about summary refs log tree commit diff
AgeCommit message (Collapse)AuthorFilesLines
2016-01-12 don't abort when given unmatched '}' with 'start-condition stack underflow'. ↵Fabian Schmitthenner1-7/+17
This fixes #751
2016-01-08 Temporarily do Darwin builds from a different Nixpkgs branchEelco Dolstra1-2/+4
2016-01-07 Revert accidental disable of doInstallCheckEelco Dolstra1-1/+1
2016-01-07 Fix "Bad address" executing build hookEelco Dolstra2-6/+10
This was observed in the deb_debian7x86_64 build: http://hydra.nixos.org/build/29973215 Calling c_str() on a temporary should be fine because the temporary shouldn't be destroyed until after the execl() call, but who knows...
2016-01-07 Fix some signedness warningsEelco Dolstra2-2/+2
2016-01-07 Fix bad use of croak()Eelco Dolstra1-22/+22
Detected by -Werror=format-security. http://hydra.nixos.org/build/29973207
2016-01-07 Fix repair testEelco Dolstra1-0/+12
http://hydra.nixos.org/build/30001635
2016-01-06 nix-store --repair-path: Rebuild if there is no substituterEelco Dolstra1-2/+12
2016-01-06 Fix --repair failure on multiple-output derivationsEelco Dolstra1-1/+3
If repair found a corrupted/missing path that depended on a multiple-output derivation, and some of the outputs of the latter were not present, it failed with a message like error: path ‘/nix/store/cnfn9d5fjys1y93cz9shld2xwaibd7nn-bash-4.3-p42-doc’ is not valid
2016-01-06 TypoEelco Dolstra1-1/+1
2016-01-05 Verify TLS certificate before downloading binariesPhilip Potter2-3/+2
The --insecure flag to curl tells curl not to bother checking if the TLS certificate presented by the server actually matches the hostname requested, and actually is issued by a trusted CA chain. This almost entirely negates any benefit from using TLS in the first place. This removes the --insecure flag to ensure we actually have a secure connection to the intended hostname before downloading binaries. Manually tested locally within a dev-shell; was able to download binaries from https://cache.nixos.org without issue. [Note: --insecure was only used for fetching NARs, whose integrity is verified by Nix anyway using the hash from the .narinfo. But if we can fetch the .narinfo without --insecure, we can also fetch the .nar, so there is not much point to using --insecure. --Eelco]
2016-01-05 Better error messageFabian Schmitthenner1-1/+1
Also show types when nix cannot compare values of different types. This is also more consistent since types are already shown when comparing values of the same not comparable type.
2016-01-05 propagate NIX_BUILD_SHELL also in pure builds document NIX_BUILD_SHELL in ↵Fabian Schmitthenner2-1/+17
the nix-shell command documentation
2016-01-05 Do not override environment CFLAGS and CXXFLAGSIlya Novoselov1-2/+0
Looks like 5a05cf4063fc6ea666f3e24c60bd2e9e5526ef4e removed usage of environment CFLAGS and CXXFLAGS by mistake. That change broke building of nix on fedora core 23.
2016-01-05 Fix compilationEelco Dolstra1-1/+7
2016-01-05 Use __toString when coercing sets to strings.Shea Levy2-2/+10
For example, "${{ foo = "bar"; __toString = x: x.foo; }}" evaluates to "bar". With this, we can delay calling functions like mkDerivation, buildPythonPackage, etc. until we actually need a derivation, enabling overrides and other modifications to happen by simple attribute set update.
2016-01-05 Merge pull request #685 from vizanto/masterEelco Dolstra3-1/+8
POSIX compliant directory access (fixes build on Solaris)
2016-01-05 doc: Clarify why multiple arguments are not supported in shebang lineTim Cuthbertson1-2/+2
It's not a limitation of `/usr/bin/env`, it's just how the OS processes shebang lines (see http://stackoverflow.com/a/4304187)
2016-01-05 Fixed unresolved 'BUFSIZ'FrankHB1-0/+1
`BUFSIZ` is defined in header `<cstdio>`.
2016-01-05 Fix non-Darwin buildEelco Dolstra1-0/+2
2016-01-05 manual: document builtins.functionArgsVladimír Čunát2-2/+20
The text is just a conversion of comment from src/libexpr/primops.cc
2016-01-05 doc: fixes #727 broken linkdavidak1-1/+1
2016-01-05 libstore: mmap() returns MAP_FAILED, not NULL on failureTuomas Tynkkynen1-1/+1
2016-01-04 Don't allow sandbox profile except in relaxed modeEelco Dolstra1-5/+10
This makes Darwin consistent with Linux: Nix expressions can't break out of the sandbox unless relaxed sandbox mode is enabled. For the normal sandbox mode this will require fixing #759 however.
2016-01-04 Use sensible date formatEelco Dolstra29-55/+57
2016-01-04 Update release notesEelco Dolstra1-3/+85
2016-01-04 ~PathLocks(): Handle exceptionsEelco Dolstra1-1/+5
Otherwise, since the call to write a "d" character to the lock file can fail with ENOSPC, we can get an unhandled exception resulting in a call to terminate().
