Robert Hensing
0f8a655023
tests/functional/shell.nix: Implement runHook for dummy stdenv
2024-07-07 13:02:21 +02:00
Robert Hensing
fd4b17ab2c
Merge pull request #11056 from romain-neil/s3-allow-use-of-proxy
...
Configure aws s3 lib to use system defined proxy, if existent
2024-07-07 02:47:24 +02:00
Robert Hensing
c4a20a4101
rl-next: Add note about shell.nix lookups
2024-07-07 01:22:00 +02:00
Robert Hensing
2f1fada76b
Add legacy setting: nix-shell-always-looks-for-shell-nix
2024-07-07 01:22:00 +02:00
Robert Hensing
73602a7c6f
nix-shell: Look for shell.nix when directory is specified
2024-07-07 01:22:00 +02:00
Robert Hensing
63262e78c7
Add opt-out: nix-shell-shebang-arguments-relative-to-script
2024-07-07 00:55:33 +02:00
Robert Hensing
4c59d6e9f5
Merge branch 'nix-shell-lookup-shell-nix' into more-nix-shell
2024-07-07 00:27:07 +02:00
Robert Hensing
6959ac157b
rl-next: Add note about shell.nix lookups
2024-07-07 00:25:56 +02:00
Robert Hensing
6c6d5263e2
Add legacy setting: nix-shell-always-looks-for-shell-nix
2024-07-07 00:25:56 +02:00
Robert Hensing
f5b59fbc64
Fix and extend nix-shell baseDir test
2024-07-07 00:23:22 +02:00
Robert Hensing
d5854f33e2
rl-next: Typo
2024-07-07 00:18:26 +02:00
Robert Hensing
8838f5c746
Merge remote-tracking branch 'matthewbauer/nix-shell-relative-shebang' into more-nix-shell
2024-07-07 00:18:03 +02:00
Robert Hensing
afbe7c3d08
rl-next: Enter PR
2024-07-06 23:15:01 +02:00
John Ericson
41b6c735eb
Merge pull request #11054 from NixOS/meson-fixes
...
Meson fixes
2024-07-06 17:11:11 -04:00
Robert Hensing
b865625a8e
nix-shell: Look for shell.nix when directory is specified
2024-07-06 23:05:34 +02:00
Robert Hensing
a22f8b5276
rl-next: Add note about shell.nix lookups
2024-07-06 23:05:34 +02:00
Robert Hensing
32fb127b9c
Add legacy setting: nix-shell-always-looks-for-shell-nix
2024-07-06 23:05:34 +02:00
Romain NEIL
514062c227
feat: configure aws s3 lib to use system defined proxy, if existent
2024-07-06 21:46:58 +02:00
Robert Hensing
76245ffbeb
nix-build.cc: Refactor: extract sourcePath, resolvedPath variables
2024-07-06 20:55:27 +02:00
Robert Hensing
e9479b272f
nix-build.cc: Refactor: extract baseDir variable
2024-07-06 20:51:45 +02:00
Robert Hensing
5c367ece89
Refactor: rename left -> remainingArgs
2024-07-06 20:03:30 +02:00
Robert Hensing
13181356fc
Refactor: rename runEnv -> isNixShell
2024-07-06 20:01:46 +02:00
Robert Hensing
bea54d116e
Add resolvePath, filesetToSource indirections for Nixpkgs
2024-07-06 19:49:55 +02:00
Robert Hensing
da4c55995b
ci.yml: Build non unit-tested components in meson_build
2024-07-06 19:15:53 +02:00
Robert Hensing
0729f0a113
packaging: Pass version directly
2024-07-06 17:52:57 +02:00
Robert Hensing
efd5f50f5e
nix-perl: Add deps, use mkMesonDerivation
2024-07-06 17:52:57 +02:00
Robert Hensing
4c014e238b
nix-main: Add openssl
2024-07-06 17:52:57 +02:00
Robert Hensing
4d0c55ae55
api docs: Use mkMesonDerivation
2024-07-06 17:52:57 +02:00
Robert Hensing
b7e5446b81
flake.nix: Remove unused binding
2024-07-06 17:52:57 +02:00
Robert Hensing
896eb7a44b
Merge pull request #11034 from obsidiansystems/meson-nix
...
Package libnixmain and libnixcmd with Meson
2024-07-06 01:26:59 +02:00
John Ericson
3acf3fc746
Package libnixmain
and libnixcmd
with Meson
...
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2024-07-05 16:40:55 -04:00
Robert Hensing
0b901e10ee
Merge pull request #11050 from hercules-ci/issue-10677
...
