about summary refs log tree commit diff
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2017-07-27 builtins.fetchgit: Cache hash -> store path mappingsEelco Dolstra1-2/+18
This prevents an expensive call to addToStore() in the cached case.
2017-07-26 nix search: Add a cacheEelco Dolstra3-20/+92
The package list is now cached in ~/.cache/nix/package-search.json. This gives a substantial speedup to "nix search" queries. For example (on an SSD): First run: (no package search cache, cold page cache) $ time nix search blender Attribute name: nixpkgs.blender Package name: blender Version: 2.78c Description: 3D Creation/Animation/Publishing System real 0m6.516s Second run: (package search cache populated) $ time nix search blender Attribute name: nixpkgs.blender Package name: blender Version: 2.78c Description: 3D Creation/Animation/Publishing System real 0m0.143s
2017-07-26 nix-build/nix-shell: Eliminate call to nix-instantiate / nix-storeEelco Dolstra6-462/+400
Note that this removes the need for a derivation symlink, so the --drv-path and --add-drv-link flags now do nothing.
2017-07-20 nix-shell: Use bashInteractive from <nixpkgs>Eelco Dolstra5-13/+54
This adds about 0.1s to nix-shell runtime in the case where bashInteractive already exists. See discussion at https://github.com/NixOS/nixpkgs/issues/27493.
2017-07-20 nix search: Ignore top-level eval errorsEelco Dolstra2-2/+13
$NIX_PATH may contain elements that don't evaluate to an attrset (like "nixos-config"), so ignore those.
2017-07-20 FD_SETSIZE check: BuildError -> ErrorEelco Dolstra1-3/+2
BuildError denotes a permanent build failure, which is not the case here.
2017-07-20 nix search: Add --json flagEelco Dolstra1-13/+27
2017-07-20 Add "nix search" commandEelco Dolstra9-102/+263
2017-07-18 Do not try to fill fd_set with fd>=FD_SETSIZEDmitry Kalinkin1-0/+3
This is UB and causes buffer overflow and crash on linux.
2017-07-17 Always use base-16 for hashed mirror lookupsEelco Dolstra1-1/+2
In particular, don't use base-64, which we don't support. (We do have base-32 redirects for hysterical reasons.) Also, add a test for the hashed mirror feature.
2017-07-17 Make the hashes mirrors used by builtins.fetchurl configurableEelco Dolstra2-6/+12
In particular, this allows it to be disabled in our tests.
2017-07-17 Fix accidental printErrorEelco Dolstra1-1/+1
2017-07-14 nix path-info: Show download sizes for binary cache storesEelco Dolstra3-9/+30
E.g. $ nix path-info --json --store https://cache.nixos.org nixpkgs.thunderbird -S ... "downloadHash": "sha256:1jlixpzi225wwa0f4xdrwrqgi47ip1qpj9p06fyxxg07sfmyi4q0", "downloadSize": 43047620, "closureDownloadSize": 84745960 } ]
2017-07-14 Avoid a call to derivationFromPath()Eelco Dolstra3-28/+29
This doesn't work in read-only mode, ensuring that operations like nix path-info --store https://cache.nixos.org -S nixpkgs.hello (asking for the closure size of nixpkgs.hello in cache.nixos.org) work when nixpkgs.hello doesn't exist in the local store.
2017-07-14 nix path-info: Don't barf on invalid pathsEelco Dolstra3-30/+38
Now you get [ { "path": "/nix/store/fzvliz4j5xzvnd0w5zgw2l0ksqh578yk-bla", "valid": false } ]
2017-07-14 StorePathsCommand: Don't build installablesEelco Dolstra5-8/+10
On second though this was annoying. E.g. "nix log nixpkgs.hello" would build/download Hello first, even though the log can be fetched directly from the binary cache. May need to revisit this.
2017-07-14 nix: Show help when no arguments are givenEelco Dolstra4-10/+14
Fixes #1464.
2017-07-14 Shut up a memory leak warningEelco Dolstra1-1/+2
2017-07-11 replaceSymlink(): Handle the case where the temporary file already existsEelco Dolstra1-4/+13
Not really necessary anymore for #849, but still nice to have.
2017-07-11 fetchTarball: Prevent concurrent downloads of the same fileEelco Dolstra1-0/+4
Fixes #849.
2017-07-10 Merge pull request #1422 from nh2/fix-potential-hash-comparison-crashEelco Dolstra1-0/+2
Fix potential crash/wrong result two hashes of unequal length are compared
2017-07-10 Merge pull request #1428 from rimmington/clearer-regex-space-errorEelco Dolstra1-2/+7
Clearer error message when regex exceeds space limit
2017-07-10 Clearer error message when regex exceeds space limitRhys1-2/+7
2017-07-07 Merge pull request #1445 from matthewbauer/macos-skip-hardlinkEelco Dolstra1-0/+14
Don’t hardlink disallowed paths in OS X.
2017-07-06 Don’t hardlink disallowed paths in OS X.Matthew Bauer1-0/+14
Fixes #1443
2017-07-04 Add X32 to the seccomp filterEelco Dolstra1-0/+4
Fixes #1432.
2017-07-04 Sort substituters by priorityEelco Dolstra3-0/+11
Fixes #1438.
2017-07-04 getDefaultSubstituters(): Simplify initialisationEelco Dolstra1-20/+14
As shlevy pointed out, static variables in C++11 have thread-safe initialisation.
