, lxc's install phase uses fchmodat2,
> which slips through 9b88e52846/src/libstore/build/local-derivation-goal.cc (L1650-L1663).
> The fixupPhase then uses fchmodat, which fails.
> With older kernel or glibc, setting the suid bit fails in the
> install phase, which is not treated as fatal, and then the
> fixup phase does not try to set it again.

Please note that there are still ways to bypass this sandbox[2] and this is
mostly a fix for the breaking builds.

This change works by creating a syscall filter for the `fchmodat2`
syscall (number 452 on most systems). The problem is that glibc 2.39
and seccomp 2.5.5 are needed to have the correct syscall number available
via `__NR_fchmodat2` / `__SNR_fchmodat2`, but this flake is still on
nixpkgs 23.11. To have this change everywhere and not dependent on the
glibc this package is built against, I added a header
"fchmodat2-compat.hh" that sets the syscall number based on the
architecture. On most platforms its 452 according to glibc with a few
exceptions:

    $ rg --pcre2 'define __NR_fchmodat2 (?!452)'
    sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h
    58:#define __NR_fchmodat2 1073742276

    sysdeps/unix/sysv/linux/mips/mips64/n32/arch-syscall.h
    67:#define __NR_fchmodat2 6452

    sysdeps/unix/sysv/linux/mips/mips64/n64/arch-syscall.h
    62:#define __NR_fchmodat2 5452

    sysdeps/unix/sysv/linux/mips/mips32/arch-syscall.h
    70:#define __NR_fchmodat2 4452

    sysdeps/unix/sysv/linux/alpha/arch-syscall.h
    59:#define __NR_fchmodat2 562

I tested the change by adding the diff below as patch to
`pkgs/tools/package-management/nix/common.nix` & then built a VM from
the following config using my dirty nixpkgs master:

    {
      vm = { pkgs, ... }: {
        virtualisation.writableStore = true;
        virtualisation.memorySize = 8192;
        virtualisation.diskSize = 12 * 1024;
        nix.package = pkgs.nixVersions.nix_2_21;
      };
    }

The original issue can be triggered via

    nix build -L github:nixos/nixpkgs/d6dc19adbda4fd92fe9a332327a8113eaa843894#lxc \
      --extra-experimental-features 'nix-command flakes'

however the problem disappears with this patch applied.

Closes #10424

[1] https://github.com/NixOS/nixpkgs/issues/300635#issuecomment-2031073804
[2] https://github.com/NixOS/nixpkgs/issues/300635#issuecomment-2030844251
2024-04-18 12:20:20 +02:00
John Ericson
9c815db366 file-descriptor.hh: Avoid some Cism for better C++isms
- `reinterpret_cast` not C-style cast
- `using` not `typedef`
2024-04-17 19:55:40 -04:00
John Ericson
6fa3656a32 Make a few commands that were Unix-only no longer
Also clean up some more linux-specific (`setPersonality`) code in
alignment with recent best practices.
2024-04-17 16:20:56 -04:00
Alyssa Ross
0774e8ba33
Fix exportReferencesGraph when given store subpath
With Nix 2.3, it was possible to pass a subpath of a store path to
exportReferencesGraph:

	with import <nixpkgs> {};

	let
	  hello = writeShellScriptBin "hello" ''
	    echo ${toString builtins.currentTime}
	  '';
	in

	writeClosure [ "${hello}/bin/hello" ]

This regressed with Nix 2.4, with a very confusing error message, that
presumably indicates it was unintentional:

	error: path '/nix/store/3gl7kgjr4pwf03f0x70dgx9ln3bhl7zc-hello/bin/hello' is not in the Nix store
2024-04-17 21:51:59 +02:00
John Ericson
21d9412ddc Improve local-overlay docs in a few ways
In response to https://discourse.nixos.org/t/super-colliding-nix-stores/28462/24
2024-04-17 15:28:19 -04:00
a-kenji
5fd28eeba4 docs: fix wiki link
Link to the official wiki.
2024-04-17 19:34:22 +02:00
John Ericson
1063aa502a Relax store path canonicalization 2024-04-17 12:26:10 -04:00
John Ericson
b529d91902 Prefix -DNIX_ paths to be windows-complient for windows
This is a hacky solution, but it will do for now.
2024-04-17 12:26:10 -04:00
John Ericson
8433027e35 Build a minimized Nix with MinGW
At this point many features are stripped out, but this works:

- Can run libnix{util,store,expr} unit tests
- Can run some Nix commands

Co-Authored-By volth <volth@volth.com>
Co-Authored-By Brian McKenna <brian@brianmckenna.org>
2024-04-17 12:26:10 -04:00
John Ericson
2248a3f545 Create no-op Window pathlocks implementation
This keeps the call sites simple, eventually this should be filled in.
2024-04-17 11:48:14 -04:00
John Ericson
05b9dac754
Fix friend struct/class mismatch warning 2024-04-17 15:47:07 +00:00
Eelco Dolstra
6a3ecdaa39 Merge remote-tracking branch 'origin/master' into finish-value 2024-04-17 16:02:44 +02:00
Eelco Dolstra
d53ad516e8
Merge pull request #10517 from edolstra/path-display
Add missing setPathDisplay() calls
2024-04-17 15:36:08 +02:00
José Luis Lafuente
c75b143b6c
C API: nix_get_string now accepts a callback to return the value 2024-04-16 22:36:39 +02:00
Eelco Dolstra
74e4bc9b1d
Merge pull request #10486 from tweag/jl/c-api_function-pointer
C API: Safer function pointer casting
2024-04-16 18:56:08 +02:00
Eelco Dolstra
6892c9803c GitInputScheme: Fix path display for workdirs and submodules 2024-04-16 16:42:47 +02:00
Eelco Dolstra
79363b2273 MountedInputAccessor, FilteringInputAccessor: Respect the path display prefix/suffix
This was causing Git paths not to be rendered correctly.
2024-04-16 16:42:41 +02:00
Eelco Dolstra
6df58a0891 MercurialInputScheme: Improve path display 2024-04-16 14:14:50 +02:00
Eelco Dolstra
fa01db9626 StorePathAccessor: Fix path display
Set the prefix to the store path to fix messages like "copying '/' to
the store" to "copying '/nix/store/bla' to the store".
2024-04-16 14:14:26 +02:00
Théophane Hufschmitt
d2a07a96ba
Merge pull request #10467 from edolstra/nix-shell-symlink
nix shell: Handle output paths that are symlinks
2024-04-16 12:31:14 +02:00
John Ericson
65cc237b3a
Merge pull request #10482 from tweag/fix-symlink-in-sandbox
Fix the access of symlinks to host files in the sandbox
2024-04-15 09:29:00 -04:00
Eelco Dolstra
cceae30aaf Combine the domain and key arguments into a single value for convenience 2024-04-15 13:03:27 +02:00
Eelco Dolstra
aad11f4496 Simplify the fetcher cache 2024-04-15 13:03:27 +02:00
Eelco Dolstra
d084c1cb41 Remove the "locked" flag from the fetcher cache
This also reworks the Mercurial fetcher (which was still using the
old cache interface) to have two distinct cache mappings:

* A ref-to-rev mapping, which is store-independent.
* A rev-to-store-path mapping.
2024-04-15 13:03:27 +02:00
José Luis Lafuente
774e7213e8
C API: Use nix_get_string_callback typedef 2024-04-15 12:05:57 +02:00
HaeNoe
e3fed2ebcf
update fetchers::PublicKey json (de)serialization 2024-04-14 22:42:48 +02:00
HaeNoe
bb939d3772
change implementation of optionalValueAt 2024-04-14 22:35:51 +02:00
José Luis Lafuente
76444a3958
C API: proper ifdef endif indentation 2024-04-14 16:18:32 +02:00
Roland Coeurjoly
62ce139e3f No need to undef now that there is no collision 2024-04-13 23:34:01 +02:00
John Ericson
eff90af498 Slight refactors in preparation for #10480
Code operating on store objects (including creating them) should, in
general, use `ContentAddressMethod` rather than `FileIngestionMethod`.

See also dfc876531f which included some
similar refactors.
2024-04-13 12:13:47 -04:00
Roland Coeurjoly
40a6a9fdb8 Rename SearchPath to LookupPath and searchPath to lookupPath 2024-04-13 17:35:15 +02:00
John Ericson
aa438b8fba
Merge pull request #10414 from edolstra/remove-downloadFile-locked
downloadFile(): Remove the "locked" (aka "immutable") flag
2024-04-12 17:23:53 -04:00
José Luis Lafuente
01bad63c72
C API: Safer function pointer casting
See https://github.com/NixOS/nix/pull/8699#discussion_r1554312181

Casting a function pointer to `void*` is undefined behavior in the C
spec, since there are platforms with different sizes for these two kinds
of pointers. A safe alternative might be `void (*callback)()`
2024-04-12 21:41:15 +02:00
John Ericson
95ae12b607 docs: Refer to the glossary with @docroot@ instead of ..
These unweildy relative paths probably predate the `@docroot@`
mechanism.
2024-04-12 11:46:47 -04:00
Valentin Gagarin
13c2005e7d
add intermediate variables and clarifying comments (#9274)
* add intermediate variables and clarifying comments

Co-authored-by: Alexander Groleau <alex@proof.construction>
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2024-04-12 17:43:35 +02:00
Théophane Hufschmitt
acbb1523c1 Fix the access of symlinks to host files in the sandbox
https://github.com/NixOS/nix/pull/10456 fixed the addition of symlink
store paths to the sandbox, but also made it so that the hardcoded
sandbox paths (like `/etc/hosts`) were now bind-mounted without
following the possible symlinks. This made these files unreadable if
there were symlinks (because the sandbox would now contain a symlink to
an unreachable file rather than the underlying file).
In particular, this broke FOD derivations on NixOS as `/etc/hosts` is a
symlink there.

Fix that by canonicalizing all these hardcoded sandbox paths before
adding them to the sandbox.
2024-04-12 15:57:53 +02:00
John Ericson
5b9cb8b372
Merge pull request #10412 from roberth/c-string-context
C API: Add `nix_string_realise`
2024-04-11 12:07:31 -04:00
Robert Hensing
f2522d4ecd libexpr-c: Add nix_store_path_name 2024-04-11 17:39:21 +02:00
Robert Hensing
1233bcde37 libstore-c: Add nix_store_path_clone 2024-04-11 17:39:21 +02:00
Robert Hensing
48808a5320 tests/unit/libexpr: Enable nix_store_realise test, and add docs 2024-04-11 17:39:21 +02:00
Robert Hensing
ed13cf05a2 build-hook: Allow empty
Like always declining; local builds only, as can be inferred from the
docs. (Not worth spending too many words on this pretty obvious
behavior, I think. Also, plans to remove it? https://github.com/NixOS/nix/issues/1221)
2024-04-11 17:39:16 +02:00
Bouke van der Bijl
1a76ca4161 Set the origin instead of hacking in the URL resolving 2024-04-11 14:22:12 +02:00
Bouke van der Bijl
1f73de2629 git fetcher: relax absolute URL check of resolveSubmoduleUrl
This matches up the behavior with the internals of libgit2

Fixes #9979
2024-04-11 14:22:12 +02:00
Théophane Hufschmitt
da1e977bf4
Merge pull request #10456 from NixOS/fixpermdeniedbind
Fix adding symlink to the sandbox paths
2024-04-11 13:41:49 +02:00
Théophane Hufschmitt
def00d7b52
Merge pull request #10455 from tie/structured-attrs-get-env
Do not rely on $stdenv/setup to set output variables
2024-04-11 06:48:36 +02:00
Eelco Dolstra
85b9f4ef4f nix shell: Handle output paths that are symlinks
This requires moving resolveSymlinks() into SourceAccessor. Also, it
requires LocalStoreAccessor::maybeLstat() to work on parents of the
store (to avoid an error like "/nix is not in the store").

Fixes #10375.
2024-04-10 23:49:19 +02:00
Ivan Trubach
664532c533 Do not rely on $stdenv/setup to set output variables
Instead of relying on setup script to set output variables when
structured attributes are enabled, iterate over the values of an
outputs associative array.

See also
374fa3532e/pkgs/stdenv/generic/setup.sh (L23-L26)
2024-04-10 19:50:19 +03:00
Théophane Hufschmitt
a268c0de71
Merge pull request #10413 from Ma27/path-info-all-binary-cache
path-info: print correct path when using `nix path-info --store file://... --all --json`
2024-04-10 15:25:50 +02:00
Théophane Hufschmitt
ae4737294e doBind: Use our own lstat wrapper
Doesn't change much, but brings a bit more consistency to the code
2024-04-10 15:20:10 +02:00
Théophane Hufschmitt
913db9f738 Fix permission denied when building symlink derivation which points to a symlink out of the store
Bind-mounting symlinks is apparently not possible, which is why the
thing was failing.

Fortunately, symlinks are small, so we can fallback to copy them at no cost.

Fix https://github.com/NixOS/nix/issues/9579

Co-authored-by: Artturin <Artturin@artturin.com>
2024-04-10 15:19:18 +02:00
John Ericson
93d68e18e5 Make outputHashAlgo accept "nar", stay in sync
Now that we have a few things identifying content address methods by
name, we should be consistent about it.

Move up the `parseHashAlgoOpt` for tidiness too.

Discussed this change for consistency's sake as part of #8876

Co-authored-by: Eelco Dolstra <edolstra@gmail.com>
2024-04-09 16:17:23 -04:00
Eelco Dolstra
d29786f258 downloadFile(): Remove the "locked" (aka "immutable") flag
This was used in only one place, namely builtins.fetchurl with an
expected hash. Since this can cause similar issues as described
in #9814 and #9905 with the "locked" flag for fetchTarball and fetchTree,
let's just remove it.

Note that if an expected hash is given and the hash algorithm is
SHA-256, then we will never do a download anyway if the resulting
store path already exists. So removing the "locked" flag will only
cause potentially unnecessary HTTP requests (subject to the tarball
TTL) for non-SHA-256 hashes.
2024-04-08 15:56:16 +02:00
John Ericson
e68f24f1e0 Remove resolve-system-dependencies
Fix #9769

As Abathur reports, it seems to be unused since #3429 in 2020.
2024-04-08 09:55:42 -04:00
Théophane Hufschmitt
bd8c276ddb Improve the config check output for stores that don't know about trust
Make it proper english
2024-04-08 11:02:39 +02:00
Jade Lovelace
dea23c3c9b "but doctor, I AM the untrusted store": nix doctor had wrong trustedness
This probably snuck in in a refactor using truthiness or so. The
trustedness flag was having the optional fullness checked, rather than
the actual contained trust level.

Also adds some tests.

```
m1@6876551b-255d-4cb0-af02-8a4f17b27e2e ~ % nix store ping
warning: 'nix store ping' is a deprecated alias for 'nix store info'
Store URL: daemon
Version: 2.20.4
Trusted: 0
m1@6876551b-255d-4cb0-af02-8a4f17b27e2e ~ % nix doctor
warning: 'doctor' is a deprecated alias for 'config check'
[PASS] PATH contains only one nix version.
[PASS] All profiles are gcroots.
[PASS] Client protocol matches store protocol.
[INFO] You are trusted by store uri: daemon
```
2024-04-07 22:43:02 -07:00
John Ericson
fef952e258
Merge pull request #8397 from NixLayeredStore/overlayfs-store
Local Overlay Store
2024-04-07 22:57:01 -04:00
Robert Hensing
5f9aaa86eb
Merge pull request #10416 from obsidiansystems/cgroup-linux-only
Make `cgroup.{cc,hh}` linux-only files
2024-04-07 16:52:31 +02:00
stuebinm
910211f9ff avoid markdown which the repl's :doc cannot handle
code blocks, if not surrounded by empty lines, have the language
tags (in these cases, always `nix`) show up in the output of :doc.

for example:

  nix-repl> :doc builtins.parseFlakeRef
  Synopsis: builtins.parseFlakeRef flake-ref

    Parse a flake reference, and return its exploded form.

    For example: nix builtins.parseFlakeRef
    "github:NixOS/nixpkgs/23.05?dir=lib"  evaluates to: nix { dir =
    "lib"; owner = "NixOS"; ref = "23.05"; repo = "nixpkgs"; type =
    "github"; }

is now instead:
  nix-repl> :doc builtins.parseFlakeRef
  Synopsis: builtins.parseFlakeRef flake-ref

    Parse a flake reference, and return its exploded form.

    For example:

      | builtins.parseFlakeRef "github:NixOS/nixpkgs/23.05?dir=lib"

    evaluates to:

      | { dir = "lib"; owner = "NixOS"; ref = "23.05"; repo = "nixpkgs"; type = "github"; }
2024-04-05 23:19:32 +02:00
John Ericson
c99c80f075 Merge remote-tracking branch 'upstream/master' into overlayfs-store 2024-04-05 16:32:02 -04:00
Maximilian Bosch
c80cd6bb06
path-info: print correct path when using nix path-info --store file://... --all --json
When querying all paths in a binary cache store, the path's representation
is `<hash>-x` (where `x` is the value of `MissingName`) because the .narinfo
filenames only contain the hash.

Before cc46ea1630 this worked correctly,
because the entire path info was read and the path from this
representation was printed, i.e. in the form `<hash>-<name>`. Since then
however, the direct result from `queryAllValidPaths()` was used as `path`.

Added a regression test to make sure the behavior remains correct.
2024-04-05 21:29:55 +02:00
John Ericson
5a365b0c89
Delete dead openFile in binary-cache-store.cc (#10418)
d64cb33e90 / #5111 previously deleted the dead code where this was used, but missed this.
2024-04-05 18:31:43 +00:00
John Ericson
a3d5a71c5f
Slight cleanup of builtins.derivation outputHashAlgo logic (#10417)
This was part of approved PR #10021. Unfortunately that one is stalled
on a peculiar Linux test timeout, so trying to get bits of it merged
first to bisect failure.
2024-04-05 18:10:28 +00:00
John Ericson
513634ab5b Make cgroup.{cc,hh} linux-only files
Forcing a conditional include, vs making the headers content
conditional, I think is more maintainable.

It is also how the other platform-specific headers (like
`namespaces.hh`) have been adapted.
2024-04-05 12:29:14 -04:00
Robert Hensing
c145ce0e1a realiseContext: Remove no-op replacements
A possible use of them might have been to figure out the paths
(which can now be retrieved with maybePathsOut), but I have
not found evidence that it was used this way, and it would have
been broken, because non-CA outputs weren't recorded in the map.
2024-04-05 16:15:43 +02:00
Robert Hensing
02c41aba5b libexpr-c: Add nix_string_realise 2024-04-05 16:08:18 +02:00
Eelco Dolstra
75be3f23c6 setInterruptCheck(): Remove declared but undefined function 2024-04-05 16:03:25 +02:00
John Ericson
50f621b241 Better signals interface
This avoids some CPP and accidentally using Unix stuff in client code.
2024-04-05 01:38:28 -04:00
John Ericson
c1e0769355 Fix some portability issues with the new C bindings
Build without GC is unbroken

Fix #10403

Also building tests with Windows (assuming rest of Windows fixes) is
unbroken.
2024-04-05 00:54:47 -04:00
John Ericson
ef2d10f7e7 Clean up env var logic in preparation for Windows
It's a little weird we don't check the return status for these, but
changing that would introduce risk so I did not.

Co-authored-by: Théophane Hufschmitt <7226587+thufschmitt@users.noreply.github.com>
2024-04-04 18:17:12 -04:00
John Ericson
1577b5fa67 Make SQLite busy back-off logic portable
Use C++ standard library not Unix functions for sleeping and randomness.

Suggested by @edolstra in https://github.com/NixOS/nix/pull/8901#discussion_r1550416615
2024-04-04 12:43:33 -04:00
Robert Hensing
12ec3154b8
Merge pull request #8699 from tweag/nix-c-bindings
(Towards) stable C bindings for libutil, libexpr
2024-04-04 17:50:52 +02:00
HaeNoe
50cb14fcf9
Improve checked json casting (#10087)
This introduces new utility functions to get elements from JSON — in an ergonomic way and with nice error messages if the expected type does not match.

