about summary refs log tree commit diff
path: root/tvix/nix-compat/src
AgeCommit message (Collapse)AuthorFilesLines
2024-03-11 r/7678 feat(tvix/glue): Implement builtins.fetchurlAspen Smith1-4/+10
Implement the fetchurl builtin, and lay the groundwork for implementing the fetchTarball builtin (which works very similarly, and is implemented using almost the same code in C++ nix). An overview of how this works: 1. First, we check if the store path that *would* result from the download already exists in the store - if it does, we just return that 2. If we need to download the URL, TvixStoreIO has an `http_client: reqwest::Client` field now which we use to make the request 3. As we're downloading the blob, we hash the data incrementally into a SHA256 hasher 4. We compare the hash against the expected hash (if any) and bail out if it doesn't match 5. Finally, we put the blob in the store and return the store path Since the logic is very similar, this commit also implements a *chunk* of `fetchTarball` (though the actual implementation will likely include a refactor to some of the code reuse here). The main thing that's missing here is caching of downloaded blobs when fetchurl is called without a hash - I've opened b/381 to track the TODO there. Adding the `SSL_CERT_FILE` here is necessary to teach reqwest how to load it during tests - see 1c16dee20 (feat(tvix/store): use reqwests' rustls-native-roots feature, 2024-03-03) for more info. Change-Id: I83c4abbc7c0c3bfe92461917e23d6d3430fbf137 Reviewed-on: https://cl.tvl.fyi/c/depot/+/11017 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de> Autosubmit: aspen <root@gws.fyi>
2024-03-03 r/7634 feat(tvix/nix-compat): add HashMode and CAHash::mode()Florian Klink2-0/+17
This allows peeking at the mode without matching on all enum kinds of CAHash directly. Change-Id: Icca147a876f7f4cff0bbaa067ac4dae40d05bee9 Reviewed-on: https://cl.tvl.fyi/c/depot/+/11069 Reviewed-by: flokli <flokli@flokli.de> Reviewed-by: Brian Olsen <me@griff.name> Tested-by: BuildkiteCI Autosubmit: flokli <flokli@flokli.de>
2024-03-03 r/7633 fix(tvix/nix-compat): Make CAHash deserialize more formatsBrian Olsen3-67/+230
Currently CAHash only deserializes the hash in hex code while the serializer outputs a nixbase32 hash. This means that you can't currently deserialize what has been serialized. This change makes deserialize support any digest format (so hex, nixbase32 and base64) as well as flattens the deserialize code and error handling. It also implements serde methods of HashAlgo directly using Display and TryFrom implementations because otherwise these would get serialized as eg. Sha256 instead of sha256 which also broke CAHash serialize/deserialize. Change-Id: I1941a72eaec741e4956292adaaf0115b97f260ba Reviewed-on: https://cl.tvl.fyi/c/depot/+/11082 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de>
2024-03-03 r/7632 refactor(tvix/nix-compat): rename NixHash::{digest,hash}Florian Klink3-4/+4
This doesn't return the digest, but the internal NixHash. To get the digest, you use `ca_hash.hash().digest_as_bytes()` (as done in tvix/nix-compat/src/derivation/write.rs). Change-Id: Ib07918dec63ae42ddf8c8d3f1d10510f9c4df255 Reviewed-on: https://cl.tvl.fyi/c/depot/+/11070 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Autosubmit: flokli <flokli@flokli.de>
2024-02-22 r/7594 refactor(nix-compat/store_path): simplify build_ca_pathFlorian Klink1-14/+12
Move the the `fixed:out:[r:]{}:` generation to a helper function, use matches! for more clarity. Change-Id: I4e930c42aacbf5c7451d1f8c8c80ccb4c45389f0 Reviewed-on: https://cl.tvl.fyi/c/depot/+/11006 Tested-by: BuildkiteCI Reviewed-by: aspen <root@gws.fyi> Autosubmit: flokli <flokli@flokli.de>
