Age | Commit message (Collapse) | Author | Files | Lines |
|
I hate to make this such a large check but the lack of documentation means we really have no idea what's allowed. All of them reported so far have been within ".app/Contents" directories. That appears to be a safe starting point. However, I would not be surprised to also find more paths that are disallowed for instance in .framework or .bundle directories.
Fixes #2031
Fixes #2229
|
|
This makes 'nix copy' and 'nix path-info' work on .drv store
paths. Removing special treatment of .drv files seems the most
future-proof approach given the possible removal of .drv files in the
future.
Note that 'nix build' will still build (rather than substitute) .drv
paths due to the unfortunate overloading in Store::buildPaths().
|
|
This makes 'nix copy --to /mnt /nix/store/bla.drv' work.
|
|
The former is removed in C++17.
|
|
EvalState contains a few counters (e.g. nrValues) that increase
quickly enough that they end up being interpreted as pointers by the
garbage collector. Moving it to the heap makes them invisible to the
garbage collector.
This reduces the max RSS doing 100 evaluations of
nixos.tests.firefox.x86_64-linux.drvPath from 455 MiB to 292 MiB.
Note: ideally, allocations would be much further up in the 64-bit
address space to reduce the odds of an integer being misinterpreted as
a pointer. Maybe we can use some linker magic to move the .bss segment
to a higher address.
|
|
This makes it possible to build with -DGC_DEBUG.
|
|
This reduces the risk of object liveness misdetection. For example,
Glibc has an internal variable "mp_" that often points to a Boehm
object, keeping it alive unnecessarily. Since we don't store any
actual roots in global variables, we can just disable data segment
scanning.
With this, the max RSS doing 100 evaluations of
nixos.tests.firefox.x86_64-linux.drvPath went from 718 MiB to 455 MiB.
|
|
|
|
This prevents EvalState::resetFileCache() from parsing everything all
over again.
|
|
|
|
Fix #2162: use getaddrinfo instead of curl to preload NSS
|
|
|
|
libstore/gc.cc: ignore ESRCH when reading /proc
|
|
If a process disappears between the time /proc/[pid]/maps is opened and
the time it is read, the read() syscall will return ESRCH. This should be ignored.
|
|
tests: more robust check for user namespaces availability (canUseSand…
|
|
manual: builtins.fromJSON: remove the claim that floats are not allowed
|
|
floating-point numbers are supported now, including the fromJSON
builtin. Reported on IRC by inquisitiv3
|
|
|
|
use debug instead of printTalkative to avoid spamming hydra queue-runner
|
|
runner logs.
|
|
|
|
Dockerfile: 2.0.4
|
|
|
|
Issue https://github.com/NixOS/nix/issues/2165
|
|
|
|
|
|
|
|
|
|
|
|
I'm not sure if curl ever asks for enough data at once
for truncation to occur but better safe than sorry.
|
|
Don't say "download" when we mean "upload".
|
|
Note: this means that for those doing 'curl | sh', you can now pin a
specific version, e.g.
curl https://nixos.org/releases/nix/nix-2.0.4/install | sh
https://nixos.org/nix/{install,install.sig} are now just symlinks to
the corresponding files in the latest release directory.
|
|
Implement --delete-generations + flag for keeping last N number of gens
|
|
|
|
|
|
|
|
|
|
Nix profile & installation: handle set -u installations
|
|
|
|
If the profile is sourced inside a script with `set -u`, the check for
__ETC_PROFILE_NIX_SOURCED and NIX_SSL_CERT_FILE would raise an error.
A simple guard around this check allows the script to operate under
standard environments (where it is fairly reasonable to assume USER
and HOME are set.)
|
|
Explain fetchTarball timeout behavior in the doc
|
|
|
|
|
|
|
|
E.g.
nix-build --store ~/my-nix/ -E 'import <nix/fetchurl.nix> { url = https://cache.nixos.org/nar/0nwi996rgq4b914qyx0mv2wq4k80hjac7xilikavagw7kxmn2iiv.nar.xz; sha256 = "0nwi996rgq4b914qyx0mv2wq4k80hjac7xilikavagw7kxmn2iiv"; }'
now runs in 17 MiB (was 70 MiB), while
nix-build --store ~/my-nix/ -E 'import <nix/fetchurl.nix> { url = https://cache.nixos.org/nar/0nwi996rgq4b914qyx0mv2wq4k80hjac7xilikavagw7kxmn2iiv.nar.xz; sha256 = "0d2fxljdih3nc5dqx41hjzic3141ajil94m8kdbpryq569dpsbvb"; unpack = true; }'
runs in 17 MiB (was 346 MiB).
|
|
|
|
This reduces memory consumption of
nix copy --from https://cache.nixos.org --to ~/my-nix /nix/store/95cwv4q54dc6giaqv6q6p4r02ia2km35-blender-2.79
from 176 MiB to 82 MiB. (The remaining memory is probably due to xz
decompression overhead.)
Issue https://github.com/NixOS/nix/issues/1681.
Issue https://github.com/NixOS/nix/issues/1969.
|
|
This reduces memory consumption of
nix copy --from file://... --to ~/my-nix /nix/store/95cwv4q54dc6giaqv6q6p4r02ia2km35-blender-2.79
from 514 MiB to 18 MiB for an uncompressed binary cache, and from 192
MiB to 53 MiB for a bzipped binary cache. It may also be faster
because fetching can happen concurrently with decompression/writing.
Continuation of 48662d151bdf4a38670897beacea9d1bd750376a.
Issue https://github.com/NixOS/nix/issues/1681.
|
|
|
|
|