Co-authored-by: John Ericson <John.Ericson@Obsidian.Systems>
2024-04-03 18:04:00 +00:00
Eelco Dolstra
09551fabd0 Handle the case where a parent of ~/.nix-defexpr is a symlink
Fixes https://github.com/DeterminateSystems/nix-installer/issues/912 and probably #10247.
2024-04-03 16:46:23 +02:00
John Ericson
02fa20622f Start factoring out Unix assumptions
This splits files and adds new identifiers in preperation for supporting
windows, but no Windows-specific code is actually added yet.

Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2024-04-02 14:43:38 -04:00
John Ericson
852391765d Add unix (and linux) dirs
In the Nix commit, platform-specific sources will go here.
2024-04-02 12:55:23 -04:00
Théophane Hufschmitt
290be6c906
Merge pull request #10345 from edolstra/fix-chroot-flakes
Fix flake evaluation in chroot stores
2024-04-02 17:49:45 +02:00
Théophane Hufschmitt
29c3e4f580
Merge pull request #10340 from edolstra/trust-github
Add trust-tarballs-from-git-forges setting
2024-04-02 16:08:57 +02:00
Eelco Dolstra
bb5764e578
Merge pull request #10301 from a-n-n-a-l-e-e/wal-persist
enable persistent WAL mode for sqlite db
2024-04-02 12:02:12 +02:00
Eelco Dolstra
911febe56c
Merge pull request #10358 from yshui/fix-include
Fix "include" directive in config file
2024-04-02 11:50:12 +02:00
John Ericson
9b88e52846
Merge pull request #10362 from obsidiansystems/maybeLstat
Factor out `nix::maybeLstat`
2024-03-30 11:23:29 -04:00
John Ericson
3752bbef28
Document maybeLstat
Co-authored-by: Théophane Hufschmitt <7226587+thufschmitt@users.noreply.github.com>
2024-03-30 10:39:25 -04:00
Théophane Hufschmitt
845b2a9256
Merge pull request #10363 from obsidiansystems/is-root-user
Factor out `isRootUser` function
2024-03-30 07:15:56 +01:00
Théophane Hufschmitt
c864e3b871
Merge pull request #10341 from xokdvium/xokdvium/fix-double-decompression
fix(libutil): apply only the specified filter to decompress archive
2024-03-30 07:13:09 +01:00
Sergei Zimmerman
500683a949
fix(libutil): apply only the specified filter to decompress archive
This patch makes `makeDecompressionSink` strip only a single layer
of compression specified via method. This fixes erroneous decompression
of doubly-compressed NARs fetched with curl.
2024-03-30 01:29:29 +03:00
Sergei Zimmerman
6d9bafb3b8
nfc(libutil): reformat files
Run clang-format on compression.{cc,hh} and tarfile{cc,hh}.
This way follow-up patches will be formatted properly and have
easier to read diffs.
2024-03-30 01:29:22 +03:00
John Ericson
e4d9b207c2 Factor out isRootUser function 2024-03-29 16:33:01 -04:00
John Ericson
8be347afca Factor out nix::maybeLstat
This function is nice for more than `PosixSourceAccessor`. We can make a
few things simpler with it.

Note that the error logic slightly changes in some of the call sites, in
that we also count `ENOTDIR` and not just `ENOENT` as not having the
file, but that should be fine.
2024-03-29 16:32:53 -04:00
John Ericson
555181c3fd throwExceptionSelfCheck throw Error
`SysError` is not appropriate because there is no (Unix) syscall involved.

The catch block in `initLibUtil` is already for `Error` and still works.
2024-03-29 16:05:05 -04:00
Yuxuan Shui
0be87c023f Fix "include" directive in config files 2024-03-29 16:33:13 +00:00
Théophane Hufschmitt
b72e1c79da
Merge pull request #10299 from detroyejr/remove-repl-flake
flakes: remove experimental repl-flake
2024-03-29 15:06:23 +01:00
José Luis Lafuente
926fbadcc3
C API: add more tests 2024-03-29 14:00:19 +01:00
Eelco Dolstra
46d9e70c20 Add trust-tarballs-from-git-forges setting
If enabled, GitHub flakerefs don't require a content hash, a Git
revision is enough.

Fixes #10297.
2024-03-29 13:38:47 +01:00
Théophane Hufschmitt
90f5189451
Merge pull request #10131 from intelfx/work/notty
`TERM=dumb` fixes
2024-03-29 13:38:37 +01:00
José Luis Lafuente
2bb609bce2
C API: rename nix_observe_string -> nix_get_string_callback 2024-03-29 10:01:16 +01:00
Théophane Hufschmitt
de101417eb
Merge pull request #10305 from hercules-ci/addErrorContext-is-great
Always print addErrorContext
2024-03-29 09:10:09 +01:00
Robert Hensing
ef26133df3
Merge pull request #10337 from Cyclic4179/patch-1
`nix shell` shebang: support O'Caml comments
2024-03-28 19:54:03 +01:00
José Luis Lafuente
061140fc8f
C API: remove unused argument 2024-03-28 19:38:12 +01:00
José Luis Lafuente
925a8fda6e
C API: Use new ListBuilder helper
See https://github.com/NixOS/nix/pull/10251
2024-03-28 19:02:01 +01:00
José Luis Lafuente
c57de60522
C API: Keep the structure flat
See https://github.com/NixOS/nix/pull/10329
2024-03-28 19:00:04 +01:00
José Luis Lafuente
d96b52bd8b
C api: nix_export_std_string -> nix_observe_string 2024-03-28 10:52:02 +01:00
José Luis Lafuente
31fbb24329
C API: refactor nix_store_realise 2024-03-28 10:52:02 +01:00
José Luis Lafuente
1a574c6c60
C API: refactor ListBuilder 2024-03-28 10:52:01 +01:00
José Luis Lafuente
34d15e8f2f
C API: rename nix_store_build -> nix_store_realise 2024-03-28 10:52:01 +01:00
José Luis Lafuente
1093ab64a2
C API: add more tests 2024-03-28 10:52:01 +01:00
José Luis Lafuente
c49b88b066
C API: update docs based on PR feedback 2024-03-28 10:52:01 +01:00
José Luis Lafuente
7c602d9f01
C API: add tests for external values 2024-03-28 10:52:01 +01:00
José Luis Lafuente
2349185c96
C API: fix after rebase 2024-03-28 10:52:00 +01:00
José Luis Lafuente
6c231dcf68
C API: disable test 2024-03-28 10:52:00 +01:00
José Luis Lafuente
24c8f6864d
C API: if store doesn't have a version, return an empty string 2024-03-28 10:52:00 +01:00
José Luis Lafuente
dfdb90dc8e
C API: Consolidate initializers 2024-03-28 10:52:00 +01:00
José Luis Lafuente
415583a500
C API: use bool argument consistently 2024-03-28 10:52:00 +01:00
José Luis Lafuente
d5ec1d0617
C API: nix_store_open, check for empty strings 2024-03-28 10:51:59 +01:00
José Luis Lafuente
535694122e
C API: rename State to EvalState 2024-03-28 10:51:59 +01:00
José Luis Lafuente
24604d024a
C API: fix docs build after rebase 2024-03-28 10:51:59 +01:00
José Luis Lafuente
41f1669dea
C API: add tests for libutil and libstore 2024-03-28 10:50:02 +01:00
José Luis Lafuente
46f5d0ee7b
Apply suggestions from code review 2024-03-28 10:47:56 +01:00
José Luis Lafuente
550af113c6
String value refactor
Related to https://github.com/NixOS/nix/pull/9047
2024-03-28 10:47:56 +01:00
Yorick van Pelt
c6e28d8da2
C API: fix: macos doesn't have std::bind_front 2024-03-28 10:47:56 +01:00
Yorick van Pelt
ab9250286a
C API: add a way to throw errors from primops 2024-03-28 10:47:56 +01:00
Yorick van Pelt
3d79f38709
C API: add user_data argument to nix_alloc_primop
Also add a helper function for primops, that converts to C argument
types
(and eventually handles errors)
2024-03-28 10:47:55 +01:00
Yorick van Pelt
48aa57549d
primops: change to std::function, allowing the passing of user data 2024-03-28 10:47:55 +01:00
Yorick van Pelt
9e423dee11
C API: update after rebase 2024-03-28 10:47:55 +01:00
Yorick van Pelt
e1bb799da9
C API: reformat according to proposed clang-format file 2024-03-28 10:47:55 +01:00
Yorick van Pelt
9d380c0f76
C API: clarify some documentation 2024-03-28 10:47:55 +01:00
Yorick van Pelt
5d82d6e733
nix_api: fix missing includes in headers
Forward declaration doesn't work here, since we define classes that
contain the objects
2024-03-28 10:47:55 +01:00
Yorick
40f5d48d3c
Apply documentation suggestions from code review
Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
2024-03-28 10:47:55 +01:00
Yorick van Pelt
e642bbc2a7
C API: move to src/lib*/c/ 2024-03-28 10:46:39 +01:00
Yorick van Pelt
df9401eb4e
nix_api_store: add nix_init_plugins 2024-03-28 10:39:07 +01:00
Yorick van Pelt
dc0f7d8f96
initPlugins: run nix_plugin_entry() on dlopen'd plugins
Only when it exists.
2024-03-28 10:39:07 +01:00
Yorick van Pelt
713f10aeaa
nix_api_value: Add nix_register_primop to add builtins 2024-03-28 10:39:07 +01:00
Yorick van Pelt
e891aac2e4
nix_api_value: add nix_get_attr_name_byidx get attr names without forcing 2024-03-28 10:39:07 +01:00
Yorick van Pelt
9cccb8bae0
nix_api_expr: always force values before giving them to the user 2024-03-28 10:39:07 +01:00
Yorick van Pelt
f0afe7f9b9
nix_api_util: throw nix::error instead of new nix::Error for null ctx's 2024-03-28 10:39:06 +01:00
Yorick van Pelt
e74d6c1b3d
nix_api_expr: document nix_value_force 2024-03-28 10:39:06 +01:00
Yorick van Pelt
e58a9384c6
nix_api_expr, nix_api_util: slightly improve documentation 2024-03-28 10:39:06 +01:00
Yorick van Pelt
f41a7e326b
nix_err_code: do not fail 2024-03-28 10:39:06 +01:00
Yorick van Pelt
b0741f7128
external-api-doc: introduce and improve documentation 2024-03-28 10:39:06 +01:00
Yorick van Pelt
866558af34
nix_api_expr: add error handling to incref, decref 2024-03-28 10:39:06 +01:00
Yorick van Pelt
ada2af4f88
nix_api_expr: add nix_gc_now() 2024-03-28 10:39:06 +01:00
Yorick van Pelt
ded0ef6f6c
nix_api_expr: switch to refcounting
Remove GCRef, keep references in a map. Change to nix_gc_incref and
nix_gc_decref, where users will mostly use nix_gc_decref.
2024-03-28 10:39:05 +01:00
Yorick van Pelt
bebee700ea
nix_api_external: own return strings on the nix side
Change from nix_returned_string that passes ownership, into a
nix_string_return parameter that can be set using nix_set_string_return.
2024-03-28 10:39:05 +01:00
Yorick van Pelt
022b918db1
nix_api_expr: remove bindingsbuilder refcounting 2024-03-28 10:39:05 +01:00
Yorick van Pelt
aa85f7d917
nix_api_expr: merge nix_parse_expr and nix_expr_eval, remove Expr 2024-03-28 10:39:05 +01:00
Yorick van Pelt
1777e4a5bb
nix_api_store: add userdata param to nix_store_build 2024-03-28 10:39:05 +01:00
Yorick van Pelt
1e583c4ebd
nix_api_value: nix_{get,set}_double -> nix_{get,set}_float 2024-03-28 10:39:05 +01:00
Yorick van Pelt
efcddcdd2f
nix_api_external: fix missing void* self param 2024-03-28 10:39:05 +01:00
Yorick van Pelt
c3b5b8eb62
nix_api_expr, store: fix minor documentation issues 2024-03-28 10:39:05 +01:00
Yorick van Pelt
4a4936136b
nix_api_value: fix documentation for get_attr_byname 2024-03-28 10:39:04 +01:00
Puck Meerburg
748b322ddd
nix_api_value: fix primop arity 2024-03-28 10:39:04 +01:00
Yorick van Pelt
e76652a5d3
libexpr: add C bindings 2024-03-28 10:39:04 +01:00
Yorick van Pelt
1d41600498
libstore: add C bindings 2024-03-28 10:39:04 +01:00
Yorick van Pelt
4702317506
libutil: add C bindings 2024-03-28 10:39:04 +01:00
Yang, Bo
c39afb28db
Clarify stringLength is counting bytes 2024-03-27 16:46:50 -07:00
Eelco Dolstra
c0dd111af1 Fix flake evaluation in chroot stores
This is a temporary fix until we can pass `SourcePath`s rather than
`StorePath`s to `call-flake.nix`.

Fixes #10331.
2024-03-27 20:49:56 +01:00
John Ericson
77205b2042 Allow for ergnomically putting Unix-only files in subdirs by creating INLCUDE_$(pkg) vars
Separate platform-specific files will allow avoiding a lot of CPP.
2024-03-27 12:01:59 -04:00
annalee
7205a6bbc9
enable persistent WAL mode for sqlite db
allow processes without write access to the directory containing the db
to read the db when all connections are closed. Without this setting and
with WAL enabled and no open db connections unprivileged processes will
fail to open the db due the WAL files not existing and not able to
create them. When the WAL files are persistent unprivileged processeses
can read the db when there are no open connections.

Additionally, journal_size_limit is set to 2^40, which results in the
WAL files being truncated to 0 on exit, as well as limiting the WAL
files to 2^40 bytes following a checkpoint.

https://www.sqlite.org/c3ref/c_fcntl_begin_atomic_write.html#sqlitefcntlpersistwal
https://www.sqlite.org/pragma.html#pragma_journal_size_limit
ed517a7082/src/wal.c (L2518)

Fixes https://github.com/NixOS/nix/issues/10300
2024-03-27 15:36:09 +00:00
Robert Hensing
d4fa0a84a5 refact: TraceKind -> TracePrint
Co-authored-by: Rebecca Turner <rbt@sent.as>
2024-03-27 16:32:49 +01:00
Robert Hensing
bed541b04e error.cc: Make printTrace static 2024-03-27 16:28:04 +01:00
Robert Hensing
981c309057 Remove trace item: while calling the 'addErrorContext' builtin 2024-03-27 16:28:04 +01:00
Robert Hensing
bebacc475c Always print addErrorContext traces 2024-03-27 16:28:04 +01:00
Cyclic4179
a2c3333b97
fix #10336 2024-03-27 07:47:36 +01:00
Théophane Hufschmitt
6c10cc0eda
Merge pull request #10312 from hercules-ci/add-build-dir
Add build-dir setting
2024-03-26 13:51:50 +01:00
Théophane Hufschmitt
0bf01917ef
Merge pull request #10325 from K900/ooformatting
build-remote: fix format string shenanigans
2024-03-26 11:45:32 +01:00
Théophane Hufschmitt
1394d4e9c5
Merge pull request #10306 from hercules-ci/baseNameOf
Test and document `builtins.baseNameOf`, improve internal `baseNameOf()`
2024-03-26 09:59:27 +01:00
K900
2d4edb945b build-remote: fix format string shenanigans
HintFmt(string) invokes the HintFmt("%s", literal) constructor,
which is not what we want here. Add a constructor with a proper name
and call that.

Next step: rename all the other ones to HintFmt::literal(string).

Fixes https://github.com/NixOS/nix/issues/10238
2024-03-26 11:01:03 +03:00
Robert Hensing
8b16cced18 Add build-dir setting 2024-03-25 19:48:59 +01:00
Robert Hensing
b1fe388d33 Remove uncalled for message 2024-03-25 19:48:57 +01:00
Eelco Dolstra
c82623a6cc Remove value clearing since it no longer has an effect 2024-03-25 19:21:25 +01:00
Eelco Dolstra
8c0590fa32 Never update values after setting the type
Thunks are now overwritten by a helper function
`Value::finishValue(newType, payload)` (where `payload` is the
original anonymous union inside `Value`). This helps to ensure we
never update a value elsewhere, since that would be incompatible with
parallel evaluation (i.e. after a value has transitioned from being a
thunk to being a non-thunk, it should be immutable).

There were two places where this happened: `Value::mkString()` and
`ExprAttrs::eval()`.

This PR also adds a bunch of accessor functions for value contents,
like `Value::integer()` to access the integer field in the union.
2024-03-25 19:21:25 +01:00
Eelco Dolstra
6d90287f5a
Merge pull request #10303 from hercules-ci/fix-empty-TMPDIR
fix: Treat empty TMPDIR as unset
2024-03-25 12:49:10 +01:00
Robert Hensing
9884018dfa baseNameOf(): Remove all trailing slashes 2024-03-24 01:38:22 +01:00
Robert Hensing
754a15e2db builtins.baseNameOf: Fork 2024-03-24 01:37:58 +01:00
Robert Hensing
175afc7106 Test and document builtins.baseNameOf 2024-03-24 01:26:17 +01:00
Robert Hensing
3b7f2bf997 git/dumpTree: Assert name not empty before back() 2024-03-24 00:58:08 +01:00
Robert Hensing
850c9a6caf HttpBinaryCacheStore: Remove *all* trailing slashes 2024-03-24 00:52:14 +01:00
Robert Hensing
dd26f41379 local-derivation-goal.cc: Remove *all* trailing slashes 2024-03-24 00:52:14 +01:00
Robert Hensing
fd31945742 local-derivation-goal.cc: Reuse defaultTempDir() 2024-03-24 00:45:15 +01:00
Robert Hensing
b9e7f5aa2d fix: Treat empty XDG_RUNTIME_DIR as unset
See preceding commit. Not observed in the wild, but is sensible
and consistent with TMPDIR behavior.
2024-03-24 00:42:31 +01:00
Robert Hensing
c3fb2aa1f9 fix: Treat empty TMPDIR as unset
Fixes an instance of

    nix: src/libutil/util.cc:139: nix::Path nix::canonPath(PathView, bool): Assertion `path != ""' failed.

... which I've been getting in one of my shells for some reason.
I have yet to find out why TMPDIR was empty, but it's no reason for
Nix to break.
2024-03-24 00:42:31 +01:00
detroyejr
717391731c flakes: remove experimental repl-flake 2024-03-22 19:30:03 -04:00
Eelco Dolstra
bfd36402ac EvalCache: Fix missing format string argument
Fixes

  terminate called after throwing an instance of 'boost::wrapexcept<boost::io::too_few_args>'
    what():  boost::too_few_args: format-string referred to more arguments than were passed
  Aborted (core dumped)

for type errors in AttrCursor.
2024-03-22 18:11:24 +01:00
Robert Hensing
a223280664
Merge pull request #10286 from hercules-ci/various
Allocate a bit less
2024-03-22 11:19:58 +01:00
Théophane Hufschmitt
f666eda94d
Merge pull request #10274 from tweag/warn-on-untrusted-setting
Daemon: warn when an untrusted user cannot override a setting
2024-03-21 16:40:24 +01:00
Théophane Hufschmitt
039b3fbdfe
Merge pull request #10271 from jonringer/document-flake-multiple-outputs
Document how to build many outputs of a flake package
2024-03-21 15:58:32 +01:00
Robert Hensing
1fcdd1640e functionArgs: Allocate bools only once 2024-03-20 23:25:28 +01:00
Robert Hensing
8c6e0df45f value.hh: Fix warning about {struct/class} Value 2024-03-20 23:25:28 +01:00
Robert Hensing
a865049c4f tryEval: Allocate true and false once 2024-03-20 23:25:28 +01:00
Robert Hensing
d71e74838a readDir: Allocate type strings only once 2024-03-20 23:25:28 +01:00
Jonathan Ringer
4c8a33ce46
Update src/nix/build.md
Co-authored-by: Théophane Hufschmitt <7226587+thufschmitt@users.noreply.github.com>
2024-03-20 14:42:44 -07:00
Robert Hensing
7d2ead50e5
Merge pull request #10083 from lf-/jade/refactor-repl-input
refactor: move the repl input code to its own file
2024-03-20 22:37:40 +01:00
Robert Hensing
d16d7f5f31
Merge pull request #10251 from edolstra/list-builder
Add a ListBuilder helper for constructing list values
2024-03-20 22:30:38 +01:00
Robert Hensing
d4b0b7f152 createBaseEnv: Use state.vNull 2024-03-20 21:34:23 +01:00
Robert Hensing
0b08dd45b0 prim_match: Use state.vNull 2024-03-20 21:28:38 +01:00
Félix Baylac-Jacqué
40a7929c8e Daemon: warn when an untrusted user cannot override a setting
In a daemon-based Nix setup, some options cannot be overridden by a
client unless the client's user is considered trusted.