2024-02-21 r/7585 feat(tvix/nix-compat): Use `StorePath` in `Output`Peter Kolloch7-61/+109
https: //b.tvl.fyi/issues/264 Change-Id: Icb09be9643245cc68d09f01d7723af2d44d6bd1a Reviewed-on: https://cl.tvl.fyi/c/depot/+/11001 Autosubmit: Peter Kolloch <info@eigenvalue.net> Reviewed-by: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2024-02-21 r/7584 feat(tvix/nix-compat): input_sources as StorePathPeter Kolloch5-29/+48
https: //b.tvl.fyi/issues/264 Change-Id: I7a235734dc1f8e93e387a04ba369f3b702c6d5b6 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10992 Autosubmit: Peter Kolloch <info@eigenvalue.net> Reviewed-by: flokli <flokli@flokli.de> Reviewed-by: Peter Kolloch <info@eigenvalue.net> Tested-by: BuildkiteCI
2024-02-21 r/7583 feat(tvix/nix-compat): input_derivations with StorePathsPeter Kolloch6-57/+117
...in `Derivation`. This is more type-safe and should consume less memory. This also removes some allocations in the potentially hot path of output hash calculation. https: //b.tvl.fyi/issues/264 Change-Id: I6ad7d3cb868dc9f750894d449a6065608ef06e8c Reviewed-on: https://cl.tvl.fyi/c/depot/+/10957 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de> Autosubmit: Peter Kolloch <info@eigenvalue.net> Reviewed-by: Peter Kolloch <info@eigenvalue.net>
2024-02-21 r/7582 feat(tvix/nix-compat): generalize aterm writing for derivationPeter Kolloch3-9/+100
...so that we can also use `StorePath`s in derivation.input_derivations. Towards https://b.tvl.fyi/issues/264 Change-Id: I71d296ca273979c70f277a7f4f88a5f76de3d8be Reviewed-on: https://cl.tvl.fyi/c/depot/+/10973 Reviewed-by: Peter Kolloch <info@eigenvalue.net> Autosubmit: Peter Kolloch <info@eigenvalue.net> Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de>
2024-02-19 r/7560 feat(tvix/nix-compat): Extract to_plain_hex_stringPeter Kolloch1-5/+6
Towards https://b.tvl.fyi/issues/264 Change-Id: Ibde971bfb6baa97b5c678d84ce1941189bc59f6f Reviewed-on: https://cl.tvl.fyi/c/depot/+/10969 Reviewed-by: flokli <flokli@flokli.de> Autosubmit: Peter Kolloch <info@eigenvalue.net> Tested-by: BuildkiteCI
2024-02-19 r/7559 refactor(tvix/nix-compat): Restrict visibilityPeter Kolloch1-7/+13
Towards https://b.tvl.fyi/issues/264 Change-Id: I323907cb842ed10ddd05b72c285c598b60d213e0 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10972 Reviewed-by: flokli <flokli@flokli.de> Autosubmit: Peter Kolloch <info@eigenvalue.net> Tested-by: BuildkiteCI
2024-02-19 r/7556 feat(tvix/nix-compat): Extend parse errorsPeter Kolloch1-1/+4
...so that we can parse (and at the same time validate) store paths directly to `StorePath`s. https: //b.tvl.fyi/issues/264 Change-Id: Ide4cb5403f8e3400f7d2a5838c652ac35dbd1a4f Reviewed-on: https://cl.tvl.fyi/c/depot/+/10968 Reviewed-by: flokli <flokli@flokli.de> Autosubmit: Peter Kolloch <info@eigenvalue.net> Tested-by: BuildkiteCI
2024-02-17 r/7544 feat(tvix/nix-compat): serde for StorePath[Ref]sPeter Kolloch1-0/+94
Necessary, if we want to use it inside of `Derivation` etc. Change-Id: I8888060417b2ee83ac52d7ec3e7b27c393271d8b Reviewed-on: https://cl.tvl.fyi/c/depot/+/10947 Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: Peter Kolloch <info@eigenvalue.net> Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de>
2024-02-17 r/7538 refactor(tvix/nix-compat): derivation_or_fod_hash w/o self.clone()Peter Kolloch1-22/+36
