doc: mention how to turn on pure evaluation mode in manual
The flag is `--pure-eval`, which can be found by looking at the test suite; it should be in the notes describing the feature as well, since otherwise users may assume this is referencing something like `nix-shell --pure`.
This commit is contained in:
parent
9af10b753c
commit
762febafe2
|
@ -503,14 +503,14 @@
|
||||||
</listitem>
|
</listitem>
|
||||||
|
|
||||||
<listitem>
|
<listitem>
|
||||||
<para><emphasis>Pure evaluation mode</emphasis>. This is a variant
|
<para><emphasis>Pure evaluation mode</emphasis>. With the
|
||||||
of the existing restricted evaluation mode. In pure mode, the Nix
|
<literal>--pure-eval</literal> flag, nix enables a variant of the existing
|
||||||
evaluator forbids access to anything that could cause different
|
restricted evaluation mode that forbids access to anything that could cause
|
||||||
evaluations of the same command line arguments to produce a
|
different evaluations of the same command line arguments to produce a
|
||||||
different result. This includes builtin functions such as
|
different result. This includes builtin functions such as
|
||||||
<function>builtins.getEnv</function>, but more importantly,
|
<function>builtins.getEnv</function>, but more importantly,
|
||||||
<emphasis>all</emphasis> filesystem or network access unless a
|
<emphasis>all</emphasis> filesystem or network access unless a content hash
|
||||||
content hash or commit hash is specified. For example, calls to
|
or commit hash is specified. For example, calls to
|
||||||
<function>builtins.fetchGit</function> are only allowed if a
|
<function>builtins.fetchGit</function> are only allowed if a
|
||||||
<varname>rev</varname> attribute is specified.</para>
|
<varname>rev</varname> attribute is specified.</para>
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue