Commit graph

12459 commits

Author SHA1 Message Date
Eelco Dolstra 3720a4f6cf
Merge pull request from tweag/stiky-non-flake-overrides
flake.cc: Make non-flake overrides sticky
2022-06-14 19:47:11 +02:00
Hugo Osvaldo Barrera fd7f795750 Add disambiguation to man page
This should help future lost newcomers like myself understand where to
find the docs for both of these commands and how they differ.
2022-06-14 18:13:35 +02:00
Maximilian Bosch 98946e2d9c
nix-shell: restore backwards-compat with old nixpkgs
Basically an attempt to resume fixing  for a breakage introduced
earlier[1]. Basically, when evaluating an older `nixpkgs` with
`nix-shell` the following error occurs:

    λ ma27 [~] → nix-shell -I nixpkgs=channel:nixos-18.03 -p nix
    error: anonymous function at /nix/store/zakqwc529rb6xcj8pwixjsxscvlx9fbi-source/pkgs/top-level/default.nix:20:1 called with unexpected argument 'inNixShell'

           at /nix/store/zakqwc529rb6xcj8pwixjsxscvlx9fbi-source/pkgs/top-level/impure.nix:82:1:

               81|
               82| import ./. (builtins.removeAttrs args [ "system" "platform" ] // {
                 | ^
               83|   inherit config overlays crossSystem;

This is a problem because one of the main selling points of Nix is that
you can evaluate any old Nix expression and still get the same result
(which also means that it *still evaluates*). In fact we're deprecating,
but not removing a lot of stuff for that reason such as unquoted URLs[2]
or `builtins.toPath`. However this property was essentially thrown away
here.

The change is rather simple: check if `inNixShell` is specified in the
formals of an auto-called function. This means that

    { inNixShell ? false }:
    builtins.trace inNixShell
      (with import <nixpkgs> { }; makeShell { name = "foo"; })

will show `trace: true` while

    args@{ ... }:
    builtins.trace args.inNixShell
      (with import <nixpkgs> { }; makeShell { name = "foo"; })

will throw the following error:

    error: attribute 'inNixShell' missing

This is explicitly needed because the function in
`pkgs/top-level/impure.nix` of e.g. NixOS 18.03 has an ellipsis[3], but
passes the attribute-set on to another lambda with formals that doesn't
have an ellipsis anymore (hence the error from above). This was perhaps
a mistake, but we can't fix it anymore. This also means that there's
AFAICS no proper way to check if the attr-set that's passed to the Nix
code via `EvalState::autoCallFunction` is eventually passed to a lambda
with formals where `inNixShell` is missing.

However, this fix comes with a certain price. Essentially every
`shell.nix` that assumes `inNixShell` to be passed to the formals even
without explicitly specifying it would break with this[4]. However I think
that this is ugly, but preferable:

* Nix 2.3 was declared stable by NixOS up until recently (well, it still
  is as long as 21.11 is alive), so most people might not have even
  noticed that feature.

* We're talking about a way shorter time-span with this change being
  in the wild, so the fallout should be smaller IMHO.

[1] 9d612c393a
[2] https://github.com/NixOS/rfcs/pull/45#issuecomment-488232537
[3] https://github.com/NixOS/nixpkgs/blob/release-18.03/pkgs/top-level/impure.nix#L75
[4] See e.g. the second expression in this commit-message or the changes
    for `tests/ca/nix-shell.sh`.
2022-06-13 23:29:28 +02:00
Alexander Bantyev d82a3dc70d
flake.cc: Make non-flake overrides sticky
Overrides for inputs with flake=false were non-sticky, since they
changed the `original` in `flake.lock`. This fixes it, by using the same
locked original for both flake and non-flake inputs.
2022-06-13 20:49:16 +04:00
Eelco Dolstra 9f58df4c91
Merge pull request from Jonpez2/patch-1
Add security.csm to ignored-acls
2022-06-13 16:23:13 +02:00
Eelco Dolstra 798efdf10b
Merge pull request from Ma27/pure-repl
repl: `--option pure-eval true` actually enables pure eval mode
2022-06-13 16:11:46 +02:00
Eelco Dolstra 2fef24f528
Merge pull request from lovesegfault/fix-getgrouplist
fix(libstore/lock): support users that belong to more than 10 groups
2022-06-13 15:45:09 +02:00
Eelco Dolstra 9a26a01475
Merge pull request from Artturin/checkse
install-multi-user: check if selinux is enabled and if it is then abort
2022-06-13 15:42:43 +02:00
Eelco Dolstra 95eccfd5db
Merge pull request from andersk/missing-rethrow
Add missing rethrows in conditional exception handlers
2022-06-13 15:37:38 +02:00
Théophane Hufschmitt 03226aa053
Merge pull request from ncfavier/nix-build-stop-logger
nix-build: stop logger when appropriate
2022-06-13 10:43:14 +02:00
Théophane Hufschmitt 84c4666467
Merge pull request from Misterio77/readd-sourcehut-regex-matching
fix sourcehut brach/tag resolving regression
2022-06-13 08:57:34 +02:00
Gabriel Fontes 9f6b4639c2
fix sourcehut brach/tag resolving regression
 introduced a regex pattern to account for tags when
resolving sourcehut refs.  reafactored the code,
accidentally treating the pattern as a regular string, causing all
non-HEAD ref resolving to break.