Currently, if an untrusted user tries to override one of those
options, we are silently ignoring it.

This can be pretty confusing in certain situations.

e.g. a user thinks he disabled the sandbox when in reality he did not.

We are now sending a warning message letting know the user some options
have been ignored.

Related to #1761.

This is a cherry-pick of 9e0f5f803f.
The above commit has been reverted by
a59e77d9e5 to prevent spamming warnings
with experimental features, but these are now totally ignored on the
daemon side, so there's no reason for the revert any more.
2024-03-20 17:55:35 +01:00
Théophane Hufschmitt
346f92aa4c
Merge pull request #10241 from bouk/resolve-ref-packed-refs
git fetcher: use resolveRef for getting revision of reference
2024-03-20 17:37:15 +01:00
Jonathan Ringer
a5262fb880 Document how to build many outputs of a flake package 2024-03-19 17:37:04 -07:00
John Ericson
18945e3f44 Merge branch 'master' into overlayfs-store 2024-03-18 16:43:33 -04:00
John Ericson
cd35e00103
Adding missing tracking URL for local overlay store
Co-authored-by: Théophane Hufschmitt <7226587+thufschmitt@users.noreply.github.com>
2024-03-18 16:41:16 -04:00
lelgenio
ad217ddbbc Document builtins.storePath being disabled by pure-eval 2024-03-18 16:23:17 -03:00
Yueh-Shun Li
d2b512959c builtins.addDrvOutputDependencies: fix commentary 2024-03-18 02:38:31 +08:00
Yueh-Shun Li
39b0b8452f doc: builtins.addDrvOutputDependencies: fix link target 2024-03-17 06:13:14 +08:00
Eelco Dolstra
3e6730ee62 Mark Value pointers in Value::elems as const
This catches modification of finalized values (e.g. in prim_sort).
2024-03-15 18:26:37 +01:00
Eelco Dolstra
fecff520d7 Add a ListBuilder helper for constructing list values
Previously, `state.mkList()` would set the type of the value to tList
and allocate the list vector, but it would not initialize the values
in the list. This has two problems:

* If an exception occurs, the list is left in an undefined state.

* More importantly, for multithreaded evaluation, if a value
  transitions from thunk to non-thunk, it should be final (i.e. other
  threads should be able to access the value safely).

To address this, there now is a `ListBuilder` class (analogous to
`BindingsBuilder`) to build the list vector prior to the call to
`Value::mkList()`. Typical usage:

   auto list = state.buildList(size);
   for (auto & v : list)
       v = ... set value ...;
   vRes.mkList(list);
2024-03-15 18:26:37 +01:00
Dimitar Nestorov
a50295425e
docs: update registry examples
When you run `nix flake info` you get a deprecated message
2024-03-14 16:15:52 +02:00
Bouke van der Bijl
60c2d15f5a git fetcher: use resolveRef for getting revision of reference
* Add regression test
* Fix 'no repo' test so it doesn't succeed if the data is still in cache
* Use git_revparse_single inside git-utils instead of reimplementing the same logic.
2024-03-14 14:04:51 +01:00
Emanuel Czirai
e5840d5760
typo consant->constant in context.cc 2024-03-13 20:35:24 +01:00
Jade Lovelace
ea31b8a117 refactor: repl prompts are now the job of the interacter 2024-03-12 18:25:35 -07:00
Jade Lovelace
70a6ce139b refactor: move readline stuff into its own file
This is in direct preparation for an automation mode of nix repl.
2024-03-12 18:25:35 -07:00
Jade Lovelace
76aced6915 finally.hh: delete copy constructor which is a bad idea 2024-03-12 18:25:35 -07:00
Eelco Dolstra
bff5c94184
Merge pull request #10205 from 9999years/final-matchers
Make `Matcher` subclasses `final`
2024-03-12 07:23:15 +01:00
Eelco Dolstra
18b89ca58c
Merge pull request #10227 from tmplt/doc/nix-copy
nix-copy: document --all --from local binary cache example
2024-03-12 07:22:28 +01:00
Théophane Hufschmitt
18b2ef8b20
Merge pull request #10209 from 9999years/rethrow-for-top-level-errors-in-repl
Print top-level errors normally in `nix repl`
2024-03-11 21:11:28 +01:00
Viktor Sonesten
db36c9ca90 nix-copy: document --all --from local binary cache example 2024-03-11 19:17:45 +01:00
tomberek
25bf671015
Merge pull request #10200 from 9999years/fix-nix-eval-for-derivations
Fix `nix eval nixpkgs#bash` segfault
2024-03-11 13:56:49 -04:00
Robert Hensing
3539172fd2
Merge pull request #10208 from 9999years/print-strings-directly
`:print` strings directly in `nix repl`
2024-03-11 10:02:09 +01:00
Rebecca Turner
db9bab2708
Matcher: Add virtual destructor 2024-03-10 12:56:07 -07:00
Eelco Dolstra
841fd78baa GitArchiveInputScheme: Support the narHash attribute
This is required to produce a locked flakeref.
2024-03-10 14:08:55 +01:00
Rebecca Turner
d13c63afa2
Print top-level errors normally in nix repl
Previously, errors while printing values in `nix repl` would be printed
in `«error: ...»` brackets rather than displayed normally:

```
nix-repl> legacyPackages.aarch64-darwin.pythonPackages.APScheduler
«error: Package ‘python-2.7.18.7’ in /nix/store/6s0m1qc31zw3l3kq0q4wd5cp3lqpkq0q-source/pkgs/development/interpreters/python/cpython/2.7/default.nix:335 is marked as insecure, refusing to evaluate.»
```

Now, errors will be displayed normally if they're emitted at the
top-level of an expression:

```
nix-repl> legacyPackages.aarch64-darwin.pythonPackages.APScheduler
error:
       … in the condition of the assert statement
         at /nix/store/6s0m1qc31zw3l3kq0q4wd5cp3lqpkq0q-source/lib/customisation.nix:268:17:
          267|     in commonAttrs // {
          268|       drvPath = assert condition; drv.drvPath;
             |                 ^
          269|       outPath = assert condition; drv.outPath;

       … in the left operand of the OR (||) operator
         at /nix/store/6s0m1qc31zw3l3kq0q4wd5cp3lqpkq0q-source/pkgs/development/interpreters/python/passthrufun.nix:28:45:
           27|         if lib.isDerivation value then
           28|           lib.extendDerivation (valid value || throw "${name} should use `buildPythonPackage` or `toPythonModule` if it is to be part of the Python packages set.") {} value
             |                                             ^
           29|         else

       (stack trace truncated; use '--show-trace' to show the full trace)

       error: Package ‘python-2.7.18.7’ in /nix/store/6s0m1qc31zw3l3kq0q4wd5cp3lqpkq0q-source/pkgs/development/interpreters/python/cpython/2.7/default.nix:335 is marked as insecure, refusing to evaluate.
```

Errors emitted in nested structures (like e.g. when printing `nixpkgs`)
will still be printed in brackets.
2024-03-09 18:28:04 -08:00
Rebecca Turner
d859d6c434
:print strings directly in nix repl
Strings are now printed directly when evaluated by `:print`, rather than
escaped. This makes it easier to debug multi-line strings or strings
containing quotes, like the results of `builtins.readFile`,
`lib.toShellArg`, and so on.

```
nix-repl> "cuppy\ndog\ncity"
"cuppy\ndog\ncity"

nix-repl> :p "cuppy\ndog\ncity"
cuppy
dog
city
```
2024-03-09 18:13:08 -08:00
Rebecca Turner
70e93c1e2b
Make Matcher subclasses final
Fixes this very long warning, which I'll only include the first line of:

/nix/store/8wrjhrycpshhc3b41xmjwvgqr2m3yajq-libcxx-16.0.6-dev/include/c++/v1/__memory/construct_at.h:66:5: warning: destructor called on non-final 'RegexMatcher' that has virtual functions but non-virtual destructor [-Wdelete-non-abstract-non-virtual-dtor]
    __loc->~_Tp();
2024-03-09 17:07:52 -08:00
Valentin Gagarin
ac730622e8
document where the value of builtins.nixPath comes from (#9113)
* document default values for `nix-path`

also note how it's overridden and note the effect of `restrict-eval`
2024-03-09 17:57:57 +00:00
Rebecca Turner
4910d74086
Print derivation paths in nix eval
`nix eval` forces values and prints derivations as attribute sets, so
commands that print derivations (e.g. `nix eval nixpkgs#bash`) will
infinitely loop and segfault.

Printing derivations as `.drv` paths makes `nix eval` complete as
expected. Further work is needed, but this is better than a segfault.
2024-03-08 21:43:54 -08:00
tomberek
a200ee6bf7
Merge pull request #9874 from pennae/error-reports
improve error reports somewhat
2024-03-08 10:51:14 -05:00
Eelco Dolstra
ae2bd460a8
Merge pull request #10166 from bobvanderlinden/profile-regex-all
profile: introduce --regex and --all
2024-03-08 15:59:24 +01:00
Eelco Dolstra
6d245182e8 GitHub fetcher: Don't emit treeHash yet
But do accept it if it's there, so we don't choke on future lock files
that do have the treeHash attribute.
2024-03-08 12:40:14 +01:00
Bob van der Linden
3d628d1704
profile: convert Matcher to abstract class 2024-03-08 10:47:51 +01:00
Bob van der Linden
91f068c193
profile: make --all exclusive 2024-03-07 21:07:03 +01:00
Bob van der Linden
7a4d5e89d3
profile: add --all option to match any package 2024-03-07 21:07:03 +01:00
Bob van der Linden
87741dbd21
profile: add --regex option to match packages 2024-03-07 21:07:03 +01:00
Bob van der Linden
d6f5da51d3
profile: match on package name instead of regex 2024-03-07 21:07:03 +01:00
Bob van der Linden
741a6bfad5
profile: allow different types of matchers 2024-03-07 21:07:03 +01:00
Rebecca Turner
4b4c71e239 Restore "checking Hydra job" message in nix flake check
Mistakenly removed in #8893, thanks @lf- for catching this!

9404ce36e4 (r139485316)
2024-03-07 08:15:53 -08:00
Théophane Hufschmitt
a3163b9eab Fix the outputs moving on macOS 2024-03-07 14:52:40 +01:00
Eelco Dolstra
0282499e18 PathInputScheme::getFingerprint(): Don't barf on relative paths
This wasn't caught by CI because #10149 and #10152 pass
individually... It doesn't happen on lazy-trees either because we
never try to fetch relative path flakes (#10089).
2024-03-07 13:28:52 +01:00
Eelco Dolstra
da62528487
Merge pull request from GHSA-2ffj-w4mj-pg37
Copy built outputs
2024-03-07 11:56:24 +01:00
Eelco Dolstra
7d76bc8a39
Merge pull request #10152 from edolstra/fetcher-cleanups
Fetcher cleanups
2024-03-07 10:21:11 +01:00
Eelco Dolstra
bd828b1937
Merge pull request #10150 from edolstra/always-upgrade-unlocked-flakerefs
nix profile upgrade: Always upgrade unlocked flakerefs
2024-03-07 10:20:37 +01:00
Eelco Dolstra
38b79da100
Merge pull request #10149 from edolstra/use-flake-fingerprint
LockedFlake::getFingerprint(): Use Input::getFingerprint()
2024-03-07 10:18:19 +01:00
Robert Hensing
73cf23275e
Merge pull request #10107 from tweag/repl-file-argument
Properly fail on flakerefs that don't point to a directory
2024-03-07 10:04:35 +01:00
tomberek
0a11080c58
Merge pull request #10172 from lf-/jade/fix-9725
fix: bounds check result in getMaxCPU
2024-03-07 00:58:44 -05:00
Jade Lovelace
9c64a09c70 fix: bounds check result in getMaxCPU
Fixes https://github.com/NixOS/nix/issues/9725
2024-03-06 20:57:31 -08:00
pennae
5d9fdab3de use byte indexed locations for PosIdx
we now keep not a table of all positions, but a table of all origins and
their sizes. position indices are now direct pointers into the virtual
concatenation of all parsed contents. this slightly reduces memory usage
and time spent in the parser, at the cost of not being able to report
positions if the total input size exceeds 4GiB. this limit is not unique
to nix though, rustc and clang also limit their input to 4GiB (although
at least clang refuses to process inputs that are larger, we will not).

this new 4GiB limit probably will not cause any problems for quite a
while, all of nixpkgs together is less than 100MiB in size and already
needs over 700MiB of memory and multiple seconds just to parse. 4GiB
worth of input will easily take multiple minutes and over 30GiB of
memory without even evaluating anything. if problems *do* arise we can
probably recover the old table-based system by adding some tracking to
Pos::Origin (or increasing the size of PosIdx outright), but for time
being this looks like more complexity than it's worth.

since we now need to read the entire input again to determine the
line/column of a position we'll make unsafeGetAttrPos slightly lazy:
mostly the set it returns is only used to determine the file of origin
of an attribute, not its exact location. the thunks do not add
measurable runtime overhead.

notably this change is necessary to allow changing the parser since
apparently nothing supports nix's very idiosyncratic line ending choice
of "anything goes", making it very hard to calculate line/column
positions in the parser (while byte offsets are very easy).
2024-03-06 23:48:42 +01:00
pennae
855fd5a1bb diagnose "unexpected EOF" at EOF
this needs a string comparison because there seems to be no other way to
get that information out of bison. usually the location info is going to
be correct (pointing at a bad token), but since EOF isn't a token as
such it'll be wrong in that this case.

this hasn't shown up much so far because a single line ending *is* a
token, so any file formatted in the usual manner (ie, ending in a line
ending) would have its EOF position reported correctly.
2024-03-06 23:11:12 +01:00
pennae
2be6b14328 match line endings used by parser and error reports
the parser treats a plain \r as a newline, error reports do not. this
can lead to interesting divergences if anything makes use of this
feature, with error reports pointing to wrong locations in the input (or
even outside the input altogether).
2024-03-06 23:11:12 +01:00
pennae
1edd6fada5 report inherit attr errors at the duplicate name
previously we reported the error at the beginning of the binding
block (for plain inherits) or the beginning of the attr list (for
inherit-from), effectively hiding where exactly the error happened.

this also carries over to runtime positions of attributes in sets as
reported by unsafeGetAttrPos. we're not worried about this changing
observable eval behavior because it *is* marked unsafe, and the new
behavior is much more useful.
2024-03-06 23:11:12 +01:00
pennae
4147ecfb1c normalize formal order on ExprLambda::show
we already normalize attr order to lexicographic, doing the same for
formals makes sense. doubly so because the order of formals would
otherwise depend on the context of the expression, which is not quite as
useful as one might expect.
2024-03-06 23:11:12 +01:00
pennae
d384ecd553 keep copies of parser inputs that are in-memory only
the parser modifies its inputs, which means that sharing them between
the error context reporting system and the parser itself can confuse the
reporting system. usually this led to early truncation of error context
reports which, while not dangerous, can be quite confusing.
2024-03-06 23:11:12 +01:00
Théophane Hufschmitt
fe42a0ead7
Documentation typo 2024-03-06 09:10:32 +01:00
Théophane Hufschmitt
67f95755d6
Merge pull request #10155 from NixOS/warn-against-changing-profile-version-number
Add a warning against carelessly changing the profile version number
2024-03-06 06:43:36 +01:00
Théophane Hufschmitt
0d26358bda
Merge pull request #10151 from edolstra/fix-lstat-cache
PosixSourceAccessor::cachedLstat(): Use absolute path
2024-03-05 08:59:30 +01:00
Théophane Hufschmitt
7161ef14a2
Add a warning against carelessly changing the profile version number
Try and prevent the situation of https://github.com/NixOS/nix/issues/10109 to happen again in the future
2024-03-05 08:07:58 +01:00
Eelco Dolstra
0e07f81d2b Fetcher cleanups
* Convert all InputScheme::fetch() methods to getAccessor().

* Add checkLocks() method for checking lock attributes.

* Rename fetch() to fetchToStore().
2024-03-04 22:24:55 +01:00
Eelco Dolstra
4967c5ff6b Fix macOS build 2024-03-04 22:24:12 +01:00
Eelco Dolstra
9ee590e113 PosixSourceAccessor::cachedLstat(): Use absolute path
Using the relative path can cause collisions between cache entries for
PosixSourceAccessors with different roots.
2024-03-04 21:54:35 +01:00
Eelco Dolstra
32bf39c73a nix flake metadata: Don't show locked URL if it's not locked
This is the case for e.g. dirty Git workdirs, where we would get

  $ nix flake metadata
  Resolved URL:  git+file:///home/eelco/Dev/nix-master
  Locked URL:    git+file:///home/eelco/Dev/nix-master
2024-03-04 19:37:43 +01:00
Eelco Dolstra
2306e96767 nix profile upgrade: Always upgrade unlocked flakerefs
The "lockedRef" field is a misnomer, since it can be unlocked
(e.g. for a dirty Git workdir). In that case, `nix profile upgrade`
needs to assume that the package can have changed, and perform an
upgrade.
2024-03-04 19:30:38 +01:00
Eelco Dolstra
6558da45f5 LockedFlake::getFingerprint(): Use Input::getFingerprint() 2024-03-04 19:22:23 +01:00
Eelco Dolstra
29049d2653 Implement getFingerprint() for store paths 2024-03-04 19:21:31 +01:00
Rebecca Turner
2e8f4faa10
Fix build
Not sure why that was giving a duplicate symbol error, or why marking it
inline fixes it. Here it is!
2024-03-04 09:32:06 -08:00
Rebecca Turner
14b0356dc5
Forbid nested debuggers 2024-03-04 09:24:57 -08:00
Théophane Hufschmitt
eaa6c26189
Merge pull request #10088 from edolstra/flake-source-path
Use SourcePath for reading flake.{nix,lock}
2024-03-04 14:40:40 +01:00
Théophane Hufschmitt
7764edf0e4
Merge pull request #10078 from szlend/fix-macos-local-network-sandbox
Fix `__darwinAllowLocalNetworking` sandbox
2024-03-04 14:34:57 +01:00
Eelco Dolstra
438855952b
Merge pull request #10122 from edolstra/arg-from-file
Add --arg-from-file and --arg-from-stdin
2024-03-04 13:29:58 +01:00
Eelco Dolstra
cbfd211b39 Fix build 2024-03-04 12:49:32 +01:00
Théophane Hufschmitt
8a9eec375c
Merge pull request #10073 from olmokramer/nix-flake-update-multiple-inputs
Accept multiple inputs in `nix flake update`
2024-03-04 09:13:26 +01:00
Eelco Dolstra
75c5e1a5cc
Merge pull request #10126 from lf-/jade/kill-ndebug
Ban building Nix with NDEBUG
2024-03-03 20:01:12 +01:00
Jade Lovelace
2625e9fb0a Ban building Nix with NDEBUG
When reviewing old PRs, I found that #9997 adds some code to ensure one
particular assert is always present. But, removing asserts isn't
something we do in our own release builds either in the flake here or in
nixpkgs, and is plainly a bad idea that increases support burden,
especially if other distros make bad choices of build flags in their Nix
packaging.

For context, the assert macro in the C standard is defined to do nothing
if NDEBUG is set.

There is no way in our build system to set -DNDEBUG without manually
adding it to CFLAGS, so this is simply a configuration we do not use.
Let's ban it at compile time.

