Age | Commit message (Collapse) | Author | Files | Lines |
|
Main motivation for this is to get the openldap update that fixes
10 CVEs: CVE-2020-36221 to including CVE-2020-36230. See also this
issue which lists them all: https://github.com/NixOS/nixpkgs/issues/113490
Someone should also redeploy whitby as soon as this lands in canon and
all build failures have been fixed.
Things done to resolve upstream breakages:
* grpc no longer takes abseil-cpp as an input, it has also been removed
in the override.
* Upgrade glittershark's kernel to 5.11 since the linuxPackages_5_9
attribute has been removed by upstream and the patch used by them is
available for 5.11 as well.
* The fixed output hash for third_patry.apereo-cas changed for some reason.
* Remove the pin of haskellPackages.vector from the haskell overlay. It
broke as the most recent version of vector in nixos-unstable no longer
depends on semigroups. This effectively updates vector from 0.12.1.2
to 0.12.2.0.
* Align two comments in tvix/libstore/worker-protocol.hh because the
updated clang-format now demands that.
Change-Id: I2ecf10a98de935e9222acf1feaea447d4c11ed2d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2538
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Change-Id: I4c10e36250aa112d2dd0cebf4ed41e0b6fd8182d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2539
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
|
|
Was messing around with serde and trying to build serde_json something,
might as well commit this.
Change-Id: I60f87aa3180f750fa171eca7f9c375ed053f8456
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2537
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Nix unfortunately has terrible escaping syntax: If something is an
escape sequence it does not know, like \0, it just swallows the
backslash and returns the second character (byte) as is (yes,
"\0" == "0" is true). This created the following bug in nixFileName
which should have resulted in at least a parse error: "(.*)\.nix" is
the same as "(.*).nix" which meant that nixFileName matched anything
that is at least 4 characters long and ends in "nix". This lead to
readTree creating double attributes when directories are involved or
attributes for non-nix files.
Change-Id: Ibf3be2bd189d48881c82ee795c50151bfb365627
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2535
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
|
|
This adds a trivial test case on the transitive lib in tests and builds
it by wrapping in with testRustSimple. This should check:
* testRustSimple doesn't change the output and other packages can just
use it as a normal dependency
* tests are built and executed
Change-Id: Ia4ea7425432b8b0da09f63054f51f0c480300aa4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2531
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
The rust tests are now automatically built and run if
users.Profpatsch.netencode-rs is built without changing the content of
its output. users.Profpatsch.netencode-rs-tests has been removed in
favor of this, but can still be accessed as
builtins.head users.Profpatsch.netencode.netencode-rs.drvDeps
Change-Id: I25e8191f5b9efa08ace4a584a75978565c79d8d0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2530
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
testRustSimple is intended to wrap rustSimpleLib and rustSimpleBin and
theoretically pkgs.buildRustCrate with { buildTests = false; } while
building and running their tests, making them fail if the tests don't
succeed.
This is implemented using nix.drvSeqL which is a perfect fit here:
* { buildTests = true; } only returns an output with the test binaries
and does not actually run the tests. With drvSeqL we can easily wrap
this derivation.
* { buildTests = true } doesn't contain anything other derivations want
to depend on, so it is an derivation output we don't want to have.
drvSeqL hides the tests derivation away and only requires us to build
it once.
* Usually drvSeqL has the issue that tests (or advantage) are not rebuilt
if the test derivation changes. This is no question in this case as
due to the embedded nature of Rust's test, both the derivation with
and without tests change anyways regardless of which part was changed.
Future work: Allow injecting other tests?
Change-Id: If6ecfb3a360ce059320dbb05642b391b617aede7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2529
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
This adds the star of NixCon 2017 from vuizvui, slightly reformatted and
now using yants. While it has some flaws, I realized that it is ideal to
run the tests of rustSimple{Lib,Bin} where the normal and the -tests
variant would have to be rebuilt if either the tests or the library /
executable itself changes.