This fixes the regression and adds more test cases to avoid future
breakage.
2022-06-11 16:52:20 -03:00
Naïm Favier 502d7d9092
nix-build: stop logger when appropriate
Reverts b944b588fa in `nix-build.cc`.
2022-06-11 15:17:35 +02:00
Théophane Hufschmitt 37fc4d73bb
Merge pull request from YorikSar/file-impure-doc
Mention that -f implies --impure for eval in docs
2022-06-11 08:48:16 +02:00
Ben Burdette 49ff4ef637 remove unused parameter 2022-06-10 12:22:36 -06:00
Anders Kaseorg 754cd53faf Add missing rethrows in conditional exception handlers
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2022-06-10 10:52:41 -07:00
Yuriy Taraday 65d09fce22 Mention that -f implies --impure for eval in docs
Right now this is not mentioned anywhere and it is unexpected.
2022-06-10 19:16:17 +04:00
Théophane Hufschmitt 45ebaab665
Merge pull request from ncfavier/fix-git-again
libfetchers/git: add missing `--git-dir` flags
2022-06-10 14:33:32 +02:00
Théophane Hufschmitt e557f86490
Merge pull request from NixOS/fix-docker-ci-job
Correctly get the nix version in the docker job
2022-06-10 13:36:30 +02:00
Naïm Favier da8f8668ca
libfetchers/git: add missing --git-dir flags 2022-06-10 12:57:13 +02:00
Théophane Hufschmitt 460117a238 Correctly get the nix version in the docker job
`defaultPackage` doesn't exist anymore, so we can't use it.
Instead just use the new CLI which should be more robust to these
changes

Fix 
2022-06-10 12:09:09 +02:00
Théophane Hufschmitt 17e54a602e
Merge pull request from sidkshatriya/small-move-optimization-2
nix-env: A small std::move() optimization
2022-06-10 10:28:37 +02:00
Jonpez2 3f5f84258d
Update docker.nix
Co-authored-by: Eelco Dolstra <edolstra@gmail.com>
2022-06-10 09:17:28 +01:00
Artturin bd3a17d00c install-multi-user: check if selinux is enabled and if it is then abort 2022-06-10 05:12:03 +03:00
Sidharth Kshatriya 7868405d58 nix-env: A small std::move() optimization
Avoids doing a O(n) copy of Strings i.e. std::list<std::string>
2022-06-09 20:01:01 +05:30
Eelco Dolstra 1bc17ae617
Merge pull request from sidkshatriya/small-move-optimization
nix-store: small std::move() optimization
2022-06-09 13:48:48 +02:00
Sidharth Kshatriya 3efea3d28a nix-store: small std::move() optimization 2022-06-09 16:25:26 +05:30
Bernardo Meurer 931930feb1 fix(libstore/lock): support users that belong to more than 10 groups
The manpage for `getgrouplist` says:

> If the number of groups of which user is a member is less than or
> equal to *ngroups, then the value *ngroups is returned.
>
> If the user is a member of more than *ngroups groups, then
> getgrouplist() returns -1.  In this case, the value returned in
> *ngroups can be used to resize the buffer passed to a further
> call getgrouplist().

In our original code, however, we allocated a list of size `10` and, if
`getgrouplist` returned `-1` threw an exception. In practice, this
caused the code to fail for any user belonging to more than 10 groups.