I put this preprocessor directive in src/libutil.cc because it is not
obvious where else to put it, and it seems like the most logical file
since you are not getting a usable nix without it.
2024-03-02 11:22:46 -08:00
Ivan Shapovalov
c6f0407103 libutil/terminal: cache isTTY() 2024-03-02 16:32:04 +01:00
Ivan Shapovalov
8c1eeb4681 treewide: shouldANSI() -> isTTY() 2024-03-02 16:32:04 +01:00
Ivan Shapovalov
d9fc4bf5c5 treewide: replace usages of isatty(STDERR_FILENO) with shouldANSI() 2024-03-02 16:32:04 +01:00
Ivan Shapovalov
950b6401f9 libmain/progress-bar: try harder to avoid escape sequences if !isTTY 2024-03-02 16:31:51 +01:00
Théophane Hufschmitt
2f0bc6373c Don't fail if a flakeref directly points to the flake.nix
Just warn and redirect it to the parent directory
2024-03-02 10:34:20 +01:00
Théophane Hufschmitt
11a1dcc43b Properly fail on flakerefs that don't point to a directory
Directly fail if a flakeref points to something that isn't a directory
instead of falling back to the logic of trying to look up the hierarchy
to find a valid flake root.

Fix https://github.com/NixOS/nix/issues/9868
2024-03-02 10:24:20 +01:00
med8bra
1bc89b588b doc(xp-feature): add issue url in experimental feature details 2024-03-02 03:51:12 +01:00
Eelco Dolstra
ba9b6b29b7
Merge pull request #10111 from obsidiansystems/git-objects
Support symlinks properly with `git-hashing` experimental feature
2024-03-01 15:00:43 +01:00
Eelco Dolstra
8ce1f6800b Add --arg-from-stdin to read an argument from stdin 2024-03-01 14:39:42 +01:00
Eelco Dolstra
291b10c607 Add --arg-from-file for reading a string from a file 2024-03-01 14:35:27 +01:00
Eelco Dolstra
d72ee91d07 Clean up --arg processing 2024-03-01 14:14:14 +01:00
Théophane Hufschmitt
c3878f510e Copy the output of fixed-output derivations before registering them
It is possible to exfiltrate a file descriptor out of the build sandbox
of FODs, and use it to modify the store path after it has been
registered.
To avoid that issue, don't register the output of the build, but a copy
of it (that will be free of any leaked file descriptor).
2024-03-01 09:31:28 +01:00
John Ericson
5a2985431c Revert "Revert "Merge pull request #9546 from NixOS/nixos-23.11""
This reverts commit d6d7d2cb46.
2024-02-29 14:52:31 -05:00
John Ericson
d6d7d2cb46 Revert "Merge pull request #9546 from NixOS/nixos-23.11"
This reverts commit 587c7dcb2b, reversing
changes made to 864fc85fc8.
2024-02-29 14:39:29 -05:00
John Ericson
bcd6b33dbc Polish local overlay store docs 2024-02-29 11:58:53 -05:00
Théophane Hufschmitt
bf48501194
Merge pull request #10112 from edolstra/fix-gcc12-warnings
Fix gcc 12 warnings
2024-02-29 15:55:59 +01:00
John Ericson
cb4f85f11c Merge branch 'master' into overlayfs-store 2024-02-29 09:54:21 -05:00
Eelco Dolstra
b1586a6799
Merge pull request #10090 from bobvanderlinden/profile-error-install-twice
profile install: warn on installing package twice
2024-02-29 10:04:08 +01:00
Bob van der Linden
14adff1711
profile install: skip and warn on installing package twice 2024-02-29 08:29:38 +01:00
tomberek
ffe67c86a8
Merge pull request #9915 from 9999years/evaluating-attribute-position
Add position information to `while evaluating the attribute` errors in the debugger
2024-02-28 18:11:07 -05:00
Eelco Dolstra
65bb12ba78 Fix gcc 12 warnings 2024-02-28 22:59:20 +01:00
Jade Lovelace
f6158ea53b finally.hh: include works by itself; mark as nodiscard 2024-02-28 11:40:32 -08:00
John Ericson
bcb5f235f9 Support symlinks properly with git-hashing experimental feature
Before, they would not be written to a file `FileSystemObjectSink`
correctly.
2024-02-28 12:24:45 -05:00
Robert Hensing
587c7dcb2b
Merge pull request #9546 from NixOS/nixos-23.11
Update to nixos-23.11
2024-02-28 17:51:16 +01:00
Théophane Hufschmitt
864fc85fc8
Merge pull request #10010 from 9999years/fix-9941
Fix "Failed tcsetattr(TCSADRAIN)" when `nix repl` is not a TTY
2024-02-28 14:25:58 +01:00
Théophane Hufschmitt
da90be789d Fix a too smart implicit cast
Apparently gcc is able to implicitly cast from `FileIngestionMethod` to
`ContentAddressMethod`, but clang isn't. So explicit the cast
2024-02-28 08:00:17 +01:00
DavHau
358c26fd13 fetchTree: shallow git fetching by default
Motivation:
make git fetching more efficient for most repos by default
2024-02-28 13:27:22 +07:00
John Ericson
d4ad1fcf30 Avoid creating temporary store object for git over the wire
Instead, serialize as NAR and send that over, then rehash sever side.
This is alorithmically simpler, but comes at the cost of a newer
parameter to `Store::addToStoreFromDump`.

Co-authored-by: Eelco Dolstra <edolstra@gmail.com>
2024-02-27 11:27:34 -05:00
John Ericson
201551c937 Add Git object hashing to the store layer
Part of RFC 133

Extracted from our old IPFS branches.

Co-Authored-By: Matthew Bauer <mjbauer95@gmail.com>
Co-Authored-By: Carlo Nucera <carlo.nucera@protonmail.com>
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
Co-authored-by: Florian Klink <flokli@flokli.de>
2024-02-27 11:27:34 -05:00
Eelco Dolstra
c3e9e3d0c3
Merge pull request #9767 from obsidiansystems/canon-path-split
Support Windows paths in `canonPath` and `absPath`
2024-02-27 17:12:29 +01:00
John Ericson
354ba27296
Merge pull request #10093 from NixOS/revert-10084-remove-dead-git-code
Revert "Remove dead Git code"
2024-02-27 09:54:25 -05:00
Eelco Dolstra
5b0d78ec73
Merge pull request #10091 from bobvanderlinden/default-package-name
Fix extraction of name for defaultPackage URLs
2024-02-27 15:14:20 +01:00
Bob van der Linden
e5d9130a5b
Fix extraction of name for defaultPackage URLs 2024-02-27 07:53:05 +01:00
Théophane Hufschmitt
be0052b45f
Revert "Remove dead Git code" 2024-02-27 06:39:30 +01:00
Bob van der Linden
d28a240aa6
profile: extract getNameFromElement 2024-02-26 21:07:18 +01:00
Robert Hensing
4c7f0ef6ca
Merge pull request #9847 from pennae/inherit-from-dedup
deduplicate inherit-from source expr work
2024-02-26 20:25:58 +01:00
Théophane Hufschmitt
c10025d8ca
Merge pull request #10084 from tweag/remove-dead-git-code
Remove dead Git code
2024-02-26 19:49:14 +01:00
pennae
f24e445bc0 add doc comment justifying ExprInheritFrom
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2024-02-26 19:07:08 +01:00
pennae
1cd87b7042 remove ExprAttrs::AttrDef::inherited
it's no longer widely used and has a rather confusing meaning now that
inherit-from is handled very differently.
2024-02-26 19:07:08 +01:00
pennae
cefd0302b5 evaluate inherit (from) exprs only once per directive
desugaring inherit-from to syntactic duplication of the source expr also
duplicates side effects of the source expr (such as trace calls) and
expensive computations (such as derivationStrict).
2024-02-26 19:07:08 +01:00
Eelco Dolstra
598deb2b23 Use SourcePath for reading flake.{nix,lock}
Flakes still reside in the Nix store (so there shouldn't be any change
in behaviour), but they are now accessed via the rootFS
accessor. Since rootFS implements access checks, we no longer have to
worry about flake.{nix,lock} or their parents being symlinks that
escape from the flake.

Extracted from the lazy-trees branch.
2024-02-26 15:14:18 +01:00
John Ericson
62a13c8101
Merge pull request #10086 from ShamrockLee/hash-algorithm-rename
treewide: hash type -> hash algorithm
2024-02-26 08:37:09 -05:00
Yueh-Shun Li
fd47f76da9 treewide: hash type -> hash algorithm
"hash type" -> "hash algorithm" in all comments, documentation, and
messages.

ht -> ha, [Hh]ashType -> [HhashAlgo] for all local variables and
function arguments. No API change is made.

Continuation of 5334c9c792 and 837b889c41.
2024-02-26 18:09:06 +08:00
Théophane Hufschmitt
219705ff64 Remove dead code
Most of the code in `git.{cc,hh}` is dead, so get rid of it.
2024-02-26 11:07:47 +01:00
Théophane Hufschmitt
21282c3c20
Merge pull request #10074 from lf-/jade/ban-implicit-fallthrough
Warn on implicit switch case fallthrough
2024-02-26 10:48:07 +01:00
Simon Žlender
d60c3f7f7c Fix __darwinAllowLocalNetworking sandbox
The sandbox rule `(allow network* (local ip))` doesn't do what it
implies. Adding this rule permits all network traffic. We should be
matching on (remote ip "localhost:*")` instead.
2024-02-25 23:00:57 +01:00
Jade Lovelace
a82aeedb5b Warn on implicit switch case fallthrough
This seems to have found one actual bug in fs-sink.cc: the symlink case
was falling into the regular file case, which can't possibly be
intentional, right?
2024-02-24 15:52:16 -08:00
Olmo Kramer
9f11b1b0c4
Accept multiple inputs in nix flake update 2024-02-24 20:58:44 +01:00
Johannes Kirschbauer
d83008c3a7
documentation: clarify genericClosure (#10003)
* doc: clarify genericClosure documentation

Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
2024-02-24 12:34:53 +00:00
Robert Hensing
0b47783d0a
Merge pull request #10066 from 9999years/print-all-frames
Do not skip any stack frames when `--show-trace` is given
2024-02-23 18:53:11 +01:00
Théophane Hufschmitt
bca737dcad c++-ize the proxy detection code
Just for consistency with the rest
2024-02-23 10:28:37 +01:00
ramboman
d3bff699aa nix: Fix haveInternet to check for proxy 2024-02-23 01:05:25 -05:00
Rebecca Turner
91e89628fd
Make addErrorTrace variadic 2024-02-22 17:18:27 -08:00
Rebecca Turner
f05c13ecc2
Remove the concept of "skipped frames" 2024-02-22 17:14:55 -08:00
Rebecca Turner
040874e4db
Print all stack frames 2024-02-22 17:14:33 -08:00
Théophane Hufschmitt
6a5210f48e
Merge pull request #9815 from NixOS/nix-hash-path
`nix hash path`, text hashing for `nix store add`, and preparatory refactors
2024-02-22 17:15:34 +01:00
Eelco Dolstra
f183eef4a0
Merge pull request #10060 from bobvanderlinden/pr-simple-profile-remove-suggestion
profile: suggest removal using profile entry name
2024-02-22 11:02:12 +01:00
Bob van der Linden
4ae5091716
nix profile: suggest removal using entry name
When a file conflict arises during a package install a suggestion is
made to remove the old entry. This was previously done using the
installable URLs of the old entry. These URLs are quite verbose and
often do not equal the URL of the existing entry.

This change uses the recently introduced profile entry name for the
suggestion, resulting in a simpler output.

The improvement is easily seen in the change to the functional test.
2024-02-21 21:58:36 +01:00
John Ericson
2080d89b87
Merge pull request #10038 from edolstra/tarball-git-cache
Use the Git cache for tarball flakes
2024-02-21 15:47:02 -05:00
Eelco Dolstra
e391fc2101 Add comments 2024-02-21 21:15:28 +01:00
Théophane Hufschmitt
774e7ca584
Merge pull request #9914 from 9999years/debugger-on-trace
Enter debugger on `builtins.trace` with an option
2024-02-21 18:32:56 +01:00
John Ericson
efd36b49e8 nix hash path, and preperatory refactors
- `nix store add` supports text hashing

  With functional test ensuring it matches `builtins.toFile`.

- Factored-out flags for both commands

- Move all common reusable flags to `libcmd`

  - They are not part of the *definition* of the CLI infra, just a usag
    of it.

  - The `libstore` flag couldn't go in `args.hh` in libutil anyways,
    would be awkward for it to live alone

- Shuffle around `Cmd*` hierarchy so flags for deprecated commands don't
  end up on the new ones
2024-02-21 12:11:25 -05:00
Rebecca Turner
b111fba8cd
Add documentation, rename to debugger-on-trace 2024-02-21 09:07:39 -08:00
Eelco Dolstra
3f5d7afe46
Merge pull request #10024 from edolstra/remove-locked-flag
Input: Replace 'locked' bool by isLocked() method
2024-02-21 16:19:15 +01:00
Eelco Dolstra
9ae665b9e1
Merge pull request #10054 from syvb/channel-unpack-count
Say how many channels were unpacked in nix-channel
2024-02-21 12:23:57 +01:00
Eelco Dolstra
09d76e512a GitArchiveInputScheme: Require a NAR hash 2024-02-21 12:08:18 +01:00
Graham Dennis
7fd0de38c6 Faster flake.lock parsing
This PR reduces the creation of short-lived basic_json objects while
parsing flake.lock files. For large flake.lock files (~1.5MB) I was
observing ~60s being spent for trivial nix build operations while
after this change it is now taking ~1.6s.
2024-02-21 18:40:34 +11:00
syvb
60eeacc24a Say how many channels were unpacked 2024-02-20 19:17:18 -05:00
Rebecca Turner
8e71883e3f
Rename ProcessLineResult variants 2024-02-20 14:52:16 -08:00
Rebecca Turner
2a8fe9a938
:quit in the debugger should quit the whole program 2024-02-20 10:01:13 -08:00
Eelco Dolstra
071dd2b3a4 Input: Replace 'locked' bool by isLocked() method
It's better to just check whether the input has all the attributes
needed to consider itself locked (e.g. whether a Git input has an
'rev' attribute).

Also, the 'locked' field was actually incorrect for Git inputs: it
would be set to true even for dirty worktrees. As a result, we got
away with using fetchTree() internally even though fetchTree()
requires a locked input in pure mode. In particular, this allowed
'--override-input' to work by accident.

The fix is to pass a set of "overrides" to call-flake.nix for all the
unlocked inputs (i.e. the top-level flake and any --override-inputs).
2024-02-20 16:59:15 +01:00
Eelco Dolstra
0acd783190 Don't send settings that depend on disabled experimental features to the daemon
This fixes warnings like

   warning: Ignoring setting 'auto-allocate-uids' because experimental feature 'auto-allocate-uids' is not enabled
   warning: Ignoring setting 'impure-env' because experimental feature 'configurable-impure-env' is not enabled

when using the daemon and the user didn't actually set those settings.

Note: this also hides those settings from `nix config show`, but that
seems a good thing.
2024-02-20 15:28:42 +01:00
Théophane Hufschmitt
d2c6a93bd5
Merge pull request #10044 from edolstra/empty-git-repos
Handle empty Git repositories / workdirs
2024-02-20 14:01:23 +01:00
Eelco Dolstra
cabee98152 Tarball fetcher: Use the content-addressed Git cache
Backported from the lazy-trees branch.
2024-02-20 12:57:36 +01:00
Eelco Dolstra
930b9c8269 PosixSourceAccessor: Support roots that are not directories
We have to support this for `fetchTree { type = "file" }` (and
probably other types of trees that can have a non-directory at the
root, like NARs).
2024-02-20 12:51:15 +01:00
Théophane Hufschmitt
6f4bb1b584
Merge pull request #10043 from edolstra/fix-readonly-fetchToStore
fetchToStore(): Don't always respect settings.readOnlyMode
2024-02-20 12:07:48 +01:00
Eelco Dolstra
7cb4d0c5b7 fetchToStore(): Don't always respect settings.readOnlyMode
It's now up to the caller whether readOnlyMode should be applied. In
some contexts (like InputScheme::fetch()), we always need to fetch.
2024-02-20 11:46:49 +01:00
Eelco Dolstra
9e762454cf Support empty Git repositories / workdirs
Fixes #10039.
2024-02-20 11:40:02 +01:00
Eelco Dolstra
d52d91fe7a AllowListInputAccessor: Clarify that the "allowed paths" are actually allowed prefixes
E.g. adding "/" will allow access to the root and *everything below it*.
2024-02-20 11:23:26 +01:00
Eelco Dolstra
6162105675 Don't say "copying X to the store" in read-only mode 2024-02-20 10:47:30 +01:00
John Ericson
319ec6f84a Support Windows paths in canonPath and absPath
`canonPath` and `absPath` work on native paths, and so should switch
between supporting Unix paths and Windows paths accordingly.

The templating is because `CanonPath`, which shares the implementation,
should always be Unix style. It is the pure "nix-native" path type for
virtual file operations --- it is part of Nix's "business logic", and
should not vary with the host OS accordingly.
2024-02-16 10:31:36 -05:00
John Ericson
4531585275 Factor out the Unix-specific parts of canonPathInner
This prepares the code to also support Windows paths in the next commit.
2024-02-16 10:12:07 -05:00
John Ericson
d17e1d9737 Purify CanonPath
The core `CanonPath` constructors were using `absPath`, but `absPath` in
some situations does IO which is not appropriate. It turns out that
these constructors avoided those situations, and thus were pure, but it
was far from obvious this was the case.

To remedy the situation, abstract the core algorithm from `canonPath` to
use separately in `CanonPath` without any IO. No we know by-construction
that those constructors are pure.

That leaves `CanonPath::fromCWD` as the only operation which uses IO /
is impure. Add docs on it, and `CanonPath` as a whole, explaining the
situation.

This is also necessary to support Windows paths on windows without
messing up `CanonPath`. But, I think it is good even without that.

Co-authored-by: Eelco Dolstra <edolstra@gmail.com>
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2024-02-16 09:47:25 -05:00
John Ericson
d53c8901ef
Merge pull request #9985 from alois31/symlink-resolution
Restore `builtins.pathExists` behavior on broken symlinks
2024-02-16 09:24:03 -05:00
John Ericson
e27b7e04bf
Add note about this being a temp solution 2024-02-16 08:45:15 -05:00
Eelco Dolstra
78b8db72b5 Remove tarball-cache.{hh,cc}
TarballInfo is only used in github.cc, and getTarballCache() is a bit
too trivial to have its own file.
2024-02-15 21:58:08 +01:00
Eelco Dolstra
9b04ce16fc Merge branch 'tarball-cache' of github.com:Ericson2314/nix into tarball-cache 2024-02-15 21:48:10 +01:00
Eelco Dolstra
4b40fc5b46 Merge remote-tracking branch 'origin/master' into tarball-cache 2024-02-15 21:46:36 +01:00
John Ericson
ed24baaec4 Finish separating concerns with tarball cache
There is no longer an `importTarball` method. Instead, there is a
`unpackTarfileToSink` function (back in libutil). The caller can use
thisw with the `getParseSink` method we added in the last commit easily
enough.

In addition, tarball cache functionality is separated from `git-utils`
and moved into `tarball-cache`. This ensures we are separating mechanism
and policy.
2024-02-15 10:34:01 -05:00
John Ericson
ba6a5f06ee Split GitRepoImpl::importTarball
There is now a separation of:

1. A `FileSystemObjectSink` for writing to git repos

2. Adapting libarchive to use that parse sink.

The prepares a proper separation of concerns.
2024-02-15 10:27:54 -05:00
Eelco Dolstra
67a6d34448 GitInputAccessor: Speed up lookup()
A command like

  rm -rf ~/.cache/nix/tarball-cache/ ~/.cache/nix/fetcher-cache-v1.sqlite*; nix flake metadata 'git+file:///home/eelco/Dev/nixpkgs?rev=9463103069725474698139ab10f17a9d125da859'

was spending about 84% of its runtime in lookup(), specifically in
git_tree_entry_bypath(). (The reading of blobs is less than 3%.)

It appears libgit2 doesn't do a lot of caching of trees, so we now
make sure that when we look up a path, we add all its parents, and all
the immediate children of the parents (since we have them in memory
anyway), to our own cache.

This speed up the command above from 17.2s to 7.8s on my machine.