Instead of constructing a completely new derivation for hashing, allow to call hashing with substituted input_derivations. This 1. reduces the number of allocations, 2. prepares substituting `String`s for store paths with proper `StorePath`s without needing a separate derivation struct that allows hashes without `/nix/store` in input_derivations, and 3. keeps the change local to the `Derivation` implementation. Change-Id: I36732c78f98fc59f0925b65823773222782017b0 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10935 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de> Autosubmit: Peter Kolloch <info@eigenvalue.net>
2024-02-17 r/7536 feat(nix-compat/derivation): make fod_digest publicFlorian Klink1-1/+1
This will be used inside glue, to populate the CA field. Change-Id: I52350d66ad09c90c4e9f3bc6ea44fba4427f1576 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10946 Tested-by: BuildkiteCI Autosubmit: flokli <flokli@flokli.de> Reviewed-by: tazjin <tazjin@tvl.su>
2024-02-17 r/7532 docs(tvix/nix-compat): on store paths in fieldsPeter Kolloch2-0/+5
Change-Id: Ie78b1c49d7386c70833a3b751799993ad9121aa6 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10933 Tested-by: BuildkiteCI Autosubmit: Peter Kolloch <info@eigenvalue.net> Reviewed-by: flokli <flokli@flokli.de>
2024-02-17 r/7531 feat(nix-compat/derivation): simplify derivation_or_fod_hashFlorian Klink1-29/+22
Populate the input_derivations struct field in-place, using self.input_derivations.from_iter, which seems a bit more readable. Change-Id: I4aa12cfd66e08486ef27aedab1bb731d94b63657 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10934 Reviewed-by: flokli <flokli@flokli.de> Reviewed-by: Peter Kolloch <info@eigenvalue.net> Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2024-01-20 r/7429 fix(nix-compat): accept SRI hashes of invalid lengthRyan Lahfa1-2/+36
In cl/10468, we accepted SRI hashes of invalid padding while checking their trailing bits. In this commit, we accept SRI hashes of invalid padding and invalid length, as Nix does. Real world example: `pkgs.javaPackages.openjfx11.deps` <https://github.com/NixOS/nixpkgs/blob/849e4dc5ff0ae70fb7a0df19dbbf633e408c0f32/pkgs/development/compilers/openjdk/openjfx/11.nix#L71> in nixpkgs. Change-Id: I834437e7b94dab9fbb030163f7a2741f52bbf03a Reviewed-on: https://cl.tvl.fyi/c/depot/+/10668 Autosubmit: raitobezarius <tvl@lahfa.xyz> Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de>
2024-01-19 r/7422 chore(3p/sources): Bump channels & overlayssterni2-32/+32
- Adjust to ecl 23.9.9 release - Regenerate go protos after protoc-gen-go update - Drop dhall fork which hasn't kept up with 1.42.* - Address new clippy warnings: - Variant naming of Error::ValidationError - Simplify .try_into().unwrap() - Drop unnecessary identity function - Test module must be last in file - Drop unused `pub use` - Update agenix to 0.15.0. Current master has a installCheckPhase that doesn't work with C++ Nix 2.3.*: https://github.com/ryantm/agenix/commit/a23aa271bec82d3e962bafb994595c1c4a62b133#commitcomment-137185861 Change-Id: Ic29eef20d6fd1362ce1031364a5ca6b4edf195bd Reviewed-on: https://cl.tvl.fyi/c/depot/+/10615 Reviewed-by: aspen <root@gws.fyi> Tested-by: BuildkiteCI Autosubmit: sterni <sternenseemann@systemli.org>
2024-01-16 r/7389 refactor(nix-compat): use StorePathRef for hash derivation moduloFlorian Klink2-12/+17
Rather than passing strings around, use a StorePathRef. This makes things a bit more typesafe, and more aligned with what we want to do in b/264. Change-Id: Ib7080addf27e7f1a9c8da1d8aaa66744468e3b5a Reviewed-on: https://cl.tvl.fyi/c/depot/+/10633 Tested-by: BuildkiteCI Reviewed-by: raitobezarius <tvl@lahfa.xyz>
2024-01-03 r/7309 fix(nix-compat/nix-hash): relax padding requirementsFlorian Klink1-22/+29