Change-Id: Ie8f84f98c51c9fafc046eff916c8f0df7e8f224b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2528
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
We forgot the special casing of derivations; if we recurse into a
derivation like we’d recurse into an attrset, it always ends in tears,
so dwim will just print the derivation path instead, which is usually
what you want anyway.
Change-Id: Ieed1b68dfcf8f2925ee3a75ae4f460fa5081da28
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2526
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
|
|
eprintenv is a debugging tool, as such the code should probably not
crash when the environment variable we want to look at is missing.
But we can print a warning instead.
Change-Id: I41a24dc0c1cc488587563b85c1adbd089dd364f2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2525
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Change-Id: I7393f60e4b29f24399d681d4546ac35140650d1a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2524
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
The headers are not a scalar, so record-splice-env doesn’t know how to
convert them to an envvar; let’s just ignore everything that can’t be
converted to a scalar for now.
Change-Id: I74ed0aa942fcd26beb058705830bc2f2b516e93e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2523
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Tries to decode the inner type, turning it into an Option.
Change-Id: I29d1286fe873c28d7c4a4b71f220acaf2d23f8e1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2522
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Small helper that empties out the environment, except for the given
list of variables.
Change-Id: I5e265496aaa5c248136318aa1c6cd91a67d3f028
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2506
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Some programs need an exact amount of arguments, and we want to fail
if they get too many or not enough.
Change-Id: Ic703949f38780718f26118b896e7c7d7aa5553d9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2504
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Some programs don’t need any arguments, so fail if they do get them,
because that’s usually a bug.
Change-Id: I28639056d3d9cea0cc0e7fcbfa42120c4f129c8c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2503
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Projecting into one record field of netencode given on stdin.
Change-Id: I975bd5558a06988aa159156ca73a449710db983f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2502
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
arglib should remove its arguments after reading it, to prevent them
from leaking to any child processes.
Change-Id: Ifc107b1620b8e407bad6b3d0ad7f4728856ec2ba
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2501
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Change-Id: If20a91eaa6693ba35ce645b104c625dbd0c71726
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2500
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
By using an extremely trivial derivation we can ensure that it will not
throw if evaluated using deepSeq. When using stdenv.mkDerivation or
similar at some point something will most likely throw or generate some
kind of error which is alright in the context of nixpkgs, but makes
testing yants harder than you'd think it should be.
Change-Id: I61ff7dc01a00a4815ef39066e4e223123356ddd5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2507
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
Change-Id: If5b8096cb693d96936f9b954e2ebe3dc9b63af66
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2521
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
Change-Id: Ia0be95e2618aeb4f8d394a8e3602c73faec0d72f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2508
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
Port existing tests to runTestsuite and add some obvious additional
tests that wouldn't be possible before (using assertThrows and
assertEq).
Change-Id: Ibe950a7a0cda3e23ebb226bdff35f52cdfec5ddf
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2479
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: tazjin <mail@tazj.in>
|
|
assertDoesNotThrow is like assertThrows, but fails if the expression
throws. In that case the new unexpected-throw branch of AssertErrorContext
is returned.
Change-Id: I7195eb5df8965456e9ab9b69e35ec96b33f00a35
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2476
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Refactor assertEq and assertThrows to be implemented in terms of a more
generic assertBool to reduce code duplication and ease adding new assert
types.
To preserve meaningful error messages AssertResult is changed slightly:
nope-eq and nope-throw have been replaced by a single nope branch which
contains an AssertErrorContext which contains error information. To
implement an assert assertBoolContext (which is not exposed) can be
used: It takes an AssertErrorContext which is returned in case of an
error and a boolean determining whether the assert was successful.
