Eelco Dolstra
1ee42c5b88
builtin:fetchurl: Ensure a fixed-output derivation
...
Previously we didn't check that the derivation was fixed-output, so
you could use builtin:fetchurl to impurely fetch a file.
2024-02-01 21:46:01 +01:00
John Ericson
dc439eaf23
Fill in missing markdown link dest
2024-02-01 11:20:19 -05:00
John Ericson
31881d651a
Merge remote-tracking branch 'upstream/master' into overlayfs-store
2024-02-01 11:07:47 -05:00
Eelco Dolstra
ef6d055ace
Merge pull request #9896 from hercules-ci/tidy-tidy
...
Disable a slightly annoying clang-tidy check
2024-02-01 09:02:46 +01:00
Robert Hensing
58c26dd0f0
Add .clang-tidy
2024-02-01 01:01:39 +01:00
Robert Hensing
0f2e9e6bd2
Typo
2024-02-01 01:01:04 +01:00
Robert Hensing
4072a8fea0
Merge pull request #9867 from hercules-ci/issue-912
...
#912 allow leading period
2024-01-31 19:10:59 +01:00
Robert Hensing
7c9ed1b1a3
Merge pull request #9890 from obsidiansystems/remove-unneeded-toRealPath
...
Change an `allowPath` call to take a store path again
2024-01-31 18:45:19 +01:00
Robert Hensing
f1b4663805
Disallow store path names that are . or .. (plus opt. -)
...
As discussed in the maintainer meeting on 2024-01-29.
Mainly this is to avoid a situation where the name is parsed and
treated as a file name, mostly to protect users.
.-* and ..-* are also considered invalid because they might strip
on that separator to remove versions. Doesn't really work, but that's
what we decided, and I won't argue with it, because .-* probably
doesn't seem to have a real world application anyway.
We do still permit a 1-character name that's just "-", which still
poses a similar risk in such a situation. We can't start disallowing
trailing -, because a non-zero number of users will need it and we've
seen how annoying and painful such a change is.
What matters most is preventing a situation where . or .. can be
injected, and to just get this done.
2024-01-31 18:35:19 +01:00
Robert Hensing
8406da2877
test: Generate distinct hashes
...
Gen::just is the constant generator. Don't just return that!
2024-01-31 18:35:19 +01:00
Robert Hensing
69bbd5852a
test: Generate distinct path names
...
Gen::just is the constant generator. Don't just return that!
2024-01-31 18:35:19 +01:00
Robert Hensing
b13e6a76b4
parseStorePath: Support leading period
2024-01-31 18:35:19 +01:00
John Ericson
caea7dcb7e
Change an allowPath
call to take a store path again
...
This looks like a revert of #5844 , but is not.
That one was needed because
d90f9d4b99 (diff-0f59bb6f197822ef9f19ceae9624989499d170c84dfdc1f486a8959bb4588cafR85)
changed the type of the argument to `allowPath` from a `StorePath` to a
`Path`. But since
caabc4f648 (diff-0f59bb6f197822ef9f19ceae9624989499d170c84dfdc1f486a8959bb4588cafL100-R92)
,
it is a `StorePath` again.
I think this is worth changing because we want to be very careful about
`toRealPath` and the evaluator --- ideally the choice of real path does
not affect evaluation at all. So using it fewer times is better.
2024-01-31 11:44:06 -05:00
John Ericson
75ebb90a70
Merge pull request #9884 from edolstra/resolve-symlinks
...
Resolve symlinks in a few more places
2024-01-30 10:42:54 -05:00
Eelco Dolstra
d661a89398
Merge pull request #9880 from NixOS/dependabot/github_actions/zeebe-io/backport-action-2.4.1
...
build(deps): bump zeebe-io/backport-action from 2.4.0 to 2.4.1
2024-01-30 15:37:25 +01:00
Eelco Dolstra
b36ff47e7c
Resolve symlinks in a few more places
...
Fixes #9882 .
2024-01-30 15:35:31 +01:00
Eelco Dolstra
a7db7b6e44
Merge pull request #9879 from NixOS/bump-2.21.0
...
Bump version
2024-01-30 10:13:42 +01:00
dependabot[bot]
a3aae7beef
build(deps): bump zeebe-io/backport-action from 2.4.0 to 2.4.1
...
Bumps [zeebe-io/backport-action](https://github.com/zeebe-io/backport-action ) from 2.4.0 to 2.4.1.
- [Release notes](https://github.com/zeebe-io/backport-action/releases )
- [Commits](https://github.com/zeebe-io/backport-action/compare/v2.4.0...v2.4.1 )
---
updated-dependencies:
- dependency-name: zeebe-io/backport-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-29 22:14:10 +00:00
Eelco Dolstra
2f3fb6c12e
Bump version
2024-01-29 22:57:25 +01:00
Eelco Dolstra
9b8e0a7790
Merge pull request #9877 from edolstra/release-notes
...
Nix 2.20 release notes
2024-01-29 18:29:33 +01:00
Eelco Dolstra
652f334f87
Edit release notes
2024-01-29 17:51:21 +01:00
Eelco Dolstra
9465c8cca1
nix hash convert: Add manpage
2024-01-29 17:51:01 +01:00
Eelco Dolstra
6f86f87043
Fix formatting of hash args
2024-01-29 17:50:25 +01:00
Eelco Dolstra
3089bce41b
release notes: 2.20.0
2024-01-29 17:14:17 +01:00
Eelco Dolstra
0070400809
maintainers/release-notes: Include changelog-d
...