2017-07-04 Add allow-new-privileges optionEelco Dolstra2-0/+9
This allows builds to call setuid binaries. This was previously possible until we started using seccomp. Turns out that seccomp by default disallows processes from acquiring new privileges. Generally, any use of setuid binaries (except those created by the builder itself) is by definition impure, but some people were relying on this ability for certain tests. Example: $ nix build '(with import <nixpkgs> {}; runCommand "foo" {} "/run/wrappers/bin/ping -c 1 8.8.8.8; exit 1")' --no-allow-new-privileges builder for ‘/nix/store/j0nd8kv85hd6r4kxgnwzvr0k65ykf6fv-foo.drv’ failed with exit code 1; last 2 log lines: cannot raise the capability into the Ambient set : Operation not permitted $ nix build '(with import <nixpkgs> {}; runCommand "foo" {} "/run/wrappers/bin/ping -c 1 8.8.8.8; exit 1")' --allow-new-privileges builder for ‘/nix/store/j0nd8kv85hd6r4kxgnwzvr0k65ykf6fv-foo.drv’ failed with exit code 1; last 6 log lines: PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. 64 bytes from 8.8.8.8: icmp_seq=1 ttl=46 time=15.2 ms Fixes #1429.
2017-07-04 Fix handling of expression installables with a / in themEelco Dolstra1-4/+4
2017-07-04 Support base-64 hashesEelco Dolstra20-199/+180
Also simplify the Hash API. Fixes #1437.
2017-07-03 nix-shell: Respect --dry-runEelco Dolstra1-0/+2
Fixes #824.
2017-07-03 Replace a few bool flags with enumsEelco Dolstra22-141/+138
Functions like copyClosure() had 3 bool arguments, which creates a severe risk of mixing up arguments. Also, implement copyClosure() using copyPaths().
2017-07-03 processGraph(): Call getEdges in parallelEelco Dolstra1-28/+47
2017-06-24 Fix potential crash/wrong result two hashes of unequal length are comparedNiklas Hambüchen1-0/+2
2017-06-20 Call SetDllDirectory("") after sqlite3 init on cygwinDavid McFarland1-0/+14
Cygwin sqlite3 is patched to call SetDllDirectory("/usr/bin") on init, which affects the current process and is inherited by child processes. It causes DLLs to be loaded from /usr/bin/ before $PATH, which breaks all sorts of things. A typical failures would be header/lib version mismatches (e.g. openssl when running checkPhase on openssh). We'll just set it back to the default value. Note that this is a problem with the cygwin version of sqlite3 (currently 3.18.0). nixpkgs doesn't have the problematic patch.
2017-06-20 Restore thunks on any exceptionEelco Dolstra1-1/+1
There's no reason to restrict this to Error exceptions. This shouldn't matter to #1407 since the repl doesn't catch non-Error exceptions anyway, but you never know...
2017-06-19 Disable use of virtual hosting in aws-sdk-cppEelco Dolstra1-1/+1
Recently aws-sdk-cpp quietly switched to using S3 virtual host URIs (https://github.com/aws/aws-sdk-cpp/commit/69d9c53882), i.e. it sends requests to http://<bucket>.<region>.s3.amazonaws.com rather than http://<region>.s3.amazonaws.com/<bucket>. However this interacts badly with curl connection reuse. For example, if we do the following: 1) Check whether a bucket exists using GetBucketLocation. 2) If it doesn't, create it using CreateBucket. 3) Do operations on the bucket. then 3) will fail for a minute or so with a NoSuchBucket exception, presumably because the server being hit is a fallback for cases when buckets don't exist. Disabling the use of virtual hosts ensures that 3) succeeds immediately. (I don't know what S3's consistency guarantees are for bucket creation, but in practice buckets appear to be available immediately.)
2017-06-19 Support creating S3 caches in other regions than us-east-1Eelco Dolstra1-4/+10
2017-06-19 Handle S3Errors::RESOURCE_NOT_FOUND from aws-sdk-cppEelco Dolstra1-2/+4
This is returned by recent versions. Also handle NO_SUCH_KEY even though the library doesn't actually return that at the moment.
2017-06-19 Suppress "will retry in N ms" for non-retriable errorsEelco Dolstra1-5/+6
Newer versions of aws-sdk-cpp call CalculateDelayBeforeNextRetry() even for non-retriable errors (like NoSuchKey) whih causes log spam in hydra-queue-runner.
2017-06-19 Show aws-sdk-cpp log messagesEelco Dolstra1-0/+22
2017-06-19 macOS: Ugly hack to make the tests succeedEelco Dolstra1-3/+2
Sandboxes cannot be nested, so if Nix's build runs inside a sandbox, it cannot use a sandbox itself. I don't see a clean way to detect whether we're in a sandbox, so use a test-specific hack. https://github.com/NixOS/nix/issues/1413
2017-06-19 macOS: Remove flagsEelco Dolstra1-0/+10
In particular, UF_IMMUTABLE (uchg) needs to be cleared to allow the path to be garbage-collected or optimised. See https://github.com/NixOS/nixpkgs/issues/25819. + the file from being garbage-collected.
2017-06-14 Remove redundant debug lineEelco Dolstra1-2/+0
2017-06-14 canonicalisePathMetaData(): Ignore security.selinux attributeEelco Dolstra1-2/+6
Untested, hopefully fixes #1406.
2017-06-12 Suppress spurious "killing process N: Operation not permitted" on macOSEelco Dolstra1-2/+9
2017-06-12 On macOS, don't use /var/folders for TMPDIREelco Dolstra1-0/+8
This broke "nix-store --serve".
2017-06-12 Provide a builtin default for $NIX_SSL_CERT_FILEEelco Dolstra2-4/+13
This is mostly to ensure that when Nix is started on macOS via a launchd service or sshd (for a remote build), it gets a certificate bundle.
2017-06-12 Don't run pre-build-hook if we don't have a derivationEelco Dolstra1-1/+1
This fixes a build failure on OS X when using Hydra or Nix 1.12's build-remote (since they don't copy the derivation to the build machine).