forked from lix-project/lix
Compare commits
211 commits
93b7edfd07
...
dd70044cde
Author | SHA1 | Date | |
---|---|---|---|
julia | dd70044cde | ||
jade | b4035ed1d1 | ||
julia | 89c782b0c0 | ||
julia | 6c311a4afa | ||
julia | 0fa289f559 | ||
jade | 4734ce7831 | ||
jade | 79404f7ffc | ||
jade | f95a47e8c4 | ||
jade | 9923fb6dd9 | ||
jade | a9c610fe37 | ||
jade | f82a2a9aaa | ||
jade | e1059bfa34 | ||
jade | d5c670ad01 | ||
jade | 16ea19ced8 | ||
jade | 7be0d237e0 | ||
jade | e715e5fd31 | ||
jade | 068576042b | ||
jade | d194939ff5 | ||
jade | 74fb2e8c47 | ||
jade | ac28cff28f | ||
alois31 | 1d6fd94cf9 | ||
jade | d0b28f0e74 | ||
jade | 38e4e69633 | ||
Pierre Bourdon | 248ecb11af | ||
jade | 73898cad0e | ||
jade | 59b5965bbf | ||
jade | 211f79d4a2 | ||
jade | 5f6eb6eb44 | ||
jade | d9345d8836 | ||
jade | 6939ffc9f9 | ||
jade | 479055aee8 | ||
Pierre Bourdon | f7b6552699 | ||
alois31 | 3c0434999e | ||
Qyriad | f46194faa2 | ||
jade | 8a3d063a49 | ||
jade | f432e464dd | ||
jade | a986a8dfa1 | ||
jade | 8a09465c3a | ||
jade | 82dc712d93 | ||
jade | ce71d0e9ab | ||
jade | 9aeb314e6a | ||
jade | 4392d89eea | ||
jade | 9bb7fb8f69 | ||
jade | 7dfa2a761e | ||
jade | ff95b980d4 | ||
Pierre Bourdon | 28a079f841 | ||
Pierre Bourdon | 9281a12532 | ||
Mario Rodas | a05de58ebd | ||
jade | 4f94531209 | ||
jade | 98e8475147 | ||
jade | bdf1b264ad | ||
jade | c32a01f9eb | ||
Qyriad | ec768df004 | ||
jade | 611b1de441 | ||
jade | 9c77c62e73 | ||
jade | 24057dcb6a | ||
jade | 1659404626 | ||
jade | e0748377dc | ||
Qyriad | 766e718f67 | ||
Qyriad | 06e65e537b | ||
jade | 8f9bcd20eb | ||
Linus Heckemann | 609b721425 | ||
Pierre Bourdon | 6e59b4b407 | ||
Pierre Bourdon | a3256a9375 | ||
72d85acba4 | |||
Nikodem Rabuliński | 5d3910330d | ||
Nikodem Rabuliński | cc3674ea93 | ||
Qyriad | c55e93ca23 | ||
Qyriad | d374a9908f | ||
raito | b8cb7abcf0 | ||
Linus Heckemann | 5312e60be6 | ||
Qyriad | e54d4c9381 | ||
jade | c7ca87461d | ||
jade | 7081889faa | ||
jade | adedac70fa | ||
Linus Heckemann | 82de36f77a | ||
jade | a75d7a5777 | ||
alois31 | ff08d95420 | ||
713cd7e9e7 | |||
Lunaphied | d4b7e6baca | ||
jade | ac78c1dcd5 | ||
terru - | 0c6cb34de6 | ||
alois31 | cf756fdf3c | ||
jade | a6b33cb3b2 | ||
jade | 0f99ed43f1 | ||
jade | e6e5cacabe | ||
Linus Heckemann | 3df013597d | ||
jade | 2f104bbe3b | ||
jade | 533d469875 | ||
Qyriad | 260db1ea64 | ||
jade | c161687b5f | ||
jade | 18aa3e1d57 | ||
jade | 53d40888ff | ||
Maximilian Bosch | 3d78b4847e | ||
Maximilian Bosch | 6abac7aacc | ||
Ilya K | da95bf8c82 | ||
Maximilian Bosch | ce82067566 | ||
Qyriad | 6475793678 | ||
194b6cc611 | |||
jade | 7575db522e | ||
Qyriad | 2760818f06 | ||
Qyriad | eac3546d50 | ||
Qyriad | 68937f2b64 | ||
jade | 285bc67318 | ||
031d924116 | |||
jade | 26b3a1b9ce | ||
Qyriad | 218630a241 | ||
jade | 562ff516ab | ||
Qyriad | afeaa2371c | ||
Mario Rodas | c71f21da3a | ||
eldritch horrors | dd4a2c1759 | ||
Tom Hubrecht | a39ba22ff7 | ||
Tom Hubrecht | f0eb650ee8 | ||
Tom Hubrecht | d73c40ff3d | ||
Tom Hubrecht | 74513483bc | ||
Tom Hubrecht | 93ebb3e7df | ||
Tom Hubrecht | 8b6d2d3915 | ||
Tom Hubrecht | f79ee66646 | ||
Tom Hubrecht | b910551120 | ||
Tom Hubrecht | 5b5a75979a | ||
Tom Hubrecht | e81ed5f12d | ||
Tom Hubrecht | 2473e1253d | ||
Tom Hubrecht | 9a52e4688c | ||
Tom Hubrecht | 8cd9aa24a8 | ||
Tom Hubrecht | 6b5078c815 | ||
Tom Hubrecht | 81bdf8d2d6 | ||
terru - | d8e452a91b | ||
terru - | 71b32bb87c | ||
Tom Hubrecht | 6fd6795bc4 | ||
Mario Rodas | ec5f025ec2 | ||
terru - | 7a12bc2007 | ||
terru - | 0b91a4b0ec | ||
Qyriad | 2cd1ef2201 | ||
Qyriad | ec5039653d | ||
eldritch horrors | ed6b3165ea | ||
Qyriad | 742c62a6eb | ||
Qyriad | 9f16a20f3d | ||
Maximilian Bosch | 5986a720d4 | ||
Qyriad | ebd00b2d0b | ||
Artemis Tosini | 53e2b0740c | ||
jade | dd53bce476 | ||
alois31 | ddfe379a6b | ||
jade | 2a7a824d83 | ||
Qyriad | 5b4b216fac | ||
Qyriad | 1c0f3c540e | ||
Qyriad | f3f68fcfac | ||
Qyriad | 076c19e0d1 | ||
alois31 | f047e4357b | ||
Qyriad | d0390b5cf2 | ||
Qyriad | 8c06b7b431 | ||
jade | 19ea351642 | ||
Qyriad | adfc22c3e3 | ||
Qyriad | 933f1f48a2 | ||
Qyriad | 65da3e7199 | ||
Qyriad | 2b397c6629 | ||
jade | 745b5d3d4f | ||
Qyriad | e1d2fb4a65 | ||
Qyriad | bb6d43b63b | ||
Pierre Bourdon | 6922d67eb3 | ||
jade | d1fa446454 | ||
Pierre Bourdon | 6ade981476 | ||
Qyriad | 00bf2b105d | ||
jade | 9530b7f2b2 | ||
jade | c97e17144e | ||
Qyriad | a0172dc81b | ||
Qyriad | a8b2fc6d41 | ||
Qyriad | a0dcfbb084 | ||
Qyriad | 3a597f1d0b | ||
Qyriad | 0565f97e78 | ||
Pierre Bourdon | 6260563bed | ||
Qyriad | 677cf75473 | ||
Pierre Bourdon | 79121e0c44 | ||
eldritch horrors | 829521b91a | ||
eldritch horrors | f281727e70 | ||
eldritch horrors | 9a75150d19 | ||
Pierre Bourdon | d8bc3bfb6d | ||
jade | d05e0b9f1f | ||
Qyriad | 06c1375e52 | ||
jade | dcc7ea5498 | ||
alois31 | 0bf4c2971f | ||
eldritch horrors | 47523944c5 | ||
Qyriad | 6881476232 | ||
alois31 | d5fdb995d3 | ||
Qyriad | 20981461d4 | ||
Artemis Tosini | 3de77e6dbd | ||
raito | 8e1a883186 | ||
8220da8a53 | |||
jade | 992c63fc0b | ||
Qyriad | 589953e832 | ||
puck | bfb91db4f6 | ||
puck | 40311973a8 | ||
Artemis Tosini | 5411fbf204 | ||
jade | a354779d78 | ||
Qyriad | 4eb6779ea8 | ||
raito | 93dbb698b3 | ||
eldritch horrors | 774c56094f | ||
Alyssa Ross | 139d31f876 | ||
puck | 62b1adf8c1 | ||
jade | d7d1547a41 | ||
puck | 1fe58bd8a7 | ||
Pierre Bourdon | d1c8fd3b09 | ||
julia | 7a3745b076 | ||
Qyriad | 236466faf3 | ||
puck | 23c92f0815 | ||
puck | 92e1df23b3 | ||
jade | 0d2cc81956 | ||
jade | e1119f4378 | ||
Pierre Bourdon | 5a1824ebe1 | ||
Yorick | 194654c96f | ||
puck | c6bb377c91 | ||
FireFly | eca8bce081 |
|
@ -24,3 +24,8 @@ indent_size = 4
|
||||||
# Match diffs, avoid to trim trailing whitespace
|
# Match diffs, avoid to trim trailing whitespace
|
||||||
[*.{diff,patch}]
|
[*.{diff,patch}]
|
||||||
trim_trailing_whitespace = false
|
trim_trailing_whitespace = false
|
||||||
|
|
||||||
|
[*.md]
|
||||||
|
indent_style = space
|
||||||
|
indent_size = 2
|
||||||
|
max_line_length = 0
|
||||||
|
|
18
.github/CODEOWNERS
vendored
18
.github/CODEOWNERS
vendored
|
@ -1,18 +0,0 @@
|
||||||
# Pull requests concerning the listed files will automatically invite the respective maintainers as reviewers.
|
|
||||||
# This file is not used for denoting any kind of ownership, but is merely a tool for handling notifications.
|
|
||||||
#
|
|
||||||
# Merge permissions are required for maintaining an entry in this file.
|
|
||||||
# For documentation on this mechanism, see https://help.github.com/articles/about-codeowners/
|
|
||||||
|
|
||||||
# Default reviewers if nothing else matches
|
|
||||||
* @edolstra
|
|
||||||
|
|
||||||
# This file
|
|
||||||
.github/CODEOWNERS @edolstra
|
|
||||||
|
|
||||||
# Public documentation
|
|
||||||
/doc @fricklerhandwerk
|
|
||||||
*.md @fricklerhandwerk
|
|
||||||
|
|
||||||
# Libstore layer
|
|
||||||
/src/libstore @thufschmitt
|
|
2
.github/ISSUE_TEMPLATE/installer.md
vendored
2
.github/ISSUE_TEMPLATE/installer.md
vendored
|
@ -9,7 +9,7 @@ assignees: ''
|
||||||
|
|
||||||
## Platform
|
## Platform
|
||||||
|
|
||||||
<!-- select the platform on which you tried to install Nix -->
|
<!-- select the platform on which you tried to install Lix -->
|
||||||
|
|
||||||
- [ ] Linux: <!-- state your distribution, e.g. Arch Linux, Ubuntu, ... -->
|
- [ ] Linux: <!-- state your distribution, e.g. Arch Linux, Ubuntu, ... -->
|
||||||
- [ ] macOS
|
- [ ] macOS
|
||||||
|
|
11
.github/ISSUE_TEMPLATE/missing_documentation.md
vendored
11
.github/ISSUE_TEMPLATE/missing_documentation.md
vendored
|
@ -19,9 +19,10 @@ assignees: ''
|
||||||
|
|
||||||
<!-- make sure this issue is not redundant or obsolete -->
|
<!-- make sure this issue is not redundant or obsolete -->
|
||||||
|
|
||||||
- [ ] checked [latest Nix manual] \([source])
|
- [ ] checked [latest Lix manual] \([source]\)
|
||||||
- [ ] checked [open documentation issues and pull requests] for possible duplicates
|
- [ ] checked [documentation issues] and [recent documentation changes] for possible duplicates
|
||||||
|
|
||||||
[latest Nix manual]: https://nixos.org/manual/nix/unstable/
|
[latest Nix manual]: https://docs.lix.systems/manual/lix/nightly
|
||||||
[source]: https://github.com/NixOS/nix/tree/master/doc/manual/src
|
[source]: https://git.lix.systems/lix-project/lix/src/main/doc/manual/src
|
||||||
[open documentation issues and pull requests]: https://github.com/NixOS/nix/labels/documentation
|
[documentation issues]: https://git.lix.systems/lix-project/lix/issues?labels=151&state=all
|
||||||
|
[recent documentation changes]: https://gerrit.lix.systems/q/p:lix+path:%22%5Edoc/manual/.*%22
|
||||||
|
|
35
.github/STALE-BOT.md
vendored
35
.github/STALE-BOT.md
vendored
|
@ -1,35 +0,0 @@
|
||||||
# Stale bot information
|
|
||||||
|
|
||||||
- Thanks for your contribution!
|
|
||||||
- To remove the stale label, just leave a new comment.
|
|
||||||
- _How to find the right people to ping?_ → [`git blame`](https://git-scm.com/docs/git-blame) to the rescue! (or GitHub's history and blame buttons.)
|
|
||||||
- You can always ask for help on [our Discourse Forum](https://discourse.nixos.org/) or on [Matrix - #nix:nixos.org](https://matrix.to/#/#nix:nixos.org).
|
|
||||||
|
|
||||||
## Suggestions for PRs
|
|
||||||
|
|
||||||
1. GitHub sometimes doesn't notify people who commented / reviewed a PR previously, when you (force) push commits. If you have addressed the reviews you can [officially ask for a review](https://docs.github.com/en/free-pro-team@latest/github/collaborating-with-issues-and-pull-requests/requesting-a-pull-request-review) from those who commented to you or anyone else.
|
|
||||||
2. If it is unfinished but you plan to finish it, please mark it as a draft.
|
|
||||||
3. If you don't expect to work on it any time soon, closing it with a short comment may encourage someone else to pick up your work.
|
|
||||||
4. To get things rolling again, rebase the PR against the target branch and address valid comments.
|
|
||||||
5. If you need a review to move forward, ask in [the Discourse thread for PRs that need help](https://discourse.nixos.org/t/prs-in-distress/3604).
|
|
||||||
6. If all you need is a merge, check the git history to find and [request reviews](https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/requesting-a-pull-request-review) from people who usually merge related contributions.
|
|
||||||
|
|
||||||
## Suggestions for issues
|
|
||||||
|
|
||||||
1. If it is resolved (either for you personally, or in general), please consider closing it.
|
|
||||||
2. If this might still be an issue, but you are not interested in promoting its resolution, please consider closing it while encouraging others to take over and reopen an issue if they care enough.
|
|
||||||
3. If you still have interest in resolving it, try to ping somebody who you believe might have an interest in the topic. Consider discussing the problem in [our Discourse Forum](https://discourse.nixos.org/).
|
|
||||||
4. As with all open source projects, your best option is to submit a Pull Request that addresses this issue. We :heart: this attitude!
|
|
||||||
|
|
||||||
**Memorandum on closing issues**
|
|
||||||
|
|
||||||
Don't be afraid to close an issue that holds valuable information. Closed issues stay in the system for people to search, read, cross-reference, or even reopen--nothing is lost! Closing obsolete issues is an important way to help maintainers focus their time and effort.
|
|
||||||
|
|
||||||
## Useful GitHub search queries
|
|
||||||
|
|
||||||
- [Open PRs with any stale-bot interaction](https://github.com/NixOS/nix/pulls?q=is%3Apr+is%3Aopen+commenter%3Aapp%2Fstale+)
|
|
||||||
- [Open PRs with any stale-bot interaction and `stale`](https://github.com/NixOS/nix/pulls?q=is%3Apr+is%3Aopen+commenter%3Aapp%2Fstale+label%3A%22stale%22)
|
|
||||||
- [Open PRs with any stale-bot interaction and NOT `stale`](https://github.com/NixOS/nix/pulls?q=is%3Apr+is%3Aopen+commenter%3Aapp%2Fstale+-label%3A%22stale%22+)
|
|
||||||
- [Open Issues with any stale-bot interaction](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+commenter%3Aapp%2Fstale+)
|
|
||||||
- [Open Issues with any stale-bot interaction and `stale`](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+commenter%3Aapp%2Fstale+label%3A%22stale%22+)
|
|
||||||
- [Open Issues with any stale-bot interaction and NOT `stale`](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+commenter%3Aapp%2Fstale+-label%3A%22stale%22+)
|
|
6
.github/dependabot.yml
vendored
6
.github/dependabot.yml
vendored
|
@ -1,6 +0,0 @@
|
||||||
version: 2
|
|
||||||
updates:
|
|
||||||
- package-ecosystem: "github-actions"
|
|
||||||
directory: "/"
|
|
||||||
schedule:
|
|
||||||
interval: "weekly"
|
|
23
.github/labeler.yml
vendored
23
.github/labeler.yml
vendored
|
@ -1,23 +0,0 @@
|
||||||
"documentation":
|
|
||||||
- doc/manual/*
|
|
||||||
- src/nix/**/*.md
|
|
||||||
|
|
||||||
"store":
|
|
||||||
- src/libstore/store-api.*
|
|
||||||
- src/libstore/*-store.*
|
|
||||||
|
|
||||||
"fetching":
|
|
||||||
- src/libfetchers/**/*
|
|
||||||
|
|
||||||
"repl":
|
|
||||||
- src/libcmd/repl.*
|
|
||||||
- src/nix/repl.*
|
|
||||||
|
|
||||||
"new-cli":
|
|
||||||
- src/nix/**/*
|
|
||||||
|
|
||||||
"with-tests":
|
|
||||||
# Unit tests
|
|
||||||
- src/*/tests/**/*
|
|
||||||
# Functional and integration tests
|
|
||||||
- tests/functional/**/*
|
|
9
.github/stale.yml
vendored
9
.github/stale.yml
vendored
|
@ -1,9 +0,0 @@
|
||||||
# Configuration for probot-stale - https://github.com/probot/stale
|
|
||||||
daysUntilStale: 180
|
|
||||||
daysUntilClose: false
|
|
||||||
exemptLabels:
|
|
||||||
- "critical"
|
|
||||||
- "never-stale"
|
|
||||||
staleLabel: "stale"
|
|
||||||
markComment: false
|
|
||||||
closeComment: false
|
|
130
.gitignore
vendored
130
.gitignore
vendored
|
@ -1,128 +1,5 @@
|
||||||
Makefile.config
|
|
||||||
perl/Makefile.config
|
|
||||||
|
|
||||||
# /
|
|
||||||
/aclocal.m4
|
|
||||||
/autom4te.cache
|
|
||||||
/precompiled-headers.h.gch
|
|
||||||
/config.*
|
|
||||||
/configure
|
|
||||||
/stamp-h1
|
|
||||||
/svn-revision
|
|
||||||
/libtool
|
|
||||||
/config
|
|
||||||
|
|
||||||
# /doc/manual/
|
|
||||||
/doc/manual/*.1
|
|
||||||
/doc/manual/*.5
|
|
||||||
/doc/manual/*.8
|
|
||||||
/doc/manual/generated/*
|
|
||||||
/doc/manual/nix.json
|
|
||||||
/doc/manual/conf-file.json
|
|
||||||
/doc/manual/language.json
|
|
||||||
/doc/manual/xp-features.json
|
|
||||||
/doc/manual/src/command-ref/experimental-features-shortlist.md
|
|
||||||
/doc/manual/src/contributing/experimental-feature-descriptions.md
|
|
||||||
/doc/manual/src/release-notes/rl-next-generated.md
|
|
||||||
|
|
||||||
# /scripts/
|
|
||||||
/scripts/nix-profile.sh
|
|
||||||
/scripts/nix-profile-daemon.sh
|
|
||||||
/scripts/nix-profile.fish
|
|
||||||
/scripts/nix-profile-daemon.fish
|
|
||||||
|
|
||||||
# /src/libexpr/
|
|
||||||
/src/libexpr/lexer-tab.cc
|
|
||||||
/src/libexpr/lexer-tab.hh
|
|
||||||
/src/libexpr/parser-tab.cc
|
|
||||||
/src/libexpr/parser-tab.hh
|
|
||||||
/src/libexpr/parser-tab.output
|
|
||||||
/src/libexpr/nix.tbl
|
|
||||||
/src/libexpr/tests
|
|
||||||
/tests/unit/libexpr/libnixexpr-tests
|
|
||||||
|
|
||||||
# /src/libstore/
|
|
||||||
*.gen.*
|
|
||||||
/src/libstore/tests
|
|
||||||
/tests/unit/libstore/libnixstore-tests
|
|
||||||
|
|
||||||
# /src/libutil/
|
|
||||||
/src/libutil/tests
|
|
||||||
/tests/unit/libutil/libnixutil-tests
|
|
||||||
|
|
||||||
/src/nix/nix
|
|
||||||
|
|
||||||
/src/nix/doc
|
|
||||||
|
|
||||||
# /src/nix-env/
|
|
||||||
/src/nix-env/nix-env
|
|
||||||
|
|
||||||
# /src/nix-instantiate/
|
|
||||||
/src/nix-instantiate/nix-instantiate
|
|
||||||
|
|
||||||
# /src/nix-store/
|
|
||||||
/src/nix-store/nix-store
|
|
||||||
|
|
||||||
/src/nix-prefetch-url/nix-prefetch-url
|
|
||||||
|
|
||||||
/src/nix-collect-garbage/nix-collect-garbage
|
|
||||||
|
|
||||||
# /src/nix-channel/
|
|
||||||
/src/nix-channel/nix-channel
|
|
||||||
|
|
||||||
# /src/nix-build/
|
|
||||||
/src/nix-build/nix-build
|
|
||||||
|
|
||||||
/src/nix-copy-closure/nix-copy-closure
|
|
||||||
|
|
||||||
/src/error-demo/error-demo
|
|
||||||
|
|
||||||
/src/build-remote/build-remote
|
|
||||||
|
|
||||||
# /tests/functional/
|
|
||||||
/tests/functional/test-tmp
|
|
||||||
/tests/functional/common/vars-and-functions.sh
|
|
||||||
/tests/functional/result*
|
|
||||||
/tests/functional/restricted-innocent
|
|
||||||
/tests/functional/shell
|
|
||||||
/tests/functional/shell.drv
|
|
||||||
/tests/functional/config.nix
|
|
||||||
/tests/functional/ca/config.nix
|
|
||||||
/tests/functional/dyn-drv/config.nix
|
|
||||||
/tests/functional/repl-result-out
|
|
||||||
/tests/functional/debugger-test-out
|
|
||||||
/tests/functional/test-libstoreconsumer/test-libstoreconsumer
|
|
||||||
|
|
||||||
# /tests/functional/lang/
|
|
||||||
/tests/functional/lang/*.out
|
|
||||||
/tests/functional/lang/*.out.xml
|
|
||||||
/tests/functional/lang/*.err
|
|
||||||
/tests/functional/lang/*.ast
|
|
||||||
|
|
||||||
/perl/lib/Nix/Config.pm
|
|
||||||
/perl/lib/Nix/Store.cc
|
|
||||||
|
|
||||||
/misc/systemd/nix-daemon.service
|
|
||||||
/misc/systemd/nix-daemon.socket
|
|
||||||
/misc/systemd/nix-daemon.conf
|
|
||||||
/misc/upstart/nix-daemon.conf
|
|
||||||
|
|
||||||
/src/resolve-system-dependencies/resolve-system-dependencies
|
|
||||||
|
|
||||||
outputs/
|
outputs/
|
||||||
|
|
||||||
*.a
|
|
||||||
*.o
|
|
||||||
*.o.tmp
|
|
||||||
*.so
|
|
||||||
*.dylib
|
|
||||||
*.dll
|
|
||||||
*.exe
|
|
||||||
*.dep
|
|
||||||
*~
|
|
||||||
*.pc
|
|
||||||
*.plist
|
|
||||||
|
|
||||||
# GNU Global
|
# GNU Global
|
||||||
GPATH
|
GPATH
|
||||||
GRTAGS
|
GRTAGS
|
||||||
|
@ -132,17 +9,11 @@ GTAGS
|
||||||
# ccls
|
# ccls
|
||||||
/.ccls-cache
|
/.ccls-cache
|
||||||
|
|
||||||
# auto-generated compilation database
|
|
||||||
compile_commands.json
|
|
||||||
|
|
||||||
nix-rust/target
|
|
||||||
|
|
||||||
result
|
result
|
||||||
result-*
|
result-*
|
||||||
|
|
||||||
.vscode/
|
.vscode/
|
||||||
.direnv/
|
.direnv/
|
||||||
.envrc.local
|
|
||||||
|
|
||||||
# clangd and possibly more
|
# clangd and possibly more
|
||||||
.cache/
|
.cache/
|
||||||
|
@ -157,3 +28,4 @@ buildtime.bin
|
||||||
# We generate this with a Nix shell hook
|
# We generate this with a Nix shell hook
|
||||||
/.pre-commit-config.yaml
|
/.pre-commit-config.yaml
|
||||||
/.nocontribmsg
|
/.nocontribmsg
|
||||||
|
/release
|
||||||
|
|
|
@ -6,14 +6,14 @@ Read more about us at https://lix.systems.
|
||||||
|
|
||||||
## Installation
|
## Installation
|
||||||
|
|
||||||
On Linux and macOS the easiest way to install Nix is to run the following shell command
|
On Linux and macOS the easiest way to install Lix is to run the following shell command
|
||||||
(as a user other than root):
|
(as a user other than root):
|
||||||
|
|
||||||
```console
|
```console
|
||||||
$ curl -sSf -L https://install.lix.systems/lix | sh -s -- install
|
$ curl -sSf -L https://install.lix.systems/lix | sh -s -- install
|
||||||
```
|
```
|
||||||
|
|
||||||
For systems that **already have Nix installed**, such as NixOS systems, read our [install page](https://lix.systems/install)
|
For systems that **already have a Nix implementation installed**, such as NixOS systems, read our [install page](https://lix.systems/install)
|
||||||
|
|
||||||
## Building And Developing
|
## Building And Developing
|
||||||
|
|
||||||
|
|
|
@ -1,56 +1,8 @@
|
||||||
diff --git a/darwin_stop_world.c b/darwin_stop_world.c
|
|
||||||
index 0468aaec..b348d869 100644
|
|
||||||
--- a/darwin_stop_world.c
|
|
||||||
+++ b/darwin_stop_world.c
|
|
||||||
@@ -356,6 +356,7 @@ GC_INNER void GC_push_all_stacks(void)
|
|
||||||
int nthreads = 0;
|
|
||||||
word total_size = 0;
|
|
||||||
mach_msg_type_number_t listcount = (mach_msg_type_number_t)THREAD_TABLE_SZ;
|
|
||||||
+ size_t stack_limit;
|
|
||||||
if (!EXPECT(GC_thr_initialized, TRUE))
|
|
||||||
GC_thr_init();
|
|
||||||
|
|
||||||
@@ -411,6 +412,19 @@ GC_INNER void GC_push_all_stacks(void)
|
|
||||||
GC_push_all_stack_sections(lo, hi, p->traced_stack_sect);
|
|
||||||
}
|
|
||||||
if (altstack_lo) {
|
|
||||||
+ // When a thread goes into a coroutine, we lose its original sp until
|
|
||||||
+ // control flow returns to the thread.
|
|
||||||
+ // While in the coroutine, the sp points outside the thread stack,
|
|
||||||
+ // so we can detect this and push the entire thread stack instead,
|
|
||||||
+ // as an approximation.
|
|
||||||
+ // We assume that the coroutine has similarly added its entire stack.
|
|
||||||
+ // This could be made accurate by cooperating with the application
|
|
||||||
+ // via new functions and/or callbacks.
|
|
||||||
+ stack_limit = pthread_get_stacksize_np(p->id);
|
|
||||||
+ if (altstack_lo >= altstack_hi || altstack_lo < altstack_hi - stack_limit) { // sp outside stack
|
|
||||||
+ altstack_lo = altstack_hi - stack_limit;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
total_size += altstack_hi - altstack_lo;
|
|
||||||
GC_push_all_stack(altstack_lo, altstack_hi);
|
|
||||||
}
|
|
||||||
diff --git a/include/gc.h b/include/gc.h
|
|
||||||
index edab6c22..f2c61282 100644
|
|
||||||
--- a/include/gc.h
|
|
||||||
+++ b/include/gc.h
|
|
||||||
@@ -2172,6 +2172,11 @@ GC_API void GC_CALL GC_win32_free_heap(void);
|
|
||||||
(*GC_amiga_allocwrapper_do)(a,GC_malloc_atomic_ignore_off_page)
|
|
||||||
#endif /* _AMIGA && !GC_AMIGA_MAKINGLIB */
|
|
||||||
|
|
||||||
+#if !__APPLE__
|
|
||||||
+/* Patch doesn't work on apple */
|
|
||||||
+#define NIX_BOEHM_PATCH_VERSION 1
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
#ifdef __cplusplus
|
|
||||||
} /* extern "C" */
|
|
||||||
#endif
|
|
||||||
diff --git a/pthread_stop_world.c b/pthread_stop_world.c
|
diff --git a/pthread_stop_world.c b/pthread_stop_world.c
|
||||||
index b5d71e62..aed7b0bf 100644
|
index 2b45489..0e6d8ef 100644
|
||||||
--- a/pthread_stop_world.c
|
--- a/pthread_stop_world.c
|
||||||
+++ b/pthread_stop_world.c
|
+++ b/pthread_stop_world.c
|
||||||
@@ -768,6 +768,8 @@ STATIC void GC_restart_handler(int sig)
|
@@ -776,6 +776,8 @@ STATIC void GC_restart_handler(int sig)
|
||||||
/* world is stopped. Should not fail if it isn't. */
|
/* world is stopped. Should not fail if it isn't. */
|
||||||
GC_INNER void GC_push_all_stacks(void)
|
GC_INNER void GC_push_all_stacks(void)
|
||||||
{
|
{
|
||||||
|
@ -59,20 +11,23 @@ index b5d71e62..aed7b0bf 100644
|
||||||
GC_bool found_me = FALSE;
|
GC_bool found_me = FALSE;
|
||||||
size_t nthreads = 0;
|
size_t nthreads = 0;
|
||||||
int i;
|
int i;
|
||||||
@@ -851,6 +853,37 @@ GC_INNER void GC_push_all_stacks(void)
|
@@ -868,6 +870,40 @@ GC_INNER void GC_push_all_stacks(void)
|
||||||
hi = p->altstack + p->altstack_size;
|
hi = p->altstack + p->altstack_size;
|
||||||
|
# endif
|
||||||
/* FIXME: Need to scan the normal stack too, but how ? */
|
/* FIXME: Need to scan the normal stack too, but how ? */
|
||||||
/* FIXME: Assume stack grows down */
|
|
||||||
+ } else {
|
+ } else {
|
||||||
+#ifdef HAVE_PTHREAD_ATTR_GET_NP
|
+ #ifdef HAVE_PTHREAD_ATTR_GET_NP
|
||||||
+ if (!pthread_attr_init(&pattr)
|
+ if (pthread_attr_init(&pattr) != 0) {
|
||||||
+ || !pthread_attr_get_np(p->id, &pattr))
|
+ ABORT("GC_push_all_stacks: pthread_attr_init failed!");
|
||||||
+#else /* HAVE_PTHREAD_GETATTR_NP */
|
+ }
|
||||||
+ if (pthread_getattr_np(p->id, &pattr))
|
+ if (pthread_attr_get_np(p->id, &pattr) != 0) {
|
||||||
+#endif
|
+ ABORT("GC_push_all_stacks: pthread_attr_get_np failed!");
|
||||||
+ {
|
+ }
|
||||||
|
+ #else
|
||||||
|
+ if (pthread_getattr_np(p->id, &pattr)) {
|
||||||
+ ABORT("GC_push_all_stacks: pthread_getattr_np failed!");
|
+ ABORT("GC_push_all_stacks: pthread_getattr_np failed!");
|
||||||
+ }
|
+ }
|
||||||
|
+ #endif
|
||||||
+ if (pthread_attr_getstacksize(&pattr, &stack_limit)) {
|
+ if (pthread_attr_getstacksize(&pattr, &stack_limit)) {
|
||||||
+ ABORT("GC_push_all_stacks: pthread_attr_getstacksize failed!");
|
+ ABORT("GC_push_all_stacks: pthread_attr_getstacksize failed!");
|
||||||
+ }
|
+ }
|
||||||
|
@ -95,5 +50,5 @@ index b5d71e62..aed7b0bf 100644
|
||||||
+ #error "STACK_GROWS_UP not supported in boost_coroutine2 (as of june 2021), so we don't support it in Nix."
|
+ #error "STACK_GROWS_UP not supported in boost_coroutine2 (as of june 2021), so we don't support it in Nix."
|
||||||
+ #endif
|
+ #endif
|
||||||
}
|
}
|
||||||
GC_push_all_stack_sections(lo, hi, traced_stack_sect);
|
# ifdef STACKPTR_CORRECTOR_AVAILABLE
|
||||||
# ifdef STACK_GROWS_UP
|
if (GC_sp_corrector != 0)
|
||||||
|
|
|
@ -1,12 +0,0 @@
|
||||||
diff --git a/include/gc_allocator.h b/include/gc_allocator.h
|
|
||||||
index 597c7f13..587286be 100644
|
|
||||||
--- a/include/gc_allocator.h
|
|
||||||
+++ b/include/gc_allocator.h
|
|
||||||
@@ -312,6 +312,7 @@ public:
|
|
||||||
|
|
||||||
template<>
|
|
||||||
class traceable_allocator<void> {
|
|
||||||
+public:
|
|
||||||
typedef size_t size_type;
|
|
||||||
typedef ptrdiff_t difference_type;
|
|
||||||
typedef void* pointer;
|
|
|
@ -44,32 +44,41 @@ void FixIncludesCallbacks::LexedFileChanged(FileID, LexedFileChangeReason,
|
||||||
}
|
}
|
||||||
|
|
||||||
void FixIncludesCallbacks::InclusionDirective(
|
void FixIncludesCallbacks::InclusionDirective(
|
||||||
SourceLocation, const Token &, StringRef, bool,
|
SourceLocation, const Token &, StringRef FileName, bool IsAngled,
|
||||||
CharSourceRange FilenameRange, OptionalFileEntryRef File, StringRef,
|
CharSourceRange FilenameRange, OptionalFileEntryRef File, StringRef,
|
||||||
StringRef, const Module *, SrcMgr::CharacteristicKind) {
|
StringRef, const Module *, SrcMgr::CharacteristicKind) {
|
||||||
if (Ignore)
|
if (Ignore)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
// FIXME: this is kinda evil, but this is a one-time fixup
|
// FIXME: this is kinda evil, but this is a one-time fixup
|
||||||
const std::string SourceDir = "src/";
|
const std::vector<std::string> SourceDirs = {"src/", "include/lix/"};
|
||||||
|
|
||||||
if (File && File->getNameAsRequested().contains(SourceDir)) {
|
const auto Bracketize = [IsAngled](StringRef s) {
|
||||||
StringRef Name = File->getNameAsRequested();
|
return IsAngled ? ("<" + s + ">").str() : ("\"" + s + "\"").str();
|
||||||
auto Idx = Name.find(SourceDir);
|
};
|
||||||
assert(Idx != std::string::npos);
|
|
||||||
StringRef Suffix = Name.drop_front(Idx + SourceDir.length());
|
|
||||||
|
|
||||||
if (!Suffix.starts_with("lib")) {
|
for (const auto &SourceDir : SourceDirs) {
|
||||||
llvm::dbgs() << "ignored: " << Suffix << "\n";
|
const bool IsAlreadyFixed = FileName.starts_with("lix/lib");
|
||||||
return;
|
if (File && File->getNameAsRequested().contains(SourceDir) &&
|
||||||
|
!IsAlreadyFixed) {
|
||||||
|
StringRef Name = File->getNameAsRequested();
|
||||||
|
auto Idx = Name.find(SourceDir);
|
||||||
|
assert(Idx != std::string::npos);
|
||||||
|
std::string Suffix = Name.drop_front(Idx + SourceDir.length()).str();
|
||||||
|
|
||||||
|
if (!Suffix.starts_with("lib")) {
|
||||||
|
llvm::dbgs() << "ignored: " << Suffix << "\n";
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
Suffix = "lix/" + Suffix;
|
||||||
|
|
||||||
|
auto Diag = Check.diag(FilenameRange.getBegin(),
|
||||||
|
"include needs to specify the source subdir");
|
||||||
|
|
||||||
|
Diag << FilenameRange
|
||||||
|
<< FixItHint::CreateReplacement(FilenameRange, Bracketize(Suffix));
|
||||||
}
|
}
|
||||||
|
|
||||||
auto Diag = Check.diag(FilenameRange.getBegin(),
|
|
||||||
"include needs to specify the source subdir");
|
|
||||||
|
|
||||||
Diag << FilenameRange
|
|
||||||
<< FixItHint::CreateReplacement(FilenameRange,
|
|
||||||
("\"" + Suffix + "\"").str());
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
# Clang tidy lints for Nix
|
# Clang tidy lints for Lix
|
||||||
|
|
||||||
This is a skeleton of a clang-tidy lints library for Nix.
|
This is a skeleton of a clang-tidy lints library for Lix.
|
||||||
|
|
||||||
Currently there is one check (which is already obsolete as it has served its
|
Currently there is one check (which is already obsolete as it has served its
|
||||||
goal and is there as an example), `HasPrefixSuffixCheck`.
|
goal and is there as an example), `HasPrefixSuffixCheck`.
|
||||||
|
@ -10,13 +10,13 @@ goal and is there as an example), `HasPrefixSuffixCheck`.
