about summary refs log tree commit diff
AgeCommit message (Collapse)AuthorFilesLines
2018-08-03 Support escaping in store URIsEelco Dolstra1-2/+18
2018-08-03 SSHMaster: Bypass SSH when connecting to localhostEelco Dolstra2-7/+16
This is primarily useful for testing since it removes the need to have SSH working.
2018-08-03 LegacySSHStore: Add remote-store optionEelco Dolstra1-1/+4
This is primarily useful for testing, e.g. $ nix copy --to 'ssh://localhost?remote-store=/tmp/nix' ...
2018-08-03 Merge pull request #2327 from NixOS/grahamc-patch-1Eelco Dolstra1-0/+6
2.1 release notes: Add note about s3-compatible stores
2018-08-03 2.1 release notes: Add note about s3-compatible storesGraham Christensen1-0/+6
2018-08-03 Add Nix 2.1 release notesEelco Dolstra2-0/+48
2018-08-03 Merge pull request #2326 from aszlig/fix-symlink-leakEelco Dolstra2-4/+21
Fix symlink leak in restricted eval mode
2018-08-03 Merge pull request #2323 from samueldr/feature/selective-impurityEelco Dolstra3-1/+21
Allows selectively adding environment variables to pure shells.
2018-08-03 Fix symlink leak in restricted eval modeaszlig2-4/+21
In EvalState::checkSourcePath, the path is checked against the list of allowed paths first and later it's checked again *after* resolving symlinks. The resolving of the symlinks is done via canonPath, which also strips out "../" and "./". However after the canonicalisation the error message pointing out that the path is not allowed prints the symlink target in the error message. Even if we'd suppress the message, symlink targets could still be leaked if the symlink target doesn't exist (in this case the error is thrown in canonPath). So instead, we now do canonPath() without symlink resolving first before even checking against the list of allowed paths and then later do the symlink resolving and checking the allowed paths again. The first call to canonPath() should get rid of all the "../" and "./", so in theory the only way to leak a symlink if the attacker is able to put a symlink in one of the paths allowed by restricted evaluation mode. For the latter I don't think this is part of the threat model, because if the attacker can write to that path, the attack vector is even larger. Signed-off-by: aszlig <aszlig@nix.build>
2018-08-02 Allows selectively adding environment variables to pure shells.Samuel Dionne-Riel3-1/+21
Includes documentation and test.
2018-08-02 s3 binary cache: support specifying an endpointGraham Christensen5-8/+33
Works for uploading and not downloading.
2018-08-02 Merge pull request #2322 from samueldr/fix/removes-unused-variableEelco Dolstra1-1/+0
Removes unused variable from `nix-build/nix-shell`
2018-08-01 Removes unused variable from `nix-build/nix-shell`Samuel Dionne-Riel1-1/+0
This particular `shell` variable wasn't used, since a new one was declared in the only side of the `if` branch that used a `shell` variable. It could realistically confuse developers thinking it could use `$SHELL` under some situations.
2018-08-01 Document s3 substitutionsGraham Christensen2-0/+143
2018-07-31 Merge branch 'prim_mapAttr-fix' of https://github.com/volth/nixEelco Dolstra2-8/+3
2018-07-31 Disable rpm_fedora27x86_64Eelco Dolstra1-1/+1
Fedora 27 provides an incompatible version of Boost (1.64.0).
2018-07-31 Fix race downloading into a sinkEelco Dolstra1-6/+8
This fixes 'error 10 while decompressing xz file'. https://hydra.nixos.org/build/78308551
2018-07-31 Add a check for broken Boost versionsEelco Dolstra1-0/+4
In some Boost versions, coroutines don't propagate exceptions properly, causing Nix to fail with the exception 'coroutine has finished'.