Otherwise it quietly generates an empty rl-<version>.md
2024-01-29 17:13:48 +01:00
Eelco Dolstra
1ef6bbb16d
Update release-process.md
2024-01-29 17:12:22 +01:00
Eelco Dolstra
e9c8e859db
Merge pull request #9876 from edolstra/store-settings
...
Don't include store docs in every manpage
2024-01-29 17:01:24 +01:00
Eelco Dolstra
baff34d728
Don't include store docs in every manpage
2024-01-29 16:30:29 +01:00
Eelco Dolstra
f6719032cf
Shut up a gcc warning
2024-01-29 15:22:44 +01:00
Valentin Gagarin
44a0d04483
add missing link ( #9869 )
2024-01-29 05:56:19 +01:00
Robert Hensing
40254092dd
Merge pull request #9770 from hercules-ci/refactor-rename-derivation-isPure
...
Refactor rename derivation type `isPure`
2024-01-27 11:24:20 +01:00
Robert Hensing
9ddd0f2af8
Revert "StorePath: reject names starting with '.'"
...
This reverts commit 24bda0c7b3
.
2024-01-27 11:18:03 +01:00
Robert Hensing
6a99c18c30
doc/glossary: Define impure derivation
2024-01-27 11:00:10 +01:00
Robert Hensing
49b25ea85c
refactor: Impure derivation type isPure -> isImpure
...
To quote the method doc:
Non-impure derivations can still behave impurely, to the degree permitted
by the sandbox. Hence why this method isn't `isPure`: impure derivations
are not the negation of pure derivations. Purity can not be ascertained
except by rather heavy tools.
2024-01-27 11:00:10 +01:00
John Ericson
b83a2fb6dd
Merge pull request #9776 from pennae/parser-refactor
...
Refactor the parser somewhat
2024-01-26 23:56:48 -05:00
John Ericson
365b831e6f
Minor formatting tweaks
2024-01-26 23:11:31 -05:00
John Ericson
4a2444b3f3
Merge pull request #9864 from obsidiansystems/rlim_t-header
...
Add missing `#include` for `rlim_t`
2024-01-26 22:57:42 -05:00
John Ericson
1aec7771d4
Add missing #include
for rlim_t
...
My local build in the shell was failing while CI was fine; not sure why
that is but having the include here is definitely more correct.
Per the POSIX spec, this is where it is supposed to be gotten
https://pubs.opengroup.org/onlinepubs/009695399/basedefs/sys/resource.h.html
2024-01-26 22:34:31 -05:00
John Ericson
1dc55c0f2f
Merge pull request #9861 from 9999years/colored-diff-in-lang-tests
...
Color `diff` output in `tests/functional/lang` tests
2024-01-26 22:31:00 -05:00
John Ericson
efb91d5979
Merge pull request #9860 from 9999years/set-stack-darwin
...
Increase stack size on macOS as well as Linux
2024-01-26 13:35:10 -05:00
Rebecca Turner
772897a1cd
Color diff
output in tests/functional/lang
tests
...
Use `diff --color=always` to print colored output for language test
failures. I've also flipped the arguments so that expected lines missing
from the actual output will be marked with a red `-` and additional
lines found in the actual output will be marked with a green `+`.
Previously it was the other way around, which was very confusing.
2024-01-26 10:08:56 -08:00
Rebecca Turner
3a124d1e88
Increase stack size on macOS as well as Linux
...
The code works fine on macOS, but the default stack size we attempt to
set is larger than what my system will allow (Nix attempts to set the
stack size to 67108864, but the maximum allowed is 67092480), so I've
instead used the requested stack size or the maximum allowed, whichever
is smaller.
I've also added an error message if setting the stack size fails. It
looks like this:
> Failed to increase stack size from 8372224 to 67108864 (maximum
> allowed stack size: 67092480): Invalid argument
2024-01-26 09:40:41 -08:00
Valentin Gagarin
30bdee5c3b
update docs on fetchGit
shallow clone behavior ( #9704 )
2024-01-26 17:26:08 +00:00
Théophane Hufschmitt
8df68a213f
Merge pull request #9849 from 13x1/patch-1
...
Fix typo in primops.cc (and therefore Nix docs)
2024-01-25 16:11:49 +01:00
Théophane Hufschmitt
5a9513cdba
Merge pull request #9848 from obsidiansystems/default-system-features-static
...
Make `StoreConfig::getDefaultSystemFeatures` a static method
2024-01-25 16:05:57 +01:00
lexi
08f38a3a40
Fix typo in primops.cc (and therefore Nix docs)
...
This also fixes the typo in the Nix docs at https://nixos.org/manual/nix/unstable/language/builtins .
2024-01-25 15:30:51 +01:00
John Ericson
a9e10a1dbd
Make StoreConfig::getDefaultSystemFeatures
a static method
...
This makes something in Hydra bit simpler. If someday the default
depends on the other config options, we can always change it back.
2024-01-24 21:34:31 -05:00
John Ericson
979b00bce9
Merge pull request #9844 from NixOS/pkg-config-gmock
...
Link both gmock and gtest, not just gtest
2024-01-24 19:33:54 -05:00
John Ericson
c817305411
Link both gmock and gtest, not just gtest
...
GMock is not entirely header-only, we're finding.
2024-01-24 10:10:42 -05:00
Robert Hensing
212ba69e6f
Merge pull request #9843 from hercules-ci/test-pr-9626
...
tests/functional/fetchGit.sh: Test fetchGit/fetchTree error message
2024-01-24 13:55:41 +01:00