|
||||||
One file:
|
One file:
|
||||||
|
|
||||||
```
|
```
|
||||||
ninja -C build && clang-tidy --checks='-*,nix-*' --load=build/libnix-clang-tidy.so -p ../compile_commands.json --fix ../src/libcmd/installables.cc
|
ninja -C build && clang-tidy --checks='-*,lix-*' --load=build/liblix-clang-tidy.so -p ../compile_commands.json -header-filter '\.\./src/.*\.h' --fix ../src/libcmd/installables.cc
|
||||||
```
|
```
|
||||||
|
|
||||||
Several files, in parallel:
|
Several files, in parallel:
|
||||||
|
|
||||||
```
|
```
|
||||||
ninja -C build && run-clang-tidy -checks='-*,nix-*' -load=build/libnix-clang-tidy.so -p .. -fix ../src | tee -a clang-tidy-result
|
ninja -C build && run-clang-tidy -checks='-*,lix-*' -load=build/liblix-clang-tidy.so -p .. -header-filter '\.\./src/.*\.h' -fix ../src | tee -a clang-tidy-result
|
||||||
```
|
```
|
||||||
|
|
||||||
## Resources
|
## Resources
|
||||||
|
|
|
@ -28,6 +28,7 @@ internal_api_docs = custom_target(
|
||||||
output : 'html',
|
output : 'html',
|
||||||
install : true,
|
install : true,
|
||||||
install_dir : datadir / 'doc/nix/internal-api',
|
install_dir : datadir / 'doc/nix/internal-api',
|
||||||
|
build_always_stale : true,
|
||||||
)
|
)
|
||||||
|
|
||||||
alias_target('internal-api-html', internal_api_docs)
|
alias_target('internal-api-html', internal_api_docs)
|
||||||
|
|
|
@ -11,6 +11,10 @@ additional-js = ["redirects.js"]
|
||||||
# to just submit a Gerrit CL by the web for trivial stuff.
|
# to just submit a Gerrit CL by the web for trivial stuff.
|
||||||
edit-url-template = "https://github.com/lix-project/lix/tree/main/doc/manual/{path}"
|
edit-url-template = "https://github.com/lix-project/lix/tree/main/doc/manual/{path}"
|
||||||
git-repository-url = "https://git.lix.systems/lix-project/lix"
|
git-repository-url = "https://git.lix.systems/lix-project/lix"
|
||||||
|
# Folding by default would prevent things like "Ctrl+F for nix-env" from working
|
||||||
|
# trivially, but the user should be able to fold if they want to.
|
||||||
|
fold.enable = true
|
||||||
|
fold.level = 30
|
||||||
|
|
||||||
# Handles replacing @docroot@ with a path to ./src relative to that markdown file,
|
# Handles replacing @docroot@ with a path to ./src relative to that markdown file,
|
||||||
# {{#include handlebars}}, and the @generated@ syntax used within these. it mostly
|
# {{#include handlebars}}, and the @generated@ syntax used within these. it mostly
|
||||||
|
|
|
@ -3,66 +3,113 @@
|
||||||
#
|
#
|
||||||
# It's used for crediting people accurately in release notes. The release notes
|
# It's used for crediting people accurately in release notes. The release notes
|
||||||
# script will link to forgejo, then to GitHub if forgejo is not present.
|
# script will link to forgejo, then to GitHub if forgejo is not present.
|
||||||
horrors:
|
9999years:
|
||||||
display_name: eldritch horrors
|
display_name: wiggles
|
||||||
forgejo: pennae
|
forgejo: rbt
|
||||||
github: pennae
|
github: 9999years
|
||||||
|
|
||||||
Qyriad:
|
Artturin:
|
||||||
forgejo: Qyriad
|
github: Artturin
|
||||||
github: Qyriad
|
|
||||||
|
|
||||||
jade:
|
DavHau:
|
||||||
forgejo: jade
|
github: DavHau
|
||||||
github: lf-
|
|
||||||
|
|
||||||
iFreilicht:
|
Kha:
|
||||||
github: iFreilicht
|
github: Kha
|
||||||
|
|
||||||
ma27:
|
|
||||||
forgejo: ma27
|
|
||||||
github: ma27
|
|
||||||
|
|
||||||
Lunaphied:
|
Lunaphied:
|
||||||
forgejo: Lunaphied
|
forgejo: Lunaphied
|
||||||
github: Lunaphied
|
github: Lunaphied
|
||||||
|
|
||||||
9999years:
|
Qyriad:
|
||||||
display_name: wiggles
|
forgejo: Qyriad
|
||||||
github: 9999years
|
github: Qyriad
|
||||||
forgejo: rbt
|
|
||||||
|
|
||||||
matthewbauer:
|
SharzyL:
|
||||||
github: matthewbauer
|
github: SharzyL
|
||||||
|
|
||||||
raito:
|
alois31:
|
||||||
display_name: Raito Bezarius
|
forgejo: alois31
|
||||||
github: RaitoBezarius
|
github: alois31
|
||||||
forgejo: raito
|
|
||||||
|
|
||||||
winter:
|
artemist:
|
||||||
github: winterqt
|
display_name: Artemis Tosini
|
||||||
forgejo: winter
|
forgejo: artemist
|
||||||
|
|
||||||
Kha:
|
cole-h:
|
||||||
github: Kha
|
display_name: Cole Helbling
|
||||||
|
github: cole-h
|
||||||
Artturin:
|
|
||||||
github: Artturin
|
|
||||||
|
|
||||||
thufschmitt:
|
|
||||||
display_name: Théophane Hufschmitt
|
|
||||||
github: thufschmitt
|
|
||||||
|
|
||||||
edolstra:
|
edolstra:
|
||||||
display_name: Eelco Dolstra
|
display_name: Eelco Dolstra
|
||||||
github: edolstra
|
github: edolstra
|
||||||
|
|
||||||
roberth:
|
ericson:
|
||||||
display_name: Robert Hensing
|
display_name: John Ericson
|
||||||
github: roberth
|
github: ericson2314
|
||||||
|
|
||||||
|
horrors:
|
||||||
|
display_name: eldritch horrors
|
||||||
|
forgejo: pennae
|
||||||
|
github: pennae
|
||||||
|
|
||||||
|
iFreilicht:
|
||||||
|
github: iFreilicht
|
||||||
|
|
||||||
|
jade:
|
||||||
|
forgejo: jade
|
||||||
|
github: lf-
|
||||||
|
|
||||||
|
lovesegfault:
|
||||||
|
github: lovesegfault
|
||||||
|
|
||||||
|
ma27:
|
||||||
|
forgejo: ma27
|
||||||
|
github: ma27
|
||||||
|
|
||||||
|
matthewbauer:
|
||||||
|
github: matthewbauer
|
||||||
|
|
||||||
midnightveil:
|
midnightveil:
|
||||||
display_name: julia
|
display_name: julia
|
||||||
forgejo: midnightveil
|
forgejo: midnightveil
|
||||||
github: midnightveil
|
github: midnightveil
|
||||||
|
|
||||||
|
ncfavier:
|
||||||
|
github: ncfavier
|
||||||
|
|
||||||
|
puck:
|
||||||
|
display_name: puck
|
||||||
|
forgejo: puck
|
||||||
|
github: puckipedia
|
||||||
|
|
||||||
|
r-vdp:
|
||||||
|
github: r-vdp
|
||||||
|
|
||||||
|
raito:
|
||||||
|
display_name: Raito Bezarius
|
||||||
|
forgejo: raito
|
||||||
|
github: RaitoBezarius
|
||||||
|
|
||||||
|
roberth:
|
||||||
|
display_name: Robert Hensing
|
||||||
|
github: roberth
|
||||||
|
|
||||||
|
thufschmitt:
|
||||||
|
display_name: Théophane Hufschmitt
|
||||||
|
github: thufschmitt
|
||||||
|
|
||||||
|
tomberek:
|
||||||
|
display_name: Tom Bereknyei
|
||||||
|
github: tomberek
|
||||||
|
|
||||||
|
valentin:
|
||||||
|
display_name: Valentin Gagarin
|
||||||
|
github: fricklerhandwerk
|
||||||
|
|
||||||
|
winter:
|
||||||
|
forgejo: winter
|
||||||
|
github: winterqt
|
||||||
|
|
||||||
|
yshui:
|
||||||
|
github: yshui
|
||||||
|
|
|
@ -24,7 +24,6 @@ const redirects = {
|
||||||
"chap-writing-nix-expressions": "language/index.html",
|
"chap-writing-nix-expressions": "language/index.html",
|
||||||
"part-command-ref": "command-ref/command-ref.html",
|
"part-command-ref": "command-ref/command-ref.html",
|
||||||
"conf-allow-import-from-derivation": "command-ref/conf-file.html#conf-allow-import-from-derivation",
|
"conf-allow-import-from-derivation": "command-ref/conf-file.html#conf-allow-import-from-derivation",
|
||||||
"conf-allow-new-privileges": "command-ref/conf-file.html#conf-allow-new-privileges",
|
|
||||||
"conf-allowed-uris": "command-ref/conf-file.html#conf-allowed-uris",
|
"conf-allowed-uris": "command-ref/conf-file.html#conf-allowed-uris",
|
||||||
"conf-allowed-users": "command-ref/conf-file.html#conf-allowed-users",
|
"conf-allowed-users": "command-ref/conf-file.html#conf-allowed-users",
|
||||||
"conf-auto-optimise-store": "command-ref/conf-file.html#conf-auto-optimise-store",
|
"conf-auto-optimise-store": "command-ref/conf-file.html#conf-auto-optimise-store",
|
||||||
|
|
|
@ -1,15 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Clang build timing analysis
|
|
||||||
cls: 587
|
|
||||||
---
|
|
||||||
|
|
||||||
We now have Clang build profiling available, which generates Chrome
|
|
||||||
tracing files for each compilation unit. To enable it, run `meson configure
|
|
||||||
build -Dprofile-build=enabled` then rerun the compilation.
|
|
||||||
|
|
||||||
If you want to make the build go faster, do a clang build with meson, then run
|
|
||||||
`maintainers/buildtime_report.sh build`, then contemplate how to improve the
|
|
||||||
build time.
|
|
||||||
|
|
||||||
You can also look at individual object files' traces in
|
|
||||||
<https://ui.perfetto.dev>.
|
|
0
doc/manual/rl-next/.gitkeep
Normal file
0
doc/manual/rl-next/.gitkeep
Normal file
|
@ -1,42 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Concise error printing in `nix repl`
|
|
||||||
prs: 9928
|
|
||||||
cls: 811
|
|
||||||
category: Improvements
|
|
||||||
credits: 9999years
|
|
||||||
---
|
|
||||||
|
|
||||||
Previously, if an element of a list or attribute set threw an error while
|
|
||||||
evaluating, `nix repl` would print the entire error (including source location
|
|
||||||
information) inline. This output was clumsy and difficult to parse:
|
|
||||||
|
|
||||||
```
|
|
||||||
nix-repl> { err = builtins.throw "uh oh!"; }
|
|
||||||
{ err = «error:
|
|
||||||
… while calling the 'throw' builtin
|
|
||||||
at «string»:1:9:
|
|
||||||
1| { err = builtins.throw "uh oh!"; }
|
|
||||||
| ^
|
|
||||||
|
|
||||||
error: uh oh!»; }
|
|
||||||
```
|
|
||||||
|
|
||||||
Now, only the error message is displayed, making the output much more readable.
|
|
||||||
```
|
|
||||||
nix-repl> { err = builtins.throw "uh oh!"; }
|
|
||||||
{ err = «error: uh oh!»; }
|
|
||||||
```
|
|
||||||
|
|
||||||
However, if the whole expression being evaluated throws an error, source
|
|
||||||
locations and (if applicable) a stack trace are printed, just like you'd expect:
|
|
||||||
|
|
||||||
```
|
|
||||||
nix-repl> builtins.throw "uh oh!"
|
|
||||||
error:
|
|
||||||
… while calling the 'throw' builtin
|
|
||||||
at «string»:1:1:
|
|
||||||
1| builtins.throw "uh oh!"
|
|
||||||
| ^
|
|
||||||
|
|
||||||
error: uh oh!
|
|
||||||
```
|
|
|
@ -1,6 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Show all FOD errors with `nix build --keep-going`
|
|
||||||
---
|
|
||||||
|
|
||||||
`nix build --keep-going` now behaves consistently with `nix-build --keep-going`. This means
|
|
||||||
that if e.g. multiple FODs fail to build, all hash mismatches are displayed.
|
|
|
@ -1,11 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: "`--debugger` can now access bindings from `let` expressions"
|
|
||||||
prs: 9918
|
|
||||||
issues: 8827
|
|
||||||
category: Fixes
|
|
||||||
credits: 9999years
|
|
||||||
---
|
|
||||||
|
|
||||||
Breakpoints and errors in the bindings of a `let` expression can now access
|
|
||||||
those bindings in the debugger. Previously, only the body of `let` expressions
|
|
||||||
could access those bindings.
|
|
|
@ -1,11 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Enter the `--debugger` when `builtins.trace` is called if `debugger-on-trace` is set
|
|
||||||
prs: 9914
|
|
||||||
category: Features
|
|
||||||
credits: 9999years
|
|
||||||
---
|
|
||||||
|
|
||||||
If the `debugger-on-trace` option is set and `--debugger` is given,
|
|
||||||
`builtins.trace` calls will behave similarly to `builtins.break` and will enter
|
|
||||||
the debug REPL. This is useful for determining where warnings are being emitted
|
|
||||||
from.
|
|
|
@ -1,9 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Stop vendoring toml11
|
|
||||||
cls: 675
|
|
||||||
category: Packaging
|
|
||||||
credits: winter
|
|
||||||
---
|
|
||||||
|
|
||||||
We don't apply any patches to it, and vendoring it locks users into
|
|
||||||
bugs (it hasn't been updated since its introduction in late 2021).
|
|
|
@ -1,8 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Fix handling of truncated `.drv` files.
|
|
||||||
prs: 9673
|
|
||||||
category: Fixes
|
|
||||||
credits: horrors
|
|
||||||
---
|
|
||||||
|
|
||||||
Previously a `.drv` that was truncated in the middle of a string would case nix to enter an infinite loop, eventually exhausting all memory and crashing.
|
|
|
@ -1,24 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Duplicate attribute reports are more accurate
|
|
||||||
cls: 557
|
|
||||||
credits: horrors
|
|
||||||
category: Improvements
|
|
||||||
---
|
|
||||||
|
|
||||||
Duplicate attribute errors are now more accurate, showing the path at which an error was detected rather than the full, possibly longer, path that caused the error.
|
|
||||||
Error reports are now
|
|
||||||
```ShellSession
|
|
||||||
$ nix eval --expr '{ a.b = 1; a.b.c.d = 1; }'
|
|
||||||
error: attribute 'a.b' already defined at «string»:1:3
|
|
||||||
at «string»:1:12:
|
|
||||||
1| { a.b = 1; a.b.c.d = 1;
|
|
||||||
| ^
|
|
||||||
```
|
|
||||||
instead of
|
|
||||||
```ShellSession
|
|
||||||
$ nix eval --expr '{ a.b = 1; a.b.c.d = 1; }'
|
|
||||||
error: attribute 'a.b.c.d' already defined at «string»:1:3
|
|
||||||
at «string»:1:12:
|
|
||||||
1| { a.b = 1; a.b.c.d = 1;
|
|
||||||
| ^
|
|
||||||
```
|
|
|
@ -1,8 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Disallow empty search regex in `nix search`
|
|
||||||
prs: 9481
|
|
||||||
credits: [iFreilicht, horrors]
|
|
||||||
category: Miscellany
|
|
||||||
---
|
|
||||||
|
|
||||||
[`nix search`](@docroot@/command-ref/new-cli/nix3-search.md) now requires a search regex to be passed. To show all packages, use `^`.
|
|
|
@ -1,13 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: "Add an option `enable-core-dumps` that enables core dumps from builds"
|
|
||||||
cls: 1088
|
|
||||||
credits: midnightveil
|
|
||||||
category: Features
|
|
||||||
---
|
|
||||||
|
|
||||||
In the past, Lix disabled core dumps by setting the soft `RLIMIT_CORE` to 0
|
|
||||||
unconditionally. Although this rlimit could be altered from the builder since
|
|
||||||
it is just the soft limit, this was kind of annoying to do. By passing
|
|
||||||
`--option enable-core-dumps true` to an offending build, one can now cause the
|
|
||||||
core dumps to be handled by the system in the normal way (winding up in
|
|
||||||
`coredumpctl`, say, on Linux).
|
|
|
@ -1,27 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: The `--debugger` will start more reliably in `let` expressions and function calls
|
|
||||||
prs: 9917
|
|
||||||
issues: 6649
|
|
||||||
credits: [9999years, horrors]
|
|
||||||
category: Fixes
|
|
||||||
---
|
|
||||||
|
|
||||||
Previously, if you attempted to evaluate this file with the debugger:
|
|
||||||
|
|
||||||
```nix
|
|
||||||
let
|
|
||||||
a = builtins.trace "before inner break" (
|
|
||||||
builtins.break "hello"
|
|
||||||
);
|
|
||||||
b = builtins.trace "before outer break" (
|
|
||||||
builtins.break a
|
|
||||||
);
|
|
||||||
in
|
|
||||||
b
|
|
||||||
```
|
|
||||||
|
|
||||||
Lix would correctly enter the debugger at `builtins.break a`, but if you asked
|
|
||||||
it to `:continue`, it would skip over the `builtins.break "hello"` expression
|
|
||||||
entirely.
|
|
||||||
|
|
||||||
Now, Lix will correctly enter the debugger at both breakpoints.
|
|
|
@ -1,10 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Reduce eval memory usage and wall time
|
|
||||||
prs: 9658
|
|
||||||
cls: 207
|
|
||||||
credits: horrors
|
|
||||||
category: Improvements
|
|
||||||
---
|
|
||||||
|
|
||||||
Reduce the size of the `Env` struct used in the evaluator by a pointer, or 8 bytes on most modern machines.
|
|
||||||
This reduces memory usage during eval by around 2% and wall time by around 3%.
|
|
|
@ -1,14 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Add new `eval-system` setting
|
|
||||||
prs: 4093
|
|
||||||
credits: [matthewbauer, horrors]
|
|
||||||
category: Features
|
|
||||||
---
|
|
||||||
|
|
||||||
Add a new `eval-system` option.
|
|
||||||
Unlike `system`, it just overrides the value of `builtins.currentSystem`.
|
|
||||||
This is more useful than overriding `system`, because you can build these derivations on remote builders which can work on the given system.
|
|
||||||
In contrast, `system` also effects scheduling which will cause Lix to build those derivations locally even if that doesn't make sense.
|
|
||||||
|
|
||||||
`eval-system` only takes effect if it is non-empty.
|
|
||||||
If empty (the default) `system` is used as before, so there is no breakage.
|
|
|
@ -1,10 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Creating setuid/setgid binaries with fchmodat2 is now prohibited by the build sandbox
|
|
||||||
prs: 10501
|
|
||||||
credits: ma27
|
|
||||||
category: Fixes
|
|
||||||
---
|
|
||||||
|
|
||||||
The build sandbox blocks any attempt to create setuid/setgid binaries, but didn't check
|
|
||||||
for the use of the `fchmodat2` syscall which was introduced in Linux 6.6 and is used by
|
|
||||||
glibc >=2.39. This is fixed now.
|
|
|
@ -1,24 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Fix nested flake input `follows`
|
|
||||||
prs: 6621
|
|
||||||
cls: 994
|
|
||||||
credits: [Kha, ma27]
|
|
||||||
category: Fixes
|
|
||||||
significance: significant
|
|
||||||
---
|
|
||||||
|
|
||||||
Previously nested-input overrides were ignored; that is, the following did not
|
|
||||||
override anything, in spite of the `nix3-flake` manual documenting it working:
|
|
||||||
|
|
||||||
```
|
|
||||||
{
|
|
||||||
inputs = {
|
|
||||||
foo.url = "github:bar/foo";
|
|
||||||
foo.inputs.bar.inputs.nixpkgs = "nixpkgs";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
This is useful to avoid the 1000 instances of nixpkgs problem without having
|
|
||||||
each flake in the dependency tree to expose all of its transitive dependencies
|
|
||||||
for modification.
|
|
|
@ -1,34 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Nested debuggers are no longer supported
|
|
||||||
prs: 9920
|
|
||||||
credits: 9999years
|
|
||||||
category: Improvements
|
|
||||||
---
|
|
||||||
|
|
||||||
Previously, evaluating an expression that throws an error in the debugger would
|
|
||||||
enter a second, nested debugger:
|
|
||||||
|
|
||||||
```
|
|
||||||
nix-repl> builtins.throw "what"
|
|
||||||
error: what
|
|
||||||
|
|
||||||
|
|
||||||
Starting REPL to allow you to inspect the current state of the evaluator.
|
|
||||||
|
|
||||||
Welcome to Nix 2.18.1. Type :? for help.
|
|
||||||
|
|
||||||
nix-repl>
|
|
||||||
```
|
|
||||||
|
|
||||||
Now, it just prints the error message like `nix repl`:
|
|
||||||
|
|
||||||
```
|
|
||||||
nix-repl> builtins.throw "what"
|
|
||||||
error:
|
|
||||||
… while calling the 'throw' builtin
|
|
||||||
at «string»:1:1:
|
|
||||||
1| builtins.throw "what"
|
|
||||||
| ^
|
|
||||||
|
|
||||||
error: what
|
|
||||||
```
|
|
|
@ -1,9 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: consistent order of lambda formals in printed expressions
|
|
||||||
prs: 9874
|
|
||||||
credits: horrors
|
|
||||||
category: Fixes
|
|
||||||
---
|
|
||||||
|
|
||||||
Always print lambda formals in lexicographic order rather than the internal, creation-time based symbol order.
|
|
||||||
This makes printed formals independent of the context they appear in.
|
|
|
@ -1,8 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: fix duplicate attribute error positions for `inherit`
|
|
||||||
prs: 9874
|
|
||||||
credits: horrors
|
|
||||||
category: Fixes
|
|
||||||
---
|
|
||||||
|
|
||||||
When an inherit caused a duplicate attribute error, the position of the error was not reported correctly, placing the error with the inherit itself or at the start of the bindings block instead of the offending attribute name.
|
|
|
@ -1,9 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: "`inherit (x) ...` evaluates `x` only once"
|
|
||||||
prs: 9847
|
|
||||||
category: Fixes
|
|
||||||
credits: horrors
|
|
||||||
---
|
|
||||||
|
|
||||||
`inherit (x) a b ...` now evaluates the expression `x` only once for all inherited attributes rather than once for each inherited attribute.
|
|
||||||
This does not usually have a measurable impact, but side-effects (such as `builtins.trace`) would be duplicated and expensive expressions (such as derivations) could cause a measurable slowdown.
|
|
|
@ -1,12 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Store paths are allowed to start with `.`
|
|
||||||
issues: 912
|
|
||||||
prs: [9867, 9091, 9095, 9120, 9121, 9122, 9130, 9219, 9224]
|
|
||||||
credits: [roberth, horrors]
|
|
||||||
category: Fixes
|
|
||||||
---
|
|
||||||
|
|
||||||
Leading periods were allowed by accident in Nix 2.4. The Nix team has considered this to be a bug, but this behavior has since been relied on by users, leading to unnecessary difficulties.
|
|
||||||
From now on, leading periods are officially, definitively supported. The names `.` and `..` are disallowed, as well as those starting with `.-` or `..-`.
|
|
||||||
|
|
||||||
Nix versions that denied leading periods are documented [in the issue](https://github.com/NixOS/nix/issues/912#issuecomment-1919583286).
|
|
|
@ -1,26 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Lix turns more internal bugs into crashes
|
|
||||||
cls: [797, 626]
|
|
||||||
credits: jade
|
|
||||||
category: Packaging
|
|
||||||
significance: significant
|
|
||||||
---
|
|
||||||
|
|
||||||
Lix now enables build options such as trapping on signed overflow and enabling
|
|
||||||
libstdc++ assertions by default. These may find new bugs in Lix, which will
|
|
||||||
present themselves as Lix processes aborting, potentially without an error
|
|
||||||
message.
|
|
||||||
|
|
||||||
If Lix processes abort on your machine, this is a bug. Please file a bug,
|
|
||||||
ideally with the core dump (or information from it).
|
|
||||||
|
|
||||||
On Linux, run `coredumpctl list`, find the crashed process's PID at
|
|
||||||
the bottom of the list, then run `coredumpctl info THE-PID`. You can then paste
|
|
||||||
the output into a bug report.
|
|
||||||
|
|
||||||
On macOS, open the Console app from Applications/Utilities, select Crash
|
|
||||||
Reports, select the crash report in question. Right click on it, select Open In
|
|
||||||
Finder, then include that file in your bug report. [See the Apple
|
|
||||||
documentation][apple-crashreport] for more details.
|
|
||||||
|
|
||||||
[apple-crashreport]: https://developer.apple.com/documentation/xcode/acquiring-crash-reports-and-diagnostic-logs#Locate-crash-reports-and-memory-logs-on-the-device
|
|
|
@ -1,12 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: rename 'nix show-config' to 'nix config show'
|
|
||||||
issues: 7672
|
|
||||||
prs: 9477
|
|
||||||
cls: 993
|
|
||||||
credits: [thufschmitt, ma27]
|
|
||||||
category: Improvements
|
|
||||||
---
|
|
||||||
|
|
||||||
`nix show-config` was renamed to `nix config show` to be more consistent with the rest of the command-line interface.
|
|
||||||
|
|
||||||
Running `nix show-config` will now print a deprecation warning saying to use `nix config show` instead.
|
|
|
@ -1,8 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Fix `nix-env --query --drv-path --json`
|
|
||||||
prs: 9257
|
|
||||||
credits: [Artturin, horrors]
|
|
||||||
category: Fixes
|
|
||||||
---
|
|
||||||
|
|
||||||
Fixed a bug where `nix-env --query` ignored `--drv-path` when `--json` was set.
|
|
|
@ -1,37 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: "`nix flake check` logs the checks"
|
|
||||||
issues: 8882
|
|
||||||
prs: 8893
|
|
||||||
cls: [259, 260, 261, 262]
|
|
||||||
credits: [9999years, raito, horrors]
|
|
||||||
category: Improvements
|
|
||||||
significance: significant
|
|
||||||
---
|
|
||||||
|
|
||||||
`nix flake check` now logs the checks it runs and the derivations it evaluates:
|
|
||||||
|
|
||||||
```
|
|
||||||
$ nix flake check -v
|
|
||||||
evaluating flake...
|
|
||||||
checking flake output 'checks'...
|
|
||||||
checking derivation 'checks.aarch64-darwin.ghciwatch-tests'...
|
|
||||||
derivation evaluated to /nix/store/nh7dlvsrhds4cxl91mvgj4h5cbq6skmq-ghciwatch-test-0.3.0.drv
|
|
||||||
checking derivation 'checks.aarch64-darwin.ghciwatch-clippy'...
|
|
||||||
derivation evaluated to /nix/store/9cb5a6wmp6kf6hidqw9wphidvb8bshym-ghciwatch-clippy-0.3.0.drv
|
|
||||||
checking derivation 'checks.aarch64-darwin.ghciwatch-doc'...
|
|
||||||
derivation evaluated to /nix/store/8brdd3jbawfszpbs7vdpsrhy80as1il8-ghciwatch-doc-0.3.0.drv
|
|
||||||
checking derivation 'checks.aarch64-darwin.ghciwatch-fmt'...
|
|
||||||
derivation evaluated to /nix/store/wjhs0l1njl5pyji53xlmfjrlya0wmz8p-ghciwatch-fmt-0.3.0.drv
|
|
||||||
checking derivation 'checks.aarch64-darwin.ghciwatch-audit'...
|
|
||||||
derivation evaluated to /nix/store/z0mps8dyj2ds7c0fn0819y5h5611033z-ghciwatch-audit-0.3.0.drv
|
|
||||||
checking flake output 'packages'...
|
|
||||||
checking derivation 'packages.aarch64-darwin.default'...
|
|
||||||
derivation evaluated to /nix/store/41abbdyglw5x9vcsvd89xan3ydjf8d7r-ghciwatch-0.3.0.drv
|
|
||||||
checking flake output 'apps'...
|
|
||||||
checking flake output 'devShells'...
|
|
||||||
checking derivation 'devShells.aarch64-darwin.default'...
|
|
||||||
derivation evaluated to /nix/store/bc935gz7dylzmcpdb5cczr8gngv8pmdb-nix-shell.drv
|
|
||||||
running 5 flake checks...
|
|
||||||
warning: The check omitted these incompatible systems: aarch64-linux, x86_64-darwin, x86_64-linux
|
|
||||||
Use '--all-systems' to check all.
|
|
||||||
```
|
|
|
@ -1,19 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: "Overhaul `nix flake update` and `nix flake lock` UX"
|
|
||||||
prs: 8817
|
|
||||||
credits: [iFreilicht, Lunaphied, thufschmitt]
|
|
||||||
category: Breaking Changes
|
|
||||||
---
|
|
||||||
|
|
||||||
The interface for creating and updating lock files has been overhauled:
|
|
||||||
|
|
||||||
- [`nix flake lock`](@docroot@/command-ref/new-cli/nix3-flake-lock.md) only creates lock files and adds missing inputs now.
|
|
||||||
It will *never* update existing inputs.
|
|
||||||
|
|
||||||
- [`nix flake update`](@docroot@/command-ref/new-cli/nix3-flake-update.md) does the same, but *will* update inputs.
|
|
||||||
- Passing no arguments will update all inputs of the current flake, just like it already did.
|
|
||||||
- Passing input names as arguments will ensure only those are updated. This replaces the functionality of `nix flake lock --update-input`
|
|
||||||
- To operate on a flake outside the current directory, you must now pass `--flake path/to/flake`.
|
|
||||||
|
|
||||||
- The flake-specific flags `--recreate-lock-file` and `--update-input` have been removed from all commands operating on installables.
|
|
||||||
They are superceded by `nix flake update`.
|
|
|
@ -1,11 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: "`nix profile` now allows referring to elements by human-readable name, and no longer accepts indices"
|
|
||||||
prs: 8678
|
|
||||||
cls: [978, 980]
|
|
||||||
category: Breaking Changes
|
|
||||||
credits: [iFreilicht, Qyriad, edolstra]
|
|
||||||
---
|
|
||||||
|
|
||||||
[`nix profile`](@docroot@/command-ref/new-cli/nix3-profile.md) now uses names to refer to installed packages when running [`list`](@docroot@/command-ref/new-cli/nix3-profile-list.md), [`remove`](@docroot@/command-ref/new-cli/nix3-profile-remove.md) or [`upgrade`](@docroot@/command-ref/new-cli/nix3-profile-upgrade.md) as opposed to indices. Indices have been removed. Profile element names are generated when a package is installed and remain the same until the package is removed.
|
|
||||||
|
|
||||||
**Warning**: The `manifest.nix` file used to record the contents of profiles has changed. Lix will automatically upgrade profiles to the new version when you modify the profile. After that, the profile can no longer be used by older versions of Lix.
|
|
|
@ -1,17 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: "`builtins.nixVersion` and `builtins.langVersion` return fixed values"
|
|
||||||
cls: [558, 1144]
|
|
||||||
credits: jade
|
|
||||||
category: Breaking Changes
|
|
||||||
---
|
|
||||||
|
|
||||||
`builtins.nixVersion` now returns a fixed value `"2.18.3-lix"`.
|
|
||||||
|
|
||||||
`builtins.langVersion` returns a fixed value `6`, matching CppNix 2.18.
|
|
||||||
|
|
||||||
This prevents feature detection assuming that features that exist in Nix
|
|
||||||
post-Lix-branch-off might exist, even though the Lix version is greater than
|
|
||||||
the Nix version.
|
|
||||||
|
|
||||||
In the future, check for builtins for feature detection. If a feature cannot be
|
|
||||||
detected by *those* means, please file a Lix bug.
|
|
|
@ -1,10 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: re-evaluate cached evaluation errors
|
|
||||||
cls: 771
|
|
||||||
credits: Qyriad
|
|
||||||
category: Fixes
|
|
||||||
---
|
|
||||||
|
|
||||||
"cached failure of [expr]" errors have been removed: expressions already in the
|
|
||||||
eval cache as a failure will now simply be re-evaluated, removing the need to
|
|
||||||
set `--no-eval-cache` or similar to see the error.
|
|
|
@ -1,26 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Coercion errors include the failing value
|
|
||||||
issues: 561
|
|
||||||
prs: 9754
|
|
||||||
credits: [9999years, horrors]
|
|
||||||
category: Improvements
|
|
||||||
---
|
|
||||||
|
|
||||||
The `error: cannot coerce a <TYPE> to a string` message now includes the value
|
|
||||||
which caused the error.
|
|
||||||
|
|
||||||
Before:
|
|
||||||
|
|
||||||
```
|
|
||||||
error: cannot coerce a set to a string
|
|
||||||
```
|
|
||||||
|
|
||||||
After:
|
|
||||||
|
|
||||||
```
|
|
||||||
error: cannot coerce a set to a string: { aesSupport = «thunk»;
|
|
||||||
avx2Support = «thunk»; avx512Support = «thunk»; avxSupport = «thunk»;
|
|
||||||
canExecute = «thunk»; config = «thunk»; darwinArch = «thunk»; darwinMinVersion
|
|
||||||
= «thunk»; darwinMinVersionVariable = «thunk»; darwinPlatform = «thunk»; «84
|
|
||||||
attributes elided»}
|
|
||||||
```
|
|
|
@ -1,25 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Type errors include the failing value
|
|
||||||
issues: 561
|
|
||||||
prs: 9753
|
|
||||||
credits: [9999years, horrors]
|
|
||||||
category: Improvements
|
|
||||||
---
|
|
||||||
|
|
||||||
In errors like `value is an integer while a list was expected`, the message now
|
|
||||||
includes the failing value.
|
|
||||||
|
|
||||||
Before:
|
|
||||||
|
|
||||||
```
|
|
||||||
error: value is a set while a string was expected
|
|
||||||
```
|
|
||||||
|
|
||||||
After:
|
|
||||||
|
|
||||||
```
|
|
||||||
error: expected a string but found a set: { ghc810 = «thunk»;
|
|
||||||
ghc8102Binary = «thunk»; ghc8107 = «thunk»; ghc8107Binary = «thunk»;
|
|
||||||
ghc865Binary = «thunk»; ghc90 = «thunk»; ghc902 = «thunk»; ghc92 = «thunk»;
|
|
||||||
ghc924Binary = «thunk»; ghc925 = «thunk»; «17 attributes elided»}
|
|
||||||
```
|
|
|
@ -1,39 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: "Visual clutter in `--debugger` is reduced"
|
|
||||||
prs: 9919
|
|
||||||
category: Improvements
|
|
||||||
credits: [9999years, horrors]
|
|
||||||
---
|
|
||||||
|
|
||||||
Before:
|
|
||||||
```
|
|
||||||
info: breakpoint reached
|
|
||||||
|
|
||||||
|
|
||||||
Starting REPL to allow you to inspect the current state of the evaluator.
|
|
||||||
|
|
||||||
Welcome to Nix 2.20.0pre20231222_dirty. Type :? for help.
|
|
||||||
|
|
||||||
nix-repl> :continue
|
|
||||||
error: uh oh
|
|
||||||
|
|
||||||
|
|
||||||
Starting REPL to allow you to inspect the current state of the evaluator.
|
|
||||||
|
|
||||||
Welcome to Nix 2.20.0pre20231222_dirty. Type :? for help.
|
|
||||||
|
|
||||||
nix-repl>
|
|
||||||
```
|
|
||||||
|
|
||||||
After:
|
|
||||||
|
|
||||||
```
|
|
||||||
info: breakpoint reached
|
|
||||||
|
|
||||||
Nix 2.20.0pre20231222_dirty debugger
|
|
||||||
Type :? for help.
|
|
||||||
nix-repl> :continue
|
|
||||||
error: uh oh
|
|
||||||
|
|
||||||
nix-repl>
|
|
||||||
```
|
|
|
@ -1,16 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Experimental REPL support for documentation comments using `:doc`
|
|
||||||
cls: 564
|
|
||||||
category: Features
|
|
||||||
credits: [Lunaphied, jade]
|
|
||||||
significance: significant
|
|
||||||
---
|
|
||||||
|
|
||||||
Using `:doc` in the REPL now supports showing documentation comments when defined on a function.
|
|
||||||
|
|
||||||
Previously this was only able to document builtins, however it now will show comments defined on a lambda as well.
|
|
||||||
|
|
||||||
This support is experimental and relies on an embedded version of [nix-doc](https://github.com/lf-/nix-doc).
|
|
||||||
|
|
||||||
The logic also supports limited Markdown formatting of doccomments and should easily support any [RFC 145](https://github.com/NixOS/rfcs/blob/master/rfcs/0145-doc-strings.md)
|
|
||||||
compatible documentation comments in addition to simple commented documentation.
|
|
|
@ -1,8 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Interrupting builds in the REPL works more than once
|
|
||||||
cls: 1097
|
|
||||||
---
|
|
||||||
|
|
||||||
Builds in the REPL can be interrupted by pressing Ctrl+C.
|
|
||||||
Previously, this only worked once per REPL session; further attempts would be ignored.
|
|
||||||
This issue is now fixed, so that builds can be canceled consistently.
|
|
|
@ -1,39 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Add `repl-overlays` option
|
|
||||||
prs: 10203
|
|
||||||
cls: 504
|
|
||||||
credits: 9999years
|
|
||||||
significance: significant
|
|
||||||
category: Features
|
|
||||||
---
|
|
||||||
|
|
||||||
A `repl-overlays` option has been added, which specifies files that can overlay
|
|
||||||
and modify the top-level bindings in `nix repl`. For example, with the
|
|
||||||
following contents in `~/.config/nix/repl.nix`:
|
|
||||||
|
|
||||||
```nix
|
|
||||||
info: final: prev: let
|
|
||||||
optionalAttrs = predicate: attrs:
|
|
||||||
if predicate
|
|
||||||
then attrs
|
|
||||||
else {};
|
|
||||||
in
|
|
||||||
optionalAttrs (prev ? legacyPackages && prev.legacyPackages ? ${info.currentSystem})
|
|
||||||
{
|
|
||||||
pkgs = prev.legacyPackages.${info.currentSystem};
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
We can run `nix repl` and use `pkgs` to refer to `legacyPackages.${currentSystem}`:
|
|
||||||
|
|
||||||
```ShellSession
|
|
||||||
$ nix repl --repl-overlays ~/.config/nix/repl.nix nixpkgs
|
|
||||||
Lix 2.90.0
|
|
||||||
Type :? for help.
|
|
||||||
Loading installable 'flake:nixpkgs#'...
|
|
||||||
Added 5 variables.
|
|
||||||
Loading 'repl-overlays'...
|
|
||||||
Added 6 variables.
|
|
||||||
nix-repl> pkgs.bash
|
|
||||||
«derivation /nix/store/g08b5vkwwh0j8ic9rkmd8mpj878rk62z-bash-5.2p26.drv»
|
|
||||||
```
|
|
|
@ -1,16 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: reintroduce shortened `-E` form for `--expr` to new CLI
|
|
||||||
cls: 605
|
|
||||||
credits: Lunaphied
|
|
||||||
category: Improvements
|
|
||||||
---
|
|
||||||
|
|
||||||
In the old CLI, it was possible to supply a shorter `-E` flag instead of fully
|
|
||||||
specifying `--expr` every time you wished to provide an expression that would
|
|
||||||
be evaluated to produce the given command's input. This was retained for the
|
|
||||||
`--file` flag when the new CLI utilities were written with `-f`, but `-E` was
|
|
||||||
dropped.
|
|
||||||
|
|
||||||
We now restore the `-E` short form for better UX. This is most useful for
|
|
||||||
`nix eval` but most any command that takes an Installable argument should benefit
|
|
||||||
from it as well.
|
|
|
@ -1,25 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: "In the debugger, `while evaluating the attribute` errors now include position information"
|
|
||||||
prs: 9915
|
|
||||||
credits: 9999years
|
|
||||||
category: Fixes
|
|
||||||
---
|
|
||||||
|
|
||||||
Before:
|
|
||||||
|
|
||||||
```
|
|
||||||
0: while evaluating the attribute 'python311.pythonForBuild.pkgs'
|
|
||||||
0x600001522598
|
|
||||||
```
|
|
||||||
|
|
||||||
After:
|
|
||||||
|
|
||||||
```
|
|
||||||
0: while evaluating the attribute 'python311.pythonForBuild.pkgs'
|
|
||||||
/nix/store/hg65h51xnp74ikahns9hyf3py5mlbbqq-source/overrides/default.nix:132:27
|
|
||||||
|
|
||||||
131|
|
|
||||||
132| bootstrappingBase = pkgs.${self.python.pythonAttr}.pythonForBuild.pkgs;
|
|
||||||
| ^
|
|
||||||
133| in
|
|
||||||
```
|
|
|
@ -1,44 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Source locations are printed more consistently in errors
|
|
||||||
issues: 561
|
|
||||||
prs: 9555
|
|
||||||
credits: [9999years, horrors]
|
|
||||||
category: Improvements
|
|
||||||
---
|
|
||||||
|
|
||||||
Source location information is now included in error messages more
|
|
||||||
consistently. Given this code:
|
|
||||||
|
|
||||||
```nix
|
|
||||||
let
|
|
||||||
attr = {foo = "bar";};
|
|
||||||
key = {};
|
|
||||||
in
|
|
||||||
attr.${key}
|
|
||||||
```
|
|
||||||
|
|
||||||
Previously, Nix would show this unhelpful message when attempting to evaluate
|
|
||||||
it:
|
|
||||||
|
|
||||||
```
|
|
||||||
error:
|
|
||||||
… while evaluating an attribute name
|
|
||||||
|
|
||||||
error: value is a set while a string was expected
|
|
||||||
```
|
|
||||||
|
|
||||||
Now, the error message displays where the problematic value was found:
|
|
||||||
|
|
||||||
```
|
|
||||||
error:
|
|
||||||
… while evaluating an attribute name
|
|
||||||
|
|
||||||
at bad.nix:4:11:
|
|
||||||
|
|
||||||
3| key = {};
|
|
||||||
4| in attr.${key}
|
|
||||||
| ^
|
|
||||||
5|
|
|
||||||
|
|
||||||
error: expected a string but found a set: { }
|
|
||||||
```
|
|
|
@ -1,35 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Some stack overflow segfaults are fixed
|
|
||||||
issues: 9616
|
|
||||||
prs: 9617
|
|
||||||
cls: 205
|
|
||||||
category: Improvements
|
|
||||||
credits: [9999years, horrors]
|
|
||||||
---
|
|
||||||
|
|
||||||
The number of nested function calls has been restricted, to detect and report
|
|
||||||
infinite function call recursions. The default maximum call depth is 10,000 and
|
|
||||||
can be set with [the `max-call-depth`
|
|
||||||
option](@docroot@/command-ref/conf-file.md#conf-max-call-depth).
|
|
||||||
|
|
||||||
This fixes segfaults or the following unhelpful error message in many cases:
|
|
||||||
|
|
||||||
error: stack overflow (possible infinite recursion)
|
|
||||||
|
|
||||||
Before:
|
|
||||||
|
|
||||||
```
|
|
||||||
$ nix-instantiate --eval --expr '(x: x x) (x: x x)'
|
|
||||||
Segmentation fault: 11
|
|
||||||
```
|
|
||||||
|
|
||||||
After:
|
|
||||||
|
|
||||||
```
|
|
||||||
$ nix-instantiate --eval --expr '(x: x x) (x: x x)'
|
|
||||||
error: stack overflow
|
|
||||||
|
|
||||||
at «string»:1:14:
|
|
||||||
1| (x: x x) (x: x x)
|
|
||||||
| ^
|
|
||||||
```
|
|
|
@ -1,8 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: add `--store-path` argument to `nix upgrade-nix`, to manually specify the Nix to upgrade to
|
|
||||||
cls: 953
|
|
||||||
credits: Qyriad
|
|
||||||
category: Features
|
|
||||||
---
|
|
||||||
|
|
||||||
`nix upgrade-nix` by default downloads a manifest to find the new Nix version to upgrade to, but now you can specify `--store-path` to upgrade Nix to an arbitrary version from the Nix store.
|
|
|
@ -1,10 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: using `nix profile` on `/nix/var/nix/profiles/default` no longer breaks `nix upgrade-nix`
|
|
||||||
cls: 952
|
|
||||||
credits: Qyriad
|
|
||||||
category: Fixes
|
|
||||||
---
|
|
||||||
|
|
||||||
On non-NixOS, Nix is conventionally installed into a `nix-env` style profile at /nix/var/nix/profiles/default.
|
|
||||||
Like any `nix-env` profile, using `nix profile` on it automatically migrates it to a `nix profile` style profile, which is incompatible with `nix-env`.
|
|
||||||
`nix upgrade-nix` previously relied solely on `nix-env` to do the upgrade, but now will work fine with either kind of profile.
|
|
|
@ -1,10 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Upstart scripts removed
|
|
||||||
cls: 574
|
|
||||||
category: Packaging
|
|
||||||
credits: jade
|
|
||||||
---
|
|
||||||
|
|
||||||
Upstart scripts have been removed from Lix, since Upstart is obsolete and has
|
|
||||||
not been shipped by any major distributions for many years. If these are
|
|
||||||
necessary to your use case, please back port them to your packaging.
|
|
|
@ -1,34 +0,0 @@
|
||||||
---
|
|
||||||
synopsis: Better error reporting for `with` expressions
|
|
||||||
prs: 9658
|
|
||||||
cls: 207
|
|
||||||
credits: horrors
|
|
||||||
category: Improvements
|
|
||||||
---
|
|
||||||
|
|
||||||
`with` expressions using non-attrset values to resolve variables are now reported with proper positions.