Fixes (or at least should improve a lot) #9684.
2024-02-14 19:25:23 +01:00
Eelco Dolstra
54354eaecf Merge remote-tracking branch 'origin/master' into tarball-cache 2024-02-14 14:45:19 +01:00
Théophane Hufschmitt
d857914e1a
Merge pull request #9931 from 9999years/pretty-printer
Pretty-print values in the REPL
2024-02-14 13:32:58 +01:00
Eelco Dolstra
2b946aad8e
Merge pull request #10006 from edolstra/fix-impure-fetchurl
<nix/fetchurl.nix>: Restore support for "impure = true"
2024-02-13 22:50:55 +01:00
Rebecca Turner
a694cfb7bd
Fix "Failed tcsetattr(TCSADRAIN)" when nix repl is not a TTY
Before:
```
$ echo builtins.nixVersion | nix repl
Welcome to Nix 2.18.1. Type :? for help.

Failed tcsetattr(TCSADRAIN): Inappropriate ioctl for device
"2.18.1"

Failed tcsetattr(TCSADRAIN): Inappropriate ioctl for device
```

After:
```
$ echo builtins.nixVersion | nix repl
Nix 2.21.0pre20240131_dirty
Type :? for help.
"2.21.0pre20240131_dirty"
```
2024-02-13 11:09:12 -08:00
John Ericson
9d64613dca
Update src/libutil/file-content-address.cc 2024-02-13 12:50:10 -05:00
Alois Wohlschlager
89e21ab4bd
Restore builtins.pathExists behavior on broken symlinks
Commit 83c067c0fa changed `builtins.pathExists`
to resolve symlinks before checking for existence. Consequently, if the path
refers to a symlink itself, existence of the target of the symlink (instead of
the symlink itself) was checked. Restore the previous behavior by skipping
symlink resolution in the last component.
2024-02-13 18:09:55 +01:00
John Ericson
db41a0616a Use ContentAddressMethod::render in one more place
Good to deduplicate the code.
2024-02-13 11:14:49 -05:00
John Ericson
41dd9857c7 Proper parse and render functions for FileIngestionMethod and ContentAddressMethod
No outward facing behavior is changed.

Older methods with same names that operate on on method + algo pair (for
old-style `<method>:algo`) are renamed to `*WithAlgo`.)

The functions are unit-tested in the same way the names for the hash
algorithms are tested.
2024-02-13 10:30:16 -05:00
Eelco Dolstra
b439b1fc66
Merge pull request #9993 from edolstra/builtin-paths
builtin:{unpack-channel,buildenv}: Get output path from the derivation
2024-02-13 14:57:13 +01:00
Valentin Gagarin
39c353f6fa
reword description of the cores setting (#9522)
* reword description of the `cores` setting

- be precise about the `builder` executable
- clearly distinguish between `builder` and job parallelism
- clarify the role of `mkDerivation` in the example
- remove prose for the default, it's shown programmatically
- mention relation to `max-jobs`
2024-02-13 13:52:51 +00:00
Eelco Dolstra
bb63bd50e6 <nix/fetchurl.nix>: Restore support for "impure = true" 2024-02-13 14:14:20 +01:00
Valentin Gagarin
fd82ba0985
extract reference documentation on remote builds (#9526)
- move all reference documentation to the `builders` configuration setting
- reword documentation on machine specification, add examples
- disable showing the default value, as it rendered as `@/dummy/machines`, which is wrong
- highlight the examples
- link to the configuration docs for distributed builds
- builder -> build machine

Co-authored-by: Janik H <janik@aq0.de>
2024-02-13 14:13:56 +01:00
Valentin Gagarin
e37d502895
add instructions to wipe the substituter lookup cache (#9498)
* add instructions to wipe the substituter lookup cache
2024-02-13 13:34:51 +01:00
Anton Samokhvalov
64cbd4c05a
Update nar-info-disk-cache.cc
fix case when asserts are no-op, like in release build
2024-02-12 23:37:40 +03:00
John Ericson
5169f5f4d9
Apply suggestions from code review
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2024-02-12 12:01:54 -05:00
John Ericson
eb76b35efa Merge remote-tracking branch 'upstream/master' into store-path-complete-construction 2024-02-12 11:22:54 -05:00
Eelco Dolstra
a9b69b2fff builtin:{unpack-channel,buildenv}: Get output path from the derivation
Similar to 1ee42c5b88, get the "out"
path from the derivation (and complain if it doesn't exist), rather
than getting it from the environment.
2024-02-12 16:34:59 +01:00
Eelco Dolstra
619ca631d0 Fix "may be used uninitialized" warning 2024-02-12 15:29:48 +01:00
Eelco Dolstra
ec6ca6e42c
Merge pull request #9948 from obsidiansystems/no-canon-path-from-cwd
Get rid of `CanonPath::fromCwd`
2024-02-12 14:04:01 +01:00
pennae
ecf8b12d60 group inherit by source during Expr::show
for plain inherits this is really just a stylistic choice, but for
inherit-from it actually fixes an exponential size increase problem
during expr printing (as may happen during assertion failure reporting,
on during duplicate attr detection in the parser)
2024-02-12 13:58:29 +01:00
pennae
6c08fba533 use the same bindings print for ExprAttrs and ExprLet
this also has the effect of sorting let bindings lexicographically
rather than by symbol creation order as was previously done, giving a
better canonicalization in the process.
2024-02-12 13:35:00 +01:00
pennae
1f542adb3e add ExprAttrs::AttrDef::chooseByKind
in place of inherited() — not quite useful yet since we don't
distinguish plain and inheritFrom attr kinds so far.
2024-02-12 13:34:59 +01:00
pennae
c66ee57edc preserve information about whether/how an attribute was inherited 2024-02-12 13:32:33 +01:00
Eelco Dolstra
fb5a792280 runPostBuildHook(): Be less chatty
Don't spam the user with "running post-build-hook" messages. It's up
to the post-build hook if it has something interesting to say.
2024-02-09 15:55:24 +01:00
Rebecca Turner
8b7eb7400b
Enter debugger on builtins.trace with an option 2024-02-08 12:07:37 -08:00
Rebecca Turner
c0e7f50c1a
Rename hintfmt to HintFmt 2024-02-08 11:58:25 -08:00
Rebecca Turner
149bd63afb
Cleanup fmt.hh
When I started contributing to Nix, I found the mix of definitions and
names in `fmt.hh` to be rather confusing, especially the small
difference between `hintfmt` and `hintformat`. I've renamed many classes
and added documentation to most definitions.

- `formatHelper` is no longer exported.
- `fmt`'s documentation is now with `fmt` rather than (misleadingly)
  above `formatHelper`.
- `yellowtxt` is renamed to `Magenta`.

  `yellowtxt` wraps its value with `ANSI_WARNING`, but `ANSI_WARNING`
  has been equal to `ANSI_MAGENTA` for a long time. Now the name is
  updated.
- `normaltxt` is renamed to `Uncolored`.
- `hintfmt` has been merged into `hintformat` as extra constructor
  functions.
- `hintformat` has been renamed to `hintfmt`.
- The single-argument `hintformat(std::string)` constructor has been
  renamed to a static member `hintformat::interpolate` to avoid pitfalls
  with using user-generated strings as format strings.
2024-02-08 11:51:03 -08:00
Théophane Hufschmitt
1ba9780cf5
Merge pull request #9834 from 9999years/structured-errors
Towards structured error classes
2024-02-08 20:00:25 +01:00
Rebecca Turner
403c90ddf5
Extract printSpace helper 2024-02-08 10:18:12 -08:00
Rebecca Turner
1c5f5d4291
prettyPrint -> shouldPrettyPrint 2024-02-08 10:18:10 -08:00
Rebecca Turner
a27651908f
Add assertion for decreasing the indent
Co-authored-by: Théophane Hufschmitt <7226587+thufschmitt@users.noreply.github.com>
2024-02-08 10:11:45 -08:00
John Ericson
4687beecef Get rid of CanonPath::fromCwd
As discussed in the last Nix team meeting (2024-02-95), this method
doesn't belong because `CanonPath` is a virtual/ideal absolute path
format, not used in file systems beyond the native OS format for which a
"current working directory" is defined.

Progress towards #9205
2024-02-08 11:01:41 -05:00
Eelco Dolstra
6563a58294
Merge pull request #9964 from fricklerhandwerk/merge-format-sections
move JSON section into Formats and Protocols
2024-02-08 16:53:59 +01:00
Théophane Hufschmitt
a8050d9b83
Merge pull request #9928 from 9999years/error-messages-in-nix-repl
Improve error printing in `nix repl`
2024-02-08 16:21:13 +01:00
Théophane Hufschmitt
46a0625a40
Merge pull request #9929 from 9999years/dont-print-values-in-magenta
Don't print the first bracket in values in magenta in error messages
2024-02-08 10:56:18 +01:00
Théophane Hufschmitt
9b8b486091
Merge pull request #9933 from pennae/debugger-fix
fix debugger crashing while printing envs
2024-02-08 10:48:02 +01:00
Théophane Hufschmitt
acef4f17a2
Merge pull request #9918 from 9999years/debugger-locals-for-let-expressions
Expose locals from `let` expressions to the debugger
2024-02-08 10:17:55 +01:00
Théophane Hufschmitt
c4ed92fa6f
Merge pull request #9917 from 9999years/enter-debugger-more-reliably
Enter debugger more reliably in `let` expressions and function calls
2024-02-08 10:09:54 +01:00
Théophane Hufschmitt
fb78a99e04
Merge pull request #9924 from 9999years/rename-yellowtxt
Rename `yellowtxt` -> `magentatxt`
2024-02-08 10:01:30 +01:00
Théophane Hufschmitt
f388a6148d
Merge pull request #9919 from 9999years/reduce-debugger-clutter
Reduce visual clutter in the debugger
2024-02-08 09:42:38 +01:00
Théophane Hufschmitt
d24c8aa491
Simplify a conditional in the repl initialisation 2024-02-08 09:22:30 +01:00
Valentin Gagarin
e486b76eef move JSON section into Formats and Protocols 2024-02-08 09:13:58 +01:00
Rebecca Turner
9723f533d8
Add comment 2024-02-06 16:50:47 -08:00
Rebecca Turner
474fc4078a
Add comments 2024-02-06 16:49:28 -08:00
Rebecca Turner
c0a15fb7d0
Pretty-print values in the REPL
Pretty-print values in the REPL by printing each item in a list or
attrset on a separate line. When possible, single-item lists and
attrsets are printed on one line, as long as they don't contain a nested
list, attrset, or thunk.

Before:
```
{ attrs = { a = { b = { c = { }; }; }; }; list = [ 1 ]; list' = [ 1 2 3 ]; }
```

After:
```
{
  attrs = {
    a = {
      b = {
        c = { };
      };
    };
  };
  list = [ 1 ];
  list' = [
    1
    2
    3
  ];
}
```
2024-02-05 13:23:38 -08:00
Robert Hensing
a31f2cb0cd
Merge pull request #9939 from edolstra/slash-operator
CanonPath, SourcePath: Change operator + to /
2024-02-05 15:55:27 +01:00
Eelco Dolstra
a6737b7e17 CanonPath, SourcePath: Change operator + to /
This is less confusing and makes it more similar to std::filesystem::path.
2024-02-05 15:17:39 +01:00
Eelco Dolstra
c291d2d8dd
Merge pull request #9927 from 9999years/catch-error-in-value-printer
Catch `Error`, not `BaseError` in `ValuePrinter`
2024-02-05 15:01:21 +01:00
Eelco Dolstra
6ec08b85f6
Merge pull request #9934 from nmeum/absPath-out-of-bounds
absPath: Explicitly check if path is empty before accessing it
2024-02-05 14:44:02 +01:00
Eelco Dolstra
e190c20c33
Merge pull request #9926 from 9999years/fix-cycle-detection-in-nix-repl
Fix cycle detection in `nix repl`
2024-02-05 14:24:28 +01:00
pennae
5ccb06ee1b fix debugger crashing while printing envs
fixes #9932
2024-02-04 17:12:04 +01:00
Rodney Lorrimar
e1131b5927
print-dev-env: Avoid using unbound shellHook variable
Some tools which consume the "nix print-dev-env" rc script (such as
"nix-direnv") are sensitive to the use of unbound variables. They use
"set -u".

The "nix print-dev-env" rc script initially unsets "shellHook", then
loads variables from the derivation, and then evaluates "shellHook".
However, most derivations don't have a "shellHook" attribute.

So users get the error "shellHook: unbound variable". This can be
demonstrated with the command:

    nix print-dev-env nixpkgs#hello | bash -u

This commit changes the rc script to provide an empty fallback value
for the "shellHook" variable.

Closes: #7951 #8253
2024-02-04 13:57:13 +08:00
Rebecca Turner
770d2bc779
Key repeated values on attribute binding pointers, not value pointers
Closes #8672
2024-02-03 21:23:06 -08:00
Rebecca Turner
9646d62b0c
Don't print values in magenta
This fixes the opening bracket of lists/attrsets being printed in
magenta, unlike the closing bracket.

https://github.com/NixOS/nix/pull/9753#issuecomment-1904616088
2024-02-03 21:17:22 -08:00
Rebecca Turner
c5d525cd84
Print error messages but not traces
This makes output of values that include errors much cleaner.

Before:
```
nix-repl> { err = builtins.throw "uh oh!"; }
{ err = «error:
       … while calling the 'throw' builtin
         at «string»:1:9:
            1| { err = builtins.throw "uh oh!"; }
             |         ^

       error: uh oh!»; }
```

After:
```
nix-repl> { err = builtins.throw "uh oh!"; }
{ err = «error: uh oh!»; }
```

But if the whole expression throws an error, source locations and (if
applicable) a stack trace are printed, like you'd expect:

```
nix-repl> builtins.throw "uh oh!"
error:
       … while calling the 'throw' builtin
         at «string»:1:1:
            1| builtins.throw "uh oh!"
             | ^

       error: uh oh!
```
2024-02-03 20:50:16 -08:00
Rebecca Turner
a7927abdc1
Catch Error, not BaseError in ValuePrinter
`BaseError` includes `Interrupt`. We probably don't want the value
printer to tell you you pressed Ctrl-C while it was working.
2024-02-03 19:29:07 -08:00
Rebecca Turner
a7939a6c2a
Rename yellowtxt -> magentatxt
`yellowtxt` wraps its value with `ANSI_WARNING`, but `ANSI_WARNING` has
been equal to `ANSI_MAGENTA` for a long time. Now the name is updated.
2024-02-03 19:28:11 -08:00
Sören Tempel
ec5cc1026d absPath: Explicitly check if path is empty before accessing it
It is entirely possible for the path to be an empty string and many
unit tests actually pass it as an empty string (e.g. both_roundrip or
turnsEmptyPathIntoCWD). In this case, without this patch, absPath will
perform a one-byte out-of-bounds access.

This was discovered while enabling the nix test suite on Alpine where
we compile all software with `-D_GLIBCXX_ASSERTIONS=1`, thus resulting
in a test failure on Alpine.
2024-02-04 00:47:47 +01:00
Rebecca Turner
6414cd259e
Reduce visual clutter in the debugger 2024-02-02 19:58:35 -08:00
Rebecca Turner
36dfac7560
Expose locals from let expressions to the debugger 2024-02-02 19:31:18 -08:00
Rebecca Turner
0127d54d5e
Enter debugger more reliably in let expressions and calls 2024-02-02 19:14:22 -08:00
Rebecca Turner
016db2d10f
Add position information to while evaluating the attribute 2024-02-02 17:49:54 -08:00
Rebecca Turner
7d7483cafc
Print positions in --debugger, instead of pointers 2024-02-02 17:38:46 -08:00
Rebecca Turner
faaccecbc8
Remove EXCEPTION_NEEDS_THROW_SPEC
We're on C++ 20 now, we don't need this
2024-02-01 16:39:38 -08:00
Rebecca Turner
87dc4bc7d1
Attach positions to errors in derivationStrict 2024-02-01 16:39:38 -08:00
Rebecca Turner
c6a89c1a16
libexpr: Support structured error classes
While preparing PRs like #9753, I've had to change error messages in
dozens of code paths. It would be nice if instead of

    EvalError("expected 'boolean' but found '%1%'", showType(v))

we could write

    TypeError(v, "boolean")

or similar. Then, changing the error message could be a mechanical
refactor with the compiler pointing out places the constructor needs to
be changed, rather than the error-prone process of grepping through the
codebase. Structured errors would also help prevent the "same" error
from having multiple slightly different messages, and could be a first
step towards error codes / an error index.

This PR reworks the exception infrastructure in `libexpr` to
support exception types with different constructor signatures than
`BaseError`. Actually refactoring the exceptions to use structured data
will come in a future PR (this one is big enough already, as it has to
touch every exception in `libexpr`).

The core design is in `eval-error.hh`. Generally, errors like this:

    state.error("'%s' is not a string", getAttrPathStr())
      .debugThrow<TypeError>()

are transformed like this:

    state.error<TypeError>("'%s' is not a string", getAttrPathStr())
      .debugThrow()

The type annotation has moved from `ErrorBuilder::debugThrow` to
`EvalState::error`.
2024-02-01 16:39:38 -08:00
Rebecca Turner
c62c21e29a
Move PodIdx to pos-idx.hh and PosTable to pos-table.hh 2024-02-01 13:12:59 -08:00
Eelco Dolstra
b8b739e484 builtin:fetchurl: Get output hash info from the drv 2024-02-01 22:01:02 +01:00
Eelco Dolstra
1ee42c5b88 builtin:fetchurl: Ensure a fixed-output derivation
Previously we didn't check that the derivation was fixed-output, so
you could use builtin:fetchurl to impurely fetch a file.
2024-02-01 21:46:01 +01:00
John Ericson
dc439eaf23 Fill in missing markdown link dest 2024-02-01 11:20:19 -05:00
John Ericson
31881d651a Merge remote-tracking branch 'upstream/master' into overlayfs-store 2024-02-01 11:07:47 -05:00
Eelco Dolstra
ef6d055ace
Merge pull request #9896 from hercules-ci/tidy-tidy
Disable a slightly annoying clang-tidy check
2024-02-01 09:02:46 +01:00
Bryan Lai
8594f3cd5a libutil/url: fix git+file:./ parse error
Previously, the "file:./" prefix was not correctly recognized in
fixGitURL; instead, it was mistaken as a file path, which resulted in a
parsed url of the form "file://file:./".

This commit fixes the issue by properly detecting the "file:" prefix.
Note, however, that unlike "file://", the "file:./" URI is _not_
standardized, but has been widely used to referred to relative file
paths. In particular, the "git+file:./" did work for nix<=2.18, and was
broken since nix 2.19.0.

Finally, this commit fixes the issue completely for the 2.19 series, but
is still inadequate for the 2.20 series due to new behaviors from the
switch to libgit2. However, it does improve the correctness of parsing
even though it is not yet a complete solution.
2024-02-01 10:51:22 +08:00
Robert Hensing
0f2e9e6bd2 Typo 2024-02-01 01:01:04 +01:00
Robert Hensing
4072a8fea0
Merge pull request #9867 from hercules-ci/issue-912
#912 allow leading period
2024-01-31 19:10:59 +01:00
Robert Hensing
f1b4663805 Disallow store path names that are . or .. (plus opt. -)
As discussed in the maintainer meeting on 2024-01-29.

Mainly this is to avoid a situation where the name is parsed and
treated as a file name, mostly to protect users.
.-* and ..-* are also considered invalid because they might strip
on that separator to remove versions. Doesn't really work, but that's
what we decided, and I won't argue with it, because .-* probably
doesn't seem to have a real world application anyway.
We do still permit a 1-character name that's just "-", which still
poses a similar risk in such a situation. We can't start disallowing
trailing -, because a non-zero number of users will need it and we've
seen how annoying and painful such a change is.

What matters most is preventing a situation where . or .. can be
injected, and to just get this done.
2024-01-31 18:35:19 +01:00
John Ericson
caea7dcb7e Change an allowPath call to take a store path again
This looks like a revert of #5844, but is not.

That one was needed because
d90f9d4b99 (diff-0f59bb6f197822ef9f19ceae9624989499d170c84dfdc1f486a8959bb4588cafR85)
changed the type of the argument to `allowPath` from a `StorePath` to a
`Path`. But since
caabc4f648 (diff-0f59bb6f197822ef9f19ceae9624989499d170c84dfdc1f486a8959bb4588cafL100-R92),
it is a `StorePath` again.

