about summary refs log tree commit diff
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2017-11-24 fetchGit: Ignore tarballTtl if rev is set and not in the repo.Shea Levy1-24/+35
Fixes #1697.
2017-11-21 fetchGit/fetchMercurial: Fix directory inclusion checkEelco Dolstra2-4/+6
E.g. the existence of .gitignore would cause .git to be included.
2017-11-21 Propagate flags like --sandbox to the daemon properlyEelco Dolstra3-6/+12
2017-11-20 nix eval --raw: Use coerceToString()Eelco Dolstra1-2/+6
Thus, $ nix eval --raw '("foo")' foo $ nix eval --raw nixpkgs.hello /nix/store/1y6ckg6khrdsvll54s5spcmf3w6ka9k4-hello-2.10 $ nix eval --raw '(/etc/resolv.conf)' /nix/store/vml92ama92i8mz013nny461mlvg8mvap-resolv.conf
2017-11-20 nix run: Fix "flag '--command' requires 2 argument(s)"Eelco Dolstra1-1/+1
2017-11-20 nix run: Fix accidental removal of /nix/store existence checkEelco Dolstra1-1/+1
Parenthetical to #1686, we don't need to create a new root if we can just bind-mount on top of the existing /nix/store.
2017-11-20 nix run: Ignore non-directories while setting up the chrootEelco Dolstra1-3/+6
Fixes #1686.
2017-11-20 signed-binary-caches -> require-sigsEelco Dolstra2-1/+6
Unlike signed-binary-caches (which could only be '*' or ''), require-sigs is a proper Boolean option. The default is true.
2017-11-20 CleanupEelco Dolstra1-2/+2
2017-11-20 binary-cache-public-keys -> trusted-public-keysEelco Dolstra2-4/+5
The name had become a misnomer since it's not only for substitution from binary caches, but when adding/copying any (non-content-addressed) path to a store.
2017-11-20 Merge pull request #1645 from twhitehead/stat-raceEelco Dolstra1-12/+11
Fix (highly unlikely) race condition in readLink
2017-11-20 nix copy: Abbreviate "daemon"Eelco Dolstra1-2/+2
2017-11-15 Add a "profile" option to S3BinaryCacheStoreEelco Dolstra3-5/+14
This allows specifying the AWS configuration profile to use. E.g. nix copy --from s3://my-cache?profile=aws-dev-account /nix/store/cf3isrlqavvd5w7rpky1fa8j9lcnlggm-...
2017-11-14 anchor nix::Exit exceptionWill Dietz2-0/+2
2017-11-14 nix sign-paths: Support binary cachesEelco Dolstra2-15/+37
2017-11-14 Revert "Don't parse "x:x" as a URI"Eelco Dolstra1-1/+1
This reverts commit f90f660b243866b8860eeb24cc4a345d32cc7ce7. This broke Hydra's release.nix, which contained preCheck = ''export LOGNAME=${LOGNAME:-foo}'';
2017-11-14 nix ls-{nar,store}: Don't abort on missing filesEelco Dolstra1-1/+1
2017-11-14 nix ls-{nar,store} --json: Respect -REelco Dolstra4-6/+13
2017-11-14 Don't indent JSON outputEelco Dolstra4-4/+4
2017-11-14 nix ls-{store,nar}: Add --json flagEelco Dolstra4-40/+53
2017-11-14 Make config options available to legacy commandsEelco Dolstra2-4/+4
2017-11-08 Remove extraneous commentEelco Dolstra1-3/+0
2017-11-08 Merge pull request #1650 from copumpkin/darwin-sandbox-unix-socketEelco Dolstra1-1/+8
Always allow builds to use unix domain sockets in Darwin sandbox
2017-11-06 Merge pull request #1632 from AmineChikhaoui/sigint-copyEelco Dolstra1-1/+9
run query paths in parallel during nix copy and handle SIGINT
2017-11-03 fetchgit.cc -> fetchGit.ccEelco Dolstra1-0/+0
2017-11-03 Remove git:// support in NIX_PATHEelco Dolstra3-31/+9
This didn't support specifying a revision/branch, and was restricted to git:// URIs (since https:// or ssh:// would be ambiguous).