|
|
||||||
|
|
||||||
Previously an incorrect `with` expression would report no position at all, making it hard to determine where the error originated:
|
|
||||||
|
|
||||||
```
|
|
||||||
nix-repl> with 1; a
|
|
||||||
error:
|
|
||||||
… <borked>
|
|
||||||
|
|
||||||
at «none»:0: (source not available)
|
|
||||||
|
|
||||||
error: value is an integer while a set was expected
|
|
||||||
```
|
|
||||||
|
|
||||||
Now position information is preserved and reported as with most other errors:
|
|
||||||
|
|
||||||
```
|
|
||||||
nix-repl> with 1; a
|
|
||||||
error:
|
|
||||||
… while evaluating the first subexpression of a with expression
|
|
||||||
at «string»:1:1:
|
|
||||||
1| with 1; a
|
|
||||||
| ^
|
|
||||||
|
|
||||||
error: expected a set but found an integer: 1
|
|
||||||
```
|
|
|
@ -196,53 +196,55 @@
|
||||||
- [C++ style guide](contributing/cxx.md)
|
- [C++ style guide](contributing/cxx.md)
|
||||||
- [Release Notes](release-notes/release-notes.md)
|
- [Release Notes](release-notes/release-notes.md)
|
||||||
- [Upcoming release](release-notes/rl-next.md)
|
- [Upcoming release](release-notes/rl-next.md)
|
||||||
- [Release 2.18 (2023-09-20)](release-notes/rl-2.18.md)
|
<!-- RELENG-AUTO-INSERTION-MARKER (see releng/release_notes.py) -->
|
||||||
- [Release 2.17 (2023-07-24)](release-notes/rl-2.17.md)
|
- [Lix 2.90 (FIXME date)](release-notes/rl-2.90.md)
|
||||||
- [Release 2.16 (2023-05-31)](release-notes/rl-2.16.md)
|
- [Nix 2.18 (2023-09-20)](release-notes/rl-2.18.md)
|
||||||
- [Release 2.15 (2023-04-11)](release-notes/rl-2.15.md)
|
- [Nix 2.17 (2023-07-24)](release-notes/rl-2.17.md)
|
||||||
- [Release 2.14 (2023-02-28)](release-notes/rl-2.14.md)
|
- [Nix 2.16 (2023-05-31)](release-notes/rl-2.16.md)
|
||||||
- [Release 2.13 (2023-01-17)](release-notes/rl-2.13.md)
|
- [Nix 2.15 (2023-04-11)](release-notes/rl-2.15.md)
|
||||||
- [Release 2.12 (2022-12-06)](release-notes/rl-2.12.md)
|
- [Nix 2.14 (2023-02-28)](release-notes/rl-2.14.md)
|
||||||
- [Release 2.11 (2022-08-25)](release-notes/rl-2.11.md)
|
- [Nix 2.13 (2023-01-17)](release-notes/rl-2.13.md)
|
||||||
- [Release 2.10 (2022-07-11)](release-notes/rl-2.10.md)
|
- [Nix 2.12 (2022-12-06)](release-notes/rl-2.12.md)
|
||||||
- [Release 2.9 (2022-05-30)](release-notes/rl-2.9.md)
|
- [Nix 2.11 (2022-08-25)](release-notes/rl-2.11.md)
|
||||||
- [Release 2.8 (2022-04-19)](release-notes/rl-2.8.md)
|
- [Nix 2.10 (2022-07-11)](release-notes/rl-2.10.md)
|
||||||
- [Release 2.7 (2022-03-07)](release-notes/rl-2.7.md)
|
- [Nix 2.9 (2022-05-30)](release-notes/rl-2.9.md)
|
||||||
- [Release 2.6 (2022-01-24)](release-notes/rl-2.6.md)
|
- [Nix 2.8 (2022-04-19)](release-notes/rl-2.8.md)
|
||||||
- [Release 2.5 (2021-12-13)](release-notes/rl-2.5.md)
|
- [Nix 2.7 (2022-03-07)](release-notes/rl-2.7.md)
|
||||||
- [Release 2.4 (2021-11-01)](release-notes/rl-2.4.md)
|
- [Nix 2.6 (2022-01-24)](release-notes/rl-2.6.md)
|
||||||
- [Release 2.3 (2019-09-04)](release-notes/rl-2.3.md)
|
- [Nix 2.5 (2021-12-13)](release-notes/rl-2.5.md)
|
||||||
- [Release 2.2 (2019-01-11)](release-notes/rl-2.2.md)
|
- [Nix 2.4 (2021-11-01)](release-notes/rl-2.4.md)
|
||||||
- [Release 2.1 (2018-09-02)](release-notes/rl-2.1.md)
|
- [Nix 2.3 (2019-09-04)](release-notes/rl-2.3.md)
|
||||||
- [Release 2.0 (2018-02-22)](release-notes/rl-2.0.md)
|
- [Nix 2.2 (2019-01-11)](release-notes/rl-2.2.md)
|
||||||
- [Release 1.11.10 (2017-06-12)](release-notes/rl-1.11.10.md)
|
- [Nix 2.1 (2018-09-02)](release-notes/rl-2.1.md)
|
||||||
- [Release 1.11 (2016-01-19)](release-notes/rl-1.11.md)
|
- [Nix 2.0 (2018-02-22)](release-notes/rl-2.0.md)
|
||||||
- [Release 1.10 (2015-09-03)](release-notes/rl-1.10.md)
|
- [Nix 1.11.10 (2017-06-12)](release-notes/rl-1.11.10.md)
|
||||||
- [Release 1.9 (2015-06-12)](release-notes/rl-1.9.md)
|
- [Nix 1.11 (2016-01-19)](release-notes/rl-1.11.md)
|
||||||
- [Release 1.8 (2014-12-14)](release-notes/rl-1.8.md)
|
- [Nix 1.10 (2015-09-03)](release-notes/rl-1.10.md)
|
||||||
- [Release 1.7 (2014-04-11)](release-notes/rl-1.7.md)
|
- [Nix 1.9 (2015-06-12)](release-notes/rl-1.9.md)
|
||||||
- [Release 1.6.1 (2013-10-28)](release-notes/rl-1.6.1.md)
|
- [Nix 1.8 (2014-12-14)](release-notes/rl-1.8.md)
|
||||||
- [Release 1.6 (2013-09-10)](release-notes/rl-1.6.md)
|
- [Nix 1.7 (2014-04-11)](release-notes/rl-1.7.md)
|
||||||
- [Release 1.5.2 (2013-05-13)](release-notes/rl-1.5.2.md)
|
- [Nix 1.6.1 (2013-10-28)](release-notes/rl-1.6.1.md)
|
||||||
- [Release 1.5 (2013-02-27)](release-notes/rl-1.5.md)
|
- [Nix 1.6 (2013-09-10)](release-notes/rl-1.6.md)
|
||||||
- [Release 1.4 (2013-02-26)](release-notes/rl-1.4.md)
|
- [Nix 1.5.2 (2013-05-13)](release-notes/rl-1.5.2.md)
|
||||||
- [Release 1.3 (2013-01-04)](release-notes/rl-1.3.md)
|
- [Nix 1.5 (2013-02-27)](release-notes/rl-1.5.md)
|
||||||
- [Release 1.2 (2012-12-06)](release-notes/rl-1.2.md)
|
- [Nix 1.4 (2013-02-26)](release-notes/rl-1.4.md)
|
||||||
- [Release 1.1 (2012-07-18)](release-notes/rl-1.1.md)
|
- [Nix 1.3 (2013-01-04)](release-notes/rl-1.3.md)
|
||||||
- [Release 1.0 (2012-05-11)](release-notes/rl-1.0.md)
|
- [Nix 1.2 (2012-12-06)](release-notes/rl-1.2.md)
|
||||||
- [Release 0.16 (2010-08-17)](release-notes/rl-0.16.md)
|
- [Nix 1.1 (2012-07-18)](release-notes/rl-1.1.md)
|
||||||
- [Release 0.15 (2010-03-17)](release-notes/rl-0.15.md)
|
- [Nix 1.0 (2012-05-11)](release-notes/rl-1.0.md)
|
||||||
- [Release 0.14 (2010-02-04)](release-notes/rl-0.14.md)
|
- [Nix 0.16 (2010-08-17)](release-notes/rl-0.16.md)
|
||||||
- [Release 0.13 (2009-11-05)](release-notes/rl-0.13.md)
|
- [Nix 0.15 (2010-03-17)](release-notes/rl-0.15.md)
|
||||||
- [Release 0.12 (2008-11-20)](release-notes/rl-0.12.md)
|
- [Nix 0.14 (2010-02-04)](release-notes/rl-0.14.md)
|
||||||
- [Release 0.11 (2007-12-31)](release-notes/rl-0.11.md)
|
- [Nix 0.13 (2009-11-05)](release-notes/rl-0.13.md)
|
||||||
- [Release 0.10.1 (2006-10-11)](release-notes/rl-0.10.1.md)
|
- [Nix 0.12 (2008-11-20)](release-notes/rl-0.12.md)
|
||||||
- [Release 0.10 (2006-10-06)](release-notes/rl-0.10.md)
|
- [Nix 0.11 (2007-12-31)](release-notes/rl-0.11.md)
|
||||||
- [Release 0.9.2 (2005-09-21)](release-notes/rl-0.9.2.md)
|
- [Nix 0.10.1 (2006-10-11)](release-notes/rl-0.10.1.md)
|
||||||
- [Release 0.9.1 (2005-09-20)](release-notes/rl-0.9.1.md)
|
- [Nix 0.10 (2006-10-06)](release-notes/rl-0.10.md)
|
||||||
- [Release 0.9 (2005-09-16)](release-notes/rl-0.9.md)
|
- [Nix 0.9.2 (2005-09-21)](release-notes/rl-0.9.2.md)
|
||||||
- [Release 0.8.1 (2005-04-13)](release-notes/rl-0.8.1.md)
|
- [Nix 0.9.1 (2005-09-20)](release-notes/rl-0.9.1.md)
|
||||||
- [Release 0.8 (2005-04-11)](release-notes/rl-0.8.md)
|
- [Nix 0.9 (2005-09-16)](release-notes/rl-0.9.md)
|
||||||
- [Release 0.7 (2005-01-12)](release-notes/rl-0.7.md)
|
- [Nix 0.8.1 (2005-04-13)](release-notes/rl-0.8.1.md)
|
||||||
- [Release 0.6 (2004-11-14)](release-notes/rl-0.6.md)
|
- [Nix 0.8 (2005-04-11)](release-notes/rl-0.8.md)
|
||||||
- [Release 0.5 and earlier](release-notes/rl-0.5.md)
|
- [Nix 0.7 (2005-01-12)](release-notes/rl-0.7.md)
|
||||||
|
- [Nix 0.6 (2004-11-14)](release-notes/rl-0.6.md)
|
||||||
|
- [Nix 0.5 and earlier](release-notes/rl-0.5.md)
|
||||||
|
|
|
@ -14,9 +14,8 @@
|
||||||
|
|
||||||
# Disambiguation
|
# Disambiguation
|
||||||
|
|
||||||
This man page describes the command `nix-build`, which is distinct from `nix
|
This man page describes the command `nix-build`, which is distinct from [`nix build`](./new-cli/nix3-build.md).
|
||||||
build`. For documentation on the latter, run `nix build --help` or see `man
|
For documentation on the latter, run `nix build --help` or see `man nix3-build`.
|
||||||
nix3-build`.
|
|
||||||
|
|
||||||
# Description
|
# Description
|
||||||
|
|
||||||
|
|
|
@ -102,14 +102,14 @@ $ meson compile -C build nixexpr
|
||||||
All targets may be addressed as their output, relative to the build directory, e.g.:
|
All targets may be addressed as their output, relative to the build directory, e.g.:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
$ meson compile -C build src/libexpr/libnixexpr.so
|
$ meson compile -C build src/libexpr/liblixexpr.so
|
||||||
```
|
```
|
||||||
|
|
||||||
But Meson does not consider intermediate files like object files targets.
|
But Meson does not consider intermediate files like object files targets.
|
||||||
To build a specific object file, use Ninja directly and specify the output file relative to the build directory:
|
To build a specific object file, use Ninja directly and specify the output file relative to the build directory:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
$ ninja -C build src/libexpr/libnixexpr.so.p/nixexpr.cc.o
|
$ ninja -C build src/libexpr/liblixexpr.so.p/nixexpr.cc.o
|
||||||
```
|
```
|
||||||
|
|
||||||
To inspect the canonical source of truth on what the state of the buildsystem configuration is, use:
|
To inspect the canonical source of truth on what the state of the buildsystem configuration is, use:
|
||||||
|
@ -137,7 +137,7 @@ You can also build Lix for one of the [supported platforms](#platforms).
|
||||||
|
|
||||||
Lix can be built for various platforms, as specified in [`flake.nix`]:
|
Lix can be built for various platforms, as specified in [`flake.nix`]:
|
||||||
|
|
||||||
[`flake.nix`]: https://github.com/nixos/nix/blob/master/flake.nix
|
[`flake.nix`]: https://git.lix.systems/lix-project/lix/src/branch/main/flake.nix
|
||||||
|
|
||||||
- `x86_64-linux`
|
- `x86_64-linux`
|
||||||
- `x86_64-darwin`
|
- `x86_64-darwin`
|
||||||
|
|
|
@ -12,44 +12,51 @@ The unit tests are defined using the [googletest] and [rapidcheck] frameworks.
|
||||||
> An example of some files, demonstrating much of what is described below
|
> An example of some files, demonstrating much of what is described below
|
||||||
>
|
>
|
||||||
> ```
|
> ```
|
||||||
> src
|
|
||||||
> ├── libexpr
|
|
||||||
> │ ├── value/context.hh
|
|
||||||
> │ ├── value/context.cc
|
|
||||||
> │ │
|
|
||||||
> │ …
|
|
||||||
> └── tests
|
|
||||||
> │ ├── value/context.hh
|
|
||||||
> │ ├── value/context.cc
|
|
||||||
> │ │
|
|
||||||
> │ …
|
|
||||||
> │
|
|
||||||
> ├── unit-test-data
|
|
||||||
> │ ├── libstore
|
|
||||||
> │ │ ├── worker-protocol/content-address.bin
|
|
||||||
> │ │ …
|
|
||||||
> │ …
|
|
||||||
> …
|
> …
|
||||||
|
> ├── src
|
||||||
|
> │ ├── libexpr
|
||||||
|
> │ │ ├── …
|
||||||
|
> │ │ ├── value
|
||||||
|
> │ │ │ ├── context.cc
|
||||||
|
> │ │ │ └── context.hh
|
||||||
|
> │ … …
|
||||||
|
> ├── tests
|
||||||
|
> │ …
|
||||||
|
> │ └── unit
|
||||||
|
> │ ├── libcmd
|
||||||
|
> │ │ └── args.cc
|
||||||
|
> │ ├── libexpr
|
||||||
|
> │ │ ├── …
|
||||||
|
> │ │ └── value
|
||||||
|
> │ │ ├── context.cc
|
||||||
|
> │ │ └── print.cc
|
||||||
|
> │ ├── libexpr-support
|
||||||
|
> │ │ └── tests
|
||||||
|
> │ │ ├── libexpr.hh
|
||||||
|
> │ │ └── value
|
||||||
|
> │ │ ├── context.cc
|
||||||
|
> │ │ └── context.hh
|
||||||
|
> │ ├── libstore
|
||||||
|
> │ │ ├── common-protocol.cc
|
||||||
|
> │ │ ├── data
|
||||||
|
> │ │ │ ├── libstore
|
||||||
|
> │ │ │ │ ├── common-protocol
|
||||||
|
> │ │ │ │ │ ├── content-address.bin
|
||||||
|
> │ │ │ │ │ ├── drv-output.bin
|
||||||
|
> … … … … … …
|
||||||
> ```
|
> ```
|
||||||
|
|
||||||
<!-- FIXME(Lix): this might get renamed to liblixexpr, etc? -->
|
The unit tests for each Lix library (`liblixexpr`, `liblixstore`, etc..) live inside a directory `src/${library_shortname}/tests` within the directory for the library (`src/${library_shortname}`).
|
||||||
|
|
||||||
The unit tests for each Lix library (`libnixexpr`, `libnixstore`, etc..) live inside a directory `src/${library_shortname}/tests` within the directory for the library (`src/${library_shortname}`).
|
The data is in `tests/unit/LIBNAME/data/LIBNAME`, with one subdir per library, with the same name as where the code goes.
|
||||||
|
For example, `liblixstore` code is in `src/libstore`, and its test data is in `tests/unit/libstore/data/libstore`.
|
||||||
The data is in `unit-test-data`, with one subdir per library, with the same name as where the code goes.
|
The path to the unit test data directory is passed to the unit test executable with the environment variable `_NIX_TEST_UNIT_DATA`.
|
||||||
For example, `libnixstore` code is in `src/libstore`, and its test data is in `unit-test-data/libstore`.
|
|
||||||
The path to the `unit-test-data` directory is passed to the unit test executable with the environment variable `_NIX_TEST_UNIT_DATA`.
|
|
||||||
|
|
||||||
> **Note**
|
|
||||||
> Due to the way googletest works, downstream unit test executables will actually include and re-run upstream library tests.
|
|
||||||
> Therefore it is important that the same value for `_NIX_TEST_UNIT_DATA` be used with the tests for each library.
|
|
||||||
> That is why we have the test data nested within a single `unit-test-data` directory.
|
|
||||||
|
|
||||||
### Running tests
|
### Running tests
|
||||||
|
|
||||||
You can run the whole testsuite with `just test` (see justfile for exact invocation of meson), and if you want to run just one test suite, use `just test --suite installcheck functional-init` where `installcheck` is the name of the test suite in this case and `functional-init` is the name of the test.
|
You can run the whole testsuite with `just test` (see justfile for exact invocation of meson), and if you want to run just one test suite, use `just test --suite installcheck functional-init` where `installcheck` is the name of the test suite in this case and `functional-init` is the name of the test.
|
||||||
|
|
||||||
To get a list of tests, use `meson test -C build --list`.
|
To get a list of tests, use `meson test -C build --list` (or `just test --list` for short).
|
||||||
|
|
||||||
For `installcheck` specifically, first run `just install` before running the test suite (this is due to meson limitations that don't let us put a dependency on installing before doing the test).
|
For `installcheck` specifically, first run `just install` before running the test suite (this is due to meson limitations that don't let us put a dependency on installing before doing the test).
|
||||||
|
|
||||||
|
@ -74,20 +81,27 @@ See [below](#characterization-testing-1) for a broader discussion of characteriz
|
||||||
Like with the functional characterization, `_NIX_TEST_ACCEPT=1` is also used.
|
Like with the functional characterization, `_NIX_TEST_ACCEPT=1` is also used.
|
||||||
For example:
|
For example:
|
||||||
```shell-session
|
```shell-session
|
||||||
$ _NIX_TEST_ACCEPT=1 make libstore-tests-exe_RUN
|
$ _NIX_TEST_ACCEPT=1 just test --suite check libstore-unit-tests
|
||||||
...
|
...
|
||||||
[ SKIPPED ] WorkerProtoTest.string_read
|
../tests/unit/libstore/common-protocol.cc:27: Skipped
|
||||||
[ SKIPPED ] WorkerProtoTest.string_write
|
Cannot read golden master because another test is also updating it
|
||||||
[ SKIPPED ] WorkerProtoTest.storePath_read
|
|
||||||
[ SKIPPED ] WorkerProtoTest.storePath_write
|
../tests/unit/libstore/common-protocol.cc:62: Skipped
|
||||||
|
Updating golden master
|
||||||
|
|
||||||
|
../tests/unit/libstore/common-protocol.cc:27: Skipped
|
||||||
|
Cannot read golden master because another test is also updating it
|
||||||
|
|
||||||
|
../tests/unit/libstore/common-protocol.cc:62: Skipped
|
||||||
|
Updating golden master
|
||||||
...
|
...
|
||||||
```
|
```
|
||||||
will regenerate the "golden master" expected result for the `libnixstore` characterization tests.
|
will regenerate the "golden master" expected result for the `liblixstore` characterization tests.
|
||||||
The characterization tests will mark themselves "skipped" since they regenerated the expected result instead of actually testing anything.
|
The characterization tests will mark themselves "skipped" since they regenerated the expected result instead of actually testing anything.
|
||||||
|
|
||||||
## Functional tests
|
## Functional tests
|
||||||
|
|
||||||
The functional tests reside under the `tests/functional` directory and are listed in `tests/functional/local.mk`.
|
The functional tests reside under the `tests/functional` directory and are listed in `tests/functional/meson.build`.
|
||||||
Each test is a bash script.
|
Each test is a bash script.
|
||||||
|
|
||||||
### Running the whole test suite
|
### Running the whole test suite
|
||||||
|
@ -185,7 +199,7 @@ edit it like so:
|
||||||
```
|
```
|
||||||
|
|
||||||
<div class="warning">
|
<div class="warning">
|
||||||
FIXME(meson): the command here may be incorrect for meson.
|
FIXME(meson): the command here is incorrect for meson and this whole functionality may need rebuilding.
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
Then, running the test with `./mk/debug-test.sh` will drop you into GDB once the script reaches that point:
|
Then, running the test with `./mk/debug-test.sh` will drop you into GDB once the script reaches that point:
|
||||||
|
@ -209,15 +223,11 @@ This technique is to include the exact output/behavior of a former version of Ni
|
||||||
|
|
||||||
For example, this technique is used for the language tests, to check both the printed final value if evaluation was successful, and any errors and warnings encountered.
|
For example, this technique is used for the language tests, to check both the printed final value if evaluation was successful, and any errors and warnings encountered.
|
||||||
|
|
||||||
<div class="warning">
|
|
||||||
FIXME(meson): this is incorrect for meson. `_NIX_TEST_ACCEPT=1` is still valid but the test invocation needs to change.
|
|
||||||
</div>
|
|
||||||
|
|
||||||
It is frequently useful to regenerate the expected output.
|
It is frequently useful to regenerate the expected output.
|
||||||
To do that, rerun the failed test(s) with `_NIX_TEST_ACCEPT=1`.
|
To do that, rerun the failed test(s) with `_NIX_TEST_ACCEPT=1`.
|
||||||
For example:
|
For example:
|
||||||
```bash
|
```bash
|
||||||
_NIX_TEST_ACCEPT=1 make tests/functional/lang.sh.test
|
_NIX_TEST_ACCEPT=1 just test --suite installcheck -v functional-lang
|
||||||
```
|
```
|
||||||
|
|
||||||
An interesting situation to document is the case when these tests are "overfitted".
|
An interesting situation to document is the case when these tests are "overfitted".
|
||||||
|
@ -320,3 +330,135 @@ solved this need?
|
||||||
~~>
|
~~>
|
||||||
|
|
||||||
-->
|
-->
|
||||||
|
|
||||||
|
## Magic environment variables
|
||||||
|
|
||||||
|
FIXME: maybe this section should be moved elsewhere or turned partially into user docs, but I just need a complete index for now.
|
||||||
|
I actually want to ban people calling getenv without writing documentation, and produce a comprehensive list of env-vars used by Lix and enforce it.
|
||||||
|
|
||||||
|
This is a non-exhaustive list of almost all environment variables, magic or not, accepted or used by various parts of the test suite as well as Lix itself.
|
||||||
|
Please add more if you find them.
|
||||||
|
|
||||||
|
I looked for these in the testsuite with the following bad regexes:
|
||||||
|
|
||||||
|
```
|
||||||
|
rg '(?:[^A-Za-z]|^)(_[A-Z][^-\[ }/:");$(]+)' -r '$1' --no-filename --only-matching tests | sort -u > vars.txt
|
||||||
|
rg '\$\{?([A-Z][^-\[ }/:");]+)' -r '$1' --no-filename --only-matching tests | sort -u > vars.txt
|
||||||
|
```
|
||||||
|
|
||||||
|
I grepped `src/` for `get[eE]nv\("` to find the mentions in Lix code.
|
||||||
|
|
||||||
|
### Used by Lix testing support code
|
||||||
|
|
||||||
|
- `_NIX_TEST_ACCEPT` (optional) - Writes out the result of a characterization test as the new expected value.
|
||||||
|
**Expected value**: 1
|
||||||
|
|
||||||
|
- `_NIX_TEST_UNIT_DATA` - The path to the directory for the data for a given unit test suite.
|
||||||
|
|
||||||
|
**Expected value**: `tests/unit/libstore/data/libstore` or similar
|
||||||
|
|
||||||
|
|
||||||
|
### Used by Lix
|
||||||
|
|
||||||
|
- `_NIX_FORCE_HTTP` - Forces file URIs to be treated as remote ones.
|
||||||
|
|
||||||
|
Used by `src/libfetchers/git.cc`, `src/libstore/http-binary-cache-store.cc`,
|
||||||
|
`src/libstore/local-binary-cache-store.cc`. Seems to be for forcing Git
|
||||||
|
clones of `git+file://` URLs, making the HTTP binary
|
||||||
|
cache store accept `file://` URLs (presumably passing them to curl?), and
|
||||||
|
unknown reasons for the local binary cache.
|
||||||
|
|
||||||
|
FIXME(jade): is this obscuring a bug in https://git.lix.systems/lix-project/lix/issues/200?
|
||||||
|
|
||||||
|
**Expected value**: 1
|
||||||
|
- `NIX_ATTRS_SH_FILE`, `NIX_ATTRS_JSON_FILE` (output) - Set by Lix builders; see
|
||||||
|
`structuredAttrs` documentation.
|
||||||
|
- `NIX_BIN_DIR`, `NIX_STORE_DIR` (or its inconsistently-used old alias `NIX_STORE`), `NIX_DATA_DIR`,
|
||||||
|
`NIX_LOG_DIR`, `NIX_LOG_DIR`, `NIX_STATE_DIR`, `NIX_CONF_DIR` -
|
||||||
|
Overrides compile-time configuration of various locations used by Lix. See `src/libstore/globals.cc`.
|
||||||
|
|
||||||
|
**Expected value**: a directory
|
||||||
|
- `NIX_DAEMON_SOCKET_PATH` (optional) - Overrides the daemon socket path from `$NIX_STATE_DIR/daemon-socket/socket`.
|
||||||
|
|
||||||
|
**Expected value**: path to a socket
|
||||||
|
- `NIX_LOG_FD` (output) - An FD number for logs in `internal-json` format to be sent to.
|
||||||
|
Used for, mostly, "setPhase" in nixpkgs setup.sh, but can also be creatively used to print verbose log messages from derivations.
|
||||||
|
|
||||||
|
**Provided value**: number corresponding to an FD in the builder
|
||||||
|
- `NIX_PATH` - Search path for `<whatever>`. Documented elsewhere in the manual.
|
||||||
|
|
||||||
|
**Expected value**: `:` separated list of things that are not necessarily pointing to filesystem paths
|
||||||
|
- `NIX_REMOTE` - The default value of the Lix setting `store`.
|
||||||
|
|
||||||
|
**Expected value**: "daemon", usually. Could be "auto" or any other value acceptable in `store`.
|
||||||
|
- `NIX_BUILD_SHELL` - Documented elsewhere; the shell to invoke with `nix-shell` but not `nix develop`/`nix shell`.
|
||||||
|
The latter ignoring it altogether seems like a bug.
|
||||||
|
|
||||||
|
**Expected value**: the path to an executable shell
|
||||||
|
- `PRINT_PATH` - Undocumented. Used by `nix-prefetch-url` as an alternative form of `--print-path`. Why???
|
||||||
|
- `_NIX_IN_TEST` - If present with any value, makes `fetchClosure` accept file URLs in addition to HTTP ones. Why is this not `_NIX_FORCE_HTTP`??
|
||||||
|
|
||||||
|
Not used anywhere else.
|
||||||
|
- `NIX_ALLOW_EVAL` - Used by eval-cache tests to block evaluation if set to `0`.
|
||||||
|
|
||||||
|
**Expected value**: 1 or 0
|
||||||
|
- `EDITOR` - Used by `editorFor()`, which has some extremely sketchy editor-detection code for jumping to line numbers.
|
||||||
|
- `LISTEN_FDS` and `LISTEN_PID` - Used for systemd socket activation using the systemd socket activation protocol.
|
||||||
|
- `NIX_PAGER` (alternatively, `PAGER`) - Used to select a pager for Lix output. Why does this not use libutil `getEnv()`?
|
||||||
|
- `LESS` (output) - Sets the pager settings for `less` when invoked by Lix.
|
||||||
|
- `NIX_IGNORE_SYMLINK_STORE` - When set, Lix allows the store to be a symlink. Why do we support this?
|
||||||
|
|
||||||
|
Apparently [someone was using it enough to fix it](https://github.com/NixOS/nix/pull/4038).
|
||||||
|
- `NIX_SSL_CERT_FILE` (alternatively, `SSL_CERT_FILE`) - Used to set CA certificates for libcurl.
|
||||||
|
|
||||||
|
**Expected value**: "/etc/ssl/certs/ca-certificates.crt" or similar
|
||||||
|
- `NIX_REMOTE_SYSTEMS` - Used to set `builders`. Can we please deprecate this?
|
||||||
|
- `NIX_USER_CONF_FILES` - `:` separated list of config files to load before
|
||||||
|
`/nix/nix.conf` under each of `XDG_CONFIG_DIRS`.
|
||||||
|
- `NIX_CONFIG` - Newline separated configuration to load into Lix.
|
||||||
|
- `NIX_GET_COMPLETIONS` - Returns completions.
|
||||||
|
Unsure of the exact format, someone should document it; either way my shell never had any completions.
|
||||||
|
|
||||||
|
**Expected value**: number of completions to return.
|
||||||
|
- `IN_SYSTEMD` - Used to switch the logging format so that systemd gets the correct log levels. I think.
|
||||||
|
- `NIX_HELD_LOCKS` - Not used, what is this for?? We should surely remove it right after searching github?
|
||||||
|
- `GC_INITIAL_HEAP_SIZE` - Used to set the initial heap size, processed by boehmgc.
|
||||||
|
- `NIX_COUNT_CALLS` - Documented elsewhere; prints call counts for profiling purposes.
|
||||||
|
- `NIX_SHOW_STATS` - Documented elsewhere; prints various evaluation statistics like function calls, gc info, and similar.
|
||||||
|
- `NIX_SHOW_STATS_PATH` - Writes those statistics into a file at the given path instead of stdout. Undocumented.
|
||||||
|
- `NIX_SHOW_SYMBOLS` - Dumps the symbol table into the show-stats json output.
|
||||||
|
- `TERM` - If `dumb` or unset, disables ANSI colour output.
|
||||||
|
- `NO_COLOR`, `NOCOLOR` - Disables ANSI colour output.
|
||||||
|
- `_NIX_DEVELOPER_SHOW_UNKNOWN_LOCATIONS` - Highlights unknown locations in errors.
|
||||||
|
- `NIX_PROFILE` - Selects which profile `nix-env` will operate on. Documented elsewhere.
|
||||||
|
- `NIX_SSHOPTS` - Options passed to `ssh(1)` when using a ssh remote store.
|
||||||
|
Incorrectly documented on `nix-copy-closure` which is *surely* not the only place they are used??
|
||||||
|
- `_NIX_TEST_NO_LSOF` - Used on non-Linux, non-macOS platforms to disable using `lsof` when finding gc roots.
|
||||||
|
|
||||||
|
Since https://git.lix.systems/lix-project/lix/issues/156 was fixed, this should probably just be removed as it was a bad workaround for a macOS issue.
|
||||||
|
- `_NIX_TEST_GC_SYNC_1` - Path to a pipe that is used to block the GC briefly to validate invariants from the test suite.
|
||||||
|
- `_NIX_TEST_GC_SYNC_2` - Path to a pipe that is used to block the GC briefly to validate invariants from the test suite.
|
||||||
|
- `_NIX_TEST_FREE_SPACE_FILE` - Path to a file containing a decimal number with the free space that the GC is to believe it has.
|
||||||
|
- Various XDG vars
|
||||||
|
- `NIX_DEBUG_SQLITE_TRACES` - Dump all sqlite queries to the log at `notice` level.
|
||||||
|
- `_NIX_TEST_NO_SANDBOX` - Disables actually setting up the sandbox on macOS while leaving other logic the same. Unused on other platforms.
|
||||||
|
- `_NIX_TRACE_BUILT_OUTPUTS` - Dumps all the derivation paths alongside their outputs as lines into a file of the given name.
|
||||||
|
|
||||||
|
### Used by the functional test framework
|
||||||
|
|
||||||
|
- `NIX_DAEMON_PACKAGE` - Runs the test suite against an alternate Nix daemon with the current client.
|
||||||
|
|
||||||
|
**Expected value**: something like `/nix/store/...-nix-2.18.2`
|
||||||
|
- `NIX_CLIENT_PACKAGE` - Runs the test suite against an alternate Nix client with the current daemon.
|
||||||
|
|
||||||
|
**Expected value**: something like `/nix/store/...-nix-2.18.2`
|
||||||
|
- `NIX_TESTS_CA_BY_DEFAULT` - Pass `__contentAddressed`, `outputHashMode` and `outputHashAlgo` to builds of some input-addressed derivations in the test suite.
|
||||||
|
|
||||||
|
**Expected value**: 1
|
||||||
|
- `TEST_DATA` - Not an environment variable! This is used in repl characterization tests to refer to `tests/functional/repl_characterization/data`.
|
||||||
|
More specifically, that path is replaced with the string `$TEST_DATA` in output for reproducibility.
|
||||||
|
- `TEST_HOME` (output) - Set to the temporary directory that is set as `$HOME` inside the tests, underneath `$TEST_ROOT`.
|
||||||
|
- `TEST_ROOT` (output) - Set to the temporary directory that is created for each test to mess with.
|
||||||
|
- `_NIX_TEST_DAEMON_PID` (output) - Used to track the daemon pid to be able to kill it.
|
||||||
|
|
||||||
|
**Provided value**: Daemon pid as a base-10 integer, e.g. 2345
|
||||||
|
|
|
@ -1,64 +1,62 @@
|
||||||
# Using Lix within Docker
|
# Using Lix within Docker
|
||||||
|
|
||||||
Currently the Lix project doesn't ship docker images. However, we have the infrastructure to do it, it's just not yet been done. See https://git.lix.systems/lix-project/lix/issues/252
|
Lix is available on the following two container registries:
|
||||||
|
- [ghcr.io/lix-project/lix](https://ghcr.io/lix-project/lix)
|
||||||
<!--
|
- [git.lix.systems/lix-project/lix](https://git.lix.systems/lix-project/-/packages/container/lix)
|
||||||
|
|
||||||
To run the latest stable release of Lix with Docker run the following command:
|
To run the latest stable release of Lix with Docker run the following command:
|
||||||
|
|
||||||
```console
|
```console
|
||||||
$ docker run -ti nixos/nix
|
~ » sudo podman run -it ghcr.io/lix-project/lix:latest
|
||||||
Unable to find image 'nixos/nix:latest' locally
|
Trying to pull ghcr.io/lix-project/lix:latest...
|
||||||
latest: Pulling from nixos/nix
|
|
||||||
5843afab3874: Pull complete
|
bash-5.2# nix --version
|
||||||
b52bf13f109c: Pull complete
|
nix (Lix, like Nix) 2.90.0
|
||||||
1e2415612aa3: Pull complete
|
|
||||||
Digest: sha256:27f6e7f60227e959ee7ece361f75d4844a40e1cc6878b6868fe30140420031ff
|
|
||||||
Status: Downloaded newer image for nixos/nix:latest
|
|
||||||
35ca4ada6e96:/# nix --version
|
|
||||||
nix (Nix) 2.3.12
|
|
||||||
35ca4ada6e96:/# exit
|
|
||||||
```
|
```
|
||||||
|
|
||||||
# What is included in Lix's Docker image?
|
# What is included in Lix's Docker image?
|
||||||
|
|
||||||
The official Docker image is created using `pkgs.dockerTools.buildLayeredImage`
|
The official Docker image is created using [nix2container]
|
||||||
(and not with `Dockerfile` as it is usual with Docker images). You can still
|
(and not with `Dockerfile` as it is usual with Docker images). You can still
|
||||||
base your custom Docker image on it as you would do with any other Docker
|
base your custom Docker image on it as you would do with any other Docker
|
||||||
image.
|
image.
|
||||||
|
|
||||||
The Docker image is also not based on any other image and includes minimal set
|
[nix2container]: https://github.com/nlewo/nix2container
|
||||||
of runtime dependencies that are required to use Lix:
|
|
||||||
|
|
||||||
- pkgs.nix
|
The Docker image is also not based on any other image and includes the nixpkgs
|
||||||
- pkgs.bashInteractive
|
that Lix was built with along with a minimal set of tools in the system profile:
|
||||||
- pkgs.coreutils-full
|
|
||||||
- pkgs.gnutar
|
- bashInteractive
|
||||||
- pkgs.gzip
|
- cacert.out
|
||||||
- pkgs.gnugrep
|
- coreutils-full
|
||||||
- pkgs.which
|
- curl
|
||||||
- pkgs.curl
|
- findutils
|
||||||
- pkgs.less
|
- gitMinimal
|
||||||
- pkgs.wget
|
- gnugrep
|
||||||
- pkgs.man
|
- gnutar
|
||||||
- pkgs.cacert.out
|
- gzip
|
||||||
- pkgs.findutils
|
- iana-etc
|
||||||
|
- less
|
||||||
|
- libxml2
|
||||||
|
- lix
|
||||||
|
- man
|
||||||
|
- openssh
|
||||||
|
- sqlite
|
||||||
|
- wget
|
||||||
|
- which
|
||||||
|
|
||||||
# Docker image with the latest development version of Lix
|
# Docker image with the latest development version of Lix
|
||||||
|
|
||||||
To get the latest image that was built by [Hydra](https://hydra.nixos.org) run
|
FIXME: There are not currently images of development versions of Lix. Tracking issue: https://git.lix.systems/lix-project/lix/issues/381
|
||||||
the following command:
|
|
||||||
|
You can build a Docker image from source yourself and copy it to either:
|
||||||
|
|
||||||
|
Podman: `nix run '.#dockerImage.copyTo' containers-storage:lix`
|
||||||
|
|
||||||
|
Docker: `nix run '.#dockerImage.copyToDockerDaemon'`
|
||||||
|
|
||||||
|
Then:
|
||||||
|
|
||||||
```console
|
```console
|
||||||
$ curl -L https://hydra.nixos.org/job/nix/master/dockerImage.x86_64-linux/latest/download/1 | docker load
|
$ docker run -ti lix
|
||||||
$ docker run -ti nix:2.5pre20211105
|
|
||||||
```
|
```
|
||||||
|
|
||||||
You can also build a Docker image from source yourself:
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ nix build ./\#hydraJobs.dockerImage.x86_64-linux
|
|
||||||
$ docker load -i ./result/image.tar.gz
|
|
||||||
$ docker run -ti nix:2.5pre20211105
|
|
||||||
```
|
|
||||||
-->
|
|
||||||
|
|
|
@ -1,32 +1,121 @@
|
||||||
# Multi-User Mode
|
# Multi-User Mode
|
||||||
|
|
||||||
To allow a Nix store to be shared safely among multiple users, it is
|
To allow a Nix store to be shared safely among multiple users, it is important that users cannot meaningfully influence the execution of derivation builds such that they could inject malicious code into them without changing their (either input- or output- addressed) hash.
|
||||||
important that users are not able to run builders that modify the Nix
|
If they could do so, they could install a Trojan horse in some package and compromise the accounts of other users.
|
||||||
store or database in arbitrary ways, or that interfere with builds
|
|
||||||
started by other users. If they could do so, they could install a Trojan
|
|
||||||
horse in some package and compromise the accounts of other users.
|
|
||||||
|
|
||||||
To prevent this, the Nix store and database are owned by some privileged
|
To prevent this, the Nix store and database are owned by some privileged user (usually `root`) and builders are executed under unprivileged system user accounts (usually named `nixbld1`, `nixbld2`, etc.).
|
||||||
user (usually `root`) and builders are executed under special user
|
When an unprivileged user runs a Nix command, actions that operate on the Nix store (such as builds) are forwarded to a *Nix daemon* running under the owner of the Nix store/database that performs the operation.
|
||||||
accounts (usually named `nixbld1`, `nixbld2`, etc.). When a unprivileged
|
|
||||||
user runs a Nix command, actions that operate on the Nix store (such as
|
|
||||||
builds) are forwarded to a *Nix daemon* running under the owner of the
|
|
||||||
Nix store/database that performs the operation.
|
|
||||||
|
|
||||||
> **Note**
|
The buried lede in the above sentence is that *currently*, even in multi-user mode using a daemon, if executing as the user that owns the store, Lix directly manipulates the store unless `--store daemon` is specified.
|
||||||
>
|
[We intend to change this in the future][multi-user-should-not-be-root].
|
||||||
> Multi-user mode has one important limitation: only root and a set of
|
|
||||||
> trusted users specified in `nix.conf` can specify arbitrary binary
|
|
||||||
> caches. So while unprivileged users may install packages from
|
|
||||||
> arbitrary Nix expressions, they may not get pre-built binaries.
|
|
||||||
|
|
||||||
## Setting up the build users
|
<div class="warning">
|
||||||
|
The Lix team considers the goal of the sandbox to be primarily for preventing reproducibility mistakes, and does not consider multi-user mode to be a strong security boundary between users.
|
||||||
|
|
||||||
|
Do not evaluate or build untrusted, potentially-malicious, Nix language code on machines that you care deeply about maintaining user isolation on.
|
||||||
|
|
||||||
|
Although we would consider any sandbox escapes to be serious security bugs and we intend to fix them, we are not confident enough in the daemon's security to call the daemon a security boundary.
|
||||||
|
</div>
|
||||||
|
|
||||||
|
[multi-user-should-not-be-root]: https://git.lix.systems/lix-project/lix/issues/18
|
||||||
|
|
||||||
|
## Trust model
|
||||||
|
|
||||||
|
There are two categories of users of the Lix daemon: trusted users and untrusted users.