The currently possible AssertErrorContext are:
* should-throw: error result of assertThrows, formerly nope-throw
* not-equal: error result of assertEq, formerly nope-eq
Change-Id: Ifd6b3aa4187c90c3add2df63fa7c906c8f03fd2d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2473
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
\o/
Change-Id: I4cc93ccc834bee4301ae6369e53f65ab975d4ea9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2505
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Interestingly, the code is not any shorter, but a lot more
declarative, and all parsing footwork and error message generation is
done by the `Decoder` trait. \o/
Change-Id: Idb1064a3b5198e38e06e1860d4d71054ae53bbb9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2499
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
`Text` and `Binary` should be self-explaining, they just match on the
primitive and throw an error otherwise.
OneOf is cool, because it allows the user to match on the
result type of decoding `inner`, and give a list of values that should
be allowed as the result type (the associated type `A` in the
`Decoder` trait).
Change-Id: Ia252e25194610555c17c37640a96953142f0a165
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2498
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Shouldn’t use the netstring function, since that adds the length of
the containing string, which doesn’t make sense for numbers, they just
have their one length number and content.
Change-Id: I5591f6dd59154c5ef38d6e9b7300d19884a2d57b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2497
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Change-Id: I3056385eb11e45ae13456f4c47052651ba5fb62f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2496
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
This fell out of us moving the `U::List` to a `Vec`.
I noticed that now we have deep recursion for `U`s, which originally
wasn’t intended; reverting to contain `&[u8]` might be a good
experiment, as long as the lists stay a `Vec<&'a [u8]`, which was the
thing preventing us from parsing lists without allocating memory.
Change-Id: I4900c5dea460fa69a78ce0dbed5708495af5d2e1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2495
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
`dec::RecordDot` accesses a specific field of a netencode record.
In order to implement this, either we’d have to introduce a type-level
string, but in all honesty this kind of typelevel circlejerking never
leads anywhere, so let’s change the trait to use `&self` after all.
Usage is pretty much the same, except actually more like you’d expect.
Change-Id: I5a7f1a3f587256c50df1b65c2969e5a7194bba70
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2494
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Change-Id: I3037882dff15243bd7a5c1c78331f8e2ffdbda84
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2493
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
|
|
Since we don’t necessarily need to decode deeply, we can make the
decoders take a `U` instead of a `T`.
Change-Id: I9704a21edb3922d58411e6807d027d684b18d390
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2492
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Also change the toplevel `encode()` to take a `&U` instead of an owned
`U`.
Change-Id: I8e51540cc531e70ae1c94e3676f4dd88da7a924d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2491
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
`U::Record` is required to be a hash map (later keys should be
ignored), so why not do the hash map immediately.
This surfaced a problem with read-http, because duplicate headers in
http are possible, but before they’d be silently ignored.
Now we merge them into a `U::List` in case, to be handled by
consumers of read-http.
Change-Id: Ifd594916f76e5acf9d08e705e0dec2c10a0081c9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2490
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
We expect the users to pass an actual prog, not an argv, so 0 is the
program to exec into.
Also improve the exec error, by including the program we tried to exec
into (the rust IO error doesn’t contain the name).
Change-Id: I664f9f717e4f82bfc1b1da3bd7114124b7582d5f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2489
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
|
|
Earlier we left the next level of values unencoded, since lists are
just concatenated netencode values. But I noticed that you can’t write
e.g. a `t_to_u` function, because only in the case of lists you need
to allocate memory.
Turns out that if we read the next level of values, everything is
handled the same as in `Record` and things suddenly start working.
We can also throw away some of the strange and ad-hoc parser helpers
we needed before, `skip` and `list_take`, since now those are just
normal `Vec::iter().skip()` and take.
Change-Id: Ibc476e028102944a65c2b64621047086cfc09aa5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2488
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
|
|
Since `Text` is a scalar, it doesn’t make sense to delay the utf-8
verification to the consumer.
Change-Id: I36e4d228fbf35374d7c1addb4b24828cf6e927e5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2478
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
The ciBuilds attribute seems to no longer exist and it breaks the
evaluation of the config attribute. It's only appearance was in
besadii which doesn't actually use the attribute.
