| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2015-11-21 | Revert "remove sandbox-defaults.sb" | Shea Levy | 2 | -0/+64 | |
| As discussed in NixOS/nixpkgs#11001, we still need some of the old sandbox mechanism. This reverts commit d760c2638c9e1f4b8cd9b4ec90d68bf0c76a800b. | |||||
| 2015-11-19 | re-fix permissions for GHC | Jude Taylor | 1 | -2/+5 | |
| 2015-11-19 | Merge branch 'sandbox-profiles' of git://github.com/pikajude/nix | Shea Levy | 7 | -88/+56 | |
| Temporarily allow derivations to describe their full sandbox profile. This will be eventually scaled back to a more secure setup, see the discussion at #695 | |||||
| 2015-11-19 | Merge pull request #707 from peti/master | Eelco Dolstra | 1 | -1/+1 | |
| src/libstore/build.cc: clarify error message for hash mismatches | |||||
| 2015-11-19 | src/libstore/build.cc: clarify error message for hash mismatches | Peter Simons | 1 | -1/+1 | |
| Nix reports a hash mismatch saying: output path ‘foo’ should have sha256 hash ‘abc’, instead has ‘xyz’ That message is slightly ambiguous and some people read that statement to mean the exact opposite of what it is supposed to mean. After this patch, the message will be: Nix expects output path ‘foo’ to have sha256 hash ‘abc’, instead it has ‘xyz’ | |||||
| 2015-11-17 | Merge pull request #1 from shlevy/sandbox-profiles | Jude Taylor | 3 | -5/+24 | |
| Use AutoDelete for sandbox profile file | |||||
| 2015-11-16 | Default arguments belong at declaration, not definition | Shea Levy | 1 | -1/+1 | |
| 2015-11-16 | Fix copy-paste error | Shea Levy | 1 | -1/+1 | |
| 2015-11-16 | AutoDelete: Add default constructor with deletion disabled | Shea Levy | 3 | -1/+11 | |
| 2015-11-15 | Use AutoDelete for sandbox profile file | Shea Levy | 1 | -5/+14 | |
| 2015-11-14 | simplify build.cc using modern C++ features | Jude Taylor | 1 | -33/+31 | |
| 2015-11-14 | simplify build permissions | Jude Taylor | 2 | -17/+6 | |
| 2015-11-14 | remove sandbox-defaults.sb | Jude Taylor | 2 | -64/+0 | |
| 2015-11-14 | update sandbox profiles within nix | Jude Taylor | 2 | -4/+19 | |
| 2015-11-14 | use per-derivation sandbox profiles | Jude Taylor | 1 | -28/+39 | |
| 2015-11-10 | Fix bad characters in "copying 7 missing paths from ..." | Eelco Dolstra | 1 | -0/+1 | |
| 2015-11-09 | Add option to verify build determinism | Eelco Dolstra | 3 | -12/+76 | |
| Passing "--option build-repeat <N>" will cause every build to be repeated N times. If the build output differs between any round, the build is rejected, and the output paths are not registered as valid. This is primarily useful to verify build determinism. (We already had a --check option to repeat a previously succeeded build. However, with --check, non-deterministic builds are registered in the DB. Preventing that is useful for Hydra to ensure that non-deterministic builds don't end up getting published at all.) | |||||
| 2015-11-09 | Revert "Allow using /bin and /usr/bin as impure prefixes on non-darwin by ↵ | Eelco Dolstra | 1 | -1/+1 | |
| default" This reverts commit 79ca5033329053caa364bb2f7e50953f859cc97f. Ouch, never noticed this. We definitely don't want to allow builds to have arbitrary access to /bin and /usr/bin, because then they can (for instance) bring in a bunch of setuid programs. Also, we shouldn't be encouraging the use of impurities in the default configuration. | |||||
| 2015-11-09 | optimizePath(): Detect some .links corruption | Eelco Dolstra | 1 | -2/+9 | |
| If automatic store optimisation is enabled, and a hard-linked file in the store gets corrupted, then the corresponding .links entry will also be corrupted. In that case, trying to repair with --repair or --repair-path won't work, because the new "good" file will be replaced by a hard link to the corrupted file. We can catch most of these cases by doing a sanity-check on the file sizes. | |||||