|
||||||
|
The Lix daemon only allows connections from users that are either trusted users, or are specified in, or are members of groups specified in, [`allowed-users`](../command-ref/conf-file.md#conf-allowed-users) in `nix.conf`.
|
||||||
|
Trusted users are users and users of groups specified in [`trusted-users`](../command-ref/conf-file.md#conf-trusted-users) in `nix.conf`.
|
||||||
|
|
||||||
|
All users of the Lix daemon may do the following to bring things into the Nix store:
|
||||||
|
|
||||||
|
- Users may load derivations and output-addressed files into the store with `nix-store --add` or through Nix language code.
|
||||||
|
- Users may locally build derivations, either of the output-addressed or input-addressed variety, creating output paths.
|
||||||
|
|
||||||
|
Note that [fixed-output derivations only consider name and hash](https://github.com/NixOS/nix/issues/969), so it is possible to write a fixed-output derivation for something important with a bogus hash and have it resolve to something else already built in the store.
|
||||||
|
|
||||||
|
On systems with `sandbox` enabled (default on Linux; [not *yet* on macOS][sandbox-enable-macos]), derivations are either:
|
||||||
|
- Input-addressed, so they are run in the sandbox with no network access, with the following exceptions:
|
||||||
|
|
||||||
|
- The (poorly named, since it is not *just* about chroot) property `__noChroot` is set on the derivation and `sandbox` is set to `relaxed`.
|
||||||
|
- On macOS, the derivation property `__darwinAllowLocalNetworking` allows network access to localhost from input-addressed derivations regardless of the `sandbox` setting value. This property exists with such semantics because macOS has no network namespace equivalent to isolate individual processes' localhost networking.
|
||||||
|
- Output-addressed, so they are run with network access but their result must match an expected hash.
|
||||||
|
|
||||||
|
Trusted users may set any setting, including `sandbox = false`, so the sandbox state can be different at runtime from what is described in `nix.conf` for builds invoked with such settings.
|
||||||
|
- Users may copy appropriately-signed derivation outputs into the store.
|
||||||
|
|
||||||
|
By default, any paths *copied into a store* (such as by substitution) must have signatures from [`trusted-public-keys`](../command-ref/conf-file.md#conf-trusted-public-keys) unless they are [output-addressed](../glossary.md#gloss-output-addressed-store-object).
|
||||||
|
|
||||||
|
Unsigned paths may be copied into a store if [`require-sigs`](../command-ref/conf-file.md#conf-require-sigs) is disabled in the daemon's configuration (not default), or if the client is a trusted user and passed `--no-check-sigs` to `nix copy`.
|
||||||
|
- Users may request that the daemon substitutes appropriately-signed derivation outputs from a binary cache in the daemon's [`substituters`](../command-ref/conf-file.md#conf-substituters) list.
|
||||||
|
|
||||||
|
Untrusted clients may also specify additional values for `substituters` (via e.g. `--extra-substituters` on a Nix command) that are listed in [`trusted-substituters`](../command-ref/conf-file.md#conf-trusted-substituters).
|
||||||
|
|
||||||
|
A client could in principle substitute such paths itself then copy them to the daemon (see clause above) if they are appropriately signed but are *not* from a trusted substituter, however this is not implemented in the current Lix client to our knowledge, at the time of writing.
|
||||||
|
This probably means that `trusted-substituters` is a redundant setting except insofar as such substitution would have to be done on the client rather than as root on the daemon; and it is highly defensible to not allow random usage of our HTTP client running as root.
|
||||||
|
|
||||||
|
[sandbox-enable-macos]: https://git.lix.systems/lix-project/lix/issues/386
|
||||||
|
|
||||||
|
### The Lix daemon as a security non-boundary
|
||||||
|
|
||||||
|
The Lix team and wider community does not consider the Lix daemon to be a *security boundary* against malicious Nix language code.
|
||||||
|
|
||||||
|
Although we do our best to make it secure, we do not recommend sharing a Lix daemon with potentially malicious users.
|
||||||
|
That means that public continuous integration (CI) builds of untrusted Nix code should not share builders with CI that writes into a cache used by trusted infrastructure.
|
||||||
|
|
||||||
|
For example, [hydra.nixos.org], which is the builder for [cache.nixos.org], does not execute untrusted Nix language code; a separate system, [ofborg] is used for CI of nixpkgs pull requests.
|
||||||
|
The build output of pull request CI is never pushed to [cache.nixos.org], and those systems are considered entirely untrusted.
|
||||||
|
|
||||||
|
This is because, among other things, the Lix sandbox is *more* susceptible to kernel exploits than Docker, which, unlike Lix, blocks nested user namespaces via `seccomp` in its default policy, and there have been many kernel bugs only exposed to unprivileged users via user namespaces allowing otherwise-root-only system calls.
|
||||||
|
In general, the Lix sandbox is set up to be relatively unrestricted while maintaining its goals of building useful, reproducible software; security is not its primary goal.
|
||||||
|
|
||||||
|
The Lix sandbox is a custom *non-rootless* Linux container implementation that has not been audited to nearly the same degree as Docker and similar systems.
|
||||||
|
Also, the Lix daemon is a complex and historied C++ executable running as root with very little privilege separation.
|
||||||
|
All of this means that a security hole in the Lix daemon gives immediate root access.
|
||||||
|
Systems like Docker (especially non-rootless Docker) should *themselves* probably not be used in a multi-tenant manner with mutually distrusting tenants, but the Lix daemon *especially* should not be used as such as of this writing.
|
||||||
|
|
||||||
|
The primary purpose of the sandbox is to strongly encourage packages to be reproducible, a goal which it is generally quite successful at.
|
||||||
|
|
||||||
|
[hydra.nixos.org]: https://hydra.nixos.org
|
||||||
|
[ofborg]: https://github.com/NixOS/ofborg
|
||||||
|
[cache.nixos.org]: https://cache.nixos.org
|
||||||
|
|
||||||
|
### Trusted users
|
||||||
|
|
||||||
|
Trusted users are permitted to set any setting and bypass security restrictions on the daemon.
|
||||||
|
They are currently in widespread use for a couple of reasons such as remote builds (which we [intend to fix](https://git.lix.systems/lix-project/lix/issues/171)).
|
||||||
|
|
||||||
|
Trusted users are effectively root on Nix daemons running as root (the default configuration) for *at least* the following reasons, and should be thus thought of as equivalent to passwordless sudo.
|
||||||
|
This is not a comprehensive list.
|
||||||
|
|
||||||
|
- They may copy an unsigned malicious built output into the store for `systemd` or anything else that will run as root, then when the system is upgraded, that path will be used from the local store rather than substituted.
|
||||||
|
- They may set the following settings that are commands the daemon will run as root:
|
||||||
|
- `build-hook`
|
||||||
|
- `diff-hook`
|
||||||
|
- `pre-build-hook`
|
||||||
|
- `post-build-hook`
|
||||||
|
- They may set `build-users-group`.
|
||||||
|
|
||||||
|
In particular, they may set it to empty string, which runs builds as root with respect to the rest of the system (!!).
|
||||||
|
We, too, [think that is absurd and intend to not accept such a configuration](https://git.lix.systems/lix-project/lix/issues/242).
|
||||||
|
It is then simply an exercise to the reader to find a daemon that does `SCM_CREDENTIALS` over a `unix(7)` socket and lets you run commands as root, and mount it into the sandbox with `extra-sandbox-paths`.
|
||||||
|
|
||||||
|
At the very least, the Lix daemon itself (since `root` is a trusted user by default) and probably `systemd` qualify for this.
|
||||||
|
- They may set the `builders` list, which will have ssh run as root.
|
||||||
|
We aren't sure if there is a way to abuse this for command execution but it's plausible.
|
||||||
|
|
||||||
|
Note that setting `accept-flake-config` allows arbitrary Nix flakes to set Nix settings in the `nixConfig` stanza.
|
||||||
|
Do not set this setting or pass `--accept-flake-config` while executing untrusted Nix language code as a trusted user for the reasons above!
|
||||||
|
|
||||||
|
## Build users
|
||||||
|
|
||||||
The *build users* are the special UIDs under which builds are performed.
|
The *build users* are the special UIDs under which builds are performed.
|
||||||
They should all be members of the *build users group* `nixbld`. This
|
A build user is selected for a build by looking in the group specified by [`build-users-group`](../command-ref/conf-file.md#conf-build-users-group), by default, `nixbld`, then a member of that group not currently executing a build is selected for the build.
|
||||||
group should have no other members. The build users should not be
|
The build users should not be members of any other group.
|
||||||
members of any other group. On Linux, you can create the group and users
|
|
||||||
as follows:
|
There can never be more concurrent builds than the number of build users, unless using [`auto-allocate-uids`](../command-ref/conf-file.md#conf-auto-allocate-uids) ([tracking issue][auto-allocate-uids-issue]).
|
||||||
|
|
||||||
|
[auto-allocate-uids-issue]: https://git.lix.systems/lix-project/lix/issues/387
|
||||||
|
|
||||||
|
If, for some reason, you need to create such users manually, the following command will create 10 build users on Linux:
|
||||||
|
|
||||||
```console
|
```console
|
||||||
$ groupadd -r nixbld
|
$ groupadd -r nixbld
|
||||||
|
@ -35,43 +124,12 @@ $ for n in $(seq 1 10); do useradd -c "Nix build user $n" \
|
||||||
nixbld$n; done
|
nixbld$n; done
|
||||||
```
|
```
|
||||||
|
|
||||||
This creates 10 build users. There can never be more concurrent builds
|
|
||||||
than the number of build users, so you may want to increase this if you
|
|
||||||
expect to do many builds at the same time.
|
|
||||||
|
|
||||||
## Running the daemon
|
## Running the daemon
|
||||||
|
|
||||||
The [Nix daemon](../command-ref/nix-daemon.md) should be started as
|
The [Nix daemon](../command-ref/nix-daemon.md) can be started manually as follows (as `root`):
|
||||||
follows (as `root`):
|
|
||||||
|
|
||||||
```console
|
```console
|
||||||
$ nix-daemon
|
# nix-daemon
|
||||||
```
|
```
|
||||||
|
|
||||||
You’ll want to put that line somewhere in your system’s boot scripts.
|
In standard installations of Lix, the daemon is started by a `systemd` unit (Linux) or `launchd` service (macOS).
|
||||||
|
|
||||||
To let unprivileged users use the daemon, they should set the
|
|
||||||
[`NIX_REMOTE` environment variable](../command-ref/env-common.md) to
|
|
||||||
`daemon`. So you should put a line like
|
|
||||||
|
|
||||||
```console
|
|
||||||
export NIX_REMOTE=daemon
|
|
||||||
```
|
|
||||||
|
|
||||||
into the users’ login scripts.
|
|
||||||
|
|
||||||
## Restricting access
|
|
||||||
|
|
||||||
To limit which users can perform Nix operations, you can use the
|
|
||||||
permissions on the directory `/nix/var/nix/daemon-socket`. For instance,
|
|
||||||
if you want to restrict the use of Nix to the members of a group called
|
|
||||||
`nix-users`, do
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ chgrp nix-users /nix/var/nix/daemon-socket
|
|
||||||
$ chmod ug=rwx,o= /nix/var/nix/daemon-socket
|
|
||||||
```
|
|
||||||
|
|
||||||
This way, users who are not in the `nix-users` group cannot connect to
|
|
||||||
the Unix domain socket `/nix/var/nix/daemon-socket/socket`, so they
|
|
||||||
cannot perform Nix operations.
|
|
||||||
|
|
|
@ -7,9 +7,8 @@ management operations. All other users can then use the installed
|
||||||
packages, but they cannot perform package management operations
|
packages, but they cannot perform package management operations
|
||||||
themselves.
|
themselves.
|
||||||
|
|
||||||
Alternatively, you can configure Lix in “multi-user mode”. In this
|
Alternatively, you can configure Lix in “multi-user mode”. In this model, all users can perform package management operations — for instance, every user can install software for themselves without requiring root privileges.
|
||||||
model, all users can perform package management operations — for
|
Lix does its best to ensure that this is secure.
|
||||||
instance, every user can install software without requiring root
|
For instance, it would be considered a serious security bug for one untrusted user to be able to overwrite a package used by another user with a Trojan horse.
|
||||||
privileges. Lix ensures that this is secure. For instance, it’s not
|
|
||||||
possible for one user to overwrite a package used by another user with a
|
Nevertheless, the Lix team does not consider multi-user mode a strong security boundary, and does not recommend running untrusted user-supplied Nix language code on privileged machines, even if it is secure to the best of our knowledge at any moment in time.
|
||||||
Trojan horse.
|
|
||||||
|
|
|
@ -1,13 +1,13 @@
|
||||||
# Obtaining the Source
|
# Obtaining the Source
|
||||||
|
|
||||||
The most recent sources of Nix can be obtained from its [Git
|
The most recent sources of Lix can be obtained from its [Git
|
||||||
repository](https://github.com/NixOS/nix). For example, the following
|
repository](https://git.lix.systems/lix-project/lix). For example, the following
|
||||||
command will check out the latest revision into a directory called
|
command will check out the latest revision into a directory called
|
||||||
`nix`:
|
`nix`:
|
||||||
|
|
||||||
```console
|
```console
|
||||||
$ git clone https://github.com/NixOS/nix
|
$ git clone https://git.lix.systems/lix-project/lix
|
||||||
```
|
```
|
||||||
|
|
||||||
Likewise, specific releases can be obtained from the
|
Likewise, specific releases can be obtained from the
|
||||||
[tags](https://github.com/NixOS/nix/tags) of the repository.
|
[tags](https://git.lix.systems/lix-project/lix/tags) of the repository.
|
||||||
|
|
|
@ -68,10 +68,7 @@ The most current alternative to this section is to read `package.nix` and see wh
|
||||||
may also work, but ancient versions like the ubiquitous 2.5.4a
|
may also work, but ancient versions like the ubiquitous 2.5.4a
|
||||||
won't.
|
won't.
|
||||||
|
|
||||||
- The `libseccomp` is used to provide syscall filtering on Linux. This
|
- The `libseccomp` is used to provide syscall filtering on Linux. To get
|
||||||
is an optional dependency and can be disabled passing a
|
|
||||||
`--disable-seccomp-sandboxing` option to the `configure` script (Not
|
|
||||||
recommended unless your system doesn't support `libseccomp`). To get
|
|
||||||
the library, visit <https://github.com/seccomp/libseccomp>.
|
the library, visit <https://github.com/seccomp/libseccomp>.
|
||||||
|
|
||||||
- On 64-bit x86 machines only, `libcpuid` library
|
- On 64-bit x86 machines only, `libcpuid` library
|
||||||
|
|
|
@ -7,3 +7,14 @@ These constants are built into the Nix language evaluator:
|
||||||
{{#include @generated@/language/builtin-constants.md}}
|
{{#include @generated@/language/builtin-constants.md}}
|
||||||
|
|
||||||
</dl>
|
</dl>
|
||||||
|
|
||||||
|
## Things which might be mistaken for constants
|
||||||
|
|
||||||
|
<dl>
|
||||||
|
<dt><code>__curPos</code></dt>
|
||||||
|
<dd>
|
||||||
|
|
||||||
|
This is not a constant but a [context-dependent keyword](@docroot@/language/constructs.md#keywords-__curPos)
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
</dl>
|
||||||
|
|
|
@ -380,3 +380,70 @@ let a = 1; in let a = 2; in let a = 3; in let a = 4; in ...
|
||||||
|
|
||||||
Comments can be single-line, started with a `#` character, or
|
Comments can be single-line, started with a `#` character, or
|
||||||
inline/multi-line, enclosed within `/* ... */`.
|
inline/multi-line, enclosed within `/* ... */`.
|
||||||
|
|
||||||
|
## Context-dependent keywords
|
||||||
|
|
||||||
|
<dl>
|
||||||
|
<dt id="keywords-__curPos">
|
||||||
|
<a href="#keywords-__curPos"><code>__curPos</code></a>
|
||||||
|
</dt>
|
||||||
|
<dd>
|
||||||
|
|
||||||
|
A quasi-constant which will be replaced with an attribute set describing
|
||||||
|
the location where `__curPos` was used, with attributes `file`, `line`,
|
||||||
|
and `column`. For example, `import ./file.nix` will result in
|
||||||
|
|
||||||
|
```nix
|
||||||
|
{
|
||||||
|
column = 1;
|
||||||
|
file = "/path/to/some/file.nix";
|
||||||
|
line = 1;
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
assuming `file.nix` contains nothing but `__curPos`.
|
||||||
|
|
||||||
|
In context without a source file (such as `nix-repl`), it will always
|
||||||
|
be replaced with `null`:
|
||||||
|
|
||||||
|
```nix-repl
|
||||||
|
nix-repl> __curPos
|
||||||
|
null
|
||||||
|
```
|
||||||
|
|
||||||
|
While it may vaguely look like a builtin, this is a very different beast
|
||||||
|
that is handled directly by the parser. It thus cannot be shadowed,
|
||||||
|
bound to a different name, and is also not available under
|
||||||
|
[`builtins`](@docroot@/language/builtin-constants.md#builtins-builtins).
|
||||||
|
|
||||||
|
```nix-repl
|
||||||
|
nix-repl> let __curPos = "no"; in __curPos
|
||||||
|
null
|
||||||
|
```
|
||||||
|
|
||||||
|
Despite this `__curPos`, much like `or`, may still be used as an identifier,
|
||||||
|
it is only treated specially when it appears as an unqualified name:
|
||||||
|
|
||||||
|
```nix-repl
|
||||||
|
nix-repl> { __curPos = 1; }.__curPos
|
||||||
|
1
|
||||||
|
```
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
|
||||||
|
<dt id="keywords-or">
|
||||||
|
<a href="#keywords-or"><code>or</code></a>
|
||||||
|
</dt>
|
||||||
|
<dd>
|
||||||
|
|
||||||
|
`or` is used in [Attribute selection](@docroot@/language/operators.html#attribute-selection),
|
||||||
|
where it is a keyword.
|
||||||
|
|
||||||
|
However, it is not a keyword in some other contexts, and can be used as
|
||||||
|
a binding name in attribute sets, let-bindings, non-initial function
|
||||||
|
application position, and as a label in attribute paths.
|
||||||
|
|
||||||
|
Its use as anything other than a keyword is discouraged.
|
||||||
|
|
||||||
|
</dd>
|
||||||
|
</dl>
|
||||||
|
|
|
@ -125,7 +125,7 @@ The builder is executed as follows:
|
||||||
directory (typically, `/nix/store`).
|
directory (typically, `/nix/store`).
|
||||||
|
|
||||||
- `NIX_ATTRS_JSON_FILE` & `NIX_ATTRS_SH_FILE` if `__structuredAttrs`
|
- `NIX_ATTRS_JSON_FILE` & `NIX_ATTRS_SH_FILE` if `__structuredAttrs`
|
||||||
is set to `true` for the dervation. A detailed explanation of this
|
is set to `true` for the derivation. A detailed explanation of this
|
||||||
behavior can be found in the
|
behavior can be found in the
|
||||||
[section about structured attrs](./advanced-attributes.md#adv-attr-structuredAttrs).
|
[section about structured attrs](./advanced-attributes.md#adv-attr-structuredAttrs).
|
||||||
|
|
||||||
|
|
|
@ -22,7 +22,7 @@ to subsequent chapters.
|
||||||
$ curl -sSf -L https://install.lix.systems/lix | sh -s -- install
|
$ curl -sSf -L https://install.lix.systems/lix | sh -s -- install
|
||||||
```
|
```
|
||||||
|
|
||||||
For systems that **already have Nix installed**, such as NixOS systems, read our [install page](https://lix.systems/install)
|
For systems that **already have a Nix implementation installed**, such as NixOS systems, read our [install page](https://lix.systems/install)
|
||||||
|
|
||||||
The install script will use `sudo`, so make sure you have sufficient rights.
|
The install script will use `sudo`, so make sure you have sufficient rights.
|
||||||
|
|
||||||
|
|
|
@ -229,7 +229,7 @@ This release has the following new features:
|
||||||
<https://cache.nixos.org/> or <ssh://machine>. The following store
|
<https://cache.nixos.org/> or <ssh://machine>. The following store
|
||||||
types are supported:
|
types are supported:
|
||||||
|
|
||||||
- `LocalStore` (stori URI `local` or an absolute path) and the
|
- `LocalStore` (store URI `local` or an absolute path) and the
|
||||||
misnamed `RemoteStore` (`daemon`) provide access to a local Nix
|
misnamed `RemoteStore` (`daemon`) provide access to a local Nix
|
||||||
store, the latter via the Nix daemon. You can use `auto` or the
|
store, the latter via the Nix daemon. You can use `auto` or the
|
||||||
empty string to auto-select a local or daemon store depending on
|
empty string to auto-select a local or daemon store depending on
|
||||||
|
|
929
doc/manual/src/release-notes/rl-2.90.md
Normal file
929
doc/manual/src/release-notes/rl-2.90.md
Normal file
|
@ -0,0 +1,929 @@
|
||||||
|
# Lix 2.90 "Vanilla Ice Cream" (FIXME date)
|
||||||
|
|
||||||
|
|
||||||
|
# Lix 2.90.0 (FIXME date)
|
||||||
|
|
||||||
|
## Breaking Changes
|
||||||
|
- Deprecate the online flake registries and vendor the default registry [fj#183](https://git.lix.systems/lix-project/lix/issues/183) [fj#110](https://git.lix.systems/lix-project/lix/issues/110) [fj#116](https://git.lix.systems/lix-project/lix/issues/116) [#8953](https://github.com/NixOS/nix/issues/8953) [#9087](https://github.com/NixOS/nix/issues/9087) [cl/1127](https://gerrit.lix.systems/c/lix/+/1127)
|
||||||
|
|
||||||
|
The online flake registry [https://channels.nixos.org/flake-registry.json](https://channels.nixos.org/flake-registry.json) is not pinned in any way,
|
||||||
|
and the targets of the indirections can both update or change entirely at any
|
||||||
|
point. Furthermore, it is refetched on every use of a flake reference, even if
|
||||||
|
there is a local flake reference, and even if you are offline (which breaks).
|
||||||
|
|
||||||
|
For now, we deprecate the (any) online flake registry, and vendor a copy of the
|
||||||
|
current online flake registry. This makes it work offline, and ensures that
|
||||||
|
it won't change in the future.
|
||||||
|
|
||||||
|
Many thanks to [julia](https://git.lix.systems/midnightveil) for this.
|
||||||
|
- Enforce syscall filtering and no-new-privileges on Linux [cl/1063](https://gerrit.lix.systems/c/lix/+/1063)
|
||||||
|
|
||||||
|
In order to improve consistency of the build environment, system call filtering and no-new-privileges are now unconditionally enabled on Linux.
|
||||||
|
The `filter-syscalls` and `allow-new-privileges` options which could be used to disable these features under some circumstances have been removed.
|
||||||
|
|
||||||
|
In order to support building on architectures without libseccomp support, the option to disable syscall filtering at build time remains.
|
||||||
|
However, other uses of this option are heavily discouraged, since it would reduce the security of the sandbox substantially.
|
||||||
|
|
||||||
|
Many thanks to [alois31](https://git.lix.systems/alois31) for this.
|
||||||
|
- Overhaul `nix flake update` and `nix flake lock` UX [#8817](https://github.com/NixOS/nix/pull/8817)
|
||||||
|
|
||||||
|
The interface for creating and updating lock files has been overhauled:
|
||||||
|
|
||||||
|
- [`nix flake lock`](@docroot@/command-ref/new-cli/nix3-flake-lock.md) only creates lock files and adds missing inputs now.
|
||||||
|
It will *never* update existing inputs.
|
||||||
|
|
||||||
|
- [`nix flake update`](@docroot@/command-ref/new-cli/nix3-flake-update.md) does the same, but *will* update inputs.
|
||||||
|
- Passing no arguments will update all inputs of the current flake, just like it already did.
|
||||||
|
- Passing input names as arguments will ensure only those are updated. This replaces the functionality of `nix flake lock --update-input`
|
||||||
|
- To operate on a flake outside the current directory, you must now pass `--flake path/to/flake`.
|
||||||
|
|
||||||
|
- The flake-specific flags `--recreate-lock-file` and `--update-input` have been removed from all commands operating on installables.
|
||||||
|
They are superceded by `nix flake update`.
|
||||||
|
|
||||||
|
Many thanks to [iFreilicht](https://github.com/iFreilicht), [Lunaphied](https://git.lix.systems/Lunaphied), and [Théophane Hufschmitt](https://github.com/thufschmitt) for this.
|
||||||
|
- `nix profile` now allows referring to elements by human-readable name, and no longer accepts indices [#8678](https://github.com/NixOS/nix/pull/8678) [cl/978](https://gerrit.lix.systems/c/lix/+/978) [cl/980](https://gerrit.lix.systems/c/lix/+/980)
|
||||||
|
|
||||||
|
[`nix profile`](@docroot@/command-ref/new-cli/nix3-profile.md) now uses names to refer to installed packages when running [`list`](@docroot@/command-ref/new-cli/nix3-profile-list.md), [`remove`](@docroot@/command-ref/new-cli/nix3-profile-remove.md) or [`upgrade`](@docroot@/command-ref/new-cli/nix3-profile-upgrade.md) as opposed to indices. Indices have been removed. Profile element names are generated when a package is installed and remain the same until the package is removed.
|
||||||
|
|
||||||
|
**Warning**: The `manifest.nix` file used to record the contents of profiles has changed. Lix will automatically upgrade profiles to the new version when you modify the profile. After that, the profile can no longer be used by older versions of Lix.
|
||||||
|
|
||||||
|
Many thanks to [iFreilicht](https://github.com/iFreilicht), [Qyriad](https://git.lix.systems/Qyriad), and [Eelco Dolstra](https://github.com/edolstra) for this.
|
||||||
|
- `builtins.nixVersion` and `builtins.langVersion` return fixed values [cl/558](https://gerrit.lix.systems/c/lix/+/558) [cl/1144](https://gerrit.lix.systems/c/lix/+/1144)
|
||||||
|
|
||||||
|
`builtins.nixVersion` now returns a fixed value `"2.18.3-lix"`.
|
||||||
|
|
||||||
|
`builtins.langVersion` returns a fixed value `6`, matching CppNix 2.18.
|
||||||
|
|
||||||
|
This prevents feature detection assuming that features that exist in Nix
|
||||||
|
post-Lix-branch-off might exist, even though the Lix version is greater than
|
||||||
|
the Nix version.
|
||||||
|
|
||||||
|
In the future, check for builtins for feature detection. If a feature cannot be
|
||||||
|
detected by *those* means, please file a Lix bug.
|
||||||
|
|
||||||
|
Many thanks to [jade](https://git.lix.systems/jade) for this.
|
||||||
|
- Rename all the libraries nixexpr, nixstore, etc to lixexpr, lixstore, etc
|
||||||
|
|
||||||
|
The Lix C++ API libraries have had the following changes:
|
||||||
|
- Includes moved from `include/nix/` to `include/lix/`
|
||||||
|
- `pkg-config` files renamed from `nix-expr` to `lix-expr` and so on.
|
||||||
|
- Libraries renamed from `libnixexpr.so` to `liblixexpr.so` and so on.
|
||||||
|
|
||||||
|
There are other changes between Nix 2.18 and Lix, since these APIs are not
|
||||||
|
stable. However, this change in particular is a deliberate compatibility break
|
||||||
|
to force downstreams linking to Lix to specifically handle Lix and avoid Lix
|
||||||
|
accidentally getting ensnared in compatibility code for newer CppNix.
|
||||||
|
|
||||||
|
Migration path:
|
||||||
|
|
||||||
|
- expr.hh -> lix/libexpr/expr.hh
|
||||||
|
- nix/config.h -> lix/config.h
|
||||||
|
|
||||||
|
To apply this migration automatically, remove all `<nix/>` from includes, so `#include <nix/expr.hh>` -> `#include <expr.hh>`.
|
||||||
|
Then, the correct paths will be resolved from the tangled mess, and the clang-tidy automated fix will work.
|
||||||
|
|
||||||
|
Then run the following for out of tree projects (header filter is set to only fix instances in headers in `../src` relative to the compiler's working directory, as would be the case in nix-eval-jobs or other things built with meson, e.g.):
|
||||||
|
|
||||||
|
```console
|
||||||
|
lix_root=$HOME/lix
|
||||||
|
(cd $lix_root/clang-tidy && nix develop -c 'meson setup build && ninja -C build')
|
||||||
|
run-clang-tidy -checks='-*,lix-fixincludes' -load=$lix_root/clang-tidy/build/liblix-clang-tidy.so -p build/ -header-filter '\.\./src/.*\.h' -fix src
|
||||||
|
```
|
||||||
|
|
||||||
|
Many thanks to [jade](https://git.lix.systems/jade) for this.
|
||||||
|
|
||||||
|
## Features
|
||||||
|
- Experimental REPL support for documentation comments using `:doc` [cl/564](https://gerrit.lix.systems/c/lix/+/564)
|
||||||
|
|
||||||
|
Using `:doc` in the REPL now supports showing documentation comments when defined on a function.
|
||||||
|
|
||||||
|
Previously this was only able to document builtins, however it now will show comments defined on a lambda as well.
|
||||||
|
|
||||||
|
This support is experimental and relies on an embedded version of [nix-doc](https://github.com/lf-/nix-doc).
|
||||||
|
|
||||||
|
The logic also supports limited Markdown formatting of doccomments and should easily support any [RFC 145](https://github.com/NixOS/rfcs/blob/master/rfcs/0145-doc-strings.md)
|
||||||
|
compatible documentation comments in addition to simple commented documentation.
|
||||||
|
|
||||||
|
Many thanks to [Lunaphied](https://git.lix.systems/Lunaphied) and [jade](https://git.lix.systems/jade) for this.
|
||||||
|
- Add `repl-overlays` option [#10203](https://github.com/NixOS/nix/pull/10203) [cl/504](https://gerrit.lix.systems/c/lix/+/504)
|
||||||
|
|
||||||
|
A `repl-overlays` option has been added, which specifies files that can overlay
|
||||||
|
and modify the top-level bindings in `nix repl`. For example, with the
|
||||||
|
following contents in `~/.config/nix/repl.nix`:
|
||||||
|
|
||||||
|
```nix
|
||||||
|
info: final: prev: let
|
||||||
|
optionalAttrs = predicate: attrs:
|
||||||
|
if predicate
|
||||||
|
then attrs
|
||||||
|
else {};
|
||||||
|
in
|
||||||
|
optionalAttrs (prev ? legacyPackages && prev.legacyPackages ? ${info.currentSystem})
|
||||||
|
{
|
||||||
|
pkgs = prev.legacyPackages.${info.currentSystem};
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
We can run `nix repl` and use `pkgs` to refer to `legacyPackages.${currentSystem}`:
|
||||||
|
|
||||||
|
```ShellSession
|
||||||
|
$ nix repl --repl-overlays ~/.config/nix/repl.nix nixpkgs
|
||||||
|
Lix 2.90.0
|
||||||
|
Type :? for help.
|
||||||
|
Loading installable 'flake:nixpkgs#'...
|
||||||
|
Added 5 variables.
|
||||||
|
Loading 'repl-overlays'...
|
||||||
|
Added 6 variables.
|
||||||
|
nix-repl> pkgs.bash
|
||||||
|
«derivation /nix/store/g08b5vkwwh0j8ic9rkmd8mpj878rk62z-bash-5.2p26.drv»
|
||||||
|
```
|
||||||
|
|
||||||
|
Many thanks to [wiggles](https://git.lix.systems/rbt) for this.
|
||||||
|
- Add a builtin `addDrvOutputDependencies` [#7910](https://github.com/NixOS/nix/issues/7910) [#9216](https://github.com/NixOS/nix/pull/9216)
|
||||||
|
|
||||||
|
This builtin allows taking a `drvPath`-like string and turning it into a string
|
||||||
|
with context such that, when it lands in a derivation, it will create
|
||||||
|
dependencies on *all the outputs* in its closure (!). Although `drvPath` does this
|
||||||
|
today, this builtin starts forming a path to migrate to making `drvPath` have a
|
||||||
|
more normal and less surprising string context behaviour (see linked issue and
|
||||||
|
PR for more details).
|
||||||
|
|
||||||
|
Many thanks to [John Ericson](https://github.com/ericson2314) and [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- Enter the `--debugger` when `builtins.trace` is called if `debugger-on-trace` is set [#9914](https://github.com/NixOS/nix/pull/9914)
|
||||||
|
|
||||||
|
If the `debugger-on-trace` option is set and `--debugger` is given,
|
||||||
|
`builtins.trace` calls will behave similarly to `builtins.break` and will enter
|
||||||
|
the debug REPL. This is useful for determining where warnings are being emitted
|
||||||
|
from.
|
||||||
|
|
||||||
|
Many thanks to [wiggles](https://git.lix.systems/rbt) for this.
|
||||||
|
- Add an option `enable-core-dumps` that enables core dumps from builds [cl/1088](https://gerrit.lix.systems/c/lix/+/1088)
|
||||||
|
|
||||||
|
In the past, Lix disabled core dumps by setting the soft `RLIMIT_CORE` to 0
|
||||||
|
unconditionally. Although this rlimit could be altered from the builder since
|
||||||
|
it is just the soft limit, this was kind of annoying to do. By passing
|
||||||
|
`--option enable-core-dumps true` to an offending build, one can now cause the
|
||||||
|
core dumps to be handled by the system in the normal way (winding up in
|
||||||
|
`coredumpctl`, say, on Linux).
|
||||||
|
|
||||||
|
Many thanks to [julia](https://git.lix.systems/midnightveil) for this.
|
||||||
|
- Add new `eval-system` setting [#4093](https://github.com/NixOS/nix/pull/4093)
|
||||||
|
|
||||||
|
Add a new `eval-system` option.
|
||||||
|
Unlike `system`, it just overrides the value of `builtins.currentSystem`.
|
||||||
|
This is more useful than overriding `system`, because you can build these derivations on remote builders which can work on the given system.
|
||||||
|
In contrast, `system` also effects scheduling which will cause Lix to build those derivations locally even if that doesn't make sense.
|
||||||
|
|
||||||
|
`eval-system` only takes effect if it is non-empty.
|
||||||
|
If empty (the default) `system` is used as before, so there is no breakage.
|
||||||
|
|
||||||
|
Many thanks to [matthewbauer](https://github.com/matthewbauer) and [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- add `--store-path` argument to `nix upgrade-nix`, to manually specify the Nix to upgrade to [cl/953](https://gerrit.lix.systems/c/lix/+/953)
|
||||||
|
|
||||||
|
`nix upgrade-nix` by default downloads a manifest to find the new Nix version to upgrade to, but now you can specify `--store-path` to upgrade Nix to an arbitrary version from the Nix store.
|
||||||
|
|
||||||
|
Many thanks to [Qyriad](https://git.lix.systems/Qyriad) for this.
|
||||||
|
|
||||||
|
## Improvements
|
||||||
|
- `nix flake check` logs the checks [#8882](https://github.com/NixOS/nix/issues/8882) [#8893](https://github.com/NixOS/nix/pull/8893) [cl/259](https://gerrit.lix.systems/c/lix/+/259) [cl/260](https://gerrit.lix.systems/c/lix/+/260) [cl/261](https://gerrit.lix.systems/c/lix/+/261) [cl/262](https://gerrit.lix.systems/c/lix/+/262)
|
||||||
|
|
||||||
|
`nix flake check` now logs the checks it runs and the derivations it evaluates:
|
||||||
|
|
||||||
|
```
|
||||||
|
$ nix flake check -v
|
||||||
|
evaluating flake...
|
||||||
|
checking flake output 'checks'...
|
||||||
|
checking derivation 'checks.aarch64-darwin.ghciwatch-tests'...
|
||||||
|
derivation evaluated to /nix/store/nh7dlvsrhds4cxl91mvgj4h5cbq6skmq-ghciwatch-test-0.3.0.drv
|
||||||
|
checking derivation 'checks.aarch64-darwin.ghciwatch-clippy'...
|
||||||
|
derivation evaluated to /nix/store/9cb5a6wmp6kf6hidqw9wphidvb8bshym-ghciwatch-clippy-0.3.0.drv
|
||||||
|
checking derivation 'checks.aarch64-darwin.ghciwatch-doc'...
|
||||||
|
derivation evaluated to /nix/store/8brdd3jbawfszpbs7vdpsrhy80as1il8-ghciwatch-doc-0.3.0.drv
|
||||||
|
checking derivation 'checks.aarch64-darwin.ghciwatch-fmt'...
|
||||||
|
derivation evaluated to /nix/store/wjhs0l1njl5pyji53xlmfjrlya0wmz8p-ghciwatch-fmt-0.3.0.drv
|
||||||
|
checking derivation 'checks.aarch64-darwin.ghciwatch-audit'...
|
||||||
|
derivation evaluated to /nix/store/z0mps8dyj2ds7c0fn0819y5h5611033z-ghciwatch-audit-0.3.0.drv
|
||||||
|
checking flake output 'packages'...
|
||||||
|
checking derivation 'packages.aarch64-darwin.default'...
|
||||||
|
derivation evaluated to /nix/store/41abbdyglw5x9vcsvd89xan3ydjf8d7r-ghciwatch-0.3.0.drv
|
||||||
|
checking flake output 'apps'...
|
||||||
|
checking flake output 'devShells'...
|
||||||
|
checking derivation 'devShells.aarch64-darwin.default'...
|
||||||
|
derivation evaluated to /nix/store/bc935gz7dylzmcpdb5cczr8gngv8pmdb-nix-shell.drv
|
||||||
|
running 5 flake checks...
|
||||||
|
warning: The check omitted these incompatible systems: aarch64-linux, x86_64-darwin, x86_64-linux
|
||||||
|
Use '--all-systems' to check all.
|
||||||
|
```
|
||||||
|
|
||||||
|
Many thanks to [wiggles](https://git.lix.systems/rbt), [Raito Bezarius](https://git.lix.systems/raito), and [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- Add an option `always-allow-substitutes` to ignore `allowSubstitutes` in derivations [#8047](https://github.com/NixOS/nix/pull/8047)
|
||||||
|
|
||||||
|
You can set this setting to force a system to always allow substituting even
|
||||||
|
trivial derivations like `pkgs.writeText`. This is useful for
|
||||||
|
[`nix-fast-build --skip-cached`][skip-cached] and similar to be able to also
|
||||||
|
ignore trivial derivations.
|
||||||
|
|
||||||
|
[skip-cached]: https://github.com/Mic92/nix-fast-build?tab=readme-ov-file#avoiding-redundant-package-downloads
|
||||||
|
|
||||||
|
Many thanks to [lovesegfault](https://github.com/lovesegfault) and [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- Concise error printing in `nix repl` [#9928](https://github.com/NixOS/nix/pull/9928) [cl/811](https://gerrit.lix.systems/c/lix/+/811)
|
||||||
|
|
||||||
|
Previously, if an element of a list or attribute set threw an error while
|
||||||
|
evaluating, `nix repl` would print the entire error (including source location
|
||||||
|
information) inline. This output was clumsy and difficult to parse:
|
||||||
|
|
||||||
|
```
|
||||||
|
nix-repl> { err = builtins.throw "uh oh!"; }
|
||||||
|
{ err = «error:
|
||||||
|
… while calling the 'throw' builtin
|
||||||
|
at «string»:1:9:
|
||||||
|
1| { err = builtins.throw "uh oh!"; }
|
||||||
|
| ^
|
||||||
|
|
||||||
|
error: uh oh!»; }
|
||||||
|
```
|
||||||
|
|
||||||
|
Now, only the error message is displayed, making the output much more readable.
|
||||||
|
```
|
||||||
|
nix-repl> { err = builtins.throw "uh oh!"; }
|
||||||
|
{ err = «error: uh oh!»; }
|
||||||
|
```
|
||||||
|
|
||||||
|
However, if the whole expression being evaluated throws an error, source
|
||||||
|
locations and (if applicable) a stack trace are printed, just like you'd expect:
|
||||||
|
|
||||||
|
```
|
||||||
|
nix-repl> builtins.throw "uh oh!"
|
||||||
|
error:
|
||||||
|
… while calling the 'throw' builtin
|
||||||
|
at «string»:1:1:
|
||||||
|
1| builtins.throw "uh oh!"
|
||||||
|
| ^
|
||||||
|
|
||||||
|
error: uh oh!
|
||||||
|
```
|
||||||
|
|
||||||
|
Many thanks to [wiggles](https://git.lix.systems/rbt) for this.
|
||||||
|
- Show all FOD errors with `nix build --keep-going` [cl/1108](https://gerrit.lix.systems/c/lix/+/1108)
|
||||||
|
|
||||||
|
`nix build --keep-going` now behaves consistently with `nix-build --keep-going`. This means
|
||||||
|
that if e.g. multiple FODs fail to build, all hash mismatches are displayed.
|
||||||
|
|
||||||
|
Many thanks to [ma27](https://git.lix.systems/ma27) for this.
|
||||||
|
- Duplicate attribute reports are more accurate [cl/557](https://gerrit.lix.systems/c/lix/+/557)
|
||||||
|
|
||||||
|
Duplicate attribute errors are now more accurate, showing the path at which an error was detected rather than the full, possibly longer, path that caused the error.
|
||||||
|
Error reports are now
|
||||||
|
```ShellSession
|
||||||
|
$ nix eval --expr '{ a.b = 1; a.b.c.d = 1; }'
|
||||||
|
error: attribute 'a.b' already defined at «string»:1:3
|
||||||
|
at «string»:1:12:
|
||||||
|
1| { a.b = 1; a.b.c.d = 1;
|
||||||
|
| ^
|
||||||
|
```
|
||||||
|
instead of
|
||||||
|
```ShellSession
|
||||||
|
$ nix eval --expr '{ a.b = 1; a.b.c.d = 1; }'
|
||||||
|
error: attribute 'a.b.c.d' already defined at «string»:1:3
|
||||||
|
at «string»:1:12:
|
||||||
|
1| { a.b = 1; a.b.c.d = 1;
|
||||||
|
| ^
|
||||||
|
```
|
||||||
|
|
||||||
|
Many thanks to [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- Reduce eval memory usage and wall time [#9658](https://github.com/NixOS/nix/pull/9658) [cl/207](https://gerrit.lix.systems/c/lix/+/207)
|
||||||
|
|
||||||
|
Reduce the size of the `Env` struct used in the evaluator by a pointer, or 8 bytes on most modern machines.