Removing the ciBuilds inherit fixes these issues.
Change-Id: Ibbf3413ba6efe10ad868cf57cf0711d574860f97
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2487
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
a044a870849d03b3a71df17e589112e0c228a06e removed boxes in T::List, but
the tests were not adjusted accordingly.
Seems like netencode fell victim to CI not recursing into attrsets not
generated by readTree in pipeline generation.
Change-Id: I65d58a82881059983f7d6bc7a32263c6671ccbba
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2486
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
|
|
Seems like 5d44df3af65767e731c0dd239bd1d9664edbb361 forgot to add the
newly split out crate to the dependencies of netencode_mustache.
CI didn't pick up on it since it is hidden away from readTree in an
attrset in a file.
Change-Id: I7df9a636d849de48a99562d1cda8c0e6765f4781
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2485
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Change-Id: If9dcd8e39f416c11460e66454df9f53096691699
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2484
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
Nix internally differentiates between lambdas and primops, but their
type in the nix expression language is the same (lambda). The
implementation of builtins.functionArgs only checks if the given
expression is of type tLambda and fails if the type is tPrimop or
tPrimopApp which are also functions. This most notably breaks
lib.generators.toPretty when called on a builtin making for example
yants fail if a primop is typechecked and an error message is
generated.
This fix generates an empty set for primops like for plain lambdas
and is based upstream commit b2748c6e99239ff6803ba0da76c362790c8be192.
Additionally we add to two tests:
* eval-okay-functionargs now includes a few test cases checking that
builtins.functionArgs always returns an empty set for builtins and
also works as expected for normal functions.
* eval-okay-types now also checks if builtins are functions.
Future work would be to make builtins.functionArgs work as users would
expect for builtins like builtins.fetchurl, builtins.fetchGit etc. which
take a set as an argument. These currently don't register as formal
arguments, but it would be an usability improvement at least if they
did.
See also https://github.com/NixOS/nix/pull/3626#issuecomment-698546704
Change-Id: I2bf4cb80d44a4b72ade13d3e0dbd7dfb1d049f32
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2477
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: glittershark <grfn@gws.fyi>
|
|
Once again the sha256 of the fetchgit fixed output derivation for check
changed which was brought to light by the recent GC on whitby.
Change-Id: Ib3c3b5b489717ac6d73631282f27e4363d4ac5c1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2481
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
There is this semantic exit code schema championed by execline and
skaware tooling, and we refined and documented it a bit in lorri
https://github.com/nix-community/lorri/blob/d1d673d42090f0cfe8ab9b92b465315a9e7d30a3/src/ops/mod.rs#L24-L35
in the past.
This just transcribes the error messages into simple helper functions.
Applies the functions to the places where we would panic or die
`sys::exit()` instead.
Change-Id: I15ca05cd6f99a25a3378518be94110eab416354e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2475
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
`exec_into_args` would just read argv and exec into it, but we want to
be able to write commands which take some positional arguments first.
Thus we split the invocation into `args_for_exec`, which returns the
positional arguments and prog, and then pass prog to `exec_into_args`
when we want to exec eventually (prog is still an iterator at this
point).
Change-Id: I0b180c1a100b96363fe33ba2c42034ed41716b7a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2474
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
There might be exploits since we parsed the headers as utf8 even
though we actually want to interpret them as ASCII.
This fixes it, by using the ascii crate.
Thanks to @sterni for noticing.
Change-Id: I50b6a588d99b34e677cb22968cf0dfd8b331d11c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2457
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
|
|
Splice a netencode record from stdin into the environment.
Change-Id: I7eac19e18164e070e4463ee431d9b0e955857b9c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2454
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Decoders are implemented not directly on output types, but on trivial
proxy types, so that we can easily combine those into a decoder, and
then the associated type is the actual return value of the decoder.
Change-Id: Ibce98fa09fc944e02ab327112ec7ffbc09815830
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2455
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|