| 2015-11-09 | Fix namespace issue | Eelco Dolstra | 1 | -2/+2 | |
| 2015-11-08 | Merge branch 'libsystem-darwin-only' | Shea Levy | 1 | -2/+2 | |
| Only require libsystem on darwin | |||||
| 2015-11-08 | Only require libsystem on darwin | Shea Levy | 1 | -2/+2 | |
| Fixes #688 | |||||
| 2015-11-04 | Merge branch 'master' of https://github.com/pikajude/nix | Shea Levy | 1 | -2/+6 | |
| > I made this change for two reasons: > 1. Darwin's locale data doesn't appear to be open source > 2. Privileged processes will always use /usr/share/locale regardless of environment variables | |||||
| 2015-11-04 | Support SHA-512 hashes | Eelco Dolstra | 6 | -17/+30 | |
| Fixes #679. Note: on x86_64, SHA-512 is considerably faster than SHA-256 (198 MB/s versus 131 MB/s). | |||||
| 2015-11-04 | Require OpenSSL | Eelco Dolstra | 11 | -1759/+3 | |
| 2015-11-03 | fix syntax error | Jude Taylor | 1 | -1/+1 | |
| 2015-11-03 | darwin: allow reading system locale and zoneinfo | Jude Taylor | 1 | -2/+6 | |
| 2015-11-01 | Merge https://github.com/pikajude/nix | Shea Levy | 1 | -1/+2 | |
| > As far as I can tell, the CoreFoundation function CFNumberFormatterCopyProperty segfaults if the > directory added in this pull request is not readable. This change allows openjdk-darwin to build in > the sandbox. | |||||
| 2015-10-31 | allow reading ICU data | Jude Taylor | 1 | -1/+2 | |
| 2015-10-31 | Merge branch 'master' of git://github.com/pikajude/nix | Shea Levy | 1 | -1/+4 | |
| @pikajude: "This is required for perlPackages.IOTty and, by extension, mosh" | |||||
| 2015-10-30 | add special devices to sandbox-defaults | Jude Taylor | 1 | -1/+4 | |
| 2015-10-31 | Fix tarball build | Eelco Dolstra | 1 | -1/+1 | |
| Fixes #671. | |||||
| 2015-10-30 | <nix/fetchurl.nix>: Support xz-compressed NARs | Eelco Dolstra | 7 | -2/+80 | |
| 2015-10-30 | <nix/fetchurl.nix>: Support downloading and unpacking NARs | Eelco Dolstra | 4 | -16/+46 | |
| This removes the need to have multiple downloads in the stdenv bootstrap process (like a separate busybox binary for Linux, or curl/mkdir/sh/bzip2 for Darwin). Now all those files can be combined into a single NAR. | |||||
| 2015-10-29 | int2String() -> std::to_string() | Eelco Dolstra | 9 | -24/+17 | |
| 2015-10-26 | Merge branch 'emacs-mode-keywords' of https://github.com/pSub/nix | Eelco Dolstra | 1 | -10/+10 | |
| 2015-10-26 | Merge pull request #667 from Ericson2314/mk-dist | Eelco Dolstra | 2 | -2/+5 | |
| Don't depend on .git/ when generating source tarball V2 | |||||
| 2015-10-26 | Merge pull request #668 from svanderburg/master | Eelco Dolstra | 1 | -0/+1 | |
| Fix compilation error due to missing ENOENT on cygwin | |||||
| 2015-10-21 | resolve-system-dependencies.pl: Simplify union impl | Shea Levy | 1 | -8/+2 | |
| Patch by @pikajude | |||||
| 2015-10-21 | use nixDataDir instead of appending /share to PREFIX | Jude Taylor | 1 | -1/+1 | |
| 2015-10-21 | revert libutil change | Jude Taylor | 1 | -5/+4 | |
| 2015-10-21 | clarifying comment | Jude Taylor | 1 | -1/+5 | |
| 2015-10-21 | move preBuildHook defaulting to globals.cc | Jude Taylor | 2 | -7/+5 | |
| 2015-10-21 | restore old DEFAULT_ALLOWED_IMPURE_PREFIXES | Jude Taylor | 1 | -1/+1 | |
| 2015-10-21 | appropriately handle lock acquisition failures in resolve-system-dependencies.pl | Jude Taylor | 1 | -2/+7 | |
| 2015-10-21 | now that resolve-system-dependencies exists, remove redundant impureHostDeps ↵ | Jude Taylor | 1 | -7/+0 | |
| from buildenv | |||||
| 2015-10-21 | Add resolve-system-dependencies.pl | Jude Taylor | 5 | -1/+150 | |
| 2015-10-21 | remove usr paths from allowed inputs | Jude Taylor | 1 | -2/+0 | |
| 2015-10-21 | allow access to SystemVersion for python builders | Jude Taylor | 1 | -0/+1 | |
| 2015-10-21 | fix line reading in preBuildHook | Jude Taylor | 1 | -1/+1 | |
 |
depot | |
| monorepo for the virus lounge | The Virus Lounge |
| about summary refs log tree commit diff |