|
||||||
|
This reduces memory usage during eval by around 2% and wall time by around 3%.
|
||||||
|
|
||||||
|
Many thanks to [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- Warn on unknown settings anywhere in the command line [#10701](https://github.com/NixOS/nix/pull/10701)
|
||||||
|
|
||||||
|
All `nix` commands will now properly warn when an unknown option is specified anywhere in the command line.
|
||||||
|
|
||||||
|
Before:
|
||||||
|
|
||||||
|
```console
|
||||||
|
$ nix-instantiate --option foobar baz --expr '{}'
|
||||||
|
warning: unknown setting 'foobar'
|
||||||
|
$ nix-instantiate '{}' --option foobar baz --expr
|
||||||
|
$ nix eval --expr '{}' --option foobar baz
|
||||||
|
{ }
|
||||||
|
```
|
||||||
|
|
||||||
|
After:
|
||||||
|
|
||||||
|
```console
|
||||||
|
$ nix-instantiate --option foobar baz --expr '{}'
|
||||||
|
warning: unknown setting 'foobar'
|
||||||
|
$ nix-instantiate '{}' --option foobar baz --expr
|
||||||
|
warning: unknown setting 'foobar'
|
||||||
|
$ nix eval --expr '{}' --option foobar baz
|
||||||
|
warning: unknown setting 'foobar'
|
||||||
|
{ }
|
||||||
|
```
|
||||||
|
|
||||||
|
Many thanks to [Cole Helbling](https://github.com/cole-h) for this.
|
||||||
|
- Nested debuggers are no longer supported [#9920](https://github.com/NixOS/nix/pull/9920)
|
||||||
|
|
||||||
|
Previously, evaluating an expression that throws an error in the debugger would
|
||||||
|
enter a second, nested debugger:
|
||||||
|
|
||||||
|
```
|
||||||
|
nix-repl> builtins.throw "what"
|
||||||
|
error: what
|
||||||
|
|
||||||
|
|
||||||
|
Starting REPL to allow you to inspect the current state of the evaluator.
|
||||||
|
|
||||||
|
Welcome to Nix 2.18.1. Type :? for help.
|
||||||
|
|
||||||
|
nix-repl>
|
||||||
|
```
|
||||||
|
|
||||||
|
Now, it just prints the error message like `nix repl`:
|
||||||
|
|
||||||
|
```
|
||||||
|
nix-repl> builtins.throw "what"
|
||||||
|
error:
|
||||||
|
… while calling the 'throw' builtin
|
||||||
|
at «string»:1:1:
|
||||||
|
1| builtins.throw "what"
|
||||||
|
| ^
|
||||||
|
|
||||||
|
error: what
|
||||||
|
```
|
||||||
|
|
||||||
|
Many thanks to [wiggles](https://git.lix.systems/rbt) for this.
|
||||||
|
- Find GC roots using libproc on Darwin [cl/723](https://gerrit.lix.systems/c/lix/+/723)
|
||||||
|
|
||||||
|
Previously, the garbage collector found runtime roots on Darwin by shelling out to `lsof -n -w -F n` then parsing the result. The version of `lsof` packaged in Nixpkgs is very slow on Darwin, so Lix now uses `libproc` directly to speed up GC root discovery, in some tests taking 250ms now instead of 40s.
|
||||||
|
|
||||||
|
Many thanks to [Artemis Tosini](https://git.lix.systems/artemist) for this.
|
||||||
|
- Increase default stack size on macOS [#9860](https://github.com/NixOS/nix/pull/9860)
|
||||||
|
|
||||||
|
Increase the default stack size on macOS to the same value as on Linux, subject to system restrictions to maximum stack size.
|
||||||
|
This should reduce the number of stack overflow crashes on macOS when evaluating Nix code with deep call stacks.
|
||||||
|
|
||||||
|
Many thanks to [wiggles](https://git.lix.systems/rbt) for this.
|
||||||
|
- Show more log context for failed builds [#9670](https://github.com/NixOS/nix/pull/9670)
|
||||||
|
|
||||||
|
Show 25 lines of log tail instead of 10 for failed builds.
|
||||||
|
This increases the chances of having useful information in the shown logs.
|
||||||
|
|
||||||
|
Many thanks to [DavHau](https://github.com/DavHau) for this.
|
||||||
|
- rename 'nix show-config' to 'nix config show' [#7672](https://github.com/NixOS/nix/issues/7672) [#9477](https://github.com/NixOS/nix/pull/9477) [cl/993](https://gerrit.lix.systems/c/lix/+/993)
|
||||||
|
|
||||||
|
`nix show-config` was renamed to `nix config show` to be more consistent with the rest of the command-line interface.
|
||||||
|
|
||||||
|
Running `nix show-config` will now print a deprecation warning saying to use `nix config show` instead.
|
||||||
|
|
||||||
|
Many thanks to [Théophane Hufschmitt](https://github.com/thufschmitt) and [ma27](https://git.lix.systems/ma27) for this.
|
||||||
|
- Print derivation paths in `nix eval` [cl/446](https://gerrit.lix.systems/c/lix/+/446)
|
||||||
|
|
||||||
|
`nix eval` previously printed derivations as attribute sets, so commands that print derivations (e.g. `nix eval nixpkgs#bash`) would infinitely loop and segfault.
|
||||||
|
It now prints the `.drv` path the derivation generates instead.
|
||||||
|
|
||||||
|
Many thanks to [wiggles](https://git.lix.systems/rbt) for this.
|
||||||
|
- Add an option `--unpack` to unpack archives in `nix store prefetch-file` [#9805](https://github.com/NixOS/nix/pull/9805) [cl/224](https://gerrit.lix.systems/c/lix/+/224)
|
||||||
|
|
||||||
|
It is now possible to fetch an archive then NAR-hash it (as in, hash it in the
|
||||||
|
same manner as `builtins.fetchTarball` or fixed-output derivations with
|
||||||
|
recursive hash type) in one command.
|
||||||
|
|
||||||
|
Example:
|
||||||
|
|
||||||
|
```
|
||||||
|
~ » nix store prefetch-file --name source --unpack https://git.lix.systems/lix-project/lix/archive/2.90-beta.1.tar.gz
|
||||||
|
Downloaded 'https://git.lix.systems/lix-project/lix/archive/2.90-beta.1.tar.gz' to '/nix/store/yvfqnq52ryjc3janw02ziv7kr6gd0cs1-source' (hash 'sha256-REWlo2RYHfJkxnmZTEJu3Cd/2VM+wjjpPy7Xi4BdDTQ=').
|
||||||
|
```
|
||||||
|
|
||||||
|
Many thanks to [yshui](https://github.com/yshui) and [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- REPL printing improvements [#9931](https://github.com/NixOS/nix/pull/9931) [#10208](https://github.com/NixOS/nix/pull/10208) [cl/375](https://gerrit.lix.systems/c/lix/+/375) [cl/492](https://gerrit.lix.systems/c/lix/+/492)
|
||||||
|
|
||||||
|
The REPL printer has been improved to do the following:
|
||||||
|
- If a string is passed to `:print`, it is printed literally to the screen
|
||||||
|
- Structures will be printed as multiple lines when necessary
|
||||||
|
|
||||||
|
Before:
|
||||||
|
|
||||||
|
```
|
||||||
|
nix-repl> { attrs = { a = { b = { c = { }; }; }; }; list = [ 1 ]; list' = [ 1 2 3 ]; }
|
||||||
|
{ attrs = { ... }; list = [ ... ]; list' = [ ... ]; }
|
||||||
|
|
||||||
|
nix-repl> :p { attrs = { a = { b = { c = { }; }; }; }; list = [ 1 ]; list' = [ 1 2 3 ]; }
|
||||||
|
{ attrs = { a = { b = { c = { }; }; }; }; list = [ 1 ]; list' = [ 1 2 3 ]; }
|
||||||
|
|
||||||
|
nix-repl> :p "meow"
|
||||||
|
"meow"
|
||||||
|
```
|
||||||
|
|
||||||
|
After:
|
||||||
|
|
||||||
|
```
|
||||||
|
nix-repl> { attrs = { a = { b = { c = { }; }; }; }; list = [ 1 ]; list' = [ 1 2 3 ]; }
|
||||||
|
{
|
||||||
|
attrs = { ... };
|
||||||
|
list = [ ... ];
|
||||||
|
list' = [ ... ];
|
||||||
|
}
|
||||||
|
|
||||||
|
nix-repl> :p { attrs = { a = { b = { c = { }; }; }; }; list = [ 1 ]; list' = [ 1 2 3 ]; }
|
||||||
|
{
|
||||||
|
attrs = {
|
||||||
|
a = {
|
||||||
|
b = {
|
||||||
|
c = { };
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
list = [ 1 ];
|
||||||
|
list' = [
|
||||||
|
1
|
||||||
|
2
|
||||||
|
3
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
nix-repl> :p "meow"
|
||||||
|
meow
|
||||||
|
```
|
||||||
|
|
||||||
|
Many thanks to [wiggles](https://git.lix.systems/rbt) and [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- Coercion errors include the failing value [#561](https://github.com/NixOS/nix/issues/561) [#9754](https://github.com/NixOS/nix/pull/9754)
|
||||||
|
|
||||||
|
The `error: cannot coerce a <TYPE> to a string` message now includes the value
|
||||||
|
which caused the error.
|
||||||
|
|
||||||
|
Before:
|
||||||
|
|
||||||
|
```
|
||||||
|
error: cannot coerce a set to a string
|
||||||
|
```
|
||||||
|
|
||||||
|
After:
|
||||||
|
|
||||||
|
```
|
||||||
|
error: cannot coerce a set to a string: { aesSupport = «thunk»;
|
||||||
|
avx2Support = «thunk»; avx512Support = «thunk»; avxSupport = «thunk»;
|
||||||
|
canExecute = «thunk»; config = «thunk»; darwinArch = «thunk»; darwinMinVersion
|
||||||
|
= «thunk»; darwinMinVersionVariable = «thunk»; darwinPlatform = «thunk»; «84
|
||||||
|
attributes elided»}
|
||||||
|
```
|
||||||
|
|
||||||
|
Many thanks to [wiggles](https://git.lix.systems/rbt) and [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- New-cli flake commands that expect derivations now print the failing value and its type [cl/1177](https://gerrit.lix.systems/c/lix/+/1177)
|
||||||
|
|
||||||
|
In errors like `flake output attribute 'legacyPackages.x86_64-linux.lib' is not a derivation or path`, the message now includes the failing value and type.
|
||||||
|
|
||||||
|
Before:
|
||||||
|
|
||||||
|
```
|
||||||
|
error: flake output attribute 'nixosConfigurations.yuki.config' is not a derivation or path
|
||||||
|
````
|
||||||
|
|
||||||
|
After:
|
||||||
|
|
||||||
|
```
|
||||||
|
error: expected flake output attribute 'nixosConfigurations.yuki.config' to be a derivation or path but found a set: { appstream = «thunk»; assertions = «thunk»; boot = { bcache = «thunk»; binfmt = «thunk»; binfmtMiscRegistrations = «thunk»; blacklistedKernelModules = «thunk»; bootMount = «thunk»; bootspec = «thunk»; cleanTmpDir = «thunk»; consoleLogLevel = «thunk»; «43 attributes elided» }; «48 attributes elided» }
|
||||||
|
```
|
||||||
|
|
||||||
|
Many thanks to [Qyriad](https://git.lix.systems/Qyriad) for this.
|
||||||
|
- Type errors include the failing value [#561](https://github.com/NixOS/nix/issues/561) [#9753](https://github.com/NixOS/nix/pull/9753)
|
||||||
|
|
||||||
|
In errors like `value is an integer while a list was expected`, the message now
|
||||||
|
includes the failing value.
|
||||||
|
|
||||||
|
Before:
|
||||||
|
|
||||||
|
```
|
||||||
|
error: value is a set while a string was expected
|
||||||
|
```
|
||||||
|
|
||||||
|
After:
|
||||||
|
|
||||||
|
```
|
||||||
|
error: expected a string but found a set: { ghc810 = «thunk»;
|
||||||
|
ghc8102Binary = «thunk»; ghc8107 = «thunk»; ghc8107Binary = «thunk»;
|
||||||
|
ghc865Binary = «thunk»; ghc90 = «thunk»; ghc902 = «thunk»; ghc92 = «thunk»;
|
||||||
|
ghc924Binary = «thunk»; ghc925 = «thunk»; «17 attributes elided»}
|
||||||
|
```
|
||||||
|
|
||||||
|
Many thanks to [wiggles](https://git.lix.systems/rbt) and [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- Visual clutter in `--debugger` is reduced [#9919](https://github.com/NixOS/nix/pull/9919)
|
||||||
|
|
||||||
|
Before:
|
||||||
|
```
|
||||||
|
info: breakpoint reached
|
||||||
|
|
||||||
|
|
||||||
|
Starting REPL to allow you to inspect the current state of the evaluator.
|
||||||
|
|
||||||
|
Welcome to Nix 2.20.0pre20231222_dirty. Type :? for help.
|
||||||
|
|
||||||
|
nix-repl> :continue
|
||||||
|
error: uh oh
|
||||||
|
|
||||||
|
|
||||||
|
Starting REPL to allow you to inspect the current state of the evaluator.
|
||||||
|
|
||||||
|
Welcome to Nix 2.20.0pre20231222_dirty. Type :? for help.
|
||||||
|
|
||||||
|
nix-repl>
|
||||||
|
```
|
||||||
|
|
||||||
|
After:
|
||||||
|
|
||||||
|
```
|
||||||
|
info: breakpoint reached
|
||||||
|
|
||||||
|
Nix 2.20.0pre20231222_dirty debugger
|
||||||
|
Type :? for help.
|
||||||
|
nix-repl> :continue
|
||||||
|
error: uh oh
|
||||||
|
|
||||||
|
nix-repl>
|
||||||
|
```
|
||||||
|
|
||||||
|
Many thanks to [wiggles](https://git.lix.systems/rbt) and [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- REPL now supports CTRL+Z to suspend
|
||||||
|
|
||||||
|
Editline is now built with SIGTSTP support, so now typing CTRL+Z in the REPL will suspend the REPL and allow it to be resumed later or backgrounded.
|
||||||
|
|
||||||
|
Many thanks to [Qyriad](https://git.lix.systems/Qyriad) for this.
|
||||||
|
- Allow single quotes in nix-shell shebangs [#8470](https://github.com/NixOS/nix/pull/8470)
|
||||||
|
|
||||||
|
Example:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
#! /usr/bin/env nix-shell
|
||||||
|
#! nix-shell -i bash --packages 'terraform.withPlugins (plugins: [ plugins.openstack ])'
|
||||||
|
```
|
||||||
|
|
||||||
|
Many thanks to [ncfavier](https://github.com/ncfavier) and [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- reintroduce shortened `-E` form for `--expr` to new CLI [cl/605](https://gerrit.lix.systems/c/lix/+/605)
|
||||||
|
|
||||||
|
In the old CLI, it was possible to supply a shorter `-E` flag instead of fully
|
||||||
|
specifying `--expr` every time you wished to provide an expression that would
|
||||||
|
be evaluated to produce the given command's input. This was retained for the
|
||||||
|
`--file` flag when the new CLI utilities were written with `-f`, but `-E` was
|
||||||
|
dropped.
|
||||||
|
|
||||||
|
We now restore the `-E` short form for better UX. This is most useful for
|
||||||
|
`nix eval` but most any command that takes an Installable argument should benefit
|
||||||
|
from it as well.
|
||||||
|
|
||||||
|
Many thanks to [Lunaphied](https://git.lix.systems/Lunaphied) for this.
|
||||||
|
- Source locations are printed more consistently in errors [#561](https://github.com/NixOS/nix/issues/561) [#9555](https://github.com/NixOS/nix/pull/9555)
|
||||||
|
|
||||||
|
Source location information is now included in error messages more
|
||||||
|
consistently. Given this code:
|
||||||
|
|
||||||
|
```nix
|
||||||
|
let
|
||||||
|
attr = {foo = "bar";};
|
||||||
|
key = {};
|
||||||
|
in
|
||||||
|
attr.${key}
|
||||||
|
```
|
||||||
|
|
||||||
|
Previously, Nix would show this unhelpful message when attempting to evaluate
|
||||||
|
it:
|
||||||
|
|
||||||
|
```
|
||||||
|
error:
|
||||||
|
… while evaluating an attribute name
|
||||||
|
|
||||||
|
error: value is a set while a string was expected
|
||||||
|
```
|
||||||
|
|
||||||
|
Now, the error message displays where the problematic value was found:
|
||||||
|
|
||||||
|
```
|
||||||
|
error:
|
||||||
|
… while evaluating an attribute name
|
||||||
|
|
||||||
|
at bad.nix:4:11:
|
||||||
|
|
||||||
|
3| key = {};
|
||||||
|
4| in attr.${key}
|
||||||
|
| ^
|
||||||
|
5|
|
||||||
|
|
||||||
|
error: expected a string but found a set: { }
|
||||||
|
```
|
||||||
|
|
||||||
|
Many thanks to [wiggles](https://git.lix.systems/rbt) and [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- Some stack overflow segfaults are fixed [#9616](https://github.com/NixOS/nix/issues/9616) [#9617](https://github.com/NixOS/nix/pull/9617) [cl/205](https://gerrit.lix.systems/c/lix/+/205)
|
||||||
|
|
||||||
|
The number of nested function calls has been restricted, to detect and report
|
||||||
|
infinite function call recursions. The default maximum call depth is 10,000 and
|
||||||
|
can be set with [the `max-call-depth`
|
||||||
|
option](@docroot@/command-ref/conf-file.md#conf-max-call-depth).
|
||||||
|
|
||||||
|
This fixes segfaults or the following unhelpful error message in many cases:
|
||||||
|
|
||||||
|
error: stack overflow (possible infinite recursion)
|
||||||
|
|
||||||
|
Before:
|
||||||
|
|
||||||
|
```
|
||||||
|
$ nix-instantiate --eval --expr '(x: x x) (x: x x)'
|
||||||
|
Segmentation fault: 11
|
||||||
|
```
|
||||||
|
|
||||||
|
After:
|
||||||
|
|
||||||
|
```
|
||||||
|
$ nix-instantiate --eval --expr '(x: x x) (x: x x)'
|
||||||
|
error: stack overflow
|
||||||
|
|
||||||
|
at «string»:1:14:
|
||||||
|
1| (x: x x) (x: x x)
|
||||||
|
| ^
|
||||||
|
```
|
||||||
|
|
||||||
|
Many thanks to [wiggles](https://git.lix.systems/rbt) and [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- Warn about ignored client settings [cl/1026](https://gerrit.lix.systems/c/lix/+/1026)
|
||||||
|
|
||||||
|
Emit a warning for every client-provided setting the daemon ignores because the requesting client is not run by a trusted user.
|
||||||
|
Previously this was only a debug message.
|
||||||
|
|
||||||
|
Many thanks to [jade](https://git.lix.systems/jade) for this.
|
||||||
|
- Better error reporting for `with` expressions [#9658](https://github.com/NixOS/nix/pull/9658) [cl/207](https://gerrit.lix.systems/c/lix/+/207)
|
||||||
|
|
||||||
|
`with` expressions using non-attrset values to resolve variables are now reported with proper positions.
|
||||||
|
|
||||||
|
Previously an incorrect `with` expression would report no position at all, making it hard to determine where the error originated:
|
||||||
|
|
||||||
|
```
|
||||||
|
nix-repl> with 1; a
|
||||||
|
error:
|
||||||
|
… <borked>
|
||||||
|
|
||||||
|
at «none»:0: (source not available)
|
||||||
|
|
||||||
|
error: value is an integer while a set was expected
|
||||||
|
```
|
||||||
|
|
||||||
|
Now position information is preserved and reported as with most other errors:
|
||||||
|
|
||||||
|
```
|
||||||
|
nix-repl> with 1; a
|
||||||
|
error:
|
||||||
|
… while evaluating the first subexpression of a with expression
|
||||||
|
at «string»:1:1:
|
||||||
|
1| with 1; a
|
||||||
|
| ^
|
||||||
|
|
||||||
|
error: expected a set but found an integer: 1
|
||||||
|
```
|
||||||
|
|
||||||
|
Many thanks to [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
|
||||||
|
## Fixes
|
||||||
|
- Fix nested flake input `follows` [#6621](https://github.com/NixOS/nix/pull/6621) [cl/994](https://gerrit.lix.systems/c/lix/+/994)
|
||||||
|
|
||||||
|
Previously nested-input overrides were ignored; that is, the following did not
|
||||||
|
override anything, in spite of the `nix3-flake` manual documenting it working:
|
||||||
|
|
||||||
|
```
|
||||||
|
{
|
||||||
|
inputs = {
|
||||||
|
foo.url = "github:bar/foo";
|
||||||
|
foo.inputs.bar.inputs.nixpkgs = "nixpkgs";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
This is useful to avoid the 1000 instances of nixpkgs problem without having
|
||||||
|
each flake in the dependency tree to expose all of its transitive dependencies
|
||||||
|
for modification.
|
||||||
|
|
||||||
|
Many thanks to [Kha](https://github.com/Kha) and [ma27](https://git.lix.systems/ma27) for this.
|
||||||
|
- Fix CVE-2024-27297 (GHSA-2ffj-w4mj-pg37) [cl/266](https://gerrit.lix.systems/c/lix/+/266)
|
||||||
|
|
||||||
|
Since Lix fixed-output derivations run in the host network namespace (which we
|
||||||
|
wish to change in the future, see
|
||||||
|
[lix#285](https://git.lix.systems/lix-project/lix/issues/285)), they may open
|
||||||
|
abstract-namespace Unix sockets to each other and to programs on the host. Lix
|
||||||
|
contained a now-fixed time-of-check/time-of-use vulnerability where one
|
||||||
|
derivation could send writable handles to files in their final location in the
|
||||||
|
store to another over an abstract-namespace Unix socket, exit, then the other
|
||||||
|
derivation could wait for Lix to hash the paths and overwrite them.
|
||||||
|
|
||||||
|
The impact of this vulnerability is that two malicious fixed-output derivations
|
||||||
|
could create a poisoned path for the sources to Bash or similarly important
|
||||||
|
software containing a backdoor, leading to local privilege execution.
|
||||||
|
|
||||||
|
CppNix advisory: https://github.com/NixOS/nix/security/advisories/GHSA-2ffj-w4mj-pg37
|
||||||
|
|
||||||
|
Many thanks to [puck](https://git.lix.systems/puck), [jade](https://git.lix.systems/jade), [Théophane Hufschmitt](https://github.com/thufschmitt), [Tom Bereknyei](https://github.com/tomberek), and [Valentin Gagarin](https://github.com/fricklerhandwerk) for this.
|
||||||
|
- `--debugger` can now access bindings from `let` expressions [#8827](https://github.com/NixOS/nix/issues/8827) [#9918](https://github.com/NixOS/nix/pull/9918)
|
||||||
|
|
||||||
|
Breakpoints and errors in the bindings of a `let` expression can now access
|
||||||
|
those bindings in the debugger. Previously, only the body of `let` expressions
|
||||||
|
could access those bindings.
|
||||||
|
|
||||||
|
Many thanks to [wiggles](https://git.lix.systems/rbt) for this.
|
||||||
|
- Fix handling of truncated `.drv` files. [#9673](https://github.com/NixOS/nix/pull/9673)
|
||||||
|
|
||||||
|
Previously a `.drv` that was truncated in the middle of a string would case nix to enter an infinite loop, eventually exhausting all memory and crashing.
|
||||||
|
|
||||||
|
Many thanks to [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- The `--debugger` will start more reliably in `let` expressions and function calls [#6649](https://github.com/NixOS/nix/issues/6649) [#9917](https://github.com/NixOS/nix/pull/9917)
|
||||||
|
|
||||||
|
Previously, if you attempted to evaluate this file with the debugger:
|
||||||
|
|
||||||
|
```nix
|
||||||
|
let
|
||||||
|
a = builtins.trace "before inner break" (
|
||||||
|
builtins.break "hello"
|
||||||
|
);
|
||||||
|
b = builtins.trace "before outer break" (
|
||||||
|
builtins.break a
|
||||||
|
);
|
||||||
|
in
|
||||||
|
b
|
||||||
|
```
|
||||||
|
|
||||||
|
Lix would correctly enter the debugger at `builtins.break a`, but if you asked
|
||||||
|
it to `:continue`, it would skip over the `builtins.break "hello"` expression
|
||||||
|
entirely.
|
||||||
|
|
||||||
|
Now, Lix will correctly enter the debugger at both breakpoints.
|
||||||
|
|
||||||
|
Many thanks to [wiggles](https://git.lix.systems/rbt) and [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- Creating setuid/setgid binaries with fchmodat2 is now prohibited by the build sandbox [#10501](https://github.com/NixOS/nix/pull/10501)
|
||||||
|
|
||||||
|
The build sandbox blocks any attempt to create setuid/setgid binaries, but didn't check
|
||||||
|
for the use of the `fchmodat2` syscall which was introduced in Linux 6.6 and is used by
|
||||||
|
glibc >=2.39. This is fixed now.
|
||||||
|
|
||||||
|
Many thanks to [ma27](https://git.lix.systems/ma27) for this.
|
||||||
|
- consistent order of lambda formals in printed expressions [#9874](https://github.com/NixOS/nix/pull/9874)
|
||||||
|
|
||||||
|
Always print lambda formals in lexicographic order rather than the internal, creation-time based symbol order.
|
||||||
|
This makes printed formals independent of the context they appear in.
|
||||||
|
|
||||||
|
Many thanks to [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- fix duplicate attribute error positions for `inherit` [#9874](https://github.com/NixOS/nix/pull/9874)
|
||||||
|
|
||||||
|
When an inherit caused a duplicate attribute error, the position of the error was not reported correctly, placing the error with the inherit itself or at the start of the bindings block instead of the offending attribute name.
|
||||||
|
|
||||||
|
Many thanks to [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- `inherit (x) ...` evaluates `x` only once [#9847](https://github.com/NixOS/nix/pull/9847)
|
||||||
|
|
||||||
|
`inherit (x) a b ...` now evaluates the expression `x` only once for all inherited attributes rather than once for each inherited attribute.
|
||||||
|
This does not usually have a measurable impact, but side-effects (such as `builtins.trace`) would be duplicated and expensive expressions (such as derivations) could cause a measurable slowdown.
|
||||||
|
|
||||||
|
Many thanks to [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- Store paths are allowed to start with `.` [#912](https://github.com/NixOS/nix/issues/912) [#9867](https://github.com/NixOS/nix/pull/9867) [#9091](https://github.com/NixOS/nix/pull/9091) [#9095](https://github.com/NixOS/nix/pull/9095) [#9120](https://github.com/NixOS/nix/pull/9120) [#9121](https://github.com/NixOS/nix/pull/9121) [#9122](https://github.com/NixOS/nix/pull/9122) [#9130](https://github.com/NixOS/nix/pull/9130) [#9219](https://github.com/NixOS/nix/pull/9219) [#9224](https://github.com/NixOS/nix/pull/9224)
|
||||||
|
|
||||||
|
Leading periods were allowed by accident in Nix 2.4. The Nix team has considered this to be a bug, but this behavior has since been relied on by users, leading to unnecessary difficulties.
|
||||||
|
From now on, leading periods are officially, definitively supported. The names `.` and `..` are disallowed, as well as those starting with `.-` or `..-`.
|
||||||
|
|
||||||
|
Nix versions that denied leading periods are documented [in the issue](https://github.com/NixOS/nix/issues/912#issuecomment-1919583286).
|
||||||
|
|
||||||
|
Many thanks to [Robert Hensing](https://github.com/roberth) and [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- Fix `nix-env --query --drv-path --json` [#9257](https://github.com/NixOS/nix/pull/9257)
|
||||||
|
|
||||||
|
Fixed a bug where `nix-env --query` ignored `--drv-path` when `--json` was set.
|
||||||
|
|
||||||
|
Many thanks to [Artturin](https://github.com/Artturin) and [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- re-evaluate cached evaluation errors [cl/771](https://gerrit.lix.systems/c/lix/+/771)
|
||||||
|
|
||||||
|
"cached failure of [expr]" errors have been removed: expressions already in the
|
||||||
|
eval cache as a failure will now simply be re-evaluated, removing the need to
|
||||||
|
set `--no-eval-cache` or similar to see the error.
|
||||||
|
|
||||||
|
Many thanks to [Qyriad](https://git.lix.systems/Qyriad) for this.
|
||||||
|
- Interrupting builds in the REPL works more than once [cl/1097](https://gerrit.lix.systems/c/lix/+/1097)
|
||||||
|
|
||||||
|
Builds in the REPL can be interrupted by pressing Ctrl+C.
|
||||||
|
Previously, this only worked once per REPL session; further attempts would be ignored.
|
||||||
|
This issue is now fixed, so that builds can be canceled consistently.
|
||||||
|
|
||||||
|
Many thanks to [alois31](https://git.lix.systems/alois31) for this.
|
||||||
|
- In the debugger, `while evaluating the attribute` errors now include position information [#9915](https://github.com/NixOS/nix/pull/9915)
|
||||||
|
|
||||||
|
Before:
|
||||||
|
|
||||||
|
```
|
||||||
|
0: while evaluating the attribute 'python311.pythonForBuild.pkgs'
|
||||||
|
0x600001522598
|
||||||
|
```
|
||||||
|
|
||||||
|
After:
|
||||||
|
|
||||||
|
```
|
||||||
|
0: while evaluating the attribute 'python311.pythonForBuild.pkgs'
|
||||||
|
/nix/store/hg65h51xnp74ikahns9hyf3py5mlbbqq-source/overrides/default.nix:132:27
|
||||||
|
|
||||||
|
131|
|
||||||
|
132| bootstrappingBase = pkgs.${self.python.pythonAttr}.pythonForBuild.pkgs;
|
||||||
|
| ^
|
||||||
|
133| in
|
||||||
|
```
|
||||||
|
|
||||||
|
Many thanks to [wiggles](https://git.lix.systems/rbt) for this.
|
||||||
|
- Include phase reporting in log file for ssh-ng builds [#9280](https://github.com/NixOS/nix/pull/9280)
|
||||||
|
|
||||||
|
Store phase information of remote builds run via `ssh-ng` remotes in the local log file, matching logging behavior of local builds.
|
||||||
|
|
||||||
|
Many thanks to [r-vdp](https://github.com/r-vdp) for this.
|
||||||
|
- Fix `ssh-ng://` remotes not respecting `--substitute-on-destination` [#9600](https://github.com/NixOS/nix/pull/9600)
|
||||||
|
|
||||||
|
`nix copy ssh-ng://` now respects `--substitute-on-destination`, as does `nix-copy-closure` and other commands that operate on remote `ssh-ng` stores.
|
||||||
|
Previously this was always set by `builders-use-substitutes` setting.
|
||||||
|
|
||||||
|
Many thanks to [SharzyL](https://github.com/SharzyL) for this.
|
||||||
|
- using `nix profile` on `/nix/var/nix/profiles/default` no longer breaks `nix upgrade-nix` [cl/952](https://gerrit.lix.systems/c/lix/+/952)
|
||||||
|
|
||||||
|
On non-NixOS, Nix is conventionally installed into a `nix-env` style profile at /nix/var/nix/profiles/default.
|
||||||
|
Like any `nix-env` profile, using `nix profile` on it automatically migrates it to a `nix profile` style profile, which is incompatible with `nix-env`.
|
||||||
|
`nix upgrade-nix` previously relied solely on `nix-env` to do the upgrade, but now will work fine with either kind of profile.
|
||||||
|
|
||||||
|
Many thanks to [Qyriad](https://git.lix.systems/Qyriad) for this.
|
||||||
|
|
||||||
|
## Packaging
|
||||||
|
- Lix turns more internal bugs into crashes [cl/797](https://gerrit.lix.systems/c/lix/+/797) [cl/626](https://gerrit.lix.systems/c/lix/+/626)
|
||||||
|
|
||||||
|
Lix now enables build options such as trapping on signed overflow and enabling
|
||||||
|
libstdc++ assertions by default. These may find new bugs in Lix, which will
|
||||||
|
present themselves as Lix processes aborting, potentially without an error
|
||||||
|
message.
|
||||||
|
|
||||||
|
If Lix processes abort on your machine, this is a bug. Please file a bug,
|
||||||
|
ideally with the core dump (or information from it).
|
||||||
|
|
||||||
|
On Linux, run `coredumpctl list`, find the crashed process's PID at
|
||||||
|
the bottom of the list, then run `coredumpctl info THE-PID`. You can then paste
|
||||||
|
the output into a bug report.
|
||||||
|
|
||||||
|
On macOS, open the Console app from Applications/Utilities, select Crash
|
||||||
|
Reports, select the crash report in question. Right click on it, select Open In
|
||||||
|
Finder, then include that file in your bug report. [See the Apple
|
||||||
|
documentation][apple-crashreport] for more details.
|
||||||
|
|
||||||
|
[apple-crashreport]: https://developer.apple.com/documentation/xcode/acquiring-crash-reports-and-diagnostic-logs#Locate-crash-reports-and-memory-logs-on-the-device
|
||||||
|
|
||||||
|
Many thanks to [jade](https://git.lix.systems/jade) for this.
|
||||||
|
- Stop vendoring toml11 [cl/675](https://gerrit.lix.systems/c/lix/+/675)
|
||||||
|
|
||||||
|
We don't apply any patches to it, and vendoring it locks users into
|
||||||
|
bugs (it hasn't been updated since its introduction in late 2021).
|
||||||
|
|
||||||
|
Many thanks to [winter](https://git.lix.systems/winter) for this.
|
||||||
|
- Lix is built with meson [cl/580](https://gerrit.lix.systems/c/lix/+/580) [cl/627](https://gerrit.lix.systems/c/lix/+/627) [cl/628](https://gerrit.lix.systems/c/lix/+/628) [cl/707](https://gerrit.lix.systems/c/lix/+/707) [cl/711](https://gerrit.lix.systems/c/lix/+/711) [cl/712](https://gerrit.lix.systems/c/lix/+/712) [cl/719](https://gerrit.lix.systems/c/lix/+/719)
|
||||||
|
|
||||||
|
Lix is built exclusively with the meson build system thanks to a huge team-wide
|
||||||
|
effort, and the legacy `make`/`autoconf` based build system has been removed
|
||||||
|
altogether. This improves maintainability of Lix, enables things like saving
|
||||||
|
20% of compile times with precompiled headers, and generally makes the build
|
||||||
|
less able to produce obscure incremental compilation bugs.
|
||||||
|
|
||||||
|
Non-Nix-based downstream packaging needs rewriting accordingly.
|
||||||
|
|
||||||
|
Many thanks to [Qyriad](https://git.lix.systems/Qyriad), [eldritch horrors](https://git.lix.systems/pennae), [jade](https://git.lix.systems/jade), [wiggles](https://git.lix.systems/rbt), and [winter](https://git.lix.systems/winter) for this.
|
||||||
|
- Upstart scripts removed [cl/574](https://gerrit.lix.systems/c/lix/+/574)
|
||||||
|
|
||||||
|
Upstart scripts have been removed from Lix, since Upstart is obsolete and has
|
||||||
|
not been shipped by any major distributions for many years. If these are
|
||||||
|
necessary to your use case, please back port them to your packaging.
|
||||||
|
|
||||||
|
Many thanks to [jade](https://git.lix.systems/jade) for this.
|
||||||
|
|
||||||
|
## Development
|
||||||
|
- Clang build timing analysis [cl/587](https://gerrit.lix.systems/c/lix/+/587)
|
||||||
|
|
||||||
|
We now have Clang build profiling available, which generates Chrome
|
||||||
|
tracing files for each compilation unit. To enable it, run `meson configure
|
||||||
|
build -Dprofile-build=enabled` in a Clang stdenv (`nix develop
|
||||||
|
.#native-clangStdenvPackages`) then rerun the compilation.
|
||||||
|
|
||||||
|
If you want to make the build go faster, do a clang build with meson, then run
|
||||||
|
`maintainers/buildtime_report.sh build`, then contemplate how to improve the
|
||||||
|
build time.
|
||||||
|
|
||||||
|
You can also look at individual object files' traces in
|
||||||
|
<https://ui.perfetto.dev>.
|
||||||
|
|
||||||
|
See [the wiki page][improving-build-times-wiki] for more details on how to do
|
||||||
|
this.
|
||||||
|
|
||||||
|
[improving-build-times-wiki]: https://wiki.lix.systems/link/8#bkmrk-page-title
|
||||||
|
|
||||||
|
## Miscellany
|
||||||
|
- Disallow empty search regex in `nix search` [#9481](https://github.com/NixOS/nix/pull/9481)
|
||||||
|
|
||||||
|
[`nix search`](@docroot@/command-ref/new-cli/nix3-search.md) now requires a search regex to be passed. To show all packages, use `^`.
|
||||||
|
|
||||||
|
Many thanks to [iFreilicht](https://github.com/iFreilicht) and [eldritch horrors](https://git.lix.systems/pennae) for this.
|
||||||
|
- `nix repl` history is saved more reliably [cl/1164](https://gerrit.lix.systems/c/lix/+/1164)
|
||||||
|
|
||||||
|
`nix repl` now saves its history file after each line, rather than at the end
|
||||||
|
of the session; ensuring that it will remember what you typed even after it
|
||||||
|
crashes.
|
||||||
|
|
||||||
|
Many thanks to [puck](https://git.lix.systems/puck) for this.