2015-12-29 Fix regression in passAsFileEelco Dolstra1-2/+3
Caused by 8063fc497ab78fa72962b93874fe25dcca2b55ed. If tmpDir != tmpDirInSandbox (typically when there are multiple concurrent builds with the same name), the *Path attribute would not point to an existing file. This caused Nixpkgs' writeTextFile to write an empty file. In particular this showed up as hanging VM builds (because it would run an empty run-nixos-vm script and then wait for it to finish booting).
2015-12-22 Handle /tmp being a symlinkEelco Dolstra1-1/+1
Hopefully fixes Darwin sandbox regression introduced in 8063fc497ab78fa72962b93874fe25dcca2b55ed.
2015-12-22 Don't ignore sodium_init() return valueEelco Dolstra1-1/+2
2015-12-22 Fix bad error message in Darwin chrootsEelco Dolstra1-1/+3
2015-12-17 showId: Handle empty attribute namesEelco Dolstra1-2/+3
We should probably disallow these, but until then, we shouldn't barf with an assertion failure. Fixes #738.
2015-12-15 Merge pull request #742 from garrison/debian-curl-nssEelco Dolstra1-1/+1
Make Debian package depend on libcurl3-nss
2015-12-14 Make Debian package depend on libcurl3-nssJim Garrison1-1/+1
Otherwise nix-env fails to start if it is not installed
2015-12-14 Merge pull request #732 from puffnfresh/patch-1Eelco Dolstra1-1/+2
Use shellwords for nix-shell shebang
2015-12-10 Fix coverage buildEelco Dolstra1-1/+1
2015-12-10 Build sandbox support etc. unconditionally on LinuxEelco Dolstra4-70/+24
Also, use "#if __APPLE__" instead of "#if SANDBOX_ENABLED" to prevent ambiguity.
2015-12-08 Merge pull request #734 from bjornfor/hash-mismatch-messageEelco Dolstra1-2/+2
Clarify error message for hash mismatches (again)
2015-12-08 Clarify error message for hash mismatches (again)Bjørn Forsman1-2/+2
This is arguably nitpicky, but I think this new formulation is even clearer. My thinking is that it's easier to comprehend when the calculated hash value is displayed close to the output path. (I think it is somewhat similar to eliminating double negatives in logic statements.) The formulation is inspired / copied from the OpenEmbedded build tool, bitbake.
2015-12-07 Use shellwords for nix-shell shebangBrian McKenna1-1/+2
Previously we can't have quoted arguments. This now allows us to use things like `ghcWithPackages`
2015-12-02 daemon: Add 'buildMode' parameter to 'buildPaths' RPCLudovic Courtès3-5/+20
2015-12-02 Use deterministic $TMPDIR in sandboxEelco Dolstra1-28/+36
Rather than using $<host-TMPDIR>/nix-build-<drvname>-<number>, the temporary directory is now always /tmp/nix-build-<drvname>-0. This improves bitwise-exact reproducibility for builds that store $TMPDIR in their build output. (Of course, those should still be fixed...)
2015-11-25 Use DT_UNKNOWN when dirent d_type extension is not supported.Danny Wilson1-5/+1
edolstra: “…since callers of readDirectory have to handle the possibility of DT_UNKNOWN anyway, and we don't want to do a stat call for every directory entry unless it's really needed.”
2015-11-25 Merge branch 'auto-call-functor'Shea Levy1-0/+11
autoCallFunction now auto-calls functors
2015-11-25 autoCallFunction: Auto-call functorsShea Levy1-0/+11
2015-11-25 Merge pull request #617 from Preston4tw/patch-1Eelco Dolstra1-0/+1
Update nix.spec.in
2015-11-25 Set default binary-caches-parallel-connections to 25Eelco Dolstra2-2/+2
Some benchmarking suggested this as a good value. Running $ benchmark -f ... -t 25 -- sh -c 'rm -f /nix/var/nix/binary-cache*; nix-store -r /nix/store/x5z8a2yvz8h6ccmhwrwrp9igg03575jg-nixos-15.09.git.5fd87e1M.drv --dry-run --option binary-caches-parallel-connections <N>' gave the following mean elapsed times for these values of N: N=10: 3.3541 N=20: 2.9320 N=25: 2.6690 N=30: 2.9417 N=50: 3.2021 N=100: 3.5718 N=150: 4.2079 Memory usage is also reduced (N=150 used 186 MB, N=25 only 68 MB). Closes #708.
2015-11-25 Fix Ubuntu/Debian/Fedora buildsEelco Dolstra1-3/+3
2015-11-25 Merge branch 'p/sandbox-rename-minimal' of https://github.com/vcunat/nixEelco Dolstra4-29/+62
2015-11-25 Remove sandboxProfile from release.nixEelco Dolstra1-4/+0
There is really no conceivable reason why building Nix would need access to the host's nix.conf. If it does, it's a bug, and we should fix that instead.