Nix is quite tolerant when it comes to parsing SRI hashes and their padding (and only for SRI hashes, it funnily is strict about that in the non-SRI-hash case). Nix essentially accepts any number of padding characters, no matter if it's too much or too little. So we do the only sane thing - simply strip all padding characters, and parse it with BASE64_NOPAD and the length the algo uses. Change-Id: I6a721aa289b06cc36741589792b9dd4c4f930b86 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10468 Reviewed-by: raitobezarius <tvl@lahfa.xyz> Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2024-01-01 r/7299 feat(nix-compat/store_path): build_ca_path may failFlorian Klink1-3/+3
Change-Id: Ia74ee870f38b7966501458bace541092256c3213 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10509 Reviewed-by: raitobezarius <tvl@lahfa.xyz> Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-12-21 r/7251 docs(nix-compat/nar/reader): fix referenceFlorian Klink1-1/+1
Change-Id: I7ccdfe3c042f49aa962d1c7ba6337bd656ef05c8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10405 Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI Reviewed-by: edef <edef@edef.eu>
2023-12-21 r/7250 docs(nix-compat/derivation): fix docstringFlorian Klink1-2/+2
Change-Id: I76200aa474b86cf655308f6710a2298b77fa4b38 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10404 Reviewed-by: edef <edef@edef.eu> Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-12-21 r/7249 docs(nix-compat/derivation): fix referenceFlorian Klink1-1/+1
Change-Id: I0ebe256c62435901c12ca1895f30e380280e9ea8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10403 Reviewed-by: edef <edef@edef.eu> Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-12-21 r/7248 docs(nix-compat/aterm/parser): fix docstringFlorian Klink1-1/+1
Change-Id: I7a65ce320163c5898df402af3a639f6cee2e17c6 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10402 Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI Reviewed-by: edef <edef@edef.eu>
2023-12-21 r/7243 docs(nix-compat/nixhash): fix referenceFlorian Klink1-1/+1
Change-Id: I95c35a1405601c6f79cbc03462ab7c7cd6f08f2a Reviewed-on: https://cl.tvl.fyi/c/depot/+/10397 Tested-by: BuildkiteCI Reviewed-by: edef <edef@edef.eu> Autosubmit: flokli <flokli@flokli.de>
2023-12-21 r/7242 docs(nix-compat/drvfmt): fix referenceFlorian Klink1-2/+3
Change-Id: Ic0403e028cc968bef4023ef78dbfa0d502da90b0 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10396 Reviewed-by: edef <edef@edef.eu> Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-12-21 r/7241 docs(nix-compat/narinfo): fix referenceFlorian Klink1-1/+1
Change-Id: Ib3a5414afed738ba6178ec69d38a4169c9b24714 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10395 Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI Reviewed-by: edef <edef@edef.eu>
2023-12-21 r/7240 docs(nix-compat/narinfo/fingerprint): fix referenceFlorian Klink1-1/+1
Change-Id: Icc56aa178247b3985a406421b7d8d449c63f8231 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10394 Tested-by: BuildkiteCI Reviewed-by: edef <edef@edef.eu> Autosubmit: flokli <flokli@flokli.de>
2023-12-21 r/7239 docs(nix-compat/derivation): fix referencesFlorian Klink1-2/+2
Change-Id: If6962931350edfbae206fa739a673e7ccbc3ee89 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10393 Reviewed-by: edef <edef@edef.eu> Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-12-21 r/7238 refactor(nix-compat/store_path): centralize self_reference checkFlorian Klink1-16/+12
self_reference being set to true is only allowed for `CAHash::Nar(NixHash::Sha256(_))`, so we can handle this in a check at the front. Change-Id: Ic363ade4789a7767cbe26a6959b143bb53e50e5a Reviewed-on: https://cl.tvl.fyi/c/depot/+/10391 Reviewed-by: edef <edef@edef.eu> Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-12-21 r/7237 refactor(nix-compat/store_path/utils): restructure build_ca_pathFlorian Klink1-32/+26
