about summary refs log tree commit diff
path: root/doc
diff options
context:
space:
mode:
Diffstat (limited to 'doc')
-rw-r--r--doc/manual/release-notes.xml14
-rw-r--r--doc/manual/writing-nix-expressions.xml19
2 files changed, 33 insertions, 0 deletions
diff --git a/doc/manual/release-notes.xml b/doc/manual/release-notes.xml
index 426078b829de..36e345ecf273 100644
--- a/doc/manual/release-notes.xml
+++ b/doc/manual/release-notes.xml
@@ -11,6 +11,20 @@
 
 <para>TODO</para>
 
+<itemizedlist>
+
+  <listitem><para>Derivations can specify the new special attribute
+  <varname>allowedRequisites</varname>, which has a similar meaning to
+  <varname>allowedReferences</varname>. But instead of only enforcing
+  to explicitly specify the immediate references, it requires the
+  derivation to specify all the dependencies recursively (hence the
+  name, requisites) that are used by the resulting output. This is
+  used in NixOS when rebuilding the stdenv on Linux to ensure that the
+  resulting stdenv doesn't have any surprising dependency, e.g. on
+  bootstrapTools.</para></listitem>
+
+</itemizedlist>
+
 </section>
 
 
diff --git a/doc/manual/writing-nix-expressions.xml b/doc/manual/writing-nix-expressions.xml
index 0470625ff6d3..2c9b4a633271 100644
--- a/doc/manual/writing-nix-expressions.xml
+++ b/doc/manual/writing-nix-expressions.xml
@@ -1569,6 +1569,25 @@ allowedReferences = [];
 
   </varlistentry>
 
+  <varlistentry><term><varname>allowedRequisites</varname></term>
+
+    <listitem><para>This attribute is similar to
+    <varname>allowedReferences</varname>, but it specifies the legal
+    requisites of the whole closure, so all the dependencies
+    recursively.  For example,
+
+<programlisting>
+allowedReferences = [ foobar ];
+</programlisting>
+
+    enforces that the output of a derivation cannot have any other
+    runtime dependency than <varname>foobar</varname>, and in addition
+    it enforces that <varname>foobar</varname> itself doesn't
+    introduce any other dependency itself. This is used in NixOS when
+    rebuilding the stdenv on Linux to ensure that the resulting stdenv
+    doesn't have any surprising dependency, e.g. on bootstrapTools.
+
+  </varlistentry>
 
   <varlistentry><term><varname>exportReferencesGraph</varname></term>