2018-07-31 Attempt to fix the RPM buildEelco Dolstra1-10/+10
2018-07-31 Fix RPM buildEelco Dolstra1-1/+1
https://hydra.nixos.org/build/73991153
2018-07-24 Merge pull request #2305 from lheckemann/copy-keep-goingEelco Dolstra1-2/+12
copyPathsToStore: honour keep-going
2018-07-24 copyPathsToStore: honour keep-goingLinus Heckemann1-2/+12
2018-07-23 Merge pull request #2303 from volth/patch-4Eelco Dolstra1-2/+2
parser.y: fix assoc of -> and < > <= >=
2018-07-23 parser.y: right-associativity of ->volth1-1/+1
2018-07-23 Merge pull request #2302 from volth/patch-3Eelco Dolstra1-6/+7
prim_foldlStrict: call forceValue() before value is copied
2018-07-21 parser.y: fix assoc of -> and < > <= >=volth1-2/+2
The parser allowed senseless `a > b > c` but disallowed `a -> b -> c` which seems valid It might be a typo
2018-07-21 prim_foldlStrict: call forceValue() before value is copiedvolth1-6/+7
forceValue() were called after a value is copied effectively forcing only one of the copies keeping another copy not evaluated. This resulted in its evaluation of the same lazy value more than once (the number of hits is not big though)
2018-07-12 nix-prefetch-url: Download file in constant memoryEelco Dolstra1-7/+17
Before: $ command time nix-prefetch-url https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-4.17.6.tar.xz 1.19user 1.02system 0:41.96elapsed 5%CPU (0avgtext+0avgdata 182720maxresident)k After: 1.38user 1.05system 0:39.73elapsed 6%CPU (0avgtext+0avgdata 16204maxresident)k Note however that addToStore() can still take a lot of memory (e.g. RemoteStore::addToStore() is constant space, but LocalStore::addToStore() isn't; that's fixed by https://github.com/edolstra/nix/commit/c94b4fc7ee0c7b322a5f3c7ee784063b47a11d98 though). Fixes #1400.
2018-07-11 Fix build on 32-bit systems and macOSEelco Dolstra1-1/+1
Apparently, on macOS, 'long' != 'int64_t'. https://hydra.nixos.org/build/77100756
2018-07-11 Shup up a warningEelco Dolstra1-1/+1
2018-07-11 Remove unused function printStats2()Eelco Dolstra2-15/+0
Closes #2282.
2018-07-07 prim_map, prim_genList: no need to force function argument which will be ↵volth1-2/+0
stored in mkApp
2018-07-06 prim_mapAttrs: `f' must be evaluated lazily to avoid infinite recursionvolth2-6/+3
2018-07-06 Merge pull request #2250 from dtzWill/feature/repl-progress-bar-buildsEelco Dolstra1-1/+1
repl: use `nix build` for building instead of `nix-store -r`
2018-07-05 Merge pull request #2275 from volth/issue-1776Eelco Dolstra1-5/+5
[bugfix] lib.concatMap and lib.mapAttrs to be builtins
2018-07-05 prim_concatMap: no need to force valuevolth1-1/+0
2018-07-05 prim_mapAttrs: must be lazy to avoid infinite recursionvolth1-4/+5
2018-07-05 Merge pull request #2273 from volth/issue-1776Eelco Dolstra5-0/+60
[wip] lib.concatMap and lib.mapAttrs to be builtins
2018-07-05 prim_concatMap: allocate intermediate list on stackvolth1-7/+15
2018-07-05 primops.cc: fix commentvolth1-1/+1
2018-07-05 lib.concatMap and lib.mapAttrs to be builtinsvolth5-0/+52
2018-07-04 Merge pull request #2268 from dtzWill/fix/search-ux-test-breakEelco Dolstra1-1/+1
tests/search.sh: minor fix to unbreak tests after search ux merge
2018-07-03 tests/search.sh: minor fix to unbreak tests after search ux mergeWill Dietz1-1/+1
2018-07-03 nix-daemon: Respect --storeEelco Dolstra1-3/+7
For example, this allows you to do run nix-daemon as a non-privileged user: eelco$ NIX_STATE_DIR=~/my-nix/nix/var nix-daemon --store ~/my-nix/ The NIX_STATE_DIR is still needed because settings.nixDaemonSocketFile is not derived from settings.storeUri (and we can't derive it from the store's state directory because we don't want to open the store in the parent process).
2018-07-03 Include cpptoml for build simplicityEelco Dolstra4-19/+3476
2018-07-03 Add a fromTOML primopEelco Dolstra4-0/+280
This is primarily useful for processing Cargo.lock files.
2018-07-03 Store floating point numbers in double precisionEelco Dolstra2-1/+2
Even on 32-bit systems, Value has enough space to hold a double.
2018-07-03 Merge pull request #2265 from Ma27/nix-why-depends-pagerEelco Dolstra1-0/+2
nix why-depends: render output into $PAGER
2018-07-03 nix why-depends: render output into $PAGERMaximilian Bosch1-0/+2
2018-07-02 Merge pull request #2158 from Ma27/improve-search-uxEelco Dolstra1-10/+20
search.cc: improve UX for `nix search`
generated by cgit-pink 1.4.1 (git 2.44.2) at 2024-11-23T20·37+0000