|
216
docker.nix
216
docker.nix
|
@ -1,7 +1,10 @@
|
||||||
{
|
{
|
||||||
pkgs ? import <nixpkgs> { },
|
pkgs ? import <nixpkgs> { },
|
||||||
|
# Git commit ID, if available
|
||||||
|
lixRevision ? null,
|
||||||
|
nix2container,
|
||||||
lib ? pkgs.lib,
|
lib ? pkgs.lib,
|
||||||
name ? "nix",
|
name ? "lix",
|
||||||
tag ? "latest",
|
tag ? "latest",
|
||||||
bundleNixpkgs ? true,
|
bundleNixpkgs ? true,
|
||||||
channelName ? "nixpkgs",
|
channelName ? "nixpkgs",
|
||||||
|
@ -12,26 +15,51 @@
|
||||||
flake-registry ? null,
|
flake-registry ? null,
|
||||||
}:
|
}:
|
||||||
let
|
let
|
||||||
|
layerContents = with pkgs; [
|
||||||
|
# pulls in glibc and openssl, about 60MB
|
||||||
|
{ contents = [ coreutils-full ]; }
|
||||||
|
# some stuff that is low in the closure graph and small ish, mostly to make
|
||||||
|
# incremental lix updates cheaper
|
||||||
|
{
|
||||||
|
contents = [
|
||||||
|
curl
|
||||||
|
libxml2
|
||||||
|
sqlite
|
||||||
|
];
|
||||||
|
}
|
||||||
|
# 50MB of git
|
||||||
|
{ contents = [ gitMinimal ]; }
|
||||||
|
# 144MB of nixpkgs
|
||||||
|
{
|
||||||
|
contents = [ channel ];
|
||||||
|
inProfile = false;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
# These packages are left to be auto layered by nix2container, since it is
|
||||||
|
# less critical that they get layered sensibly and they tend to not be deps
|
||||||
|
# of anything in particular
|
||||||
|
autoLayered = with pkgs; [
|
||||||
|
bashInteractive
|
||||||
|
gnutar
|
||||||
|
gzip
|
||||||
|
gnugrep
|
||||||
|
which
|
||||||
|
less
|
||||||
|
wget
|
||||||
|
man
|
||||||
|
cacert.out
|
||||||
|
findutils
|
||||||
|
iana-etc
|
||||||
|
openssh
|
||||||
|
nix
|
||||||
|
];
|
||||||
|
|
||||||
defaultPkgs =
|
defaultPkgs =
|
||||||
with pkgs;
|
lib.lists.flatten (
|
||||||
[
|
map (x: if !(x ? inProfile) || x.inProfile then x.contents else [ ]) layerContents
|
||||||
nix
|
)
|
||||||
bashInteractive
|
++ autoLayered
|
||||||
coreutils-full
|
|
||||||
gnutar
|
|
||||||
gzip
|
|
||||||
gnugrep
|
|
||||||
which
|
|
||||||
curl
|
|
||||||
less
|
|
||||||
wget
|
|
||||||
man
|
|
||||||
cacert.out
|
|
||||||
findutils
|
|
||||||
iana-etc
|
|
||||||
git
|
|
||||||
openssh
|
|
||||||
]
|
|
||||||
++ extraPkgs;
|
++ extraPkgs;
|
||||||
|
|
||||||
users =
|
users =
|
||||||
|
@ -139,16 +167,17 @@ let
|
||||||
))
|
))
|
||||||
+ "\n";
|
+ "\n";
|
||||||
|
|
||||||
|
nixpkgs = pkgs.path;
|
||||||
|
channel = pkgs.runCommand "channel-nixpkgs" { } ''
|
||||||
|
mkdir $out
|
||||||
|
${lib.optionalString bundleNixpkgs ''
|
||||||
|
ln -s ${nixpkgs} $out/nixpkgs
|
||||||
|
echo "[]" > $out/manifest.nix
|
||||||
|
''}
|
||||||
|
'';
|
||||||
|
|
||||||
baseSystem =
|
baseSystem =
|
||||||
let
|
let
|
||||||
nixpkgs = pkgs.path;
|
|
||||||
channel = pkgs.runCommand "channel-nixos" { inherit bundleNixpkgs; } ''
|
|
||||||
mkdir $out
|
|
||||||
if [ "$bundleNixpkgs" ]; then
|
|
||||||
ln -s ${nixpkgs} $out/nixpkgs
|
|
||||||
echo "[]" > $out/manifest.nix
|
|
||||||
fi
|
|
||||||
'';
|
|
||||||
rootEnv = pkgs.buildPackages.buildEnv {
|
rootEnv = pkgs.buildPackages.buildEnv {
|
||||||
name = "root-profile-env";
|
name = "root-profile-env";
|
||||||
paths = defaultPkgs;
|
paths = defaultPkgs;
|
||||||
|
@ -187,7 +216,7 @@ let
|
||||||
profile = pkgs.buildPackages.runCommand "user-environment" { } ''
|
profile = pkgs.buildPackages.runCommand "user-environment" { } ''
|
||||||
mkdir $out
|
mkdir $out
|
||||||
cp -a ${rootEnv}/* $out/
|
cp -a ${rootEnv}/* $out/
|
||||||
ln -s ${manifest} $out/manifest.nix
|
ln -sf ${manifest} $out/manifest.nix
|
||||||
'';
|
'';
|
||||||
flake-registry-path =
|
flake-registry-path =
|
||||||
if (flake-registry == null) then
|
if (flake-registry == null) then
|
||||||
|
@ -236,6 +265,7 @@ let
|
||||||
ln -s /nix/var/nix/profiles/share $out/usr/
|
ln -s /nix/var/nix/profiles/share $out/usr/
|
||||||
|
|
||||||
mkdir -p $out/nix/var/nix/gcroots
|
mkdir -p $out/nix/var/nix/gcroots
|
||||||
|
ln -s /nix/var/nix/profiles $out/nix/var/nix/gcroots/profiles
|
||||||
|
|
||||||
mkdir $out/tmp
|
mkdir $out/tmp
|
||||||
|
|
||||||
|
@ -248,14 +278,14 @@ let
|
||||||
mkdir -p $out/nix/var/nix/profiles/per-user/root
|
mkdir -p $out/nix/var/nix/profiles/per-user/root
|
||||||
|
|
||||||
ln -s ${profile} $out/nix/var/nix/profiles/default-1-link
|
ln -s ${profile} $out/nix/var/nix/profiles/default-1-link
|
||||||
ln -s $out/nix/var/nix/profiles/default-1-link $out/nix/var/nix/profiles/default
|
ln -s /nix/var/nix/profiles/default-1-link $out/nix/var/nix/profiles/default
|
||||||
ln -s /nix/var/nix/profiles/default $out/root/.nix-profile
|
ln -s /nix/var/nix/profiles/default $out/root/.nix-profile
|
||||||
|
|
||||||
ln -s ${channel} $out/nix/var/nix/profiles/per-user/root/channels-1-link
|
ln -s ${channel} $out/nix/var/nix/profiles/per-user/root/channels-1-link
|
||||||
ln -s $out/nix/var/nix/profiles/per-user/root/channels-1-link $out/nix/var/nix/profiles/per-user/root/channels
|
ln -s /nix/var/nix/profiles/per-user/root/channels-1-link $out/nix/var/nix/profiles/per-user/root/channels
|
||||||
|
|
||||||
mkdir -p $out/root/.nix-defexpr
|
mkdir -p $out/root/.nix-defexpr
|
||||||
ln -s $out/nix/var/nix/profiles/per-user/root/channels $out/root/.nix-defexpr/channels
|
ln -s /nix/var/nix/profiles/per-user/root/channels $out/root/.nix-defexpr/channels
|
||||||
echo "${channelURL} ${channelName}" > $out/root/.nix-channels
|
echo "${channelURL} ${channelName}" > $out/root/.nix-channels
|
||||||
|
|
||||||
mkdir -p $out/bin $out/usr/bin
|
mkdir -p $out/bin $out/usr/bin
|
||||||
|
@ -273,43 +303,99 @@ let
|
||||||
ln -s $globalFlakeRegistryPath $out/nix/var/nix/gcroots/auto/$rootName
|
ln -s $globalFlakeRegistryPath $out/nix/var/nix/gcroots/auto/$rootName
|
||||||
'')
|
'')
|
||||||
);
|
);
|
||||||
in
|
|
||||||
pkgs.dockerTools.buildLayeredImageWithNixDb {
|
|
||||||
|
|
||||||
inherit name tag maxLayers;
|
layers = builtins.foldl' (
|
||||||
|
layersList: el:
|
||||||
|
let
|
||||||
|
layer = nix2container.buildLayer {
|
||||||
|
deps = el.contents;
|
||||||
|
layers = layersList;
|
||||||
|
};
|
||||||
|
in
|
||||||
|
layersList ++ [ layer ]
|
||||||
|
) [ ] layerContents;
|
||||||
|
|
||||||
contents = [ baseSystem ];
|
image = nix2container.buildImage {
|
||||||
|
|
||||||
extraCommands = ''
|
inherit name tag maxLayers;
|
||||||
rm -rf nix-support
|
|
||||||
ln -s /nix/var/nix/profiles nix/var/nix/gcroots/profiles
|
|
||||||
'';
|
|
||||||
fakeRootCommands = ''
|
|
||||||
chmod 1777 tmp
|
|
||||||
chmod 1777 var/tmp
|
|
||||||
'';
|
|
||||||
|
|
||||||
config = {
|
inherit layers;
|
||||||
Cmd = [ "/root/.nix-profile/bin/bash" ];
|
|
||||||
Env = [
|
copyToRoot = [ baseSystem ];
|
||||||
"USER=root"
|
|
||||||
"PATH=${
|
initializeNixDatabase = true;
|
||||||
lib.concatStringsSep ":" [
|
|
||||||
"/root/.nix-profile/bin"
|
perms = [
|
||||||
"/nix/var/nix/profiles/default/bin"
|
{
|
||||||
"/nix/var/nix/profiles/default/sbin"
|
path = baseSystem;
|
||||||
]
|
regex = "(/var)?/tmp";
|
||||||
}"
|
mode = "1777";
|
||||||
"MANPATH=${
|
}
|
||||||
lib.concatStringsSep ":" [
|
|
||||||
"/root/.nix-profile/share/man"
|
|
||||||
"/nix/var/nix/profiles/default/share/man"
|
|
||||||
]
|
|
||||||
}"
|
|
||||||
"SSL_CERT_FILE=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"
|
|
||||||
"GIT_SSL_CAINFO=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"
|
|
||||||
"NIX_SSL_CERT_FILE=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"
|
|
||||||
"NIX_PATH=/nix/var/nix/profiles/per-user/root/channels:/root/.nix-defexpr/channels"
|
|
||||||
];
|
];
|
||||||
|
|
||||||
|
config = {
|
||||||
|
Cmd = [ "/root/.nix-profile/bin/bash" ];
|
||||||
|
Env = [
|
||||||
|
"USER=root"
|
||||||
|
"PATH=${
|
||||||
|
lib.concatStringsSep ":" [
|
||||||
|
"/root/.nix-profile/bin"
|
||||||
|
"/nix/var/nix/profiles/default/bin"
|
||||||
|
"/nix/var/nix/profiles/default/sbin"
|
||||||
|
]
|
||||||
|
}"
|
||||||
|
"MANPATH=${
|
||||||
|
lib.concatStringsSep ":" [
|
||||||
|
"/root/.nix-profile/share/man"
|
||||||
|
"/nix/var/nix/profiles/default/share/man"
|
||||||
|
]
|
||||||
|
}"
|
||||||
|
"SSL_CERT_FILE=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"
|
||||||
|
"GIT_SSL_CAINFO=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"
|
||||||
|
"NIX_SSL_CERT_FILE=/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"
|
||||||
|
"NIX_PATH=/nix/var/nix/profiles/per-user/root/channels:/root/.nix-defexpr/channels"
|
||||||
|
];
|
||||||
|
|
||||||
|
Labels = {
|
||||||
|
"org.opencontainers.image.title" = "Lix";
|
||||||
|
"org.opencontainers.image.source" = "https://git.lix.systems/lix-project/lix";
|
||||||
|
"org.opencontainers.image.vendor" = "Lix project";
|
||||||
|
"org.opencontainers.image.version" = pkgs.nix.version;
|
||||||
|
"org.opencontainers.image.description" = "Minimal Lix container image, with some batteries included.";
|
||||||
|
} // lib.optionalAttrs (lixRevision != null) { "org.opencontainers.image.revision" = lixRevision; };
|
||||||
|
};
|
||||||
|
|
||||||
|
meta = {
|
||||||
|
description = "Docker image for Lix. This is built with nix2container; see that project's README for details";
|
||||||
|
longDescription = ''
|
||||||
|
Docker image for Lix, built with nix2container.
|
||||||
|
To copy it to your docker daemon, nix run .#dockerImage.copyToDockerDaemon
|
||||||
|
To copy it to podman, nix run .#dockerImage.copyTo containers-storage:lix
|
||||||
|
'';
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
in
|
||||||
|
image
|
||||||
|
// {
|
||||||
|
# We don't ship the tarball as the default output because it is a strange thing to want imo
|
||||||
|
tarball =
|
||||||
|
pkgs.buildPackages.runCommand "docker-image-tarball-${pkgs.nix.version}"
|
||||||
|
{
|
||||||
|
nativeBuildInputs = [ pkgs.buildPackages.bubblewrap ];
|
||||||
|
meta.description = "Docker image tarball with Lix for ${pkgs.system}";
|
||||||
|
}
|
||||||
|
''
|
||||||
|
mkdir -p $out/nix-support
|
||||||
|
image=$out/image.tar
|
||||||
|
# bwrap for foolish temp dir selection code that forces /var/tmp:
|
||||||
|
# https://github.com/containers/skopeo.git/blob/60ee543f7f7c242f46cc3a7541d9ac8ab1c89168/vendor/github.com/containers/image/v5/internal/tmpdir/tmpdir.go#L15-L18
|
||||||
|
mkdir -p $TMPDIR/fake-var/tmp
|
||||||
|
args=(--unshare-user --bind "$TMPDIR/fake-var" /var)
|
||||||
|
for dir in /*; do
|
||||||
|
args+=(--dev-bind "/$dir" "/$dir")
|
||||||
|
done
|
||||||
|
bwrap ''${args[@]} -- ${lib.getExe image.copyTo} docker-archive:$image
|
||||||
|
gzip $image
|
||||||
|
echo "file binary-dist $image" >> $out/nix-support/hydra-build-products
|
||||||
|
'';
|
||||||
}
|
}
|
||||||
|
|
25
flake.lock
25
flake.lock
|
@ -16,18 +16,34 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"nix2container": {
|
||||||
|
"flake": false,
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1712990762,
|
||||||
|
"narHash": "sha256-hO9W3w7NcnYeX8u8cleHiSpK2YJo7ecarFTUlbybl7k=",
|
||||||
|
"owner": "nlewo",
|
||||||
|
"repo": "nix2container",
|
||||||
|
"rev": "20aad300c925639d5d6cbe30013c8357ce9f2a2e",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "nlewo",
|
||||||
|
"repo": "nix2container",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1715123187,
|
"lastModified": 1718111384,
|
||||||
"narHash": "sha256-0czuu757t53lK6uWeo1a5/jJbCd9t4sOtLDFpts60DM=",
|
"narHash": "sha256-7tSst0S5FOmcgvNtfy6cjZX5w8CabCVAfAeCkhY4OVg=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "0c592f9a288bdf764b6f24c757277c0e49757a46",
|
"rev": "a508a44af0c1b1b57785c34d8b54783536273eeb",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"ref": "nixos-23.11-small",
|
"ref": "nixos-24.05-small",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
|
@ -67,6 +83,7 @@
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-compat": "flake-compat",
|
"flake-compat": "flake-compat",
|
||||||
|
"nix2container": "nix2container",
|
||||||
"nixpkgs": "nixpkgs",
|
"nixpkgs": "nixpkgs",
|
||||||
"nixpkgs-regression": "nixpkgs-regression",
|
"nixpkgs-regression": "nixpkgs-regression",
|
||||||
"pre-commit-hooks": "pre-commit-hooks"
|
"pre-commit-hooks": "pre-commit-hooks"
|
||||||
|
|
86
flake.nix
86
flake.nix
|
@ -2,12 +2,16 @@
|
||||||
description = "The purely functional package manager";
|
description = "The purely functional package manager";
|
||||||
|
|
||||||
inputs = {
|
inputs = {
|
||||||
nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11-small";
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05-small";
|
||||||
nixpkgs-regression.url = "github:NixOS/nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2";
|
nixpkgs-regression.url = "github:NixOS/nixpkgs/215d4d0fd80ca5163643b03a33fde804a29cc1e2";
|
||||||
pre-commit-hooks = {
|
pre-commit-hooks = {
|
||||||
url = "github:cachix/git-hooks.nix";
|
url = "github:cachix/git-hooks.nix";
|
||||||
flake = false;
|
flake = false;
|
||||||
};
|
};
|
||||||
|
nix2container = {
|
||||||
|
url = "github:nlewo/nix2container";
|
||||||
|
flake = false;
|
||||||
|
};
|
||||||
flake-compat = {
|
flake-compat = {
|
||||||
url = "github:edolstra/flake-compat";
|
url = "github:edolstra/flake-compat";
|
||||||
flake = false;
|
flake = false;
|
||||||
|
@ -20,6 +24,7 @@
|
||||||
nixpkgs,
|
nixpkgs,
|
||||||
nixpkgs-regression,
|
nixpkgs-regression,
|
||||||
pre-commit-hooks,
|
pre-commit-hooks,
|
||||||
|
nix2container,
|
||||||
flake-compat,
|
flake-compat,
|
||||||
}:
|
}:
|
||||||
|
|
||||||
|
@ -59,7 +64,6 @@
|
||||||
# Set to true to build the release notes for the next release.
|
# Set to true to build the release notes for the next release.
|
||||||
buildUnreleasedNotes = true;
|
buildUnreleasedNotes = true;
|
||||||
|
|
||||||
version = lib.fileContents ./.version + versionSuffix;
|
|
||||||
versionSuffix =
|
versionSuffix =
|
||||||
if officialRelease then
|
if officialRelease then
|
||||||
""
|
""
|
||||||
|
@ -83,10 +87,11 @@
|
||||||
crossSystems = [
|
crossSystems = [
|
||||||
"armv6l-linux"
|
"armv6l-linux"
|
||||||
"armv7l-linux"
|
"armv7l-linux"
|
||||||
# FIXME: doesn't evaluate, plausibly fixed in >=24.05, so recheck when
|
"riscv64-linux"
|
||||||
# we update to 24.05
|
# FIXME: still broken in 24.05: fails to build rustc(??) due to missing -lstdc++ dep
|
||||||
# "x86_64-freebsd13"
|
# "x86_64-freebsd"
|
||||||
"x86_64-netbsd"
|
# FIXME: broken dev shell due to python
|
||||||
|
# "x86_64-netbsd"
|
||||||
];
|
];
|
||||||
|
|
||||||
stdenvs = [
|
stdenvs = [
|
||||||
|
@ -131,13 +136,11 @@
|
||||||
{
|
{
|
||||||
system = crossSystem;
|
system = crossSystem;
|
||||||
}
|
}
|
||||||
// lib.optionalAttrs (crossSystem == "x86_64-freebsd13") { useLLVM = true; };
|
// lib.optionalAttrs (crossSystem == "x86_64-freebsd") { useLLVM = true; };
|
||||||
overlays = [
|
overlays = [
|
||||||
(overlayFor (p: p.${stdenv}))
|
(overlayFor (p: p.${stdenv}))
|
||||||
(final: prev: { nixfmt = final.callPackage ./nix-support/nixfmt.nix { }; })
|
(final: prev: { nixfmt = final.callPackage ./nix-support/nixfmt.nix { }; })
|
||||||
];
|
];
|
||||||
|
|
||||||
config.permittedInsecurePackages = [ "nix-2.13.6" ];
|
|
||||||
};
|
};
|
||||||
stdenvs = forAllStdenvs (make-pkgs null);
|
stdenvs = forAllStdenvs (make-pkgs null);
|
||||||
native = stdenvs.stdenvPackages;
|
native = stdenvs.stdenvPackages;
|
||||||
|
@ -149,9 +152,6 @@
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|
||||||
binaryTarball =
|
|
||||||
nix: pkgs: pkgs.callPackage ./nix-support/binary-tarball.nix { inherit nix version; };
|
|
||||||
|
|
||||||
overlayFor =
|
overlayFor =
|
||||||
getStdenv: final: prev:
|
getStdenv: final: prev:
|
||||||
let
|
let
|
||||||
|
@ -164,7 +164,6 @@
|
||||||
nixUnstable = prev.nixUnstable;
|
nixUnstable = prev.nixUnstable;
|
||||||
|
|
||||||
check-headers = final.buildPackages.callPackage ./maintainers/check-headers.nix { };
|
check-headers = final.buildPackages.callPackage ./maintainers/check-headers.nix { };
|
||||||
clangbuildanalyzer = final.buildPackages.callPackage ./misc/clangbuildanalyzer.nix { };
|
|
||||||
|
|
||||||
default-busybox-sandbox-shell = final.busybox.override {
|
default-busybox-sandbox-shell = final.busybox.override {
|
||||||
useMusl = true;
|
useMusl = true;
|
||||||
|
@ -191,7 +190,7 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
nix = final.callPackage ./package.nix {
|
nix = final.callPackage ./package.nix {
|
||||||
inherit versionSuffix;
|
inherit versionSuffix officialRelease;
|
||||||
stdenv = currentStdenv;
|
stdenv = currentStdenv;
|
||||||
busybox-sandbox-shell = final.busybox-sandbox-shell or final.default-busybox-sandbox-shell;
|
busybox-sandbox-shell = final.busybox-sandbox-shell or final.default-busybox-sandbox-shell;
|
||||||
};
|
};
|
||||||
|
@ -209,10 +208,14 @@
|
||||||
overlays.default = overlayFor (p: p.stdenv);
|
overlays.default = overlayFor (p: p.stdenv);
|
||||||
|
|
||||||
hydraJobs = {
|
hydraJobs = {
|
||||||
|
|
||||||
# Binary package for various platforms.
|
# Binary package for various platforms.
|
||||||
build = forAllSystems (system: self.packages.${system}.nix);
|
build = forAllSystems (system: self.packages.${system}.nix);
|
||||||
|
|
||||||
|
devShell = forAllSystems (system: {
|
||||||
|
default = self.devShells.${system}.default;
|
||||||
|
clang = self.devShells.${system}.native-clangStdenvPackages;
|
||||||
|
});
|
||||||
|
|
||||||
rl-next = forAllSystems (
|
rl-next = forAllSystems (
|
||||||
system:
|
system:
|
||||||
let
|
let
|
||||||
|
@ -227,20 +230,17 @@
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
user = rl-next-check "rl-next" ./doc/manual/rl-next;
|
user = rl-next-check "rl-next" ./doc/manual/rl-next;
|
||||||
dev = rl-next-check "rl-next-dev" ./doc/manual/rl-next-dev;
|
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|
||||||
# Perl bindings for various platforms.
|
# Perl bindings for various platforms.
|
||||||
perlBindings = forAllSystems (system: nixpkgsFor.${system}.native.nix.perl-bindings);
|
perlBindings = forAllSystems (system: nixpkgsFor.${system}.native.nix.passthru.perl-bindings);
|
||||||
|
|
||||||
# Binary tarball for various platforms, containing a Nix store
|
# Binary tarball for various platforms, containing a Nix store
|
||||||
# with the closure of 'nix' package.
|
# with the closure of 'nix' package.
|
||||||
binaryTarball = forAllSystems (
|
binaryTarball = forAllSystems (system: nixpkgsFor.${system}.native.nix.passthru.binaryTarball);
|
||||||
system: binaryTarball nixpkgsFor.${system}.native.nix nixpkgsFor.${system}.native
|
|
||||||
);
|
|
||||||
|
|
||||||
# docker image with Nix inside
|
# docker image with Lix inside
|
||||||
dockerImage = lib.genAttrs linux64BitSystems (system: self.packages.${system}.dockerImage);
|
dockerImage = lib.genAttrs linux64BitSystems (system: self.packages.${system}.dockerImage);
|
||||||
|
|
||||||
# API docs for Nix's unstable internal C++ interfaces.
|
# API docs for Nix's unstable internal C++ interfaces.
|
||||||
|
@ -281,9 +281,20 @@
|
||||||
|
|
||||||
nixpkgsLibTests = forAllSystems (
|
nixpkgsLibTests = forAllSystems (
|
||||||
system:
|
system:
|
||||||
import (nixpkgs + "/lib/tests/release.nix") {
|
let
|
||||||
|
inherit (self.packages.${system}) nix;
|
||||||
pkgs = nixpkgsFor.${system}.native;
|
pkgs = nixpkgsFor.${system}.native;
|
||||||
nixVersions = [ self.packages.${system}.nix ];
|
testWithNix = import (nixpkgs + "/lib/tests/test-with-nix.nix") { inherit pkgs lib nix; };
|
||||||
|
in
|
||||||
|
pkgs.symlinkJoin {
|
||||||
|
name = "nixpkgs-lib-tests";
|
||||||
|
paths =
|
||||||
|
[ testWithNix ]
|
||||||
|
# FIXME: This is disabled on darwin due to a nixpkgs bug https://github.com/NixOS/nixpkgs/issues/319147
|
||||||
|
# After that is fixed, it should be restored to use lib/tests/release.nix as before, rather than this reimplementation.
|
||||||
|
++ lib.optionals pkgs.stdenv.isLinux [
|
||||||
|
(import (nixpkgs + "/pkgs/test/release") { inherit pkgs lib nix; })
|
||||||
|
];
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
};
|
};
|
||||||
|
@ -300,16 +311,23 @@
|
||||||
);
|
);
|
||||||
};
|
};
|
||||||
|
|
||||||
|
release-jobs = import ./releng/release-jobs.nix {
|
||||||
|
inherit (self) hydraJobs;
|
||||||
|
pkgs = nixpkgsFor.x86_64-linux.native;
|
||||||
|
};
|
||||||
|
|
||||||
# NOTE *do not* add fresh derivations to checks, always add them to
|
# NOTE *do not* add fresh derivations to checks, always add them to
|
||||||
# hydraJobs first (so CI will pick them up) and only link them here
|
# hydraJobs first (so CI will pick them up) and only link them here
|
||||||
checks = forAvailableSystems (
|
checks = forAvailableSystems (
|
||||||
system:
|
system:
|
||||||
{
|
{
|
||||||
|
# devShells and packages already get checked by nix flake check, so
|
||||||
|
# this is just jobs that are special
|
||||||
|
|
||||||
binaryTarball = self.hydraJobs.binaryTarball.${system};
|
binaryTarball = self.hydraJobs.binaryTarball.${system};
|
||||||
perlBindings = self.hydraJobs.perlBindings.${system};
|
perlBindings = self.hydraJobs.perlBindings.${system};
|
||||||
nixpkgsLibTests = self.hydraJobs.tests.nixpkgsLibTests.${system};
|
nixpkgsLibTests = self.hydraJobs.tests.nixpkgsLibTests.${system};
|
||||||
rl-next = self.hydraJobs.rl-next.${system}.user;
|
rl-next = self.hydraJobs.rl-next.${system}.user;
|
||||||
rl-next-dev = self.hydraJobs.rl-next.${system}.dev;
|
|
||||||
# Will be empty attr set on i686-linux, and filtered out by forAvailableSystems.
|
# Will be empty attr set on i686-linux, and filtered out by forAvailableSystems.
|
||||||
pre-commit = self.hydraJobs.pre-commit.${system};
|
pre-commit = self.hydraJobs.pre-commit.${system};
|
||||||
}
|
}
|
||||||
|
@ -330,19 +348,13 @@
|
||||||
dockerImage =
|
dockerImage =
|
||||||
let
|
let
|
||||||
pkgs = nixpkgsFor.${system}.native;
|
pkgs = nixpkgsFor.${system}.native;
|
||||||
image = import ./docker.nix {
|
nix2container' = import nix2container { inherit pkgs system; };
|
||||||
inherit pkgs;
|
|
||||||
tag = version;
|
|
||||||
};
|
|
||||||
in
|
in
|
||||||
pkgs.runCommand "docker-image-tarball-${version}"
|
import ./docker.nix {
|
||||||
{ meta.description = "Docker image with Nix for ${system}"; }
|
inherit pkgs;
|
||||||
''
|
nix2container = nix2container'.nix2container;
|
||||||
mkdir -p $out/nix-support
|
tag = pkgs.nix.version;
|
||||||
image=$out/image.tar.gz
|
};
|
||||||
ln -s ${image} $image
|
|
||||||
echo "file binary-dist $image" >> $out/nix-support/hydra-build-products
|
|
||||||
'';
|
|
||||||
}
|
}
|
||||||
// builtins.listToAttrs (
|
// builtins.listToAttrs (
|
||||||
map (crossSystem: {
|
map (crossSystem: {
|
||||||
|
@ -365,7 +377,7 @@
|
||||||
pkgs: stdenv:
|
pkgs: stdenv:
|
||||||
let
|
let
|
||||||
nix = pkgs.callPackage ./package.nix {
|
nix = pkgs.callPackage ./package.nix {
|
||||||
inherit stdenv versionSuffix;
|
inherit stdenv officialRelease versionSuffix;
|
||||||
busybox-sandbox-shell = pkgs.busybox-sandbox-shell or pkgs.default-busybox-sandbox;
|
busybox-sandbox-shell = pkgs.busybox-sandbox-shell or pkgs.default-busybox-sandbox;
|
||||||
internalApiDocs = true;
|
internalApiDocs = true;
|
||||||
};
|
};
|
||||||
|
|
2
justfile
2
justfile
|
@ -24,4 +24,4 @@ install *OPTIONS: (build OPTIONS)
|
||||||
|
|
||||||
# Run tests
|
# Run tests
|
||||||
test *OPTIONS:
|
test *OPTIONS:
|
||||||
meson test -C build --print-errorlogs --quiet {{ OPTIONS }}
|
meson test -C build --print-errorlogs {{ OPTIONS }}
|
||||||
|
|
|
@ -84,9 +84,13 @@ fn indented(s: &str, indent: usize) -> String {
|
||||||
/// Cleans up a single line, erasing prefix single line comments but preserving indentation
|
/// Cleans up a single line, erasing prefix single line comments but preserving indentation
|
||||||
fn cleanup_single_line<'a>(s: &'a str) -> &'a str {
|
fn cleanup_single_line<'a>(s: &'a str) -> &'a str {
|
||||||
let mut cmt_new_start = 0;
|
let mut cmt_new_start = 0;
|
||||||
for (idx, ch) in s.char_indices() {
|
let mut iter = s.char_indices().peekable();
|
||||||
|
while let Some((idx, ch)) = iter.next() {
|
||||||
|
// peek at the next character, with an explicit '\n' as "next character" at end of line
|
||||||
|
let (_, next_ch) = iter.peek().unwrap_or(&(0, '\n'));
|
||||||
|
|
||||||
// if we find a character, save the byte position after it as our new string start
|
// if we find a character, save the byte position after it as our new string start
|
||||||
if ch == '#' || ch == '*' {
|
if ch == '#' || (ch == '*' && next_ch.is_whitespace()) {
|
||||||
cmt_new_start = idx + 1;
|
cmt_new_start = idx + 1;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
@ -206,7 +210,7 @@ fn visit_lambda(name: String, lambda: &Lambda) -> SearchResult {
|
||||||
SearchResult {
|
SearchResult {
|
||||||
identifier: name,
|
identifier: name,
|
||||||
doc: comment,
|
doc: comment,
|
||||||
param_block
|
param_block,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -246,7 +250,7 @@ pub extern "C" fn nd_get_function_docs(
|
||||||
filename: *const c_char,
|
filename: *const c_char,
|
||||||
line: usize,
|
line: usize,
|
||||||
col: usize,
|
col: usize,
|
||||||
) -> *const c_char {
|
) -> *const c_char {
|
||||||
let fname = unsafe { CStr::from_ptr(filename) };
|
let fname = unsafe { CStr::from_ptr(filename) };
|
||||||
fname
|
fname
|
||||||
.to_str()
|
.to_str()
|
||||||
|
@ -257,9 +261,9 @@ pub extern "C" fn nd_get_function_docs(
|
||||||
eprintln!("panic!! {:#?}", e);
|
eprintln!("panic!! {:#?}", e);
|
||||||
e
|
e
|
||||||
})
|
})
|
||||||
.ok()
|
.ok()
|
||||||
})
|
})
|
||||||
.flatten()
|
.flatten()
|
||||||
.and_then(|s| CString::new(s).ok())
|
.and_then(|s| CString::new(s).ok())
|
||||||
.map(|s| s.into_raw() as *const c_char)
|
.map(|s| s.into_raw() as *const c_char)
|
||||||
.unwrap_or(ptr::null())
|
.unwrap_or(ptr::null())
|
||||||
|
@ -319,8 +323,16 @@ mod tests {
|
||||||
let ex1 = " * a";
|
let ex1 = " * a";
|
||||||
let ex2 = " # a";
|
let ex2 = " # a";
|
||||||
let ex3 = " a";
|
let ex3 = " a";
|
||||||
|
let ex4 = " *";
|
||||||
assert_eq!(cleanup_single_line(ex1), " a");
|
assert_eq!(cleanup_single_line(ex1), " a");
|
||||||
assert_eq!(cleanup_single_line(ex2), " a");
|
assert_eq!(cleanup_single_line(ex2), " a");
|
||||||
assert_eq!(cleanup_single_line(ex3), ex3);
|
assert_eq!(cleanup_single_line(ex3), ex3);
|
||||||
|
assert_eq!(cleanup_single_line(ex4), "");
|
||||||
|
}
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn test_single_line_retains_bold_headings() {
|
||||||
|
let ex1 = " **Foo**:";
|
||||||
|
assert_eq!(cleanup_single_line(ex1), ex1);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,146 +0,0 @@
|
||||||
# Nix maintainers team
|
|
||||||
|
|
||||||
## Motivation
|
|
||||||
|
|
||||||
The team's main responsibility is to set a direction for the development of Nix and ensure that the code is in good shape.
|
|
||||||
|
|
||||||
We aim to achieve this by improving the contributor experience and attracting more maintainers – that is, by helping other people contributing to Nix and eventually taking responsibility – in order to scale the development process to match users' needs.
|
|
||||||
|
|
||||||
### Objectives
|
|
||||||
|
|
||||||
- It is obvious what is worthwhile to work on.
|
|
||||||
- It is easy to find the right place in the code to make a change.
|
|
||||||
- It is clear what is expected of a pull request.
|
|
||||||
- It is predictable how to get a change merged and released.
|
|
||||||
|
|
||||||
### Tasks
|
|
||||||
|
|
||||||
- Establish, communicate, and maintain a technical roadmap
|
|
||||||
- Improve documentation targeted at contributors
|
|
||||||
- Record architecture and design decisions
|
|
||||||
- Elaborate contribution guides and abide to them
|
|
||||||
- Define and assert quality criteria for contributions
|
|
||||||
- Maintain the issue tracker and triage pull requests
|
|
||||||
- Help contributors succeed with pull requests that address roadmap milestones
|
|
||||||
- Manage the release lifecycle
|
|
||||||
- Regularly publish reports on work done
|
|
||||||
- Engage with third parties in the interest of the project
|
|
||||||
- Ensure the required maintainer capacity for all of the above
|
|
||||||
|
|
||||||
## Members
|
|
||||||
|
|
||||||
- Eelco Dolstra (@edolstra) – Team lead
|
|
||||||
- Théophane Hufschmitt (@thufschmitt)
|
|
||||||
- Valentin Gagarin (@fricklerhandwerk)
|
|
||||||
- Thomas Bereknyei (@tomberek)
|
|
||||||
- Robert Hensing (@roberth)
|
|
||||||
- John Ericson (@Ericson2314)
|
|
||||||
|
|
||||||
## Meeting protocol
|
|
||||||
|
|
||||||
The team meets twice a week:
|
|
||||||
|
|
||||||
- Discussion meeting: [Fridays 13:00-14:00 CET](https://calendar.google.com/calendar/event?eid=MHNtOGVuNWtrZXNpZHR2bW1sM3QyN2ZjaGNfMjAyMjExMjVUMTIwMDAwWiBiOW81MmZvYnFqYWs4b3E4bGZraGczdDBxZ0Bn)
|
|
||||||
|
|
||||||
1. Triage issues and pull requests from the [No Status](#no-status) column (30 min)
|
|
||||||
2. Discuss issues and pull requests from the [To discuss](#to-discuss) column (30 min)
|
|
||||||
|
|
||||||
- Work meeting: [Mondays 13:00-15:00 CET](https://calendar.google.com/calendar/event?eid=NTM1MG1wNGJnOGpmOTZhYms3bTB1bnY5cWxfMjAyMjExMjFUMTIwMDAwWiBiOW81MmZvYnFqYWs4b3E4bGZraGczdDBxZ0Bn)
|
|
||||||
|
|
||||||
1. Code review on pull requests from [In review](#in-review).
|
|
||||||
2. Other chores and tasks.
|
|
||||||
|
|
||||||
Meeting notes are collected on a [collaborative scratchpad](https://pad.lassul.us/Cv7FpYx-Ri-4VjUykQOLAw), and published on Discourse under the [Nix category](https://discourse.nixos.org/c/dev/nix/50).
|
|
||||||
|
|
||||||
## Project board protocol
|
|
||||||
|
|
||||||
The team uses a [GitHub project board](https://github.com/orgs/NixOS/projects/19/views/1) for tracking its work.
|
|
||||||
|
|
||||||
Items on the board progress through the following states:
|
|
||||||
|
|
||||||
### No Status
|
|
||||||
|
|
||||||
During the discussion meeting, the team triages new items.
|
|
||||||
To be considered, issues and pull requests must have a high-level description to provide the whole team with the necessary context at a glance.
|
|
||||||
|
|
||||||
On every meeting, at least one item from each of the following categories is inspected:
|
|
||||||
|
|
||||||
1. [critical](https://github.com/NixOS/nix/labels/critical)
|
|
||||||
2. [security](https://github.com/NixOS/nix/labels/security)
|
|
||||||
3. [regression](https://github.com/NixOS/nix/labels/regression)
|
|
||||||
4. [bug](https://github.com/NixOS/nix/issues?q=is%3Aopen+label%3Abug+sort%3Areactions-%2B1-desc)
|
|
||||||
5. [tests of existing functionality](https://github.com/NixOS/nix/issues?q=is%3Aopen+label%3Atests+-label%3Afeature+sort%3Areactions-%2B1-desc)
|
|
||||||
|
|
||||||
- [oldest pull requests](https://github.com/NixOS/nix/pulls?q=is%3Apr+is%3Aopen+sort%3Acreated-asc)
|
|
||||||
- [most popular pull requests](https://github.com/NixOS/nix/pulls?q=is%3Apr+is%3Aopen+sort%3Areactions-%2B1-desc)
|
|
||||||
- [oldest issues](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+sort%3Acreated-asc)
|
|
||||||
- [most popular issues](https://github.com/NixOS/nix/issues?q=is%3Aissue+is%3Aopen+sort%3Areactions-%2B1-desc)
|
|
||||||
|
|
||||||
Team members can also add pull requests or issues they would like the whole team to consider.
|
|
||||||
To ensure process quality and reliability, all non-trivial pull requests must be triaged before merging.
|
|
||||||
|
|
||||||
If there is disagreement on the general idea behind an issue or pull request, it is moved to [To discuss](#to-discuss).
|
|
||||||
Otherwise, the issue or pull request in questions get the label [`idea approved`](https://github.com/NixOS/nix/labels/idea%20approved).
|
|
||||||
For issues this means that an implementation is welcome and will be prioritised for review.
|
|
||||||
For pull requests this means that:
|
|
||||||
- Unfinished work is encouraged to be continued.
|
|
||||||
- A reviewer is assigned to take responsibility for getting the pull request merged.
|
|
||||||
The item is moved to the [Assigned](#assigned) column.
|
|
||||||
- If needed, the team can decide to do a collarorative review.
|
|
||||||
Then the item is moved to the [In review](#in-review) column, and review session is scheduled.
|
|
||||||
|
|
||||||
What constitutes a trivial pull request is up to maintainers' judgement.
|
|
||||||
|
|
||||||
### To discuss
|
|
||||||
|
|
||||||
Pull requests and issues that are deemed important and controversial are discussed by the team during discussion meetings.
|
|
||||||
|
|
||||||
This may be where the merit of the change itself or the implementation strategy is contested by a team member.
|
|
||||||
|
|
||||||
As a general guideline, the order of items is determined as follows:
|
|
||||||
|
|
||||||
- Prioritise pull requests over issues
|
|
||||||
|
|
||||||
Contributors who took the time to implement concrete change proposals should not wait indefinitely.
|
|
||||||
|
|
||||||
- Prioritise fixing bugs and testing over documentation, improvements or new features
|
|
||||||
|
|
||||||
The team values stability and accessibility higher than raw functionality.
|
|
||||||
|
|
||||||
- Interleave issues and PRs
|
|
||||||
|
|
||||||
This way issues without attempts at a solution get a chance to get addressed.
|
|
||||||
|
|
||||||
### In review
|
|
||||||
|
|
||||||
Pull requests in this column are reviewed together during work meetings.
|
|
||||||
This is both for spreading implementation knowledge and for establishing common values in code reviews.
|
|
||||||
|
|
||||||
When the overall direction is agreed upon, even when further changes are required, the pull request is assigned to one team member.
|
|
||||||
If significant changes are requested or reviewers cannot come to a conclusion in reasonable time, the pull request is [marked as draft](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/changing-the-stage-of-a-pull-request#converting-a-pull-request-to-a-draft).
|
|
||||||
|
|
||||||
### Assigned
|
|
||||||
|
|
||||||
One team member is assigned to each of these pull requests.
|
|
||||||
They will communicate with the authors, and make the final approval once all remaining issues are addressed.
|
|
||||||
|
|
||||||
If more substantive issues arise, the assignee can move the pull request back to [To discuss](#to-discuss) or [In review](#in-review) to involve the team again.
|
|
||||||
|
|
||||||
### Flowchart
|
|
||||||
|
|
||||||
The process is illustrated in the following diagram:
|
|
||||||
|
|
||||||
```mermaid
|
|
||||||
flowchart TD
|
|
||||||
discuss[To discuss]
|
|
||||||
|
|
||||||
review[To review]
|
|
||||||
|
|
||||||
New --> |Disagreement on idea| discuss
|
|
||||||
New & discuss --> |Consensus on idea| review
|
|
||||||
|
|
||||||
review --> |Consensus on implementation| Assigned
|
|
||||||
|
|
||||||
Assigned --> |Implementation issues arise| review
|
|
||||||
Assigned --> |Remaining issues fixed| Merged
|
|
||||||
```
|
|
|
@ -1,12 +0,0 @@
|
||||||
|
|
||||||
# Backporting
|
|
||||||
|
|
||||||
To [automatically backport a pull request](https://github.com/NixOS/nix/blob/master/.github/workflows/backport.yml) to a release branch once it's merged, assign it a label of the form [`backport <branch>`](https://github.com/NixOS/nix/labels?q=backport).
|
|
||||||
|
|
||||||
Since [GitHub Actions workflows will not trigger other workflows](https://docs.github.com/en/actions/using-workflows/triggering-a-workflow#triggering-a-workflow-from-a-workflow), checks on the automatic backport need to be triggered by another actor.
|
|
||||||
This is achieved by closing and reopening the backport pull request.
|
|
||||||
|
|
||||||
This specifically affects the [`installer_test`] check.
|
|
||||||
Note that it only runs after the other tests, so it may take a while to appear.
|
|
||||||
|
|
||||||
[`installer_test`]: https://github.com/NixOS/nix/blob/895dfc656a21f6252ddf48df0d1f215effa04ecb/.github/workflows/ci.yml#L70-L91
|
|
|
@ -1,6 +1,5 @@
|
||||||
from collections import defaultdict
|
from collections import defaultdict
|
||||||
import frontmatter
|
import frontmatter
|
||||||
import sys
|
|
||||||
import pathlib
|
import pathlib
|
||||||
import textwrap
|
import textwrap
|
||||||
from typing import Any, Tuple
|
from typing import Any, Tuple
|
||||||
|
@ -27,6 +26,7 @@ CATEGORIES = [
|
||||||
'Improvements',
|
'Improvements',
|
||||||
'Fixes',
|
'Fixes',
|
||||||
'Packaging',
|
'Packaging',
|
||||||
|
'Development',
|
||||||
'Miscellany',
|
'Miscellany',
|
||||||
]
|
]
|
||||||
|
|
||||||
|
@ -143,7 +143,7 @@ def run_on_dir(author_info: AuthorInfoDB, d):
|
||||||
|
|
||||||
for category in CATEGORIES:
|
for category in CATEGORIES:
|
||||||
if entries[category]:
|
if entries[category]:
|
||||||
print('\n#', category)
|
print('\n##', category)
|
||||||
do_category(author_info, entries[category])
|
do_category(author_info, entries[category])
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
|
|
|
@ -1,179 +0,0 @@
|
||||||
#!/usr/bin/env nix-shell
|
|
||||||
#!nix-shell -i bash ../shell.nix -I nixpkgs=channel:nixos-unstable-small
|
|
||||||
# ^^^^^^^
|
|
||||||
# Only used for bash. shell.nix goes to the flake.
|
|
||||||
|
|
||||||
# --- CONFIGURATION ---
|
|
||||||
|
|
||||||
# This does double duty for
|
|
||||||
# - including rl-next
|
|
||||||
# - marking where to insert new links (right after)
|
|
||||||
SUMMARY_MARKER_LINE='release-notes/rl-next.md'
|
|
||||||
|
|
||||||
# --- LIB ---
|
|
||||||
|
|
||||||
log() {
|
|
||||||
echo 1>&2 "release-notes:" "$@"
|
|
||||||
}
|
|
||||||
logcmd() {
|
|
||||||
local cmd="$1"
|
|
||||||
shift
|
|
||||||
logcmd2 "$cmd" "${*@Q}" "$cmd" "$@"
|
|
||||||
}
|
|
||||||
logcmd2() {
|
|
||||||
local fakecmd="$1"
|
|
||||||
local fakeargs="$2"
|
|
||||||
shift
|
|
||||||
shift
|
|
||||||
printf 1>&2 "release-notes: \033[34;1m$fakecmd\033[0m "
|
|
||||||
echo "$fakeargs" 1>&2
|
|
||||||
"$@"
|
|
||||||
}
|
|
||||||
die() {
|
|
||||||
# ANSI red
|
|
||||||
printf 1>&2 "release-notes: \033[31;1merror:\033[0m"
|
|
||||||
echo 1>&2 "" "$@"
|
|
||||||
exit 1
|
|
||||||
}
|
|
||||||
confirm() {
|
|
||||||
local answer
|
|
||||||
echo 1>&2 "$@" "[y/n]"
|
|
||||||
read -r answer
|
|
||||||
case "$answer" in
|
|
||||||
y|Y|yes|Yes|YES)
|
|
||||||
return 0
|
|
||||||
;;
|
|
||||||
n|N|no|No|NO)
|
|
||||||
return 1
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
echo 1>&2 "please answer y or n"
|
|
||||||
confirm "$@"
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
}
|
|
||||||
report_done() {
|
|
||||||
logcmd2 "git" "show" git -c pager.show=false show
|
|
||||||
printf 1>&2 "release-notes: \033[32;1mdone\033[0m\n"
|
|
||||||
}
|
|
||||||
|
|
||||||
# --- PARSE ARGS ---
|
|
||||||
|
|
||||||
if [[ $# -gt 0 ]]; then
|
|
||||||
die "Release notes takes no arguments, but make sure to set VERSION."
|
|
||||||
fi
|
|
||||||
|
|
||||||
# --- CHECKS ---
|
|
||||||
|
|
||||||
if [[ ! -e flake.nix ]] || [[ ! -e .git ]]; then
|
|
||||||
die "must run in repo root"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
# repo must be clean
|
|
||||||
if ! git diff --quiet; then
|
|
||||||
die "repo is dirty, please commit or stash changes"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if ! git diff --quiet --cached; then
|
|
||||||
die "repo has staged changes, please commit or stash them"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if ! grep -F "$SUMMARY_MARKER_LINE" doc/manual/src/SUMMARY.md >/dev/null; then
|
|
||||||
# would have been nice to catch this early, but won't be worth the extra infra
|
|
||||||
die "SUMMARY.md is missing the marker line '$SUMMARY_MARKER_LINE', which would be used for inserting a new release notes page. Please fix the script."
