diff options
| -rw-r--r-- | scripts/download-from-binary-cache.pl.in | 4 | ||||
| -rw-r--r-- | src/libexpr/parser.y | 1 |
2 files changed, 4 insertions, 1 deletions
diff --git a/scripts/download-from-binary-cache.pl.in b/scripts/download-from-binary-cache.pl.in index 4655f9ac9a0e..bb63eafca522 100644 --- a/scripts/download-from-binary-cache.pl.in +++ b/scripts/download-from-binary-cache.pl.in @@ -54,6 +54,10 @@ sub isTrue { return $x eq "true" || $x eq "1"; } +# FIXME: this should be cache URLs required to have valid signatures, +# or "*" to require signatures on all binary caches. +# FIXME: should binary caches using a key in +# ‘binary-cache-public-keys’ be trusted by default? my $requireSignedBinaryCaches = ($Nix::Config::config{"signed-binary-caches"} // "0") ne "0"; my $curlConnectTimeout = int( diff --git a/src/libexpr/parser.y b/src/libexpr/parser.y index 36fdf3ba7b3a..d70d29be8ba7 100644 --- a/src/libexpr/parser.y +++ b/src/libexpr/parser.y @@ -286,7 +286,6 @@ void yyerror(YYLTYPE * loc, yyscan_t scanner, ParseData * data, const char * err %left '*' '/' %right CONCAT %nonassoc '?' -%nonassoc '~' %nonassoc NEGATE %% |