Explain when `man` is missing
2024-07-05 22:25:38 +02:00
John Ericson
ff9b6d0e1f
Merge pull request #11037 from fricklerhandwerk/document-config-parsing
...
use self-descriptive name for config file parser, document
2024-07-05 15:21:26 -04:00
Eelco Dolstra
d5461b9009
Merge pull request #11051 from Mic92/fix-prefetch
...
src/nix/prefetch: fix prefetch containing current directory instead o…
2024-07-05 20:33:05 +02:00
Robert Hensing
ddff76f667
Merge pull request #10973 from NixOS/meson-libexpr
...
Meson build for libexpr libflake, external C API, unit tests
2024-07-05 20:27:12 +02:00
Jörg Thalheim
05381c0b30
Update src/nix/prefetch.cc
...
Co-authored-by: Eelco Dolstra <edolstra@gmail.com>
2024-07-05 19:45:03 +02:00
Jörg Thalheim
8cea1fbd97
src/nix/prefetch: fix prefetch containing current directory instead of tarball
...
When --unpack was used the nix would add the current directory to the
nix store instead of the content of unpacked.
The reason for this is that std::distance already consumes the iterator.
To fix this we re-instantiate the directory iterator in case the
directory only contains a single entry.
2024-07-05 19:18:49 +02:00
Robert Hensing
6ef00a503a
Explain when man is missing
...
Have you seen this man?
Fixes #10677
2024-07-05 19:18:23 +02:00
Eelco Dolstra
8f280d72ff
Merge pull request #11019 from DeterminateSystems/fix-failed-to-open-archive
...
Tarball fetcher: Fix handling of cached tarballs
2024-07-05 17:10:02 +02:00
Robert Hensing
a476383f46
Merge pull request #11031 from emilazy/push-xsrvoyspsvqx
...
libstore: fix sandboxed builds on macOS
2024-07-05 17:08:39 +02:00
Robert Hensing
d63bd8295e
assert: Report why values aren't equal
2024-07-05 16:43:48 +02:00
Eelco Dolstra
98bef7c38e
Merge pull request #11035 from siddhantk232/refactor
...
Factor duplicate code into util function `append`
2024-07-05 16:34:23 +02:00
Eelco Dolstra
61e1880847
Merge pull request #11041 from hercules-ci/trace-nix-env-attribute-names
...
getDerivations: add attributes to trace
2024-07-05 16:32:27 +02:00
Eelco Dolstra
e1b6b3ce27
Merge pull request #11020 from DeterminateSystems/fix-tarball-caching
...
Tarball fetcher: Fix fetchToStore() and eval caching
2024-07-05 16:30:12 +02:00
Eelco Dolstra
e7e070d36b
Document
2024-07-05 16:29:16 +02:00
Robert Hensing
09763c7cad
getDerivations: add attributes to trace
...
This improves the error message of nix-env -qa, among others, which
is crucial for understanding some ofborg eval error reports, such as
https://gist.github.com/GrahamcOfBorg/89101ca9c2c855d288178f1d3c78efef
After this change, it will report the same trace, but also start with
```
error:
… while evaluating the attribute 'devShellTools'
… while evaluating the attribute 'nixos'
… while evaluating the attribute 'docker-tools-nix-shell'
… while evaluating the attribute 'aarch64-darwin'
… from call site
at /home/user/h/nixpkgs/outpaths.nix:48:6:
47| tweak = lib.mapAttrs
48| (name: val:
| ^
49| if name == "recurseForDerivations" then true
<same>
```
2024-07-05 15:30:07 +02:00
John Ericson
e4056b9afd
Apply suggestions from code review
...
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2024-07-04 17:48:27 -04:00
Emily
af2e1142b1
libstore: fix sandboxed builds on macOS
...
The recent fix for CVE-2024-38531 broke the sandbox on macOS
completely. As it’s not practical to use `chroot(2)` on
macOS, the build takes place in the main filesystem tree, and the
world‐unreadable wrapper directory prevents the build from accessing
its `$TMPDIR` at all.
The macOS sandbox probably shouldn’t be treated as any kind of a
security boundary in its current state, but this specific vulnerability
wasn’t possible to exploit on macOS anyway, as creating `set{u,g}id`
binaries is blocked by sandbox policy.
Locking down the build sandbox further may be a good idea in future,
but it already has significant compatibility issues. For now, restore
the previous status quo on macOS.
Thanks to @alois31 for helping me come to a better understanding of
the vulnerability.
Fixes: 1d3696f0fb
Closes : #11002
2024-07-04 16:28:37 +01:00
Emily
76e4adfaac
libstore: clean up the build directory properly
...
After the fix for CVE-2024-38531, this was only removing the nested
build directory, rather than the top‐level temporary directory.
Fixes: 1d3696f0fb
2024-07-04 16:22:02 +01:00
Valentin Gagarin
c66079f1e8
use self-descriptive name for config file parser, document
...
Co-authored-by: Robert Hensing <roberth@users.noreply.github.com>
2024-07-04 10:36:48 +02:00