I think this is worth changing because we want to be very careful about
`toRealPath` and the evaluator --- ideally the choice of real path does
not affect evaluation at all. So using it fewer times is better.
2024-01-31 11:44:06 -05:00
Eelco Dolstra
b36ff47e7c Resolve symlinks in a few more places
Fixes #9882.
2024-01-30 15:35:31 +01:00
Eelco Dolstra
9465c8cca1 nix hash convert: Add manpage 2024-01-29 17:51:01 +01:00
Eelco Dolstra
6f86f87043 Fix formatting of hash args 2024-01-29 17:50:25 +01:00
Robert Hensing
40254092dd
Merge pull request #9770 from hercules-ci/refactor-rename-derivation-isPure
Refactor rename derivation type `isPure`
2024-01-27 11:24:20 +01:00
Robert Hensing
9ddd0f2af8 Revert "StorePath: reject names starting with '.'"
This reverts commit 24bda0c7b3.
2024-01-27 11:18:03 +01:00
Robert Hensing
49b25ea85c refactor: Impure derivation type isPure -> isImpure
To quote the method doc:

Non-impure derivations can still behave impurely, to the degree permitted
by the sandbox. Hence why this method isn't `isPure`: impure derivations
are not the negation of pure derivations. Purity can not be ascertained
except by rather heavy tools.
2024-01-27 11:00:10 +01:00
John Ericson
b83a2fb6dd
Merge pull request #9776 from pennae/parser-refactor
Refactor the parser somewhat
2024-01-26 23:56:48 -05:00
John Ericson
365b831e6f
Minor formatting tweaks 2024-01-26 23:11:31 -05:00
John Ericson
1aec7771d4 Add missing #include for rlim_t
My local build in the shell was failing while CI was fine; not sure why
that is but having the include here is definitely more correct.

Per the POSIX spec, this is where it is supposed to be gotten
https://pubs.opengroup.org/onlinepubs/009695399/basedefs/sys/resource.h.html
2024-01-26 22:34:31 -05:00
Rebecca Turner
3a124d1e88
Increase stack size on macOS as well as Linux
The code works fine on macOS, but the default stack size we attempt to
set is larger than what my system will allow (Nix attempts to set the
stack size to 67108864, but the maximum allowed is 67092480), so I've
instead used the requested stack size or the maximum allowed, whichever
is smaller.

I've also added an error message if setting the stack size fails. It
looks like this:

> Failed to increase stack size from 8372224 to 67108864 (maximum
> allowed stack size: 67092480): Invalid argument
2024-01-26 09:40:41 -08:00
Valentin Gagarin
30bdee5c3b
update docs on fetchGit shallow clone behavior (#9704) 2024-01-26 17:26:08 +00:00
Théophane Hufschmitt
8df68a213f
Merge pull request #9849 from 13x1/patch-1
Fix typo in primops.cc (and therefore Nix docs)
2024-01-25 16:11:49 +01:00
lexi
08f38a3a40
Fix typo in primops.cc (and therefore Nix docs)
This also fixes the typo in the Nix docs at https://nixos.org/manual/nix/unstable/language/builtins.
2024-01-25 15:30:51 +01:00
John Ericson
a9e10a1dbd Make StoreConfig::getDefaultSystemFeatures a static method
This makes something in Hydra bit simpler. If someday the default
depends on the other config options, we can always change it back.
2024-01-24 21:34:31 -05:00
Robert Hensing
5b7bfd2d6b
Merge pull request #9754 from 9999years/print-value-when-coercion-fails
Print the value in `error: cannot coerce` messages
2024-01-24 12:48:39 +01:00
Théophane Hufschmitt
69d0ae27e3
Merge pull request #9841 from obsidiansystems/float-speed-factor
Convert `Machine::speedFactor` from a non-neg int to a non-neg float
2024-01-24 11:28:54 +01:00
John Ericson
1e24db6f9a Convert Machine::speedFactor from a non-neg int to a non-neg float
The short motivation is to match Hydra, so we can de-dup.

The long version is layed out in
https://github.com/NixOS/nix/issues/9840.
2024-01-24 01:03:07 -05:00
tomberek
1c260fa6d1
Merge pull request #9481 from iFreilicht/disallow-nix-search-without-search-terms
nix search: Disallow empty regex
2024-01-23 20:59:52 -05:00
tomberek
775d59f1fa
Merge pull request #8893 from 9999years/fix-8882
Log what `nix flake check` does
2024-01-23 20:38:23 -05:00
Rebecca Turner
83bb494a30
Print the value in error: cannot coerce messages
This extends the `error: cannot coerce a TYPE to a string` message
to print the value that could not be coerced. This helps with debugging
by making it easier to track down where the value is being produced
from, especially in errors with deep or unhelpful stack traces.
2024-01-23 15:15:41 -08:00
John Ericson
0aa85088de Factor out Machine::systemSupported
There's just enough logic (the `"builtin"` special case) that makes this
worthy of its own method.
2024-01-23 12:53:51 -05:00
John Ericson
870acc2892 Add API docs to Machine methods 2024-01-23 12:50:48 -05:00
John Ericson
739032762a Make Machine::systemTypes a set not vector
This is more conceptually correct (the order does not matter), and also
matches what Hydra already does.

(Nix and Hydra matching is needed for dedup
https://github.com/NixOS/hydra/issues/1164)
2024-01-23 12:30:26 -05:00
Eelco Dolstra
b6aee9a93f
Merge pull request #9833 from obsidiansystems/ssh-arg-split
Make `SSHMaster::startCommand` work on an args list
2024-01-23 14:34:41 +01:00
Robert Hensing
08bf2846df
Merge pull request #9653 from obsidiansystems/improve-parse-sink
Improve the `ParseSink` interface
2024-01-23 01:04:57 +01:00
John Ericson
6365bbfa81 Improve the FileSystemObjectSink interface
More invariants are enforced in the type, and less state needs to be
stored in the main sink itself. The method here is roughly that known as
"session types".

Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2024-01-22 18:01:21 -05:00
John Ericson
966d6fcd01 ParseSink -> FileSystemObjectSink
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2024-01-22 18:01:18 -05:00
John Ericson
b71673109c Make SSHMaster::startCommand work on an args list
This avoids split-on-whitespace errors:

- No more `bash -c` needed

- No more `shellEscape` needed

- `remote-program` ssh store setting also cleanly supports args (e.g.
  `nix daemon`)

- `ssh` uses `--` to separate args for SSH from args for the command to
  run.

and will help with Hydra dedup.

Some code taken from #6628.

Co-Authored-By: Alexander Bantyev <balsoft@balsoft.ru>
2024-01-22 17:46:57 -05:00
Maximilian Bosch
81499a0b93
libexpr: print value of what is attempted to be called as function
Low-hanging fruit in the spirit of #9753 and #9754 (means 9999years did
all the hard work already).

This basically prints out what was attempted to be called as function,
i.e.

  map (import <nixpkgs> {}) [ 1 2 3 ]

now gives the following error message:

    error:
           … while calling the 'map' builtin
             at «string»:1:1:
                1| map (import <nixpkgs> {}) [ 1 2 3 ]
                 | ^

           … while evaluating the first argument passed to builtins.map

           error: expected a function but found a set: { _type = "pkgs"; AAAAAASomeThingsFailToEvaluate = «thunk»; AMB-plugins = «thunk»; ArchiSteamFarm = «thunk»; BeatSaberModManager = «thunk»; CHOWTapeModel = «thunk»; ChowCentaur = «thunk»; ChowKick = «thunk»; ChowPhaser = «thunk»; CoinMP = «thunk»;  «18783 attributes elided»}
2024-01-22 22:41:42 +01:00
Robert Hensing
5f72a97092
Merge pull request #9753 from 9999years/print-value-on-type-error
Print the value in `value is X while a Y is expected` error
2024-01-22 22:18:16 +01:00
John Ericson
e960b28230 Factor our ServeProto::BasicServerConnection::handshake
We'll need this for unit testing.

Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2024-01-22 12:43:11 -05:00
John Ericson
4a5ca576da Factor out ServeProto::BasicClientConnection::handshake Hydra to share 2024-01-22 12:43:11 -05:00
John Ericson
4580bed3e4 LegacySSHStore::openConnection move more logic inside catch block
Broader error handling logic is more robust.
2024-01-22 12:43:11 -05:00
John Ericson
ce2f714e6d Start factoring out the serve protocol for Hydra to share
Factor out `ServeProto::BasicClientConnection` for Hydra to share

- `queryValidPaths`: Hydra uses the lock argument differently than Nix,
  so we un-hard-code it.

- `buildDerivationRequest`: Just the request half, as Hydra does some
  things between requesting and responding.

Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2024-01-22 12:43:03 -05:00
Rebecca Turner
cb7fbd4d83
Print value on type error
Adds the failing value to `value is <TYPE> while a <TYPE> is expected`
error messages.
2024-01-22 08:56:02 -08:00
John Ericson
316e50cc7c Fix if...if...else ambiguity
This can be parsed two ways. Add a pair of braces so it must be parsed
the intended way.
2024-01-22 10:33:40 -05:00
John Ericson
176dcd5c61
Merge pull request #9626 from jvns/locked-input
Make fetchTree locked input error message clearer
2024-01-22 09:31:59 -05:00
pennae
80b84710b8
Update src/libexpr/eval.cc
Co-authored-by: John Ericson <git@JohnEricson.me>
2024-01-22 15:15:53 +01:00
John Ericson
b2066c3574
Merge pull request #9521 from fricklerhandwerk/conf-reword-max-jobs
reword description of the `max-jobs` setting
2024-01-22 08:29:12 -05:00
Théophane Hufschmitt
c8d33bca8d
Merge pull request #9822 from obsidiansystems/algo-vs-hash-algo
Start standardizing hash algo flags
2024-01-22 11:08:24 +01:00
Théophane Hufschmitt
f51409cf98
Merge pull request #9805 from yshui/prefetch-unpack
Add --unpack to nix store prefetch-file
2024-01-22 10:51:50 +01:00
John Ericson
202c5e2afc Start standardizing hash algo flags
Do this if we want to do `--hash-algo` everywhere, and not `--algo` for
hash commands.

The new `nix hash convert` is updated. Deprecated new CLI commands are
left as-is (`nix hash path` needs to be redone and is also left as-is).
2024-01-20 17:29:35 -05:00
John Ericson
a93b204c27
Merge pull request #9348 from obsidiansystems/json-formats
Document JSON formats
2024-01-20 17:22:39 -05:00
John Ericson
edf3ecc497 Document JSON formats
Good to document these formats separately from commands that happen to
use them.

Eventually I would like this and `builtins.derivation` to refer to a
store section on derivations that is authoritative, but that doesn't yet
exist, and will take some time to make. So I think we're just best off
merging this now as is.

Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
2024-01-20 17:03:47 -05:00
Rebecca Turner
d75a5f427a
Print how many checks are run 2024-01-20 00:04:06 -08:00
Rebecca Turner
9404ce36e4
Print derivation paths
Also be more consistent with quotes around attribute paths
2024-01-20 00:04:05 -08:00
Rebecca Turner
49221493e2
Log what nix flake check does
There's still room for improvement, but this produces much more
informative output with `-v`:

```
$ nix flake check -v
evaluating flake...
checking flake output 'checks'...
checking derivation checks.aarch64-darwin.ghcid-ng-tests...
checking derivation checks.aarch64-darwin.ghcid-ng-clippy...
checking derivation checks.aarch64-darwin.ghcid-ng-doc...
checking derivation checks.aarch64-darwin.ghcid-ng-fmt...
checking derivation checks.aarch64-darwin.ghcid-ng-audit...
checking flake output 'packages'...
checking derivation packages.aarch64-darwin.ghcid-ng...
checking derivation packages.aarch64-darwin.ghcid-ng-tests...
checking derivation packages.aarch64-darwin.default...
checking flake output 'apps'...
checking flake output 'devShells'...
checking derivation devShells.aarch64-darwin.default...
running flake checks...
warning: The check omitted these incompatible systems: aarch64-linux, x86_64-darwin, x86_64-linux
Use '--all-systems' to check all.
```
2024-01-20 00:02:35 -08:00
John Ericson
356352c370 Add missing --hash-algo flag to nix store add 2024-01-19 23:11:18 -05:00
Robert Hensing
382fa51ff0
Merge pull request #9794 from hercules-ci/queryPathInfoFromClientCache
refactor: Extract `Store::queryPathInfoFromClientCache`
2024-01-19 17:33:52 +01:00
Robert Hensing
d19627e8b4 refactor: Remove throw from queryPathInfoFromClientCache
Return a value instead of throwing.

Rather than the more trivial refactor of wrapping the return value in
another std::optional, we retain the meaning of the outer optional:
"we know at least something."

So we have changed:
return nullopt    -> return nullopt
throw InvalidPath -> return make_optional(nullptr)
return vpi        -> return make_optional(vpi)
2024-01-19 17:01:19 +01:00
Robert Hensing
8983ee8b2e refactor: Un-callback transform Store::queryPathInfoFromClientCache
This part of the code was not necessarily callback based.
Removing CPS is always nice; particularly if there's no loss of
functionality, like here.
2024-01-19 17:01:19 +01:00
Yuxuan Shui
75a6e6dd0e Add --unpack to nix store prefetch-file 2024-01-19 15:53:45 +00:00
Théophane Hufschmitt
10165c7593
Merge pull request #9811 from DavHau/fix-git-auth
fetchTree/fetchGit: re-enable shallow fetching
2024-01-19 16:14:41 +01:00
John Ericson
57d6284eb7
Merge pull request #9812 from NixOS/remove-n-shorthand-for---mode
Remove a nonsensical shorthand flag in `nix store add`
2024-01-19 08:34:43 -05:00
DavHau
bc00fa4647 fetchTree/fetchGit: re-enable shallow fetching
Add several tests for git fetching:
- shallow-cache-separation: can fetch the same repo shallowly and non-shallowly
- shallow-ignore-ref: ensure that ref gets ignored when shallow=true is set
- ssh-shallow: can fetch a git repo via ssh using shallow=1
2024-01-19 20:30:47 +07:00
Robert Hensing
d762caff46
Merge pull request #9806 from hercules-ci/fix-git-auth
Fix git auth
2024-01-19 13:47:52 +01:00
Théophane Hufschmitt
28d7db249a
Remove a nonsensical shorthand flag in nix store add
`-n` was an alias for `--mode`, but that seems to just be a copy-paste error as it doesn't make sense.
`--mode` probably doesn't need a shorthand flag at all, so remove it.

Noticed in https://github.com/NixOS/nix/pull/9809#issuecomment-1899890555
2024-01-19 10:10:00 +01:00
John Ericson
a34ec0bd12 Include store path exact spec in the docs
This is niche, but deserves to be in the manual because it is describing
behavior visible to the outside world, not mere implementation details.
2024-01-18 22:19:14 -05:00
Robert Hensing
8d422c2fef Revert libgit2 fetching
libgit2 is not capable of using git-credentials helpers yet.
This prevents private repositories from being used.

Based on code that was replaced in https://github.com/NixOS/nix/pull/9240
(Introduce libgit2); hence:

Co-authored-by: Eelco Dolstra <edolstra@gmail.com>
2024-01-18 22:29:26 +01:00
Robert Hensing
76a50b3a69 doc: GitRepoImpl::path 2024-01-18 22:29:26 +01:00
Eelco Dolstra
dca0a80240 copyStorePath(): Bail out early if the store path already exists
In rare cases (e.g. when using allowSubstitutes = false), it's
possible that we simultaneously have a DerivationGoal *and* a
SubstitutionGoal building the same path. So if a DerivationGoal
already built the path while the SubstitutionGoal was waiting for a
download slot, it saves us a superfluous download to exit early.
2024-01-18 17:19:15 +01:00
Eelco Dolstra
a18d8d688a LocalStore::addToStore(): Ignore exceptions from parseDump()
In the "discard" case (i.e. when the store path already exists
locally), when we call parseDump() from a Finally and it throws an
exception (e.g. if the download of the NAR fails), Nix crashes:

   terminate called after throwing an instance of 'nix::SubstituteGone'
     what():  error: file 'nar/06br3254rx4gz4cvjzxlv028jrx80zg5i4jr62vjmn416dqihgr7.nar.xz' does not exist in binary cache 'http://localhost'
   Aborted (core dumped)
2024-01-18 17:19:15 +01:00
Eelco Dolstra
ab786e22f1 Show what goal is waiting for a build slot 2024-01-18 17:19:15 +01:00
Théophane Hufschmitt
e652322a61
Merge pull request #9799 from obsidiansystems/push-add-to-store-from-dump-unsupported-down
Push `addToStoreFromDump` `unsupported(...)` down `Store` class hierarchy
2024-01-18 16:54:44 +01:00
Eelco Dolstra
32706b14a7
Merge pull request #9798 from edolstra/remote-store-eof
Print a more helpful message if the daemon crashes
2024-01-18 15:47:59 +01:00
Eelco Dolstra
1fe8f54bd3 Use BackedStringView 2024-01-18 15:27:57 +01:00
Théophane Hufschmitt
28674247ec
Merge pull request #9787 from obsidiansystems/bind-proc-syserror
`bind`: give same treatment as `connect` in #8544, dedup
2024-01-18 09:34:15 +01:00
John Ericson
574db83504 Push addToStoreFromDump unsupported(...) down Store class hierarchy
Instead of having it be the default method in `Store` itself, have it be
the implementation in `DummyStore` and `LegacySSHStore`. Then just the
implementations which fail to provide the method pay the "penalty" of
dealing with the icky `unimplemented` function for non-compliance.

Picks up where #8217. Getting close to no `unsupported` in the `Store`
interface itself!

More progress on issue #5729.
2024-01-17 23:46:03 -05:00
John Ericson
3016e67c21 bind: give same treatment as connect in #8544, dedup
It is good to propagate the underlying error so whether or not we use a
process to deal with path length issues is not observable.

Also, as these wrapper functions got more and more complex, the code
duplication got worse and worse. The new `bindConnectProcHelper`
function deduplicates them.
2024-01-17 23:35:08 -05:00
Eelco Dolstra
a3cf27ca47 Print a more helpful message if the daemon crashes
Instead of

   error: unexpected end-of-file

you now get

   error: Nix daemon disconnected unexpectedly (maybe it crashed?)
2024-01-17 22:54:02 +01:00
Eelco Dolstra
39ab50f9ee Store::buildPaths(): Fix display of store paths
This was broken in 7ac39ff05c.
2024-01-17 21:41:37 +01:00
Robert Hensing
d0a284284b refactor: Extract simply, awkwardly Store::queryPathInfoFromClientCache
This is useful for determining quickly which substituters to query.

An alternative would be for users to invoke the narinfo cache db directly,
so why do we need this change?

 - It is easier to use. I believe Nix itself should also use it.

 - This way, the narinfo cache db remains an implementation detail.