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ ! -n "${VERSION:-}" ]]; then
|
|
||||||
die "please set the VERSION environment variable before invoking this script"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
# version_major_minor: MAJOR.MINOR
|
|
||||||
# version_full: MAJOR.MINOR.PATCH
|
|
||||||
# IS_PATCH: true if this is a patch release; append instead of create
|
|
||||||
if grep -E '^[0-9]+\.[0-9]+$' <<< "$VERSION" >/dev/null; then
|
|
||||||
log 'is minor'
|
|
||||||
IS_PATCH=false
|
|
||||||
version_full="$VERSION.0"
|
|
||||||
version_major_minor="$VERSION"
|
|
||||||
elif grep -E '^[0-9]+\.[0-9]+\.0$' <<< "$VERSION" >/dev/null; then
|
|
||||||
log 'is minor (.0)'
|
|
||||||
IS_PATCH=false
|
|
||||||
version_full="$VERSION"
|
|
||||||
version_major_minor="$(echo "$VERSION" | sed -e 's/\.0$//')"
|
|
||||||
elif grep -E '^[0-9]+\.[0-9]+\.[0-9]+$' <<< "$VERSION" >/dev/null; then
|
|
||||||
log 'is patch'
|
|
||||||
IS_PATCH=true
|
|
||||||
version_full="$VERSION"
|
|
||||||
version_major_minor="$(echo "$VERSION" | sed -e 's/\.[0-9]*$//')"
|
|
||||||
else
|
|
||||||
die "VERSION must be MAJOR.MINOR[.PATCH], where each is a number, e.g. 2.20 or 2.20.1 (VERSION was set to $VERSION)"
|
|
||||||
fi
|
|
||||||
|
|
||||||
unset VERSION
|
|
||||||
|
|
||||||
log "version_major_minor=$version_major_minor"
|
|
||||||
log "version_full=$version_full"
|
|
||||||
log "IS_PATCH=$IS_PATCH"
|
|
||||||
|
|
||||||
basename=rl-${version_major_minor}.md
|
|
||||||
file=doc/manual/src/release-notes/$basename
|
|
||||||
|
|
||||||
if ! $IS_PATCH; then
|
|
||||||
if [[ -e $file ]]; then
|
|
||||||
die "release notes file $file already exists. If you'd like to make a minor release, pass a patch version, e.g. 2.20.1"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
# --- DEFAULTS ---
|
|
||||||
|
|
||||||
if [[ ! -n "${DATE:-}" ]]; then
|
|
||||||
DATE="$(date +%Y-%m-%d)"
|
|
||||||
log "DATE not set, using $DATE"
|
|
||||||
fi
|
|
||||||
|
|
||||||
case "$DATE" in
|
|
||||||
[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9])
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
die "DATE must be YYYY-MM-DD, e.g. 2021-12-31 (DATE was set to $DATE)"
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
# --- DO THE WORK ---
|
|
||||||
|
|
||||||
# menu
|
|
||||||
title="Release $version_major_minor ($DATE)"
|
|
||||||
# section on page
|
|
||||||
section_title="Release $version_full ($DATE)"
|
|
||||||
|
|
||||||
(
|
|
||||||
# TODO add minor number, and append?
|
|
||||||
echo "# $section_title"
|
|
||||||
echo
|
|
||||||
build-release-notes --change-authors doc/manual/change-authors.yml doc/manual/rl-next
|
|
||||||
) | tee -a $file
|
|
||||||
|
|
||||||
log "Wrote $file"
|
|
||||||
|
|
||||||
if ! $IS_PATCH; then
|
|
||||||
NEW_SUMMARY_LINE=" - [$title](release-notes/$basename)"
|
|
||||||
|
|
||||||
# find the marker line, insert new link after it
|
|
||||||
escaped_marker="$(echo "$SUMMARY_MARKER_LINE" | sed -e 's/\//\\\//g' -e 's/ /\\ /g')"
|
|
||||||
escaped_line="$(echo "$NEW_SUMMARY_LINE" | sed -e 's/\//\\\//g' -e 's/ /\\ /g')"
|
|
||||||
logcmd sed -i -e "/$escaped_marker/a $escaped_line" doc/manual/src/SUMMARY.md
|
|
||||||
fi
|
|
||||||
|
|
||||||
for f in doc/manual/rl-next/*.md; do
|
|
||||||
if [[ config != "$(basename $f)" ]]; then
|
|
||||||
logcmd git rm $f
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
|
|
||||||
logcmd git add $file doc/manual/src/SUMMARY.md
|
|
||||||
logcmd git status
|
|
||||||
logcmd git commit -m "release notes: $version_full"
|
|
||||||
|
|
||||||
report_done
|
|
|
@ -1,196 +0,0 @@
|
||||||
# Nix release process
|
|
||||||
|
|
||||||
## Release artifacts
|
|
||||||
|
|
||||||
The release process is intended to create the following for each
|
|
||||||
release:
|
|
||||||
|
|
||||||
* A Git tag
|
|
||||||
|
|
||||||
* Binary tarballs in https://releases.nixos.org/?prefix=nix/
|
|
||||||
|
|
||||||
* Docker images
|
|
||||||
|
|
||||||
* Closures in https://cache.nixos.org
|
|
||||||
|
|
||||||
* (Optionally) Updated `fallback-paths.nix` in Nixpkgs
|
|
||||||
|
|
||||||
* An updated manual on https://nixos.org/manual/nix/stable/
|
|
||||||
|
|
||||||
## Creating a new release from the `master` branch
|
|
||||||
|
|
||||||
* Make sure that the [Hydra `master` jobset](https://hydra.nixos.org/jobset/nix/master) succeeds.
|
|
||||||
|
|
||||||
* In a checkout of the Nix repo, make sure you're on `master` and run
|
|
||||||
`git pull`.
|
|
||||||
|
|
||||||
* Compile the release notes by running
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ git checkout -b release-notes
|
|
||||||
$ VERSION=X.YY ./maintainers/release-notes
|
|
||||||
```
|
|
||||||
|
|
||||||
where `X.YY` is *without* the patch level, e.g. `2.12` rather than ~~`2.12.0`~~.
|
|
||||||
|
|
||||||
A commit is created.
|
|
||||||
|
|
||||||
* Proof-read / edit / rearrange the release notes if needed. Breaking changes
|
|
||||||
and highlights should go to the top.
|
|
||||||
|
|
||||||
* Push.
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ git push --set-upstream $REMOTE release-notes
|
|
||||||
```
|
|
||||||
|
|
||||||
* Create a PR for `release-notes`.
|
|
||||||
|
|
||||||
* Wait for the PR to be merged.
|
|
||||||
|
|
||||||
* Create a branch for the release:
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ git checkout master
|
|
||||||
$ git pull
|
|
||||||
$ git checkout -b $VERSION-maintenance
|
|
||||||
```
|
|
||||||
|
|
||||||
* Mark the release as official:
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ sed -e 's/officialRelease = false;/officialRelease = true;/' -i flake.nix
|
|
||||||
$ sed -e '/rl-next.md/ d' -i doc/manual/src/SUMMARY.md
|
|
||||||
```
|
|
||||||
|
|
||||||
This removes the link to `rl-next.md` from the manual and sets
|
|
||||||
`officialRelease = true` in `flake.nix`.
|
|
||||||
|
|
||||||
* Commit
|
|
||||||
|
|
||||||
* Push the release branch:
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ git push --set-upstream origin $VERSION-maintenance
|
|
||||||
```
|
|
||||||
|
|
||||||
* Create a jobset for the release branch on Hydra as follows:
|
|
||||||
|
|
||||||
* Go to the jobset of the previous release
|
|
||||||
(e.g. https://hydra.nixos.org/jobset/nix/maintenance-2.11).
|
|
||||||
|
|
||||||
* Select `Actions -> Clone this jobset`.
|
|
||||||
|
|
||||||
* Set identifier to `maintenance-$VERSION`.
|
|
||||||
|
|
||||||
* Set description to `$VERSION release branch`.
|
|
||||||
|
|
||||||
* Set flake URL to `github:NixOS/nix/$VERSION-maintenance`.
|
|
||||||
|
|
||||||
* Hit `Create jobset`.
|
|
||||||
|
|
||||||
* Wait for the new jobset to evaluate and build. If impatient, go to
|
|
||||||
the evaluation and select `Actions -> Bump builds to front of
|
|
||||||
queue`.
|
|
||||||
|
|
||||||
* When the jobset evaluation has succeeded building, take note of the
|
|
||||||
evaluation ID (e.g. `1780832` in
|
|
||||||
`https://hydra.nixos.org/eval/1780832`).
|
|
||||||
|
|
||||||
* Tag the release and upload the release artifacts to
|
|
||||||
[`releases.nixos.org`](https://releases.nixos.org/) and [Docker Hub](https://hub.docker.com/):
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ IS_LATEST=1 ./maintainers/upload-release.pl <EVAL-ID>
|
|
||||||
```
|
|
||||||
|
|
||||||
Note: `IS_LATEST=1` causes the `latest-release` branch to be
|
|
||||||
force-updated. This is used by the `nixos.org` website to get the
|
|
||||||
[latest Nix manual](https://nixos.org/manual/nixpkgs/unstable/).
|
|
||||||
|
|
||||||
TODO: This script requires the right AWS credentials. Document.
|
|
||||||
|
|
||||||
TODO: This script currently requires a
|
|
||||||
`/home/eelco/Dev/nix-pristine`.
|
|
||||||
|
|
||||||
TODO: trigger nixos.org netlify: https://docs.netlify.com/configure-builds/build-hooks/
|
|
||||||
|
|
||||||
* Prepare for the next point release by editing `.version` to
|
|
||||||
e.g.
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ echo 2.12.1 > .version
|
|
||||||
$ git commit -a -m 'Bump version'
|
|
||||||
$ git push
|
|
||||||
```
|
|
||||||
|
|
||||||
Commit and push this to the maintenance branch.
|
|
||||||
|
|
||||||
* Bump the version of `master`:
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ git checkout master
|
|
||||||
$ git pull
|
|
||||||
$ NEW_VERSION=2.13.0
|
|
||||||
$ echo $NEW_VERSION > .version
|
|
||||||
$ git checkout -b bump-$NEW_VERSION
|
|
||||||
$ git commit -a -m 'Bump version'
|
|
||||||
$ git push --set-upstream origin bump-$NEW_VERSION
|
|
||||||
```
|
|
||||||
|
|
||||||
Make a pull request and auto-merge it.
|
|
||||||
|
|
||||||
* Create a milestone for the next release, move all unresolved issues
|
|
||||||
from the previous milestone, and close the previous milestone. Set
|
|
||||||
the date for the next milestone 6 weeks from now.
|
|
||||||
|
|
||||||
* Create a backport label.
|
|
||||||
|
|
||||||
* Post an [announcement on Discourse](https://discourse.nixos.org/c/announcements/8), including the contents of
|
|
||||||
`rl-$VERSION.md`.
|
|
||||||
|
|
||||||
## Creating a point release
|
|
||||||
|
|
||||||
* Checkout.
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ git checkout XX.YY-maintenance
|
|
||||||
```
|
|
||||||
|
|
||||||
* Determine the next patch version.
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ export VERSION=XX.YY.ZZ
|
|
||||||
```
|
|
||||||
|
|
||||||
* Update release notes.
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ ./maintainers/release-notes
|
|
||||||
```
|
|
||||||
|
|
||||||
* Push.
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ git push
|
|
||||||
```
|
|
||||||
|
|
||||||
* Wait for the desired evaluation of the maintenance jobset to finish
|
|
||||||
building.
|
|
||||||
|
|
||||||
* Run
|
|
||||||
|
|
||||||
```console
|
|
||||||
$ IS_LATEST=1 ./maintainers/upload-release.pl <EVAL-ID>
|
|
||||||
```
|
|
||||||
|
|
||||||
Omit `IS_LATEST=1` when creating a point release that is not on the
|
|
||||||
most recent stable branch. This prevents `nixos.org` to going back
|
|
||||||
to an older release.
|
|
||||||
|
|
||||||
* Bump the version number of the release branch as above (e.g. to
|
|
||||||
`2.12.2`).
|
|
||||||
|
|
||||||
## Recovering from mistakes
|
|
||||||
|
|
||||||
`upload-release.pl` should be idempotent. For instance a wrong `IS_LATEST` value can be fixed that way, by running the script on the actual latest release.
|
|
|
@ -1,256 +0,0 @@
|
||||||
#! /usr/bin/env nix-shell
|
|
||||||
#! nix-shell -i perl -p perl perlPackages.LWPUserAgent perlPackages.LWPProtocolHttps perlPackages.FileSlurp perlPackages.NetAmazonS3 gnupg1
|
|
||||||
|
|
||||||
use strict;
|
|
||||||
use Data::Dumper;
|
|
||||||
use File::Basename;
|
|
||||||
use File::Path;
|
|
||||||
use File::Slurp;
|
|
||||||
use File::Copy;
|
|
||||||
use JSON::PP;
|
|
||||||
use LWP::UserAgent;
|
|
||||||
use Net::Amazon::S3;
|
|
||||||
|
|
||||||
my $evalId = $ARGV[0] or die "Usage: $0 EVAL-ID\n";
|
|
||||||
|
|
||||||
my $releasesBucketName = "nix-releases";
|
|
||||||
my $channelsBucketName = "nix-channels";
|
|
||||||
|
|
||||||
my $TMPDIR = $ENV{'TMPDIR'} // "/tmp";
|
|
||||||
|
|
||||||
my $isLatest = ($ENV{'IS_LATEST'} // "") eq "1";
|
|
||||||
|
|
||||||
# FIXME: cut&paste from nixos-channel-scripts.
|
|
||||||
sub fetch {
|
|
||||||
my ($url, $type) = @_;
|
|
||||||
|
|
||||||
my $ua = LWP::UserAgent->new;
|
|
||||||
$ua->default_header('Accept', $type) if defined $type;
|
|
||||||
|
|
||||||
my $response = $ua->get($url);
|
|
||||||
die "could not download $url: ", $response->status_line, "\n" unless $response->is_success;
|
|
||||||
|
|
||||||
return $response->decoded_content;
|
|
||||||
}
|
|
||||||
|
|
||||||
my $evalUrl = "https://hydra.nixos.org/eval/$evalId";
|
|
||||||
my $evalInfo = decode_json(fetch($evalUrl, 'application/json'));
|
|
||||||
#print Dumper($evalInfo);
|
|
||||||
my $flakeUrl = $evalInfo->{flake} or die;
|
|
||||||
my $flakeInfo = decode_json(`nix flake metadata --json "$flakeUrl"` or die);
|
|
||||||
my $nixRev = $flakeInfo->{revision} or die;
|
|
||||||
|
|
||||||
my $buildInfo = decode_json(fetch("$evalUrl/job/build.x86_64-linux", 'application/json'));
|
|
||||||
#print Dumper($buildInfo);
|
|
||||||
|
|
||||||
my $releaseName = $buildInfo->{nixname};
|
|
||||||
$releaseName =~ /nix-(.*)$/ or die;
|
|
||||||
my $version = $1;
|
|
||||||
|
|
||||||
print STDERR "Flake URL is $flakeUrl, Nix revision is $nixRev, version is $version\n";
|
|
||||||
|
|
||||||
my $releaseDir = "nix/$releaseName";
|
|
||||||
|
|
||||||
my $tmpDir = "$TMPDIR/nix-release/$releaseName";
|
|
||||||
File::Path::make_path($tmpDir);
|
|
||||||
|
|
||||||
my $narCache = "$TMPDIR/nar-cache";
|
|
||||||
File::Path::make_path($narCache);
|
|
||||||
|
|
||||||
my $binaryCache = "https://cache.nixos.org/?local-nar-cache=$narCache";
|
|
||||||
|
|
||||||
# S3 setup.
|
|
||||||
my $aws_access_key_id = $ENV{'AWS_ACCESS_KEY_ID'} or die "No AWS_ACCESS_KEY_ID given.";
|
|
||||||
my $aws_secret_access_key = $ENV{'AWS_SECRET_ACCESS_KEY'} or die "No AWS_SECRET_ACCESS_KEY given.";
|
|
||||||
|
|
||||||
my $s3 = Net::Amazon::S3->new(
|
|
||||||
{ aws_access_key_id => $aws_access_key_id,
|
|
||||||
aws_secret_access_key => $aws_secret_access_key,
|
|
||||||
retry => 1,
|
|
||||||
host => "s3-eu-west-1.amazonaws.com",
|
|
||||||
});
|
|
||||||
|
|
||||||
my $releasesBucket = $s3->bucket($releasesBucketName) or die;
|
|
||||||
|
|
||||||
my $s3_us = Net::Amazon::S3->new(
|
|
||||||
{ aws_access_key_id => $aws_access_key_id,
|
|
||||||
aws_secret_access_key => $aws_secret_access_key,
|
|
||||||
retry => 1,
|
|
||||||
});
|
|
||||||
|
|
||||||
my $channelsBucket = $s3_us->bucket($channelsBucketName) or die;
|
|
||||||
|
|
||||||
sub getStorePath {
|
|
||||||
my ($jobName, $output) = @_;
|
|
||||||
my $buildInfo = decode_json(fetch("$evalUrl/job/$jobName", 'application/json'));
|
|
||||||
return $buildInfo->{buildoutputs}->{$output or "out"}->{path} or die "cannot get store path for '$jobName'";
|
|
||||||
}
|
|
||||||
|
|
||||||
sub copyManual {
|
|
||||||
my $manual = getStorePath("build.x86_64-linux", "doc");
|
|
||||||
print "$manual\n";
|
|
||||||
|
|
||||||
my $manualNar = "$tmpDir/$releaseName-manual.nar.xz";
|
|
||||||
print "$manualNar\n";
|
|
||||||
|
|
||||||
unless (-e $manualNar) {
|
|
||||||
system("NIX_REMOTE=$binaryCache nix store dump-path '$manual' | xz > '$manualNar'.tmp") == 0
|
|
||||||
or die "unable to fetch $manual\n";
|
|
||||||
rename("$manualNar.tmp", $manualNar) or die;
|
|
||||||
}
|
|
||||||
|
|
||||||
unless (-e "$tmpDir/manual") {
|
|
||||||
system("xz -d < '$manualNar' | nix-store --restore $tmpDir/manual.tmp") == 0
|
|
||||||
or die "unable to unpack $manualNar\n";
|
|
||||||
rename("$tmpDir/manual.tmp/share/doc/nix/manual", "$tmpDir/manual") or die;
|
|
||||||
system("rm -rf '$tmpDir/manual.tmp'") == 0 or die;
|
|
||||||
}
|
|
||||||
|
|
||||||
system("aws s3 sync '$tmpDir/manual' s3://$releasesBucketName/$releaseDir/manual") == 0
|
|
||||||
or die "syncing manual to S3\n";
|
|
||||||
}
|
|
||||||
|
|
||||||
copyManual;
|
|
||||||
|
|
||||||
sub downloadFile {
|
|
||||||
my ($jobName, $productNr, $dstName) = @_;
|
|
||||||
|
|
||||||
my $buildInfo = decode_json(fetch("$evalUrl/job/$jobName", 'application/json'));
|
|
||||||
#print STDERR "$jobName: ", Dumper($buildInfo), "\n";
|
|
||||||
|
|
||||||
my $srcFile = $buildInfo->{buildproducts}->{$productNr}->{path} or die "job '$jobName' lacks product $productNr\n";
|
|
||||||
$dstName //= basename($srcFile);
|
|
||||||
my $tmpFile = "$tmpDir/$dstName";
|
|
||||||
|
|
||||||
if (!-e $tmpFile) {
|
|
||||||
print STDERR "downloading $srcFile to $tmpFile...\n";
|
|
||||||
|
|
||||||
my $fileInfo = decode_json(`NIX_REMOTE=$binaryCache nix store ls --json '$srcFile'`);
|
|
||||||
|
|
||||||
$srcFile = $fileInfo->{target} if $fileInfo->{type} eq 'symlink';
|
|
||||||
|
|
||||||
#print STDERR $srcFile, " ", Dumper($fileInfo), "\n";
|
|
||||||
|
|
||||||
system("NIX_REMOTE=$binaryCache nix store cat '$srcFile' > '$tmpFile'.tmp") == 0
|
|
||||||
or die "unable to fetch $srcFile\n";
|
|
||||||
rename("$tmpFile.tmp", $tmpFile) or die;
|
|
||||||
}
|
|
||||||
|
|
||||||
my $sha256_expected = $buildInfo->{buildproducts}->{$productNr}->{sha256hash};
|
|
||||||
my $sha256_actual = `nix hash file --base16 --type sha256 '$tmpFile'`;
|
|
||||||
chomp $sha256_actual;
|
|
||||||
if (defined($sha256_expected) && $sha256_expected ne $sha256_actual) {
|
|
||||||
print STDERR "file $tmpFile is corrupt, got $sha256_actual, expected $sha256_expected\n";
|
|
||||||
exit 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
write_file("$tmpFile.sha256", $sha256_actual);
|
|
||||||
|
|
||||||
return $sha256_expected;
|
|
||||||
}
|
|
||||||
|
|
||||||
downloadFile("binaryTarball.i686-linux", "1");
|
|
||||||
downloadFile("binaryTarball.x86_64-linux", "1");
|
|
||||||
downloadFile("binaryTarball.aarch64-linux", "1");
|
|
||||||
downloadFile("binaryTarball.x86_64-darwin", "1");
|
|
||||||
downloadFile("binaryTarball.aarch64-darwin", "1");
|
|
||||||
downloadFile("binaryTarballCross.x86_64-linux.armv6l-linux", "1");
|
|
||||||
downloadFile("binaryTarballCross.x86_64-linux.armv7l-linux", "1");
|
|
||||||
downloadFile("installerScript", "1");
|
|
||||||
|
|
||||||
# Upload docker images to dockerhub.
|
|
||||||
my $dockerManifest = "";
|
|
||||||
my $dockerManifestLatest = "";
|
|
||||||
|
|
||||||
for my $platforms (["x86_64-linux", "amd64"], ["aarch64-linux", "arm64"]) {
|
|
||||||
my $system = $platforms->[0];
|
|
||||||
my $dockerPlatform = $platforms->[1];
|
|
||||||
my $fn = "nix-$version-docker-image-$dockerPlatform.tar.gz";
|
|
||||||
downloadFile("dockerImage.$system", "1", $fn);
|
|
||||||
|
|
||||||
print STDERR "loading docker image for $dockerPlatform...\n";
|
|
||||||
system("docker load -i $tmpDir/$fn") == 0 or die;
|
|
||||||
|
|
||||||
my $tag = "nixos/nix:$version-$dockerPlatform";
|
|
||||||
my $latestTag = "nixos/nix:latest-$dockerPlatform";
|
|
||||||
|
|
||||||
print STDERR "tagging $version docker image for $dockerPlatform...\n";
|
|
||||||
system("docker tag nix:$version $tag") == 0 or die;
|
|
||||||
|
|
||||||
if ($isLatest) {
|
|
||||||
print STDERR "tagging latest docker image for $dockerPlatform...\n";
|
|
||||||
system("docker tag nix:$version $latestTag") == 0 or die;
|
|
||||||
}
|
|
||||||
|
|
||||||
print STDERR "pushing $version docker image for $dockerPlatform...\n";
|
|
||||||
system("docker push -q $tag") == 0 or die;
|
|
||||||
|
|
||||||
if ($isLatest) {
|
|
||||||
print STDERR "pushing latest docker image for $dockerPlatform...\n";
|
|
||||||
system("docker push -q $latestTag") == 0 or die;
|
|
||||||
}
|
|
||||||
|
|
||||||
$dockerManifest .= " --amend $tag";
|
|
||||||
$dockerManifestLatest .= " --amend $latestTag"
|
|
||||||
}
|
|
||||||
|
|
||||||
print STDERR "creating multi-platform docker manifest...\n";
|
|
||||||
system("docker manifest rm nixos/nix:$version");
|
|
||||||
system("docker manifest create nixos/nix:$version $dockerManifest") == 0 or die;
|
|
||||||
if ($isLatest) {
|
|
||||||
print STDERR "creating latest multi-platform docker manifest...\n";
|
|
||||||
system("docker manifest rm nixos/nix:latest");
|
|
||||||
system("docker manifest create nixos/nix:latest $dockerManifestLatest") == 0 or die;
|
|
||||||
}
|
|
||||||
|
|
||||||
print STDERR "pushing multi-platform docker manifest...\n";
|
|
||||||
system("docker manifest push nixos/nix:$version") == 0 or die;
|
|
||||||
|
|
||||||
if ($isLatest) {
|
|
||||||
print STDERR "pushing latest multi-platform docker manifest...\n";
|
|
||||||
system("docker manifest push nixos/nix:latest") == 0 or die;
|
|
||||||
}
|
|
||||||
|
|
||||||
# Upload nix-fallback-paths.nix.
|
|
||||||
write_file("$tmpDir/fallback-paths.nix",
|
|
||||||
"{\n" .
|
|
||||||
" x86_64-linux = \"" . getStorePath("build.x86_64-linux") . "\";\n" .
|
|
||||||
" i686-linux = \"" . getStorePath("build.i686-linux") . "\";\n" .
|
|
||||||
" aarch64-linux = \"" . getStorePath("build.aarch64-linux") . "\";\n" .
|
|
||||||
" x86_64-darwin = \"" . getStorePath("build.x86_64-darwin") . "\";\n" .
|
|
||||||
" aarch64-darwin = \"" . getStorePath("build.aarch64-darwin") . "\";\n" .
|
|
||||||
"}\n");
|
|
||||||
|
|
||||||
# Upload release files to S3.
|
|
||||||
for my $fn (glob "$tmpDir/*") {
|
|
||||||
my $name = basename($fn);
|
|
||||||
next if $name eq "manual";
|
|
||||||
my $dstKey = "$releaseDir/" . $name;
|
|
||||||
unless (defined $releasesBucket->head_key($dstKey)) {
|
|
||||||
print STDERR "uploading $fn to s3://$releasesBucketName/$dstKey...\n";
|
|
||||||
|
|
||||||
my $configuration = ();
|
|
||||||
$configuration->{content_type} = "application/octet-stream";
|
|
||||||
|
|
||||||
if ($fn =~ /.sha256|install|\.nix$/) {
|
|
||||||
$configuration->{content_type} = "text/plain";
|
|
||||||
}
|
|
||||||
|
|
||||||
$releasesBucket->add_key_filename($dstKey, $fn, $configuration)
|
|
||||||
or die $releasesBucket->err . ": " . $releasesBucket->errstr;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
# Update the "latest" symlink.
|
|
||||||
$channelsBucket->add_key(
|
|
||||||
"nix-latest/install", "",
|
|
||||||
{ "x-amz-website-redirect-location" => "https://releases.nixos.org/$releaseDir/install" })
|
|
||||||
or die $channelsBucket->err . ": " . $channelsBucket->errstr
|
|
||||||
if $isLatest;
|
|
||||||
|
|
||||||
# Tag the release in Git.
|
|
||||||
chdir("/home/eelco/Dev/nix-pristine") or die;
|
|
||||||
system("git remote update origin") == 0 or die;
|
|
||||||
system("git tag --force --sign $version $nixRev -m 'Tagging release $version'") == 0 or die;
|
|
||||||
system("git push --tags") == 0 or die;
|
|
||||||
system("git push --force-with-lease origin $nixRev:refs/heads/latest-release") == 0 or die if $isLatest;
|
|
77
meson.build
77
meson.build
|
@ -17,6 +17,19 @@
|
||||||
#
|
#
|
||||||
# Finally, src/nix/meson.build defines the Nix command itself, relying on all prior meson files.
|
# Finally, src/nix/meson.build defines the Nix command itself, relying on all prior meson files.
|
||||||
#
|
#
|
||||||
|
# libstore, libexpr, and libfetchers have some special handling to make static builds work.
|
||||||
|
# Their use static constructors for dynamic registration of primops, store backends, etc
|
||||||
|
# gets borked during static link. We can't simply wholesale apply `link_whole :` either,
|
||||||
|
# because these libraries get linked multiple times since Lix's components are transitively
|
||||||
|
# dependent. So instead, each of those libraries have two dependency objects:
|
||||||
|
# liblix{store,expr,fetchers,util} and liblix{store,expr,fetchers,util}_mstatic ("maybe static").
|
||||||
|
# The _mstatic versions should be used in the `dependencies :` arguments to ALL EXECUTABLES
|
||||||
|
# but executables ONLY. When we are not building statically (default_library != 'static'),
|
||||||
|
# they are equivalent. When we are building statically, the _mstatic version will be
|
||||||
|
# `link_whole :` rather than `link_with :`.
|
||||||
|
# FIXME: This hack should be removed when https://git.lix.systems/lix-project/lix/issues/359
|
||||||
|
# is fixed.
|
||||||
|
#
|
||||||
# Unit tests are setup in tests/unit/meson.build, under the test suite "check".
|
# Unit tests are setup in tests/unit/meson.build, under the test suite "check".
|
||||||
#
|
#
|
||||||
# Functional tests are a bit more complicated. Generally they're defined in
|
# Functional tests are a bit more complicated. Generally they're defined in
|
||||||
|
@ -26,7 +39,7 @@
|
||||||
# in the build directory.
|
# in the build directory.
|
||||||
|
|
||||||
project('lix', 'cpp',
|
project('lix', 'cpp',
|
||||||
version : run_command('bash', '-c', 'echo -n $(cat ./.version)$VERSION_SUFFIX', check : true).stdout().strip(),
|
version : run_command('bash', '-c', 'echo -n $(jq -r .version < ./version.json)$VERSION_SUFFIX', check : true).stdout().strip(),
|
||||||
default_options : [
|
default_options : [
|
||||||
'cpp_std=c++2a',
|
'cpp_std=c++2a',
|
||||||
# TODO(Qyriad): increase the warning level
|
# TODO(Qyriad): increase the warning level
|
||||||
|
@ -79,6 +92,8 @@ if not fs.is_absolute(sysconfdir)
|
||||||
sysconfdir = '/' / sysconfdir
|
sysconfdir = '/' / sysconfdir
|
||||||
endif
|
endif
|
||||||
|
|
||||||
|
is_static = get_option('default_library') == 'static'
|
||||||
|
|
||||||
# All of this has to go before the rest of the dependency checking,
|
# All of this has to go before the rest of the dependency checking,
|
||||||
# so that internal-api-docs can be built with -Denable-build=false
|
# so that internal-api-docs can be built with -Denable-build=false
|
||||||
|
|
||||||
|
@ -114,6 +129,20 @@ endif
|
||||||
|
|
||||||
cxx = meson.get_compiler('cpp')
|
cxx = meson.get_compiler('cpp')
|
||||||
|
|
||||||
|
|
||||||
|
# clangd breaks when GCC is using precompiled headers lmao
|
||||||
|
# https://git.lix.systems/lix-project/lix/issues/374
|
||||||
|
should_pch = get_option('enable-pch-std')
|
||||||
|
summary('PCH C++ stdlib', should_pch, bool_yn : true)
|
||||||
|
if should_pch
|
||||||
|
# Unlike basically everything else that takes a file, Meson requires the arguments to
|
||||||
|
# cpp_pch : to be strings and doesn't accept files(). So absolute path it is.
|
||||||
|
cpp_pch = [meson.project_source_root() / 'src/pch/precompiled-headers.hh']
|
||||||
|
else
|
||||||
|
cpp_pch = []
|
||||||
|
endif
|
||||||
|
|
||||||
|
|
||||||
# Translate some historical and Mesony CPU names to Lixy CPU names.
|
# Translate some historical and Mesony CPU names to Lixy CPU names.
|
||||||
# FIXME(Qyriad): the 32-bit x86 code is not tested right now, because cross compilation for Lix
|
# FIXME(Qyriad): the 32-bit x86 code is not tested right now, because cross compilation for Lix
|
||||||
# to those architectures is currently broken for other reasons, namely:
|
# to those architectures is currently broken for other reasons, namely:
|
||||||
|
@ -153,23 +182,18 @@ elif is_linux
|
||||||
# Clang sanitizers on Linux.
|
# Clang sanitizers on Linux.
|
||||||
# FIXME(Qyriad): is that true?
|
# FIXME(Qyriad): is that true?
|
||||||
endif
|
endif
|
||||||
deps = [ ]
|
|
||||||
configdata = { }
|
configdata = { }
|
||||||
|
|
||||||
#
|
#
|
||||||
# Dependencies
|
# Dependencies
|
||||||
#
|
#
|
||||||
|
|
||||||
boehm = dependency('bdw-gc', required : get_option('gc'))
|
boehm = dependency('bdw-gc', required : get_option('gc'), version : '>=8.2.6')
|
||||||
if boehm.found()
|
|
||||||
deps += boehm
|
|
||||||
endif
|
|
||||||
configdata += {
|
configdata += {
|
||||||
'HAVE_BOEHMGC': boehm.found().to_int(),
|
'HAVE_BOEHMGC': boehm.found().to_int(),
|
||||||
}
|
}
|
||||||
|
|
||||||
boost = dependency('boost', required : true, modules : ['context', 'coroutine', 'container'])
|
boost = dependency('boost', required : true, modules : ['context', 'coroutine', 'container'])
|
||||||
deps += boost
|
|
||||||
|
|
||||||
# cpuid only makes sense on x86_64
|
# cpuid only makes sense on x86_64
|
||||||
cpuid_required = is_x64 ? get_option('cpuid') : false
|
cpuid_required = is_x64 ? get_option('cpuid') : false
|
||||||
|
@ -177,30 +201,29 @@ cpuid = dependency('libcpuid', 'cpuid', required : cpuid_required)
|
||||||
configdata += {
|
configdata += {
|
||||||
'HAVE_LIBCPUID': cpuid.found().to_int(),
|
'HAVE_LIBCPUID': cpuid.found().to_int(),
|
||||||
}
|
}
|
||||||
deps += cpuid
|
|
||||||
|
|
||||||
# seccomp only makes sense on Linux
|
# seccomp only makes sense on Linux
|
||||||
seccomp_required = is_linux ? get_option('seccomp-sandboxing') : false
|
seccomp_required = is_linux ? get_option('seccomp-sandboxing') : false
|
||||||
seccomp = dependency('libseccomp', 'seccomp', required : seccomp_required, version : '>=2.5.5')
|
seccomp = dependency('libseccomp', 'seccomp', required : seccomp_required, version : '>=2.5.5')
|
||||||
|
if is_linux and not seccomp.found()
|
||||||
|
warning('Sandbox security is reduced because libseccomp has not been found! Please provide libseccomp if it supports your CPU architecture.')
|
||||||
|
endif
|
||||||
configdata += {
|
configdata += {
|
||||||
'HAVE_SECCOMP': seccomp.found().to_int(),
|
'HAVE_SECCOMP': seccomp.found().to_int(),
|
||||||
}
|
}
|
||||||
|
|
||||||
libarchive = dependency('libarchive', required : true)
|
libarchive = dependency('libarchive', required : true)
|
||||||
deps += libarchive
|
|
||||||
|
|
||||||
brotli = [
|
brotli = [
|
||||||
dependency('libbrotlicommon', required : true),
|
dependency('libbrotlicommon', required : true),
|
||||||
dependency('libbrotlidec', required : true),
|
dependency('libbrotlidec', required : true),
|
||||||
dependency('libbrotlienc', required : true),
|
dependency('libbrotlienc', required : true),
|
||||||
]
|
]
|
||||||
deps += brotli
|
|
||||||
|
|
||||||
openssl = dependency('libcrypto', 'openssl', required : true)
|
openssl = dependency('libcrypto', 'openssl', required : true)
|
||||||
deps += openssl
|
|
||||||
|
|
||||||
aws_sdk = dependency('aws-cpp-sdk-core', required : false)
|
aws_sdk = dependency('aws-cpp-sdk-core', required : false)
|
||||||
aws_sdk_transfer = dependency('aws-cpp-sdk-transfer', required : aws_sdk.found())
|
aws_sdk_transfer = dependency('aws-cpp-sdk-transfer', required : aws_sdk.found(), fallback : ['aws_sdk', 'aws_cpp_sdk_transfer_dep'])
|
||||||
if aws_sdk.found()
|
if aws_sdk.found()
|
||||||
# The AWS pkg-config adds -std=c++11.
|
# The AWS pkg-config adds -std=c++11.
|
||||||
# https://github.com/aws/aws-sdk-cpp/issues/2673
|
# https://github.com/aws/aws-sdk-cpp/issues/2673
|
||||||
|
@ -211,7 +234,6 @@ if aws_sdk.found()
|
||||||
links : true,
|
links : true,
|
||||||
sources : true,
|
sources : true,
|
||||||
)
|
)
|
||||||
deps += aws_sdk
|
|
||||||
s = aws_sdk.version().split('.')
|
s = aws_sdk.version().split('.')