All match cases essentially construct `ty` and `hash`, which is then passed to the `build_store_path_from_fingerprint_parts` function. Change-Id: I01dfd219f9b0ac1afe8af7c6e361ea048117a0e6 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10390 Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI Reviewed-by: edef <edef@edef.eu>
2023-12-21 r/7236 refactor(tvix/nix-compat): have helpers interact with StorePathRefFlorian Klink2-22/+23
In most case, we don't actually need an owned `StorePath` struct, but a `StorePathRef<'_>` is sufficient. The lifetime is only due to it holding onto the name, but that one is mostly left untouched. `Derivation::calculate_derivation_path` still needs to return `StorePath`, as its name has a `.drv` appended. Change-Id: Ie0d52f369d785711bb0658ea2b0bd2617fd9f45e Reviewed-on: https://cl.tvl.fyi/c/depot/+/10389 Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI Reviewed-by: edef <edef@edef.eu>
2023-12-21 r/7235 refactor(nix-compat/narinfo/fingerprint): move to StorePathRefFlorian Klink1-2/+2
With the introduction of StorePathRef::to_absolute_path(), there's no need to convert this StorePathRef to a StorePath first. Change-Id: I634c977c4b63858e4f329fd21726e0611b99da4a Reviewed-on: https://cl.tvl.fyi/c/depot/+/10388 Tested-by: BuildkiteCI Reviewed-by: edef <edef@edef.eu> Autosubmit: flokli <flokli@flokli.de>
2023-12-21 r/7234 refactor(nix-compat/store_path): use StorePathRef::to_absolute_pathFlorian Klink1-6/+12
Keep the method around in StorePath for convenience, but move the implementation to StorePathRef. Change-Id: Ie1844fa01ce6529dc1a58907563c95c3112c831d Reviewed-on: https://cl.tvl.fyi/c/depot/+/10387 Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI Reviewed-by: edef <edef@edef.eu>
2023-12-21 r/7233 feat(nix-compat/store_path): derive [Partial]EqFlorian Klink1-1/+1
This allows comparing StorePathRef structs. Change-Id: Ia69967ea9358052e2d6e76042a7e6d394f7f29a9 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10386 Tested-by: BuildkiteCI Autosubmit: flokli <flokli@flokli.de> Reviewed-by: edef <edef@edef.eu>
2023-12-09 r/7139 refactor(nix-compat/aterm): address clippyFlorian Klink1-6/+1
This pushes to a Vec immediately after creation. Change-Id: I2360b45810475d98ededc1d097fb4cbdeabc576b Reviewed-on: https://cl.tvl.fyi/c/depot/+/10232 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Autosubmit: flokli <flokli@flokli.de>
2023-12-09 r/7137 refactor(nix-compat/nixbase32): address clippyFlorian Klink1-1/+1
Change-Id: I07b53ead10b0efb31e88c6ae93c124c5f35261d3 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10230 Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2023-12-09 r/7136 refactor(nix-compat/narinfo): address clippy lintsFlorian Klink3-3/+3
Change-Id: I00f28624ec0469525e52f408f00caa20d3b701b8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10229 Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>
2023-12-09 r/7135 refactor(nix-compat/derivation): address clippyFlorian Klink1-3/+3
Change-Id: I5d7057347838f733d7dc1331c7b7ef8d27244412 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10228 Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: flokli <flokli@flokli.de>
2023-12-09 r/7132 refactor(nix-compat/store_path): from_absolute_path to StorePathRefFlorian Klink3-19/+20