2017-11-03 fetchGit/fetchMercurial: Filter out directories with untracked filesEelco Dolstra2-8/+16
2017-11-03 fetchGit: Add a testEelco Dolstra1-1/+1
2017-11-03 fetchGit: Don't do a remote fetch if we already have the revEelco Dolstra1-15/+23
2017-11-03 Merge pull request #1651 from LnL7/darwin-sandbox-getpwuidEelco Dolstra1-0/+3
Allow getpwuid in the darwin sandbox
2017-11-03 Allow getpwuid in the darwin sandbox.Daiderd Jordan1-0/+3
2017-11-03 Merge pull request #1660 from 4z3/patch-1Eelco Dolstra1-1/+1
fetchMercurial: fix error message
2017-11-03 Merge pull request #1655 from copumpkin/patch-1Eelco Dolstra1-2/+2
Don't freak out if we get a 403 from S3
2017-11-03 Don't freak out if we get a 403 from S3Daniel Peebles1-2/+2
As far as we're concerned, not being able to access a file just means the file is missing. Plus, AWS explicitly goes out of its way to return a 403 if the file is missing and the requester doesn't have permission to list the bucket. Also getting rid of an old hack that Eelco said was only relevant to an older AWS SDK.
2017-11-02 fetchMercurial: fix error messagetv1-1/+1
2017-11-01 Fix buildEelco Dolstra2-2/+2
https://hydra.nixos.org/build/63172338
2017-11-01 fetchMercurial: Don't fetch hashes we already haveEelco Dolstra3-24/+62
2017-11-01 Add fetchMercurial primopEelco Dolstra3-3/+190
E.g. $ nix eval '(fetchMercurial https://www.mercurial-scm.org/repo/hello)' { branch = "default"; outPath = "/nix/store/alvb9y1kfz42bjishqmyy3pphnrh1pfa-source"; rev = "82e55d328c8ca4ee16520036c0aaace03a5beb65"; revCount = 1; shortRev = "82e55d328c8c"; } $ nix eval '(fetchMercurial { url = https://www.mercurial-scm.org/repo/hello; rev = "0a04b987be5ae354b710cefeba0e2d9de7ad41a9"; })' { branch = "default"; outPath = "/nix/store/alvb9y1kfz42bjishqmyy3pphnrh1pfa-source"; rev = "0a04b987be5ae354b710cefeba0e2d9de7ad41a9"; revCount = 0; shortRev = "0a04b987be5a"; } $ nix eval '(fetchMercurial /tmp/unclean-hg-tree)' { branch = "default"; outPath = "/nix/store/cm750cdw1x8wfpm3jq7mz09r30l9r024-source"; rev = "0000000000000000000000000000000000000000"; revCount = 0; shortRev = "000000000000"; }
2017-10-31 Fix filterSourceEelco Dolstra1-32/+14
2017-10-31 Always allow builds to use unix domain sockets in Darwin sandboxDan Peebles1-1/+8
2017-10-30 builtins.fetchgit: Support importing a working treeEelco Dolstra7-17/+54
For example, you can write src = fetchgit ./.; and if ./. refers to an unclean working tree, that tree will be copied to the Nix store. This removes the need for "cleanSource".
2017-10-30 Merge pull request #1646 from copumpkin/optional-sandbox-local-networkEelco Dolstra2-5/+33
Allow optional localhost network access to sandboxed derivations
2017-10-30 Allow optional localhost network access to sandboxed derivationsDan Peebles2-5/+33
This will allow bind and connect to 127.0.0.1, which can reduce purity/ security (if you're running a vulnerable service on localhost) but is also needed for a ton of test suites, so I'm leaving it turned off by default but allowing certain derivations to turn it on as needed. It also allows DNS resolution of arbitrary hostnames but I haven't found a way to avoid that. In principle I'd just want to allow resolving localhost but that doesn't seem to be possible. I don't think this belongs under `build-use-sandbox = relaxed` because we want it on Hydra and I don't think it's the end of the world.
2017-10-30 Don't parse "x:x" as a URIEelco Dolstra1-1/+1
URIs now have to contain "://" or start with "channel:".
2017-10-30 Fix (highly unlikely) race condition in readLinkTyson Whitehead1-12/+11
Used to determine symlink size with stat and value with readlink. This could technically result in garbage if symlink changed between calls. Also gets around the broken stat implementation in our network filesystem (returns size + 1 giving a byte of garbage).
2017-10-30 nix-build: Fix --hashEelco Dolstra1-0/+3
2017-10-30 Make "fetchGit /path" workEelco Dolstra1-5/+5
2017-10-30 fetchGit: Fix broken assertionEelco Dolstra1-1/+1
Different URIs can map to the same cache entry if they have the same revision.
2017-10-30 Add option allowed-urisEelco Dolstra5-6/+30
This allows network access in restricted eval mode.
2017-10-30 builtins.fetchGit: Return an attrset with revision infoEelco Dolstra3-18/+54
This adds rev, shortRev and revCount attributes, equal to what Hydra provides. E.g. $ nix eval '(fetchGit https://github.com/NixOS/patchelf.git)' { outPath = "/nix/store/ghigrkw02l440g8vfxa9wj4c3zpfmw99-source"; rev = "29c085fd9d3fc972f75b3961905d6b4ecce7eb2b"; revCount = 303; shortRev = "29c085f"; }