 - Callers get to use the in-memory cache as well.
2024-01-17 17:54:19 +01:00
Robert Hensing
2a3c5e6b8b
Merge pull request #9480 from NixOS/libfetchers-git-exportIgnore
libfetchers/git: Support export-ignore
2024-01-16 23:03:46 +01:00
Robert Hensing
01271f2996
Merge pull request #9786 from hercules-ci/package
DerivationInfo -> PackageInfo
2024-01-16 22:43:14 +01:00
Jacek Galowicz
8ae3aeec94 Don't use std::make_unique right before release 2024-01-16 17:00:46 +00:00
Jacek Galowicz
9d9f42cc38 Remove C-style casts 2024-01-16 17:00:46 +00:00
Jacek Galowicz
d11d7849f7 Use ChildWrapperFunction type and make casts more explicit 2024-01-16 17:00:46 +00:00
Jacek Galowicz
c924147c9d Drop parentheses from thunks 2024-01-16 17:00:46 +00:00
Jacek Galowicz
1885d579db Improve String Handling 2024-01-16 17:00:46 +00:00
Jacek Galowicz
0bc66e529f Use npos member variables instead of full type 2024-01-16 15:17:57 +00:00
Robert Hensing
ea6aa5ffd8 Package{,Info}: comments 2024-01-16 15:44:02 +01:00
Robert Hensing
65255edc9b DerivationInfo -> PackageInfo
This does not yet resolve the coupling between packages and
derivations, but it makes the code more consistent with the
terminology, and it accentuates places where the coupling is
obvious, such as

         auto drvPath = packageInfo.queryDrvPath();
         if (!drvPath)
             throw Error("'%s' is not a derivation", what());

... which isn't wrong, and in my opinion, doesn't even look
wrong, because it just reflects the current logic.
However, I do like that we can now start to see in the code that
this coupling is perhaps a bit arbitrary.
After this rename, we can bring the DerivingPath concept into type
and start to lift this limitation.
2024-01-16 15:28:03 +01:00
Eelco Dolstra
d005bade7f connect(): Propagate errno from the child process
This is necessary on macOS since addTempRoot() relies on errno.
2024-01-16 15:26:17 +01:00
Eelco Dolstra
0b1d93d2ba Sleep a bit between attempts to connect to the root server 2024-01-16 15:26:17 +01:00
Eelco Dolstra
302625e83b Merge remote-tracking branch 'origin/master' into handle-missing-gc-socket 2024-01-16 13:18:58 +01:00
Robert Hensing
b2deff1947
Merge pull request #9747 from awakesecurity/mz/fix-quadratic-splitString
Fix performance of builtins.substring for empty substrings
2024-01-16 12:18:59 +01:00
pennae
09a1128d9e don't repeatedly look up ast internal symbols
these symbols are used a *lot*, so it makes sense to cache them. this
mostly increases clarity of the code (however clear one may wish to call
the parser desugaring here), but it also provides a small performance
benefit.
2024-01-15 16:52:18 +01:00
pennae
b596cc9e79 decouple parser and EvalState
there's no reason the parser itself should be doing semantic analysis
like bindVars. split this bit apart (retaining the previous name in
EvalState) and have the parser really do *only* parsing, decoupled from
EvalState.
2024-01-15 16:52:18 +01:00
pennae
e1aa585964 slim down parser.y
most EvalState and Expr members defined here could be elsewhere, where
they'd be easier to maintain (not being embedded in a file with arcane
syntax) and *somewhat* more faithfully placed according to the path of
the file they're defined in.
2024-01-15 16:52:18 +01:00
pennae
835a6c7bcf rename ParserState::{makeCurPos -> at}
most instances of this being used do not refer to the "current"
position, sometimes not even to one reasonably close by. it could also
be called `makePos` instead, but `at` seems clear in context.
2024-01-15 16:52:18 +01:00
pennae
0076056164 move ParseData to own header, rename to ParserState
ParserState better describes what this struct really is. the parser
really does modify its state (most notably position and symbol tables),
so calling it that rather than obliquely "data" (which implies being
input only) makes sense.
2024-01-15 16:52:18 +01:00
pennae
1b09b80afa make parser utility functions members of ParseData
all of them need access to parser state in some way. make them members
to allow this without fussing so much.
2024-01-15 16:52:18 +01:00
pennae
e8d9de967f simplify parse error reporting
since nix doesn't use the bison `error` terminal anywhere any invocation
of yyerror will immediately cause a failure. since we're *already*
leaking tons of memory whatever little bit bison allocates internally
doesn't much matter any more, and we'll be replacing the parser soon anyway.

coincidentally this now also matches the error behavior of URIs when
they are disabled or ~/ paths in pure eval mode, duplicate attr
detection etc.
2024-01-15 16:52:18 +01:00
pennae
f07388bf98 remove ParserFormals
this is a proper subset of Formals anyway, so let's just use those and
avoid the extra allocations and moves.
2024-01-15 16:52:18 +01:00
John Ericson
beed00c04e absPath: just take a std::string_view
1. Slightly more efficient

2. Easier to call

Co-authored-by: Cole Helbling <cole.e.helbling@outlook.com>
2024-01-15 08:21:54 -05:00
Robert Hensing
268c49264a
Merge pull request #9763 from L-as/avoid-unnecessary-copy
Avoid unnecessary copy of goal log
2024-01-15 08:32:03 +01:00
Las Safin
f61d951909
Avoid unnecessary copy of goal log
The data was (accidentally?) copied into a std::string,
even though the string is immediately converted into a std::string_view.
The code has been changed to construct a std::string_view directly,
such that one copy less happens.
2024-01-13 19:32:37 +00:00
John Ericson
e739a5002d Avoid Windows macros in the parser and lexer
`FLOAT`, `INT`, and `IN` are identifers taken by macros.

The name `IN_KW` is chosen to match `OR_KW`, which is presumably named
that way for the same reason of dodging macros.
2024-01-12 19:51:36 -05:00
Robert Hensing
15f7bdaf27 CanonPath: Add rel_c_str()
Defensively because isRoot() is also defensive.
2024-01-12 22:55:37 +01:00
John Ericson
c58da62a06
Merge pull request #9737 from obsidiansystems/sys-error-split
Separate `SystemError` from `SysError`
2024-01-12 12:41:36 -05:00
John Ericson
6208ca7209 Separate SystemError from SysError
Most of this is a `catch SysError` -> `catch SystemError` sed. This
is a rather pure-churn change I would like to get out of the way. **The
intersting part is `src/libutil/error.hh`.**

On Unix, we will only throw the `SysError` concrete class, which has
the same constructors that `SystemError` used to have.

On Windows, we will throw `WinError` *and* `SysError`. `WinError`
(which will be created in a later PR), will use a `DWORD` instead of
`int` error value, and `GetLastError()`, which is the Windows equivalent
of the `errno` machinery. Windows will *also* use `SysError` because
Window's "libc" (MSVCRT) implements the POSIX interface, and we use it
too.

As the docs describe, while we *throw* one of the 3 choices above (2
concrete classes or the alias), we should always *catch* `SystemError`.
This ensures no matter how the implementation changes for Windows (e.g.
between `SysError` and `WinError`) the catching logic stays the same
and stays correct.

Co-Authored-By volth <volth@volth.com>
Co-Authored-By Eugene Butler <eugene@eugene4.com>
2024-01-12 12:00:33 -05:00
Mel Zuser
25c889baac Fix performance of builtins.substring for empty substrings
When returning a 0-length substring, avoid calling coerceToString,
since it returns a string_view with the string's length, which is
expensive to compute for large strings.
2024-01-12 08:37:04 -08:00
Robert Hensing
274d887fee fetchTree/git: Cache export-ignore filter 2024-01-12 17:18:56 +01:00
Robert Hensing
d80c582b78 libfetchers: Add CachingFilteringInputAccessor
Co-authored-by: Eelco Dolstra <edolstra@gmail.com>
2024-01-12 17:16:59 +01:00
Eelco Dolstra
52f949bbf5
Merge pull request #9656 from edolstra/nix-profile-stable-names
Make profile element names stable
2024-01-12 16:59:36 +01:00
Robert Hensing
f68ad5acbb fetchTree/git: Don't expose exportIgnore attr 2024-01-12 16:05:36 +01:00
Robert Hensing
469cf263c7 Format 2024-01-12 15:31:53 +01:00
Robert Hensing
692e9197bc fetchTree: Disallow combination of submodules and exportIgnore for now 2024-01-12 15:31:53 +01:00
Robert Hensing
99bd12f0b1 fetchGit/fetchTree: Improve exportIgnore, submodule interaction
Also fingerprint and some preparatory improvements.

Testing is still not up to scratch because lots of logic is duplicated
between the workdir and commit cases.
2024-01-12 15:31:53 +01:00
Robert Hensing
1bbe837184 fetchTree: Add isFetchGit exportIgnore 2024-01-12 15:31:53 +01:00
Robert Hensing
7774eff10e libfetchers/git: Move workdir accessor into GitRepo::getAccessor 2024-01-12 15:31:53 +01:00
Robert Hensing
8024b954d7 fetchTree: Recommend against exportIgnore 2024-01-12 15:31:53 +01:00
Robert Hensing
467c62a96e GitRepoImpl: Move exportIgnore into a filtering accessor 2024-01-12 15:31:53 +01:00
Robert Hensing
cd5e752fa7 GitRepoImpl::getSubmodules: Access getSubmoduleRev without cast
This will be needed because the accessor will be wrapped, and therefore
not be an instance of GitInputAccessor anymore.
2024-01-12 15:31:53 +01:00
Robert Hensing
f6b1d15580 MakeNotAllowedError: Touch up doc 2024-01-12 15:31:53 +01:00
Robert Hensing
1c6bb609af fetchTree: allow larger output attrsets
Intentionally dumb change ahead of architectural improvements.
2024-01-12 15:31:53 +01:00
Robert Hensing
ce6d58a97c git fetcher: Add exportIgnore parameter
Enabled for fetchGit, which historically had this behavior,
among other behaviors we do not want in fetchGit.

fetchTree disables this parameter by default. It can choose the
simpler behavior, as it is still experimental.

I am not confident that the filtering implementation is future
proof. It should reuse a source filtering wrapper, which I believe
Eelco has already written, but not merged yet.
2024-01-12 15:31:52 +01:00
Eelco Dolstra
0d55d660d5
Merge pull request #8043 from bobvanderlinden/pr-shell-env
nix: develop: use SHELL from rc script
2024-01-12 13:42:42 +01:00
Eelco Dolstra
e21b3cf9db Merge remote-tracking branch 'origin/master' into nix-profile-stable-names 2024-01-12 13:36:27 +01:00
Eelco Dolstra
7c6f093abc .data() -> .c_str() to be on the safe side 2024-01-12 13:00:53 +01:00
Eelco Dolstra
66bd1b0298 Merge remote-tracking branch 'origin/master' into pr-shell-env 2024-01-12 12:56:26 +01:00
Eelco Dolstra
3e23759834 gc-non-blocking.sh: Add explanation
Also name the _NIX_TEST_GC_SYNC environment variables logically.
2024-01-12 12:38:55 +01:00
Eelco Dolstra
5703c31325 Merge remote-tracking branch 'origin/master' into handle-missing-gc-socket 2024-01-12 12:26:25 +01:00
Rebecca Turner
df84dd4d8d
Restore ambiguous value printer for nix-instantiate
The Nix team has requested that this output format remain unchanged.
I've added a warning to the man page explaining that `nix-instantiate
--eval` output will not parse correctly in many situations.
2024-01-11 16:34:36 -08:00
Rebecca Turner
0fa08b4516
Unify and refactor value printing
Previously, there were two mostly-identical value printers -- one in
`libexpr/eval.cc` (which didn't force values) and one in
`libcmd/repl.cc` (which did force values and also printed ANSI color
codes).

This PR unifies both of these printers into `print.cc` and provides a
`PrintOptions` struct for controlling the output, which allows for
toggling whether values are forced, whether repeated values are tracked,
and whether ANSI color codes are displayed.

Additionally, `PrintOptions` allows tuning the maximum number of
attributes, list items, and bytes in a string that will be displayed;
this makes it ideal for contexts where printing too much output (e.g.
all of Nixpkgs) is distracting. (As requested by @roberth in
https://github.com/NixOS/nix/pull/9554#issuecomment-1845095735)

Please read the tests for example output.

Future work:
- It would be nice to provide this function as a builtin, perhaps
  `builtins.toStringDebug` -- a printing function that never fails would
  be useful when debugging Nix code.
- It would be nice to support customizing `PrintOptions` members on the
  command line, e.g. `--option to-string-max-attrs 1000`.
2024-01-11 16:34:36 -08:00
Rebecca Turner
c9125603a5
Unindent print.hh declarations 2024-01-11 16:07:01 -08:00
John Ericson
84502674f8
Merge pull request #9736 from obsidiansystems/mingw-makefiles
Some small Makefile improvements to prepare for Windows support
2024-01-11 10:58:55 -05:00
John Ericson
113499d16f
Merge pull request #9634 from 9999years/combine-abstract-pos-and-pos
Combine `AbstractPos`, `PosAdapter`, and `Pos`
2024-01-11 10:47:27 -05:00
John Ericson
423484ad26 Only link with -pthread on Unix
We don't want this with MinGW.
2024-01-10 20:38:39 -05:00
John Ericson
f9e5eb5f0a Make indentation in makesfiles consistent
Tab (as required) for rules, two spaces for `if`...`endif`.
2024-01-10 20:26:34 -05:00
John Ericson
2cea88dbc8 Improve build sytem support for readline instead of editline
Changes:

- CPP variable is now `USE_READLINE` not `READLINE`

- `configure.ac` supports with new CLI flag

- `package.nix` supports with new configuration option

- `flake.nix` CIs this (along with no markdown)

Remove old Ubuntu 16.04 stop-gap too, as that is now quite old.

Motivation:

- editline does not build for Windows, but readline *should*. (I am
  still working on this in Nixpkgs at this time, however. So there will
  be a follow-up Nix PR removing the windows-only skipping of the
  readline library once I am done.)

- Per
  https://salsa.debian.org/debian/nix/-/blob/master/debian/rules?ref_type=heads#L27
  and #2551, Debian builds Nix with readline. Now we better support and
  CI that build configuration.

This is picking up where #2551 left off, ensuring we test a few more
things not merely have CPP for them.

Co-authored-by: Weijia Wang <9713184+wegank@users.noreply.github.com>
2024-01-09 16:56:55 -05:00
Eelco Dolstra
b91c935c2f
Merge pull request #9648 from cole-h/nix-shell-ordering
nix shell: reflect command line order in PATH order
2024-01-09 19:00:33 +01:00
John Ericson
fa2a27d720
Merge pull request #9710 from wegank/disable-lowdown
Make lowdown optional
2024-01-08 15:13:45 -05:00
Weijia Wang
bbd0a959e1 Make lowdown optional
Co-authored-by: John Ericson <John.Ericson@Obsidian.Systems>
2024-01-08 20:37:42 +01:00
Rebecca Turner
4feb7d9f71
Combine AbstractPos, PosAdapter, and Pos
Also move `SourcePath` into `libutil`.

These changes allow `error.hh` and `error.cc` to access source path and
position information, which we can use to produce better error messages
(for example, we could consider omitting filenames when two or more
consecutive stack frames originate from the same file).
2024-01-08 10:59:41 -08:00
John Ericson
ff6de4a9ee
Merge pull request #9662 from shlevy/flat-fixed-references-assert
Improve error message for fixed-outputs with references.
2024-01-08 10:46:37 -05:00
Eelco Dolstra
faf87b51f7
Show why GC socket connection was refused
Co-authored-by: John Ericson <git@JohnEricson.me>
2024-01-08 14:14:36 +01:00
Shea Levy
eeb2f083c5
Improve error message for fixed-outputs with references.
This codepath is possible, e.g. with a dockerTools.pullImage of an image with a Nix store.
2024-01-07 07:32:31 -05:00
Eelco Dolstra
359990dfdc
Merge pull request #9324 from 9999years/fix-8854-take-2
Don't attempt to `git add` ignored files
2024-01-05 14:57:32 +01:00
Eelco Dolstra
dedbbbb451
Merge pull request #9670 from DavHau/log-lines
saner default for log-lines: change to 25
2024-01-05 14:39:50 +01:00
Eelco Dolstra
965cfe9688
Merge pull request #9687 from edolstra/withFramedSink-ctrl-c-hang
withFramedSink(): Receive interrupts on the stderr thread
2024-01-04 17:05:18 +01:00
John Ericson
12bb8cdd38 Signer infrastructure: Prep for #9076
This sets up infrastructure in libutil to allow for signing other than
by a secret key in memory. #9076 uses this to implement remote signing.

(Split from that PR to allow reviewing in smaller chunks.)

Co-Authored-By: Raito Bezarius <masterancpp@gmail.com>
2024-01-03 16:13:55 -05:00
Eelco Dolstra
295a2ff8bd Make some more threads receive interrupts
Shouldn't hurt to do this. In particular, this should speed up
shutting down the PathSubstitutionGoal thread if it's copying from a
remote store.
2024-01-03 19:30:02 +01:00
Eelco Dolstra
24e70489e5 withFramedSink(): Receive interrupts on the stderr thread
Otherwise Nix deadlocks when Ctrl-C is received in withFramedSink():
the parent thread will wait forever for the stderr thread to shut
down.

Fixes the hang reported in https://github.com/NixOS/nix/issues/7245#issuecomment-1770560923.
2024-01-03 19:14:50 +01:00
Eelco Dolstra
315aade89d
Merge pull request #9681 from edolstra/eval-optimisations
Optimize empty list constants
2024-01-03 10:43:01 +01:00
Eelco Dolstra
484881f302 Move empty list constant 2024-01-03 10:23:27 +01:00
John Ericson
2b20f36f95 Fix NetBSD build
There was still a mistake after my earlier
a7115a47ef and
e13fc0bbdb. This finally gets it right.
2024-01-02 12:33:51 -05:00
Eelco Dolstra
3f796514b3 Optimize empty list constants
This avoids a Value allocation for empty list constants. During a `nix
search nixpkgs`, about 82% of all thunked lists are empty, so this
removes about 3 million Value allocations.

Performance comparison on `nix search github:NixOS/nixpkgs/e1fa12d4f6c6fe19ccb59cac54b5b3f25e160870 --no-eval-cache`:

maximum RSS:        median = 3845432.0000  mean = 3845432.0000  stddev =      0.0000  min = 3845432.0000  max = 3845432.0000  [rejected?, p=0.00000, Δ=-70084.00000±0.00000]
soft page faults:   median = 965395.0000  mean = 965394.6667  stddev =      1.1181  min = 965392.0000  max = 965396.0000  [rejected?, p=0.00000, Δ=-17929.77778±38.59610]
system CPU time:    median =      1.8029  mean =      1.7702  stddev =      0.0621  min =      1.6749  max =      1.8417  [rejected, p=0.00064, Δ=-0.12873±0.09905]
user CPU time:      median =     14.1022  mean =     14.0633  stddev =      0.1869  min =     13.8118  max =     14.3190  [not rejected, p=0.03006, Δ=-0.18248±0.24928]
elapsed time:       median =     15.8205  mean =     15.8618  stddev =      0.2312  min =     15.5033  max =     16.1670  [not rejected, p=0.00558, Δ=-0.28963±0.29434]
2024-01-02 12:49:11 +01:00
Eelco Dolstra
3f834f5c64
Merge pull request #9657 from edolstra/fix-getNameFromURL
getNameFromURL(): Support uppercase characters in attribute names
2024-01-02 12:48:17 +01:00
Robert Hensing
83f5622545
Merge pull request #9658 from pennae/env-diet
reduce the size of Env by one pointer
2023-12-31 13:57:16 +01:00
Robert Hensing
3511430902
Merge pull request #9673 from pennae/drv-parse-opts
optimize derivation parsing
2023-12-31 13:49:03 +01:00
pennae
1fe66852ff reduce the size of Env by one pointer
since `up` and `values` are both pointer-aligned the type field will
also be pointer-aligned, wasting 48 bits of space on most machines. we
can get away with removing the type field altogether by encoding some
information into the `with` expr that created the env to begin with,
reducing the GC load for the absolutely massive amount of single-entry
envs we create for lambdas. this reduces memory usage of system eval by
quite a bit (reducing heap size of our system eval from 8.4GB to 8.23GB)
and gives similar savings in eval time.

running `nix eval --raw --impure --expr 'with import <nixpkgs/nixos> {}; system'`

before:

  Time (mean ± σ):      5.576 s ±  0.003 s    [User: 5.197 s, System: 0.378 s]
  Range (min … max):    5.572 s …  5.581 s    10 runs

after:

  Time (mean ± σ):      5.408 s ±  0.002 s    [User: 5.019 s, System: 0.388 s]
  Range (min … max):    5.405 s …  5.411 s    10 runs
2023-12-30 18:55:13 +01:00
pennae
c62686a95b reduce copies during drv parsing
many paths need not be heap-allocated, and derivation env name/valye
pairs can be moved into the map.

before:

Benchmark 1: nix eval --raw --impure --expr 'with import <nixpkgs/nixos> {}; system'
  Time (mean ± σ):      6.883 s ±  0.016 s    [User: 5.250 s, System: 1.424 s]
  Range (min … max):    6.860 s …  6.905 s    10 runs

after:

Benchmark 1: nix eval --raw --impure --expr 'with import <nixpkgs/nixos> {}; system'
  Time (mean ± σ):      6.868 s ±  0.027 s    [User: 5.194 s, System: 1.466 s]
  Range (min … max):    6.828 s …  6.913 s    10 runs
2023-12-30 18:44:15 +01:00
pennae
02c64abf1e use translation table for drv string parsing
the table is very small compared to cache sizes and a single indexed
load is faster than three comparisons.

before:

Benchmark 1: nix eval --raw --impure --expr 'with import <nixpkgs/nixos> {}; system'
  Time (mean ± σ):      6.907 s ±  0.012 s    [User: 5.272 s, System: 1.429 s]
  Range (min … max):    6.893 s …  6.926 s    10 runs

after:

Benchmark 1: nix eval --raw --impure --expr 'with import <nixpkgs/nixos> {}; system'
  Time (mean ± σ):      6.883 s ±  0.016 s    [User: 5.250 s, System: 1.424 s]
  Range (min … max):    6.860 s …  6.905 s    10 runs
2023-12-30 18:44:15 +01:00
pennae
79d3d412ca optimize derivation string parsing
a bunch of derivation strings contain no escape sequences. we can
optimize for this fact by first scanning for the end of a derivation
string and simply returning the contents unmodified if no escape
sequences were found. to make this even more efficient we can also use
BackedStringViews to avoid copies, avoiding heap allocations for
transient data.

before:

Benchmark 1: nix eval --raw --impure --expr 'with import <nixpkgs/nixos> {}; system'
  Time (mean ± σ):      6.952 s ±  0.015 s    [User: 5.294 s, System: 1.452 s]
  Range (min … max):    6.926 s …  6.974 s    10 runs

after:

Benchmark 1: nix eval --raw --impure --expr 'with import <nixpkgs/nixos> {}; system'
  Time (mean ± σ):      6.907 s ±  0.012 s    [User: 5.272 s, System: 1.429 s]
  Range (min … max):    6.893 s …  6.926 s    10 runs
2023-12-30 18:44:10 +01:00
Rebecca Turner
7434caca05
Fix segfault on infinite recursion in some cases
This fixes a segfault on infinite function call recursion (rather than
infinite thunk recursion) by tracking the function call depth in
`EvalState`.