The only non-test usage was only checking for the error case, and we can still convert this to an owned StorePath by calling to_owned() on StorePathRef. Change-Id: I9f67a759e580c9c429c96896bcdd295392aa5a2a Reviewed-on: https://cl.tvl.fyi/c/depot/+/10225 Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-12-09 r/7131 refactor(nix-compat/derivation): rename input derivation componentsFlorian Klink1-3/+3
Match the naming in parse_input_derivations, call the keys "input_derivation", and the values "output_names". Change-Id: I7d1974819028f8ea543dc3ad78afb803ff9db865 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10224 Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-11-28 r/7084 feat(nix-compat/narinfo): add PubKey::verify(fp, sig)Florian Klink1-0/+32
This makes it easy for each PubKey to check if a given Signature is correct for a given fingerprint. Change-Id: I56e6211d133f74f390fd1ae3ae799eef12221904 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10151 Reviewed-by: tazjin <tazjin@tvl.su> Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-11-28 r/7083 feat(nix-compat/narinfo): add PubKeyFlorian Klink2-0/+119
This represents a ed25519 public key and "name". These are normally passed in the `trusted-public-keys` Nix config option, and consist of a name and base64-encoded ed25519 pubkey, separated by a `:`. Change-Id: I9ab4b3e0e5821805ea6faf2499626630fc5a3f0a Reviewed-on: https://cl.tvl.fyi/c/depot/+/10150 Autosubmit: flokli <flokli@flokli.de> Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-11-28 r/7082 refactor(nix-compat/narinfo/signature): rename Error typeFlorian Klink2-9/+7
Just call this Error, we can infer from the package what error this is. Change-Id: I5df25d2873ec739c49c08804f35562c84c222e06 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10149 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
2023-11-27 r/7075 fix(nix-compat/narinfo/signature): validate name fieldFlorian Klink1-2/+15
We should restrict this to alphanumeric mostly, and we definitely don't want newlines. Not entirely sure about the exact additionally allowed characters outside of alphanumeric, but this can always be extended further. Change-Id: I1357e79e553f2df2fa97792889f63f0f35d50ed5 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10147 Reviewed-by: edef <edef@edef.eu> Tested-by: BuildkiteCI Autosubmit: flokli <flokli@flokli.de>
2023-11-27 r/7074 fix(nix-compat/narinfo): don't panic trying to parse signaturesFlorian Klink1-6/+13
BASE64.decode_mut panics if we're passing data that has the wrong size. Do the size check first and error out there. Also update the error, and talk about b64-encoded sizes. Change-Id: I290f80a37d48526a30bf1df9d1d9fe34865008eb Reviewed-on: https://cl.tvl.fyi/c/depot/+/10146 Tested-by: BuildkiteCI Reviewed-by: edef <edef@edef.eu> Autosubmit: flokli <flokli@flokli.de>
2023-11-27 r/7073 refactor(nix-compat): use ed25519_dalek::SIGNATURE_LENGTHFlorian Klink1-8/+9
No need to hardcode magic numbers here, we have a constant for that. Change-Id: I67b671c0c4bb7c3bfb001e9c36499f31873ee717 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10145 Reviewed-by: edef <edef@edef.eu> Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
2023-11-25 r/7064 fix(tvix): ensure PartialOrd/Ord agree for StorePath & NixStringVincent Ambo1-1/+1
This fixes a *future* clippy lint: https://rust-lang.github.io/rust-clippy/master/index.html#/incorrect_partial_ord_impl_on_ord_type In essence, because the implementation of *both* Ord and PartialOrd implies that ordering is not partial, all results of PartialOrd should simply be those of Ord. This is to avoid subtle bugs in future refactorings. Change-Id: I8fc6694010208752dd47746a2aaaeca0c788d574 Reviewed-on: https://cl.tvl.fyi/c/depot/+/10109 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de>