|
||||||
configdata += {
|
configdata += {
|
||||||
'AWS_VERSION_MAJOR': s[0].to_int(),
|
'AWS_VERSION_MAJOR': s[0].to_int(),
|
||||||
|
@ -227,7 +249,7 @@ if aws_sdk.found()
|
||||||
)
|
)
|
||||||
endif
|
endif
|
||||||
|
|
||||||
aws_s3 = dependency('aws-cpp-sdk-s3', required : false)
|
aws_s3 = dependency('aws-cpp-sdk-s3', required : aws_sdk.found(), fallback : ['aws_sdk', 'aws_cpp_sdk_s3_dep'])
|
||||||
if aws_s3.found()
|
if aws_s3.found()
|
||||||
# The AWS pkg-config adds -std=c++11.
|
# The AWS pkg-config adds -std=c++11.
|
||||||
# https://github.com/aws/aws-sdk-cpp/issues/2673
|
# https://github.com/aws/aws-sdk-cpp/issues/2673
|
||||||
|
@ -238,7 +260,6 @@ if aws_s3.found()
|
||||||
links : true,
|
links : true,
|
||||||
sources : true,
|
sources : true,
|
||||||
)
|
)
|
||||||
deps += aws_s3
|
|
||||||
endif
|
endif
|
||||||
|
|
||||||
configdata += {
|
configdata += {
|
||||||
|
@ -246,26 +267,20 @@ configdata += {
|
||||||
}
|
}
|
||||||
|
|
||||||
sqlite = dependency('sqlite3', 'sqlite', version : '>=3.6.19', required : true)
|
sqlite = dependency('sqlite3', 'sqlite', version : '>=3.6.19', required : true)
|
||||||
deps += sqlite
|
|
||||||
|
|
||||||
sodium = dependency('libsodium', 'sodium', required : true)
|
sodium = dependency('libsodium', 'sodium', required : true)
|
||||||
deps += sodium
|
|
||||||
|
|
||||||
curl = dependency('libcurl', 'curl', required : true)
|
curl = dependency('libcurl', 'curl', required : true)
|
||||||
deps += curl
|
|
||||||
|
|
||||||
editline = dependency('libeditline', 'editline', version : '>=1.14', required : true)
|
editline = dependency('libeditline', 'editline', version : '>=1.14', required : true)
|
||||||
deps += editline
|
|
||||||
|
|
||||||
lowdown = dependency('lowdown', version : '>=0.9.0', required : true)
|
lowdown = dependency('lowdown', version : '>=0.9.0', required : true)
|
||||||
deps += lowdown
|
|
||||||
|
|
||||||
# HACK(Qyriad): rapidcheck's pkg-config doesn't include the libs lol
|
# HACK(Qyriad): rapidcheck's pkg-config doesn't include the libs lol
|
||||||
# Note: technically we 'check' for rapidcheck twice, for the internal-api-docs handling above,
|
# Note: technically we 'check' for rapidcheck twice, for the internal-api-docs handling above,
|
||||||
# but Meson will cache the result of the first one, and the required : arguments are different.
|
# but Meson will cache the result of the first one, and the required : arguments are different.
|
||||||
rapidcheck_meson = dependency('rapidcheck', required : enable_tests)
|
rapidcheck_meson = dependency('rapidcheck', required : enable_tests)
|
||||||
rapidcheck = declare_dependency(dependencies : rapidcheck_meson, link_args : ['-lrapidcheck'])
|
rapidcheck = declare_dependency(dependencies : rapidcheck_meson, link_args : ['-lrapidcheck'])
|
||||||
deps += rapidcheck
|
|
||||||
|
|
||||||
gtest = [
|
gtest = [
|
||||||
dependency('gtest', required : enable_tests),
|
dependency('gtest', required : enable_tests),
|
||||||
|
@ -273,13 +288,10 @@ gtest = [
|
||||||
dependency('gmock', required : enable_tests),
|
dependency('gmock', required : enable_tests),
|
||||||
dependency('gmock_main', required : enable_tests),
|
dependency('gmock_main', required : enable_tests),
|
||||||
]
|
]
|
||||||
deps += gtest
|
|
||||||
|
|
||||||
toml11 = dependency('toml11', version : '>=3.7.0', required : true, method : 'cmake')
|
toml11 = dependency('toml11', version : '>=3.7.0', required : true, method : 'cmake')
|
||||||
deps += toml11
|
|
||||||
|
|
||||||
nlohmann_json = dependency('nlohmann_json', required : true)
|
nlohmann_json = dependency('nlohmann_json', required : true)
|
||||||
deps += nlohmann_json
|
|
||||||
|
|
||||||
# lix-doc is a Rust project provided via buildInputs and unfortunately doesn't have any way to be detected.
|
# lix-doc is a Rust project provided via buildInputs and unfortunately doesn't have any way to be detected.
|
||||||
# Just declare it manually to resolve this.
|
# Just declare it manually to resolve this.
|
||||||
|
@ -287,7 +299,6 @@ deps += nlohmann_json
|
||||||
# FIXME: build this with meson in the future after we drop Make (with which we
|
# FIXME: build this with meson in the future after we drop Make (with which we
|
||||||
# *absolutely* are not going to make it work)
|
# *absolutely* are not going to make it work)
|
||||||
lix_doc = declare_dependency(link_args : [ '-llix_doc' ])
|
lix_doc = declare_dependency(link_args : [ '-llix_doc' ])
|
||||||
deps += lix_doc
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# Build-time tools
|
# Build-time tools
|
||||||
|
@ -395,7 +406,21 @@ config_h = configure_file(
|
||||||
output : 'config.h',
|
output : 'config.h',
|
||||||
)
|
)
|
||||||
|
|
||||||
install_headers(config_h, subdir : 'nix')
|
install_headers(config_h, subdir : 'lix')
|
||||||
|
|
||||||
|
# FIXME: not using the pkg-config module because it creates way too many deps
|
||||||
|
# while meson migration is in progress, and we want to not include boost here
|
||||||
|
configure_file(
|
||||||
|
input : 'src/lix-base.pc.in',
|
||||||
|
output : 'lix-base.pc',
|
||||||
|
install_dir : libdir / 'pkgconfig',
|
||||||
|
configuration : {
|
||||||
|
'prefix' : prefix,
|
||||||
|
'libdir' : libdir,
|
||||||
|
'includedir' : includedir,
|
||||||
|
'PACKAGE_VERSION' : meson.project_version(),
|
||||||
|
},
|
||||||
|
)
|
||||||
|
|
||||||
add_project_arguments(
|
add_project_arguments(
|
||||||
# TODO(Qyriad): Yes this is how the autoconf+Make system did it.
|
# TODO(Qyriad): Yes this is how the autoconf+Make system did it.
|
||||||
|
|
|
@ -64,3 +64,7 @@ option('internal-api-docs', type : 'feature', value : 'auto',
|
||||||
option('profile-dir', type : 'string', value : 'etc/profile.d',
|
option('profile-dir', type : 'string', value : 'etc/profile.d',
|
||||||
description : 'the path to install shell profile files',
|
description : 'the path to install shell profile files',
|
||||||
)
|
)
|
||||||
|
|
||||||
|
option('enable-pch-std', type : 'boolean', value : true,
|
||||||
|
description : 'whether to use precompiled headers for C++\'s standard library (breaks clangd if you\'re using GCC)',
|
||||||
|
)
|
||||||
|
|
|
@ -47,4 +47,4 @@ fi
|
||||||
|
|
||||||
# Intentionally not using -f.
|
# Intentionally not using -f.
|
||||||
# If these files don't exist then our assumptions have been violated and we should fail.
|
# If these files don't exist then our assumptions have been violated and we should fail.
|
||||||
rm -v "$includedir/nix/parser-tab.cc" "$includedir/nix/lexer-tab.cc"
|
rm -v "$includedir/lix/libexpr/parser-tab.cc" "$includedir/lix/libexpr/lexer-tab.cc"
|
||||||
|
|
|
@ -1,33 +0,0 @@
|
||||||
# Upstreaming here, can be deleted once it's upstreamed:
|
|
||||||
# https://github.com/NixOS/nixpkgs/pull/297102
|
|
||||||
{
|
|
||||||
stdenv,
|
|
||||||
lib,
|
|
||||||
cmake,
|
|
||||||
fetchFromGitHub,
|
|
||||||
}:
|
|
||||||
stdenv.mkDerivation (finalAttrs: {
|
|
||||||
pname = "clangbuildanalyzer";
|
|
||||||
version = "1.5.0";
|
|
||||||
|
|
||||||
src = fetchFromGitHub {
|
|
||||||
owner = "aras-p";
|
|
||||||
repo = "ClangBuildAnalyzer";
|
|
||||||
rev = "v${finalAttrs.version}";
|
|
||||||
sha256 = "sha256-kmgdk634zM0W0OoRoP/RzepArSipa5bNqdVgdZO9gxo=";
|
|
||||||
};
|
|
||||||
|
|
||||||
nativeBuildInputs = [ cmake ];
|
|
||||||
|
|
||||||
meta = {
|
|
||||||
description = "Tool for analyzing Clang's -ftrace-time files";
|
|
||||||
homepage = "https://github.com/aras-p/ClangBuildAnalyzer";
|
|
||||||
maintainers = with lib.maintainers; [ lf- ];
|
|
||||||
license = lib.licenses.unlicense;
|
|
||||||
platforms = lib.platforms.unix;
|
|
||||||
# `long long int` != `size_t`
|
|
||||||
# There's no convenient lib.platforms.32bit or anything, but it's easy enough to do ourselves.
|
|
||||||
badPlatforms = lib.filter (plat: (lib.systems.elaborate plat).is32bit) lib.platforms.all;
|
|
||||||
mainProgram = "ClangBuildAnalyzer";
|
|
||||||
};
|
|
||||||
})
|
|
414
misc/flake-registry/flake-registry.json
Normal file
414
misc/flake-registry/flake-registry.json
Normal file
|
@ -0,0 +1,414 @@
|
||||||
|
{
|
||||||
|
"flakes": [
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "agda",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "agda",
|
||||||
|
"repo": "agda",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "arion",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "arion",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "blender-bin",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"dir": "blender",
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "nix-warez",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "bundlers",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "bundlers",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "cachix",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "cachix",
|
||||||
|
"repo": "cachix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "composable",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "ComposableFi",
|
||||||
|
"repo": "composable",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "disko",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "disko",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "dreampkgs",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "dreampkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "dwarffs",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "dwarffs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "emacs-overlay",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "emacs-overlay",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "fenix",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "fenix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "flake-parts",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "flake-parts",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "flake-utils",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "numtide",
|
||||||
|
"repo": "flake-utils",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "gemini",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "flake-gemini",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "helix",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "helix-editor",
|
||||||
|
"repo": "helix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "hercules-ci-agent",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "hercules-ci-agent",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "hercules-ci-effects",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "hercules-ci",
|
||||||
|
"repo": "hercules-ci-effects",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "home-manager",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "home-manager",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "hydra",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "hydra",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "mach-nix",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "DavHau",
|
||||||
|
"repo": "mach-nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "nickel",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "tweag",
|
||||||
|
"repo": "nickel",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "nimble",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "flake-nimble",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "nix",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "nix-darwin",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "LnL7",
|
||||||
|
"repo": "nix-darwin",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "nix-serve",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "edolstra",
|
||||||
|
"repo": "nix-serve",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "nixops",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixops",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "nixos-hardware",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixos-hardware",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "nixos-homepage",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixos-homepage",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "nixos-search",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixos-search",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "nixpkgs",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "nixpkgs-unstable",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "nur",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "NUR",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "patchelf",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "patchelf",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "poetry2nix",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "nix-community",
|
||||||
|
"repo": "poetry2nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "pridefetch",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "SpyHoodle",
|
||||||
|
"repo": "pridefetch",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "sops-nix",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "Mic92",
|
||||||
|
"repo": "sops-nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "systems",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "nix-systems",
|
||||||
|
"repo": "default",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"from": {
|
||||||
|
"id": "templates",
|
||||||
|
"type": "indirect"
|
||||||
|
},
|
||||||
|
"to": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "templates",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"version": 2
|
||||||
|
}
|
4
misc/flake-registry/meson.build
Normal file
4
misc/flake-registry/meson.build
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
install_data(
|
||||||
|
'flake-registry.json',
|
||||||
|
install_dir : datadir,
|
||||||
|
)
|
|
@ -3,3 +3,4 @@ subdir('fish')
|
||||||
subdir('zsh')
|
subdir('zsh')
|
||||||
|
|
||||||
subdir('systemd')
|
subdir('systemd')
|
||||||
|
subdir('flake-registry')
|
||||||
|
|
|
@ -63,9 +63,21 @@ pre-commit-run {
|
||||||
files = ''^doc/manual/(change-authors\.yml|rl-next(-dev)?)'';
|
files = ''^doc/manual/(change-authors\.yml|rl-next(-dev)?)'';
|
||||||
pass_filenames = false;
|
pass_filenames = false;
|
||||||
entry = ''
|
entry = ''
|
||||||
${lib.getExe pkgs.build-release-notes} --change-authors doc/manual/change-authors.yml doc/manual/rl-next doc/manual/rl-next-dev
|
${lib.getExe pkgs.build-release-notes} --change-authors doc/manual/change-authors.yml doc/manual/rl-next
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
change-authors-sorted = {
|
||||||
|
enable = true;
|
||||||
|
package = pkgs.yq;
|
||||||
|
files = ''^doc/manual/change-authors\.yml'';
|
||||||
|
entry = "${pkgs.writeShellScript "change-authors-sorted" ''
|
||||||
|
set -euo pipefail
|
||||||
|
shopt -s inherit_errexit
|
||||||
|
|
||||||
|
echo "changes necessary to sort $1:"
|
||||||
|
diff -U3 <(${lib.getExe pkgs.yq} -y . "$1") <(${lib.getExe pkgs.yq} -Sy . "$1")
|
||||||
|
''}";
|
||||||
|
};
|
||||||
check-headers = {
|
check-headers = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.check-headers;
|
package = pkgs.check-headers;
|
||||||
|
@ -75,11 +87,12 @@ pre-commit-run {
|
||||||
"file"
|
"file"
|
||||||
"header"
|
"header"
|
||||||
];
|
];
|
||||||
# generated files; these will never actually be seen by this
|
|
||||||
# check, and are left here as documentation
|
|
||||||
excludes = [
|
excludes = [
|
||||||
"(parser|lexer)-tab\\.hh$"
|
''^src/pch/.*$''
|
||||||
"\\.gen\\.hh$"
|
# generated files; these will never actually be seen by this
|
||||||
|
# check, and are left here as documentation
|
||||||
|
''(parser|lexer)-tab\.hh$''
|
||||||
|
''\.gen\.hh$''
|
||||||
];
|
];
|
||||||
entry = lib.getExe pkgs.check-headers;
|
entry = lib.getExe pkgs.check-headers;
|
||||||
};
|
};
|
||||||
|
|
|
@ -3,7 +3,6 @@
|
||||||
cacert,
|
cacert,
|
||||||
nix,
|
nix,
|
||||||
system,
|
system,
|
||||||
version,
|
|
||||||
}:
|
}:
|
||||||
let
|
let
|
||||||
installerClosureInfo = buildPackages.closureInfo {
|
installerClosureInfo = buildPackages.closureInfo {
|
||||||
|
@ -13,12 +12,12 @@ let
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
meta.description = "Distribution-independent Nix bootstrap binaries for ${system}";
|
meta.description = "Distribution-independent Lix bootstrap binaries for ${system}";
|
||||||
in
|
in
|
||||||
buildPackages.runCommand "nix-binary-tarball-${version}" { inherit meta; } ''
|
buildPackages.runCommand "lix-binary-tarball-${nix.version}" { inherit meta; } ''
|
||||||
cp ${installerClosureInfo}/registration $TMPDIR/reginfo
|
cp ${installerClosureInfo}/registration $TMPDIR/reginfo
|
||||||
|
|
||||||
dir=nix-${version}-${system}
|
dir=lix-${nix.version}-${system}
|
||||||
fn=$out/$dir.tar.xz
|
fn=$out/$dir.tar.xz
|
||||||
mkdir -p $out/nix-support
|
mkdir -p $out/nix-support
|
||||||
echo "file binary-dist $fn" >> $out/nix-support/hydra-build-products
|
echo "file binary-dist $fn" >> $out/nix-support/hydra-build-products
|
||||||
|
|
189
package.nix
189
package.nix
|
@ -18,6 +18,7 @@
|
||||||
cmake,
|
cmake,
|
||||||
curl,
|
curl,
|
||||||
doxygen,
|
doxygen,
|
||||||
|
editline-lix ? __forDefaults.editline-lix,
|
||||||
editline,
|
editline,
|
||||||
flex,
|
flex,
|
||||||
git,
|
git,
|
||||||
|
@ -49,7 +50,7 @@
|
||||||
# internal fork of nix-doc providing :doc in the repl
|
# internal fork of nix-doc providing :doc in the repl
|
||||||
lix-doc ? __forDefaults.lix-doc,
|
lix-doc ? __forDefaults.lix-doc,
|
||||||
|
|
||||||
pname ? "nix",
|
pname ? "lix",
|
||||||
versionSuffix ? "",
|
versionSuffix ? "",
|
||||||
officialRelease ? false,
|
officialRelease ? false,
|
||||||
# Set to true to build the release notes for the next release.
|
# Set to true to build the release notes for the next release.
|
||||||
|
@ -68,11 +69,13 @@
|
||||||
# `boehmgc-nix` then this will almost certainly have duplicate patches, which means
|
# `boehmgc-nix` then this will almost certainly have duplicate patches, which means
|
||||||
# the patches won't apply and we'll get a build failure.
|
# the patches won't apply and we'll get a build failure.
|
||||||
./boehmgc-coroutine-sp-fallback.diff
|
./boehmgc-coroutine-sp-fallback.diff
|
||||||
# https://github.com/ivmai/bdwgc/pull/586
|
|
||||||
./boehmgc-traceable_allocator-public.diff
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
editline-lix = editline.overrideAttrs (prev: {
|
||||||
|
configureFlags = prev.configureFlags or [ ] ++ [ (lib.enableFeature true "sigstop") ];
|
||||||
|
});
|
||||||
|
|
||||||
lix-doc = pkgs.callPackage ./lix-doc/package.nix { };
|
lix-doc = pkgs.callPackage ./lix-doc/package.nix { };
|
||||||
build-release-notes = pkgs.callPackage ./maintainers/build-release-notes.nix { };
|
build-release-notes = pkgs.callPackage ./maintainers/build-release-notes.nix { };
|
||||||
},
|
},
|
||||||
|
@ -80,8 +83,10 @@
|
||||||
let
|
let
|
||||||
inherit (__forDefaults) canRunInstalled;
|
inherit (__forDefaults) canRunInstalled;
|
||||||
inherit (lib) fileset;
|
inherit (lib) fileset;
|
||||||
|
inherit (stdenv) hostPlatform buildPlatform;
|
||||||
|
|
||||||
version = lib.fileContents ./.version + versionSuffix;
|
versionJson = builtins.fromJSON (builtins.readFile ./version.json);
|
||||||
|
version = versionJson.version + versionSuffix;
|
||||||
|
|
||||||
aws-sdk-cpp-nix = aws-sdk-cpp.override {
|
aws-sdk-cpp-nix = aws-sdk-cpp.override {
|
||||||
apis = [
|
apis = [
|
||||||
|
@ -131,13 +136,14 @@ let
|
||||||
# that would interfere with repo semantics.
|
# that would interfere with repo semantics.
|
||||||
baseFiles = fileset.fileFilter (f: f.name != ".gitignore") ./.;
|
baseFiles = fileset.fileFilter (f: f.name != ".gitignore") ./.;
|
||||||
|
|
||||||
configureFiles = fileset.unions [ ./.version ];
|
configureFiles = fileset.unions [ ./version.json ];
|
||||||
|
|
||||||
topLevelBuildFiles = fileset.unions ([
|
topLevelBuildFiles = fileset.unions ([
|
||||||
./meson.build
|
./meson.build
|
||||||
./meson.options
|
./meson.options
|
||||||
./meson
|
./meson
|
||||||
./scripts/meson.build
|
./scripts/meson.build
|
||||||
|
./subprojects
|
||||||
]);
|
]);
|
||||||
|
|
||||||
functionalTestFiles = fileset.unions [
|
functionalTestFiles = fileset.unions [
|
||||||
|
@ -162,7 +168,6 @@ stdenv.mkDerivation (finalAttrs: {
|
||||||
./boehmgc-coroutine-sp-fallback.diff
|
./boehmgc-coroutine-sp-fallback.diff
|
||||||
./doc
|
./doc
|
||||||
./misc
|
./misc
|
||||||
./precompiled-headers.h
|
|
||||||
./src
|
./src
|
||||||
./COPYING
|
./COPYING
|
||||||
]
|
]
|
||||||
|
@ -182,23 +187,23 @@ stdenv.mkDerivation (finalAttrs: {
|
||||||
dontBuild = false;
|
dontBuild = false;
|
||||||
|
|
||||||
mesonFlags =
|
mesonFlags =
|
||||||
lib.optionals stdenv.hostPlatform.isLinux [
|
lib.optionals hostPlatform.isLinux [
|
||||||
# You'd think meson could just find this in PATH, but busybox is in buildInputs,
|
# You'd think meson could just find this in PATH, but busybox is in buildInputs,
|
||||||
# which don't actually get added to PATH. And buildInputs is correct over
|
# which don't actually get added to PATH. And buildInputs is correct over
|
||||||
# nativeBuildInputs since this should be a busybox executable on the host.
|
# nativeBuildInputs since this should be a busybox executable on the host.
|
||||||
"-Dsandbox-shell=${lib.getExe' busybox-sandbox-shell "busybox"}"
|
"-Dsandbox-shell=${lib.getExe' busybox-sandbox-shell "busybox"}"
|
||||||
]
|
]
|
||||||
++ lib.optional stdenv.hostPlatform.isStatic "-Denable-embedded-sandbox-shell=true"
|
++ lib.optional hostPlatform.isStatic "-Denable-embedded-sandbox-shell=true"
|
||||||
++ lib.optional (finalAttrs.dontBuild) "-Denable-build=false"
|
++ lib.optional (finalAttrs.dontBuild) "-Denable-build=false"
|
||||||
++ [
|
++ [
|
||||||
# mesonConfigurePhase automatically passes -Dauto_features=enabled,
|
# mesonConfigurePhase automatically passes -Dauto_features=enabled,
|
||||||
# so we must explicitly enable or disable features that we are not passing
|
# so we must explicitly enable or disable features that we are not passing
|
||||||
# dependencies for.
|
# dependencies for.
|
||||||
(lib.mesonEnable "internal-api-docs" internalApiDocs)
|
(lib.mesonEnable "internal-api-docs" internalApiDocs)
|
||||||
(lib.mesonBool "enable-tests" finalAttrs.doCheck)
|
(lib.mesonBool "enable-tests" finalAttrs.finalPackage.doCheck)
|
||||||
(lib.mesonBool "enable-docs" canRunInstalled)
|
(lib.mesonBool "enable-docs" canRunInstalled)
|
||||||
]
|
]
|
||||||
++ lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) "--cross-file=${mesonCrossFile}";
|
++ lib.optional (hostPlatform != buildPlatform) "--cross-file=${mesonCrossFile}";
|
||||||
|
|
||||||
# We only include CMake so that Meson can locate toml11, which only ships CMake dependency metadata.
|
# We only include CMake so that Meson can locate toml11, which only ships CMake dependency metadata.
|
||||||
dontUseCmakeConfigure = true;
|
dontUseCmakeConfigure = true;
|
||||||
|
@ -226,7 +231,7 @@ stdenv.mkDerivation (finalAttrs: {
|
||||||
jq
|
jq
|
||||||
lsof
|
lsof
|
||||||
]
|
]
|
||||||
++ lib.optional stdenv.hostPlatform.isLinux util-linuxMinimal
|
++ lib.optional hostPlatform.isLinux util-linuxMinimal
|
||||||
++ lib.optional (!officialRelease && buildUnreleasedNotes) build-release-notes
|
++ lib.optional (!officialRelease && buildUnreleasedNotes) build-release-notes
|
||||||
++ lib.optional internalApiDocs doxygen;
|
++ lib.optional internalApiDocs doxygen;
|
||||||
|
|
||||||
|
@ -236,7 +241,7 @@ stdenv.mkDerivation (finalAttrs: {
|
||||||
bzip2
|
bzip2
|
||||||
xz
|
xz
|
||||||
brotli
|
brotli
|
||||||
editline
|
editline-lix
|
||||||
openssl
|
openssl
|
||||||
sqlite
|
sqlite
|
||||||
libarchive
|
libarchive
|
||||||
|
@ -246,14 +251,14 @@ stdenv.mkDerivation (finalAttrs: {
|
||||||
toml11
|
toml11
|
||||||
lix-doc
|
lix-doc
|
||||||
]
|
]
|
||||||
++ lib.optionals stdenv.hostPlatform.isLinux [
|
++ lib.optionals hostPlatform.isLinux [
|
||||||
libseccomp
|
libseccomp
|
||||||
busybox-sandbox-shell
|
busybox-sandbox-shell
|
||||||
]
|
]
|
||||||
++ lib.optional internalApiDocs rapidcheck
|
++ lib.optional internalApiDocs rapidcheck
|
||||||
++ lib.optional stdenv.hostPlatform.isx86_64 libcpuid
|
++ lib.optional hostPlatform.isx86_64 libcpuid
|
||||||
# There have been issues building these dependencies
|
# There have been issues building these dependencies
|
||||||
++ lib.optional (stdenv.hostPlatform == stdenv.buildPlatform) aws-sdk-cpp-nix
|
++ lib.optional (hostPlatform.canExecute buildPlatform) aws-sdk-cpp-nix
|
||||||
++ lib.optionals (finalAttrs.dontBuild) maybePropagatedInputs;
|
++ lib.optionals (finalAttrs.dontBuild) maybePropagatedInputs;
|
||||||
|
|
||||||
checkInputs = [
|
checkInputs = [
|
||||||
|
@ -273,18 +278,18 @@ stdenv.mkDerivation (finalAttrs: {
|
||||||
};
|
};
|
||||||
|
|
||||||
preConfigure =
|
preConfigure =
|
||||||
lib.optionalString (!finalAttrs.dontBuild && !stdenv.hostPlatform.isStatic) ''
|
lib.optionalString (!finalAttrs.dontBuild && !hostPlatform.isStatic) ''
|
||||||
# Copy libboost_context so we don't get all of Boost in our closure.
|
# Copy libboost_context so we don't get all of Boost in our closure.
|
||||||
# https://github.com/NixOS/nixpkgs/issues/45462
|
# https://github.com/NixOS/nixpkgs/issues/45462
|
||||||
mkdir -p $out/lib
|
mkdir -p $out/lib
|
||||||
cp -pd ${boost}/lib/{libboost_context*,libboost_thread*,libboost_system*} $out/lib
|
cp -pd ${boost}/lib/{libboost_context*,libboost_thread*,libboost_system*} $out/lib
|
||||||
rm -f $out/lib/*.a
|
rm -f $out/lib/*.a
|
||||||
''
|
''
|
||||||
+ lib.optionalString (!finalAttrs.dontBuild && stdenv.hostPlatform.isLinux) ''
|
+ lib.optionalString (!finalAttrs.dontBuild && hostPlatform.isLinux && !hostPlatform.isStatic) ''
|
||||||
chmod u+w $out/lib/*.so.*
|
chmod u+w $out/lib/*.so.*
|
||||||
patchelf --set-rpath $out/lib:${stdenv.cc.cc.lib}/lib $out/lib/libboost_thread.so.*
|
patchelf --set-rpath $out/lib:${stdenv.cc.cc.lib}/lib $out/lib/libboost_thread.so.*
|
||||||
''
|
''
|
||||||
+ lib.optionalString (!finalAttrs.dontBuild && stdenv.hostPlatform.isDarwin) ''
|
+ lib.optionalString (!finalAttrs.dontBuild && hostPlatform.isDarwin) ''
|
||||||
for LIB in $out/lib/*.dylib; do
|
for LIB in $out/lib/*.dylib; do
|
||||||
chmod u+w $LIB
|
chmod u+w $LIB
|
||||||
install_name_tool -id $LIB $LIB
|
install_name_tool -id $LIB $LIB
|
||||||
|
@ -309,7 +314,12 @@ stdenv.mkDerivation (finalAttrs: {
|
||||||
|
|
||||||
doCheck = canRunInstalled;
|
doCheck = canRunInstalled;
|
||||||
|
|
||||||
mesonCheckFlags = [ "--suite=check" ];
|
mesonCheckFlags = [
|
||||||
|
"--suite=check"
|
||||||
|
"--print-errorlogs"
|
||||||
|
];
|
||||||
|
# the tests access localhost.
|
||||||
|
__darwinAllowLocalNetworking = true;
|
||||||
|
|
||||||
# Make sure the internal API docs are already built, because mesonInstallPhase
|
# Make sure the internal API docs are already built, because mesonInstallPhase
|
||||||
# won't let us build them there. They would normally be built in buildPhase,
|
# won't let us build them there. They would normally be built in buildPhase,
|
||||||
|
@ -323,12 +333,12 @@ stdenv.mkDerivation (finalAttrs: {
|
||||||
mkdir -p $doc/nix-support
|
mkdir -p $doc/nix-support
|
||||||
echo "doc manual $doc/share/doc/nix/manual" >> $doc/nix-support/hydra-build-products
|
echo "doc manual $doc/share/doc/nix/manual" >> $doc/nix-support/hydra-build-products
|
||||||
''
|
''
|
||||||
+ lib.optionalString stdenv.hostPlatform.isStatic ''
|
+ lib.optionalString hostPlatform.isStatic ''
|
||||||
mkdir -p $out/nix-support
|
mkdir -p $out/nix-support
|
||||||
echo "file binary-dist $out/bin/nix" >> $out/nix-support/hydra-build-products
|
echo "file binary-dist $out/bin/nix" >> $out/nix-support/hydra-build-products
|
||||||
''
|
''
|
||||||
+ lib.optionalString stdenv.isDarwin ''
|
+ lib.optionalString stdenv.isDarwin ''
|
||||||
for lib in libnixutil.dylib libnixexpr.dylib; do
|
for lib in liblixutil.dylib liblixexpr.dylib; do
|
||||||
install_name_tool \
|
install_name_tool \
|
||||||
-change "${lib.getLib boost}/lib/libboost_context.dylib" \
|
-change "${lib.getLib boost}/lib/libboost_context.dylib" \
|
||||||
"$out/lib/libboost_context.dylib" \
|
"$out/lib/libboost_context.dylib" \
|
||||||
|
@ -342,7 +352,10 @@ stdenv.mkDerivation (finalAttrs: {
|
||||||
|
|
||||||
doInstallCheck = finalAttrs.doCheck;
|
doInstallCheck = finalAttrs.doCheck;
|
||||||
|
|
||||||
mesonInstallCheckFlags = [ "--suite=installcheck" ];
|
mesonInstallCheckFlags = [
|
||||||
|
"--suite=installcheck"
|
||||||
|
"--print-errorlogs"
|
||||||
|
];
|
||||||
|
|
||||||
installCheckPhase = ''
|
installCheckPhase = ''
|
||||||
runHook preInstallCheck
|
runHook preInstallCheck
|
||||||
|
@ -351,46 +364,61 @@ stdenv.mkDerivation (finalAttrs: {
|
||||||
runHook postInstallCheck
|
runHook postInstallCheck
|
||||||
'';
|
'';
|
||||||
|
|
||||||
separateDebugInfo = !stdenv.hostPlatform.isStatic && !finalAttrs.dontBuild;
|
separateDebugInfo = !hostPlatform.isStatic && !finalAttrs.dontBuild;
|
||||||
|
|
||||||
strictDeps = true;
|
strictDeps = true;
|
||||||
|
|
||||||
# strictoverflow is disabled because we trap on signed overflow instead
|
# strictoverflow is disabled because we trap on signed overflow instead
|
||||||
hardeningDisable = [ "strictoverflow" ] ++ lib.optional stdenv.hostPlatform.isStatic "pie";
|
hardeningDisable = [ "strictoverflow" ] ++ lib.optional hostPlatform.isStatic "pie";
|
||||||
|
|
||||||
meta.platforms = lib.platforms.unix;
|
meta = {
|
||||||
|
mainProgram = "nix";
|
||||||
passthru.perl-bindings = pkgs.callPackage ./perl { inherit fileset stdenv; };
|
platforms = lib.platforms.unix;
|
||||||
|
};
|
||||||
|
|
||||||
# Export the patched version of boehmgc.
|
# Export the patched version of boehmgc.
|
||||||
# flake.nix exports that into its overlay.
|
# flake.nix exports that into its overlay.
|
||||||
passthru = {
|
passthru = {
|
||||||
inherit (__forDefaults) boehmgc-nix build-release-notes;
|
inherit (__forDefaults) boehmgc-nix editline-lix build-release-notes;
|
||||||
|
|
||||||
|
inherit officialRelease;
|
||||||
|
|
||||||
# The collection of dependency logic for this derivation is complicated enough that
|
# The collection of dependency logic for this derivation is complicated enough that
|
||||||
# it's easier to parameterize the devShell off an already called package.nix.
|
# it's easier to parameterize the devShell off an already called package.nix.
|
||||||
mkDevShell =
|
mkDevShell =
|
||||||
{
|
{
|
||||||
mkShell,
|
mkShell,
|
||||||
just,
|
|
||||||
nixfmt,
|
bashInteractive,
|
||||||
glibcLocales,
|
|
||||||
bear,
|
|
||||||
pre-commit-checks,
|
|
||||||
clang-tools,
|
clang-tools,
|
||||||
llvmPackages,
|
|
||||||
clangbuildanalyzer,
|
clangbuildanalyzer,
|
||||||
|
glibcLocales,
|
||||||
|
just,
|
||||||
|
llvmPackages,
|
||||||
|
nixfmt,
|
||||||
|
skopeo,
|
||||||
|
xonsh,
|
||||||
|
|
||||||
|
# Lix specific packages
|
||||||
|
pre-commit-checks,
|
||||||
contribNotice,
|
contribNotice,
|
||||||
}:
|
}:
|
||||||
let
|
let
|
||||||
glibcFix = lib.optionalAttrs (stdenv.buildPlatform.isLinux && glibcLocales != null) {
|
glibcFix = lib.optionalAttrs (buildPlatform.isLinux && glibcLocales != null) {
|
||||||
# Required to make non-NixOS Linux not complain about missing locale files during configure in a dev shell
|
# Required to make non-NixOS Linux not complain about missing locale files during configure in a dev shell
|
||||||
LOCALE_ARCHIVE = "${lib.getLib pkgs.glibcLocales}/lib/locale/locale-archive";
|
LOCALE_ARCHIVE = "${lib.getLib pkgs.glibcLocales}/lib/locale/locale-archive";
|
||||||
};
|
};
|
||||||
# for some reason that seems accidental and was changed in
|
|
||||||
# NixOS 24.05-pre, clang-tools is pinned to LLVM 14 when
|
pythonPackages = (
|
||||||
# default LLVM is newer.
|
p: [
|
||||||
clang-tools_llvm = clang-tools.override { inherit llvmPackages; };
|
p.yapf
|
||||||
|
p.python-frontmatter
|
||||||
|
p.requests
|
||||||
|
p.xdg-base-dirs
|
||||||
|
(p.toPythonModule xonsh.passthru.unwrapped)
|
||||||
|
]
|
||||||
|
);
|
||||||
|
pythonEnv = python3.withPackages pythonPackages;
|
||||||
|
|
||||||
# pkgs.mkShell uses pkgs.stdenv by default, regardless of inputsFrom.
|
# pkgs.mkShell uses pkgs.stdenv by default, regardless of inputsFrom.
|
||||||
actualMkShell = mkShell.override { inherit stdenv; };
|
actualMkShell = mkShell.override { inherit stdenv; };
|
||||||
|
@ -399,14 +427,34 @@ stdenv.mkDerivation (finalAttrs: {
|
||||||
glibcFix
|
glibcFix
|
||||||
// {
|
// {
|
||||||
|
|
||||||
inputsFrom = [ finalAttrs ];
|
name = "lix-shell-env";
|
||||||
|
|
||||||
|
# finalPackage is necessary to propagate stuff that is set by mkDerivation itself,
|
||||||
|
# like doCheck.
|
||||||
|
inputsFrom = [ finalAttrs.finalPackage ];
|
||||||
|
|
||||||
# For Meson to find Boost.
|
# For Meson to find Boost.
|
||||||
env = finalAttrs.env;
|
env = finalAttrs.env;
|
||||||
|
|
||||||
|
mesonFlags =
|
||||||
|
# I guess this is necessary because mesonFlags to mkDerivation doesn't propagate in inputsFrom,
|
||||||
|
# which only propagates stuff set in hooks? idk.
|
||||||
|
finalAttrs.mesonFlags
|
||||||
|
# Clangd breaks when GCC is using precompiled headers, so for the devshell specifically
|
||||||
|
# we make precompiled C++ stdlib conditional on using Clang.
|
||||||
|
# https://git.lix.systems/lix-project/lix/issues/374
|
||||||
|
++ [ (lib.mesonBool "enable-pch-std" stdenv.cc.isClang) ];
|
||||||
|
|
||||||
packages =
|
packages =
|
||||||
lib.optional (stdenv.cc.isClang && stdenv.hostPlatform == stdenv.buildPlatform) clang-tools_llvm
|
lib.optional (stdenv.cc.isClang && hostPlatform == buildPlatform) clang-tools
|
||||||
++ [
|
++ [
|
||||||
|
# Why are we providing a bashInteractive? Well, when you run
|
||||||
|
# `bash` from inside `nix develop`, say, because you are using it
|
||||||
|
# via direnv, you will by default get bash (unusable edition).
|
||||||
|
bashInteractive
|
||||||
|
pythonEnv
|
||||||
|
# docker image tool
|
||||||
|
skopeo
|
||||||
just
|
just
|
||||||
nixfmt
|
nixfmt
|
||||||
# Load-bearing order. Must come before clang-unwrapped below, but after clang_tools above.
|
# Load-bearing order. Must come before clang-unwrapped below, but after clang_tools above.
|
||||||
|
@ -418,35 +466,52 @@ stdenv.mkDerivation (finalAttrs: {
|
||||||
llvmPackages.clang-unwrapped.dev
|
llvmPackages.clang-unwrapped.dev
|
||||||
]
|
]
|
||||||
++ lib.optional (pre-commit-checks ? enabledPackages) pre-commit-checks.enabledPackages
|
++ lib.optional (pre-commit-checks ? enabledPackages) pre-commit-checks.enabledPackages
|
||||||
++ lib.optional (stdenv.cc.isClang && !stdenv.buildPlatform.isDarwin) bear
|
++ lib.optional (lib.meta.availableOn buildPlatform clangbuildanalyzer) clangbuildanalyzer
|
||||||
++ lib.optional (lib.meta.availableOn stdenv.buildPlatform clangbuildanalyzer) clangbuildanalyzer
|
|
||||||
++ finalAttrs.checkInputs;
|
++ finalAttrs.checkInputs;
|
||||||
|
|
||||||
shellHook = ''
|
shellHook = ''
|
||||||
PATH=$prefix/bin:$PATH
|
# don't re-run the hook in (other) nested nix-shells
|
||||||
unset PYTHONPATH
|
function lixShellHook() {
|
||||||
export MANPATH=$out/share/man:$MANPATH
|
# n.b. how the heck does this become -env-env? well, `nix develop` does it:
|
||||||
|
# https://git.lix.systems/lix-project/lix/src/commit/7575db522e9008685c4009423398f6900a16bcce/src/nix/develop.cc#L240-L241
|
||||||
|
# this is, of course, absurd.
|
||||||
|
if [[ $name != lix-shell-env && $name != lix-shell-env-env ]]; then
|
||||||
|
return;
|
||||||
|
fi
|
||||||
|
|
||||||
# Make bash completion work.
|
PATH=$prefix/bin:$PATH
|
||||||
XDG_DATA_DIRS+=:$out/share
|
unset PYTHONPATH
|
||||||
|
export MANPATH=$out/share/man:$MANPATH
|
||||||
|
|
||||||
${lib.optionalString (pre-commit-checks ? shellHook) pre-commit-checks.shellHook}
|
# Make bash completion work.
|
||||||
# Allow `touch .nocontribmsg` to turn this notice off.
|
XDG_DATA_DIRS+=:$out/share
|
||||||
if ! [[ -f .nocontribmsg ]]; then
|
|
||||||
cat ${contribNotice}
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Install the Gerrit commit-msg hook.
|
${lib.optionalString (pre-commit-checks ? shellHook) pre-commit-checks.shellHook}
|
||||||
# (git common dir is the main .git, including for worktrees)
|
# Allow `touch .nocontribmsg` to turn this notice off.
|
||||||
if gitcommondir=$(git rev-parse --git-common-dir 2>/dev/null) && [[ ! -f "$gitcommondir/hooks/commit-msg" ]]; then
|
if ! [[ -f .nocontribmsg ]]; then
|
||||||
echo 'Installing Gerrit commit-msg hook (adds Change-Id to commit messages)' >&2
|
cat ${contribNotice}
|
||||||
mkdir -p "$gitcommondir/hooks"
|
fi
|
||||||
curl -s -Lo "$gitcommondir/hooks/commit-msg" https://gerrit.lix.systems/tools/hooks/commit-msg
|
|
||||||
chmod u+x "$gitcommondir/hooks/commit-msg"
|
# Install the Gerrit commit-msg hook.
|
||||||
fi
|
# (git common dir is the main .git, including for worktrees)
|
||||||
unset gitcommondir
|
if gitcommondir=$(git rev-parse --git-common-dir 2>/dev/null) && [[ ! -f "$gitcommondir/hooks/commit-msg" ]]; then
|
||||||
|
echo 'Installing Gerrit commit-msg hook (adds Change-Id to commit messages)' >&2
|
||||||
|
mkdir -p "$gitcommondir/hooks"
|
||||||
|
curl -s -Lo "$gitcommondir/hooks/commit-msg" https://gerrit.lix.systems/tools/hooks/commit-msg
|
||||||
|
chmod u+x "$gitcommondir/hooks/commit-msg"
|
||||||
|
fi
|
||||||
|
unset gitcommondir
|
||||||
|
}
|
||||||
|
|
||||||
|
lixShellHook
|
||||||
'';
|
'';
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|
||||||
|
perl-bindings = pkgs.callPackage ./perl { inherit fileset stdenv; };
|
||||||
|
|
||||||
|
binaryTarball = pkgs.callPackage ./nix-support/binary-tarball.nix {
|
||||||
|
nix = finalAttrs.finalPackage;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
})
|
})
|
||||||
|
|
|
@ -29,7 +29,7 @@ NEED_PROG(xz, xz)
|
||||||
AC_MSG_CHECKING([whether Perl is recent enough])
|
AC_MSG_CHECKING([whether Perl is recent enough])
|
||||||
if ! $perl -e 'open(FOO, "-|", "true"); while (<FOO>) { print; }; close FOO or die;'; then
|
if ! $perl -e 'open(FOO, "-|", "true"); while (<FOO>) { print; }; close FOO or die;'; then
|
||||||
AC_MSG_RESULT(no)
|
AC_MSG_RESULT(no)
|
||||||
AC_MSG_ERROR([Your Perl version is too old. Nix requires Perl 5.8.0 or newer.])
|
AC_MSG_ERROR([Your Perl version is too old. Lix requires Perl 5.8.0 or newer.])
|
||||||
fi
|
fi
|
||||||
AC_MSG_RESULT(yes)
|
AC_MSG_RESULT(yes)
|
||||||
|
|
||||||
|
|
|
@ -23,7 +23,7 @@ perl.pkgs.toPerlModule (
|
||||||
src = fileset.toSource {
|
src = fileset.toSource {
|
||||||
root = ../.;
|
root = ../.;
|
||||||
fileset = fileset.unions ([
|
fileset = fileset.unions ([
|
||||||
../.version
|
../version.json
|
||||||
./lib
|
./lib
|
||||||
./meson.build
|
./meson.build
|
||||||
]);
|
]);
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue