eldritch horrors
67f1aafd61
previously it was possible to fetchurl a dict server, or an ldap server,
or an imap server. this is a bit of a problem, both because rare schemes
may not be available on all systems, and because some schemes (e.g. scp)
are inherently insecure in potentially surprising ways we needn't allow.
Change-Id: I18fc567c6f58c3221b5ea8ce927f4da780057828
669 B
669 B
| synopsis | category | cls | credits | |
|---|---|---|---|---|
| transfers no longer allow arbitrary url schemas | Breaking Changes |
|
horrors |
Lix no longer allows transfers using arbitrary url schemas. Only http://, https://, ftp://, ftps://, and file:// urls are supported going forward. This affects builtins.fetchurl, <nix/fetchurl.nix>, transfers to and from binary caches, and all other uses of the internal file transfer code. Flake inputs using multi-protocol schemas (e.g. git+ssh) are not affected as those use external utilities to transfer data.
The s3:// scheme is not affected at all by this change and continues to work if S3 support is built into Lix.