Additionally, to avoid printing extremely long stack traces, stack
frames are now deduplicated, with a `(19997 duplicate traces omitted)`
message. This should only really be triggered in infinite recursion
scenarios.

Before:

    $ nix-instantiate --eval --expr '(x: x x) (x: x x)'
    Segmentation fault: 11

After:

    $ nix-instantiate --eval --expr '(x: x x) (x: x x)'
    error: stack overflow

           at «string»:1:14:
                1| (x: x x) (x: x x)
                 |              ^

    $ nix-instantiate --eval --expr '(x: x x) (x: x x)' --show-trace
    error:
           … from call site
             at «string»:1:1:
                1| (x: x x) (x: x x)
                 | ^

           … while calling anonymous lambda
             at «string»:1:2:
                1| (x: x x) (x: x x)
                 |  ^

           … from call site
             at «string»:1:5:
                1| (x: x x) (x: x x)
                 |     ^

           … while calling anonymous lambda
             at «string»:1:11:
                1| (x: x x) (x: x x)
                 |           ^

           … from call site
             at «string»:1:14:
                1| (x: x x) (x: x x)
                 |              ^

           (19997 duplicate traces omitted)

           error: stack overflow
           at «string»:1:14:
                1| (x: x x) (x: x x)
                 |              ^
2023-12-29 22:16:44 -08:00
pennae
2cfc4ace35 malloc/memset even less
more buffers that can be uninitialized and on the stack. small
difference, but still worth doing.

before:

Benchmark 1: nix eval --raw --impure --expr 'with import <nixpkgs/nixos> {}; system'
  Time (mean ± σ):      6.963 s ±  0.011 s    [User: 5.330 s, System: 1.421 s]
  Range (min … max):    6.943 s …  6.974 s    10 runs

after:

Benchmark 1: nix eval --raw --impure --expr 'with import <nixpkgs/nixos> {}; system'
  Time (mean ± σ):      6.952 s ±  0.015 s    [User: 5.294 s, System: 1.452 s]
  Range (min … max):    6.926 s …  6.974 s    10 runs
2023-12-30 00:45:11 +01:00
pennae
99a691c8a1 don't use istreams in hot paths
istream sentry objects are very expensive for single-character
operations, and since we don't configure exception masks for the
istreams used here they don't even do anything. all we need is
end-of-string checks and an advancing position in an immutable memory
buffer, both of which can be had for much cheaper than istreams allow.

the effect of this change is most apparent on empty stores.

before:

Benchmark 1: nix eval --raw --impure --expr 'with import <nixpkgs/nixos> {}; system'
  Time (mean ± σ):      7.167 s ±  0.013 s    [User: 5.528 s, System: 1.431 s]
  Range (min … max):    7.147 s …  7.182 s    10 runs

after:

Benchmark 1: nix eval --raw --impure --expr 'with import <nixpkgs/nixos> {}; system'
  Time (mean ± σ):      6.963 s ±  0.011 s    [User: 5.330 s, System: 1.421 s]
  Range (min … max):    6.943 s …  6.974 s    10 runs
2023-12-30 00:45:10 +01:00
DavHau
b6313f64f7 saner default for log-lines: change to 25
This seems to be a much saner default. 10 lines are just not enough in so many cases.
2023-12-27 19:57:27 +07:00
Brian Le
e2399fc949 Change "dervation" typos to "derivation" 2023-12-26 17:12:28 -05:00
Shea Levy
c3942ef85f
Build IFD in the build store when using eval-store.
Previously, IFDs would be built within the eval store, even though one
is typically using `--eval-store` precisely to *avoid* local builds.

Because the resulting Nix expression must be copied back to the eval
store in order to be imported, this requires the eval store to trust
the build store's signatures.
2023-12-23 21:33:56 -05:00
Robert Hensing
ee439734e9
Merge pull request #9582 from pennae/misc-opts
a packet of small optimizations
2023-12-22 17:00:59 +01:00
Eelco Dolstra
cf02b3335c Merge remote-tracking branch 'origin/master' into tarball-cache 2023-12-22 16:45:01 +01:00
Eelco Dolstra
936a364226 getNameFromURL(): Support uppercase characters in attribute names
In particular, this makes it handle 'legacyPackages' correctly.
2023-12-22 16:35:58 +01:00
Eelco Dolstra
a748e88bf4 nix profile: Remove check for "name" attribute in manifests
AFAIK, we've never emitted this attribute.
2023-12-22 16:27:31 +01:00
John Ericson
d65d56fa77
Merge pull request #9655 from iFreilicht/move-flake-url-name-util
Move url-name utility to libexpr/flake
2023-12-22 10:26:42 -05:00
Eelco Dolstra
6268a45b65 nix profile: Make profile element names stable
The profile manifest is now an object keyed on the name returned by
getNameFromURL() at installation time, instead of an array. This
ensures that the names of profile elements don't change when other
elements are added/removed.
2023-12-22 16:21:30 +01:00
Eelco Dolstra
3187bc9ac3 nix profile: Remove indices 2023-12-22 16:21:30 +01:00
Robert Hensing
d2016c6b59
Merge pull request #9621 from blaggacao/fix/too-restrictive-branch-regex-master
fix: valid branch name
2023-12-22 16:02:25 +01:00
Felix Uhl
26d7b0c793 Move url-name utility to libexpr/flake 2023-12-22 09:33:02 +01:00
Robert Hensing
4f47152209
libutil/url-parts.hh: Fix regex
Regex syntax is awful.
2023-12-21 23:11:25 +01:00
Felix Uhl
397cf4e285 nix search: Disallow empty regex
Fixes #4739
Fixes #3553 in spirit IMO
2023-12-21 22:13:43 +01:00
Robert Hensing
8c4ea12f11
libutil/url-parts.hh: comment 2023-12-21 21:03:06 +01:00
Cole Helbling
f4454aac9f nix shell: reflect command line order in PATH order
Prior to this change, Nix would prepend every installable to the PATH
list in order to ensure that installables appeared before the current
PATH from the ambient environment.

With this change, all the installables are still prepended to the PATH,
but in the same order as they appear on the command line. This means
that the first of two packages that expose an executable `hello` would
appear in the PATH first, and thus be executed first.

See the test in the prior commit for a more concrete example.
2023-12-21 10:56:19 -08:00
Cole Helbling
5ed1884875 libcmd: Installable::toStorePaths -> Installable::toStorePathSet 2023-12-21 10:23:07 -08:00
Eelco Dolstra
14508ade28 Typo 2023-12-21 16:25:55 +01:00
Eelco Dolstra
d77a39a314 Fix indent 2023-12-21 16:22:34 +01:00
Eelco Dolstra
9d9d9ff0de Merge remote-tracking branch 'origin/master' into profile-names-instead-of-index 2023-12-21 16:21:26 +01:00
Silvan Mosberger
ea454d8687 Undeprecate isNull
There's no good reason to deprecate it:
- For consistency reasons it should continue to exist, such that all
primitive types have a corresponding `builtins.is*` primop.
- There's no implementation cost to continuing to have this function
- It costs users time to try to migrate away from it, e.g.
  https://github.com/NixOS/nixpkgs/pull/219747 and https://github.com/NixOS/nixpkgs/pull/275548
- Using it can give easier-to-read code like `all isNull list`

Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2023-12-20 17:55:19 +01:00
pennae
2b0e95e7aa use singleton expr to generate black hole errors
this also reduces forceValue code size and removes the need for
hideInDiagnostics. coopting thunk forcing like this has the additional
benefit of clarifying how these errors can happen in the first place.
2023-12-19 19:32:16 +01:00
pennae
f9db4de0f3 force-inline forceValue
forceValue is extremely hot. interestingly adding likeliness annotations
to the branches does not seem to make a difference.

before:

  Time (mean ± σ):      4.224 s ±  0.005 s    [User: 3.711 s, System: 0.512 s]
  Range (min … max):    4.218 s …  4.234 s    10 runs

after:

  Time (mean ± σ):      4.140 s ±  0.009 s    [User: 3.647 s, System: 0.492 s]
  Range (min … max):    4.130 s …  4.152 s    10 runs
2023-12-19 19:32:16 +01:00
pennae
69ed4aee61 remove lazy-pos forceValue
almost all uses of this are interactive, except for deepSeq. deepSeq is
going to be expensive and rare enough to not care much about, and
Value::determinePos should usually be cheap enough to not be too much of
a burden in any case.
2023-12-19 19:32:16 +01:00
pennae
f9aee2f2c4 don't malloc/memset posix accessor buffer
it's relatively small and fits on the stack nicely, and we don't need it
initialized either.
2023-12-19 19:32:16 +01:00
pennae
b78e77b34c use custom location type in the parser
~1% parser speedup from not using TLS indirections, less on system eval.
this could have also gone in flex yyextra data, but that's significantly
slower for some reason (albeit still faster than thread locals).

before:

  Time (mean ± σ):      4.231 s ±  0.004 s    [User: 3.725 s, System: 0.504 s]
  Range (min … max):    4.226 s …  4.240 s    10 runs

after:

  Time (mean ± σ):      4.224 s ±  0.005 s    [User: 3.711 s, System: 0.512 s]
  Range (min … max):    4.218 s …  4.234 s    10 runs
2023-12-19 19:32:16 +01:00
pennae
2e0321912a use aligned flex tables
~2% speedup on parsing without eval, less (but still significant) on
system eval. having flex generate faster parsers leads to very strange
misparses. maybe re2c is worth investigating.

before:

  Time (mean ± σ):      4.260 s ±  0.003 s    [User: 3.754 s, System: 0.505 s]
  Range (min … max):    4.257 s …  4.266 s    10 runs

after:

  Time (mean ± σ):      4.231 s ±  0.004 s    [User: 3.725 s, System: 0.504 s]
  Range (min … max):    4.226 s …  4.240 s    10 runs
2023-12-19 19:32:16 +01:00
pennae
cc4038d541 use std::tie() for macro-generated operators
as written the comparisons generate copies, even though it looks as
though they shouldn't.

before:

  Time (mean ± σ):      4.396 s ±  0.002 s    [User: 3.894 s, System: 0.501 s]
  Range (min … max):    4.393 s …  4.399 s    10 runs

after:

  Time (mean ± σ):      4.260 s ±  0.003 s    [User: 3.754 s, System: 0.505 s]
  Range (min … max):    4.257 s …  4.266 s    10 runs
2023-12-19 19:32:16 +01:00
pennae
74c134914c compare string values with strcmp
string_view()ification calls strlen() first, which we don't need here.
2023-12-19 19:32:16 +01:00
pennae
78353deb02 encode black holes as tApp values
checking for isBlackhole in the forceValue hot path is rather more
expensive than necessary, and with a little bit of trickery we can move
such handling into the isApp case. small performance benefit, but under
some circumstances we've seen 2% improvement as well.

〉 nix eval --raw --impure --expr 'with import <nixpkgs/nixos> {}; system'

before:

  Time (mean ± σ):      4.429 s ±  0.002 s    [User: 3.929 s, System: 0.500 s]
  Range (min … max):    4.427 s …  4.433 s    10 runs

after:

  Time (mean ± σ):      4.396 s ±  0.002 s    [User: 3.894 s, System: 0.501 s]
  Range (min … max):    4.393 s …  4.399 s    10 runs
2023-12-19 19:32:16 +01:00
pennae
0218e4e6c3 memset less in addToStoreFromDump
resizing a std::string clears the newly added bytes, which is not
necessary here and comes with a ~1.4% slowdown on our test nixos config.

〉 nix eval --raw --impure --expr 'with import <nixpkgs/nixos> {}; system'

before:

  Time (mean ± σ):      4.486 s ±  0.003 s    [User: 3.978 s, System: 0.507 s]
  Range (min … max):    4.482 s …  4.492 s    10 runs

after:

  Time (mean ± σ):      4.429 s ±  0.002 s    [User: 3.929 s, System: 0.500 s]
  Range (min … max):    4.427 s …  4.433 s    10 runs
2023-12-19 19:32:16 +01:00
Eelco Dolstra
7cfd6c0efe
Merge pull request #9325 from NixOS/accessor-add-to-store
Content addressing and adding to store cleanup
2023-12-19 15:10:31 +01:00
Andrew Marshall
7526b7ded6 Allow access to /dev/stderr in Darwin sandbox
We allow /dev/stdout, so why not this? Since it is process-local,
anyway, should not be possible to escape sandbox using it.
2023-12-18 19:33:20 -05:00
John Ericson
ed26b186fb Remove now-redundant text-hashing store methods
`addTextToStore` and `computeStorePathFromDump` are now redundant.

Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2023-12-18 10:44:10 -05:00
John Ericson
dfc876531f Organize content addressing, use SourceAccessor with Store::addToStore
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2023-12-18 10:41:54 -05:00
Théophane Hufschmitt
ebfbc5a6a5
Merge pull request #9628 from fricklerhandwerk/add-links
add cross-reference
2023-12-18 13:07:39 +01:00
Valentin Gagarin
4f95800854 add cross-reference 2023-12-18 11:41:52 +01:00
Julia Evans
a47fabff0d use params.isFetchGit instead to check if it came from fetchGit 2023-12-17 12:14:55 -05:00
Julia Evans
06bed2eacd Make fetchTree locked input error message clearer 2023-12-17 12:04:59 -05:00
David Arnold
c05d4fadd5
fix: valid branch name 2023-12-16 23:14:33 +01:00
Rebecca Turner
5cb98095ba
Remove some blank lines from stack traces
This keeps hint messages, source location information, and source code
snippets grouped together, while making stack traces shorter (so that
more stack frames can be viewed on the same terminal).

Before:

    error:
           … while evaluating the attribute 'body'

             at /Users/wiggles/nix/tests/functional/lang/eval-fail-assert.nix:4:3:

                3|
                4|   body = x "x";
                 |   ^
                5| }

           … from call site

             at /Users/wiggles/nix/tests/functional/lang/eval-fail-assert.nix:4:10:

                3|
                4|   body = x "x";
                 |          ^
                5| }

           … while calling 'x'

             at /Users/wiggles/nix/tests/functional/lang/eval-fail-assert.nix:2:7:

                1| let {
                2|   x = arg: assert arg == "y"; 123;
                 |       ^
                3|

           error: assertion '(arg == "y")' failed

           at /Users/wiggles/nix/tests/functional/lang/eval-fail-assert.nix:2:12:

                1| let {
                2|   x = arg: assert arg == "y"; 123;
                 |            ^
                3|

After:

    error:
           … while evaluating the attribute 'body'
             at /Users/wiggles/nix/tests/functional/lang/eval-fail-assert.nix:4:3:
                3|
                4|   body = x "x";
                 |   ^
                5| }

           … from call site
             at /Users/wiggles/nix/tests/functional/lang/eval-fail-assert.nix:4:10:
                3|
                4|   body = x "x";
                 |          ^
                5| }

           … while calling 'x'
             at /Users/wiggles/nix/tests/functional/lang/eval-fail-assert.nix:2:7:
                1| let {
                2|   x = arg: assert arg == "y"; 123;
                 |       ^
                3|

           error: assertion '(arg == "y")' failed
           at /Users/wiggles/nix/tests/functional/lang/eval-fail-assert.nix:2:12:
                1| let {
                2|   x = arg: assert arg == "y"; 123;
                 |            ^
                3|
2023-12-15 23:57:26 -08:00
John Ericson
e7d95a1d80 Merge remote-tracking branch 'upstream/master' into tarball-cache 2023-12-15 09:37:13 -05:00
Matthew Bauer
bcbdb09ccf Add eval-system option
`eval-system` option overrides just the value of `builtins.currentSystem`.
This is more useful than overriding `system` since you can build these
derivations on remote builders which can work on the given system.

Co-authored-by: John Ericson <John.Ericson@Obsidian.Systems>
Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io>
2023-12-14 19:04:00 -05:00
John Ericson
e13fc0bbdb Fix sys/xattr.h check
I wrote the `configure.ac` wrong, and so we just got no builds
supporting ACLs.

Also, it needs to be more precise because Darwin puts other stuff in
that same header, evidently.
2023-12-14 10:03:48 -05:00
Eelco Dolstra
06e106beff Disable GitHub tree hash mismatch warning 2023-12-14 13:38:10 +01:00
Eelco Dolstra
1fce12ec32 Merge remote-tracking branch 'origin/master' into tarball-cache 2023-12-14 13:31:29 +01:00
Ramses
1e3d811840
worker protocol: serialise cgroup stats in BuildResult (#9598)
By doing so, they get reported when building through the daemon via either `unix://` or `ssh-ng://`.
2023-12-13 16:37:17 -05:00
Eelco Dolstra
1b7968ed86
Merge pull request #9547 from hercules-ci/allowed-scheme-without-slash
`allowed-uris`: match whole schemes without slashes
2023-12-13 20:23:33 +01:00
Théophane Hufschmitt
b1c633c6bb
Merge pull request #9600 from SharzyL/fix_nix_copy
fix: nix copy ssh-ng:// not respecting --substitute-on-destination
2023-12-13 18:08:38 +01:00
Eelco Dolstra
103ca0bde5 Improve SourcePath display 2023-12-13 13:27:29 +01:00
Eelco Dolstra
cc3913e458 Remove unused variable 2023-12-13 13:27:23 +01:00
SharzyL
04f454f2a0
fix: nix copy ssh-ng:// not respecting --substitute-on-destination 2023-12-13 10:30:28 +08:00
tomberek
7026abfdde
Merge pull request #9523 from fricklerhandwerk/conf-reword-always-allow-substitutes
reword documentation on settings and attributes related to substitution
2023-12-12 20:09:48 -05:00
tomberek
09041071bf
Merge pull request #9525 from fricklerhandwerk/conf-reword-builders-use-substitutes
reword description of the `builders-use-substitutes` setting
2023-12-12 20:08:00 -05:00
Robert Hensing
0b87ba50c0 Revert "Add nix::isASCII*, locale-independent"
This reverts commit 79eb2920bb.

Not used at this time.
2023-12-12 17:46:34 +01:00
Robert Hensing
4eaeda6604 isValidSchemeName: Use regex
As requested by Eelco Dolstra. I think it used to be simpler.
2023-12-12 17:46:34 +01:00
Robert Hensing
2e451a663e schemeRegex -> schemeNameRegex
Scheme could be understood to include the typical `:` separator.
2023-12-12 17:25:20 +01:00