While unusual for single-user systems, large companies commonly have a
huge number of POSIX groups users belong to, causing this issue to crop
up and make multi-user Nix unusable in such settings.

The fix is relatively simple, when `getgrouplist` fails, it stores the
real number of GIDs in `ngroups`, so we must resize our list and retry.
Only then, if it errors once more, we can raise an exception.

This should be backported to, at least, 2.9.x.
2022-06-08 13:45:41 -04:00
Eelco Dolstra 12e86c0735
Merge pull request from edolstra/boost-dylib
Remove ${boost}/lib from the RPATH
2022-06-08 17:55:21 +02:00
Eelco Dolstra 7b968af930
Update docker.nix
Co-authored-by: Cole Helbling <cole.e.helbling@outlook.com>
2022-06-08 17:41:31 +02:00
Eelco Dolstra 4a3f217bde
Remove ${boost}/lib from the RPATH 2022-06-08 15:51:35 +02:00
Théophane Hufschmitt 694b12052a
Merge pull request from NixOS/new-flake-style
flake.nix: Convert to new naming convention
2022-06-08 13:34:09 +02:00
Eelco Dolstra e88892dc21
Merge pull request from asymmetric/key-comment
Fix missing ` in key manual
2022-06-08 12:10:52 +02:00
Lorenzo Manacorda 814ddfa5f5 Fix missing ` in key manual 2022-06-08 11:46:50 +02:00
Jonpez2 a7d25d339d
Add security.csm to the default ignore list 2022-06-08 09:32:14 +01:00
Eelco Dolstra b2dea231cf
Merge pull request from afishhh/search-exclude
Add `-e`/`--exclude` flag to `nix search`
2022-06-07 19:01:36 +02:00
Fishhh 9ae22b1fde
Use grep -c instead of grep|wc -l in some nix search tests 2022-06-07 18:25:59 +02:00
Fishhh 0338cf5539
Add tests for --exclude flag in nix search 2022-06-07 18:25:52 +02:00
Fishhh e009367c8d
Remove redundant std::moves in calls to hiliteMatches 2022-06-07 18:25:52 +02:00
Fishhh b42358b9be
Add --exclude flag to nix search
If a package's attribute path, description or name contains matches for any of the
regexes specified via `-e` or `--exclude` that package is excluded from
the final output.
2022-06-07 18:25:48 +02:00
Eelco Dolstra 8977cdee6a
Merge pull request from cole-h/update-flake-for-real
flake: update to 22.05
2022-06-07 15:13:16 +02:00
Eelco Dolstra faf80fa920
Convert to new flake style
https://github.com/NixOS/nix/issues/5532
2022-06-07 14:36:23 +02:00
Eelco Dolstra 0f8754cd30
Fix 22.05 eval warnings 2022-06-07 14:27:10 +02:00
Eelco Dolstra 5a9d83aa59
Disable cross builds on platforms other than x86_64-linux
Needed because evaluation was broken on x86_64-darwin.
2022-06-07 14:27:06 +02:00
Eelco Dolstra 739c358c68
Merge pull request from cw789/patch-2
Explain exactly what nix-upgrade nix does
2022-06-07 13:08:56 +02:00
Malte Brandy bf2f25e3d8 respect print-missing variable in new-style build command
Currently nix-build prints the "printMissing" information by default,
nix build doesn’t.
People generally don‘t notice this because the standard log-format of
nix build would not display the printMissing
output long enough to perceive the information.

This addresses https://github.com/NixOS/nix/issues/6561
2022-06-06 21:15:31 +02:00
Jonpez2 0cd560c95d
Add security.csm to ignored-acls
The security.csm ACL is, as far as I know, never reasonable to remove, so let's add it to the ignore-list in the vanilla nix image.  This makes this image usable on GKE.
2022-06-06 16:56:42 +01:00
Fishhh d137ceccef
Fix incorrect comment in hiliteMatches 2022-06-05 20:30:18 +02:00
Eelco Dolstra 1dd7253133
Merge pull request from abathur/installer_fix_vi_swapfile
darwin-install: work around existing vim swap files
2022-06-03 08:51:48 +02:00
Eelco Dolstra 2097c30b08
Merge pull request from asymmetric/hash-comment
schema.sql: add comment about hash being in base16
2022-06-03 08:51:07 +02:00