Age | Commit message (Collapse) | Author | Files | Lines |
|
In a daemon-based Nix setup, some options cannot be overridden by a
client unless the client's user is considered trusted.
Currently, if an untrusted user tries to override one of those
options, we are silently ignoring it.
This can be pretty confusing in certain situations.
e.g. a user thinks he disabled the sandbox when in reality he did not.
We are now sending a warning message letting know the user some options
have been ignored.
Related to #1761.
|
|
Minor typo
|
|
|
|
|
|
Add .github/FUNDING.yml
|
|
|
|
release-common: fix build with `config.allowAliases = false`
|
|
```sh
> nix build -f release.nix build.x86_64-linux
error: undefined variable 'docbook5_xsl' at /vcs/nix/release-common.nix:45:7
```
|
|
Replace `type` with `command -v` in install script
|
|
In POSIX sh, `type` is undefined.
cf. https://pubs.opengroup.org/onlinepubs/9699919799/utilities/command.html#tag_20_22_04
|
|
cpptoml now parses almost all examples from the spec.
|
|
Turns out we were mis-parsing single-quoted attributes, e.g. 'key2'.
|
|
|
|
|
|
|
|
doc: clarify that optional attrs in a function argument will be ignored unless specified
|
|
unless specified
In `args@{ a ? 1 }: /* ... */` the value `a` won't be a part of `args`
unless it's specified when calling the function, the default value will
be ignored in this case.
My personal point of view is that this behavior is a matter of taste, at
least I was pretty sure that unmatched arguments will be a part of
`args@` while debugging some Nix code last week.
I decided to add a warning to the docs which hopefully reduces the
confusion of further Nix developers who thought the same about `args@`.
|
|
progress-bar: hide expected if expected is 0 (unknown)
|
|
Sync NIX_PROFILES between single-user and multi-user modes
|
|
(cherry picked from commit cbfdea685764bf66443a999e672656c54289b8c9)
|
|
See commit 1bffd83e1a9
|
|
This is now autodetected. There is no need to put it in the profile.
|
|
When we are in single user mode, we still want to have access to
profiles. This way things in Nixpkgs that rely on them getting set
accurately are done in both cases. The point where I hit this is with
using aspell which looks in NIX_PROFILES:
https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/libraries/aspell/default.nix
Before this patch, NIX_PROFILES was never set in single user mode!
This corrects that.
|
|
nix: Add --print-build-logs flag
|
|
This causes 'nix' to print build log output to stderr rather than
showing the last log line in the progress bar. Log lines are prefixed
by the name of the derivation (minus the version string), e.g.
binutils> make[1]: Leaving directory '/build/binutils-2.31.1'
binutils-wrapper> unpacking sources
binutils-wrapper> patching sources
...
binutils-wrapper> Using dynamic linker: '/nix/store/kr51dlsj9v5cr4n8700jliyz8v5b2q7q-bootstrap-stage0-glibc/lib/ld-linux-x86-64.so.2'
bootstrap-stage2-gcc-wrapper> unpacking sources
...
linux-headers> unpacking sources
linux-headers> unpacking source archive /nix/store/8javli69jhj3bkql2c35gsj5vl91p382-linux-4.19.16.tar.xz
|
|
Fixes #2709.
|
|
https://hydra.nixos.org/build/93359951
|
|
build: move needsHashRewrite initialization to startBuilder
|
|
build: run diff-hook under --check and document diff-hook
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The value of useChroot is not set yet in the constructor, resulting in
hash rewriting being enabled in certain cases where it should not be.
Fixes #2801
|
|
Sometimes, "expected" can be "0", but in fact means "unknown".
This is for example the case when downloading a file while the http
server doesn't send the `Content-Length` header, like when running `nix
build` pointing to a nixpkgs checkout streamed from GitHub:
⇒ nix build -f https://github.com/NixOS/nixpkgs/archive/master.tar.gz hello
[1.8/0.0 MiB DL] downloading 'https://github.com/NixOS/nixpkgs/archive/master.tar.gz'
In that case, don't show that weird progress bar, but only the (slowly
increasing) downloaded size ("done").
⇒ nix build -f https://github.com/NixOS/nixpkgs/archive/master.tar.gz hello
[1.8 MiB DL] downloading 'https://github.com/NixOS/nixpkgs/archive/master.tar.gz'
This commit also updates fmt calls with three numbers (when something is
currently 'running' too) - I'm not sure if this can be provoked, but
showing "0" as expected doesn't make any sense, as we're obviously doing
more than nothing.
|
|
This prevents spurious syscalls like
25011 lstat("/home/eelco/with import <nixpkgs> { }; (pkgs.runCommandCC or pkgs.runCommand) \"shell\" { buildInputs = [ (hello) ]; } \"\"", 0x7ffe9c67f580) = -1 ENOENT (No such file or directory)
|
|
installer: update macOS version check to 10.12.2
|
|
manual: "Nix Package collection" -> "Nixpkgs package collection".
|
|
|
|
findRootsNoTemp: fixes comment about findRuntimeRoots
|
|
See:
https://github.com/NixOS/nix/commit/7becb1bf1c2ec1544a5374580a97b36273506baf#r33450554
|
|
Add builtins.hashFile
|
|
For text files it is possible to do it like so:
`builtins.hashString "sha256" (builtins.readFile /tmp/a)`
but that doesn't work for binary files.
With builtins.hashFile any kind of file can be conveniently hashed.
|
|
To determine which seccomp filters to install, we were incorrectly
using settings.thisSystem, which doesn't denote the actual system when
--system is used.
Fixes #2791.
|
|
install script: don't abort when "nix-channel --update" fails
|