Merge branch 'allow-import-from-derivation' of https://github.com/shlevy/nix
This commit is contained in:
commit
86227390c5
|
@ -644,6 +644,16 @@ password <replaceable>my-password</replaceable>
|
|||
</varlistentry>
|
||||
|
||||
|
||||
<varlistentry xml:id="conf-allow-import-from-derivation"><term><literal>allow-import-from-derivation</literal></term>
|
||||
|
||||
<listitem><para>By default, nix allows you to <function>import</function> from a derivation,
|
||||
allowing building at evaluation time. With this option set to false, nix will throw an error
|
||||
when evaluating an expression that uses this feature, allowing users to ensure their evaluation
|
||||
will not require any builds to take place.</para></listitem>
|
||||
|
||||
</varlistentry>
|
||||
|
||||
|
||||
</variablelist>
|
||||
|
||||
</para>
|
||||
|
|
|
@ -59,6 +59,8 @@ void EvalState::realiseContext(const PathSet & context)
|
|||
drvs.insert(decoded.first + "!" + decoded.second);
|
||||
}
|
||||
if (!drvs.empty()) {
|
||||
if (!settings.enableImportFromDerivation)
|
||||
throw EvalError(format("attempted to realize ‘%1%’ during evaluation but 'allow-import-from-derivation' is false") % *(drvs.begin()));
|
||||
/* For performance, prefetch all substitute info. */
|
||||
PathSet willBuild, willSubstitute, unknown;
|
||||
unsigned long long downloadSize, narSize;
|
||||
|
|
|
@ -70,6 +70,7 @@ Settings::Settings()
|
|||
enableImportNative = false;
|
||||
netrcFile = fmt("%s/%s", nixConfDir, "netrc");
|
||||
caFile = getEnv("NIX_SSL_CERT_FILE", getEnv("SSL_CERT_FILE", "/etc/ssl/certs/ca-certificates.crt"));
|
||||
enableImportFromDerivation = true;
|
||||
}
|
||||
|
||||
|
||||
|
@ -185,6 +186,7 @@ void Settings::update()
|
|||
_get(keepGoing, "keep-going");
|
||||
_get(keepFailed, "keep-failed");
|
||||
_get(netrcFile, "netrc-file");
|
||||
_get(enableImportFromDerivation, "allow-import-from-derivation");
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -198,6 +198,9 @@ struct Settings {
|
|||
/* Path to the SSL CA file used */
|
||||
Path caFile;
|
||||
|
||||
/* Whether we allow import-from-derivation */
|
||||
bool enableImportFromDerivation;
|
||||
|
||||
private:
|
||||
SettingsMap settings, overrides;
|
||||
|
||||
|
|
Loading…
Reference in a new issue