Age | Commit message (Collapse) | Author | Files | Lines |
|
We have a bunch of crates in `third_party/rust-crates`; it would be
great if we could check them for existing CVEs.
This tool does that, it takes the rust security advisory database,
parses the applicable CVEs, and cross-checks them against the actual
crate versions we list in our package database.
The dumb parser we wrote is tested against all entries in the
database, so we will notice when upstream breaks their shit.
Checking the semver stuff is easy enough with the semver crate.
If an advisory matches, it prints the whole thing and fails the build.
Change-Id: I9e912c43d37a685d9d7a4424defc467a171ea3c4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2818
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
We can be closed world, so let’s restrict the arguments to the subset
we need for now.
The existing override was wrong, in that `// args` would use the
arguments we already added, again. So instead of deliberating about
how to make this work right in all cases, we don’t need it, we trim
it.
Change-Id: I6443a0808b8bfd5e4db939b669c6afc741954db8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3057
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Change-Id: I7bee585935e65660f6b25b88ed33f09775eb01a0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3088
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
My horrible blog engine v0.0.0.0.1. Don’t judge.
Change-Id: I427b4e84d67aa49793cb7625e4d8ca2824f00943
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2456
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
`write` returns the written usize; now I wonder why rustc didn’t at
least produce a warning because the result was unused. Do we need to
add any flags to `rustSimple`?
Change-Id: If8d51d95c993dec6c92e46dbc82cd8cdd398f441
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3056
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
I think it’s solid enough to use in a wider context.
Change-Id: If53e8bbb6b90fa88d73fb42730db470e822ea182
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3055
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: lukegb <lukegb@tvl.fyi>
|
|
Moving to toplevel so I can use them with `runExecline`. They should
be pretty atomic, and are proven to work (tests are still in my user
dir, since they test the producers indirectly via the python parser
and I don’t want to pull it out right now).
Change-Id: Id0baa3adcb2ec646458a104c7868c2889b8c64f5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3054
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
|
|
Like `eprint-stdin`, but reads stdin as netencode and pretty-prints it
to stderr.
Change-Id: I430c010b0cac45f077cde9dadfd79adfa7a53eca
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2533
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Simple pretty printer for netencode values, as a rust library and an
accompanying command line tool which takes netencode on stdin and
prints the pretty version to stdout.
Change-Id: I0a57c644985162bc08a9bf1ee78f7be278400199
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2532
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
It’s the inverse of record-splice-env! It sucks up the environment and
prints it as a netencode dict! Only the utf-8 clean parts at least.
Change-Id: I96c19fc5ea3a67a23e238f15f4d0fa783081859c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2527
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
The user expects the editor to remember the positions of fields they
navigated from to a new level, so when they return they get put in the
same spot.
We push the index from one field into every level of the value.
Unfortunately this introduces pointers and all the woes they bring.
Change-Id: I889c28b71fd7082b765e1d6874faeb1b36dade60
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2866
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
This will be needed to factor the current cursor position into vals.
Change-Id: I73635b13c29b6b8925c68005c8db1c4dda93f15d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2865
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Since items are aligned per-line, it makes more intuitive sense to use
up/down for previous/next item, and left to go up and right to go
down.
Change-Id: I6bc33bd4e6e8f9fb245d252ca063dfabf972147d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2864
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
This makes it possible to pipe json dicts to the program and fully
navigate them.
Change-Id: I18dd8683d6f00c8ea967eb0c8dc89d1e0735fbcb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2863
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
A take at a TUI-based structural editor, which should eventually read
a type definition of a structure and some values, and build a GUI to
edit it.
So far you can only pipe it some restricted json (lists, strings and
floats) and “navigate” through the structure with the arrow keys.
Change-Id: I7c8546459ff86c766fc03723f732c7d9f863ceaa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2862
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Please read b/108 to make sense of this.
This gets rid of the explicit list of exposed packages from nixpkgs,
and instead makes the entire package set available at
`third_party.nixpkgs`.
To accommodate this, a LOT of things have to be very slightly shuffled
around. Some of this was done in already submitted CLs, but this
change is unfortunately still quite noisy.
Pay extra attention to:
* overlay-like functionality that was partially moved to actual
overlays (partially as in, the minimum required to get a green
build)
* modified uses of the package set path, esp. in NixOS systems
Special notes:
* xanthous has been disabled in CI because of issues with the Haskell
overlay
* //third_party/nix has been disabled because of other unclear
dependency issues
Both of these will be tackled in a followup CL.
Change-Id: I2f9c60a4d275fdb5209264be0addfd7e06c53118
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2910
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
|
|
This way we don’t have to explicitely wrap the rust crate with a
`testRustSimple`, but it will be done automatically, unless `doCheck`
is set to `false`.
Change-Id: I32a81821eeff620e7da57332b0873495bb85a843
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2841
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Profpatsch and me are basically the only users of
depot.users.Profpatsch.writers.rustSimple*. To pull in the odd
dependency we usually use buildRustCrate which is rather convenient.
However we've picked up the bad habit of inlining these in a let
somewhere instead of managing them in a more central location although
there has been an (unsuccesful) attempt at this in
//users/Profpatsch/rust-crates.nix.
This CL moves all buildRustCrate based derivations into
third_party.rust-crates and deletes any duplicate derivations we have
accumulated in the tree.
Change-Id: I8f68b95ebd546708e9af07dca36d72dba9ca8c77
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2769
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
In order to arbitrarily split netencode over multiple reads, we need
to make the parser completely streaming, so that it recognizes all
cases where it needs more input.
Luckily, this is fairly trivial, after working around a bunch of
overeager parsing.
The tricky part was the giant `alt`, where inner parsers would start
consuming input and thus become incomplete when they fail afterwards.
Sinc the format *always* starts the different types with one
discriminator char, we can use that to instantly return the parser and
try the next one instead.
The other tricky part was that lists and records would parse all inner
elements and then choke on the empty string after the last element,
because the inner parser would consume at least the descriminator, and
an empty string is always `Incomplete`. We wrap these into a small
combinator which plays nice with `many0` in that regard.
Change-Id: Ib8d15d9a7cab19d432c6b24a35fcad6a5a72b246
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2704
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
We had a bunch of instances of
https://github.com/NixOS/nix/issues/2176,
where nix would exit with a “killed by signal 9” error.
According to Eelco in that issue, this is perfectly normal behaviour
of course, and appears if the last command in a loop closes `stdout`
or `stdin`, then the builder will SIGKILL it immediately. This is of
course also a perfectly fine error message for that case.
It turns out that mainly GNU coreutils exhibit this behaviour …
Let’s see if using a more sane tool suite fixes that.
Change-Id: If34ab692120e5e299575bf8044aa5802145ab494
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2658
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
`forstdin` iterates over the tests in the test directory, and by
default it does *not* fail if an inner loop returns an error, unless
`-o okcodes` is given, a list of exit codes that indicate success.
Now it fails if a loop returns ≠ 0.
Change-Id: I0b1b2a06cd0a894e5ac4e77ec25019629ce2c077
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2657
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
A small UCSPI client which connects to an IMAP server, authenticates
with username and password (for Christ’s sake, put it in
`s6-tlsclient`), selects the `INBOX` and proceeds to listen for new
mails.
Later it will generate an event on stdout and to be used for push
messaging and triggering a full `mbsync` run on new message.
Currently I’m testing it via
```
env CAFILE=/run/current-system/etc/ssl/certs/ca-bundle.crt \
IMAP_USERNAME=<username> \
backtick -i IMAP_PASSWORD ' pass' ' <password-entry>' '' \
s6-tlsclient -v <imap-server> 993 ./result
```
Change-Id: I221717d374c0efc8d9e05fe0dfccba31798b3c5c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2636
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Setting meta.targets to include all derivations in the different package
sets in Profpatsch's user folder makes them checked by CI until they do
the readTree refactor as promised.
To reduce code duplication we handle this in a simple function which is
exposed from nix.utils which may be a good place for depot specific bits
and bops we accumulate over time.
To get around the issue of too nested sets we perform the following
renames:
* users.Profpatsch.tests gets moved into its own directory
* users.Profpatsch.arglib.netencode now lives in its own file instead of
the default.nix
* users.Profpatsch.netstring.tests gets moved into its own directory
Change-Id: Icd039c29d7760a711c1c53554504d6b0cd19e120
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2603
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Change-Id: I422e43f33737ef4d8e250634fa68926ae340206a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2580
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Change-Id: I99d2882ac9ef5ede85032132f6727e7bad8f24eb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2564
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Was messing around with serde and trying to build serde_json something,
might as well commit this.
Change-Id: I60f87aa3180f750fa171eca7f9c375ed053f8456
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2537
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
This adds a trivial test case on the transitive lib in tests and builds
it by wrapping in with testRustSimple. This should check:
* testRustSimple doesn't change the output and other packages can just
use it as a normal dependency
* tests are built and executed
Change-Id: Ia4ea7425432b8b0da09f63054f51f0c480300aa4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2531
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
The rust tests are now automatically built and run if
users.Profpatsch.netencode-rs is built without changing the content of
its output. users.Profpatsch.netencode-rs-tests has been removed in
favor of this, but can still be accessed as
builtins.head users.Profpatsch.netencode.netencode-rs.drvDeps
Change-Id: I25e8191f5b9efa08ace4a584a75978565c79d8d0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2530
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
testRustSimple is intended to wrap rustSimpleLib and rustSimpleBin and
theoretically pkgs.buildRustCrate with { buildTests = false; } while
building and running their tests, making them fail if the tests don't
succeed.
This is implemented using nix.drvSeqL which is a perfect fit here:
* { buildTests = true; } only returns an output with the test binaries
and does not actually run the tests. With drvSeqL we can easily wrap
this derivation.
