No description
Find a file
Théophane Hufschmitt c3878f510e Copy the output of fixed-output derivations before registering them
It is possible to exfiltrate a file descriptor out of the build sandbox
of FODs, and use it to modify the store path after it has been
registered.
To avoid that issue, don't register the output of the build, but a copy
of it (that will be free of any leaked file descriptor).
2024-03-01 09:31:28 +01:00
.github ci: fix docker default tag 2024-02-24 11:24:24 +01:00
config Run autoupdate 2021-06-01 11:42:38 +02:00
contrib function-trace: always show the trace 2019-09-18 23:23:21 +02:00
dep-patches Move dependency patches from top level into subdir 2024-01-17 13:13:54 -05:00
doc Add Git object hashing to the store layer 2024-02-27 11:27:34 -05:00
m4 Add configure test to ensure GCC bug is fixed 2023-10-31 12:09:46 -04:00
maintainers maintainers/release-notes: Include changelog-d 2024-01-29 17:13:48 +01:00
misc Remove custom lowdown 2023-12-13 16:25:18 -05:00
mk *.in files: Depend on config.status 2024-02-13 16:10:56 +01:00
perl Add Git object hashing to the store layer 2024-02-27 11:27:34 -05:00
scripts install-darwin: fix symbolic perms for install cmd 2024-02-13 01:18:08 -06:00
src Copy the output of fixed-output derivations before registering them 2024-03-01 09:31:28 +01:00
tests Add a NixOS test for the sandbox escape 2024-03-01 09:31:28 +01:00
.clang-format Add clang format configuration 2024-01-08 19:46:38 +01:00
.clang-tidy Add .clang-tidy 2024-02-01 01:01:39 +01:00
.dir-locals.el .dir-locals.el: Set c-block-comment-prefix 2020-07-10 11:21:06 +02:00
.editorconfig .editorconfig: Also affect Perl FFI xs file 2023-11-09 23:11:52 -05:00
.gitignore .gitignore: ignore historical test binaries 2024-02-26 18:05:07 +08:00
.version Bump version 2024-01-29 22:57:25 +01:00
configure.ac Don't hardcode the -O2 compiler flag 2024-02-09 06:27:24 +01:00
CONTRIBUTING.md Fix link to manual in CONTRIBUTING.md 2024-02-10 17:44:33 +01:00
COPYING * Change this to LGPL to keep the government happy. 2006-04-25 16:41:06 +00:00
default.nix add flake-compat to flake.nix and use sha256 in default.nix 2023-03-06 21:11:24 +01:00
docker.nix fix "add an option to include flake-registry..." 2023-05-16 14:35:31 +02:00
flake.lock flake.lock: Update 2024-01-15 08:04:46 -05:00
flake.nix maintainers/release-notes: Include changelog-d 2024-01-29 17:13:48 +01:00
local.mk Use positive source filtering for the standalone functional tests job 2023-10-09 08:29:27 -04:00
Makefile Add Git object hashing to the store layer 2024-02-27 11:27:34 -05:00
Makefile.config.in Simplify RapidCheck configure 2024-01-15 08:05:05 -05:00
package.nix Merge nativeCheckInputs into nativeBuildInputs 2024-02-27 11:27:34 -05:00
precompiled-headers.h Config: Use nlohmann/json 2020-08-20 11:02:16 +02:00
README.md fix: Remove extra to from README.md (#9213) 2023-10-23 19:20:23 +02:00
shell.nix Remove url literals 2022-01-24 13:28:21 +01:00

Nix

Open Collective supporters Test

Nix is a powerful package manager for Linux and other Unix systems that makes package management reliable and reproducible. Please refer to the Nix manual for more details.

Installation and first steps

Visit nix.dev for installation instructions and beginner tutorials.

Full reference documentation can be found in the Nix manual.

Building And Developing

See our Hacking guide in our manual for instruction on how to set up a development environment and build Nix from source.

Contributing

Check the contributing guide if you want to get involved with developing Nix.

Additional Resources

License

Nix is released under the LGPL v2.1.