* { buildTests = true } doesn't contain anything other derivations want
to depend on, so it is an derivation output we don't want to have.
drvSeqL hides the tests derivation away and only requires us to build
it once.
* Usually drvSeqL has the issue that tests (or advantage) are not rebuilt
if the test derivation changes. This is no question in this case as
due to the embedded nature of Rust's test, both the derivation with
and without tests change anyways regardless of which part was changed.
Future work: Allow injecting other tests?
Change-Id: If6ecfb3a360ce059320dbb05642b391b617aede7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2529
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
We forgot the special casing of derivations; if we recurse into a
derivation like we’d recurse into an attrset, it always ends in tears,
so dwim will just print the derivation path instead, which is usually
what you want anyway.
Change-Id: Ieed1b68dfcf8f2925ee3a75ae4f460fa5081da28
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2526
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
|
|
eprintenv is a debugging tool, as such the code should probably not
crash when the environment variable we want to look at is missing.
But we can print a warning instead.
Change-Id: I41a24dc0c1cc488587563b85c1adbd089dd364f2
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2525
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Change-Id: I7393f60e4b29f24399d681d4546ac35140650d1a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2524
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
The headers are not a scalar, so record-splice-env doesn’t know how to
convert them to an envvar; let’s just ignore everything that can’t be
converted to a scalar for now.
Change-Id: I74ed0aa942fcd26beb058705830bc2f2b516e93e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2523
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Tries to decode the inner type, turning it into an Option.
Change-Id: I29d1286fe873c28d7c4a4b71f220acaf2d23f8e1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2522
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Small helper that empties out the environment, except for the given
list of variables.
Change-Id: I5e265496aaa5c248136318aa1c6cd91a67d3f028
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2506
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Some programs need an exact amount of arguments, and we want to fail
if they get too many or not enough.
Change-Id: Ic703949f38780718f26118b896e7c7d7aa5553d9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2504
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Some programs don’t need any arguments, so fail if they do get them,
because that’s usually a bug.
Change-Id: I28639056d3d9cea0cc0e7fcbfa42120c4f129c8c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2503
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Projecting into one record field of netencode given on stdin.
Change-Id: I975bd5558a06988aa159156ca73a449710db983f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2502
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
arglib should remove its arguments after reading it, to prevent them
from leaking to any child processes.
Change-Id: Ifc107b1620b8e407bad6b3d0ad7f4728856ec2ba
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2501
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Change-Id: If20a91eaa6693ba35ce645b104c625dbd0c71726
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2500
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
\o/
Change-Id: I4cc93ccc834bee4301ae6369e53f65ab975d4ea9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2505
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Interestingly, the code is not any shorter, but a lot more
declarative, and all parsing footwork and error message generation is
done by the `Decoder` trait. \o/
Change-Id: Idb1064a3b5198e38e06e1860d4d71054ae53bbb9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2499
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
`Text` and `Binary` should be self-explaining, they just match on the
primitive and throw an error otherwise.
OneOf is cool, because it allows the user to match on the
result type of decoding `inner`, and give a list of values that should
be allowed as the result type (the associated type `A` in the
`Decoder` trait).
Change-Id: Ia252e25194610555c17c37640a96953142f0a165
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2498
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Shouldn’t use the netstring function, since that adds the length of
the containing string, which doesn’t make sense for numbers, they just
have their one length number and content.
Change-Id: I5591f6dd59154c5ef38d6e9b7300d19884a2d57b
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2497
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Change-Id: I3056385eb11e45ae13456f4c47052651ba5fb62f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2496
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
This fell out of us moving the `U::List` to a `Vec`.
I noticed that now we have deep recursion for `U`s, which originally
wasn’t intended; reverting to contain `&[u8]` might be a good
experiment, as long as the lists stay a `Vec<&'a [u8]`, which was the
thing preventing us from parsing lists without allocating memory.
Change-Id: I4900c5dea460fa69a78ce0dbed5708495af5d2e1
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2495
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
`dec::RecordDot` accesses a specific field of a netencode record.
In order to implement this, either we’d have to introduce a type-level
string, but in all honesty this kind of typelevel circlejerking never
leads anywhere, so let’s change the trait to use `&self` after all.
Usage is pretty much the same, except actually more like you’d expect.
Change-Id: I5a7f1a3f587256c50df1b65c2969e5a7194bba70
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2494
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Change-Id: I3037882dff15243bd7a5c1c78331f8e2ffdbda84
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2493
Reviewed-by: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
|
|
Since we don’t necessarily need to decode deeply, we can make the
decoders take a `U` instead of a `T`.
Change-Id: I9704a21edb3922d58411e6807d027d684b18d390
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2492
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|
|
Also change the toplevel `encode()` to take a `&U` instead of an owned
`U`.
Change-Id: I8e51540cc531e70ae1c94e3676f4dd88da7a924d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/2491
Tested-by: BuildkiteCI
Reviewed-by: Profpatsch <mail@profpatsch.de>
|